Slashdot Mirror

← Back to Stories (view on slashdot.org)

Combining BitTorrent With Darknets For P2P Privacy

Posted by kdawson on from the your-move dept.

CSEMike writes "Currently popular peer-to-peer networks suffer from a lack of privacy. For applications like BitTorrent or Gnutella, sharing a file means exposing your behavior to anyone interested in monitoring it. OneSwarm is a new file sharing application developed by researchers at the University of Washington that improves privacy in peer-to-peer networks. Instead of communicating directly, sharing in OneSwarm is friend-to-friend; senders and receivers exchange data using multiple intermediaries in an overlay mesh. OneSwarm is built on (and backwards compatible with) BitTorrent, but includes numerous extensions to improve privacy while providing good performance: point-to-point encryption using SSL, source-address rewriting, and multi-path and multi-source downloading. Clients and source are available for Linux, Mac OS X, and Windows."

14 of 325 comments (clear)

  1. About time by Keeper+Of+Keys · · Score: 5, Insightful

    The need for this has been brewing for a while. Hope it does what it says on the tin.

    1. Re:About time by Valdrax · · Score: 5, Insightful

      I've been doing BitTorrent over TOR for a while now. What makes this so great?

      Stop it, jackass. TOR is not designed for that. It severely degrades the latency of the network, and the network does not have the bandwidth to sustain numerous users doing large file-transfers over it. The network is intended for anonymous expression -- not to transfer DVD after DVD.

      --
      If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
    2. Re:About time by Anonymous Coward · · Score: 5, Insightful

      Honestly--I don't mind as long as he contributes at least $N_HOPS * $BANDWIDTH_PASSED back to the network--and as an exit node. Otherwise...yeah--they're a jackass. And the worst part is they probably don't care.

      The more use use tor sees, the better crowd anonymity it provides. But given most people just abuse tor... well...all I'll say is it's been found there's a few substantial weaknesses--if you're using lots of traffic, you're probably going through a few private chokepoints. I sure hope they forward your information to appropriate third parties...

    3. Re:About time by Anonymous Coward · · Score: 5, Funny

      And a big "stop it, jackass" right back at you. Don't tell people what anonymous expression can or cannot consist of. I express myself 4.7 GB at a time.

  2. Re:why? its all legal by Anonymous Coward · · Score: 5, Informative

    I'll be charitable and assume you are just uninformed. Inform yourself.

  3. Friends? by honestmonkey · · Score: 5, Insightful

    One problem from the demo seems to be that you need to have friends. I don't know anyone that has the por^h^h^h files that I want already.

    --
    Everything you know is wrong, Just forget the words and sing along.
  4. Re:Source? GPLv2, Java by hannson · · Score: 5, Informative

    We're just packaging up the source now (we just released this today), and will post a link on the website soon. Thanks!

    This is the reply I got from using the mail form.

  5. Re:This is clearly a criminal tool by Anonymous Coward · · Score: 5, Insightful

    Laws used to be about freedom and justice. But now corporations are making laws.

    Lobbying used to be called bribery. It also used to be illegal.

  6. Re:I don't understand. by InsertWittyNameHere · · Score: 5, Funny

    Please explain.

    If "Joe" in Virginia and "Mike" in California each have a copy of The Big Bang Theory's latest episode, I use Utorrent to directly connect to their IP address and start downloading pieces. How does OneSwarm work differently to get this video over to my machine?

    There, saved you from ridicule. You owe me!

  7. We already have this; it's pretty much worthless. by Anonymous Coward · · Score: 5, Insightful

    There have been BitTorrent clients for I2P for years now. They're useless, largely, because anonymous networks are nightmarishly slow and unreliable, and very, very few people bother to upload anything interesting (at least in my opinion).

    Before anyone accuses me of trolling, I've been using TOR off and on at home since 2005, and I've experimented with I2P for about 6 months in the wake of whistleblowing of the NSA wiretapping program. They're horrible, frankly, and I only put up with TOR still out of sheer cussedness. TOR at least lets you get content from the outside world; I2P is darknet-only, and darknet-only content isn't that exciting.

    In fact, it's frankly dull as hell -- mostly political rants and porn (often of the less than legal variety). Sure, that could theoretically be overcome, but it won't, because performance is so bad that no one uses them but people stubbornly making a political point or people with downright criminal tastes (like the child porn freaks that seem to dominate the core.onion message boards). Mainstream consumers want convenience, and darknets don't provide it.

    The performance is terrible because every download on a darknet is limited by the upstream bandwidth of the worst of your peers -- each of which is generally passing through streams from several other peers at the same time. Think about this. Think of the common 128 Kbps cap on most residential DSL or cable. And this is when you don't have unreliable or malicious peers.

    So, frankly, who cares? I pirate copyrighted material because it's convenient and it lets me intelligently spend my money only on things I've vetted first -- spending my money only on things that have merit. Darknet torrenting is simply NOT convenient, and I simply wouldn't bother if it truly became necessary.

    I like the concept of TOR and darknets because they provide an important technological counterbalance to tyranny, but I seriously doubt that they could survive as a useful tool for issues less relevant that free speech and survival, like wanting to get movies for free.

  8. Dumb by sexconker · · Score: 5, Insightful

    So a "darknet" is a private (trust-based) network.

    You know, like a regular network or VPN.

    Oh, and you want to use your darknet for P2P, so you want it to be popular? Then just chain your trust so friends of friends of friends can join in. They're trustworthy, right?

    This is completely stupid.
    You can't establish a successful P2P network without a large number of users to supply bandwidth and content.
    You can't get a large number of users without making it easy to join.
    You can't make it easy to join while keeping up a level of trust. If Joe Schmo from the internet can get on, then Joe Schmo from the RIAA can too.
    You can't anonymize or encrypt traffic while staying decentralized. To anonymize traffic you need a central server where all traffic is routed through, or you need to route through other users and maintain some meta data centrally. If you encrypt traffic, you'll need to decrypt it, and then it becomes a key sharing problem.

    It all boils down to keeping the MAFIAA out. No one can ever explain how their various "trust" mechanisms ensure that the MAFIAA stays out (because they can't).
    No one ever explains what happens when the trust is broken (the whole net instantly becomes untrustworthy).
    No one ever explains how encryption helps untrusted connections (it doesn't), or why it is even necessary for trusted connections (well, I'll accept this since nowadays everyone is illegally snooping in on every bit of data it seems.)

  9. Re:Why not just put an encryption layer on top of by Anonymous Coward · · Score: 5, Informative

    Because the investigators don't eavesdrop on your connections. They come into the network as a peer and ask your client to send them chunks of whatever file you are currently sharing. It's very easy for them to do:

    1. Search torrent site for popular movie/artist name
    2. Download torrent
    3. Connect to tracker, get peer IP addresses
    4. Connect to peers, ask for parts of the file
    5. File a John Doe lawsuit and subpoena ISPs for customer details

    Encryption occurs between peers - so your ISP can't decode the traffic, but the investigator can, because it is a peer.

  10. Anomos: Anonymous BitTorrent Without F2F by EverStoned · · Score: 5, Interesting

    I'm a lead dev on a similar project called Anomos, which provides anonymous and encrypted BitTorrent without requiring the slow Friend To Friend system that this uses. OneSwarm is a cool project, but we have some advantages over this (although I'm sure they have advantages over us as well.) We're a funded project as well. If you're interested in this type of thing, you might wanna take a look at our project as well. (Also check out i2pSnark!) Ultimately (perhaps by the end of this summer), I'd like to see all of these approaches under a single roof.

  11. Re:After viewing the demo video by Burz · · Score: 5, Insightful

    Um, "In The West" (the United States) over 1% of the adult population is currently behind bars and 17% of all adults have been put through the penal system. Minors are being sentenced as child pornographers for sending nude cameraphone shots of themselves to their girl/boyfriends.

    I think your view of the West may be Hollywood-tinted and overly optimistic. The war on drugs (a kind of civil war) is just starting to abate; legislators and police-state apparatchiks are looking for the next new frontier to exercise their lust for punishment.