Slashdot Mirror


New Kazaa Lite Protects Identity

Denver_80203 writes "Found this story about the new Kazaa K++ 2.4.0 and it's new sister program which claim to protect your identity while sharing files. Any of you folk know how legit this could be? We all knew it wouldn't be long... is this the war or just another battle?"

11 of 668 comments (clear)

  1. Great! by indros · · Score: 5, Interesting

    Who wants to bet that the news won't report that filesharing has jumped back up %15, and then some with the advent of this.

  2. K++ edition by Webtommy88 · · Score: 5, Interesting

    Well K++ edition bascially contains a wrapper on the Kazaa application so that one can modify the memory accessed by Kazaa easily, and thus those who use K++ edition automatically has the K-Lite Master (1000) ranking on Kazaa. Its simply a matter of manipulating the values at the memory address.

    I would think that extending on that principle, they could write protect or just dump gabarge into the memory space where idenities are stored.

    Of course, I don't have the K++ source, so how would I know, it's just a theory.

    1. Re:K++ edition by toddestan · · Score: 4, Interesting

      Like most people, I have a fairly large download pipe (about 1mbps) while a tiny upload pipe (128kpbs). Thus, I have a rather large collection of files people want. Whenever I go onto P2P networks, my upload pipe is almost always maxed with lots of people qued up waiting to upload.

      What this article says is not entirely true. While the leechers do not harm or take anything away from me, they do take bandwidth away from the people who are not leeching. And I do not have infinite bandwidth, because even if I left my computer on 24/7, more people will que up and try to upload than I ever could upload to.

      Since I cannot upload to everybody, it is in my best interests to upload to the people who share. Because the people who share are the only one who will actually make the network grow. Also, when they share a file they uploaded from me, it also makes that file more available on the network and takes a little bit of the load off myself.

      So there are practical reasons to kick freeloaders , besides just the moral ones. If I truly had infinite bandwidth (I interpet that as enough bandwidth to send my files to everyone who wants them, regardless of them sharing or not), then maybe I wouldn't care about freeloaders. But since I don't, I will continue to block leechers from uploading from me.

  3. All this seems to do... by Stinky+Glen20 · · Score: 5, Interesting

    From the article, all this seems to do is some basic housekeeping to ensure that your search history is not stored, and interact with a database of IP addresses known to be used by the RIAA

    This doesn't seem to be anything revolutionary, or, interesting.

    If the services went through some kind of anonymizer, that would be cuter. Of course, the bandwidth demands would be huge.

    What may be an alternative is to produce a collaborative download system. I request a download, which is proxied by another random user (provided I return the favor). Even if you had RIAA sniffers, all that could be proven is that MY IP address downloaded something, but not the ultimate destination of the data.

    Of course, if I have illegal music on my PC, then I am still screwed. But I leave solving that problem to the reader :)

  4. Re:This isn't surprising. . . by nahdude812 · · Score: 4, Interesting

    Or a day to install AOL software, Earthlink software, Juno software, and many other popular ISP packages, then dial up to various cities across the country, foot the long distance charge, and tack it to the next lawsuit filed against some teenager. If they can get subnets for these guys kicked off the network, then they win this battle, and use the networks' attempts to protect themselves as a weapon to cause the network to shut down huge portions of itself.

  5. Re:This isn't surprising. . . by deman1985 · · Score: 5, Interesting

    Next move I see is for a single source to be limited to providing 20 seconds of a particular music file so that we can take advantage of more fair use laws.

    Really, I'm not sure why I haven't seen this used yet. Almost all the major sites out there that provide music content will let you play a 10 or 20 second sample of the music for free (and as far as I know, they don't have to license it), so why can't filesharing system users legally do the same?

    It just so happens that each user has a different clip... and the software is intelligent enough to piece them back together into one music file instead of me having to do it by hand ;)

  6. The RIAA's Not-So-Secret Agenda by plasticmillion · · Score: 4, Interesting
    Actually the RIAA has been quite upfront regarding their plans to sue the pants off offenders. They have stated repeatedly that they plan to go after users who are sharing tons of files, not the zillions of normal users, which makes sense since supposedly a small minority of big sharers supplies the vast majority of files on the networks.

    From this perspective something like a proxy for file transfers is not so important (not to mention fairly impractical). If other users can't see your full library and can't see your IP address in their search results (the latter might enable smart bots to "guess" what your library contains), the only way they can determine that you are sharing massively is to download tons of files and see which IP addresses crop up. This is because they will only see your IP when they actually start downloading.

    All this to say that with the latest changes in K++ and Kazaa Lite, even big time file sharers can probably rest easy.

  7. Submitted for your approval: by DuckDuckBOOM! · · Score: 4, Interesting
    In a future release of [your favorite P2P app], an option which presents to peers requesting downloads or file lists one of those pseudo-word-containing images you see on eBay and Ticketmaster to block bots. The requestor has to type in the character string he/she/whatever sees to get the file or list. This wouldn't stop RIAA scans, but would sure as hell slow them to a crawl by de-automating the scan process, without substantially impacting a normal user. The only serious downside I see is that this method probably busts a patent somewhere. Is there a way to avoid that?

    Sanity check, anyone?

    --
    Life is like surrealism: if you have to have it explained to you, you can't afford it.
  8. Blacklisting RIAA's (and friends) networks by Aceticon · · Score: 4, Interesting

    Actually the thought just came to me that an interesting way to fight back would be having filesharing software somehow totally blacklist access to suspicious networks at the PC level (meaning not only filesharing - everything).

    The blacklisting should be done at a higher level than machines only - the whole network of the ISP providing RIAA with access should be blacklisted if one or more machines in the network are being used by RIAA (or related entities) to scan for filesharing.

    Also, the user of the filesharing program should be given a choice - "Do you want to block access to and from networks where RIAA is scanning filesharers (Yes/No)?"

    My basic idea goes down to a bit of social engineering - please follow me on this one:
    - RIAA contracts with an ISP to provide it with network connectivity to the Internet.
    - RIAA then uses machine(s) over that network connection to scan filesharing networks.
    - Said activity is detected (exactly how i don't know)
    - The whole network for that ISP (or at least a significant portion of it) is blacklisted in millions of machines (all those running the filesharing app). This can be scalled up to bigger sub-networks (the ISP of the ISP) if needed.
    - Other entities hosted on the same ISP are also in practice cut-off from some of their (potential) customers. Mostly their websites are ineccessible from millions of machines. This is especially bad for online shops and ASPs.
    - They complain to the ISP.
    - The ISP, faced with the choice between keeping RIAA as a customer and loosing several other customers or simply dumping RIAA will find that the choice that makes more business sense is dumping RIAA.
    - Eventually, RIAA and it's associates will become persona non grata to most ISPs (as in, they choose to not take RIAA's business).

    The nice thing about it is that it's all absolutelly legit:
    - Each individual user chooses to accept an autometed cut of contact with those networks that provide access to filesharing scanning. Everyone is in their right to do so.
    - ISPs choose to not sell their services to RIAA. It is their right to do so.

    Now, this whole theory has some holes in it, and a couple of weak points (not to mention no solutions for the technical problem) - still, a distributed, voluntary system that makes it bad business for ISPs to provide access for companies that do filesharing scanning would leverage the power of those "hundreds of millions of users" of the filesharing apps.

    Comments please ...

  9. Do the EULA by Zangief · · Score: 5, Interesting

    Why don't we put a EULA in the new Kazaa programs, which say something like this:

    I don't belong to any organization related to RIAA.... I won't use any information obtained from the use of this program, or the study of the way this programs works, to sue others users of this or related program... I don't suck

    And then require, from some point in the near future, that everyuser of kazaa has accepted this EULA

    IANAL, and I don't know how an EULA like this would stand in a court, but should work for a time at least.

    In the worst case, if the EULA doesn't stand in a court, it would provide a good case against crazy EULA's

    It's a win-win!!

  10. trust and reputation management by mr_burns · · Score: 4, Interesting

    I believe the next major advance in P2P technology will be the inclusion of reputation management / trust relationship technologies.

    How do you know which IP's to blacklist? How do you know that the file you're downloading isn't a trojan?

    I don't think the answer is in a centralized database of 'evil-doers'. That's an arms race that can eventually get everybody censored. Especially with dynamic IPs.

    What needs to happen is you have to earn a reputation before you end up in those search results. You do this by people vouching for the quality of your files and not being a mole. Trust is gained by WHO vouches for that person and their metric of trustworthyness.

    There should also be an option to restrict access to a given file to those within your web of trust so when the death squads in your country are looking to kill people serving up books about democracy, they can't just do a search real quick.

    After we achieve a trust framework. I believe the next step will be dealing with traffic analysis. However, I'll rant about that when the time comes.

    --
    "Let him go, Ralph. He knows what he's doing." --Otto Mann (simpsons)