OneSwarm
February 6, 2012 9:23 AM Subscribe
OneSwarm is a privacy preserving BitTorrent client that offers permissions for restricting access to shared content and sharing without attribution, with the anonymity being provided by fellow OneSwarm peers routing transfers.
There are several interesting use cases outlined in the author's paper "Privacy-Preserving P2P Data Sharing with OneSwarm" (pdf), such as employing permissions to share a photo archive with only a subset of friends, or downloading a security patch without indicating that your machine is currently vulnerable to the patched exploit.
"OneSwarm differs from [previous anonymous peer-to-peer applications] in its support for a spectrum of data-sharing models and peer trust relationships"
There is a longstanding issue that BitTorrent dislikes the Tor anonymity network. OneSwarm provides sharing without attribution by implementing a Tor-like anonymity network which the authors describe as "new design point in [the] tradeoff between privacy and performance."
I haven't yet worked out whether OneSwarm's routing avoids building a public key infrastructure behind the scenes, much less how much privacy this might sacrifice, but the authors cite the "Slicing the onion" article.
There are several interesting use cases outlined in the author's paper "Privacy-Preserving P2P Data Sharing with OneSwarm" (pdf), such as employing permissions to share a photo archive with only a subset of friends, or downloading a security patch without indicating that your machine is currently vulnerable to the patched exploit.
"OneSwarm differs from [previous anonymous peer-to-peer applications] in its support for a spectrum of data-sharing models and peer trust relationships"
There is a longstanding issue that BitTorrent dislikes the Tor anonymity network. OneSwarm provides sharing without attribution by implementing a Tor-like anonymity network which the authors describe as "new design point in [the] tradeoff between privacy and performance."
I haven't yet worked out whether OneSwarm's routing avoids building a public key infrastructure behind the scenes, much less how much privacy this might sacrifice, but the authors cite the "Slicing the onion" article.
This is an interesting concept, but until they get an easy to install client, it'll only appeal to about .01% of the Metafilter audience.
posted by crunchland at 9:33 AM on February 6, 2012
posted by crunchland at 9:33 AM on February 6, 2012
I was going to say this looked a lot like Tor and then I came back and found that you'd already said that. I feel like there has to be a better, more robust way of addressing these issues than building another internet in software on top of the internet we already have in hardware. With enough "bad" nodes, it isn't that difficult figure out what requests are coming from where. Even in their video, they show that the request fulfiller is handing data to their "friends" but if those "friends" are actually the RIAA, say, then bam. (Unless I missed an encryption step?)
posted by DU at 9:35 AM on February 6, 2012
posted by DU at 9:35 AM on February 6, 2012
You've got that backwards. Tor isn't happy with BT traffic on their network.
No, the problem is that Bittorent clients often broadcast your IP address completely negating the effect of using Tor in the first place.
posted by delmoi at 9:36 AM on February 6, 2012
No, the problem is that Bittorent clients often broadcast your IP address completely negating the effect of using Tor in the first place.
posted by delmoi at 9:36 AM on February 6, 2012
So, what is the general consensus on PeerBlock as a tool for privacy? Does it work fairly well? I know it's only tangential to this post, but figured I may as well ask since we're talking about BT and privacy.
posted by symbioid at 10:00 AM on February 6, 2012
posted by symbioid at 10:00 AM on February 6, 2012
symbioid: Software such as peerblock is functionally useless.
You have to think like the RIAA/MPAA. If you were them, how would you design a system to find who's sharing your stuff to send out nastygrams? If I designed it, I would just hit the trackers and see what IPs are distributing the hashes and call it a day. The trackers are how most bittorrent client finds most peers. Your bittorrent client will look in the .torrent file and see which trackers are listed and try to find peers, but more importantly, it will register with the tracker to tell other peers you are available. PeerBlock won't prevent you from broadcasting to trackers that you have the file, which is where I'd put my work if I wanted an easy way to send out C&D letters. The amount of work to get IPs is downright trivial. An example of a tracker is Open Bittorrent.
This is how sites such as You Have Downloaded work.
So if you really wanted to protect yourself against the most obvious vector of attack, you'd disable using trackers entirely (by removing them from your torrent file) and use DHT for peer discovery exclusively.
Bonus for hackers: A lot of bittorrent trackers use udp, it'd be hypothetically possible to poison the effectiveness of this method of collection to send nastygrams by telling the trackers that the IP addresses of RIAA headquarters are sharing files. It's fairly easy to spoof IPs over UDP.
I think the effectiveness of something like OneSwarm or Freenet-like models will probably become popular only if bittorrent gets shut down, and/or maybe if our internet speeds increase by another order of magnitude due to the overhead costs.
posted by amuseDetachment at 10:24 AM on February 6, 2012 [7 favorites]
You have to think like the RIAA/MPAA. If you were them, how would you design a system to find who's sharing your stuff to send out nastygrams? If I designed it, I would just hit the trackers and see what IPs are distributing the hashes and call it a day. The trackers are how most bittorrent client finds most peers. Your bittorrent client will look in the .torrent file and see which trackers are listed and try to find peers, but more importantly, it will register with the tracker to tell other peers you are available. PeerBlock won't prevent you from broadcasting to trackers that you have the file, which is where I'd put my work if I wanted an easy way to send out C&D letters. The amount of work to get IPs is downright trivial. An example of a tracker is Open Bittorrent.
This is how sites such as You Have Downloaded work.
So if you really wanted to protect yourself against the most obvious vector of attack, you'd disable using trackers entirely (by removing them from your torrent file) and use DHT for peer discovery exclusively.
Bonus for hackers: A lot of bittorrent trackers use udp, it'd be hypothetically possible to poison the effectiveness of this method of collection to send nastygrams by telling the trackers that the IP addresses of RIAA headquarters are sharing files. It's fairly easy to spoof IPs over UDP.
I think the effectiveness of something like OneSwarm or Freenet-like models will probably become popular only if bittorrent gets shut down, and/or maybe if our internet speeds increase by another order of magnitude due to the overhead costs.
posted by amuseDetachment at 10:24 AM on February 6, 2012 [7 favorites]
I've found the Mac OS X client completely painless, crunchland, presumably the experience works about the same on any platform given you control it via your web browser and it's written in Java.
Are you objecting to the whole local web application thing? I reflexively dislike both java and web applications myself, but they simplify deployment spectacularly, which matters if you want your software used. Sage and Freenet both run behind your browser, although maybe Freenet installs its own browser like Tor.
There is also the fact that we're moving towards multi-device models with headless personal servers like the FreedomBox hosting your email, photos, music, movies, etc., which necessitates web interfaces, or another RESTful-ish protocol.
I'd envision a world where poor people can buy themselves sub $100 Android/Linux based laptops, televisions, phones, and tablets that interact with a sub $100 FreedomBox offering several terabytes of storage. Individually, each device costs relatively little, making the whole system affordable "utility wise".
All the personal data like photos and emails are both stored both locally and also backed up encrypted in the FreedomBox cloud, with your own FreedomBox "paying for" said backups using excess local capacity and anonymizing file transfers. You do NOT share your friends list or info consumption habits with any company, ala facebook.
You download new content by pointing your FreedomBox towards a magnet, capacity, etc. link. Or even buy it off iTunes, etc. if Apple, etc. ever decides people who cannot afford more than $100 at any given time are worth selling to. We exploit poor people today by forcing them to buy expensive items piecemeal, but personal servers potentially give them coin to trade.
posted by jeffburdges at 11:10 AM on February 6, 2012
Are you objecting to the whole local web application thing? I reflexively dislike both java and web applications myself, but they simplify deployment spectacularly, which matters if you want your software used. Sage and Freenet both run behind your browser, although maybe Freenet installs its own browser like Tor.
There is also the fact that we're moving towards multi-device models with headless personal servers like the FreedomBox hosting your email, photos, music, movies, etc., which necessitates web interfaces, or another RESTful-ish protocol.
I'd envision a world where poor people can buy themselves sub $100 Android/Linux based laptops, televisions, phones, and tablets that interact with a sub $100 FreedomBox offering several terabytes of storage. Individually, each device costs relatively little, making the whole system affordable "utility wise".
All the personal data like photos and emails are both stored both locally and also backed up encrypted in the FreedomBox cloud, with your own FreedomBox "paying for" said backups using excess local capacity and anonymizing file transfers. You do NOT share your friends list or info consumption habits with any company, ala facebook.
You download new content by pointing your FreedomBox towards a magnet, capacity, etc. link. Or even buy it off iTunes, etc. if Apple, etc. ever decides people who cannot afford more than $100 at any given time are worth selling to. We exploit poor people today by forcing them to buy expensive items piecemeal, but personal servers potentially give them coin to trade.
posted by jeffburdges at 11:10 AM on February 6, 2012
I was looking at this. I like the idea, but it definitely seems to be relying on strong uptake. I actually installed the thing, but being in a private network of one was kind of like not having internet at all.
For the reasons alluded to above, running bit torrent through Tor is not only unproductive, but dangerous and destructive, it's absolutely not a solution.
So what the hell do we do?
This is an interesting concept, but until they get an easy to install client, it'll only appeal to about .01% of the Metafilter audience.
posted by crunchland at 9:33 AM on February 6 [+] [!]
Funny, that covers most of the solutions to privacy invasion or copyright law. I'm not holding out for a tech solution here. The whole bit torrent crack down and all of the restrictive laws being thrown around in the US, Canada and elsewhere are a political/economic problem. We're not going to code around them, at least not for very long, or for any kind of mainstream.
The internet is ugly because it's a reflection of our society, and until we fix the power relationships and inequities here, they'll force their way into it.
posted by Stagger Lee at 11:35 AM on February 6, 2012 [2 favorites]
For the reasons alluded to above, running bit torrent through Tor is not only unproductive, but dangerous and destructive, it's absolutely not a solution.
So what the hell do we do?
This is an interesting concept, but until they get an easy to install client, it'll only appeal to about .01% of the Metafilter audience.
posted by crunchland at 9:33 AM on February 6 [+] [!]
Funny, that covers most of the solutions to privacy invasion or copyright law. I'm not holding out for a tech solution here. The whole bit torrent crack down and all of the restrictive laws being thrown around in the US, Canada and elsewhere are a political/economic problem. We're not going to code around them, at least not for very long, or for any kind of mainstream.
The internet is ugly because it's a reflection of our society, and until we fix the power relationships and inequities here, they'll force their way into it.
posted by Stagger Lee at 11:35 AM on February 6, 2012 [2 favorites]
I've found that judiciously choosing from I-BlockList keeps you off You Have Downloaded's list, amuseDetachment. Also, I've been told that all the major bittorrent trackers already poison their own peer pools with fake IP addresses, but I donno if they actually spoof said addresses.
In theory, there is a real threat of lawsuit behind the MafIAA nasty grams, symbioid, which means they'd prefer real evidence. I'd imagine that a tracker listing you only counts as "hearsay" in most jurisdictions. Any opinions Ironmouth or whoever?
I'd further expect that simply downloading but not seeding doesn't attract their ire either. Why? In principle, a court might reject their claims if you never even possessed the full work, who knows. In theory, they should approve of people who leach pirate resources without sharing back, well enough such people could kill piracy. In practice, you cannot kill a torrent except by going after the long term seeders. It follows that they'll almost surely try downloading from you before sending the DMCA notice, much less suing you.
In other words, peer block lists are roughly like making sure that one hiking buddy runs slower than you, just in case you run into a bear. ;)
posted by jeffburdges at 11:35 AM on February 6, 2012
In theory, there is a real threat of lawsuit behind the MafIAA nasty grams, symbioid, which means they'd prefer real evidence. I'd imagine that a tracker listing you only counts as "hearsay" in most jurisdictions. Any opinions Ironmouth or whoever?
I'd further expect that simply downloading but not seeding doesn't attract their ire either. Why? In principle, a court might reject their claims if you never even possessed the full work, who knows. In theory, they should approve of people who leach pirate resources without sharing back, well enough such people could kill piracy. In practice, you cannot kill a torrent except by going after the long term seeders. It follows that they'll almost surely try downloading from you before sending the DMCA notice, much less suing you.
In other words, peer block lists are roughly like making sure that one hiking buddy runs slower than you, just in case you run into a bear. ;)
posted by jeffburdges at 11:35 AM on February 6, 2012
Well, with bittorrent you can't download without seeding at the same time. The act of downloading registers you with the tracker, and even if you've successfully blocked the IP addresses of every address that the RIAA controls (and the validity of these IP lists has always seemed extremely dubious to me), the tracker hasn't blocked them, and the tracker has your actual IP address.
To my mind, given the extremely sloppy way the RIAA has been handing out its lawsuits, the idea that they feel some obligation to connect to your personal IP address and download an actual piece of Mission_Impossible_7.DVDRip.avi before sending a subpeona out to your ISP followed by a swift C&D to the email your ISP gives them seems like wishful thinking. That's why these IP block-lists have always seemed like snake-oil to me. The goal of the lawsuits is to have a chilling effect on bittorrent, not to have a case that will stand up throughout a lengthy and technical appeals process.
posted by whir at 12:07 PM on February 6, 2012
To my mind, given the extremely sloppy way the RIAA has been handing out its lawsuits, the idea that they feel some obligation to connect to your personal IP address and download an actual piece of Mission_Impossible_7.DVDRip.avi before sending a subpeona out to your ISP followed by a swift C&D to the email your ISP gives them seems like wishful thinking. That's why these IP block-lists have always seemed like snake-oil to me. The goal of the lawsuits is to have a chilling effect on bittorrent, not to have a case that will stand up throughout a lengthy and technical appeals process.
posted by whir at 12:07 PM on February 6, 2012
I'd further expect that simply downloading but not seeding doesn't attract their ire either.
A, uh, friend of mine, and his old ISP, tells me this isn't true.
posted by The Hamms Bear at 12:15 PM on February 6, 2012
A, uh, friend of mine, and his old ISP, tells me this isn't true.
posted by The Hamms Bear at 12:15 PM on February 6, 2012
I think the reputable/large trackers themselves aren't poisoning their own data. You can tell because less popular torrents are pretty accurate in their seed counts. I think there is some poisoning from people creating false seeders, which could be a route for some nefarious logging/enforcement/whatever. Trackers should really poison at least 25% of their data, though.
IMO, if it's understood that trackers aren't poisoning their data, I wouldn't be surprised if that just showing up on a tracker is sufficient evidence in court. The reason I highly doubt their doing direct connections on the bittorrent protocol is because it's far too much work. It requires several orders of magnitude more code and serious network/hardware with little-to-no benefit in terms of prosecution.
YouHaveDownloaded also let it slip that they're using trackers to collect their info:
posted by amuseDetachment at 12:39 PM on February 6, 2012 [1 favorite]
IMO, if it's understood that trackers aren't poisoning their data, I wouldn't be surprised if that just showing up on a tracker is sufficient evidence in court. The reason I highly doubt their doing direct connections on the bittorrent protocol is because it's far too much work. It requires several orders of magnitude more code and serious network/hardware with little-to-no benefit in terms of prosecution.
YouHaveDownloaded also let it slip that they're using trackers to collect their info:
So I’d say we "see" about 20% of all public tracker downloads.(sorry for the derail)
posted by amuseDetachment at 12:39 PM on February 6, 2012 [1 favorite]
If I were attempting to be the RIAA/MPAA, I would use a large number of "private" IPs scattered across DSL lines around the world to get IPs of content they consider theirs; then aggregate those IPs and correlate to build more certainty.
If I were really clever, I'd even fingerprint the content as it was retrieved so that I could validate it against known content that I cared about.
Of course, I might outsource this ... if I'm the RIAA/MPAA, I probably wouldn't know how to do one one-hundredth of this stuff myself.
posted by nonspecialist at 11:30 PM on February 6, 2012
If I were really clever, I'd even fingerprint the content as it was retrieved so that I could validate it against known content that I cared about.
Of course, I might outsource this ... if I'm the RIAA/MPAA, I probably wouldn't know how to do one one-hundredth of this stuff myself.
posted by nonspecialist at 11:30 PM on February 6, 2012
« Older "It was as if he knew he was going to a very dark... | John Christopher [1922-2012] Newer »
This thread has been archived and is closed to new comments
There is a longstanding issue that BitTorrent dislikes the Tor anonymity network."
You've got that backwards. Tor isn't happy with BT traffic on their network.
posted by pwnguin at 9:29 AM on February 6, 2012