Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Kazaa Lite Protects Identity

Posted by CmdrTaco on from the can-you-guess-who-i-am dept.

Denver_80203 writes "Found this story about the new Kazaa K++ 2.4.0 and it's new sister program which claim to protect your identity while sharing files. Any of you folk know how legit this could be? We all knew it wouldn't be long... is this the war or just another battle?"

14 of 668 comments (clear)

  1. Kazaa K++ is an excellent program by Ice_Balrog · · Score: 5, Informative

    I don't know if Kazaa K++ can hide your identity, but what I do know is this: Kazaa K++ is an excellent program. It is so much better than vanilla Kazaa. No ads, spyware, many cool features make it a great program.

    --
    #include "sig.h"
    1. Re:Kazaa K++ is an excellent program by aldousd666 · · Score: 4, Informative

      I was going to mod you down, but instead I'll be informative. Spyware can be detected by checking the network connections, and/or sniffing packets. I'm sure somewhere out there (people who work for kolla.de or lavasoft) people are already doing this. You can't hide spyware from a hacker. If you don't know anything about what I'm saying, try netstat -a at a command prompt (dos) you can see your incoming/outgoing connections. If you do it with Cydoor enabled kazaa, you'll notice some shifty odd IP addresses, which you can investigate further by jumping on a linux box and 'dig'-ing for the source, or nslookup them on you windows box (far less complete) to see who is connected to you. Some programs may hide spyware in the connection to their servers, which would be the way that it would have to in the new Kazaa in order to appear spyware free, but the guys with the packet sniffers would eventually dig this out as well. If they say it's spyware free, they'd better not be lying, becasue they will eventually be exposed.

      --
      Speak for yourself.
  2. How? by bazik · · Score: 4, Informative

    How can you hide your identify on a Peer2Peer system where other users get your IP when they connect to your machine to download stuff (for backup reason of course)?

    I doubt there is a way... netstat kills your privacy :P

    --


    --
    One by one the penguins steal my sanity...
  3. Re:Still isn't available for Linux though... by SugoiMonkey · · Score: 5, Informative

    mldonkey is pretty good and has Fast Track (meaning Kazaa) support.

  4. Re:Still isn't available for Linux though... by drgroove · · Score: 4, Informative

    Limewire

    Runs on anything, has a decent following, so there's a good chance the song/file/app you're looking for is available.

  5. Re:This isn't surprising. . . by Karamchand · · Score: 4, Informative

    It is optional. You can find the option in Options => Kazaa K++ Options => K++ Options => User's [sic!] can't get a list of all your shared files checkbox.
    HTH!

  6. anonymity is available by stinky+wizzleteats · · Score: 4, Informative

    In other P2P networks. Freenet and GNUnet both offer crypto and anonymity. Freenet isn't a P2P app in the pure sense. It's more of an underground www. GNUnet has better anonymity (theoretically - due to it's ability to resist traffic analysis attacks), but it is a younger project.

    When it's time to retreat from gnutella, these represent the next stage in the information war.

  7. Re:Check out UDPP2P by stikves · · Score: 5, Informative

    Please forgive me if I'm wrong, but UDPP2P does not seem to be "promising".

    I've checked the web site. It basically says "we broadcast all the queries and if someone has the file we meet each other by using secret codes hidden in those queries".

    A peer-to-peer network that does queries in terms of network-wide broadcast is always doomed to fail. Gnutalla failed (and was redesigned) the same way. Even Novell NetWare was unable to scale because of SAP (service advertising protocol).

    Nevertheless, the web site says "peers will somehow know each other". This is also a big problem in P2P networks. -- No design only big words.

    Anyways, if I were you, I'd use freenet. It's anonymous, and it works much better than the scheme explained on the web site.

  8. Re:Still isn't available for Linux though... by Dave2+Wickham · · Score: 5, Informative

    May I point you to giFT-FastTrack?

  9. Re:umm by DoorFrame · · Score: 5, Informative

    Only law enforcement agencies can be accused of entrapment. There's no such thing for a non police corporation. They can entrap all they want. Remember, you're going to be going to civil, not criminal court.

    --

    --
    RumorsDaily
  10. RIAA Should be commended by ShineyNewSlashdotAcc · · Score: 5, Informative

    It aint gonna work. The reason is simple : The rules have changed. Distribution of music is now much easier and cheaper than before and a large chunk of the old distribution network is *no longer necessary*. This is totally irrelavent as to weather or not this new distribution model is legal or not. It is happening. It probably cant be stopped(I mean the software industry tried and failed thru the 80s/early 90s)

    So now the RIAA have several choice.

    1. Try to roll back the technolgy that enables this new distribution channel. This is possible but not very likey.

    2. Use more draconian law enforment techniques. Posibble but I mean whata ya gonna do... start sending colleage kids to prison ? For what stealing a Brittney track ? Is this what we want ?

    3. Try to adapt to the new medium. Be creative and come up with new profit channels that take advantage of the medium.

    Personally I dont think 3 is very likely either... I think RIAA is going to have to be dragged kicking and screaming into the 21st century.

  11. !!!WARNING!!! New Kazaa-Lite turns file sharing on by fmaxwell · · Score: 4, Informative

    I installed the new version of Kazaa-lite and it apparently turned filesharing on even though I had disabled it previously. (Note: I say "apparently" because I did not check the setting immediately prior to the installation and it is theoretically possible that some other process had turned it on.) This was done despite the claim on the website that "You can just install this on top of a current Kazaa Lite installation. That way all your settings will be remembered."

    While people can debate the ethics of not sharing, how it affects the viability of P2P networks, and so forth, it should still be an individual choice.

    Turning on filesharing without the explicit permission of the user could put the user in violation of the policy at their ISP or their work. It could put them in violation of federal, state, and local laws. It could open up a big security hole, causing the user to share files that they never intended to share. This is not something that should be done without the user's knowledge and permission.

  12. You don't have to give them an IP... by wirelessbuzzers · · Score: 4, Informative

    Actually, the folks at UDPP2P had an interesting idea in this regard. The client negotiates through the search network to find a server, but doesn't gets that server's IP. The server sends the data via forged UDP packets, encrypted, with some extra code to correct for out-of-order and dropped packets.

    I think there was a paper on /. a while ago about a similar method of sending data; you take a big, not quite square matrix M and multiplied the data file by it, getting a bunch of rows; you send these rows along with row IDs; once the receiver has enough of these rows, he can construct (using the row IDs) the inverse of the submatrix of M that spawned them, and derive the original message, even if the rest were dropped or corrupted. VanderMonde matrices work for this, although I imagine there's a sparser solution.

    Of course, your ISP/firewall wouldn't necessarily be happy about sending out all those fake UDPs, and many university networks throttle them. Also, the ..AA can still set up a fake server which logs you, since the server knows the client's IP, unless you proxy, which would cost in bandwidth. Or, you could send it to someone on the receiver's subnet and let them sniff, which wouldn't entirely give away their location.

    Perhaps one should point out that this is practically a new internet protocol, requiring root access and stuff... it might be better for them just to use IPSec with address hiding.

    --
    I hereby place the above post in the public domain.
    1. Re:You don't have to give them an IP... by tomtomtom · · Score: 5, Informative

      This is a really good idea. You can extend it to make it even better though.

      Part of the good thing about the erasure-correcting code approach is that if you use a big enough very low-rate code (although its quite tricky to do that with good CPU and memory efficiency) then you can have downloading from several servers concurrently without having to tell each server which parts of the files you want (just send random parts of the encoded data and theres a low chance of overlap from multiple servers).

      Now, here's the clever part: you use IP Multicast with multiple sources spoofing the same sender address. This means that (a) you save quite a lot on bandwidth since many P2P clients will be downloading the same source file (this is important since a big reason many ISPs and Universities have banned P2P is the bandwidth); and (b) it is MUCH harder (not impossible, but hard enough if you are not an ISP or a router at the very end) to find out who either the source or the destination is.

      I don't know if anyone has thought of this idea and tried to implement it. Someone should; maybe I'll give it a go when I have time.

      PS. There is a sparser and more CPU-efficient solution than VanderMonde matrices, look for Low-Density Parity Check codes.