Scott Reimonenq
IFSM 430
The Freenet Project
The Freenet is a means to perpetuate the free flow of information while maintaining anonymity on the Internet. It is a computer system or environment that removes the control of that system by any one server i.e. Internet service provider or government agency. It uses a peer to peer network system and it turns the users personal computers into mini information servers that serve information requested by other users Providing anonymous use of information and no-one individual or group could know exactly where the information at any one time. The system will maintain its solidarity by systematically adding this information to every computer within the freenet that the information passes through. The user downloads the program, installs it, and allocates a portion of his or her hard drive to the use of the Freenet. It then encrypts that portion of the hard drive and they are ready to use the freenet. Some of the security issues involve governments, business and private sectors of information security. The government and business issue entails having secret information or intellectual property posted to the freenet that cannot be removed easily if at all from the freenet. The private sector issues are that of what the PC user is actually responsible for on his computer even if they have no idea what is store there. Also whether or not the information stored on a PC is actually untraceable over the network. There of course is probably many more security issues that could be exploited if put into the capable malicious hands of the Ueber hacker.
In the age of file sharing, peer-to-peer networks, and the current legal implications of Napster and Gnutella, due to copyright violations, there is a need for a new system or network that perpetuates the file sharing experience. The new network that has recently come out to fill this need is called the “Freenet Project”. This paper is a discussion of some of the security problems, or issues involved with this new form of file sharing. First discussing exactly what the “Freenet” is, and then moving through each of the security issues, which could occur with the use of the Freenet Project.
The Freenet is a means to perpetuate the flow of information in an age where copyrights and intellectual information rights are beginning to be strictly enforced. It is termed the freenet in an effort to appeal to the everyday netizen who wants to read information and obtain data, whether it is music files, unbiased opinions on the state of the union or any content that another person may want to post. It appeals to those that thoroughly believe in first amendment rights… that everyone has the right to freedom of speech; whether it is anonymous or not. As Ian Clark, the Freenet’s main inventor, states, “The Freenet is a system designed to allow the distribution of information on the Internet, in an efficient and anonymous manner. Much like a library -- a library where anyone can place books in the library, and anyone can borrow books from the library with complete anonymity”. The Freenet basically is a computer system or environment that removes the control of that system by any one server i.e. Internet service provider or government agency. It returns to the basic beginnings of the Internet with the use of a peer-to-peer network. As opposed to the Internet standard used today, which is mainly, a client to server based system. What it does, is it turns the users personal computers into mini information servers that then, serve up information requested by other users, and is maintained by a system of keys to identify different files and materials. It provides anonymous use of this information: in that no-one individual or group could know exactly where the information was obtained. In fact the system will maintain its solidarity by systematically adding this information to every computer within the freenet that the information passes through. In other words, a person requests a certain document from the freenet, and the document is four or five, “Freenet” computers away on the network. Each one of the computers receiving the information requested, saves a copy, and forwards it to the next computer until it reaches its final destination. The system may outwardly seem sort of awkward but it is not. In other words, with the regular internet; if a hundred people in America request the same document that is located in Europe that will travel under the Atlantic Ocean, via international phone lines, a hundred times. With Freenet it will only travel under once or twice. And then a copy will be stored locally in America, where it can be distributed to the other ninety-nine or ninety-eight people requesting it.” The main idea behind this is that if any one of the computers is removed from the network for any period of time, or even permanently, there would always be at least a few other computers that have the information, if it were to be requested. All of the computers on the freenet are used as servers and clients simultaneously. The user downloads the Freenet software and installs it. They will then allocate a portion of their hard drive to the Freenet’s control, and it in turn encrypts that section of the drive, to the point that the user of that PC cannot even see what is stored on their own hard drive, let alone allow anyone else to see it. The idea behind this is that if the user doesn’t know what is on his or her hard drive, then they “in theory” cannot be held liable for its contents. This of course promotes anonymity, in that no one knows where the information is coming from or where it is going, where it is stored or what computer it is accessed from. In the case of illegal content the user is not liable for what is on his or her computer, because they don’t even know that it’s in there.
The possible security issues that could be associated with the “Freenet project” are countless and limited only by the imagination of the person or many people willing to violate its boundaries. I am only going to talk about a few of the possible issues that I came up with as potential security situations. They are from two points of view; the first being that of a government, business or whoever has been unfortunate enough to have their own sensitive or secret materials posted to the freenet. The second is the view of the personal user who has opted to download the software and is using the project on his or her personal computer. This entails a couple of different situations that could possibly occur and would adversely affect the personal computer user. I would like to remind you; however that I am not a competent programmer skilled in finding security holes or searching for back doors in computer programs. I fear what exploits could be found in the hands of those who know what they are doing when it comes to these things. Probably limited only by the imagination of Hackers themselves.
The first situation where the Freenet could become a security issue is from the point of view of governments and businesses. For example, the United States Government could have sensitive material leaked out and some individual acquires the information and posts it to the freenet. Of course this information could be anything from President Bush’s personal phone number to the identities of secret agents that the United States has stationed throughout the world. The leaking of this information could ultimately be a detriment to America, and in a normal situation this wouldn’t be as devastating in the fact that the government could force an ISP to remove the material from their servers and prosecute whoever posted the information to the web. They can simply end the spread of this information by arresting the perpetrator for threatening national security. On the other hand under the Freenet project there is, in theory, no way to keep track of this potentially dangerous information, let alone know where it came from, or who posted it on the net. And an even larger problem would be trying to remove the information from all the computers it has been copied to. Some other ways that the Freenet could be dangerous is in the spread of a corporation’s trade secrets to the public, eliminating that company’s competitive edge, and removing its ability to compete in the market place. Opening the world to information that was only intended for the company and its personnel. There would be no possible way to get the information removed from the network.
The next critical security issue rests on the premise of whether or not the network is actually anonymous and that there is no way for the government to track where the information came from or where it was stored. What if there was a way to track the information that is located on the network. For example, the average Joe like’s the idea of peer to peer networks, so he downloads and installs the software. He allocates apportion of his hard drive to the Freenet and begins practicing the free-flow of information and exercises his right as an American to freedom of speech. Then one day some catastrophic event occurs, such as a terrorist bombing of a certain federal building or the assassination plot of someone like the Pope or the President. He thinks nothing of it and continues his activity on the Freenet. A little while later he is eating dinner with his wife and kids, and FBI agents kick down his door and come in his house, which they have been known to do, and he finds himself and his family held at gunpoint. The family is then given their Miranda rights and arrested for being connected to this atrocious conspiracy against society. Come to find out the FBI tracked incriminating documents, describing every aspect of how the act was to take place, to the man’s personal computer. So now Joe and his family’s names are plastered all over the news and are depicted as being this terrorist family that plotted this massacre of an innocent life or many lives for that matter. The man and his family are of course innocent but they can still be found guilty of terrorist activity solely because certain documents were saved to his computer.
Another issue pertaining to tracking is that of a specific piece of information. For example what if a certain document or even keywords could be picked out and followed around the network to see who is reading or searching for and downloading them from the network. Now anyone can simply be looking at the information, and this of course could evolve into a serious privacy issue.
The final and most
frightening security issue is focused on the part of hard disk space that has
been isolated, allocated, and encrypted for the freenet’s use. What if there
was a way for someone to plant a Trojan horse or whatever on someone’s personal
computer that in tern figures out how to get around the partition and can then
acquire full access to that person’s system.
Which could cause any number problems for the owner of the system. The
first is that perpetrators could use his or her computer as a doorway to other
systems in an effort to hack those systems and gain more exploits. And the
owner of the system could be blamed for the illegal activity coming through his
computer when he is actually completely oblivious to the activity. Another
problem could be where the attacker penetrates his system solely for the
purpose of harassment or extortion. I mean everybody has material on his or her
own computer that they don’t necessarily want the whole world to know about.
The hacker could get a hold of that material or information and threaten the
owner into paying money in order to keep quiet about it.
The affects of the Freenet
on the world, on governments, on corporations, and on the individuals could
amount to countless incidences in the spread of information that could be
detrimental to any one of these.
Governments or corporations could have sensitive or secret materials
spread uncontrollably around the Internet. An individual using the Freenet
could be blamed for that information somehow ending up on his computer. There
is also the possibility of the user computer being penetrated and exploited by
hackers in an attempt to use his or her computer as a starting point to other
exploits
As for myself I actually
downloaded the software for the Freenet project and ready to install and begin
practicing my right to freedom of speech. However after reading about the
system and fully analyzing the implications of using it I decided that it
wouldn’t be a really good idea. Now you can call me paranoid, but what actually
made me choose not to participate was the idea that there were no guarantees
that if some questionable material did end up on my computer, that I wouldn’t
get arrested. Also the idea that someone could possibly penetrate my own system
and look at all the questionable material that I have already acquired, and
hold it against me, has kept me from participating in the freenet project.
Again the Freenet Project is a peer-to-peer network that uses individual personal computers in a client/server environment to serve the network. Each individual participating on the Freenet has allocated a portion of his or her computer’s space or memory to its disposal. The Freenet was specifically designed to distribute information anonymously in the effort to illuminate the ability of any one entity, government or corporation, from either exploiting or prosecuting any of the Freenet’s users. The Freenet Project is an attempt to enhance the spread of information, whatever it may be, and to not be held liable for the consequences. In my own opinion its main purpose is to thumb its nose at the music industry and specifically, copyright law. In the likes of the Napster fiasco and to distribute even more material that is said to be controversial, whatever that may be. However there are some serious security issues that could be associated with use of the Freenet in regards to both the users of the network as well as to governments, corporation, or whoever is unfortunate enough to have their own personal or secret information posted on the network.