What they are doing is not actually a new deal, and is nowhere near as effective as they would think. P2P apps search based on a specific hash (be it MD5, SHA1, or whatever) and then any computer with a matching hash sends data to the end user. What they are doing is claiming to have matching data, then sending their own corrupt junk data. On most P2P networks (aside from old FastTrack) this would be caught once the file is downloaded at the latest, while newer protocols (like new Gnutella, G2, BT, etc) actually use advanced hasing techniques to catch the corruption DURING the download. Basically this means that this company can slow down downloads (because the hashes will fail and you'll have to redownload part or all of the file) but it won't prevent them from happening.
They are NOT making colliding hashes. They are simply claiming to have the same file as you (based on the hash) so they can send junk data.
If it's what it sounds like, it's actually a crazy UDP trick that requires your router to respond a certain way in a certain situation (which most residential ones do, but business and college campus ones don't). It *is* a pain, but it makes most residential double firewall situations go away, and is uber-geeky-cool.
Theoretically, I'm sure, but due to NAT traversal and firewalls, if both sides are closed off from eachother then the direct connection is impossible.
An increase in broadband access (and the NAT to share the access between computers) has contributed to this happening more often, but recently UPnP adoption has made this double firewall scenario less common, however your client needs to know how to work with UPnP.
AIM and Trillian *do* use UPnP for NAT/Firewall traversal. I can't speak for GAIM.
Actually, all messages ARE routed through AOL's servers. Peer-to-peer traffic only occurs when you are a) doing a file transfer, or b) using AIM's DirectConnect feature. Therefore, AIM can see anything you transmit over their network, and that includes all messages as well as file names/sizes/etc for transfers (but not the actual files themselves).
This is actually standard through virtually all Instant Messaging systems, partially due to the complexities of routing that NATs and firewalls introduce to the internet, and partially because client/server is just plain more reliable and easier than P2P.
(This is from a guy that's done a lot of IM protocol observation/hacking/developing)
Slashdot Mirror
What they are doing is not actually a new deal, and is nowhere near as effective as they would think. P2P apps search based on a specific hash (be it MD5, SHA1, or whatever) and then any computer with a matching hash sends data to the end user. What they are doing is claiming to have matching data, then sending their own corrupt junk data. On most P2P networks (aside from old FastTrack) this would be caught once the file is downloaded at the latest, while newer protocols (like new Gnutella, G2, BT, etc) actually use advanced hasing techniques to catch the corruption DURING the download. Basically this means that this company can slow down downloads (because the hashes will fail and you'll have to redownload part or all of the file) but it won't prevent them from happening.
They are NOT making colliding hashes. They are simply claiming to have the same file as you (based on the hash) so they can send junk data.
Though I have had some really tough "gourmet" cheese before...I wouldn't want walls made of it.
But they require three kernel patches, five non-existent drivers, and are all command line interface.
If it's what it sounds like, it's actually a crazy UDP trick that requires your router to respond a certain way in a certain situation (which most residential ones do, but business and college campus ones don't). It *is* a pain, but it makes most residential double firewall situations go away, and is uber-geeky-cool.
Theoretically, I'm sure, but due to NAT traversal and firewalls, if both sides are closed off from eachother then the direct connection is impossible.
An increase in broadband access (and the NAT to share the access between computers) has contributed to this happening more often, but recently UPnP adoption has made this double firewall scenario less common, however your client needs to know how to work with UPnP.
AIM and Trillian *do* use UPnP for NAT/Firewall traversal. I can't speak for GAIM.
Actually, all messages ARE routed through AOL's servers. Peer-to-peer traffic only occurs when you are a) doing a file transfer, or b) using AIM's DirectConnect feature. Therefore, AIM can see anything you transmit over their network, and that includes all messages as well as file names/sizes/etc for transfers (but not the actual files themselves).
This is actually standard through virtually all Instant Messaging systems, partially due to the complexities of routing that NATs and firewalls introduce to the internet, and partially because client/server is just plain more reliable and easier than P2P.
(This is from a guy that's done a lot of IM protocol observation/hacking/developing)