New Kazaa Lite Protects Identity 668
Denver_80203 writes "Found this story about the new Kazaa K++ 2.4.0 and it's new sister program which claim to protect your identity while sharing files. Any of you folk know how legit this could be? We all knew it wouldn't be long... is this the war or just another battle?"
Kazaa K++ is an excellent program (Score:5, Informative)
How? (Score:5, Informative)
I doubt there is a way... netstat kills your privacy
A Most Important New Feature (Score:4, Informative)
Stop trying to flood my P2P network...
Now we have blacklisting and whitelisting (through Sig2DAT). Though both of these methods together would seem to defeat P2P "spammers", the easiest way for them to get around this might be to spam the whitelist. The next move in the P2P wars remains uncertain.
Re:Still isn't available for Linux though... (Score:5, Informative)
Re:This isn't surprising. . . (Score:3, Informative)
Re:Still isn't available for Linux though... (Score:5, Informative)
Runs on anything, has a decent following, so there's a good chance the song/file/app you're looking for is available.
Re:Still isn't available for Linux though... (Score:3, Informative)
Re:This isn't surprising. . . (Score:5, Informative)
HTH!
Re:Still isn't available for Linux though... (Score:3, Informative)
For a while there was giFT, an attempt at implimenting an open Fast Track client. But due to some of the same changes that broke kza, which were an attempt by the authors to keep out third party clients, giFT could no longer connect. giFT still exists as a fastrack-like open File Transfer network. They've not had an official release as far as I am aware, but you can grab CVS and a frontend and compile it without too much trouble. It works well, but the number of users is small (and will remain so until they actually do a release.)
So basically, no. No alternative.
Re:Privacy and Filesharing (Score:2, Informative)
No, firewalls just block connections in (or out) of your network. That said, if you're using NAT through a firewall with the rest of your office (not that you should be using kazaa at work...), then it can be tracked to your office, but not a specific user in the office.
anonymity is available (Score:5, Informative)
In other P2P networks. Freenet [sourceforge.net] and GNUnet [ovmj.org] both offer crypto and anonymity. Freenet isn't a P2P app in the pure sense. It's more of an underground www. GNUnet has better anonymity (theoretically - due to it's ability to resist traffic analysis attacks), but it is a younger project.
When it's time to retreat from gnutella, these represent the next stage in the information war.
Re:Check out UDPP2P (Score:5, Informative)
I've checked the web site. It basically says "we broadcast all the queries and if someone has the file we meet each other by using secret codes hidden in those queries".
A peer-to-peer network that does queries in terms of network-wide broadcast is always doomed to fail. Gnutalla failed (and was redesigned) the same way. Even Novell NetWare was unable to scale because of SAP (service advertising protocol).
Nevertheless, the web site says "peers will somehow know each other". This is also a big problem in P2P networks. -- No design only big words.
Anyways, if I were you, I'd use freenet [freenetproject.org]. It's anonymous, and it works much better than the scheme explained on the web site.
Re:Is it a good thing to not share? (Score:4, Informative)
Re:Still isn't available for Linux though... (Score:5, Informative)
Re:umm (Score:5, Informative)
Re:This isn't surprising. . . (Score:3, Informative)
Re:All this seems to do... (Score:2, Informative)
mlDonkey is better anyhow (Score:3, Informative)
I'm utterly impressed with it. Very easy to use, and I really like being able to hit all the differnt networks at once. It's also pretty cool having native guis available for linux AND windows.
Re:Fanning the flames (Score:2, Informative)
What KaZaA did do was add the Participation Level, which basically improves your chances of downloading if you're sharing a lot of popular files. And in my opinion that was a modification which would encourage piracy.
Re:Great, now how about make Kazaa find more sourc (Score:2, Informative)
Re:Kazaa K++ is an excellent program (Score:3, Informative)
RIAA Should be commended (Score:5, Informative)
So now the RIAA have several choice.
1. Try to roll back the technolgy that enables this new distribution channel. This is possible but not very likey.
2. Use more draconian law enforment techniques. Posibble but I mean whata ya gonna do... start sending colleage kids to prison ? For what stealing a Brittney track ? Is this what we want ?
3. Try to adapt to the new medium. Be creative and come up with new profit channels that take advantage of the medium.
Personally I dont think 3 is very likely either... I think RIAA is going to have to be dragged kicking and screaming into the 21st century.
Re:This isn't surprising. . . (Score:4, Informative)
Freenet: far from ready! (Score:2, Informative)
Is Freenet searchable?
No search mechanism has yet been implemented.
Bzzzzzt! Sorry, you lose. Try again!
Re:Kazaa K++ is an excellent program (Score:3, Informative)
FWIW, Ad-Aware isn't supposed to work that way. It's on-demand only. If you want the on-access scanner (Ad-Watch), you have to actually pay the $20 for Ad-Adware Pro (which I highly recommend, by the way, as it works *great*). Oh, and just like your favorite anti-virus, you have to keep the signatures up to date.
Comment removed (Score:5, Informative)
Protection is key... (Score:1, Informative)
There are some methods out there that attempt to address this.
Programs such as FreeNet have been around for some time that blocks the location of the traffic. However, there are easier methods than FreeNet out there to protect your identity.
Re:Suppose one doesn't... (Score:3, Informative)
And in the end, you have the whole file on your computer, which is clearly in violation.
This is a dead end. Fight the battle in trying to establish real fair use laws, not in trying to find wierd loopholes that will just be easily closed
Re:Still isn't available for Linux though... (Score:2, Informative)
Re:Kazaa K++ is an excellent program (Score:4, Informative)
Re:K++ edition (Score:4, Informative)
spare us the theoretics and justifications (Score:4, Informative)
now that the wall is being torn down, the RIAA is going out of its way to try to ensure its relevancy. (payola, tighter distribution contracts with artists, destroying the credibility of digital distribution, etc) it sucks - but it's all legal.
all that aside this is about theft. downloading mp3s for material you haven't paid for -is- theft. whether it -should-be- or not is debatable. but under the law, it is. bummer.
so this little arms race may be between the good intentioned hackers vs the big bad corporation - but legally it's just pirates against copyright holders.
the fault -doesnt- lie with the consumer, it lies with the pirate. if you've noticed, not even the RIAA is saying 'p2p is bad' anymore. the specific practice of illegal distribution of music is what they're fighting now.
they logistically can't (and don't even try to) sue -you- for downloading. it's not obvious from the information available within a p2p app whether or not you are downloading a song you have fair use rights to (if i own nevermind, i can legally download the mp3s for that album) - and it would be financially prohibitive to even try to figure that out.
-however-, sharing the files is absolutely illegal. the RIAA -owns- the distribution rights for signed artists, and you are infringing on their copyrights by pirating that right.
sure, maybe some day the artists will wise up - but until then, you -are- breaking the law. get used to it, get an ipod, or uninstall kazaa. check your justifications at the door.
and whether or not p2p affects CD sales is irrelevant. discussing that is like trying to justify theft from a profitable business because they're still profitable despite the theft. sure - it's a neat little communistic self-delusion - but it's still theft under our laws.
Re:Wasted effort (Score:3, Informative)
I no longer have a record player and even if I did I would prefer to listen to them on my computer. I download "The Great Pretender" off Kazaa.
I purchased a cd, my daughter then played ruined it(my fault shouldn't have left it out). I then downloaded the cd of Kazaa, created a new cd.
I believe in the above two examples I have broken the law. The RIAA would like to see me hang i guess.
Do most people steal on kazaa? oh yes, but in the above cases what other good options do I have?
The RIAA says that I should take better care of my cd. I say I already paid the royalties for the cd, why should I have to pay them again?
They leave no alternative other than buying a new cd. Ain't gonna happen.
btw, I do have a JOB, a wife and two kids. I have lways had a JOB, since high school and during college and now.
The RIAA lumps people like me(doing the above) with people who download and then burn cd after cd without ever paying for them.
Re:Submitted for your approval: (Score:3, Informative)
You would need a new client, you'd need a new protocol.
Re:This isn't surprising. . . (Score:2, Informative)
Get pre-compiled here! (Score:1, Informative)
Simply get the binaries pre-compiled for your platform, sire. [mldonkey.net]
Alternatively get them here [berlios.de].
Re:Score one for us? (Score:3, Informative)
You don't have to give them an IP... (Score:5, Informative)
I think there was a paper on
Of course, your ISP/firewall wouldn't necessarily be happy about sending out all those fake UDPs, and many university networks throttle them. Also, the
Perhaps one should point out that this is practically a new internet protocol, requiring root access and stuff... it might be better for them just to use IPSec with address hiding.
Re:That's what I needed (Score:4, Informative)
The law does see a difference between locked and unlocked doors. Entering an unlocked door without permission (or reasonable assumption thereof, such as a place of business' front door) is trespassing. Defeating a lock and entering is breaking and entering.
Re:You don't have to give them an IP... (Score:5, Informative)
This is a really good idea. You can extend it to make it even better though.
Part of the good thing about the erasure-correcting code approach is that if you use a big enough very low-rate code (although its quite tricky to do that with good CPU and memory efficiency) then you can have downloading from several servers concurrently without having to tell each server which parts of the files you want (just send random parts of the encoded data and theres a low chance of overlap from multiple servers).
Now, here's the clever part: you use IP Multicast with multiple sources spoofing the same sender address. This means that (a) you save quite a lot on bandwidth since many P2P clients will be downloading the same source file (this is important since a big reason many ISPs and Universities have banned P2P is the bandwidth); and (b) it is MUCH harder (not impossible, but hard enough if you are not an ISP or a router at the very end) to find out who either the source or the destination is.
I don't know if anyone has thought of this idea and tried to implement it. Someone should; maybe I'll give it a go when I have time.
PS. There is a sparser and more CPU-efficient solution than VanderMonde matrices, look for Low-Density Parity Check codes.
Re:That's what I needed (Score:3, Informative)
Apparently; like this.
You search for a file, get replies via the net telling you who (by nickname, not IP) has it, and send a request back via the net to download the file, along with your IP and probably bandwidth. At this point you haven't been told the IP of the machine that has the file.
So now the sending machine starts sending you the file as bunches of spoofed UDP packets, with a healthy measure of error-correction built in so you won't need to re-request any missing packets. You still don't know the sending machine's IP.
What I'd like to know is;
I request a file and several people have it. Then I let them all know that my IP address is "grc.com" and that I have practically unlimited bandwidth. Lots of hosts begin sending spoofed UDP packets at grc.com with no valid return address.
Repeat until grc.com vanishes under all the traffic..
I hope somewhere in the protocol they verify that the address they're sending stuff to is actually the one making the requests for it.
Re:This isn't surprising. . . (Score:1, Informative)
Re:You don't have to give them an IP... (Score:3, Informative)
The way i read UDPP2P's docs it was basically a three stage process:
Demi-ingenious, the provider now knows the requesters IP but not vice-versa.
The provider proceeds to send the file to the requester as an unsorted bunch of UDP packages. There is no way to communicate with the server, so you just have to drink from the fire-hose. And of course UDP packets aren't guaranteed to be error free... Oh, and good routers will just throw away all the spoofed packages. <sarcasm>This could really work!</sarcasm>
Re:Security Through Obscurity (Score:1, Informative)
design features for a P2P client using encryption, but
I keep getting blocked by some
the code snippets that cause the problems.) I'll
write this up and circulate it on a newsgroup, perhaps
sci.crypt or one of the usual places. Slashdot is a good
place for quick points, but it's not like a blog that facilitates
discussions.
License Agreement (Score:1, Informative)