Ants Forum open

Discussion in 'File Sharing' started by AussieMatt, Nov 16, 2004.

Watchers:
This thread is being watched by 5 users.
  1. AussieMatt

    AussieMatt Expatriate Australian

    Here we can Disscuss ,bitch and moan about Ants without interfering with other the other topics and threads .

    Thier has been alot of disscussion on various p2p forums regarding Ants and some people are against it becuse they are still burnt by Earthstation 5 and its annominity claims so be carefull when posting on forums if you are a supporter of proxy chains,crytography and ant based routing protocol ,and be informative if you can when trying to discuss ANts .

    Lets make this forum have Inteligent well thought out dicussion without flaming and my p2p is better than yours threads

    Some claim its not anonymous but they forget annonymous dos'nt mean invisable.

    Ants may not be what you are used to in p2p its heavilly in development and its beta software it may not always work with the current version.

    Grwen the developer dosnt care much for GUI improvments at this stage so you wont get a new GUI till you help develop it or he gets everything he wants done protocol wise and fixes up the bugs then you might get your Pretty GUI in Ants

    If you find bugs ,you work out a exploit or want to know somthing post it @sourcefoge or here .

    Grwens Ants Homepage
    http://www.myjavaserver.com.nyud.net:8090/~gwren/home.jsp?page=custom&xmlName=ants

    Ants Sourceforge Page
    http://sourceforge.net/projects/antsp2p/


    Ants Project description

    Abstract

    The main problems of the 2-nd generation p2p nets (as well as the 1-st one) are two: the complete lack of privacy and data protection and the lack of structured queries. Doing queries over the net we can see who's connected and what he's sharing. This is not acceptable if we care about our privacy... furthermore we usually have many problems in finding what we are looking for: queries support in common p2p system is usually not-stuctured and exact text-matching based, so we cannot exploit SQL-like features (join and so on...) over the net data-set. This project tries to resolve both the problems.

    The privacy problem

    It faces the privacy one breaking the ebsence of p2p... I mean a connection is not anymore point 2 point in the strict sense... the peers are virtual peers over a virtual net, so when we are requiring a resource over the net, our request is routed through many points utill it reach our peer. The peers are not anymore identified by ip... the have a unique ID produced hashing infos from their time and their location (this yields a unique hash). So a client now knows only the ips of its neighbours (the other peers directly connected to it), but it doesn't know their ID, as only the same node knows its ID. So what about routing, how can a node route a message if it doesn't know where the destination is? Simple... a node will know which are the "best" direction to route a message to, but it will not know where precisely another node is. The routing protocol has been developed over studies on ants behaviour... ants do not know the precise location of their hive, they simply follow a track... the same happends in this system. So the more messages follow a track the more that track will be "strong", if a track produces many failures it'll fade out and it won't be followed anymore. This way we can achieve privacy over our identity, but what about the informations sent? They have to route through many peers so how can we protect 'em? The protection is realized at 2 levels... low level (against man-in-the-middle extern to our net) by crypting communication between each couple of directly linked points of the net, high level (against internal threats) crypting the communication between the two end points. At both level the security is granted using a DH-KA and DES or AES (negotiated at the beginning).

    The queries problem

    Another solution has been found for the query problem. Each query is distributed (in a non deterministic and sequential way) over a part of the net. It is processed by each node it passes and at last it is returned to the source following the shortest path. Each node can process operations more complex than the simple text-matching: we can support pseudo high level SQL-queries over the data-set reppresented by our partial explored net.

    Efficiency issues

    We talked about a wide spread net that comprises very etherogeneous kind of nodes (lan connection as well as 56k) how can we support efficiency? The routing protocol is studied to find the best path to route a message... but if the path is not present we cannot find it. So we have to create a well structured net with a sufficient number of "routing point" (I mean pseudo server point with high speed connection and high connectivity (about 30 peers connected). The peers don't need to know the address of these points... we can structure the service creating few (hidden) routing points and many access points. At the startup one can choose if becoming an access point or a simple peer, every group of people can also create their own net with routing points and simple peers (a very scalable system). Computer simulation over the routing protocol have shown its efficiency over both the cases: with or without many routing points... in practice the virtual net is a sort of neural network that learns during its life and distributes the traffic in the best way.

    About the IRC based connection system

    Is there any threat due to the IRC based connection system? Is it dangerous that my IP appears on IRC? NO! Because ANts Net and IRC net are two distinct nets and the first has nothing to do with the sencond. I mean, when you log on IRC starting your ants client you usually join a chat room. In the chatroom you'll find other peers, each peers in the channel runs a particular server at port 4568, this is called the address server. The address server is a sort of crawler that roams around the ANts net collecting the IPs of every node that has free slots for new peers that want to access the ANts net. So each node of the ANts net will manage a list of these IPs with free slots. Through IRC (by a simple message) you can obtain the address of a peer running the server and already connected to the net. Once you have the address of the address server you can query that peer for IPs you can connect to. Once you are connected to the ANts net you'll crawl the net too for addresses with free slot (I mean your address server), and other peers will crawl through your node. This cause no threat because giving back your address to a query does not give any info to other peers about your location or about the ID you are using. Also if you are the only peer connected to another, the other cannot know if you are the only peer connected or if other peers without free slots are connected to you (same as for normal queries... noone knows who really answers queries).


    MUTE: a similar system. Mute implements the same idea as Ants p2p using different routing protocols and discovery systems. Also the security policy is different as no endpoint secured connections are used (it uses only point to point secured connections). Main problems of MUTE are the lack of multiple downloads and of the resume system. Sometimes It can also result too slow even if it is used with a broadband connection (probably due to wrong routing policies...).
     
  2. Watchmen

    Watchmen say what?

    This is the biggest bunch of bullshit I have ever read..and I'm not normally a nay-sayer either...so I'll try to explain my disdain. Just going by the explanation you gave for how it finds other servers to connect to by logging you into an irc channel sounds like virus behaviour. I'm not saying the program is a virus but that logging you into an irc server creeps me out based upon previous knowledge of behaviour patterns for certain trojans and viruses that I've read about...irc has many exploits on it that can easily take advantage of unsavvy users.

    Just going on your description if I wanted to stop this application I'd target the network or channel that it connects to much the same as I'd do if I wanted to knock out a bittorrent site I'd take down its tracker..this how you wage war you cut off communications..so this immediately strikes me as a weakness.

    Kazaa for all of its jeers seems to have the best initial connection method by including a list of other peers to connect to inside its installer and storing these encrypted as dword values in the registry and refreshing this stored list immediately upon connection to the first peer you connect to on the network.

    If I wanted to 'sue' users I'd simply use the client connect to the irc network and get a list of servers to start checking...i'd also run a packet sniffer to see how it sends queries to the various nodes and then I'd emulate the string it sends when querying a node making the query an overly long string to create a buffer overflow and hopefully either crash server node or get some type of unexpected behaviour from it..dare I hope for it to spawn a shell and maybe give me some directory traversal?

    As for legality you are not a lawyer so whatever advice you offer others in regards to plausible deniability is irrelevant and only an opinion not fact.

    It seems using a file sharing application should be an illegal offense. This is the direction that the popular opinion among policy makers is taken recently no doubt influenced by megabuck corporations such as the riaa and mpaa to pass laws which would ultimately outlaw p2p applications.

    One of the largest problems with your 'defense' is that you say the person who is proxying data doesn't know the content of the data he is relaying. You have stated that this is the defense for ISP's.

    Yes for ISP's but not individuals...let me ask you this: how can ISP's offer newsgroups servicing such items and Windows 2000 Profession iso's and Office XP iso's without being sued?

    That question still hasn't been satisfactorily answered for me except I remember SlyckTom mentioning once that it was tolerated because of the way the data was stored on their servers as plain text documents..useless in and of themselves without being decoded by a newsreader into useable form.

    However If I look at the contents of a few binary groups on my isp with a newsreader and I see blatently 'Windows XP Profession.iso' or 'Microsoft Office 2000.iso' displayed in newsgroup client how can there be any doubt as to the content of what is being stored on the server..all one would have to do is download said warez to verify and validate its existence on said server..however it isn't the isp's that are being sued it is the individual's responsible for uploading the content to the newsservers who are prosecuted when caught which is typically why anyone uploading content of a copyrighted nature to a newserver typically uses a third party paid news service and a proxy to upload the content as opposed to using their own isp to upload the content directly.

    The problem with your argument about 'not knowing' the content of what is being passed along by you through the use of your client and bandwidth is that it doesn't matter. A dumb jury won't understand concepts such as proxying or peercaching...presumably an agent of the riaa/mpaa/bsa won't know or care either..if they download copyrighted or illegal content from the ants network they will look to whatever ip was the last one their client connected to in order to receive the data.

    The fact of the matter is your assumed guilty automatically by the very use of a p2p client..it won't matter if you knew what you were relaying or not...its called being an accessory to a crime or conspiracy to commit crime. In this case copyright infringement or worse child pornography depending upon who uses this network and how its used.

    The fact you cannot control the content you pass onto others means you could inadvertently being sharing child pornography without your knowledge and as most good cops will tell you, 'Ignorance of the law' is no excuse.
     
  3. AussieMatt

    AussieMatt Expatriate Australian

    You have to rember that IRC is just one of Ants bootstraping methods you can also use trusted peers ,the onboard peer cache once connected or with the JetiAnts version that uses your Jabber Buddy IPs for bootstraping .

    IRC acts the same as a webcache or superpeer IP cache and is more dynamic and acts more like a wireless network in ad-hock mode that Ants tries to emulate.Webcaches and superpeers have also been targeted with DOS attacks and takedown notices Also there are many IRC servers and channels you would have to target everyone on every IRC Server and Channel to see if someone was running a ants node .You dont even have to connect to IRC if you leave the channel field blank it wont connect :p.
    .
    Ants clusters can also operate independantly of each other they dont interconnect unless they bridge by way of connecting to another cluster by way of one of the above bootstraping methods.Once PGP keys (Using Bouncycastle PGP) are implimented into Ants you will be able to set up clusters that only have each others PGP keys .

    #ants-peers on azzura is only a testing point you can change the channel and server you want to connect to in the settings.

    The specific attack you mention is the classic man in the middle attack and has been adressed by Grwen and Ill quote his post on the MUTE Mailing list regarding the chages he made to secure agaist such attacks

    "
    ANts is now definitely secured against MIM attacks!

    A new node identification system is going to be implemented in a short: it will make
    computationally impossible a MIM attack. A prototype is already working I only have to sync
    all the versions!

    Details:
    The idea is to use a particular DS (Digital Signature) public key as node ID on the ants
    net. The key (node ID) will be changed each time you run ANts and it will be generated in
    couple with a private one. You"ll use your private one to sign your messages so that
    everyone on the ants net will be able to verify if
    a message from the node identified by a particular ID (i.e. public key) is spoofed or
    valid.
    The method is computationally secure cause it implies no DH exchange or communication
    stuffs. You
    simply publish your ID (i.e. public Key) on the net through your queries and you"ll be the
    ONLY one able to use that ID to spread messages on the net. Spoofed message will be
    automatically rejected by other nodes, cause the spoofer will not be able to create a fake
    signature (unless he can perform a 1024 bit factorization... :p ) and the nodes will fail in
    verifying the signature. Obiously this will work within the current secured environment
    creating a far more strong security.

    We are definitely DONE!

    This can be applied also on MUTE so coder take notes :p I think it"s a great idea."

    If you run Ants you will see in the log that data is sent by user ID that is queries ,data and network infmation.Ants is really meant to send data in a network a safe way and is probably more suited to commuity wiresless nets ,WI-FI hotspots and other wireless WAN aplications as an overlay and it has the ability to have Chat ,Streaming data and many other services over its framework .Once the PGP services are Built into Ants this will be more of a clustered community app that can be intergrated into a wi-fi network .File Sharing and Http tunneling are just the first two services offered on Ants .

    If you want a legal position here are a few quotes from a Slyck Story about ants written in September Link http://www.slyck.com/forums/viewtopic.php?t=7069

    "Fred von Lohmann, the Senior Intellectual Property Attorney for the EFF, highlights the importance of the privacy provided by these networks. “It is important to remember that anonymizing proxy networks have lots of uses unrelated to file-sharing, including for anonymous web browsing, email, and instant messaging,” "

    "Fred von Lohmann explained, “The law is simply unclear. No court has ever considered whether you can be held liable for copyright infringement simply for proxying data in a network. EFF strongly believes that the answer should be that, assuming you have no knowledge of what the packets are that you're passing, you should not be liable for the contents of the packets. That is, after all, the rule for ISPs. The same rule should apply for individuals,”"

    I agree as well as plasible denaibillity thier is probable cause and once the INDUCE Act comes in it will be a very likely defence in all targeting p2p users trading questionable material the enternment industry considers suspicious, a very sad day indeed .A jury would have to be convinced by your lawyer( who would hopefully be a lawyer from the 'EFF' who is well versed in technology in a landmark case like this doing pro bono work) that the prosecution didnt have the corrct evidence needed to prosecute the case. If you read that thread on zeropaid that you seem to like to quote so much you will see that Ive said that in previous posts .

    PS did you really need to quote me when the post is already there .
     
  4. SirKilljoy

    SirKilljoy Member

    I would have loved to add my two cents to an intelligent debate on the merits of ANts, but I find that all the points I would have raised have been comprehensively covered by Watchmen.

    Great Job, well done.
     
  5. ezzye

    ezzye Guest

    Thanks

    Well done Matt for getting this forum set up.

    How can current and future ANts p2p users and testers help?

    My suggestion is that I am available to:
    -Set-up and administer CVS on sourceforge
    -Set-up and administer Stable and unstable versions on sourceforge
    -Host and set-up ANts hash content site on ANts and on webserver to encourage users to add more content as users can share more than 1000 mp3s without being sued.

    I know ANts development has stalled recently due to GW having personal issues to deal with.

    How can we users help?

    I personally have downloaded 10 gigabyte of mp3s and movies from ANts (for educational purposes) so I know that it works.

    My average download speed when a source is available is 20 K b/s on dsl. Not fast but OK for anonymous MP3s.

    Again well done.

    When the history of P2P is written I'm sure this will merit a mention.

    Thanks Matt and GW for your hard work we do appreciate it even if sometime it seems we don't.
     
  6. Malicious Intent

    Malicious Intent People on my cool list...

    I have been sitting in the middle of talks between Graham (specialist I used in my article quoted above) and Gwren.

    A MIM attack could still be performed. As long as it is performed at the search stage. This is not much different to when DH exchanges were used.

    It would be impossible to catch everyone. Every search would need recording and changing to catch the few transfers which then proceed to use the cancerous node to proxy the file.

    The ultimate question is what is the point? Gwren used to say that it is about privacy, but there is no privacy when you are sharing files with 100s of other anonymous users.

    It is therefore about legal protection. Something Gwren used to say ANts was not designed for and could not provide. IMO he has now done a U-turn on that - and rightly so. ANts is now about legal protection and not privacy.

    However, how many users would know how to see the files being transferred by MUTE? It can't be many. By the time those people have found out what the file is, they would have passed it on anyway. Users can not be expected to constantly monitor their traffic any more than they can be expected to perform a MIM attack.

    If, as von Lohmann says, user's best protection is to hide behind the ISP laws, then there is truely no extra legal protection provided by ANts over MUTE.
     
  7. AussieMatt

    AussieMatt Expatriate Australian

    It gets back to does ants want to be based on a trust model or a annonymous model .If certifercates are issued or a PGP system implimented http://www.bouncycastle.org/index.html
    Does Ants end up being a trust model that may be usefull in somthing like the proposed Downhill Battle client http://downhillbattle.org/labs/gaim_filesharing_plugin/

    Grwen (Ants Developer) and Jason (MUTE Developer) both have published on thier websites thier opinions on end to end encryption Jason Being against end to and Grwen for end to end (looks like an email to MI's associate Graham) Both articles present good points of view and there may be somthing for all to take into consideration to disscuss and improve the overall development of both Ants and MUTE.

    Grwens End to End views
    Why End 2 End is useful for an AD-HOC anonymous NET
    http://www.myjavaserver.com/~gwren/home.jsp?page=custom&xmlName=e2e

    Jasons End to End views
    End-to-end encryption (and Person-in-the-middle attacks)
    http://mute-net.sourceforge.net/personInTheMiddle.shtml
     
  8. Malicious Intent

    Malicious Intent People on my cool list...

    It seems like Jason is thinking along the same lines as Graham. They are saying virtually the same thing. It is impossible to have secured endpoints in a system which is designed to hide those endpoints.

    Gwren talks about how secure ANts is, but only after the transfer has started safely. No one is debating that, the problem is with attacks performed before that.

    I think the Gwren view you posted was the turning point for ANts. He used to say that he is not a lawyer, now he publishs this based on some very weak legal theory. He compares a MUTE proxy node to a node sharing files on edonkey.

    The power of encryption goes back to the logic of trying to secure unknown endpoints.

    From a legal POV:

    Knowledge of the file being transferred: Both require specialist knowledge. ANts more than MUTE. ANts will have a higher failure rate at discovering the file being transferred.

    Time to discover what the file is: Both long after the file has been passed on, else the transfer will fail

    % time needed to watch the network to ensure no files are copyright: Both 100% of the time the network is connected

    It can be proved who the source of the file is: Neither netwoks

    And so on.

    ANts is very advanced, and I would hate to think that anyone thought otherwise. However, Gwren is onto a loser with endpoint encrytion.
     
  9. AussieMatt

    AussieMatt Expatriate Australian

    Just delete the flame threads janet and im sure this disscusion can stay on track

    On another note I spoke to grewn on IRC and he said he is waiting to get DSL service that was promised to him from his ISP before he can get back into developing .
    They sent him a broken DSL modem and giving him the run around .
    He said he is working on internationalisation support and a JetiAnts webinstaller while he is waiting to get hooked up .His dial up and telephone bills are getting expensive thats why he is limiting his time on the net and project at the moment but when he gets DSL im sure he will be back giving us releases on a daily basis LOL.
     
  10. Raize

    Raize Member

    (Dislaimer: I created an account just to respond to this)

    I agree that there is no ignorance defense, but intent is a huge factor in any criminal or civil case. Not intent to share, mind you, but intent to share something like child porn. It's the same reason why a kid that puts a piece of candy in his mom's purse as she shops isn't held accountable for stealing. It's because the act that he was doing, while it was actually stealing, was not his intent. In fact, he just wanted candy.

    By sharing files on a network like this, one can just claim incompetence, saying they didn't know that they were sharing child porn by putting their mp3's online. Since the RIAA has a history of suing people that have no clue, it's interesting that everyone is settling outside of court since incompetence is a staple of P2P sharing.
     
  11. tackdaddy

    tackdaddy ZeroPaid's Forum Pimp Established Member

    look i have nothing against the ANTS program.i will even try it once the network gets a little bigger but what i want to know why is there so many fucking threads talking about this.too much fucking spamming about a program that is'nt even proven to work like it claims.
     
  12. SirKilljoy

    SirKilljoy Member

    Is it just me, my damn country or the mass media/advertisements in the USA, but I'm not 'that worried' about being sued for mp3 copyright infringement, Where as spreading child pornography is a different matter. One is a civil matter/civil liberties matter, the other a heinous crime where perpetrators have and are being sent to jail.

    And of course intent is always the point in all legal cases; it’s the difference between mass murder and a terrible accident on a highway. (Except for negligence for any pedantics out there)

     
  13. ezzye

    ezzye Guest

    Come on let's get back on topic.

    ANts is about protecting user privacy so that users can share music, books and movies privately (RIAA and MPAA cannot see source of files). It is NOT about child ponography and Terrorism etc. The people who spread those rumours in the media are usually affiliated to RIAA / MPAA who hate file sharing (of any type) as its losing them some of their MEGA-PROFITS. (BTW I'm an not saying that SirKillJoy is in anyway affiliated with the RIAA or MPAA.)

    If anyone logs on to the ANts network they will see, in terms of content, loads of MP3s, books(pdf) and movies from around the world as users are not afraid to share their whole media collection. (Although probably not the one they are after as the network is tiny.)

    Sure there is some porn but guess what there is the SAME porn on the internet.

    Privacy is a right not a privalege. By asking for that right you are not seeking to break the law.
     
  14. SirKilljoy

    SirKilljoy Member

    [Sarcasm]
    And pray tell how do you stop it being used to share child pornography. If I download the source will I see advanced image processing code that can recognize naked children?
    [/Sarcasm]

    I don't dispute your wish, the developer or anyone I've ever read in any forum, their wish to only break civil and not criminal law (As defined within my own country), but to suggest that a truly anonymous network would only have happy consequences is in my view your naivety of the real world. But of course I can relax in the complete knowledge that no such network exists now or in the future.



    On a personal level I believe there to be a world of difference between child pornography and porn. Luckily most civilized people (outside Japan) seem to agree with me.



    Depends where you live; in certain western countries all your emails have to be vetted and logged, in others you break the law if you do. Some countries limit the number of bits you can use for encryption, others say not. Even some call it a crime to try and stop people copying copyrighted material. As for privacy, I have no right to it and there is no law protecting it for me where I live. Occasionally the lawmakers/civil liberty groups mention it, but the Press are hardly likely to agree.
    For my personal view if you want the right to privacy to be able to copy MP3 files, I'm happy. If you wish the right so you can copy Child Pornography, I'm Not. It's all Intent.

     
  15. AussieMatt

    AussieMatt Expatriate Australian

    Sir Killjoy Just log on to adult chat rooms on yahoo you will find your peodophiles there first .

    The RIAA/MPAA and the Department of Justice media releases state that they are trying to protect childeren from peodophiles by clamping down on p2p .They are trying to socialy engineer public opinion so it benefits them.

    Senator Orin Hatch the main sponser of the INDUCE Act recives alot of funding from the MPAA and RIAA and media companies so as usual in the US big bussiness gets to write the legislation without consulation .Just like the FDA gets the Drug companies to write the US Persrciption Drug policy .
     
  16. SirKilljoy

    SirKilljoy Member

    And wouldn't it be better for the P2P community to respond with claims that Child Pornography can't flourish using P2P, instead of making fake claims of Anonymity and Privacy.

     
  17. Malicious Intent

    Malicious Intent People on my cool list...

    I think the peadophile question is an important one. Definately something to think about. I believe that technology should not be hampered because of its potential uses, but ANts is pushes up against some tough moral questions by creating software which could help peadophiles - whether that is the intention or not.

    Go onto any network and type in "qwerty", "r@ygold" or even "12". It is a problem and can only be made worse by the development of anonymising networks. It isn't just the invention of Orrin Hatch.

    I say the development should continue, but it isn't cut and dry.
     
  18. AussieMatt

    AussieMatt Expatriate Australian

    Yahoo Messenger is also another technology that helps peodophiles .The technology question is the same argument that can be used for the current generation of p2p that is p2p can be used for distributing legal files like LINDOWS ,Most Linux Distributions, Game Demos and can be used for sharing copyrighted material.Its not the technology that needs to change its society that needs to change .If you cut off a pedophiles Internet acess he will probably wait out side your kids school offering candy the technology cannot change his intent ,
     
  19. AussieMatt

    AussieMatt Expatriate Australian

  20. Malicious Intent

    Malicious Intent People on my cool list...

    I see it in a very different way AM. Peadophiles can be caught hanging around schools. It got easier for them with the internet. P2P meant that they could share files without having to discuss it or request them. However, they can still be caught.

    Anonymising networks takes it another step. 100s of people can be asked for pictures without talkin to another human. It is instant access to what was the underground before p2p. Peadophiles can now live safe in the knowledge that there is no way for them to get caught.

    Comparisons with IMs and traditional networks are weak.
     

Share This Page