I2P dev meeting, September 14, 2004

Quick recap

  • Present:

cat-a-puss, cervantes, deer, dm, fvw, hypercubus, interrupt, jrandom, korkakak, nicktastic, Nightblade,

Full IRC Log

14:06 < jrandom> 0) hi
14:06 < jrandom> 1)
14:06 < jrandom> 2) Threat model updates
14:06 < jrandom> 3) Website updates
14:06 < jrandom> 4) Roadmap
14:06 < jrandom> 5) Client apps
14:06 < jrandom> 6) ???
14:06 < jrandom> 0) hi
14:06  * jrandom waves
14:06 < cervantes> evening
14:06 < jrandom> weekly status notes posted to http://dev.i2p.net/pipermail/i2p/2004-September/000444.html
14:07 < jrandom> (before the meeting this time too ;)
14:07 < deer> <jrand0m> woah, 30 people over here
14:07 -!- Irssi: #i2p: Total of 21 nicks [0 ops, 0 halfops, 0 voices, 21 normal]
14:07 < jrandom> ok, anyway, lets jump right in to 1)
14:08 < jrandom> the release is out and things seem to be working more or less
14:09 < jrandom> i see a variety of connection times on irc, though in discussions with people, it seems there are congestion issues when e.g. downloading large files and using irc at the same time
14:09 < jrandom> are many people running into that?
14:10 < jrandom> i guess not
14:11 < cervantes> I've been doing various bandwidth tests recently and haven't encounter problems in that area yet...although I'm not using the bandwidth limiter
14:11  * nicktastic hasn't downloaded much since raiding alexandria weeks ago
14:11 < dm> I remember getting disconnect more often on IRC when I was using eepsites, but that was 2 months ago
14:11 < dm> disconnected
14:11 < dm> not sure if it still happens
14:11 < jrandom> ah, yeah, we need to harass the alexandria folks to give us more books :)
14:12 < Nightblade> thanks for keeping us up to date dm
14:12 < jrandom> i've had good luck w/ irc while downloading some large files from thetower, but, like cervantes, i dont have bandwidth limiting set
14:13 < jrandom> (though that router's bw average was a steady 11KBps at the time, while downloading 8KBps of music)
14:13  * nicktastic finds something to download
14:13  * jrandom watches your irc.duck.i2p connection quickly get dropped ;)
14:13 < jrandom> ok, anyway, does anyone have anything else they want to bring up wrt
14:14 < dm> Nightblade: hehe, no problem :)
14:14 < dm> jrandom: good work, ever onwards
14:14 < fvw> the installer is pretty? (not sure if that's new in .1?)
14:14 < jrandom> gracias dm
14:15 < jrandom> fvw: same as 0.4, but i agree, hyper did some great work there (as did our anonymous designer!)
14:15 < fvw> also, I'm not going to commit myself as to pretty _what_ it is :)
14:15 < jrandom> sonofabi...
14:16 < jrandom> ok, moving on to 2) Threat model updates
14:16 < cervantes> yes well done.. :) writing documentation always sucks 
14:17 < jrandom> yeah, it was a painful 2-3 days
14:17 < jrandom> i'm not sure if any of y'all have read http://www.i2p.net/how_threatmodel but if you ever want to know wtf we're talking about when we say "anonymous", thats what we mean
14:18 < jrandom> most of the categories there were just ripped from http://citeseer.ist.psu.edu/454354.html (linked to on the page)
14:18 < jrandom> there's a lot more i'd like to do in the threat model, but i just dont have the time.
14:18 < jrandom> i'd love to see a matrix of those threats vs cost of mounting them vs the type of user who cares about them
14:19 < jrandom> (e.g. joe sixpack does't care about global active adversaries)
14:19 < jrandom> so if anyone is bored... ;)
14:19 < cervantes> something that occurred to me whilst reading your doc... we need a decent glossary...
14:20 < fvw> doesn't he? joe sixpack likes to download mp3s...
14:20 < jrandom> someone just published one iirc...
14:20 < cervantes> really?
14:20 < cervantes> on an eep?
14:20 < jrandom> no, some research paper
14:20 < jrandom> its not on freehaven yet, lemmie dig it up
14:21 < jrandom> bugger, i dont seem to have my copy anymore.  
14:21 < jrandom> i'll try to track it down after the meeting
14:22 < cervantes> does it tackle i2p specific concepts to?
14:22 < jrandom> oh, no
14:22 < jrandom> its just a general glossary for anonymous networks, dealing with mixes, cascades, attackers, etc
14:22 < jrandom> no garlic routing or tunnels ;)
14:23 < cervantes> a nice single paragraph summary of all "in" buzzwords so people can quickly see the difference between onion and garlic routing (for example) withou having to read the whole "how" document
14:23 < jrandom> you realize a glossary would be larger than the how_* pages combined, right?  
14:23 < jrandom> but yeah, i agree, we should do that
14:23 < cervantes> sure... but.. ;)
14:23  * jrandom volunteers cervantes to work on it ;)
14:23  * dm concurs
14:23 < cervantes> hehe I don't know what half that shit means :)
14:24 < jrandom> write up what you do know and ask me questions
14:24 < cervantes> I'll have a crack at it
14:24 < jrandom> w00t!  cervantes++
14:24 < cervantes> if I put it on the forum then others can contribute...
14:24 < jrandom> good idea
14:24 < deer> * Pseudonym cheers
14:25 < cervantes> _but_ that doc you mentioned would be handy :o)
14:25 < dm> tunnel: artificial underground passage
14:25 < jrandom> agreed, i'll try to find it again
14:25 < cervantes> I'll do a special version for you dm
14:25 < dm> yay!
14:26 < jrandom> ok, anything else on the threat model, or shall we move on to 3) Website updates ?
14:27 < jrandom> ok, as anyone who has been to the site today has seen, Curiosity has come up with some nice usability updates
14:27 < dm> I think cervantes and I are the only ones still awake.
14:27 < korkakak> I think that in threat models
14:28 < korkakak> you should add some mixnetwork attacks
14:28 < jrandom> what sort of mix attacks?
14:28  * dm loads up www.i2p.net
14:28 < korkakak> like collusion attacks
14:28 < jrandom> thats the thing that sucks about the taxonomies i used.  they're all pretty much collusion attacks.
14:29 < korkakak> With mix attacks i mean attacks that may happen in a mix network
14:29 < korkakak> ah ok sorry
14:29 < jrandom> (and most can be used for either probabalistic or confirmation attacks, etc)
14:29 < dm> I like the increasing-in-size paragraphs. Helps drag people in. Far too technical for a front page though.
14:29 < korkakak> Another 5 cents from me: Can i2p detect a collusion automatically?
14:30 < jrandom> but if you have some suggestions for things we need to add, please, let me know
14:30 < jrandom> oh, definitely not.  we haven't imported morphmix's algorithms
14:30 < korkakak> I c
14:30 < korkakak> ok keep on
14:30 < jrandom> though theirs wouldn't really fly with us though, since we're a free route mixnet
14:31 < korkakak> Well yes and no
14:31 < korkakak> but it is ok. SOrry for the interrutp
14:32 < cat-a-puss> It might also be a good idea to mention up frount some of the obvious attacks that I2p is NOT vunerable to
14:32 < jrandom> hmm?  their algorithms are based off detecting the influence of colluding peers in the peer selection - within i2p, the local router explicitly defines the entire peer selection algorithm
14:33 < korkakak> I guess that this is true due to the size of todays network
14:33 < jrandom> ah, thats a good idea cat-a-puss, w/ MITM/etc.  would you be interested in posting up some ideas for that?
14:33 < cat-a-puss> sure
14:33 < dm> MITM?
14:33 < dm> Ah, man in the middle.
14:33 < jrandom> muchas gracias cat-a-puss!
14:34  * cervantes jots down MITM for the glossary
14:34 < jrandom> korkakak: hmm.  i'm not sure how that aspect is affected by the size of the net, but there may be things we can learn from morphmix's collusion detection, certainly
14:34 < jrandom> (perhaps wrt the netDb responses, for instance)
14:34 < korkakak> wrt = ?
14:35 < dm> hehee
14:35 < jrandom> sorry, with regards to
14:35 < dm> I know that one!
14:36 < jrandom> we would certainly benefit from more discussion on the threat model.  perhaps we can start up a thread on the list or in the forum?
14:36 < dm> "The result is that the number of peers relaying each end to end message is the absolute minimum necessary to meet both the sender's and the receiver's threat model."
14:36 < dm> I like this way of looking at it.
14:37 < dm> Although it's not true.
14:37 < jrandom> hmm?  
14:37 < jrandom> if both sender and receiver want only plausible deniability, they can talk directly
14:37 < jrandom> (etc)
14:37 < dm> The absolute minimum number of peers required to meet the threat model of A and B is the number of peers required by A or B, whichever has more stringent requirements :)
14:38 < jrandom> not true dm
14:38 < jrandom> if they both require 2 hop tunnels to defend against colluding attackers in their tunnels, they can't both have 1 hop tunnels
14:39 < dm> If A is willing to talk to someone with 10 indirections, and B is willing with 5, the minimum needed is 10, not 15!?
14:39 < jrandom> no, 15.  B shouldn't trust A's tunnels.
14:39 < dm> Yeah, he shouldn't.
14:39 < dm> But theoratically.. Anyway, stupid discussion. I like that sentence though.
14:40 < jrandom> its one of the more important design decisions in i2p ;)
14:40 < jrandom> anyway, back to 3) Website updates
14:41 < deer> <nicktastic> (fyi - irc dropped while downloading two large files, but latency to the server is as it was before the downloads started, so could've been a fluke (ungraceful shutdown somewhere?))
14:41 < jrandom> Curiosity and I discussed the length of the new homepage, and while we all agree that its a little long, its better than the old 1 liner
14:41 < cervantes> agreed
14:42 < jrandom> ah ok.  perhaps even network congestion while downloading, since the eepproxy and the irc client use the same I2P destination (by default)
14:42 < nicktastic> Aaah....
14:42 < jrandom> (so both would be trying to use the same pair of inbound tunnels)
14:42 < nicktastic> I was wondering why only one showed up
14:43 < jrandom> yeah, thats the default within I2PTunnel and the ministreaming lib.  perhaps if someone cares we can expose a way to configure that ;)
14:43 < nicktastic> sorry to interrupt
14:43 < deer> * Pseudonym cares
14:43 < dm> such polite lads we have in this room
14:43 < interrupt> you are forgiven
14:44 < interrupt> ;)
14:44  * nicktastic rolls eyes
14:44 < jrandom> patches welcome Pseudonym ;)  (naw, i'll see if i can find an easy way.. shouldnt be too hard)
14:44 < jrandom> ok, anyway
14:44 < deer> <Pseudonym> good, 'cause I don't know crap about how to code in java
14:45 < jrandom> there may be further website updates, but if anyone has any suggestions, please post 'em to the forum or the list, or point 'em out to Curiosity on irc and we'll get things rolling
14:45 < jrandom> anyone have anything they want to bring up wrt the website?
14:45 < cervantes> umm bouties perhaps
14:46 < cervantes> although maybe that's best saved for 5
14:46 < jrandom> prolly so
14:46 < jrandom> ok, moving on to 4) Roadmap
14:46 < jrandom> lots of updates.  see the email for info
14:47 < jrandom> (or look at the pretty gantt chart ;)
14:47 < dm> Was that done in MS Project?
14:47 < jrandom> http://ganttproject.sourceforge.net/
14:47 < cervantes> eerm gantt :)
14:47 < dm> oh.. gantt is a product. My bad.
14:48 < dm> Nice to see there are no dependencies in the roadmap.
14:48 < jrandom> i've posted a few different revs of the roadmap over the last few days, but this one seems to be solid
14:48 < cervantes> it's all dependant on jrandom ;-)
14:48  * jrandom whimpers
14:48 < fvw> 3.0 in febuary? Wow.
14:48 < jrandom> the 2.0 and 3.0 releases are really just 1 (big) feature each
14:48 < dm> Don't forget: exponential versioning
14:49 < jrandom> heh
14:49 < jrandom> yeah, we'll be 1183 by next july
14:50 < dm> Well, it's more interesting than the abritrary +0.1 per build of most projects, so I'm not complaining.
14:50 < jrandom> the 2.0 and 3.0 releases may be delayed to stay in line with other apps though.  e.g. 3.0 would work great with an email app
14:51 < jrandom> the release criteria for 1.0 has been the usual - functional, secure, scalable, and anonymous
14:51 < jrandom> thats why i moved the udp transport in, as our current tcp transport would shit bricks if we had a few thousand peers
14:51 < dm> so we should have a 0.9 - The Slashdot
14:51 < dm> if it survives we can check off scalable and move to 1.0
14:51 < jrandom> heh
14:52  * jrandom would rather grow organically, thankyouverymuch
14:52 < cervantes> we don't to tell _them_ about it
14:52 < cervantes> *don't want
14:52 < korkakak> btw may i say something about the global timing?
14:52 < cervantes> let them all stay on the internet while we move here
14:52 < jrandom> sure korkakak
14:53 < korkakak> As far as i am concerned you cannot simulate a synchronus network over an asynchronous
14:53 < korkakak> it is just bad design and should lead to network splits [i think] in the way it is used
14:54 < korkakak> as a timestamp for UDP packets
14:54 < jrandom> the timing is not synchronized for messaging, merely to help us know the freshness of data
14:54 < korkakak> yes that's the point
14:54 < jrandom> without knowing the freshness of the netDb entries, you're vulnerable to a whole slew of attacks
14:55 < korkakak> Yes
14:55 < korkakak> but imagine a growing network
14:55 < korkakak> a huge network
14:55 < jrandom> like the internet
14:55 < dm> bigger!
14:55 < fvw> two internets tied together with bits of string!
14:55 < jrandom> that has a network time protocol for scaling to such sizes... ;)
14:56 < korkakak> I don't think I understand your point but
14:56 < dm> korkakak: what are you trying to say?
14:57 < korkakak> that net splits may happend due to invalid timestamps
14:58  * dm is not sure how syncing works currently
14:58 < korkakak> the case is called localization effect [english translation from greek]
14:58 < deer> <soros> i hear i2p's anonymity has been cracked
14:59 < deer> <soros> true ?
14:59 < jrandom> i believe we can address the time sync issue the same way the NTP networks do.  there are a massive number of tier 2 and 3 NTP hosts, and while our current SNTP implementation is of course unsuitable for congested environments, there is no reason to believe time synchronization isn't possible
14:59 < jrandom> heh soros
14:59 < jrandom> soros: the thread you're referring to (someone else mentioned it to me) on devl was talking about JAP being compromised, not I2P.
15:00 < dm> so all I2P nodes must stay synced at all times for it to work?
15:00 < korkakak> NTP nets are synhcronus networks over synchronus networks ;-)
15:00 < jrandom> but if someone has a compromise for I2P, I would certainly love to hear about it
15:00 < deer> <soros> i have one but i'm keeping it a secret
15:00 < jrandom> at various levels of abstraction korkakak, sure.  my ethernet cable is synchronized too
15:01 < deer> <soros> :)
15:01 < jrandom> yes dm, synchronized to the network time
15:01 < korkakak> jrandom it is nick or korki :-)
15:01 < jrandom> (the point is that we dont use synchronous messaging)
15:01 < jrandom> :) 'k
15:01 < jrandom> (please dont be offended if i dont tell you my name ;)
15:02 < korkakak> No I am not
15:02 < dm> His name is Abdul
15:02 < jrandom> ok where were we
15:02 < nicktastic> 4)
15:03 < jrandom> ok right, thanks.  the roadmap
15:03 < jrandom> anyone have any concerns / ideas / suggestions?
15:03 < dm> so when you say some work is going to be done on the transport, do you mean reworking TCP, or moving to UDP?
15:04 < jrandom> UDP is 0.4.4
15:05 < dm> I thought I saw something about work on the transport layer
15:05 < dm> in the near future
15:05 < jrandom> yes, 0.4.1 will be a revamp of the TCP transport
15:05 < dm> why revamp TCP in 0.4.1 if going UDP in 0.4.4?
15:05 < dm> We'll need both?
15:05 < cervantes> only to point out that your are still the only resource in the project plan... ...are we suffering from a lack of contributors or just project fragmentation?
15:06 < jrandom> dm: some people cannot use UDP
15:06 < dm> firewalls?
15:06 < jrandom> cervantes: we certainly could parallelize many of those tasks with more contributors
15:07 < jrandom> (but the roadmap does not assume more)
15:07 < cervantes> so hopefully it represents the worse case scenario
15:07 < jrandom> there is however other important work going on not reflected on the roadmap, such as client mods, services on top of i2p, etc
15:08 < cervantes> asside from you being assassinated
15:08 < dm> I wish we could afford toad
15:08 < deer> <Pseudonym> now that 0.4 is out and pretty much working, should we announce somewhere (not necessarily /.) to try to increase the number of developers/testers/donors?
15:08 < jrandom> more contributors would certainly be welcome
15:08  * korkakak farewells all. REady to go to his bed. It is late at korkakak lands...
15:08 < korkakak> bye gayz
15:08 < cervantes> g'night
15:08 < jrandom> thanks for swinging by nick, ttyl
15:10 < dm> nite
15:10 < jrandom> a /. would probably be premature, but it would be good to bring new folks on board through other means
15:10 < dm> You're very open to Pseudonym's suggestion. I thought you were going to freak out.
15:10 < jrandom> but i think through word of mouth we're growing steadily
15:11 < deer> <Pseudonym> and if we do want to announce, where should we do it?
15:11 < jrandom> i dont think we should have any announcements yet, not till 1.0
15:11 < deer> <Pseudonym> seems like we could use an influx of cash/talent
15:11 < jrandom> but if you hear someone talking about how they wish there were some way to help do stuff anonymously, point 'em at i2p ;)
15:12 < deer> * DrWoo suggests a whisper campaign
15:12 < cervantes> we have a fair amount of unnallocated cash already...
15:12 < jrandom> we're an open team, but you only have one chance to make a first impression.
15:13 < cat-a-puss> I would not recomend going from no publicity to /. there needs to be an intermediate step to make sure we can handel the load
15:13 < deer> <Pseudonym> then we should allocate it to bounties we think are important
15:13 < dm> We need to hire a full-time dev or find someone REALLY REALLY bored
15:13 < jrandom> agreed.  i'd like to see at least 500 routers online prior
15:13 < jrandom> actually, y'all are moving us right along to 5) Client apps :)
15:14 < jrandom> we do have ~300 in the pot at the moment (well, almost, but thats another story)
15:14 < deer> <Pseudonym> any suggestions on what the intermediate step could be?
15:14 < jrandom> pseudonym: we can't have 1000s of nodes until 0.4.4
15:15 < jrandom> (and we'd want to stress test the net out first)
15:15 < fvw> Actually, we probably can on most unices. Needs adjusting the rlimits though.
15:15 < jrandom> right right
15:15 < jrandom> it'd be painful, anyway ;)
15:16 < deer> <Pseudonym> right. so no /. but it seems like there should be somewhere we can get a couple hundred
15:16 < jrandom> we can do larger sims though
15:16 < deer> <Pseudonym> does anyone know someone at the EFF? maybe they have a mailing list
15:17 < jrandom> yeah, i've spoken with some eff folks about some things
15:17 < fvw> I  think any announcement will cause it to filter through to slashdot. I agree with jrandom, a little waiting isn't bad at this time.
15:18 < dm> you have to be aware that if you hit 200-300 nodes, you're most likely to get an automatic /. mention ;)
15:18 < jrandom> (especially since we've been going for ~ 15 months already)
15:18 < dm> critical mass/hype and all that
15:18 < jrandom> well, thats also another thing that leads in to 5) Client apps
15:19 < jrandom> i'm watching some stats and it seems probably 1/4th of the routers out there aren't even really doing any client activity
15:19 < jrandom> which is great and wonderful that people are willing to donate their resources to act as I2P routers, but its too bad that we dont have something to suck them in :)
15:19 < fvw> Yeah, I'd like to do a proper chat app (as in irc, but in a way that makes sense for i2p), but this is very much a long term thing, no time the next few months...
15:20 < jrandom> we have had an influx of kickass eepsites recently though
15:20 < jrandom> ah cool fvw
15:20 < cervantes> many people run more than 1 router though
15:20 < jrandom> a solid IM/group chat for I2P would certainly rule
15:20 < nicktastic> fvw: Instant messenger with multi-user chat, perhaps?
15:20 < deer> <mrflibble> dudes, in, how do i allow the router to listen on more than just localhost?
15:20 < cat-a-puss> hey, could someone write a gaim plugin? that would be a good way to do it
15:20 < jrandom> right cervantes 
15:20 < cervantes> they maybe use 1 for apps...and donate the others
15:21 < jrandom> mrflibble: http://localhost:7657/i2ptunnel/ to configure the http and irc proxies to listen on "any interface"
15:21 < fvw> which reminds me: could we do something multicastish for outbound tunnels? ie have one message delivered to multiple inbouds?
15:21 < nicktastic> cat-a-puss: Certainly possible
15:21 < fvw> yeah, in essence there's not much difference between irc and im, apart from the user interface.
15:22 < jrandom> fvw: yes and no.  it wouldn't offer much savings (as messages are end to end encrypted, so you'd have to garlic wrap the message to the outbound tunnel's endpoint and direct the cloves seperately from there)
15:22 < jrandom> imho multicast would want to use an application layer overlay
15:22 < deer> <mrflibble> oh, thanks jrandom!
15:22 < fvw> what do you mean by application layer overlay?
15:22 < jrandom> ala shoutcast/etc
15:23 < hypercubus> he means do the multicasting in the applcation layer
15:23 < hypercubus> not in the i2p layer
15:23 < cervantes> 'lo hyper
15:23 < fvw> yes ok. Fair enough.
15:24 < jrandom> ok, I ranted enough in the email about the client apps, so I'm not going to repeat myself here.
15:25  * fvw pouts and puts away the popcorn.
15:25  * jrandom !thwaps the wiseass
15:26 < jrandom> but, basically I think before we go "live", we need something engaging to go live *with*
15:26 < dm> If you build it, they will come...
15:26 < dm> hahaha, or not!!!
15:26 < fvw> yes. Though we could probably pull quite some crowd from freenet just by having dynamic (not to mention _working_) freesites.
15:27 < deer> <Pseudonym> what about using some of the money in the general fund to create/increase bounties for the engaging stuff
15:27 < nicktastic> ...and dht
15:27 < cervantes> I have no knowledge of freenet... how do freesites differ to eepsites?
15:27 < cervantes> if they are in any way the same
15:27 < deer> <Pseudonym> eepsites work
15:28 < deer> <soros> heh
15:28 < hypercubus> imo you guys are impatient
15:28 < cervantes> apart from that
15:28 < nicktastic> hypercubus: How's that?
15:28 < hypercubus> contribute to the project, or shut up
15:28 < deer> <soros> freesites are static.
15:28 < jrandom> bounties/voting some of the general fund to give $$$ to service providers / eepsites that do kickass things does sound like a good idea
15:28  * jrandom is the impatient one hypercubus ;)
15:28 < jrandom> Pseudonym: is that what you mean?
15:28 < cervantes> these applications are certainly not going to materialise overnight
15:29 < jrandom> right, thats why we need to talk about it now
15:29 < jrandom> duck: you 'round?
15:29 < hypercubus> it's these people pushing for public announcements
15:29 < fvw> I doubt you'll get more eepsites with bounties. The people who build them do it because it's fun, I doubt we could pay those who don't find it fun enough.
15:29 < deer> <soros> dynamic freesites can be updated, but only once a day... 
15:29 < jrandom> probably true fvw
15:29 < deer> <Pseudonym> I was thinking more of using the general fund to support bounties for apps, not services/eepsites
15:29 < fvw> nobody's pushing for announcements, it was just discussed briefly.
15:30 < hypercubus> the project is evolving and growing naturally, have patience
15:30 < jrandom> ok word Pseudonym.  
15:30  * fvw nods at pseudonym. That might be good yes.
15:30 < jrandom> what would y'all suggest?
15:30 < nicktastic> hypercubus: They're just brainstorming ways to grow the network without GROWING the network ;)
15:30 < jrandom> the entire donation pool is available to be applied wherever we see fit
15:30 < fvw> though I think small bug or feature bounties have the greatest chance of actually causing stuff to happen as opposed to being a nice gift for the person who happened to do it anyway.
15:31 < deer> <Pseudonym> small bounties don't seem to be working. how about we push a bunch of money into the MyI2p pot
15:32 < hypercubus> how about you donate?
15:32 < nicktastic> jrandom: Well, for swarming file transfer and dds to be useful, we need streams faster than 4kbyte/sec, so two bounties are fairly dependent on the streaming library bounty
15:32 < nicktastic> jrandom: But from earlier discussion, that sounds rather trivial
15:32 < cervantes> throwing money at things isn't going to make stuff appear overnight either :)
15:32 < deer> <Pseudonym> I have donated
15:32 < deer> <soros> just announce i2p to slashdot
15:32 < deer> <soros> thats all you need
15:33 < hypercubus> that is exactly the opposite of what we need
15:33 < deer> <Pseudonym> not overnight, but maybe somebody will start working on it
15:33 < jrandom> nicktastic: the streaming lib will be lots of work, but thats the 0.4.3 release :)
15:34  * nicktastic consults roadmap
15:34 < jrandom> but I agree with cervantes, $$ doesn't make code, coders make code.
15:34 < deer> <soros> is i2p listed on freshmeat ?
15:34 < jrandom> if only there were some magic way to get in touch with hackers without letting general users know ;)
15:34 < jrandom> not to my knowledge soros
15:34 < fvw> cross-post to other anonymity-related software mailinglists?
15:35 < fvw> actually, I think most of the people where already involved with freenet or gnunet, and have become aware of i2p already.
15:35 < cervantes> hack into their inferior anonymity networks and say "hi come and work for us"
15:35 < jrandom> we do get a good # of hits from gnunet's links page
15:35 < jrandom> heh cervantes 
15:35 < deer> <demonic_1> there r some ng's i would think
15:36 < cervantes> (work for us or we'll give your ip to big brother)
15:36 < cat-a-puss> you could put refrences to I2p in wikis talking about related things
15:36 < deer> <baffled> I think one thing we need is some way to get mail in to i2p and anonymously out of it.
15:36 < jrandom> i think someone has already placed i2p at various spots in wikipedia, though i dont know about iA lately
15:36  * fvw doesn't see why you couldn't run smtp over a tunnel.
15:37 < jrandom> agreed baffled, a solid way to do mail *securely* would be great
15:37 < cervantes> is that possible though
15:37 < fvw> we must be careful not to spam though.
15:37 < jrandom> fvw: do you trust your mail client?
15:37 < jrandom> however, a mixminion/mixmaster outbound gateway would *rule*
15:37 < jrandom> (so someone go set up a web interface to one of those.  please :)
15:37 < fvw> jrandom: as much as I trust any other client software... Do you trust your IRC client? your web browser? ...
15:38 < cervantes> you'd have to trust the guy who owns the gateway isn't reading your mail
15:38 < jrandom> fvw: no.
15:38 < jrandom> fvw: and thats a problem.
15:38 < jrandom> fvw: a problem we must fix before we can recommend that people use I2P for anything beyond testing.
15:39 < fvw> How do you suggest making mail clients "more anonymous"?
15:39 < jrandom> it'd need to be a local SMTP/POP3 "server" that reads from the client, parses, interprets, and acts accordingly.
15:39 < cervantes> you'd need a bespoke mail application for a start
15:39 < jrandom> (there are a few apps out there that do that already)
15:39 < cervantes> (client)
15:40  * cervantes apologies for saying "bespoke"
15:40 < cervantes> *apologises
15:40 < jrandom> but that gets to one of the points in the weekly status notes - there are just so many important things that need to get done
15:40 < fvw> jrandom: That'd be very easy, at least on unix. Just hack up a sendmail drop in and something that does fetchmail and you're there. Could be done in shell scripts if you wanted to.
15:40 < deer> <duck> me hears an echo of his name
15:40 < jrandom> we need to focus if the bounties are going to be sufficient
15:40 < jrandom> oh, heya duck
15:41 < deer> <duck> sorry, I was euh.. drinking'
15:41 < jrandom> duck: just wanted to check in to see if there was any update on that web gateway thingy?  and/or whether it might be something normal i2p users could use?
15:41 < jrandom> heh, cheers
15:41 < nicktastic> drunken duck
15:41 < cervantes> pond water?
15:41 < jrandom> fvw: get coding :)
15:42 < deer> <duck> nope, the dev did freeze up. will have to find someone else
15:42 < jrandom> ok, sorry to hear that
15:42 < deer> <baffled> We told you not to keep putting them in the closet to protect them.
15:43 < deer> <duck> my initial specs: http://duck.i2p/files/anonyproxy.txt
15:44 < deer> <baffled> Is getting mail in/out of i2p as easy as some type of interface web/tunnel to one of these mixmaster thingies?
15:44 < jrandom> perhaps we can work on a revamp of the spec for that and see if it could serve the needs of normal eepsites (with i2p general funds pitching in)
15:44 < jrandom> oh ok cool duck, i'll check that out
15:44 < jrandom> baffled: out of i2p?  yes.  in to i2p?  probably more work
15:44 < fvw> baffled: Why do you want to add mixmaster? Everything mixmaster offers we already have.
15:45 < jrandom> fvw: mixmaster has a network of outproxies, plus nontrivial delays
15:45 < jrandom> ah ok duck, spec glanced over.  we may be able to figure something
15:45 < deer> <baffled> I don't, jrandom suggested setting up a web interface to it not me.
15:46 < jrandom> (though it seems to have some heavyweight requirements, so maybe not.  unsure, we can see)
15:46 < deer> <duck> its very easy; expectation was 1.5h study of ingredients and then 3-4h patching
15:46 < fvw> outproxies would be useful yes. As for nontrivial delays, someone who's not already using i2p isn't going to use i2p just for mail when there's mixmaster, whereas someone already using i2p is going to be compromised elsewhere by our lack of delays (if this is possible) anyway
15:46 < jrandom> right right, plus ship perl, privoxy, and apache duck ;)
15:47 < jrandom> perhaps fvw.  (though i2p 3.0 blah blah blah)
15:47 < fvw> hehe, I hesitate to say "good point", but I get what you mean.
15:48 < nicktastic> FYI, JES (Java Email Server) provides SMTP and POP3 servers under the GPL
15:49 < jrandom> ok, perhaps there should be some more discussion on the list or on the forum about what one or two client apps we should explore focusing on
15:49 < jrandom> word nicktastic, there's also a kickass one from apache too
15:49 < nicktastic> Nice, know what its called?
15:49 < jrandom> http://james.apache.org/
15:49 < nicktastic> Thanks
15:50 < jrandom> (nntp too (drooool))
15:50 < nicktastic> Wow
15:50  * nicktastic gets a stiffy
15:51  * fvw has joined #i2p-porn. Or at least it feels like that.
15:51 < fvw> Ok, next?
15:51 < jrandom> ok, we can continue client app discussions and strategizing on the list and in the forums
15:51 < nicktastic> Yes
15:52 < jrandom> but for now, moving on to 6) ???
15:52 < nicktastic> Or during non-meeting hours ;P
15:52 < jrandom> anyone have anything else they want to bring up?
15:52  * fvw nods. It is worth some discussion on-list.
15:52 < deer> <duck> little explanation to the www-inproxy: the idea was to get some ISP(s) to offer such a gateway as a service
15:52 < fvw> nah, the list is good. Gives everyone a chance to chime in, not just those who happen to be awake.
15:52 < jrandom> word duck, which is quite cool
15:52 < deer> <duck> so joe i2p-less-sixpack can access it using his MSIE
15:52 < deer> <duck> but the host is anonymous
15:52 < deer> <soros> http://it.slashdot.org/article.pl?sid=04/09/14/2226226&amp;threshold=0&amp;tid=172&amp;tid=128&amp;tid=201&amp;tid=218    (ugly new exploit for windows xp)
15:52 < jrandom> i2pless!  heretic!  burn them!
15:53 < deer> <duck> ISP takes part of the risk, hence the whitelist requirement
15:53 < deer> <duck> and ofcourse payment for domain etz
15:53 < fvw> hehe. Then suddenly we plaster child porn all over the famous eepsites and watch half the people get arrested and the other half install i2p.
15:53 < jrandom> heh
15:53 < deer> * duck calls the AIVD
15:54 < fvw> duck is dutch? *ponders*
15:55 < deer> <duck> I think many clientapps are not really killer
15:55 < jrandom> ok, anyone else have anything they want to bring up?
15:55 < jrandom> agreed duck, but we need *something* 
15:55 < deer> <duck> some self-made smtp tunnel thing is not going to be a big thing
15:56 < deer> <duck> myi2p with IOU accounting
15:56 < deer> <duck> fvw: Bedankt foor die bloumen
15:57 < deer> <soros> "After complaints to NIC.CX (the regulation authority of .cx domains) by an office worker named Rhonda Clarke of Christmas Island, the site goatse.cx was taken down Friday, January 16, 2004. (Goat.cx and Hick.org/Goat remain active.) A petition has even been launched to bring goatse.cx back.  "  
15:57 < deer> <soros> i've lost faith in humanity
15:57 < deer> <duck> small thing about the site: I2P was added to the <title> of each page for google purposes
15:57 < deer> <soros> sorry wrong window
15:57 < jrandom> ah ok duck
15:57 < deer> <duck> but I dont keep up with the latest google-dance, so it might be worthless.
15:57 < jrandom> perhaps if there were a way to explicitly not include it?
15:58 < jrandom> (e.g. so we can say "Welcome to I2P.net" instead of "I2P - Welcome to I2P.net", etc)
15:58 < deer> <duck> that is ofcourse possible
15:58 < deer> * duck looks on the fun-o-meter
15:58 < jrandom> we can always just add title = "I2P - How does it work" to menu.ini
15:58 < deer> <duck> nope, not today
15:58 < deer> <thetower> Oh oh, isn't there some way we can get google to crawl i2p? Like some sort of reverse proxy or something?
15:58 < jrandom> yeah, not worth it
15:58 < jrandom> thetower with duck's thingamabob, probably.
15:59 < deer> <duck> yeah
15:59 < fvw> but as mentioned, you probably don't want to be the one running it.
15:59 < deer> <thetower> Seems like if eepsites were coming up in google searches that would be good advertising right there.
16:00 < deer> <duck> fvw: I have contacted an isp who is interested
16:00 < deer> <duck> but he is not going to build it
16:00 < jrandom> thetower: perhaps if an ht://dig were hooked up to files.i2p, and if files.i2p exposed the database as big file with html links, that could be mirrored..?
16:00 < fvw> duck: really? How large and in which country?
16:00 < cervantes> how about a cache instead of a proxy
16:00 < cervantes> ah
16:00 < deer> <duck> 20cm
16:00 < fvw> If I were an ISP and not afraid of the legal problems, I'd still not be interested until I2P was a lot bigger.
16:01 < jrandom> a cache would be interesting too, a swarm of squids, etc
16:01 < deer> <duck> skynet
16:01 < fvw> that's pretty big. Did you give them a phone book to sit on?
16:01 < nicktastic> hehe
16:01 < deer> <duck> fvw: they'll likely scan the site before adding it
16:01 < deer> <duck> so you'll have to find another place for your nasty stuff
16:01 < fvw> Once or every update?
16:02 < fvw> the latter seems a lot of work for very little content.
16:02 < deer> <duck> every 2nd sunday of a month with an x in it
16:02 < deer> <duck> geeh
16:03 < jrandom> ok, we've gone past the two hour mark, does anyone else have something to bring up, or should we continue further discussions on the list / in the forum / etc?
16:03 < fvw> I just find it highly unlikely that a serious ISP will commit resources to I2P at this point.
16:03  * cervantes covers his head with a saucepan
16:03 < deer> <duck> fvw: your emotions are noted.
16:03  * fvw nods at jrandom. I need a drink. Keep up the good work.
16:03 < deer> <duck> when will we go for the 24h meeting?
16:04 < jrandom> perhaps next week duck 
16:04  * jrandom winds up
16:04 < deer> <duck> oh boy!
16:04 < fvw> duck: my emotions? You haven't even begun to see my emotions. Let me get a few drinks though.. *grin*
16:04  * jrandom *baf*s cervantes on the head, closing the meeting