stargrave's blog

FSFE Fellowship Blogs weblog

Thoughts about ISPs, privacy and GNUnet

Preamble

Nearly a week ago I discovered that all BitTorrent downloads from PirateBay did not work. Everything seemed fine – PirateBay website worked perfectly, torrents can be downloaded without any problems. But pings to PirateBay’s tracker did not work at all. DNS gave correct results, but packets were dropped. Using traceroute I understood that my ISP was dropping them – packets did not try to exit even to M-IX (biggest Moscow Internet Exchange).

From co-workers I discovered that European “big” and “important” men were going to punish every european ISP that will provide access to PirateBay (tracker). I checked half a dozen of other Moscow ISPs and they were dropping everything going to PirateBay’s tracker too.

I thought – “What a hell are they doing?”. I feeled myself like poor sheep among wolves. I pay them (not a low price) for real Internet access – not for a pack of services they like and decide to make available.

Guys from PirateBay are clever: one of them opened a simple pure BitTorrent tracker (OpenBitTorrent) and they added it to all torrents as an alternative. I switched it in my BitTorrent client and everything began to work fine again.

Thoughts

But that forced me to think about what will be if someone “important” (of course this “important” and “big” men are nothing more than a simple moneylovers) will found “enough” arguments to close even legally clean (IMHO) OpenBitTorrent. Of course there will appear yet another tracker, and another and so on – but it is completely unnormal: rich men dictate us, what we can use, download, watch and so on.

Is there anything that can protect us, protect our privacy, give freedom at least in Internet? I know about Tor onion routing existence – I run router all days long giving away all available bandwidth. But it can not help protecting torrent-index sites (such as PirateBay), can not protect Tor’s exit nodes. There are powerful lawyers group that are ready to protect exit nodes’es rights and so on – but I am not sure if they can do something in countries like Russia or anything else with their rotten law structure. And even if all of them will lead to successful courts – it will take really much time for a single judge process. Time is expensive. And except it: many people related to law will work with a lame, foolish, totally dependent on money things – unneeded society layer of people, waste of time and money, junk.

I thought that a possible solution can be: running BitTorrent tracker, torrent-indexing website as a Tor’s hidden service and forcing all clients to use SSL. That will fully hide BitTorrent server-side and will make inability to understand what each client is doing.

GNUnet

But… is there any more beautiful solution. And solution that can prevent the single known real possible attack on Tor’s network – traffic and network analysis. If we have got one hundred computers and no traffic among them at all, and several minutes later we discovered new Hollywood blockbuster torrent on a hidden torrent-index website, then we can understand possible server’s location through heavy network analysis. Or maybe possible leechers of course. It will gave only a prediction of target to police to check user computer’s contents. I think that it is not enough to activate police forces, but it is possible, because all of them love money and will do any dirty job for them.

After some searching, I discovered several network systems such as Freenet, Mixminion and GNUnet. From technical, privacy and anonymity point of view – GNUnet is the best choice between them. It protects content-uploaders (anonymity), content-retrievers, searches, search results and even network activity (permanent traffic load with an encryption) and makes strong protection from spying (inclusion of “bad”, “rich men”‘s nodes into network).

Do not understand me incorrectly: it is not an advertisement or some kind of it of GNUnet, but rather mine wish to share excitements and feelings about it.

Building of latest source code on my MIPS-based notebook finished without any problems. Configuration for single daemon is very simple. GNUnet has classical true UNIX-way command line utilities to work with: one for searching – simply just enter search keywords, one for downloading – just enter an ECRS path, one for publishing content – it is rather simple too. Of course it is not full list, but it is basic tools for fully anonymous, without any censorship, saving your privacy sharing.

GNUnet can use not only ordinary UDP and TCP transport protocols, but also HTTP (with ability of proxying) and even SMTP one.

I read a lot about GNUnet and disappointments about it: searching goes too long, downloading too. I decided to share several gigabytes of content and to try my friend search it and download. I expected much more lower download rates and bigger search time, but everything was too fine: only a half a minute or maybe a minute for searching and about 10-20 KiB/sec download speed after the very beginning of it. Possibility to “thread” downloading (opposite to Tor – only single TCP connection) from several resources and swarming after that. So, theoretically it can be as fast as BitTorrent.

I want to show people that ISPs are too dependent on “big” rich men dictating all rules of their behavior. We are suffering from it, but we can prevent it. The already made solution for file sharing with full anonymity, privacy and without damned censorship exists. GNUnet is more than a file sharing system it can be base for many other services: SMTP, HTTP, IRC, VPN (AFAIK) already can be run on it. Also, there is a Tor system, but sometimes it is not enough.

We can stand against rich men and we can save out freedom. All the tools needed for it exists and they are working: not theoretically, but practically. The main problem with GNUnet is only a too small number of people using it – so let’s share!

9 Responses to “Thoughts about ISPs, privacy and GNUnet”

  1. Sergey Matveev (stargrave) 's status on Saturday, 05-Sep-09 19:32:25 UTC - Identi.ca Says:

    [...] http://blogs.fsfe.org/stargrave/archives/47 a few seconds ago from xmpp [...]

  2. foo Says:

    A solution that would be much more readily adopted is to decentralize
    and de-hierachalize. DHT already does that for the tracker. What is
    left is to decentralize search and, more importantly, “rating”. The
    first of these was solved long ago by other P2P systems. Why it was
    abandoned in bittorrent is baffling. The second is the slightly more
    difficult one: We need a decentralized, spam-resistant way of rating
    files and provide commentary about them. Bitzi did this poorly in a
    non-decentralized way. I think the absence of such a system is the
    real barrier to “true” decentralized P2P.

    Of course this does not solve the anonymity problem — an important
    problem, to be sure. But it does deal with the particular threat model
    that motivated your example.

  3. Deck-Harr Says:

    GNUnet doesn’t scale! So guys – seriously – don’t use it or it will slow down!
    http://en.open-bash.org/index.php?id=21&session=0&no=80

  4. stargrave Says:

    GNUnet is decentralized. AFAIK it uses DHT too. Searches are decentralized too. Commentary about files – do you mean some informatic meta-data for them? It is supported too. DHT is not a protocol/standard part of BitTorrent unfortunately.

  5. stargrave Says:

    Hm… I do not see any problems with mass-sending searches over the network. It is not resource-wasting and only a question of time: maybe GNUnet eats too much network bandwidth and CPU, but after a year or too – it will be too cheap.

  6. Markus Says:

    @deck-harr: Most users are going to download the same files anyway. And are searching for the same keywords. Searches are cached. –> Fast search results.. + You can create a directory lets say “FSF PDF Documents” users only have to store the link to this directory and are always getting the latest files –> No need to search

  7. foo Says:

    stargrave:

    I didn’t mean to imply that GNUnet didn’t have the features that I
    listed. I thought it was obvious that the drawback that makes popular
    adoption as an alternative to bittorrent impossible is speed. With that
    in mind I listed some small improvements with Bittorrent that would
    greatly improve it from a robustness point of view.

    Regarding “Commentary about files”: If you go to a torrent tracker
    there is normally a “submit comment for this torrent” type of feature
    where people are giving feedback about a file, for example, alerting
    others if it is a fake, noting if some feature it missing, juding
    quality, … etc. In my view this is *the* valuable feature that is
    making users gravitate to these indexing sites with their associated
    risks (i.e. one site, one point of failure).

  8. Polprav Says:

    Hello from Russia!
    Can I quote a post “No teme” in your blog with the link to you?

  9. stargrave Says:

    Do everything you wish. No problems.