I have a proposal for making Gnutella a little bit more anonymous

a) All clients should hide any data that would give information about other IPs. Like ListView fields or HostCache data or temporary data files for downloads. All IPs should be encrypted. Like Xolox does for its HostCache data.

b) Instead of an IP, a nick name should be used to identify other clients. It is not nessecary to be unique for all the Network, just some info about the host you are connected. It could also be used in chats between two clients

pointless. Even if the client hides the info from the user anyone that knows how to use a computer can still get it. And anyone that wants the info from the client could write their own client to display the info. Gnutella cant work without it so you cant get rid of it.

If you want anonymity check out freenetproject.org It really is coming along quite nicely

You got to be kidding, - freenet is pre-alpha crap. It surely has a nice concept but it simpy ain't usable yet.

ok, assuming you tried it a year ago you would have to say the current state is coming along nicely. Yes they have alot of work to do but it is usable now :-)

Last time I tried it was a couple of weeks ago, - and it's not what I would call usable.

Well you are right but why dont make it a little bit harder for them.

In some packets there is an IP and a PORT, IP is 4 bytes long and PORT is 2 bytes. My thought is to take the actuall iport and encrypt it. The encrypted result should be 6 bytes so that we can put the first 4 bytes into the IP field and the last 2 bytes at the PORT field.

Servents dont have to encrypt/decrypt the packets all the time but only when it is neseccery ex: when we want to make a connection or download a file. I remind you that no ips should be exported visually in any servant. So the servants keep the encrypted data somewhere stored and when it needs an ip it decrypts it. The problem with this method is which encryption method should be used, what would be the password for the encryption, and finally that users with some knowledge of computers can still find an IP but ONLY for a connected servant. For example you can make a search for "faithless .mp3" and receive many query hits but you dont know which user shares what. Only when you try to download a file you can find that the user you are connected to is sharing this specific file and not a list of "illegal" files.

Old clients that dont support this method are not compatible. This is the right thing because otherwise someone could connect to Gnutella with an old client and still find/track all the IPs.

Any ideas?

Veniamin,

Wouldn't the decryption method not be public knowledge then? I mean, that'd kinda defeat the purpose.

Cultiv8r,
Well the encryption method should be known to all developers but only the password should be known by "registered" developers, from the GDF.

Also the GDF should alter the password every 3 or 4 months to eliminate the possibility that the password be known by others.

Other suggestions?

More reasons to make Gnutella more anonymous:

"A few years ago I was in the UMD dorms and after numerous violations of the network AUP I finally got a call one morning before going to class. It was Mr.
So-and-so with the Nethics department. He told me there were some violations and asked if I knew what he was talking about. (Of course I did, what? was
I just gonna confess? Idiot.) He then suggested that I come over to the computer and space sciences building for a 'chat.' Meanwhile at the CSC building I
entered the Nethics office and was greeted by Mr. So-and-so, and he began his Gestapo interview of me. It came down to the fact that I had egregiously
broke their rules, and I knew it, and he knew it, but he had no real proof (I firewalled almost everything, including all of the UMD space) with the exception of
an email written by a barely literate teenager Narc'ing on me. Needless to say, I walked out unscathed. They are just a bunch of James Bond wanna-be
jokers."
So when this guy gets kicked out of school and his parents lose all their $$ they invested, who CAUSED the damage?

"The Australian Electronic Frontiers foundation report that the Australian
Government is looking at introducing changes to the Telecomunications Interception Act giving
Government Agencies (NOT just police!) the power to intercept email, voice mail and SMS messages
without a warrant."
And it's not just a USA problem.

Developers need to get with it.

And who is the immature nerd who thinks deleting this thread will help anyone ?

http://slashdot.org/articles/02/06/07/1648251.shtml
http://yro.slashdot.org/yro/02/06/09/1627227.shtml

and another reason

"The RIAA is set to expand its FastTrack lawsuit to include Sharman Networks and FastTrack founders Niklas Zennstrom and Janus Friis"
http://www.zeropaid.com/news/article.../06082002a.php

Will you be next?