I am looking for a P2P program that is reasonably anonymous. I do understand that nothing is completely anonymous. I am not looking to spend any money for my privacy either. Could somebody lead me to the lighter end of the tunnel. I tried EarthStation5 (that program is buggy...don't like), and I tried to install freenet (wouldn't install...some error about downloading the java...jre...whatever). Never attempted Blubster, because it says on C-Net that it contains spy/ad-ware. I want to share, I am on a 56k connection(I know..I know...sux!), I do have a software firewall. But I do not want to be known, captured or recorded as sharing and/or recieving anything. What's the solution? :mellow

you can get a clean version of blubster at

www.drdamn.com

you want anonymity?

unplug your modem and go buy cds with cash

for an added level of security, kill everyone who you meet on the way, and the cashier

listen to the cd in a cave, and fake your own death

live off of small insects and berries and drink rainwater collected in your tinfoil hat

Are you looking for movies or music?

the best way to have anonymity and still dl mp3's is to use clean blubster from dr. damn's website. you can also use stuff like klite, just disable sharing ;) hey, people will be mad at you, and you'll get dc'ed by a lot of people, but if you want anonymity, it's the easiest route to take.

Originally posted by notbob
you want anonymity?

unplug your modem and go buy cds with cash

for an added level of security, kill everyone who you meet on the way, and the cashier

listen to the cd in a cave, and fake your own death

live off of small insects and berries and drink rainwater collected in your tinfoil hat

Again, your responses always seem to make me laugh...

Keep em coming notbob

I suggest clean Blubster and Clean Imesh, both of which are available at Dr Damn's web site.

blubster just seems to do what you could already do in k-lite, and that is prevernting people from browsing your shared files. it still doesn't seem to provide any anonymity beyond that.

Originally posted by notbob
you want anonymity?

unplug your modem and go buy cds with cash

for an added level of security, kill everyone who you meet on the way, and the cashier

listen to the cd in a cave, and fake your own death

live off of small insects and berries and drink rainwater collected in your tinfoil hat

Thanx...I didn't think of that. :mellow

Originally posted by dimmak
blubster just seems to do what you could already do in k-lite, and that is prevernting people from browsing your shared files. it still doesn't seem to provide any anonymity beyond that.

*sigh* complete idiot...

i doubt you even have blubster. you can browse user's files in blubster/piolet. and piolet is better than klite bc it uses udp. so for a first post, that sure wasn't a very bright one.

Blubster encrypted transfers and breaks it up into pieces and bounces it off other people. Get clean Blubster. Don't disable sharing. The best thing to do is only share about 100 files. Most of which should NOT be top 40 songs and you'll be ok.

Jenn I can help you install Freenet.

However the best Advice I can give you at the moment, is to wait for the next major Freenet Release which includes NGrouting.

IF you absolutely must share files within these next couple of weeks, Waste is a secure option,

Otherwise have patience, if you want to help speed things up you can donate some money, otherwise its going to take a few weeks to a month for the P2P community to come up with a response to the RIAA's threats. Programming takes a LONG time.

uh, anonymity doesn't exist......but you can get really close.

avoid the fasttrack network (imesh, kazaa lite, etc) unless you plan to leech or are sharing obscure stuff thats either foreign, you own the copyright to, or is at least 10 years old. don't share the current movies. You should be safe with Jurassic Park I or II, but not Leauge of Extraordinary Gentlemen. you know what I mean.

bittorent's ok, but not for sharing......yes your ip is visible, but they can't can your ass for just downloading, sharing is where you get in trouble.

the above goes for pretty much any network...... except for opennap/winmx, if you leech there and you want to download off of me, I'll cut you, and ban you if necessary. :hole

as Lucian said, waste is good. just make sure you're friends with the people that have what you want.

newsgroups are great, you can leech all ya want and no one will care, its as if you aren't there. it has a lot of variety, but you may have to be patient. it takes a bit of a learning curve, and if you've never used anything more complicated than kazaa you'll have a bit of a time, though its not rocket science or anything.

erm yeah, or you could wait for ESV to iron out all the bugs, which may take a while.

I'll shut up now.

Originally posted by Caitlyn Marble
uh, anonymity doesn't exist......but you can get really close.


bittorent's ok, but not for sharing......yes your ip is visible, but they can't can your ass for just downloading, sharing is where you get in trouble.






do you understand the concept of bittorrent ?
u u/l (share) the parts that you have already d/l thats why ppl are getting warning letters who use bt its just as transparent as kazaa only a small chance of getting busted but just the same as any fasttrack client

GNU Net is going to be like a mix of Bit Torrent, Freenet and Waste.

It will be impossile to monitor, files wont actually be on the network, only the sender and reciever will have the full files, all the transfers will be in bits and pieces, files get encoded and encrypted so even if the RIAA gets all the peices they'll never know what it is.


Its not IP annonymous but its impossible to figure out whats going on. I personally am waiting for GNU Net because I think its the most secure network coming out. It has the security features of Waste, the searching abilities of Napster, and the annonimity of Freenet.


Heres some of the things developers are talking about on the mailing list. This is what the plan to implementt

A URL scheme for shared files, so they can be linked to from within hypertext
documents

A hypertext browser that makes use of GNUnet for transport and the above URL heme (Please, no HTML though. This project is all about reinvention for
robustness and learning from mistakes of the past--there's no good reason why
one shouldn't abandon the cruft of the browser wars and embrace
XML/XLink/XForms -> XSLT -> display.)

Seems like they are actually talking about reinventing the web

Also it has chat features already

You can see some of the talk here at the mailing list
http://mail.gnu.org/archive/html/gnunet-developers/2003-06/msg00043.html


What seems exicting to me is the possibility that they wont decide to intergrate this with the current WWW and simply might create a new and improved WWW. If they do this, they'll most likely include a browser with the program itself, although I dont really know how useful that would be because from what I hear their network is too slow to actually browse at a respectable speed. I assume however if you wish to view text or images, you'll need these features because P2P programs dont really support text and images too well.

no one wants to download a .doc file, or a .html file from kazaa.

Some related projects
http://www.nongnu.org/gproxy/
http://www.ovmj.org/GNUnetCurses/
http://www.peek-a-booty.org/pbhtml/index.php

IRC dbaseiv.net:706 #GNUnet.

Who's developing GNUNet? Are you sure the RIAA can't track your IP?

Let's say they go and download a file "Fizzle Televizzle" and they get the files from someone's IP (let's say mine) XX.XXX.XXX.XX, can they pin me for sharing the file even though the piece was just getting bounced to them?

Its impossible. GNU Net is a trust based system which means only those who share files will gain the trust of other nodes in the network.

Without sharing files you dont get a good rating, and I highly doubt the RIAA is going to flood GNU Net with legit files. If they flood with fake files people will give them a bad rating, if they flood with legit files everyone will trust them but then they'll be distributing their files.

You cant really get someones IP address in a trust based network unless the network trusts you, no ones going to trust the RIAA,


Example lets say you do share a file in the network. Lets say I'm the RIAA and I decide to download a file from you, you see I have a trust rating of 0 or whatever because I've never shared anything with anyone else, connection closed.

Now lets say I'm the RIAA and I'm sharing a few files, you downnload a few files from me, my trust raiting goes up, now all these people have the same files, less people download from me, my trust rating begins to go down, and even if I sue all these people they can claim their CDs were trashed and they were downloading a backup.

Its difficult to sue someone for downloading, its easy to sue someone for distributing. GNU Net makes it impossible for the RIAA to see what files you are distributing, in fact they wont even be able to connect to you without distributing.


The only way around this might be for them to distribute porn or legit files to improve their rating, then try to search peoples computers.

Once again though, I'm sure everyone will know its the RIAA because they will be offering everything but popular music files


Also your trust rating rises based on how much content you share. Which means the guy with the 300 gigs of MP3s, will have the highest trust rating.

The RIAA with the 0 gigs of mp3s will have too low of a rating to connect to the guy with the 300 gigs of mp3s..

The RIAA will end up connecting to peopel who have maybe 1 mp3, or 0 like them.


The logic in this basically says this. If you want security, offer more content to the network, if you are a leech, you have no security.

Thats a perfect system if you ask me.

And the way the files are sent, in little bits and pieces, the chance of the RIAA ever finding out who has the original full copy, is like 0%

You have the full copy, but everyone else is just sending bits and pieces, this fools the RIAA if they try to have ISPs look at traffic to see what kinds of files are being sent.

Then you can claim you were browing the web and no one will ever really know you were downloading a movie.


Also with GNU NET it supports UDP, so they could actually make it completely IP annonymous meaning there will be no IPs, people will just bounce files around based on a key.

a Key which could look like random gibberish but really be your IP

#EWRQWERR)@!#O)#O!@!@!#SAFA

That could be your IP, and the file could send to that using UDP.

ISPs would never really know whats going on, they'd see random pings hitting you back and forth and just assume its a game, or some random internet traffic.

You can see more about how it works here
http://udpp2p.sourceforge.net/
http://fling.sourceforge.net/wiki/index.php?page=DesignPrinciples

one word

netstat

if someone is connected to you, their IP will be there

unless gnunet has completely reinvented tcp/ip, which i doubt

Example lets say you do share a file in the network. Lets say I'm the RIAA and I decide to download a file from you, you see I have a trust rating of 0 or whatever because I've never shared anything with anyone else, connection closed.

Wouldn't that also mean new users wouldn't be able to download (for the most part maybe?) until they upload some stuff first? Even if they have shared files, they've never had the opportunity to share with anyone else. What about people who share special or obscure stuff thats targeted to a smaller audience (aka not common shit). They might not get an upload for a while. New users (aka, former Kazaa "users") would get impatient and leave.

i would suggest that you use clean blubster from :::drdamn's website::: (http://www.drdamn.com/) and then get peerguardian from :::meth's website::: (http://www.methlabs.org/) !! this will make u be anonomous! or u can try out the new kazaalite 2.40 from wut i hear it is really anonomous and is almost riaa proof!:fire :fire :fire :fire :fire

unless gnunet has completely reinvented tcp/ip, which i doubt



It uses UDP. You cannot trace UDP packets, try it and see.

UDP is not TCP.

Wouldn't that also mean new users wouldn't be able to download (for the most part maybe?) until they upload some stuff first? Even if they have shared files, they've never had the opportunity to share with anyone else.

Newbies can upload to each other until they get established.

if you have files people want, people will connect to you, and your rating will improve as you upload more files.

Only newbies will have to worry about RIAA traps and stings.

What about people who share special or obscure stuff thats targeted to a smaller audience (aka not common shit).

Those people wont have to worry about the RIAA now will they? The RIAA isnt looking to get people for sharing obscure indie music They are trying to stop you from sharing Eminem

New users (aka, former Kazaa "users") would get impatient and leave.



Leechers SHOULD leave. Kazaa users who actually share files that matter will stay.

If you go on GNUnet thinking you can share something goofy like some poetry you wrote, people wont download from you, and you wont benefit from the security features. You can still share files, you can still download obscure files from people with low ratings.

Example, lets say me and you are both newbies, you offer obscure files, and I offer gigs of popular mp3s, you can still download from me because we are both newbies with the same rating, as you download from me however your rating goes down. So instead of having a rating of 0 like me, now you have a rating of -0 while I have a rating of 1 and so on.

Now, as you have more popular files on your system eventually more people will download from you, and your rating will go up as other newbies with lower ratings download from you.

Over time as your collection grows you'll gain more security. If you just share one or two files however, expect to get sued by the RIAA because you wont have much security.

This is good because it prevents leeches like you from going on the network and wasting bandwidth with files no one wants while trying to download big movies.

Kazaa tried to steal this rating system idea from GNUnet and they failed because they designed it after the fact instead of designing a system around it this made it easy to crack.

GNUnets system you will not be able to crack, so if you dont share files which dont matter to the network, you wont be protected by the network.

Originally posted by Lucian
It uses UDP. You cannot trace UDP packets, try it and see.

UDP is not TCP.

netstat shows udp connections too

try it and see

udp is not some sort of magic bullet

Originally posted by Lucian
It uses UDP. You cannot trace UDP packets, try it and see.

UDP is not TCP.
Non-connected UDP sockets will not show a remote/foreign/destination address under netstat. Under windows all you'll see is *.* meaning "anywhere and everywhere and no specific destination". If you do netstat -an right now you'll probably see several UDP sockets that look just like that.

You can connect a UDP socket but that is an optional feature that really only sets a "default" destination for UDP packets and allows you to use the send() function instead of sendto(). If you are communicating with only one other destination with a UDP socket, you might as well just use TCP.

However, it is easy to use a packet sniffer and reveal UDP traffic. At that level, it is no different to look at than TCP really.

There is a lot more to GNUnet's security than merely the fact they are using UDP.

you can still download from me because we are both newbies with the same rating

That was the only part that mattered to me. Thanks for clearing that up.

This thread gets a Krells Two Thumbs Up award. It is informative, yet simplistic, and well put forth.

With the exception of the post by mp3MaStA88, it is accurate and meaningful dialogue. The explanations are easy enough for the less technical people to get a nugget from, and no full page rants. I would like to see the inclusion of a few screen shots tho for some of the more sophisticated examples, and the simple steps so newer users can follow along and learn.

Great job.

One question that I have about the Trust Ratings, is if a known enemy such as the RIAA can have their IP address ranges or user names forcefully set to NO trust and replicated thru the system?

Krell thats a good question, I have to do more research on trust based systems.

I made another post about it, maybe some people in the forum here can figure out ways to break it.

Heres what I'd assume would happen, lets say the RIAA did decide to connect to the system with negative trust ratings to download from newbies, as soon as they download a single file their rating will go down, so while they may be able to sue a few newbies, its going to cost them alot of money. They will need a new IP address for each newbie they sue.

The only way around it may be, if they can figure out a way to trick the system. Maybe if they uninstall the software and then reinstall it in an attempt to get a fresh 0 rating again.

This would be like going to Ebay, tricking alot of people, and then closing your account, making a new one, and doing it all over again. Yes its possible but its very time consuming and it would be impossible to automate this process with a computer. The RIAA would have to literally hire people to do stuff like this. Or they could give awards to people who report copyright infringement (this is something no security feature can stop)

You cant really stop them, you can just make it so expensive and time consuming that they'll waste thier fortunes quickly by trying to do it. You make it expensive in time and money.

Their is no point in hidding under a rock. If they come after me it's going to be a joke i don't know what i have that would be worth anything, shi t if i go to jail at least ill have 3 straight meals a day

Very interesting.

:shy

Think about this when you use a P2P app.

Your IP Address is the network equivalent to the address your home has. It's how data gets to you. It's possible to make your IP address more difficult to read, but If you completely stealth your IP address from everyone, no data would ever get to you, making it impossible to use networked applications.

Another thing to consider. While most P2P applications are beginning to go to a distributed server setup for searching of files, the moment you begin to download a file, or even parts of a file in the case of something like eMule, you are making a direct connection with that other machine, and therefore have to give your IP address to them.

Proxy servers hide your IP Address from other P2P clients, by acting as a go-between in the middle of you and the other computer. However, that still doesn't prevent organizations from acting against the proxy server owner and using his logs to start tracing people back. Additionally, P2P traffic is far heavier than mere web traffic, so few proxy servers will willingly host all that bandwidth while making themselves a target for the RIAA/MPAA.

So if you're really paranoid...go out and buy the CD.