What 'anonymity'?
What is that? It is an illusion, and as Taliban pointed out, it is also dependent on location and activity within that location.

Everything you are saying is ignoring the simple fact that you could call yourself Bubbles... the rest of us would know that we were talking with 'Bubbles' and could even follow up an interest in what 'Bubbles' had to say yesterday, today and tomorrow. This is no infringement of some image of personal freedom.
To anyone who either needs to know for their work or cares to know for their own interests, your IP is rarely a secret, so stop pretending that posting as unregistered is in any way superior in providing you, or anyone else, with enhanced freedom of speech.

The entire argument regarding so called freedom of speech and maintaining an inviolate anonymity is meaningless and has nothing to do with the reality of a public or semi-public system.

btw- "flag waiving" means to ignore or to do without...... To 'waive the rules'........ Try 'wave' next time. :p

Okay from what I read you want encryption and DNS,


Encryption on an open network is pointless because you would have to give out the key so other peoples clients can work. Thus any one even those you want to keep out get in and access to all the data again. Its like putting a lock on your house and giving everyone a key.



As for DNS like service. You would have to have static DNS servers for the clients to work through. That is againest what the theory is, peer to peer, no server. What if the DNS server went down, all their data is gone. Also they are a huge target, they get sued and told they have to hand over the list of names and IPs. Then we are ALL in trouble. Its kinda all or nothing. Either all of us are safe or none of us are safe.

Anonymity or evidence on Gnutella Network.

In most countries evidence is required before an action can be brought before a person or organisation. Your ISP reporting xxGB of transfer on port x is simply not enough an analysis of the protocols and data is required. Bearing this in mind it does not matter if an allegation of ‘you downloaded a 3mb files and allowed x amount of people to share it’ they have to show what the file contained as it could have been your latest song, audio message to you friends, family photo album or a holiday video.

Enter Encryption. As an example I will use PGP but feel free to replace with your chosen method. When you generate your key pair you can also generate and register a KEY ID, as part of the Gnutella protocol a user can request that the file be encrypted using their KEY ID. The acting server can the lookup the public key and send the encrypted data to the client who upon receipt decrypts it using their private key and pass phase.

Who to trust? That is a difficult issue, but if you decide that the person is trustworthy you can add their KEY ID to your client, which automatically allows them to download files from you. I knock-on effect of this is you can remove people who just leach from you by banning their KEY ID. By storing the KEY ID as a text file in their shared files directory if their client is not configured to allow you to download from them, then you will not be able to send them the file that they have requested.

It may work. But the network often has issues with speed right now, I fear adding encryption will only increase that issue. Not to mention programmers would have to learn how to build an encryption program. This is VERY hard to do. And if they have to make it, you then have people not skilled in crypto writing the software. Many security holes and tech issues will quickly arise. Sometimes its better to feel scared because you stay on your toes, rather than having a false sense of security.


Its like that old joke, It better to know no karate than know just a little. With no skill you wont pick fights or try to get into fights, but with some skills you will be just strong enough to get your *** horribly kicked.

The wheel has already been invented once so the client could just call GnuPG to encrypt files add/get keys etc over the users (normal) network via a simple call to gpg --keyserver certserver.pgp.com --recv-key 0xBB7576AC.

Encrypting a file does not increase the file size (+- a few bytes) so the (Gnutella) network speed will not really be affected. User download time may notice a few seconds delay for the transfer to start while the acting server encrypts the file.

I suggested encrypting not out a fear of what is being shared but rather a mechanism to stop agencies claims that then network is being used for (insert what you share) as they will not be able to show in court that xxxGb of copyrighted material was transferred over the Gnutella network as without all keys to prove this you would be slandering Gnutella users.

Re: Anonymity on Gnutella Network
 

I wouldnt call that very well encrypted.. Ip is converted to 4sets of hex arranged in nbo order that are then replaced by common characters in the 0-127 range of ascii..

Even if you encrypt the IP and port information people who write Gnutella clients that comply with the encryption could still make a client that makes the IP visible since gnutella is an open protocal. Not to mention people who write search monitors. The problem with encrypting the packets is you'd have to have public password so everyone could decrypt and respond to queries. On the other hand if you use public key encrypt then only the client with private key code decrypt the packet thus serverly limiting your search.

This may work but it also will not be easy and you need to think about all the work that will be involved in it before you begin.