[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r913 - GNUnet-docs/WWW/test
|
From: |
durner |
|
Subject: |
[GNUnet-SVN] r913 - GNUnet-docs/WWW/test |
|
Date: |
Mon, 13 Jun 2005 12:48:22 -0700 (PDT) |
Author: durner
Date: 2005-06-13 12:48:19 -0700 (Mon, 13 Jun 2005)
New Revision: 913
Modified:
GNUnet-docs/WWW/test/faq.php3
Log:
Reformat FAQ
Modified: GNUnet-docs/WWW/test/faq.php3
===================================================================
--- GNUnet-docs/WWW/test/faq.php3 2005-06-13 19:33:42 UTC (rev 912)
+++ GNUnet-docs/WWW/test/faq.php3 2005-06-13 19:48:19 UTC (rev 913)
@@ -32,33 +32,36 @@
LIV(extlink_("#keywords","Is it possible to automatically enter keywords for
files?"));
LIV(extlink_("#framework","Why did you change the project description from an
anonymous file-sharing network to a peer-to-peer framework?"));
echo "</ul>\n";
-P();
H2("Answers");
-P();
ANCHOR("raq");H3("What do I do if my question is not answered here?");
+BP();
W("There are many other sources of information.");
W("You can read additional %s, ask the question on one of the %s or look at
the %s.",
ARRAY(intlink_("documentation.php3", "documentation"),
intlink_("mailinglist.php3","mailing lists"),
extlink_("http://www.angelfire.com/super2/duologue/gnunet/";,
"alternative FAQ")));
+EP();
ANCHOR("license");H3("Is the code free?");
+BP();
W("GNUnet is free software, available under the %s (GPL).",
extlink_("http://www.gnu.org/copyleft/gpl.html";,
"GNU Public License"));
W("We are a part of the %s.",
extlink_("http://www.gnu.org/","GNU project"));
-P();
+EP();
ANCHOR("next");H3("When are you going to release the next version?");
+BP();
W("The general answer is, when it is ready.");
W("A better answer may be, earlier if you contribute (test, debug, code,
document).");
W("Every release will be anounced on the %s mailing list and on %s.",
ARRAY(extlink_("http://mail.gnu.org/mailman/listinfo/info-gnunet","Announcements";),
extlink_("http://freshmeat.net/projects/gnunet/","freshmeat";)));
W("You can subscribe to the mailing list or to the project on freshmeat to
automatically receive a notification.");
-P();
+EP();
ANCHOR("gui");H3("Is there a GUI?");
+BP();
W("Yes, it’s called <tt>gnunet-gtk</tt>.");
W("The GUI supports searching, downloading and inserting files.");
W("Before starting <tt>gnunet-gtk</tt> you should start the GNUnet server,
<tt>gnunetd</tt>.");
@@ -66,57 +69,68 @@
P();
W("If you prefer the shell for everything, that’s easy, too.");
W("First, use <tt>gnunet-search</tt> to search for content:");
+EP();
PRE("# gnunet-search GPL\n" .
"gnunet-download -o "COPYING" --
gnunet://afs/N8RCF3TETLRU9CV1PAS7M2H9QDB36AE3.K9JO8IP7KTNFO23S3VB4TFUKLD7SO5AS.0466DC92.17992\n"
.
"=> The GNU Public License <= (mimetype: text/plain)");
+BP();
W("The output above is the result of searching for the keyword
“GPL”.");
W("<tt>gnunet-search</tt> will immediately start searching GNUnet and print
new results (no duplicates) to the screen.");
W("The first line is the information that is required to retrieve the file
(query-hash, key-hash, crc (in hex) and the size of the file, here 17992
bytes.");
-BR();
+P();
W("The second line contains a description of the file.");
W("In order to download the file, use");
+EP();
PRE("# gnunet-download -o "COPYING" --
gnunet://afs/N8RCF3TETLRU9CV1PAS7M2H9QDB36AE3.K9JO8IP7KTNFO23S3VB4TFUKLD7SO5AS.0466DC92.17992");
+BP();
W("where <tt>COPYING</tt> is the suggested filename.");
-BR();
+P();
W("If you want to add content to GNUnet, use");
+EP();
PRE("# gnunet-insert -f COPYING -D "The GNU Public License" -k GPL
-k COPYING -k Gnu -k GNU -k Public -k License -m text/plain -k FSF");
+BP();
W("where <tt>COPYING</tt> is the filename and the arguments are the
description of the file (in quotation marks) followed by a list of keywords.");
-P();
+EP();
ANCHOR("GNUweb");H3("Is it possible to use GNUnet via a browser as an
anonymous WWW?");
+BP();
W("There is currently no proxy (like fproxy in Freenet) for GNUnet that would
make it accessible with a browser.");
W("It is possible to build such a proxy and all one needs to know is the
protocol used between browser and proxy and a swift look at the sources in
<tt>src/applications/afs/tools/</tt>.");
-BR();
+P();
W("The real question is, whether or not this is a good idea.");
W("In order to achieve anonymity, the AFS file sharing service implemented on
top of GNUnet has a much higher latency than the WWW.");
W("Thus, the experience of browsing the web will usually be hindered
significantly by these delays (potentially several minutes per page!).");
-BR();
+P();
W("If you still want to write a proxy, you are welcome to send us code and
join the developer team.");
-P();
+EP();
ANCHOR("test");H3("I cannot find anything. How can I test if it works?");
+BP();
W("How can I test if it works?");
W("Searches can return no results if no matching content is found.");
W("For a simple test, it is suggested to search for <tt>GPL</tt>.");
W("The GNU Public License was inserted under that keyword on the permanent
node on <tt>gnunet.org</tt>.");
W("This test may of course fail if <tt>gnunet.org</tt> is temporarily not
available.");
W("Common other problems are:");
+EP();
echo "<ul>\n";
LI("firewall (UDP and TCP ports 2086 should be open)");
LI("not connected (it may take a couple of minutes)");
LI("typos (if you’re off by one letter, it won’t work)");
echo "</ul>\n";
-P();
+BP();
W("For a test of slightly larger scale, you can try to download another
“official” test content by searching for keyword <tt>alien</tt> or
go directly for the content using:");
+EP();
PRE("# gnunet-download -o "Aliensong.mpeg" --
gnunet://afs/UFOO2C84BUC11HMHBKVJOI9380DKGBQL.EGT78G1J9CR74PCK16EQ2BIFPL0ERISN.7A1AC901.3201028");
-P();
+BP();
W("Still not satisfied?");
W("Use your imagination for guessing keywords, or try common mime-types as
keywords (such as <tt>application/pdf</tt>, <tt>application/x-zip</tt>,
<tt>image/jpeg</tt> or <tt>audio/mp3</tt>).");
-P();
+EP();
ANCHOR("tell"); H3("How can I see which files I have indexed/inserted (names,
descriptions, keywords)?");
+BP();
W("For building directories, GNUnet keeps track of all file identifiers that
it has so far encountered, including search results, inserted or indexed files
and files mentioned in downloaded directories.");
W("This information is stored in plaintext to allow building of directories.");
W("Users should run <tt>gnunet-directory -A</tt> to remove that information.");
@@ -134,7 +148,7 @@
W("In either case, how well deniability serves you will depend on your local
court.");
W("Since there are countries where breathing can get you into jail, saying
that you were not able to tell what your computer was storing may not be
sufficient.");
W("Note that breaking your anonymity and taking control of your computer are
steps that the adversary needs to take first, before you need to resort to
deniability.");
-BR();
+P();
W("Indexed content is a slightly different story.");
W("For indexed content, the goal for GNUnet is still to make it difficult for
the adversary to establish from which machine the content originates
(anonymity).");
W("For indexed content GNUnet keeps a list of the indexed files, typically in
<tt>~/.gnunet/data/afs/database.list</tt>.");
@@ -147,8 +161,9 @@
W("If you must move an indexed file, use first <tt>gnunet-delete</tt>, then
move the file, and then use <tt>gnunet-insert</tt> to re-insert the file.");
// W("Or, alternatively, implement <tt>gnunet-move</tt> and submit the patch
:-).");
-P();
+EP();
ANCHOR("compare"); H3("How does GNUnet compare to other file-sharing
applications?");
+BP();
W("As opposed to Napster and Gnutella, GNUnet was designed with security in
mind as the highest priority.");
W("We intend on producing a network with high security guarantees.");
W("Napster and Gnutella are open to a wide variety of attacks, and users have
little privacy.");
@@ -161,6 +176,7 @@
W("If you find any flaws, please let us know.");
W("Finally, the table is not saying much (it is hard to compare these systems
this briefly), so if you want the real differences, read the %s (and probably
the code).",
intlink_("papers.php3","research papers"));
+EP();
?>
<center>
<table border=5>
@@ -267,7 +283,7 @@
</table>
</center>
<?php
-P();
+
/* Q: How about modularity (adaptation for new uses, besides file
sharing) and block size, in the previous table ? - IW
Re: Well, Freenet has been adapted for lots of new uses,
@@ -277,11 +293,12 @@
at this point. */
ANCHOR("anonymity"); H3("What do you mean by “anonymity”?");
+BP();
W("Anonymity is the lack of distinction of an individual from a (large)
group.");
W("A central goal for GNUnet AFS is to make all users (peers) form a group and
to make communications in that group anonymous, that is, nobody (but the
initiator) should be able to tell which of the peers in the group originated
the message.");
W("It should be impossible for an adversary to distinguish between the
originating peer and all other peers.");
W("In particular, even peers should not be able to recognize from which node
the message originated.");
-BR();
+P();
W("Of course, in practice, it may be possible for a powerful adversary to do
some analysis and potentially assign higher probabilities for being the
originator of a message to a subset of the peers.");
W("AFS tries to make this as hard as possible (see %s).",
extlink_("download/aff.ps","our paper on anonymity"));
@@ -292,13 +309,14 @@
W("The sender and the intermediaries are unable to determine the actual
contents.");
W("Since content migrates in the network, the originator of the content can
often plausibly deny knowledge of the contents since the content could have
migrated to the peer, making the originator indistinguishable from an
intermediary.");
W("Since intermediaries have no means of decrypting the content and are (in
all sane legal systems) thus not legally responsible for them (if you use the
Internet to send an encrypted E-mail, your Internet Service Provider (ISP) will
typically not be held responsible for the content that its servers transmit; in
GNUnet, every peer plays the role of an ISP, providing Internet services to
other peers).");
-P();
+EP();
ANCHOR("accounting");H3("How does “accounting” work?");
+BP();
W("GNUnet is based on a trust-based economic model.");
W("Each node is forming an <em>opinion</em> on all the other nodes it is in
contact with.");
W("Depending on that opinion, the node will decide which requests it will
honor.");
-BR();
+P();
W("As long as a node is not busy, it will typically serve all requests, using
excess resources to gain popularity.");
W("If it gets busy, it will drop requests from nodes that the local node
trusts least.");
W("How busy a node can get (bandwidth and CPU wise) is up to the user to
configure.");
@@ -309,57 +327,59 @@
intlink_("encoding.php3","encoding page")));
-BR();
+P();
W("The economic model is designed in a way that the damage that a malicious
node can do is bounded by the formula");
echo "<center>";
W("damage - contribution < capacity + epsilon");
echo "</center>";
W("where contribution is the amount of resources the node has given to GNUnet,
capacity is the network capacity of the malicious node (it is impossible to
keep a node from causing as much traffic as its own connection can support;
yet, unlike other networks, that traffic is <em>not</em> multiplied by other
nodes).");
W("Epsilon is a number smaller than the excess capacity of the network,
whereas the excess capacity of the network are wasted resources (idle CPUs,
idle network connections).");
-P();
+EP();
ANCHOR("shapers");H3("Why should I not use an external traffic shaper?");
-
+BP();
W("GNUnet %s decides who to serve when the system is loaded.",
extlink_("#accounting","accounting"));
W("Packets are sent and dropped based on their priority and current load.");
W("External shapers (like <em>token bucket filter</em>) can’t make this
distinction and treat all GNUnet traffic as equal.");
W("You should set GNUnets internal bandwidth limits to reflect your true
configuration and what you can afford and <em>not use any external shaping for
GNUnet</em>.");
W("It’s much better to have the limits tight inside GNUnet than outside
it.");
-P();
+EP();
ANCHOR("firewall");H3("How do I have to configure my firewall?");
+BP();
W("GNUnet uses port 2086 by default.");
W("Configure your packet filter to accept packets to port 2086 if the GNUnet
background process gnunetd is running on the same machine.");
W("If your firewall is a NAT box, forward packets to port 2086 to your GNUnet
machine and tweak the configuration file gnunet.conf (Sections NETWORK, LOAD,
UDP, TCP and NAT).");
W("Port 2087 is used for communication between gnunetd and the client tools as
gnunet-gtk, gnunet-search etc.");
W("It must not be exposed to the internet.");
-P();
+EP();
ANCHOR("speed"); H3("Isn’t all this encryption going to make things
totally slow?");
-
+BP();
W("The answer to this is, that encryption is incredibly fast.");
W("GNUnet uses mostly blowfish, a very fast and secure cipher.");
W("What really often makes AFS slow are artificial delays that were introduced
to make timing analysis hard and to group messages into larger packets.");
W("The best illustration for this is the following timing results obtained by
inserting and downloading a 3 MB binary from the local host (no real networking
involved, only loopback).");
W("Insertion takes (on a Celeron 667, 400 MB RAM):");
-BR();
+EP();
PRE("real 3m38.954s\n" .
"user 0m2.450s\n" .
"sys 0m0.410s");
-BR();
+BP();
W("For the download, it takes:");
-BR();
+EP();
PRE("real 0m13.796s\n" .
"user 0m2.150s\n" .
"sys 0m0.660s");
+BP();
W("As you can see, the <em>user</em> CPU usage (how much is actually used) is
miniscule compared to the <em>real</em> time that it took to download the
file.");
W("The real time is longer because the harddrive could not perform the random
accesses to the GNUnet databases any faster.");
W("The good news is, that as long as there is a difference between
<em>real</em> and <em>user</em>, increasing the load on the network will not
slow GNUnet down (in fact, it may make it faster because anonymity requires us
to delay messages if the amount of traffic on the network is low).");
-BR();
+P();
W("The same basically applies also for the network load.");
W("It can take quite a while to download a file from the network, even if the
connection is 10 MBit, the file may come in at a few kb per second.");
@@ -388,13 +408,15 @@
W("While peer-to-peer networks can theoretically provide better performance
than dedicated servers, their true strength lies in the possibility of being
anarchistic: low administrative overhead, anonymity, no single point of
failure.");
W("Complete decentralization is very costly and we should thus not expect to
outperform the centralized solution, especially not if we also want
anonymity.");
-P();
+EP();
ANCHOR("lastblocks"); H3("Why is downloading the last few blocks so slow?");
+BP();
W("Sometimes when downloading large files from GNUnet AFS, it may take a long
time to get the last remaining blocks of the file.");
W("This is often not an error, and if it happens, it does not automatically
mean that the blocks must have disappeared from the network (though that is
possible).");
W("The explanation is as follows (its a bit technical).");
+EP();
echo "<ul>\n";
LI("The system starts with a fairly low TTL and probes going higher each time
no response arrives.");
LI("The last block is likely (as in always) to have been requested multiple
times without success (peer busy processing other requests, message-drops,
etc.).");
@@ -403,18 +425,19 @@
LI("Finally, on occasion the peer may have depleted whatever initial trust it
had in the network by the time it gets to the last block, putting it into a
further disadvantage.");
LI("Finally finally, a peer without trust only gets effective TTL of 0 (except
locally), so it will now compete with other queries (in particular queries
still in slots from the download; now, the routing table has a small resistance
(TTL_DECREMENT) before replacing a pending query with one with a higher TTL,
adding yet another 5s or so.");
echo "</ul>\n";
-BR();
+BP();
W("To summarize, there are plenty of reasons why the download MUST go slower
at the end.");
W("However, the GNUnet developers are still investigating ways to make it
faster.");
-P();
+EP();
ANCHOR("attacks"); H3("Are there any known attacks?");
+BP();
W("Generally, there is the possibility of a known plaintext attack on
keywords, but since the user has control over the keywords that are associated
with the content he inserts, the user can take advantage of the same techniques
used to generate reasonable passwords to defend against such an attack.");
W("In any event, we are not trying to <i>hide</i> content; thus, unless the
user is trying to insert information into the network that can only be shared
with a small group of people, there is no real reason to try to obfuscate the
content by choosing a difficult keyword anyway.");
W("Note that it is not necessary to use keywords (or even intelligible
keywords) at all.");
W("The file identifiers (two hash codes, filesize and crc) can also be shared
off-band.");
-
+P();
W("Most attacks on anonymity involve a resource battle between the attacker
and the victim.");
W("If the attacker has significantly more resources (bandwidth, control over
Internet routers, many peers), anonymity can theoretically always be broken.");
W("In fact, this applies to all other systems that provide anonymity.");
@@ -425,10 +448,11 @@
W("Since this is a project in development, you can find a list of problems or
report them using the %s system.",
extlink_("https://gnunet.org/mantis/","Mantis";));
-P();
+EP();
ANCHOR("platform"); H3("On which platforms does GNUnet run?");
+BP();
W("GNUnet is being developed and tested under GNU/Linux for i386.");
W("The current CVS version and version 0.3.2 and higher have been reported to
work under Solaris, FreeBSD, NetBSD and OpenBSD.");
W("Since 0.4.1, GNUnet should also work on big-endian architectures, 0.4.2 has
been reported to work on Linux/PPC and Solaris.");
@@ -437,10 +461,11 @@
W("Patches to make it work on other platforms are always appreciated.");
W("If you had success running GNUnet on any other platform, please report!");
-P();
+EP();
ANCHOR("hostkey"); H3("CRC error: the deleted hostkey problem.");
+BP();
W("Under certain circumstances, <tt>gnunetd</tt> will print warnings
indicating CRC errors in messages that were received from other nodes.");
W("This is most of the time not a bug and not a problem.");
W("Everything is working ok.");
@@ -449,7 +474,7 @@
W("When hosts start, they look at the <tt>data/hosts/</tt> directory looking
for keys and addresses of other nodes on the network.");
W("It will then cryptographically sign its current network address (say IP and
port) together with a timestamp and send this, together with the public key of
the node, to other nodes on the network.");
-BR();
+P();
W("Later, nodes will use this binding of key to address to communicate.");
W("The binding of a public key to an address would ideally be a one-on-one
relationship.");
@@ -464,24 +489,26 @@
W("The reason why we can’t avoid this (ok, we could just not print the
error message, but that’s not the point), is that a malicious host could
always claim to have any address on the internet.");
W("If we have two public keys for the same host, the best we can do is try out
both.");
-BR();
+P();
W("Checking both is very cheap, and after a while (depending on the timeout
configured in gnunet.conf), hostkeys will eventually expire.");
-BR();
+P();
W("You may also receive messages that will print CRC errors from clients that
run versions of GNUnet before 0.7.0 (version mismatch).");
W("Finally, if two nodes simultaneously perform a sessionkey exchange (A sends
a new key to B and B at the same time sends a new key to A), there might be a
short period of time where the nodes disagree on which key is the correct one,
also causing CRC errors (the probability of this happening is very low, and we
do use a timestamp in the SKEY message and use it to see which key is more
recent, but there is still a very small probability that both nodes really send
it at the same point in time).");
-P();
+EP();
ANCHOR("database"); H3("What is the right database for me?");
+BP();
W("If you are not experienced with databases or GNUnet, you should stick to
the default which is <tt>sqlite</tt>.");
W("The <tt>mysql</tt> module requires manual setup, which is described %s.",
extlink_("user_afs.php3#mysql","here"));
W("<tt>mysql</tt> has good performance and the database can be repaired from
internal failures, but its more difficult to install than any of the
alternatives.");
-P();
+EP();
ANCHOR("delete"); H3("<tt>gnunet-delete</tt> behaves in unexpected ways.");
+BP();
W("First of all, many things can go seemingly wrong with
<tt>gnunet-delete</tt> and one has to understand what exactly
<tt>gnunet-delete</tt> does to avoid pitfalls.");
W("The first thing to recall is that <tt>gnunet-delete</tt> only deletes
blocks from the local database.");
W("Blocks that have been replicated by other peers are not removed.");
@@ -502,9 +529,10 @@
-P();
+EP();
ANCHOR("spam"); H3("How does GNUnet handle spam? or: what are namespaces and
directories good for?");
+BP();
W("GNUnet′s ECRS encoding/query strategy doesn′t allow peers to
benefit from false replies.");
W("Even small blocks of incorrect response data can be detected instantly,
resulting in no trust gain for the malicious node.");
W("If you know the correct ECRS URI for the file you want, no intermediate
node can cheat by false replies.");
@@ -540,16 +568,19 @@
W("For more info on using directories and namespaces, see GNUnet online
documentation, or man page of <tt>gnunet-insert</tt> for examples.");
-P();
+EP();
ANCHOR("bugs"); H3("How do I report a bug?");
+BP();
W("Good bug reports enable developers to find and hopefully fix problems
faster.");
W("Nobody can or will fix a “GNUnet does not work for me.” bug.");
W("Please try to follow the following guidelines as far as they are applicable
to the bug at hand.");
+EP();
echo "<dl>\n";
DT("Use our bug-tracking system");
echo "<dd>";
+BP();
W("You should use the %s system for any bug reporting.",
extlink_("https://gnunet.org/mantis/","Mantis";));
W("Also, please check first if a bug has already been reported.");
@@ -650,9 +681,10 @@
extlink_("mailto:address@hidden","address@hidden";));
echo "</dd>";
echo "</dl>";
-P();
+EP();
ANCHOR("knownbugs"); H3("Are there any known bugs?");
+BP();
W("The list of currently known bugs is available in the %s system.",
extlink_("https://gnunet.org/mantis/","Mantis";));
P();
@@ -662,31 +694,32 @@
W("Please report bugs directly to the bug tracking system.");
W("If you believe a bug is sensitive, you can set its view status to private
(this should be the exception).");
-P();
+EP();
ANCHOR("keywords"); H3("Is it possible to automatically enter keywords for
files?");
+BP();
W("GNUnet needs keywords such that other users can find the files.");
W("Typing in lots of keywords is of course a major pain.");
W("Other systems like Gnutella typically just use the filenames.");
W("Using filenames is not a good solution since they are not always very
descriptive and/or can be a pain to produce for the content provider in the
first place.");
-BR();
+P();
W("GNUnet uses a better approach, which is <strong>keyword
extraction</strong>.");
W("The library %s was developed for the purpose of extracting keywords from
arbitrary files. If keywords can easily be extracted from your files, you
don’t have to supply keywords by hand.",
extlink_("/libextractor/","libextractor"));
W("libextractor can also use the filename as a source for keywords.");
-BR();
+P();
W("If you have keywords in a file that should be extracted but the file format
is not supported by libextractor, the API of the library is be simple enough
that any C hacker who knows the file format should be able to code a plugin
that will allow you to extract the keywords.");
W("If you just want filenames, <tt>libextractor</tt> can do those, too.");
-P();
+EP();
ANCHOR("framework");
H3("Why did you change the project description from an anonymous file-sharing
network to a peer-to-peer framework?");
-P();
+BP();
W("First of all, the goal to provide the best anonymous file-sharing system
available is still on our minds.");
W("Why we want GNUnet to become a framework actually follows this goal.");
@@ -695,5 +728,6 @@
W("Finally, we believe that certain general features of GNUnet, in particular
peer discovery, link-to-link encryption, authentication and transport layer
abstraction are going to be useful for other free software projects, so making
them easily accessible will benefit free software development as a whole.");
W("Note that this works only for free software, GNUnet is released entirely
under the GPL, not the LGPL.");
+EP();
include("html_footer.php3");
?>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r913 - GNUnet-docs/WWW/test,
durner <=