Peerguardian 2 Beta Released Privacy placebo 2.0? The latest beta version of Peer Guardian (2.0) has been released, touting itself as the "safest and easiest way to protect your privacy on P2P." Is this new version, as P2PNet suggests, the real deal? Or is it, as was the criticism of the last version, merely a privacy placebo giving users a false sense of security?
|
 | | I use PG... And I also do a anti-RIAA ritual dance before engaging in questionable activity.
I can't decide which is more effective. | |
|  |  R4M0NBrazilian Soccer Ownz Joo
join:2000-10-04
Glen Allen, VA | Re: I use PG... said by joebear29:And I also do a anti-RIAA ritual dance before engaging in questionable activity. I can't decide which is more effective. The good ol' aluminum foil hat beats both those options.  | |
| | |
1 edit | Re: I use PG... Blocking outbound connections to Anti-P2P corporate networks do provide some safe, but, blocking inbound for p2p traffic it is questionable. If someone is trying to download from your peer that itself means that your peer has been exposed.
Peerguardian may be the safest, since there's no way to completly hide/protect yourself, unless you stop sharing, on a P2P network.
P2P is unsafe by design & concept. | |
|
|  yockTFTCPremium
join:2000-11-21
Miamisburg, OH
kudos:3 | said by joebear29:And I also do a anti-RIAA ritual dance before engaging in questionable activity. I can't decide which is more effective. Much like in romance, abstinence from questionable activity is the best plan for safety. Unlike in romance, it's best to pay for your material rather than engage in those questionable activities though.
--
Statistical correlation need not imply causation.
Technical Nirvana | |
|
| | How to re-anonymize file sharing Want true filesharing security? Change the apps slightly!
Require each download to go through at least two other "proxy" users on the network before reaching the true downloader. Split up large files so they flow though two or a dozen proxies -- a random number of added hops just to keep things anonymous. Of course the first point of business is to drop usernames altogether. Give each client a hash that's unique for one session only.
This isn't the most efficient method (not really an issue with highspeed anyway) but it does mean they can no longer go after the IP address supplying the file because it would be half a dozen instead of one, and those people wouldn't be the ones who possessed the file in question anyway. They would just be links in an "anonymizer chain."
Since *all* users would be a possible proxy as a condition of using the software, it cannot be argued that they were facilitating anything (like stolen property, etc) -- they were just part of an anonymous file sharing program that transfers "legitimate" files just as easily as the others.
This is far from a complete proposal, but I'll bet some interprising programmers can take it from here. | |
| |  jwsmiths4Part Man, Part MacPremium
join:2003-10-25
Savannah, GA | Re: How to re-anonymize file sharing Seems like that would only cause other users (who were on the network downloading/uploading something that may not be illegal) to get sued by the RIAA/MPAA because they were involved in the transfer of illegal material - even though they didn't mean to be. | |
| |  reub2000Premium
join:2001-12-28
Evanston, IL | What your describing doesn't sound much diffrent from the way freenet works. In addition to using proxys, there is no way of knowing weather a request came from a proxy or a user. And no way to know if the file is being served by a user or a proxy. And encryption. | |
|
 MarkHreserved for later usePremium
join:2002-12-19 | Why bother? Does anybody actually think that the **AA are going to stick to known address ranges?
They can log in from anywhere, anytime they want.
With any form of P2P sharing files that are copyrighted, you rolls the dice and takes your chances.
--
There be pirates here:Arrgh me hearties, heave to and board that shared music folder, pillage as much as thee can. | |
| | | | Re: Why bother? said by MarkH:Does anybody actually think that the **AA are going to stick to known address ranges? They can log in from anywhere, anytime they want. With any form of P2P sharing files that are copyrighted, you rolls the dice and takes your chances. I completely agree. They probably have many locations and many 'investigators' working from many different places.
And what's to say they couldn't use proxies too... | |
|
| | seems like... there is a use for a program "like" peerguardian but for a slightly different purpose. Not for p2p use but to maybe block all "phone home" programs like adobe,etc, at the same time. | |
| | MarkHreserved for later usePremium
join:2002-12-19 | Re: seems like... That can be done by editing your HOSTS file, make an entry for the servers in question and just use 127.0.0.1 as the address.
--
There be pirates here:Arrgh me hearties, heave to and board that shared music folder, pillage as much as thee can. | |
| | | | said by iamsomeone:
there is a use for a program "like" peerguardian but for a slightly different purpose. Not for p2p use but to maybe block all "phone home" programs like adobe,etc, at the same time.
We already have "a" program like that. It's called a personal software firewall. No need to go re=inventing the wheel.
--
Some call it muscleA monopoly of sortsBut it’s just damn good marketingThat got them to court. | |
|
| | so... what happens.... Ok... so I don't get it....
If I were in charge of the **AA... wanting to find out who was downloading suff... and what stuff they were downloading... I'd be inclined to put up a server; n' get the IP's and file the lawsuits that way...
I wouldn't have to hunt very hard to get these guys... OH... I'd be sure to put up both "stuff legal to download" and "non-legal" stuff....
When the person, loggs into download some junk, just crawl backwards and figure out who he is..
Now, could this be "Entrapment?" perhaps.
And the beauty of this is... if someone ever gets to the point where they have "Partial Files" on multiple servers; I could accomidate that too... and again get all the stuff I needed...
Gezzzzz... wat a concept....
Before I post this, perhaps I should contact the **AA and ask em' if they want me to build em' a site... n' I get paid a percentage of every thing they file from my data !!!
Quick, I need to patent and copywrite all this nonsense
DonCha just love Free Enterprise:D | |
| | | | Re: so... what happens.... They did this on the eDonkey network awhile ago. | |
|
approval from:
redleaf 
| well lets see... first of all i'm news editor for methlabs.org
i'm not paid - none of us are - we work for free
some people have suggested that we might be selling PG, so are conning people. this is not true, the program is available from »peerguardian.sourceforge.net
some people have suggested we might be bundling spyware with pg, but we never have. the application is open source, and the sourcecode available from »peerguardian.sourceforge.net
a company DID bundle spyware with our pg1 builds, but we released info to the press and made a page methlabs.org/howtotell to warn people about which builds were infected.
now as for the blocklists - its all a matter of relative security, there is not 100% security from using blocklists, simply because we cannot be 100% sure where BayTSP (and it is usually them) are connecting from.
however, they AREN'T connecting from home DSL addresses, this has been proven countless times. how? well when BayTSP or someone send you a letter they are required to give a time that the infringement occured. now all you have to do is compare your firewall logs with the time on the letter and whois the ranges within a reasonable range of this and.... wow! its a range labled "BayTSP"!
people don't believe its that easy, but it really is - the companies are NOT trying to catch peerguardian users, they are trying to catch less experienced users and make an example of them. going to extreme lengths to capture 0.01% of people (pg users) simply is not feasable, and BayTSP are a COMMERCIAL "detective" company - they're going to do things as cheaply as possible to keep their profits high.
now others have said "but its easy to get your IP off the tracker or some website logs (eg lokitorrent)"
this data would not stand up in court - logs can be faked, and walking into a court and saying "we have his ip address" is not sufficiant proof of anything!
to sucessfully sue you must receive data from the person and proove that it is copyright infringing
this means that if you can block the IP address of the corp trying to get data from you then they have no proof. the sytem is 99% automated anyway, so it will just go and try someone else if it cant get anything from you - the cheapest way, remember?
other ways of getting the evil ppl are to scan for popular songs etc and find the fake files. what RIAA do other than try to capture people is that they attempt to flood p2p networks with fake files
blocking a few IP ranges with peerguardian can massively reduce the amount of fake files you find on some networks
an MIT paper was written on this subject:
»web.mit.edu/patil/Public/805project/
and a news article about it:
»www.dmeurope.com/default.asp?fro···eID=2016
"Indeed, Akshay Patil, a student at MIT, whose paper, Identifying Sources of Spoof Files and Limiting Their Impact in the FastTrack Network, discusses the phenomenon, notes that spoofing has become a considerable problem for the FastTrack network - the network used by Kazaa - with downloaders of popular songs finding a spoof rate of 50 per cent of tracks." ....
"As the spoof files come from a fairly small set of IP addresses (the record companies or anti-piracy firms, obviously), a filter that blocks files from these addresses produces, according to Patil, a *75 per cent reduction* in spoof files. PeerGuardian is a small firewall application available for download that blocks and logs connections to these addresses. The block list is maintained by users and updated daily."
now this paper is very out of date now, and all the addresses in there have long since been improved in accordance with his findings, so one thing pg DOES do is block fake files
now the final points is that the blocklist is a bit messy at the moment, we haven't been maintaining it for a while (other people have) and we think it needs a cleanup
this is why we made blocklist.org, still under construction to let people view the database and report bad and eroneous ranges, and submit new ones that they may have found
Sound ok?
We never said it was 100% but 75%+ (we've improved a lot since 2003) reduction is pretty good, no?
If anyone has any problems please come on IRC and myself of someone else will be glad to talk to you!
irc.methlabs.org (port 6667)
#methlabs
thanks a lot!
Joseph Farthing
News Editor
Methlabs.org | |
|
| |
|
|
