Slashdot Mirror

If one there was an organization that cared about freedom they might create an alternative to DNS. But, alas, that's just a fantasy.

It's really just a short-term game (in the grand scheme) because in 100 years we won't use a centralized name system.

If you want to see something cool, look at what the GNU project is working on with the GNU Name System. Still early days there, but sooner or later they or someone else will get a decentralized system up that really puts the traditional system on its ass.

sometimes

It depends on your definition of sometimes.

https://gnunet.org/tor2013tum-video

Not that I have any novel ideas on how that can be done....

How about the protocols underlying Freenet, GNUnet et al? There are actually plenty of anon-P2P proposals and prototypes out there, they're just not as popular yet.

Much noise has been made about cryptographic trust relationships, but the fact that none has ever materialized in P2P over the last decade+, indicates it's not as easy of a problem as people would like to believe.

Indeed. There's a whole section of papers dedicated to the problem of trust and accountability in P2P networks on the gnunet website.

You don't need encryption, you need anonymity.
There are a few networks like OneSwarm and GNUnet and you can run a Gnutella network or BitTorrent on top of I2P. Don't expect to find much, though.
You can also sign up for an anonymous VPN service like Relakks and continue to use whatever you are used to.

GNUnet is another one, personally I like it more because it does not store not requested chunks on your local hard-drive (if you configure it not to do that). This means you don't help with all that child pornography. But, you do route data packages to create anonymous traffic.. so in the end you are still helping.

I would like to see a network where you can democratically decide wether something is right or not, where you can say: I don't like this content and I will help in finding who is distributing it if any node asks for my help in doing that.

People don't get it, if content needs to be delivered. It should be delivered using some other method than traditional web, which is easy to block. How about using Freenet, they just released new version. It's much much harder to block than traditional http/https. Freenet: http://freenetproject.org/ For Filesharers there is GnuNET. GnuNET: http://gnunet.org/

Wikileaks is a good place to start. Another impressive project is GNUNet. The folks working on it have really thought through the technical requirements for robust support of free speech. It is a thing of beauty.

http://gnunet.org/
http://gnunet.org/faq.php3?xlang=English

Wikileaks is a good place to start. Another impressive project is GNUNet. The folks working on it have really thought through the technical requirements for robust support of free speech. It is a thing of beauty.

http://gnunet.org/
http://gnunet.org/faq.php3?xlang=English

I see this as a brilliant example why the internet must remain a horrible offensive waste of time instead of a government regulated squeaky clean educatin' machine. ... It just saved Guatemala from being led by a murderer. Think about that.

Well said.

After thinking about that, install this:

http://gnunet.org/
http://gnunet.org/faq.php3?xlang=English

I see this as a brilliant example why the internet must remain a horrible offensive waste of time instead of a government regulated squeaky clean educatin' machine. ... It just saved Guatemala from being led by a murderer. Think about that.

Well said.

After thinking about that, install this:

http://gnunet.org/
http://gnunet.org/faq.php3?xlang=English

It's been done. GNUnet.

It's the Anonymous network dance!

You can share if you want to
You can slow down to a crawl
But at least you will be safe
Sixty-five kay in a cave
But detection chance is small!

http://torproject.org/
http://www.i2p2.de/
http://gnunet.org/
http://freenetproject.org/

I do not see how using bittorrent would protect you. Contrary to what the RIAA and cronies say, all "illegal pirate" P2P programs don't make you untraceable. In fact, bittorrent very much does not. That protocol was made to keep download sites from being slashdotted, it does nothing to hide where your file came from. There have been some attempts to sort of make it that way, but I don't think they have been a success.

Use Freenet for that, as it was designed to hide who or where the file came from and muddy the legal waters as to whether they can evade enough reasonable doubt to arrest you. I suppose it may make it hard to sue you as well if you don't announce who you are. In fact, we should all be using Freenet for discussion, since it would make censorship of what we say difficult. Only problem: last time I tried it, it was a pain in the ass. I think they also have a closed development model, which explains why its progress is slow. They are still at version 0.7, isn't that 5 years old?

There is also GNUnet. Haven't tried it or heard much about it, and frankly many official GNU projects suck, but maybe it will take off somehow?

I think the thing is publishing the protocol. I am not sure the Freenet project has done this (in any digestable form, anyway), so I don't see how development can move forward since very few are able to work on it. GNUnet published a bunch of papers about their protocol, so I think it may be possible for others to write alternate implementations. Sort of like how the gnutella protocol was reverse engineered, and it became one of the most used P2P system, except the GNUnet people were more open from the beginning...

Though I am looking for something like this which will be a success. I am not sure where to go. So far, Freenet or GNUnet seem to be the best chance for freedom of speech on the Internet.

I do not see how using bittorrent would protect you. Contrary to what the RIAA and cronies say, all "illegal pirate" P2P programs don't make you untraceable. In fact, bittorrent very much does not. That protocol was made to keep download sites from being slashdotted, it does nothing to hide where your file came from. There have been some attempts to sort of make it that way, but I don't think they have been a success.

Use Freenet for that, as it was designed to hide who or where the file came from and muddy the legal waters as to whether they can evade enough reasonable doubt to arrest you. I suppose it may make it hard to sue you as well if you don't announce who you are. In fact, we should all be using Freenet for discussion, since it would make censorship of what we say difficult. Only problem: last time I tried it, it was a pain in the ass. I think they also have a closed development model, which explains why its progress is slow. They are still at version 0.7, isn't that 5 years old?

There is also GNUnet. Haven't tried it or heard much about it, and frankly many official GNU projects suck, but maybe it will take off somehow?

I think the thing is publishing the protocol. I am not sure the Freenet project has done this (in any digestable form, anyway), so I don't see how development can move forward since very few are able to work on it. GNUnet published a bunch of papers about their protocol, so I think it may be possible for others to write alternate implementations. Sort of like how the gnutella protocol was reverse engineered, and it became one of the most used P2P system, except the GNUnet people were more open from the beginning...

Though I am looking for something like this which will be a success. I am not sure where to go. So far, Freenet or GNUnet seem to be the best chance for freedom of speech on the Internet.

• Tor: Onion-based routing that acts as a proxy layer between the client computer and the Tor network. http://tor.eff.org/
• I2P: Also known as the Invisible Internet Project. The network is regarded as a message based system. http://www.i2p.net/
• FreeNet: is a distributed information and storage retrieval system designed to address the concerns of privacy. Freenet is designed to be anonymous and totally peer to peer. http://freenetproject.org/
• GNUnet: is a P2P network that can support many different forms of peer-to-peer applications. http://gnunet.org/
• Open VPN: is where one can use software that encrypts your traffic on a server created in another country instead of the one you are in. http://openvpn.net/

There are other programs and if you do not want others knowing what "traffic" you carry then you would be wise to use them.

the next step in the war is to build apps that obfuscate their activity. make it look like http form requests. make it look like smtp traffic. randomize ips, obfuscate ports, etc.

And, of course, various efforts are already underway.

This projects has been worked on for years now. I never read their papers, so I can't comment on the technical side, but they surely designed it for decentralization and anonymity:
http://gnunet.org/

OFF is really just obfuscation. Also, the instructions how to put the non-copyrighted parts together are distributed openly, leaving the publishers vulnerable. Users seeking real security should go for anonymizing networks like Tor or GNUnet

Hey Pirate Bay folks, here's my list of feature requests for the new version of your open source torrent protocol:

ONION ROUTING:
1) Implement Onion routing (aka: Tor / anonymize the sources) as a built in feature.
2) Onion Routing should, where possible, try to use exit points and middle points that have roughly the same amount of bandwidth as you, otherwise torrenting will not become a reality through Onion Routing. So some kind of peer bandwidth algorythm needs to be incorporated.
3) Onion routing should be on by default, and each user should also become an exit point and donate 30% of their bandwidth to this. This will greatly increase the number of exit routers & provide this as a defacto alternative, as opposed to just some obscure security feature for the 31337 (hackers & government homeland types).
4) Individual site upload ratios, should take into consideration that fact that you are an exit point and some portion of that 30% should be counted toward your uploaded bytes ratio (even if traffic is going to other sites)... in other words, help promote torrent security = get bonus points from private trackers.

SIMPLIFY ISP SHAPING BYPASS
Background: Forcing protocol encryption isn't enough these days; some ISPs are shaping or even blocking torrent traffic by methods such as sending TCP RST packets to close a session, or their infrastructure auto-analyzes your encrypted traffic patters and if they are high bandwidth, very encrypted and on for long amounts of time to the same destination you get flagged & shapped (regardless of the fact that you could indeed be doing something legal)

1) There's a page on Wikipedia that lists all the "BAD ISPs" (http://www.azureuswiki.com/index.php/Bad_ISPs). This is a list of ISPs internationally that in one way or another shape your bitorrent traffic (Comcast anyone?). We need to be one step ahead of these ISPs and render their multi-million dollars worth of shaping infrastructure useless - sooner rather than later - sooner so that they can't make up for the ROI on all that gear they purchased. If the ROI fails, the next time engineering dept approach CEO for X dozens of millions more, they will get declined and we (torrent community) will win.

2) This site breaks down "throttling" into 5 different categories or ways in which the ISP can throttle you... each listing the bypass method.
http://www.azureuswiki.com/index.php/Avoid_traffic_shaping#Escalation_of_the_crypto_settings
Note that level 5 (the most aggressive shaping method known so far) is only bypassable by a single client today (Azeurus), utorrent to my understanding can not bypass this.

Anyway my point with these above 2 items is that these facts need to be considered:
1. The number of ISPs throttling internationally is already large and growing larger
2. Your new torrent client needs to simplify bypassing these various levels of encryption so that it can be adopted by the masses. If it is not adopted by the masses (rendering ISP throttling useless), the ISPs will have won.

I don't have time to type more, so please research what other clients out there (beyond just torrent) are doing and borrow ideas from them.
Here's a brief list of intelligent encryption/anonymous software out there to investigate:
RODI: http://slashdot.org/article.pl?sid=05/06/01/1252232
MUTE: http://mute-net.sourceforge.net/
ANTS: http://antsp2p.sourceforge.net/
GNUnet: http://gnunet.org/
I2P: http://www.i2p.net/
FreeNet: http://freenetproject.org/
TOR: http://tor.eff.org/

THanks and good luck!

i am certainly not a nascent-japanese-rival-to-the-internet fanboy.

And it certainly wasn't my intention to suggest otherwise - apologies if it came across that way.

what would it be like if we designed the internet today, but with a more "optimistic" approach? i don't know if it would change anything, or if it's even possible, but it would cool to find out.

Well, I think it would be a lot easier to censor, a lot more vulnerable to pharming attacks, less resistant to inter-ISP squabbles where one decides to drop the other's packets, and you'd still have the problem that the "last mile" would be in the hands of either your local phone company or cable TV co, with all the problems that implies.

Which isn't to say they shouldn't do the research; research is always good. But I think it's important to understand the distinction between the protocols the internet runs on, the servers and routers, and the wire used to carry the signal. The "Internet" is protocols and servers and routers. But the problems you've describes are about the wire - and you'll have to use that same wire to connect to any other network, unless you want to spend a lot of money, anyway.

perhaps what is needed (if indeed anything is needed at all) is not a new and separate internet, but a kind of ad-hoc inter-network of peers that is isolated and possibly insulated from the internet, like some sort of giant darknet.

Sounds like you'd like freenet and GNUnet.

Pirate bay has said that if they are sued they'll move to a country that will allow them to exist with out being accused of wrong doing.

Yes, but which country would that be? Even Russia caved in and bowed to MAFIAA/US pressure regarding allofmp3.com, to be part of the WTO. DMCA/WIPO like laws are spreading worldwide like the plague. Wouldn't it be the ultimate irony if TPB found asylum, not in "free" countries, but in countries like Cuba, Iran, North Korea..., who would oppose the US government's IP-bullying on a matter of principle? Hey, even Venezuela could be possible; that's the best way for Chavez to irk his friend Bush!

But seriously, the solution here is, of course, trackerless bittorrent, or, even better, a totally distributed, anonymizing and encrypting network; something like GNUnet once it's ready. The more they target the trackers now, the more it'll spread everywhere. Just like mercury.

In other words: instead of seeking out the one master-hash for the file,
your P2P is looking up the thousands of chunk hashes.

If that's all you're doing, then GNUnet does that already. For MP3 files with different ID3 tags, the first 99% of the file is exactly the same. But if you have something more complex, like the same movie with different subtitles, then you have to find similar pieces which are scattered around at different offsets.

...and here are some more softwares and guides related to privacy, pseudo/ano-nymity and security:

tor.eff.orgonion routing anonymizer
www.i2p.netsecure/anonymous interactive network
freenetproject.orgsecure/anonymous distributed file system
www.turtle4privacy.orgf2f peer network
gnunet.orgsecure p2p infrastructure
www.cspace.insecure p2p infrastructure
www.openswan.orgVPN with opportunistic encryption
silcnet.orgsecure internet live chat
ihu.sourceforge.netp2p VoIP with crypto

wiki.noreply.orgHow to give anonymous talks
azureus.sourceforge.netazureus over p2p
cryptnet.netguerrilla software development how to

GNUnet is an open P2P network, yet it allows for free exchange of _any_ kind of information, without the potentially troublesome legal issues. ;)

Note that GNUnet is not mentioned, and I hear there's some good stuff on there these days too! ;)

It's not anonymous, and apparently it never will be. Although it seems like anonymous file sharing would be a straightforward problem to solve, the FreeNet project has been working on this for, what, five years now? They have yet to produce anything usable, or even anything approximating usable. Others have tried as well, and none has produced anything that can actually be used for actual file sharing. I'd like to help, but at this point, I wouldn't even know where to begin...

Why re-invent what already exists?

But rest assured, the traffic analysis is child's play. If ISPs want to stop BT traffic, encryption won't present any impediments.

On the claims that this gives us nothing new but the ISP part, RTFA again:

The legislation, approved by Congress on Thursday, toughens previous provisions. An early May circular from Spain's fiscal general del estado, or chief prosecutor, allowed downloads for purely personal use.

Now Spaniards caught grabbing content from, say, eMule, will have to reimburse rights holders for losses --- although such losses will be difficult for authorities to track.

"Pirate Bay will reappear in Ukraine, Russia, The Netherlands and three other countries."

Warez sites are moving about to other countries, and some are even popping up on Freenet now. I think anonymous p2p will be the next main phase.

The first phase was napster (centralized in many respects), then second generation p2p was gnutella and emule, and now the third generation has Freenet, I2P, GNUnet, Rodi, AntsP2P, Mute, etc. Even if you're not interested in the issue the back and forth conflict between the media companies and programmers is interesting - I wonder who'll win out in the end.

GNUnet (GNU's anonymous P2P) also participates in the SoC. Ideas are here.

It performs well and is actually pretty usable for downloading files. Oh, and it's had this particular feature for at least 6 months. http://www.gnunet.org/.

There is no such thing as anonymous file sharing.

These guys don't agree.

http://www.gnunet.org/

My money's on gnunet. Not only does it have the whole anonymity thing, but it also actually works quite well as a filesharing network.

• Tor: Onion-based routing that acts as a proxy layer between the client computer and the Tor network. http://tor.eff.org/

• I2P: Also known as the Invisible Internet Project. The network is regarded as a message based system. http://www.i2p.net/

• FreeNet: is a distributed information and storage retrieval system designed to address the concerns of privacy. Freenet is designed to be anonymous and totally peer to peer. http://freenetproject.org/

• GNUnet: is a P2P network that can support many different forms of peer-to-peer applications. http://gnunet.org/

There are other programs and if you do not want your "private details" known then you would be wise to use them. In addition, anyone who thinks their private data that is held by organisations and government departments is safe whether there is a "Data Protection Act" or not then they should think twice for example the "National Security Agency eavesdropping on Americans incident". This is not the first time nor will it be the last time that such incidents will occur. Without being anonymous, we can never have true freedom of speech.

You can always use eMule (win32) / amule (linux/max/e.a.) Shareaza (win32) or limewire (win/max/javathingy) to perform those searches for you.

The music labels got to realize if they push the p2p networks too hard the p2p clients will go underground into anonymous networks

Maybe it's time for you to start using Anonymous p2p networks like GNUnet...

Gnunet is here and working. Fully usable as a P2P network, not as fast as unencrypted but close. I haven't tried using it in pure friend-to-friend mode but the functionality is there. And of course it has all the things you'd expect from an advanced P2P network, searches for automatically extracted keywords, signed namespaces where you can publish content anonymously but show that it's all from you, directories, etc.

...towards more fancy looking interfaces
http://gnunet.org/screenshots.php3.

I've found gnunet better for actual use. Freenet people spend a lot of time "advertising", talking about freedom, but the actual network is useless. Gnunet is an anonymous, encrypted network that already supports pure F2F use, multiple transport protocols (not just TCP (with NAT support, of course) and UDP but also tunneling over HTTP and even SMTP), also a graphical client (which has just been rewritten to use glade and improve usability) rather than the goofy "access it through your web browser" method of freenet. Naturally there's also a command line client for scripting. Other nice features are digitally signed namespaces, so you can get your files from a reliable source, directories allowing you to group a set of related files, content migration while still allowing sharing local files in the traditional manner, rich metadata, and a reward system for those who upload. I've found it far superior to freenet as a usable filesharing network. Give it a look.

The major downside to this, as I see it, would be that it places a signifigant burden on the indexing server, as now it not only has to determine who is sharing what, but the credibility and anonymous source of that credibility for each of the millions of unique files on the service.

Exactly... The real sollution is to use one of those p2p networks that has already a reputation system embeeded into it, that doesn't rely on the reports but on the network itself. Check GNUnet, for instance.

Look at i18nHTML

Well, I think you're looking for this.

Other anonymous filesharing systems currently avaliable/in development

MUTE
ANTS p2p
GNUNet

and not specifically filesharing, but the I2P anonymity layer allows for anonymous bittorrent amongst other things.

Of these, I've found I2P is excellent, although requires a little time investment in setup, and MUTE seems quite promising - speeds are reasonable for an anonymous p2p system, but the user base is currently tiny. I've not had too much luck with ANTS, and haven't tried GNUNet

I think he means I2P. It's just a layer thing (there's an azureus plugin, but that still leaves you relying on centralised points for your torrents), and it's java, so I prefer gnunet, which works as a more conventional p2p network.