Combining BitTorrent With Darknets For P2P Privacy

CSEMike writes "Currently popular peer-to-peer networks suffer from a lack of privacy. For applications like BitTorrent or Gnutella, sharing a file means exposing your behavior to anyone interested in monitoring it. OneSwarm is a new file sharing application developed by researchers at the University of Washington that improves privacy in peer-to-peer networks. Instead of communicating directly, sharing in OneSwarm is friend-to-friend; senders and receivers exchange data using multiple intermediaries in an overlay mesh. OneSwarm is built on (and backwards compatible with) BitTorrent, but includes numerous extensions to improve privacy while providing good performance: point-to-point encryption using SSL, source-address rewriting, and multi-path and multi-source downloading. Clients and source are available for Linux, Mac OS X, and Windows."

Re:Hmmm.

[L4t3r4lu5]

All the more reason to get the darknet up and running before it disappears.

Once the source code is out there, it'd be impossible to stop. Let's hope they post it instead of making you mail in requesting it.

Re:Been done, and better supported.

[Anonymous Coward]

Tor isn't a darknet, it's an onion routing protocol. It's different in that a darknet only involves connecting to trusted friends (people you explicitly added to your peer list), whereas Tor connects you to random strangers in its attempt to hide your identity.

Re:We already have this; it's pretty much worthles

[Anonymous Coward]

Try using Relakks, SwissVPN or a VPN service similar. I use BitTorrent with them and regularly get 600k/sec or more transfers.
Its not as fast as my ADSL2 connection but fast enough for most things.

Not *that* new.

[Seth Kriticos]

Purely friend 2 friend based networks seem of quite limited use (come on, who knows anyone on the Internet really?).

There are implementations of Pseudonymous P2P clients like GNUnet which are much less trust reliant (more usable and robust). The only problem is, that they are somewhat alpha state and quite cumbersome to set up, and there are not too much files there. There are also a bunch of other approaches (here is a list of software: http://tinyurl.com/cvrvg7 [tinyurl.com] )

Problem is, the *AA will probably run to the next congressman with bribes as soon as this kind of stuff gets mature and wide spread and will create a new law that makes proxying iProperty illegal, then start leeching..

What they are also doing (right now) is forcing everyone to keep traffic logs. They will probably want to extend it to make it querriable centrally (you know, to protect the children) and use it to track down people. Wait, the last one involves intelligence.. OK, forget about that.

And..... what's the legitimate use for this?

[Anonymous Coward]

I can't think of a need for anonymous, untraceable exchanges of large volumes of data for something that isn't piracy.

Efficient transfer of large volumes of data? Sure.

Anonymous, untraceable exchanges of small amounts of data? Sure.

But really, if you're using this you're almost certainly a warez kiddie.

Anomos: Anonymous BitTorrent Without F2F

[EverStoned]

I'm a lead dev on a similar project called Anomos [anomos.info], which provides anonymous and encrypted BitTorrent without requiring the slow Friend To Friend system that this uses. OneSwarm is a cool project, but we have some advantages over this (although I'm sure they have advantages over us as well.) We're a funded project as well. If you're interested in this type of thing, you might wanna take a look at our project as well. (Also check out i2pSnark!) Ultimately (perhaps by the end of this summer), I'd like to see all of these approaches under a single roof.

Oooookay?

[IonOtter]

Read the article, watched the video.

Very pretty, very nice, very private IF you have someone on the other end that you "trust". Gosh! This is just like IRC back in 1994 when you'd go begging for FSP logins to trade, and had to rely on some snot-nosed brat to deign to lower their [33+ selves enough to throw you a bone.

Please. *clicks on enable encrypted torrents only* There. Fixed. Goodnight.

Re:About time

[EdIII]

Your basically saying that the authorities cannot prove you facilitated the "theft" (copyright infringement is NOT theft) of an "apple", but they search your house and find 6 stolen kiwis, 23 oranges, 92 bananas, and 5 kumquats. You don't get convicted for the "apple", but instead get convicted for the other "stolen property".

1) If the warrant was obtained improperly on the basis of the "apple" theft, there is a good probability that the whole case could be thrown out. Miranda anyone?

It's excellent that you brought up this point. Everyone is still at an ever increasing risk from the authorities regardless of encrypted and obfuscated communications. That's where the real battle takes place. Search and Seizure. I suspect that current search and seizure laws will protect us at the moment, but ultimately will be subverted to the will of the powerful and influential.

The MAFIAA is going to give up its old tactics soon by using the legislative processes in the U.S and the EU to criminalize and severely punish all offending activity towards the Big Entertainment groups. I suspect government is largely going along with it since they pick up some pretty nifty "fight the terrorists tools" to monitor and control the public.

Tin foil hattery aside, your best defense is a combination of reasonable doubt (the foundation of TOR, Freenet, and these new darknets) AND STRONG NON-PROPRIETARY WHOLE HARD DRIVE ENCRYPTION.

If they bust into your house and attempt to confiscate equipment to find evidence they will run up against the encrypted data. Assuming the security is suitably strong, it would make it economically nonviable for the government, or even the MAFIAA to attempt cryptanalysis on the data. It's a good assumption that you have at least one, if not several, files that violate copyrights. They just won't be able to prove it.

Then open up the lawsuits to get the equipment back and pursue for damages.

It's pretty much naive at this point to not prepare yourself for the future. Never before has anonymity and privacy been under such vehement attacks by those power, and the well meaning (but extremely foolish) people that object to it philosophically. Regardless of whether you are obtaining ,and in possession of, files violating copyrights, it would be prudent to start protecting your data with strong security. I myself am going to assume that at some point in my lifetime all of my data storage devices are going to be confiscated for analysis. Which is why I have all the really important stuff in several physical locations.

Of course, I am so cynical that I believe there will be a strong push by government to install some sort of sentinel program in every single media and communications device to monitor everything. All in the name of fighting the terrorists and protecting our children's "black cherries" from the sickos.

Re:About time

[Runaway1956]

To be honest, I've been toying with the same idea that AC has. As the next poster points out, IF I CREATE AN EXIT NODE on my own machine, I would be contributing as much to the onion, as I would be taking. Maybe more. Yeah, I know, I'm sticking my neck out, asking for flames and bad karma - but I have brass balls. Give me reasons why this is a good or a bad idea. Let me emphasize - IF I DID THIS, I would create an exit node. Obviously, if I weren't willing to give something back, I would be a real jackass for using tor to slow everyone else down.

Re:About time

[EdIII]

I'm just cynical enough to believe that just about ANY court in the USA would demand you turn over your encryption key under threat of simply being in contempt of court.

So? Give it to them :)

Let them find a couple thousand media files and pictures of big breasted women with cute little kittens between their breasts. It is the SECOND key that will unlock the rest of the data.

You have heard of TrueCrypt right?

A judge can basically throw you in jail until you comply, and that doesn't even allow your case to proceed.

The judge can't do it forever. The most well known cases have involved journalists that refuse to give up their sources. In any case, the judges do have people to answer to as well. I doubt that they can start putting thousands of people into jails on contempt charges stemming from encryption keys that were not turned over. I would be willing to go to jail for a year or two just to provide proof that we won't put up with this crap. Certainly, I am one of the few that would actually die to protect our liberties.

Even if you somehow worked around this, not giving up your key would be seen as an admission of guilt.

Yeah, but to who? The prosecutors can't use that as evidence of guilt. You will not get convicted based on a "secret". The judge won't buy it either. You may be in contempt of court for not giving up the key, but you will not be found guilty of the crime because of it.

Look, I know it's wrong -- fifth amendment and all that -- but this is reality here, and the republicrats don't really care any more.

I have not heard of too many cases just yet. Those that I have heard of have been favorable towards the defendants. In any case, I don't intend to modify my behavior and if they confiscate a hard drive that I know has nothing incriminating on it, I will still not reveal the real key out of principle.

Or, in cartoon form...

[AnotherSteve]

For the visual learners, here is your argument in pictoral format.

http://xkcd.com/538/