[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r2736 - GNUnet-docs/WWW
|
From: |
grothoff |
|
Subject: |
[GNUnet-SVN] r2736 - GNUnet-docs/WWW |
|
Date: |
Fri, 5 May 2006 02:29:42 -0700 (PDT) |
Author: grothoff
Date: 2006-05-05 02:29:39 -0700 (Fri, 05 May 2006)
New Revision: 2736
Modified:
GNUnet-docs/WWW/download.php3
GNUnet-docs/WWW/faq.php3
GNUnet-docs/WWW/hacking_afs.php3
GNUnet-docs/WWW/protocol_cs_afs.php3
Log:
addressing 1031
Modified: GNUnet-docs/WWW/download.php3
===================================================================
--- GNUnet-docs/WWW/download.php3 2006-05-05 07:54:38 UTC (rev 2735)
+++ GNUnet-docs/WWW/download.php3 2006-05-05 09:29:39 UTC (rev 2736)
@@ -170,8 +170,8 @@
LIV(extlink_("download/GNUnet-0.7.0c.tar.gz","GNUnet-0.7.0c.tar.gz (1945
kb)"));
LIV(extlink_("download/gnunet-gtk-0.7.0c.tar.bz2", "gnunet-gtk-0.7.0c.tar.bz2
(488 kb)"));
LIV(extlink_("download/gnunet-gtk-0.7.0c.tar.gz" , "gnunet-gtk-0.7.0c.tar.gz
(673 kb)"));
-LIV(extlink_("/libextractor/download/libextractor-0.5.12.tar.gz",
- "libextractor-0.5.12.tar.gz (7750 kb)"));
+LIV(extlink_("/libextractor/download/libextractor-0.5.13.tar.gz",
+ "libextractor-0.5.13.tar.gz (7750 kb)"));
echo "</ul>\n";
BP();
W("The current development code is available from our Subversion repository.");
Modified: GNUnet-docs/WWW/faq.php3
===================================================================
--- GNUnet-docs/WWW/faq.php3 2006-05-05 07:54:38 UTC (rev 2735)
+++ GNUnet-docs/WWW/faq.php3 2006-05-05 09:29:39 UTC (rev 2736)
@@ -6,167 +6,85 @@
H2("Questions");
+H3("General");
+
echo "<ul>\n";
-LIV(extlink_("#raq","What do I do if my question is not answered here?"));
-LIV(extlink_("#license","Is the code free?"));
-LIV(extlink_("#next","When are you going to release the next version?"));
-LIV(extlink_("#gui","Is there a GUI?"));
-LIV(extlink_("#GNUweb","Is it possible to use GNUnet via a browser as an
anonymous WWW?"));
-LIV(extlink_("#test","I cannot find anything. How can I test if it works?"));
-LIV(extlink_("#tell","How can I see which files I have indexed/inserted
(names, descriptions, keywords)?"));
-LIV(extlink_("#compare","How does GNUnet compare to other file-sharing
applications?"));
-LIV(extlink_("#anonymity","What do you mean by “anonymity”?"));
+LIV(extlink_("#raq", "What do I do if my question is not answered
here?"));
+LIV(extlink_("#compare", "How does GNUnet compare to other file-sharing
applications?"));
+LIV(extlink_("#anonymity", "What do you mean by “anonymity”?"));
LIV(extlink_("#accounting","How does “accounting” work?"));
-LIV(extlink_("#shapers","Why should I not use an external traffic shaper?"));
-LIV(extlink_("#firewall","How do I have to configure my firewall?"));
-LIV(extlink_("#speed","Isn’t all this encryption going to make things
totally slow?"));
-LIV(extlink_("#lastblocks", "Why is downloading the last few blocks so
slow?"));
-LIV(extlink_("#attacks","Are there any known attacks?"));
-LIV(extlink_("#platform","On which platforms does GNUnet run?"));
-LIV(extlink_("#hostkey","CRC errors: the deleted hostkey problem."));
-LIV(extlink_("#database","What is the right database for me?"));
-LIV(extlink_("#delete","<tt>gnunet-unindex</tt> behaves in unexpected ways."));
-LIV(extlink_("#spam","How does GNUnet handle spam? or: what are namespaces and
directories good for?"));
+LIV(extlink_("#license", "Is the code free?"));
+LIV(extlink_("#speed", "Isn’t all this encryption going to make
things totally slow?"));
+LIV(extlink_("#attacks", "Are there any known attacks?"));
+echo "</ul>\n";
+
+
+H3("Features");
+
+echo "<ul>\n";
+LIV(extlink_("#next", "When are you going to release the next version?"));
+LIV(extlink_("#gui" , "Is there a graphical user interface (GUI)?"));
+LIV(extlink_("#tui" , "How can I use GNUnet from the command line?"));
+LIV(extlink_("#GNUwww", "Is it possible to surf the WWW anonymously with
GNUnet?"));
+LIV(extlink_("#GNUweb", "Is it possible to access GNUnet via a browser as an
anonymous WWW?"));
+LIV(extlink_("#new", "I have some great idea for a new feature, what should
I do?"));
+echo "</ul>\n";
+
+
+H3("Configuration and Installation");
+
+echo "<ul>\n";
+LIV(extlink_("#platform", "On which platforms does GNUnet run?"));
+LIV(extlink_("#database", "What is the right database for me?"));
+LIV(extlink_("#firewall", "How do I have to configure my firewall?"));
+LIV(extlink_("#shapers", "Why should I not use an external traffic shaper?"));
+LIV(extlink_("#keywords", "Why do you require GNU libextractor?"));
+LIV(extlink_("#dependencies", "What are all of the dependencies for building
GNUnet?"));
+echo "</ul>\n";
+
+
+H3("Error messages and bugs");
+
+echo "<ul>\n";
+LIV(extlink_("#assertion","I get error messages of the form "Failure at
FILE.c:LINE". What is going on?"));
+LIV(extlink_("#hostkey", "Checksum error: the deleted hostkey problem."));
LIV(extlink_("#knownbugs","Are there any known bugs?"));
-LIV(extlink_("#bugs","How do I report a bug?"));
-LIV(extlink_("#keywords","Is it possible to automatically enter keywords for
files?"));
-LIV(extlink_("#framework","Why did you change the project description from an
anonymous file-sharing network to a peer-to-peer framework?"));
+LIV(extlink_("#bugs", "How do I report a bug?"));
echo "</ul>\n";
-H2("Answers");
-ANCHOR("raq");H3("What do I do if my question is not answered here?");
-BP();
-W("There are many other sources of information.");
-W("You can read additional %s, ask the question on one of the %s.",
- ARRAY(intlink_("documentation.php3", "documentation"),
- intlink_("mailinglist.php3","mailing lists")));
-EP();
-ANCHOR("license");H3("Is the code free?");
-BP();
-W("GNUnet is free software, available under the %s (GPL).",
- extlink_("http://www.gnu.org/copyleft/gpl.html";,
- "GNU Public License"));
-W("You are free to run, distribute or modify the code under the terms stated
in that license.");
-W("We are a part of the %s.",
- extlink_("http://www.gnu.org/","GNU project"));
-EP();
-ANCHOR("next");H3("When are you going to release the next version?");
-BP();
-W("The general answer is, when it is ready.");
-W("A better answer may be, earlier if you contribute (test, debug, code,
document).");
-W("Every release will be anounced on the %s mailing list and on %s.",
- ARRAY(extlink_("http://mail.gnu.org/mailman/listinfo/info-gnunet";,
- "Announcements"),
- extlink_("http://freshmeat.net/projects/gnunet/";,
- "freshmeat")));
-W("You can subscribe to the mailing list or to the project on freshmeat to
automatically receive a notification.");
-EP();
-ANCHOR("gui");H3("Is there a GUI?");
-BP();
-W("Yes, it’s called <tt>gnunet-gtk</tt>.");
-W("The GUI supports searching, downloading and inserting files.");
-P();
-W("If you prefer the shell for everything, that’s easy, too.");
-W("First, use <tt>gnunet-search</tt> to search for content:");
-P();
-PRE("$ ~/bin/gnunet-search GPL\n" .
-
"gnunet://ecrs/chk/9E4MDN4VULE8KJG6U1C8FKH5HA8C5CHSJTILRTTPGK8MJ6VHORERHE68JU8Q0FDTOH1DGLUJ3NLE99N0ML0N9PIBAGKG7MNPBTT6UKG.1I823C58O3LKS24LLI9KB384LH82LGF9GUQRJHACCUINSCQH36SI4NF88CMAET3T3BHI93D4S0M5CC6MVDL1K8GFKVBN69Q6T307U6O.17992:\n"
.
- "gnunet-download -o "COPYING"
gnunet://ecrs/chk/9E4MDN4VULE8KJG6U1C8FKH5HA8C5CHSJTILRTTPGK8MJ6VHORERHE68JU8Q0FDTOH1DGLUJ3NLE99N0ML0N9PIBAGKG7MNPBTT6UKG.1I823C58O3LKS24LLI9KB384LH82LGF9GUQRJHACCUINSCQH36SI4NF88CMAET3T3BHI93D4S0M5CC6MVDL1K8GFKVBN69Q6T307U6O.17992\n"
.
- " filename: COPYING\n" .
- " description: The GNU Public License\n" .
- " author: RMS\n" .
- " publication date: Sat Jun 25 08:29:13 2005");
-P();
-W("The output above is the result of searching for the keyword
“GPL”.");
-W("<tt>gnunet-search</tt> will immediately start searching GNUnet and print
new results (no duplicates) to the screen.");
-W("The first line is the information that is required to retrieve the file
(query-hash, key-hash, and the size of the file, here 17992 bytes).");
-P();
-W("This is followed by additional information about the file.");
-W("In order to download the file, use");
-P();
-PRE("$ gnunet-download -o "COPYING" --
gnunet://ecrs/chk/N8RCF3TETLRU9CV1PAS7M2H9QDB36AE3.K9JO8IP7KTNFO23S3VB4TFUKLD7SO5AS.0466DC92.17992");
-P();
-W("where <tt>COPYING</tt> is the suggested filename.");
-P();
-W("If you want to add content to GNUnet, use");
-EP();
-PRE("$ gnunet-insert -m "description:The GNU Public License" -k GPL
-k GNU -m mimetype:text/plain -m author:RMS COPYING");
-P();
-W("where <tt>COPYING</tt> is the filename and the arguments are the
description of the file (<tt>-m</tt> options) and <tt>-k</tt> is used to
specify additional keywords.");
-EP();
+H3("Common problems");
-ANCHOR("GNUweb");H3("Is it possible to use GNUnet via a browser as an
anonymous WWW?");
-BP();
-W("There is currently no proxy (like fproxy in Freenet) for GNUnet that would
make it accessible with a browser.");
-W("It is possible to build such a proxy and all one needs to know is the
protocol used between browser and proxy and a swift look at the sources in
<tt>src/applications/fs/tools/</tt>.");
-P();
-W("The real question is, whether or not this is a good idea.");
-W("In order to achieve anonymity, the AFS file sharing service implemented on
top of GNUnet has a much higher latency than the WWW.");
-W("Thus, the experience of browsing the web will usually be hindered
significantly by these delays (potentially several minutes per page!).");
-P();
-W("If you still want to write a proxy, you are welcome to send us code and
join the developer team.");
-EP();
+echo "<ul>\n";
+LIV(extlink_("#test", "I cannot find anything. How can I test if it
works?"));
+LIV(extlink_("#lastblocks", "Why is downloading the last few blocks so
slow?"));
+LIV(extlink_("#delete", "<tt>gnunet-unindex</tt> behaves in unexpected
ways."));
+LIV(extlink_("#tell", "How can I see which files I have indexed/inserted
(names, descriptions, keywords)?"));
+echo "</ul>\n";
-ANCHOR("test");H3("I cannot find anything. How can I test if it works?");
-BP();
-W("How can I test if it works?");
-W("Searches can return no results if no matching content is found.");
-W("For a simple test, it is suggested to search for <tt>GPL</tt>.");
-W("The GNU Public License was inserted under that keyword on the permanent
node on <tt>gnunet.org</tt>.");
-W("This test may of course fail if <tt>gnunet.org</tt> is temporarily not
available.");
-W("Common other problems are:");
-EP();
+
+H3("Using GNUnet");
+
echo "<ul>\n";
-LI("firewall (UDP and TCP ports 2086 should be open)");
-LI("not connected (it may take a couple of minutes)");
-LI("typos (if you’re off by one letter, it won’t work)");
+LIV(extlink_("#spam", "Why should I insert directories instead of individual
files?"));
echo "</ul>\n";
-BP();
-W("For a test of slightly larger scale, you can try to download another
“official” test content by searching for keyword <tt>alien</tt> or
go directly for the content using:");
-P();
-PRE("$ gnunet-download -o "Aliensong.mpeg" --
gnunet://ecrs/chk/MN8P2LS383SRU0N68OPRBU28J0MIOPFS1BTA7K76SJUFONHHGE6LJ33PU45ASNUTGT4AP70LQUOSN79C2IODFA7D4IU0HR9K3ASIHE8.E561C1GJ1SR99AMBM7L87RF2HKGE8L7D6JLIUGT5G7UBDPCT1FNDCMV15T00LD0U92C6JE3M93JE23PJKVF2AJRHIB3VCIC41952DOO.3201028");
-P();
-W("Still not satisfied?");
-W("Use your imagination for guessing keywords, or try common mime-types as
keywords (such as <tt>application/pdf</tt>, <tt>application/x-zip</tt>,
<tt>image/jpeg</tt> or <tt>audio/mp3</tt>).");
-EP();
+H2("Answers");
-ANCHOR("tell"); H3("How can I see which files I have indexed/inserted (names,
descriptions, keywords)?");
+H3("General");
+
+ANCHOR("raq");
+H4("What do I do if my question is not answered here?");
BP();
-W("For building directories, GNUnet keeps track of all file identifiers that
it has so far encountered, including search results, inserted or indexed files
and files mentioned in downloaded directories.");
-W("This information is stored in plaintext to allow building of directories.");
-W("Users should run <tt>gnunet-directory -t</tt> to start tracking this
information.");
-W("Note that the data is kept locally in the GNUnet directory and never send
out into the network.");
-W("You can inspect the information with <tt>gnunet-directory -l</tt>.");
-W("It is probably a good idea to clean this database of your activities from
time to time.");
-W("You can run <tt>gnunet-directory -k</tt> to remove the information
collected so far (and to stop tracking).");
-W("Once that database has been cleaned, GNUnet can no longer tell which files
you inserted, but it can tell you which files are indexed.");
-P();
-W("The reason why GNUnet can not tell you which files were inserted is the
same reason, why we distinguish between indexing and insertion: deniability.");
-W("The primary use of insertion is to give an adversary no easy way to figure
out what files are stored on your computer, and that under the assumption that
the adversary takes full control of you machine.");
-W("Thus, GNUnet was designed to not require any information that would allow
it to reconstruct the inserted file without the appropriate keyword (read:
password).");
-W("If the adversary already knows the exact content, it is still possible for
the adversary that has control of your machine to verify that the content is
present.");
-W("The best defence against that is to insert the content with a low priority
and to turn on <tt>ACTIVEMIGRATION</tt>.");
-W("Then you can plausibly claim that the content migrated to your node from
another peer, and that you had no way of knowing that it was there.");
-W("In either case, how well deniability serves you will depend on your local
court.");
-W("Since there are countries where breathing can get you into jail, saying
that you were not able to tell what your computer was storing may not be
sufficient.");
-W("Note that breaking your anonymity and taking control of your computer are
steps that the adversary needs to take first, before you need to resort to
deniability.");
-P();
-W("Indexed content is a slightly different story.");
-W("For indexed content, the goal for GNUnet is still to make it difficult for
the adversary to establish from which machine the content originates
(anonymity).");
-W("For indexed content GNUnet keeps links to the indexed files, typically in
<tt>/var/lib/GNUnet/data/shared/</tt>.");
-W("GNUnet uses the list to locate the block corresponding to a request.");
-W("Do NOT edit the directory by hand.");
-W("Use <tt>gnunet-unindex</tt> to remove files from the directory.");
-P();
-W("Also, do not move or change indexed files since GNUnet relies on the paths
of indexed files to be constant.");
-W("If you must move an indexed file, use first <tt>gnunet-unindex</tt>, then
move the file, and then use <tt>gnunet-insert</tt> to re-insert the file.");
-// W("Or, alternatively, implement <tt>gnunet-move</tt> and submit the patch
:-).");
+W("There are many other sources of information.");
+W("You can read additional %s, ask the question on one of the %s.",
+ ARRAY(intlink_("documentation.php3", "documentation"),
+ intlink_("mailinglist.php3","mailing lists")));
+EP();
-EP();
-ANCHOR("compare"); H3("How does GNUnet compare to other file-sharing
applications?");
+ANCHOR("compare");
+H4("How does GNUnet compare to other file-sharing applications?");
BP();
W("As opposed to Napster and Gnutella, GNUnet was designed with security in
mind as the highest priority.");
W("We intend on producing a network with high security guarantees.");
@@ -351,7 +269,8 @@
<?php
-ANCHOR("anonymity"); H3("What do you mean by “anonymity”?");
+ANCHOR("anonymity");
+H4("What do you mean by “anonymity”?");
BP();
W("Anonymity is the lack of distinction of an individual from a (large)
group.");
W("A central goal for anonymous file-sharing in GNUnet is to make all users
(peers) form a group and to make communications in that group anonymous, that
is, nobody (but the initiator) should be able to tell which of the peers in the
group originated the message.");
@@ -370,7 +289,9 @@
W("Since intermediaries have no means of decrypting the content and are (in
all sane legal systems) thus not legally responsible for them (if you use the
Internet to send an encrypted E-mail, your Internet Service Provider (ISP) will
typically not be held responsible for the content that its servers transmit; in
GNUnet, every peer plays the role of an ISP, providing Internet services to
other peers).");
EP();
-ANCHOR("accounting");H3("How does “accounting” work?");
+
+ANCHOR("accounting");
+H4("How does “accounting” work?");
BP();
W("GNUnet is based on a trust-based economic model.");
W("Each node is forming an <em>opinion</em> on all the other nodes it is in
contact with.");
@@ -384,8 +305,6 @@
ARRAY(intlink_("encoding.php3","GNUnet encoding"),
extlink_("download/ecrs.ps","ECRS"),
intlink_("encoding.php3","encoding page")));
-
-
P();
W("The economic model is designed in a way that the damage that a malicious
node can do is bounded by the formula");
EP();
@@ -399,30 +318,21 @@
W("Epsilon is a number smaller than the excess capacity of the network,
whereas the excess capacity of the network are wasted resources (idle CPUs,
idle network connections).");
EP();
-ANCHOR("shapers");H3("Why should I not use an external traffic shaper?");
-BP();
-W("GNUnet %s decides who to serve when the system is loaded.",
- extlink_("#accounting","accounting"));
-W("Packets are sent and dropped based on their priority and current load.");
-W("External shapers (like <em>token bucket filter</em>) can’t make this
distinction and treat all GNUnet traffic as equal.");
-W("You should set GNUnets internal bandwidth limits to reflect your true
configuration and what you can afford and <em>not use any external shaping for
GNUnet</em>.");
-W("It’s much better to have the limits enforced by <tt>gnunetd</tt> than
by an external mechanism.");
-EP();
-ANCHOR("firewall");H3("How do I have to configure my firewall?");
+ANCHOR("license");
+H4("Is the code free?");
BP();
-W("GNUnet uses the ports 2086 and 1080 by default.");
-W("Configure your firewall to accept packets to the ports 2086 and 1080 (TCP
and UDP) for the machine running the GNUnet daemon <tt>gnunetd</tt>.");
-W("If your firewall is a NAT box, forward packets to your GNUnet machine's
ports 2086 and 1080 and tweak the configuration file gnunetd.conf (sections
NETWORK, LOAD, UDP, TCP and NAT) to use the external IP of the NAT box.");
-W("Port 2087 is used for communication between <tt>gnunetd</tt> and the client
tools as <tt>gnunet-gtk</tt>, <tt>gnunet-search</tt> etc.");
-W("There is no need to open port 2087 to the rest of the Internet.");
-P();
-W("Port 2086 is used for GNUnet's own transmission protocol, HTTP encapsulated
GNUnet packets (\"HTTP transport\") are transmitted through port 1080 by
default.");
-W("The HTTP transport is not necessarily required and can be disabled in
GNUnet's configuration file.");
-W("Disabling it on firewalled systems is important, because available
transports are advertised to other peers and activated but broken transports
result in decreased reachability.");
+W("GNUnet is free software, available under the %s (GPL).",
+ extlink_("http://www.gnu.org/copyleft/gpl.html";,
+ "GNU Public License"));
+W("You are free to run, distribute or modify the code under the terms stated
in that license.");
+W("We are a part of the %s.",
+ extlink_("http://www.gnu.org/","GNU project"));
EP();
-ANCHOR("speed"); H3("Isn’t all this encryption going to make things
totally slow?");
+
+ANCHOR("speed");
+H4("Isn’t all this encryption going to make things totally slow?");
BP();
W("The answer to this is, that encryption is incredibly fast.");
W("GNUnet uses mostly AES-256, a very fast and secure cipher.");
@@ -445,29 +355,10 @@
W("Complete decentralization is very costly and we should thus not expect to
outperform the centralized solution, especially not if we also want
anonymity.");
EP();
-ANCHOR("lastblocks"); H3("Why is downloading the last few blocks so slow?");
+ANCHOR("attacks");
+H4("Are there any known attacks?");
BP();
-W("Sometimes when downloading large files from GNUnet AFS, it may take a long
time to get the last remaining blocks of the file.");
-W("This is often not an error, and if it happens, it does not automatically
mean that the blocks must have disappeared from the network (though that is
possible).");
-W("The explanation is as follows (its a bit technical).");
-EP();
-echo "<ul>\n";
-LI("The system starts with a fairly low TTL and probes going higher each time
no response arrives.");
-LI("The last block is likely (as in always) to have been requested multiple
times without success (peer busy processing other requests, message-drops,
etc.).");
-LI("The TTL of the last block is always significantly higher than the
(successful) ttl of the first block.");
-LI("A higher TTL <em>also</em> means that the retransmission frequency is
lower, so GNUnet will also attempt to get that block less frequently.");
-LI("Finally, on occasion the peer may have depleted whatever initial trust it
had in the network by the time it gets to the last block, putting it into a
further disadvantage.");
-LI("Finally finally, a peer without trust only gets effective TTL of 0 (except
locally), so it will now compete with other queries (in particular queries
still in slots from the download; now, the routing table has a small resistance
(TTL_DECREMENT) before replacing a pending query with one with a higher TTL,
adding yet another 5s or so.");
-echo "</ul>\n";
-BP();
-W("To summarize, there are plenty of reasons why the download MUST go slower
at the end.");
-W("However, the GNUnet developers are still investigating ways to make it
faster.");
-EP();
-
-ANCHOR("attacks"); H3("Are there any known attacks?");
-
-BP();
W("Generally, there is the possibility of a known plaintext attack on
keywords, but since the user has control over the keywords that are associated
with the content he inserts, the user can take advantage of the same techniques
used to generate reasonable passwords to defend against such an attack.");
W("In any event, we are not trying to <i>hide</i> content; thus, unless the
user is trying to insert information into the network that can only be shared
with a small group of people, there is no real reason to try to obfuscate the
content by choosing a difficult keyword anyway.");
W("Note that it is not necessary to use keywords (or even intelligible
keywords) at all.");
@@ -477,29 +368,233 @@
W("If the attacker has significantly more resources (bandwidth, control over
Internet routers, many peers), anonymity can theoretically always be broken.");
W("In fact, this applies to all other systems that provide anonymity.");
W("Unlike other designs, the degree of anonymity that can be achieved in
GNUnet depends mostly on which fraction of its resources each peer spends on
its own requests.");
-
P();
-
W("Since this is a project in development, you can find a list of problems or
report them using the %s system.",
extlink_("https://gnunet.org/mantis/","Mantis";));
+EP();
+
+
+H3("Features");
+
+ANCHOR("next");
+H4("When are you going to release the next version?");
+BP();
+W("The general answer is, when it is ready.");
+W("A better answer may be, earlier if you contribute (test, debug, code,
document).");
+W("Every release will be anounced on the %s mailing list and on %s.",
+ ARRAY(extlink_("http://mail.gnu.org/mailman/listinfo/info-gnunet";,
+ "Announcements"),
+ extlink_("http://freshmeat.net/projects/gnunet/";,
+ "freshmeat")));
+W("You can subscribe to the mailing list or to the project on freshmeat to
automatically receive a notification.");
EP();
-ANCHOR("platform"); H3("On which platforms does GNUnet run?");
+ANCHOR("gui");H4("Is there a graphical user interface?");
BP();
+W("Yes, there is at least one graphical user interface it’s called
<tt>gnunet-gtk</tt>.");
+W("Note that <tt>gnunet-gtk</tt> is a separate download.");
+W("The GUI supports searching, downloading and inserting files.");
+EP();
+
+
+ANCHOR("tui");H4("How can I use GNUnet from the command line?");
+BP();
+W("Yes, except for image previews pretty much all features can be accessed
with various command line tools.");
+W("Use <tt>gnunet-search</tt> to search for content:");
+P();
+PRE("$ ~/bin/gnunet-search GPL\n" .
+
"gnunet://ecrs/chk/9E4MDN4VULE8KJG6U1C8FKH5HA8C5CHSJTILRTTPGK8MJ6VHORERHE68JU8Q0FDTOH1DGLUJ3NLE99N0ML0N9PIBAGKG7MNPBTT6UKG.1I823C58O3LKS24LLI9KB384LH82LGF9GUQRJHACCUINSCQH36SI4NF88CMAET3T3BHI93D4S0M5CC6MVDL1K8GFKVBN69Q6T307U6O.17992:\n"
.
+ "gnunet-download -o "COPYING"
gnunet://ecrs/chk/9E4MDN4VULE8KJG6U1C8FKH5HA8C5CHSJTILRTTPGK8MJ6VHORERHE68JU8Q0FDTOH1DGLUJ3NLE99N0ML0N9PIBAGKG7MNPBTT6UKG.1I823C58O3LKS24LLI9KB384LH82LGF9GUQRJHACCUINSCQH36SI4NF88CMAET3T3BHI93D4S0M5CC6MVDL1K8GFKVBN69Q6T307U6O.17992\n"
.
+ " filename: COPYING\n" .
+ " description: The GNU Public License\n" .
+ " author: RMS\n" .
+ " publication date: Sat Jun 25 08:29:13 2005");
+P();
+W("The output above is the result of searching for the keyword
“GPL”.");
+W("<tt>gnunet-search</tt> will immediately start searching GNUnet and print
new results (no duplicates) to the screen.");
+W("The first line is the information that is required to retrieve the file
(query-hash, key-hash, and the size of the file, here 17992 bytes).");
+P();
+W("This is followed by additional information about the file.");
+W("In order to download the file, use");
+P();
+PRE("$ gnunet-download -o "COPYING" --
gnunet://ecrs/chk/N8RCF3TETLRU9CV1PAS7M2H9QDB36AE3.K9JO8IP7KTNFO23S3VB4TFUKLD7SO5AS.0466DC92.17992");
+P();
+W("where <tt>COPYING</tt> is the suggested filename.");
+P();
+W("If you want to add content to GNUnet, use");
+EP();
+PRE("$ gnunet-insert -m "description:The GNU Public License" -k GPL
-k GNU -m mimetype:text/plain -m author:RMS COPYING");
+P();
+W("where <tt>COPYING</tt> is the filename and the arguments are the
description of the file (<tt>-m</tt> options) and <tt>-k</tt> is used to
specify additional keywords.");
+EP();
+
+ANCHOR("GNUwww");H4("Is it possible to surf the WWW anonymously with GNUnet?");
+BP();
+W("It is not possible use GNUnet for anonymous browsing at this point.");
+W("We recommend that you use %s for anonymous surfing.",
+ extlink_("http://tor.eff.org/";, "tor"));
+EP();
+
+ANCHOR("GNUweb");H4("Is it possible to access GNUnet via a browser as an
anonymous WWW?");
+BP();
+W("There is currently no proxy (like fproxy in Freenet) for GNUnet that would
make it accessible with a browser.");
+W("It is possible to build such a proxy and all one needs to know is the
protocol used between browser and proxy and a swift look at the sources in
<tt>src/applications/fs/tools/</tt>.");
+P();
+W("The real question is, whether or not this is a good idea.");
+W("In order to achieve anonymity, the file sharing service implemented on top
of GNUnet has a much higher latency than the WWW.");
+W("Thus, the experience of browsing the web will usually be hindered
significantly by these delays (potentially several minutes per page!).");
+P();
+W("If you still want to write a proxy, you are welcome to send us code and
join the developer team.");
+EP();
+
+
+ANCHOR("new");H4("I have some great idea for a new feature, what should I
do?");
+BP();
+W("Sadly, we have many more feature requests than we can possibly implement.");
+W("The best way to actually get a new feature implemented is to do it yourself
-- and send us a patch.");
+W("If it is a larger effort, you might want to ask on the mailinglists for
some feedback first.");
+W("Also, check on %s to see if the feature is already being worked on.",
+ extlink_("https://gnunet.org/mantis/";, "Mantis"));
+W("A list of planned long-term features is in the %s file.",
+ extlink_("https://gnunet.org/svn/GNUnet/todo";));
+W("If you cannot code you can submit a feature request to Mantis.");
+W("Please double-check that such a request does not already exist.");
+EP();
+
+
+
+H3("Configuration and Installation");
+
+ANCHOR("platform");
+H4("On which platforms does GNUnet run?");
+BP();
W("GNUnet is being developed and tested under Debian GNU/Linux for i386.");
W("We have reports of working versions on FreeBSD, NetBSD, OpenBSD, Solaris
and OS X.");
+W("However, those reports are not recent, if you can or cannot get GNUnet to
work on those systems please let us know.");
W("GNUnet should work on big-endian architectures, including Linux/PPC.");
W("GNUnet has been ported to Win32.");
W("Patches to make it work on other platforms are always appreciated.");
W("If you had success running GNUnet on any other platform, please report!");
+EP();
+
+ANCHOR("database");
+H4("What is the right database for me?");
+BP();
+W("If you are not experienced with databases or GNUnet, you should stick to
the default which is <tt>sqlite</tt>.");
+W("The <tt>mysql</tt> module requires manual setup, which is described %s.",
+ extlink_("user_afs.php3#mysql","here"));
+W("<tt>mysql</tt> has good performance and the database can be repaired from
internal failures, but its more difficult to install than any of the
alternatives.");
EP();
-ANCHOR("hostkey"); H3("Checksum error: the deleted hostkey problem.");
+ANCHOR("firewall");
+H4("How do I have to configure my firewall?");
BP();
+W("GNUnet uses the ports 2086 and 1080 by default.");
+W("Configure your firewall to accept packets to the ports 2086 and 1080 (TCP
and UDP) for the machine running the GNUnet daemon <tt>gnunetd</tt>.");
+W("If your firewall is a NAT box, forward packets to your GNUnet machine's
ports 2086 and 1080 and tweak the configuration file gnunetd.conf (sections
NETWORK, LOAD, UDP, TCP and NAT) to use the external IP of the NAT box.");
+W("Port 2087 is used for communication between <tt>gnunetd</tt> and the client
tools as <tt>gnunet-gtk</tt>, <tt>gnunet-search</tt> etc.");
+W("There is no need to open port 2087 to the rest of the Internet.");
+P();
+W("Port 2086 is used for GNUnet's own transmission protocol, HTTP encapsulated
GNUnet packets (\"HTTP transport\") are transmitted through port 1080 by
default.");
+W("The HTTP transport is not necessarily required and can be disabled in
GNUnet's configuration file.");
+W("Disabling it on firewalled systems is important, because available
transports are advertised to other peers and activated but broken transports
result in decreased reachability.");
+EP();
+
+
+ANCHOR("shapers");
+H4("Why should I not use an external traffic shaper?");
+BP();
+W("GNUnet %s decides who to serve when the system is loaded.",
+ extlink_("#accounting","accounting"));
+W("Packets are sent and dropped based on their priority and current load.");
+W("External shapers (like <em>token bucket filter</em>) can’t make this
distinction and treat all GNUnet traffic as equal.");
+W("You should set GNUnets internal bandwidth limits to reflect your true
configuration and what you can afford and <em>not use any external shaping for
GNUnet</em>.");
+W("It’s much better to have the limits enforced by <tt>gnunetd</tt> than
by an external mechanism.");
+EP();
+
+
+ANCHOR("keywords");
+H4("Why do you require GNU libextractor?");
+BP();
+W("GNUnet needs keywords such that other users can find the files.");
+W("Typing in lots of keywords is of course a major pain.");
+W("Other systems like gnutella typically just use the filenames.");
+W("Using filenames is not a good solution since they are not always very
descriptive and/or can be a pain to produce for the content provider in the
first place.");
+P();
+W("GNUnet uses a better approach, which is <strong>keyword
extraction</strong>.");
+W("The library %s was developed for the purpose of extracting keywords from
arbitrary files.",
+ extlink_("/libextractor/","libextractor"));
+W("If keywords can easily be extracted from your files, you don’t have
to supply keywords by hand.");
+W("<tt>libextractor</tt> can also use the filename as a source for keywords.");
+P();
+W("If you have keywords in a file that should be extracted but the file format
is not supported by <tt>libextractor</tt>, the API of the library is be simple
enough that any C hacker who knows the file format should be able to code a
plugin that will allow you to extract the keywords.");
+W("If you just want filenames, <tt>libextractor</tt> can do those, too.");
+EP();
+
+
+ANCHOR("dependencies");
+H4("What are all of the dependencies for building GNUnet?");
+BP();
+W("The short answer is, that we cannot really tell you.");
+W("The reason is, that this depends a lot on your distribution.");
+W("For example, we use <tt>libgcrypt</tt>, which in turn requires
<tt>libgpg-error</tt>.");
+W("However, most distributions would put these two libraries into one
package.");
+W("Similarly, dependencies for GTK and MySQL are not always identical.");
+W("Finally, where does the list end? Should we list <tt>libc6</tt>,
<tt>zlib</tt>, <tt>bzip2</tt>, <tt>xlib</tt>, <tt>glib</tt>?");
+W("Also, many dependencies are optional.");
+W("You can use GNUnet without a graphical user interface.");
+W("However, even if you do not use GNUnet with a GUI, you might be using a
<tt>libextractor</tt> binary that is linked against GTK-pixbuf to compute
thumbnails.");
+P();
+W("What we have done instead is list all of the top-level dependencies for
Debian GNU/Linux in the %s file.",
+ extlink("https://gnunet.org/svn/GNUnet/README.debian";, "README.debian"));
+W("This list is for the specific Debian version that most GNUnet developers
are using.");
+W("It is also only detailing the top-level packages necessary to compile
GNUnet.");
+W("Those packages in turn depend on other packages, which are not listed.");
+W("For example, the list will include <tt>libextractor-dev<tt> but not
<tt>libextractor1c2a</tt> which maybe required by <tt>libextractor-dev</tt>.");
+W("In other words, <tt>apt-get</tt> is your friend, and if your distribution
does not support automatic download of transitive dependencies you might want
to consider switching -- at least we cannot really help you with a complete
list in that case.");
+P();
+W("Note that the Debian package list should still be useful for you even if
you are not running Debian.");
+W("Other distributions are likely to have similar packages.");
+P();
+W("Finally, please note that <tt>configure</tt> will succeed even if a
suitable version of MySQL or sqLite is not detected.");
+W("The reason is, that (theoretically) you might be compiling for a
client-only system, or you might not care about anonymous file-sharing.");
+W("If you do want to use file-sharing, please read the final lines printed by
configure to make sure that a suitable database was found.");
+EP();
+
+
+H3("Error messages and bugs");
+
+ANCHOR("assertion");
+H4("I get error messages of the form "Failure at FILE.c:LINE". What
is going on?");
+BP();
+W("We use a generic error message in GNUnet to indicate that something went
wrong.");
+W("The cause is usually a bug or some data corruption on the network.");
+W("Note that the bug does not necessarily have to be in the current version --
the problem could be caused by another peer running a different version of
GNUnet.");
+W("Similarly, the problem might be anything from completely harmless to
rendering your peer useless.");
+W("In a stable, production release we would disable these messages, but for
now we want to know about those problems.");
+W("Consequently, please report them to %s (after checking that they have not
already been reported).",
+ extlink_("https://gnunet.org/mantis/","Mantis";));
+W("Of course, if a corresponding report already exists, feel free to add a
note saying that you are also experiencing the problem.");
+P();
+W("We do not provide detailed information about what exactly went wrong in the
error message for a simple reason -- there are at least 800 different potential
problems that are reported in this way.");
+W("If we gave 800 specific error messages this would not only increase the
binary size significantly, it would also drive people translating GNUnet into
other languages crazy.");
+W("Finally, it takes much less time to write <tt>BREAK()</tt> in the code to
indicate that something went wrong then to write a detailed explanation of the
cause that anyone unfamiliar with the code can understand.");
+W("If you want to investigate what went wrong yourself, use the source.");
+P();
+W("Note that we do provided detailed error messages and warnings for problems
that are likely not bugs in the code and that the user can address.");
+W("Also note that GNUnet is generally quite verbose in its log messages.");
+W("This is mostly useful for diagnosing problems that users report.");
+W("As long as everything seems to work, it is probably safe to ignore
<tt>WARNING</tt> messages.");
+EP();
+
+
+ANCHOR("hostkey");
+H4("Checksum error: the deleted hostkey problem.");
+BP();
W("Under certain circumstances, <tt>gnunetd</tt> will print warnings
indicating checksum errors in messages that were received from other nodes.");
W("This is most of the time not a bug and not a problem.");
W("Everything is working ok.");
@@ -507,9 +602,7 @@
W("Each node on GNUnet has a secret, public key.");
W("When hosts start, they look at the <tt>data/hosts/</tt> directory looking
for keys and addresses of other nodes on the network.");
W("It will then cryptographically sign its current network address (say IP and
port) together with a timestamp and send this, together with the public key of
the node, to other nodes on the network.");
-
P();
-
W("Later, nodes will use this binding of key to address to communicate.");
W("The binding of a public key to an address would ideally be a one-on-one
relationship.");
W("Due to dial-up, DHCP and other dynamic assignments, this may not always be
the case.");
@@ -517,92 +610,32 @@
W("A more common scenario is that the <tt>~/.gnunet/.hostkey</tt> file was
deleted.");
W("Other nodes on the network may still know the old hostkey and have it bound
to that host.");
W("Do not delete the hostkey if you want to avoid this problem!");
-
P();
-
W("The reason why we can’t avoid this (ok, we could just not print the
error message, but that’s not the point), is that a malicious host could
always claim to have any address on the Internet.");
W("If we have two public keys for the same host, the best we can do is try out
both.");
-
P();
-
W("Checking both is very cheap, and after a while (depending on the timeout
configured in gnunetd.conf), hostkeys will eventually expire.");
-
P();
-
W("You may also receive messages that will result in checksum errors from
clients that run versions of GNUnet before 0.7.0 (protocol mismatch).");
-
EP();
-ANCHOR("database"); H3("What is the right database for me?");
-BP();
-W("If you are not experienced with databases or GNUnet, you should stick to
the default which is <tt>sqlite</tt>.");
-W("The <tt>mysql</tt> module requires manual setup, which is described %s.",
- extlink_("user_afs.php3#mysql","here"));
-W("<tt>mysql</tt> has good performance and the database can be repaired from
internal failures, but its more difficult to install than any of the
alternatives.");
-EP();
-ANCHOR("delete"); H3("<tt>gnunet-unindex</tt> behaves in unexpected ways.");
+
+ANCHOR("knownbugs"); H4("Are there any known bugs?");
BP();
-W("First of all, many things can go seemingly wrong with
<tt>gnunet-unindex</tt> and one has to understand what exactly
<tt>gnunet-unindex</tt> does to avoid pitfalls.");
-W("The first thing to recall is that <tt>gnunet-unindex</tt> only unindexes
blocks from the local database.");
-W("Blocks that have been replicated by other peers are not removed.");
-W("This is why it is possible that a file can still be available after running
<tt>gnunet-unindex</tt>.");
-W("Also <tt>gnunet-unindex</tt> does <b>not</b> unindex the search-blocks
associated with keywords.");
-W("Thus searching for the file will still list the file as if it was there.");
-W("Part of the reason for not removing the search-blocks is that the keywords
used when indexing are not known to <tt>gnunet-unindex</tt>.");
-W("A more elaborate mechanism that uses libextractor to guess which keywords
could have been used still needs to be implemented.");
-W("In the future we also plan to time-out search-blocks to avoid the
search-space pollution.");
+W("The list of currently known bugs is available in the %s system.",
+ extlink_("https://gnunet.org/mantis/","Mantis";));
P();
-W("Another important aspect of <tt>gnunet-unindex</tt> is that it may unindex
blocks <b>shared</b> with other files or within the same file.");
-W("The reason is that blocks of identical content hash to the same identifier
and can thus not be distinguished by GNUnet.");
-W("For highly structured content it is possible in practice that two blocks
are identical.");
-W("GNUnet will then share the storage space for these two blocks.");
-W("When unindexing a file that contains such shared blocks, GNUnet can
currently not recognize the sharing and will remove the block even if it is
still used in another context.");
-W("The resulting inconsistencies can result in warnings from
<tt>gnunet-unindex</tt>, as well as in downloads that do not complete.");
-W("In general, <tt>gnunet-unindex</tt> should be used with caution.");
-
-
+W("Some bugs are occasionally reported directly to developers or the developer
mailing list.");
+W("This is discouraged since developers often do not have the time to feed
these bugs back into the Mantis database.");
+W("Please report bugs directly to the bug tracking system.");
+W("If you believe a bug is sensitive, you can set its view status to private
(this should be the exception).");
EP();
-ANCHOR("spam"); H3("How does GNUnet handle spam? or: what are namespaces and
directories good for?");
-BP();
-W("GNUnet′s ECRS encoding/query strategy doesn′t allow peers to
benefit from false replies.");
-W("Even small blocks of incorrect response data can be detected instantly,
resulting in no trust gain for the malicious node.");
-W("If you know the correct ECRS URI for the file you want, no intermediate
node can cheat by false replies.");
-W("However, this leaves the problem of obtaining the URIs in the first place,
and unfortunately if anyone can insert files under common keywords, false data
can be inserted as well.");
-W("There doesn′t seem to be any easy solution to this problem.");
-W("Ranking search results by trust could be one answer in the future.");
-W("Meanwhile, namespaces and directories are a step towards the nonspammable
direction.");
-P();
+ANCHOR("bugs");
+H4("How do I report a bug?");
-W("Inserting into a namespace requires the user to create a pseudonym first,
which is equal to a public/private key pair that identifies the namespace.");
-W("(One user can create any number of pseudonyms.)");
-W("Then, pointers to files or directories can be inserted into the
pseudonym′s namespace, signed by the private key of the pseudonym.");
-W("The signed blocks will be verified by each peer before the blocks are
accepted or passed along.");
-W("The verification works by checking the validity of the cryptographic
signature against the public key included in the namespace block, and by
checking that hashing the public key results in the correct namespace
identifier.");
-W("Thus, only the user with the private key to the namespace can publish into
it, making it a nonspammable, secure publishing channel that other users can
limit their searches to.");
-W("Its worth noting that naturally the pointers found from a namespace can
point to any files chosen by the pseudonym, even if the actual files were
inserted by someone else.");
-
-P();
-
-W("Directories are a good way to group files to meaningful collections in
GNUnet.");
-W("The directories can contain arbitrary number of pointers to namespaces
(SBlocks), pointers to other directories and pointers to files.");
-W("With directories, users can build networks of content, where not only
inserted files, but also interesting other content or namespaces can be pointed
to, just as in WWW.");
-W("Additionally, directories have two nice properties.");
-W("First, they are immutable, meaning that they can′t be tampered with,
but contain exactly those pointers the publisher intended.");
-W("The second property is that identical files pointed to by two directories
waste no additional space, even if the directories were built by separate
users.");
-W("This contrasts strongly to the case where similar files were archived by
e.g. zip or tar, which could double the space usage over the network
-without any speedups in retrieval time.");
-W("By using directories to group the content enables GNUnet to spread the
identical file blocks more efficiently.");
-
-P();
-
-W("For more info on using directories and namespaces, see GNUnet online
documentation, or man page of <tt>gnunet-insert</tt> for examples.");
-
-EP();
-ANCHOR("bugs"); H3("How do I report a bug?");
-
BP();
W("Good bug reports enable developers to find and hopefully fix problems
faster.");
W("Nobody can or will fix a “GNUnet does not work for me.” bug.");
@@ -714,53 +747,151 @@
echo "</dd>";
echo "</dl>";
EP();
-ANCHOR("knownbugs"); H3("Are there any known bugs?");
+
+
+H3("Common problems");
+
+ANCHOR("test");
+H4("I cannot find anything. How can I test if it works?");
BP();
-W("The list of currently known bugs is available in the %s system.",
- extlink_("https://gnunet.org/mantis/","Mantis";));
+W("How can I test if it works?");
+W("Searches can return no results if no matching content is found.");
+W("For a simple test, it is suggested to search for <tt>GPL</tt>.");
+W("The GNU Public License was inserted under that keyword on the permanent
node on <tt>gnunet.org</tt>.");
+W("This test may of course fail if <tt>gnunet.org</tt> is temporarily not
available.");
+W("Common other problems are:");
+EP();
+echo "<ul>\n";
+LI("firewall (UDP and TCP ports 2086 should be open)");
+LI("not connected (it may take a couple of minutes)");
+LI("typos (if you’re off by one letter, it won’t work)");
+echo "</ul>\n";
+BP();
+W("For a test of slightly larger scale, you can try to download another
“official” test content by searching for keyword <tt>alien</tt> or
go directly for the content using:");
P();
+PRE("$ gnunet-download -o "Aliensong.mpeg" --
gnunet://ecrs/chk/MN8P2LS383SRU0N68OPRBU28J0MIOPFS1BTA7K76SJUFONHHGE6LJ33PU45ASNUTGT4AP70LQUOSN79C2IODFA7D4IU0HR9K3ASIHE8.E561C1GJ1SR99AMBM7L87RF2HKGE8L7D6JLIUGT5G7UBDPCT1FNDCMV15T00LD0U92C6JE3M93JE23PJKVF2AJRHIB3VCIC41952DOO.3201028");
+P();
+W("Still not satisfied?");
+W("Use your imagination for guessing keywords, or try common mime-types as
keywords (such as <tt>application/pdf</tt>, <tt>application/x-zip</tt>,
<tt>image/jpeg</tt> or <tt>audio/mp3</tt>).");
+EP();
-W("Some bugs are occasionally reported directly to developers or the developer
mailing list.");
-W("This is discouraged since developers often do not have the time to feed
these bugs back into the Mantis database.");
-W("Please report bugs directly to the bug tracking system.");
-W("If you believe a bug is sensitive, you can set its view status to private
(this should be the exception).");
+ANCHOR("lastblocks");
+H4("Why is downloading the last few blocks so slow?");
+
+BP();
+W("Sometimes when downloading large files from GNUnet, it may take a long time
to get the last remaining blocks of the file.");
+W("This is often not an error, and if it happens, it does not automatically
mean that the blocks must have disappeared from the network (though that is
possible).");
+W("The explanation is as follows (its a bit technical).");
EP();
-ANCHOR("keywords"); H3("Is it possible to automatically enter keywords for
files?");
+echo "<ul>\n";
+LI("The system starts with a fairly low TTL and probes going higher each time
no response arrives.");
+LI("The last block is likely (as in always) to have been requested multiple
times without success (peer busy processing other requests, message-drops,
etc.).");
+LI("The TTL of the last block is always significantly higher than the
(successful) ttl of the first block.");
+LI("A higher TTL <em>also</em> means that the retransmission frequency is
lower, so GNUnet will also attempt to get that block less frequently.");
+LI("Finally, on occasion the peer may have depleted whatever initial trust it
had in the network by the time it gets to the last block, putting it into a
further disadvantage.");
+LI("Finally finally, a peer without trust only gets effective TTL of 0 (except
locally), so it will now compete with other queries (in particular queries
still in slots from the download; now, the routing table has a small resistance
(TTL_DECREMENT) before replacing a pending query with one with a higher TTL,
adding yet another 5s or so.");
+echo "</ul>\n";
+BP();
+W("To summarize, there are plenty of reasons why the download MUST go slower
at the end.");
+W("However, the GNUnet developers are still investigating ways to make it
faster.");
+EP();
+
+ANCHOR("delete");
+H4("<tt>gnunet-unindex</tt> behaves in unexpected ways.");
BP();
-W("GNUnet needs keywords such that other users can find the files.");
-W("Typing in lots of keywords is of course a major pain.");
-W("Other systems like gnutella typically just use the filenames.");
-W("Using filenames is not a good solution since they are not always very
descriptive and/or can be a pain to produce for the content provider in the
first place.");
-
+W("First of all, many things can go seemingly wrong with
<tt>gnunet-unindex</tt> and one has to understand what exactly
<tt>gnunet-unindex</tt> does to avoid pitfalls.");
+W("The first thing to recall is that <tt>gnunet-unindex</tt> only unindexes
blocks from the local database.");
+W("Blocks that have been replicated by other peers are not removed.");
+W("This is why it is possible that a file can still be available after running
<tt>gnunet-unindex</tt>.");
+W("Also <tt>gnunet-unindex</tt> does <b>not</b> unindex the search-blocks
associated with keywords.");
+W("Thus searching for the file will still list the file as if it was there.");
+W("Part of the reason for not removing the search-blocks is that the keywords
used when indexing are not known to <tt>gnunet-unindex</tt>.");
+W("A more elaborate mechanism that uses libextractor to guess which keywords
could have been used still needs to be implemented.");
+W("In the future we also plan to time-out search-blocks to avoid the
search-space pollution.");
P();
+W("Another important aspect of <tt>gnunet-unindex</tt> is that it may unindex
blocks <b>shared</b> with other files or within the same file.");
+W("The reason is that blocks of identical content hash to the same identifier
and can thus not be distinguished by GNUnet.");
+W("For highly structured content it is possible in practice that two blocks
are identical.");
+W("GNUnet will then share the storage space for these two blocks.");
+W("When unindexing a file that contains such shared blocks, GNUnet can
currently not recognize the sharing and will remove the block even if it is
still used in another context.");
+W("The resulting inconsistencies can result in warnings from
<tt>gnunet-unindex</tt>, as well as in downloads that do not complete.");
+W("In general, <tt>gnunet-unindex</tt> should be used with caution.");
+EP();
-W("GNUnet uses a better approach, which is <strong>keyword
extraction</strong>.");
-W("The library %s was developed for the purpose of extracting keywords from
arbitrary files.",
- extlink_("/libextractor/","libextractor"));
-W("If keywords can easily be extracted from your files, you don’t have
to supply keywords by hand.");
-W("<tt>libextractor</tt> can also use the filename as a source for keywords.");
+ANCHOR("tell");
+H4("How can I see which files I have indexed/inserted (names, descriptions,
keywords)?");
+BP();
+W("For building directories, GNUnet keeps track of all file identifiers that
it has so far encountered, including search results, inserted or indexed files
and files mentioned in downloaded directories.");
+W("This information is stored in plaintext to allow building of directories.");
+W("Users should run <tt>gnunet-directory -t</tt> to start tracking this
information.");
+W("Note that the data is kept locally in the GNUnet directory and never send
out into the network.");
+W("You can inspect the information with <tt>gnunet-directory -l</tt>.");
+W("It is probably a good idea to clean this database of your activities from
time to time.");
+W("You can run <tt>gnunet-directory -k</tt> to remove the information
collected so far (and to stop tracking).");
+W("Once that database has been cleaned, GNUnet can no longer tell which files
you inserted, but it can tell you which files are indexed.");
P();
+W("The reason why GNUnet can not tell you which files were inserted is the
same reason, why we distinguish between indexing and insertion: deniability.");
+W("The primary use of insertion is to give an adversary no easy way to figure
out what files are stored on your computer, and that under the assumption that
the adversary takes full control of you machine.");
+W("Thus, GNUnet was designed to not require any information that would allow
it to reconstruct the inserted file without the appropriate keyword (read:
password).");
+W("If the adversary already knows the exact content, it is still possible for
the adversary that has control of your machine to verify that the content is
present.");
+W("The best defence against that is to insert the content with a low priority
and to turn on <tt>ACTIVEMIGRATION</tt>.");
+W("Then you can plausibly claim that the content migrated to your node from
another peer, and that you had no way of knowing that it was there.");
+W("In either case, how well deniability serves you will depend on your local
court.");
+W("Since there are countries where breathing can get you into jail, saying
that you were not able to tell what your computer was storing may not be
sufficient.");
+W("Note that breaking your anonymity and taking control of your computer are
steps that the adversary needs to take first, before you need to resort to
deniability.");
+P();
+W("Indexed content is a slightly different story.");
+W("For indexed content, the goal for GNUnet is still to make it difficult for
the adversary to establish from which machine the content originates
(anonymity).");
+W("For indexed content GNUnet keeps links to the indexed files, typically in
<tt>/var/lib/GNUnet/data/shared/</tt>.");
+W("GNUnet uses the list to locate the block corresponding to a request.");
+W("Do NOT edit the directory by hand.");
+W("Use <tt>gnunet-unindex</tt> to remove files from the directory.");
+P();
+W("Also, do not move or change indexed files since GNUnet relies on the paths
of indexed files to be constant.");
+W("If you must move an indexed file, use first <tt>gnunet-unindex</tt>, then
move the file, and then use <tt>gnunet-insert</tt> to re-insert the file.");
+EP();
-W("If you have keywords in a file that should be extracted but the file format
is not supported by <tt>libextractor</tt>, the API of the library is be simple
enough that any C hacker who knows the file format should be able to code a
plugin that will allow you to extract the keywords.");
-W("If you just want filenames, <tt>libextractor</tt> can do those, too.");
+H3("Using GNUnet");
+
EP();
+ANCHOR("spam");
+H4("Why should I insert directories instead of individual files?");
-ANCHOR("framework");
-H3("Why did you change the project description from an anonymous file-sharing
network to a peer-to-peer framework?");
BP();
+W("GNUnet′s ECRS encoding/query strategy doesn′t allow peers to
benefit from false replies.");
+W("Even small blocks of incorrect response data can be detected instantly,
resulting in no trust gain for the malicious node.");
+W("If you know the correct ECRS URI for the file you want, no intermediate
node can cheat by false replies.");
+W("However, this leaves the problem of obtaining the URIs in the first place,
and unfortunately if anyone can insert files under common keywords, false data
can be inserted as well.");
+W("There doesn′t seem to be any easy solution to this problem.");
+W("Ranking search results by trust could be one answer in the future.");
+W("Meanwhile, namespaces and directories are a step towards the nonspammable
direction.");
+P();
+W("Inserting into a namespace requires the user to create a pseudonym first,
which is equal to a public/private key pair that identifies the namespace.");
+W("(One user can create any number of pseudonyms.)");
+W("Then, pointers to files or directories can be inserted into the
pseudonym′s namespace, signed by the private key of the pseudonym.");
+W("The signed blocks will be verified by each peer before the blocks are
accepted or passed along.");
+W("The verification works by checking the validity of the cryptographic
signature against the public key included in the namespace block, and by
checking that hashing the public key results in the correct namespace
identifier.");
+W("Thus, only the user with the private key to the namespace can publish into
it, making it a nonspammable, secure publishing channel that other users can
limit their searches to.");
+W("Its worth noting that naturally the pointers found from a namespace can
point to any files chosen by the pseudonym, even if the actual files were
inserted by someone else.");
+P();
+W("Directories are a good way to group files to meaningful collections in
GNUnet.");
+W("The directories can contain arbitrary number of pointers to namespaces
(SBlocks), pointers to other directories and pointers to files.");
+W("With directories, users can build networks of content, where not only
inserted files, but also interesting other content or namespaces can be pointed
to, just as in WWW.");
+W("Additionally, directories have two nice properties.");
+W("First, they are immutable, meaning that they can′t be tampered with,
but contain exactly those pointers the publisher intended.");
+W("The second property is that identical files pointed to by two directories
waste no additional space, even if the directories were built by separate
users.");
+W("This contrasts strongly to the case where similar files were archived by
e.g. zip or tar, which could double the space usage over the network
+without any speedups in retrieval time.");
+W("By using directories to group the content enables GNUnet to spread the
identical file blocks more efficiently.");
+P();
+W("For more info on using directories and namespaces, see GNUnet online
documentation, or man page of <tt>gnunet-insert</tt> for examples.");
+EP();
-W("First of all, the goal to provide the best anonymous file-sharing system
available is still on our minds.");
-W("Why we want GNUnet to become a framework actually follows this goal.");
-W("If other peer-to-peer applications use the GNUnet framework and tunnel
their traffic in link-to-link encrypted GNUnet channels, the traffic on the
GNUnet network and the number of participants increases -- which can boost
anonymity significantly.");
-W("Furthermore, additional applications would provide us with additional
programmers and testers which should make the core code even more solid.");
-W("Finally, we believe that certain general features of GNUnet, in particular
peer discovery, link-to-link encryption, authentication and transport layer
abstraction are going to be useful for other free software projects, so making
them easily accessible will benefit free software development as a whole.");
-W("Note that this works only for free software, GNUnet is released entirely
under the GPL, not the LGPL.");
-EP();
include("html_footer.php3");
?>
Modified: GNUnet-docs/WWW/hacking_afs.php3
===================================================================
--- GNUnet-docs/WWW/hacking_afs.php3 2006-05-05 07:54:38 UTC (rev 2735)
+++ GNUnet-docs/WWW/hacking_afs.php3 2006-05-05 09:29:39 UTC (rev 2736)
@@ -15,7 +15,7 @@
W("The major difference between GAP and DHT is that GAP is expected to achieve
anonymity whereas DHT is mostly concerned with performance.");
W("The user interface code consists mostly of straight-forward wrappers around
the FSUI and ECRS libraries.");
W("For a description of the user interface from the point of the user, see the
%s.",
- intlink_("user_afs.php3", "AFS user documentation"));
+ intlink_("user_afs.php3", "File-sharing user documentation"));
W("The FS module is what holds the file-sharing system together, connecting
ECRS, the SQSTORE, the local clients and the routing services.");
W("The FS module selects between the GAP and DHT routing services depending on
the desired level of anonymity.");
P();
Modified: GNUnet-docs/WWW/protocol_cs_afs.php3
===================================================================
--- GNUnet-docs/WWW/protocol_cs_afs.php3 2006-05-05 07:54:38 UTC (rev
2735)
+++ GNUnet-docs/WWW/protocol_cs_afs.php3 2006-05-05 09:29:39 UTC (rev
2736)
@@ -1,6 +1,6 @@
<?php
include("scripts.php3");
-$title = "GNUnet Documentation: AFS Client-to-Node protocol";
+$title = "GNUnet Documentation: File-Sharing Client-to-Node protocol";
$description="Protocol between client and node for (anonymous) file sharing";
include("html_header.php3");
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r2736 - GNUnet-docs/WWW,
grothoff <=