digg

Facebook Connect Join Digg About

How File Sharing Reveals Your Identity

mute-net.sourceforge.net Interesting article that explains how RIAA can trace you back in a P2P network and identify your IP as well as your identity. The MUTE techonolgy to prevent spy tactics is also presented. You can also find more details on an alternative P2P system called Konspire2b.

Who dugg this? Made popular Feb 4, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

69 Comments

show profanity settings
expand all
  • teece, on 10/12/2007, -0/+1About an IP and identification:

    You need to remember that the RIAA sues you in civil court. The standards of evidence in civil court are far lower than in criminal court.

    So while it's quite true that an IP address *might* not uniquely ID you, the reality is that a whole lot of the time it will. And that is ample evidence for a ruling in favor of the RIAA in a civil court. The limited non-uniqueness of the IP-address-to-person function might provide reasonable doubt in a criminal case; it's not likely to get a ruling in your favor in a civil case.

    I'd wager more than 9 times out of 10 an IP actually does ID a specific person, or at least a specific household. There are real legal issue to be resolved here (that haven't yet), but the sad fact is that if your IP shows up on a RIAA hit list, you're screwed. Mainly because you can not afford flesh-eating lawyers, as the RIAA can.

    That someone else might have been using your IP probably won't save you, even if you can afford to go toe to toe with the RIAA lawyers.

    That's why they have such a good racket in this game -- it's rigged in their favor.
  • vypergts, on 10/12/2007, -1/+2This page also highlights why these lawsuits are bs. Namely, the RIAA is filing subpoenas agains ISPs based simply on a filename. You could have a file called "pr0n.jpg" and by renaming it "teen pop.mp3" and sharing it over p2p you are somehow inviting the right to get sued for copyright infringement.

    When people use proxying and IP spoofing services like MUTE, it explains how people who have never turned on a computer are getting sued for filesharing. Same with people running open Wi-Fi. RIAA doesn't give a sh*t because they have that all powerful IP address and a name to go with it. That is why it is important that more people understand how this works, particularly legal professionals and lawmakers.
  • tidejwe, on 10/12/2007, -0/+1This may even increase download speeds for p2p. . . if people can quit worrying about the files they are sharing, then more people might leave things seeded.
  • znxster, on 10/12/2007, -0/+1Clever stuff ... and the http://mute-net.sourceforge.net/howAnts.shtml .. is another interesting article too
  • Ainast, on 10/12/2007, -0/+1What ever happened to SneakerNet?
  • teh_toaster, on 10/12/2007, -0/+1And they could track folks by looking at their Quicken account files and files named MyResume.doc, all present on their completely shared harddrives.
  • tamarind, on 10/12/2007, -0/+1Bill, you didn't quite get it. The file transfers are also routed through other hosts. They're encrypted on either end, so the in-between nodes have no idea what they're forwarding on. Of course, this slows things down as the topography is somewhat lumpy.

    Anyway, you don't know from whom your data is coming. The only thing they can be certain of is through whom the data is being routed. Perhaps they could subpeona these nodes, but from there the chase would be futile. It's like following a fugitive's trail into a room with a hundred doors. Which path did he take? Worse: each room behind those doors has as many. MUTE is probably not this big of a network yet, but it is something to consider.
  • muhahah, on 10/12/2007, -0/+1screw this. just get your music from allofmp3.com. It'll be centuries before RIAA can shut them down.
  • OBKenobi, on 10/12/2007, -0/+1I always use my neighbor's open wi-fi network for p2p. One of these days the RIAA is going to come take him away.
  • billsand, on 10/12/2007, -0/+1Any global file trading system is a bust.

    In a tcp/ip (Internet connection) transaction, both sides know each others ip addresses. It's the core of how tcp/ip works. Each packet has the source and destination ip address encapsulated in it.

    If either address were omitted, it would not work. Remove the destination address and routers have no idea where to route a packet. Remove the source address and routers have no idea where to return packets to. TCP requires return packets to establish a connection and be useful, so a one way connection is not possible either.

    When you establish a connection to a remote host, you can easily determine their ip by bringing up a command prompt and typing NETSTAT /a You will see a list of connections and their associated ip's or domain names.

    MUTE would merely add a single additional step for the RIAA. Rather than being handed a list of files that correlated to an ip, they would correlate to a virtual address. The additional step would be to begin a download of any of the files then do a netstat and observe the address.


    A MAC address (hardware address) is only significant between two adjacent routers. Nobody cares about your MAC and it is not as important as your IP.

    Observing a file transfer between two other machines is not something the RIAA can easily do. It would require a packet sniffer in the network between the two trading machines. This is not going to happen without your ISP taking an active role.

    Bill
  • antigravit42, on 06/14/2009, -0/+0Another reason why IRC > p2p
  • Xenogis, on 10/12/2007, -0/+0Wait... soo.... I should stop downloading every thing that pops up? Do I have to stop putting my harddrive on P2P also!? Oh man, that sucks!
  • bsoric, on 10/12/2007, -0/+0@4ntigravity- I've been trying to figure this out for ages: How is IRC anonymous? What with things like whois and whowas etc. Is there something I'm not getting here?

    And with this MUTE software, I don't think that'd work if your ISP charges you per (bandwidth unit) instead of per hour. Imagine all those files being downloaded, then uploaded to the next computer in the chain.
  • karasutengu, on 10/12/2007, -0/+0An IP address is not a nonrepudiable identifier. Legislation hasn't even been able to assert digital signatures, which are encrypted with a private key, are legally nonrepudiable. The fact that an IP address can be easily spoofed just puts it on even shakier grounds. RIAA tactics in this respect are based more on intimidation than any sort of solid legal foundation.
  • jonesin, on 10/12/2007, -0/+0"Here is another thing if someone connects via 56k and a download trys to pass thue them your max download would be what 4 or 5kb max."

    That's a good point and is one of the reasons why this network won't truly be completely widespread until the average person's bandwidth is higher. That said, the next version of MUTE which is due in a month or two will be multisource and so should be exponentially faster on popular files in the network.
  • DarkerMaster, on 10/12/2007, -1/+1wait if they hack into MY local network isn't that in itself illegal. if the do this then what is stopping me from filing a counter suit on their ass. why not just encrypt every search that is run by a user so that there is ONLY one computer that can decrypt the search. meaning that each search result that is run through the network comes back as a different virtual address. Making the search of 1000+ songs that you return look like 1000+ people each having 1 song.
  • billsand, on 10/12/2007, -0/+0Hi Tamarind,

    The filename/virtual location (database) is the only thing being obfuscated. When the actual transfer begins, it's ip to ip.


    "Of course, when it comes time to transfer a file, these networks use direct connections."

    On the internet, ip to ip is all you have. You can't roll your own encryption on an ip address and expect upstream routers to know how to route it. The router uses the destination ip to decide what interface to output a packet on. If it sees anything other than 4 octets ###.###.###.### it drops it.

    In tcp/ip, a packet leaving your pc is wrapped at the ip layer with a header that includes your PCs ip address and the ip address of the destination peer. It is then handed to the next layer (your net card) where it is again wrapped with a header containing your MAC address and the MAC of the very next device that will handle it (your cable modem or home router). From there, it hits the wire.

    (note: NAT will intercept the packet and swap the wan ip for the lan ip, though this changes nothing as far as this topic goes)

    The next device (router) strips off the MACs, reads the destination ip, determines the interface to forward it through and re-wraps the packet with it's (the router) MAC and the MAC of the upstream host (in a switched network). It then puts the packet on the wire going out the chosen interface. (in a routed network, the destination MAC is mostly meaningless).

    This process repeats until the packet arrives at the destination. In turn, that peer unwraps the packet and provides the application with the return IP (& port) of the sender so that a reply can be made.

    While this connection is active (and tcp/ip connections are active during an entire transfer), either peer can easily see the ip / domain name of the other.

    Any encryption or obfuscation you perform happens before winsock gets the packet. Winsock then adds the standard headers to the packet.

    The only way to transfer a file without knowing the other peers ip is to use a proxy. Anyone running a proxy for this is going to be on the RIAA lawsuit list, since they are also sharing the file.

    MUTE is relying on the belief that the RIAA currently does not download the file, they just do the search and go after the returned ip's that contain song titles. It's not a good concept to build on. As soon as they encounter this system, they will go the extra click and download a file. Even a partial download is going to make the perr ip known. Personally, I would be inclined to think they do the download anyway, just for evidence sake.

    Bill
  • billsand, on 10/12/2007, -0/+0The MUTE process may make it more work to catalog multiple violations, but NETSTAT /a at the command prompt will reveal the ip address of any active connections.

    Bill
  • fuxxtor, on 10/12/2007, -0/+0"Sharing copyrighted material, the lagality of which is still questioned...." Questioned by whom? Somebody (artist/record label/RIAA) owns something; like it or not.

    I agree that RIAA shouldn't play big-brother with everyone, but let's face it: downloading anything copyrighted that you didn't purchase or otherwise negotiate a license to use is illegal.

    I am far more concerned with overall data security than trying to mask my own illegal actions.
  • SirSid, on 05/27/2009, -0/+0Um any ideas about the MUTE software itself..anybody try it out?
  • grislygus, on 10/12/2007, -1/+1"Or people could stop sharing copyrighted material...."

    Ha!

  • ricodued, on 10/12/2007, -0/+0This MUTE stuff looks interesting. I tried anonymous bittorrent with i2P, and I still was served a DMCA violation warning for downloading a television show.

    I'm pretty wary of anything claiming to anonymize your internet communications when it comes to file sharing.
  • motorbikematt, on 10/12/2007, -0/+0This is worthy of a digg not just because of the nearly always topical RIAA insanity...but also because it provides a good explanation (if only a primer) of TCP/IP networking within the context of filesharing..

    If all Internet users were truly aware of how it worked, we'd all be better off.
  • shawgo, on 10/12/2007, -0/+0doesn't peerguardian2 do this? at least by stopping connections to known Government, RIAA, etc IP's?
  • diggnationdevon, on 10/12/2007, -0/+0Has anyone ever heard of BitTorrent? I legally download music from iTunes, but if I want to get a tv show or something I just get if off BitTorrent.
  • pmarks, on 10/12/2007, -0/+0Um... konspire2b hasn't had any updates in the last 3 years.
  • UbelDucky, on 10/12/2007, -0/+0Mute is a really cool p2p I agree, but there are not enough users. It tooke me 20 minutes to get an mp3. One off an album I legally own of course. If people actually started using it, say most of the digg community it would really start getting some steam, but at the moment it looks like its about to be another great idea that never made it.
  • tamzarian, on 10/12/2007, -0/+0They shouldn't be able to catch me, I use PeerGuardian. It blocks over 50% of the worlds IP's. :|
    http://www.waterblogged.be
  • ((PolyAst)), on 10/12/2007, -0/+0My File: Metallica__Everywhere_I_Roam.mp3?

    "EVERYWHERE"?
    http://www.metallicaworld.co.uk/releases/metallica.htm

    Still an interesting read tho... :)
  • isewise, on 10/12/2007, -0/+0Has anybody used the Konspire2b program sounds like a cool app.

    http://konspire.sourceforge.net/
  • SystemsGuy, on 10/12/2007, -0/+0Google is your friend. Go google "The Onion Router" if you want to actually hide on the internet.
  • Yanks2435, on 10/12/2007, -0/+0thewayne1: shhh!

    I doubt the effect that peergaurdian has on the RIAA finding your IP though.
  • thewayne, on 10/12/2007, -0/+0mmm... What about news groups?
  • angrykeyboarder, on 10/12/2007, -0/+0I'm not sure how a link to a site explaining file sharing is "news". The main purpose of the site is to promote it's product. "MUTE".

    I see nothing wrong with the site, in fact, I've now bookmarked it.

    But it's not news by any means.
  • karasutengu, on 10/12/2007, -0/+0teese, good point about the civil nature of the trial. I wonder though, since the entire prosecution hinges on the unique mapping of ip to identity, establishing the fact that you had a trojan on your system could dismantle that argument as well.

    afbase, a MAC address is even easier to hack than an ip address...
  • DoubtfulSalmon, on 10/12/2007, -0/+0Either this is really dumbed down, or a really bad idea. That 'method' for achieving 'anonimity' has holes you could drive a bus (presumably filled with lawyers) through. Trouble is, lots of dumb bunnies will read it, consider that it sounds vaguely plausible, and run with it.
  • selfdisplaced, on 10/12/2007, -0/+0out of curiosity...

    p2p users-- wouldn't it be true that one is being TRICKED into connecting to a RIAA computer? i mean, without your knowledge of them connecting to you, isn't that a direct violation, and isn't that what hackers do? they UNKNOWINGLY to you, connect to your computer and IP address (computer), without your permission.
  • bbqribs, on 10/12/2007, -1/+1I think that we should just blow the ***** up. Destroy the RIAA. ***** the bastards. Gestapo nazi pricks don't belong in America.
  • Juggalo420, on 10/12/2007, -0/+0or just use a proxy or dont use p2p at all thats what all those other "warez" sites are for software to do the most mundane task is lame
  • afbase, on 10/12/2007, -0/+0PEOPLE UNDERSTAND the at RIAA could give a crap about your IP address... its the MAC address that they want!!!
  • inactive, on 10/12/2007, -0/+0bittorrent and peerguardian2 has always worked for me
  • tobiasbohansen, on 10/12/2007, -0/+0Sorry, I thought that I could insert space in the post!
  • tobiasbohansen, on 10/12/2007, -0/+0# Bill
    You have not understod the way Mute works! When you download from a other node then the data may go through multiple nodes, so even if RIAA does download the file, they can see where it came from!


    | |
    Node1 -- Node2
    | |
    Node3 ---- Node4 ---- you ----- RIAA ---- Node5 ---- Node6
    | |
    Node7 Node8

    The is no way RIAA can see if the data is going to you or to Node1 or Node 3 or Node4 or Node7, you can actully be download from RIAA with out them being able to prove that it is you who are downloading!
  • narlzac85, on 10/12/2007, -0/+0@billsand

    I think the point of anonymization in the MUTE network is that even though it it IP to IP, each node has no idea where the file will be stopped and decrypted. If the RIAA tracked just one computer, there would likely be many IPs connecting to it, but where is the destination and what is in the packets? They would have virtually no way of knowing without breaking near-unbreakable encryption.
  • tobiasbohansen, on 10/12/2007, -0/+0If you want more info on mute goto: http://mute-net.sourceforge.net/ or http://board.planetpeer.de/index.php or http://forum.mymute.info/
  • mp2togo, on 10/12/2007, -0/+0At the Planet Peer website (above), take a closer look at I2P :
    The encryption is far superior to Mute and the like, and it's not confined to P2P
    (BT and Gnutella atm), you can use encrypted email, irc, browsing, blogs and websites, too.
    If you don't know where to start, start with I2P.
  • x2dx, on 10/12/2007, -0/+0Good idea to do it would keep you more protected but the bandwidth that it requires is alot sence each node has to download and then upload the file again and most people have ***** upload connections.

    Here is another thing if someone connects via 56k and a download trys to pass thue them your max download would be what 4 or 5kb max.
  • koolsteve, on 10/12/2007, -0/+0wait. if you were to download a file on limewire or somthing, and then nothing happens after like 3 months... are you safe? just wondering.
  • rock808, on 10/12/2007, -0/+0MUTE has a severe problem. I'd never use it in this state.

    Yes.. there has been talk that the RIAA cannot know the destination of the file as it passes through many hosts, but they don't need to worry about that. They DO know the IP of their neighbor who did download (from them) or provide (to them) the file.. whether or not THAT machine was the final destination or not, it still "assisted" in the distribution of copyrighted material... I'm sure they could nail that person for that.

    SO... in the case of MUTE... I might be using it legally, but may end up being a middle man between an illegal sharer and the RIAA... when the RIAA requests a song, which comes through my computer (automatically, and unknown to me)... then I get busted for helping distribute the song... just great.
  • billsand, on 10/12/2007, -0/+0Hi diggnationdevon,

    BitTorrent is a great idea for legal downloading. It's downside comes with downloading illegal stuff. When you join a torrent you are connecting or accepting connections from many people. Try it. Join a popular torrent and after a little progress open up a dos prompt and type netstat /a /n ( the /n forces it to show ip rather than domain) You will see the ip of everyone who is sending or receiving a piece of the file from you at that time or within the last 2 minutes.

    In my experiences with torrents, they are often slow. This makes you a target for a longer amount of time. People who download the latest movies and allow their machine to participate in a 3 day torrent should not be to suprised to get busted.

    Aside from buying the dvd or cd, smaller scale networks of trusted friends is really the only sane way to go. Even then, it's not worth it.

    Personally, I think the networks should look the other way for trading episodes of tv shows with ads intact. Even better, they should provide a special edition of the show with international commercials that would be made available after the original airing. Seems like they could solve a problem and open a new advertising channel at the same time.

    Bill
  • Fetching more discussions...
    Show 51 - 69 of 69 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.