I got a Cease & Desist Letter! Did you get a Cease & Desist letter? Want to know what to do if you get one? The EFF put together a new site "ChillingEffects.org" at http://www.chillingeffects.org/ "The Chilling Effects project works by publishing cease-and-desist letters received by Internet users and providing detailed information about the relevant legal rules. For example, if an Internet user receives a letter demanding that she remove a synopsis of a "Star Trek" episode from her website, members of the Chilling Effects team would post the letter online, embedding it with links to information about basic copyright protections, the rules governing synopses, and the fair use doctrine. "EFF receives hundreds of requests for help and information from recipients of cease-and-desist letters," said EFF Legal Director Cindy Cohn. "This project should help individuals gain access to greatly needed information as well as allow us to track who is sending these letters and research larger trends." (you should make this sticky or at least add the link to your sites) |
Great idea, but unfortunately the site doesn't exist. Maybe they were asked to 'cease and desist'. |
The site works for me |
This one could use a sticky, Morgwen :) It'll help people understand their rights and the legal mumbo-jumbo. For instance, take this Q and A from a C&D letter (found at http://www.chillingeffects.org/prote...gi?NoticeID=95): Quote:
|
paste it in here with any info you deem necessary deleted :) |
Quote:
But if CycloCide beats me now its your fault! :) Morgwen |
I dont' find the site amazingly helful. It posts explanations of terms to some degree, but it doesn't really conclude anything about individual letters. Interesting site though. |
I got a Copyright Violation Notice from MPAA/BSA for File Sharing on Gnutella and Fas I got a Copyright Violation Notice from MPAA/BSA for File Sharing on Gnutella and FastTrack! Summary: People are getting Copyright Violation Notices from the Business Software Alliance (BSA) and Motion Picture Association of America (MPAA) via their ISPs saying they have broken the Digital Millenium Copyright Act (DMCA) and Copyright Act for File sharing over the Gnutella and FastTrack peer to peer networks as well as IRC and others. At least 17,000 incidents have been recorded. They have the IP address, time of transfer, file name index, file sizes, protocol and program names as evidence. Digital Millenium Copyright Act (DMCA), Title 17 United States Code Section 512. Copyright Act, Title 17 United States Code Section 106(3). Here's some more info I found reading the DMCA and searching with queries like WIPO WTO DMCA TRIPS MPAA BSA ISP OSP Gnutella FastTrack etc. Did the ISPs violate privacy rights? No. They forwarded the notice and didn't share my E-mail or home address. The MPAA or BSA can subpoena my contact info and the ISP must comply but the info can only be used for the Copyright Case. Did the MPAA or BSA violate privacy rights? No. My IP and file index were offered by me to the Public p2p net. Do they have to prove I don't own the material in question? No. Distributing copyrighted material is illegal even if you own it. Do they have to prove that I shared copyrighted material? Yes. Just the filename and size should not be enough to prove the material was actually copyrighted and not just named like it. For example I had a movie with the words "is FAKE" added to it, but it was still included in the violation list. I don't know if they had a sample of the file contents. The collection methods from RangerInc are secret. Are users who aren't doing massive transfers going to face this? Yes. It is bots collecting this data, so there will be no "flying under the radar" Because bots are cheap and easy and will lower the horizon of the radar to the ground. Will this kind of thing happen in other countries? Yes. This is happening in Canada and the US right now. Also there is a global agreement on Intellectual Property which is enforced by the World Trade Organization and overrides all WTO countries laws. The DMCA is how the USA is complying with this treaty. The EU and Russia are working on their versions of these laws right now. What are the penalties? Your ISP can cut off your service before proving anything. Just "good faith" by MPAA or BSA is enough. If your ISP doesn't cut you off they lose their "common carrier" immunity from liability. Qwest and @Home ISPs are two that are taking part. If you are found guilty the penalties are upt to $500,000 and ten years in prison. If you choose to challenge the notice then you MUST agree to be under US Federal jurisdiction, even if you live in another country. Here's more info and some links ... The Information is gathered by RangerInc Corporations bots. They were hired by the MPAA and BSA. The bots have been running since April of 2002. http://www.rangerinc.com/solution/solution_main.htm Reverse lookup on www.rangerinc.com/ shows I.P. 216.122.215.13 An arin whois query from http://ws.arin.net/cgi-bin/whois.pl on 216.122.215.13 to find out who actually owns it shows LightRealm Communications (NETBLK-LR-BLK4) LR-BLK4 216.122.0.0 - 216.122.255.255 HostPro, Inc (NETBLK-HSTPROSEA-NETBLK204) HSTPROSEA-NETBLK204 216.122.204.0 - 216.122.223.255 If your client for Gnutella FastTrack IRC etc allows you to filter hosts then add 216.122.*.* to your block list. That should stop them from connecting unless they change hosts providing the bots run from that IP range and don't spoof their address when connecting to your client. Here are some more links. Another customer cut-off http://www.ekosweb.com/wipout/essays/0904guha.htm OSP requirements (take-down) or be liable http://www.arl.org/info/frn/copy/osp.html More info for those who have been notified or want to learn more. http://www.chillingeffects.org/dmca512/faq.cgi#QID132 Also please check out http://www.eff.org http://www.anti-dmca.org http://www.macfergus.com/niels/dmca/index.html I'm dial-up 56K now. But when I get broadband again I'm going to drop Gnutella and only use encrypting and anonymizing apps like Filetopia http://www.filetopia.org and FreeNet http://freenetproject.org |
If they are relying on bots there are two possible way to fix it. 1. Jam the bots. 2. Make source untraceable. Any ideas for how either could be achieved? |
Quote:
2.) That would require proxies which is in no way efficient or entirely untraceable. (Unless someone comes up with another method.) |
Quote:
|
Wow Hey Vinnie, that sounds amazing! Where can I get more info about these Secure Channels? |
Re: Wow was that sarcasm? |
no it was not. honestly! sorry i'm not a frequent visitor of bearshare.net, any links to more specific information about that feature would be greatly appreciated. |
Secure Channels: Disappointed. Quote:
Quote:
First, it's not a technical solution but a legal one. whatever authorization methods are used, I'm sure they can be circumvented. the authorization handshake can be logged, if there's a digital key inside the servent it can be extracted, and will sooner or later. Second, it only works because bearshare uses closed code. this is no offense against closed source products, but i'm sorry that it is not a possible solution for open source servents. Third: You can choose to receive all query replies, downloads and uploads only from other BearShare clients?? did i understand that correctly??? the word blackhole is known to you, isn't it??? man, you're really provoking the next flamewar...the only reason why those anti-clustering folks are silent now is because they were told that clustering is not a bad thing as long as the servents respond to queries from outside the cluster...if this feature was enabled by all of your users gnutella would be only one last tiny step away from a private bearshare network: stop connecting the cluster to the gnutella environment, for it is not interested in their messages anyway...i took it for mere conspiration theory, but i get the impression that you are really moving in that direction, one step with every major release. do you want that? i thought you didn't... |
Re: Secure Channels: Disappointed. Quote:
There was also a recent paper that shows that all it takes is a small decimation of a population in order to cause a catastrophe. In Gnutella's case, targeting less than 1% of the high-volume servents sharing files can cause a mass exodus of users from the network. Therefore, the choice is in the hands of the users. Notice that FastTrack, AudioGalaxy, iMesh, et. al. all have proprietary networks and they have the highest download success rate and best search results. And no, Secure Channels authentication features are not vulnerable to a replay attack. And even if they break the key, we have facilities for rotating the key schedule from an external source using special messages which are digitally signed. The method used to rotate the key schedule is such that a client has no knowledge of the "next" key in the rotation until a piece of a secret share (Shamir's secret sharing algorithm) is retrieved. Besides, reverse engineering is a violation of the DMCA, and no legitimate company that receives venture capital would dare to do such a thing - they have too much to lose. Comments welcome. |
Re: Secure Channels: Disappointed. Quote:
PS: Reverse engineering is not forbidden in Europe. |
Re: Re: Secure Channels: Disappointed. Quote:
|
For e.g. german law (european law too?) an EULA on install time does not care, it's void. I'm no lawyer, at least it can not limit basic rights, free speech or reverse engineering are some. Btw, for an application that mainly is used to copy/hurt DMCA protected material, an EULA building on DMCA is a funny thingie. ;) Oops, I shouldn't have mentioned this.... |
Re: Secure Channels: Disappointed. Quote:
@ Vinnie And now what next? Will you use Gnutella as a leeching pool, or will you be "fair" and leave the net? Morgwen |
Re: Re: Secure Channels: Disappointed. Quote:
the most of the other developers donīt visit bearshare.net I ask me why? Do they really donīt care? Or are they really fearing a possible split? Btw, not only you get a TROLL status, but I donīt care what Vinnie and some of his knights say, the most people are with us but they are to lazy to fight! This sucks! Morgwen |
Re: Re: Secure Channels: Disappointed. Quote:
|
Re: Re: Re: Secure Channels: Disappointed. Quote:
There are encrypted portions of code which will be in the final release that aren't even going to get used for quite some time, we will be activating these additional security methods as the existing ones get broken. True, even these additional hidden techniques will eventually be broken, but I have planned for that, instead of assuming that the protection methods are unstoppable. Fortunately, with peer to peer software, frequent updates ensure that we will be able to combat the evils of corporate hacking as they appear. |
Re: Re: Secure Channels: Disappointed. Quote:
Probably not, but you complaining about it isn't likely to change anything. |
Re: Re: Re: Secure Channels: Disappointed. good point... against bearshare |
Re: Re: Re: Secure Channels: Disappointed. Quote:
And donīt point to Morpheus, you are not a better guy because some other are bad too... And I hope that some people wake up know! Morgwen |
Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Fair competition why dont you do gnutella and p2p a favor and explain that to the trade groups! They are the ones who are trying to get rid of P2P by hiring firms to monitor and spam gnutella, send automated notices to users to weaken and eventually shut down the network. Making security related features needed in the first place. They are the ones who are continuing to sure programs and are now trying various ways through legislation to stop P2P. While this is happening how can there be fair competition when someone else is trying to destroy you can the competition? Should they be allowed to send fake data, target users and target users? No of course not but how do you prevent it without losing the "open network" if it truely is a open network shouldnt they also be entitiled to know about whatever security plan is implemented to stop them or have it be compromised? That is the million dollar question.. |
Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Ah I forget Vinnie need some features that others donīt have, he has to sell his $19,95 client - and donīt tell me now anything about the Spyware version... Do you think the open source clients, or the non-commercial clients will act this way? What do you think will happen if Vinnie proceed this way? I think the commercial clients will start to block each other, this will destroy the Gnutella net, nice future! Vinnie has proven here that he donīt want to work with other developers together , he ONLY wants to earn money... Morgwen |
Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Quote:
Quote:
|
Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
So why security by obscurity? Instead of working on a better protocol, Bearshare tries (again) to get an advantage from proprietray extensions. Needless to say what's good for Bearshare isn't automatically good for Gnutella. |
Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
They are checked by default right? And you know the most people install what is checked because they think they NEED these progs, and if you start now to tell me something that this is mentioned... you know exatly that the most people donīt read the terms, so you provide these Spyware crap to a large number of user... And I have read your plans to FORCE the people to buy the PRO version: http://www.bearshare.com/forum/showt...0&pagenumber=1 And now tell me why the people should use your advertising client, if they can better clients for free - like Gnucleus, Shareaza or soon Xolox! Quote:
Morgwen |
Bearshare is splitting Gnutella to give it a name. |
Re: Bearshare is splitting Gnutella Zeropaid has it too: BearShare Blocks other Gnutella Clients After months of badmouthing and disadvantaging other clients here is it finally. From Bearshare.Net: "You can choose to receive all query replies, downloads and uploads only from other BearShare clients". In clear works again: Bearshare is splitting the network! Remember the words from hackmaster Dr. Damn: Be nice and play fair. Uninstall BearShare. http://www.zeropaid.com/news/article.../06272002g.php |
Skins for Gnotella 1.05 I have Gnotella 1.05 and can't find any skins or information on it, what happened to Gnotella and how come it is no longer supported? |
Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. And now tell me why the people should use your advertising client, if they can better clients for free - like Gnucleus, Shareaza or soon Xolox! You shouldn't use anything, unless you want to; no one is forcing you. Like you said, their are other clients out there. Use the one you like and get on with your life (or get a life), instead of argueing about trivial things. So you want to leech from the Gnutella net as long as possible and if the net is destroyed you switch to your private net... BearShare can upload and connect to every other client, so it isn't leeching off of anything. The only difference is if the rest of gnutella dies, BearShare users would have something to fall back on. Of course ssh, SSL, PGP and all good commonly used secure protocols or hashs are available as open source. So why security by obscurity? Even though the source to generate the encrypted data is available (ssh, SSL, PGP), the encryption algorithms are soo strong that it would take a LONG time for anyone sniffing the traffic to figure out what the data is. By the time they could crack the encrypted data, the encryption system would probably be changed and they have to start all over. You would need the special key to decrypt the data immediately. This is the problem faced on gnutella when using a key-pair (private/public key) system. If you have an open source client that contains the keys needed to decrypt/encrypt the data... anybody can take the source, rip the keys and then decrypt/encrypt whatever they want. This is where security through obscurity comes into play. If others don't know the keys, don't know how the security works... it will be hard for them to crack. Otherwise you just go on blocking hundreds of IPs, or develop a centralised control system. This is not good. These secure channels aren't the best solution, nor are they an absolute form of protection... but it's something! Does anyone else (Morgwen, Moak) have a better (non-proprietary) solution that everyone could use? No? That's what I thought. |
Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
There is nothing obscure about the techniques that BearShare uses to digitally sign query hits or require challenge/response authentication in host connections - they are all built from sound, proven cryptographic primitives that are published and well documented. If we were using obscurity, we would have made up our own cryptographic algorithm - this would be a poor choice. So when you hear someone say "security through obscurity" in the context of BearShare, this is clear sign that they don't know what they are talking about. |
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Quote:
I know Vinnie tries to give himself an übercoder attitude. He likes to talk about multithreading, completition ports and encryption. All sounds great for unskilled users but after a closer look it's marketing most times. The so called secure channels provide no security in real world, they split Gnutella. Quote:
|
Re: Bearshare is splitting Gnutella Quote:
I wonder what Vinnie has thought, if he did consult a lawyer before? I have the suspicion that "secure channels" have nothing to do with security, they are a secret attempt to split Gnutella into smaller proprietary network$. Money not security. |
Re: Re: Bearshare is splitting Gnutella Quote:
[No insults please] |
insulting is low, moderators please have a look on it. |
aww.. don't tell me you're the same "anonymous"? :p |
Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Morgwen |
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
|
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
what Vinnie is doing he uses the way he likes most but this is SURE not the best way... About the split, what will happen next? Limewire and other commercial vendors will start to add similar features, this will kill the net... but Mr. Falco is prepared it seems like he is planning something like this... He should be fair and leave the net if he thinks that Gnutella isnīt secure enough but he needs the Gnutella net as a leeching pool! Mrgone there is no exuse for such actions... Morgwen |
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
I'm doing the best I can to see if these concepts can be applied to something like gnutella without giving so much control to a governing body like the GDF that, given something like a court order, they could shut the network down (as could happen with revokable certificates). It's a tough problem to tackle and I'm probably not going to be the one to solve it, but I'm not going to dismiss the possibility. Quote:
|
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Morgwen |
i live in the uk, do i have to worry about this? |
Re: Re: Re: Re: Secure Channels: Disappointed. Quote:
Everyone is missing the big problem, we would have to depend on your ability to PROTECT YOUR EULA. So I want to know, how many $$ did you put in a fund to protect all of us in a law suit against the RIAA enforcing your EULA? If they violate your EULA and you win against them, does that mean the copyright violation charges against one of us are dropped or do we still get fined and you walk away with a million in settlement? Now if you put in several hundred thousand to protect us all, I would be happy to jump on the BearShare BandWagon and become a BearShare BrownNoser and even donate some $$ to the separate TRUST FUND managed by a neutral party. What would actually hold up in court is if every BearShare node on the [now] separate BearShare Network had the ability to allow PASS THROUGH file transfer, and no one can tell if it's being used or not, so then you have no idea where the file originated, and can claim in court "that file could have come from anywhere, not just my node". (for those of you who are about to post "that would slow down the network", don't bother posting and use the search button) How do you justify that feature? Oppressed countries like China need it bad. Go pass that by your lawyer after you get one that is, and all you who have (come with) this idea should too. Why isn't file pass through working in this version of BearShare? |
freenet-style transfers through multiple nodes are the future of filesharing [read: free exchange of data]. freenet, however, has a good number of issues that make it quite hard to use, and anyways, it was neither meant as a filesharing network nor is it mainly used as one. nevertheless gnutella could learn a lot of these secure transfers. would they slow down my downloads? certainly they would. but if i got the choice between speed and security, i would go for security. the perfect P2P Network of the future would use gnutella's decentralized selfstructuring network model, error-tolerant information storage methods like kademlia and untraceable data transfers like those of freenet. ah yes, and public key cryptography because of them spooks that pay my isp to log all my traffic...arghs, i guess it's still a long way to go until we get there, but i have some hope left... ps: Vinnie, good luck with your proprietary bearshare network, you're gonna need it... |
All times are GMT -7. The time now is 10:01 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.
Copyright Đ 2020 Gnutella Forums.
All Rights Reserved.