schliz writes "Developers of The Pirate Bay have launched their new Virtual Private Network (VPN) service to some 180,000 pre-registered beta testers. An e-mail to beta testers read. 'IPREDator does not store any personal details about its clients. IPREDator does not store any traffic habits you might have. IPREDator is the key to a free internet in the renaissance of censorship!' The new service was launched to protect file sharers in response to the Swedish Intellectual Property Rights Enforcement Directive (IPRED) that went into effect in April."
Yes, Pirate Bay could secretly store that information, but I somehow doubt they would.
Yeah, because no one would think that the soon to be new CEO, who happens to be good friends with the RIAA [cnet.com], would ever do such a thing as log traffic or identifiable information. Right?..right?
Aren't those types of networks also referred to as "Darknets?" I recall hearing something about them a long time ago, but I haven't read much into them. Is it akin to using a botnet to host a server/communication system? Anyone with the sexy details?
Black server - server using encrypted comms that is not publicly know Darknet - layer on top of internet that uses encryption, multiple hop routing and other techniques to disguise nodes activity from each other
That's my understanding of it anyhow. I2P and freenet are the only darknets I know about. I wouldn't go near 'em, personally.
by Anonymous Coward
on Thursday July 23, @12:59PM (#28797831)
I actually wrote my own at one point that tunneled itself steganographically using decent crypto disguised inside webcam sessions. Unfortunately, the throughput was abyssal, and of course--it was pretty difficult to get 'real' network behavior.
I wouldn't say the point of a darknet is to hide a node's activity from one another--so much as it is to conceal their presence from anything not in the darknet. Tor helps hide a nodes activity from another node (sort of), but isn't a darknet. Freenet--you can search for, but generally speaking you can't find other nodes in freenet trivially. I'd call it a greynet.
What's wrong with freenet?
It works beautifully for its intended purpose, even if there's a sad amount of...malcontent littered throughout it. Despite the nastyness that you store on your own hard drive (which you couldn't read anyway unless you want searching for it), it's not like you or anyone else could ever prove it was on your system--if they could, the very trial itself would necessitate proving a means to crack commonly used cryptographic protocols--keeping that secret (if it's possible) would be worth more to anyone than convicting you ever would be.
Despite the nastyness that you store on your own hard drive (which you couldn't read anyway unless you want searching for it), it's not like you or anyone else could ever prove it was on your system-
I dunno. If I were a Fed, I'd break Freenet like this:
Fed: "We have a bunch of nodes on the darknet that contain Bad Things."
Judge: "How do you know what your nodes contain?"
Fed: "We surfed for Bad Things on Fed1, wrote the offending keys of the Very Worst Things into a textfile, and then ran a script on F
Despite the nastyness that you store on your own hard drive (which you couldn't read anyway unless you want searching for it), it's not like you or anyone else could ever prove it was on your system-
I dunno. If I were a Fed, I'd break Freenet like this:
Fed: "We have a bunch of nodes on the darknet that contain Bad Things."
Judge: "What's a node?"
Fed: "We surfed for Bad Things on Fed1, wrote the offending keys of the Very Worst Things into a textfile, and then ran a script on Fed2 that downloaded a whole bunch of the Very Worst Things. Fed2 is running a modified client that doesn't save chunks that are being passed through it to other machines. Therefore, the only stuff in its datastore is stuff that got there from our own requests. Then we walked away from Fed2's keyboard and let it stew for a few hours."
Judge:......
Fed: "Right. When a request for a chunk comes in, and Fed2 doesn't have it, we just pass the request on to the next node. When a chunk comes through from some other node, our modified client passes it on without storing it locally."
Judge: *blank stare*
Fed: "...we add the requestor's IP address to the list of IP addresses for which we have probable cause to believe are requesting - or facilitating - the transmission of Bad Things. By the way, here's the list."
Judge: "Signed. Go get 'em."
I think the above changes might more accurately reflect reality.
I'm sorry, but you are thinking logically. don't worry, it happens all the time to those of us with IT experience. You see, you are walking the steps from a-z and seeing that logically it would make no sense.
The problem is we are talking Child porn here, a subject where common sense and logical thinking will NOT save you from PMITA prison. Just see Little Rascals Daycare [religioustolerance.org] and mcMartin preschool [wikipedia.org] for examples. In McMartin you had kids claiming Chuck Norris was doing ritual slaughter of Elephants in a dungeon. Logically you or I would go "WTF?" but in the McMartin case they actually bulldozed it to the ground looking for the dungeon! And last I heard there were still two being held in PMITA prison over Little Rascals, where the prosecution actually had the brass balls to tell the defense if they actually did their job and defended their clients that THEY would be arrested for aiding child molestation!
So you see, while logic and common sense would tell you that having a Freenet node, where you don't actually have the keys to what is on your HDD would protect you. Sadly in reality they would throw you in PMITA prison until you produced the keys (which you don't have) or send you to prison for aiding and abetting child abuse because you have IT experience that should have given you the ability to know what was in those encrypted files. Believe me, as somebody who has had dealing with the cops asking for help in IT matters, logic rarely comes into play. I even had a state trooper get pissy with me because I couldn't/wouldn't attempt to hack a federal server at the building where his wife worked so he could read his wife's emails and let him see if she was cheating.
Sadly most cops and many prosecutors believe that hacker crap that they see on TV, like we all have little magic black boxes that let us blow through crypto and hack into any database. See? Reality doesn't matter if all the people after you believe is what they saw on Hackers.
It works beautifully for its intended purpose, even if there's a sad amount of...malcontent littered throughout it. Despite the nastyness that you store on your own hard drive (which you couldn't read anyway unless you want searching for it), it's not like you or anyone else could ever prove it was on your system--if they could, the very trial itself would necessitate proving a means to crack commonly used cryptographic protocols--keeping that secret (if it's possible) would be worth more to anyone than convicting you ever would be.
Unfortunately, the MAFIAA doesn't need to prove anything to rack up massive legal costs against you, or threaten to sue you.
... so many people being given assurance of "complete privacy", wonder how many will believe it almost blindly, indulge in piracy (or whatever the civilized world calls it), get caught and get into unnecessary trouble.
And what are the bets that the demographics of these 180,000 people is among some of the better placed and prosperous human beings on this planet?
About getting into trouble part, I do hope I am wrong though...
And what are the bets that the demographics of these 180,000 people is among some of the better placed and prosperous human beings on this planet?
Well, considering that they HAVE a computer, are most likely using it (at least during TPB activities) for leisure instead of survival, understand enough of broadband network technology to realize encryption is useful for their activity, understand VPNs, understand encryption, appreciate anonymity, and apply all of it to the indicated activity, I dare say that they're in all likelihood doing much better than the half of the world's population trying to get by on less than $2/day.... is there a problem with that? Why do you call them out as "some of the better placed and prosperous human beings on this planet"?
by Anonymous Coward
on Thursday July 23, @12:39PM (#28797577)
It's entered Beta? Hardly news, I got my invite on the 1st of July, it contained a unique HTTPS URL which was the only way to access the login page. I signed up (and paid up), connected the VPN after following the simple steps to create a Windows VPN connection. My IP then geo-located to somewhere in Sweden. It's nice, cheap and easy solution, assuming it does indeed remain anonymous. Speeds are pretty much wirespeed on my 5MB ADSL in the UK.
that here in the USA, using a service like this (and subsequently being caught) can stiffen any penalties or jail time your may receive because you're actively obstructing justice.
Certainly groups like the RIAA are going to play that up while they secretly freak out they are not longer losing control, but have completely lost it to services like this.
I fear you're probably right. But it is messed up that "taking steps to avoid sharing your personal information with your ISP" can be construed as "actively obstructing justice."
A person who does nothing illegal might want to use this service simply because they value privacy.
If you then proceed to eat it, you may be able to avoid jail completely and go to a mental institution whilst writing a book which makes you a millionaire! The downside is, you have to eat a human heart.
Well, in theory you can use a gun for target practice, but if you have a gun at all you must be a crazy would-be mass murderer. Hence all guns (except those protecting Important People) are confiscated and guns are never used to commit crimes ever again.
That's because using a gun endangers lives. This would be more akin to drawing the blinds while making illegal copies of Hollywood movies in your basement.
The real scary bit is when they decide that anyone with drawn blinds is acting suspiciously and needs to be searched. Just wait, I guarantee you someone will propose that anyone using this anonymity service should be investigated.
Privacy is illegal these days. Soon to be in the "Land of the Free" Just step out on to your porch. Be sure to wave (in all directions, ya never know which camera is active...)
as a serious question....are you saying that using encryption in your communications would increase your penalties?
Is this codified law somewhere? Since the future of all electronic communications is going to be encrypted I would think this presents a pretty serious problem (or from a law standpoint a powerful club).
Using encrypted wireless communications on your router is not by nature going to increase your penalties, why should encrypting the rest of your communications do so?
I never actually thought about what IPRED stands for. Now I see the acronym refers to words in english...
I all ready knew the swedish elite takes its directions regarding copyright law from the big ol' US of A, but jesus, couldn't you at least bother to translate the names of laws they've ordered into swedish !?!
Except their only payment portal doesn't accept payment using US credit cards. The portal told me themselves when they rejected 3 of my cards and a Paypal temporary credit card.
In my neighborhood they even have a wireless version of this VPN. It's called "linksys" for some reason, but it allows anonymous access, and it's even free.
No shit? They said it was going to be a paid service when it was first announced. From the title of the original Slashdot article from March: Pirate Bay To Offer VPN For $7 a Month [slashdot.org]. From where did you get the idea that this was ever going to be a free service?
Also It's been done [slashdot.org] before and well [wikipedia.org]. The code has been open for a long time now. I'm just surprised it hasn't happened sooner.
The code used to be archived by some of the industry cool kids for quite a while, but I'm not readily finding it in the allowed attention span of this comment.
Read the rest of his post, guy. His point isn't that it's not free, but that any service that accepts money from you is gonna have to keep some kind of records of those payments; therefore it's not fully anonymous.
Thank you ChinggisK for restoring my faith in humanity after all of these idiots.
There is no need to retain any other information.
Oh god, this is slashdot isn't it? Where's the healthy paranoia? Of course they don't need to keep logs but they could. You're handing them your identity, committing a crime, and hoping that they don't keep laws. I guess you trust the name The Pirate Bay (from these other posts I gather you all are stupid enough for this in the first place) but keep in mind they were just bought
There are a number of illicit services which have to accept payment and don't keep records. Now, if there is a subscription then I would be suspect. However if its non-recurring payment, I could believe that they don't have any records. For instance, "seed banks" do the same thing for many entheogenic plants. You make a payment, they ship your product, and the records of the transaction are deleted and shredded. However, that would mean a *lot* of hands on work for a few people to perform since I doubt most
Keeping account information is far different that keeping activity logs. Completely anonymous, no. Where you have been and what you may have downloaded, yes. So unless they make having an account on the VPN illegal, it is "anonymous enough".
Does not store any personal details about clients (Score:5, Funny)
This has been the main problem with the beta as no one has been able to login to the vpn.
I don't think anyone thought this thing through.
Re:Does not store any personal details about clien (Score:5, Interesting)
Yeah, because no one would think that the soon to be new CEO, who happens to be good friends with the RIAA [cnet.com], would ever do such a thing as log traffic or identifiable information. Right?
Parent
Meh - black servers have been around for years. (Score:5, Informative)
Black Servers won't go away, because they are impossible to find and stop.
RS
Re: (Score:3, Interesting)
Re:Meh - black servers have been around for years. (Score:5, Informative)
Black server - server using encrypted comms that is not publicly know
Darknet - layer on top of internet that uses encryption, multiple hop routing and other techniques to disguise nodes activity from each other
That's my understanding of it anyhow. I2P and freenet are the only darknets I know about. I wouldn't go near 'em, personally.
Parent
Re:Meh - black servers have been around for years. (Score:5, Interesting)
I actually wrote my own at one point that tunneled itself steganographically using decent crypto disguised inside webcam sessions. Unfortunately, the throughput was abyssal, and of course--it was pretty difficult to get 'real' network behavior.
I wouldn't say the point of a darknet is to hide a node's activity from one another--so much as it is to conceal their presence from anything not in the darknet. Tor helps hide a nodes activity from another node (sort of), but isn't a darknet. Freenet--you can search for, but generally speaking you can't find other nodes in freenet trivially. I'd call it a greynet.
What's wrong with freenet?
It works beautifully for its intended purpose, even if there's a sad amount of...malcontent littered throughout it. Despite the nastyness that you store on your own hard drive (which you couldn't read anyway unless you want searching for it), it's not like you or anyone else could ever prove it was on your system--if they could, the very trial itself would necessitate proving a means to crack commonly used cryptographic protocols--keeping that secret (if it's possible) would be worth more to anyone than convicting you ever would be.
Amusing: Captcha = "crimes"
Parent
Re: (Score:3, Insightful)
I dunno. If I were a Fed, I'd break Freenet like this:
Fed: "We have a bunch of nodes on the darknet that contain Bad Things."
Judge: "How do you know what your nodes contain?"
Fed: "We surfed for Bad Things on Fed1, wrote the offending keys of the Very Worst Things into a textfile, and then ran a script on F
Re:Meh - black servers have been around for years. (Score:5, Insightful)
I dunno. If I were a Fed, I'd break Freenet like this:
Fed: "We have a bunch of nodes on the darknet that contain Bad Things."
Judge: "What's a node?"
Fed: "We surfed for Bad Things on Fed1, wrote the offending keys of the Very Worst Things into a textfile, and then ran a script on Fed2 that downloaded a whole bunch of the Very Worst Things. Fed2 is running a modified client that doesn't save chunks that are being passed through it to other machines. Therefore, the only stuff in its datastore is stuff that got there from our own requests. Then we walked away from Fed2's keyboard and let it stew for a few hours."
Judge: ......
Fed: "Right. When a request for a chunk comes in, and Fed2 doesn't have it, we just pass the request on to the next node. When a chunk comes through from some other node, our modified client passes it on without storing it locally."
Judge: *blank stare*
Fed: "...we add the requestor's IP address to the list of IP addresses for which we have probable cause to believe are requesting - or facilitating - the transmission of Bad Things. By the way, here's the list."
Judge: "Signed. Go get 'em."
I think the above changes might more accurately reflect reality.
Parent
Re: (Score:3, Insightful)
Since when has this ever stopped a judge from issuing a warrant?
Re:Meh - black servers have been around for years. (Score:5, Insightful)
I'm sorry, but you are thinking logically. don't worry, it happens all the time to those of us with IT experience. You see, you are walking the steps from a-z and seeing that logically it would make no sense.
The problem is we are talking Child porn here, a subject where common sense and logical thinking will NOT save you from PMITA prison. Just see Little Rascals Daycare [religioustolerance.org] and mcMartin preschool [wikipedia.org] for examples. In McMartin you had kids claiming Chuck Norris was doing ritual slaughter of Elephants in a dungeon. Logically you or I would go "WTF?" but in the McMartin case they actually bulldozed it to the ground looking for the dungeon! And last I heard there were still two being held in PMITA prison over Little Rascals, where the prosecution actually had the brass balls to tell the defense if they actually did their job and defended their clients that THEY would be arrested for aiding child molestation!
So you see, while logic and common sense would tell you that having a Freenet node, where you don't actually have the keys to what is on your HDD would protect you. Sadly in reality they would throw you in PMITA prison until you produced the keys (which you don't have) or send you to prison for aiding and abetting child abuse because you have IT experience that should have given you the ability to know what was in those encrypted files. Believe me, as somebody who has had dealing with the cops asking for help in IT matters, logic rarely comes into play. I even had a state trooper get pissy with me because I couldn't/wouldn't attempt to hack a federal server at the building where his wife worked so he could read his wife's emails and let him see if she was cheating.
Sadly most cops and many prosecutors believe that hacker crap that they see on TV, like we all have little magic black boxes that let us blow through crypto and hack into any database. See? Reality doesn't matter if all the people after you believe is what they saw on Hackers.
Parent
Re: (Score:2)
It works beautifully for its intended purpose, even if there's a sad amount of...malcontent littered throughout it. Despite the nastyness that you store on your own hard drive (which you couldn't read anyway unless you want searching for it), it's not like you or anyone else could ever prove it was on your system--if they could, the very trial itself would necessitate proving a means to crack commonly used cryptographic protocols--keeping that secret (if it's possible) would be worth more to anyone than convicting you ever would be.
Unfortunately, the MAFIAA doesn't need to prove anything to rack up massive legal costs against you, or threaten to sue you.
Re:Meh - black servers have been around for years. (Score:5, Funny)
Post your damn initials in your signature spot. God almighty it's so pretentious when people put their initials in their posts.
AC
Parent
Initials (Score:2)
Post your damn initials in your signature spot. God almighty it's so pretentious when people put their initials in their posts.
AC
Is that any way to talk to RMS? Oh wait, sorry. It just says RS.
This is scary... (Score:4, Insightful)
Well duh (Score:5, Insightful)
And what are the bets that the demographics of these 180,000 people is among some of the better placed and prosperous human beings on this planet?
Well, considering that they HAVE a computer, are most likely using it (at least during TPB activities) for leisure instead of survival, understand enough of broadband network technology to realize encryption is useful for their activity, understand VPNs, understand encryption, appreciate anonymity, and apply all of it to the indicated activity, I dare say that they're in all likelihood doing much better than the half of the world's population trying to get by on less than $2/day. ... is there a problem with that? Why do you call them out as "some of the better placed and prosperous human beings on this planet"?
Parent
Virtual Pirate Network (Score:5, Funny)
Shoun't that be Virtual Pirate Network?
Old News (Score:5, Informative)
It's entered Beta? Hardly news, I got my invite on the 1st of July, it contained a unique HTTPS URL which was the only way to access the login page. I signed up (and paid up), connected the VPN after following the simple steps to create a Windows VPN connection. My IP then geo-located to somewhere in Sweden. It's nice, cheap and easy solution, assuming it does indeed remain anonymous. Speeds are pretty much wirespeed on my 5MB ADSL in the UK.
Re: (Score:3, Funny)
Damnit, now Sweden is gonna be a haven of terrorism.
Good job, TPB!
Keep in mind... (Score:5, Informative)
Re: (Score:3, Insightful)
Re:Keep in mind... (Score:5, Insightful)
I fear you're probably right. But it is messed up that "taking steps to avoid sharing your personal information with your ISP" can be construed as "actively obstructing justice."
A person who does nothing illegal might want to use this service simply because they value privacy.
Parent
Re: (Score:2)
Re: (Score:3, Insightful)
Is the penalty really stiffer if you kill someone using a gun instead of a knife? Or you rip out their heart with your bare hands?
Re: (Score:2)
The downside is, you have to eat a human heart.
Re:Keep in mind... (Score:5, Funny)
You say downside, I say Tuesday.
-Mola Ram
Parent
Re: (Score:2)
Re: (Score:3, Insightful)
Well, in theory you can use a gun for target practice, but if you have a gun at all you must be a crazy would-be mass murderer. Hence all guns (except those protecting Important People) are confiscated and guns are never used to commit crimes ever again.
Re: (Score:3, Insightful)
That's because using a gun endangers lives. This would be more akin to drawing the blinds while making illegal copies of Hollywood movies in your basement.
The real scary bit is when they decide that anyone with drawn blinds is acting suspiciously and needs to be searched. Just wait, I guarantee you someone will propose that anyone using this anonymity service should be investigated.
Re: (Score:2)
You can also use a gun for target practice, but if you use one during the comission of a crime, the penalties are stiffer.
You heard it from slashdot: downloading pirated content with a VPN is the same as shooting someone.
Re: (Score:2)
Re: (Score:2)
Is this codified law somewhere? Since the future of all electronic communications is going to be encrypted I would think this presents a pretty serious problem (or from a law standpoint a powerful club).
Using encrypted wireless communications on your router is not by nature going to increase your penalties, why should encrypting the rest of your communications do so?
What Pirate Bay? (Score:2, Funny)
I dunno what you're talking about -- there is no "pirate bay", no more "black servers" or "darknets"; now, everyone be quiet!
The Pirate Bay captains... (Score:2)
... have finally found a way to pay that 3.6 million dollar judgement from the trial, eh? Unlike TPB, this has a subscription fee to use it.
IPRED, the acronym. (Score:2)
I never actually thought about what IPRED stands for. Now I see the acronym refers to words in english...
I all ready knew the swedish elite takes its directions regarding copyright law from the big ol' US of A, but jesus, couldn't you at least bother to translate the names of laws they've ordered into swedish !?!
Re: (Score:2)
Ok. Here's me looking foolish. IPRED is an eu directive, hence the name not being in swedish.
Out of interest... (Score:2)
US credit card? Forget it (Score:2, Informative)
Wireless version in my neighborhood (Score:5, Funny)
Re: (Score:2, Informative)
RTFA, please. Who said it's free?
Re: (Score:2)
It'll have to be a paid service.
No shit? They said it was going to be a paid service when it was first announced. From the title of the original Slashdot article from March: Pirate Bay To Offer VPN For $7 a Month [slashdot.org]. From where did you get the idea that this was ever going to be a free service?
Re: (Score:2, Informative)
RTFA, guy. It's not free.
Also It's been done [slashdot.org] before and well [wikipedia.org]. The code has been open for a long time now. I'm just surprised it hasn't happened sooner.
The code used to be archived by some of the industry cool kids for quite a while, but I'm not readily finding it in the allowed attention span of this comment.
Re: (Score:2)
Re:Free? (Score:4, Interesting)
gonna have to keep some kind of records of those payments; therefore it's not fully anonymous.
Yes, the record that have to keep would amount to this: "x user paid his monthly fee". There is no need to retain any other information.
Parent
Re: (Score:3, Insightful)
Oh god, this is slashdot isn't it? Where's the healthy paranoia? Of course they don't need to keep logs but they could. You're handing them your identity, committing a crime, and hoping that they don't keep laws. I guess you trust the name The Pirate Bay (from these other posts I gather you all are stupid enough for this in the first place) but keep in mind they were just bought
Re: (Score:2)
Re: (Score:3, Informative)
Re: (Score:2)
It's 5 euros per month: http://www.ipredator.se/ [ipredator.se]
Re: (Score:2)
The worst upcoming nightmare is transatlantic and it is called ACTA [wikipedia.org].
Re: (Score:2)
I don't use Twitter. Could you send the torrents encrypted as image files over Twitter or is Twitter changing those images before it sends them? http://tech.slashdot.org/story/09/07/15/1314253/New-Service-Converts-Torrents-Into-PNG-Images [slashdot.org]
I assume PNG probably isn't a valid format for Twitter images anyways.
Re: (Score:3, Insightful)
That's unnecessary code, but it serves it's purpose by increasing readability over:
It doesn't serve any purpose. If you can't understand the statement:
if (isTrue)
Then you're worse than an amateur coder.