ZeroNet Blogs

Static ZeroNet blogs mirror

ZeroBlog

Demo for decentralized, self publishing blogging platform.

Changelog: May 1, 2018

- Posted in ZeroBlog by with comments

Rev3464

  • Workaround for China's GFW tracker blocking by using Tor meek proxies: If the client detect many failing tracker connection it offers the user to use Tor meek proxies for tracker connection (does not slows down sync speed / file transfers) To enable this feature you have to download the Windows ZeroNet distribution again as tor-meek bridges was not included earlier. (Linux & Mac coming later)

  • Refactored and partly rewritten tracker connection handler part

  • ZeroNet windows distribution now comes with Tor included (with meek proxies)

  • Added site "Download as .zip" backup option to sidebar
  • Better tracker compatibility by using uTorrent peerid and announcing port 1 in case of closed port
  • Fix uploading small files with bigfile plugin (ajax post method)
  • Fix peerPing CLI error reporting
  • Fix CLI command shutdown with ctrl+c
  • Fix high CPU/HDD usage when Multiuser plugin enabled
  • Fix Firefox back button (wrapper_nonce in url)

The previously planned enhanced stats page is a bit delayed as I currently focusing on recent problems with GFW, but it's coming soon :)

Changelog: April 4, 2018

- Posted in ZeroBlog by with comments

Rev3402

  • File server port randomization: In the past few days I got reports that the Great Firewall of China started blocking the ZeroNet protocol based on the port number and also using Deep packet inspection. Using the information and remote shells I got from other ZeroNet users (Thanks again) I was able to reproduce, debug and add a workaround for this restriction. One of the solutions is instead of using a fixed port (15441) your client will listen on a random port (10000-40000). (so please update to allow other clients behind of GFW connect to you)
  • Really enable implicit SSL connection by fixing a typo (doh)
  • Pack a websocket client to allow run any ZeroFrame API call from command line using. Eg.: zeronet.py siteCmd 1yoursite fileGet content.json
  • Command line sitePublish action using websocket connection instead of file server command.
  • Fix site Check files option to allow start seeding files not downloaded using ZeroNet
  • Fix optional file handling when a site has multiple files with the same hash_id (first 4 character of sha512 value)
  • Provide correct result for fileRules for not yet existent user files by using the currently selected certificate
  • Workaround for Chrome 66 Beta IFrame display bug
  • Use transform to scale progress bar instead of width to save some CPU time

Currently I'm working on a connection information page that will allow you to follow what's happening under the hood and get a better overview on possible errors. Eta: 1-2week

Changelog: March 21, 2018

- Posted in ZeroBlog by with comments

Rev3376

  • Support fileList API command on tar.gz/zip files. Eg.: Page.cmd("fileList", "data/any.zip", console.log) will print the list of files in the archive to the console.
  • Sidebar field and per-site Auto download big file size limit: By default when you enable the "Download and help distribute all files" on the sidebar it won't download big files. Now you can configure the maximum file size that you want to automatically download and help distribute for the site.
  • Display local peers on the sidebar
  • Implicit TLS by default on connections: ZeroNet connections now looks and acts exactly like HTTPS connections which makes it harder to detect and improves the privacy.
  • --force_encryption argument to disable non-encrypted connection fallback for clients that do not support TLS

  • Send local time in the handshake to make decentralized P2P time consensus feature possible in the (near) future.

  • Improved peer discovery for optional/big files without opened port: Until now the clients only sent its .onion address for other .onion peers. Now it's also sending it to ipv4 peers which makes it possible to other peers to connect to them in a case when they have an optional file they looking for.

  • Optimized and improved optionalFileInfo command response speed by caching filename to sha512 map.

  • Reduced IO load on startup by avoiding loading user's content.json file for isArchived check.

  • Display more detailed error description on an unexpected error during signing.

  • Recover cloned site's private key without users.json file using only your master seed: zeronet.py cryptGetPrivatekey 219e...061 25650465 will print the site's private key. Where 219e...061 is your master_seed (64 char long) and 25650465 is your address_index can be found in the cloned site's content.json file.

  • Open site directory (in your OS file explorer) button in the sidebar. [Thanks to imachug]

  • Also delete big file's piecemap.msgpack file on fileDelete command.

Important security fix in Rev3350

- Posted in ZeroBlog by with comments

This update fixes an important security error and contains other changes that enhance the wrapper security.

Iframe sandbox escape [Reported by Ivanq / gitcenter]

In ZeroNet before Rev3350 the wrapper did not escaped properly the given parameters.

Result: The opened site was able to escape the sandbox, read/modify any hosted site and change the client's configuration settings. Using the sandbox escape due to an obsolete feature the opened site was also able to read the private key of the cloned sites.

Fix: Fixed the escaping function and also removed raw html based tag definitions to prevent similar things happening in the future.

Affected versions: All versions before ZeroNet Rev3350

Other changes:

  • Fix random blank pages using Firefox
  • Fix local peer discovery on older Linux kernels
  • Change large file download for msgpack 0.5.5 and 0.5.6 compatibility
  • Fix random sidebar globe loading errors
  • Fix command line interface actions
  • Fix file download error on slow connections

New version: 0.6.2

- Posted in ZeroBlog by with comments

Local peer discovery plugin added to make ZeroNet work without an internet connection on the local network.

Other changes:

  • Handle and test out of range big file ajax requests (Thanks imachug for reporting)
  • Limit connections to 512 to avoid reaching 1024 limit on windows
  • Fix ZeroNet reliability issue when logging foreign operating system socket errors
  • Don't keep connection for sites that have not been modified in the last week
  • Allow dbQuey and userGetSettings using the as API command on different sites with Cors permission
  • Don't send private (local) IPs on pex
  • Don't connect to private IPs in tor always mode
  • Prefer recent peers from trackers
  • Change unreliable trackers to new ones
  • New config option: --log_level to reduce log verbosity and IO load

Moving to 2018

- Posted in ZeroBlog by with comments

ZeroNet turned 3 years old and 2017 was another interesting year. :)

Some highlights:

  • Got invited to TED2017 to speak about ZeroNet in front of 2000 people. After months of preparations, the speech did not happen eventually, but I think the fact of the invitation itself is already a powerful acknowledgment for the project.
  • Big file support with video streaming and seeking support.
  • The first ZeroNet community meetup (Thanks to Lola)
  • User muting and site blacklist: You can hide users globally based on their public address identifier.
  • Transparent Tar.gz and Zip compressed content support: You can distribute sites or data directly as in packaged format to significantly reduce the number of files, and size of the content. (up to 10 times on regular web content)
  • Important security fixes (Thanks for Beardog108 and MuxZeroNet for reporting)
  • Mobile interface improvements (Thanks to stbinan)
  • And many others: Tor network optimizations, Optional and compressed database files, Cross-site data access plugin, Exe and app formatted distributions, Two-way update checking, JS-less raw file access option

Plans for 2018:

Whats your wishlist?

Version 0.6.1

- Posted in ZeroBlog by with comments

Stats page on ZeroHello that allow you follow your contribution to the network and help you with other information.

chart_top.jpg (1418x1271)

Other changes:

  • Reduce memory usage of sidebar geoip database
  • Chart plugin to locally collect and query statistics about your node
  • Change unreliable tracker to new one
  • Fix open port checking error reporting (Thanks to imachug)
  • Allow list as argument replacement in sql queries. (Thanks to imachug)
  • Don't display Cors permission ask if it already granted
  • Progressive loading of ZeroHello Files tab
  • Avoid UI blocking when rebuilding a merger site
  • Newsfeed query time statistics (Click on "From XX sites in X.Xs on ZeroHello)

The site checkpoints feature is delayed as I found a problem that I wasn't able to solve efficiently, so I went to the statistics module instead. It's still planned and coming later this year.

New version 0.6.1

- Posted in ZeroBlog by with comments

Stats page on ZeroHello that allow you follow your contribution to the network and help you with other information.

chart_top.jpg (1418x1271)

Other changes:

  • Reduce memory usage of sidebar geoip database
  • Chart plugin to locally collect and query statistics about your node
  • Change unreliable tracker to new one
  • Fix open port checking error reporting (Thanks to imachug)
  • Allow list as argument replacement in sql queries. (Thanks to imachug)
  • Don't display Cors permission ask if it already granted
  • Progressive loading of ZeroHello Files tab
  • Avoid UI blocking when rebuilding a merger site
  • Newsfeed query time statistics (Click on "From XX sites in X.Xs on ZeroHello)

The site checkpoints feature is delayed as I found a problem that I wasn't able to solve efficiently, so I went to the statistics module instead. It's still planned and coming later this year.

Changelog: December 5, 2017

- Posted in ZeroBlog by with comments

Rev3158

  • Re-write file update rate-limit algorithm to (hopefully) fix common error of missing user data.json files
  • Real-time update port opened status with serverChanged API event
  • API call fileNeed compatibility with merger sites
  • Faster uPnP port closing/opening with async checking on different IPs
  • Slovak translation (Thanks to Biosias)
  • Re-download invalid content.json files (probably result of fs write error)
  • Fix >10MB sites size calculation and cloning
  • Show proxy welcome message only on user certificate creation
  • Async database rebuild to avoid UI hang
  • Fix websocket error when requesting files from different sites in parallel
  • Added ZeroNet git repository to Git Center.

ZeroHello

  • Site filter
  • Search in a specific site. Eg searching for: nginx site:ZeroTalk will only display results from ZeroTalk site

ZeroUp

  • Currently seeding and My uploads filtering
  • Fix file deletion menu

Currently working on site checkpoints feature that will give archiving solution for sites with lots of user content and also dramatically speeds up initial site sync speed. Eta: 2017 :)

Changelog: October 27, 2017

- Posted in ZeroBlog by with comments

Rev3125

  • Merger site support in big file upload
  • Documentation and example for big file uploading
  • Fix important bug in Tor mode that caused "Site lock violation" errors. Please update if you use ZeroNet in that mode to reliably receive site updates.
  • Major piecefiled exchange optimization by ignoring empty piecefields
  • Don't reset bad file counter on restart (give up on non-reachable files)
  • Stats for network command requests and optional files
  • Fix bandwidth usage statistics
  • Fix signing big files via CLI
  • Cancel pending other part downloads on big file deletion
  • Allow rules based on auth address instead of cert name
  • Display the progress of GeoLite DB downloading

ZeroTalk

  • Use timestamp for topic ids to avoid id collission
  • Automatically put Chinese topics to separate sub-topic

ZeroID

  • Fix visual errors on Chrome
  • Re-written storage and moved certs to optional files. (please help seeding by clicking "Download and help distribute all files" on sidebar)

ZeroMe

  • Better image preview bluring

ZeroHello

  • Filter by feed item type
  • Skip overflowing menus on mobile
  • File tab mobile improvements
  • Fix feed listing merging when two site has the same inner url