Freenet for Journalists, funding proposal

This is a funding proposal I sent to Open Technology Fund to make Freenet suitable for Journalists and their sources. Sadly it got rejected, but maybe it helps future proposals.

Project name: Freenet for Journalists
Duration: 24 months
Amount: 800000
Contact name: Arne Babenhauserheide
Contact email: arne_bab -ät- web -punkt- de

Descriptors

• Status: It's basically done. (Release)
• Focus: Privacy enhancement
• Objective(s): Advocacy, Technology development, Deploying technology, Training
• Beneficiaries: General public, Sexual minorities, Activists, Journalists, Advocacy groups/NGOs, Technologists, Entrepreneurs
• Addressed problems: Restrictive Internet filtering by technical methods (IP blocking, DNS filtering, TCP RST, DPI, etc.), Blocking, filtering, or modification of political, social, and/or religious content (including apps), Technical attacks against government critics, journalists, and/or human rights organizations (Cyberattacks), Physical intimidation, arrest, violence (including device seizure or destruction), and death for political or social reasons, Repressive surveillance or monitoring of communication, Policies, laws, or directives that increase surveillance, censorship, and punishment, Government practices that hold intermediaries (social networks or ISPs) liable for user content
• Technology attributes: User interface/experience, Anonymity, Cryptography, Desktop client, Desktop App, Sensitive data, Networking
• Region: Global

Project description

Freenet is the only tool to date which addresses all technical requirements for freedom of the press:

• Confidential communication between sources and journalists while hiding that communication is taking place,
• Keep journalists independent from large publishers (no need to secure a public server) and
• Asynchronous usage for sources without exposing at any centralized place that Freenet is used.

However, despite providing the technical foundation for real freedom of the press, Freenet is much too hard to use. Solutions to its usability problems are known, but they need to be implemented, which requires considerable focused effort and coordination with journalists to ensure that the implemented solutions fit the requirements of journalists.

The Freenet for Journalists project is about this focused effort: Making the capabilities of Freenet usable for journalists and sources, so an employee at a military contractor who finds out about illegal activity no longer has to leave the country or rely on large media organizations before blowing the whistle (to stay safe from retribution of the employer).

Project how

Making Freenet easier to use for Journalists and whistleblowers requires technical work:

• maintain journalist site seamlessly: Enhance the Freereader and Sharewiki plugins.
• contact a journalist via the site easily: Increase the integration of the freemail plugin.
• use a traceless persistent pseudonym (QR or written key), integrated seamlessly into the main interface.
• one-click creation of a Freenet-stick for transient friend-to-friend connections: add connection over single-use tokens.
• invisible connections (steganography): Finish and merge the pluggable transports branch.
• grow the over android: Improve and expand the icicle app: http://loubo.co/icicle/
• a minimal security review (we are in contact with security researchers).

Also it requires coordination with and training for journalists to ensure that the workflows we enable integrate well with their workflows.

To tackle this, we asked Asher Wolf, original organizer of the crypto parties, whether she would join the team as community coordinator and trainer if we get funding. She said she would join up (but we need to have funding first: she has a child to support). Also we will collaborate with Glyn Moody who has 30 years of experience in journalism.

To increase user adoption, this project will tackle the main issues we identified as limiting adoption:

• mediocre user interface,
• the friend-to-friend mode—one of the unique selling points of Freenet—isn’t actually enjoyable to use yet,
• most useful features are not visible from the start and do not come pre-activated,
• there is no working debian package.

We are confident that with a team of at least three developers and a community-coordinator and trainer, we can realize that within two years. Plans for this are already made and we have the people, all we need is sufficient funding so we can lay down our day jobs and focus on doing what we believe is needed to regain confidential communication in the digitalspace.

Project who

The project is for Journalists and their sources.

It will allow people who aren’t yet under targeted surveillance to contact journalists without exposing their identity. It does not matter whether the journalist is under targeted surveillance.

Freenet as leaking platform makes journalists independent from large infrastructure. Journalists often write for several publishers, but platforms like SecureDrop bind them to centralized communication. They are a single point of failure. The same is true for services using Tor to anonymize sources: Here the journalist must run a server which can withstand serious attacks.

In Freenet all nodes in the system collaborate to allow exchanging information confidentially and pseudonymously without making any node a central point of failure.

The core design principle of Freenet is providing Freedom of the Press, and all its features derive from that principle:

• No censorship by threat: Pseudonymous publication with public/private key cryptography. And usage without leaving information that you use it at a known place: in the friend-to-friend mode Freenet only connects to people you know personally, while still providing a globally connected network in which you can access all content uploaded by all users. You can create a pseudonym and prove that all your articles are written by the same person.
• No censorship by choking commmunication: Decentralized spam resistance (beyond mere captchas) and long lifetime for files which are actually accessed: Whether you are the Guardian or a local Indian journalist, your articles stay available as long as people read them.
• No censorship by deleting information: If something has been uploaded into Freenet, it stays available as long as people access it regularly. All data is stored in encrypted chunks on the computers of its users. Those chunks can be reassembled using the public key, which is retrieved using the URL to the article someone wrote.

Project why

“There is now no shield from forced exposure…The foundation of Groklaw is over…the Internet is over” –Groklaw, Forced Exposure(2013-08-20)

The internet once broke the structural information control from the powerful and as such created the opportunity to strengthen democracy against existing concentrations of power. Total surveillance reverts this because it forces everyone to self-censor communication. There is no longer a way to communicate without exposing the physical identity to strong attackers. Even Tor users can be de-anonymized quickly, for example by breaking servers which provide the services.

Due to the pervasive infiltration of digital communication into day-to-day life, this affects analog communication more and more.

Other services like /TorChat/, /Signal/, /Globaleaks/ and /SecureDrop/ all require some degree of centralization and lack censorship-resistant anti-spam methods (Freenet already provides the latter, due to experiencing how anonymous communication breaks down when it lacks spam resistance). Additionally these other services contain vectors for censorship:

• Signal relies on /centralized servers/.
• Globaleaks and SecureDrop need to be run by an organization which can /keep dynamic websites secure on Tor/.
• TorChat can be blocked for a journalist by /basic spamming/ — or by a targeted DoS attack.

Freenet on the other hand is designed for asynchronous communication (without requiring both participants to be online at the same time). It implements communication features on a decentralized anonymizing datastore built on a friend-to-friend structure. This avoids the problems inherent in other solutions.

Other information

All of Freenet is Free Software licensed under GPL-compatible licenses. You can find additional information onhttps://freenetproject.org

The financial administration is managed by Freenet Project Inc., a US-based 503(c) non-profit. The project is financed by donations, from other organizations and from regular users. This proposal is sent on behalf of the community. The funding plan is cleared not only with other developers but also with the users.

This proposal is written for 800.000$ because many experienced Freenet developers are based in Europe and we cannot predict the exchange rate between Euro and Dollar, so we need to leave some room to ensure that we can pay the salaries if the Euro should become stronger.

For somewhat confidential inquiries, contact press@freenetproject.org (these will not be posted in a public place).

You can contact us publicly by sending an email to devl@freenetproject.org or by joining the IRC channel #freenet @irc.freenode.net

My GnuPG/PGP key (for arne_bab -ät- web -punkt- de) is available from http://draketo.de/inhalt/ich/pubkey.txt with the fingerprint 6B05 41F0 94FF 2163 6FBA 2433 3307 469B FE96C404

Freenet currently is at a point where the technical backend is working well and provides features not found in any other program, while the user interface suffers from a large number of annoyances. Different from new projects which have been emerging in the past years, Freenet does not need uncertain research or large reshaping to be suitable for a situation of ubiquious surveillance. What it needs are improvements in workflows and integration. These are tasks which can be done without facing much uncertainty, but they need focused effort.

To ensure sustainability we will keep development infrastructure distributed: Freenet must not be dependent upon infrastructure we use for this project. Freenet will continue after the project ends, so the features developed during the project will stay available.