Japanese P2P Users Arrested, Creator Targeted

nutznboltz writes "According to a story on CNET Asia, two Japanese users of the Winny P2P application have been arrested for copyright violations, and the developer of the P2P software has also had his home searched by police. Winny was 'supposedly anonymous', and purported to be based on Freenet, although Freenet creator Ian Clarke is claiming that Winny is not really like Freenet, and that he's 'not concerned that the Japanese police have somehow found a way to compromise Freenet's security'."

This is an outrage!

[Channard]

This must stop! If this continues, the P2P world's supply of tentacle rape porn and mech video clips could dry up overnight!

Re:This is an outrage!

[JohnFluxx]

where do I find tentacle rape mech video clips ? Sounds interesting

Re:This is an outrage!

[Walterk]

Don't worry, I've got a secret stash to avoid drying up overnight!

Share and enjoy!

Re:This is an outrage!

http://story.news.yahoo.com/news?tmpl=story&cid=57 3&ncid=757&e=1&u=/nm/20031203/od_nm/germany_cannib al_dc

Re:This is an outrage!

[fenix+down]

In Taiwan, the International Federation of the Phonographic Industry (IFPI) has sued three P2P users who are said to have shared files on the locally-popular Kuro and Ezpeer networks.

Let this be a warning.... to you!

Re:This is an outrage!

[mOdQuArK!]

Dunno - watching giant robots getting raped doesn't really do it for me.

Re:This is an outrage!

In previous this entry( KoKoRo: Two "winny" users arrested), ZDNET Japan reported one of person in charge on this project of arrresting two users.

First strength of winny's encryption. Among users of winny they doubted the decryption of the encryption used on winny but Shunsuke Sakata, the PR guy of ACCS, said that japanese police developed the tool to decrypt the encryption of winny. Winny is developed by basic architecture of winny thus following to ACCS the encryption of freenet can be solved by this police.

Beyond that Sakata said, if user join the network consisted of winny application, it implied that user want to share something illegal automatically. Hence these user can be suspects with no exception.

Finally He refered a founder of winny. He insisted that a typical software developer who creates a software never goes to a jail but if he never think the DRM solution over file sharing application, this is a problem.

They are three advocacies of ACCS. A user who share just files over "Winny", they may be arrested. A developer of something have to take a responsibility to DRM solution. I do not under stand competelly. This is a tragedy for not only geeks but also every one internet users.

Re:Piracy is a crime

[Negatyfus]

You just voice anti-Slashdot opinion somewhere else, mister! We have learned to like our daily share of "same story, different country" posts!

MOD DOWN, troll

1. p2p isn't piracy or crime, just like everything else it can be used to violate laws, so p2p != piracy.

2. copying software isn't theft or crime, it's just copyright violation (I'm not saying it's cool, it's just not a crime)

Re:MOD DOWN, troll

[RumpRoast]

But if you read the article, they were arrested for sharing very specific items, namely an Nintendo game and a feature film. That is piracy, regardless of the p2p enabler.

Also, although IANACL isn't copyright violation a crime? So I can just violate copyrights willy nilly and get away with it until I'm slapped with a civil suit?

Re:MOD DOWN, troll

I had to read through the U.S. copyright law stuff a week or so ago, so I have a minimal amount of knowledge on this (I am not a lawyer, of course). Copyright violation is a criminal offense sometimes for the distributor, if a minumum amount of retail value worth of goods (among one or two other conditions) can be proved to be willingly distributed. For the recipient, I think only civil law applies.

Re:MOD DOWN, troll

[throwaway18]

>copying software isn't theft or crime, it's just copyright violation

It's a crime here in the UK. It was changed from a civil offense to a specific crime around about 1990.

Freenet/Winny

[TheJaff]

Considering the un-userfriendly state Freenet is right now (not being able to "search the [free]net") it would have been a huge accomplishment to completely base a P2P software on it. So my guess is that Winny more or less just mention Freenet for recognition purposes.

Re:Freenet/Winny

[Troed]

You can search Freenet _exactly_ in the same way you can search the World Wide Web. If you use a messageboard/filesharing application on top of Freenet (like Frost) you can search with a nice little search box per board or in all of them.

But please, why not post uninformed opinions on Slashdot and get modded up as Insightful :)

Re:Freenet/Winny

You can search Freenet _exactly_ in the same way you can search the World Wide Web. If you use a messageboard/filesharing application on top of Freenet (like Frost) you can search with a nice little search box per board or in all of them.

You just proved his point by thinking in the programmer mindset.
"IF you use a messageboard/filesharing application on top of Freenet" - but not if you haven't. You need to download and install a whole program to do something as basic as searching. This is nowhere near "_exactly_ in the same way you can search the WWW".

What we need to do is not to turn away from reality and claim Freenet is easy to use - instead we need to face it, accept the fact that its usability is low, and think of ways to improve them. Denial isn't going to get you anywhere.

Re:Freenet/Winny

[Troed]

... another uninformed person getting modded as Insightful.

Pray tell - how do you search the regular World Wide Web?

Via som sort of service that knows webcontent since it spidered it - right?

Guess what Dolphin's Freenet Index is ... and there are others.

So, no - I know perfectly well what I'm talking about. Freenet is just as searchable as the World Wide Web. Exactly.

Re:Freenet/Winny

[TheJaff]

Ok all I know is that when I tried out Freenet (admittedly some time ago but I DID actually install it and configure it) and downloaded some stuff you had to _know_ or _guess_ a tag corresponding to the data you were after. If this has changed in recent releases, I apologise for my alledged karmawhoreing.

Re:Freenet/Winny

[Troed]

When you install Freenet and go to your local gateway-page there are not one but two search engines linked. That's how you search WWW - that's how you search Freenet.

Or do you know of a way to search the World Wide Web that does not include using servers which have spidered the content? Please let me know.

Re:Freenet/Winny

[TheJaff]

[...] Or do you know of a way to search the World Wide Web that does not include using servers which have spidered the content? Please let me know.

Ok I will! (Man I love people being this "helpful" with absolutely no hint of sarcasm/bitterness at all.)

Re:Freenet/Winny

Alright, so there are spidered indexes, why did you mention Frost and neglected to mention the spidered index until being responded to? Oh well, bringing that aside, that brings me to another question: if a spidered index is available, why is it - The Path of Least Resistance for the majority of users used to navigation methods in the web - not featured prominently in the default install of FProxy, and instead we get a somewhat clunky huge-single-page index and a Yahoo-like directory?

Re:Freenet/Winny

[Troed]

I wrote: You can search Freenet _exactly_ in the same way you can search the World Wide Web. ... that's spidered indexes. It does seem like people here don't even know that that's how www search engines work.

I think TFE and YoYo are good enough for the FProxy frontpage - you can reach spidered indexes through them.

Re:Freenet/Winny

Your first post, by continuing the sentence with the mention of Frost etc, looked to imply that Frost provided spidered indexing. While apparently you didn't mean that, that was a pretty misleading sentence IMO.

And TFE and YoYo are good enough? There's that programmer mindset again. I repeat: spidered indexes are the Path Of Least Resistance for the majority of web users. Isn't this obvious enough that I won't have to go the lengths to back it up with statistics? Just because the user CAN reach a spidered index through directories does not mean the user WILL reach it - "CAN" is not interchangeable for "WILL". Eventually they may, but burying it down below defeats the whole purpose of being a POLR, and unlike ubergeeks, users DO feel hampered by extra complexity and steps, and their limit of patience is surprisingly low. That is the exact problem in Freenet that Winny aimed to eliminate - and so far, its popularity in Japan proves it has been successful in doing so.

Re:Freenet/Winny

Or maybe the current spidered index (which I keep getting a DNF) isn't stable or reliable enough? If that's the case, putting TFE and YoYo at the top I guess is acceptable - but not because they're "good enough", but only because "there isn't anything better".

Re:Freenet/Winny

[nutznboltz]

If you want a "more friendly Freenet" you should know where to find one.

Re:Freenet/Winny

[TheJaff]

Ohh.. we want to spare our precious karma now do we.. "AC".

First case of the Article not RTFA?

[The+Uninformed]

"I'm not concerned that the Japanese police have somehow found a way to compromise Freenet's security," Clarke

"..but probably not those that allow Freenet to protect user anonymity." Clarke

I'm confused, it looks like Clarke said Freenet's compromised and he doesn't care, and that Freenet isn't compromised.

Re:First case of the Article not RTFA?

[ErroneousBee]

Youre parser is broken. The first sentence can mean:

'Security is broken and I dont care'
or
'I dont care because security hasnt been broken'

His statement that FreeNet is not what the Japs were using indicates the second meaning is more probable.

Re:First case of the Article not RTFA?

I'm confused, it looks like Clarke said Freenet's compromised and he doesn't care, and that Freenet isn't compromised.

Um, no. What he is clearly saying is that he hasn't seen the technical specifications for Winny and so he can't say anything for definite about its architecture, but that a superficial look at Winny suggests that it isn't very close at-all.

Recall that there is nothing other than the claims of Winny's authors to suggest Winny has anything to do with Freenet.

Re:First case of the Article not RTFA?

The key word is "concerned": I think it's more a case of "I don't think they did", rather than "I think they did, but I don't care".

I could be wrong, but the first interpretation seems to be more consistent.

Re:First case of the Article not RTFA?

[DrXym]

It's hard to say what he means. However I wouldn't be concerned that some other programme paying lip service to the concepts of freenet means that freenet is somehow compromised as well.

After all, perhaps these guys thought they'd ditch some of the features to make P2P usable - Freenet would be hopeless for P2P because it is a performance slug (thanks to the number of hops etc. to fetch data) - and in the process compromised their own security. Or perhaps they were just idiots and boasted about getting warez using Winny on some monitored IRC channel which was enough to initiate a raid. Either way, it doesn't mean much for freenet without more information.

Re:First case of the Article not RTFA?

His statement that FreeNet is not what the Japs were using indicates the second meaning is more probable.

Check out the big brain on ErroneousBee! That's right, the second meaning is more probable, you're a smart motherfucker.

Now tell me, what does Ian Clarke look like?

Re:First case of the Article not RTFA?

[hsidhu]

Someone post a link to the application.

--lifes a bitch, then you die. thats why i like to get high.

Re:Piracy is a crime

[}}mons{{]

cant we make a software that is really designed for piracy? ie: users are really anonymous? i am afraid that the tentacles of RIAA might reach here in my country...

FEAAAARRRRRRRRRRRRRRRR.....

Uh oh!

[akura_au]

...while the teenager is being held for making the game Super Mario Advance available online.

Better ditch that copy of Space Invaders while I can!!

Re:Uh oh!

[the+uNF+cola]

Super Mario Advance != Super Mario Bros. It's a GBA remake of super mario 2 (not 3, right?).

Re:Uh oh!

[Frizzle+Fry]

It's smb 2 and also includes the original mario bros. (not to be confused with the original super mario bros.).

Uh, not quite...

[WIAKywbfatw]

Piracy is a crime and these folks were arrested for it. I don't see why this is news.

Uh, not quite. Software piracy may be a crime, but writing a P2P application, which has practical purposes for sharing files legally, isn't (as far as I know).

It's a sad day when writing a file sharing application is enough to get your house turned upside down by the police or get you thrown into jail.

Re:Uh, not quite...

[lennart78]

Uh, not quite. Software piracy may be a crime, but writing a P2P application, which has practical purposes for sharing files legally, isn't (as far as I know).

If the government feels it should prosecute writers of p2p applications because copyright infringment can take place with these, why not also go after the firearms industry, because people get shot by guns?

Re:Uh, not quite...

[Unleashd]

Hate to burst your bubble but

"two Japanese users of the Winny P2P application"

Emphasis Mine

They were only users and the article is saying that the software didn't protect their identity.

Re:Uh, not quite...

[tgt]

why not also go after the firearms industry

Because government profits from taxes they pay. As soon as you pay 0.01 cents per download government is p2p's best friend.

Re:Uh, not quite...

[MartinG]

Shooting people is a crime. Guns can be and are used in crime.

Software "piracy" is merely copyright infringement, which (despite the efforts of the media cartels) is not a crime. p2p networks are not being used for crimes.

So, if there is any restriction of tools to be done, starting with those that can be and are actually be used to commit crimes would be a good idea.

ie, restrict guns if you must, not p2p software.

Re:Uh, not quite...

[Tim+C]

why not also go after the firearms industry, because people get shot by guns?

Because the firearms industry is (relatively) huge, has lots of money, generates a lot of tax revenue, and has a few volunteer groups campaigning against it. In contrast, file-sharing tech is (relatively) tiny, has next to no money, is used by people to avoid paying for stuff and therefore generating tax revenue*, and has large, multinational groups with lots of money campaigning against it. Logic doesn't come into it, money does.

* Yes, I know, it has legitmate uses too, but they don't generate any tax revenue either

Re:Uh, not quite...

[Cocoronixx]

"and the developer of the P2P software has also had his home searched by police."

could you maybe, ust maybe RTFS

Re:Uh, not quite...

[psykocrime]

If the government feels it should prosecute writers of p2p applications because copyright infringment can take place with these, why not also go after the firearms industry, because people get shot by guns?

Please don't give these idiots any more ideas. It's hard enough being a law abiding gun owner already...

Re:Uh, not quite...

You seem to be confused. Government is not a for-profit operation. In fact, most of the government salaries for elected representatives are not that great compared with what those folks might make in a private profession. Not that they're shabby or anything, but you see my point.

Re:Uh, not quite...

[zurab]

why not also go after the firearms industry, because people get shot by guns?

Because the firearms industry is (relatively) huge, has lots of money, generates a lot of tax revenue, and has a few volunteer groups campaigning against it. In contrast, file-sharing tech is (relatively) tiny, has next to no money, is used by people to avoid paying for stuff and therefore generating tax revenue*, and has large, multinational groups with lots of money campaigning against it. Logic doesn't come into it, money does.

* Yes, I know, it has legitmate uses too, but they don't generate any tax revenue either

Replace "tax revenue" with "campaign contributions" and you are on the right path.

Re:Uh, not quite...

Japan does not have a firearms industry. It is illegal in Japan to carry firearms unless you have explicit authorization from the local authorities.

Re:Uh, not quite...

[tgt]

No sir, I think _you_ are confused. Although government is not for-profit organization, as you rightfully pointed out, they are in constant need of money to balance up a thing called budget. And there every penny counts.

Re:Uh, not quite...

[jesser]

Are there more gun owners or P2P users in the United States?

Re:Uh, not quite...

IF you have NOT read the news, the right of the citizens to firearms is under constant pressure.

Grassroot and non-grass roots groups have formed on both sides in the USA.

Those who are not friends of liberty seek to take away ALL of your liberties and rights in the name of security. It's that simple.

Searched by police?

[ceeam]

So - what did they intend to find? Or do they use it like intimidation of some sort?

Re:Searched by police?

[eneref]

Why, they expect to find evidence of a massive crime ring, of course. What else do police dream of?

Freenet is not save.

[Krapangor]

Clarke wants to save his face, but it's well known in certain circles that freenet doesn't provide 100% anonymity if the attacker has enough resources, e.g. a large ISP or the gov.
It takes some time, but you can determine the IP and stored data of a user.
But I don't think that this is so bad, in free societies such anonymizer tools are often abused by criminals, spammers and perverts and in oppressive societies the use of the tool gets you in prison anyway. The Chinese gov is not so stupid to get caught by the "hahaha - my data was encrypted, you can't prove anything"-argument.
So it's really no loss there.

Re:Freenet is not save.

Ummm...

China is NOT the same as Japan.

Yeah...

Re:Freenet is not save.

[jez9999]

The Chinese gov is not so stupid to get caught by the "hahaha - my data was encrypted, you can't prove anything"-argument.

Erm, that's not the point of Freenet at all. The point is more like 'hahaha - my data was routed through 100 random IPs before it received you, has absolutely nothing to indicate who wrote it, and anyone on Freenet can read it. So go shove your fascist censorship up your ass.' If the government could get round it, it would be very unfortunate indeed.

Re:Freenet is not save.

[Hobbex]

This is a complicated issue without a clear answer.

If you want to be theoretical, then yes, Freenet does not provide anywhere near "absolute" anonymity. In fact, it doesn't even provide the level of anonymity that is used when judging such things as anonymous remailers or mixnets.

Basically, Freenet purports to be "anonymous" because you files do not recide on the computer of the person who uploaded them, and because all downloads and uploads are chained and tunneled through each host involved in the transfer. That means that the host you download a Freenet document from just knows it got it from some other node, which got it from some other node, which got it through some other node, all the way back to the person who uploaded it. It certainly makes tracking the people upload and download things more difficult then on networks like Kazaa (where it is, as we have seen, trivial) but in theory, and with enough resources, it is of course not impossible.

It should be noted what Freenet does NOT provide however. Freenet does do what the serious mixnets reffer to as "Onion routing", which basically means that the message is wrapped in an onion of cryptographic layers, which are pealed off at every step. The idea behind this is only the very last node can see contents of the message, and only the first knows it came from you (and none of the other nodes know anything except where the message came from and where it went).

If you request something from Freenet, your node will call up another node and ask it for that file - if that node is controlled by the Feds then you are busted. It is argued that there is plausible deniability, because it is possible that your node was not downloading the file because you asked for it, but simply forwarding it for somebody else. Given the state of the judicial process at the moment, I'm not terribly optimistic about this defense.

Freenet also doesn't protect (at least not very well) against traffic and timing analysis, allowing one to track down the author of something using the timing and amount of encrypted traffic that nodes exchange. I don't know of any case of traffic analysis having been used (except maybe on the NSA hyper-spook level), but it isn't impossible.

Another thing that Freenet does not "anonymise", and this is the most important IMO, is that you are running a node in the first place. Your Freenet node has to be public, so the feds could definitely "fish" the network for node addresses and start busting those who run them. Again there is an argument of deniability: you don't actually know what is in your nodes cache because it is encrypted, but again I don't have a lot of faith in this defense when the prosecutor will argue that you knowning acted in bad faith.

Regarding Winny, however, I think I agree with Ian. It seems doubtful that Winny works in the same manner as freenet, for the simple reason that Winny works, and well, freenet, umm, doesn't. Any time you try to put anonymity into something, useability IS going to take a hit, because trying to spread and bounce traffic necessarily hits performance. I have a very hard time believing that Japans most popular P2P network could be based on tunneling everything - purely for performance reasons.

(I have to run, so forgive typos and pitiful spelling errors.)

Re:Freenet is not save.

[leuk_he]

Well it could be even worse:
Security was not comprimised. But the developer was accused anyway. It would be hard to prove anything, but it would give a lot of troubles to the developer.

And try to defend against "only people who have something to hide use cryptology"

Re:Freenet is not save.

It is argued that there is plausible deniability, because it is possible that your node was not downloading the file because you asked for it, but simply forwarding it for somebody else. Given the state of the judicial process at the moment, I'm not terribly optimistic about this defense.

It isn't just probably, it is more than likely on the balance of probabilities. Given this - it is very unlikely that any sane court system could hold you liable.

It seems doubtful that Winny works in the same manner as freenet, for the simple reason that Winny works, and well, freenet, umm, doesn't.

Wow - so if Freenet doesn't work then the conversation I am having on Frost right now about this very issue must be a figment of my imagination.

How strange...

Re:Freenet is not save.

[Hobbex]

It isn't just probably, it is more than likely on the balance of probabilities. Given this - it is very unlikely that any sane court system could hold you liable.

That depends. If the HTL on the request is high, or exactly one below the default start value, then the probability is very high that it was you. Maybe not enough for a court conviction, but enough to get a warrant to take your computer away, and find the files in question on your harddisk (unless encrypt your entire harddisk (and swap file!) using hard crypto with a strong key)).

Also, the plausible deniability at the other end doesn't work at all. Using timing analysis, it is very easy to see whether a node contained the data previous to your request or not.

Wow - so if Freenet doesn't work then the conversation I am having on Frost right now about this very issue must be a figment of my imagination.

Since I spent three years and countless hours of my life working on freenet, I would certainly like to believe that it does work. However, Frost "works" by flooding Freenet to try to compensate for the lousy routing which, in an evil circle, is partially caused by overloaded nodes. That model is not sustainable and destroys the whole point with freenet (it was supposed to scale well).

Frost, to my mind, is more evidence that Freenet, even as a concept, doesn't work, than that it does. But maybe I am just a pesimist. I certainly hope that things will work out...

Re:Freenet is not save.

That depends. If the HTL on the request is high, or exactly one below the default start value, then the probability is very high that it was you. Maybe not enough for a court conviction, but enough to get a warrant to take your computer away, and find the files in question on your harddisk

Examing one's hard disk should tell the police nothing useful, since if the file was requested through your computer then they already know that it may have been cached. They wouldn't find anything that could add to the evidence against you.

However, Frost "works" by flooding Freenet to try to compensate for the lousy routing which, in an evil circle, is partially caused by overloaded nodes. That model is not sustainable and destroys the whole point with freenet (it was supposed to scale well).

Frost's flooding isn't compensating for Freenet's routing, it is due to the fact that Frost must poll Freenet to find newly inserted messages. Even if Freenet's routing was perfect, Frost would still need to do this.

Re:Freenet is not save.

[Hobbex]

Examing one's hard disk should tell the police nothing useful, since if the file was requested through your computer then they already know that it may have been cached. They wouldn't find anything that could add to the evidence against you.

Umm, if you did download the file, then you saved it somewhere, viewed it in your webbrowser, streamed it to a media player, or something. These things will show up on your harddisk. If people are actually using Freenet to download files on mass (as they do with file sharing tools today) then they will have a library of warez.

None of this is Freenet's fault, of course, but it does serve to illustrate that in most cases, the possible deniability will mean very little.

Frost's flooding isn't compensating for Freenet's routing, it is due to the fact that Frost must poll Freenet to find newly inserted messages. Even if Freenet's routing was perfect, Frost would still need to do this.

That an abusive application can bring the network to it's knees the way Frost has, is what I mean when I say that there are problems with the whole concept. The Freenet network is one big "tragedy of the commons".

Re:Freenet is not save.

It's known in all competent circles that freenet doesn't provide anonymity. It simply makes things more difficult to be traced.

Your comment that "I don't think this is so bad" is ludicrous. You make it sound like it's okay for things to be compromised. Or maybe you mean it's okay for such things to be shut down if principally used for criminal activity--A road is often abused by speeders. I guess you don't travel on roads or derive any benefit from them, like the transportation of the food you eat. Lucky you.

Example--People seem to forget that one of the things that fueled VHS player sales was porn. VHS is now near everywhere, esp. if you consider DVDs (which came about principally due to the market VHS created) as its successor.

Most new technologies are first adopted by "criminals." Even a panel of judges realized this when they deemed the 'two legitimate uses' rule for products. Eventually, new tech hits the mainstream. mp3 players abound, but folks forget how early on, mp3 manufacturers were sued for their products for *playing* mp3s.

Face it--The reality is, criminals use whatever tools are available to them. After all, the number one tool criminals use in their activities still remains the telephone and the car. If we followed your example, church services would still be in Latin.

Re:Freenet is not save.

[Sivaram_Velauthapill]

But I don't think that this is so bad, in free societies such anonymizer tools are often abused by criminals, spammers and perverts and in oppressive societies the use of the tool gets you in prison anyway.

That is such a naive argument. Not only that, you certainly aren't a liberatarian (not to be confused with Americans who call themselves liberatarian--these guys are liberatarian-conservative).

You either stand for freedom, human rights, liberty, security, etc--or you don't! There is no if's and but's. Just because a criminal can use a particular technology does not mean that we should ban that technology. Just because a criminal uses a human right doesn't mean that we should abolish it. I mean, we all know that the people who benefit from strict search laws by the police are criminals. The average citizen has nothing to hide so the search laws don't even matter. So criminals exploit the restrictions placed on police. Does this mean that we should abolish all these laws? Should the police be allowed to do full searches and the like? Liberatarians would say no; you are saying yes.

It's too bad that you don't value freedom. I guess is that you are too naive. Let me tell you something. There is no such thing as a FREE society!!! USA (for example) is NOT free! Obviously you are the type of person who supported the FBI tracking and monitoring Martin Lurther King and other civil rights activists. Blacks were living in a free society all right!

The Chinese gov is not so stupid to get caught by the "hahaha - my data was encrypted, you can't prove anything"-argument.

If something is ANONYMOUS, totalitarians can't do anything to you. They will do all sorts of crazy things, including doing massive sweeps and jailing all sorts of innocent people. But ultimately, they will lose. The reason China can SUCCESSFULLY penalize activists is precisely because things aren't anonymous and don't provide the required security right now. Consider the recent Steel Mighty Mouse case. She was picked up because the authorities traced things to her. In fact, they can trace literally anything on the internet to their citizens. If security was much stronger, or if anonymity was possible, then the authorities would have ultimately failed.

Sivaram Velauthapillai

This is the final straw

[t_allardyce]

Stupid laws that cost thousands of extra police hours not only waste tax-payers money, they take police from their real job and priority number one which is keeping the peace. Not only that, but the RIAA is terrorising people with its tactics, it has become a mafia and should be shut down today. Whats going on here is a total inequality of justice. You cant choose people to make examples out of, and you cant have anyone in a cell for downloading music while there are muggers, murderers and rapists out on the streets. full fucking stop.

Re:This is the final straw

[squaretorus]

Stupid laws that cost thousands of extra police hours not only waste tax-payers money, they take police from their real job

Couldnt agree more. But this isnt the main culprit. Globally more is spent on 'THE WAR ON DRUGS' and chasing criminals who only steal to feed their habits than on ANYTHING ELSE. Apologies for the caps - just trying to be sensationalist because Im talking about drugs - which we all know are REALLY SCARY AND BAD.

Of course - these kids coul dhave been P2Ping to support a crack habit. It all comes back to wasted money on THE WAR ON DRUGS...

Re:This is the final straw

[nertz_oi]

I'll bite.

you cant have anyone in a cell for downloading music while there are muggers, murderers and rapists out on the streets

Dumbest argument ever. Crime is crime.

The accountant who helps "erase" millions of dollars of debt from a companys books deserves to go to jail. Scam artists who get old ladies to fork over checks for hundreds on the promise of a big "prize" deserve to go to jail. People who freely copy (physically/digitally) other peoples copyrighted works, deserve to go to jail.

Stupid laws that cost thousands of extra police hours not only waste tax-payers money...

You must be one of those jackasses who yell at cops when they get pulled over for doing 40 in school zone. "I PUT FOOD ON YOUR TABLE WITH MY TAX DOLLARS! GO CATCH A MURDERER".

Re:This is the final straw

[I8TheWorm]

they take police from their real job and priority number one which is keeping the peace

I just have to add a slight correction to your comment. A police officer's job isn't actually to keep the peace, rather to respond to less than peaceful actions, and to enforce law. They're actually different if you look at them syntactically.

Re:This is the final straw

[Analysis+Paralysis]

I'll bite too.

Someone who is copying copyrighted works is not in the same league as a fraudster. Firstly, copying is not necessarily illegal - you may have rights to do so. An example would be any Linux distribution - the code is copyright, but the GPL gives you the right to copy and distribute - subject to certain conditions.

If we now look at music and films, which is what I presume you were thinking of, the case is again different. The fraudsters and thieves are taking something away from people. The copiers are making another copy of something - the original is not diminished.

At best (or worst), you can argue that copiers are causing a potential loss of profit, if you can prove that those receiving the copy would have paid for the "original" instead.

The "copiers are thieves" mantra should be left with Britney Spears and her ilk...

Re:This is the final straw

[t_allardyce]

Well actually no, speeding can be pretty dangerous and i would totally understand, your driving a potentially leathal box of metal around you can expect the police to be on their toes. However if I was hit by a police car doing 40 in a school zone because they were on their way to bust some kid for using kazaa i would be pretty pissed.

Yes crime is crime and you cant go around saying "oh this crime isnt as important as that crime we will only deal with that crime" because that is as bad as saying "we will arrest afew kids and make examples out of them and ignore all the others because there are too many". The fact that there are too many says alot about the law and how stupid it is.

I probably didnt make myself clear enough, im not saying deal with only murderers etc then filesharers im saying that its a fallacy that its a crime and that its taking up police time.

What im saying is crime is crime, but some crimes should not be crimes, and certainly a 'crime' that involes the 'potential' loss of a sale that never existed and borders on the restriction of free speech is pushing the limits. The RIAA is paying the government to make laws to suit them and this is not even a secret.

One last thing: If you or someone you knew was mugged, murdered, raped, conned, assulted, run-down or robbed would you be happy in the knowledge that the police might be spending more time tracking down filesharers than tracking down someone else?

Re:This is the final straw

[nertz_oi]

I completely agree what everything you said but one: At best (or worst), you can argue that copiers are causing a potential loss of profit, if you can prove that those receiving the copy would have paid for the "original" instead This i do not get. You watch a 2 hour long movie for free but its ok since you figure you were not going to pay to see it anyway. Film company A makes Film X. Company A charges 10 dollars a viewing of Film X. Person L downloads it off the internet, watches it for free and thats ok because he didn't really like it? Actually, maybe i didn't elaborate enough, but my orginal post was to the effect of "white collar crimes are still crimes".

Re:This is the final straw

[nertz_oi]

What im saying is crime is crime, but some crimes should not be crimes, and certainly a 'crime' that involes the 'potential' loss of a sale that never existed and borders on the restriction of free speech is pushing the limits. The RIAA is paying the government to make laws to suit them and this is not even a secret.

Don't get me wrong here, I am in no way supporting with tactics the RIAA has chosen to deal with filesharing, BUT alot of the suits/arrests have been with MAJOR sharers, 1000+ songs, or people with terrabyte FTP sites (Operation Buccaneer(sp?)). Those people knew the risks (with the exception of the odd 12 year old girl, or 78 year old man) and DESERVED to get caught.

If you or someone you knew was mugged, murdered, raped, conned, assulted, run-down or robbed would you be happy in the knowledge that the police might be spending more time tracking down filesharers than tracking down someone else?

Thats neither here nor there. It's ridiculous to think that the police would treat filesharing as a comparable/greater offence then murder/rape.

Re:This is the final straw

it's not the users it's the dealers i'm most afraid of.

drugs are really scary and bad, if you've ever accidently stumbled upon a meth trafficking ring practically in your back yard.

after we reported it, the local cops staged a bust, but the buyers/sellers miraculously got away as usual. corrupt cops are scary. and now it's back to the same thing.

2am every saturday night drop off a box down by the gate, they leave a point man there. someone comes to pick up the box within 10 minutes.

also recently recently had my truck smashed up (with me in it) when i accidently stumbled onto some drug land. i narrowly escaped with my life, five guys with bats tried to kill me, even after i got in my truck they repeatedly tried to ram me off the road with their trucks. now i have a totaled truck.

Maybe it isn't so bad in your padded life, but just remember who you're paying when you buy. drugs are all about money, and all traffickers care about is money. they'll kill you just as fast as me if you accidently cross paths.so please feel free to continue to use your recreational drugs and make my life suck a little more.

Background Info

[pario]

Since Winny is pretty much unknown outside Japan, here is some background information for slashdot readers: Winny is a P2P file sharing program created by a Japanese programmer, who still remains anonymous to this day. It came out two years ago as an attempt to share copyright-protected materials "safely" when somebody was arrested for using another P2P program (WinMX). Since the application was extremely well designed and almost anything is available on its network, from movies to software, it has become immensely popular in Japan, so much so that there are a dozen book available on how to use it and network traffic in the country was down 20% after the news of the arrest broke. As for the reasons why the police was able to identify those two people who were arrested, they used an extra bulletin board feature, which does not guarantee anonymity unlike its file transfer feature, to distribute a list of warez videos. Therefore, I don't think this news has anything to do with the validity of Freenet's technology, or with that of Winny's for that matter.

Re:Background Info

Mod parent up. This discussion can't go anywhere without the participants having proper knowledge of the background and workings of Winny.

The reason that nobody's heard of Winny is that Winny has been deliberately kept off the radar of countries outside Japan by the author himself. He keept the source closed and only provided the program and documentation in Japanese.

Winny is "based" on Freenet only to the extent that the creator of it consulted Ian Clarke's papers to design the network. The possibility of Freenet code being reused in Winny is pretty low, as Winny is a native Windows application and there's that issue with GPL code anyway.

The architecture of Winny has some aspects in common with Freenet, but while Freenet was designed with anonymity as priority one and usability as backburner, Winny aimed to become both a usable AND anonymous P2P client. To achieve this goal, some of Freenet's anonymity features (such as the inability to know the data inside one's own node) was removed from the design of Winny, and some usability features such as searching within the program were implemented. Winny's design is not as modular or portable as Freenet is, either; Winny is a native Windows application tied to a GUI, more like "normal" P2P filesharing apps.

Winny version 2 also includes an anonymous message board system, a bit like Frost's TOF; Due to the original Winny's immense popularity, The Winny message board became a lively place of discussion, also often used to request and announce up/download of illegal files.

Presumably, it was this that the Japanese police used. Due to the way Winny implements the anonymous message board, reading and posting in the threads are anonymous, but creating a new thread is not. Both of the two people arrested were thread creators, and they announced the upload of files in their threads. As this was not anonymous, the police probably traced them using this.

Any additions/corrections from Japanese Winny users are welcome

Re:Background Info

Since Winny is pretty much unknown outside Japan

too bad it's on slashdot now.

Ever *truly* Anonymous?

I am often amazed at the abilities of some. A 15 year old breaks a hard crypto for DVDs in what seems is a poetic 30 line program... And so many others who have contribuited to technology. But in my limited thinking I cannot see how a truly anonymous P2P network could ever be thought up.

After all the encryption, all the routing and packet filtering... eventually we're always left with unavoidable IP addresses. There's always going to be, has to be, a destinaton and origination. If a computer program can find the location of a song, so eventually can a human. ...So it seems to me.

The FBI tracked the release of an email virus to some upstairs apartment laptop with a temporary dial up connection in a third world country within three days of it's release. What was it, the I love you virus or something written by some tech students? I sat in wonder watching the news reports and the video of dirt streets and old third world buildings wondering how the hell they did it. How they knew it came from that upstairs apartment. Probably logged in just long enough to send it. Not just in three days, but probably sooner with them taking 1-2 days for the "public" release.

Then I consider a truly anonymous P2P file share and wonder if it is even possible. The song is going to be on a hard disk. That hard disk is attached to the net and will have a number representing it's network location. All of which can be traced. In my mind, again, if a program can find the song, even as difficult at it may seem, so eventually can a human.

Just like *they* can never make an unbrakable copy protection, Will *we* ever be able to completely anonymous while on the Net.

I'm just wondering....

Re:Ever *truly* Anonymous?

[Troed]

Jon Johansen did not break CSS, and it's not a hard crypto. He wrote the gui for an application using a normal decryption key. CSS _has_ been broken cryptogaphically, and has about 2^16 complexity. It's not even worth being called a crypto.

Re:Ever *truly* Anonymous?

[tgt]

I cannot see how a truly anonymous P2P network could ever be thought up.

It's only a matter of what do you mean by truly. Same thing as always - how hard are you ready to work, how much time and money to spend to approach a given task. If it's anonymous to a degree that in order to find the originator you have to physically obtain 10 PC from 10 different countries and interrogate (beat up) their owners so that they tell you their passwords - is it TRULY anonymous or not ?

Re:Ever *truly* Anonymous?

Freenet anonymity is relatively easy to attack. This is well known in the academic anonymity community. The fact that some do not admit such a possibility is disappointing.

For a good source of papers on anonymity, see:

http://www.freehaven.net/anonbib/

Re:Ever *truly* Anonymous?

[shird]

Ever heard of onion routing? look it up.

Bascially, there is no source and destination, just a bunch of message passing between random nodes, the 'destination' just keeps and eye out for something that belongs to them. Put very basically. Theres a bunch of asymmetric crypto involved also. Look it up for more details.

Re:Ever *truly* Anonymous?

Maybe the key to illegal P2P is to publicly use the application, and either make it so prolific that it becomes legal by default, or only share legal snippets, so only the end user is using it illegally.

I believe anyone is entitled (in the USofA) to a 16 second song snippet, small portions of text, etc. and can publicly share them. The key would be designing a client to re-assemble (and correctly assemble) those portions into a whole.

Since none of the sharers are committing a crime, is the end-user committing a crime? They haven't purchased anything, but then, they haven't stolen anything either...?

Re:Ever *truly* Anonymous?

[Zog+The+Undeniable]

Well, the low-tech solution to being anonymous is to use someone else's poorly-secured WiFi gateway :-)

Re:Ever *truly* Anonymous?

[caluml]

Have a second internet with a completely different method of assigning IP address. NAT all traffic passing through your box.
Hey presto, no-one knows if it came from you, or the person behind you, and there is no ISP that can be asked who "owned" an IP at a certain time.

Re:Ever *truly* Anonymous?

[Isao]

You should look at the Freenet specification. A single server does not contain everything needed to recreate the file, nor do you necessarily know on which servers the file fragments are stored ahead of time. If you are the server owner, you cannot determine what's in the file fragments you carry, nor can you reconstruct the files without knowing the correct key, which Freenet will use to gather fragments from all over the network.

Oh, and the fragments move across the network and expire, based on usage.

Re:Ever *truly* Anonymous?

Well, the low-tech solution to being anonymous is to use someone else's poorly-secured WiFi gateway :-)

As long you you obey the security rules: Drive on the correct side of the road & dont masturbate while driving. :)

Re:Ever *truly* Anonymous?

I can imagine the network that allows share of any data but is difficult to be sued and would have to be practically banned to shut it down.

Imagine the following system:

1) Basic requirements from the system:

Each computer in the network when signs to this software is commiting certain amount of disk space to store network data and certain amount of bandwitch to exchange storage information. The exchange of information consists of background traffic which is independent from the user and user request traffic to search and download data. The software is designed in such way, that for the remote machine the background and foregorund requests are in most cases impossible to distinguish.

The data on the network consists of packets.

There are two types of packets:
- encyphered packets with unique ID's
- data catalogue packets

Computers that are in any given moment logged onto the network are exchanging randomly its stored packets using preassigned disk space and preassigned amount of background badwitch.

2) Commiting the data to the network.

Each user can post any data to the network. The process is as follows. The software initially is breaking down the data file into the packets that have unique ID assigned to each packet and each packet remebers ID of the next packet. Then the packets are encyphered. The cypher is using previous packet data as a key to encypher the next packet (with the exception of the first packet which could be encyphered using some simple cypher). Also the software at the same time creates entry to the catalogue with data file title and ID of the first packet of the data. Then the packets of the file and the new catalogue packet are distributed randomely along the network using regular network background exchange traffic. The receiving computer cannot distinguish this from the regular background traffic exchange so it cannot identify that the new data is currently posted. Even more, becuase it is receiving only one packet, it cannot even identify what exactly this packet is representing since the packet is encyphered and in order to know its content one needs all preceeding packets that are sent to different random machines on the network. Part of the background traffic is also used to move packets randomely around network, so the data is never static. It is always floating around the network. The user of particular machine also has no idea, what is currently on his machine for the same reason, and the packets are constantly moving along the machines anyway so in a sense everybody shares all the packets virtually.

3) Searching for data.

The user posts a search to the network for a title using foreground traffic. The search itself is not a crime since we are only looking for a relationship of title to ID of the first packet of data. Just like you can review any type of music catalogue :-) There is no proof of downloading since the search only returns catalogue entry of ID and it is up to the user to do anything with this. But even the search is anonymized in the following way:

User generates query for the file title. The system assigns unique ID to the query and sends this to randomely chosen couple of the networked machines currently online. The quered machine checks its catalogue packets. If the match is found, the response is send with title - ID of the first packet. If the match is not found, the query ID and IP of the querying machine is temporarily stored by the software and the query then is posted in the background traffic to some more randomely chosen machines on the network. If they respond within given time with ID, the response is sent back to the querrying machine. In any case after the preassigned time, the stored ID/IP info is deleted so there is no trace of the search. The key here is that the machine that is being querred has no idea if the querrying machine is the original requestor of the querry or just another link in the chain.

4) Downloading data.

O

Re:Ever *truly* Anonymous?

Onion Routing provides very little anonymity, as comapred with remailers a la Mixmaster and mixminion

Re:Ever *truly* Anonymous?

[theLOUDroom]

Just like *they* can never make an unbrakable copy protection, Will *we* ever be able to completely anonymous while on the Net.

Okay, here's the answer: No.

Why?

It's all about rescources:

It's impossible to create "unbreakable" crypto because the processes needs to be reversible and given enough resources and time the proper decryption method can be found.

Simlarly, it's impossible to be perfectly anonymous on an untrusted network like the internet because, given enough resources, someone can always find out who you are. In the case of freenet you have to worry that if every single computer you connect to is controlled by "them", they can obviously see what is going into and out from your PC.


The goal is to make it as hard a possible to trace you. This can be done a bnch of different ways, but I'll give you an example:
Say you have a p2p network like gnutella, but instead of sending file directly, there's a certaing probability that you will send your file via another node. Add some crypto, blah, blah ,blah.

One of these days I'll get around to writing a paper on this stuff.

Re:Ever *truly* Anonymous?

Onion routing is basically the same as mixminion, but for general things rather than just mail.

Re:Ever *truly* Anonymous?

[Error27]

That's not how onion routing works, actually. With onion routing the "server" is known and the client is unknown. The client creates an "onion" with encrypted routing information.

The communication is passed through a bunch of nodes each of which only know about the one before and after themselves.

In a p2p situation the clients sometimes act as servers so onion routing is a bit pointless by itself.

Re:Ever *truly* Anonymous?

> It's impossible to create "unbreakable" crypto
> because the processes needs to be reversible
> and given enough resources and time the proper
> decryption method can be found.

This is not exactly true. There is mathematical proof, that with the purely random key that is as long as the message itself the code cannot be broken. The only way to read the message is to intercept the key during the transmition as long as the coder is not using quantum transmission channel. Intercepting key from the quantum transmission channel without being noticed violates law of physics.

> Simlarly, it's impossible to be perfectly
> anonymous on an untrusted network like the
> internet because, given enough resources,
> someone can always find out who you are. In the
> case of freenet you have to worry that if every
> single computer you connect to is controlled
> by "them", they can obviously see what is going
> into and out from your PC."

If you reduce the network to absurd "them" versus "me", then it is not a network really but a telephone conversation where one party is guilty by the elimination of the "innocent" party. But as long as the network consists of at least three users and the data is echanged in random packets with no trace of the past exchange transactions between the users, elimination of "them" still leaves two suspects from which only one is guilty. The only way to prove guilt would be to keep exact copy of ALL the traffic on the servers that route this traffic and do not belong to the network itself. According to law you suppose to assume innocence if you can't prove guilt. Of course RIAA might challenge that tradition. For example the fact that one belongs to such network might be outlawed or the person might be sued just to harass people to make an example and discourage others from signing up.

JM

Re:Ever *truly* Anonymous?

Right, they'll just arrest you, since all the illegal stuff is spewing out of your NAT connection.

Japanese users

(a) p2p sofware

or

(b) sex with a mare?

That's why Japanese users use the "Whinny" P2P system.

Its OK... the RIAA may be paying for spam.

Here are the snippits from the spam.

Subject: Digital Music News: Don't Go to Jail

Music Industry Informs Internet Users of Risks Peer-to-Peer Networks Pose

STAY OUT OF COURT - USE LEGAL 'SHARING'

Staff Writer, The Digital Music News

The Recording Industry Association of America has filed 300 lawsuits against alleged file swappers. Don't want to become victim number 301? Then it's time to switch from programs like Kazaa and Morpheus to a legal music download service Songs purchased on legal services are more reliably of a higher quality than those downloaded from a peer-to-peer network where you're never quite sure if the file was properly labelled, ripped on an underperforming computer or contained a virus Below are the options that will help keep your life free of lawsuits To learn more about safe and secure ways of using the Internet http://www.riaa.com

The message then goes on to pimp for the various pay services. I have no idea if the RIAA actually paid for the spam, of if it is a joe job.

Speed of the Japanese legal system

[chrome]

The speed of the legal system here is notoriously slow.

And, I'm told, most people can escape imprisonment or heavy fining by just apologising well.

So, I'm not sure what kind of resolution the companies are expecting, but I'm sure it will be a long time til we hear anything :)

Re:Speed of the Japanese legal system

[dbleoslow]

And, I'm told, most people can escape imprisonment or heavy fining by just apologising well.

Unless you're a foreigner

I'm not saying this guy is innocent, but he got a longer prison sentence than most murderers. Japan has a conviction rate above %90 percent. They can also hold someone on suspicion for up to 21 days without so much as a phone call. My greatest fear is just being a suspect. It doesn't matter if you're guilty or not here. So I get a heavy fine and no "prison sentence." I could still be in prison for almost a month before charges are even filed.

Re:Speed of the Japanese legal system

[chrome]

What I said was purely based on what I've been told by people I trust (heresay nontheless). I don't know anyone who has actually had to go to court here.

But yeah, unless you're a foreigner, you can get off easily.

That goes without saying really.

Actually, if he'd just "confessed" and apologised profusely, he still might have got a more lenient sentence. Maybe get out in a couple of years.

In any case, its an unfortunate incident, I'm going to forward it to people I know here in Japan. I don't think the locals really understand how screwed up the legal system is here :)

The thing about Japan is that if something is not in the media, people don't care about it. If there was more public knowledge of this case in the street, I'm sure there would be enough public pressure to have his case re-examined.

Maybe stand at Shinjuku station and hand out leaflets, or something.

Mental note: never take anyone else's luggage through Narita.

Re:Speed of the Japanese legal system

[dbleoslow]

Why should he confess if he's innocent? If he has to do that, there's something seriously screwed up in the legal system.

If you think that this story getting more media coverage will help,, I believe you are gravely mistaken. There is a very strong attitude of indiffernce in Japan. I think that's the best way to explain it. I haven't found the perfect words to explain it because I don't have it quite figured out. I just call it the "shogenai" factor for now.

I don't know how long you've been here, but try to observe more traditional Japanese people if you can. I'm sure you probably hang out with more open minded Japanese people, as I do. They have a very closed mindset.

Re:Speed of the Japanese legal system

[chrome]

Note that I didn't say that I thought it was a good idea, just that he might have got less time. Not everything makes sense to us foreigners. Sometimes you just have to shrug and accept it.

From discussions I've had with people here on the matter, if you look like you're truly repentant and willing to accept any punishment that's meted out to you, the sentencing is more lenient. The more you try to protest your innocence, the more that the law will look at you unfavourably.

I don't know if this is true nor not, just my impression from many discussions I've had with Japanese and gaijin alike. Ask me after I've lived here for another 4 or 5 years.

And yes, there's probably something seriously screwed up in the legal system here. I know enough that I'm terrified of it ;) Maybe that's the point.

Lastly, I agree the "shiyouganai" (hey, thats what Word Lookup tells me is the spelling - personally, I prefer using "shikataganai") factor is a big one. I guess I'm just a big cuddly fuzzy hearted optimist.

when corepirate nazis 'say' secure cyberspace,

they 'mean', to secure themselves from responsibility for their felonious behaviours buy .controlling yOUR ability to respond to/commerce without, them.

Re:Piracy is a crime

[Tarq666]

Actually on this point I have a question. Isn't the problem with true anonymity when downloading from the net the connection between your system and your ISP? If nothing else, wouldn't your ISP be able to detect a massive upload/download bandwidth usage? Given the usual way thing work here, I imagine ISPs would be very open with dealings with the police if they came around asking questions. Right now in Japan they are starting to roll out fibre-optic cable connections to the net. Two people in my apartment complex have applied for it and the entire complex was given information on it. Currently they are offering 100Mb/s down and 2Mb/p up. I'm on Cable at the moment which only offers 10M down and .5M up and was thinking of getting it. After hearing about this latest arrest however a few of my friends who already have it are getting worried. They often download TV programs from Bit Torrent (Japanese TV sucks...) but after downloading some 5gig worth of some program they noticed they had uploaded 10gig. They are a little worried that that will ring a few bells back at their ISP.

Hara-kiri Over Hanson!!

Arrested!!!! Holy shit that could lead to Hara-kiri over Hanson.

Re:Hara-kiri Over Hanson!!

[Channard]

Holy shit that could lead to Hara-kiri over Hanson.

You're saying listening to Hanson wouldn't drive someone to kill themselves *first*? Mind you, going by some of the J-Pop acts, maybe the Japanese have a higher tolerance.

Winny is more advanced than Freenet

[News+for+nerds]

Winny was developped by the Japanese developper called "47", and it was after WinMX user was arrested here in Japan, in 2001. It was the world-first arrest of P2P users. Japanese copyright law was amended in the years before to crack down infringement over internet, protecting "right of enabling sending copyrighted material".
Since then, among Japanese users and hackers, non-encrypted P2P which is still popular in the West today became things of past.

Since Freenet made of Java was very slow application then (not much improved today), he made Winny as native Windows P2P application, with encrypted storage distrubited across peers. According to the developper, Winny is good at the both anonymity and efficiency, but anonymity is slightly lower than Freenet. Because a receiver can't determine a sender is the one who originally inserted the file to the network or not, it was considered anonymous and then more secure than ordinary P2P network, say, Gnutella or eDonkey etc. Winny has other functions like forum system, and clustering by keywords combination set by its users which help users with similar interest mold cluster. Other remarkable difference from Freenet is it dosn't split files, but can do multiple-source download.

With the help of community and its own efficiency as P2P network, Winny become extremely populor in Japan unlike experimental Freenet in the West and consumed huge bandwidth.

But those who were arrested the last month was arrested because they sent files directly, without being a bridge, or put some warez onto web page and running Winny beside it. Therefore it is still not clear whether just running Winny and sending cached files without modest deliberation means guilty or not.

Re:Winny is more advanced than Freenet

Also, it was a shock for many people because Mr. 47 only posts on an anonymous BBS system (think Anonymous Coward on slashdot) and IIRC never revealed his identity.

People are wondering how the police found out his identity. It has been speculated they might have gotten his IP from the BBS operator or from Geocities Japan where he keeps a page with the newest version for people to download.

Re:Winny is more advanced than Freenet

According to the developper, Winny is good at the both anonymity and efficiency

Oh, well if the anonymous developer say so then it must be true!

Re:Winny is more advanced than Freenet

Probably Geocities. 2ch is very secure.

And Winny is really WinNY, means the next of WinMX

[News+for+nerds]

Winny is really WinNY, with WinMX N is the next of M, and Y is the next of X.

Winny Background

The way annoymity works is that files are stored in a "cache" in a scrambled format with filename concealed, even to the local user.

Winny knows how to descramble the name and data, and it can search on the P2P network a specific file using its filename or MD5 checksum.

When a file is found, it is either downloaded directly or through another random user (think proxy).

Files goes into the cache either by local upload, by downloading a file (which Winny will descramble for you, leaving a copy in the cache), or by files passing through your node. It is then available for further download by other people.

This provides a kind of load-sharing where more popular a file is, it will be found in more people's cache and more easily available. Downloading from multiple sources is also possible.

You can find out who your immediate neighbour is, but he can claim he doesn't know what the content of his cache contains an infringing file, but of course this requires him to remove the original on his disk :)

To give an incentive to people to cache files, # of simultanenous downloads is limited to # of uploads+1 with a lower limit of 2.

It is a very convinent system because winny has a function that let you specifies search parameters and you can just leave it alone and it'll download everything that meets the parameters, meanwhile donating bandwidth and cache space to other people on the P2P network.

This model can be possible only because Winny is closed source. Cracks have both appeared for both the download limit and cache descrambling. It is easy to see widespread use of the cracks will compromise the model (less files to be found on the network).

Fortunately normally people don't care (it is just spare upload bandwidth and disk space, which broadband P2P users usually have surplus of).

Re:Winny Background

[jesser]

Cracks have both appeared for both the download limit and cache descrambling.

How about an English localization crack?

freenet

[wobblie]

yes, it can be.

the clincher is that you don't know what it is you're sharing.

Freenet for example, doesn't work like typical p2p programs; you dedicate a portion of disk for it to use, and it's all encrypted, and you don't even know what you're sharing.

I don't know which is worse :-)

Re:freenet

Not knowing the contents of your drive space I doubt would work as a defense. If that drive space can be shown to have distributed copyrighted material its likely that's all that matters.

Owners seem responsible even if they're unaware. You can loose your car if you loan it to a friend who uses it to buy drugs.

A mother was convicted (Ohio) of manslaughter because while she was asleep upstairs her 19 year old daughter and friends got drunk in the basement two stories below, left the house and killed someone while driving. She was the owner of the house and "should have known" stuff...

A man was convicted for manslaughter because his friend, arrested for DUI asked the police to call him and pick his friend up at the police station when he was released. The guy who was arrested asked his friend to take him to his car and drop him off. He did and went back home to bed. His friend gets back in his car, kills himself and someone else, apparently he was still drunk. It was his friend who picked him up and dropped him off at his car who gets arrested for manslaughter even though he was asleep when the crime happened and it was his friend who did it.

If I have a WiFi and someone driving by my house uses my network to send a threating email to the President... The SS comes and takes all my equipment with no hope of getting it back.

On and on... If the data is encrypted and I don't know what's in my drive space it almost makes the pain of conviction hurt that much worse. Kinda like getting fucked with the courtisy of a reach around.

Re:freenet

the clincher is that you don't know what it is you're sharing

Yeah, and cigarette companies don't know that your particular cancer was caused by their cigarettes.

Any reasonable person knows that their P2P app is mostly being used for pirated or otherwise liable material, whether illegal kiddie porn or just embarrassing adult porn. Sure, there are all sorts of theoreticaly, innocent uses you can cite, but we all know why these networks really exist and are so popular. Even if you don't know exactly what's on your hard drive, you do know in general what will be there. And you are a willing participant in the mechanism to pirate material, so you don't even have the "evil hacker took over my machine" defense.

Re:freenet

[Sivaram_Velauthapill]

What you are saying shouldn't be happening. If it is happening, it is a flaw with the legal system. The laws ought to be changed...

Sivaram Velauthapillai

Re:freenet

[Sivaram_Velauthapill]

I think what you are saying is only true if the application is ONLY used for some illegal activity. Otherwise, I don't think the court has a case (I'm not a lawyer and simply speaking on moral grounds). It is not sensible to arrest someone for using a tool that has legitimate uses. If it can be shown that a certain (p2p) application is only used for illegal activities, you are right... but if there are people doing other LEGAL activities, there isn't much there.

Sivaram Velauthapillai

that was the philippines

[circletimessquare]

that was the philippines, the i love you virus

Re:And Winny is really WinNY, means the next of Wi

That is where the name came from, but nowadays it is just called Winny.

News to me

[NDPTAL85]

Have you ever had to live in a neighborhood destroyed by both the drug pushers and the addicted users?

I thought it was pretty clear to anyone with a brain that drugs ARE scary and bad.

Perhaps you have a favorite kind of drug which you do not consider to be all that bad? Like weed or meth perhaps?

Re:News to me

[paganizer]

ANd why are the neighborhoods destroyed?
Because the pushers are doing something very risky for very high profits; because the users have to pay a artificially high price for drugs. eliminate government interference, prices go down, it's no longer neccesary to have hired goons running around guarding the drug dealers, no longer worthwhile to KILL to protect your drug supply.
Drugs are a problem. the Violence and crime associated with drugs is 90%+ the result of the war on crime.
Don't believe me? think about the 60's & 70's. I was there, I know.

Re:News to me

The reason those neighborhoods become run down high crime areas is because drugs are illegal. Today anyone who wants drugs can and does get them. Therefore, decriminalizing them will not increase the number of users. What it would do is reduce the number of criminals (if it's not illegal you're not a criminal for doing it).

The damage done by the "War on Drugs" is immeasurable. Imagine you are a teenager in a poor neighborhood with rotten schools. You want to get ahead so what is the most profitable thing you can do to quickly bootstrap yourself out of where you are? Sell some drugs.

So you sell some drugs. Things are looking up and you get a girl friend with a child on the way (not a good idea but statistically likely) when you are suddenly busted. Now you have no future because you are not employable with a drug arrest record. So you have to work in the criminal world or live in poverty. As a result, your child grows up either surrounded by crime or in poverty. Either way, the cycle continues.

The "War on Drugs" is only a way for the ruling class to oppress and control the other classes. It is used to oppress the lower class (as shown above) and to control the middle class through fear tactics. I think this is all amazingly obvious.

Re:News to me

[Hobbex]

Have you ever had to live in a neighborhood destroyed by both the drug pushers and the addicted users?

Where would you rather live, a neighborhood with a liquor store, or one with a Mob run speakeasy and bootlegging operation?

Lots of things are bad, but we don't legislate sensibility. Throwing ones life away is a basic human freedom.

Re:News to me

I can confirm this. In the early 70s I knew many people "doing drugs". However, that wasn't a big concern for law enforcement because it wasn't a "war". People grew their own pot and if you didn't feel like doing that it was only $20/ounce. The entire atmosphere was peaceful and relaxed.

Reading about the "War on Drugs" quickly reveals that it started nearly by accident as a result of political maneuvering during the Nixon administration. Once it came into being it quickly became clear that it is a good tool for increasing the power and presence of the police and oppressing anyone politically weak.

Re:News to me

[The+Gline]

What about someone whose life is important to other people -- i.e., the head of a large family who relies on him for income? I would think that someone like that would be able to kill themselves, but I don't think for a minute that they would be sanctioned for doing so. (I'm not talking about something like where he would kill himself so that his family could profit from the insurance money or something, but to follow the example strictly, someone drinking himself to death beacuse "that's his right.") I don't see that.

Re:News to me

[h0mer]

It's funny that you write that, yet you hang out in 2 IRC channels that are populated mostly by stoners and/or drug-friendly people.

Re:News to me

[Hobbex]

What about someone whose life is important to other people -- i.e., the head of a large family who relies on him for income?

Child neglect can take many forms, and is completely independent of whether drug use is involved. If "large family" you are talking about consists of the persons own children, then he should be prosecuted regardless of whether the children suffered because he did drugs, or because he gave all his money to charity.

If the "large family" are not his children, then they are moochers with an entitlement complex and ought to make a living for themselves.

Re:News to me

Yes. And what about 1920 when heroin was legal and could be obtained from drug stores, for a price of the aspirin. Mainly heroin was used by doctors and lawyers that wasn't problem at those days.

Re:News to me

[The+Gline]

Well, it is kind of hard to prosecute a dead man.

Just a thought.

Re:News to me

"then he should be prosecuted"
Fuck you you bitch feminist, yea its always for THE CHILDREN!!!! Go to cuban hell.

Re:News to me

[Platypii]

What about it? Were you supporting his point or against it?

Heroin can be used responsibly (especially in a legal market) just like any drug can be. You said yourself that doctors and lawyers used to use it without issue, so what was your point?

(if you were in fact making the same arguement as me in favor of legalization, then my bad... sarcasm wasn't very clear)

Re:News to me

[RevAaron]

Have you ever known a person who used drugs, but because of various sociological, financial and personal reasons, didn't fuck up? It may sound amazing, but our coutnry is filled with fairly well-adjusted drug addicts, people who don't have to beg, borrow and steal to support their habits. Normal people with family and friends who also happen to use some drug(s). They may have a physical or psychological addiction to it, or they may not. Relatively intelligent people with a good family have polled off the healthy drug addict routines for thousands of years; drugs destroying neighborhoods is a relatively new phenomenon, bought about more by poverty and a piss-poor existance than the drugs.

That said, those people shouldn't have access to drugs if they can't handle them. Their lives need to be rehabilitiateed before there is any drug problem. As if that will ever happen though. Not when we treat them like criminals before they've even taken a drug or committed a crime...

Re:News to me

[insomaniac]

This probably has been said allready, but ever thought that the neighborhood was destroyed not by the drug pushers and addicts but because of the draconian laws against drugs.

Say one would make it fully legal. You'll get something like the alcohol industry. The pushers will dissapear because it isn't profitable to stand on street corners trying to get people to use drugs.

The government also can put more control over it, like keeping kids off it.

Or just legalize weed like we do here (kinda). It will stop people who would just smoke weed (which I see as rather harmless, WAY less harmfull than say alcohol). If weed is illegal you get your weed at a pusher, who probably will also be selling harder drugs like cocain, heroin, extacy or whatever. These products make more profit for him than weed so he tries to push cocaine on them, saying it is "so much better". And as the smoker never had any education about drugs, or just has been told that they are bad. He will get the coke because he thinks its just as bad as weed but the effect is so much better.

So I think the neighborhood you describe is destroyed by the illegality of drugs, not drugs itself.

Re:News to me

A good example of this is William S. Burroughs. He inherited the Burroughs Machine fortune and was a heroin addict for decades. As he pointed out in his book Junkie heroin doesn't kill people. Using uncertain substances bought from shady characters in back alleys who would would probably rather just mug you kills people.

Re:News to me

[Hobbex]

"He" is used for non-gender third person in English. Everything I said holds for women to the same extent as men.

Re:News to me

[RevAaron]

Opiates are definately an odd case- they won't kill you if you don't overdose (Or have some ultra-rare allergic condition). Unlike amphetamines, cocaine and crack, and alcohol, the drug over time doesn't seem to have any lasting negative side effects. Your metabolism is changed while under the influence, which can lead to the stereotypical skinny junkie, But unlike many drugs, your brain, your heart, and other organs don't come out damaged.

My post certainly didn't meant to say "la,la,la, drugs are safe and tasty too!" but one must know a lot about any drug they are considering taking, have a respect for its power...

Re:News to me

[NDPTAL85]

Consult the users of those channels. I've railed many times against the drug using lifestyle.

Re:News to me

[NDPTAL85]

Yes alcohol is legal. But have you ever wondered why there aren't any liquor stores in wealthy neighborhoods?

Re:News to me

[oddfox]

What are you talking about? That's such a broad and sweeping generalization, not to mention incredibly false. Besides, the reason there probably are less liquor stores in wealthy neighborhoods than poorer ones is because there's a lot more that you can sell to the poor people than the wealthy ones. Wealthy people generally have the ability to shop elsewhere than Joe Bob's Liquor Store and get better booze.

Re:News to me

[Sivaram_Velauthapill]

Have you ever had to live in a neighborhood destroyed by both the drug pushers and the addicted users?

And what has the billion dollars spent on the drug war done? The drug market is even worse now because they are controlled by monopolies (drug cartles) as opposed to being a little bit freer... When alcohol was banned (20's), it was run by the mafia. And guess what? There was a ton of violence associated with it! How much violence do you see now (that alcohol is legal)? Yes there are addicts but the damage they do (generally by abusing their children, wife, etc) does not compare to some gangster in the 20's shooting up your neighbourhood...

Sivaram Velauthapillai

Re:Israel = teh sucks

Yeah. Sounds great the first time you hear it, but who's going to park his car there? I certainly wouldn't want to walk from the middle east to my appartment in New York every day.

'Only criminals' attitude

[nurb432]

Just because a criminal can use something doesn't make useless or 'bad'.

Using your thinking, since criminals often abuse locks since they hide in houses, I guess then so what if the government bans the use of locks on your doors..

Or they abuse the mail by sending kiddy porn.. so I guess that means its ok for the government to go ahead and read ALL Mail.. with no warrant..

Your type is why we are loosing our rights that our forefathers fought and died for to gain. Get lost, you dont deserve the rights you do have.

Duh!

Clarke wants to save his face, but it's well known in certain circles that freenet doesn't provide 100% anonymity if the attacker has enough resources, e.g. a large ISP or the gov.

Duh! 100% anonymity is impossible, Freenet never claimed to be 100% anonymous, just to be anonymous for all practical reasons.

If you want to claim otherwise please explain how, given a particular CHK on Freenet, someone tracks down the author of that file. Please give details.

Re:Duh!

I wonder if you know what it means to be 100% anonymous?

You may not be able to track down the author of the file, but if you suspect that A is storing a file, you can check that relatively easily....

Re:Duh!

[Hobbex]

I wonder if you know what it means to be 100% anonymous?

Formally, 100% anonymous means that the set of suspects, given the information given, is exactly same as the entire population.

Chasing after file sharers doesn't work!

[Morosoph]

Just found a link to The Motley Fool that very much suggests that file-sharing isn't taking any revenue. If this is truly the case, how do they justify the restraint of freedom induced by laws and methods of enforcement? This appears to be less a case of protecting revenues as a simple imposition of unjustified power.

More musings on power and on civil disobedience. I should say that I admire the independent artist who chooses to share samples, and do not especially admire those who trade music illegally, but here, punishment is disproportionate.

Society is reaching a fork in the road

[t_allardyce]

I believe that the words "arrested for downloading..." should not be appearing in our lives because "arrested for downloading music" sounds very similar to "arrested for downloading political material" and this is exactly how a society moves from free to big-brother. Lets put things in perspective here: You are not gaining unauthorized entry to a remote system, you are not 'stealing' (as in bank notes) money, you are not diverting electronic funds to yourself. Flaim me all you want about what you 'are' doing but those facts remain.

What you are doing is partaking in an activity that may negatively effect a large economy. Now there is no definite case here, it could be that you were not taking a potential sale because you would never have intended to buy it in the first place, who knows? its a very blurry area and no-one can claim they know all the facts. Having said that there are allot of things in our society that follow similar logic:

Driving your car for example, now you may not contribute a significant amount to pollution yourself but everyone together does (this has more proof behind it than the case against music downloading). If you go get a drink during commercials then you aren't doing anything personally but if every single person got up during that commercial it would have a zero viewer figure (which leads to the question are the advertising companies doing their job if no-one wants to watch their adverts?). As a society we have deemed that some things are ok and some are not for whatever reason but if its deemed that filesharing is not ok then you will have put that over driving your car and a whole host of other things we do that are far worse, is that ok? its up to you.

Its society's job as a whole to decide the balance here, personally i think filesharing should be accepted and that it will lead to a positive change in the way things are done and the way music is made. Maybe it will lead to the downfall of the RIAA as we know it and music will suddenly become not a money driven thing but a enjoyment driven thing maybe like open source software, is that good? is society happy with the way things are now? are you happy with the way things are with the RIAA? because its the majority of the people that matter in a democracy not the richest and if you live in a democracy then thats the way it goes.

PS. It might happen that you dont live in a democracy or your democracy is broken and for example 2 million people all getting together in a park to demonstrate over something does not sway your PM's view atall even though it was one of the biggest demonstrations in your country's history. Or, your government openly receives funding from major corporations and just happens to churn out laws that suit those corporations and has now allowed one of those corporations to run its voting. If this is true for you then the above post means nothing, go back to your work, do what you are told and let it get worse. If you dont live in a democracy and dont want one than also ignore this post and i hope you have better luck than us and that we dont try and invade you anytime soon, if we do im sorry i had nothing to do with it.

Re:Society is reaching a fork in the road

[azuretek]

Not driving your car or getting up during commercials is different than downloading music, in the sense that when you get up you aren't taking any goods you are just refusing to watch programed advertisments. This is much different than actively taking something, you are recieving something both ways but one way you asked for it and the other you didn't. If you want it you have to pay for it, that is true in most cases.

(sorry for spelling errors and bad grammar, I gota go)

Re:Society is reaching a fork in the road

[t_allardyce]

And driving your car?

Yes advertising is a slightly different parallel i was just using it as an example to say that in some circumstances one person doing something doesnt matter but allot of people doing something does.

Driving your car on the other hand you are actively polluting

Re:Society is reaching a fork in the road

[shark72]

"Its society's job as a whole to decide the balance here, personally i think filesharing should be accepted and that it will lead to a positive change in the way things are done and the way music is made."

The problem here is that giving rights to one group (those who desire to have copyrighted material without requiring permission from the rightsholder) means taking rights away from another group (artists, poets, composers, writers, or anybody who would like to have a say in who can "share" their work).

Most societies respect the rights of artists and other copyright holders to have this say. The closest thing we have to international copyright law, the Berne Convention, has been adopted by most industrialized countries.

A society in which creators of art don't enjoy the rights they do today just might be the Utopia you describe. For clues, we can look at some of the countries which are not signatories to the Berne Convention: Afghanistan, Bhutan, Ethiopia, Iran, Iraq, Nepal, Oman, San Marino, Tonga and Yemen.

I don't know if any of those countries have thriving artistic communities where artists are free to create, unencumbered by the shameful desire for filthy lucre that has poisoned western society. But, relatively and generally speaking, those countries have no money. By comparison, the United States counts its collective intellectual property output as one of its biggest income generators, and we owe our high standard of living in part to the collective output of our country's programmers, musicians, novelists, and filmmakers.

I know I will draw the ire of many slashdotters by saying this, but if somebody goes to the trouble to write a program, or a book, or to write, record or produce a song, their right to say how it may be distributed supercedes my right to have it on my terms. It is they, and not me, who put in the effort to create it. If they have priced it out of my reach, I simply won't buy it, and if they've priced it too far out of enough people's reach, the free market economy will teach them that lesson. If I choose to pirate something, I'll admit that it's because I'm a cheap bastard, rather than some adopt some pseudo-altrustic "information wants to be free" stance or otherwise trying to convince myself that I'm somehow doing them a favor or that I'm committing some sort of social protest. Standing in front of a fucking tank or staging a sit-in at a lunch counter in Birmingham... now that's a social protest. Downloading a CD instead of buying it, when I know that somewhere there's somebody much like me who relies on CD sales to feed their family? That doesn't make me a hero.

Re:Society is reaching a fork in the road

[Sivaram_Velauthapill]

That's a great post! One of the most eloquent and inspiring I have read on slashdot. You don't offer any concrete answers but you raise some important points...

Someone mod this up plz...

Sivaram Velauthapillai

Re:Society is reaching a fork in the road

[Sivaram_Velauthapill]

I'm glad you guys (the original poster and you) mentioned television commercials. There are more parallels between tv commercials and music than either of you realize.

Something is happening in the tv industry that is similar to the music industry (although not on the same scale). Believe it or not, there are actually attempts to ban people from skipping commercials. There is massive controversies over Digital Video Recoders and other similar things. The tv industry (I'm not sure who; maybe the studios) don't want people skipping commercials on their recorded tv shows.

Sivaram Velauthapillai

Re:Society is reaching a fork in the road

[Sivaram_Velauthapill]

I don't have a position on this issue yet. I'm as confused on this as anyone (even though I usually have opinions on nearly everything). The difficulty in arriving at a stance is described by your post. However, I do disagree wtih some of your points.

The problem here is that giving rights to one group (those who desire to have copyrighted material without requiring permission from the rightsholder) means taking rights away from another group (artists, poets, composers, writers, or anybody who would like to have a say in who can "share" their work).

I don't really think this has anything to do with rights. I'm speaking as a liberal and as someone who doesn't subscribe to capitalism. An artist has a right to make a living as much as a factor worker, or a cleaner, or a prostitute. That is to say, this has nothing to do with rights. You can argue whether people SHOULD or SHOULD NOT support certain professions but that isn't really about rights. Don't get me wrong: I'm not arguing against artists. I'm just questioning your assertion that society is somehow violating the RIGHTS of artists.

A society in which creators of art don't enjoy the rights they do today just might be the Utopia you describe. For clues, we can look at some of the countries which are not signatories to the Berne Convention: Afghanistan, Bhutan, Ethiopia, Iran, Iraq, Nepal, Oman, San Marino, Tonga and Yemen.

Your examples are flawed and useless. Some of those countries like Iran DO have art (films, music, etc). In any case, looking at poor countries is misleading. First of all, most people cannot afford anything. This means that people pirate all the time (eg. Malaysia and its pirated computer software) or they never do (eg. Bangladesh and the fact that most cannot afford computers/radios/tv/etc). Then, there are countries where it is all screwed up either because of culture or some other reason. For example, India has a big art industry (Bollywood actually produces more films per year than Hollywood) but piracy is rampant too. Things like music are copied onto casettes all the time yet musicians make a living somehow.

Just using your example (of looking at the signatories of the Berne convention) doesn't show anything. I mean, many signatories probably don't enforce any of it (similar to many UN treaties).

If I choose to pirate something, I'll admit that it's because I'm a cheap bastard, rather than some adopt some pseudo-altrustic "information wants to be free" stance or otherwise trying to convince myself that I'm somehow doing them a favor or that I'm committing some sort of social protest. Standing in front of a fucking tank or staging a sit-in at a lunch counter in Birmingham... now that's a social protest.

Actually, that IS a social protest. However, most people who do it aren't doing it as a protest; they are simply doing it because they are greedy and want it for free. Downloading a CD instead of buying it, when I know that somewhere there's somebody much like me who relies on CD sales to feed their family? That doesn't make me a hero.

If you are just stealing content because you are greedy, you shouldn't do it. But in general, it's more complicated than that. If you are like me (anti-capitalist, far-left), what matters are ideals and ideologies. All that matters is the society as a whole. The question is: are we creating the society we (or at worst, I) want? For instance, technology puts people out of work (eg. automated payroll puts payroll specialists out of work) yet it cannot be construed as a bad thing. What is bad is not the technology but the system where people's lives are being destroyed. Similar thing with p2p/piracy/sharing and artists. THe current p2p thingie may or may not be a good thing but far more important is whether it is good for society or not. It's unclear to me.

hmm... I think I just wrote a long message and ended up with the original point: I'm confused and I don't know what is right :|

Sivaram Velauthapillai

Re:Society is reaching a fork in the road

[Bloodmoon1]

And you just picked up a fan. Finally, someone who gets the damn point of everything and can see the world for what it is, not some candy coated corporate projected image. As you point out, this is a very bad first step down a long, messy road. It may not seem like much now, but let things like this go on for another 20 years, then another 50. See where society is. I can tell you, it won't be a very good place.

Ok, it's illegal to download music. You're getting something for nothing, right? Even if you download a song and listen to it a couple of times, then throw it away, you're still breaking the law. So, is it that far to say that if you get up and stop watching commercials, you're more or less stealing a TV show because you're not "paying" for it by watching the advertisments of those who are paying for it? This is a nasty slippery slope we do not want to go down.


Or no. Maybe we do. Maybe society in it's current incarnation is lost. Maybe a new, better tomorrow needs to be forged from the rotting hulk of old. It's not like it hasn't happened a thousand other times in recorded history. Hell, just in the last 100 or so years, we've seen the decline of basically all European monarchies as they became democratic, several former empires fell (the Ottoman, which was almost 500 years old, the USSR, and many colonial empires, among others) and a slew of other vast changes in society. Maybe it's about that time again. Maybe this time, revolutions will be centered around the rise of information. Maybe people will finally say to hell with all this shit about copyrights and with everything else that society is built on that makes it fail. Maybe no longer will people ignore problems, but instead look to solve them.

The environment is becoming less hospitable each year. If I live to see 100, I'll be amazed if we can still live above ground on this planet. Humans are killing this world, and anyone that doesn't think so is a moron and should be killed. But instead of paying attention to, and doing something about, our destruction of this solitary outpost of human civilization, we're worrying about this. We're not arresting people who's corporations are responsible for the destruction of the Earth, but we are getting those fuckers that share files on line. That will show them.

I look forward to the downfall of civilization. I for one welcome a new dark ages. I wasn't always like this, but I've came to the sudden realization that things are going to have to get a lot worse before they get better. One day they will. Everything dies, including corrupt and failed governments. And one day, humanity will be a better thing. Today is not that day. I've long wished that we could suddenly became a star farring race. I really don't anymore. I know we'd fuck it up. Don't worry, in 20 years, I'm sure Earth will be nearly uninhabitable, and the moon will be nearly strip mined, but hey, there's always Mars. And there will always be file sharing in one form or another. I was sharring files on floppies long ago, now it's via a modem or a ethernet card, soon I hope to do it through wireless and via the atmosphere. And don't worry, whenever some 15 year old on Mars colony does it via the intersteller network, I'm sure someone will be there to point out that he's stealing. Unless, of course, the aformentioned information revolution has fixed that, then he's not stealing, he's shareing. And after all, isn't that what your mother always told you to do?

Really, the problem steams from new technology. If it's something a society and its government doesn't understand and refuses to adapt to, it will eventually crush them. Those countries that embrace things like the open exchange of information, advances in bio-technology, and space will ultimately be the ones that surive and thrive, those that don't and instead chose to crack down on file shareing and ban stem cell research among other things... well, we'll cross that bridge when we get there.

Re:Society is reaching a fork in the road

[shark72]

"I'm just questioning your assertion that society is somehow violating the RIGHTS of artists."

That's the very context of "right" in the word "copyright." In today's society artists have the right to say who can do what with their work. If you violate copyright (by, say, downloading music without permission from the rightsholder) you are violating their rights. It's an ugly fact, but it's straightforward. Nobody wants to think of themselves as violating another person's rights, but that's what we do when we distribute copyrighted material without permission.

"Your examples are flawed and useless."

There was no editorializing done there... those are the countries which are not signatories to the Berne Convention. I was not "looking at poor countries" to be misleading. I didn't edit that list to serve my purpose. it's self-evident: countries which largely don't respect copyrights largely don't have much money. Whether these facts are related, and whether one is the cause of the other, or the other way around, is probably too complex of an issue to try to discuss here. But the list is the list, and their GNPs are easy to look up.

"Just using your example (of looking at the signatories of the Berne convention) doesn't show anything. I mean, many signatories probably don't enforce any of it (similar to many UN treaties)."

Hypothetically this theory could be correct, but the Berne Convention has been around for longer than you or I have, and you can be sure that signatories respect it and enforce its terms (which is why you don't see unfettered music piracy rings in, say, France). Any signatory caught ignoring it would have been nailed long, long ago. Interestingly, the USA was one of the last industrialized countries to sign it. Book publishers in the US were printing versions of books written by international authors without authorization, and signing the Berne Convention meant that they had to stop this.

Re:Freenet is not safe.

Actually, just the size of the piece of content you are retreiving is very likely to tield enough information to identify exactly who retreived it, I'm afraid. So the "traffic analysis" is rather simple ... Be afraid!

Mod parent up

The link in the parent post is quite important.

Re:Freenet is not safe.

[Hobbex]

Actually, just the size of the piece of content you are retreiving is very likely to tield enough information to identify exactly who retreived it, I'm afraid.

Pieces of data in Freenet are padded to the nearest exponent of two, so this particular attack would be pretty difficult.

Freenet is Java while Winny is native C++

Winny is based on Freenet only on some of its ideas, not implementation.

Re:Freenet is Java while Winny is native C++

[radish]

The reason freenet is slow is nothing whatsoever to do with the language it's written in.

Re:Freenet is Java while Winny is native C++

Then why does "Hello, world." in Java take 200 megs of RAM?

Sir

Please direct your notes about the speed of the legal system to Nick Baker. Thank you.

AUdit the code?

[nurb432]

If its so great ( even though we havent seen it in the west ) has anyone audited the code to see if ts really the 'next generation' or not?

If so, its time to let it come across the pond... and see if it flys or dies....

WiFi network without TCPIP

Its simple, use UDP, and use WiFi. Use a portable storage device to access WiFi. Suddenly you have an annonymous network with no IP addresses.

We just do not have enough WiFi access points to do this and still depend on ISPs

Re:WiFi network without TCPIP

UDP still uses IP Addresses. Not to mention that WiFi is just ethernet, so any "evil" node can identify your MAC address.

patented - you can't use it

Onion routing is patented by some Jews, so you can't use it for anything or develop any new programs using it.

And next is...

Some more details - from what I remember in browsing news sites over the last week, the two people arrested this time weren't directly detected as sharing copyright infringing stuff over winny, rather they just had large amounts of encrypted traffic going to their houses for no apparent reason and were doing other dubious/stupid things - I recall seeing a mention that the young unemployed kid was auctioning some of the stuff he got off winny. The police then got warrants and found copy righted stuff on the computers as well as winny setup to share it.

Still, the news has already partially killed winny and people are waiting/expecting another program to come out in it's place. The discussions over name has been amusing, since the "obvious" choice to keep incrementing the letters and call the next one WinOZ has aready spawned suggestions to name it dorothy instead...

As an aside, several people seem to make it out like winmx usage died completely when winny came out - I still see/use several large japanese opennap servers (most people used winmx for connecting to opennap servers, not for the built in WPNP sharing) although with those too most people no longer use english clients like winmx and instead prefer japanese language ones such as Utatane.

Re:And next is...

"call the next one WinOZ"

That's messed up. I called my filesharing PC WinOZ.(I meant to call it WinDoz, but forget the D and just left it)

What democracy? (rhetorical)

Well IANAJC (I am not a Japanese Citizen), but as a citizen of another known "democratic republic", I just have to wonder. Weren't we supposed to be pretending that government did something other than <>?

Just as a gas, I'm including a relevant clip from Japan's constitution. Reach your own conclusions.

Article 21:
Freedom of assembly and association as well as speech, press and all other forms of expression are guaranteed. 2) No censorship shall be maintained, nor shall the secrecy of any means of communication be violated.

Re:What democracy? (rhetorical)

[Sivaram_Velauthapill]

How much do you want to bet John Ashcroft's long-distance relative is running things over there? ;)

Sivaram Velauthapillai

What Freenet does and doesn't do...

[Kjella]

It should be noted what Freenet does NOT provide however. Freenet does do what the serious mixnets reffer to as "Onion routing", which basically means that the message is wrapped in an onion of cryptographic layers, which are pealed off at every step. The idea behind this is only the very last node can see contents of the message, and only the first knows it came from you (and none of the other nodes know anything except where the message came from and where it went).

I don't think so. How could Freenet do proper onion routing when you can not determine what route it will take? As I have understood onion routing from mixnets is that you get the the public keys of the nodes in the path, then encrypt all the layers of the onion yourself. Then each mixnet node will unwrap a layer, and send to the next one. However, in Freenet there is no knowing which nodes are connected to which. You ship off a request to the first node, and that node decides what to do with it, return data, send it to another node or stop request. Which also means it must a) know how to determine if it has the data and b) know where it should route it next.

Both indicate that Freenet doesn't do onion routing. How could that be, when the only way you can know the public key of a node connected to the first node, would be through the first node? Or a node connected to that node again? It'd be trivially simple for the first node to make up a "virtual" onion route that you send to, where in fact the first node is sitting on all the decryption keys.

If you request something from Freenet, your node will call up another node and ask it for that file - if that node is controlled by the Feds then you are busted. It is argued that there is plausible deniability, because it is possible that your node was not downloading the file because you asked for it, but simply forwarding it for somebody else. Given the state of the judicial process at the moment, I'm not terribly optimistic about this defense.

Actually, the defense is both good and bad - the problem lies in the HTL - Hops To Live. As it is (or at least was, when I tried to convince them it was a bad idea) the maximum HTL is 25 (in node, no matter what the program requests). That is, if you request/insert something with HTL 25, it's *your* request/insert, noone else's.

I recommended adding a random factor to that, so that there was only a *probability* that you were the original requester/inserter. In fact, they have implemented exactly the same at the very low end - to avoid node probing. Though I got pretty much zero response. This alone makes Freenet's "anonymity" claims pretty much broken, if you ask me. I got some (arguably true) response that statistical attacks would still work - but it'd still beat the smoking gun you have now.

Freenet also doesn't protect (at least not very well) against traffic and timing analysis, allowing one to track down the author of something using the timing and amount of encrypted traffic that nodes exchange. I don't know of any case of traffic analysis having been used (except maybe on the NSA hyper-spook level), but it isn't impossible.

That is pretty well known, and also quite solvable. However, both sending bogus traffic and having random delay buffers (Freenet requests really can't work like a mixnet pushover buffer) would drain Freenet's already mediocre performance. Not to mention it requires some pretty damn huge resources to mount that attack from the outside.

A more insidious way would be to run compromised nodes, and hammer the node you wish to unravel with connection requests from other compromised nodes. If you already know your target, it might be possible to compromise all the nodes in their routing table (the more nodes you have, the more new requests for new compromised connections you can send). Also here, Freenet is pretty dumb in that it has a static 50 node limit by default. Once you've got 50 compromised nodes in contact with the target node, it's isolated from the ne

Re:What Freenet does and doesn't do...

[Hobbex]

I don't think so. How could Freenet do proper onion routing when you can not determine what route it will take?

There was a negative missing there. Freenet does NOT do onion routing. Sorry (though I think it can be seen from the context what I intended.)

Actually, the defense is both good and bad - the problem lies in the HTL - Hops To Live. As it is (or at least was, when I tried to convince them it was a bad idea) the maximum HTL is 25 (in node, no matter what the program requests). That is, if you request/insert something with HTL 25, it's *your* request/insert, noone else's.

There is an added random factor to it, IIRC, but it isn't nearly high enough. In retrospect, I think that we should not have used HTL at all, but instead had a random probability of the request terminating at each node it reaches. The blame for it not being done this way lies mostly with me - I had an idea when we implemented the basic protocol that it should be very robust, thus every node keeps track of every request and times it out as soon as possible, and then something like HTL was needed.

Having seen how things turned out, if I was to go back today, I would made the protocol as lightweight, "fire and forget", and memoryless as possible instead. The usage pattern I imagined where users made a single request that had to succeed or fail correctly became "spam the network and hope for something" and the protocol was never designed for that.

It should be noted that the anonymity aspects of freenet take a hit from the routing problems in this case: Overload and lousy routing caused people to pump up the HTL, which caused us to limit it strictly to avoid and evil cycle (that wasn't avoided), which is why most people start with the highest permitted value today.

Also here, Freenet is pretty dumb in that it has a static 50 node limit by default. Once you've got 50 compromised nodes in contact with the target node, it's isolated from the network and you can see all requests/inserts it does. With at least some random factor, you would provide some uncertainty - do we control all nodes now, or are there still more? Can we *prove* these came from him?

I would say that the benefit of a random factor is dubious here. If you have the capacity to compromise all the nodes in the routing table, then you probably have the capacity to scan their traffic to see if they have other peers (I mean, how else did you find all their peers?)

They could not do a simple port scan, as you need the node's public key to get a response. However, you can listen on the network for those. Due to the state of the Freenet network, you need a certain inflow of new nodes, and so you also need to announce your node on the network. If you had a set of stable 24/7 static ip nodes to connect to, you wouldn't need to. However, since nearly all residential connections are semi-stable (cable/dsl), it is as it must be in order to keep the node functional.

"Silent Bob" as we called the idea of not responding until the key is seen, is in the protocol, but it is not, IIRC, the current default behavior of the node (for perfromance reasons). I don't agree that "a set of stable 24/7 static ip nodes" would be a good thing. The more static the network is, the more vulnerable.

The node probing defense also makes it impossible to know without actually securing the node - the node will sometimes pass the request, regardless of whether it has the data or not.

There is no defense against timing analysis of these responses. If the response is instantaneous, then you can be pretty sure the node contained the data before you probed it.

There is no defense against timing analysis of these responses. If the response is instantaneous, then you can be pretty sure the node contained the data before you probed it.

I think my analysis is almost the opposite. I wouldn't worry much about requesting or inserting data (if the network was working, I don't know w

Attacking the symptoms... not the disease

[TamMan2000]

The problem is not the drugs, but the fact that they are illegal, if they were legal, none of what you described would have ever happened...

Stories like the one you just told are way too common, and they have been around for a long time, and during prohibition it was alchohol instead of meth. Lawmakers realized that it was causing more problems to have alchohol illegal, than legal, and drugs are the same way, but people are so damn thickheaded that they can't see it...

Taking != copying.

[Thinkit3]

Taking means the original isn't there. Copying isn't taking.

Ah, I don't think you understood what I ment...

[Kjella]

I would say that the benefit of a random factor is dubious here. If you have the capacity to compromise all the nodes in the routing table, then you probably have the capacity to scan their traffic to see if they have other peers (I mean, how else did you find all their peers?)

1) Get one connection.
2) Flood it with ARKs from other compromised nodes
3) As new nodes connect, they too start sending ARKs for yet more compromised nodes
4) It quickly doubles... 1, 2, 4, 8, 16, 32, whoops 50 nodes which are all controlled by you. 5) As long as you block any "foreign" ARKs (or he downloads a new seednode list), he'll never escape your grasp. You're now basicly acting like a transparent proxy between him and the real Freenet, able to log everything he does.

You don't need to have any monitoring capability, know any of his peers or anything. All you need to have is a target, and a Botnet good enough to flush his node list *once*. After that it's game over.

Kjella

Re:Ah, I don't think you understood what I ment...

[Hobbex]

You are misunderstanding the way freenet (or at least the ARK thing) works. ARKs can't be fed to a node to replace other nodes in it's routing table. ARKs are simply a way of updating the information about nodes that are already in the routing table.

If a node starts sending you requests, and those requests are successfully fullfilled, then you can set "DataSource" value on the reply to yourself or one of your other compromised nodes - this is the value that is actually added to the routing table. We called this attack a "cancer", for obvious reasons. Scott Miller and I did a presentation at one of the O'Reilly conferences where we, among other things, showed that with infinite resources a cancer could basically swallow the entire Freenet network.

I had not thought about the possibility of trying to target a cancer at isolating a particular node. My intuition tells me that it would not work: every time the node routes to you, it adds a reference to another one of your compromised nodes, but every time it routes to another node (and that is after all 49 times more common to start off with) it should be (*) adding a node that is not compromised by you. Calculating the results precisely should not be that complicated a problem.

(*) The way things worked originally, the only limit on the size of the routing table was the number of references, which could all have been to a single node or each to a different one. When Tavin rewrote the routing table in late 2001 (IIRC) he changed this to N nodes which could have R references each (typically 50 and 100 or something). This was done for technical reasons, as when we implemented the PKI each node took up a substantial amount of memory (2-3 KB maybe), while references where still only 23 bytes. I have since then come to decide that this was a mistake for several reasons, but it had not struck me that this could facilitate the kind of attack you describe: the attacker gives himself an advantage, because each response from him contains a reference to an entirely new node, while a lot of the references received from uncompromised will be to nodes that are already in the routing table.

Still, I think the attack, if possible, would be a lot harder than you describe.

I am tired of typing into a textbox! If you want to discuss this further, then I'm in #freenet on freenode (old OpenProjects) or can be emailed with this handle at freenetproject.org. I don't read the fp.org mailing lists anymore, though.

Re:Piracy is a crime

...c'mon!!!!!! get some sleep and just a tiny little bit of porn out of your life. We all know your friend and you got porn off the pipe, so dont excuse for poor tv programming, we all share that in the first place :)

Effect of the Arrest

Look at the fall of traffic at the end of November at a large Internet Exchange Point.

Re:Piracy is a crime

I am wondering about this myself. As a gaijin with a nice ADSL connection, there is a lot of BT goin on in my house. I think it is only a matter of time till some foreigner gets hard time for this kind of activity. Then there will be some REAL slashdot attention.

Re:Freenet is not safe.

[jesser]

The nearest exponent of two could be smaller. I think I know what you meant.

Re:Piracy is a crime

Hey, sorry for commenting here but it's the only way I could get in touch with you (your email is not shown publically).

My email address is slashdot@quixote.us. I have some questions about Skype, you mentioned you used it in a previous post. I've been using it but in some cases it seems to blot out the sound of the other person talking (forcing us into a sort of walkie-talkie pause methodology) and at other times not. I'm wondering if you've encountered this problem.

Thanks,
Jason