Defeating R.i.a.a Spying Methods Discussed Here-Security

**esecallum** · April 17th, 2007, 03:42 PM

Defeating R.i.a.a Spying Methods Discussed Here-Security
I am giving you a link to a very informative source.

http://www.hackingiswrong.org/archiv...riaa-FINAL.htm

This article is very hard to find on google.

it shows up as a dot like this on a query like "defeating riaa bots" :- .

Other methods to defeat riaa spying would be to encrypt the files before sending it and sending a key to decrypt via email like hotmail/yahoo.

This swould make it impossible to for snoops to see what file is being traded.

The key for decryption can be sent to a free email address like hotmail/yahoo/gmail etc...

This process can be automated easily too in a single application.

The best part would be to add a random amount of padding to every file being encrypted or sent.

so even the riaa downloaded the same file to check they could not be sure it was the file that john doe or joe blogs had downloaded/uploaded.

all we need now is someone to write this fairly simple application.

feel free to pass this idea around to a programmer.

This idea combined with the ideas at this url:

http://www.hackingiswrong.org/archiv...riaa-FINAL.htm

could make for a secure network.

what do you people think?

**mountain_rage** · April 17th, 2007, 03:55 PM

Well first off both your links do not work. Second your idea would only work if your sharing with someone you know, and even then theirs no reason to do it. The reason I say this is that if you are putting the file up on a public network, the person receiving it needs the key to unlock it. This key along with the file would have to be made public in one way shape or form. So as soon as the RIAA has downloaded the file, they will unlock it with the key you automatically sent them. Now they have the file and your IP adress. So basically they could still sue you. All this technique would really be useful for is breaking packet shaping ISP's, it is next to impossible to monitor well encrypted files.

To make yourself anonymous with the RIAA you need to use a system that routes you through other users with encrypted content and the key being sent via other users so all the parts are from different people with the source being unknown to the receiver. This is currently being used in some file sharing networks but is very slow and generally not a popular method for file sharing. This will be a promising system once the internet speeds up.

**esecallum** · April 18th, 2007, 03:50 PM

Originally Posted by mountain_rage

Well first off both your links do not work. Second your idea would only work if your sharing with someone you know, and even then theirs no reason to do it. The reason I say this is that if you are putting the file up on a public network, the person receiving it needs the key to unlock it. This key along with the file would have to be made public in one way shape or form. So as soon as the RIAA has downloaded the file, they will unlock it with the key you automatically sent them. Now they have the file and your IP adress. So basically they could still sue you. All this technique would really be useful for is breaking packet shaping ISP's, it is next to impossible to monitor well encrypted files.
.

NO.

read what i wrote above.

The file is encrypted and a RANDOM AMOUNT OF PADDING IS ADDED TO VARY THE FILE SIZE.

no pulic key is involved.

the decryption key is emailed to the receipant.

so if A is file sender to B and B decrypts it with his email then C gets that same file with a different amount of padding then C cannot say that B recieved the same file THAT C RECEIVED FROM A.

the linkes work here.

it should be in googles cache and you can find by using "defeating riaa bots"

http://www.google.co.uk/search?num=1...G=Search&meta=

http://www.hackingiswrong.org/archiv...riaa-FINAL.htm

do you see?

**drtoker** · April 18th, 2007, 05:44 PM

the padding or whatever doesn't matter.
as long as the copyrighted material is present in all copies, and the riaa can extract said material, then your still screwed regardless of dummy data.

And either person A needs to know person B, so that B can get the key, OR, EVERYONE can get the key (including the riaa). You can't have it any other way...

**millshalf** · April 18th, 2007, 06:50 PM

or you could use some darknet program like WASTE. it encrypts all connections, can pad them with random data, only people you know can download, etc. and if you REALLY want, you can add some passkey to your files. there, the riaa or any other industry wont have any idea what ur doing.

**meyou123** · April 18th, 2007, 07:33 PM

Want secure? Try newsgroups and just leech. That is about as secure as you are going to get...and even then it is not 100% safe...NOTHING is!

**mountain_rage** · April 18th, 2007, 07:37 PM

Yes your saying to send some dummy file so they can't prove that what you sent them is part of the encrypted data, but with the key, the IP addresses and the decrypted file they could reassemble the pieces and find out who sent what, what was part of the file and sue you for sending it. All this would do is put a bleep in their plans. Its simply only use full for preventing packet shaping.

**DigitalJunkie** · April 18th, 2007, 08:00 PM

esecallum,

The only way, is to use your own private network. Where you know everyone you know & trust, and not to invite anyone else on your network. But, in this case, you don't need encryptions & padded junks on your files anyway!