New Kazaa Lite Protects Identity

Denver_80203 writes "Found this story about the new Kazaa K++ 2.4.0 and it's new sister program which claim to protect your identity while sharing files. Any of you folk know how legit this could be? We all knew it wouldn't be long... is this the war or just another battle?"

Score one for us?

[Kai_MH (632216)]

Hurrah! It's about frickin' time that this came out... Now let's just pray the developers didn't make a deal with the RIAA and are sellign our identities to them with this new version. So, what's the verdict on it, fellow geeks?

Security Through Obscurity

[Deathlizard (115856)]

Pretty much works the same way as Security Through Obscurity if you ask me.

Although it blocks users from browsing your files and blocks queries from known malicious IP's It would not stop the RIAA from downloading from you from a not yet known malicious IP, Proxy, wierd "Save the Music Industry" Campaingn where they pay you to hunt down P2P Users, ETC.

Basicially if they do a search for "St. Anger" on Kazaa, Download it, and verify that it is "St. Anger" they have an IP going to somewhere. And that IP now has a big red Bullseye on it whether it's a proxy, a user or whatever else that could obscure your idenity.

The only way to truthfully be anonymous is to be encrypted, swarmed and stored all over the place by hundreds of users like Freenet does it, and even that gives them an IP to paint a target on with the excuse that even though you dont know what your PC is sending thats no excuse to infringe. Although the courts would have to decide that.

Re:Security Through Obscurity

[by Anonymous Coward]

with the excuse that even though you dont know what your PC is sending thats no excuse to infringe. Although the courts would have to decide that.

Well, some courts have decided that: http://www.ca7.uscourts.gov/op3.fwx?submit1=showop &caseno=02-4125.PDF [uscourts.gov]

From the decision, in relevant part:

We also reject Aimster's argument that because the Court said in Sony that mere "constructive knowledge" of infringing uses is not enough for contributory infringement, 464 U.S. at 439, and the encryption feature of Aimster's service prevented Deep from knowing what songs were being copied by the users of his system, he lacked the knowledge of infringing uses that liability for contributory infringement requires. Willful blindness is knowledge, in copyright law (where indeed it may be enough that the defendant should have known of the direct infringement, Casella v. Morris, 820 F.2d 362, 365 (11th Cir. 1987); 2 Goldstein, supra, ? 6.1, p. 6:6), as it is in the law generally. See, e.g., Louis Vuitton S.A. v. Lee, 875 F.2d 584, 590 (7th Cir. 1989) (contributory trademark infringement). One who, knowing or strongly suspecting that he is involved in shady dealings, takes steps to make sure that he does not acquire full or exact knowledge of the nature and extent of those dealings is held to have a criminal intent, United States v. Giovannetti, 919 F.2d 1223, 1228 (7th Cir. 1990), because a deliberate effort to avoid guilty knowledge is all that the law requires to establish a guilty state of mind. United States v. Josefik, 753 F.2d 585, 589 (7th Cir. 1985); AMPAT/Midwest, Inc. v. Illinois Tool Works Inc., 896 F.2d 1035, 1042 (7th Cir. 1990) ("to know, and to want not to know because one suspects, may be, if not the same state of mind, the same degree of fault)." In United States v. Diaz, 864 F.2d 544, 550 (7th Cir. 1988), the defendant, a drug trafficker, sought "to insulate himself from the actual drug transaction so that he could deny knowledge of it," which he did sometimes by absenting himself from the scene of the actual delivery and sometimes by pretending to be fussing under the hood of his car. He did not escape liability by this maneuver; no more can Deep by using encryption software to prevent himself from learning what surely he strongly suspects to be the case: that the users of his service--maybe all the users of his service--are copyright infringers. This is not to say that the provider of an encrypted instant-messaging service or encryption software is ipso factor a contributory infringer should his buyers use the service to infringe copyright, merely because encryption, like secrecy generally, facilitates unlawful transactions. ("Encryption" comes from the Greek word for concealment.) Encryption fosters privacy, and privacy is a social benefit though also a source of social costs. "AOL has begun testing an encrypted version of AIM [AOL Instant Messaging]. Encryption is considered critical for widespread adoption of IM in some industries and federal agencies." Vise, supra.

Our point is only that a service provider that would otherwise be a contributory infringer does not obtain immunity by using encryption to shield itself from actual knowledge of the unlawful purposes for which the service is being used.

(emphasis added)

Small wonder this opinion is by Posner from the 7th Cir., known for being an industry goon. (He's from the Chicago school of 'screw the little guy' economists, as is Scalia, and many other jurists with sway.)

The point however is that merely encrypting files does not provide a defense. Likely, you'll still get sued, if you infringing use becomes large enough to attract one of the factory robot lawyers the RIAA is about to retain.

I would urge developers to read the 7th circuit opinion carefully. It lays out some tests for what a 'safe' p2p application can show to avoid liability. If others are interested, I'll follow up with a list of suggests for a bittorrent sister app I'm making that carefully follows the rules of the 7th circuit.

That's what I needed

[stud9920 (236753)]

That's what I needed : something to hide my fake identity

Re:That's what I needed

[Tackhead (54550)]

> > hide my fake identity
> How can you fake your IP address?

"And honey, I faked every IP address!"
-- Anonymous Coward, as written on a note left on Hilary Rosen's bedstand.

Re:That's what I needed

[mrmag00 (200868)]

No. This is the same thing as 'the locked door' analogy. If it is advertised as a public, free, hotspot- you can assume it is safe to use it. But otherwise it isn't.

If I lock my door on my house, you can still easily get in. That doesn't mean me not locking (or forgetting to lock) the door is inviting you to come in.

This isn't surprising. . .

[Salgak1 (20136)]

. . .and neither will the response be a surprise: the RIAA et al using a different bunch of IPs, defeating this method. Give them a few weeks, enough to get some new lines provisioned, and they'll be back at their old tricks.

Just in time for the next move in this move-countermove chess game. . .

Re:This isn't surprising. . .

[nahdude812 (88157)]

Or a day to install AOL software, Earthlink software, Juno software, and many other popular ISP packages, then dial up to various cities across the country, foot the long distance charge, and tack it to the next lawsuit filed against some teenager. If they can get subnets for these guys kicked off the network, then they win this battle, and use the networks' attempts to protect themselves as a weapon to cause the network to shut down huge portions of itself.

Re:This isn't surprising. . .

[deman1985 (684265)]

Next move I see is for a single source to be limited to providing 20 seconds of a particular music file so that we can take advantage of more fair use laws.

Really, I'm not sure why I haven't seen this used yet. Almost all the major sites out there that provide music content will let you play a 10 or 20 second sample of the music for free (and as far as I know, they don't have to license it), so why can't filesharing system users legally do the same?

It just so happens that each user has a different clip... and the software is intelligent enough to piece them back together into one music file instead of me having to do it by hand ;)

Re:This isn't surprising. . .

[dmauer (71583)]

Really, I'm not sure why I haven't seen this used yet. Almost all the major sites out there that provide music content will let you play a 10 or 20 second sample of the music for free (and as far as I know, they don't have to license it), so why can't filesharing system users legally do the same? It just so happens that each user has a different clip... and the software is intelligent enough to piece them back together into one music file instead of me having to do it by hand ;)

Well, I have at least one idea: What you're describing is a technology whose sole purpose is to flout copyright laws. You may be right -- technically, using this method might be legal. However, it clearly goes against the point of copyright, and it's clearly just exploiting a loophole... which is something that really doesn't sit well with me, and certainly wouldn't sit well with the uber-rich lobbyists who got the DMCA signed in the first place. Don't think that widespread use of something like this wouldn't, in some way or another, result in more nasty restrictions on Fair Use -- I imagine it wouldn't be long before many of the online music retailers who offer short samples of songs would be forced to stop. The idea here is to get active, get the unfair laws changed, and get our fair use back. NOT to find tricky ways to break the law without really breaking the law. -d

Re:This isn't surprising. . .

[Croaker (10633)]

A) You can bet your bottom dollar that Amazon, CD Now, etc. al. have an agreement in place with RIAA (or the individual recording companies) that governs those clips on their site. Likely, there's a limit to the length, and there's a limit to what they can take from a song (i.e. first 20 seconds, etc.), and a limit on the sound quality (most places I've been too usually have low-quality clips, some even in mono). Many of the clips I hear also fade in and out, which would make them useless for "cobbling together" a full version of the music.

Actually, I would be surprised if Amazon and others do the sampling themselves. Most likely, they are supplied with the samples by the record companies themselves. Check out several web sites. Are the images, audio samples, and even copy about the albums any different from one site to another?

B) Intent also enters into sampleing under fair use. If I write a review of the new Harry Potter book that quotes from the scene when a certain character dies, and uses a quote to reveal the ending of a book, I could be sued if it seemed my intent was to get people not to buy the book. Extracting material from a work for the expressed purpose of damaging the commercial viability of the work is not allowed.

Now, do you want to face a judge and explain why you and your friends were hosting random 20 second perfect quality samples of music in light of the fact that a system exists that would recombine them into a perfect copy? What compelling 'fair use' intent could you claim? Throwing up your hands and saying "lordy! the law lets us use samples as fair use" isn't going to cut it.

Re:This isn't surprising. . .

[Karamchand (607798)]

It is optional. You can find the option in Options => Kazaa K++ Options => K++ Options => User's [sic!] can't get a list of all your shared files checkbox.
HTH!

Great!

[indros (211103)]

Who wants to bet that the news won't report that filesharing has jumped back up %15, and then some with the advent of this.

Kazaa K++ is an excellent program

[Ice_Balrog (612682)]

I don't know if Kazaa K++ can hide your identity, but what I do know is this: Kazaa K++ is an excellent program. It is so much better than vanilla Kazaa. No ads, spyware, many cool features make it a great program.

Just blocks IPs

[evilned (146392)]

From what I have seen, it just has a list of ips of law enforcement and record industry computers. Not a very fool proof method, but better than a tin foil hat.

Re:Just blocks IPs

[in7ane (678796)]

Don't trust the parent, it may be an attempt to persuade people to substitute a potentially insecure K++ for the proven security features of tin foil hats.

Either way, a tin foil hat is still a good security supplement even if this hype is true.

Re:Just blocks IPs

[sharkey (16670)]

but better than a tin foil hat

What if I make a tin foil cover for my modem?

After My DMCA Letter Scare

[Soporific (595477)]

I stopped using Kazaa for a while, or only briefly. Now I can go back to being a file whore and stop using those unreliable BitTorrent sites.

~S

K++ edition

[Webtommy88 (515386)]

Well K++ edition bascially contains a wrapper on the Kazaa application so that one can modify the memory accessed by Kazaa easily, and thus those who use K++ edition automatically has the K-Lite Master (1000) ranking on Kazaa. Its simply a matter of manipulating the values at the memory address.

I would think that extending on that principle, they could write protect or just dump gabarge into the memory space where idenities are stored.

Of course, I don't have the K++ source, so how would I know, it's just a theory.

Re:K++ edition

[Karamchand (607798)]

• This PL = 1000 thing is actually rather bad for the P2P network as a whole. If noone sees the need to share files fewer people will share files (specially in the light of recent RIAA threats)
• Actually your's is a rather bad theory. Because the identity is not your Kazaa nickname (which you can change anyway to anything you want) or anything like that - but it is your IP address. Without fundamental changes to the way FastTrack works (think rewrite in Freenet direction) it won't be possible to hide your identity.

Re:K++ edition

[toddestan (632714)]

Like most people, I have a fairly large download pipe (about 1mbps) while a tiny upload pipe (128kpbs). Thus, I have a rather large collection of files people want. Whenever I go onto P2P networks, my upload pipe is almost always maxed with lots of people qued up waiting to upload.

What this article says is not entirely true. While the leechers do not harm or take anything away from me, they do take bandwidth away from the people who are not leeching. And I do not have infinite bandwidth, because even if I left my computer on 24/7, more people will que up and try to upload than I ever could upload to.

Since I cannot upload to everybody, it is in my best interests to upload to the people who share. Because the people who share are the only one who will actually make the network grow. Also, when they share a file they uploaded from me, it also makes that file more available on the network and takes a little bit of the load off myself.

So there are practical reasons to kick freeloaders , besides just the moral ones. If I truly had infinite bandwidth (I interpet that as enough bandwidth to send my files to everyone who wants them, regardless of them sharing or not), then maybe I wouldn't care about freeloaders. But since I don't, I will continue to block leechers from uploading from me.

RIAA Should be commended

[bugsmalli (638337)]

for pushing us to come up with ingenous ways to screw them. When the heck will they wake up and realize whatever they try they can't subdue filesharing. Why not just make it easier and rake in some money (read profit. anything more than 0 is...). sheesh. is the org run by a bunch of retards or what?

RIAA Should be commended

[ShineyNewSlashdotAcc (681011)]

It aint gonna work. The reason is simple : The rules have changed. Distribution of music is now much easier and cheaper than before and a large chunk of the old distribution network is *no longer necessary*. This is totally irrelavent as to weather or not this new distribution model is legal or not. It is happening. It probably cant be stopped(I mean the software industry tried and failed thru the 80s/early 90s)

So now the RIAA have several choice.

1. Try to roll back the technolgy that enables this new distribution channel. This is possible but not very likey.

2. Use more draconian law enforment techniques. Posibble but I mean whata ya gonna do... start sending colleage kids to prison ? For what stealing a Brittney track ? Is this what we want ?

3. Try to adapt to the new medium. Be creative and come up with new profit channels that take advantage of the medium.

Personally I dont think 3 is very likely either... I think RIAA is going to have to be dragged kicking and screaming into the 21st century.

Re:RIAA Should be commended

[PunchMonkey (261983)]

3. Pay (credit car, paypal, whatever)

... Credit Car??? What a fabulous idea!!! Embed your credit card on the tires of your car.

/me drives up to Window #1 at Wendy's.

Girl: That will be 28.10 please, how will you be paying?

Me: Credit Car

Girl: Please swipe your car through the reader

/me drives car back and forth through giant magstripe reader

umm

[ramzak2k (596734)]

Both Kazaa K++ and Kazaa Lite, two very similar modifications to the Kazaa file-sharing system by Sharman Networks, now contain hooks to the PeerGuardian database of IP addresses

Database of IP addresses is going to protect us ?
Cmon now. What prevents RIAA from using anonymous IP blocks that they can purchase legally for use?

Re:umm

[EinarH (583836)]

Cmon now. What prevents RIAA from using anonymous IP blocks that they can purchase legally for use?

Stupidity?

Re:umm

[theNote (319197)]

Entrapment?
How would using a different IP be in anyway entrapment?

The only way a case could be thrown out for entrapment is if the RIAA IM'd you and asked you to download a file, then turned around and sued you for copyright violation.

Re:umm

[Suidae (162977)]

You, sir or madam, are full of hooie.

Entrapment laws are very specific and have nothing to do with this.

The DMCA does not apply because they are the copyright holder and because they would not be circumventing any recognized encryption method (TCP is not an encryption method, regardless of how one tries to twist the definitions of the words).

This is probably quite legal, and IMO as an occasional trader of copyrighted files, fair play. Unfair play would be if they located my IP address, coerced my ISP into providing my physical address, and then came over for a visit.

Of course, all they would find is an 'accidentally' unsecured wireless access point connected to my cable modem and a tinfoil hat.

Re:umm

[DoorFrame (22108)]

Only law enforcement agencies can be accused of entrapment. There's no such thing for a non police corporation. They can entrap all they want. Remember, you're going to be going to civil, not criminal court.

All this seems to do...

[Stinky Glen20 (689507)]

From the article, all this seems to do is some basic housekeeping to ensure that your search history is not stored, and interact with a database of IP addresses known to be used by the RIAA

This doesn't seem to be anything revolutionary, or, interesting.

If the services went through some kind of anonymizer, that would be cuter. Of course, the bandwidth demands would be huge.

What may be an alternative is to produce a collaborative download system. I request a download, which is proxied by another random user (provided I return the favor). Even if you had RIAA sniffers, all that could be proven is that MY IP address downloaded something, but not the ultimate destination of the data.

Of course, if I have illegal music on my PC, then I am still screwed. But I leave solving that problem to the reader :)

I'm Safe

[dlosey (688472)]

I already protected my identity. I am John Doe at 123 Abc St. My email is JohnDoe@kazaa.com. How could they possibly find me?

*knock* *knock*

Umm.. yeah.. I'll finish this post la.. *ouch* Not so tight with the handcuffs.

Not true.

[Eric_Cartman_South_P (594330)]

Well, it IS true in the fact that it blocks a known range of RIAA and other "bad" IP's. However, do you really think they wouldn't use random, seperate IP's to do their dirty work? I don't think the "music-searchin-lawsuit-makin" box is sitting next to their Exchange Server. They do have the cash to get some techies who know how to read ZeroPaid and Slashdot and I'm sure the "music-searchin-lawsuit-makin" box is on a completely different class C ip, or even random cable/dsl modems accross the country. Why not? THat's what I would do (uhg, feels dirty to even think like them for a second). That said, the new Kazaalite features are an ok, simple start to something good I guess.

The new feature that blocks users from seeing ALL files, however, is VERY smart. All 50 million users (pulled that number out of thin air, should be close) now appear to be sharing only the ONE file you searched for. Makes hiding in the sea of users fruitful.*

* Disclaimer: Don't steal music. :)

How?

[bazik (672335)]

How can you hide your identify on a Peer2Peer system where other users get your IP when they connect to your machine to download stuff (for backup reason of course)?

I doubt there is a way... netstat kills your privacy :P

Hate to Burst your Bubble

[OS24Ever (245667)]

...but the RIAA can easily get around this block of 'known' IP addresses.

To borrow from the other scourge of the internet, They'll just pay people to work from home for $1000s a week!

All they'll do is pay some one who wants money to run their program using their home DSL, Dial up or Cable Modem. Then the blocking of RIAA's 'known' addresses would become as big as every high speed residential network on the planet.

anonymity is available

[stinky wizzleteats (552063)]

In other P2P networks. Freenet [sourceforge.net] and GNUnet [ovmj.org] both offer crypto and anonymity. Freenet isn't a P2P app in the pure sense. It's more of an underground www. GNUnet has better anonymity (theoretically - due to it's ability to resist traffic analysis attacks), but it is a younger project.

When it's time to retreat from gnutella, these represent the next stage in the information war.

Fanning the flames

[Mikey-San (582838)]

Here's a question that popped into my head while reading this story:

Is this legal? If so, should we really advocate it?

If people are stealing music, and a company attempts to block the people from whom the music is being stolen, with the intent of protecting the identity of the pirates, isn't there some line that's being crossed somewhere?

And even if it /is/ in that legal grey area and isn't clearly illegal, isn't it a really stupid move regardless? It seems like by hiding the people pirating the distribution-prohibited music, it helps give the RIAA /more/ reason to jack up CD prices and impose arm-bending DRM practices.

No, I don't think music piracy is the big reason why CD sales are falling. It's a larger issue than just p2p apps, but it gives the RIAA /cause/ that they can wave around like a flag in the newspapers and on TV news programs that don't do the proper amount of research into the issue.

I digress.

This is really stupid of KaZaA to do, bottom line, I'd say. :-/

Submitted for your approval:

[DuckDuckBOOM! (535473)]

In a future release of [your favorite P2P app], an option which presents to peers requesting downloads or file lists one of those pseudo-word-containing images you see on eBay and Ticketmaster to block bots. The requestor has to type in the character string he/she/whatever sees to get the file or list. This wouldn't stop RIAA scans, but would sure as hell slow them to a crawl by de-automating the scan process, without substantially impacting a normal user. The only serious downside I see is that this method probably busts a patent somewhere. Is there a way to avoid that?

Sanity check, anyone?

Blacklisting RIAA's (and friends) networks

[Aceticon (140883)]

Actually the thought just came to me that an interesting way to fight back would be having filesharing software somehow totally blacklist access to suspicious networks at the PC level (meaning not only filesharing - everything).

The blacklisting should be done at a higher level than machines only - the whole network of the ISP providing RIAA with access should be blacklisted if one or more machines in the network are being used by RIAA (or related entities) to scan for filesharing.

Also, the user of the filesharing program should be given a choice - "Do you want to block access to and from networks where RIAA is scanning filesharers (Yes/No)?"

My basic idea goes down to a bit of social engineering - please follow me on this one:
- RIAA contracts with an ISP to provide it with network connectivity to the Internet.
- RIAA then uses machine(s) over that network connection to scan filesharing networks.
- Said activity is detected (exactly how i don't know)
- The whole network for that ISP (or at least a significant portion of it) is blacklisted in millions of machines (all those running the filesharing app). This can be scalled up to bigger sub-networks (the ISP of the ISP) if needed.
- Other entities hosted on the same ISP are also in practice cut-off from some of their (potential) customers. Mostly their websites are ineccessible from millions of machines. This is especially bad for online shops and ASPs.
- They complain to the ISP.
- The ISP, faced with the choice between keeping RIAA as a customer and loosing several other customers or simply dumping RIAA will find that the choice that makes more business sense is dumping RIAA.
- Eventually, RIAA and it's associates will become persona non grata to most ISPs (as in, they choose to not take RIAA's business).

The nice thing about it is that it's all absolutelly legit:
- Each individual user chooses to accept an autometed cut of contact with those networks that provide access to filesharing scanning. Everyone is in their right to do so.
- ISPs choose to not sell their services to RIAA. It is their right to do so.

Now, this whole theory has some holes in it, and a couple of weak points (not to mention no solutions for the technical problem) - still, a distributed, voluntary system that makes it bad business for ISPs to provide access for companies that do filesharing scanning would leverage the power of those "hundreds of millions of users" of the filesharing apps.

Comments please ...

If only...

[revmoo (652952)]

The thing is, the RIAA has subsisted all along on being the middleman. They don't really DO anything. Sure they promote new albums.......oh wait, no they don't, they have ad agencies and their ilk to do it. I know, they press cds......oh wait, no they don't, they outsource it to record pressing companies.

The RIAA(meaning the record companies) only exists because the artists and the consumers haven't really questioned their existence. Artists stand to make a lot of money without the RIAA in place. Why not make all music free? If you want to brave the p2p networks for different quality mp3s and such help yourself. OR, you can pay $5 directly to the artist to download the cd from their website.

Artists can make MORE than enough money from licensing their music(think movie scores, and commercial soundtracks), and live performances. Without having to pay large portions of their income to the record companies, artists stand to make a LOT more money, once the RIAA is gone.

The artists you see fighting p2p etc, are the ones that NEED the RIAA to survive. I'm talking about the sell-out corporately manufactured groups that wouldn't last if the RIAA wasn't there to spam their name all over the radio and mtv every 10 minutes. Those are the only artists that NEED the RIAA, and if we lose them, frankly, here is one slashdot poster that could care less.

It's not that I mind paying for music, but isn't it about time for a paradigm shift? Natural selection has provided an easier and better way to get new music and the record companies are a dying breed.

I have a couple thousand mp3's on my hard drive that I didn't pay for, but I also have heard a lot of new artists that I will jump at the chance to see live, or buy merchandise from.

I'm a bit of an aspiring dj, and I buy records from artists that I've heard and liked through p2p. If it wasn't for p2p those artists wouldn't have had my purchase.

The problem doesn't lie with the consumer.

!!!WARNING!!! New Kazaa-Lite turns file sharing on

[fmaxwell (249001)]

I installed the new version of Kazaa-lite and it apparently turned filesharing on even though I had disabled it previously. (Note: I say "apparently" because I did not check the setting immediately prior to the installation and it is theoretically possible that some other process had turned it on.) This was done despite the claim on the website that "You can just install this on top of a current Kazaa Lite installation. That way all your settings will be remembered."

While people can debate the ethics of not sharing, how it affects the viability of P2P networks, and so forth, it should still be an individual choice.

Turning on filesharing without the explicit permission of the user could put the user in violation of the policy at their ISP or their work. It could put them in violation of federal, state, and local laws. It could open up a big security hole, causing the user to share files that they never intended to share. This is not something that should be done without the user's knowledge and permission.

Judge Posner's Aimster Analysis Isn't Helpful

[werdna (39029)]

Judge Richard Posner, a highly regarded Seventh Circuit Judge recently wrote an opinion upholding the Aimster injunction [uscourts.gov] that tends to suggest that identity protection for file sharing is more likely to support a claim for contributory infringement of the vendor than not. The opinion, while troublesome in many respects, is probably the most intelligently written articulation of the 9th Circuit Napster reasoning we are likely to see, and will likely be deemed a persuasive authority by most District Court Judges. That is, until and unless the Supreme Court speaks clearly on whether they meant what they said when they wrote in the Sony Betamax case, that regardless of evidence of wrongdoing there can be no contributory liability for distribution of technology that is capable of a substantial noninfringing use.

My problem with the Napster, and now Aimster, opinions is simply this: the 9th Circuit adopted a broader view of the liability of a technology manufacturer in the Sony Betamax case, essentially a "substantial infringing uses occur means infringement by vendor" test, which was discredited and reversed in Sony, which adopted the "substantial noninfringing use possible means no infringement by vendor," almost the very opposite result. It is hard for me to understand why, when the 9th Circuit essentially brought back the same analysis in its Napster opinion that got "sent home" in Sony, that Judge Posner would so freely adopt it here. To be fair, he explains his reasoning very, very well -- I just don't find it persuasive in view of the law and its underlying policies -- contribution isn't about expanding copyright to permit technology regulation.

To me, the question isn't whether the technology is being used poorly -- even by most users -- if it is capable of a substantial noninfringing use -- in which case there should be NO liability for contribution. (To get a sense how far the Supreme Court went, there was survey evidence before the District Court showing that 50% of the Betamax users were doing some infringement.) The question should be whether the technology vendor was affirmatively and actively inducing others to engage in infringement, as was the case in Napster and, arguably, Aimster.

Time will tell. But until the Supreme Court gets to this, it looks like the Posner account of Napster will be the final word on this question of law. Note, however, that his remarks on identity protection as indicia of wrongdoing are very troubling -- one of these days, perhaps in a few more years, perhaps, if we don't have any more tall buildings hit by planes, we really need to affirmatively try to get the courts and the Congress focused on privacy again.

Do the EULA

[Zangief (461457)]

Why don't we put a EULA in the new Kazaa programs, which say something like this:

I don't belong to any organization related to RIAA.... I won't use any information obtained from the use of this program, or the study of the way this programs works, to sue others users of this or related program... I don't suck

And then require, from some point in the near future, that everyuser of kazaa has accepted this EULA

IANAL, and I don't know how an EULA like this would stand in a court, but should work for a time at least.

In the worst case, if the EULA doesn't stand in a court, it would provide a good case against crazy EULA's

It's a win-win!!

trust and reputation management

[mr_burns (13129)]

I believe the next major advance in P2P technology will be the inclusion of reputation management / trust relationship technologies.

How do you know which IP's to blacklist? How do you know that the file you're downloading isn't a trojan?

I don't think the answer is in a centralized database of 'evil-doers'. That's an arms race that can eventually get everybody censored. Especially with dynamic IPs.

What needs to happen is you have to earn a reputation before you end up in those search results. You do this by people vouching for the quality of your files and not being a mole. Trust is gained by WHO vouches for that person and their metric of trustworthyness.

There should also be an option to restrict access to a given file to those within your web of trust so when the death squads in your country are looking to kill people serving up books about democracy, they can't just do a search real quick.

After we achieve a trust framework. I believe the next step will be dealing with traffic analysis. However, I'll rant about that when the time comes.

Re:Still isn't available for Linux though...

[SugoiMonkey (648879)]

mldonkey is pretty good and has Fast Track (meaning Kazaa) support.

Re:Still isn't available for Linux though...

[drgroove (631550)]

Limewire [limewire.com]

Runs on anything, has a decent following, so there's a good chance the song/file/app you're looking for is available.

Re:Still isn't available for Linux though...

[Dave2 Wickham (600202)]

May I point you to giFT-FastTrack [berlios.de]?

Re:Afraid, are you?

[Eudial (590661)]

Begun, this copyright war has.

Dude, You seriously need to cut down on Star Wars.

(Star Wars, you seriously need to cut down on.)

Re:Afraid, are you?

[AntiOrganic (650691)]

Matters not what this message says, be modded +5 funny it will.

Re:Check out UDPP2P

[stikves (127823)]

Please forgive me if I'm wrong, but UDPP2P does not seem to be "promising".

I've checked the web site. It basically says "we broadcast all the queries and if someone has the file we meet each other by using secret codes hidden in those queries".

A peer-to-peer network that does queries in terms of network-wide broadcast is always doomed to fail. Gnutalla failed (and was redesigned) the same way. Even Novell NetWare was unable to scale because of SAP (service advertising protocol).

Nevertheless, the web site says "peers will somehow know each other". This is also a big problem in P2P networks. -- No design only big words.

Anyways, if I were you, I'd use freenet [freenetproject.org]. It's anonymous, and it works much better than the scheme explained on the web site.

Re:Quote from article

[youBastrd (602151)]

Let me get this straight: the author of the article says he installed software that blocks communication with RIAA servers, then claims that the site couldn't be reached.

Umm...