Encryption to protect files and users

Wisp · Post by **Wisp** » 2003-06-26 12:32

The last time there are a lot of newsitems regardig organisations like RIAA who are hunting down P2P users and suing them.

Probably there will be a time when they start with DC++, and since it's easy to grab someone's filelist, DC++ will be an easy victim.

So i was thinking of a way to make people more secure, in the first place there must be some encryption between the DC++ clients to avoid people from outside to see what files are transferred.

Second, there must be some sort of protection of the users, it's now quite easy to download something from someone and see his IP, maybe there is a way to protect this and hide the real identity of the user.

I'm not an expert on this area so maybe it's impossible, but when it is possible (and usefull) it seems to me a very good feature, DC++ can advertise as the 'most secure way to share your files'

Tell me what you think

ender · Post by **ender** » 2003-06-26 12:44

Filelist isn't proof in my opinion - what if I'm fakesharing? Unless they get all files from me, they can't proove that I was really sharing them...

Wisp · Post by **Wisp** » 2003-06-26 12:48

ender wrote:Filelist isn't proof in my opinion - what if I'm fakesharing? Unless they get all files from me, they can't proove that I was really sharing them...

that's right, i haven't said that the filelist function should be disabled, i think that there should be a protection for the users (to hide their ip) and a protection for the files being transferred, so they can't monitor from outside what your uploading/downloading

sarf · Post by **sarf** » 2003-06-27 07:14

Unfortunately, people can be sued / disconnected by their ISP / harassed no matter if they ARE fakesharing. Try to bring it up in court and you'll probably only earn a "huh?" from the judge/jury/official person. Then they'll think you're bad cause you are cheating.

Wisp, DC can't be "reforged" into a secure P2P network with any other means than tunneling through SSH to trusted entities (such as your friends) - this, of course, means that the point of DC is lost. If you want secure, use WASTE (made for small number of users per "hub") or Frost (slow due to it using FreeNet).
The protocol used currently is simply too inflexible and insecure to be possible to use in a "safe" network if the transport protocol is not secured (which requires much work, too much work for any one person to do it).

Sarf
---
Express yourself through supreme bovinity.

jbyrd · Post by **jbyrd** » 2003-06-27 07:22

What I want to know is, how can they prosecute us when THEY HAVE TO BE SHARING SOMETHING TO GET IN THE HUB

cyberal · Post by **cyberal** » 2003-06-27 07:39

jbyrd wrote:What I want to know is, how can they prosecute us when THEY HAVE TO BE SHARING SOMETHING TO GET IN THE HUB

Either they fake, they share free stuff or they simple share the same stuff as we do and they are allowed to by the companys behind them..

sarf:
BUT, if we were to remake the dc protocol to fit our needs... it could be made totaly anonymous and work almost like today. Everyone could be anonymous, exept the hub that is..

Post by **GargoyleMT** » 2003-07-01 12:21

cyberal wrote:BUT, if we were to remake the dc protocol to fit our needs... it could be made totaly anonymous and work almost like today. Everyone could be anonymous, exept the hub that is..

Nice Royal "we"

None of the developers I've seen really have an interest in scrapping the DC protocol and trying to make something anonymous. If you're up for it, I'd like to see you do it.

DC is what it is. Scrap the protocol and go to something else, and ...

cyberal · Post by **cyberal** » 2003-07-02 02:31

I meant "we" as in "not them"... I'm not any good at C++ ..

You mean none of the developers in this forum is up for it.. I'm sure there are lots of ppl that want and are working on this right now.. but since it never can be compatible with the current dc network.. it will be hard to get it to work without the support of arne and the rest of you developers...

I don't know C++, so I can't do it.. even if I wanted to

Post by **GargoyleMT** » 2003-07-04 09:38

cyberal wrote:You mean none of the developers in this forum is up for it.. I'm sure there are lots of ppl that want and are working on this right now..

I'm not sure where you got this from. I'm pretty sure that it's incorrect. Especially if you mean that someone's designing an encrypted p2p protocol with DC in mind. There are some out there, the two that pop into my mind are WASTE and Freenet. P2P protocols and networks aren't my specialty though.

cyberal wrote:but since it never can be compatible with the current dc network.. it will be hard to get it to work without the support of arne and the rest of you developers...

So how is an incompatible protocol supposed to become part of a DC client? I don't quite get it, of course.

cyberal wrote:I don't know C++, so I can't do it.. even if I wanted to

There are always excuses, including me writing this response to you instead of coding on my own DC++ features. However, just because you cannot program doesn't make you useless. For instance, some of the best software testers don't know anything about programming. They just know how to break a program and then formulate bug reports.