Is Rodi BitTorrent's Replacement? 618
tilleyrw writes "From ZDNet Blogs: 'Rodi is a small-client P2P application, written in Java, that improves on BitTorrent by allowing both content searches and full anonymity. It's released under the General Public License (GNU). Even your IP address can be hidden using Rodi through a process called "bouncing." That is, if A wants a file from B, they get C to agree to stand-in on the exchange. B gets C's IP address, not A's. Through IP Spoofing A can even hide their identity from C. Rodi can also be used from behind corporate firewalls and LANs using Network Address Translation (NATs), something most home gateways have.' "
Nice! (Score:5, Funny)
-Jesse
Re:Nice! (Score:5, Interesting)
I do appreciate the ability for anonymity though (despite my dripping sarcasm), despite the fact that 99.99% of people will just use it to anonymously pirate things. I think the main use I can think of for actual anonymity is for use in political situations; to report ethics violations of the bad-guys, to point out crapulence in the government, etc.
-Jesse
Re:Nice! (Score:2, Interesting)
Re:Nice! (Score:2, Informative)
That is, if A wants a file from B, they get C to agree to stand-in on the exchange. B gets C's IP address, not A's. Through IP Spoofing A can even hide their identity from C.
Therefore even if the **AA sets up a bunch of C computers, we can still hide from them. They evidently thought about this.
Re:Nice! (Score:3, Insightful)
-Jesse
Re:Nice! (Score:2)
Comment removed (Score:5, Interesting)
Re:Nice! (Score:2)
How about the fact that I don't want anyone to know who I am because they have no damn right to? Maybe I choose to anonymously share files. Maybe I choose to carry no ID when I'm out. Maybe I'd really like to be able to anonymise my websurfing and downloading, purely because I prefer it.
Isn't that reason enough?
Re:Nice! (Score:3, Insightful)
but you must understand what I mean.
Oh absolutely. I'm not going to argue details over whether your catalytic converter is good or bad from an environmental point of view - it would distract from the actual debate.
I do see your point and I agree that it's a question of what rules society sets. We differ on whether setting rules on something like your cat is the same in principle as setting rules on something like anonymity.
Differences are the following:
1. There is a confirmed and unvarying negati
MUTE (Score:3, Insightful)
The paths between the sender and receiver are of variable length, between 2 and 5 links. If you are C and you receive a query for a file from A, you cannot be sure that A was the start of the chain. More often than not, A was simply forwarding a query from someone else. There is no easy way to see where the query originates from, even if you own a relatively large number of the no
Ironically...... (Score:3, Interesting)
Rodi,however, seems to add the ability to conceal your identity. I would have to side with "the man" on this one as this feature does nothing but facilitate illegal file sharing via anonymity.
In a way, it makes it harder to attack Bittorrent. As an analogy, it's legal to own a handg
Re:Ironically...... (Score:3, Insightful)
I just means I don't want people all up in my sh*t.
Why anonymity tips the balance too far (Score:4, Insightful)
No, it doesn't. But the vast, vast majority of people using a tool like this are doing so because it shields their illegal activities.
Now, as a general principle, I don't like restricting people's behaviour without a very good reason. More specifically, I don't believe in automatically banning things that have legitimate uses just because they also have illegitimate ones.
However, I also believe that with freedom comes responsibility, always. In exchange for the freedom to use these tools for their beneficial purposes, you take on the responsibility of not abusing that trust.
Sadly, not everyone can be trusted to act responsibly; if they could, we wouldn't need laws and police and armies. What's needed is a balance where those authorities don't interfere with someone exercising their freedoms responsibly, but can interfere when the trust is abused.
And that is why, on balance, complete anonymity on the Internet is not a good idea. I have no problem with being anonymous for routine use, but if you can't even be identified in the face of overwhelming evidence of a crime, backed by an order from the lawful authorities, something's wrong. At that point, for everyone who could genuinely take advantage of true anonymity to make a contribution to society -- and I'm sure these people do exist -- how many spammers, virus writers, phishers, fraudsters, copyright violators, organised criminals, paedophiles, and even (really, for once) terrorists are we letting get away with it?
Re:Ironically...... (Score:2)
It just means I don't want people all up in my sh*t.
Re:Ironically...... (Score:2)
Re:Ironically...... (Score:2)
Sorry, but this is a major stretch. Yes, WB's may need anonymity, but I fail to see how all five of them need anonymous file sharing.
One can go out of the way to find potentially legitimate uses, but as you say, most (as in 99.99%) will not use it as such...
Re:Nice! (Score:3, Interesting)
Re:Nice! (Score:2)
-Jesse
Re:In the nick of time (Score:2)
Cheer up; there's still one Puck left in the world.
P2P interview with Rodi Developer Laryete (Score:5, Informative)
First Post? [blogspot.com]
Not for me... (Score:3, Insightful)
__
Laugh Daily funny free videos [laughdaily.com]
Re:Not for me... (Score:2)
The problem is that some folks do have good reasons to hide things and if everyone else is gladly giving up their privacy then those with a good reason stick out like a sore thumb.
If you thing privacy for anyone is important then some would say you should value it for yourself even if you dont need it. (yet)
Actually... (Score:2)
It's not just about anonymity- it's as much about NAT tunneling; something that I would have hoped the BitTorrent author would have given some thought about. For even legal P2P to work, it must account for situ
Boy (Score:4, Funny)
Re:Boy (Score:2)
Malware (Score:2)
Re:Malware (Score:3, Funny)
Shhh!!!, there's an unwritten rule on
Re:Malware (Score:2)
Re:Malware (Score:2)
Re:Malware (Score:2)
Illegal content with my IP? (Score:5, Insightful)
Someone can download illegal and immoral content and the server will have a record of my IP?
I don't think so.
Even if it is well known that my IP wasn't the final destination.
Re:Illegal content with my IP? (Score:2)
Given the state of some of the suits filed by the *IA I dont think they'd make the distinction.
They captured YOUR IP as being part of the download transaction, so its YOUR IP they'd file suit against.
Replacement? (Score:5, Insightful)
Re:Replacement? (Score:2)
I don't think so... (Score:5, Insightful)
I'm not sure if Bram Cohen would agree - he made BT to share software, not to pirate music or videos. Adding anonimity to BT is just what the lawyers need to say BT was MADE for copyright infringement.
Re:I don't think so... (Score:2)
If he wanted such complete control over it, he wouldn't've released it under the license he used, which allows people to modify and redistribute derivative works. So there's no reason that someone couldn't simply make AnonymousBT that logs onto the same networks.
Re:I don't think so... (Score:2)
-sam
Useful features... (Score:2)
See also: (Score:5, Informative)
MUTE [sourceforge.net]
ANTS p2p [sourceforge.net]
GNUNet [gnunet.org]
and not specifically filesharing, but the I2P [i2p.net] anonymity layer allows for anonymous bittorrent amongst other things.
Of these, I've found I2P is excellent, although requires a little time investment in setup, and MUTE seems quite promising - speeds are reasonable for an anonymous p2p system, but the user base is currently tiny. I've not had too much luck with ANTS, and haven't tried GNUNet
Re:See also: (Score:2, Insightful)
The technology looks promising for a few of these P2P dohickys, but if its not simplified, you'll never get the files you really want from the folks who have them, unless the client has a candy coated super easy setup with big toysRus style glow buttons.
me
Re:See also: (Score:2)
The longer something can stay elusive with a small-moderate member base with large content (yes I realize that is an oxymoron) it will be better for Jonny nerd because Jonny football player won't be able to figure it out to get his latest fix of FITY CENTZ.
My current best solution is a private hub for a group of large filesharing friends--enough users for 1)
Re:See also: (Score:2)
Actually getting I2P running basically just involves downloading the java executable, running it, and.. well.. that's about it, really.
Then you just point your browser to the locally running webserver to do all the config and stuff.
If you want to use bittorrent over it, there's a seperate I2P-Bittorrent app you have to get, t
Common Carrier status for C ? (Score:3, Interesting)
If not... could they be 'liable' for any of the more shady/outright illicit material passing through them from B to A as they've willingly and knowingly become part of this Rodi thing ?
( Not to be confused with thousands of hacked boxes through which spam/viruses/etc. get sent, as I doubt most owners of those boxes aren't willingly and knowingly part of a spam/botnet )
Re:Common Carrier status for C ? (Score:2)
Now, if *everyone* had bouncing on by default, it might be a bit different. And probably horribly slower.
Re:Common Carrier status for C ? (Score:5, Informative)
For this sort of application, the 512(a) exception seems best. 512(a) protects C from liability stemming from C's transmitting, routing, or providing connections for, material through a system or network controlled or operated by or for C, or by reason of the intermediate and transient storage of that material in the course of such transmitting, routing, or providing connections. Note that 512(a) does not protect C from liability stemming from anything else it does.
In order to qualify all of the following requirements have to be met:
(1) The transmission of the material was initiated by or at the direction of a person other than C;
(2) The transmission, routing, provision of connections, or storage is carried out through an automatic technical process without selection of the material by C;
(3) C does not select the recipients of the material except as an automatic response to the request of another person;
(4) No copy of the material made by C in the course of such intermediate or transient storage is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients, and no such copy is maintained on the system or network in a manner ordinarily accessible to such anticipated recipients for a longer period than is reasonably necessary for the transmission, routing, or provision of connections;
(5) The material is transmitted through the system or network without modification of its content.
(6) C must have adopted and reasonably implemented, and informs subscribers and account holders of C's system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of C's system or network who are repeat infringers; and
(7) C must accommodate and not interfere with standard technical measures. "Standard technical measures" means technical measures that are used by copyright owners to identify or protect copyrighted works and--
(A) have been developed pursuant to a broad consensus of copyright owners and service providers in an open, fair, voluntary, multi-industry standards process;
(B) are available to any person on reasonable and nondiscriminatory terms; and
(C) do not impose substantial costs on service providers (such as C) or substantial burdens on their systems or networks.
(8) C must be an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing, without modification to the content of the material as sent or received.
(9) C must be a provider of online services or network access, or the operator of facilities therefor, which is inclusive of (8) above.
(10) C must comply with applicable subpoenas and court orders.
Conspiracy charges (Score:2)
Re:Common Carrier status for C ? (Score:2)
How much you wanna bet that C will get sued no matter what? The traffic still goes through him, so his participation could be argued as contributory. This isn't anonymity -- it's a way to make everyone in the chain liable for something o
Ah, i can see it now. (Score:2)
Man-in-the-middle attacks, comming soon to a Rodi near YOU!
Re:Ah, i can see it now. (Score:2)
Solution for the for the **AA (Score:2)
But they'll simply haul the person in who's using the masquerader's address and charge them as an accomplice to theft.
Re:Solution for the for the **AA (Score:2)
Copyright violation is not theft.
What's worse is that the punishment for actual theft of a DVD (maybe $50 or 3 hours community service) would be way less than the punishment for copyright violation (years in prison and 10k$'s fine). Because illegal filetraders are soooo dangerous to society, and actual thieves are not.
Re:Solution for the for the **AA (Score:2)
What's worse is that the punishment for actual theft of a DVD (maybe $50 or 3 hours community service) would be way less than the punishment for copyright violation (years in prison and 10k$'s fine). Because illegal filetraders are soooo dangerous to society, and actual thieves are not.
Let's rephrase my OP.
They'll get the lawmakers to change things so that being an accomplice to copyright is a major offence with major punishment penalties.
They'll haul in the one who
Java -- then why not use SWT??... (Score:2)
Because it's harder to distribute (Score:3, Insightful)
I'm not saying Swing is better, just easier to distribute (and more widely known; again, path of least resistance.)
And I'd say the greatest SWT application ever is Eclipse.
Re:Because it's harder to distribute (Score:2)
And I'll add that I like using programs written in SWT. But I've done some development in SWT and found that swing is a much nicer API from a development standpoint.
For Example, most SWT GUI component consturctors expect an OR'ed list of constants to set attributes. Most swing components have default constructors that you then set properties on. Some people might prefer the SWT method, but I personally find the swing method easier.
Re:Java -- then why not use SWT??... (Score:2)
SWT has just as many disadvantages as advantages. It's really just an alternative to Swing, not "better" as many may claim. Azureus is one of my favorite programs, but its GUI also has a large number of minor issues on my Mac because of the SWT GUI. Had it used Swing, it would have been just as snappy as JEdit, Netbeans, and a few other Swing GUIs I run.
Really, I have no grudge against IBM for releasing SWT, but programmers need to b
Honest Question (Score:2)
Does C opt-in to being complicit in a transfer between B and someone? Does C get to know the details of the transfer? If so, is there anyway of C knowing whether or not what he/she is doing is legal? At least with bittorrent I can be mindful that I am only serving up bits I'm allowed to serve.
I happen to like non-anonymity (Score:5, Interesting)
Re:I happen to like non-anonymity (Score:2)
Those of us who care about the political activist in China are willing to tolerate warez as the price of freedom and anonymity.
Those who only care about shutting down pirate mp3s, for whatever reasons, are also, by extension, shutting down political activists in China.
Does that bother you?
Re:I happen to like non-anonymity (Score:2)
Perhaps not. But the totally legit downloader might. I do. I'll agree that, almost certainly, more than 99% of the traffic I get has nothing to do with resisting an oppressive government (unless you count the US's own Corporatocracy, and consider OSI a sort of political resistance movement)... But if I can help hide even one message that helps a Chinese dissident trying to communicate, I consider that a
BitTorrent already fairly strong (Score:5, Insightful)
This means that the RIAA/MPAA can only ever see that I am sharing one single file.
Compare and contrast with kazaa etc where my entire drive (shared folders) are available.
BT doesn't give anonymity, but it gives limited accountability, they can't prove I was uploading any other files unless they themselves connect to each one of them at the same time I am downloading. Once my client is closed, then bye bye.
Re:BitTorrent already fairly strong (Score:2, Informative)
And after that, you change the MAC address on your router and request a new IP from your ISP.
For total fragmentation of data (that RIAA/MPAA can collect) you close your client before you finished downloading, do the new-ip-trick, and restart your client.
rinse and repeat.
The legal uses for this technology are endless (Score:2, Funny)
While I do appreciate the technological idea (Score:2)
I have a hard time seeing that going through hoops in order to hide your identity while dowloading stuff is going to be necessary for legal downloads so, while regular BitTorrent has many legal uses, this tool does not, making it more likely that providing the tool for download might constitute a crime.
YES! at last (Score:2)
now all that's needed is to port it out of bloody java and also to back-end this code into a VPN.
in this way, you'd be able to hide ANY network traffic, not just VoIP and not just file sharing.
Short answer (Score:2)
Long answer.
Absolutely not.
The best way for the RIAA to stop P2P... (Score:5, Insightful)
Look at how the iTunes Music Store put a dent in on-line music sharing by providing a better shopping experience and keeping the price low enough that people will choose it over p2p.
Now if the RIAA/etc would recognize the benefits of p2p for distribution of large files, they could benefit from companies like Apple and Napster running storefront trackers. The user would purchase the
The benefits would be an on-line revenue stream, lower costs of network bandwidth because of the torrent, and a way to win favor with the p2p file sharers today.
Re:The best way for the RIAA to stop P2P... (Score:2)
The funny thing is that they would need to keep track of your uploads in this scenario to give you credit, which means trackerless networks need not apply.
Ho hum... (Score:2, Informative)
Combine this with periodic searches as a client for restricted content, and you've got a list of people offering probable restricted content.
They can even get trickier and start adver
Why be C? (Score:2)
ugly image (Score:3, Funny)
Sam
An appropriate story considering (Score:2, Informative)
Re:An appropriate story considering (Score:3, Informative)
http://www.slyck.com/news.php?story=811 [slyck.com]
Re:An appropriate story considering (Score:2)
It'll be back by tomorrow
Wrong letters (Score:2)
It's not C that agrees to stand in the middle, it is A...You know, like in MPAA. The perfect position to prepare the lawsuit.
PS: Yes, I know mixmaster and tor.The recording Industry (Score:2)
They're going to have to change to a business plan that's different. The online music stores are a good start. More live concerts is another.
CD's are going to finish becoming obsolete in about 30 years as rewritable forms of memory like USB sticks get smaller, contain more, and take over.
They WILL change, or they WILL go out of business.
Use "fair use" laws - would this work? (Score:2)
Since you never share more than 10% of a song, you could use "fair use" defense (you can even provide critisism - "this song is good/sucks").
The same P2P client would grab 10% of a song from 10 different people, each of who shares different part of the file...
Expectations (Score:2, Insightful)
The expectation of privacy also counts when exercising your freedom from unreasonable search... you have to have an expectation of privacy. It's sad that ours has gotten so eroded that we no longer seem to have one. Our own culture undermines the bill of rights... Good hack on the governm
Re:Expectations (Score:2, Insightful)
No. here's what we need: (Score:5, Insightful)
This would be the first step in the evolution to anonymous p2p, it's a good compromise, and way better than the current method, where everything is done in plain view. If (or more likely, when) the thought police starts attacking this, _then_ we can move to the fully paranoid networks.
Backwards (Score:3, Insightful)
Who cares if A can hide their identity? B can't.
Re:Backwards (Score:3, Informative)
The prevalence of privacy (Score:2)
As the level of privacy is taken up, notch by notch, it's the illicit side of it that seems to be prevailing. I saw a p2p system was used for one of my automatic WoW updates; I don't see any reason why to hide that from the web at large. If I wanted to get distributed file transfers, and
The Onion Router Project (Score:3, Informative)
TOR [eff.org]
Two things: (Score:2)
b) The fact that every connection is tunneled through an intermediary will significantly reduce scalability and throughput.
Order Up Another Drum of Mylanta (Score:2)
Here's a nasty thought (Score:2)
I'd suspect the **AA would have a much tougher time rationalizing their witchhunts if even only 10% of network traffic related to bittorrent was actually false, both in terms of content and in terms of
heh... (Score:3, Funny)
"Hello, Security? Hi, I need to have NATting set up for my workstation. What? Oh, just a P2P filesharing app. Yeah, it's pretty cool, it's fairly anonymous, and it can spoof its IP, and it.... Hello?"
Corrected link (Score:2, Informative)
Re:The PirateBay is down for good! (Score:3, Interesting)
Re:Nope (Score:2)
Oh yes. [sf.net] Java is great for P2P programs, going all the way back to the original Furi program for Gnutella. (It's too bad that Limewire came along and killed such a great little proggie. Grrr...)
Re:Nope (Score:2)
Re:Nope (Score:2)
Re:How is this annonymous? (Score:2)
RIAA can't just log all the people accessing the stuff, because the IP-address accessing all the data is just a third party who probably doesn't even know anything.
The problem is that you might be somehow incriminated if someone downloaded child porn using your computer as a relay, and you would probably have a hard time proving it wasn't yo
Re:How is this annonymous? (Score:2)
Actually, there is. It's called Onion Routing [onion-router.net]. It's a product of the US Navy Research Lab and has been around for quite a while. There were attempts to use this technology in P2P networks (namely I2P-BT, which is now defunct, as far as I can tell even though the generic I2P network layer project is still alive and kicking).
Re:How is this annonymous? (Score:2)
Agreed. But it's fixable. Here's how. (Score:2)
If the **AA happens to be B, then they still know what A asked for and that C is delivering it to them. Both A and C are screwed.
What they need is to add a random number of hops.
A asks for a file, and a random number of hops (say...0, 1, or 2). Let's say we get 1.
A asks for a file and D has it. We have +1 extra hops. So D sends the file to C who sends it to B who delivers it to A.
All B knows is that A is asking for the file and C is providing it. What B does not know is if A is the original per
Re:Agreed. But it's fixable. Here's how. (Score:2)
Re:Spoof a three way TCP handshake? (Score:2)
Re:Spoof a three way TCP handshake? (Score:2, Insightful)
B = sender
A = receiver
C, D = intermediaries
We assume that intermediaries cannot be held liable for their intermediacy. Thus the "vulnerable" parties are A and B. Thus A and B must be protected from any other party, including each other.
For any sent packets that are UDP-spoofed, (spoof) appears after the step number.
Here's a scenario that achieves that:
1. A selects intermediary C, and requests customer id Q; C asso