Freenode, stylized as freenode and formerly known as Open Projects Network, is an IRCnetwork which was previously used to discuss peer-directed projects.[1] Their servers are accessible from the hostnamechat.freenode.net, which load balances connections by using round-robin DNS.[2][3]
Freenode began as a four-person Linux support channel called #LinPeople on EFnet, another IRC network. By 1995, after moving to Undernet, and then to DALnet, it moved from being just a channel to its own network, irc.linpeople.org. In early 1998, it changed to Open Projects Net (OPN) with about 200 users and under 20 channels.[13] OPN soon grew to become the largest network for the free software community, and 20th largest in the world.
In 2002, the name changed to Freenode. The OPN domains were later put up for sale, but did not sell.[14]
Governance
In 2002 the Peer-Directed Projects Center (PDPC) was founded to support Freenode.[15][16] PDPC was incorporated in Texas and the IRS recognised it as a 501(c)(3) charity from 2002[17] until approximately 2010,[18] during which it received support from such organizations as the Linux Fund in 2007.[19]
Operations and incidents
On 24 June 2006, a user with the nickname ratbert gained administrative privileges of Freenode administrator Rob Levin (lilo) and took control of the network. It is likely that approximately 25 user passwords were stolen as a result.[20] This user proceeded to K-line many Freenode staff members, and most Freenode servers subsequently went down for several hours.[21]
Around 30 January 2010, an internet troll organization, Gay Nigger Association of America, took an established exploit in HTML form and HTTP POST implementation (previously used in attacks on email protocols, e.g. POP3 and SMTP) and applied it to the IRC protocol to create a novel type of attack on Freenode, which had never been seen before in the wild.[22] The organization created a piece of JavaScript that caused users of Mozilla-based browsers such as Firefox and SeaMonkey to silently connect to Freenode and flood it. This exploit used an ability of Firefox to submit web forms to a port other than 80 (the default HTTP port). Whilst Firefox developers had blocked most ports some time ago,[23] port 6667, the port typically used for IRC, was not blocked.[22][24] The group used Encyclopedia Dramatica (a user-modifiable wiki, like Wikipedia) as a distribution vector, with the flooded messages directing users to click on a link to the modified Encyclopedia Dramatica page, causing those users to also become involved and resulting in a cascading snowball effect.[22]Weev, one of the group members responsible, later claimed that the attack had rendered the network "unusable [...] for days" due to what he perceived as incompetence among Freenode's staff at the time. He stated that the organization had also tried the same attack on other networks but had been shut down far more rapidly.
On 2 February 2014, Freenode suffered a DDoS attack (confirmed by @freenodestaff on Twitter) which caused a partial outage.[25]
On 22 February 2014, Freenode suffered another DDoS attack[26] which caused partial outage, followed by several botnets which attempted to attack #freenode but were redirected to #freenode-unreg. After the attacks, several servers remained nullrouted by their providers and, for a short time period, only a single server in rotation was accepting connections.[27]
On 13 September 2014, a DDoS attack occurred which caused the network to split for several hours, followed by several botnet attacks in the #freenode channel and against Freenode's services. Freenode's infrastructure team noticed a vulnerability on one of their IRC servers and evidence of compromise by an unknown third party. Freenode recommended that all users change their NickServ password for safety reasons, and temporarily took the compromised server offline until the vulnerability was fixed.[28][29] On 14 October 2014, NCC Group released a deep technical analysis of the rootkit used in the attack.[30]
In 2015, Freenode was bridged to Matrix via matrix.org.[31]
On 17 August 2017, Freenode suffered from a "fairly extensive spambot attack ... containing child pornography images." In the midst of combating the attack, the operators accidentally set a K-line banning most users of the network.[32] The spambot attack continued in the following year, involving even more networks, and was called "Freenodegate".[33] Attackers also created sites attacking the administrators of Freenode.[34]
After OPN co-founder Rob Levin died in September 2006, Christel Dahlskjaer, a PDPC board member,[35] incorporated Peer-Directed Projects Center Limited in 2008 in the UK as a private company limited by guarantee without share capital, stating "general non-profit making enterprise" as its object.[36] PDPC Ltd. said it was the successor of the US-based PDPC.[15] PDPC Ltd. reported £3,060 in net assets for 2009,[37] reported Dahlskjaer as officer in 2010[38] and was dissolved in 2013.[39]
In 2017, Dahlskjaer, then the head of staff at Freenode, incorporated Freenode Limited and transferred ownership of it to technology entrepreneur Andrew Lee in 2017.[40] According to staff, they were not informed of the contents of the deal and were told that it would not affect Freenode's day-to-day operations as the company only managed the Freenode #live conferences and nothing else;[41][5] other volunteers understood the company's purpose was funding the network and running the conferences.[4][5] Freenode Limited reported no activity in 2017. In 2018, current assets were reported to be £39,276, while amounts falling due to creditors within one year were reported to be £42,098.[42]
In May 2021, at least 14 Freenode staff members resigned after what they described as a "hostile takeover" attempt by Lee.[4][5] In February 2021, Dahlskjaer added the logo of Shells, a company and service which Lee co-founded, to the Freenode website.[4] Following criticism from staff, Dahlskjaer resigned from leadership of Freenode shortly after.[5][4] Following Dahlskjaer's resignation, Freenode staff elected Tom Wesley (tomaw) as head of staff and made a blog post explaining the leadership changes.[44] Staff allege that Lee removed the blog post shortly after.[4]Hackaday reported that an associate of Andrew Lee, Shane Allen, was recorded making statements that he would be promoted to staff member, and was also recorded recruiting others for staff.[5]Hackaday also reported that Allen offered Alpine Linux security team chair, Ariadne Conill, donations to her project if she joined their team and supported Lee's claim to Freenode.[5] On 11 May, Lee appointed a new person to oversee Freenode infrastructure and published a statement accusing staff members of ousting Dahlskjaer. Freenode staff resigned en masse, and some published statements outlining their view of what happened. Some accused Lee of applying legal pressure to Wesley.[4]
Lee said this was not true, and said that he had provided Freenode with millions of dollars, and that the staffers ousted Dahlskjaer as head of staff.[4][5] Lee also accused Wesley of harassing Dahlskjaer and of attempting a "hostile takeover".[4][41][5] In a statement released by Lee, he said that he is entitled to access Freenode's servers as he is the owner of Freenode Limited.[41]
Vice wrote that it was unclear what would happen to organizations that rely on Freenode.[4]Hackaday reported that Vim and RepRap had migrated from Freenode to Libera Chat, a new IRC network announced by some of the former staff members shortly after the mass resignations.[5]Anil Dash, a technology entrepreneur, stated that it was "heartbreaking to see Freenode in disarray after decades of being a vital open platform for communities."[4] Jackie Singh, a cybersecurity engineer, also thanked former Freenode staff members for their work.[4]
On 26 May 2021, Freenode took control of approximately 700 registered channels – including those of Gentoo Linux, Raku, Elixir and Haskell – which had migrated or intended to migrate to Libera Chat. This came after Freenode modified its off-topic policy to prohibit "inappropriate advertising" several days prior. The Gentoo Linux project said "We cannot perceive this otherwise than as an open act of hostility and we have effectively left Freenode."[45] Lee dismissed the criticism, stating that a "cancel culture mob has actively infiltrated major FOSS projects".[45]
On 14 June 2021, Freenode administrators launched a new network under the freenode name based on InspIRCd and Anope IRC services, intended to replace the previous network. Unlike previous migrations, none of the data from the old network, such as user and channel registration, was migrated over to the new network.[46]
Characteristics
The network previously focused on supporting peer-directed and open-source projects.[17]
Server software
In 1999, Freenode ran an IRCd called Dancer (based on IRC-Hybrid), then switched to Hyperion in 2005. Hyperion was then replaced with IRCd-Seven, a Freenode-specific fork of Charybdis,[47] on 30 January 2010,[48][49] using Atheme services, which were originally developed for use on Freenode.[50] As of June 2021[update], Freenode ran Anope IRC Services and InspIRCd.[51]
Peer-Directed Projects Center
The Peer-Directed Projects Center (PDPC) is known as the organization which ran[52] the Freenode IRC network,[53] where many prominent open source projects hosted their official IRC channels. The PDPC was incorporated in England and Wales.
PDPC was created to run the Freenode network and to establish a variety of programs relating to peer-directed project communities. According to its charter, the PDPC exists "to help peer-directed project communities flourish", mostly based around free and open-source software projects, and encouraging the use of free software through supporting its development. Until June 2021, the GNU Project[54] used the Freenode network for communication.
The PDPC was founded and initially directed by Rob Levin. In November 2006, the board went through a reshuffle and new members were installed. Seth Schoen left and Christel Dahlskjaer, senior Freenode staffer, became the secretary and head of staff on Freenode in Schoen's place. Also joining the board was David Levin, Rob's brother.[55]
In March 2013, the PDPC was dissolved. The decision to dissolve was made in part due to the donation levels and costs associated with maintaining its status as a charitable organization in the UK.[52]
Rob Levin
Robert Levin,[56] also known as lilo, was the founder of the Freenode IRC network and Executive Director of the PDPC charity that helped fund Freenode.[15] From 1994 onwards, Levin worked to encourage the use of IRC for free software and open-source projects. Levin was one of the founders of the Open Projects Network (OPN), and later of the PDPC.
In 2003, The Register (UK) reported that Levin mismanaged funds intended for the OPN, quoting him as writing that they went "to paying bills, to paying the rent, to buying food and necessities."[57]
On 12 September 2006, Levin was struck by a car while riding a bicycle at night in Houston, Texas. After the accident, Levin was hospitalized with head injuries. He died on 16 September, at the age of 50.[56]
^Farrell, Nick (26 June 2006). "Freenode IRC Network hacked". The Inquirer. Archived from the original on 14 August 2013. Retrieved 19 March 2013.{{cite web}}: CS1 maint: unfit URL (link)
^van der Meijs, Sander (1 February 2010). "Bug in Firefox gebruikt tegen IRC netwerk". Webwereld (in Dutch). IDG Netherlands. Archived from the original on 22 July 2012. Retrieved 19 March 2013. Een groep die zichzelf de GNAA noemt heeft voor grote problemen gezorgd bij een IRC netwerk. Ze gebruikten een bug in Firefox om het netwerk te spammen. [A group that calls itself the GNAA has caused major problems in an IRC network. They used a bug in Firefox for the network to spam]