Gnutella Forums  

Go Back   Gnutella Forums > Gnutella News and Gnutelliums Forums > General Gnutella Development Discussion
Register FAQ The Twelve Commandments Members List Calendar Arcade Find the Best VPN Today's Posts

General Gnutella Development Discussion For general discussion about Gnutella development.


Reply
 
LinkBack Thread Tools Display Modes
  #21 (permalink)  
Old June 13th, 2002
ursula's Avatar
Cleaning Lady
 
Join Date: May 17th, 2002
Location: koyaanisqatsi
Posts: 2,334
ursula is a great assister to others; your light through the dark tunnel
Default

Quote:
Originally posted by Unregistered
The point was "But why is anonymity necessary?"

Not just freenet. A "secure anonymous pseudonym" can be used anywhere you have a system for anonymous posting or file sharing.

You need anonymity in order to have freedom. It's that simple.

Besides, it's a great defense for the small guy against the super power greedy types.

You should support and defend anonymity if you are a flag waiving, freedom loving person. The "press" keeps it's sources secret, and you would defend that wouldn't you?
What 'anonymity'?
What is that? It is an illusion, and as Taliban pointed out, it is also dependent on location and activity within that location.

Everything you are saying is ignoring the simple fact that you could call yourself Bubbles... the rest of us would know that we were talking with 'Bubbles' and could even follow up an interest in what 'Bubbles' had to say yesterday, today and tomorrow. This is no infringement of some image of personal freedom.
To anyone who either needs to know for their work or cares to know for their own interests, your IP is rarely a secret, so stop pretending that posting as unregistered is in any way superior in providing you, or anyone else, with enhanced freedom of speech.

The entire argument regarding so called freedom of speech and maintaining an inviolate anonymity is meaningless and has nothing to do with the reality of a public or semi-public system.

btw- "flag waiving" means to ignore or to do without...... To 'waive the rules'........ Try 'wave' next time.
Reply With Quote
  #22 (permalink)  
Old June 18th, 2002
Apprentice
 
Join Date: June 18th, 2002
Posts: 6
fireforce is flying high
Default

Okay from what I read you want encryption and DNS,


Encryption on an open network is pointless because you would have to give out the key so other peoples clients can work. Thus any one even those you want to keep out get in and access to all the data again. Its like putting a lock on your house and giving everyone a key.



As for DNS like service. You would have to have static DNS servers for the clients to work through. That is againest what the theory is, peer to peer, no server. What if the DNS server went down, all their data is gone. Also they are a huge target, they get sued and told they have to hand over the list of names and IPs. Then we are ALL in trouble. Its kinda all or nothing. Either all of us are safe or none of us are safe.
Reply With Quote
  #23 (permalink)  
Old June 26th, 2002
Unregistered
Guest
 
Posts: n/a
Default

Anonymity or evidence on Gnutella Network.

In most countries evidence is required before an action can be brought before a person or organisation. Your ISP reporting xxGB of transfer on port x is simply not enough an analysis of the protocols and data is required. Bearing this in mind it does not matter if an allegation of ‘you downloaded a 3mb files and allowed x amount of people to share it’ they have to show what the file contained as it could have been your latest song, audio message to you friends, family photo album or a holiday video.

Enter Encryption. As an example I will use PGP but feel free to replace with your chosen method. When you generate your key pair you can also generate and register a KEY ID, as part of the Gnutella protocol a user can request that the file be encrypted using their KEY ID. The acting server can the lookup the public key and send the encrypted data to the client who upon receipt decrypts it using their private key and pass phase.

Who to trust? That is a difficult issue, but if you decide that the person is trustworthy you can add their KEY ID to your client, which automatically allows them to download files from you. I knock-on effect of this is you can remove people who just leach from you by banning their KEY ID. By storing the KEY ID as a text file in their shared files directory if their client is not configured to allow you to download from them, then you will not be able to send them the file that they have requested.
Reply With Quote
  #24 (permalink)  
Old June 26th, 2002
Apprentice
 
Join Date: June 18th, 2002
Posts: 6
fireforce is flying high
Default

It may work. But the network often has issues with speed right now, I fear adding encryption will only increase that issue. Not to mention programmers would have to learn how to build an encryption program. This is VERY hard to do. And if they have to make it, you then have people not skilled in crypto writing the software. Many security holes and tech issues will quickly arise. Sometimes its better to feel scared because you stay on your toes, rather than having a false sense of security.


Its like that old joke, It better to know no karate than know just a little. With no skill you wont pick fights or try to get into fights, but with some skills you will be just strong enough to get your *** horribly kicked.
Reply With Quote
  #25 (permalink)  
Old June 27th, 2002
Unregistered
Guest
 
Posts: n/a
Default

The wheel has already been invented once so the client could just call GnuPG to encrypt files add/get keys etc over the users (normal) network via a simple call to gpg --keyserver certserver.pgp.com --recv-key 0xBB7576AC.

Encrypting a file does not increase the file size (+- a few bytes) so the (Gnutella) network speed will not really be affected. User download time may notice a few seconds delay for the transfer to start while the acting server encrypts the file.

I suggested encrypting not out a fear of what is being shared but rather a mechanism to stop agencies claims that then network is being used for (insert what you share) as they will not be able to show in court that xxxGb of copyrighted material was transferred over the Gnutella network as without all keys to prove this you would be slandering Gnutella users.
Reply With Quote
  #26 (permalink)  
Old June 27th, 2002
Mini-God
 
Join Date: June 3rd, 2002
Location: Hell.. Literally
Posts: 241
Gamer is flying high
Default Re: Anonymity on Gnutella Network

Quote:
Originally posted by veniamin
All IPs should be encrypted. Like Xolox does for its HostCache data.
I wouldnt call that very well encrypted.. Ip is converted to 4sets of hex arranged in nbo order that are then replaced by common characters in the 0-127 range of ascii..
Reply With Quote
  #27 (permalink)  
Old July 19th, 2002
Disciple
 
Join Date: July 18th, 2002
Posts: 19
prh99 is flying high
Default

Quote:
Originally posted by veniamin


Well you are right but why dont make it a little bit harder for them.

In some packets there is an IP and a PORT, IP is 4 bytes long and PORT is 2 bytes. My thought is to take the actuall iport and encrypt it. The encrypted result should be 6 bytes so that we can put the first 4 bytes into the IP field and the last 2 bytes at the PORT field.

Servents dont have to encrypt/decrypt the packets all the time but only when it is neseccery ex: when we want to make a connection or download a file. I remind you that no ips should be exported visually in any servant. So the servants keep the encrypted data somewhere stored and when it needs an ip it decrypts it. The problem with this method is which encryption method should be used, what would be the password for the encryption, and finally that users with some knowledge of computers can still find an IP but ONLY for a connected servant. For example you can make a search for "faithless .mp3" and receive many query hits but you dont know which user shares what. Only when you try to download a file you can find that the user you are connected to is sharing this specific file and not a list of "illegal" files.

Old clients that dont support this method are not compatible. This is the right thing because otherwise someone could connect to Gnutella with an old client and still find/track all the IPs.

Any ideas?
Even if you encrypt the IP and port information people who write Gnutella clients that comply with the encryption could still make a client that makes the IP visible since gnutella is an open protocal. Not to mention people who write search monitors. The problem with encrypting the packets is you'd have to have public password so everyone could decrypt and respond to queries. On the other hand if you use public key encrypt then only the client with private key code decrypt the packet thus serverly limiting your search.
Reply With Quote
  #28 (permalink)  
Old July 21st, 2002
On Holiday
 
Join Date: July 20th, 2002
Posts: 185
Syfonic is flying high
Default

This may work but it also will not be easy and you need to think about all the work that will be involved in it before you begin.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
What posts belong in this General Gnutella / Gnutella Network Discussion section! Lord of the Rings General Gnutella / Gnutella Network Discussion 0 November 17th, 2005 06:54 AM
Accessing own network but not Gnutella network w_loun General Gnutella Development Discussion 5 February 27th, 2004 03:44 PM
Accessing own network but not Gnutella network w_loun Gtk-Gnutella (Linux/Unix/Mac OSX/Windows) 1 February 24th, 2004 07:38 PM
Should Gnutella developers work on measures to achieve anonymity on Gnutella? Joakim Agren General Gnutella / Gnutella Network Discussion 23 August 27th, 2003 09:18 AM
Warning to Gnutella developers: Design a system of anonymity or Gnutella is doomed Unregistered General Gnutella / Gnutella Network Discussion 16 June 28th, 2002 07:54 AM


All times are GMT -7. The time now is 11:37 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.