Slashdot Mirror
New Wave Of File-Sharing Embraces Secrecy
twin-cam writes "There's an article over at The Inquirer that software developers are designing secret file sharing networks that will make it harder for the music and file industry to prove cases of piracy.
According to Reuters, three file sharing networks are being planned which its users think will make it a lot harder for
music industry to track and charge people on their networks. The first is Optisoft which runs on Blubster and Piolet, music-only file-sharing networks. Only a matter of time before the RIAA requests a data dump from the ISPs or just sues everyone using their network."
This was only a matter of time, and really the RIAA's heavy handed tactics, and the goverenments complacency with them have forced developers to take matters into their own hands. Now they're really screwed.
It's pretty easy to design a network that will at least frustrate attempts to recover identities of sharers. Now if only freenet would stop sucking.
They better start building one heck of a computer cluster if they want to break the encryption. If anything, the RIAA/MPAA will give up the fight, and turn their efforts to getting Congress to pass some sort of tax on media, media players, your computer, your stereo, your car, your dog, your dinner, and anything else which could possibly be related to music or movies.
...anyone heard of FreeNet?
Windows is only $500 if your time is worthless.
Use freenet... Oh wait it's unusable.
Error 404 - Sig Not Found
Here's something to think about, the DMCA isn't just for big mega corporations. Put together a private peer-to-peer network using some kind of encryption and use a trusted invitation method (like maybe Orkut) to invite people.
Protect your network communications under provisions of the DMCA. Obviously if the DMCA knows what you're trading then THEY are violating the DMCA because the only way they would know is if they somehow got on and broke encryption.
Someone more technically more adept should be able to figure out how to pull this off but there HAS to be a way to establish a peer to peer network (which is still legal) and protect it via the DMCA.
An Optisoft spokesman is quoted as saying it will be "four times" harder for copyright holders to trace infringers... Exactly how is that quantifiable?
I've heard of this program a couple of years ago. That, and there will always be the file-trading madness at nearly every LAN party. If the recording industry sees this as breaking news, no wonder they're losing the battle -- they're about 5 years behind the rest of the modern world.
this seems 100% just about making copyright infringement safer (especially the music-only one), not the kind of thing most /.ers will be in favour of.
this is a bad thing because they're playing up to the role of "the evil pirate" though since their aim to protect copyright infringers I doubt they could care less about hurting supporters of legitimate p2p.
The second rule of file sharing is YOU DO NOT TALK ABOUT FILE SHARING.
I don't know how long the original mp3.com was around, but it was probably less than 5 years, and it probably put up mp3's at a faster rate near the end than near the beginning. But even at a uniform rate over the whole 5 years, it sounds like one web site was distributing more songs per year all by itself, than the entire CD industry released put together (1.7 million songs / 5 years = 340,000 songs/year). Add to that the number of musicians who distribute their stuff through their own sites, and it's clear there's a heck of a lot more music being released as gratis downloads than as proprietary CD's.
Some people blame diminishing CD sales on unauthorized CD copying; others blame it on technological obsolescence (people buy DVD's instead of CD's now); still others say it's because poor artistic decisions by record labels result in releasing uninteresting music that people don't want to buy. I haven't yet seen a connection made with authorized, freely downloadable music, that people can listen to instead of buying proprietary CD's, just like they can run GNU/Linux instead of buying Windows, Apache instead of IIS, etc. Sure, a lot of mp3.com downloads are crap, but lots of commercial CD's are crap too.
Anyway, it seems to me that most of the music even on these "secret" all-music p2p networks is likely to be freely downloadable.
(Note: this post mostly rehashes an earlier comment of mine from that other thread, but the statistic is interesting enough that I felt it was worth posting again).
In light of the more secretive file-sharing networks, I think the RIAA's next strategy is just going to be to open up the phone book from every city, town, and village in the country and file suit against every single American citizen, nearly every one of which will have to settle with the RIAA for a few thousand dollars, because it will be less expensive than hiring a lawyer to prove, say, that one doesn't even own a computer.
It doesn't matter who's actually right in a legal case. It only matters who has the lawyers. And the RIAA has the lawyers.
After the music industry has made hundreds of millions of dollars from suing every single American, the MPAA will follow suit (no pun intended) with their own campaign of legal terrorism, and then the patent trolls will roll out with patent infringement suits against absolutely everyone.
Welcome to the Age of Lawyers.
Lawyers are the new American nobility. You are either a lawyer or a lawyer's subject. In the 21st Century, all Americans who are not lawyers will be forking over whatever money they have to pay for lawyers to defend themselves against other lawyers.
Lawyers will be living in mansions surrounded by the rest of us, who will toil endlessly, day and night, to earn our masters' legal protection.
Hooray!
You are in error. No-one is screaming. Thank you for your cooperation.
I've used WASTE for a long time. It has in interesting history....involving AOL and others. WASTE is a VERY secure private p2p network. It uses keys similar to pgp keys and can use over 4000+ bit encryption if needed. However, the network does seem to fall apart after about 50 or so people have joined. It is only good for small groups, imo. If you have a MAC, i wouldn't even bother was WASTE for now, it's current development stage give basically no functionality. For pc users who just want to trade files with their friends, etc, its a great alternative to other p2p.
I think the best way to keep the RIAA out would be to have filesharing networks based upon social networks (like orkut). You trade with your 'trusted' friends and their 'trusted' friends. You could set how many hops you were willing to spread.
... as far as I'm concerned, is the "VPN Name Resolution" service.
... I know of a fair few VPN's that are maintained with quite steady uptimes, all using plain ol' FTP as the internal-xfer-service of choice...
...
openswan and an IP address somewhere is all thats needed to 'bury a filesharing service'. It doesn't even have to be p2p
Its interesting that its come to this. Whats next - routers which won't route unless they know the protocols being encapsulated in the tund'd packets they're peer-transferring for? Sheesh, as if that will ever happen
(If anyone knows of some good VPN's, please share! heh heh...)
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
The DMCA works for corporations because they can afford the cost of litigation. Your average person isn't going to be able to afford to win a DMCA case against the RIAA companies.
You'll notice that these DMCA cases are never seen through to the end. The little guy runs out of money, has to give up, and the big corps get their way.
proving that the RIAA was right all along and p2p technologies are all about theft of services!
I think RIAA is very close to losing the ability to use that argument and be taken seriously. P2P, notably bit torrent, is being used increasingly by producers who can't afford a fat pipe for the whole world to download their stuff and by consumers who are tired of waiting in line at fileplanet.
The lion's share of P2P traffic is still illegal stuff, but if it can be shown that there are legitimate business models built using P2P for file distribution, RIAA's argument is effectively muted.
Education is a better safeguard of liberty than a standing army.
Edward Everett (1794 - 1865)
I proposed this solution about 4 years ago to one of the gnome-vfs guys at a Helixcode party in San Francisco "back in the day".
Basically you have a section of your local storage that is specifically set aside for this purpose, say a 5gb slice of your partition. This storage area is strongly encrypted with hashes that only you know (Blowfish, AES, whatever), via your own passphrase or private key.
When you send a file "to the network", that file is split into blocks, and encrypted with your public key, and those blocks are dispersed to everyone else on the network, in that encrypted fashion, and the "map" to reassemble them is dispersed likewise.
Every node with block #1, has a map which tells them how to get block #2, but not block #3. System with block #2 (which knows that block as block #1 to itself), knows how to get block #3, and so on. Sort of like the "Triad" mob system in Japan.
Your system requests a file, which is dispersed as a series of encrypted blocks, across hundreds, thousands, millions of other systems, and those blocks are reassembled, using those systems to find "The Next Block", and send it to you. You could also arrange it so that each "node" could know about the next 5 or 10 or 20 blocks, etc.
It is sort of a mesh between PKI + BitTorrent (which didn't exist when I came up with the idea), and the methodologies of common peer-to-peer networks.
You could further strenghthen the network by only accepting blocks from nodes you "trust" (via your own public keyring). Facilities to "swap blocks" across systems on a regular (or irregular) schedule, to keep the network "self-healing" would also be a good idea.. or keeping duplicate blocks in different parts of the "storage slice" for redundancy, etc. Storage is cheap.
In the end, this means that nobody can be accused of having "the full file", nor can anyone figure out what is in those encrypted blocks. Even if they had 1 block, there is no way to get all of them, or to accuse someone of distributing the material, since it would be moved around at irregular intervals.
What do you think?
Who modded that "funny" for goodness sake? It should have got an Insightful or Informative IMO, it's just a shame /. doesn't have a "too bloody accurate by half" rating.
You could have an anonymous P2P app that has network performance that is nearly as good as current networks, like Gnutella/Kazaa...
All you have to do is allow the source of a file transfer it to the client without the client knowing the source's IP address. To do this, you simply have the server sending files with UDP and a spoofed source IP address. Since few networks have any egress filtering, this should not pose a problem.
Now, the client has to be able to tell the server to send packets faster/slower, and which packets didn't get through. Well, first you must have a huge window size (TCP term, but applicable) so that the server will send a massive ammount of packets before the client has to send back any responses...
When the client does eventually have to send a few packets to the server, it does so by broadcasting them to all-nodes (just as searches are handled). So, everybody gets them, and everybody but the server involved can just ignore them.
I left out some details, like all servers generating a random 32bit Unique ID every hour or so, and sending it instead of their IP address with search results.
Now, that's only the anti-RIAA anonymity. It'll make things 99% more anonymous, but any foe with the ability to monitor the network will be able to see what is happening. To combat that, you could just have search queries include the client's public key. The results can include the server's public key (encrypted with the client's public key) in addition to the search results... That would keep you completely anonymous, even from resourceful snoopers that can eavesdrop on your own network.
The best thing about this is the speed compared to other anonymous networks. No longer would it take an hour to download a small MP3, because you don't need any intermediary nodes (except for small-message-passing), direct from source to destination, at full-speed.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Blubster comes with adware (GAIN), Piolet doesnt, as long as you remember to deselect them during installation...
The legitimate use argument is apparently going to get a lot stronger. Didn't we just see an article about a mirror in Britain losing funding. If resources are so tight, then efficient systems are the way to go and we already have them --P2P.
Besides, as far as I recall, the only two cases that have gone to court in the States from the RIAA's lawsuits against P2P users were both no-shows where the defendants lost by default for failing to appear in court. The interesting part hasn't even started and that will be when people go to court and plead not guilty. Even if they lose, it's still just the beginning because the appeals courts are where the RIAA is going to be getting real nervous. The DMCA is known be problematic. That's why Congress is looking to cut it back before the courts do it for them.
Check Wikipedia for some great Bush quotes.
"There are no longer torture chambers or rape rooms or mass graves in Iraq."
George W. Bush
o 2004 April 30, welcoming Paul Martin to the Whitehouse
I just spent half an hour removing all the spyware and adware that these programs installed.
DO NOT INSTALL PIOLET OR BLUBSTER.
--
More privacy can only be a good thing and I'm not about to launch into a rant about freedom vs. safety, but let's just look at some of the more ugly tactics people can use to subvert a P2P system.
/. one? Has anyone implemented anything like this? I don't know if it could be used alongside any privacy measures the designers implemented, but with enough work and balancing couldn't this be feasible? Imagine browsing limewire at a high threshold /. style and weeding out all those porn movies in disguise, incomplete files and mp3's with artifacts in them. There could be different ratings based on the node and the individual files and while the system could be abused I'm sure enough thought going behind it could make it fairly balanced and useful.
So anyone looking into stopping sharing of illegal material can't launch lawsuits anymore because they don't know the identities of the users. Fine, but they (or anyone malicious enough) can still flood the network with garbage and create so much noise that it will drive people away.
So how about a P2P moderation system similar to the
Just a though, slightly off-topic.
Spoofing IP is probably a violation of your ToS, and can get you terminated. Egress filtering is rare but increasingly popular in order to block DDoS UDP attacks. Your network admin may think you're a DDoS zombie and cut your line too.
The second thing this network doesn't provide is any incentive whatsoever to share files or bandwidth. Networks that rely solely on the honor system doesn't get much (one of many reasons Freenet is slow).
Third, it's trivial to disrobe which server is sending you what. Instead of sending "to all nodes like searches", a hostile client would try them in order. Servers could tell eachother, but the server might be hostile too.
Fourth, the entire network sounds like a DDoS waiting to happen. I flood the network with UDP packets telling them to all hit one server. That server has no way to tell them he doesn't want those packets, since he doesn't know the network.
Hell, since you installed it voluntarily (as opposed to getting a DDoS trojan) they might even sue the network nodes for DDoS'ing them. Nothing like a little legal liability too. Not to mention the good press you'd get.
Kjella
Live today, because you never know what tomorrow brings
People toss the term "monopoly" around quite inaccurately, I think. I mean, of course record companies have a "virtual monopoly" on making records. But canned air makers have a "virtual monopoly" on canned air. Super glue makers have a "virtual monopoly" on super glue. So what?
Indie musicians release their music outside the traditional channels, and if you would like to make your own canned air, if you have the resources, no one is stopping you. But, if you want a piece of music (product) managed, owned, controlled by some major label, you have to give them what they want for it. It's their product; they manage it, own or manage the rights to it. They don't have to give it to you at all, if they don't want to.
If you buy a car off the lot, you don't tell the dealership what they are going to sell it to you for, they tell you. And, if you buy that car and start producing exact copies in your garage and distributing these copies, my guess is you will get a visit from a lawyer.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
It's becoming harder and harder to believe the desperate cries of "why don't they understand that people are interested in P2P for legitimate uses!" in light of developments like these. Do you honestly need these convoluted secrecy schemes like 1024-bit encryption and splitting up files into thousands of pieces that are distributed to thousands of other machines on the network just to share Linux ISOs and Project Gutenberg texts? Clearly these non-copyrighted (or copyrighted, but freely distributable) files can be made available openly on web sites or FTP sites without fear of "the man" coming down hard (but please, feel free to share some isolated exception to this rule with me), and chances are you'll be able to download it faster to boot.
Honestly, it can't be about download speed. I've used Bittorrent before. It's slow. Unless the file you're trying to get is very popular, your download is going to be stalled for a long time, after which you'll be pulling a whopping 3KB/sec for hours on end. Maybe you'll top out at an underwhelming 40KB/sec. Color me unimpressed. Why anyone would want to download a Linux ISO using Bittorrent or Freenet (now THAT'S what I call agony) is beyond me. Just a few weeks ago I downloaded two FreeBSD ISOs at a consistent speed of approximately 500KB/sec from one of FreeBSD's FTP sites. No muss, no fuss, no "more sources needed" messages. Remind me again why I should have preferred using a P2P app to grab those ISOs? Remind me again why anyone would want to grab a Linux ISO from a P2P app when there are plenty of fast FTP sites where the ISO can be downloaded? This is why I roll my eyes when I hear people on Slashdot talking about how P2P apps have revolutionized their Linux ISO (for example) downloads. No one would put up with greatly reduced download speeds and file availability when nine times out of ten the file can be found on much faster non-P2P sources. On the other hand, when someone is trying to obtain files that cannot be freely distributed, they're willing to put up with awful download speeds and, of course, desire having unbelievable encryption on everything they do on the network.
What P2P advocates need to do -- and I've said this many times -- is create a self-policed P2P network where the sharing of files that users DO NOT have the right to redistribute is strictly prohibited. Users report violations they've found, and the offending user is banned from the network, perhaps reported to the authorities if the people in charge of the network -- NOT the RIAA -- determine a legitimate case of copyright infringement has occurred. Before any user creates an account on the network, make them aware of this fact. It's simple, and while nothing can be done to stop the network being used for copyright infringement entirely, I'm sure such measures would greatly reduce the amount of piracy that would occur. This would finally create the P2P utopia I've been hearing so much about on Slashdot.
"People toss the term "monopoly" around quite inaccurately, I think."
Yes, people like you. I will correct your mistakes and misconceptions though.
"I mean, of course record companies have a "virtual monopoly" on making records. But canned air makers have a "virtual monopoly" on canned air. Super glue makers have a "virtual monopoly" on super glue. So what?"
Canned air makers do not have a monopoly since there is no barrier to entry, i.e. I myself can can air right now. Super glue is also not a monopoly since there are readily available alternatives.
In order for monopoly to exist you need: 1) Strong barriers to entry and no close alternatives.
The RIAA is a a monopoly in that they exert monopoly power like a cartel (e.g. OPEC). The blatent evidence is that the RIAA was recently fined for abusing their monopoly to gouge consumers and were fined under US anti-trust laws.
--it's only been recently that music was purposefully made to not be recorded from. I used to record to reel to reel from vinyl and off the airwaves. As soon as the technology got there for joe home user, we could use it. What's different now is, these various industries want all the use of modern high technology to increase productivity and lower their expenses,to increase profits, but they don't want anyone else to have access to roughly the same technoilogy. And they most definetly COLLUDE to keep that in place, ie, "break the law".
Well, that just sucks. They've had years to adjust to changing times, all they have done is legislate away our rights to use technology so they can maintain a pricing schedule that reflects standards from years ago, and to keep it that way, forever.
Music and art used to be live only,and expensive, it was restricted to kings and such like that could afford to hire musicians and artists, or to people freely sharing with others, the local hoe down. Then it got to be recorded,first on paper rolls, then wax cylinders then vinyl, then tape now digital on hard magnetic media or plastic that is embedded, etc, and it's cheap beyond belief.
That's reality. But, it was expensive way back when it was first able to be copied for later use and didn't require the artists to be there to hear it (or view it), and they charged accordingly, but it was BECAUSE it was still difficult to make copies. It was more or less fair then, because it was still hard to do, it was expensive to make those copies.
Now, this isn't so, yet they still want the higher fees of yester-year, and, frankly, people revolted eventually. They revolted because the rip off prices were-revolting. Quite revolting.
The music and movie industry is going through changes, and they will NOT suceed in keeping technology away from people, so my best advice to them is to come up with a new way of doing things or get left in the dust.
Perhaps they may need to come to grips that there are so many people making music and art, that our society can't support those millions *just* doing that for a living, and if that is so, we will also no longer support an artifical class of music and art copier middle men.
It could be that the expensive media middlemen copiers and sellers are the buggy whip retailers of the 21st centyury, and their business is close to becoming completely obsolete, and they just can't stand the thought of having to go get another job after decades of some extraordinary fat city profits. Seems like everyone else around here is in the same boat, what makes them so special that it can't affect them as well? Joe rustbelt assembly line worker is told he's too expensive and tough crap, he can be replaced at a dime on the dollar, and gets replaced. Joe keyboartd banger is now being told he can be replaced by another person someplace else for a dime on the dollar, and too bad to him too. So what makes these music and art copying mechanics all that special? the answeer is NOTHING, they can be replaced, and quite easily, and for not dimes but PENNIES on the dollar, so tough crap to them, too, they are in the same boat everyone else is in now.
It looks to me more and more that what artists that are hip and honestly understand what is happeneing and are smart enough to deal with it and the various consumers of said art will get closer together, and just keep bypassing the middlemen, to the point of making independent studios and marketing concerns and professional copying mechanics massively and redundantly *unnecessary*. for most practical purposes, they are NO LONGER NEEDED IN OUR ECONOMY.
Maybe I am wrong, but that is what it looks like to me. The tools avaialable to both the productive artists and to the end users of that art are fantastic now, stuff that only the most wealthy of businesses could assemble and use just ten years ago. Well, it follows then then those specialty niche industries that used to be necessary in the middle are on the way out, they have been a