twister-core 0.9.29: fix connectivity issue

New twister-core 0.9.29 fixes a long standing connectivity bug: sometimes twisterd failed to properly detect when the external IP changes.

IP changes are relatively common, they may be due to a router reboot, ISP forcing an IP change, switching from work to home network etc.

If twisterd fails to detect that our external IP changed then the DHT network doesn’t work. User will see a sluggish UI, failing to load avatars, replies and statuses.

This should be fixed now. Please give it a try!

Posted in Uncategorized

twister-html new language filtering support

We’ve just merged another great contribution by Сёма Мрачный (@tasty) for twister-html client: advanced language filtering support.

This new feature may allow people to follow more users and display only the posts on language they understand. Given the heterogeneous twister community with users speaking Russian, Chinese, French, Portuguese, Turkish and even English, this is a very handy addition!

Language filtering options have been added:



Then, before enabling the filter, one can try how it will work by running the cool “simulation mode”:


Besides language filtering, Top Trends got an optional auto-updating feature every 2 minutes.

Thanks again to everybody involved!



Posted in Uncategorized

VirtualBox image available to compile twister for Android

A new VirtualBox image is available pre-configured with all utilities (android-sdk, ndk…) and dependencies (openssl, boost etc) needed to compile twisterd for Android.

Grab it here:

Ubuntu-12.04-LTS-amd64_twister-gitian-android.ova (2.2GB from Google Drive)

Posted in Uncategorized

twister RPMS for openSUSE, SLE, Fedora and Centos

Thanks to the nice Open Build Service (OBS) provided by openSUSE we now have automatically built RPMS for the following distros:

  • openSUSE 12.2, 12.3, 13.1, 13.2 and tumbleweed
  • SLE 12 (SLE 11 boost too old)
  • Fedora 20 (Fedora 18-19 have no elliptic curves support)
  • CentOS 7 (Centos 6 boost too old)

Download it HERE!

The new RPMS will install two icons under Network menu: “twister” and “twister Control Panel”

The first one should launch twister automatically, that is: creates a random password for browser<=>twisterd authentication, setup an initial ~/.twister/twister.conf, and then open a new browser window.

twister Control Panel will allow users to configure twisterd as a deamon which starts when user first open his graphical desktop session. It is a pretty simple utility which looks like this:


Daily Debian packages are available HERE!

Posted in Uncategorized

A new “business” model

A new “business” model

Posted in Uncategorized

Twister daily traffic visualization

Thanks to @thedod and @twisterio!

Click here for Twister daily traffic.

Posted in Uncategorized

twister-core 0.9.28: enforce DHT upload rate limit

0.9.28 has better enforcement of DHT upload rate limit for non-locally generated requests.

the limit applies to: DHT replies, refreshes of stored items, checking for status/tracker and proxy server.

local requests (eg. dhtgets from the UI) are excluded from this limit, so user experience is not affected.
in other words: we limit only the band contributed back to twister network for maintenance tasks.

this should improve resilience against some sorts of denial-of-service attacks and also
prevents saturating the uplink as observed recently.

Posted in Uncategorized

Some thoughts on next developments

I’d like to share some thoughts on stuff i’d like to implement or improve in twister…

Following the recent introduction of “getmentions” api in twister-core 0.9.27, i’d like to explore the possibilities for creating new user following “types”.

Currently we have only two following types: public and private.

1) Public: the username is stored in public DHT and twister-core starts a torrent to follow this user. Public following are synchronized between computers (twister-html read back the listing from DHT)

2) Private: twister-core starts the torrent, but username is not announced to DHT. Therefore the posts appear in timeline but people don’t know you are following him.

The interface for “Private” is actually awkward / poorly designed: there is no option to follow privately from the start, one has to public follow (propagates the name to DHT) and then change it to private (removes the name from DHT). So for a brief time window one will know about that.

So one obvious improvement here is to change the interface. Perhaps opening a box to inquire the following type would be the least layout disrupting, also allowing for more types:

3) DM/Mentions only: this is a kind of “mute”, that is, the user might be too lousy so you want to follow him form mentions and DMs but not to polute your timeline. This is actually orthogonal to public/private setting.

4) Restrict charset: i’m not sure this should be a per-user setting or global one. The idea is to limit showing only latin, or russian or chinese posts.

Any other suggestions for following or per-user settings?

The above ideas only require HTML/Javascript coding. If someone wants to help it will more than welcomed ;-)

Then there is something i’d like to explore in twister-core: bandwidth limiting.

I’ve being noticing that sometimes twisterd saturates my upload link and it seems to be due to high DHT traffic. I still need to investigate if this is caused by some bug in other twisterd nodes (requesting too much) or if someone is aggressivelly crawling the network.

Either way, i was thinking about creating a new setting to limit the amount of bw that twisterd may use to serve the other nodes. This also improves / works as DDoS protection.

My idea is that DHT requests originated on your own host would always be allowed to go out, while replies to other nodes would be subject to bandwidth accounting.


Posted in Uncategorized

Help decentralize twister even more!

Yes, twister is already decentralized. However there are two areas where we may improve twister to make it more resilient:

  • DNS Seeders When twisterd is executed for the first time, it must locate some initial nodes to join the peer-to-peer network. twister, like Bitcoin, does that by trying a couple of special DNS servers (seeders) which provide an updated list of known peers. Currently twisterd is configured to try 4 different DNS Seeders but 3 of them depend on domain by Godaddy’s infrastructure. Some countries are known to have attacked this domain in order to prevent twister’s initial bootstrapping.

    How one may help? If you have a 24×7 linux machine and you are able to add an special NS record to your domain, please consider running twister-seeder. Then let me know (@mfreitas) and I will add your domain to the code base.

  • Soft checkpoints This is a feature that got added in January/2014 to protect twister blockchain from a series of attacks. The mechanism is described here: Soft checkpoints. In short, it is a consensus-based mechanism which adds further security to the well-known blockchain to prevent severe reversal attacks. The list of nodes/users allowed to “vote” for the blockchain checkpoints is stored in twister code.

    How one may help? This is an easier one as you don’t need to be able to change DNS records or anything, only a 24×7 twister box with an registered username is needed. Currently most of the boxes which are allowed to vote are administered by me, but nobody wants to depend on such low Bus Factor. I must know the voters are real people, but for everybody else who reads the code it is just an anonymous username. I don’t even recommend using the same username used for normal twister posts, you should reserve it just for checkpoint voting purposes. The twisterd takes care of everything, just let the username configured on that instance and let me know (@mfreitas).

  • If you prefer to contact me by email its also mfreitas, but on domain.

    Posted in Uncategorized

    Direct Message’s copy-to-self new feature

    A new feature is available from latest twister repository (both twister-core 0.9.26 and twister-html must be updated), it is called “Direct Message copy-to-self”.

    DM’s copy-to-self will allow users to safely store the private messages they send and also sync these messages between twister instances.

    Originally, the sent DMs were discarded, only a local copy were kept in order maintain the user interface sane… However, if one erases his own local twister directory, the sent DMs are lost. Only the recipient would be able to decrypt them back from torrent.

    The new idea, which was suggested and partially implemented by @denis (github @dryabov) fixes this by sending two copies of the message: one is encrypted with recipient’s public key and another one is encrypted with our own public key. Because the encrypted data preserved by twister network, it may be recovered later.

    For users who want to revert to old behavior should just go to options page and disable “Direct Message’s copy to self”.

    Posted in Uncategorized