Quote:
- No direct downloads (use push, push-proxy or download proxy for all
downloads, don't advertise your own IP in query replies and the
download mesh, but only those of your proxies/UPs; Don't use the Global
GUID for identifying at your proxies, but an ID, which changes with
every restart of the program)
|
What I believe the proposed "secure" network arne_bab speaks of is to use "Ultrapeers" or "proxies" as a type of "bodyguard" for the network. Each computer connects to an Ultrapeer as a user, and their IP address is stored in a database on that computer that is not visible on the network. Then, when someone wishes to download a file they must go through the Ultrapeer to connect to that server (indirectly). In essence, the Ultrapeer then becomes a 'network host' between both computers.
This is most definately NOT a good idea, since it puts all the strain of the network on the Ultrapeers, bouncing raw data from computer to computer, ignoring the shortest internet route and slowing down the network in the process. In turn, this also makes it look like the Ultrapeer is actually the one originating the file. This means that not only network strain is put on these servers, but legal strain. It makes them responsible for the data they pretended to host. Then the Ultrapeers would be forced to release the IP information from their database to show the file's origin. So, this actually does NOTHING to protect you from getting caught distributing illegal material, except putting the network to blame for its members' mistakes (Napster, anyone?). All of what you wish to do here can already be done by connecting to your ISP via a proxy.
Quote:
- End-to-end encryption of file transfers (advertise encryption-method
in headers to allow for future changes).
|
Encryption of files on a PUBLIC NETWORK is totally ludicrous! All encryption does is prevent people monitoring connections to read the file. But if those people can simply download the file from you and read it, they've just bypassed your encryption security! Encryption is only necessary for Private P2P communication, which Gnutella is not. When you put files on the Gnutella network you are sharing it with the world, not select "trusted" people.
Quote:
- Never share complete files, when you have more than 6 working
alt-locs (only upload either the first two thirds or the last, the other
third the clients needs to download from another alt-loc. This will
disrupt the suings for sharing, because thhey can no longer prove, that
you really shared the whole file)
|
At first this may seem a logical solution, since as an individual you will never share 100% of a file with anyone. However, if you think about it with more than 6 hz of brainpower, you'll realize that it would make downloads IMPOSSIBLE. In short, the only way you could make a download 100% complete is if the
same file were located from 2
different sources! Therefore, nobody would ever be able to add
anything to the network! Unless, of course, they happened to have access to 2 computers, which defeats the purpose of everything in the first place. If you are truely concerned about not having the full file downloaded, you should focus on having more sources available with that file. So, ironically, all the people who are way too paranoid about the lack of privacy on Gnutella are the ones causing this problem on Gnutella. Go figure. A network is only as good as its members; it can only give you what its members give out. In this case, it's strength in numbers.
One thing I would like to point out is that anywhere you go on the internet, using any internet protocol, has the capability of logging your IP address. Simply using the internet is a security risk. All networks are formed around the concept of trust. If you don't trust a website with your IP address, don't visit it. Same with Gnutella. I hate to say this, but, if you don't trust the people on Gnutella, don't use it. Whatever company gave you the data that you are sharing probably trusted you not to share that data. So to say that you do not trust the very people that you wish to share data that was entrusted upon you, is at the very least hypocritical. Not to mention the countless people of whom shared their own trusted data with you. To eliminate this trust by sharing anonymously would be catastrophic to the network.
And, if you are concerned about people hacking into your computer, or uploading viruses, there are already hundreds of client-side solutions for all of these. However, the more internet presence you have, the more you are at risk. I hate to use the cliche "The best internet security is not to use the internet at all," but it's true.