The original Freenet (with some focus on anonymity) is rebranded Hyphanet, and the new version (which does not offer built-in anonymity) is now the official Freenet. What a mess.
The new version will offer a choice of approaches to anonymity. I wouldn't call it a mess but there is 25 years of history to the project which does inevitably lead to some complexity. I summarize the naming situation here [1]
A mess is if you drop a cup of milk on the carpet.
Commandeering the name of a decades old and well-known project whose only remarkable feature is anonymity, and then not making anonymity integral to the new project, is like destroying the milk factory and telling everyone to drink orange juice instead.
Nothing has been destroyed—Hyphanet is still available at https://hyphanet.org/. Freenet's most remarkable feature is its use of a small-world network to achieve decentralization; anonymity systems weren't new even in 1999. A pluggable approach to anonymity is simply a better architecture.
Nor is this the first time Freenet has been redesigned; the last time was in 2005.
The notion that this is some sort of catastrophe is melodramatic. Rebrands and rearchitectures happen all the time, and in this case, for good reasons—reasons that critics of the decision always fail to address.
I summarize here [1], you can find more context here [2], and learn more about the differences here [3]. For a detailed explanation of the new design see the video talk above.
And haven't there already been at least two reasonably popular but incompatible versions before? I think 0.5 was still used for quite a while when 0.7 was around. They offered similar services and anonymity concepts though.
0.5 didn’t support a friend-to-friend structure, so the privacy protection possible with it was much lower than with 0.7 released in 2007. Since 2007 Freenet / Hyphanet stayed compatible with content from previous versions.
A summary of the changes since 2007 can be found in the presentation “Freenet / Hyphanet: the long game”:
Currently waiting for the new signing infrastructure for the Windows installer before turning the release to final.
Freenet 0.7.5 build 1498
This release resolves the last blocker for Freenet / Hyphanet 0.8 by
providing an official Debian package. Additionally it optimizes the
networking and data transfer core and provides many improvements for
website authors and user experience.
Starting with this release, Freenet / Hyphanet has an official Debian
package built automatically via github actions. This was the most
important [high-impact-task][] and the last release blocker of version
0.8 in our [Roadmap][]. Big thanks go to DC!
With this finally realized, the next step is to get in contact with
the many privacy focussed distributions which build on Debian to make
`hyphanet-fred` available where it is most important. Once this is
done, tools which build on Hyphanet — like FMS, but also jSite and
tools from pyFreenet — can be packaged to work out of the box, using
Hyphanet as an ordinary background service. That’s a step towards
Hyphanet as decentralized, privacy-preserving communication backend for
other applications.
Another step towards this is accepting the Schema hypha[net] to
simplify writing browser extensions that forward hypha:-links to
Hyphanet.
The networking layer was optimized significantly. Searching packet
types is often stopped early and common or cheaper checks are done
before less common or time-consuming checks. This gives significant
reductions of CPU load, especially for very fast nodes.
Juiceman fixed a bug limiting MTU to 1280 where not needed.
And recently failed and data not found cooldown times were reduced to
5 minutes and 3 minutes, reducing one of the big annoyances when
accessing a site quickly after upload.
On the data transfer layer, healing was optimized. After 1495 strongly
increased the amount of healing to keep large files available for
longer, 1498 specializes healing to keys close to the node location.
This reduces healing per file, but improves privacy, because healing
inserts are then more similar to forwarding — they mostly send data
close to the nodes location — and it reduces the network load of
healing, because the specialized healing inserts need fewer hops to
reach the optimal storage location in the network.
In addition to these changes deep down, there are a number of directly
visible improvements.
The plugins KeepAlive and Sharesite are updated (the latter now uses
the new Night Zen Garden style). The UPnP2 plugin is now visible in
simple mode. It can replace UPnP and should work better. On the
flipside the Library plugin is moved to advanced plugins, because it
does not work reliably enough.
The plugin list is easier to navigate by removing the defunct option
to download plugins from the clearnet and by adding better styling.
Downloading from the clearnet was an unnecessary privacy risk since
we’ve been bundling essential plugins with the installer for a few
years now.
The noderef for friend-to-friend connections is shown in simple mode
again, because it is robust enough with the changes in recent years.
This should remove a barrier to adding direct connections and enabling
fully confidential messages between friends.
There are new configuration options to allow connecting via local
services. That’s a step towards making it easy to add a second layer
of security, for example confining connections to a local network.
Thanks goes to s7r for these changes!
When bandwidth detection fails, the upload bandwidth now defaults to
160KiB/s. Also the NLM config is now disabled statically. This was a
testing setup which could still be active in old nodes, but it would
break connectivity nowadays.
The default bookmarks include the Opennet SeedNodes statistics,
the generate media site to create decentralized streaming sites, and
the high-impact-tasks. The bookmarks are also re-ordered to be a
better match for newcomers. Starting category: first steps, clean
spider, Index of Indexes. For the software category ordered by ease of
use from fproxy.
For website authors, more CSS elements, selectors and combinators
(`:checked`, `word-wrap: anywhere`, `focus-within`, `^=`, `$=`, `=`,
`>`, `+`, `~`) and additional HTML elements (`summary`, `details`,
`<meta name="Viewport"...>`) are available. This strongly expands the
possibilities of websites authors in Hyphanet, because Javascript or
webassembly are no viable options in an environment where a privacy
breach could put people at risk. We’ve seen with Java applets, that
untrusted code will always break out of its containment. The CSS
improvements in contrast provide a safe way to enable limited
interactivity.
Streaming support via m3u lists was improved to allow accessing
segments of up to 200MiB.
And using `-1` as version in a USK now properly finds version `0`, if
this is the only existing version.
There were a number of Java 21 fixes, including all our tests (thanks
to Bombe!), and improvement to the github actions (thanks to
AHOHNMYC).
In addition to that there was a lot of polish. Bert Massop and
Veniamin Fernandes replaced our homegrown CurrentTimeUTC with modern
Java options. Alex fixed the pronoun used in strings. Bombe added
getters for all direct field access in the node. Hiina reduced logging
level of store warnings so no unneeded backtraces are created for node
with large stores and Juiceman updated code to use more modern
structures.
Time-dependence of compressor selection was removed. This caused
non-determinism for inserts and could cause keys to be
non-reproducible on systems with faster or slower network.
And finally the new [exe signing workflow][] we built to fulfill the
requirements of SignPath, our new windows installer signing provider
for the upcoming releases, runs the [verify-build script][] on every
release to ensure that the jar we release has actually been built from
the sources. This provides a second safety net, in addition to
anonymous users running the script and posting the results (thanks to
all who did this — please keep it up, otherwise people have to fully
trust github). The release is not yet byte-by-byte reproducible,
because the jar MANIFEST defines among other info the exact java
version used to compile it, and the java version available differs by
distribution and time, so it would get harder over time to verify the
build.
A special thanks goes to Bombe for many careful reviews!