Submission + - KaZaa "Push" legal implications
DontLickJesus writes: "Back in 2000/2001 during KaZaa testing I was able to force upload a file to a client. This was accomplished through a blind reply to a download request in which I knew the hash of the file to be sent. The file hash was KaZaa's security check to make sure the client had asked for the right file. The basics where:
Request File
Get File Hash
Request File with Spoofed IP
Reply with known hash
Client downloads file
It seems this could easily create downloading relay nodes if the "Automatically Share Downloads" feature was turned on, and an easy defense for those unlucky enough to be harassed by the RIAA. It would be good for someone to do the same research on Limewire, etc.
I'm going to get flamed for not releasing the technical specs, but I have kids and no time to redo this research. Please someone pick it up, look at the white papers, and show what I'm talking about, thanks. I'm sure you're efforts will make you a god among geeks."
Request File
Get File Hash
Request File with Spoofed IP
Reply with known hash
Client downloads file
It seems this could easily create downloading relay nodes if the "Automatically Share Downloads" feature was turned on, and an easy defense for those unlucky enough to be harassed by the RIAA. It would be good for someone to do the same research on Limewire, etc.
I'm going to get flamed for not releasing the technical specs, but I have kids and no time to redo this research. Please someone pick it up, look at the white papers, and show what I'm talking about, thanks. I'm sure you're efforts will make you a god among geeks."
