The Register runs an article today on potential insecurities of The Freenet Project.

Freenet is designed to be a fairly anonymous P2P network, where each node can relay data for others as well as receiving for itself. Data is cached locally in an encrypted file, and, supposedly, it is not possible to tell the difference between data that has been relayed to other nodes, and data that has been requested by the local client. This is supposed to offer deniability to users found to have naughty files in their caches.

However, The Register found that using a combination of publicly available node uptime data and file requests, it was possible to determine whether a file had been downloaded by a node, or just partially relayed. Bye-bye deniability.

True, in order to be effective, the person doing the detective work has to have physical access to your machine, but in Patriot Act-crazy America, that’s not such a remote possibility from a law enforcement point of view.

The issue is set to be remedied in the next release of Freenet, scheduled for later this year. The Freenet News page also mentions The Register’s piece.