Encrypted file transfer

Melkor · Post by **Melkor** » 2003-07-25 17:43

At this point in time using dc is becoming a bit of a hazard.
I think encrypted client-to-client communication would be enough.

It would use public key encryption, and the hub would give out the keys, making it very difficult for listening in on communications.

cyberal · Post by **cyberal** » 2003-07-25 17:49

Read about it here:
http://dcplusplus.sourceforge.net/forum ... c.php?t=35

Post by **GargoyleMT** » 2003-07-27 11:17

Melkor wrote:At this point in time using dc is becoming a bit of a hazard.
I think encrypted client-to-client communication would be enough.

It would use public key encryption, and the hub would give out the keys, making it very difficult for listening in on communications.

Please, why do you think encryption helps?

Listening from the outside isn't the issue, is it? Anyone who wants to see if you're trading copyrighted files just needs to join the hub. Distributing public keys via the hub does... nothing.

If I'm mistaken, please do your best to correct me.

cyberal · Post by **cyberal** » 2003-07-27 14:30

well, you are not entirely correct.. implementing encryption into dc++ doesn't make you "safe" and maybe not even "safer", but it helps on other levels... here in sweden most of the ISPs is now using apps like PacketLogic to analyze traffic and limit certain protocols.. like fasttrack and direct connect... by encrypting the transfers we become invisible making it impossible for ISPs to..

1. see what we are doing without as you say "join the hub"
2. limit our p2p traffic based on packet type

Post by **GargoyleMT** » 2003-07-27 21:14

1. Do you have proof of ISPs doing this? IRC is plaintext, involves lots more copyright violations than DC, and has been around longer. Why don't they clamor for encryption?

2. Until everything is encrypted and indistinguishable (think traffic analysis), this relies entirely on the premise of incompetent admins. "Oops, instead of throttling all non-known traffic to xxx mb/gb/kb per second, we only throttled DC traffic, eMule traffic, and FastTrack traffic. Fixed."

cyberal · Post by **cyberal** » 2003-07-28 01:50

1. Proof? Yes, they just told us in the newspapers.

I don't use IRC for anything else than to talk, so I don't really care about it, but yes... encryption would be good there too!

2. Well yeah, you have a point there.. but we mustn't forget that it is the illegal big-scale filesharing they want gone. Simply limiting ALL unknown traffic they can't do.. much of it could be legit traffic, filetransfers to my company or what ever! They ARE selling me a certain bandwidth and encryption is not forbidden... so that will never happen!

jbyrd · Post by **jbyrd** » 2003-07-28 07:26

I don't see what the ISPs have to gain from watching internet activity. Unless some anti-piracy fag is looking over his shoulder, it seems like they would look the other way.

Reason being: It's bad for bussiness.

cyberal · Post by **cyberal** » 2003-07-28 08:07

saving money ofcourse, bandwidth cost money.. what they want is to sell us a service at the highest price they can and then make us use it as little as possible! Limiting illegal p2p-traffic is a good way of doing this.. custumers won't complain that they can't use kazaa will they?

TheParanoidOne · Post by **TheParanoidOne** » 2003-07-28 08:19

cyberal wrote:custumers won't complain that they can't use kazaa will they?

You underestimate people.

jbyrd · Post by **jbyrd** » 2003-07-28 08:49

Well, they won't complain to anyone. What they will do is go find another ISP that minds their own bussiness.

I'm not saying that they don't peek at our activity... I think encryption is a very good thing. I just don't see what they have to gain.

cyberal · Post by **cyberal** » 2003-07-28 09:17

by keeping the traffic low they earn HUGE amounts of money.. thats what they gain.. also I find it a bit uncomfortable that the admins with an easy mouseclick instantly can see EXACTLY what we are doing in the hubs!! Encryption is an important step towards anonymity!!

jbyrd · Post by **jbyrd** » 2003-07-28 09:48

Ok. Here's a scenario.

I'm an ISP provider. I charge XX.xx a month.

Cyberal is my competetor. He charges the same amount of money a month.

Cyberal decides that he wants to stop p2p sharing. So, he hires a whole staff to monitor activity.

So, when Cyberal is able to sort through all of the porn traffic and spot some p2p activity, he sends them an e-mail. The e-mail says the following: "If you don't stop using p2p software, and wasting all of the Cyberal, Inc.'s precious bandwidth, we are going to a)Disconnect you. AND/OR b) tell the anti-piracy freaks on you. Look, I understand that you are trying to just give Cyberal, Inc your money; but we don't want it if you are going to actually use it.

So, soon enough, Jbyrd's Broadband Co. is doing pretty good. I mind my own bussiness. I state in my privacy agreement that I won't spy on you unless I am made to by anti-piracy fags. Hell, I might even have a DC++ link on my customer support page.

Sure, they save on bandwidth. But it won't take long until everyone moves down the road to an ISP that doesn't try to dictate what their users do. In the long run, it doesn't look like a good idea for them.

cyberal · Post by **cyberal** » 2003-07-28 10:33

jbyrd wrote:Cyberal decides that he wants to stop p2p sharing. So, he hires a whole staff to monitor activity.

It has nothing to do with that really, what they want is to stop the big users from taking up the bandwidth.. it happens to be p2p-traffic yes.

jbyrd wrote:So, when Cyberal is able to sort through all of the porn traffic and spot some p2p activity, he sends them an e-mail. .

No he won't! he will limit all traffic on that comes through that protocol!

jbyrd wrote:So, soon enough, Jbyrd's Broadband Co. is doing pretty good. I mind my own bussiness. I state in my privacy agreement that I won't spy on you unless I am made to by anti-piracy fags.

Wrong again.. Jbyrd's Broadband Co. is using the same application to do the same thing!

jbyrd wrote:Sure, they save on bandwidth. But it won't take long until everyone moves down the road to an ISP that doesn't try to dictate what their users do. In the long run, it doesn't look like a good idea for them.

There is no sain ISP that will not try to do this.. bandwidth (especially) overseas costs ALOT of money.. fi they can cut the costs by half? in a legit way.. why wouldn't they?

jbyrd · Post by **jbyrd** » 2003-07-28 12:03

I know here, in the states, they do not have this mentality. Guess that it's hard to understand that not a single ISP would avoid limiting traffic on certain protocols.

Wrong again.. Jbyrd's Broadband Co. is using the same application to do the same thing!

That is a HUGE assumption. It seems that those ISPs are making the same HUGE mistake. It's called supply and demand. Someone WILL provide the services that are demanded. If it's p2p that they want, it's p2p that they will get.

There is no sain ISP that will not try to do this...

From my point of view, it is INSANE to try this.

bandwidth (especially) overseas costs ALOT of money...

Really...how much more than in the U.S.? I'm interested.

fi they can cut the costs by half? in a legit way.. why wouldn't they?

So, HALF of ALL transfers occur on p2p networks? WOW. Didn't know that.

What about all those pics and movies people look at on the net? Streaming, web pages loading. All require data transmission.

I'm going to stick my neck out here and say that I think HALF is a huge exageration. I dunno, but I won't beleive otherwise until I see some numbers.

Post by **GargoyleMT** » 2003-07-28 12:10

cyberal wrote:1. Proof? Yes, they just told us in the newspapers. I don't use IRC for anything else than to talk, so I don't really care about it, but yes... encryption would be good there too!

Link?

2. Well yeah, you have a point there.. but we mustn't forget that it is the illegal big-scale filesharing they want gone. Simply limiting ALL unknown traffic they can't do.. much of it could be legit traffic, filetransfers to my company or what ever! They ARE selling me a certain bandwidth and encryption is not forbidden... so that will never happen!

What? They most certainly can limit all unknown traffic. It happens this way at some US universities. Unless people are rolling their own protocol, they can easily exempt whatever protocol people are using to transfer the big files.

The problem really is that even if everything was encrypted, you could still throttle down transfers that last over, say, 30 minutes, to a reasonable limit. And of course keep state so that you know that a previous connection from host X to host Y went over 30 mintues and got throttled 5 minutes ago, so DC/DC++ can't just alter traffic patterns to get around it.

cyberal · Post by **cyberal** » 2003-07-28 12:14

jbyrd wrote:I know here, in the states, they do not have this mentality. Guess that it's hard to understand that not a single ISP would avoid limiting traffic on certain protocols.

Here in sweden, the two main ISPs already have this installed!

jbyrd wrote:That is a HUGE assumption. It seems that those ISPs are making the same HUGE mistake. It's called supply and demand. Someone WILL provide the services that are demanded. If it's p2p that they want, it's p2p that they will get.

Not an assumption, it's a fact that the biggest ISPs already use it!

jbyrd wrote:From my point of view, it is INSANE to try this.

You are forgetting that all they think about is MONEY!

jbyrd wrote:Really...how much more than in the U.S.? I'm interested.

What I meant was that the ISPs have to buy bandwidth from the "backbone ISPs" and especially traffic from here (sweden) to you (usa) is expensive!

jbyrd wrote:So, HALF of ALL transfers occur on p2p networks? WOW. Didn't know that.What about all those pics and movies people look at on the net? Streaming, web pages loading. All require data transmission.
I'm going to stick my neck out here and say that I think HALF is a huge exageration. I dunno, but I won't beleive otherwise until I see some numbers. ..

Come on, are you comparing p2p traffic to websurfing? I would say that the total p2p traffic is way higher than 50% of the data amount transfered! I Upload about 5 GB each day just as an example.. and how much do I send with other traffic? 5 MB ??[/quote]

cyberal · Post by **cyberal** » 2003-07-28 12:21

GargoyleMT wrote:Link?

sure thing.. in swedish though..

GargoyleMT wrote:you could still throttle down transfers that last over, say, 30 minutes, to a reasonable limit
No! That traffic could potentially be legit, you could be loading the latest SP from MS or a linux release or what ever! They can't risk limiting legit traffic! Then they will be sued by everyone! They can't sell a certain bandwidth and then limit legit traffic... universitys however, can!

cyberal · Post by **cyberal** » 2003-07-28 12:23

AARRGH!!
forgot the link =)

http://www.idg.se/ArticlePages/200307/2 ... CS.dbp.asp

Post by **GargoyleMT** » 2003-07-28 13:18

cyberal wrote:sure thing.. in swedish though..

No! That traffic could potentially be legit, you could be loading the latest SP from MS or a linux release or what ever! They can't risk limiting legit traffic! Then they will be sued by everyone! They can't sell a certain bandwidth and then limit legit traffic... universitys however, can!

Yes, as a matter of fact, you can limit such traffic. First off, if it is the latest service pack by microsoft, it will be transferred via HTTP, which will have its own service level. Secondly, legitimate users who see the slowdown will call and complain, and you will kowtow and suck up to them and appologize, while changing your filter to not apply to them.

Your against traffic limiting is like saying that no ISP could possibly implement a spam filter, because it might block legitimate mail. But modern ISPs do have spam filters.

cyberal · Post by **cyberal** » 2003-07-28 13:25

GargoyleMT wrote:Your against traffic limiting is like saying that no ISP could possibly implement a spam filter, because it might block legitimate mail. But modern ISPs do have spam filters.

The spam filter is there for You, not for them! And I'm certain that ISP conf their filters real careful not to block legit mail!

ah, well.. I'm tired of this discussion, I even forgot why this thread became sooo long. I think encryption is a good thing. I like to keep a distance between me life and the ISP! I want my privacy! There is no reason to make it easier for the ISPs, and btw. arne wants it so why not

Post by **GargoyleMT** » 2003-07-28 13:46

cyberal wrote:The spam filter is there for You, not for them! And I'm certain that ISP conf their filters real careful not to block legit mail!

ah, well.. I'm tired of this discussion, I even forgot why this thread became sooo long. I think encryption is a good thing. I like to keep a distance between me life and the ISP! I want my privacy! There is no reason to make it easier for the ISPs, and btw. arne wants it so why not

The argument is getting tiresome. The spam filter, does have benefits for the ISP too - lower disk usage and early rejection (before DATA) saves them bandwidth. Setting up a good spam filter is probably harder than a good traffic limiter.

Encryption has its place, I just don't think your two initial reasons justify it.

Arne may want encryption, but that doesn't mean my concerns instantly vanish.

cyberal · Post by **cyberal** » 2003-07-28 16:06

concerns? about what?
what harm can encryption possibly do?

Encrypted file transfer

Encrypted file transfer

Re: Encrypted file transfer