Gnutella Forums  

Go Back   Gnutella Forums > Gnutella News and Gnutelliums Forums > General Gnutella / Gnutella Network Discussion
Register FAQ The Twelve Commandments Members List Calendar Arcade Find the Best VPN Today's Posts

General Gnutella / Gnutella Network Discussion For general discussion about Gnutella and the Gnutella network.
For discussion about a specific Gnutella client program, please post in one of the client forums above.


Reply
 
LinkBack Thread Tools Display Modes
  #31 (permalink)  
Old June 28th, 2002
Morgwen's Avatar
lazy dragon - retired mod
 
Join Date: October 14th, 2001
Location: Germany
Posts: 2,927
Morgwen is flying high
Default Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed.

Quote:
Originally posted by Vinnie
You mean the one where everything is opt-out?
Oh yes I expected this... the standard exuse...

They are checked by default right? And you know the most people install what is checked because they think they NEED these progs, and if you start now to tell me something that this is mentioned... you know exatly that the most people don´t read the terms, so you provide these Spyware crap to a large number of user...

And I have read your plans to FORCE the people to buy the PRO version:

http://www.bearshare.com/forum/showt...0&pagenumber=1

And now tell me why the people should use your advertising client, if they can better clients for free - like Gnucleus, Shareaza or soon Xolox!

Quote:
Not to worry - if the situation gets out of control we will move the secured features to a second, parallel private Gnutella network
This really sounds to me like you planed it well and for a long time, like I said it several times! So you want to leech from the Gnutella net as long as possible and if the net is destroyed you switch to your private net... Vinnie this sucks hard!

Morgwen
Reply With Quote
  #32 (permalink)  
Old June 28th, 2002
Unregistered
Guest
 
Posts: n/a
Thumbs down Bearshare is splitting Gnutella

to give it a name.
Reply With Quote
  #33 (permalink)  
Old June 28th, 2002
Unregistered
Guest
 
Posts: n/a
Default Re: Bearshare is splitting Gnutella

Zeropaid has it too:

BearShare Blocks other Gnutella Clients
After months of badmouthing and disadvantaging other clients here is it finally. From Bearshare.Net: "You can choose to receive all query replies, downloads and uploads only from other BearShare clients". In clear works again: Bearshare is splitting the network! Remember the words from hackmaster Dr. Damn: Be nice and play fair. Uninstall BearShare.

http://www.zeropaid.com/news/article.../06272002g.php
Reply With Quote
  #34 (permalink)  
Old June 28th, 2002
Unregistered
Guest
 
Posts: n/a
Question Skins for Gnotella 1.05

I have Gnotella 1.05 and can't find any skins or information on it, what happened to Gnotella and how come it is no longer supported?
Reply With Quote
  #35 (permalink)  
Old June 28th, 2002
Unregistered
Guest
 
Posts: n/a
Default Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed.

And now tell me why the people should use your advertising client, if they can better clients for free - like Gnucleus, Shareaza or soon Xolox!

You shouldn't use anything, unless you want to; no one is forcing you. Like you said, their are other clients out there. Use the one you like and get on with your life (or get a life), instead of argueing about trivial things.

So you want to leech from the Gnutella net as long as possible and if the net is destroyed you switch to your private net...

BearShare can upload and connect to every other client, so it isn't leeching off of anything. The only difference is if the rest of gnutella dies, BearShare users would have something to fall back on.

Of course ssh, SSL, PGP and all good commonly used secure protocols or hashs are available as open source. So why security by obscurity?

Even though the source to generate the encrypted data is available (ssh, SSL, PGP), the encryption algorithms are soo strong that it would take a LONG time for anyone sniffing the traffic to figure out what the data is. By the time they could crack the encrypted data, the encryption system would probably be changed and they have to start all over. You would need the special key to decrypt the data immediately.

This is the problem faced on gnutella when using a key-pair (private/public key) system. If you have an open source client that contains the keys needed to decrypt/encrypt the data... anybody can take the source, rip the keys and then decrypt/encrypt whatever they want. This is where security through obscurity comes into play. If others don't know the keys, don't know how the security works... it will be hard for them to crack. Otherwise you just go on blocking hundreds of IPs, or develop a centralised control system. This is not good.

These secure channels aren't the best solution, nor are they an absolute form of protection... but it's something! Does anyone else (Morgwen, Moak) have a better (non-proprietary) solution that everyone could use? No? That's what I thought.
Reply With Quote
  #36 (permalink)  
Old June 29th, 2002
BearShare Developer
 
Join Date: May 25th, 2001
Posts: 163
Vinnie is flying high
Default Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed.

Quote:
Originally posted by Unregistered
Of course ssh, SSL, PGP and all good commonly used secure protocols or hashs are available as open source. So why security by obscurity?
"Security through obscurity" is a phrase being tossed around by those who don't really understand much of anything.

There is nothing obscure about the techniques that BearShare uses to digitally sign query hits or require challenge/response authentication in host connections - they are all built from sound, proven cryptographic primitives that are published and well documented.

If we were using obscurity, we would have made up our own cryptographic algorithm - this would be a poor choice.

So when you hear someone say "security through obscurity" in the context of BearShare, this is clear sign that they don't know what they are talking about.
Reply With Quote
  #37 (permalink)  
Old June 29th, 2002
Anonymous
Guest
 
Posts: n/a
Default Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed.

Quote:
Originally posted by Vinnie
There is nothing obscure about the techniques that BearShare uses to digitally sign query hits or require challenge/response authentication in host connections - they are all built from sound, proven cryptographic primitives that are published and well documented.
that's an obvious lie. Vinnie, we are not all unskilled users. Your encryption sheme is proprietray and undocumented, no other GDF member does use it. Commonly known as security through obscurity.

Quote:
So when you hear someone say "security through obscurity" in the context of BearShare, this is clear sign that they don't know what they are talking about.
you need a little bit more then insulting or badmouthing open source software. Please read the thread on Zeropaid (link above). It explains why so called secure channels can not work, why it's a pure marketing gag.

I know Vinnie tries to give himself an übercoder attitude. He likes to talk about multithreading, completition ports and encryption. All sounds great for unskilled users but after a closer look it's marketing most times. The so called secure channels provide no security in real world, they split Gnutella.

Quote:
supported by a private anchor server which accepts no incoming connections and cannot be attacked.
LOL Vinnie, I'm sure any server without internet connection can get a great NSCA firewall certification. Oh wait I have a even better idea, switch off the server, it's totally secure then and can not be attacked.
Reply With Quote
  #38 (permalink)  
Old June 29th, 2002
Anonymous
Guest
 
Posts: n/a
Default Re: Bearshare is splitting Gnutella

Quote:
Originally posted by Unregistered
These secure channels aren't the best solution, nor are they an absolute form of protection... but it's something! Does anyone else (Morgwen, Moak) have a better (non-proprietary) solution that everyone could use? No? That's what I thought.
yes, this is not even ONE solution, "secure channels" do not work! The Zeropaid thread explains why Vinnie's "secure channels" are an illusion.

I wonder what Vinnie has thought, if he did consult a lawyer before? I have the suspicion that "secure channels" have nothing to do with security, they are a secret attempt to split Gnutella into smaller proprietary network$.

Money not security.
Reply With Quote
  #39 (permalink)  
Old June 29th, 2002
Gnutella Muse
 
Join Date: February 3rd, 2002
Posts: 186
mrgone4662 is flying high
Default Re: Re: Bearshare is splitting Gnutella

Quote:
Originally posted by Anonymous


yes, this is not even ONE solution, "secure channels" do not work! The Zeropaid thread explains why Vinnie's "secure channels" are an illusion.
Actually, despite the various breaches possible with different encryption schemes that thread brought up none of them. The only thing relevant that was shown there was some **** anonymous poster jumping to the conclusion that everything was dependent on the EULA alone. Talk about insecurity



[No insults please]

Last edited by Morgwen; June 29th, 2002 at 07:05 AM.
Reply With Quote
  #40 (permalink)  
Old June 29th, 2002
Anonymous
Guest
 
Posts: n/a
Default

insulting is low, moderators please have a look on it.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Nigerian letter WARNING 21637 Open Discussion topics 0 June 18th, 2005 02:05 AM
two letter bands jazzbluevr6 Download/Upload Problems 1 May 19th, 2005 01:57 PM
How long before you recive a cease and desist letter pttrpg General P2P Network Discussion 3 October 9th, 2004 11:12 AM
Xolox to cease 1st December ??? weebil Support: General 1 November 29th, 2002 01:45 AM


All times are GMT -7. The time now is 03:57 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.