Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Entropy Project Closes Up Shop

CowboyNeal posted more than 10 years ago | from the calling-it-quits dept.

Privacy 143

k0fcc writes "In a disappointing move to privacy enthusiasts, the Entropy Project's creator has released a statement that the project is shutting down. Entropy was a very popular, and some say faster, alternative to Freenet which supported a number of different cryptographic protocols. The creator alluded to the possibility that the project could continue if a new owner could be found."

cancel ×

143 comments

Sorry! There are no comments related to the filter you selected.

feep (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#9661319)

AND A BUTT with POOP IN IT!!!

ldjflskdjfkljsdsdf

sdfsdfsdf

Ironic (5, Funny)

Chairboy (88841) | more than 10 years ago | (#9661334)

Does anyone else find it ironic that a project named 'Entropy' has come apart?

Re:Ironic (0)

TWX (665546) | more than 10 years ago | (#9661359)

I think that the fact that it's ending is more ironic. I hope that this doesn't bode ill for the universe...

Re:Ironic (1)

fermion (181285) | more than 10 years ago | (#9661375)

That's not irony. That is what happened.

Re:Ironic (0)

Anonymous Coward | more than 10 years ago | (#9661390)

You've been listening to too much Alanis Morissette, haven't you?

Re:Ironic (5, Insightful)

Barto (467793) | more than 10 years ago | (#9661388)

Considering irony is [princeton.edu] "incongruity between what might be expected and what actually occurs", ironic would be a project named Entropy staying together. A project named Entropy coming apart perfectly congruous IMHO. So there.

Re:Ironic (0)

Anonymous Coward | more than 10 years ago | (#9661551)

That's the idiomatic meaning of ironic and somewhat contentious, with all due respect to Princeton. The classic meaning is that the true intent of the words used is the opposite of the expressed meaning.
I dont have an authority for that but it should be in the bigger English dictionaries: Oxford online etc.

Re:Ironic (1)

BCoates (512464) | more than 10 years ago | (#9662319)

Perhaps people are so used to software being promoted as exactly the opposite of what it actually is, that a program doing what its name implies is a surprise.

Re:Ironic (1)

aminorex (141494) | more than 10 years ago | (#9663020)

Wow. It's amazing that anyone at Princeton could publish such a facile definition of irony, when their university press is putting out stuff like this [amazon.com] !

Re:Ironic (1)

xmas2003 (739875) | more than 10 years ago | (#9661408)

From my reading of the second law of thermodynamics, it sounds to me like this the eventual long-term result anyway as they will reach their maximum state of entropy ...

I thought the future of entropy... (0)

Anonymous Coward | more than 10 years ago | (#9661450)

...was a dim one.

Re:Ironic (1)

hawkeyeMI (412577) | more than 10 years ago | (#9661482)

I think perhaps the word is 'apropos'.

Not sure where else I'll be able to use this... (1)

Exatron (124633) | more than 10 years ago | (#9661492)

"How ironic! Not only is there precipitation on the day of your nuptials, but the passage for which you'd previously paid was in fact complimentary! MUHAHAHA!" -Alanis Megatron

Re:Ironic (0)

Anonymous Coward | more than 10 years ago | (#9661599)

Not really. Isn't that what is supposed to happen?

If the project went on to become one of the most successful and longest-lasting projects of all time, then that would be ironic.

that was fun... (5, Funny)

elykyllek (543092) | more than 10 years ago | (#9661337)

Considering I just got this installed, configured and working 5 minutes ago.. this is great news...

Well, was it open source? (0, Insightful)

Anonymous Coward | more than 10 years ago | (#9661338)

If it's open source, there's no problem. If it's open source yet the project still dies at that point, then that just means there genuinely wasn't interest in it succeeding.

If it ISN'T open source, well then, that's just that much more proof that projects of public importance such as this one should always be open source, so that something that potentially people come to depend on does not wind up with a single developer or development team as a single point of failure...

GNUnet (5, Informative)

Anonymous Coward | more than 10 years ago | (#9661342)

There's still GNUnet [ovmj.org] !
GNUnet is a framework for secure peer-to-peer networking that does not use any centralized or otherwise trusted services. A first service implemented on top of the networking layer allows anonymous censorship-resistant file-sharing. GNUnet uses a simple, excess-based economic model to allocate resources. Peers in GNUnet monitor each others behavior with respect to resource usage; peers that contribute to the network are rewarded with better service.

Re:GNUnet (1)

throwaway18 (521472) | more than 10 years ago | (#9661407)

GNUnet is written in C. One buffer overflow exploit could compromise the whole network. It needs expert review beofre the claim of being secure has any meaning.

mmm really? (3, Insightful)

eldacan (726222) | more than 10 years ago | (#9661496)

GNUnet is written in C. One buffer overflow exploit could compromise the whole network.

Not quite true IMHO: it's obviously not sufficient to compromise one client/server to compromise the whole network. If it was, it would be a piece of cake to take the existing source code and use it to build this "compromised" client/server.

If you want to compromise the whole network with one buffer overflow exploit, I guess you will have to find an exploit that works with all versions of GNUnet, and you will have to run it against all (ok, most) clients/servers on the network (most of the traffic seen by one computer on the network doesn't make sense for it, it just relays the packets to other computers).

And there is also a Java implementation [ovmj.org] under development.

One word: Cascade (1)

Kjella (173770) | more than 10 years ago | (#9661658)

1. Find exploit
2. Create program exploiting said exploit, and to do the same to all nodes it connects to.
3. There is no step 3. You've compromised the entire network.

Kjella

Re:One word: Cascade (1)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661688)

That's why I've endeavored to create a network where all the clients can't be known. In fact, from any single jurisdiction, it shouldn't be possible to discover the addresses of more than a dozen or two clients.

Re:One word: Cascade (1)

Mind Booster Noori (772408) | more than 10 years ago | (#9662873)

GNUnet already does that, plus it guarantees level 3 anonimity and all connections are encrypted.

On another field, an exploit like the one described wouldn't work because if you manage to exploit GNUnet you could exploit one node, but couldn't make it reproduceable to the other nodes.

Maybe the the gandparent and grand-...-parent should read more about GNUnet before making such claims.

Step 3: PROFIT! (1)

Bob_Robertson (454888) | more than 10 years ago | (#9661992)

Step 1: Find exploit

Step 2: Compromise everyone

Step 3: PROFIT!

Re:GNUnet (0)

Anonymous Coward | more than 10 years ago | (#9661841)

So fucking what? All of the security applications YOU use on a daily basis are most likely programmed in C. And most of them have had buffer and other sorts of exploits in the past, no question.

Fuck... Banks and governments use this shit. The point is that it's "secure enough", and that no project of any signifigant magnitude can absolutely bug free.

Re:GNUnet (1)

cutecub (136606) | more than 10 years ago | (#9661478)

Um, I don't mean to be snarky, but my experience has been that GNUNet is even less friendly and less popular than either Entropy or Freenet.

It still has the feel of a research project and the fact that it defines itself as a framework rather than an application means that 99.9% of their potential audience won't be able to figure it out or use it. (Could your Mother download, compile and install gnunet-gtk?)

With that said, the project is really interesting.

But in its current state, its not ready for prime-time... or even late-night viewing.... Maybe CSPAN.

Re:GNUnet (1)

eldacan (726222) | more than 10 years ago | (#9661520)

Could your Mother download, compile and install gnunet-gtk?

apt-get install gnunet-gtk, or your prefered graphical package manager :)

Re:GNUnet (2, Interesting)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661698)

What if the project defines itself as a network, rather than a framework, or even a file-sharing application?

What if its not much different than installing a virtual ethernet adapter, or if all your experience setting your computer up for TCP/IP counts for something on it?

What if you get to use all your current internet apps, rather than scratching around for keyhashes of some file that is pieced together all over the network?

What if only one guy can snitch on you, and he's somewhere in South Korea?

Maybe not ready for prime-time, but I think I have the late-night viewing nailed. Way past CSPAN.

Re:GNUnet (1)

Mind Booster Noori (772408) | more than 10 years ago | (#9662981)

I generally agree with your post, but feel the urge to comment some statements:
What if the project defines itself as a network, rather than a framework, or even a file-sharing application?
GNUnet is not a network: it is a framework, and the people using it are building a network of GNUnet nodes.
GNUnet is not a file-sharing application, it is a framework that, having the AFS protocol, creates a way of people writting and using file-sharing applications that run over GNUnet (as gnunet-gtk).
What if its not much different than installing a virtual ethernet adapter, or if all your experience setting your computer up for TCP/IP counts for something on it?
That was close, but not quite the case. GNUnet implements a protocol (like TCP) that can be run over TCP, UDP and SMTP. Peers communicate with each other via GNUnet Core or AFS messages (that run over the already spoken TCP, UDP or SMTP), and GNUnet applications communicate with the node using GNUnet Core, AFS or TestBed messages over TCP. More info on that here [ovmj.org] .

Re:GNUnet (1)

Mind Booster Noori (772408) | more than 10 years ago | (#9662931)

Um, I don't mean to be snarky, but my experience has been that GNUNet is even less friendly and less popular than either Entropy or Freenet.

It still has the feel of a research project

Well, GNUnet is well versioned, like most of GNU apps, and it's intended to be friendly, popular and without "the feel of a research project" when a version 1.0 comes out. We're still at version 0.6.2b, version 0.6.3 is expected to be released in August... So yes, there's lot's of work to do until v1.0 is out.

self as a framework rather than an application means that 99.9% of their potential audience won't be able to figure it out or use it.
I don't understand why do you say that a framework is harder to use then an application (or whatever you intended to say): GNUnet is a framework, which means you don't really want to "use" GNUnet, you want to use one application that runs over GNUnet (like gnunet-gtk for file-sharing, or gnunet-chat for chat, or those browser apps, e-mail-apps and such who are built over GNUnet).

Could your Mother download, compile and install gnunet-gtk?
My mother doesn't know how to turn on a computer, but GNUnet is as easy to install as any other application: just use the package for the system you use (like apt-get install gnunet on Debian, as someone said).

Failed It! (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9661346)

I failed in life because I didn't get a first post!!

YEA!

I fuckin' rock!!

No first post for me!!

In Soviet Russia, the First Post Fails You!

Oh, er...

Erm (3, Interesting)

Reality Master 101 (179095) | more than 10 years ago | (#9661376)

I don't mean to be snarky, but "very" popular? Does Freenet itself qualify as "popular", much less "very popular"? Does /anyone/ semi-normal (i.e., not a techno-geek, or a rights-geek) use Freenet, and if they do, has anything significant ever been published on it?

Freenet seems to me to be one of those ivory tower projects that has little relation to the real world. Proof? No search engine, and very little chance of ever having one. How the hell can it ever be useful? [/rm101 resists making a dig about their choice to implement in Java]

Re:Erm (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9661397)

I get all my kiddie porn from Freenet, whacha' talkin' about that it's not popular?

If Freenet dies, where else would me and my fellow pedophiles go?

Oh wait, you were talkin' about Entropy. Their porn selection was daft to say the very least. No wonder it fell.

Re:Erm (0)

Anonymous Coward | more than 10 years ago | (#9661433)

Hopefully to jail where you'll be raped and sodomized like the sick fuck that you are!

Re:Erm (0)

Anonymous Coward | more than 10 years ago | (#9661449)

I know you're lying because how the hell would you even find the kiddie porn on Freenet? Thus proving how useless Freenet actually is.

Re:Erm (1)

xanadu-xtroot.com (450073) | more than 10 years ago | (#9661406)

Just to answer your question, I can honestly say that I've never used Freenet. The passing will go un-noticed.

Can't we get some more fun articles here? People building a bar out of an old VAX? People building beer chillers with Rocket Engines? Does it have to be all this lame-ish stuff that's been on the front page a for a few weeks now?

Re:Erm (0)

Anonymous Coward | more than 10 years ago | (#9661479)

Freenet has quite a bit of content. Lately people have been posting (relatively) big files; movies, music and such. There are several indexes generated by people running spiders which contain hundreds of so called freesites. Some open source projects which have had trouble finding a place on the WWW are available on Freenet (Freecraft, PlayFair, DeCCS, and you could regard the Win2K source code among these as well I suppose). There are also 'flogs' in which people write about current events and whatnot. And finally there's an active message board system called Frost, which runs on top of Freenet. There are reportedly also Chinese freesites and such, but even on freenet those things are a bit underground and I personally have not seen any of them.

Re:Erm (1)

hawkeyeMI (412577) | more than 10 years ago | (#9661488)

I'm something of a techno/rights geek and I tried Freenet last year.

Unfortunately it's pretty much useless, so I don't use it anymore.

Re:Erm (0)

Anonymous Coward | more than 10 years ago | (#9661665)

You should try it again, it was going through a bad patch for a few months last year due to overloading, but they have made good progress on fixing that now and its working much better.

Re:Erm (1)

thinkninja (606538) | more than 10 years ago | (#9661744)

Hi, like the grandparent poster, I tried freenet but discarded it as unusable without a permanent connection. Is it still pretty much unusable as a transient node?

Re:Erm (1)

Nf1nk (443791) | more than 10 years ago | (#9661878)

treid it again last week and yes still pretty much unusable 9 out of ten sites don't come up at all and it bogged down my 2.4 Ghz p4. Still woefully unimpressive. oh yeah and it pegged my outgoing bandwidth the whole time it ran.

Re:Erm (3, Informative)

Neophytus (642863) | more than 10 years ago | (#9661500)

Just to bite the Java troll, may I cite the example of Azureus [sourceforge.net] as an example of a Java program done right(tm). Runs fast, is responsive and doesn't use the godawful swing toolkit (it uses SWT [eclipse.org] instead).

Freenet doesn't even HAVE an UI (1)

Kjella (173770) | more than 10 years ago | (#9661550)

...and quite frankly, for what it does, it is a hog. Yes, I realize it is mostly proof-of-concept but it is mostly a software router (ok, with encryption, software VPN router) with s LRU cache.

Of course, there's no point in nagging unless you actually have something better to suggest... which I don't. So if the choice is a slow Java project, or a C++ project which doesn't exist - I'll take the Java project...

Kjella

Azureus current version is okay (1)

SmallFurryCreature (593017) | more than 10 years ago | (#9661915)

The previous ones on linux suffered and suffered badly from "too many open file" bugs. It was even blamed on java by some but since I haven't updated java only azureus and with the latest version it is now gone I think that the problem was definitly azureus.

So before I agreed that java was a piece of crap whose only saving grace was that it could be portable (plenty of java apps are not). Now that azureus works very stable (constant run since the last update) I must admit that java can work. HOWEVER

I also run freenet and the memory and CPU usuage is still insanely high. Of course this could simply be a freenet problem but it doesn't help java's image.

To me java is an intresting tool that can solve certain problems. It is not perfect and one of its imperfections is that it is a resource hog. Makes you wonder what is different between the java on linux/windows and the java on mobile phones.

Anyway to get back on topic, too bad but the time is not yet right for these kind of projects. If you actually use freenet and look around there is very little worthwhile on it. Just yesterday someone posted Slackware 10 on it. Yeah we need anonymous network to distribute linux. NOT. Maybe if SCO wins but today it just shows that people are just desperate to look for uses.

Current uses are file sharing (can be done far more easily through other means especially if the files are legal), child porn and similar (not exactly something most people consider a worthy cause) and weirdos. About the only "real" use are DeCSS and the Scientology papers (can easily be hosted by those living in free nations).

The problem of course is that while freenet may not be needed now if it is ever needed in the future it will be too late to write it.

By the time the dictator is in power it is too late to protest.

Re:Erm (1)

r00zky (622648) | more than 10 years ago | (#9661517)

don't you see that a search engine would inherently destroy privacy? at least in the current way Freenet is implemented...

if you have an idea for a search-engine in a (still) anonymous network you're free to submit it.

For now spider-generated indexes will have to suffice.

Re:Erm (1)

Jeff DeMaagd (2015) | more than 10 years ago | (#9661591)

Can you clarify how a spider generated index doesn't destroy privacy, while a search engine does? Aren't they simply one step away from each other in terms of their "dangers"?

Re:Erm (1)

r00zky (622648) | more than 10 years ago | (#9661677)

In a webpage search engine you send a description of the content you're searching for to a server, this server now knows what you were searching for.

In a p2p network search you send your search to your peers, but, in Freenet's case the peers only index the contents by key number (or whatever it's called), not for description of the contents.

A spider basically follows all the links it can find and sorts them according to some meta-data every page has (title, description...)

Also, dynamic webpages aren't allowed (danger of some calling home etc...)

*just now reads new message just posted in reply to mine*

Or at least thats' how it worked the last time i used Freenet! :P will have to check back to see what they're working on

Re:Erm (1)

r00zky (622648) | more than 10 years ago | (#9661691)

errata:
about dynamic pages: between "some" and "calling" a SCRIPT tag is missing...

Re:Erm (1, Informative)

Anonymous Coward | more than 10 years ago | (#9662370)

In a webpage search engine you send a description of the content you're searching for to a server, this server now knows what you were searching for.

You obviosuly haven't throught this through -- Freenet and any other anonymous P2P protocol (including GNUnet) already guard against this type of information leakage by routing requests and searches through a number of nodes on the network. For a given server it is impossible to know whether a given node which makes a request is actually making the request itself or if it's being done on behalf of someone else.

Btw, GNUnet does allow search (it's not a search engine per se, but it does the job) and that's fully anonymous.

Work is underway... (1)

Anonymous Coward | more than 10 years ago | (#9661636)

if you have an idea for a search-engine in a (still) anonymous network you're free to submit it.

It is being worked upon. Not search engine, but a means to efficiently find content (that *wants* to be found, that has been posted publicly, mind you) within the context of the network itself. And no, I'm not talking about Frost/FMB which chokes on just a couple messages a day, but something ready to scale to become as large as the Internet itself. Speaking of which, something Freenet isn't able to do.

There are great things ahead. Within a year, much will have changed. It is not ready to go public yet, but it is taking shape. It will be the Napster of anonymous networks. Easy enough for everyone, and I mean everyone, to use. Sorry about the melodrama, but it has already been resolved in theory and simple simulations. You will know it, when it is complete.

Re:Erm (1)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661722)

My own network is IPv4 based, with a fully functioning www. A search engine could easily be implemented (for all 6 websites, haha), just as on the real internet. Having access to those websites doesn't mean you have any decent way of identifying the publisher.

Re:Erm (2, Insightful)

TRACK-YOUR-POSITION (553878) | more than 10 years ago | (#9661601)

Bittorrent doesn't have a built in search engine, but it's probably the most mainstream (if one considers appearance of legitimacy rather than strict popularity) of all the P2P protocols/clients.

I don't think it has to do with being ivory tower--it's just that anonymity comes with a bandwidth/convenience cost, and at this time most people don't consider it worth paying. As computer resources increase, or political reality changes, anonymity might start to grow in relative importance.

You don't know what you are talking about (1, Insightful)

Anonymous Coward | more than 10 years ago | (#9661645)

Freenet seems to me to be one of those ivory tower projects that has little relation to the real world.
Thats a pretty bold statement for someone who has clearly never tried it. Freedom of speech may not bear much relation to your reality, but you will probably get a different view from someone from some other [freenet-china.org] countries I can think of.

Its a research project, and they are solving hard problems. Yes its not as easy to use as it could be, but either was Linux for a long time, and in many ways Freenet is much more complicated.

Listing Engines Exist Today (1)

nurb432 (527695) | more than 10 years ago | (#9661702)

If you care to look there are several established 'listing engines' that are running.

A true 'search engine' might even be detrimental to the privacy goals of Freenet.

But yes, it is currently a bit esoteric for the average Joe, but that will change in time. Its already MUCH friendlier then in the beginning... ( and the speed troubles seem to improve with each release.. )

And don't bash the java thing without realizing that one goal was for it to run everywhere, and to be browser friendly.. Java ( in theory ) was at the time the best answer to that issue.

Re:Erm (2, Informative)

ultranova (717540) | more than 10 years ago | (#9662094)

Does /anyone/ semi-normal (i.e., not a techno-geek, or a rights-geek) use Freenet,

Couldn't really say, since few people who use anonymous filesharing/messaging use their real names in said anonymous network.

has anything significant ever been published on it?

Quickly scanning The Freedom Engine, I found Fahrenheit 9/11, IIP Revival (which tries to bring back the Invisible IRC), mirror of XBOX Linux, TrekLit (a collection of Star Trek novels in MS Reader .LIT format), various blogs, Freecraft (an open-sourced Warcraft clone which was cease-and-desisted off the Net), Bondage Fairies (fairy porn, kinky too !), a MAME ROM library, a few library freesites, a few movie freesites and, of course, lots of porn.

I really don't know if this is significant, but it proves that there is content in Freenet.

Freenet seems to me to be one of those ivory tower projects that has little relation to the real world.

The development process could be better; currently people are throwing in new features before old ones have been debugged, and as a result the logs are full of NullPointerExecptions and other weird errors. And a bug which caused the node to always route to the worst possible choice went unnoticed for a long time during the switch to NGR...

Apart from that, I really don't see any indication of an ivory tower, especially when it's becoming increasingly clear that the freedoms we are enjoying now are not going to last. And the freedom of communication anonymously is the basis of all other freedoms; without it, you cannot know if your government is honoring the other freedoms, and thus it has no reason to do so.

Please explain your statement ?

No search engine, and very little chance of ever having one.

Three (3) different indexes linked from the start page. And if you use Frost it has an internal search engine for files inserted with Frost.

[/un resists making a dig about people who have been spoiled with Google so they don't know how to find things by surfing anymore]

[/rm101 resists making a dig about their choice to implement in Java]

Considering the amount of NullPointerExecptions the logs contain, I'd say that this was a wise decision. A C program would render the network useless. Of course this might also give an incentive to actually fix those errors before implementing more features...

Just be sure to give the command "LD_ASSUME_KERNEL=2.4.1" followed by "export LD_ASSUME_KERNEL" before running Freenet in Linux 2.6, because otherwise it will try to use pthreads, which will cause Sun JVM to hang.

Re:Erm (1)

BCoates (512464) | more than 10 years ago | (#9662251)

No search engine, and very little chance of ever having one.

Spider the network, generate lookup tables appropriate for search, insert them into the network, and have a client-side script that takes the user's query and responds with the list of results. No changes to the network necessary.

This currently is held back by the unavailability of client side scripting (which is not fundamental, it's just unimplemented) and the current network not having sufficent performance for such a tool to be faster than just going to an index and browsing.

Re:Erm (1)

Jhan (542783) | more than 10 years ago | (#9662263)

Does /anyone/ semi-normal (i.e., not a techno-geek, or a rights-geek) use Freenet, and if they do, has anything significant ever been published on it?

Oh yes! Child porn. Vast amounts of child porn. One could go so far as to say that Freenet is one of the main, if not THE main mechanism for distributing pedophile pornography.

FN was designed for distributing files with maximum anonymity, no matter the performance penalty (speed is horrible). So, it is used only by people who know that their neck would be in the noose if they were caught sharing the file.

corepirate nazi felons running fairytail 'economy' (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#9661409)

from a previous post titled:

america's open-source "community"? (Score:mynuts won, previously PostBlocked nonsense reposted)
by Anonymous Coward on Friday July 02, @07:14AM (#9590589)
ah ha ha, that's a gooed won? tell 'em robbIE? tell 'em what happens to all those idealisms when the monIE man comes to call?

fauxking ediots could be left to their owned felonious greed/fear/ego based glowbull warmongering, if it weren't so potentially fatal to all of the rest of us.

consult with/trust in yOUR creators... the genuine/open to ALL, community, since/until forever.

Some say faster?! (4, Funny)

sulli (195030) | more than 10 years ago | (#9661411)

My 11 year old VW Jetta is faster than Freenet. In 5 pm Bay Bridge traffic.

Re:Some say faster?! (0)

Anonymous Coward | more than 10 years ago | (#9661653)

My 11 year old VW Jetta is faster than Freenet. In 5 pm Bay Bridge traffic.
Perhaps, but does it have a website all about female forearm hair?

oh well (0)

Anonymous Coward | more than 10 years ago | (#9661453)

It seems that only the crappy projects survive (behold Freenet). This is the excitement OSS brings to projects - not being sure there will be a tomorrow.

Yeah, entropy ain't what it used to be. (2, Insightful)

cool_st_elizabeth (730631) | more than 10 years ago | (#9661456)

Now it's official.

Anonymity Infancy (0)

Anonymous Coward | more than 10 years ago | (#9661471)

Anonymous networks, like Freenet, Entropy and I2P, are all in their infancies. None of them claim to be ready for primetime. At some point in the future, they will be (hopefully). When that happens, each one has the potential to dominate peer to peer communication because people will no longer have to worry about the RIAA taking their baby away.

Freenet must follow suit (0)

Anonymous Coward | more than 10 years ago | (#9661491)

The freenet project has been a dead-end for over an year now. If you take a quick look at the mailing lists - http://news.gmane.org/gmane.network.freenet.devel you will see that they are full of aimless bickering and personal insults between the participants.

It is sad, because the Freenet had a great future. Unfortunately certain people involved in the project could not get over their sky-high egos and Freenet grew to be a project that does not know the meaning of the word "compromise".

Hopefully something will happen down the road and Freenet will be resurected, but most of the people currently working on it must go away.

Re:Freenet must follow suit (0)

Anonymous Coward | more than 10 years ago | (#9661623)

What the fuck are you talking about? The project is progressing rapidly and the mailing lists have no more bickering than the Linux Kernel mailing list - do you claim Linux is dying too?

Anonymity and Entropy (5, Interesting)

trifakir (792534) | more than 10 years ago | (#9661544)

Yep, anonymity is a favourite topic of conversation of me and my colleagues. Frankly, I do not understand the concerns of the "Entropy" project leader. Here is why:

  1. Theoretically, it is impossible to have anonymous communication [cornell.edu] on the Internet.
  2. In practice it is a balance of resources. The trick is that it is much cheaper to publish contents anonymously, than to trace the origin of an information. Therefore projects like Hacktivismo - Six/Four [hacktivismo.com] , Crowds [avirubin.com] , Freedom-Net [freedom.net] , Tarzan [mit.edu] , Onion-Routing [onion-router.net] , etc. make sense.

Furthermore, it is often the content which speaks more about the authorship, than the chain of technical events that leads to the publishing of the information. In Slashdot, for example, I have chosen not to show my e-mail, etc., but by reading my comments even a 10-years old kid can make a deduction about my real identity. Does it make sense for me to use IP-tunneling then?

Finally, I do not understand the author. He just seems pissed. Maybe he will reconsider his opinion and revive the project. Is he sick from the lies (?) about the crypto-protocols used in the software which is written? IMHO the theory proves quite stable and if there is a room for attacks it is more in the implementations than in the protocols themselves. How many broken cryptosystems do you recollect (I know, I know "the knapsack", but it got broken on the conference on which it was presented).

Still, even with this project retreating, the subject remains interesting.

Re:Anonymity and Entropy (1)

Teancum (67324) | more than 10 years ago | (#9661651)

I feel for the project leader. He is simply saying that he doesn't want to carry the torch any more. Period. It doesn't really matter what the reason is, although I can also understand what he is saying regarding crypto stuff having a bunch of really weird issues that should never be in the realm of Computer Science.

Part of that is because we are talking about national governments trying to control information flow (notably the U.S. government), and litterally thousands of patents that control who can do what and when with the algorithms. Of all areas of CS, this is perhaps the most litigated subject and has the most restrictions of free speech when discussing this topic. It really is a mine field of trying to know what you can get, and trying to get people who are in the know to spill the beans about what is occuring as well. If patents don't get you, then government security agencies will.

As far as lies are concerned, there is deliberate mis-information going on as well with this branch of computer science. Those are the lies he is talking about. Normally with trying to get computer equipment working, it is so difficult to figure out what is working and what isn't, that you simply presume that the written documentation has mistakes like the wrong pin number or an error code that is one or two numbers off. If documentation is deliberately obfusated to even include mathmatical formulas that are close, but don't really work, or sample code that has intentional holes, you are going to be really lost. Much of this is intentional, on the part of national governments. Some is also due to competitors who are trying to throw potential rivals off from each other. There are "honest" people involved as well, and the trick is trying to know who is your friend and who doesn't really care.

Re:Anonymity and Entropy (1)

HeghmoH (13204) | more than 10 years ago | (#9661652)

Theoretically, it is impossible to have anonymous communication on the Internet.

Can you elaborate some more? I skimmed the linked paper, although I didn't read it thoroughly, and it appears to claim exactly the opposite. Did I completely misunderstand?

Re:Anonymity and Entropy (1)

trifakir (792534) | more than 10 years ago | (#9661758)

Unfortunately, this scheme requires idealized network which does not exist, although many believe that approximation on top of existing techniques can be implemented without compromising much the security of the protocol.

The practical problem with the work of Chaum is that it requires a reliable broadcast network, which is unachievable.

Besides the above difficulty, this is the best work I've read discussing anonymity.

Re:Anonymity and Entropy (0)

Anonymous Coward | more than 10 years ago | (#9661837)

Okay, but you've still done nothing whatsoever to back up your assertion that a truly anonymous network is impossible. You've still yet to indicate on what grounds you believe existing projects such as Freenet fail to provide an anonymous network.

Re:Anonymity and Entropy (1)

trifakir (792534) | more than 10 years ago | (#9661896)

True. My initial statement, without additional context is shaky. Freenet, however, is implemented on top of an existing network - TCP/IP/Ethernet - you name it. And anonimity on top of this particular implementation is not theoretically achievable. There are authors discussing separately that, but I have to dig for their stuff...

BTW, it is much more difficult to show that something does not exist, than the opposite.

Logically, there are faults in what I am claiming, but this discussion is quite informal and I'm trying to summarize what I've heard/read/believe regarding the topic.

Re:Anonymity and Entropy (1)

Beryllium Sphere(tm) (193358) | more than 10 years ago | (#9662817)

From the paper:
>4. Conclusion

This solution to the dining cryptographers problem demonstrates that unconditional secrecy channels can be used to construct an unconditional sender-untraceability channel. It also shows that a public-key distribution system can be used to construct a computationally secure sender-untraceability channel. The approach appears able to satisfy a wide range of practical concerns.

Are you arguing that Internet communication channels can't offer unconditional secrecy?

Re:Anonymity and Entropy (1)

zogger (617870) | more than 10 years ago | (#9661779)

I didn't look at your first link, about the impossible to be anonymous, but just at first thought on the subject in general, a combination of freenet type structure combined with a wireless meshed network would get someone pretty darn close, wouldn't it?

Re:Anonymity and Entropy (1)

trifakir (792534) | more than 10 years ago | (#9661845)

Right, practical anonymity should be quite achievable on the technical side, although let the experts here say their word (I just read from time to time on the subject). Now think about the anonymity in broader context.

So, you are the dissident (for short Bob) and you want to talk anonymously. The first problem is that if you are doing that periodically it should be possible to correlate (something) in your statements. I don't know what can be correlated, for example wording or referral to specific events/goals. Just to remind you - humans are much better in finding patterns than computers (for now and IMO). Second, what you are saying already reduces the amount of anonimity, but that I think I've already mentioned.

BTW, I find anonymity, one of the most difficult cryptography branches and I'm amazed how easily some people talk about it.

Also, I believe that the Big Brother invests in science, so should do his opponents.

Re:Anonymity and Entropy (1)

zogger (617870) | more than 10 years ago | (#9662332)

to beat the patterning, you could have a computer randomize your sentence structure, by you using already overtly published works and your access to them to create "new" works that are your own, but don't look like it.. You could just cut and paste sentences from other works and put them together to make a new work. And if enough people did that, the pattern of the computer assisted copy/paste writing would be so widespread as to be near impossible to track down.

And it depends on what you want to do. If all you want to do is to spread information, you use what work arounds exist. If you (this Bob guy) are a direct action type,along with the words type, you work in a cell of one, no exceptions ever, for any reason. That's just normal assymetrical guerilla warfare theory. Despotic authorities can crack cells of two or more to "many", they do it all the time, but they have an almost impossible task to crack lone individuals. It's possible for them, of course, but much much harder. And if the cell of one is content with only one direct action,or even one critical publication of words, then retires, it becomes so much harder for them to crack as to approach the "impossible" state.

two good essays on this subject you can find on the net:

Leaderless Resistance

The Window War

Best info-mational novel(non sci fi, it's an action/historical genre, very readable) bar none on the subject

Unintended Consequences

Re:Anonymity and Entropy (2, Interesting)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661851)

You bring up a good point, that is often ignored. Your authorship style can do alot to destroy perfect anonymity, from both the low level (stalkers) and high (CIA/NSA tinfoil hat stuff).

There are resources available on my network that are at least trying to train people how not to give themselves away. Simple example, someone invites you, and right away you jump on IRC as trifakir. Someone showing up there as "trifakir" isn't necessarily you, of course. But if I wanted to track someone down that had that nick, I'd search everywhere on the internet and commercially available databases. In the end, any handles/nicknames/usernames you use on an anonymous network have to be totally original for yourself... you can't get away with re-using that hotmail username you had 5 years ago. And as simple as this all seems, there are problems. It's not easy to turn off that impulse to do such things... and no one can help you, either. 100% your own responsibility (not totally true, the guy that invites you knows at least enough to ID you, and can give advice, get you pointed at the website that goes over this in detail... but that's about it).

There are other problems along these lines too. Certain applications are "leaky". Mirc, in particular. Right from the beginning, we knew it would be a problem, and I was helping folks set it up at the command line level to point at a new INI file. But it is pure shit. Even doing that, it is pulling sensitive details from the registry or the original ini files. We haven't found any quite as bad as this one, but is far from unique. Word documents are suspect, in that we can't be 100% certain that published documents don't have some hidden metadata that identifies the author. PDFs created with Adobe are likely as problematic.

And this is the easy stuff. We've yet to come up with guidelines that will protect you from the most insistent long-term attacks. If a well funded agency were to compile psychological data on you, is itso far-fetched that a demographic profile could lead them to you? Male, 30-40, native born english speaker with definite american language traits, has let a few comments slip about his favorite sports team (in the area?)... it all adds up.

And as serious as all this is, with me communicating with less than 50 users ever, I've still had questions about how safe VOIP and webcam apps are! I mean, I doubt we have spooks listening yet, but who can say?

Many books could be written on this subject without ever exhausting it.

Re:Anonymity and Entropy (0)

Anonymous Coward | more than 10 years ago | (#9662411)

Theoretically it is possible to crack RSA encryption, but is it tractable?

Check out my own project. (1)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661561)

Pros: IPv4/IPv6 based network, static IP addresses, free domain names, all traditional TCP apps work, easier to understand.

Cons: Still small, restrictions on who you can invite, win95/98 not supported very well, some dullards have trouble understanding how anonymity works (if it uses TCP/IP your address can be tracked!).

In particular, I need to find people that favor linux/unix (even OSX would be fine), would be willing to invite others, and plan on residing in any country other than the USA for the next few years. Bandwidth usage is negligible, and I'm willing to prove it.

I'd also be willing to mentor those interested in setting up their own similar network, the more the merrier.

Re:Check out my own project. (1)

trifakir (792534) | more than 10 years ago | (#9661609)

Does the icon on your site [24.125.12.101] relates to the content in it or that's just what you had? A friendly advice - try to read a little bit/browse before you spend your evening in writing... There are many projects implementing ideas similar to yours and even more theory...

In short, what you've written sucks.

Re:Check out my own project. (1)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661649)

Haha. I didn't write that last night. My own network went live back in August. I understand some of alot of the other theories, but I don't favor any of them.

Besides, you can be playing Quake3 or IRCing on my own network an hour after talking to me. Even if those were possible on freenet, could you be up and running that quickly?

So, is it my (lack of) writing style you dislike, or the theory?

BTW, the icon is mostly for comcast's sake. The internet feels so impersonal, not being able to show them a friendly gesture, I did the next best thing.

Re:Check out my own project. (1)

trifakir (792534) | more than 10 years ago | (#9661682)

Besides, you can be playing Quake3 or IRCing on my own network an hour after talking to me. Even if those were possible on freenet, could you be up and running that quickly?

That's interesting. I take a mental note to look into your project once more, although I don't have much time for fun these days. Maybe you deserve a small credit for an efficient implementation of tunneling.

It is not the writing style what I disliked. I'm simply old-fashioned and I like projects which are based on (scientific) papers, which have been published and lying around for several years and other papers citing them and so on. Then we have some idea what can we expect and only after that we run our XEmacs...

Re:Check out my own project. (1)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661749)

High school dropout. If you could point me towards a book or website that would help me lay it out as a proper scientific styled paper, I would eventually rewrite it as such.

As for tunneling, I'm not even writing new software. Would rather let the experts do that, freeswan (openswan now?) and OpenVPN are just fine (I tend not to trust the others as much).

I do have some new ideas for transport and routing protocols though. But they aren't necessary at this point, and the network is fully viable, as is. Plus, I truly like to think that a non-mathhead can wrap his brain around how anonymity works on this thing...

Re:Check out my own project. (1)

ozamosi (615254) | more than 10 years ago | (#9661704)

He said the problem was that it was already done over and over and over. I can do the very same things on Tor _without_ talking to you or anyone. I've seen a lot of other networks mentioned here that I haven't tried, but I'm sure at least some of them can do the same things. I'm not saying your software sucks (haven't even looked at the webpage), but it has been done before. At least the stuff you write here.

Re:Check out my own project. (1)

NoMoreNicksLeft (516230) | more than 10 years ago | (#9661944)

Strictly speaking, my project isn't software at all. Or, if it is, it's the TCP/IP stack that computers have had for 20 years, and one of several VPN software stacks that have been available in some cases for more than 5 years. You even, in many cases, have your choice of which VPN software to use.

Many people have done this, or attempted it, I'll grant you. But my version is far simpler, requires no new software, and it truly gives you an IP network. It's passably fast. As in, pings (yes, ICMP works! try that on freenet!) of 400ms or less at the moment, for most of the hosts I can think of pinging. IRC servers, websites, email, any network app you feel like using. Not some web browser proxy, where you have to know secret hashes beforehand to download the file.

I think that all that alone makes my own project a contender. But let me say it again... my own project needs no custom software. If your computer has ipsec installed or (for the non-masochists) you don't mind downloading 1.5megs of OpenVPN, that is all you need. The architecture is such that even cryptographic flaws in those software packages aren't as serious as they might be for other networks.

Re:Check out my own project. (1)

ozamosi (615254) | more than 10 years ago | (#9662805)

Read it... Actually sound kind of cool. Sorry for being too hard on you, I should have RTFAed before opening my mouth. But hey, this is slashdot, what can you expect? :)

Re:Check out my own project. (1)

jhunsake (81920) | more than 10 years ago | (#9662743)

I read your site, and your project is fundamentally flawed. There is no way to know the real relationships between people in different governments. Many countries that are openly hostile to each other frequently cooperate on a lower level. In fact, many leaders that appear to be hostile to each other are in many cases privately friends. Basing your network on these assumptions is a big mistake. The solution has to be technical, and not based on any political or economic understandings.

Tried it, looked suspicious (3, Interesting)

vadim_t (324782) | more than 10 years ago | (#9661684)

Okay, first impression was:

"Wow, great project!". It was like Freenet, only faster, lower latency, some stuff was cooler. It looked really promising. It was much easier to install in a chroot jail than Freenet.

However. From what I saw, I wouldn't trust it for any serious purpose. It looked like the author was only interested in using it for testing his own crypto algorithms, and as anybody who read on this stuff should know, rolling your own crypto is a really bad idea unless you're really, really good, and then make sure it gets well tested for a few years.

It had a nice possibility of restricting the node to chosen allowed crypto algorithms, but none of the available ones was in widespread use. I mean, AES, DES and Blowfish weren't in the list last time I checked. That makes me rather suspicious.

I voiced my concerns once in the Entropy forum, and the author replied saying this is basically a research project and not intended for serious use (IIRC).

If somebody does decide to continue with it, I certainly hope that one of the first things that will be done is to put some tested crypto in it instead of a bunch of homebrew methods. Nothing personal against the author, but I believe that if it was easier to trust it, it could become more popular.

Oh no ... (3, Funny)

Entropy (6967) | more than 10 years ago | (#9661701)

Ack!

What are they doing to me???!

Re:Oh no ... (0)

Anonymous Coward | more than 10 years ago | (#9661789)

Ack!
What are they doing to me???!


Shh! You're supposed to be cancelled.

CVS Repository itself.. (1)

sudog (101964) | more than 10 years ago | (#9661773)

Is there any way to copy out the full contents of the CVS repository itself into another archive? The full development (and not just the latest version of it) is valuable to programmers who wish to learn more about the development process itself that went into Entropy.

Re:CVS Repository itself.. (0)

Anonymous Coward | more than 10 years ago | (#9662487)

cvs checkout, remove the CVS dirs, cvs commit to new repository

Privacy enthusiasts? (1)

One_6453 (740362) | more than 10 years ago | (#9661827)

Is it a sign of the times or the miseducation among us o rour own stupidity that someone has come up with such a term? I mean one who values ones privacy is termed an enthusiast thus denoting that one is almost but not quite on the fringe of society when it comes to privacy issues. More like a gun enthusiast

Points to major need (0)

Anonymous Coward | more than 10 years ago | (#9661905)

Open source / free software/services projects need to think beyond their current organizer. This is a vulnerability that Microsoft and other proprietary providers will exploit.

All they need to do is put together a list of great applications and services. Take those to a client and get them excited about all this great stuff. And then hit them with the news that it's all defunct or unsupported.

(Someone's going to reply that the same is true of commercial software and services - but that doesn't matter - it's all about perceptions, and this is a way that free software/services are more vulnerable.)

Not sure what the solution is, but something is needed to give open projects more staying power.

Mute: The Searchable Alternative (3, Interesting)

KrisHolland (660643) | more than 10 years ago | (#9662000)

There is one alternative called Mute [sourceforge.net] , which solves one key problem with Freenet or Entropy which is that it is searchable.

This discussions is about Entropy? (1)

pyrrhonist (701154) | more than 10 years ago | (#9662103)

The author of Entropy has ceased development, because he heard somewhere [slashdot.org] , that apparently [slashdot.org] someone [slashdot.org] , not exactly sure who, had solved [slashdot.org] the problem [slashdot.org] .

Jeez, dood [slashdot.org] , this article was about Entropy... ;)

Overview of anonymous filesharing networks (1)

Metaframe (795729) | more than 10 years ago | (#9662247)

If you are looking for alternatives or an overview of the most important anonymous filesharing networks you should check out http://board.planetpeer.de Although it is living on a .de domain there are also english forums available.

But I want my Child Porn! (0)

Anonymous Coward | more than 10 years ago | (#9662400)

I sure hope someone takes over Entropy.

Without it, I'll have to go back to waiting for days for my child porn to download from Freenet.

I love how These networks let me store Child Porn on many people's computers who have no idea that it is there because of the encryption. ... all in the name of freedom of speech and privacy from the government, you know, that stuff you have been giving up with your government's Patriot Act, which your politicians didn't even read before passing into law.

Yawn (0)

Anonymous Coward | more than 10 years ago | (#9662797)

Too bad this wasn't the 1950's, then the scarecrow of the day would have been communism & communists. Those were the days.

Irony (1)

Lord_Dweomer (648696) | more than 10 years ago | (#9662773)

" The creator alluded to the possibility that the project could continue if a new owner could be found."

Ah the irony....

Entropy Project Closes Up Shop... (3, Funny)

rwbaskette (9363) | more than 10 years ago | (#9662787)

...well that was random!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?