stargrave's blog

Archive for September, 2009

Thoughts about ISPs, privacy and GNUnet

Saturday, September 5th, 2009


Nearly a week ago I discovered that all BitTorrent downloads from PirateBay did not work. Everything seemed fine – PirateBay website worked perfectly, torrents can be downloaded without any problems. But pings to PirateBay’s tracker did not work at all. DNS gave correct results, but packets were dropped. Using traceroute I understood that my ISP was dropping them – packets did not try to exit even to M-IX (biggest Moscow Internet Exchange).

From co-workers I discovered that European “big” and “important” men were going to punish every european ISP that will provide access to PirateBay (tracker). I checked half a dozen of other Moscow ISPs and they were dropping everything going to PirateBay’s tracker too.

I thought – “What a hell are they doing?”. I feeled myself like poor sheep among wolves. I pay them (not a low price) for real Internet access – not for a pack of services they like and decide to make available.

Guys from PirateBay are clever: one of them opened a simple pure BitTorrent tracker (OpenBitTorrent) and they added it to all torrents as an alternative. I switched it in my BitTorrent client and everything began to work fine again.


But that forced me to think about what will be if someone “important” (of course this “important” and “big” men are nothing more than a simple moneylovers) will found “enough” arguments to close even legally clean (IMHO) OpenBitTorrent. Of course there will appear yet another tracker, and another and so on – but it is completely unnormal: rich men dictate us, what we can use, download, watch and so on.

Is there anything that can protect us, protect our privacy, give freedom at least in Internet? I know about Tor onion routing existence – I run router all days long giving away all available bandwidth. But it can not help protecting torrent-index sites (such as PirateBay), can not protect Tor’s exit nodes. There are powerful lawyers group that are ready to protect exit nodes’es rights and so on – but I am not sure if they can do something in countries like Russia or anything else with their rotten law structure. And even if all of them will lead to successful courts – it will take really much time for a single judge process. Time is expensive. And except it: many people related to law will work with a lame, foolish, totally dependent on money things – unneeded society layer of people, waste of time and money, junk.

I thought that a possible solution can be: running BitTorrent tracker, torrent-indexing website as a Tor’s hidden service and forcing all clients to use SSL. That will fully hide BitTorrent server-side and will make inability to understand what each client is doing.


But… is there any more beautiful solution. And solution that can prevent the single known real possible attack on Tor’s network – traffic and network analysis. If we have got one hundred computers and no traffic among them at all, and several minutes later we discovered new Hollywood blockbuster torrent on a hidden torrent-index website, then we can understand possible server’s location through heavy network analysis. Or maybe possible leechers of course. It will gave only a prediction of target to police to check user computer’s contents. I think that it is not enough to activate police forces, but it is possible, because all of them love money and will do any dirty job for them.

After some searching, I discovered several network systems such as Freenet, Mixminion and GNUnet. From technical, privacy and anonymity point of view – GNUnet is the best choice between them. It protects content-uploaders (anonymity), content-retrievers, searches, search results and even network activity (permanent traffic load with an encryption) and makes strong protection from spying (inclusion of “bad”, “rich men”‘s nodes into network).

Do not understand me incorrectly: it is not an advertisement or some kind of it of GNUnet, but rather mine wish to share excitements and feelings about it.

Building of latest source code on my MIPS-based notebook finished without any problems. Configuration for single daemon is very simple. GNUnet has classical true UNIX-way command line utilities to work with: one for searching – simply just enter search keywords, one for downloading – just enter an ECRS path, one for publishing content – it is rather simple too. Of course it is not full list, but it is basic tools for fully anonymous, without any censorship, saving your privacy sharing.

GNUnet can use not only ordinary UDP and TCP transport protocols, but also HTTP (with ability of proxying) and even SMTP one.

I read a lot about GNUnet and disappointments about it: searching goes too long, downloading too. I decided to share several gigabytes of content and to try my friend search it and download. I expected much more lower download rates and bigger search time, but everything was too fine: only a half a minute or maybe a minute for searching and about 10-20 KiB/sec download speed after the very beginning of it. Possibility to “thread” downloading (opposite to Tor – only single TCP connection) from several resources and swarming after that. So, theoretically it can be as fast as BitTorrent.

I want to show people that ISPs are too dependent on “big” rich men dictating all rules of their behavior. We are suffering from it, but we can prevent it. The already made solution for file sharing with full anonymity, privacy and without damned censorship exists. GNUnet is more than a file sharing system it can be base for many other services: SMTP, HTTP, IRC, VPN (AFAIK) already can be run on it. Also, there is a Tor system, but sometimes it is not enough.

We can stand against rich men and we can save out freedom. All the tools needed for it exists and they are working: not theoretically, but practically. The main problem with GNUnet is only a too small number of people using it – so let’s share!