China and Taiwan are still here and who knows may be US citizens will have to cross Canadian or Mexico board to buy modified boxes able to play DVDs.
so much for democracy, right ? i never in my life paid a cent to Dell and i am not going to, not to HP either, and not to IBM God forbid. i am not going to let somebody to spy what am i doing and prevent this or that operation.
short the freaks or pull out your 401(K) and you will probably see immediate result - Dell backing off.
More effort should be invested into Linux and open source software. Apparently this is the only way to fight infinite gridyness of corporate America.
there is easire way. don't buy US government debt. invest your money any place in the world. East Europe is good. China is great. do not buy American stocks and bonds. the nation is deeply in debt. beat them in the most sensitive point.
let's assume that downloader D sends data request (unidirectional UDP packet) to the bouncer B. B forwards the rquest to the "publisher" P - another UDP packet (pay attention that there is no bidirectional connections). P sends data directly to the D spoofing it's (P) source IP address (again unidirectional UDP packet)
The evidence isn't admissible, but it is sufficient to obtain a warrant in order to find admissible evidence.
lets say that i use network containing proxys. lets assume also that performance of the network is comparable to BT. If adversary comes to me (and i am lucky enough to destroy my hard disk using something like this BAT file http://cvs.sourceforge.net/viewcvs.py/larytet/CVSR OOT/rodi/java/tools/bigRedButton.bat?rev=1.5&view= log)
i can argue that my desktop is only a bouncer (proxy) and in case of Rodi network my desktop is proxy only for the control packets and not even for the "sensitive" data.
After a couple of cases like these the evidence will not be considered "sufficient". Adversary will have to tap (log) the whole icnoming and outgoing traffic from multiple nodes and this can not be done en mase using device on the edge of the network. it will require cooperation of ISPs and warrants on wiretapping ala those which FBI receives
1) The likes of bittorrent....
2) The likes of kazaa....
there is a third kind - Rodi.
you go to the key server and download list of unique nicknames and public keys. you give a try to everyone of them. you find one or more reliable. that's it.
and no, key server does not keep any personal information and not even IP address, but range of IP addresses which is probably IP range of the bouncer(s) and not the publisher. and no, bouncer does not come at performance cocsts
did you try allofmp3 ? (click english in left top corner) you pay $0.01-0.03/song and the website is perfectly legal in Russia. the company pays all required fees to the local RIAA
how RIAA is going to fight this ? their recent attempt to bring the company to the court in Moscow failed.
vast majority of the potential RIAA customers can not afford $10 CD, but could pay $0.05/track. But then RIAAA enters strange situation selling the same CD at $10 in the US and $0.20 in India.
While in case of CD it can be done - differentiate between markets and business models, in case of download it is much tougher to explain why India crediat cards holders pay 50 times less than the US ones.
RIAA would fight illegal sells of CDs in the developing world by cutting prices, like Microsoft and Borland at some point sold products in Russia at discount. Internet essentially closes this way.
Yahoo, eBay, Amazon, Apple, Google even alltogether can not buy record industry. The moment they make such attempt the price will go up. And after money is paid (with premia) there is such thing as Return On Investment.
If you have direct Ethernet connection clock of the peer can be measured very well.
the problem started when between peer and you 2 NATs, 8 routers and 2 or 3 Ethernet switches.
The only value you can count on is timestamp of the packets in the QoS protocols, RTP, TCP, etc. but this is logical stuff and can be fighted very easy using human driven random generator, prompting you from time to time to "move your mouse inside this window" or some kinetic driven things - small USB plug collecting all movements of yours (i think the last is patented).
i agree with your doubts regarding reliability of this technology.
it happens all the time with P2P traffic. ISP are getting more reestrictive. ISPs are looking for providing advanced services like VoD and VoIP. how would you call comcast ? ISP ?
Rogers and Shaw in Canada install traffic filters and shapers and limit monthly amout of bandwidth by 60G (up+down). I guess VoD service when bought from Shaw is not going to be capped. as far as you pay $8/view bandwith is unlimited, right ?
Nothing new here. Encrypt the packet, use random ports and probably you will have a chance to use the service
Imagine that you knock a door and from window of house across the street you get a glass of milk. You never know who stands behind the door and you never know how many phone calls are made to serve you the milk. This is more or less how Rodi network operates. You send IP packet to the range of IP addresses (you knock many doors on the street using correct knock pattern - Rodi protocol) until you find out the IP destination (the right door).
You send IP packet like GET DATA request to this IP address and you recieve IP packet containing requested data from some other IP. you do not need to know what IP address the data arrives from (and it's useless actually) as far as it contains request ID you initially sent (right knocking pattern), authentication of the publisher (see Post IP page) and data with correct MD5.
BitTorrent and other protocols who allow evil corporations like MPAA to find your identity are already drawing their last breaths, these are on the way out
Project i develop tends to answer the problem and recently i released first beta version
From http://larytet.sourceforge.net/rodiAnonymity.shtml:
Rodi uses UDP packets for both data and control messages; such as search. It can be argued that the source IP of any packet can be faked and the traffic log can not be regarded as proof that a specific host sent the packet. Let's say that adversary sends a data request to specific IP address and receives a reply - a packet containing some other IP source and the data. The Publisher of the data can argue that the data request was handled by some other node. In the real network we can bounce data requests but data transfers can still be P2P. This is very Important! We use conectionless protocol like IP. In case of IP it's enough to specify correct destination IP for data delivery. All retransmission requests are routed through the network.
Bouncers.
Let's call the publisher server P, downloader D and some other peer B (bouncer). Let's assume also that the protocol is IP based. P never accepts data/look requests directly from D. D sends the packet to B with it's (D's) source IP in the IP header and in the "get data" request. B forwards the packet to P with B's IP address in the IP header. P receives the packet and conditionally checks that the IP source in the header is (or is not) the same as in the request and then may check that the source IP (IP of B) belongs to friendly host (group security server, for example). P sends data directly to D.
they present the relevant evidence to a judge, who authorizes some sort of subpoena to the ISP to reveal the identity
Relevant evidence is key words. it is easy to build network where only unidirectional connections exist. fact that you receive a packet containing sensitive data does not automatically mean that IP source of the packet belongs to the sender.
for example, downloader (D) sends get data request to the bouncer (proxy), proxy forwards the request to the publisher/seed (P), P streams data directly to the D using UDP packets and probably even spoofing IP source.
i just finished first beta of Rodi - network with roots in the bittorrent, but providing some degree of IP address hiding with only limited transfer rate penalty see http://larytet.sourceforge.net/rodiAnonymity.shtml
client is only 250B size and was created with performance in mind. You can run multiple clients on the same PC (this is what you see in PNG files) and evaluate the network performance
i tried all supposedly pop openning links icluding scienceblog and failed to reproduce the problem.
use Adblock + plenty "block images from this site" entries + "tabbrowser extensions" installed. i even tried to reload all these pages opend simultaneously (five pages total) every one second (auto reload is a feature of "tabbrowser extensions") still nothing. not a single popup.
they simply can not give up on double gain - taxes from oil and RE prices around and in SF coming up pulling RE tax higher.
think about NOT girly Mr. S. who makes big $$ on CA real estate
anyway i consider this to be a great idea because i own oil related shares. the other thought that US consuming about 50% of energy produced in the world is indirectly a largest sponsor of world terrorism.
probably i did not explain myself. the following is a quote from http://larytet.sourceforge.net/btRat.shtml
Traffic analyzers use some simple rules based on IP address and port number to collect the statistics or even drop the packets if ISP decides that the traffic is illegal or parasitic. In the more advanced analyzers "deep inspection of packets, including the identification of layer-7 patterns and sequences" is supported. P2P network can use some simple encoding algorithm, for example, XOR with long key. The strength of the scheme is regulated by the length of the key, frequent renewing and total number of keys. Let's assume that length of the key is 1M characters, there are 1M different keys - hosts generate different keys for the published files. At this point a reliable analyzer is expected to store and actively use about 1T characters of keys. Let's also suggest that keys are made accessible for registered clients using different protocols, like e-mail, FTP, HTTP, etc. Because normal high speed analyzer's are real-time embedded devices they can't reach the goal of collecting 1Tbytes of keys.
Indeed you can do the procedure you describe on per case basis, but you can not in reality to filter the content through some application level traffic analyzer
there is another problem with such device (see http://larytet.sourceforge.net/howto.shtml)
Traffic shaper keeps/records all existing TCP connections or 'flows'. Because performance of the box is expected to be high they probably use special kind memory like CAM. It is very fast but has limited size. One can check how reliable the box is and create multiple dummy TCP connections and run them in the background. You can call it stress test. Every desktop can create about 60K connections simultaneously. i think that reasonable number of connections somewhere on the order of 2-10K. Every connection costs may be 32-64K RAM depending on OS and TCP/IP stack settings. Average CMTS supports between 20-100K of modems. If 10% of modems establish 2000 conenctions each we are talking about 10M connections. If single record size is 16 bytes we have 160MB data base. There is no way to store it in CAM memory. If Ellacoya equipment attempts to terminate TCP connection (or PROXY the TCP session) the most painfull for this device is going to be establish of TCP session. My wild guess that they can handle no more than 200K connections/s. It means that for 50K users CMTS we have to establish (and immediately close) 5 TCP connections/s for every one of 50K IP addresses to bring the system down.
It was discovered as a weakness in key exchange protocols
it can be argued that in the data exchange networks is is not required to know real identity of the publisher, but just is this publisher reliable or not. iot makes actually huge difference. There is no need for exchenge of the keys. content providers hacve to install key server (pay attention that this is NOT your regular certificate server where real identities are stored) where they keep nicknames and public keys. any peer of the network can access the database and check received with the data nickname against the stored in the database nickname and public key.
All packets are signed by publishers.
see also http://larytet.sourceforge.net/btRat.shtml#authori zation
"It would be relatively easy for the next generation of P2P applications to add very basic encryption"
from http://larytet.sourceforge.net/btRat.shtml
Traffic analyzers use some simple rules based on IP address and port number to collect the statistics or even drop the packets if ISP decides that the traffic is illegal or parasitic. In the more advanced analyzers "deep inspection of packets, including the identification of layer-7 patterns and sequences" is supported. P2P network can use some simple encoding algorithm, for example, XOR with long key. The strength of the scheme is regulated by the length of the key, frequent renewing and total number of keys. Let's assume that length of the key is 1M characters, there are 1M different keys - hosts generate different keys for the published files. At this point a reliable analyzer is expected to store and actively use about 1T characters of keys. Let's also suggest that keys are made accessible for registered clients using different protocols, like e-mail, FTP, HTTP, etc. Because normal high speed analyzer's are real-time embedded devices they can't reach the goal of collecting 1Tbytes of keys.
"The alteration is of certain items in the image."
It's possible for limited distribution. still one can buy DVD in store, pay cashe (using cash is still legal in the US, right ?), rip the disk. It is going to be tough to find out who bought the disk without investigation. by some estimations number of distinct files in the file sharing network on the order of 1 bil.
In Israel, for example, you have to show your ID when you buy TV. it is supposed to help tax collection. There is a $100/year tax from houshold owning one or more TV sets. the logic behind the tax that the money is supposed to go to the public TV and radio station which do not run ads - they run ads, of course. many people still do not pay this tax and some avoid paying the tax using IDs of their relatives who already have TV. then there is a provision in the Israel law that gives to the tax authority right to access list of the cable TV subscribers. If you are a cable TV subscriber you have to pay tax.
There is also tax on radio in Israel (no kidding). But it is enforced only for radio in cars. If policeman finds radio in you car and there is no relevant stamp of the tax authority in the technical passport of the car you are screwed. Sure enough some people use MP3 (and DVD) players in their cars without actually installing them.
Interesting also that there was a case in the Supreme Court when deaf person argued that he can not listen radio in the car. I think the case was lost. Radio tax is per box, not per listener and in case of TV it is per household no matter how many people and TV sets.
and what if some weak encryption is used like XOR with long key ? and the key is a part of the torrent file, for example ?
and keys are randomly generated and unique for different torrent files. wile case by case it is possible to find offendres, but it is going to be rather hard on the large scale. publisher of the content can post the key on message board, for example, instead of planting it into the torrent file. etc.
Slashdot Mirror
so much for democracy, right ? i never in my life paid a cent to Dell and i am not going to, not to HP either, and not to IBM God forbid. i am not going to let somebody to spy what am i doing and prevent this or that operation.
short the freaks or pull out your 401(K) and you will probably see immediate result - Dell backing off.
More effort should be invested into Linux and open source software. Apparently this is the only way to fight infinite gridyness of corporate America.
there is easire way. don't buy US government debt. invest your money any place in the world. East Europe is good. China is great. do not buy American stocks and bonds. the nation is deeply in debt. beat them in the most sensitive point.
let's assume that downloader D sends data request (unidirectional UDP packet) to the bouncer B. B forwards the rquest to the "publisher" P - another UDP packet (pay attention that there is no bidirectional connections). P sends data directly to the D spoofing it's (P) source IP address (again unidirectional UDP packet)
google Rodi for proof of concept
and you can make it even more error prone using network with proxy servers. And proxy does not always mean low performance - read http://larytet.sourceforge.net/rodiAnonymity.shtml
This batch file removes from your disk sensitive material and then fills the disk with some pattern you specify. http://cvs.sourceforge.net/viewcvs.py/larytet/CVSR OOT/rodi/java/tools/bigRedButton.bat?rev=1.5&view= log
lets say that i use network containing proxys. lets assume also that performance of the network is comparable to BT. If adversary comes to me (and i am lucky enough to destroy my hard disk using something like this BAT file http://cvs.sourceforge.net/viewcvs.py/larytet/CVSR OOT/rodi/java/tools/bigRedButton.bat?rev=1.5&view= log)
i can argue that my desktop is only a bouncer (proxy) and in case of Rodi network my desktop is proxy only for the control packets and not even for the "sensitive" data.
After a couple of cases like these the evidence will not be considered "sufficient". Adversary will have to tap (log) the whole icnoming and outgoing traffic from multiple nodes and this can not be done en mase using device on the edge of the network. it will require cooperation of ISPs and warrants on wiretapping ala those which FBI receives
such network exists (not network, but fully functional client) http://larytet.sourceforge.net/rodiAnonymity.shtml
there is a third kind - Rodi.
you go to the key server and download list of unique nicknames and public keys. you give a try to everyone of them. you find one or more reliable. that's it. and no, key server does not keep any personal information and not even IP address, but range of IP addresses which is probably IP range of the bouncer(s) and not the publisher. and no, bouncer does not come at performance cocsts
see http://larytet.sourceforge.net/rodiAnonymity.shtml
did you try allofmp3 ? (click english in left top corner) you pay $0.01-0.03/song and the website is perfectly legal in Russia. the company pays all required fees to the local RIAA how RIAA is going to fight this ? their recent attempt to bring the company to the court in Moscow failed.
While in case of CD it can be done - differentiate between markets and business models, in case of download it is much tougher to explain why India crediat cards holders pay 50 times less than the US ones.
RIAA would fight illegal sells of CDs in the developing world by cutting prices, like Microsoft and Borland at some point sold products in Russia at discount. Internet essentially closes this way.
Yahoo, eBay, Amazon, Apple, Google even alltogether can not buy record industry. The moment they make such attempt the price will go up. And after money is paid (with premia) there is such thing as Return On Investment.
the problem started when between peer and you 2 NATs, 8 routers and 2 or 3 Ethernet switches.
The only value you can count on is timestamp of the packets in the QoS protocols, RTP, TCP, etc. but this is logical stuff and can be fighted very easy using human driven random generator, prompting you from time to time to "move your mouse inside this window" or some kinetic driven things - small USB plug collecting all movements of yours (i think the last is patented).
i agree with your doubts regarding reliability of this technology.
it happens all the time with P2P traffic. ISP are getting more reestrictive. ISPs are looking for providing advanced services like VoD and VoIP. how would you call comcast ? ISP ?
Rogers and Shaw in Canada install traffic filters and shapers and limit monthly amout of bandwidth by 60G (up+down). I guess VoD service when bought from Shaw is not going to be capped. as far as you pay $8/view bandwith is unlimited, right ?
Nothing new here. Encrypt the packet, use random ports and probably you will have a chance to use the service
Imagine that you knock a door and from window of house across the street you get a glass of milk. You never know who stands behind the door and you never know how many phone calls are made to serve you the milk. This is more or less how Rodi network operates. You send IP packet to the range of IP addresses (you knock many doors on the street using correct knock pattern - Rodi protocol) until you find out the IP destination (the right door).
You send IP packet like GET DATA request to this IP address and you recieve IP packet containing requested data from some other IP. you do not need to know what IP address the data arrives from (and it's useless actually) as far as it contains request ID you initially sent (right knocking pattern), authentication of the publisher (see Post IP page) and data with correct MD5.
From http://larytet.sourceforge.net/rodiAnonymity.shtml :
Rodi uses UDP packets for both data and control messages; such as search. It can be argued that the source IP of any packet can be faked and the traffic log can not be regarded as proof that a specific host sent the packet. Let's say that adversary sends a data request to specific IP address and receives a reply - a packet containing some other IP source and the data. The Publisher of the data can argue that the data request was handled by some other node. In the real network we can bounce data requests but data transfers can still be P2P. This is very Important! We use conectionless protocol like IP. In case of IP it's enough to specify correct destination IP for data delivery. All retransmission requests are routed through the network.
Bouncers. Let's call the publisher server P, downloader D and some other peer B (bouncer). Let's assume also that the protocol is IP based. P never accepts data/look requests directly from D. D sends the packet to B with it's (D's) source IP in the IP header and in the "get data" request. B forwards the packet to P with B's IP address in the IP header. P receives the packet and conditionally checks that the IP source in the header is (or is not) the same as in the request and then may check that the source IP (IP of B) belongs to friendly host (group security server, for example). P sends data directly to D.
Relevant evidence is key words. it is easy to build network where only unidirectional connections exist. fact that you receive a packet containing sensitive data does not automatically mean that IP source of the packet belongs to the sender.
for example, downloader (D) sends get data request to the bouncer (proxy), proxy forwards the request to the publisher/seed (P), P streams data directly to the D using UDP packets and probably even spoofing IP source.
that's the idea behind Rodi network
see also PNG files with some studies of the network http://larytet.sourceforge.net/images/tests/
client is only 250B size and was created with performance in mind. You can run multiple clients on the same PC (this is what you see in PNG files) and evaluate the network performance
i think FlashBlock does this. no po ups.
use Adblock + plenty "block images from this site" entries + "tabbrowser extensions" installed. i even tried to reload all these pages opend simultaneously (five pages total) every one second (auto reload is a feature of "tabbrowser extensions") still nothing. not a single popup.
and what about horses ? i am just curiuos will they install GPS system in every horse a** ?
think about NOT girly Mr. S. who makes big $$ on CA real estate
anyway i consider this to be a great idea because i own oil related shares. the other thought that US consuming about 50% of energy produced in the world is indirectly a largest sponsor of world terrorism.
Indeed you can do the procedure you describe on per case basis, but you can not in reality to filter the content through some application level traffic analyzer
there is another problem with such device (see http://larytet.sourceforge.net/howto.shtml)
Traffic shaper keeps/records all existing TCP connections or 'flows'. Because performance of the box is expected to be high they probably use special kind memory like CAM. It is very fast but has limited size. One can check how reliable the box is and create multiple dummy TCP connections and run them in the background. You can call it stress test. Every desktop can create about 60K connections simultaneously. i think that reasonable number of connections somewhere on the order of 2-10K. Every connection costs may be 32-64K RAM depending on OS and TCP/IP stack settings. Average CMTS supports between 20-100K of modems. If 10% of modems establish 2000 conenctions each we are talking about 10M connections. If single record size is 16 bytes we have 160MB data base. There is no way to store it in CAM memory. If Ellacoya equipment attempts to terminate TCP connection (or PROXY the TCP session) the most painfull for this device is going to be establish of TCP session. My wild guess that they can handle no more than 200K connections/s. It means that for 50K users CMTS we have to establish (and immediately close) 5 TCP connections/s for every one of 50K IP addresses to bring the system down.
it can be argued that in the data exchange networks is is not required to know real identity of the publisher, but just is this publisher reliable or not. iot makes actually huge difference. There is no need for exchenge of the keys. content providers hacve to install key server (pay attention that this is NOT your regular certificate server where real identities are stored) where they keep nicknames and public keys. any peer of the network can access the database and check received with the data nickname against the stored in the database nickname and public key.i zation
All packets are signed by publishers. see also http://larytet.sourceforge.net/btRat.shtml#author
"It would be relatively easy for the next generation of P2P applications to add very basic encryption" from http://larytet.sourceforge.net/btRat.shtml Traffic analyzers use some simple rules based on IP address and port number to collect the statistics or even drop the packets if ISP decides that the traffic is illegal or parasitic. In the more advanced analyzers "deep inspection of packets, including the identification of layer-7 patterns and sequences" is supported. P2P network can use some simple encoding algorithm, for example, XOR with long key. The strength of the scheme is regulated by the length of the key, frequent renewing and total number of keys. Let's assume that length of the key is 1M characters, there are 1M different keys - hosts generate different keys for the published files. At this point a reliable analyzer is expected to store and actively use about 1T characters of keys. Let's also suggest that keys are made accessible for registered clients using different protocols, like e-mail, FTP, HTTP, etc. Because normal high speed analyzer's are real-time embedded devices they can't reach the goal of collecting 1Tbytes of keys.
In Israel, for example, you have to show your ID when you buy TV. it is supposed to help tax collection. There is a $100/year tax from houshold owning one or more TV sets. the logic behind the tax that the money is supposed to go to the public TV and radio station which do not run ads - they run ads, of course. many people still do not pay this tax and some avoid paying the tax using IDs of their relatives who already have TV. then there is a provision in the Israel law that gives to the tax authority right to access list of the cable TV subscribers. If you are a cable TV subscriber you have to pay tax. There is also tax on radio in Israel (no kidding). But it is enforced only for radio in cars. If policeman finds radio in you car and there is no relevant stamp of the tax authority in the technical passport of the car you are screwed. Sure enough some people use MP3 (and DVD) players in their cars without actually installing them. Interesting also that there was a case in the Supreme Court when deaf person argued that he can not listen radio in the car. I think the case was lost. Radio tax is per box, not per listener and in case of TV it is per household no matter how many people and TV sets.
and what if some weak encryption is used like XOR with long key ? and the key is a part of the torrent file, for example ? and keys are randomly generated and unique for different torrent files. wile case by case it is possible to find offendres, but it is going to be rather hard on the large scale. publisher of the content can post the key on message board, for example, instead of planting it into the torrent file. etc.