Combining BitTorrent With Darknets For P2P Privacy

CSEMike writes "Currently popular peer-to-peer networks suffer from a lack of privacy. For applications like BitTorrent or Gnutella, sharing a file means exposing your behavior to anyone interested in monitoring it. OneSwarm is a new file sharing application developed by researchers at the University of Washington that improves privacy in peer-to-peer networks. Instead of communicating directly, sharing in OneSwarm is friend-to-friend; senders and receivers exchange data using multiple intermediaries in an overlay mesh. OneSwarm is built on (and backwards compatible with) BitTorrent, but includes numerous extensions to improve privacy while providing good performance: point-to-point encryption using SSL, source-address rewriting, and multi-path and multi-source downloading. Clients and source are available for Linux, Mac OS X, and Windows."

Re:Hmmm.

[L4t3r4lu5]

All the more reason to get the darknet up and running before it disappears.

Once the source code is out there, it'd be impossible to stop. Let's hope they post it instead of making you mail in requesting it.

Anomos: Anonymous BitTorrent Without F2F

[EverStoned]

I'm a lead dev on a similar project called Anomos, which provides anonymous and encrypted BitTorrent without requiring the slow Friend To Friend system that this uses. OneSwarm is a cool project, but we have some advantages over this (although I'm sure they have advantages over us as well.) We're a funded project as well. If you're interested in this type of thing, you might wanna take a look at our project as well. (Also check out i2pSnark!) Ultimately (perhaps by the end of this summer), I'd like to see all of these approaches under a single roof.

Oooookay?

[IonOtter]

Read the article, watched the video.

Very pretty, very nice, very private IF you have someone on the other end that you "trust". Gosh! This is just like IRC back in 1994 when you'd go begging for FSP logins to trade, and had to rely on some snot-nosed brat to deign to lower their [33+ selves enough to throw you a bone.

Please. *clicks on enable encrypted torrents only* There. Fixed. Goodnight.

Re:About time

[EdIII]

Your basically saying that the authorities cannot prove you facilitated the "theft" (copyright infringement is NOT theft) of an "apple", but they search your house and find 6 stolen kiwis, 23 oranges, 92 bananas, and 5 kumquats. You don't get convicted for the "apple", but instead get convicted for the other "stolen property".

1) If the warrant was obtained improperly on the basis of the "apple" theft, there is a good probability that the whole case could be thrown out. Miranda anyone?

It's excellent that you brought up this point. Everyone is still at an ever increasing risk from the authorities regardless of encrypted and obfuscated communications. That's where the real battle takes place. Search and Seizure. I suspect that current search and seizure laws will protect us at the moment, but ultimately will be subverted to the will of the powerful and influential.

The MAFIAA is going to give up its old tactics soon by using the legislative processes in the U.S and the EU to criminalize and severely punish all offending activity towards the Big Entertainment groups. I suspect government is largely going along with it since they pick up some pretty nifty "fight the terrorists tools" to monitor and control the public.

Tin foil hattery aside, your best defense is a combination of reasonable doubt (the foundation of TOR, Freenet, and these new darknets) AND STRONG NON-PROPRIETARY WHOLE HARD DRIVE ENCRYPTION.

If they bust into your house and attempt to confiscate equipment to find evidence they will run up against the encrypted data. Assuming the security is suitably strong, it would make it economically nonviable for the government, or even the MAFIAA to attempt cryptanalysis on the data. It's a good assumption that you have at least one, if not several, files that violate copyrights. They just won't be able to prove it.

Then open up the lawsuits to get the equipment back and pursue for damages.

It's pretty much naive at this point to not prepare yourself for the future. Never before has anonymity and privacy been under such vehement attacks by those power, and the well meaning (but extremely foolish) people that object to it philosophically. Regardless of whether you are obtaining ,and in possession of, files violating copyrights, it would be prudent to start protecting your data with strong security. I myself am going to assume that at some point in my lifetime all of my data storage devices are going to be confiscated for analysis. Which is why I have all the really important stuff in several physical locations.

Of course, I am so cynical that I believe there will be a strong push by government to install some sort of sentinel program in every single media and communications device to monitor everything. All in the name of fighting the terrorists and protecting our children's "black cherries" from the sickos.

Re:About time

[Runaway1956]

To be honest, I've been toying with the same idea that AC has. As the next poster points out, IF I CREATE AN EXIT NODE on my own machine, I would be contributing as much to the onion, as I would be taking. Maybe more. Yeah, I know, I'm sticking my neck out, asking for flames and bad karma - but I have brass balls. Give me reasons why this is a good or a bad idea. Let me emphasize - IF I DID THIS, I would create an exit node. Obviously, if I weren't willing to give something back, I would be a real jackass for using tor to slow everyone else down.

Re:About time

[EdIII]

I'm just cynical enough to believe that just about ANY court in the USA would demand you turn over your encryption key under threat of simply being in contempt of court.

So? Give it to them :)

Let them find a couple thousand media files and pictures of big breasted women with cute little kittens between their breasts. It is the SECOND key that will unlock the rest of the data.

You have heard of TrueCrypt right?

A judge can basically throw you in jail until you comply, and that doesn't even allow your case to proceed.

The judge can't do it forever. The most well known cases have involved journalists that refuse to give up their sources. In any case, the judges do have people to answer to as well. I doubt that they can start putting thousands of people into jails on contempt charges stemming from encryption keys that were not turned over. I would be willing to go to jail for a year or two just to provide proof that we won't put up with this crap. Certainly, I am one of the few that would actually die to protect our liberties.

Even if you somehow worked around this, not giving up your key would be seen as an admission of guilt.

Yeah, but to who? The prosecutors can't use that as evidence of guilt. You will not get convicted based on a "secret". The judge won't buy it either. You may be in contempt of court for not giving up the key, but you will not be found guilty of the crime because of it.

Look, I know it's wrong -- fifth amendment and all that -- but this is reality here, and the republicrats don't really care any more.

I have not heard of too many cases just yet. Those that I have heard of have been favorable towards the defendants. In any case, I don't intend to modify my behavior and if they confiscate a hard drive that I know has nothing incriminating on it, I will still not reveal the real key out of principle.

Or, in cartoon form...

[AnotherSteve]

For the visual learners, here is your argument in pictoral format.

http://xkcd.com/538/