I don't know how to contact anyone directly and so will post my idea here.

Mute tries to achieve privacy by avoiding direct connections. I read the "how it works'' doc, and it does seem that mute should successfully keep users safe from lawsuits--however, it does it at the cost of speed and possibly other features.

I'm no network expert, but would it be possible to make an asymmetric connection protocol? In essence, search/download requests would go out on the network, not trying to hide the IP of the person who wants to download. This is because it's relatively safe to download--as I understand it, some place or other even deemed it legal.

When the user finds a download they want, sources initiate a connection to the destination computer, always spoofing/leaving the return IP address blank. In other words, the source can send directly to the destination. But since the destination does not know the IP of the source, it would instead route ACK or other network control signals, Mute-style, through the network. This would greatly ease the burden on the network, since ACK and other network control signals are very lightweight, low bandwidth, especially compared to what mute currently has to route through.

Of course, in order for this to work, spoofing must work correctly. Sadly, as I understand it, most/many types of internet service allow the ISP to know who really sent a packet even if the return address is spoofed or blank. They can theoretically then insert the correct return address before routing the packet on. The question then, is how often they do this in practice--and I don't know the answer to that question. Each host, though, should be able to perform a simple test to see whether they can successfully perform spoofing, maybe through a simple series of pings perhaps.

So, what do you think of this idea?

It can't be done. You can't just leave your IP address blank or spoof it. The computer receiving the packets always knows exactly who it is from.

kinda like sending mail without an address, or addressing a letter to someone expecting it to go to someone else.

thats beautiful cp..beautiful

Do a google on "IP spoofing".

This has been done before. In the letter analogy, it's like putting on a destination address, but not putting on a return address (or putting a false one). Thus, you could send someone a letter without them knowing who you are or what your home address is. The problem with this is that you can't correspond this way.

This, at least in the past, has been possible on computers as well. Your computer, when it handles network traffic, frames IP packets, TCP packets, UDP packets, etc. It is up to your computer to correctly fill in the entries in these packets including the destination IP address, and indeed, the source address. There is no reason your computer has to put in good values into those fields. Of course, if you put in a bad destination address, at some point the packet will be dropped. But at no point of the routing is it required that a correct source address is found anywhere in any of the packets.

In order to establish a TCP connection, it is true that you need a correct return adress. This is not true of UDP, since it is a stab-in-the dark protocol which does not guarantee delivery, and doesn't ask for ACKnowledgement from the other computer. But in order to make UDP suitable for reliable delivery, the programmer has to build a protocol on top of it, with again the return address being required.

But, in the case I talked about, you could build a protocol directly on top of IP, and you could send ACK packets and other network control signals (which are required for reliable delivery) back through a Mute-like network where they would reach their destinations and do their job even though the sender doesn't know where they are going.

But maybe you are right, and it wouldn't work. Like I said, I'm not an expert by any means.

But IP spoofing can be detected by your ISP. I belive most cable companies stop it.

But IP spoofing can be detected by your ISP. I belive most cable companies stop it.

That's what I was afraid of.

Anonymous P2P i dont think will ever really work that well outside small private networks like WASTE because people will just move to other things like usenet or irc instead. Because they will be just as good and much faster than any proxy or ip spoofing idea.

So you don't think there is a future in mass p2p? You may well be right, but I hope not!


The question then, is how often they do this in practice--and I don't know the answer to that question.

I wouldn't give up braingrunt. Now I have only heard this from one source, but I think that it is only cable companies that can detect IP spoofing. A/DSL companies can't and I don't know about internet through electricity cables.
Perhaps if the application spoofs the IP unless it can't, then people would be safe. RIAA nodes will not know if it is spoofed or not.
There are questions to answer with this:
Can anyone spoof?
Can you either spoof or not, or do ISPs only sometimes check?
Do you need to change the IP address attached to all outgoing packets? If so this would screw up your internet!

But IP spoofing can be detected by your ISP. I belive most cable companies stop it.

Well, actually reports from ES5 PXP users (which does allow source address spoofing) indicate that many big ISPs in fact do not block spoofed source addresses. The biggest problem seems to be home routers and NAT that are not compatible with spoofing. The good side in spoofing compared to proxy-node-network is that it is direct upload thus no speed drop compared to conventional P2P.

So you don't think there is a future in mass p2p? You may well be right, but I hope not!

No i didnt say i think that is the future which i doubt it. My point is that people would just migrate to other places than to use some slow proxy system or "anonymous p2p" that has alot of overhead assuming if it works at all and not one of these systems has been able to stand the test of time and actually proven to work other than in the marketing pitches and on paper.

So im extreemely skeptical of them especially since they seem to like to promote it and get users and hype it up before they release a final and its proven to work.

Well, actually reports from ES5 PXP users (which does allow source address spoofing) indicate that many big ISPs in fact do not block spoofed source addresses. The biggest problem seems to be home routers and NAT that are not compatible with spoofing. The good side in spoofing compared to proxy-node-network is that it is direct upload thus no speed drop compared to conventional P2P.

I don't think the merits of pxp have ever been discussed hear. Threads have a nasty habit of not lasting long when the implementing program is mentioned.
So without all the propaganda we would face if we went to the source, how is it claimed that it works?

Do you need to change the IP address attached to all outgoing packets? If so this would screw up your internet!
I've never heard of this, how would it screw up your Internet?

Well I would push the two opposite corners closer together, reach out with my index finger and drag in one of the stray corners. After turning it 180 degrees, I would squash in the remaining corner and roll the whole lot into a tight ball in the palm of my hands.
Following this, I would throw the newly formed ball in the correct direction and volcity to pass through the toy basketball hoop and into the bin below.
Or is that a piece of paper?
If you are serious, I mean that if you are either spoofing or not, then when spoofing for p2p, you will also be spoofing webpage requests. You therefore wont be able to use the internet when using the p2p program.

I mean that if you are either spoofing or not, then when spoofing for p2p, you will also be spoofing webpage requests. You therefore wont be able to use the internet when using the p2p program.
Spoofing doesn't affect other programs.

ok, but do you know how pxp works?

ok, but do you know how pxp works?

A bunch of people claims it works, puts each other on pedistals like they are doing some great service which they arent, and start leeching off all other networks using the reason that they need to leech as much content as they can because those networks will "die" which is complete bull.

ok, but do you know how pxp works?

pxp?
what does pxp stand for?
enlighten us?

It is the new system that a certain p2p program claims to use for anonymity instead of proxies. PXP stands for Proxyless eXchange Protocol, but that is about all I can find out about it.
As part of the PXP release, the program now leeches from several other networks (as Seph mentions) and provides extra protection from detection by network administraters. This final point has already been overcome by groups who try and detect p2p traffic, so it is now just an extra overhead on the network.
What I am interested in is how pxp claims to provide IP anonymity without the use of proxies.

It is the new system that a certain p2p program claims to use for anonymity instead of proxies. PXP stands for Proxyless eXchange Protocol, but that is about all I can find out about it.
As part of the PXP release, the program now leeches from several other networks (as Seph mentions) and provides extra protection from detection by network administraters. This final point has already been overcome by groups who try and detect p2p traffic, so it is now just an extra overhead on the network.
What I am interested in is how pxp claims to provide IP anonymity without the use of proxies.

yeah coincidentally i found out what it meant. have u tried it yourself mal?
if so u wanna u know tell me what u think of it ?

EDIT: No I havn't tried the PXP release, last time I installed that program it was disarster. I just want to know how it works.

EDIT: No I havn't tried the PXP release, last time I installed that program it was disarster. I just want to know how it works.

Well, the head programmer posted a pretty good description of it on Slyck forums sometime ago. Basically it binds a dummy network interface with a fake IP address to your system and uses that on sends. I guess the searches and the necessary loopback traffic is proxied trough other PXP nodes. It's naturally based on UDP.

-edit- Found it so here's a quote from that post

There is an alternative that doesn't use proxies but uses ip spoofing.

1) Server sets up fake ip address (adds another address (fake) to its LAN adapter, easy to do). Does not require HDR_INCL TCP support.

2) Server advertises its files to Supernode but Supernode stores 9 fake addresses along with one real address of Server

3) Client finds file, and receives 10 addresses. Client requests large segment of file to all 10 addresses.

4) Server answers request from fake ip address.

5) Traffic control etc done by method similar to 3. Protocol is optimized to require as little backtraffic (client to server) as possible.

5) Client never knows real ip address with certainty enough to file lawsuit, but gets file.

Some people cannot ip spoof for various reasons, however, the large number that can ip spoof discredit ip addresses in the entire network. After suing a few innocent grandmothers and 5 year olds, attacker gives up.

Theoretical? No, this is called PXP and is actually working on one particular P2P application.