ZeroNet Blogs

Static ZeroNet blogs mirror

ZeroBlog

Demo for decentralized, self publishing blogging platform.

Decentralized Web Summit 2018

- Posted in ZeroBlog by with comments

dws2018.jpg (1000x500)

I will be around San Francisco in the next few days and I'm going speak at Decentralized Web Summit 2018. Hope to see you there! :)

Recent changes:

  • Updated Windows & Mac binaries to latest version
  • Fix browser open configuration element saving bug
  • Load trackers file on startup
  • Fix UDP trackers parsing
  • Force re-announce loading site on refresh
  • Trackers file always relative to executable

ZeroMe:

  • Fix username highliting

ZeroUp:

  • ​​​​​​​Add search field

Changelog: July 18, 2018

- Posted in ZeroBlog by with comments

Rev3537

  • Dynamic big file allocation: More efficient storage usage by don't pre-allocate the whole file at the beginning, but expand the size as the content downloads.
  • Global tracker stats on ZeroHello: Include statistics from all served sites instead of displaying request statistics only for one site.
  • Support custom proxy for trackers. (Configurable with /Config)
  • Allow adding peers to sites manually: Add peers manually in case of tracker communication fail by using zeronet_peers get parameter, eg.: https://www.zerogate.tk/1anysite/?zeronet_peer=1.2.3.4:15441,2.3.4.5:13300

ZeroHello

  • You can ignore hosted blacklisted site notification
  • Try to get rid of the graphical rendering of the cog in Config menu item
  • Fix stats error if there is data for no longer existing sites

Changelog: July 11, 2018

- Posted in ZeroBlog by with comments

Rev3524

  • New plugin UiConfig: Adds a Configuration page that allow to change ZeroNet settings: Config.png (660x539)
  • Client restart without updating the code
  • Properly save multi-value configuration options
  • Add config page link to loading screen
  • Lines loaded from trackers_file will be appended to trackers list instead of replacing them
  • Fix incorrect behavior when Tor is disabled
  • Fix siteDownload CLI action

ZeroHello * Add notification about hosted blocklisted sites

New version: 0.6.3

- Posted in ZeroBlog by with comments

Back from vacation/inactive period (Japan plz never change) :)

Rev3495

  • New plugin: ContentFilter (Replacing Mute) that allows to share and automatically sync site and user blocklist between clients. Sample site that contains 2 blocklist (the format is same as data/filters.json): blocklist.png (1115x562) You can manage followed blocklists using ZeroHello ⋮ > Manage muted users option. The site is cloneable, if you create a blocklist please share it in the comments.
  • Switched to Azure meek proxy as the Amazon one became unavailable.
  • SiteAdd admin API command
  • More secure url sanitization
  • Support downloading 2GB+ sites as .zip (Thx to Radtoo)
  • Support ZeroNet as a transparent proxy (Thx to JeremyRand)
  • Allow fileQuery as CORS command (Thx to imachug)
  • Ignore newsfeed items with an invalid date value
  • Fix sitePublish cli action
  • Fix FireFox websocket disconnect on site download as zip
  • Fix local peer discovery when running multiple clients on the same machine

Changelog: May 1, 2018

- Posted in ZeroBlog by with comments

Rev3464

  • Workaround for China's GFW tracker blocking by using Tor meek proxies: If the client detect many failing tracker connection it offers the user to use Tor meek proxies for tracker connection (does not slows down sync speed / file transfers) To enable this feature you have to download the Windows ZeroNet distribution again as tor-meek bridges was not included earlier. (Linux & Mac coming later)

  • Refactored and partly rewritten tracker connection handler part

  • ZeroNet windows distribution now comes with Tor included (with meek proxies)

  • Added site "Download as .zip" backup option to sidebar
  • Better tracker compatibility by using uTorrent peerid and announcing port 1 in case of closed port
  • Fix uploading small files with bigfile plugin (ajax post method)
  • Fix peerPing CLI error reporting
  • Fix CLI command shutdown with ctrl+c
  • Fix high CPU/HDD usage when Multiuser plugin enabled
  • Fix Firefox back button (wrapper_nonce in url)

The previously planned enhanced stats page is a bit delayed as I currently focusing on recent problems with GFW, but it's coming soon :)

Changelog: April 4, 2018

- Posted in ZeroBlog by with comments

Rev3402

  • File server port randomization: In the past few days I got reports that the Great Firewall of China started blocking the ZeroNet protocol based on the port number and also using Deep packet inspection. Using the information and remote shells I got from other ZeroNet users (Thanks again) I was able to reproduce, debug and add a workaround for this restriction. One of the solutions is instead of using a fixed port (15441) your client will listen on a random port (10000-40000). (so please update to allow other clients behind of GFW connect to you)
  • Really enable implicit SSL connection by fixing a typo (doh)
  • Pack a websocket client to allow run any ZeroFrame API call from command line using. Eg.: zeronet.py siteCmd 1yoursite fileGet content.json
  • Command line sitePublish action using websocket connection instead of file server command.
  • Fix site Check files option to allow start seeding files not downloaded using ZeroNet
  • Fix optional file handling when a site has multiple files with the same hash_id (first 4 character of sha512 value)
  • Provide correct result for fileRules for not yet existent user files by using the currently selected certificate
  • Workaround for Chrome 66 Beta IFrame display bug
  • Use transform to scale progress bar instead of width to save some CPU time

Currently I'm working on a connection information page that will allow you to follow what's happening under the hood and get a better overview on possible errors. Eta: 1-2week

Changelog: March 21, 2018

- Posted in ZeroBlog by with comments

Rev3376

  • Support fileList API command on tar.gz/zip files. Eg.: Page.cmd("fileList", "data/any.zip", console.log) will print the list of files in the archive to the console.
  • Sidebar field and per-site Auto download big file size limit: By default when you enable the "Download and help distribute all files" on the sidebar it won't download big files. Now you can configure the maximum file size that you want to automatically download and help distribute for the site.
  • Display local peers on the sidebar
  • Implicit TLS by default on connections: ZeroNet connections now looks and acts exactly like HTTPS connections which makes it harder to detect and improves the privacy.
  • --force_encryption argument to disable non-encrypted connection fallback for clients that do not support TLS

  • Send local time in the handshake to make decentralized P2P time consensus feature possible in the (near) future.

  • Improved peer discovery for optional/big files without opened port: Until now the clients only sent its .onion address for other .onion peers. Now it's also sending it to ipv4 peers which makes it possible to other peers to connect to them in a case when they have an optional file they looking for.

  • Optimized and improved optionalFileInfo command response speed by caching filename to sha512 map.

  • Reduced IO load on startup by avoiding loading user's content.json file for isArchived check.

  • Display more detailed error description on an unexpected error during signing.

  • Recover cloned site's private key without users.json file using only your master seed: zeronet.py cryptGetPrivatekey 219e...061 25650465 will print the site's private key. Where 219e...061 is your master_seed (64 char long) and 25650465 is your address_index can be found in the cloned site's content.json file.

  • Open site directory (in your OS file explorer) button in the sidebar. [Thanks to imachug]

  • Also delete big file's piecemap.msgpack file on fileDelete command.

Important security fix in Rev3350

- Posted in ZeroBlog by with comments

This update fixes an important security error and contains other changes that enhance the wrapper security.

Iframe sandbox escape [Reported by Ivanq / gitcenter]

In ZeroNet before Rev3350 the wrapper did not escaped properly the given parameters.

Result: The opened site was able to escape the sandbox, read/modify any hosted site and change the client's configuration settings. Using the sandbox escape due to an obsolete feature the opened site was also able to read the private key of the cloned sites.

Fix: Fixed the escaping function and also removed raw html based tag definitions to prevent similar things happening in the future.

Affected versions: All versions before ZeroNet Rev3350

Other changes:

  • Fix random blank pages using Firefox
  • Fix local peer discovery on older Linux kernels
  • Change large file download for msgpack 0.5.5 and 0.5.6 compatibility
  • Fix random sidebar globe loading errors
  • Fix command line interface actions
  • Fix file download error on slow connections

New version: 0.6.2

- Posted in ZeroBlog by with comments

Local peer discovery plugin added to make ZeroNet work without an internet connection on the local network.

Other changes:

  • Handle and test out of range big file ajax requests (Thanks imachug for reporting)
  • Limit connections to 512 to avoid reaching 1024 limit on windows
  • Fix ZeroNet reliability issue when logging foreign operating system socket errors
  • Don't keep connection for sites that have not been modified in the last week
  • Allow dbQuey and userGetSettings using the as API command on different sites with Cors permission
  • Don't send private (local) IPs on pex
  • Don't connect to private IPs in tor always mode
  • Prefer recent peers from trackers
  • Change unreliable trackers to new ones
  • New config option: --log_level to reduce log verbosity and IO load

Moving to 2018

- Posted in ZeroBlog by with comments

ZeroNet turned 3 years old and 2017 was another interesting year. :)

Some highlights:

  • Got invited to TED2017 to speak about ZeroNet in front of 2000 people. After months of preparations, the speech did not happen eventually, but I think the fact of the invitation itself is already a powerful acknowledgment for the project.
  • Big file support with video streaming and seeking support.
  • The first ZeroNet community meetup (Thanks to Lola)
  • User muting and site blacklist: You can hide users globally based on their public address identifier.
  • Transparent Tar.gz and Zip compressed content support: You can distribute sites or data directly as in packaged format to significantly reduce the number of files, and size of the content. (up to 10 times on regular web content)
  • Important security fixes (Thanks for Beardog108 and MuxZeroNet for reporting)
  • Mobile interface improvements (Thanks to stbinan)
  • And many others: Tor network optimizations, Optional and compressed database files, Cross-site data access plugin, Exe and app formatted distributions, Two-way update checking, JS-less raw file access option

Plans for 2018:

Whats your wishlist?