Slashdot Mirror

← Back to Stories (view on slashdot.org)

Finnish Firm Claims Fake P2P Hash Technology

Posted by timothy on from the spy-vs.-spy-isn't-even-to-frame-2-yet dept.

An anonymous reader writes "As reported by The Inquirer, a Finnish company known as Viralg Oy claim to have developed software that can create a junk file with the same hash as a genuine p2p download. This, according to the company, can altogether stop the sharing of copywritten files by flooding p2p networks with corrupt/junk data, which then spreads through the network, causing less and less of the original file to be available. However, with the resolve of the p2p userbase, is this software really going to 'beat all Peer 2 Peer pirates at their own game,' or simply prove a minor annoyance?"

12 of 748 comments (clear)

  1. Just an annoyance by whoppers · · Score: 4, Insightful

    People will always creatively find a way around everything!

  2. Allow me to be one the first to say... by Ann+Elk · · Score: 5, Insightful

    Bullshit. "Virtual Algorithms" my ass.

    1. Re:Allow me to be one the first to say... by bigberk · · Score: 5, Insightful
      Bullshit. "Virtual Algorithms" my ass.
      You called it. They can either do proper MD5/SHA1 collisions with unchanged filesize, or they can't. My guess is, they can't.
  3. Re:They have cracked strong hashes, huh? by martok · · Score: 5, Insightful

    Indeed. In order for example to do this with
    BitTorrent, they would need to be able to
    generate colisions in sha1 hashes. The
    implications of which would go well beyond p2p.

  4. Only The Whole File? by TheFlyingGoat · · Score: 5, Insightful

    Don't most P2P programs use MD5? I was also under the assumption that P2P programs do a checksum on each piece of the file they receive, and if it's inaccurate it automatically re-downloads that part of the file. I've had pieces of a bittorrent download fail due to corruption and the client has just downloaded that part again.

    Seems like this company's setup would only work in very specific circumstances, meaning it won't have much of an effect at all.

    --
    You have enemies? Good. That means you've stood up for something, sometime in your life. --Winston Churchill
  5. Re:They have cracked strong hashes, huh? by CharonX · · Score: 5, Insightful

    And the best:
    You cracked SHA-1. Oh well, time to switch to SHA-256

    --
    +++ MELON MELON MELON +++ Out of Cheese Error +++ redo from start +++
  6. Re:They have cracked strong hashes, huh? by Sycraft-fu · · Score: 5, Insightful

    I'm sure that they just found some P2P client that has a weak hash and managed to make a generator for that. Then they are either morons that don't know there's more than one hash algorithm, or they do and are just pimping it to try and get money.

    Either way, I give it about a 0 chance they figured out how to quickly find collisions in a strong hash space. If they had, they'd be talking to the NSA, not the RIAA.

  7. By God by somethinghollow · · Score: 4, Insightful

    If I have one of these files and share the hell out of it, I better not be contacted by RIAA. If this spreads, not only will it make sharing difficult, it will make tracking legitimate (haha) piracy more difficult to detect. This (sort of) reminds me of a more high tech version of the time everyone started changing the name of their tracks to things like "Br1tn3y Sp34rs" to evade blocked searches.

  8. Collateral Damage by DumbSwede · · Score: 4, Insightful
    Since P2P can also distribute legitimate files (I am looking into one such project even now) this can only be seen as something that will lead to unintended collateral damage(assuming it works of course).

    Here is a tool specifically designed to cripple the flow of data, how can it be thought of as anything but a virus? Should it work I could see TV and Movie studios using it surreptitiously to cripple net-based fledgling media companies.

    This should be outlawed just like another intentionally malevolent software. Why shouldn't everyone write viruses and malware when the big guys do it and the government sanctions it. This is just the kind of thing that keeps web commerce from taking off to its full potential.

    --
    Letter To Iran
  9. Re:They have cracked strong hashes, huh? by drgonzo59 · · Score: 4, Insightful

    Agree, this is more like news for the marketing and general folk who don't know what hash is. From the news post the implication is that they can generate another file with the same hash as a given file. If they had indeed found a crack in all the hash algorithms (all SHAs and MDs) the news wouldn't be about P2P but about a major breakthrough in cryptography.

  10. Re:Agreed by Have+Blue · · Score: 4, Insightful

    Because the vast, vast majority of P2P users are trying to get stuff for free, not create an alternative-media-distribution free-expression utopia. They're not going to do anything on anyone else's behalf because it does not directly benefit them or immediately help them get more free stuff faster.

  11. This is so stupid by commodoresloat · · Score: 5, Insightful
    If the copyright issues were not present here and someone built a program that did something like this, they would be universally reviled as a malicious hacker. Hey! Here's a program that creates phony web pages with false information masquerading as legitimate pages! Here's one that copies Excel spreadsheets on the web and subtly pollutes the database with phony information, then stores multiple copies around with the same name! This handy tool attaches to a photocopy machine and randomly scrambles the words on the page you are photocopying!!

    P2P is a technology. Yes it can be used for copyright violations, just like a photocopy machine or tape recorder. But it also has amazing possibilities in terms of creating a universal organic archive. Crippling like this -- and through using lawsuits -- is an unnecessary attack on a system in its infancy.

    The copyright issues will work themselves out -- until the 20th century human art and ingenuity survived for thousands of years without the ability to make millions selling recorded music and video. If p2p has a major effect on the entertainment industry's ability to profit (and I'm still not convinced that it really will), human art and culture will survive. And people will continue to find ways to make a living creating art.