Is Rodi BitTorrent's Replacement?

tilleyrw writes "From ZDNet Blogs: 'Rodi is a small-client P2P application, written in Java, that improves on BitTorrent by allowing both content searches and full anonymity. It's released under the General Public License (GNU). Even your IP address can be hidden using Rodi through a process called "bouncing." That is, if A wants a file from B, they get C to agree to stand-in on the exchange. B gets C's IP address, not A's. Through IP Spoofing A can even hide their identity from C. Rodi can also be used from behind corporate firewalls and LANs using Network Address Translation (NATs), something most home gateways have.' "

Nice!

[Enigma_Man]

Now I can anonymously download all of those legal Linux distributions, and non-licensed music I've been holding off on, and nobody will be the wiser, mwahahaha!

-Jesse

Re:Nice!

[Enigma_Man]

Really though, this doesn't sound so anonymous anyway. All the **AA has to do is set up a bunch of "C" machines, and keep logs.

I do appreciate the ability for anonymity though (despite my dripping sarcasm), despite the fact that 99.99% of people will just use it to anonymously pirate things. I think the main use I can think of for actual anonymity is for use in political situations; to report ethics violations of the bad-guys, to point out crapulence in the government, etc.

-Jesse

Re:Nice!

You download linux? What a wonderous place the free world is. Where I am, to study my religion I must secretly download my bible, read a few passages then erase all trace of its existance from my computer before the secret police find out about it.

Thanks to encryption, I can even discuss passages with friends who are of the same persuasion. We are also discussing plans for a free country, if only we could discover cheap oil under the capitol building...

Re:Nice!

[Desipis]

What about if you use multiple C's, and encrypt the data using a key only know by A and B (possibly even a public private key pair)? That way: A - doesn't know where the data is going. B - doesn't know where the data came from. C - doesn't know what the data is. Neither one of these would have enough evidence to sue another (unless they somehow work together).

Re:Nice!

[munehiro]

This is an improvement of bittorrent. I'm behind firewall, and my download rate sucks because i can only receive, but not send. Using C as a bridge, like Skype does, allow bittorrent to work even in this situation.

Re:Nice!

[Baorc]

I don't know if you read the summary, but let me just refresh your memory.

That is, if A wants a file from B, they get C to agree to stand-in on the exchange. B gets C's IP address, not A's. Through IP Spoofing A can even hide their identity from C.

Therefore even if the **AA sets up a bunch of C computers, we can still hide from them. They evidently thought about this.

Re:Nice!

[Enigma_Man]

B (the guy sharing the file, and thus liable, the **AA usually gets the sharers, not the downloaders) still has his IP given to C though. A is anonymous, but B is not.

-Jesse

Re:Nice!

[Baorc]

Ah touché. Ok I just skimmed through the article, so I didn't RTFA, but how is the sharing process going to be handled?

In BT you downloaded and uploaded at the same time, is this the same thing and if so, isn't everyone (except the seeders) A and B at the same time? And if so, are they all obfuscated or can they all see their IP's?

Re:Nice!

Well, what would happen is that the *AA starts by setting up a metric buttload of C's, and takes traffic stats. It notices that A sends out a lot of files to people that are suspiciously about the size of a DVD image. *AA then sets up a client then uses a *AA-run C to connect to A and search for movies.

It's a pretty poor design if theres only one hop of C, since then all it takes is owning two of the computers. Even if theres a handful of hops, as long as the *AA have a LOT of C computers that are all misconfigured to only connect to other *AA-run C computers, they still have a pretty good chance of figuring out who A is.

Re:Nice!

If the ??AA is going to keep logs, then are they not participating in the piracy of their own material? Regardless, we need a shit filled network of random requests and broadcasts routed simultaneously. Save data as it goes over the "wire" since there is no requestor. This is all rediculous bullshit, but since they are driven by scarcity we will continue to evade their grasp of such with the INFINITE possibilities of protocol, routing, encryption, algorithms, physical media, and dialect. Read that sentence again and analyze the capitalzed word: there is no way to control chaos.

P.S. to slashdot.org: thank you for putting a CAPTCHA on anonymous postings. It's the car alarm of the Internet, and now it's here. Pathetic. I CAN see and I barely could read the letters in this piece of crap.

Re:Nice!

"It notices that A sends out a lot of files to people that are suspiciously about the size of a DVD image. *AA then sets up a client then uses a *AA-run C to connect to A and search for movies."

Never holding up in court. Besides, P2P hasn't worked that way for ages. A isn't going to share DVD-sized images with anyone, and nobody would be able to search A AND know that it was A they were searching.

Re:Nice!

[EggyToast]

I realize that a great deal of the clout around anonymous P2P is for illegal reasons, but I do think developing P2P distribution methods that allow for anonymity is important. Not for legal reasons, but for marketing ones. I'm kind of sick of banner ads that say "Shop Maryland Stores!" because it picks up my IP and compares it to a table to see where I live. I don't want to use a P2P network to download [legal] movie trailers and have the movie people see "hey, these people in Maryland are pretty excited about the movie, we should pay for a longer run there and spam them with ads."

There's a lot of technology and marketing that can put IP addresses to good use. Just like how I don't like being in the phone book because I don't want my address spread around despite not having anything illegal in my apartment, I don't like my computer address being spread all over the place either.

(not to mention things like if one of these p2p networks happens to get released with a security flaw, there's suddenly a road map to hackers for every IP address connected to the system where they can potentially exploit the user.)

Re:Nice!

[squiggleslash]

I suspect the summary is wrong.

If A's address is hidden from C, how can C send IP packets to A, performing the "middleman" role?

Generally speaking, you can easily, right now, but probably not for much longer, spit out IP packets with addresses that are incorrect. Hence it makes sense that this is a system for hiding A's address from B. However, somewhere along the line, A's address has to be known by someone otherwise the packets will never be routed to A.

Now B's address is quite probably hidable from C. The transaction would go something like:

A to C: Would you proxy packets to me? Please, pretty please?
C: Sure kid, knock yourself out.
A (without a correct sender IP address) to B: You don't know who I am, but would you mind sending file "Star Wars III: Revenge of the Lucas, The Good Version" to C.
B: Sure, here's the file.
B (without a correct sender IP address) to C: You don't know who I am, I understand you have someone who wants this file. Here it is.
C to A: Here's the file you requested.

In the above, C's address isn't hidden. A's is, from B, but not from C. B's is, but A knows about it. For A to be the eventual destination of the file, someone must know A's address, otherwise the packets will never get there.

As for the FBI intercepting this traffic, they really have few options. It's unlikely what A's doing is illegal, and there's no smoking gun with respect to B. If they are C, they cannot find out B's address so will not know who's copying their content. They know A's address, but A isn't copying anything.

Incidentally, before anyone comments, I'm commenting on this as a technical solution. I do not endorse this as a way to facilitate copyright infringement, something I'm generally opposed to. A quick look at my posting history will confirm this.

Indeed, I'm actually relatively unhappy with what's being proposed as, unfortunately, the primary reason it appears to have been developed has been to facilitate copyright infringement. Right now, as I said in a previous post:

We need to disassociate ourselves with copyright infringement. We need to devise ways of keeping unauthorized music away from the P2P networks, and replace that content with new, original work, devising new and innovative ways to fund it.

The best way to destroy a technology and ensure it cannot be used for good is to make its primary purpose bad and/or easy to legally attack. The kind of thing being proposed here today will make ever more draconian legislative attacks on Internet users a reality. We need a new approach.

Re:Nice!

[Enigma_Man]

Now that's an extremely excellent use of anonymity - freedom from marketing slimeballs.

-Jesse

Re:Nice!

[Rob_Bryerton]

despite the fact that 99.99% of people will just use it to anonymously pirate things.

Please, show some information that supports this "fact". What's that? There is none? Thought so.

Heck, I'm still trying to figure out where this whole pirate thing fits in. What's that, you say? Euphamisms to furthur propaganda? Oh, I get it.

Re:Nice!

[Oxygen99]

Umm, since when did we need to justify anonymity in a free democratic nation?

How about the fact that I don't want anyone to know who I am because they have no damn right to? Maybe I choose to anonymously share files. Maybe I choose to carry no ID when I'm out. Maybe I'd really like to be able to anonymise my websurfing and downloading, purely because I prefer it.

Isn't that reason enough?

Re:Nice!

[LocoMan]

I think everyone can see their IP's. At least I remember reading the bittorrent creator saying that it was stupid to use BT to trade copyrighted files since it didn't even try to offer any kind of anonimity to begin with (it wasn't what it was created for).

Re:Nice!

[sugapablo]

Does "C" know what files "A" is downloading from "B"? THAT would make "C" logs irrelevant.

Re:Nice!

[BobTheLawyer]

What A is doing will almost certainly be illegal, as he is procuring that C copies copyrighted material from B, and then that his (A's) computer copies that material from C.

The anonymity may make legal enforcement difficult, but it's unlikely to affect the legal position for A and B. The interesting legal question is to what extent C will be liable if he doesn't know what the content of the packets is. What if C is unwittingly used to proxy child pornography, for example? Is his position any different from an ISP operating a "normal" proxy, which presumably proxy all kinds of nasty stuff?

Re:Nice!

Absolutely. I've been using freenet ever since I first heard about it in a slashvertisment and I haven't downloaded a single mp3 or warez. I use it to communicate with people with similar interests as me in a world that frowns on the types of behaviors we don't believe cause any actual harm. If word got out that I was a believer in these things, my repuation in the community would be destroyed, and the chances of finding employment would be decreased.

What we need to see next, and this isn't a freenet feature so much as a Frost feature, is a way for Frost board messages to be saved in freenet so a client that isn't connected 24/7 doesn't miss messages. One of the boards I'm on there's a new message ~ every 20 minutes. If I have to restart the computer, freenet, or frost (it doesn't minimize to the tray like everything else and I forget that sometimes), I run the risk of missing a message

Re:Nice!

[Aeiri]

See, you are the first to understand the technology of IP spoofing here (the others don't realize they can't get the packet back), however, even your method is flawed... unfortunetly.

"If they are C, they cannot find out B's address so will not know who's copying their content. They know A's address, but A isn't copying anything."

How does A get B's address? They can just continue doing what they are currently doing on BT and other P2P networks, being A, and get the people who are distributing the (software|music|movies)'s IP addresses.

Re:Nice!

I guess then the Secret Police will just have to randomly check people's computers for illegal materials...

Re:Nice!

[Enigma_Man]

But there's a lot of things you might prefer to do that obviously aren't allowed. Just because you want to do something doesn't mean it's legal (or even ethical).

I _want_ to drive my car with a short, straight-pipe exhaust with no cat. I much prefer that, because my car is more fast, more fun, and gets better gas mileage that way.

-Jesse

Re:Nice!

[Rei]

That was my take as well. Reading over the description, I had questions, and posted this on their forum; hopefully I'll get my questions answered.

------------

I've been working on a project called Uso (http://www.daughtersoftiresias.org/uso/) designed to create an anonymous network layer, and am wondering if I've been beaten to the punch by Rodi. A couple quick questions about it's capabilities:

1) How much of the described anonymization (such as spoofed IPs) does Rodi currently allow? In my experience with Uso, packet spoofing while ensuring receipt is easier said than done, and your ability to do so varies from network to network. Also, if you're spoofing packets, would not Rodi have to run as root to get access to raw sockets?

2) As actual transfers between two nodes are done in direct P2P fashion (not proxying), what is to prevent an adversary from attempting to download from a publisher and having the publisher's IP exposed? Even if the publisher is spoofing its IP in packets sent out, it needs to get acks back to ensure delivery. Are acks routed through a "bouncer" (i.e., a proxy - I'm not sure why you chose that terminology), as is part of the Uso protocol?

3) Is not a client's IP inherently exposed when it tries to download from an aversary posing as a publisher? Uso has the ability, in some situations, to simply have packets returned to its local subnet instead of the specific machine doing the request, which it then sniffs with pcap. It's not easy, and is still being worked on (we're going to need to do some arp flooding and poisoning for switched networks).

4) How are you doing NAT tunnelling? The mentions of the use of TCP to get past NAT, for a UDP protocol, were just confusing. In Uso, when we talk with a client for the first time (postconfiguration), we try and detect how bogus of packets we can send and still be heard. If it can't respond to us with what we perceive as our IP address, it talks back to the IP/port that it received and lets us know what that IP/port is, and that we must be behind NAT; the behind-NAT node then sends regular keepalive packets on the same port so that incoming traffic will be able to go through it (a technique known to work on most, but not all, routers; a few only allow return traffic from the IP that you initially tried to talk to)

5) How are you determining what spoofing is possible behind your network? See above for how we deal with this in Uso in postconfiguration; in autoconfiguration (i.e., before you send any traffic), we use packets with timeouts and see if they get returned to us.

In short, I'm curious as to how you're dealing with many of the issues I've had to deal with.

Re:Nice!

[djward]

to point out crapulence in the government

It's probably easier at this point to point out the stuff that's not crapulent.

Re:Nice!

[squiggleslash]

How does A get B's address?

I think the "too smart for their own good" part of the plan is to assume that even though A knows B's address, it's not important, because A can't prove B is sending anything. All A knows is that to get a file sent, B has to be contacted. B could then pass the request on to D, for all A knows.

FWIW, I agree with you in general and I suspect that, whatever else is the case, "They can just continue doing what they are currently doing on BT and other P2P networks, being A, and get the people who are distributing the (software|music|movies)'s IP addresses.". I think a geek who turns up in court and says to the judge "*snuk* you can't prove it was me, all I was doing was collecting requests, I might have been passing them on to someone else" will get a quick slap and a reminder both that the phrase is "reasonable doubt", not "even 'Aliens stole my homework' is a valid defense", and that it's perfectly possible to be a party to a crime, it doesn't become legal because several people did different parts.

Re:Nice!

[DuckDuckBOOM!]

Indeed, I'm actually relatively unhappy with what's being proposed as, unfortunately, the primary reason it appears to have been developed has been to facilitate copyright infringement.

The other side of that argument is that people have a legitimate right to defend themselves from the legal extortion tactics employed by **AA and others in shotgunning barratry at anyone / everyone who might be pirating; i.e., the infamous "pay us $$$ or we'll sue you into bankruptcy" letter. The courts aren't protecting us from this bullying, so I have no problem with any tools that help us to protect ourselves. As you pointed out, Rodi doesn't appear to be as useful in this regard as the article suggests, but it's an interesting step in that direction.

DDB

Re:Nice!

[Aeiri]

I think the "too smart for their own good" part of the plan is to assume that even though A knows B's address, it's not important, because A can't prove B is sending anything. All A knows is that to get a file sent, B has to be contacted. B could then pass the request on to D, for all A knows.

HOWEVER, if that plan was used to connect to B, and B was connecting to a Freenet/I2P like network, then that wouldn't be a bad idea. You could just put up random nodes with nothing being served on it (I would) to send encrypted traffic through your computer.

C could just be another node in B's network, as well.

If it is part of the original code, and every used it, then they can't just pick on the random Bs they get.

Another point is, since ACKs would not work, you would have to accept plain old TCP SYN packets with data, check it, etc, but there is a problem with file integrity this way. If chunk X of file Y were incorrect, the request for X could go from C (the place where the integrity is checked), to A, back to B, through the network, to the sender, spoofed back to C, and the data would be sent through again to C. CRC and hash checks of each chunk like BT currently uses would be pretty much mandatory, as well.

Did any of that last paragraph make sense?

Re:Nice!

[JabberWokky]

Yes, but we're not discussing bittorrent.

--
Evan

Re:Nice!

[LocoMan]

oops... missread that last one, though he was referring to BT when he was talking about obfuscating the IPs.. :)

Re:Nice!

[kidlinux]

Jeeze, I know a lot of /. readers don't bother to RTFA, but did you even read the description?

"Through IP Spoofing A can even hide their identity from C."

Re:Nice!

Well I have a 1994 websters dictionary that tells me a pirate can be the eyepatch wearing, peg-leg having, pet parrot owning type, or the someone who makes use of or reproduces anothers work.

Stupid webster dictionary propaganda.

Re:Nice!

[cayenne8]

"I _want_ to drive my car with a short, straight-pipe exhaust with no cat. I much prefer that, because my car is more fast, more fun, and gets better gas mileage that way."

Hmm....well, that works nicely for my motorcycle!!

:-)

Will probably cut the cats out the next car too....sounds better that way....

Re:Nice!

I _want_ to drive my car with a short, straight-pipe exhaust with no cat. I much prefer that, because my car is more fast, more fun, and gets better gas mileage that way.

Those of us with asthma would prefer that you keep the catalytic converter ON your fucking spewing machine. Since when did you acquire a right to foul the air I breathe?

Lemme guess, you also use "tuned exhaust" for maximum noise, eh? I guess I have a right to parade around with a bullhorn in front of your house too.

Re:Nice!

[Sandor+at+the+Zoo]

Please, show some information that supports this "fact". What's that? There is none? Thought so.

This article says that bittorrent traffic takes about a third of all the bandwidth on the net.

Now, you may think that this is from all those people downloading the latest Linux ISO, but unless you have "facts" (as you call them) to back this up, I'll believe that it's from people downloading much more popular content.

Re:Nice!

[h4rm0ny]

It's about power. The government or the credit company or whoever, having a big fat database on your behaviour gives them power over you, not you over them.

The catalytic converter is all about not damaging other people (very indirectly in this specific case). It's a different principle.

Re:Nice!

Umm...pedophilia does cause harm.

Re:Nice!

[Drive42]

This does not support your claim that the traffic is being caused by illegal downloads. The responsibility to prove that the traffic, however large, is being used for pirating still lies with you. Simply pointing out that there is a large amount of traffic might imply that popular copyrighted data is being traded. However, the article linked to in no way supports your assumption as fact.

Re:Nice!

I aquired the right 6 months ago. All it cost me was a sizable donation to the right politcal party.

Suck it up buttercup.

Re:Nice!

[supabeast!]

"...despite the fact that 99.99% of people will just use it to anonymously pirate things."

If existing anonymous internet solutions have taught us anything, it's that pirates would much rather have extreme transfer speeds than anonymity. It's much more likely that Rodi will be used by pedophiles to swap child pornography too big for freenet.

Re:Nice!

[elrous0]

Now I can anonymously download all of those legal Linux distributions, and non-licensed music I've been holding off on, and nobody will be the wiser, mwahahaha!

And I can engage in all that political dissent, like I've always wanted!

Thank God for this system which will never be used to distribute pirated content, kiddie porn, or copyrighted movies/music!

-Eric

Re:Nice!

The courts aren't protecting us from this bullying, so I have no problem with any tools that help us to protect ourselves.

The courts can't protect you if nobody lets it get to court, any more than the police can't solve a crime you don't report. It is not the courts role to say "If you bring this case to court we'll rule in your favor" because until the case is argued, they can't really pass judgement.

Re:Nice!

[mattspammail]

You're going to have to cease and desist on the usage of the word "right". We recently patented it.

Thanks,

Microsoft

"Let me hard code where you will go today!"

Re:Nice!

[legirons]

"All the **AA has to do is set up a bunch of "C" machines, and keep logs."

Maybe someone trustworthy will set up a load of "C" machines...

Re:Nice!

[Enigma_Man]

Well technically, by removing my catalytic converter, I've just transfered the damage from the world's oil supplies (I burn less fuel) to the environment (the fuel I do burn comes out dirtier); so that wasn't a perfect analogy to make, but you must understand what I mean. Just because one person wants to be able to communicate anonymously doesn't give them the right to. It's society that makes the rules (sometimes the government does a bad job at it, but in a perfect world, the government would reflect society).

-Jesse

Re:Nice!

[larytet]

"as, unfortunately, the primary reason it appears to have been developed has been to facilitate copyright infringement"

fully decentralized content search is the reason behind Rodi. see wikipedia on Rodi

Re:Nice!

[squiggleslash]

How does spoofing the sender address in the IP packets help with decentralizing the content search? Remember, it was that part of the system I was talking about, that I referred to as having the primary reason you quoted.

Re:Nice!

[dnoyeb]

You can believe what you want to believe. For instance, I believe you beliefs are biased foolishness.

First of all, bittorrent is in NO WAY anonymous. Its very easy for the **AA to know who is hosting these files if your suggesting its **AAs content that is passing across bittorrent. Note that certain torrent servers have indeed been shut down.

Furthermore I have used bittorrent myself and I see who is mainly using it. _Software Developers_

All those companies that over the last 10 years have started to use pay services like fileplanet since they themselves dont want to pay fully for the bandwidth, are now using bittorrent. Most of the files I have downloaded/uploaded over bittorrent have been >300MB.

Copyrighted, Yes, unauthorized distribution, no.

Re:Nice!

[larytet]

IP spoof and bouncers in Rodi are optional and is OFF by default. Rodi behaves as UDP based "trackerless" Bittorrent if you do not make any additonal efforts.

Ability to use IP spoofing is a bonus, as well as signed with DSA 512/-1o24 packetc, multicast, etc.

Re:Nice!

[squiggleslash]

It does. If it was up to me, I'd have the system break down every file into managable chunks, and download each chunk, CRCd, etc, separately. Packets of packets. You can even make the system optimize itself by having it do this on the fly, reducing the chunk size when errors occur.

If this protocol is supposed to be based upon BitTorrent, then given that's how much of BT works already, I suspect that's what they've done.

Re:Nice!

[gibson042]

Another point is, since ACKs would not work, you would have to accept plain old TCP SYN packets with data, check it, etc, but there is a problem with file integrity this way.

I don't think ACKs are an issue, since they prefer (maybe require) the use of UDP instead of TCP.

CRC and hash checks of each chunk like BT currently uses would be pretty much mandatory, as well.

Certainly.

Re:Nice!

[westlake]

the legal extortion tactics

In the american legal system, settlement out of court is the norm in civil cases. You do not get to a trial if you cannot raise a minimally plausible defense, your case will be decided on the papers as a matter of law. No license to distribute? That doesn't leave your lawyer much to work with.

Re:Nice!

[h4rm0ny]

but you must understand what I mean.

Oh absolutely. I'm not going to argue details over whether your catalytic converter is good or bad from an environmental point of view - it would distract from the actual debate.

I do see your point and I agree that it's a question of what rules society sets. We differ on whether setting rules on something like your cat is the same in principle as setting rules on something like anonymity.

Differences are the following:
1. There is a confirmed and unvarying negative effect from your CAT (debate aside, we can substitute something else if you like). With anonymity it is a case of presumed guilt and punishment on the basis of a possible negative.

2. A limit on something like the CAT is not a limit on your freedom in the same sense that recording your behaviour in a giant database is, in that the latter is much more far reaching and is ill-defined in its effects. At least you know the consequences of tearing out your CAT. They say, "you did this, your punishment is that." It is under judicial control. A government profile on you is not. If someone is looking at you on a list and seeing that you visited politically sensitive sites and this is influencing their behaviour to you, then that is something that is outside of judicial control. Punishment by opinion, politics and power.

3. The CAT is something that affects the mass of humanity (again subsitute pissing in the resevoir or whatever if environmental damage from a CAT is in dispute). It is something with negative consequences for us all. Anonymity is a negative consequence for a select few (those in power). Should laws be instituted for the benefit of the mass of people or for the power elite? I firmly believe in the former and the category difference between the CAT and anonymity is clear to me.

I hope this clarifies my position and helps you see my point of view. You're point about society making the rules may be valid, but I believe it is a small (and rich) sub-group of society that is making these rules at the expense of the rest.

All this in the spirit of reasoned debate to arrive at the Truth, rather than for the sake of an argument. :)
-Harmony.

Re:Nice!

as he is procuring that C copies copyrighted material from B

I was about to give you shit about the use of the word procure, but then I figured I'd better double check first. Good thing, as I learned that it has a specific legal meaning that applies here, and doesn't only mean "getcherself sumpin', like I thought.

Re:Nice!

[squiggleslash]

Nonetheless, they're implemented, correct? These are not optional in the sense that someone who wants to use them has to actually write the code to make them work, and they weren't created as a natural side effect of the system. Someone, somewhere, said "We need to make it possible to anonymously transfer files, in such a way that people cannot get caught when deliberately transfering files in a way that breaks the law." And given where the legal pressure is on P2P at the moment, it's safe to know what type of breaking the law we're talking about.

Re:Nice!

The P2P app filetopia is already doing this. They call them bouncers and they're rarely free to use.

Re:Nice!

[jonfr]

I can imagne the mpaa / riaa complains on this new p2p tech. Blaming it for lost income, that dosen't exist to start with.

Re:Nice!

It is far too easy to employ such a network in a denial of service attack.

Since C cannot request that B stop sending it data, the health of the network is dependant on A not requesting C be sent data without permission. If A simply requests twelve dozen different 'B's start sending the file to 'C', there is nothing 'C' can do to stop being flooded. 'C' doesn't even have to be on the network.

Re:Nice!

[larytet]

"and they weren't created as a natural side effect of the system"

funny that you mention that, but actually they WERE created as a "natural sideffect"

think about IP port spoofing and load balancing and DDoS attacks.

i am not the guy who published on Slashdot. i was not asked to read the article before it was published.

i tried to post on Slashdot 2 or 3 months ago but was rejected. i learned about this posting from 20+ emails this morning (Pacfic Time)

Re:Nice!

[squiggleslash]

There's absolutely no reason to do IP address spoofing as part of a file transfer protocol from what I can see. Load balancing certainly doesn't require IP address spoofing...

Worse still, this system seems to be ripe to create DDoS attacks, not prevent them. Just tell a bunch of servers that the site you want to attack is "C".

Re:Nice!

[larytet]

i am handling slashdot alone please, let's move the discussion here http://www.methlabs.org/forums/showthread.php?t=12 902

i greatly appreciate your understanding, arkady

Re:Nice!

[Enigma_Man]

In response - leaving the CAT on also has a confirmed and unvarying negative impact on the environment and society, but it is much less well known: with a CAT on the car, there are much higher pumping losses within the engine, so you end up getting a good bit less miles per gallon. While the exhaust that comes out per mile is on average cleaner (the CAT does indeed do it's job), I am depleting the world's stock of oil at a quicker pace. So, I'm not just pissing in the drinking water or not, I have a choice of either pissing in the drinking water or pissing in the bathing water; it's just that the government mandates that everybody piss in the bathing water and tells us it's better, because the environmental hippies either don't know any better or have a one-sided agenda and don't reveal enough information. The difference in miles per gallon was significant as well, average of ~22 mpg with the cat, and average of ~28 mpg without (averaged over a one year period of use with each; yes I did remove my cat). I see this as a fairly similar argument to anonymity or not; I can either chose to support anonymity, and the possibility that people will use it for evil (piss in the drinking water), or I can ban anonymity in the name of security (piss in the wash water).

-Jesse

Re:Nice!

[bdow]

In that case, you need to either 1) have previously established communication between A and B, thus defeating the purpose of anonymity 2) using a public-key system, communicate your identity, thus defeating the purpose of anonymity or 3) send the keys through C as well, opening yourself up to a man-in-the-middle attack, and defeating the purpose of encrypting the data in the first place. Now, I'm not an encryption expert (just as IANAAE), but I don't see how this system can possibly hide your identity from both B and C, either of which could easily be infiltrated by a large corporation shoveling bills in that direction.

Re:Nice!

[Minna+Kirai]

2) using a public-key system, communicate your identity, thus defeating the purpose of anonymity

Public keys don't defeat anonymity, because they only communicate an identity, not your identity. They allow the establishment of multiple persistent online identities that are unconnectable to your real name.

One could repeatedly upload messages to a BBS directory (via one of the bouncing methods described above), each signed with your private key which enables readers to be sure that nobody is forging your postings. Readers know that all the files are from the same person, but cannot tell who that person is.

That anonymity can only be broken if your PC is seized/hacked and your private key is learned by the investigator.

Re:Nice!

[AxelBoldt]

Really though, this doesn't sound so anonymous anyway.

Well, if you need anonymity, change the MAC on your laptop and go to the nearest WiFi coffee shop. Not exactly rocket science.

Re:Nice!

[Minna+Kirai]

Furthermore I have used bittorrent myself and I see who is mainly using it. _Software Developers_

A totally invalid sampling methodology. I could just as well take a look around my office and conclude that 100% of adults have a postgraduate engineering degree.

One of the features that distinguishes bittorrent from prior P2p file sharing software is the compartmentalization of functions. With Napster / Gnutella / Kazaa, there was one single network (first hub, and then mesh) which all clients attached to. With older systems, if you wanted a Linux ISO, you'd connect to the same file search system used for MP3 music, cracked game warez, porn videos, and everything else.

But since BitTorrent has no searching in the protocol*, when you download a Linux ISO (or other software developer content), you are only connected to machines that are sharing that same exact file, none others. This is why serious corporations like Blizzard have started using BitTorrent variants to distribute their programs- because unlike earlier P2p systems, users wouldn't be intermingled with the mainly illegal majority of traffic.

Since your observations were meaningless, how can we really measure the the legality of the files BitTorrent is predominantly used for? Let's try the Google popularity test. Search for "bittorrent download" and observe that the top two hits are "suprnova.org" and "lokitorrent.com". Both of those sites are now 404 Not Found, but entering the names into news.google.com will return headlines like "
FEDS SHUT DOWN FILE-SWAPPING SITE", demonstrating that the most popular recent BitTorrent sites were used for non-legal trading.

* Of course, I refer only to the original and still dominant version of BitTorrent, not the very recent proposed change to add searching.

Re:Nice!

[BobTheLawyer]

yes, apologies, unnecessary use of jargon.

Re:Nice!

[apparently]

There's absolutely no reason to do IP address spoofing as part of a file transfer protocol from what I can see. In theory, some people might want the capability to share information anonymously. Such as information (word docs, pdf's, etc) that they fear the current administration's draconian philosophies might view as subversive. dig?

Re:Nice!

[Pablo+El+Vagabundo]

I kind of agree with your sentiment, I suppose in an ideal world no body should infringe copyright and follow all the laws that matter..

but, I think copyright is dead, it will be a slow death and something will have to take it's place. I think it is dead because it has outlived it's purpose. It was designed to protect authors so that they would produce art and innovations. It has now become a weapon of mass destruction for large mega corps.

I no longer have much respect for copyrights. I will infringe if I can, when I want and not feel bad about it. It is not a moral issue, it is economical. I am being civilly disobediant.

This is why anon P2P nets are important, they will accellerate the Next Big Thing. They will bring evolution.

I dont know what will encourge people in the future to produce. Maybe boredom. But it will not be copyright and the transition should be as short as possible.

Viva la P2P

Pablo..

BTW Democrocy is also dead. It just doesnt know it yet. Bring on benign anarchy..

Re:Nice!

[DuckDuckBOOM!]

Okay, let me clarify. About three years ago, a colleague of mine bought an eprom programmer for use in developing a security system we were designing. He made the mistake of buying from a small hobbyist co. to save a few $$. Several months later, he got The Letter from DirectTV, demanding that he fork over something like $4K to avoid being sued. He told them to piss up a rope, and litigation promptly followed. He wasn't even arguably pirating DTV - the man is an electronics engineer who was working on a well-documented project the burner is a different make/model than those used for programming battery cards and such involving the kind of roms for which the burner was purchased. None of this fazed the opposition, who kept making offers to drop the suit in exchange for $$$. It did eventually go to trial. It was a short trial, as DTV has absolutely no direct evidence that he'd modified a DTV receiver, for himself or anyone else. Their case was that he purchased a rom burner from a less-than-upstanding company, he was a DTV subscriber, therefore he must be pirating. That's it. Precisely analogous to your buying a Ford, then being jailed because someone else who bought a Ford at that same dealer robbed a bank, therefore you must have robbed the bank too. Utter rubbish of course, which was the jury's conclusion as well.

Now, under a sane legal system this should have had a happy ending. DTV should have been hit with serious damages and fines for pressing frivolous / malicious litigation. Or the suit should have been dismissed with fine-for-costs from the judge the moment it became clear that DTV had no real idea of whether he was actually pirating. Or DTV would never have brought suit in the first place for fear of the above. As it is, my colleague is out something over $8K for fighting an action that, by any rational standard, should never have been brought in the first place.

**AA are doing the same thing. They go to litigation on the "strength" of an activity log and an IP address. Period. An IP address is hardly legal identification - everyone reading this can list five or six ways to spoof or hijack one - but the unlucky owner, innocent or no, is hit with a demand for money, Or Else.

Granted, they catch a lot of downloaders this way. But they also catch a lot of innocent people . Their strategy is based on the fact that most of the people they're threatening have limited resources, and that most of them - including those who have done nothing wrong - will opt to pay the initial demand rather than engage a far more costly and traumatic lawsuit. The plaintiffs are fully aware that many of the people paying up are innocent, and they don't care . They're using the legal system as a strategic weapon, and collateral damage does them no real harm.

And imho one of the great tragedies and injustices of American life is that the legal system allows them to get away with this.

DDB

Re:Nice!

[squiggleslash]

Well, it's been a day, and nobody really answered the point...

Let me thank you for taking the time to respond to me, I didn't realise you were one of the developers. However, I have to say the evidence so far is far from convincing that the IP spoofing support exists "as a side effect". It's hard to see what could have been developed, related to anonymisation technologies, that would have resulted in such support.

Right at the moment there's a battle between content producers and P2P users, one that, frankly, the P2P users are on the wrong side of. There's absolutely no legitimate reason to distribute someone else's copyrighted content on the Internet without their consent. Every single time someone does something that makes it easy to infringe copyrights, not accidentally, but as deliberate policy - be it Shawn Fanning's inspiration of IRC MP3 trading of largely illegitimate files to build Napster, to the attempts to create distributed, anonymous, file trading systems like yours - it harms the credibility of the tech community and encourages those who want more draconian laws to seek them. At a time we need more accountability, to ensure people do not abuse the technologies, you're doing what you can to prevent that.

What you're doing is not a good idea. It's an unnecessary shot in a war that shouldn't be fought this way. Those who oppose copyrights on principle do not have to violate them to undermine the system, it's important to render copyrights unnecessary than harder to enforce. To do the latter is destructive, something wonderful - a system that encourages the creation of new content - is destroyed and nothing fills that vaccuum. Regardless of that though, the end result of the latter is draconian law writing, not a copyrightless utopia.

Please remove this feature from your code.

Re:Nice!

[larytet]

http://larytet.sourceforge.net/userManual.shtml#ip ortspoof1

Re:Nice!

[larytet]

i do not know if you read my website ... you are 500% right about how it works

Re:Nice!

[larytet]

"Of course, I refer only to the original and still dominant version of BitTorrent, not the very recent proposed change to add searching."

in Rodi you can run hubs like in DC+ or in WASTE.

Rodi can operate exactly as BT. tracker is part of the client code

Re:Nice!

[Minna+Kirai]

Rodi can operate exactly as BT. tracker is part of the client code

I don't know if you understand English well or not, because this is a subtle point...

But sometimes, supersets do not have all the features of a subset: if some of the subset's valued features were the explicit LACK of something which the superset includes.

For some user needs, bittorrent's lack of searching is essentially a positive feature.

For a side comment, from your web page:

• Yet another reason for avoiding of TCP in file sharing application is limited window size in TCP layer when application can actually retransmit any block - the data is stored on the media supporting random access, like hard disk. TCP can not assume that sent by application block can be easily reproduced by the application.

That's true, and makes me wish there was a version of a web-browser's HTTP protocol that used a variant TCP-like effect on top of UDP to take advantage of the knowledge that the data is already buffered in RAM once. Separate copies don't have to be made in the TCP stack for each outgoing connection.

Re:Nice!

[squiggleslash]

Well, that's disappointing. I have to hope, I guess, that this isn't something that becomes popular.

Re:Nice!

[larytet]

" HTTP protocol that used a variant TCP-like effect on top of UDP"

i read about such protocol - HTTP on top of UDP. i understand that in some corner of Open Source community people struggle to bring attention to their work . unfortunately i can not give you the link. google ?

P2P interview with Rodi Developer Laryete

[Hulkster]

P2P interviewed Rodi Developer Laryete a while back.

First Post?

Re:P2P interview with Rodi Developer Laryete

Forget the interview.

Your link would have more hits if you had titled you post "This link contains picture of a hot geek chick"

So

Is this actually a new protocol or does it extend BitTorrent?

Because if the latter then I'm not sure the word "replacement" makes all that much sense.

I'm sure the extension will be useful for some people. But I for one know my BitTorrent usage patterns do not create a need for either anonymity or searching.

Spoof a three way TCP handshake?

"Through IP Spoofing A can even hide their identity from C. "

I doubt very seriously it can spoof a full three way TCP handshake.

Re:Spoof a three way TCP handshake?

[markov_chain]

He's talking about using UDP, which comes with its own problems, but would allow spoofing.

Re:Spoof a three way TCP handshake?

[zerbot]

Yeah, but how can you spoof if you are the recipient? Senders can spoof with UDP, but it's hard to receive a UDP packet if it wasn't addressed to you. Not to mention that a sender that is spoofing has no way of finding out if any packets got lost.

Re:Spoof a three way TCP handshake?

[LnxAddct]

Yea, and the design seems a bit like it is on a shaky foundation. It is not anonymous as it claims, but seems to be more targeted towards plausible deniability. If you read their little explanation you'll see that they don't say that one peer will never know the ip of another peer, but rather they simply claim that lets say for instance the publisher can always claim the bouncer spoofed his IP. Technically I guess it makes sense, but in court who knows how it would hold up. I can send you a file right now with a spoofed IP, that doesn't mean I won't get caught. In my oppinion there are better networks out there already for true anonymous file trading such as Mute and Ants. Quite honestly, I'd be weary of using this program as it is, especially if you really need to be anonymous. I'm waiting for the next generation of bit torrent to be built on something like i2p which would imho be awesome. If I misinterpreted Rodi's explanation please let me know.
Regards,
Steve

Re:Spoof a three way TCP handshake?

[markov_chain]

It's not easy :) There really is no perfect anonymity in two-way communication. However, there are ways to reduce risk of compromise, such as use different intermediate nodes for sending/receiving, use random numbers of intermediaries, etc.

Even with one intermediate node the job of adversaries is changed from subpoenaing an IP-to-person mapping from ISPs to finding the intermediary first, and then getting logs from the intermediary (assuming they exist). The best they could do without joining the network is sniff intermediary's links and hope to crack the encryption somehow.

Re:Spoof a three way TCP handshake?

[unborn]

Well, I am not saying that this is how this works, but in theory the following is possible:

B = sender
A = receiver
C, D = intermediaries

We assume that intermediaries cannot be held liable for their intermediacy. Thus the "vulnerable" parties are A and B. Thus A and B must be protected from any other party, including each other.

For any sent packets that are UDP-spoofed, (spoof) appears after the step number.

Here's a scenario that achieves that:
1. A selects intermediary C, and requests customer id Q; C associates Q to A's IP address.
2. (spoof) A sends search request R for an object O to D.
R contains customer id H, C's IP address, and key K.
3. D broadcasts request to entire network.
4. B receives request R and decides it can satisfy it.
5. (spoof) B encrypts object O with key K and sends it to C.
6. C forwards encrypted O to A.

Now, let's analyze it:
C does not know the address of B, thus B is protected from C.
C also does not know the content of O as it is encrypted, thus A is protected from C.
D does not know the address of A, thus A is protected from D.
Since D has broadcast the request further on, D does not know that B has replied, thus B is protected from D. As a corollary, B is also protected from A.

Further indirection and cloaking can be introduced to avoid the situation where both C and D are in on the game, in which case A will be detected.

Re:Spoof a three way TCP handshake?

[larytet]

yes, this is the idea

Easy answer:

Probably not. Most people don't care enough about anonymity to switch over from something that they already like.

Not for me...

[Mattygfunk1]

I don't mind who tracks my ISO downloads.

__
Laugh Daily funny free videos

Re:Not for me...

[sketchkid]

In Soviet Russia, your ISO downloads track you.

Re:Not for me...

[MartinG]

Most individuals have no reason to hide things by default.

The problem is that some folks do have good reasons to hide things and if everyone else is gladly giving up their privacy then those with a good reason stick out like a sore thumb.

If you thing privacy for anyone is important then some would say you should value it for yourself even if you dont need it. (yet)

Re:Not for me...

[larytet]

" Most individuals have no reason to hide things by default." Rodi by default behaves like Bittorrent. No bouhncers, no IP spoofing. pure and clean UDP streaming (...and DNS tunneling, and RTP tunneling, and multicats, and members only hubs , and ...)

Re:Not for me...

[larytet]

" Most individuals have no reason to hide things by default."

Rodi by default behaves like Bittorrent. No bouncers, no IP spoofing. pure and clean UDP streaming (+DNS tunneling, +RTP tunneling, +multicats, +members only hubs , ...)

Boy

[Anita+Coney]

I'd hate to be C.

Re:Boy

[jflanger]

No kidding. Friggin' coffee beans and snakes get all the credit, and he keeps getting picked on by his bigger and younger brothers! Oh well, at least he's still in the running, unlike ole Pascal and Fortran...

Re:Boy

The C box, hopefully never knows what is going through it. If this is implemented right, it should go something like this. A contacts C saying that it wants to connect with B. C setups a secure tunnel using A's public key or whatever. Now A can communicate with B without C knowing what is going on and B not knowing A's IP.

Re:Boy

[nokilli]

I think the concern is that if you're C then you're using up all your upstream bandwidth and getting nothing in return.

Re:Boy

[jtwJGuevara]

This all depends on C and that person's willingness to let who knows what run through his/her connection. It sounds good enough on the outside, but unless two parties know a third person or there are several people willing to supply their resources to people they don't know to transfer practically anything, then this sounds like a bit of a bust. I personally wouldn't want to be arsed to find a third party for sake of gaining anonymity in a p2p file transfer nor be constantly be asked by others to do the same for them.

Re:Boy

Imagine...RIAA gets an idea to set up a P2P network. They wouldn't mind being C.

Re:Boy

[Trevahaha]

I guess this also means C could sniff all the packets and put together all the files passing through it.

Re:Boy

[coopaq]

I'd hate to be C.

Poland tried to be C during WWII.

Re:Boy

[MarkRose]

Hey, could be worse: you could be C#, and you know how unpopular half-tones are.

How is this annonymous?

[0kComputer]

B still knows A and C's IP addresses, sure its obsfucated, but certainly not annonymous. As long as you are using an IP, there is no such thing as annonymity.

Re:How is this annonymous?

[Rude+Turnip]

And what's to stop the *AAs from being "B" and logging all the IP addresses?

Re:How is this annonymous?

[fish_in_the_c]

well are your really connecting A to B to C or are you connecting A to D to E to B to C and looking like you are connecting A to C plausable deniablility is part of this shell Game I suspect. It would be better if B stipped all IP information from A before sending it to C acting as a kind of VPN/router and if eache client in the chain did the same thing so you can't tell if the traffic file is hosted on the client or someone it is connected too.

Re:How is this annonymous?

[Cerv]

If the *AAs are B then they are the ones distributing the files that they own the copyight on. Unless the MPAA distribute music and the RIAA movies then swap lists of IPs then I don't see how it could be considered infringement.

Now if C was an *AA then it becomes muddier. By passing a file 'owned' by the *AA from B to A it could be argued that the *AA have implicitly given permission for the copy to be created. Or not.

Re:How is this annonymous?

[GauteL]

As long as the tool does not log the IP-information, it would be much harder for someone like RIAA to find out who actually downloaded all those Britney Spears albums.

RIAA can't just log all the people accessing the stuff, because the IP-address accessing all the data is just a third party who probably doesn't even know anything.

The problem is that you might be somehow incriminated if someone downloaded child porn using your computer as a relay, and you would probably have a hard time proving it wasn't you.

Re:How is this annonymous?

[igrp]

As long as you are using an IP, there is no such thing as annonymity.

Actually, there is. It's called Onion Routing. It's a product of the US Navy Research Lab and has been around for quite a while. There were attempts to use this technology in P2P networks (namely I2P-BT, which is now defunct, as far as I can tell even though the generic I2P network layer project is still alive and kicking).

Re:How is this annonymous?

[The_K4]

Or more easily just deciding that the middle man is "sharing" the data and sueing him. After all he IS the one transmitting the copy, even if he is only a proxy.

Re:How is this annonymous?

[CheeseyDJ]

As I understand it this is similar to how Freenet works.

Everyone's requests are bounced around random machines, such that it is impossible (or at least bloody hard) to figure out who is requesting what.

Re:How is this annonymous?

[jci]

The interesting thought I kind of gathered from the article was that because anyone could be a "bouncer" node, a user could be directly connected to a user and downloading the file, but be pretending to forward the packets elsewhere.

The idea of falsely fowarding packets to other people makes it more interesting too. Kind of like the oxymoron of useful crapflooding.

So, kind of the attempt to have "carrier" status, even though that seems weak in this situitation.

Re:How is this annonymous?

Actually, that's not quite true. IP addresses don't rule out anonymity. Anonymity is when it's no longer possible to look up the name or address (or other identifying information) of the person that IP address belongs to.

Not that another halfass p2p actually provides that.

If you and I agree to set up a VPN tunnel, and we use private addresses, we aren't anonymous to each other. But, IPv4 is routable, we don't need to directly connect to those we wish to communicate with. If I tunnel to a second person, he can ping you, do whatever, as long as I route the packets correctly. You could set up a tunnel to someone else also, and the more hops, the more anonymous these people are.

We can do other things, like only connect to people in a country different from our own, to really throw the monkey wrench in the RIAA's plans. Let's see them try to force people to reveal their VPN partners when they have to litigate in 20 different nations, every one of them (rightfully) claiming that it is a general purpose, non-file sharing network.

Re:How is this annonymous?

[VATechTigger]

Whos on first again........

Re:How is this annonymous?

[solipsist0x01]

Through IP Spoofing A can even hide their identity from C.

How are you going to receive packets if you spoof your address? You can never be 100% anonymous just 99.99...% which would require proxying through an infinite number of hosts.

Re:How is this annonymous?

[shmlco]

As long as the tool does not log the IP-information, it would be much harder for someone like RIAA to find out who actually downloaded all those Britney Spears albums.

Actually, it would seem to me that each box that originates data is now responsible for uploading it.

Re:How is this annonymous?

[walt-sjc]

If the data was encrypted, then there would be no way for C to know what was being proxied. Plausable deniability. Of course, then it's basically freenet. Encryption would add enough overhead that speed would suffer.

Re:How is this annonymous?

FYI, 100 and 99.99... are the same number. Let a_1 = 90, a_2 = 99, a_3 = 99.9, a_4 = 99.99, etc. Clearly then lim_k a_k = 99.99.... But 100 - lim_k a_k = lim_k (100 - a_k) = 0 or lim_k a_k = 100 and thus 100 = lim_k a_k = 99.99...

Re:How is this annonymous?

[poopdeville]

Tor is an Onion Routing network too. Quite nice.

Re:How is this annonymous?

[poopdeville]

Fuck, that was dumb. Tor is here.

Re:How is this annonymous?

[larytet]

"It would be better if B stipped all IP information from A before sending it to C"

yes, Rodi bouncer does exactly this - it's a statefull proxy. IP header will contain Rodi bouncer information and no routing information to the origin of packet whatsoever

Re:How is this annonymous?

So if I have 9999 oranges, I really have 10000?

Why...

[lxt]

...has Roddy McDowell started a P2P network?

Re:Why...

[christopher240240]

No, no, no. It's "Rowdy" Roddy Piper.

Re:Why...

[gonzoxl5]

I dunno. why not hold a seance and ask him ?

Malware

[turtled]

Will it install Malware, adware, nagware like Kazaa? I still stick with Unet groups.

Re:Malware

[110010001000]

Uh, its OSS GPL software. If it had that in there it would be stripped out faster then you could say "RMS".

Freinds don't let friends install Microsoft Junk -- twitter (R.I.P)

Re:Malware

[HTL2001]

if you're using Unet groups, why would you need torrents? most torrent sites that I've... er... "heard of" have uploaders with Unet access, and thats where everything comes from...

Re:Malware

[turtled]

Sometimes TV shows are Torrented before they are on Usenet. Also, some shows I get torrents of never make it to Usenet.

Re:Malware

[Jemm]

" Will it install Malware, adware, nagware like Kazaa? I still stick with Unet groups."

Shhh!!!, there's an unwritten rule on /. stating that no one will make mention of unet^H^H^H^H, um, never mind

Re:Malware

[xtracto]

Because Usenet sucks, I have to pay $30 a month to have access to a descent Usenet binary server... and have to deal with those 1000's of .r?? files...

Re:Malware

[turtled]

I pay $25 a month unlimited, and I paid the $35 for Newsleecher yearly subscription. Works well for me =)

Re:Malware

[DavidTC]

Yes, the only place to copyright is ever infringed is P2P.

There is no massive commercial worldwide network of multi-terabyte servers where you can can download anything you want. No sirree.

And there certainly aren't any error recovery tools that have been developed for this hypothetical network, that have, in the last five years, solved all the previous complaints about dropped posts and incomplete binaries.

There's nowhere you can search for binaries and download a file to import into hypothetical clients for this hypothetical network, instead of having to update indexes.

And there aren't providers who decode binaries and provide direct downloads to copyright infringing material via HTTP. And provide services on ports besides 119 to get around ISP blocks.

Not that the network exists in the first place. The only place you can get stuff is shitty P2P networks with spyware-ladden clients and blocked ports. There is no Usenet^Wnetwork like this.

Re:Malware

[xtracto]

man, but if you are suppose to be "pirating" movies/software for not paying for them WTF is the treat when you have to "pay" to get into the newsgroups?

When I use emule, bittorrent etc, I do not have to pay anyone (other than my internet provider)... so what is the case?

hmm...

[Conspiracy_Of_Doves]

Rodi, Mr Glickman's not going to like this

Illegal content with my IP?

[3770]

So,

Someone can download illegal and immoral content and the server will have a record of my IP?

I don't think so.

Even if it is well known that my IP wasn't the final destination.

Re:Illegal content with my IP?

[Robmonster]

I tend to agree.

Given the state of some of the suits filed by the *IA I dont think they'd make the distinction.

They captured YOUR IP as being part of the download transaction, so its YOUR IP they'd file suit against.

Re:Illegal content with my IP?

[merfer14]

that's I battle that I would actually fight in court...

Re:Illegal content with my IP?

[Fahrvergnuugen]

The only way we're going to get thee *AA to change their tactics and start selling downloadable content online is to force them to innovate.

Right now the *AA is under the misconception that they can actually abolish p2p by suing the pants off of anyone and everyone who shares files.

Currently they are using IP addresses to track down uploader's personal information. These anonymous p2p systems are going to make that A LOT harder to do.

Personally, I am for anything that puts the squeeze on the *AA - I think eventually they *will* get the hint.

Re:Illegal content with my IP?

[MarkByers]

They captured YOUR IP as being part of the download transaction, so its YOUR IP they'd file suit against.

And they would lose.

They cannot sue people for providing people access to information. If they could sue for allowing copyrighted files to pass through a computer, they could just go straight to the ISP and sue them, since all copyrighted data goes via the ISP's hardware a least once. Obviously no court will ever let them get away with that.

Re:Illegal content with my IP?

Can you arrest the mailman for delivering warez on a CD in a closed envelope?

Re:Illegal content with my IP?

[NetMasta10bt]

The content of the transaction between the two IP's is encrypted. How would anyone know what exactly your getting?

Re:Illegal content with my IP?

[Robmonster]

Havent they already done exactly that with the suits filed against BT Hubs? Those sites didnt host copywritten (?) content themselves, only provided people with access to information about those files.

Re:Illegal content with my IP?

[tgd]

Yeah, thats true. Thats why people who drive getaway cars don't get arrested when the people they're driving just robbed a bank and killed a guard.

Re:Illegal content with my IP?

[RPoet]

copywritten

Copyrighted.

Re:Illegal content with my IP?

"Obviously no court will ever let them get away with that."

Who the fuck knew. What a genius you are.

And you have no clue about the law, but you are spouting legal opinions.

For the most part ISPs, like telephone operators, are afforded common carrier status -- so long as they follow specific rules. Since you already are a legal fucking genius, I'll skip these rules. Along with this status comes specific responsibilities, again which I will skip.

A private someone on the internet is not afforded these rules. Or did you not learn this while studying the telecom rulings. They cannot claim common carrier status, thus invalidating your claim.

Someone utilizing a program that is said by its creators to circumvent copyright status and a hinderance to law enforcement (they claimed this in an interview recently) would definately show you are not an innocent victim...

Re:Illegal content with my IP?

[ebvwfbw]

The content of the transaction between the two IP's is encrypted. How would anyone know what exactly your getting?

Easy, look up a torrent for the latest star wars movie or say Satchmo's 1967 version of "What a wonderful world", start downloading. They would know who is relaying that stream. File suit.

Now the relay would be in the position of defending something that was used illegally. Sort of like allowing your house to be used to sell illegal drugs/guns/booze. Yes, your house could be used to host the local church ladies event but they would say there was an intent that stuff you knew wasn't legal would be done. Then you may join the ranks of other "wise guys."

Kind of sucks eh? You could be distributing copies of RedHat, Suse, SETI - or something very bad. If no records are kept, they could say you distributed anything (naked pictures of politicians... ahhhhh!). So who wants to step up and be the first case?

Re:Illegal content with my IP?

[SpecBear]

Indeed. This isn't real anonymity. All it does is add more people to the chain of liability. IANAL, so I can't really say whether you can be held legally accountable for the traffic that runs through your node, but I imagine the *AA can just send a letter to your ISP and get you shut down.

Re:Illegal content with my IP?

[xiando]

Be aware of one thing: They have not yet done a single successful lawsuit against a BitTorrent site. What they have done so far is to have lawyers send very threatening letters - and the webmasters have so far just bent over and shut down their sites when they have got them. A BitTorrent hub case has yet to be tried in the US.

Re:Illegal content with my IP?

[xiando]

Yes, the **AA can shut down Your Node. But what difference would it make if millions of people use it? They have not managed to shut down noticeable numbers of Direct Connect hubs, with anonymous programs everyone using it is acting as a hub. You can not shut down ever computer with a Internet connection used by persons under 40.

Re:Illegal content with my IP?

[Famatra]

I agree, and if they do try and sue you, you can simply say that you had no knowledge of the transfer.

It's the same reason why the phone company is not held liable when their phonelines are used to deal in organized crime or terrorism - the phone company has no knowledge of what is passing through their network.

Even better in countries where it is a loser pays legal system: RIAA tries and sues you, you say you had nothing to do with the transaction and that their lawyers should have known that due to the nature and design of the network, then you get your lawyer fees back since you win.

Re:Illegal content with my IP?

Can you arrest the mailman for delivering warez on a CD in a closed envelope?

Mailman - no, but a drug courier - yes.

Re:Illegal content with my IP?

[westlake]

Personally, I am for anything that puts the squeeze on the *AA

You first. Settlement with the rights agencies will hurt only a for a moment, being named a person of interest in a kiddie porn sting will cling to you forever.

Re:Illegal content with my IP?

[jascat]

The fact remains that the burden of proof is on "them". It makes me laugh to see all of these arm chair lawyers throwing in their knowledge of law from Law and Order, Perry Mason and Matlock.

Re:Illegal content with my IP?

Do you actually think this idea is original or insightful? It's the same bullshit that's been said for the past 2 years, "Sell downloadable content and force them to innovate!!" Blah blah blah. Get over yourself, you fucking parrot.

Re:Illegal content with my IP?

[Fahrvergnuugen]

ehh, good point. leave it to the sickos to always ruin everything.

Re:Illegal content with my IP?

Copywrote.

Re:Illegal content with my IP?

[Robmonster]

Thank you :)

Re:Illegal content with my IP?

[ebvwfbw]

The fact remains that the burden of proof is on "them". It makes me laugh to see all of these arm chair lawyers throwing in their knowledge of law from Law and Order, Perry Mason and Matlock.

There is no doubt a lot of arm chair lawyers out there giving their opinions. Some of it totally wrong and indeed contrary to a lot of case law. In this situation however there is good solid case law to the point some organizations use secretaries to answer lawsuit calls (i.e. you have been sued - call us to settle at 1-800-get-screwd). If they can ascertain who is using that IP address and show definitively that IP is relaying illegal content then they can sue and I think win. You would have to show your innocent. Keep in mind, they can sue anyone, anytime for any reason. Winning the case is another matter, however. Just defending yourself can be very costly, even if the case is frivilous. If you loose then you are liable for damages as well. I'm sure they will put a lot of money into making sure they win the first case.

Not up on my RICO laws but they may also be able to say there is a conspiracy and get Federal charges filed.

Replacement?

[erasmix]

I think Bit Torrent is here to stay. The most useful new features from Rodi (like IP anonimity) will eventually be implemented in Bit Torrent.

Re:Replacement?

[sketchkid]

but will Rodi's position as first to have this feature push it ahead of BT? Is BT's usage right now such a stronghold that it can slowly implement features that it's competitors/substitutes create without losing users?

Re:Replacement?

[markov_chain]

I believe so too, but not because of anon or content search. Instead, I see swarming as the killer app of BT, something that the Rodi spec goes over very superficially and even hints at using UDP.

Re:Replacement?

[swilde23]

You should ask M$ that question... they have been doing it for years (ba dum ching!)

Re:Replacement?

[sketchkid]

but M$ is so big that they can always claim to have improved on whatever the new feature is and spin it in the business press.

Re:Replacement?

[line.at.infinity]

I think Bit Torrent is here to stay. The most useful new features from Rodi (like IP anonimity) will eventually be implemented in Bit Torrent.

Azureus BitTorrent Client uses an I2P anonymizing layer so progress seems to be made on non-official clients.

Re:Replacement?

[jseale]

Oh really? Most of Rodi's features have already been exhibited in Exeem and for some odd reason it makes 'em all suck, so Rodi has to be somewhat better. Don't ya' think?

Re:Replacement?

AnonBT is here today, azureus can use either Tor or i2p (well, Tor says theyll ban p2p usage but anyway)

Meanwhile, in Hollywood...

[geekzapoppin]

Corporate lawyers sharpen their pencils and put an offer in on that second Mercedes on which they've been holding off. In all seriousness, this will be the way of things. As soon as the corporations think they've but the kibosh on P2P, another, better format rears its head and the cycle begins again. The MPAA and RIAA will just have to acknowledge that P2P is here to stay and figure out a way to use it to their advantage.

Nope

[m50d]

Java...nuff said.

Re:Nope

[AKAImBatman]

Nope. Java...nuff said.

Oh yes. Java is great for P2P programs, going all the way back to the original Furi program for Gnutella. (It's too bad that Limewire came along and killed such a great little proggie. Grrr...)

Re:Nope

[blackmonday]

Azureus is Java.

Re:Nope

Java...nuff said.

which is of course much slower than the original python implementation... ;)

Re:Nope

[avalys]

No, not 'nuff' said. What's so bad about Java that it would make you avoid trying out a potentially cool, useful technology?

Re:Nope

Yeah! Azureus figured out how to leak memory in Java - we should applaud them!

Re:Nope

[baker_tony]

Need to know how to use a digital camera:

http://www.sdonag.plus.com/Hungary/dscn0016-1-0.ht mlFrom your web site

nuff said :-)

Re:Nope

I can't disable at will without uninstalling.

Re:Nope

Java sucks.

Nuff said.

Re:Nope

What the hell is that supposed to mean?

Re:Nope

You should. If you don't break it, it can't be fixed.

Re:Nope

1) It is highly unlikely that anyone capabable of creating a cool useful technology would write it in Java.

2) Java is slow.

3) Java is propriatary. It is not a standard language, it is product of Sun.

4) I have yet to see an application written in Java or Mono which would make installing either environments worthwhile. I have Python, Perl, and a C compiler on my system.

Re:Nope

[m50d]

So? There's a java gift client if you're a true imbecile.

This won't succeed while the only client available is java.

Re:Nope

[m50d]

It is much slower in practice, because python is sensible enough to use C where necessary, wheras java builds everything other than the very basics in java.

Re:Nope

[m50d]

That trip /was/ my learning how to use my new camera (it was just after christmas). Anyway, it was dark and I didn't have a tripod or flat surface, I tried but I couldn't hold it steady enough, decided to keep the pic anyway (after about 5 attempts) just so I'd have something.

The PirateBay is down for good!

[ed_the_sock]

Check it out! Pirate Bay bittorent site has been raided by anti-piracy groups...

Sad to see you go, you did great work guys! Until next time....

Re:The PirateBay is down for good!

[Echel0n]

When you say that PirateBay was raided by anti-piracy groups, were they just some ordinary people who came in and decided to steal some servers, or was it something of the sort of a government operation?

Re:The PirateBay is down for good!

They said they will not be shutting down june 1st. Looks like a joke.

Re:The PirateBay is down for good!

[spud603]

oh, how i hope it's the former.

Re:The PirateBay is down for good!

[broeman]

Yes, because the pirate is not closed, it is down for upgrades. You can read it here (in swedish :P): http://pirazine.blogspot.com

Re:The PirateBay is down for good!

So what does it say? I can't find a working Swedish to English translator.

Re:The PirateBay is down for good!

It's a joke. An april's fool in june if you will. Certainly funnier than any april fool Slashdot posted on 1. april.

Re:The PirateBay is down for good!

because when the government steals your servers, it's.... eminent domain?

Re:The PirateBay is down for good!

[arkhan_jg]

English corroboration can be found here.

Re:The PirateBay is down for good!

http://linuxreviews.org/news/2005/06/0100b_the_pir ate_bay_joke/

Upgrading there servers apparntly

replacement or improvement?

[Awol411]

does it use a whole new file distrobution method, or does it use existing bittorrent files? is it just an enhancement/improvement to existing bittorrent protocol or is it an entirely new p2p file distrobution method?

thanks

Re:replacement or improvement?

[Awol411]

distribution sorry, i always spell it distro.

See also:

[RichardX]

Other anonymous filesharing systems currently avaliable/in development

MUTE
ANTS p2p
GNUNet

and not specifically filesharing, but the I2P anonymity layer allows for anonymous bittorrent amongst other things.

Of these, I've found I2P is excellent, although requires a little time investment in setup, and MUTE seems quite promising - speeds are reasonable for an anonymous p2p system, but the user base is currently tiny. I've not had too much luck with ANTS, and haven't tried GNUNet

Re:See also:

[angrist]

mmmm.... I've been thinking of I2P, can you recommend any How-To setup guides (preferably for OS-X)?

Re:See also:

[RichardX]

Actually, I found it surprisingly easy to get up and running - the most time consuming part was configuring seperate copies of my web browser and IRC client for paranoid anonymous use.
Actually getting I2P running basically just involves downloading the java executable, running it, and.. well.. that's about it, really.
Then you just point your browser to the locally running webserver to do all the config and stuff.

If you want to use bittorrent over it, there's a seperate I2P-Bittorrent app you have to get, too.

Re:See also:

[Mabidex]

User base will not grow very well unless a candy client is developed so that most non-tech savy users can try it out, using a simple setup and controls.

The technology looks promising for a few of these P2P dohickys, but if its not simplified, you'll never get the files you really want from the folks who have them, unless the client has a candy coated super easy setup with big toysRus style glow buttons.

me

Re:See also:

Are any of these *not* Java apps? I'd love to try Rodi, but I really disklike Java apps. Can't stand them.

Re:See also:

[Ateryx]

Perhaps a bit elitist, but I think this is a good thing. Lets be honest, if it goes mainstream, everyone loses because it will be broken by the **AA.

The longer something can stay elusive with a small-moderate member base with large content (yes I realize that is an oxymoron) it will be better for Jonny nerd because Jonny football player won't be able to figure it out to get his latest fix of FITY CENTZ.

My current best solution is a private hub for a group of large filesharing friends--enough users for 1) Someone will almost always be on with the file you seek 2) There are several people who will bring new material on 3) Small enough for accountablity of leeching. Granted this also has gotten me called "a fuckin' nerd who needs to grow the fuck up and get outside and meet girls instead of jerking off all day to gay porn". Well... needless to say he's probably still on kazaa.

Re:See also:

[soulhuntre]

How would you compare / contrast I2P with Tor?

So far Tor has been pretty good to me. I'm happy to switch if there is a benefit though.

Re:See also:

[soulhuntre]

Oops... never mind.

http://www.i2p.net/how_networkcomparisons

Re:See also:

[Markaci]

You forgot to mention the Freenet project.

Re:See also:

gnunet and tor are in C.

Re:See also:

[Mind+Booster+Noori]

And of all of those only GNUnet implements level 3 anonimity.

Nice

So you can steal IP with abandon because your IP is hidden. If your IP is hidden, any IP that you up/download cannot be traced back to you. IP is as IP does.

And the question is...

[HawkingMattress]

Will the anonymity be a trade-off for speed ?
That, and is the anonymity real, at the socket level ?
And no, i didn't RTFA. Hit me with a stick.

Common Carrier status for C ?

[Animaether]

I'm curious... would 'C' be seen as a Common Carrier in this case, much like ISPs ?

If not... could they be 'liable' for any of the more shady/outright illicit material passing through them from B to A as they've willingly and knowingly become part of this Rodi thing ?

( Not to be confused with thousands of hacked boxes through which spam/viruses/etc. get sent, as I doubt most owners of those boxes aren't willingly and knowingly part of a spam/botnet )

Re:Common Carrier status for C ?

[NeoSkandranon]

I doubt it. By saying yes you want to be a "C" box, you're basically acknownledging the fact that people will be downloading illegal content using your machine as an intermediary (otherwise why else would they be using bouncing. I mean, really folks.)

Now, if *everyone* had bouncing on by default, it might be a bit different. And probably horribly slower.

Re:Common Carrier status for C ?

Hardly, unless of course they're going for "anonymity on the net is illegal" or "p2p/bittorrent is illegal," in which case yes.

A free (as in freedom) internet is worth fighting for, as it keeps information (and thus power) in the hands of the people, as oppose to a goverment/corporate controlled (and censored) one. Yes, it can be used for "bad" things, but that's the price for complete freedom (which includes anonymity).

Re:Common Carrier status for C ?

The first sentance: I ment that the other way round btw (heh), as in: "Is it illegal? Hardly, unless ..."

Re:Common Carrier status for C ?

[cpt+kangarooski]

ISPs are not common carriers. Thus, it's possible that they could be liable for what goes over the network. There have been court cases that have gone both ways. In response to this uncertainty, Congress set up a safe harbor at 17 USC 512. It makes things clear, but requires ISPs to take some steps to comply with it.

For this sort of application, the 512(a) exception seems best. 512(a) protects C from liability stemming from C's transmitting, routing, or providing connections for, material through a system or network controlled or operated by or for C, or by reason of the intermediate and transient storage of that material in the course of such transmitting, routing, or providing connections. Note that 512(a) does not protect C from liability stemming from anything else it does.

In order to qualify all of the following requirements have to be met:

(1) The transmission of the material was initiated by or at the direction of a person other than C;

(2) The transmission, routing, provision of connections, or storage is carried out through an automatic technical process without selection of the material by C;

(3) C does not select the recipients of the material except as an automatic response to the request of another person;

(4) No copy of the material made by C in the course of such intermediate or transient storage is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients, and no such copy is maintained on the system or network in a manner ordinarily accessible to such anticipated recipients for a longer period than is reasonably necessary for the transmission, routing, or provision of connections;

(5) The material is transmitted through the system or network without modification of its content.

(6) C must have adopted and reasonably implemented, and informs subscribers and account holders of C's system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of C's system or network who are repeat infringers; and

(7) C must accommodate and not interfere with standard technical measures. "Standard technical measures" means technical measures that are used by copyright owners to identify or protect copyrighted works and--
(A) have been developed pursuant to a broad consensus of copyright owners and service providers in an open, fair, voluntary, multi-industry standards process;
(B) are available to any person on reasonable and nondiscriminatory terms; and
(C) do not impose substantial costs on service providers (such as C) or substantial burdens on their systems or networks.

(8) C must be an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing, without modification to the content of the material as sent or received.

(9) C must be a provider of online services or network access, or the operator of facilities therefor, which is inclusive of (8) above.

(10) C must comply with applicable subpoenas and court orders.

Re:Common Carrier status for C ?

[Caiwyn]

I'm curious... would 'C' be seen as a Common Carrier in this case, much like ISPs ? If not... could they be 'liable' for any of the more shady/outright illicit material passing through them from B to A as they've willingly and knowingly become part of this Rodi thing ?

How much you wanna bet that C will get sued no matter what? The traffic still goes through him, so his participation could be argued as contributory. This isn't anonymity -- it's a way to make everyone in the chain liable for something one person does.

Re:Common Carrier status for C ?

[feepness]

- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.

Is it your legal opinion that this is not legal advice?

Re:Common Carrier status for C ?

[Austerity+Empowers]

Does setting up any sort of firewall (be in incoming or outgoing) count as "selection of material"?

Otherwise, although IANAL, most ISPs I've dealt with seem to comply with this law (as far as I know), although part 10 is a bit dubious. Does compliance mean handing over everything immediately when someone's lawyer blinks at them, or does it mean they have a chance to refuse turning over information if the request is illegal or otherwise invalid through otherwise legal means?

Part 7 would seem to be the catch, but it seems very vague and toothless. It'd be hard to argue such technical measures exist. The fact that this is in the law at all is an atrocity, but it's at least benign for the moment.

Re:Common Carrier status for C ?

[cpt+kangarooski]

Does setting up any sort of firewall (be in incoming or outgoing) count as "selection of material"?

An interesting question. AFAIK it hasn't been examined.

part 10 is a bit dubious. Does compliance mean handing over everything immediately when someone's lawyer blinks at them, or does it mean they have a chance to refuse turning over information if the request is illegal or otherwise invalid through otherwise legal means?

Oh, you can always challenge these things, but it'll vary whether you can do so before making a disclosure, or afterwards. Still, when someone starts issuing these kinds of requests or orders to you, that's when you want to get a lawyer that deals in these sorts of matters, ASAP.

Interestingly, there have been some cases recently holding that the 512(h) subpoenas (which are easy for plaintiffs to use) don't apply in 512(a) cases, for various reasons I won't get into here. However, this doesn't bar all attempts to force disclosure; John Doe lawsuits can still be filed and normal discovery processes employed.

Ah, i can see it now.

[AltGrendel]

All the pro-DRM folks will be fighting to be C.
Man-in-the-middle attacks, comming soon to a Rodi near YOU!

Re:Ah, i can see it now.

[Petronius]

If C==RIAA, as soon as a download starts, they can turn around and sue B (and probably A).

Re:Ah, i can see it now.

If C==RIAA, as soon as a download starts, they can turn around and sue B (and probably A).

So use encryption. Then, if the RIAA does a man in the middle attack, they're violating the DMCA.

Corrected link

[ed_the_sock]

Sorry, the correct link is here

Re:Corrected link

[Slashcrap]

Sorry, the correct link is here

Hmmm, are we sure this isn't a joke?

This line in particular sounds a little dubious :

"This probably means the end of The Pirate Bay and we, the crew, apologize for all loss of income caused by our activity over the years."

Also, can anyone read Swedish? Because if you follow the link to http://www.antipiratbyran.com/, all you get is the following text :

Svenska Antipiratbyrån är snart tillbaka

Ny site kommer inom kort.

Re:Corrected link

[madaxe42]

says the same in swedish. and the antipirat site just says 'new page coming soon'

Re:Corrected link

[hostyle]

Its a hoax according to Slyck and their IRC channel.

Re:Corrected link

[Catbeller]

Slyck says it's a hoax. Enjoy.

Solution for the for the **AA

[wing03]

The government will rename the country U.C.A (United Corporations of America)... okay, maybe that'll be one of the last things they'll do.

But they'll simply haul the person in who's using the masquerader's address and charge them as an accomplice to theft.

Re:Solution for the for the **AA

UNITED STATES OF AMERICA is a corporation that replaced the nation The United States Of America over 100 years ago. thats *the scam* folks. in fact, technically the office of the President of the United States Of America is open.

Re:Solution for the for the **AA

[sosume]

But they'll simply haul the person in who's using the masquerader's address and charge them as an accomplice to theft.

Copyright violation is not theft.

What's worse is that the punishment for actual theft of a DVD (maybe $50 or 3 hours community service) would be way less than the punishment for copyright violation (years in prison and 10k$'s fine). Because illegal filetraders are soooo dangerous to society, and actual thieves are not.

Re:Solution for the for the **AA

[wing03]

Copyright violation is not theft.

What's worse is that the punishment for actual theft of a DVD (maybe $50 or 3 hours community service) would be way less than the punishment for copyright violation (years in prison and 10k$'s fine). Because illegal filetraders are soooo dangerous to society, and actual thieves are not.

Let's rephrase my OP.

They'll get the lawmakers to change things so that being an accomplice to copyright is a major offence with major punishment penalties.

They'll haul in the one who is running RODI and acting as the go between and throw them to the dogs.

Afterall, there's no need to hide yourself with P2P activities unless you're doing something illegal? Is there?

Java -- then why not use SWT??...

[guyfromindia]

This seems to be a great app.. but, I am surprised why not many developers are using SWT to improve the GUI. Not to flamebait, but I have used SWT and Swing on Windows/Linux....and prefer SWT. If the developers only target the geek community, I dont see any day to day user trying the app... BTW, on a side note, Azureus (http://azureus.sourceforge.net/) is probably the greatest SWT app written, ever! ;-)

Re:Java -- then why not use SWT??...

[brw215]

Yeah, why would they ever think of implementing an application in a technology that YOU have found personally useful?

Re:Java -- then why not use SWT??...

[AKAImBatman]

I am surprised why not many developers are using SWT to improve the GUI.

SWT has just as many disadvantages as advantages. It's really just an alternative to Swing, not "better" as many may claim. Azureus is one of my favorite programs, but its GUI also has a large number of minor issues on my Mac because of the SWT GUI. Had it used Swing, it would have been just as snappy as JEdit, Netbeans, and a few other Swing GUIs I run.

Really, I have no grudge against IBM for releasing SWT, but programmers need to be careful not to get swept up into the fanboyish "It's new, thus better!" take on things. That same sort of unchecked enthusiasm was what let Microsoft take over the market with Windows so long ago. Only *after* geeks everywhere proclaimed their love for Windows did they finally wake up and say, "Hey, this sucks!"

An interesting link for you: http://www.jgoodies.com/

The Metamorphasis app is particularly interesting. It was originally designed to show that Swing can successfully replicate the L&F of SWT. ;-)

Re:Java -- then why not use SWT??...

[larytet]

i have to keep proof of concept engine small (see CLI only) i use AWT, not Swing the whole installation (includes debug info and GUI front end) is 600K and i think it's a lot.

port to C++ is in functional requirements spec. plugin for Firefox is there too

WEB developer can decide to distribute Rodi as an applet (works today). think about PHP which generates Rodi configuration sript (rodi configuration is script based), prepares HTML page with applet. user clicks and the applet does the rest - swarming, etc.

SWT will put additonal 1M+ to the package.

i am not a GUI guru. i hope ideas from Rodi will be used by people smarter than me and in a couple of years from now i will get result comparable to Azureus.

Eclipse btw is really GOOOD

SILENCE!!

[Mr.Sharpy]

Keep your trap shut about the hidden resources! Sure everybody knows about them, but not everybody knows about them.

Honest Question

[SansTinfoilHat]

I did RTFA, but it left me a little confused. Actually a lot confused.

Does C opt-in to being complicit in a transfer between B and someone? Does C get to know the details of the transfer? If so, is there anyway of C knowing whether or not what he/she is doing is legal? At least with bittorrent I can be mindful that I am only serving up bits I'm allowed to serve.

Re:Honest Question

At least with bittorrent I can be mindful that I am only serving up bits I'm allowed to serve.

Yeah, like *that* matters to most of BT's userbase. :P

I happen to like non-anonymity

[AIX-Hood]

Every few weeks news, another modified version of BitTorrent comes along which promises better search or less tracking. From the standpoint of a person operating a legal BitTorrent site, all of the things that these guys are stating as a feature, I would definitely not want. I most certainly want to track my users, run up statistics and use all of that to better inform my users of how well certain files are doing. I know many are just interested in making new anonymous p2p apps for warez, but their unending focus on it can't be helping the stigma against such p2p apps. Many will say "but! but! the opressed political activist in China! what about him?!" yeah.. I'm sure the teenage mp3 sharer really cares about that guy with his new anonymous p2p warez sucker.

Re:I happen to like non-anonymity

[mshiltonj]

Many will say "but! but! the opressed political activist in China! what about him?!" yeah.. I'm sure the teenage mp3 sharer really cares about that guy with his new anonymous p2p warez sucker.

Those of us who care about the political activist in China are willing to tolerate warez as the price of freedom and anonymity.

Those who only care about shutting down pirate mp3s, for whatever reasons, are also, by extension, shutting down political activists in China.

Does that bother you?

Re:I happen to like non-anonymity

[pla]

I'm sure the teenage mp3 sharer really cares about that guy with his new anonymous p2p warez sucker.

Perhaps not. But the totally legit downloader might. I do. I'll agree that, almost certainly, more than 99% of the traffic I get has nothing to do with resisting an oppressive government (unless you count the US's own Corporatocracy, and consider OSI a sort of political resistance movement)... But if I can help hide even one message that helps a Chinese dissident trying to communicate, I consider that a truly "good" result.

Re:I happen to like non-anonymity

[AIX-Hood]

The ideology of "don't do online what you wouldn't do in the real world" is one that I subscribe to. The **AA is trying this approach now and although I'm usually not on their side, I agree with this point. If you're so embarassed about something, maybe you shouldn't be doing it in the first place.

Re:I happen to like non-anonymity

[xiando]

You totally missed the parents point. I actually happen to be running a Legal BitTorrent Porn Site (hardcoretorrents.com) and I can tell you that the information from the tracker will never be used to call ISPs to get peoples real names and then call them.. I mean, what possible reason would any webmaster have to do that? Your argument is just stupid.

The parent posts point is that it is very good to know how many people are downloading the file, what the seed/peer ratio is and so on. Come on, do you know anyone with a big website who do not look at their logs to find out how many people are using it? Equally stupid argument would be to say you will stop using Slashdot because you are so afraid the Slashdot owners will call your wife and tell her about your Slashdot ramblings.

Re:I happen to like non-anonymity

Absolutely. We must prevent heroics from people we can not identify; we must be able to cart the heros away to our new military gulags, to keep the Fatherland safe from the jews and fags...

Re:I happen to like non-anonymity

So does anyone in china actually use these tools, or is this simply a convient cover story (hey, the chinese people are already being exploited by their government, why not exploit them for free mp3's as well)

Re:I happen to like non-anonymity

[SB5]

From what I understand.

The less tracking issue mainly addresses the really popular files so that you won't have to rely on one central server to contact.

And the search thing, just decreases the need for multiple files on multiple places. Do you really need 10 different torrents for a linux distro that is exactly the same as the others?

And the tracking of people could still happen just have them send some data to a central server when finished downloading.

Re:I happen to like non-anonymity

[Vitriol+Angst]

You think only China needs dissidents? I'm thinking that we in the United States may need this pretty soon.

Of course, I should be posting "Anonymous".

Re:I happen to like non-anonymity

[Vitriol+Angst]

You are correct that anyone can tell how much traffic a website gets without knowing the people accessing it. Pretty easy to tell what gets hits and what doesn't.

Equally stupid argument would be to say you will stop using Slashdot because you are so afraid the Slashdot owners will call your wife and tell her about your Slashdot ramblings.

I am nervous already. If a few slashdot users were hauled in to court--or more likely, detained without court intervention based on a "conspiracy" charge-- I think that a lot more anti-government posts would be anonymous. They haven't done this yet (as far as I know)--but under the Patriot Act, they can. There is no oversight to make sure they did they right thing, other than people protesting that somehow "Jimmy" is no longer around. I'm not impressed with the argument "they haven't done that yet". Well, I never thought the government would pay churches to do public service projects. Or have a policy of torture. Or pay $ Billions to private corporations to serve troops food. Or hire mercenaries. Or prop up the currency. Or a hundred other things that I thought I'd never see from America.

So yes, Anonymity is important for people to express themselves in ways that are important to them, but are censored by government or theology. Now more than ever.

Re:I happen to like non-anonymity

Anoymity is not about doing something your embarassed about. It's simply about freedom. I do NOT have to carry identification everywhere I do, that same rule should apply on the internet. It is no ones business if I download Gentoo, just like it's no ones business if I go to the book store and buy War and Peace.

Personally I fully support any new freedoms even if they are created through technology. Mainly because we are losing so many freedoms in the name of security and safty.

Well I have to get back to work, but people like you make me sick. You would give up everyones freedoms for your false security blanket.

Re:I happen to like non-anonymity

[larytet]

this is http://larytet.sourceforge.net/rodiHash.xml how Rodi Hash file looks like in your browser. this is a table of hosts http://larytet.sourceforge.net/ipRange/ipRanges.xm l (think about tracker/seed) - immediate result of XML databases.

+ ability to use multicast in the future, + signed by DSA 512/1024 packets (optional), + decetralized content search in text/pdf files/meta data.

do not underestimate Rodi. its' about five times larger than just IP spoofing. help it to happen. i invite you to particpate in the success story.

Re:I happen to like non-anonymity

[xtracto]

man, I think your page homepage is kind of outdated
The Pirate bay is closed now... check their website and update ur news

Re:I happen to like non-anonymity

[Mr2001]

Check TPB again - they're coming back.

Re:I happen to like non-anonymity

[xtracto]

thnks a lot
WTF happened then?
That is why I didnt find anything in Google news uh? I think to shut down the PirateBay would be a major win to the **AA's

Re:I happen to like non-anonymity

Does that bother you?

Nope.

China's oppressive government is the only thing holding their enormous economic potential back. A potential that could cripple the standard of living in the West.

It's good for us that they hold on to a backwards, centralist dogma.

BitTorrent already fairly strong

[LiquidCoooled]

With Bittorrent, I am actively working on one single file.

This means that the RIAA/MPAA can only ever see that I am sharing one single file.

Compare and contrast with kazaa etc where my entire drive (shared folders) are available.

BT doesn't give anonymity, but it gives limited accountability, they can't prove I was uploading any other files unless they themselves connect to each one of them at the same time I am downloading. Once my client is closed, then bye bye.

Re:BitTorrent already fairly strong

[angrist]

I've wondered about this a bit.

What exactly would they have on you anyway?

A log file of what, your IP address, maybe some packets / pieces of a file that they CLAIM they downloaded from you? My question is, what information do they have that they couldn't get from you pointing a browser to www.mpaa.org?

Somehow the prospect of using an easy to edit text file as evidence in court seems a little ..... dubious.

Re:BitTorrent already fairly strong

[klang]

Once my client is closed, then bye bye.

And after that, you change the MAC address on your router and request a new IP from your ISP.

For total fragmentation of data (that RIAA/MPAA can collect) you close your client before you finished downloading, do the new-ip-trick, and restart your client.

rinse and repeat.

Re:BitTorrent already fairly strong

[pomo+monster]

Well, yeah, but by the same token it's not hard for someone to falsely claim you assaulted them, or even for a detective to put someone's hair sample in an evidence bag at an unrelated crime scene. But why would they do that? Why would the MPAA fake evidence against you? One fileswapper's as good as another.

If you were being framed by the MPAA, of course, it'd be up to you to explain the MPAA's motives to the court--just like it's up to you to show that a detective framing you has a vendetta against you. Remember how OJ got off.

Re:BitTorrent already fairly strong

Riiiiight, so then if the **AA sues you for filesharing ... you're presumed guilty?

Re:BitTorrent already fairly strong

[Hrodvitnir]

That's the basic jist of it. It's not criminal charges, so you're not presumed innocent. You have to prove your innocence to the judge, and even then, if he thinks you're partially responsible, you my need to pay partial damages.

Re:BitTorrent already fairly strong

Most ISPs don't track your router's MAC address, they track the MAC address of your cable/DSL modem. Reset away!

Re:BitTorrent already fairly strong

A friend of mine left his bittorrent running for a few days after he downloaded a new Harry Potter film. He was on a nice big fiber pipe at home here in the US (yes it is amazing) so I'm not sure if that made him a bigger target. They probably just looked at his information from the tracker and recorded his IP and how much he had uploaded to others. Anyways, a week or two later he was contacted by his ISP after they got a DMCA take-down notice. He just closed his client, and AFAIK nothing happened after that point. As GP stated, atleast one is only sharing a single file - or parts of it atleast. It seems like the MPAA or RIAA are more likely to target people who are sharing tens of hundreds or thousands of songs, movies, etc..

Re:BitTorrent already fairly strong

"Most", not all, not mine. This works like a charm.

The legal uses for this technology are endless

[dioscaido]

First, we have the ability to .... uhm ... well, second we can't forget that we can ... uhm ... screw it, is Episode 3 on the network yet??

While I do appreciate the technological idea

[GauteL]

.. and I am opposed to the draconian ways of which copyright is being enforced today, I have to say that this has very little use other than copyright infringement.

I have a hard time seeing that going through hoops in order to hide your identity while dowloading stuff is going to be necessary for legal downloads so, while regular BitTorrent has many legal uses, this tool does not, making it more likely that providing the tool for download might constitute a crime.

Re:While I do appreciate the technological idea

[doubledoh]

Sorry bud,

But that's the same argument big government always uses..."If you're not doing anything wrong, what do you have to hide?" For starters, it's none of their business. Maybe you've heard of the Constitution? It explicity states that the government has no right to infringe our privacy no matter what it THINKS we're doing with it. And believe me, alot of us just plain want privacy. If someone doesn't want anyone to know what they're downloading, then that is their right (so long as the technology can provide this). I could make a long list of materials that would want to be shared privately (that aren't copyright infringements), but I shouldn't have to justify the right to privacy. You cannot assume guilt simply because someone doesn't want you to know what they are up to. In fact, the Constitution specifically protects against those assumptions (or is supposed to).

Your arguement basically makes any private activity a crime. Building a wall or fence around a house must would amount to trying to hide illegal activity. "My neighbor put a fence around his house so I can't peer in...he MUST be doing something evil in there."

Nope, sorry buddy. Some of us just want privacy. Yes, some seeking privacy will be doing so to evade legal consequences of their activities, but don't group us privacy lovers in with them, and PLEASE don't use their activities to dismantle our Constitutional rights.

Re:While I do appreciate the technological idea

Except the Constitution does not guarantee the right of privacy. Supreme Court rulings have, but it's not in the Constitution. You should try giving it a read some time.

Re:While I do appreciate the technological idea

[rpdillon]

while regular BitTorrent has many legal uses, this tool does not

What? This program does everything BT does, and more. That's the point. So to say BT has uses that are legal, while this doesn't, is kind of absurd.

But I understand what you're driving at: anonymity is only useful for criminals. But that is simply not true. I have a right to encrypt my data, or exchange data with another person without having everyone on the Internet know about it. Why would I want to do this? It doesn't matter. The only thing you can reasonably deduce from me wanting to be anaonymous is that I want to be anonymous. You cannot logically conclude that I'm doing anything legal, or illegal. Simply that I want to be anonymous.

I see this technology being VERY useful as we come into a society that values IP more and more. I am quite worried that the patent system will eventually be used against F/OSS and that it will be an offense of some sort to distribute Linux, Openoffice, Firefox, the GNU tools, whatever, because of patent law. I look forward to having a robust, swarming, anonymous network that we can use to distribute Free software when/if such a situation comes to pass. Sure, it may become illegal, but that doesn't make it wrong.

Re:While I do appreciate the technological idea

[master0ne]

well as far as your claims about constitutional rights, while you may have a point there, big buisness doesnt give a flying rats ass about our "rights" or about anuthing else the constitution supposedly guarentee's us. they know they can get around it with deep pockets and senetor friends who sympathize with "big buisness". In the end the little guy always gets screwed, and with the way things are going, in 30-40 years i wouldnt be supprised if it was illegal to build your house out of anything but glass, let alone put up a fence (ok ok, im being sarcastic there, dont take me seriously, please) but i mean come on, wake up, and stop trying to draw conclusions on what will happen based on what should happen because of any law or right we are granted, instead look at the whole picture and at the underhanded tatics the **AA has been imploying over the years.

YES! at last

[lkcl]

a free software implementation of what skype have already done.

now all that's needed is to port it out of bloody java and also to back-end this code into a VPN.

in this way, you'd be able to hide ANY network traffic, not just VoIP and not just file sharing.

Re:What a logo...

[mrselfdestrukt]

Yeah. It kinda looks like a fruit that's gone goatse.

Short answer

[XMyth]

No.

Long answer.

Absolutely not.

The best way for the RIAA to stop P2P...

[amichalo]

...is to embrace on-line distribution - even p2p itself!

Look at how the iTunes Music Store put a dent in on-line music sharing by providing a better shopping experience and keeping the price low enough that people will choose it over p2p.

Now if the RIAA/etc would recognize the benefits of p2p for distribution of large files, they could benefit from companies like Apple and Napster running storefront trackers. The user would purchase the .RIAA/etc_torrent of "Movie ABC" for $X that could only be used by their client software (iTMS, MusicMatch, etc) to download the music video or movie or what have you, then encrypt it. (This is what Apple does with the iTMS and why DVDJon was able to create another client that buys iTMS tracks but doesn't encrypt them.)

The benefits would be an on-line revenue stream, lower costs of network bandwidth because of the torrent, and a way to win favor with the p2p file sharers today.

Re:The best way for the RIAA to stop P2P...

[kawika]

So how would that work? Would music stores distribute DRM-wrapped versions of their content via an open P2P network? If so, I want a cut of the money my P2P client/server is saving them on distribution costs. How about "upload 10 songs, download an unlocked song free!"

The funny thing is that they would need to keep track of your uploads in this scenario to give you credit, which means trackerless networks need not apply.

Re:The best way for the RIAA to stop P2P...

[jcdick1]

The MPAA can't embrace online distribution of content the way the RIAA has moved with iTunes and such. Music has always had a distribution of owned-content (LPs, tapes, CDs) and radio, with the market for owned-content being larger than the broadcast content. However, with the MPAA, particularly television, there is entirely too much invested in broadcast infrastructure.

I mean, if shows such as "Battlestar Galactica" or "Desperate Housewives" were available at a relatively low cost for online distribution and the medium became popular, that would severely impact your local broadcast stations as well as your nationwide cable networks. The actors and production companies would be doing just fine making the stuff, but even your local weatherman would find himself out of a job, as no local affiliate can stay up and running without primetime ad revenue. And if the producers laced their downloadable episodes with commercials, would you buy it? Very few people would, I think.

Re:The best way for the RIAA to stop P2P...

[amichalo]

So how would that work? Would music stores distribute DRM-wrapped versions of their content via an open P2P network? If so, I want a cut of the money my P2P client/server is saving them on distribution costs. How about "upload 10 songs, download an unlocked song free!"

I see it working more like this:
- user goes to the iTunes Video Store (for example)
- user pays $X for a movie
- iTunes Video Store begins download of a .torrent on a private network only iTVS can access (or the .torrent is encrypted or whatever)
- iTVS downloads the movie, unencrypted (just like iTMS does today) and adds Fairplay or whatever DRM to it
- User watched movie

Instead of tracking bandwidth usage, etc, the use of p2p torrents just keeps operating costs low, allowing iTVS to sell for less (just like Barnes & Nobel sells the same book cheaper at BN.com than at their retail stores).

Re:The best way for the RIAA to stop P2P...

ITMS is NOT putting a dent in music sharing online. Most of the people who use ITMS would have bought music on CDs. The only thing that ITMS has done is that it has removed the step of these people ripping their legal CDs & putting them on ipod. Songs at 99c is still not cheap enough. Services like Napster & Yahoo music might induce more fence sitters to jump on their side, but teenage kids still find ITMS expensive.

Now, lets give credit to ITMS. It has proven that distributing music online is a viable proposition.

Re:The best way for the RIAA to stop P2P...

[alnjmshntr]

You're so right. Look at www.direct2drive.com for a prime example of this.

It works great, you pay your money and just download the game straight away. Not steamified crap either, you just get the setup exe and install. I have actually started *buying* games again, for the first time in awhile, just cause it's so convenient.

It's also pretty cheap, I mean FarCry for $19.99, I don't think anyone will feel ripped off at that price. I just wish they had more selection.

Re:The best way for the RIAA to stop P2P...

That assumes that the RIAA wants to stop you from sharing Britney. That would be a false assumption.

The RIAA has radio, the indies don't. The indies are directly competing against the RIAA. The best way to keep the indie material out of your hands (and ears) is to stop ALL file sharing.

If the indies went away, the RIAA would embrace P2P as another way of getting exposure.

Face it, I'm not going to buy your record if I haven't heard it. In the case of Britney, I'll want it even less after I've heard it.

Were I to lose my mind and want a free copy of Britney's latest, all I have to do is plug the AUX from my stereo's FM tuner to the IN of my computer and start sampling. I'll have a copy of Britney's latest garbage way faster (and with better sound quality) than I ever could through Kazaa or even Bittorrent.

The fact is, all studies show that file sharers buy more music than non-file sharers. The problem is, they buy WAY more indie material.

Fool me once, shame on you. Fool me twice, shame on me. Only a fool believes a proven liar, much less a pack of proven liars.

Re:The best way for the RIAA to stop P2P...

[amichalo]

Most of the people who use ITMS would have bought music on CDs. The only thing that ITMS has done is that it has removed the step of these people ripping their legal CDs & putting them on ipod.

What evidence do you have of this? I don't know that I have seen any facts that show this is or is not the case.

For me and my friends, I can say that we all used Napster and now, we buy singles from iTMS, use p2p when iTunes doesn't have the single, and for albums, I prefer using iTMS while most of my friends buy the CD and then rip into iTunes and archive the CD.

But that's just my own experience. I'd like to see a real study.

Re:The best way for the RIAA to stop P2P...

No it's not. (in my European Country anyways)
[start rant]
Distribution as a moneymaking machine will soon be extinct. Why buy songs from Itunes when you can download the entire catalog of an artist via Bittorrent?
Downloading of music/movies happens to be legal in (some) European Countries. Only the online offering of copyrighted-material is illegal. So when I use Kazaa to d/l music (and not share it) i'm on the right side of the law.

With P2P we have a new dimension to this since when d/l you may also be uploading... However to prove such a thing in a court will be heinous. (What if i stop the down/upload midways because the quality is crap, or most of the time it is about one file you're working on: allright I pay the fine(which is low because only 1 file) or buy the bloody dvd, also how about the right to quote from an original work, you can view p2p as a means to collect a whole bunch of quotes from many different peers and sort them to the original work! Nobody has copied the complete original from you(since you may not even have a complete original, when they got it form you))

Anyways the outrageous big money for music industry is over. They should really find another job.
For artists this is the better, they have now ways to make there music easily reach customers, and the real money will be in touring and media exposure/merchandise/artwork whatever YOU are willing to buy from them.

For the movie industry, they should be making money on cinemas not dvd's, make it a worthwhile experience, or a good night out.

To the **AA in the USA: It's digital it can and will be copied, stop whining. It's like Xerox copiers they build an industry on it, wait and see what happens with the p2p industry.

[end rant]

Re:The Piratebay is sunk!

Not to worry, DHT is enabled by default on the latest version of Azureus. ie. the tracker isn't necessary.

Because it's harder to distribute

[jfengel]

Distributing Java programs is tricky. Adding JNI DLLs makes it trickier. Write Swing and you know the interface is there, for free. You can distribute a jar file with a manifest and nothing else; no path problems, no DLL hell, just double-click the icon (hopefully). Path of least resistance.

I'm not saying Swing is better, just easier to distribute (and more widely known; again, path of least resistance.)

And I'd say the greatest SWT application ever is Eclipse.

Re:Because it's harder to distribute

[LDoggg_]

I agree with your post.
And I'll add that I like using programs written in SWT. But I've done some development in SWT and found that swing is a much nicer API from a development standpoint.
For Example, most SWT GUI component consturctors expect an OR'ed list of constants to set attributes. Most swing components have default constructors that you then set properties on. Some people might prefer the SWT method, but I personally find the swing method easier.

Ho hum...

[dirtyhippie]

1) There is no significant protection here. A and B have to agree on a proxy. All the MPAA/RIAA has to do is a have a list of acceptable intermediate nodes C that are owned by them and not easily traceable to them, and push them out on the network. Now there is end to end encryption, but the MPAA knows who is talking to whom.

Combine this with periodic searches as a client for restricted content, and you've got a list of people offering probable restricted content.

They can even get trickier and start advertising content with filenames that sound right (but of course really just say "you're busted, neener neener"). In this case they act as B, the machine with the content, and they can have a very selective list of intermediate nodes (C) also controlled by them. In short, with a small farm, maybe 30 boxes, the MPAA is right where they are with Kazaa and other P2P applications.

2) There's nothing new here. This is just a stripped down version of anonymous remailers/onion routing, sans encryption.

3) The latency overhead of hopping to a node in between will be significant (as seen with tor), and probably kill the app. Not to mention the assymetric encryption overhead.

In short, it raises the bar a little, and for that is a good thing, but I'm afraid it's not raising the bar enough to make a difference for people who want to download copyrighted content (sorry).

Re:The Piratebay is sunk!

I was of course only hinting at making a possible attempt for a subtle joke.

Why be C?

[tgeller]

As others have pointed out, C takes on liability. What do they get in return? Aside from ideological satisfaction and a sense of being 1337 (which may be enough), what would compel anyone to act as C?

Re:Why be C?

[master0ne]

well if the ability to be A,B, and C was built into all the software, then you may not have a choice if you are C or not, just like with bittorrent where if you want to download you need to upload, if when you open the client it automagicaly launches the "bouncer" server then you may not have much of a choice, plus you could be rated on how much data you have "bounced" and get faster/more connections (just a thought, i havent had much success in getting Rodi to work ai this point)

Re:The Piratebay is sunk!

No, it's just down for maintenance. Will be back within a couple of hours.

Source: http://pirazine.blogspot.com/2005/06/pirate-bay-ne re-fr-uppgradering.html

Well that sounds great and all...

[brouski]

but "C" kinda gets it in the shorts, doesn't he?

Agreed. But it's fixable. Here's how.

[Weaselmancer]

If the **AA happens to be B, then they still know what A asked for and that C is delivering it to them. Both A and C are screwed.

What they need is to add a random number of hops.

A asks for a file, and a random number of hops (say...0, 1, or 2). Let's say we get 1.

A asks for a file and D has it. We have +1 extra hops. So D sends the file to C who sends it to B who delivers it to A.

All B knows is that A is asking for the file and C is providing it. What B does not know is if A is the original person asking for the file, or a hop node servicing a request, like B and C are. A now has a "proof of doubt". As does C for similar reasons - C is a hop node and doesn't have the file. B has no way to know.

And yes, I know this would be slow as hell. But it would be pretty darn anonymous. That's the price you pay.

ugly image

[SamSeaborn]

I'm not downloading it because that weird photo on their web page is ugly and freaking me out. I'm scared already.

Sam

Re:ugly image

[ta+ma+de]

Yeah. What the Fck was that?

Re:ugly image

[houghi]

Now you know what goatse pulled out.

Re:ugly image

[DaFork]

It is a square bumpy pomegranate?

I don't know why it is square and bumpy because pomegranates are usally round and smooth.

Re:ugly image

[Andrewkov]

From the first paragraph on the site:

Rodi or Rodia ( or ) means pomegranate in Greek. The Rodi program is a tiny P2P client/host (under 300K of binary code) implemented in pure Java. It's network use is similar to the bitTorrent concept. The program will serve the filesharing community with fast data delivery and serve the Open Source community by facilitating faster software deployment.

Imagine.....

... a beowulf cluster of these.

seems like a few problems...

Correct me if I am wrong, but wouldn't Rodi suffer from a Sybil Attack. As in, what if the advisory (i.e RIAA) controls both B and C and hence can determine the IP of host A and which file A is sharing?

Furthermore, wouldn't this be incredible slow and fragile since all traffic is routed through a 3rd party. Every transmission would rely on the both the sender and proxy not disappearing. Plus, how would you do piece-wise parallel downloading like bittorrent does? Would you need to get a 3rd party proxy for every single piece?

Finally, was anyone else disturbed by the fact the author was trying to argue that using UDP (with no congestion control) as a transport layer was a good thing. If this indeed ever becomes popular, router queues would surely suffer.

An appropriate story considering

[BluhDeBluh]

That one of the biggest BitTorrent trackers in the world, The Pirate Bay has just closed...

Re:An appropriate story considering

They had some really funny "middle-finger" responses to companies complaining about copyright infringement...

Basically they said Swedish law was on their side. I guess now they are bent over and Swedish law is on their back side.

I would be interested to know more about what took place, what is next (legal charges?), etc... Anyone know anything?

Re:An appropriate story considering

[Dim_Slashdot]

No they didn't

http://www.slyck.com/news.php?story=811

Re:An appropriate story considering

It's a hoax!! they are just updating thier servers, go to thier IRC channel for more info.

Re:An appropriate story considering

[Jarnis]

Hoax by the admins... don't belive everything you read.

It'll be back by tomorrow :)

Re:An appropriate story considering

Actually, that is a hoax... it should be back up soon. http://www.slyck.com/news.php?story=811

Re:An appropriate story considering

No. That's just a joke so please don't send it in as a story. They are upgrading their servers.

Wrong letters

[wertarbyte]

It's not C that agrees to stand in the middle, it is A...You know, like in MPAA. The perfect position to prepare the lawsuit.

PS: Yes, I know mixmaster and tor.

Re:The Piratebay is sunk!

Yeah, like THAT was useful.

Linux penetration? Forget about it.

[PonyHome]

I sure wish that half as much energy were expended in the Linux world writing software that people actually need to use Linux for business as there is in writing software that makes Linux appear to be nothing more than a hacker/pirate platform. I remember in the early days of DOS, when there were probably a fraction as many programmers TOTAL than there are today messing with Linux. We had spreadsheets and word processors galore to choose from. What's wrong with Linux that this isn't happening here? Maybe because there's no vacuum to fill?

Yeah, sure, mod this a troll, but think about it a bit.

Ironically......

[StressGuy]

He makes a point. While bittorrent has been under fire from the RIAA and the like, many of us (myself included) feel that this is inappropriate. The argument being that Bittorrent is just a way to more easily share files.

Rodi,however, seems to add the ability to conceal your identity. I would have to side with "the man" on this one as this feature does nothing but facilitate illegal file sharing via anonymity.

In a way, it makes it harder to attack Bittorrent. As an analogy, it's legal to own a handgun even though guns can kill, but it's still illegal to put a silencer on that gun.

Re:Ironically......

[mobiux]

Wanting anonymity doesn't necessarily mean your doing something illegal.

I just means I don't want people all up in my sh*t.

Re:Ironically......

[mobiux]

Doing something anonymously doesn't mean it illegal.

It just means I don't want people all up in my sh*t.

Re:Ironically......

[Enigma_Man]

While I agree that most people will use anonymity for general douchebaggery (pirating, etc), there are a few uses that I mentioned before that are very good uses for it, but they're more used for anonymous communication, not file sharing (I know they're both bits on a wire, but I mean the principle of the idea). Whistleblowers, ethical violation pointer-outers, and opponents of the current government can use anonymity for it's intended purposes, being able to point out people doing bad stuff without losing your own job (and possibly more, depending on how bad they are).

-Jesse

Re:Ironically......

Like the other person said repeatedly... just because its encrypted doesn't mean its illegal.

Or perhaps you are doing something illegal. Did you know that despite everyone's sobbing and handwringing about kiddie pr0n on freenet, the vast majority of freenet users are Chinese?

Re:Ironically......

[shmlco]

Whistleblowers, ethical violation pointer-outers, and opponents of the current government can use anonymity for it's intended purposes...

Sorry, but this is a major stretch. Yes, WB's may need anonymity, but I fail to see how all five of them need anonymous file sharing.

One can go out of the way to find potentially legitimate uses, but as you say, most (as in 99.99%) will not use it as such...

Re:Ironically......

[Spy+der+Mann]

Wanting anonymity doesn't necessarily mean your doing something illegal.

Well, for 99.99% of the pira^H^H^H^Husers, it is.

Re:Ironically......

[Enigma_Man]

That's why I said I know there's a difference between communication and filesharing, I was just talking about the general principle of anonymity, not anonymous file sharing per-se (that's why I specifically pointed out that point, to avoid you having to point it out again).

Re:Ironically......

[ptbarnett]

As an analogy, it's legal to own a handgun even though guns can kill, but it's still illegal to put a silencer on that gun.

That's a bad analogy.

In the US, all you have to do is pay a nominal tax to the ATF (and jump through a couple of other bureaucratic hoops), and there's nothing illegal about a suppressor. It's no problem for someone without a criminal record.

(If you ever shoot a gun with a suppressor, you'll quickly realize that it's anything but silent)

In most of Europe, suppressors are not considered "evil". On the contrary, a suppressor is considered environmentally friendly, because it reduces the noise footprint. A competitor can practice in much closer proximity to other people without disturbing them. That's a significant factor where the population density is much higher than the US.

Re:Ironically......

[StressGuy]

Carrying a concealed weapon doesn't make you a murderer either, neither does sawing off a shotgun or installing a silencer but there is a place where it is reasonable to draw the line.

Then again, I suppose it could be a protocol for the anonymous delivery of legal but potentially embarassing content (Fetish based pornography, membership in fringe communities that are otherwise legal; for example, Rennaisance, Tri-Ess (sp?), [both being gender dysphoria support groups], etc.)

So, perhaps there are things you want or need but don't want or need other people knowing about it.

Still, this strikes me as the "concealed weapon" of file sharing protocols.

Re:Ironically......

[Ansonmont]

This is pretty off-topic, and I appreciate your consideration about noise and neighbors, but if someone is busting a lot of caps nearby I want to know about it, and hearing the noise is one of the ways to do that.

Re:Ironically......

[cayenne8]

"Carrying a concealed weapon doesn't make you a murderer either, neither does sawing off a shotgun or installing a silencer but there is a place where it is reasonable to draw the line."

Dunno where you live, but it is perfectly legal to carry a concealed weapon where I live (with permit). You can also apply to the Feds to get a license to own and use silenced weapons. (Similar to the license you can get from them to own and use fully automatic weapons).

The sawed-off shotgun? Now that one I'm not too sure about...never heard of that one being legal.

Anyway...might want to rethink your analogy...

:-)

Re:Ironically......

[lgw]

Define "nearby'. In any city-dweller's definition of "nearby" you would still know about it, as "silencers" don't work in real life like they do on television. Suppressed gunshots are still quite noisey.

Re:Ironically......

Depends on how much you saw off of that shotgun. If you hacksaw an inch from the end of the barrel, nobody cares. If the total length of the gun is less than 28 inches, yer fucked. There is a stated barrel length and total gun length that you can not get under. Other than that, enjoy. But try not to get any iron filings into your foreskin, cause it'll hurt.

Re:Ironically......

[GrievousMistake]

Or, potentially, religious or political scriptures that are otherwise illegal to obtain in your country. Then again, if you live in such a country, you probably get no such thing as 'reasonable doubt' and 'fair trial'.
Still, nice to have the tech around for when USA flip over and unleash the tought police.

Re:Ironically......

Anyway...might want to rethink your analogy...
And base it around a car, damnit. This IS Slashdot, you know.

Re:Ironically......

[fcrick]

Anonymity == worse performance.

people want their downloads to go faster, not slower.

Re:Ironically......

Buying tapes doesn't mean you're recording your neightbours private activities.

Well, for 99,99% of the peeping to^H^H^H^H^H^H^H^H^Hamateur video producers, it is

Re:Ironically......

[Eccles]

One of my co-workers lives fairly near a gun range. He'd certainly like them to use noise suppressors.

Re:Ironically......

[mOdQuArK!]

it could be a protocol for the anonymous delivery of legal but potentially embarassing content

Or whistleblower content, against organizations (either government/corporate/political/underground) with a tendency to retributive behavior.

Re:Ironically......

[Minna+Kirai]

Dunno where you live, but it is perfectly legal to carry a concealed weapon where I live (with permit).

Dunno about you, but I am perfectly able to fly around (with an airplane). So apparently, humans can fly??

Your "objections" have just proved his point: by mentioning that these things can occasionally be legal with special permission, you demonstrated that they are ILLEGAL in general.

Really, do you know how incredibly hard it is to get a silencer permit? You've virtually got to invite ATF agents to come live with you.

Re:Ironically......

[Minna+Kirai]

Suppressed gunshots are still quite noisey.

Only if you don't know what you're doing, and continue using normal bullets. With the right low-power load, shooting with a silencer* can sound indistinguishable from pulling the trigger on empty brass. And still have plenty of power to kill unarmored people at short range.

* Yes, "silencer" is what they are called. That is the original 1920s word for the device, and it is an accurate description. "silence" + "er" = "makes something more silent than otherwise"

Re:Ironically......

[lgw]

Most of what a silencer does is slow the bullet to subsonic, and absorb the small sonic boom that occurs inside the silencer. It also supresses the flash, of course, and so many people call them supressors instead of silencers (since they do suppress the flash and don't make the gun silent).

Of course, if you use a light enough load the bullet will be subsonic in the first place, and the silencer isn't doing much (other than acting as a flash supressor).

My point was, just putting a silencer on the sorts of guns most folks have won't silence them, just change the range at which the gunshot is audible from miles to hundreds of yards, and make it sound more like a car door slamming. Outlawing silencers is pretty silly, mostly because of the point you make. If you know what you're doing, a Pepsi can and some rubber fender washers works fine, especially for 22 rifles.

Re:Ironically......

[Minna+Kirai]

Most of what a silencer does is slow the bullet to subsonic,

Wrong. They don't significantly slow the bullet. They absorb the explosive sound from the point of detonation, but only slow the projectile by a minor fraction. Only a bullet which was just barely exceeding Mach 1 could be slowed to subsonic by the small amount of efficiency loss brought on by a silencer.

If you want the bullet to be subsonic (and for tactical stealth, you should want this), then you must intentionally reduce the powder load yourself- the silencer won't slow the round all by itself.

That's why it's generally ineffective to put a silencer on a rifle or any other powerful gun- the sonic boom will still be audible along the whole trajectory. The shooter's ears are a little more comfortable, but the targets are still alerted to the gunfire.

Read about the DeLisle carbine: "working the bolt to chamber the next round makes a louder noise than firing a round." Note the 250 m/s muzzle velocity, well under the speed of sound.

The many people who protest "silencers don't work like you see on TV" probably just don't know how to use them correctly for covert assasinations, and haven't seen a real De Lisle or silenced Sten in action.

Re:Ironically......

[msdschris]

As an analogy, it's legal to own a handgun even though guns can kill, but it's still illegal to put a silencer on that gun.
No more illegal than owning a fully automatic weapon (in the US anyway). $200 BATF fee each and both can be yours.

I don't think so...

[Spy+der+Mann]

The most useful new features from Rodi (like IP anonimity) will eventually be implemented in Bit Torrent.

I'm not sure if Bram Cohen would agree - he made BT to share software, not to pirate music or videos. Adding anonimity to BT is just what the lawyers need to say BT was MADE for copyright infringement.

Re:I don't think so...

I'm not sure if Bram Cohen would agree - he made BT to share software,

FUD. Cohen created BitTorrent to share data. bt.etree.org is a website he set up to trade music. Okay, there's no copyright infringement but it's not software that's for sure.

As to whether BT should have anonymity. There's a wealth of reasons why it would be a good idea. More to the point however, this has nothing to do with Bram Cohen quite frankly. The BitTorrent licence allows me to alter and redistribute the software anyway I say fit. If Cohen doesn't want to add "bouncing" or any other method of anonymity the someone else will.

Re:I don't think so...

[li99sh79]

Bram Cohen set up bt.etree.org? I'm not sure that's right.

-sam

Re:I don't think so...

[EggyToast]

That doesn't mean someone else can't add it in while keeping it compatible with BT.

If he wanted such complete control over it, he wouldn't've released it under the license he used, which allows people to modify and redistribute derivative works. So there's no reason that someone couldn't simply make AnonymousBT that logs onto the same networks.

Re:I don't think so...

[stinerman]

Thanks for pointing that out. The warez shops use BT because its fast, not because it was designed in any way to be good for warez. I think BT is fine just the way it is. When you start decentralizing trackers and adding anonymity, then you sacrifice speed, which is why BT is good.

Everyone seems to want $NEW_FILE_SHARING_PROGRAM to be both fast and anonymous. It isn't going to happen anytime soon. If you want to be anonymous, use MUTE, Freenet, etc. If you want speed, use BT.

Re:I don't think so...

[DustyShadow]

Anonymity has many other advantages outside of protecting illegal downloads. I agree that lawyers would probably take that and run with it but I don't think it's a good reason not to implement it into bit torrent.

Re:I don't think so...

[N1KO]

What other uses are there in a file sharing program? I can think of one, downloading pornography... but most of that is also copyrighted.

Re:I don't think so...

[Jagasian]

Anonymity as legit uses too. It helps protect against DOS attacks because you don't know the source of a file so you can't attack it as easily.

Re:I don't think so...

[larytet]

"When you start decentralizing trackers and adding anonymity, then you sacrifice speed, which is why BT is good."

100% agree. BT is good and has it's applications. Rodi has some other applications, Tor/I2P/Mute/WASTE all have strong and weak sides. the world is multidimensional and i would like to keep it this way.

Re:I don't think so...

- Adding anonimity to BT is just what the lawyers need to say BT was MADE for copyright infringement

I would respond "we wouldn't have added it if you weren't scaring all our potential users away. It still doesn't prove they're doing anything illegal.

Re:I don't think so...

[Minna+Kirai]

Anonymity as legit uses too. It helps protect against DOS attacks because you don't know the source of a file so you can't attack it as easily.

That's completely backwards. Anonymity helps protect DOS attackers because you don't know the source of an attack, so you cannot possibly tell them apart from legitimate users. You can't ban them or sue them. Anyone is free to send millions of anonymous requests for your data, and the actual genuinely interested downloaders will be lost in the flood. All the proposed "distributed P2P anonymizer" systems are tremendously vulnerable to unidentifiable DOS.

It helps protect against DOS attacks because you don't know the source of a file so you can't attack it as easily.

You don't need to know the source of a file. Just request it, and then attack whatever intermediaries offer to bounce it to you.

The recording Industry

[Puls4r]

Eventually, the recording industry will realize that their DRM, lawsuits, and other forms of sharing "prevention" just won't work.

They're going to have to change to a business plan that's different. The online music stores are a good start. More live concerts is another.

CD's are going to finish becoming obsolete in about 30 years as rewritable forms of memory like USB sticks get smaller, contain more, and take over.

They WILL change, or they WILL go out of business.

Re:The recording Industry

[sabat]

And they know it. Hillary Rosen (former head of RIAA) admitted this in a Wired interview once.

The recording industry won't even exist in the future, IMHO. They're a clearing house that isn't needed. Adam Curry's and CC Chapman's Podsafe Music Network is a rough example of how things might look someday; you listen to 'radio' that promotes new music and bands, and you support the bands by buying CDs (that's today), maybe making a donation (?), or seeing them live.

CDs obsoleted in 30 years? I wouldn't give it that long.

Re:The recording Industry

[xiando]

In my eyes, the CD became obsolete years ago. I do not even remember when I sold my CD player. As for DVDs, I never bought a DVD player as I had already switched to using my computer for entertainment when it became popular.. Both the CD and the DVD are already dead, the **PA just have not realized it yet (unlike the adult industry who are now almost entirely based on on-line distribution).

Well fuck

[Nasarius]

That's really surprising. I thought they had spoken with lawyers and determined that what they were doing was legal in Sweden. I'll miss the amusing page with their responses to legal threats.

Re:Well fuck

I've been following their legal threats section for quite some time too and noticed that the last one came just a couple of days ago from www.websheriff.com. I wonder if the timing is just a coincidence because websheriff seems ridiculous?

Re:Linux penetration? Forget about it.

What does Linux have to do with this story? The program is written in Java, which means it will run anywhere that has a Java virtual machine.

Use "fair use" laws - would this work?

[richieb]

Let's say that according to fair use clauses of Copyright law, I can quote 10% of a song for non-commercial purposes. What if there was a P2P client that would only allow people to upload 10% of the file from you.

Since you never share more than 10% of a song, you could use "fair use" defense (you can even provide critisism - "this song is good/sucks").

The same P2P client would grab 10% of a song from 10 different people, each of who shares different part of the file...

Re:Use "fair use" laws - would this work?

[Mike+Buddha]

Let's say that according to fair use clauses of Copyright law, I can quote 100% of a song for non-commercial purposes. Then I'd only have to have a P2P client that would allow people to upload 100% of the file from you.

No, it's stupid. We can make hypothetical situations all day that would make copying copyrighted materials legal.

Expectations

[null_session]

I find it kind of sad that even on Slashdot there is the "if you aren't doing anything wrong then you have nothing to hide" mentality. I would like to be able to expect privacy even when I'm doing something *legal*.


The expectation of privacy also counts when exercising your freedom from unreasonable search... you have to have an expectation of privacy. It's sad that ours has gotten so eroded that we no longer seem to have one. Our own culture undermines the bill of rights... Good hack on the government's part, but -sigh-

Re:Expectations

[doubledoh]

Agreed. I'm amazed at how many technlogy users (who know the power and scope of invasive technology) seeminly WANT a big brother type paradigm to win. I don't think people realize that their nonchalance is even more damaging than those few brave enough and smart enough to cry foul. Nonchalance in numbers is EXACTLY what big governments want in order to achieve their goal of total control. Do I sound paranoid? I am. I'm truly scared that every day that passes is a day closer to Orwell's fears becoming a reality. In fact, if you took 1984 line by line, I think you'd find that we are already 90% there.

Re:Expectations

[baggachipz]

Consider also the fact that today's young (and soon-to-be) voters express a resounding sense of empathy when it comes to privacy matters. Evidently, simple principle isn't enough to motivate anymore. Today's average voter: "Hmm, I don't really think I like what either the democrat or the republican are saying... but I have to choose between the two! I'll vote for the guy who drank the most beer." http://www.lp.org/

Rodi is 100 times better than BitTorrent

Rodi rules. I am not even bothering with BitTorrent anymore. Rodi is blazing fast(even the beta version), has already a better user interface than most BitTorrent clients, and offers much better anonymity. The Rodi developers did an excellent job.

No. here's what we need:

[Punto]

what we need is a mix between freenet and i2p. This 'bouncing' thing is nice, but it slows down the transfer, because I don't know if the guys between me and the source of the warez have good connections.. It would be nice to have a network like freenet, where everyone holds a random bit of the data on a semi-permanent basis, and to be able to choose the ammount of hops I want to have between me and the people I want to connect to, like on i2p. If I choose to have 0 hops, and the other guy chooses to have 0 hops, we'd be connecting directly, but still we have no way of knowing it (because the other guy could have >0 hops before him). And even if we knew it, we would have plausible deniability; the other guy is just holding a piece of random data, he doesn't know what it is.

This would be the first step in the evolution to anonymous p2p, it's a good compromise, and way better than the current method, where everything is done in plain view. If (or more likely, when) the thought police starts attacking this, _then_ we can move to the fully paranoid networks.

Re:No. here's what we need:

[RichardX]

Wish granted. There is presently a project underway to develop a distributed content storage system for I2P

Re:No. here's what we need:

I'll host the 0's, you host the 1's. Or for a more random approach, you host the 0's!! :)

Re:No. here's what we need:

[NoMoreNicksLeft]

Sent you an email, hope you respond.

Re:No. here's what we need:

[firew0lfz]

mod up as interesting.

Re:No. here's what we need:

[MarkCollette]

No, that's the last thing we need.

All you people who are worried that the RIAA or MPAA might sue you, or that some "thought police" might come after you, are creating the tools for pedophiles to use to evade capture. We're talking about people who are harming kids today, for real.

All so you can save a few bucks on some CD or DVD.

I blame the RIAA and MPAA too, for creating this bullshit scenario, but you guys should own up to the reprocussions of your own actions.

Re:No. here's what we need:

[Zardoz44]

Wanting privacy is not the same as protecting pedophiles. There were pedophiles before the internet and there will be pedophiles if you make the entire internet transparent.

Don't be so naive. Kids are being harmed outside the internet, despite what CNN tells you.

Re:No. here's what we need:

[MarkCollette]

First off, I want everyone's privacy protected.

But, in the physical world, there are degrees of separation of privacy. If I'm at home I have the most privacy. If I go out into public, I have less privacy. Typically, to commit a crime, one must leave one's own property, and invade another's. The resulting reduction of privacy when doing so, facilitates capturing criminals.

You are advocating the creation of software which will allow others to interact, at a distance, with privacy. That's not something the real world gives, but is an escalation of cababilties. Along with those greater capabilties, I argue, there is an increased responsibility. But no, you would put these tools into everyone's hands, which inevitably includes those who would use it to facilitate their harming others.

Ok, so guns don't kill people, people do... A tool is a tool... Personal responsibility... etc.

Right, but we already know about the problem of pedophiles and freenet. Also, we're not talking about a simple file trading program where a file only goes from Bob to Joe. We're talking about a protocol designed to disseminate software from one source to as many people as possible. Ie from the abuser to all the sick fucks who watch, while protected the abuser from the police.

All so you can steal some copy righted material.

You're trying to solve a problem, with this much illegality:
|___|
by creating tools that facilitate this much illegality:
|____________________________________ ______|

That's where your personal responsibility kicks in.

As for my being naive, or watching CNN, or whatever BS you pulled out of your ass...

I'm not saying that your software would make any more pedophiles, or that the Internet makes more pedophiles, I'm saying that your software would protect existing ones, who would otherwise get caught. Them being protected means they can continue their activities. Hence, it would cause harm.

I don't expect you to emotionally care, but I do expect you to not be so fucking stupid, and to maybe consider the affects of one's actions, and take responsibility for them.

Re:No. here's what we need:

[larytet]

"his 'bouncing' thing is nice, but it slows down the transfer, because I don't know if the guys between me and the source of the warez have good connections.."

Rodi Publisher knows the bouncer and probably even runs/owns the bouncer (chain of the bouncers). Rodi Publisher wants to be sure that even if the bouncer is compromised there is no any logs on the hard disk.

Isn't this conceptually similar to MUTE?

[thrashor]

It seems to me that the anoymizing technique used in Roti is essentially the same as that used in MUTE. Would anyone more qualified than I care to make a comparison?

Re:Isn't this conceptually similar to MUTE?

[rpdillon]

Not really.

MUTE is using ant-based routing. This is basically a system that doesn't use IPs in the network very much, only directly connected nodes know each others IP. Each node instead uses a sort of psedonym, and that is the "address" that is used to route information. The beauty is that no one on the network knows the pseudonym-IP mapping, which makes the anonymity work pretty well.

In Rodi, you specifically put intermediate nodes between you and the destination, kind of like an obfuscated Gnutella-net. MUTE's routing doesn't know whether there are nodes between you and the destination, and further, doesn't even know when the packet has reached the destination. This makes MUTE very powerful because everyone is routing traffic for everyone...this makes the "C"s ubiquitous in the network, much like freenet.

That said, you are correct that every anonymous routing system "bounces" data off other nodes to anonymize it, including anonymous proxies, I2P, Tor, MUTE, Antz, Freenet, GNUNet, Rodi, you name it.

Re:Isn't this conceptually similar to MUTE?

[thrashor]

Nice summary of the differences. Thanks.

Re:Isn't this conceptually similar to MUTE?

[larytet]

very correct evaluation of MUTE vs. Rodi

may be you can find this interesting http://larytet.sourceforge.net/userManual.shtml#wh ynotmute

Re:Isn't this conceptually similar to MUTE?

[larytet]

"Mute vs. Rodi"

this can be interesting http://larytet.sourceforge.net/userManual.shtml#wh ynotmute

Backwards

[Elwood+P+Dowd]

That is, if A wants a file from B, they get C to agree to stand-in on the exchange. B gets C's IP address, not A's. Through IP Spoofing A can even hide their identity from C.

The problem is B. B is the guy that gets sued. B is the one offering the valuable service. B is the one that needs to be protected.

Who cares if A can hide their identity? B can't.

Re:Backwards

[the_2nd_coming]

dumb ass it works in both directions.

Re:Backwards

[trevdak]

Nope. A sends out request for file that B has. B has C stand in, and sends file through C. A never finds out who B was, and C knows who they both were, which is why the network isn't safe from the RIAA

Re:Backwards

[Cid+Highwind]

Nope. A sends out request for file that B has. B has C stand in, and sends file through C.

Then isn't C offering the files for download and exposing themselves to multi-gigabuck lawsuits? If copyrighted bits are observed going from C to A, what's to stop the **AA from suing C for distributing copyrighted files?

Re:Backwards

[MichaelDelving]

Gah!!! I have moderator points, and there's no -1 (stupid) moderation option. I am not surprised that a lone idiot (that would be you, Elwood) spouted nonsense. I AM disappointed that the moderation system resulted in a +4 (and probably a +5 by the time I finish typing) rating for the parent post. Sigh, overrated just doesn't cover it. Okay concrete thinkers, forget the A, B, and C example. Each participant can specify how many hops they want. So generalize to an B (leacher), C, D, E and F (seeder) example. Only C has B's IP address. And only E has F's address. And as far as C knows, there's an A involved. And as far as E is concerned, there might be a G. The upshot is that any intermediary isn't aware of whether it's dealing with the seeder, the leacher, or another intermediary. And I believe the law of the land is still "innocent 'til proven guilty."

Re:Backwards

[Elwood+P+Dowd]

I'll get modded down shortly then. I've only received two upmods.

So, if Rodi is using FreeNet-like rerouting, wouldn't it also need FreeNet-like encryption to ensure that the packet gets back to whomever requested it?

Is Rodi identical to FreeNet except that you get to choose what blocks you host?

Is it faster?

Re:Backwards

Easy solution. Use PGP to encrypt the transfers. C will know the IPs but won't know the content of the data. If each site had legitimate data on it, then C wouldn't be 100% sure A was downloading warez instead of the latest Linux ISO.

Re:Backwards

What, B sues the **AA? How.

Re:Backwards

[line.at.infinity]

If you were knowingly running a program that could potentially upload copyright-restricted content, and then your program made such an upload, then you are no more innocent than without the anonymizing layer. Even if you may not have a copy of the content on your HD, you made the upload, and the upload could get you in trouble.

An anonymous network supporter mumbles something about circumventing Chinese internet censorship, but you are still knowingly doing something that can aide illegal activity, which, like terrorism, is something that is wrong even if you care to slap on some ideology or political cause behind it, because it damages copyright. The pretend ignorance is the type of logic used at offshore banks, and anonimizing networks that inherently use this type of logic could likely come under legal trouble.

Re:Backwards

[BranMan]

Much better example I agree.

What Elwood stated isn't accurate - B is the one sharing the file, that's true (in the A-B-C example). The RIAA would have to control C to know who was giving and who getting the file. BUT - in the parent post to this was a 4 node example.

In that one, the RIAA could control ANY of the 4 nodes, and not get any conclusive information out of it since any other node they connect to could be a proxy for someone else.

Legally though, they could be the seeder (F) and sue the proxy (E) that contacts them to download (or B and sue C). Do they know if E is the end downloader? No, and they don't care.

It would be up to E to defend themselves from a lawsuit - E to convince someone they *might* not be guilty of copyright infringement. And since it's a civil case, not a criminal one, there isn't any "reasonable doubt", just a "preponderance of evidence" (51% if you will). E would not have a fun time in court.

Re:Backwards

[Ziviyr]

I suppose its provably aiding and abetting the actions of a network generally dedicated to breaching intellectual property laws.

Was that spiderman 2 you were proxying!?

Re:Backwards

[Minna+Kirai]

And I believe the law of the land is still "innocent 'til proven guilty."

No! Copyright infringement is a civil matter, meaning you are guilty when it appears more probable than not. It need not be proven.

It's as if the requirement is 51% certainty, rather than the 99.99% desired in criminal cases. A criminal jury must be unanimous, while a civil one may just take a majority vote.

Look back at the O.J. Simpson verdict. He was found not guilty of criminal murder, but then the civil case found him liable for wrongful death, because it used lower standards of proof.

Anonymity is evil

[tjstork]

It really seems like a good idea, but I'm so fed up with Phishing sites, emails from nowhere, etc, that it seems like allowing all of this anonymous content is being proven a bad idea. The one good thing about IPV6 is that captures your Mac address, although I suppose that could be spoofed somehow..

Re:Anonymity is evil

[xiando]

IPV6 does not capture your MAC address - if you are using a DHCP server then you will probably get an adress ending with your MAC, yes. But nothing prevents you from adding a dozen IPv6 IPs to a single computer if you have your own subnet..

Re:Anonymity is evil

[tjstork]

Thanks' for the correction!

The prevalence of privacy

[FirienFirien]

With BitTorrent and several similar applications, the application is supposedly justified by legitimate traffic, and this has been a big point against them being closed down in cases from the RIAA and similar corporations.

As the level of privacy is taken up, notch by notch, it's the illicit side of it that seems to be prevailing. I saw a p2p system was used for one of my automatic WoW updates; I don't see any reason why to hide that from the web at large. If I wanted to get distributed file transfers, and those transfers were legal, I'd probably still not mind; who cares?

This ever-increasing secrecy just boosts the idea of the illegality of the majority of the traffic through these systems. Another side of multiple layers of cloaking is that if a worm/virus/etcetc gets distributed, then it's going to be that many times more difficult to track it down and stop the damn people who are doing it.

I'm interested to see why people are so insistent on extra layers of invisibility. I bet a major answer to that is simple privacy, so that people don't see what you do; to that I respond that this is hardly confidential information; no credit card numbers, phone numbers, addresses. Your IP, which everyone with a website sees anyway when you look in.

Why the obsession with needing so much privacy that it's a haven? Noting that havens attract the bad seeds more than the good.

So now C is culpable right?

[donaggie03]

C is the middle man right? So either way you look at it, C is getting the (possibly copyrighted) data before sending it on to B right? Ok, so the next argument would likely be "But C only gets very little of the data at a time before it is sent to B, and C never actually USES the data, so its all good!" So they C would just get sued as an accomplice or whatever instead of as a copyright violator. Either way, instead of B getting sued, it will be C that gets sued. Great idea.

It's Jun 1st

[madaxe42]

In sweden June 1st == april 1st.

Re:It's Jun 1st

[plupster]

No, it's not. (If parent was a joke, I didn't get it.)

Conspiracy charges

[ari_j]

It gets worse. If you set yourself up as a C box by running the software, and you know that your machine is being used to commit criminal acts such as piracy, then you and A and B can all be charged together as a conspiracy chain. And it gets even better: in federal court, conspirators are liable for all of the related criminal acts of their co-conspirators. So, if you as C help A and B pirate one mp3, and they use other Cs to pirate 1,000 other mp3s, you can probably all be charged for all 1,001 counts of piracy. Enjoy.

Re:Conspiracy charges

[igny]

If you set yourself up as a C box by running the software, and you know that your machine is being used to commit criminal acts such as piracy,

But you don't know this for sure. For all you know you are a part of legal downloads using a legal copy of P2P software.

Re:Conspiracy charges

[ari_j]

Like I said, "If ... you know that your machine is being used to commit criminal acts," you can be charged with conspiracy. Proving that you knew that is an exercise for the federal prosecutor.

Actually...

[Svartalf]

In the case of BitTorrent, you have to actually set up port-forwards for the clients doing downloads. If you're a business and you've got employees needing those ISO downloads, either you put up the port-forwards, or hope someone sets up a Rodi tracker, etc. and have it work automagically for them.

It's not just about anonymity- it's as much about NAT tunneling; something that I would have hoped the BitTorrent author would have given some thought about. For even legal P2P to work, it must account for situations like NAT because it's pretty much the norm, not the exception- and so far, they've not considered that sort of thing in a serious manner until now.

The Onion Router Project

[mslinux]

Why not just use TOR???

TOR

Re:The Onion Router Project

[rpdillon]

Tor has specifically requested that NO Bittorrent data packets be routed over the network because it cannot yet handle the load.

Re:The Onion Router Project

[larytet]

" Why not just use TOR???"

you can find this thread interesting http://board.planetpeer.de/index.php/topic,978.0.h tml

Antipiratebyran illegally raided the Pirate Bay!

The Pirate Bay has been taken down ILLEGALLY by an industry-backed swedish anti-piracy group that calls itself "Antipiratbyran". They do everything to convey the image of an official organization. They violently raided the house of the Pirate Bay crew, stole several computers, and hijacked the website. Do you honestly think the crew would actually put "Antipiratbyron" on their website and apologize?

The Pirate Bay crew is currently taking legal action against Antipiratebyran and we can only hope that there is still justice in Sweden and that the courts can still distinguish between what's legal and what's now.

Re:Linux penetration? Forget about it.

[Slashcrap]

Yeah, sure, mod this a troll, but think about it a bit.

OK, I've thought about it a bit.

And I've come to the conclusion that people write free software to please themselves.

If you want them to write free software to please you and your views regarding the rightful place of Linux in the business World, then you or somebody else needs to pay them to do so.

It's funny - it didn't take me more than half a second of thought to come to that stunningly obvious conclusion. So I'm wondering why you couldn't have done the same?

Useful features...

[Svartalf]

I don't consider the IP anonyminity to be the most useful feature (it's nice all the same, but any app could and would stand on it's own without it...)- it's the NAT tunneling. One of the biggest things about BitTorrent that's holding it back is that it requires a lot of work (yes, it IS that) to deal with NAT unless you're completely in charge of all portions of the network until you hit a routable address. Right now, BitTorrent will not work for you if your ISP NATs your access. It only works for those people who happen to have routable addresses- which is dialup and anyone with a fixed routable IP on broadband that has control of thier own NAT firewall. Rodi's claiming that they tunnel through the firewall NAT and allow all potential participants to join in the swarm. Looking at his source code, it looks similar to the stuff they did for STUN that's used with SIP. Not a bad idea, really- and it should be there in BitTorrent (And it should have been there on day one, in my not so humble opinion...).

Re:Agreed. But it's fixable. Here's how.

[EggyToast]

I think the description given for Rodi is somewhat simplified, as for the majority of BT trackers there's a TON of people on them at any given time. So it wouldn't simply be 3 people, but rather that C's IP is bounced around to D and F, and F's IP is bounced to E and M, and M's IP is bounced to A and R, and so on. Even if each person bounced to 2 people, there'd be enough obfuscation to render it useless for logging.

Just a question

[skatephat420]

Would C get in trouble for allowing B to use its IP? After all by using Rodi, C automatically allows B to use its IP; therefore, C is a partner to illegal file sharing.

Re:Just a question

[steven94585]

Plausibly deniability will not hold up in court. If you are holding on to something illegal when they search you, or your computer, you are guilty. Anyone remember that little saying: Possession is 9/10th of the law! Doesn't matter if you know what it is. That said I doubt you could get criminally convicted, but you could get sued for damages.

It gets better...

[wild_berry]

As stated above, this makes them complicit and cooperative in the transfer of the very digital information they seek to control. Any suits for infringement can be met with "you helped out" line before laughing the case out of court.

Sounds lame

Really, it sounds like some college student's idea of a cool project. He's blissfully unaware of little things things like information theory and cryptanalysis, and writes off proposed attacks as "oh, well you can just spoof your IP".

Lame.

Re:Sounds lame

[larytet]

and your guess is correct. help me to improve the design

Caveats:

[wild_berry]

Seek out appropriate legal advice: I'm not a lawyer, practitioner and do not pretend that I am a legal expert of any kind.

Re:The PirateBay is down for good! - NO ITS NOT!

Nope.. its just an joke by the tpb guys.
The server is actually just down for maitinance.

http://pirazine.blogspot.com/
(swedish)

Two things:

[Andy+Dodd]

a) As mentioned before, it doesn't protect the sharer, only the person asking for the file. The sharers are the ones the MPAA/RIAA want to go after.

b) The fact that every connection is tunneled through an intermediary will significantly reduce scalability and throughput.

In the nick of time

[greenja]

Pirate Bay seems to be dead, dead, dead.... "Today the swedish anti-piracy organisations raided The Pirate Bay and confiscated the computers running the tracker. This probably means the end of The Pirate Bay and we, the crew, apologize for all loss of income caused by our activity over the years." http://tracker.piratbyran.org/ 1) too bad 2) they poked a lot of people in the eye...

Re:In the nick of time

[Catbeller]

According to Slyck.com, the Pirate Bay closure is a hoax.

Cheer up; there's still one Puck left in the world.

Re:In the nick of time

[xiando]

The Pirate Bay is down for a upgrade and will be back in a few hours. :-) The message currently on the site is a joke from anakata.

Re:In the nick of time

[greenja]

OWA-TA-GU-SIAM I am quite gullible.....

Improvements

[alxdotnet]

I came up with this idea a while back, actually. The general concept is simple, but there are a number of sublties. As one user here suggested, the first obvious improvement is to use multiple hops. However, let's assume (in a rather paranoid fashion) that the *AA is traffic monitoring Joe Leecher, who is downloading a file through a relay chain. The *AA might not be in the chain, but they still know Joe Leecher is download loads, but not uploading much. Ah, he must be pirating! SO, the trick would be to add additional relays AFTER the intended target. Of course, the Joe's position in the chain would have to be random...and could potentially be at the end. This way, Joe Leecher has to upload some, but no matter...he gets the file and nobody's any the wiser. You could even get creative, and have the initial sender fake some download traffic. Now let's assume the *AA gets more involved, and starts inserting sleeper nodes into the network. If they were in a relay chain, they would know that 2 IPs (sender and receiver) in that chain were uploading/downloading illegal files (assuming they WERE illegal files). Thus, 2 users are put in danger, even though they are not the intended recepients anyway. SO, encrypt the transfers, sort of like some remailer chains do. The initial sender somehow (depending on the actual details of the protocol) receives a generated public key of the real receiver. You could even add envelopes, where every node in the chain was party to the encryption/decryption. Thus, only the true sender and receiver would know the content being transferred, and they wouldn't have any way of tracking each other! The next idea would be to extend ALL of this to searches, so even your searches are anonymous/encrypted/relayed. A distributed trust system could also protect against malicious middle nodes changing data to impede the network. Anyway, let me know if you like these ideas. I've held off on implementing this until I get better at C[++]. If you're a 1337 coder and want to help, by all means, let me know!

Re:Improvements

[An+Onerous+Coward]

Is this what you're describing?

Only one way for truly anonymous IP

[BedivereW]

1) Purchase an 802.11 card that allows the users to alter MAC address and an external antenna. = $45

2) Drive around random suburban neighborhoods looking for open access points. Be sure to change your MAC address at random intervals. Netstumbler will make this easier. = 20 hours of your time

3) When you are downloading those Linux ISOs choose a new access point and MAC address every evening. You will need a van to ensure privacy and comfort. = $20,000

Total = $20,045
Time Investment = 20 hours + downloading time

I think I will stick to purchasing my software and music.

Take it easy please...

[RasendeRutje]

Guys, please take it easy developing P2P. The RIAA & FBI are still having trouble tracing old skool kazaa and bittorrent terrorists, a you already have a successor? That ain't fair!

Order Up Another Drum of Mylanta

[Nom+du+Keyboard]

Order up another 55gal. drum of Mylanta and send it to the RIAA.

Here's a nasty thought

[pg110404]

Instead of trying to spoof legitimate traffic on p2p networks in order to throw off the **AA and seeing as how they are starting to use UDP instead of TCP, I'm surprised nobody's come up with a trojan/virus that generates fake data for legitimate torrents and fire them off to ranges of ip addresses at random.

I'd suspect the **AA would have a much tougher time rationalizing their witchhunts if even only 10% of network traffic related to bittorrent was actually false, both in terms of content and in terms of ip addresses.

Given random sector packets of random data content, those packets would either show up as discarded data (packets received for which the client didn't request) or would fail the cluster checksum and would eventually get tossed.

Not only would the **AA need to log the ip address of where it came from but also log the contents of the packets to compare it against the original torrent checksums to determine if it is legitimate traffic. Even if it was legitimate, given that it could theoretically be requested by a bot which then proceed to dole it out to ip addresses at random, the automation of the process would make it harder to say that the traffic was user initiated at all.

If enough machines had these bots, legally, the **AA would be walking on very thin ice since, in order to determine if that person really does have copyrighted material, they would have to examine the computer, but the computer might never have had it in the first place, nor would that person even have wanted it or taken any steps to acquire it. It would be a serious breach of privacy and it would make it tougher for them to justify the beating of the wardrums.

Re:Here's a nasty thought

[karldavidson]

BitTorrent traffic accounts for 1/3 of all Internet traffic. Throwing 10% of that data to random IP addresses seems to me not a very good idea.

Re:Here's a nasty thought

[pg110404]

Well, I did say it was a nasty thought. I had typed out an entire response which would have been offtopic both as a reply and as the subject in question, dealing more with the ethics of movie downloading so I'm coming up with this one instead which is marginally more on topic.

While I don't condone illegal downloading, I think the MPAA and RIAA could be using p2p (i.e. bittorrent) as the scapegoat for their lost revenue and poisoning an otherwise perfectly good system with FUD.

I've personally been burned too many times in the recent years about the quality of certain movies that of all the movies that come out in a given year, I might only be interested in watching 3 or 4 of them, and of those, I'm now renting them on dvd, and not see them in the theatre and of those about 3 or 4 of them suck bad enough I really want to watch them at double the speed just to get the movie over with sooner.

The village - way too predictable. I was not surprised for one moment that this was a cult tucked away somewhere to escape modern life when it was finally revealed.
Attack of the clones - saw it in the theatre and couldn't wait to get out of there
Revenge of the sith - Everybody said it was awesome and so much better than the previous ones, so I fell for it again and again coudn't wait to get out of the theatre.

I think most movies made nowadays suck and are filled with pablum type humour designed to appeal to the kids, then the MPAA wonders why I don't go see it in the theatre? Sure. It just has to be the fault of bittorrent and anyone who uses it is evil and is a pirate. Make the movies worth watching and I and probably a lot of other people will start watching them again.

I say to the MPAA, "Don't assume the rise of bittorrent traffic and the downloading of movies/music is the direct cause of lost revenue. It's as silly as saying hurricanes are caused by the beating of butterfly wings."

(And by that butterfly reference, I mean that even though butterflies can create hurricanes, butterflies are not the sole cause of hurricanes. For all I know, being late to work and rushing out the front door of my house could be just as much a cause).

MOD PARENT UP INFORMATIVE

[Danuvius]

Just sayin'...

Oh, and slashdot is run by idiots. Thanks for another captcha. I'm *still* human.

Re:YES! at last

[NoMoreNicksLeft]

It's called openvpn. Check it out.

Written in java? Oh dear...

[Viol8]

Not so much Bit Torrent as Bit Dribble then knowing Java VMs amazing data throughput abilities.

Re:Written in java? Oh dear...

[rpdillon]

OK, I'll feed the Troll.

You know Azureus (probably the best BT client around) is written in Java? Java is very high performance...I don't know how long its been since you used the VM, but it is at LEAST equivalent to C for small scale programs, and really shines on large scale projects.

Re:Written in java? Oh dear...

[Mike+Buddha]

What VM are you talking about specifically, and what is this horrible throughput you claim? Cite your sources, please.

More Java FUD.

Re:Written in java? Oh dear...

[Viol8]

Yeah , high perfomance, sure. That'll be why a
previous firm I worked for when "upgrading" their
software to run under a VM instead of a binary
ended up having to upgrade their servers too. That'll be why every single java program I've ever run , runs like a slug compared the equivalent non VM progran. You java zealots can preach your religion as much as you like , but people like me who actually have to work with this horrid VM system (I have nothing against the language itself, especially when compiled to native code) know the truth of it.

Re:Written in java? Oh dear...

[rpdillon]

I work with Java professionally as a software engineer for a defense contractor. I would readily assert that there is a memory overhead associated with using a VM, but there is not much of a performance overhead.

The net is littered with old pages filled with comparisons between C and Java running the 1.1 VM on Windows 95. These benchmarks were done years ago, and do not interest me.

More recent benchmarks are available that give more relevant results. The first thing to note is the sheer number of VMs tested in this benchmark alone, and the vast performance differences between them. Saying things like "this horrid VM system" means nothing - it's like you're complaining about "this horrid car". Which car?

VM to VM comparison handled by the SPEC JVM98 is not interesting in our discussion, though it does illustrate the point that not all VMs are equal. More interesting is the Scimark 2.0 in Java, C#, and C/C++. It is worth noting that, on average, C/Visual C++ comes out on top, but only by around 1-2%. In second place is 1.4.2 JDK, third Sun's 1.5.0 JDK (both server VMs). The top benchmarks are 329/324/316 respectively, and then we start plumetting into 266 for gcc/-O2, a handful of JDKs, and then C#/.NET(release) down at 240. That's native code, just so we're clear.

So, at least in that benchmark, Sun's Java VM is comparing quite nicely to both other VMs and native code.

Linpack is more interesting, because it was run for both 500x500 and 1000x1000. In 500x500, native code is indeed faster, by a good margin. The 1.5.0 VM is about 1/3 lower than native compiled C code. But looking at the 1000x1000, you'll see the the VMs and native code are neck and neck, barely any difference between them. That is where my statement about large scale applications came from, though doesn't really illustrate my point as well as I'd like.

The last benchmark, the Eratosthenes Sieve, simply demonstrates the vast differences between VMs, and that Java obliterates C#. No surprises there.

I hadn't seen this report before I posted here. I looked it up to make a point, and hopefully you can see my point. In no case is Java "running like a slug" compared to native code.

There are lots of other reasons why you experienced slowness in your applications. The GUI being used, your choice of VM (surprisingly, native compiled Java code using GCJ often underperforms bytecode run in a VM!), or perhaps, even the quality of the code being run. It is quite easy to program something in a sloppy way that will reduce performance.

So, I simply disgaree, and would very interested to hear of a benchmark in which a recent, performant Java VM vastly underperformed a native implementation of the same algorithm. To my knowledge, Java compares quite well in 95% of applications.

And for P2P, well, what can I say? We're not exactly taxing our systems with a P2P app, now are we? I would think it would be FAR more important that you can make a cross platform P2P solution than egding out and extra 2% performance on the GUI response time. After all, it *is* a network, and we want it running in as many places as possible.

Oh, and for the record, I'm not a Java zealot. I'm an open source/free software zealot, and for that reason, don't like the rather closed nature of Sun's VM and libraries. You can call me a Python zealot though, since Python is my language of choice for personal projecs. I only use Java for professional projects.

Re:Written in java? Oh dear...

[larytet]

and interestig screenshot here http://larytet.sourceforge.net/images/tests/2clien ts_10MbitLink_300Mdata.PNG

Re:Why be C? One Reason.

[Nom+du+Keyboard]

what would compel anyone to act as C?

The knowledge that you're saying F-U to the **AA?

Anonymity = supporting piracy

[d_jedi]

Sure, there are some privacy advocates who (perhaps justifiably) don't want there to be any way to trace what they download (but there are better ways to do this, I think).. but the main use of hiding your IP address in a P2P application is to facilitate piracy.

Re:Anonymity = supporting piracy

[izomiac]

Just like having curtains means that you're doing something illegal inside your house. Same for using SSL, or objecting when someone stares at your laptop screen on a plane. You're almost certainly right about people using it that way, but that doesn't mean that it shouldn't be implemented. I for one do not want to explain to a school techie that something I downloaded is in fact legal even though it's an mp3 or whatever.

heh...

[AugstWest]

Rodi can also be used from behind corporate firewalls and LANs using Network Address Translation (NATs), something most home gateways have

"Hello, Security? Hi, I need to have NATting set up for my workstation. What? Oh, just a P2P filesharing app. Yeah, it's pretty cool, it's fairly anonymous, and it can spoof its IP, and it.... Hello?"

This is stupid

[autopr0n]

if you let your machine be used to serve something from someone elses hard drive you are not anonymous. So the riaa will sue you, rather then the actual user.

Sounds smart (not).

Actualy, true anonymity can be acheved by forging UDP packets (invalid from address).

Re:This is stupid

[zcat_NZ]

Care to explain how that works to all the backbone operators, ISP's, nntp server operators, mailserver operators, hosting sites, etc.. ?

Hmmm it's gonna haveto offer something good

[advocate_one]

to get people to ditch torrent... had it been backwards compatible and able to use existing torrent files then it would probably take off fast... but having its own file format (.rodi files) may condemn it like .ogg vs .mp3... everyone knows what a .torrent and an .mp3 are... but a .rodi and an .ogg???

Bittorrent is a better FTP

[clenhart]

... Not a better P2P app. This is pointless and likely will slow down the download of legal ISOs, such as Redhat, Debian, etc.

Keep in mind that RIAA is killing multi level pricing of software, and pushing people to open/free software.

Why Java?

[SComps]

Admittedly development language is largely a choice based on preference, but why java? Didn't azureus teach anyone anything? Once that gets on a torrent for more than a couple of hours my system starts perfoming like it's getting ready to die.

Java (in my experience and opinion) just isn't really suited for large scale, multi connection applications. It's nice for the one off, fill in this form, play this game, do this task stuff, but long running processes need something that's a bit more lean and economical with the resources.

Re:Why Java?

now thats a bull! i got azureus open for days with plenty of things in it (i try to help seeding smaller distros) running on a crappy puter with fedora as means of survival, besides that many different apps are also used = NEVER a problem!

Re:Why Java?

[anarxia]

Java (in my experience and opinion) just isn't really suited for large scale, multi connection applications. It's nice for the one off, fill in this form, play this game, do this task stuff, but long running processes need something that's a bit more lean and economical with the resources.

That was the funniest thing I've read today.

Re:Why Java?

[SComps]

you're either very lucky or I'm very unlucky. In either case, I stand by what I've said and qualified by stating that it's what happens *in my experience*

If you want to be an AC evangelist thats all well and good, however it doesn't change what I stated, and stand by. I'm sure there are people that have had good experiences such as yourself, and those that have bad experiences like me, and probably every strata in between. It's the beauty of life.

At least I put my name (and karma) on the line for what I believe.

Re:Why Java?

[SComps]

why funny? (I'm oddly being serious here) I don't claim to be a java guru, or even mildly proficient.

The tasks I've seen java well suited for are such as those I mentioned before, ok, Compiere is pretty cool if you can get it working but there's exceptions to everything *grin*

In the largely unscientific experiences I've had, java works great for those types of things, but given a hard load of constant activity it tends to bog down and start consuming a LOT of memory and cpu. I'm not saying it's a *BAD* thing here either nor am I slamming java. I firmly believe in the right tool for the job, and I'm honestly asking if java *IS* that tool and why? So far I've been told I'm a liar and a comedian, but still no real answers.

Re:Why Java?

[jtogel]

Well, a year or so ago I participated in designing and implementing a system that handles instant messaging and session handling for Swedens largest web community. It has well over a million users, 50 000 of which are online simultaneously - and that's fifty thousand persistent tcp connections, not fifty thousand http requests now and then.

All in Java. Works flawlessly. Even on top of Windows servers.

It's true that Java was once not very well suited for heavy duty network tasks, but since the advent of nio (New I/O) in Java 1.4 that is very much a thing of the past.

Re:Why Java?

[SComps]

thank you! :) This is just the sort of information I was looking for. It's very possible I'm dealing with older applications, or applications not taking advantage of the new capabilities.

Re:Why Java?

[anarxia]

I found your comment funny because there are 1000s of enterprise-grade applications written in Java.

No offence, but I think you are either misinformed or your experience was limited to badly written applications.

Re:Why Java?

[SComps]

Oh come on. after it's been discussed rather civilly wtih merely a flicker of a flame, it's modded flamebait?

Re:Why Java?

[SComps]

That's entirely possible, which is why I'm actually asking the question rather than (as implied by the moderation) trying to pick a flame fest.

Re:Why Java?

That doesnt mean they are actually any good or efficent at what they do. Java -IS- slower than C and C++. It's easier, faster and thus cheaper to write programs in Java, which from a business perspective makes it an obvious choise. Not to mention the hype that said "the future is java", which lead to, amongst other things, the adoption of java as programming language in just about every university on the western hemisphere (and probably some other places too). And just because there is x number of morons doing something, doesnt make it right.

Every tool has it's use, java is easy to learn, easy to use but not the most powerfull tool there is. But hey, it works from time to time :-)

Re:Why Java?

Azureus the bit torrent client uses java, and it works great (better than the real bit torrent for me the majority of the time) i dont see why rodi can't use java.

Also c/c++ sockets are damn confusing, i dont blame the creaters to choose not to use them.

Re:Why Java?

[Decaff]

That doesnt mean they are actually any good or efficent at what they do.

But they are. A good example is Tomcat, Apache's Java application server. It has a reputation for very good performance and efficiency, and is widely used. It is so efficient it can come close to the Apache http server even for static page serving.

Java -IS- slower than C and C++.

Just not true anymore.

BitTorrent is for legitimate uses

If people want to use an anonymous distribution system for illegal downloading, let them. That would reinforce the idea that BitTorrent is for legitimate transfers.

Re:BitTorrent is for legitimate uses

[g0bshiTe]

I agree, from the summary write up this app appears to be written for one purpose.

Re:BitTorrent is for legitimate uses

[larytet]

...and write up is completely wrong. visit the project page to finf out

Riaa

so now the RIAA can sue 3 people for the same mp3 download. What an innovation. I am sure the RIAA will love it.

Linux? Cross-platform.

[MarkByers]

Java is cross-platform. Linux / Windows / doesn't matter - it will work anywhere the Java runtime is ported.

I don't see how this piece of software has anything to do with Linux.

MUTE

[MarkByers]

I haven't read how this softare works yet, but I can explain a bit about how a very similar piece of software called Mute works.

The paths between the sender and receiver are of variable length, between 2 and 5 links. If you are C and you receive a query for a file from A, you cannot be sure that A was the start of the chain. More often than not, A was simply forwarding a query from someone else. There is no easy way to see where the query originates from, even if you own a relatively large number of the nodes on the network.

Re:MUTE

[Will2k_is_here]

So if I understand this correctly, does that mean there can be several C's in this chain? Therefore, the only liable party is the original distributer (B), but there can be several C's involved making it difficult to hunt down B.

That is just for Mute? Rodi?

Re:MUTE

[MarkByers]

does that mean there can be several C's in this chain?

Yes.

making it difficult to hunt down B.

Yes. If you are not talking directly to B there is no easy way to get their IP address. Even if you are talking directly to B, there is no way to proof that it is B, and not just another C. They have plausible deniability. The same applies to A.

That is just for Mute? Rodi?

There are other similar implementations, not just Mute. There is a port of BitTorrent to I2P that works in a similar way. Other programs exist too.

I'm not sure about Rodi. From the summary it seems that Rodi is less secure, but i would have to read the specification to be sure. The Slashdot summary is often misleading.

Re:MUTE

[Rei]

Transfers in Rodi are direct P2P, at least if I'm understanding their site correctly. Only searching is anonymous. They were a bit vague about the IP spoofing, and given that, I wouldn't be surprised if it's not implemented yet.

Re:MUTE

[mav[LAG]]

Is there a point D? Just for the Mr Prossers among us :)

snake oil

[harlows_monkeys]

So A actually connects to C, instead of B. If this becomes popular, the law will simply be changed to hold C liable from any illegal material A downloads through C from B.

The law will provide that C can get out of trouble by coughing up B's address.

Anyone who offers an anonymous P2P service is offering snake oil.

Re:snake oil

[Mike+Buddha]

the law will simply be changed to hold C liable from any illegal material A downloads

And in the process will hold all of the owners of all the routers through which all the data passes equally liable.

Re:snake oil

[harlows_monkeys]

And in the process will hold all of the owners of all the routers through which all the data passes equally liable

It's trivial to write such a law so that it would not hit routers, ISPs, etc.

Laws get to take into account intent and context.

Absolutely Correct

[JudgeFurious]

Sometimes you just want to be able to go to Baskin & Robbins and order a couple of scoops of "Cherries Jubilee" without getting spam from the Cherry Growers of America or some such bullshit. Not having your name, address, and buying habits sold to everyone under the sun is a good thing and the same general purpose is served here.

Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

Wanting anonymity doesn't necessarily mean your doing something illegal.

No, it doesn't. But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities.

Now, as a general principle, I don't like restricting people's behaviour without a very good reason. More specifically, I don't believe in automatically banning things that have legitimate uses just because they also have illegitimate ones.

However, I also believe that with freedom comes responsibility, always. In exchange for the freedom to use these tools for their beneficial purposes, you take on the responsibility of not abusing that trust.

Sadly, not everyone can be trusted to act responsibly; if they could, we wouldn't need laws and police and armies. What's needed is a balance where those authorities don't interfere with someone exercising their freedoms responsibly, but can interfere when the trust is abused.

And that is why, on balance, complete anonymity on the Internet is not a good idea. I have no problem with being anonymous for routine use, but if you can't even be identified in the face of overwhelming evidence of a crime, backed by an order from the lawful authorities, something's wrong. At that point, for everyone who could genuinely take advantage of true anonymity to make a contribution to society -- and I'm sure these people do exist -- how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?

Re:Why anonymity tips the balance too far

[jarich]

Sadly, not everyone can be trusted to act responsibly; if they could, we wouldn't need laws and police and armies. What's needed is a balance where those authorities don't interfere with someone exercising their freedoms responsibly, but can interfere when the trust is abused.

Excellent point. What the /. crowd needs to understand is that if we fail to regulate ourselves, the government ~will~ step in and do the regulation for us.

Re:Why anonymity tips the balance too far

[giorgiofr]

for everyone who could genuinely take advantage of true anonymity [...] how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?

Well, probably a LOT of them. But that has not stopped us, and must not in the future stop us, from using crypto & friends. Your argument might be valid or not, I'm not supporting either side here; but I think that such reasoning should be applied to any use of "defensive techniques". Why are you not taking the same position against PGP and friends?

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

Why are you not taking the same position against PGP and friends?

Who said I'm not?

I take the pragmatic view that, ultimately, you have to trust courts and their officials to act responsibly. If you can't assume that, then you've already lost anyway. That being the case, if a judge (or suitable equivalent authority) feels that information is necessary for the court to reach a just decision, then they must have the ability to demand that the information be brought before the court.

Under those circumstances -- when there's a properly conducted trial, and a proper authority requires the disclosure of information that you've sent in encrypted form for the purposes of that trial -- I have no problem with drawing inferences if you refuse to provide that information to the court without an adequate explanation. That would be contempt of court and/or perjury, just the same as any other refusal to give evidence as the law requires.

In other words, it's not the encryption I'm concerned with here. Go ahead, knock yourself out with PGP or any other such tool. Just know that if you are charged with a crime and brought before a lawful authority, you may be required to disclose that information if it's relevant, and you can be held accountable for your actions regardless of the encryption. This accountability is what anonymity removes, and why anonymity is therefore so dangerous.

Re:Why anonymity tips the balance too far

[giorgiofr]

I don't really agree with you on the subject of the courts having this right to basically ask you to turn everything over to them because they're Good Guys -- however I do not wish to discuss that, we're all entitled to opinions.
What I would like to stress is that, to paraphrase your words, you may be required to disclose that information if it's relevant and if it's known to exist! I can use crypto systems where it's simply not possible to be sure of the existance of info; where you cannot tell bogus data apart from meaningful data. This destroys accountability very well, as courts would not ask me for info they are not even aware of.

Of course, anonimity is dangerous. Just like everything else, just like any other technology; but we should not base a judgement about people's right to use it on the potential dangers. Rather, we should discern, case by case, whether people are abusing it to perpetrate evil, in which case they should be punished for their evil deeds and not for using anonimity, or using it to further some good cause. (OK, overly simplistic :) In the end, it should be a matter of punishing offenders for what they do rather than demonizing tools which are inherently neutral.

Nice to meet people who can debate with self control on /., BTW.

Re:Why anonymity tips the balance too far

[h4rm0ny]

For myself, I would be interested in using an anonymous system not because I especially care to commit crimes with it, but because I no longer trust the powers that be. I am seeing too much abuse going on right now, and have too good a knowledge of history to feel comfortable with all of my lifestyle exposed to the governments (and these issues cross national boundaries remember).

I now believe that if we create an environment friendly to a dictatorship, then a dictatorship will take route. A society without privacy is such an environment.

You could have a society without privacy if you also had a society without guilt. But it is even less in the interests of the powers that be to foster that, than it is to allow privacy where they can stop it.

My £0.02.

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

I don't really disagree with much of what you wrote there, actually.

To give a concrete example of the court judgement/information existence issue, in order for you to be in court and compelled to disclose some information you sent in encrypted form, there must first be a case to answer. If you'd been logged attempting to download several new movies from a MPAA plant then, possible entrapment issues aside, the court would hopefully find that there was a reasonable case to answer, and you could be compelled to disclose what you downloaded as evidence (or inferences could be drawn if you refused).

If, however, the MPAA just wrote to a court and accused every student at a university of illegally ripping movies because the university has a high-speed Internet link, without further evidence, then there is no substantive case to answer. Now the courts should tell the MPAA where to go without troubling the students for any information about their downloading habits.

Rather, we should discern, case by case, whether people are abusing it to perpetrate evil, in which case they should be punished for their evil deeds and not for using anonimity, or using it to further some good cause.

Normally (substitute "a tool" for "anonymity") I would agree entirely. But what's special about anonymity is that even if you do discern that someone is doing something to perpetrate evil, you can't then hold them accountable for it, ever. There is no concept of responsibility to balance the freedom of the system, at which point nothing else matters. I don't object to BitTorrent. I don't object to PGP. I don't object to using an alias on-line. I do object to making people immune to the law, particularly when it's very likely that many of their actions are in fact illegal.

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

I sympathise with your argument. I have always agreed that some people will lose out on genuine benefits if true anonymity cannot be guaranteed, and first among them will always be those who seek to oppose the establishment.

The only comfort I take from this no-win situation is that as long as separation of powers is maintained, even the police/government/etc. can't get your information legitimately without a valid court order, and they must make their case to the court just like anyone else.

Of course, whether certain government agencies ever bother with doing this properly is open to debate, as is whether courts are necessarily truly unbiased. I suspect the answer is no in both cases, even to some extent in our "civilised" cultures. However, if you're on the wrong side of either of these, you're probably screwed for far more serious reasons than a lack of on-line anonymity anyway.

Re:Why anonymity tips the balance too far

[h4rm0ny]

The only comfort I take from this no-win situation is that as long as separation of powers is maintained, even the police/government/etc. can't get your information legitimately without a valid court order, and they must make their case to the court just like anyone else.

It isn't with any pleasure that I tell you this, but the legitimate channels to get the information are frequently ignored. I'll not go into details, but this is the case. It is only in an instance where the victim (for want of a better word) is able to challenge the given agency through a legal channel that it becomes relevant. The police are more cautious about this, the intelligence agencies far less so.

I do see a way out of the no-win situation though, if it's any consolation. In between the two battling forces of government and the eternal revolution, we can work on making the battle less intense by undermining the causes. Making the government less oppressive and making the free more responsible reduces the tension a degree. Every little helps in whatever way we can. Pressure the government to behave with one hand, make it redundant with the other and we claw our way back from the pit.

It doesn't have to be endlessly escalating cycle of oppression and subversion.

But I'll still support anonymity for now.

Re:Why anonymity tips the balance too far

[giorgiofr]

Well, in the end I guess we pretty much think the same :)

I fully understand your concerns about making people immune to the law, and I must say this is something that still needs to be worked on a lot; the circumstances to which these new tools can lead us are somewhat new and the legal system will probably have some problems assimilating them.

Two points, though. I am worried because I am pretty sure that, just like ancient behemoths seem to like doing these days (see MS, *AA, and other ones), the legal system will choose to enforce its old model against a new one (whose existance will be acutely felt by the average tech-savvy progressist) by ways of more and more draconian laws. This worries me quite a lot.

Also, on the subject of responsibility to balance freedom: honestly, I reject the notion that a system has to balance freedom. It is the most valuable and the single most important thing in our lives -- it IS our lives, and as such nothing should step in and limit it. I do not wish to compromise at *all* on my freedom. So I will go on and admit what most supposed freedom fighters around here are loath to admit: that there is a price to pay for freedom. In the case we are discussing, such price consists in not being able to identify the perpetrator of a crime. I am willing to pay this price, more people are not, I seem to understand you are not, too -- perfectly fine. When the day comes that I suffer some kind of harm and the &$$hole responsible for it can't be found, I will say: That's ok, that's the price. I value my freedom more than this.

Of course this argument of mine is made easier by my strong belief (and past experiences including robbery and aggression confirm this) that our systems do not protect us *anyway*, so why would I want to pay for a service I do not receive? Might as well do without it and at least enjoy my freedom. From your posts I understand that you have more faith in your system, so you are willing to compromise because you see a value in this service called "country", "state" or whatever it is.

I just wish it could be easier for people like you to enjoy your system while people more like me enjoy a different one; a situation where everyone can find something for his taste. But I really don't see this coming.

Re:Why anonymity tips the balance too far

[arkhan_jg]

Anonymity is either something you have, or you do not.

It's only a day after one of the biggest anonymous sources finally outed himself after 30 years. Imagine if Nixon had had the power to find out the identity of Deep Throat, and the identity of the people who provided the information he confirmed at the time. How much would he have got away with then?

And that is why, on balance, complete anonymity on the Internet is not a good idea. I have no problem with being anonymous for routine use, but if you can't even be identified in the face of overwhelming evidence of a crime, backed by an order from the lawful authorities, something's wrong.

Who decides what is a legitimate use of anonymity?
The government? If you don't like the Nixon example, pick any repressive and corrupt government, and give them the power to control or ban anonymous programs that people use for free speech - which is what you're talking about.

Such software (freenet being the best example) by definition allows the distribution of material that some people don't think should be published. This includes chinese dissidents, or operation clambake (the fight against scientology) - or copyright infringement.

Such is the nature of anonymity - you either take the bad with the good, or you try to get rid of anonymity altogether, and even then you'll just force people underground.

Copyright infringment is a good example of this, in fact. Large numbers of people do not feel the copyright laws are fair or legitimate, or they'd abide by them. Since governments are trying to crack down and enforce the laws, they just end up pushing the lawbreakers further and further away from enforcement. The government's only real option is to ban the software altogether, and thus allow people to be convicted for trying to be anonymous, regardless of what they were actually up to.

Re:Why anonymity tips the balance too far

[peachpuff]

"But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities."

Based on my experience with other file-transfer methods, I'd guess that the majority use it because the stuff they want is being distributed through it.

"I have no problem with being anonymous for routine use, but if you can't even be identified in the face of overwhelming evidence of a crime, backed by an order from the lawful authorities, something's wrong. At that point, for everyone who could genuinely take advantage of true anonymity to make a contribution to society -- and I'm sure these people do exist -- how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?"

I've never bothered with that level of anonymity, but I think it should be available. The sad fact is, most of those people you've listed don't bother with it either because they don't need it. They way governments currently handle them is, I think, evidence that if "hard" anonymity makes a difference, you're probably being persecuted.

Re:Why anonymity tips the balance too far

[conteXXt]

Not going to comment on your whole port (lots of other have already) but this struck me odd:

"No, it doesn't. But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities."

and my point is ....So what?

You do know that alcohol USED to be illegal too right?

Yes that includes a beer in private at you buddies house on a Friday evening etc...

Not all laws are just. If enough people break the laws that disobey "common sense", they eventually get changed.

Civil Disobedience lives (although it needs a health plan lately).

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

Also, on the subject of responsibility to balance freedom: honestly, I reject the notion that a system has to balance freedom. It is the most valuable and the single most important thing in our lives -- it IS our lives, and as such nothing should step in and limit it. I do not wish to compromise at *all* on my freedom.

I do understand where you're coming from, and other things being equal I'd agree. In fact, I'd love to live in a world where we could all exercise the kind of freedom you describe, secure in the knowledge that we would come to no harm through others doing likewise.

But that's the problem: what happens when, in the harsh real world, your rights and freedoms come into conflict with another individual's? In a system with no checks and balances, the only possible conclusion is for one or other to lose out unfairly, because by definition any infringement on anyone's freedom is unfair.

This is why I take a "pragmatic liberal" view that by default everyone should be free to do anything they wish, with the number of restrictions on this as small as possible and robustly justified on an individual basis.

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

Who decides what is a legitimate use of anonymity?

By default, any use is. It should require at least an order from a court of competent authority to compel the disclosure of an identity. As I've discussed with another respondent, that may not be ideal, but it's the pragmatic benchmark on which everything else in the legal system rests. There's nothing special about anonymity on the Internet, nor any reason to use a different mechanism to assess what is or is not reasonable.

The government? If you don't like the Nixon example, pick any repressive and corrupt government, and give them the power to control or ban anonymous programs that people use for free speech - which is what you're talking about.

I knew someone would come up with that counter; actually, I'm surprised it's taken this long. The problem with it is this: under the sort of regime you're talking about, they don't ban the anonymising software, they shoot you without a second thought and then they probably charge your family for the bullet. The actual benefits of "free" speech on the Internet under an oppressive regime that's prepared to take such action without conscience are few indeed.

Copyright infringment is a good example of this, in fact. Large numbers of people do not feel the copyright laws are fair or legitimate, or they'd abide by them.

Unfortunately, that's a non sequitur. An equally plausible alternative is that significant numbers of people know damn well that what they're doing isn't fair on others, but their selfishness overcomes this and they do it anyway.

Re:Why anonymity tips the balance too far

[Minna+Kirai]

Not all laws are just. If enough people break the laws that disobey "common sense", they eventually get changed.

If you want laws to be changed, break them in full view of the police and the media, and dare them to arrest you. Confront them with the damage the bad law is doing to you, an ostensibly decent person.

Civil Disobedience lives (although it needs a health plan lately).

Martin Luther King was famous for civil disobedience. He explained it like so:

I submit that an individual who breaks a law that conscience tells him is unjust, and who willingly accepts the penalty of imprisonment in order to arouse the conscience of the community over its injustice, is in reality expressing the highest respect for the law.

But, anonymity isn't part of that process! It's the opposite of "willingly accepting the penalty". Trying to be anonymous is not working to get the law changed- it's just an attempt for you personally to ignore that law, leaving it in place to harm everyone else.

Re:Why anonymity tips the balance too far

[conteXXt]

ok. I agree on anonymous (obviously)

But in spirit, people don't see anything wrong with it (or giggle like schoolgirls and do it anyway)

Are we prepared to lock people up for mandatory minimum sentences for sharing stuff they like?

Silly me, Of course we are. And have been doing it for years.

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

"No, it doesn't. But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities."

and my point is ....So what?

So not only do the copyright infringers (arguably the lowest threat on the scale) get away with it, but also all the other less savoury types I've mentioned in this thread (many of whom do real damage to real victims).

You do know that alcohol USED to be illegal too right?

And look how long that lasted, without requiring anonymous communication over the Internet to topple it. No government can maintain prolonged oppressive laws against the will of the population for extended periods. Even the most undemocratic nations of the world are starting to realise this, and history is littered with revolutions (and a very occasional peaceful transition to democracy) that tell how these stories will end.

Civil Disobedience lives

As the other reply to your post mentioned, civil disobedience doesn't mean ignoring the law and pretending it doesn't apply to you, it means wilfully breaking it with as much attention on you as possible, and accepting the consequences to demonstrate how unjust they are. Being identifiable and accepting responsibility for your actions is at the very heart of civil disobedience.

Re:Why anonymity tips the balance too far

[maxume]

Laws are much more about establishing a common definition of what responsible behavior is than they are about trust.

One inflamitory example would be me believing that you missing morning worship was irresponsible and imprisoning you in order to force you to worship at 7:49. Any reasonable person(by my definition) would identify my behavior as 'irresponsible' and yours as benign. In this case, the law serves to inform me as to the expectations of those around me, allowing me to appear to be responsible and avoid penalties. Whether you trust me to do this has little to do with it.

Re:Why anonymity tips the balance too far

[ninejaguar]

And that is why, on balance, complete anonymity on the Internet is not a good idea.

This is why you'll never be voted in as dictator for life. There is and never will be complete anonymity as long as two points are the beginning and end of a communication. There is only obfuscation and misdirection. There will always be an un-obfuscator and un-misdirector, and a way to trace or triangulate. Any attempt to fend off snooping/tracking is another step closer to freedom and privacy (for whatever purpose people put it to, it's not up to you as an individual to decide for society as a whole, only for yourself), but only a limited privacy and temporary freedom.

= 9J =

Re:Why anonymity tips the balance too far

No, it doesn't. But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities.

So? Why should the actions of the majority affect my individual rights? Because the RIAA/MPAA is losing money?

However, I also believe that with freedom comes responsibility, always. In exchange for the freedom to use these tools for their beneficial purposes, you take on the responsibility of not abusing that trust.
What 'trust'? Who's trusting me, and why should I feel obligated to them? When did I agree to trade my freedom to download stuff for other freedoms - and why should there be a correlation anyway? The word 'trust' imposes a burden on me that I never agreed to. This exchange you speak of - I don't remember agreeing to that.

Sadly, not everyone can be trusted to act responsibly; if they could, we wouldn't need laws and police and armies.
That's because not everyone agrees with draconian copyright laws - and, even if they did, trust would have nothing to do with it. Trust is between two individuals, not between an individual and some hazy ever-shifting entity (eg. gov't). People can't be "trusted" because people feel nothing for the bureaucracy that governs them. Maybe it's just me, but I don't want a big brother.

how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?

Again, so? I don't care how many people abuse the system, or get away with it. That doesn't make it right to restrict freedom. New laws aren't going to stop spam, virus writers, phishers, fraudsters, etc.

Re:Why anonymity tips the balance too far

[giorgiofr]

I see your point. Your reasoning is quite similar to what philosophers in the Renaissance thought about society: society is born when people surrender some rights in order to receive some benefit. In this case, the benefit consists in the feeling of security: "we are basically good guys, but when a (rare) evil-doer messes with us, our country will defend us and punish him".
As we can see everyday, the usefulness and correctness of such a pragmatic liberal system ultimately depend on the powers who are appointed to enforce it.
I think that we have reached/are reaching the point where the powers appointed to serve society (because this is their role in the system you describe) are doing everything but this. I am sure you would not find it inappropriate for a Chinese to use anon & crypto to defend himself from his own gov't, even though these tools are effectively making him immune to the law. Now, of course in old Europe we are not dealt with like the chinese masses, yet... how long before we are? And in the case of the US, I think you already are in a worse condition than us, regarding freedom.
Most people would label the system I describe as utopyan (and they'd be right), but I think that *nowadays* (because it hasn't always been like this) a pragmatic view is just as utopyan.

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

As we can see everyday, the usefulness and correctness of such a pragmatic liberal system ultimately depend on the powers who are appointed to enforce it.

Indeed. Any society must trust some representatives to act in the interests of that society at some stage. If these representatives do a good job, things work well. If they take advantage of their position and don't get caught, then society gets screwed. This is the weakness of the system, and the only defence we have against it is an adequate set of checks and balances, which is why principles such as separation of powers are so important.

I am sure you would not find it inappropriate for a Chinese to use anon & crypto to defend himself from his own gov't, even though these tools are effectively making him immune to the law.

No, I personally have no moral objection to that. My point on this subject is that the tools provide little more than theoretical benefits to someone under such a regime. If the state finds you've even got the technology for anonymous communication, it's like to decide that you're a threat without further consideration, and it will happily send you to sleep with the fishes for it. Anonymity doesn't help much in the absence of oxygen.

I have always acknowledged that there are genuinely beneficial uses for anonymity; my feeling is simply that they are mostly illusory since it's unlikely many people will ever be able to take advantage of them, while the genuine benefits of not granting total anonymity are real and widespread. Ultimately, there's no one right answer here, and all you can do is try to balance the pros and cons to get the maximum benefit possible.

Re:Why anonymity tips the balance too far

[Anonymous+Brave+Guy]

Blockquoth the AC:

So? Why should the actions of the majority affect my individual rights?

The actions of the majority will always affect your individual rights. That's the nature of our society. If you don't like it, feel free to move away to an isolated island in the middle of nowhere and take your chances alone.

What 'trust'? Who's trusting me, and why should I feel obligated to them? When did I agree to trade my freedom to download stuff for other freedoms - and why should there be a correlation anyway? The word 'trust' imposes a burden on me that I never agreed to. This exchange you speak of - I don't remember agreeing to that.

You probably didn't agree not to murder anyone either, yet society will condemn you if you do. This is the basic principle of law: rules are established that are acceptable to most people, and those who violate them are punished by the majority. Of course it's not perfect. Sometimes the system gets it wrong, or the will of the people changes, and it's necessary to add or remove or change laws to reflect this. But that's the system, and as long as you live in it, you have to play by those rules. If you don't like them, you can try to get them changed, and if the majority of the people support you then sooner or later you will.

Again, so? I don't care how many people abuse the system, or get away with it.

Perhaps you've never seen counselling for a child who was sexually abused, or talked to an elderly person who was tricked out of their life savings. When you have, your perspective changes. It's easy to make an AC post to Slashdot and proclaim that you will never negotiate with terrorists, but not many people could say that if the gun was pointing at their child's head. Perhaps society would be a better place if we could all be so principled and dispassionate, and I'm sure a few of the people who advocate such principles here genuinely believe in them. Sadly, I suspect that most of them are more concerned with being able to selfishly abuse the system under a smokescreen of legitimacy than with bettering society.

New laws aren't going to stop spam, virus writers, phishers, fraudsters, etc.

No, but locking a few up and throwing away the key would help, and being able to track down where the illegally obtained money went would go a long way to undoing the damage.

Re:Why anonymity tips the balance too far

[sjames]

And that is why, on balance, complete anonymity on the Internet is not a good idea. I have no problem with being anonymous for routine use, but if you can't even be identified in the face of overwhelming evidence of a crime, backed by an order from the lawful authorities, something's wrong.

There are many reasons why someone would want to be anonymous on the net. I won't even attempt to guess them all, but I can list a few of the highlights:

1. Violating copyright
2. Just don't like the idea of busybodies knowing their business
3. Whistleblowing, reporting dangerous criminals, political speech from within or about a repressive government

Cretainly, I'm not in favor of item 1, but as a whole, it does little damage to society (some have even argued that it ultimately does no harm or even has mild benefit to the copyright holder ). I do know that *AA et. al. have been claiming that internet file sharing would destroy their industries since Napster appeared on the map. That was nearly ten years ago, and they don't appear to be suffering at all. The fact is, NNTP and FTP were already facillitating that sharing before there was Napster, but it didn't get publicity. The 'damage' was sufficiently small that *AA and co didn't even notice it. Some have argued (perhaps correctly) that Microsoft's market strategy actually DEPENDED on copyright violation.

Item 2 is quite common, and in an age where rabid advertisers frequently do the moral equivilant of shooting customers with a tranquilizer dart followed by a rectal exam and a perminant forehead tattoo, who can blame them?

Item 3 is nevertheless of the utmost importance. It is widely recognized as the form of free speach deserving the strongest possible protection. Many are of the opinion that respect for basic human rights may one day become nearly universal iff this form of anonymous speech is available (or at least that without free anonymous speech, universal respect for basic human rights cannot become a reality). Law enforcement frequently depends on anonymous crime reports when tracking down the most dangerous criminals. Without it, witnesses may be too afraid to report what they know.

I'll take political free speech and whistleblowing at the cost of copyright violations any day. Although cases of #3 are vastly outnumbered by cases of #1, each case is vastly more important than all of #1 in the scheme of things. The fact that it also allows for consumer privacy against rabid advertisers is a big bonus, but unnecessary to my choice.

Re:Why anonymity tips the balance too far

... vast majority of people using a tool like this are doing so because it shields their illegal activities.

I want to be anonymous for all my activities. Both those that fit within the current laws and those that don't. Damnit, I fed the troll.

Re:Why anonymity tips the balance too far

[Harik]

I do object to making people immune to the law, particularly when it's very likely that many of their actions are in fact illegal.

Sweet. So anonymity is a tool that can kill people, rape children, blackmail, extort, vandalise and park in handicapped spaces? And by using it I'm above the law?

Anonymity is actually a GOOD thing for law enforcement. Pedophiles trade with each other, murderers brag, etc. The alternative is that they never communicate at all. Anything they say is a clue as to who they are and what they did. Especially the pedophiles. I know of one that was caught based on anonymously traded photographs. Even with faces blacked out, they placed where the pictures were taken (A disney hotel room) and the timeframe (based on the decor).

So yes please, let's shut down all the anonymous networks.

Couple things:

[amichalo]

(1) It's "Build a man a fire..." that starts the quote. Your quote doesn't make sense.

(2) You have a great point that the broadcast infrasturucture would suffer - but there are ways to combat this:

- by distributing purchased content, royalties from these purchases would offset the cost of royalties to broadcast the same content. This would lower operational costs for broadcasters

- purchased could be limited (to start) with "re-runs". There are plenty of cable channels now that just show re-runs. If those went off the air because of the iTunes Video Store, I for one would not shed a tear

- purchased content could certainly have ads in it and those ads would probably sell far higher than a one time prime time ad because they would be forever archived with the media.

- the player could have ads built in. The movie is encoded with "ad" flags at certain points and when that point is reached, there is a 30 second pause and the player displays a randomly selected ad from the server.

Sure, not all these solutions are ideal, but broadcast TV hasn't really ever changed - even the broadcast-to-cable-to-satelitte switches have been evolutionary. This is a chance for the industry to evolve.

Re:Couple things:

[jcdick1]

You are right that the industry could evolve with this, but I don't see the producers being willing to share that much money from online purchased content with the local broadcasters, as this would amount to basically a massive subsidy. You know as well as I do, they wouldn't want to give up that much of the pie.

You may not shed a tear for the loss of TVLand, but putting together a nationwide cable network is not cheap, and after spending the resources in acquiring rebroadcast rights to programming and getting space on a channel spectrum and all of that, they aren't going to want to just close up shop. Which you and I know wouldn't necessarily be the case, but the suits don't see it that way.

I also think that consumers would balk at included advertising just as they would if the shows currently released on DVD included ads within the content. This is one of the driving reasons for the popularity of purchased or rented telelvision DVDs now - watch the whole episode with no interruptions for ads. Unless the ads were the exact same ones used in original broadcast, for novelty's sake.

Online distribution of content would impact the current market way beyond what iTunes has done for music. This would have the potential to affect the over-the-air broadcasters as well as large investment in cable systems. It took years for the recording industry to even come to terms with what amounts to a relatively small adjustment - media wise, anyway - from traditional distribution methods. They just had to switch from CD to digital file formats. Its a whole different ballgame with film and television.

One can expect the MPAA to fight much longer and harder than the RIAA ever did.

And my sig did make sense, if read correctly. You have to read it as "Light a man a fire..." and "light a man *on* fire..." Its sort of a play on words, of sorts, though not technically a pun. It doesn't work or make sense at all with "Build..." in the position of each relative sentence. I know someone else said something similar, but thats why there are no quotes and no attribution. Its a significant change from the original, and in my opinion, much more witty. Why would one build a man on fire? Though I guess I could take it one step further and make it "Light a man a fire..." and "light a man afire..." Yeah, I think thats even better. Thanks!

Re:Couple things:

[amichalo]

Okay, I do get the sig now - very witty with the "afire" addition. To be clear, I didn't mean to suggest you replace "light" with "build" twice, only once. 'Nuff about that though.

So I think we both agree that traditional broadcasters won't like this new medium - but then again, no industry likes competition or alternatives. Every business wants to have the monopoly. So I am not too concerned that TVLand will have to start offering the TVLandMusicStore.com to buy content off of.

I think on-line distirbution of music or movies or what-have-you is very beneficial to content authors but also providers who add value. Think of TVLandMovieStore.com offering background info on the Brady Bunch as well as forums and of course, the ability to buy any eposiode discussed. That adds value and puts TVLandMovieStore.com in much more control over their revenue stream becuase they can drive buyers to content rather than just getting ad revenue off the re-runs on TVLandTheCableChannel.

Re:Anonymity = Free Speech

[xiando]

All wrong!! Anonymity is not about supporting piracy. It is about something very fundamentally important and much more valuable than all pirated copyrighted works put together: Free Speech. Today it is impossible to state some opinions and political views without running into major trouble. In some countries the local authorities still give you a bullet for saying something against them. Freenet (freenet.sf.net) is a P2P / web anonymity program that has been around for a while. It is very slow and crappy, but it has been in use a while and if you look at the sites there you will find that a huge number of them express opinions and views who could not be shared and stated on a non-anonymous system. The ability to express oneself without risking prosecution is what anonymous peer to peer systems are all about.

Bad analogy

[MarkByers]

A better analogy: Compare it to a taxi driver that was paid to drive them away, but did not know that they were bank-robbers.

You are not required to check that the receiver can legally copy some information before forwarding it on, just as a taxi driver does not have to check that the people he is driving did not just rob a bank.

Re:Bad analogy

No, the taxi driver in this instance has advertised his ability to get you away from the scene of a crime undetected.

Even if he is asking no questions, he is still in knowledge that his services are being used for illegal means.

Re:Bad analogy

[swv3752]

That only works legally if you have common carrier status for forwarding on material.

Exploit

[dtfinch]

Be C.

Re:Exploit

[larytet]

...chain of bouncers may be ?

sign me up!

Now if I'm C, and A and B are trading kiddie porn, I can get arrested for facilitation!

Bittorrent through "net in net"?

[Werrismys]

Bittorrent already works through the tor network and such. Mostly limited nowadays since it was hogging all the bandwidth tho.

fear the reaper

thers no way in hell im downloading anything if thers the slimmest chance of them finding me

http://overstated.net/media/RIAA_PSA.mpg

be afraid be very afraid

Somebody help this guy!

[Augusto]

Are you stuck in a recursive time loop circa 1996?

And C will be sued

[Snaller]

Sounds bullet proof!

Doesn't seem to work in OS X 10.4

[tcoady]

Here is the output which goes into a loop:

CLI started
Project is under active development
Failed to bind socket port 53
Std output redirected
Std err redirected
Look thread started
Publisher thread started
RxDaemon thread started
Download is initialized
Run script file:/Users/tomcoady/Desktop/rodi_0/rodiCore.scrip t
java.net.BindException: Permission denied
at java.net.PlainDatagramSocketImpl.bind(Native Method)
at java.net.DatagramSocket.bind(DatagramSocket.java:3 68)
at java.net.DatagramSocket.(DatagramSocket.java:210)
at rodi.Resources.openSocket(Resources.java:30)
at rodi.Resources$SocketRxParams.restartSocket(Resour ces.java:268)
at rodi.util.SocketRx.run(SocketRx.java:98)
Failed to bind socket port 53

Re:Doesn't seem to work in OS X 10.4

[Ozmandias]

Looks like you'd have to run it with sudo. Otherwise Unix won't let a user process bind to a low-numbered port.

Re:Doesn't seem to work in OS X 10.4

[Creepy+Crawler]

Heh, and I was guessing that you might have put your Gx (where x = 3, 4, or 5) to good use as a bind server ;)

Then again, Bind usually uses udp, right (but can be configured for tcp use...?)

Re:Doesn't seem to work in OS X 10.4

[tcoady]

Sorry did not read README which says

On Linux (only KDE desktop was tested) open terminal and execute command java -jar rodiTimple.jar you probably will have to specify exact path to .../bin/java

Click button SetupWizard on the panel Connect of the GUI front end. Follow instructions.

Re:Doesn't seem to work in OS X 10.4

[larytet]

i am glad that you saw it's working

Perpetual Motion Device

[malcomvetter]

Internet Anonymity is a perpetual motion device.

It just doesn't exist. Once in awhile, someone thinks it does, but then after a closer look (or by the time it's actually implemented), the anonymity no longer exists.

I expect that given recent P2P legal battles, this will be even more likely to prove as being another blighted failure.

It's analogous to all those other falsehoods, that people still claim to hang onto and that marketting folks use for selling:

Unbreakable encryption
100% Security
Completely confidential
Completely Anonymous

If you TCP handshake with a 'trusted' third party on a P2P network, it can be logged. Who actually trusts the people they P2P with anway?!?!?

Re:Perpetual Motion Device

[RichardX]

Sure, you can never get absolute anonymity, but that's not a problem. All you need is "good enough" anonymity, and that most certainly IS achievable.
If the cost of breaking anonymity, either in processing time or in required resources is high enough as to make it basically impractical, then your anonymity is probably good enough.
I2P is close to that stage already, and is expected to be quite a bit stronger by the next major release

I launched it...

[Xaroth]

Call me back when there's a GUI interface instead of strictly CLI.

Re:I launched it...

Hi. You can come back now.
At least, I got a GUI interface from it.
Not the prettiest ever, but not the worst either.

IP Anonimity

[aaarrrgggh]

There are plenty of good reasons for IP Anonimity; "freenets" for distribution of material banned by an oppressive government comes to mind as a useful, non-copyright infringing use.

There are plenty of times that you could want anonymity, where you could be breaking the law of the land, but not be infringing on corporate-sponsored rights.

Re:Agreed. But it's fixable. Here's how.

[swv3752]

It only matters if the the redirectors get "common carrier" status legally. If they don't then it doesn't matter if the end person is hidden, a bunch of people get screwed.

This is really only helpful in mildly oppressive regimes. Say if France bans "Mein Kompf"*, and you want to read you could download it through rodi and avoid being caught with contraband Nazi stuff. but just being a rodi client in say China, would be enough to single you out.

*I have no idea if France actually censors "Mein Kompf", but would be not much of a strecth if they actually did. If you prefer replace Anarchist Cookbook and FBI if you prefer.

sounds familiar

[DjCheeto]

sounds like a concept I suggested back in december when there was a slashdot article about decentralizing bitorrent.

http://slashdot.org/comments.pl?sid=131518&cid=109 80087

Re:sounds familiar

[larytet]

look this http://methlabs.org/forums/showthread.php?t=12918

Is "plausible deniability" a real defense?

[adrenaline_junky]

I have a serious question about all of these anonymous dark-net systems. In each case that I know of they hide IP addresses by bouncing content around from node to node so that a spectator sniffing the traffic at a particular node would not be able to determine if the traffic coming to and from that node is actually destined for it or some other node. There is then "plausible deniability" if someone tries to pin a particular upload or download on you.... you can claim some other party was just relaying through your node.

My question is this: is this fundamentally a REAL defense? Couldn't a case be made that the participants in the network are ALL participating in a conspiracy to knowingly fascilitate piracy / child porn / terrorism / whatever? I've so far not managed to find any Chinese dissident content on Freenet, so I'm not sure to what extent that line of defense would do any good.

Keep in mind that the government doesn't even need to make a GOOD case that they can "win". Just making the case at all means they get to confiscate all the computer equipment and run up legal expenses for the dark-net participants in such a way that most would probably settle just to get their lives back to normal.

P2P for illegal activities (in some countries)

[Ath]

One thing that is interesting is that the MPAA actually is taking a different approach to the RIAA, primarily because they face two different types of P2P-based sharing of copyrighted content.

The RIAA has gone after individuals who share content by tracking content available from specific IP addresses. They then determine who the person is behind that IP address and then sue them. Or sue someone and then find out who they are suing, as the case may be.

The MPAA is handling it quite differently. They are going after the sites who are hosting the URL to the copyrighted content (a Bittorrent file is, after all, just a resource locator). By shutting down the URL, the location of the content is not as easily found.

The difference is important here because you have to decide which problem you are trying to solve: hiding who is hosting the link to the content or hiding who is hosting the content itself. The MPAA approach is quite interesting because, with only one exception that I know of in a jurisdiction in the USA, having a link to the content produces no inherent liability.

I think the whole technical approach is a bit sketchy, from trackerless torrents to anonymous routing of data. Instead, why not focus on specifically taking advantage of the legal defenses?

For example, the DMCA explicitly includes a takedown notification defense. The copyright holder is actually required to inform you that the content is copyrighted, thereby giving you a complete defense of hosting copyrighted content. If every P2P client had an integrated takedown notice option, it seems a very good defense. Say you are in Kazaa, you do a search and find someone hosting a song that has license restrictions (e.g. you cannot copy it without explicit permission of the copyright holder). If you choose to download it, you get a popup that has three options: 1) Inform host that this is copyrighted material, 2) Certify that content is not restricted and download it, thereby agreeing that it is not copyrighted to the best of your knowledge. If option #1 is selected, then the content is disabled and the content host has to reenable access to it.

Perhaps that would end up in the bullshit list of excuses, but it would require the downloader to utilize a takedown notice. If the hoster keeps reenabling access, then liability could be established.

The reason why I think this could be feasible is because of the Napster case. In Napster, the judge explicitly required the RIAA to inform Napster of specific content that was copyrighted and being infringed. Why is an individual less able to utilize this defense?

Is Rodi BitTorrent's Replacement?

Rodi is a small-client P2P application, written in Java...

No.

It's shit like this that gives us a bad name

It's shit like this that gives us a bad name. May as well post an article about how to make bombs, blow up buildings, kill women and children. Stupid !

Holy crap... mod down idiots, it's fake

Slashbot morons.

STOP ADVERTISING I2P

I2P has been mentioned a few times on Slashdot. This, however, is bad; it's still in heavy development, and currently can't handle large network loads due to its inefficient network coding. This will change soon, but at the moment, I2P has to maintain a connection with everyone else in the network; already, some machines running older operating systems can't use the network because it's so congested.

Additionally, the I2P developers prefer to test things on a small, controlled base rather than with a massive and difficult-to-manage network. If a bunch of Slashbots decide to download I2P and then just let it sit on their computers without upgrading it, development will slow down and become a lot more difficult.

In short, no matter how cool I2P is, stop bloody spreading it around until it's ready./P

C = The Man in the Middle

[CodeBuster]

The 'C' node is analagous to the "man-in-the-middle" in the cryptanalysis attack on public key algorithms. How can you trust 'C'? What if 'C' is really the RIAA, MPAA, or one of their agents or minions? The problem is that 'C' knows the REAL IP addresses of both 'A' and 'B' and thus can log them for later analysis or forward them to any number of third parties. Detection could be made more difficult by involving additional middlemen in the hopes that at least some of them are not an agents, but this does not address the root of the problem since there could be entire networks of middle men agents who are all cooperating to log the activities of 'A' and 'B'.

Re:C = The Man in the Middle

[Kwil]

Even if there are networks of agents acting as middlemen, how do they know if the non-agent they're connecting to on either side isn't simply another middleman? They still don't know if they have the final destination/sender.

Re:Agreed. But it's fixable. Here's how.

[godlikenerddotcom]

Dude, Mein Kampf, spell it right. I wouldn't have brought it up, but you misspelled it twice.

Except after C...

...when sound long A as in RIAA & MPAA.

Oh man

[springMute]

F that, this is getting too complicated, there are way too many protocols. Gimme ZModem with error correction and we're all set.

"Anonymous" only outside of a legal mindset...

I don't like the idea of this. Unless they can come up with a more efficent way of making you anonymous, I see Rodi as nothing but a tool that will get other people busted for downloading files that they never really did. Your typical judge and jury will not understand (or believe) how Rodi makes one "anonymous."

Re:I happen to like non-anonymity--NOT

[Vitriol+Angst]

I pay for a lot of things. I don't do drugs. And I don't cheat on my wife.

However. That is good for me. It does not impress me when someone says how honest or loyal or religious they are. Good for them if they are. But no big deal. To me, being good is its own reward.

Why am I making this point? The whole point of our Democracy is government subject to the will of the people. We give people gun permits and laws and ask them to not to harm others. For most people, they do the right thing. We ask people not to steal and most people do not. So, it is an honor system. The government has power and control so long as it doesn't abuse it (well, at least that was the attempt with how the founding fathers structured the government).

When people are anonymous, the honor system breaks down. Hence P2P. Anonymous people do and say things they otherwise wouldn't. But is that wrong? Current news shows that people who suck up and kick down, no matter how unscrupulous, get promoted as long as they support the status quo. Whistle blowers and people of conscience, who go out on the limb, whether it be for investigative journalism or to speak out about corruption, are fired or worse.

Then we have to worry about the coming storm of thought police. How soon until we get public humiliation again (stockades) or tattoo the letter "A" on people's forehead. I've heard worse suggestions on the Neal Bortz show.

But P2P is a check and a balance on corporate and morality control. Anyone with any clue (a rhetorical arguement, but I don't wish to argue that the world is round) can see that corporations have the upper hand with creating protective laws and influencing law enforcement. The government shouldn't be in the business of protecting profits--somehow forgotten in our brainwashed heads is the notion of utility and what government is for. Could you imagine the FBI following a shoplifter home? Or, more accurately, imprisoning someone for making a copy of a dress design on their own sewing machine? In the first place, copyright infringement is not theft--it is loss of revenue. And using laws and police to ensure a profit margin is taking tax payer money. Additionally, we already pay a "tax" on all sorts of media because it "could" be used for copyright infringement. So how can anyone be stealing a product we all paid for?

So, P2P works to force companies to provide utility. If they can't be more convenient or useful as a company--what Utility do they provide a citizen of the United States? Copyright and patent law was originally intended to provide some compensation in order to reward innovators. Except for a few circumstances, these days it does the reverse and is merely a treasure to reward those who own--not innovators. I doubt one in a hundred even knows what "the consumer is sovereign" means. But not working for the status quo doesn't pay in mass media, so you won't here it mentioned.

P2P has more of an effect on "control" than it does on "profit". The fact that X mp3s have been downloaded does not translate to X mp3s would be bought. In fact, it is argueable that music sales might decrease, without downloadable works.

I'd much rather live in a country that allows people to do wrong. Holland is a better place ot live than Saudi Arabia. Seems that so many people want good things controlled and legislated, they don't realize that they don't get to decide WHAT is controlled and legislated--only the biggest pig at the trough wins.

So I'm in favor of anything that allows for the anonymous transfer of information. I may not avail myself of it, but it also allows for an outlet when corporations and governments overreach. If someone could get a CD for $1 or a movie for $3 on iTunes, do you think this would even be a discussion?

IP Spoofing

[firepacket]

Through IP Spoofing A can even hide their identity from C.

Now would this work on machines that dont have raw-socket support?

Re:IP Spoofing

[Sigma+7]

Now would this work on machines that dont have raw-socket support?

Actually, it won't work at all. If you spoof your IP address, the host that replies to incoming requests will send the information to the address being spoofed. In other words, you get nothing back, and cannot download anything.

The term the article submitter was looking for is "Proxying", not "Spoofing." Even if he did mean Proxying, it doesn't do much as it means that an investigation can target any person along the chain for infringement. Given that the software was used to distribute warez, there would be no problem getting a conviction (ignoring technicalities), even if it means tweaking the laws slightly.

Thoughts

[Famatra]

"In short, no matter how cool I2P is, stop bloody spreading it around until it's ready."

As you can see people are eager to have unrestricted free(dom) speech and free(dom) information. Freenet dropped the ball by screwing up forward progress for two years and others are taking up the slack.

I2P has made incredible (and forward only, no backsteps) progress lately but if it doesn't want to be left behind then it needs to move even faster. I also think time is running out since, with DRM being put into Intel chips as one example, I'm not sure if we are keeping up with the powers that be.

I also suggest that anonymous p2p developers, including I2P, look at this Rodi (or AntsP2P since it's also Java) application and take the best parts out. In FOSS the team project who reinvents the wheel the least often has the best progress - Although again I must admit that I2P does an excellent job of gathering people into their project and communicating with its users and other developers much more than other anonymous p2p projects.

Also in general, I2P has been covered on infoanarchy, I dont' think I2P will grow fast until some killer applications (good working searchable p2p, a distributed content store, anonymous newsgroups) are included with the package. If that is the case then all the advertising in the world won't move I2P's population up as it doesn't appeal to the so called unwashed masses.

Re:Thoughts

Intel using DRM at the processor level? I guess that doesn't surprise me. Intel is Microsoft's toy puppet. And they say the x86 architecture is open, eh? Thankfully my chips are made by IBM.

I predict ...

[krygny]

... that in about 5 years you'll read about this in a Robert X. Cringely column ... how it failed initially but is re-emerging in a new project that will be used to take over the world. Of course, Cringely is almost never right with predictions (and for that matter, neither am I).

Well, the question with anonymous p2p is ..

[apankrat]

.. do you really care about the anonymity of others to donate your bandwidth to the cause ?

Relay-based anonymous p2p won't take off the ground unless they include enforcable fairness provisions. Does anyone know such p2p frameworks ?

Re:Well, the question with anonymous p2p is ..

enforceable fairness wouldn't work to well, people would just recode it not to be there, and you'd have the same problem...

You lost me at Java

[droleary]

In general, I find that any project that pushes its technology as a feature is doomed to fail. As a geek, yeah, I know what BitTorrent uses, but as a user I appreciate they don't beat me over the head about it. My prediction is that Rodi will die a nice, quiet death because it pushes the Dork factor, and a D2D network is going to be orders of magnitude smaller than a P2P network.

Re:You lost me at Java

don't quit your day job fool

anonymous p2p is not possible

[farble1670]

maybe someone with more technical knowledge can correct me if i'm wrong ... really, the purpose of this post is to educate myself.

if i am receiving packets, my system must know the address of that sender. that is TCP/IP. therefore, the sender can always be determined.

this business of adding hops between the sender and receiver is pointless. that is not going to protect you. if you have sender A, receiver B, and intermediary C that passes packets between A and B, C is for all intents and purposes the sender. C will get sued.

Re:anonymous p2p is not possible

[typical]

if i am receiving packets, my system must know the address of that sender. that is TCP/IP. therefore, the sender can always be determined.

First, no, because the sender can spoof an IP. However, another system can also forward packets for another. As you said, C can forward backets between A and B.

if you have sender A, receiver B, and intermediary C that passes packets between A and B, C is for all intents and purposes the sender. C will get sued.

(And it doesn't have to be "sued" -- it could be "fired", "divorced", or "arrested", depending upon the content).

Nope. Usenet operators don't get sued, and plenty of content on Usenet is politically hot, illegal, unethical, and you name it. As long as the system simply takes the role of blindly handing on data, without regard for its legality or illegality, it's currently okay in the US.

Phone networks, forums, and so forth are generally immune as well. If they're *knowingly* spreading a particular tidbit of illegal content, *then* they're asking for trouble.

Aww

[sunwolf]

But what would you call it when you're downloading? A Rodi? It sounds like some obscure STD...

Oh, I'm sorry. I meant STI.

Maybe fine as proof-of-concept

[The+Cisco+Kid]

But for it to catch on and not utterly suck, it will need to be re-implented in a programming platform that doesnt suck (eg, something other than Java. And no, Visual Basic doesnt count)

Re:Maybe fine as proof-of-concept

[larytet]

...check out the project again in Oct-Nov,05 may be i will have somethign for you. btw plugin for firefox is it alright ?

Re:Nice! - Possible scenario. Comments?

[iamcf13]

Really though, this doesn't sound so anonymous anyway. All the **AA has to do is set up a bunch of "C" machines, and keep logs.

Won't do them any good if the data being relayed through them is encrypted. All they'd have is dates, times, IPs, and volume of data sent by said IPs. Is that probable cause to 'crack down' on these IPs addresses and the people using them?

Any comments?

MOD PARENT UP AS DUMBASS

rockum

Disclaimer: This is not a useful post

[StarKruzr]

Hey, you know what?

Fuck copyright.

How's that?

Christ.

Why is copyright a sacred cow? Does anyone REALLY think people would stop creating content without it? Was it really necessary for Sonny Bono and the Senator From Disney to extend copyright ad infinitum et nauseum so that Mickey Mouse could be protected?

Fuck copyright.

Get rid of it.

Re:Disclaimer: This is not a useful post

AC because this is way off topic.

Yes, I sincerely believe a huge amount of content, of quality content, would stop being made. I also believe the majority of the dross would continue to be made, except it would get worse. You'd have music with embedded advertising and other bullshit.

How does one fund a movie without copyrights? How does one professionally produce a song - that is, a high quality rendition and recording thereof - without money? How many "writes only when they have time on top of their full time job" novelists have produced novels worth reading?

Either come up with a credible alternative way of funding the production of content, one that also protects the moral rights of artists, or shut-up. But in the mean time, if you don't like copyright, there's an easy way to deal with it: stop making use of content produced under the copyright regime. It's the hight of hypocracy to complain about how evil copyright is, and then - paying for it or stealing it - to entertain and inform yourself from material produced precisely because the people who worked on it could safely bet on being paid. You don't have to watch a movie. You don't have to read a book. You don't have to listen to music. Enjoy your copyrightless utopia, you have it already, you just already know it sucks and you'd rather be with the rest of us.

Re:Disclaimer: This is not a useful post

[Mr2001]

How does one fund a movie without copyrights?

Ask any independent filmmaker on a shoestring budget. Good movies can still be made without Hollywood budgets.

How does one professionally produce a song - that is, a high quality rendition and recording thereof - without money?

Ask anyone with the right software, microphones, and a few months' experience. Music production is perhaps the worst example of something that depends on copyright; technology has advanced so far that you really don't need a studio's support to make high quality recordings and mixes.

Either come up with a credible alternative way of funding the production of content, one that also protects the moral rights of artists, or shut-up.

Sorry, but "moral rights" are bunk. No one has a right to prevent anyone else from using or reproducing an idea, and that's exactly what copyrightable material is.

As for alternative means of funding: no problem. Let people who create music/art/etc be paid for their labor, just like people who design bridges or cut hair. An architect doesn't expect to collect royalties from everyone who crosses or looks at a bridge he designed, does he? Of course not; once the bridge is designed and built, his involvement with it is done. If he wants to get paid again, he must design another bridge.

Re:Disclaimer: This is not a useful post

[kz45]

Sorry, but "moral rights" are bunk. No one has a right to prevent anyone else from using or reproducing an idea, and that's exactly what copyrightable material is.

well, that pretty much rules out the GPL too. The GPL controls how I use a piece of source code.

Re:Disclaimer: This is not a useful post

[Mr2001]

Indeed, the GPL uses copyright to limit what people can do with code. But those limits are only necessary to ensure that derived works can be freely used. Without copyright, those limits would be unnecessary because everything could be freely used.

Re:Disclaimer: This is not a useful post

As you clearly don't even know what moral rights are, what exactly are your qualifications to be taken seriously on this?

Typical brain dead Slashbot. "I wanna be free! I want to pass off my work as someone else's! I want to be a hyprocrite and not pay for work that was only made because the law said people who'd use it would pay for it. Whine whine whine!"

Fucking hypocritical artist-hating shit.

Re:Disclaimer: This is not a useful post

[Mr2001]

As you clearly don't even know what moral rights are, what exactly are your qualifications to be taken seriously on this?

Wow, you're just brimming with insubstantial flames, aren't you?

I have a good idea of what moral rights are. I've heard various proposals, which all revolve around giving an artist the power to control how his work is used once it leaves his hands - preventing an author's characters from being used in other works he disapproves of, preventing a painting from being mishandled or destroyed, etc. And that's ridiculous. Ford doesn't control their cars once someone buys them; artists shouldn't have any more control over theirs.

The only "moral right" I've heard that makes any sense is giving proper credit when reproducing or incorporating someone else's work. I fully support that one, because to misrepresent someone else's work as your own is a form of fraud.

Fucking hypocritical artist-hating shit.

Congratulations, you've come up with an insult even stupider than "America-hating". It's easy to type the word "hypocritical", but obviously too hard for you to point out anything hypocritical I've actually said.

Newsflash: I create copyrightable works every day. I'm fully prepared to face the consequences of copyright reform, because I'm smart enough to use a business model that doesn't depend on collecting money from every single person who enjoys what I've created.

Re:Disclaimer: This is not a useful post

[kz45]

Indeed, the GPL uses copyright to limit what people can do with code. But those limits are only necessary to ensure that derived works can be freely used. Without copyright, those limits would be unnecessary because everything could be freely used

it may make it so everyting was freelyavailable, but the source code could still be closed.

Even if this did happen, companies would just start creating service based applications (like turbo tax did). Then there would be no open/closed source issues.

Re:Disclaimer: This is not a useful post

[darrylxxx]

Great, low-budget-and-art-house-movies 'r us meets the Karaoke Generation... who is going to invest in making commercial blockbusters with no copyright? Your comments about copyrighting an idea is twaddle. You can't copyright an idea. Period.

Copyright law only protects the particular form or manner in which ideas or information have been manifested, and is not designed or intended to protect the actual concepts, facts, styles or techniques which may be embodied in or represented by the ideas or information. For example, the copyright which subsists in relation to the Mickey Mouse cartoon prohibits third parties from distributing the cartoon or creating derivative works which copy or mimic Disney's particular talking mouse, but does not prohibit the creation of artistic works about talking mice in general. Other forms of intellectual property may provide legal protection where copyright does not.

http://en.wikipedia.org/wiki/Copyright

Re:Disclaimer: This is not a useful post

[Mr2001]

Great, low-budget-and-art-house-movies 'r us meets the Karaoke Generation... who is going to invest in making commercial blockbusters with no copyright?

Oh noes! Whatever will we do without commercial blockbusters?

Your comments about copyrighting an idea is twaddle. You can't copyright an idea. Period.

Information, idea.. are the concepts really that different? I'll call it "information" if that makes you feel better.. it's just more typing.

A poem is a sequence of words; a photograph is an arrangement of colors; a song is a long and intricate waveform (as filtered by the human aural processing abilities). They exist as concepts independent of any physical form they may be embedded in. They're not property, they're attributes of property, and they cannot be owned. No one has a right to prevent anyone else from arranging colors a certain way, just as no one has a right to prevent anyone else from using a certain size or shape.

Re:Disclaimer: This is not a useful post

[darrylxxx]

Commercial blockbusters drive many parts of the movie industry. Many people like them. If you don't, that's your problem. But don't seek to deny others the right to see them.

I was stating a fact. I'll repeat it if you don't understand - YOU CAN'T COPYRIGHT AN IDEA. Copyright is automatically created in the expression of that idea.

Of course a poem is a sequence of words etc. BUT they are also someone's unique expression of an idea. The words/colours/waveforms are not copyrightable - the expression of the idea is.

Maybe this is a bit too complicated for you...

Re:Disclaimer: This is not a useful post

[Mr2001]

Of course a poem is a sequence of words etc. BUT they are also someone's unique expression of an idea. The words/colours/waveforms are not copyrightable - the expression of the idea is.

And that expression is itself an idea: the concept of stringing these words together in this particular order.

The fact is that when you copyright a song, you're copyrighting a waveform, and when you copyright a poem, you're copyrighting a sequence of words. You can't have a monopoly over the expression without also having a monopoly of the information used to express it.

Maybe this is a bit too complicated for you...

You misspelled "contradictory".

Re:Disclaimer: This is not a useful post

[darrylxxx]

Is this the five minute argument or the full half-hour? :-)

I can't be bothered to argue the semantics, but it is maybe worth pointing out that you can describe it as a combination of waveforms making up a single new waveform. This is evidently the 'expression' i.e. the unique combination from the creator/producer...

And you misspelled "nose".

for or against this type of client is here to stay

So many whiners on both sides of this topic. If you don't like the new client then don't use it. If you do then great knock yourself out. Trying to take the moral high ground from either standpoint is fine but having long winded posts about it isn't going to change the reality of either side.

Re:That logo

[larytet]

help me with the logo, give me another one, make suggestions, give me ideas see alternative logo http://larytet.sourceforge.net/logos.shtml

P2P on existing tech?

[NoInfo]

What about P2P based on IRC?

Re:P2P on existing tech?

[larytet]

...am reading, very interesting, thanks

Problem with all 3rd party routing protocols.

[Jason+Pollock]

Wouldn't C be charged with contributory infringement? So, instead of being in trouble for stuff that you've done, you get into trouble for all of the stuff that other people have done. Great.

The benefits to the RIAA are the same either way, it provides a large disincentive against using the softwawre.

Cash

[toriver]

But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities.

Interesting. Do you feel the same about cash?

Paper money and coins are really just a low-tech anonymous payment system. It could be replaced tomorrow by debit cards, with every transaction logged and identified (buyer, seller, products)- for your security, of course.

Would that be acceptable?

Re:Cash

[Anonymous+Brave+Guy]

Do you feel the same about cash?

No, because cash isn't completely anonymous for practical purposes. Try walking into a flight school and asking to learn to fly a plane, then telling them not to worry about teaching you how to land it. Pay with cash, and see how fast the authorities find you.

Re:Cash

[gumpish]

Yeah, well, I don't think contraband peddlers report to the government who is and is not paying in cash...

Re:Cash

Paper money and coins are really just a low-tech anonymous payment system.

Exactly. To buy with cash you need to physically transfer the cash, so it's not anonymous

1. the transaction can be caught on camera, leaving an evidence trail
2. the transaction can be interrupted by law enforcement, catching you in the act
3. the contraband vendor knows who you are, and strap them in Gitmo for a few months and they'll sing baby.

So where's the anonymity?

Get A Clue

[johnos]

Is this sarcasm? if so, please indicate for morons like myself. Because if you were being serious, you couldn't be serious.

You "don't believe in automatically banning things that have legitimate uses..." Fortunately, that legal point does not rest on your beliefs, but on the Supreme Court's Betamax ruling. Beyond that, your post is 100% troll. Some people can't be trusted? Get the fuck outtahere. You mean in a free and open society, people can do whatever they want? Someone call in the cavalry, that can't be what the founding fathers meant. That's not democracy, that's chaos, Anarchy, Communism even.

You want to know how many spammers, virus writers, phishers, frausters, copyright violators, organized criminals, paedophiles and terrorists I'm willing to let get away with it? All of them. Because even in toto, they don't add up to the danger of one fascist.

In case you hadn't noticed, there are plenty of laws already to deal with crimes. What you want is not to deal with crimes, but with criminals. And you're willing to sacrifice other people's rights to do it. That's not even fascism, its chickenshit fascism. Fascism lite. You'll only take away rights from the people that don't deserve them. They're easy to spot, because the only ones that want to be anonymous have something to hide.

You know, great countries are never toppled. Instead, the values that made them great are abandoned. The sad, empty hulk of greatness gets toppled. America used to be a great country.

Re:Get A Clue

[Anonymous+Brave+Guy]

I debated whether to reply to your post or not, but in an attempt to maintain civil debate I'll give it a go.

First things first: yes, I'm quite serious, and the fact that your views apparently differ from mine is neither a counter to my argument nor a demonstration that I am trolling.

Moreover, the legal case doesn't rest on the Betamax ruling for anyone outside the US, and even for those within the US there are ongoing challenges to the conclusions of that case. Regardless, this discussion is about what the law should be, not what it is, and I'm sure we'd all agree that the law is not perfect at present.

This is the first point I really want to address, though:

You want to know how many spammers, virus writers, phishers, frausters, copyright violators, organized criminals, paedophiles and terrorists I'm willing to let get away with it? All of them. Because even in toto, they don't add up to the danger of one fascist.

The problem is, that's just not true. In fact, if you've ever seen the way a counsellor deals with a child who has been subject to that kind of abuse, you'll know that the scars last for many years, sometimes the rest of their life. Having your identity stolen is also a profoundly disturbing experience that can do huge psychological damage. Talking to an elderly person who's tricked out of their life savings by a professional con artist doesn't make you think it's all going to be for the best.

These things -- physical abuse, being "disappeared", losing your assets -- sound all too close to the kind of thing you can suffer under a fascist dictatorship to me. The only difference is that these things are happening, in your home town, right now. Ironically, both your country (assuming you're from the US) and mine (the UK) are slowly sliding towards a lot of the other characteristics we associate with fascist dictatorships as well, and a major driver for this process is precisely the lack of accountability I oppose, but that's another story.

I have just one final point for you:

In case you hadn't noticed, there are plenty of laws already to deal with crimes. What you want is not to deal with crimes, but with criminals. And you're willing to sacrifice other people's rights to do it.

On what basis do you claim the right to be anonymous? It's not natural for humans to be anonymous; you can normally be seen and heard every time you interact with someone else. It's not a legal right, even in a country as proud of its constitutional heritage and citizens' rights as the US. In the natural order, and indeed according to both your legal system and mine, if you piss someone off, you will be held responsible for your actions.

In other words, why do you feel you have a right to be above the law?

Be safe, use a MUTE client

Much safer, these people have been working on this a long time.

Many clients, downloads:
http://www.planetpeer.de/wiki/index.php

or

http://mute-net.sourceforge.net/

Is Rodi BitTorrent's Replacement?

[Trogre]

...written in Java...

No.

Spoofing 101 was Re:Nice!

Computer A senda a packet to computer C that goes a little like this: hi my address is 192.168.1.2 Computer C is Smart* and goes 'okay, that's not a real address, but your packets are coming from the ip address of 24.116.111.25' At this point, the program has a real IP that it believes is your ip address, to which it will send data. and if you're relying on this program to protect your ip alone, you're now screwed. but remember, 24.116.111.25 is just one of 15,246 computers in your botnet. so you're not screwed, the ip being logged belongs to a hacked machine, and none of your compromized systems are keeping logs, and the digital trail of route forwards etc is changing hourly, to keep there from ever being a digital trail that actually leads anyone from discoving your true ip address... which happens to belong to an open wifi node that you're able to access from a concealed location with an antenna booster.

you are right, this program allows data to be sent to you, so someone using one of these programs knows your real ip, if the riaa/mpaa sets the 'honeypot' boxes up correctly, they are Only connected to the ip logging machines, which means since this uses a single hop of ip obscurification anyone who isn't hacking into other peoples systems to obscure thier ip addresses can still have their ips traced using this p2p method.

incidently, this program seems not to be a method to allow piracy, so much as one designed to 'bust' novice pirates wanna bes. Right now, with bt and other various p2p apps, one can download a 'blacklist' of ip addresses suspected, or known to belong to riaa/mpaa and informants. this program seems more to be used to hide the ip address of 'b' from 'a' so that they will access the honeypot machine, and get their ip logged, whereas other implementations have high quality blacklists that can be used to prevent you from connecting to the ip address of an riaa/mpaa ip logger.

*= previously programs weren't always smart enough to do this etc...

Re:Spoofing 101 was Re:Nice!

Computer C is Smart* and goes 'okay, that's not a real address, but your packets are coming from the ip address of 24.116.111.25'

Computer C has no way to determine the real IP the packets it is recieving are coming from. The packet header is the only way to determine the sender IP; once it no longer contains the true IP of the sender, you simply cannot determine who sent the packet.

Doomed to fail...

[acariquara]

/search porn
/Look session started <fileName>porn</fileName>
Look completed 0
Look session stoped

MOD PARENT UP!

[Norgus]

This is a great point

... I feel so cliche with this subject line.

Wastes bandwidth

[Guspaz]

If B is acting as a go-between between A and C, that is wasted bandwidth. As a general P2P app, it is destined to fail if this go-between behaviour is supposed to happen with any regularity.

Re:Wastes bandwidth

[larytet]

proxy is optional

C is for Sealand!

Sealand would be a great place to have the "C" Node ;)

Violate your ISP TOS

[Minna+Kirai]

Running any kind of distributed anonymizer software will violate the typical internet provider's Terms of Service, because you are acting as a common carrier for the data of unknown strangers.

True, those terms aren't normally enforced... unless the bandwidth usage gets high... or someone like the MPAA files a complaint... then they can pull out an excuse to instantly terminate your access.

BOUNCE DOES NOT SLOW TRAFFIC

Come on...I thought you people were suppose to be smart on this board.

C doesn't slow traffic whatsoever...

It's exactly the same function as a server to server FXP with the FTP proctocol.

Don't be so fucking short sighted.

Re:BOUNCE DOES NOT SLOW TRAFFIC

u r a penis

BZZZZ

-1 unnecessary use of polical buzzwords

Java programs just don't work.

[JoshRoss]

Web hosted applets, sometimes work. However, stand-alone java apps suck. Just out of curiosity, can you compile this fucking java shit?

Re:Linux penetration? Forget about it.

[typical]

I have AbiWord and Open Office on my computer at the moment, as well as gnumeric. I rarely use "business productivity applications", but they're still there. Just off the top of my head, I have twice as many spreadsheets and wordprocessors on my computer as the typical Windows user does.

I'm not seeing the lack of software, here.

Real anonymous communication

[typical]

There is and never will be complete anonymity as long as two points are the beginning and end of a communication. There is only obfuscation and misdirection.

This is not true. Broadcasts provide receivers with anonymity.

A dining cryptographers approach provides the sender with anonymity.

That doesn't mean that true anonymity is *reasonable* or *efficient* (i.e. that Joe Blow can share movies anonymously), but it is certainly possible.

Re:Real anonymous communication

[ninejaguar]

This is not true. Broadcasts provide receivers with anonymity.

You'd think so, but the broadcaster can be traced and shutdown, and the receiver can be triangulated via its signature radio signal that all electronics have. Assuming the tinfoil shielding doesn't hold Capt'n! ;-)

= 9J =

Re:Real anonymous communication

[typical]

...I'm probably just not doing a humorous response justice, but when I say "broadcast", I'm referring to the general sense of the word -- one sender that sends a message to an entire group. Consider a USENET posting or an Ethernet broadcast.

These provide the receiver with anonymity.

Re:Real anonymous communication

[ninejaguar]

I've come to face the fact that I'm just not that funny.

= 9J =

Social aspects of anonymity

[typical]

At that point, for everyone who could genuinely take advantage of true anonymity to make a contribution to society -- and I'm sure these people do exist -- how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?

In a system allowing large scale (in the sense that there will be malicious users) anonymous access, there can be no vulnerabilities. It is as simple as that. If there are vulnerabilities, then you can't allow anonymous access.

Our email system has vulnerabilities. One user can cause vastly disproportionate damages (human time wasted on spam versus a cost in mere bandwidth and CPU cycles). Ability to amplify damages counts as a vulnerability, in terms of DoS attacks. This means that, yes, email cannot have anonymous users.

This is probably why Tor is not a viable long-term anonymous solution. It allows access to outside systems, many of which have vulnerabilities and are not designed to support anonymous users.

It is *quite* possible to have systems that do support anonymous users.

At that point, for everyone who could genuinely take advantage of true anonymity to make a contribution to society -- and I'm sure these people do exist -- how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?

Ah, see, now you're showing bias -- you like the ability (not present in anonymous systems) of the majority to punish the minority for views that the majority does not agree with. Let's take a look:

spammers, virus writers, phishers, fraudsters

Yup, you can't allow anonymous access to a system that has vulnerabilities regarding anonymous use. If you have a user that could be scammed by a stranger coming up to him on the streets of New York, then you have a user that could be scammed by a random emailer. Email systems of today do not support anonymous users safely.

copyright violators...paedophiles

(I assume by paedophiles you mean those who spread and download child pornography, since that's really the only context in which this makes sense.) Yup. You can't have law enforcement on data propagation in an anonymous system. I wouldn't say that this is "good" or "bad" -- it's just a different system to work within. You can't limit content.

organised criminals...terrorists

Again, in an anonymous system, you don't have the ability to punish users for spreading data that the majority dislikes.

It might be worth considering that American Revolutionary War-era sniping, vandalism, and treason is all viewed as having been perfectly reasonable and just (at least in the US) today, but would have been on par with "the terrorists" to King George.

I am one of those people that believes that it is possible to have an anonymous data transfer system that is useful and can provide a valuable set of services. Some things may have to be done differently from how they are in a non-anonymous setting, but I don't think that it's an environment in which humans cannot function.

Re:Social aspects of anonymity

[Anonymous+Brave+Guy]

Ah, see, now you're showing bias -- you like the ability (not present in anonymous systems) of the majority to punish the minority for views that the majority does not agree with.

I don't think I've made any secret of my position in this thread. What you describe is necessary for the existence of law, and I don't believe society would be a better place without a legal system. As I've acknowledged throughout this discussion, it's not perfect; it's just the best we've got.

I am one of those people that believes that it is possible to have an anonymous data transfer system that is useful and can provide a valuable set of services.

So am I. What I'm challenging is the assumption that the price is worth paying.

How does (4) work with proxies?

[Kjella]

(4) No copy of the material made by C in the course of such intermediate or transient storage is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients, and no such copy is maintained on the system or network in a manner ordinarily accessible to such anticipated recipients for a longer period than is reasonably necessary for the transmission, routing, or provision of connections;

The purpose of a proxy is to provide a copy for other users, requesting the same material. The copy is transient, but it is typically maintained longer than the time required to just fulfill the request.

I ask this because several suggested anonymous networks work essentially as proxy swarms. Each "proxy" may store it shortly, but by shuffling it around semi-persistent copy always exists on the network. Could "anticipated recipients" be interpreted to include such a node storage? Is this the paragraph that lets news server provider off the hook, or is it a different one?

Kjella

Re:How does (4) work with proxies?

[cpt+kangarooski]

There are four safe harbors in 512.

512(a) for transitory communications across a network.
512(b) for caching for multiple users.
512(c) for data put on servers by users.
512(d) for search engines.

You can use more than one, if you need to. But they all have their various conditions that have to be complied with (which, due to how the statute is written, might be in different subsections of 512).

Why anonymity is a good yardstick for human rights

[CarpetShark]

Wanting anonymity doesn't necessarily mean your doing something illegal.

No, it doesn't. But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities.

Well, another way of looking at it is that, when people are not under threat from the government, they choose to break the government's laws. To me, that indicates that the government needs to work better on implementing good laws, and helping people to understand respect for other members of society.

Anyone can choose to see this sort of thing as as an excuse to oppress people, but that's a pretty unhelpful attitude, when it comes to building a healthy society. Anonymity, in itself, is not the enemy. Rather, it's in important human right, which helps to protect other human rights. As I've mentioned above, it's also useful in guiding law makers to good solutions.

Re:Why anonymity is a good yardstick for human rig

[Anonymous+Brave+Guy]

I appreciate your point about good laws, but please consider this: if anyone can be anonymous if they wish, how will you ever enforce any law against them, even the good ones?

Re:Why anonymity is a good yardstick for human rig

[CarpetShark]

Well, my point is that a good society is almost self-regulating: people do the right thing because it's unthinkable that they wouldn't, and if they did, they would be social outcasts. That would still happen, with anonymous downloading, because friends would see the songs they've downloaded etc.

Re:Why anonymity is a good yardstick for human rig

[Anonymous+Brave+Guy]

Well, my point is that a good society is almost self-regulating: people do the right thing because it's unthinkable that they wouldn't

I don't disagree with that. I'm just more concerned about the word "almost" than you are. :-)

And the question is,

does it cause harm because society makes the people under 18 who participate in it feel shamed and wrong? Does it cause harm because society is all screwed up with regards to sex? Or is it just that somehow, sexual activity at any time under the age of 18 always causes the younger subject to immediately become damaged, and that damage will echo into the later parts of their life?

It is a complicated question.

Re:Why anonymity is a good yardstick for human rig

[CarpetShark]

Yes, I agree that there are exceptions, and even that those exceptions, if left unchecked, could undermine everything. Can we agree then, that the first stage in regulating society should be social education, expectations, and peer pressure, and etiquette, with legal measures and other "stick-based" approaches as secondary?

Re:Why anonymity is a good yardstick for human rig

[Anonymous+Brave+Guy]

Can we agree then, that the first stage in regulating society should be social education, expectations, and peer pressure, and etiquette, with legal measures and other "stick-based" approaches as secondary?

Always.

Postcards versus Envelope analogy

[rrgg]

It's not evil. Person A can snail-mail letters to person B, while C is not permitted to open and read them. In fact it would be a felony in the US to open them without a court order. How are anonymous e-transmissions any different? Why does C have a right to see everything A is saying? If someone finds a way to promote e-transmissions from a postcard-standard to an envelope-standard, then all the better.

Re:Anonymity = Free Speech

[d_jedi]

In general, I agree with you. But for peer-to-peer filesharing applications, the argument of privacy does not not really work well.

All I'm saying is that the vast majority of people who will use this program will do it in an attempt to hide their IP address when illegally pirating copyright protected works.

Why not combine the two?

[SphericalCrusher]

The fact in this matter is that someone wants to create a brand new torrent client (which innovated the internet to begin with) and he wants to add IP spoofing to it (a great idea). Well, the thing is... it's going to be extremely hard to get the word out with a new torrent client -- it's just going to have to be revolutionary... so I don't think this idea will last. But if he combined his IP spoofing with Bram's torrent client, I think that would make a wonderful new release of BitTorrent.

Re:Why not combine the two?

[larytet]

" combined his IP spoofing with Bram's torrent client"

i would love too, it;s not that simple. + Bram is not exactly a person who can be easly convinced. + and most important BitTorrent is good as it is. actually BT is perfect for some applications

Re:Why not combine the two?

[SphericalCrusher]

Yeah, that's very true, but I think it'd be an interesting side project at the most. Personally, I wouldn't change BitTorrent, because I love it the way it is -- it's perfect for what it's worth.

nothing new

[spawk]

similar functionality has been provided by the japanese program winny (http://www.uguu.org/winny/) and the newer share (http://www.uguu.org/share/) for some time (with encryption, too)