Syndie - distributed forums

Home
Download
Features
Use cases
Faq
Roadmap
Developers
Manual
Donate
Related projects
About

---

Bugtracker (via I2P)
Forum

Features

• Decentralized forum
• Private forum
• Offline forum participation
• Offline browsing
• Secure reader
• Technical features

Decentralized forum (up)

While many different groups often want to organize discussions into an online forum, the centralized nature of traditional forums (websites, BBSes, etc) can be a problem. For instance, the site hosting the forum can be taken offline through denial of service attacks or administrative action. In addition, the single host offers a simple point to monitor the group's activity, so that even if a forum is pseudonymous, those pseudonyms can be tied to the IP that posted or read individual messages.

In addition, not only are the forums decentralized, they are organized in an ad-hoc manner yet fully compatible with other organization techniques. This means that some small group of people can run their forum using one technique (distributing the messages by pasting them on a wiki site), another can run their forum using another technique (posting their messages in a distributed hashtable like OpenDHT, yet if one person is aware of both techniques, they can synchronize the two forums together. This lets the people who were only aware of the wiki site talk to people who were only aware of the OpenDHT service without knowing anything about each other. Extended further, Syndie allows individual cells to control their own exposure while communicating across the whole organization.

Private forum (up)

Forums can be configured so that only authorized people can read the content, or even know what pseudonyms are posting the messages, even if an adversary confiscates the servers distributing the posts. In addition, authorized users can prevent any unauthorized posts from being made entirely, or only allow them under limited circumstances.

Offline forum participation (up)

Unlike traditional forums, with Syndie you can particpate even when you are not online, "syncing up" any accumulated changes with the forum later on when it is convenient, perhaps days, weeks, or even months later.

Offline browsing (up)

Syndie is not limited to simple text messages - individual web pages or full web sites can be packaged up into a single Syndie post, and using the offline forum functionality, you can browse that web site through Syndie without an active internet connection.

Secure reader (up)

All applications strive for security, but most do not consider identity or traffic pattern related information sensitive, so they do not bother trying to control their exposure. Syndie however is designed with the needs of people demanding strong anonymity and security in mind.

Technical features up)

While its structure leads to a large number of different configurations, most needs will be met by selecting one of the options from each of the following three criteria:

• Forum types:
  • Single author (typical blog)
  • Multiple authors (multiauthor blog)**
  • Open (newsgroups, though restrictions may be included so that only authorized** users can post new threads, while anyone can comment on those new threads)
• Visibility:
  • Anyone can read anything
  • Only authorized* people can read posts, but some metadata is exposed
  • Only authorized* people can read posts, or even know who is posting
  • Only authorized* people can read posts, and no one knows who is posting
• Comments/replies:
  • Anyone can comment or send private replies to the author/forum owner
  • Only authorized** people can comment, and anyone can send private replies
  • No one can comment, but anyone can send private replies
  • No one can comment, and no one can send private replies

* reading is authorized by giving people the symmetric key or passphrase to decrypt the post. Alternately, the post may include a publicly visible prompt, where the correct answer serves to generate the correct decryption key.

** posting, updating, and/or commenting is authorized by providing those users with asymmetric private keys to sign the posts with, where the corresponding public key is included in the forum's metadata as authorized to post, manage, or comment on the forum. Alternately, the signing public keys of individual authorized users may be listed in the medtata.

Individual posts may contain many different elements:

• Any number of pages, with out of band data for each page specifying the content type, language, etc. Any formatting may be used, as its up to the client application to render the content safely - plain text must be supported, and clients that can should support HTML.
• Any number of attachments (again, with out of band data describing the attachment)
• A small avatar for the post (but if not specified, the author's default avatar is used)
• A set of references to other posts, forums, archives, URLs, etc (which may include the keys necessary to post, manage, or read the referenced forums)

On the whole, Syndie works at the *content layer* - individual posts are contained in encrypted zip files, and participating in the forum means simply sharing these files. There are no dependencies upon how the files are transferred (over I2P, Tor, Freenet, gnutella, bittorrent, RSS, usenet, email), but simple aggregation and distribution tools will be bundled with the standard Syndie release.

Interaction with the Syndie content will occur in several ways. First, there is a scriptable text based interface, allowing basic command line and interactive reading from, writing to, managing, and synchronizing the forums. For instance, the following is a simple script to generate a new "message of the day" post -

    login
    menu post
    create --channel 0000000000000000000000000000000000000000
    addpage --in /etc/motd --content-type text/plain
    addattachment --in ~/webcam.png --content-type image/png
    listauthkeys --authorizedOnly true
    authenticate 0
    authorize 0
    set --subject "Today's MOTD"
    set --publicTags motd
    execute
    exit

Simply pipe that through the syndie executable and the deed is done:

    cat motd-script | ./syndie > syndie.log

Additionally, there is work going on for a graphical Syndie interface, which includes the safe rendering of plain text and HTML pages (of course, with support for transparent integration with Syndie's features).

Applications based on the old Syndie's "sucker" code will enable the scraping and rewriting of normal web pages and web sites so that they can be used as single or multipage Syndie posts, including images and other resources as attachments.

Down the line, firefox/mozilla plugins are planned to both detect and import Syndie formatted files and Syndie references, as well as notify the local Syndie GUI that a particular forum, topic, tag, author, or search result should be brought into focus.

Of course, since Syndie is, at its core, a content layer with a defined file format and cryptographic algorithms, other applications or alternate implementations will probably be brought forward over time.