Can you really be anonymous on a file-sharing network?

I just posted the article Can you really be anonymous on a file-sharing network?.

As most of our visitors will know the RIAA has recently said that it plans to sue hundreds of people using file-sharing (P2P) software. As a result, software, such as Blubster …

Read the full article here:  [http://www.cdfreaks.com/news/6186-Can-you-really-be-anonymous-on-a-file-sharing-network.html](http://www.cdfreaks.com/news/6186-Can-you-really-be-anonymous-on-a-file-sharing-network.html)

Feel free to add your comments below. 

Please note that the reactions from the complete site will be synched below.

There is only one way to be anonymous on a file sharing network: FREENET ( www.freenetproject.org ) If you havent tried it in awhile it is really coming along. And with programs like Frost and Fraza, it will be the future of file sharing.

Why is this concept so difficult to grasp? Yes…it is absolutely possible to set up a file sharing network that is anonymous. This is how you do it: Superpeers that keep encrypted peer lists and do all communications encrypted. A peer logs on and distributes it’s “share list” to the superpeer completely encrypted. Another peer makes a request (encrypted) to the superpeer (encrypted) and the superpeer passes that request on to the sharer along with the destination IP. The sharer’s PC then begins sending UDP packets with a forged IP address (pick the IP of www.riaa.org just to make it fun) along with say 10% reed-soloman style recovery packets to the requester. Only the sharer will know the IP of the requester. The requester has no idea what IP the sharer is. There is no way for the RIAA to find out the IP addresses of sharer’s without becoming a superpeer and somehow hacking into the encrypted memory lists and communications of the program itself.

What everyone should be worried about is what the RIAA is doing to the internet. Used to, people roamed the internet freely without worrying about encryption. This also made it easier for the justice department to track down terrorists and people who did child porn. Now everything is migrating to strong encryption and encrypted communication and it will be almost impossible to stop terrorist communication and child porn traffic because the RIAA has forced the general public at large to create the same tools that terrorists and child porn lovers will use to hide. Shame on the RIAA!!!

Well what’s to stop them from simply just doing a netstats and a tracert to find out the ip during transfer?

That’s exactly what I was wondering while reading this.

The only way to do it would be to send the data via someone elses IP. A proxy. Which slows things tyo a crawl. Either that or follow Freenet’s example of holding an encrypted cache on every P"P users hard disk. The problem with that is again speed. Anyhow if someone finds a way to do it effectively it will indeed be yet another tool for terrorists and pedophiles etc. The RIAA is not seeing the bigger picture here. The government agencies should and they should tell the RIAA to piss off as they are creating headaches in the future for them.

That’s the beauty of UDP packets. Because UDP packets are 1-way, you don’t have to use your real IP address in the packet (you can forge a false IP). This technique has been done 1000’s of times by ping flooders or even the notorious Smurf attack. The person doing the netstat will see a fake IP address (in my example they’d see the file was coming from the RIAA’s website).

Ok I’m tired of people saying if you come up with a way to hide yourself online terriosts will use it so we shouldn’t do it if terriosts use it. Do you know what happens if we make encryption illegal. That means the normal average person can no longer have privacy online. But these people are terriosts. What makes you think they’re going to obey the law. If we make encryption illegal terriosts and pedophiles will still use it. So we won’t have encryption but they still will. Just like if you make guns illegal, the criminals will still have guns but we can no longer by guns to protect ourselves. We need encryption to protect ourselves from terriosts that wants to steal our private communication like credit card numbers and personal information to use our identity and money to fund their organization. The terriosts are gonna use whatever tools they can. Hijacking a plane is illegal but that didn’t stop terriosts now did it. If you take tools like encryption and guns away from normal people and can’t stop terriosts from using it then the terriosts have even more of an advantage. We have to continue to use and understand these things so we have the same tools to defends ourselves that the terriosts are using to attack us. Don’t force us into bringing a knife to a gun fight. I don’t understand this proxy server thing slowing the net to a crawl. A proxy server is just another computer on the net that passes information along. All information on the net goes through tons of computers anyway. Why not add one more to hide the IP. The problem isn’t that proxys are slow the problems is there isn’t enough proxys. One proxy server handling two anoynomous connections isn’t gonna run that much slower, the problem is most proxy servers handles thousands of connections at a time. If the file sharing software turned every file sharer into a proxy server too, it would really speed things up.
[edited by chsbiking on 10.07.2003 16:18]

whats wrong with terrorists and peadophiles? Shouldn’t they have the same rights as everyone else. One mans terrorist is another mans freedom fighter. Q whats the differance between a terrorist and a freedom fighter? A freedom fighters are on my side!

100% true I know many in America forget at one time we were the terrorists.

Whats wrong with terrorists and peadophiles - people like you make me sick. Because terrorists and peadophiles ultimately harm normal people going about their daily business and peadophiles do bad things to children - your saying they should have the right to do this - what an a**hole.

I’m gonna go on the record here and say I agree with icey. I hope no one thinks what I said in my last post justified these types of people. I’m just saying that people like this will have the tools even if they make it unlawful for law abiding citizens so there’s no reason to take the good aspects of encryption and privacy away from us because in the end the bad people will still have encrpytion, and ways to hide themselves online. If anything we need encryption and the ability to hide ourselves on the Internet now more then we ever have before, not from the RIAA or the Government but from these terriosts and peadophiles. What if a pedophile IM’s an 8 year old girl and she IM’s him back to see who it is. Just IM’ing “Who is this?” Give the peadophile the her IP address and may allow him to trace it back to her, and kidnap her. Maybe that will never happen but who’s willing to leave it to chance when it comes to their daughter. This is why we need these things.
[edited by chsbiking on 11.07.2003 15:21]

:frowning: Please!!! You guys have thrown this whole thing way off topic. My original replies were that A) Yes it is very easy to create an anonymous file sharing system very similar to the current Gnutella system but utilizing UDP communication with forged source IP addresses and B) The RIAA’s all out war on online filesharing and chatrooms had driven encryption technologies into the hands of Joe User instead of it being a speciality for Business and hard-core criminals. I don’t think Pedophiles or Terrorists should get a lick of privacy, but I know the hard-core ones will learn to hide their tracks. The RIAA’s war has made it so that these technologies will be available and easy to use by Joe Blow the deranged gun lover who is planning to blow up a building with fertilizer or Joe Blow Pedophile who loves his kiddie porn but doesn’t know jack crap about encryption but both knows their coolio file sharing and chatting program makes them totally anonymous without having to be a “leet” hacker or tekkie.

from what I’ve heard forging UDP packets can be difficult and not always effective. But terriosts, and people that want to blow stuff up already have encryption. Like PGP simple zip encryption, or a blowfish algorithm. They already have these tools regardless of it they build them into filesharing programs or not, and they have had these tools long before napster existed.
[edited by chsbiking on 12.07.2003 07:48]

We did not mean it to go off topic, but maybe the admins should delete posts or post warnings when some idiot starts posting messages saying ‘equal rights for terrorists + pedophiles + rapists’ etc - that was stupid, ignorant, and should not be left as is without an appropriate reply, especially on a site to do with cd/dvd/and such products - taking it off-topic in that way was out of order. Just my opion.

Sorry for the miss-spelling - cant edit the posts.

And you are entitled to your opinion, just as the person your disagreeing with is entitled to theirs. Instead of name calling and general abuse, just moderate the post you do not agree with.