Slashdot Mirror

← Back to Stories (view on slashdot.org)

Protect Your P2P Privacy

Posted by Hemos on from the stealing-anonymously dept.

BillGatesInABikini writes "APC Magazine has a short piece on protecting your privacy online while using P2P software with the likes of Peerguardian (Windows) and MoBlock (Linux). It's concise and to the point, and a real eye opener if you don't currently protect yourself while using P2P for transferring files, legitimate or otherwise."

14 of 39 comments (clear)

  1. It's a panacea by Anonymous Coward · · Score: 5, Insightful

    Even if you use these programs, your IP address will be exposed to others, if not directly than indirectly. It's simply part of how P2P works over TCP/IP.

  2. :o\ by TubeSteak · · Score: 4, Insightful
    The scary part is, you don't know just how frequently and from the range of sources prying eyes come knocking until you use a piece of software designed to prevent exactly this sort of eavesdropping.
    It isn't so scary if a lot of those "prying eyes come knocking" because they're running P2P also.

    Just looking at the screenshot, why would you block 'the State of Wisconsin'? I suspect that those lists are just a big mashup of every corporate IP block ever, because a bigger list has to be more secure.
    --
    [Fuck Beta]
    o0t!
    1. Re::o\ by Sancho · · Score: 3, Insightful

      A bigger list is more secure. The fewer people you allow to talk to your machine, the less likely one of them will do something bad to it.

  3. Safest Method? by FreyarHunter · · Score: 5, Insightful

    The safest method of using P2P software is not to at all.

    Seeing as how various law-groups continue to think they run the universe and thus have the right to destroy computers by "injecting" infected files onto the P2P network.. Egh.

    --
    Empathetic-- 94% You tend to walk in someone else's shoes a hundred miles before pointing a finger.
    1. Re:Safest Method? by killmenow · · Score: 2, Funny
      The safest method of using P2P software is not to at all.
      So, in essence, what you're saying is: A strange game. The only winning move is not to play.

      Well said, Joshua, well said...
  4. Azureus plugin by advocate_one · · Score: 3, Interesting

    how does Moblock compare against using the peerguardian plugin for Azureus on Linux? Whenever I start Azureus, it spends a short time fetching the "biglist" and then regularly updates that list according to how I've scheduled it. Moblock apparently has to be manually fed and launched

    --
    Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
    1. Re:Azureus plugin by urbanriot · · Score: 3, Informative

      I think you mean "safepeer" plugin for Azurues. I don't know how you could compare the two - Moblock runs on Linux using iptables, interfacing with the kernel whereas safepeer runs within Azureus. Personally I've had issues with the safepeer plugin in the past utilizing considerable resources and not responding after importing massive IP ranges but that may have changed in the last year or so.

  5. Scary by truthsearch · · Score: 4, Funny

    Which is scarier? The need for P2P privacy or this being posted by Bill Gates In A Bikini?

    --
    Developers: We can use your help.
  6. Interesting "fluff" article for the everyman. by urbanriot · · Score: 4, Insightful

    If people think for one second that RIAA and MPAA are using their public blocks of IP ranges to bust people, they should think again. There's a false sense of security in running these programs - people continually see blocked IP range hits and think, "Look at all the bad people I've blocked." If you think you're being smart by using peerguardian or protowall, consider that these companies are smarter by using public and spoofed IP addresses. Not to mention, the majority of those the downloaded lists include massive amounts of "safe" peers that are being unnecessarily cut off.

    1. Re:Interesting "fluff" article for the everyman. by putch · · Score: 2, Informative

      agreed. but from my experience these programs are more useful for stopping bad blocks. i started using Peer Guardian about a year ago. i was trying to get the latest ep of an HBO show and it kept failing. other people were commenting on the same torrent that it was legit. but after three tries it still wasn't working. PG gets updated from the community to block those known to be corrupting torrent networks. most torrent clients these days will auto block an ip after a certain number of bad blocks. but this will stop you from ever connecting to the ones that are already known.

      will this stop me from getting sued? probably not. but, anecdotally at least, it helps speed up downloads.

      --
      just because I don't care doesn't mean I don't understand!
  7. Won't you be my neighbor? by JoshuaSpringfield · · Score: 3, Funny

    I protect my p2p privacy by leeching off my neighbors unsecured wireless. I kid, I kid....

  8. WTF -- Are the editors retarded? by FallLine · · Score: 2, Informative

    Posting this article as if it were some brilliant nugget of wisdom is just plain retarded.

    First, these tools truly do not anonymize your P2P activity. All they do is block whole groups of IP addresses. The blocked addresses are presumably the record labels and other alleged "bad actors".

    Second, the assumption that this is an effective means of blocking the record labels or other entities from finding out what you are up to is seriously flawed. The breadth of the IP groups that these tools block are bound to yield many false positives (many innocent and unrelated sites get blocked). Additionally, they are fundamentally flawed because they presume that RIAA/MPAA/etc will confine their activity to obvious named entities and not one or several cable modems leased from comcast. Even when this monitorer has been active reporting copyright violations and such, there is generally no reliable means for these list-makers to establish which IP actually was responsible for the original observation/evidence gathering. Even if the list-makers could presumably establish that, they would need to ban whole blocks of IPs on dynamic networks (e.g., all of Comcast in LA) to just to block that one account...

    Third, using these tools as akin to admitting you are committing piracy because the only concievable utility is to attempt to hide from industry. Though I personally believe that almost all of these P2P systems are used almost exclusively, in practice, for various forms of copyright infringement, with the exception of BitTorrent (which has clear legit uses), using these tools basically just reinforces that you are trying to hide your actions from a particular set of people, namely, RIAA, MPAA, and other related organizations that are trying to enforce copyright.

    You might argue that the powers that be are misreporting violations, but I, for one, do not buy into the notion that users would go through the trouble of installing this tool (and all the pains that go with it) just to try to escape the very remote chance that RIAA/MPAA will falsely report your linux distro download as a piracy.

    1. Re:WTF -- Are the editors retarded? by Darth_Burrito · · Score: 2, Insightful

      Third, using these tools as akin to admitting you are committing piracy because the only concievable utility is to attempt to hide from industry.

      Ironically, the first thing that caught my eye about this article was the potential use of this software for spyware/malware protection in an organization. Eg, I think tools like spybot (free) and windows defender (free?) and adaware (not free for orgs) do not do this kind of ip blocking. Maybe I'm wrong? Anyways, the fact that it is open source makes it particularly attractive too because I don't think there are many good open source products in this area.

      Of course, geered towards the anti-riaa crowd, I doubt this software would be all that great for anti-spyware in a corporate setting, but it was still my first thought.

  9. Makes no sense by rduke15 · · Score: 3, Insightful

    Using P2P whith blocking blacklists makes absolutely no sense.

    The point of P2P is sharing. So you are supposed to share, or eventually there is no P2P at all.

    Yes, the blacklists are supposed to only block the "bad guys", and let you keep sharing with the "good guys". What an idiocy! Does anyone believe that people spying on P2P networks are SO stupid? It seems obvious that they will use plain DSL connections with dynamic IPs which are not on any blacklist, so you definitely won't block them.

    An effective blacklist would block everyone, and if everyone used it, it would destroy the P2P network.

    With a partial blacklist you can be pretty sure that you are NOT blocking the machines you would want to.

    Look at the screenshot in the article. Yes, it was choosen carefully so that you can see Sony in there. The rest is mainly (European) Universities, and the like. Do you really think that RIAA sying on P2P would be from European universities?

    Either use P2P and share, or don't use P2P.