don´t show IPs please
 

I see how appreciated the "browse host" function is, however I feel VERY uneasy sharing a lot of stuff & knowing that it is so easy to find out about my (computer´s) identity.
Is it necessary to SHOW the IP? maybe a username instead?
i plead for more user protection.

(the same of course applies for the connections-windoiw)

thnx

IP Option or Fake
 

Well, it may not be hard to mask the ip address as an option.

Users could turn their IP ON or OFF at will on the fly.

Another possibility is that a MASKED or FAKE IP could be entered in its place that is not traceable on the internet, but that works on the p2p network for still allowing connections in and out, so a form of NAT (Address Translation) sort of a temporary proxy for security.

These ideas may be a bit more difficult to produce effectively for our LimeWire coder staff, but i heard that they have some pretty good skills none-the-less, and might hire another software engineer.

Its mostly a matter of 'Why they don't want to put this in'. If it was that good, they probably would have put it in already, and they haven't.

There is another program that offers secure connections called earth station 5 or something like that.

The downside to avoiding the security issue is that the limewire userbase shrinks. For instance, all but 1 of the last 30 limewire users that i talked, claim that they disconnect limewire at ALL times except just for a few minutes when they want a file, due to its lack of protection and security.

People, myself included, have been asking the Limewire developers to do this (hide IPs) for well over two years now. The requests always fall on deaf ears.

A good way to keep Limewire from showing your IP address is to put yourself behind a hardware router. Once you do that, Limewire only shows your private IP address, which is not unique to your computer and can't be used to trace you.

It's trivial to find out your real IP address in spite of hardware routers or LimeWire hiding the IP addresses in the GUI. You gain no protection whatsoever by hiding it.

But I already posted a way to do this more than once, and a quite simple one to give us all the anonymity, which we need (without making the IP impossible to find out, only much harder, so things like childporn etc. can still be traced _with much effort_ by the police).

This is what I posted in the GDF (Gnutella Developement Forum) on 29. Februrary 2004:

This wouldn't give complete anonymity, but enough to avoid being sued. This is very acute for me, because I am being sued at the moment, and I don't want that to happen to others.

Uploading only 2/3rds of a file isn't exactly necessary, but surely useful. You just have to be careful, that not everyone uploads only the same 2/3rds :)

Instead of having an ID change with every restart, you could use a different ID for every UP and Proxy. That way you would act as several distinct sources, but as soon as people begin downloading from you, they would see, that many of those are busy, as they already download from them. Means: Many routes to one and the same file, but almost no chance to prove, that all of those belong to one host/source.

PS: Don't say now "MUTE isn't really anonymous". Important is not, if MUTE is anonymous, but that Users, many Users want to be safe from being sued!

Trust me, if you were sued, it's not because LimeWire or any other client shows IP addresses in the GUI. It's because the Gnutella protocol includes IP addresses in every QueryHit and you cannot download or upload anything from Gnutella (or from most other networks) without letting the world know your IP address.

I AM being sued, your doubting sadly doesn't change it.

Instead of my IP, the protocol could also simply include the IP of my Proxy and a Transfer-ID.

Hmm,
Sad to read that Arne.
But can you get us any details on that ?
Was it becouse of gnutella use ?

Yes, it was because of Gnutella use, but indirectly. Sadly I am not allowed to say more. My lawyer got the files from the "Staatsanwaltschaft" and I am forced to keep them confidential.

As soon as I am allowed to say more, you can be sure, that I will!

But what I can say: They didn't found me using the Gnutella Protocol directly, and I hope their "evidence" is too weak.

It's also the very "feature" that I dropped by to ask about. Every so often I have to go through my pending downloads to prune out all the single-source transfers from Limewire hosts that started and never finished - usually having stopped at somewhere between 100 MB and 500 MB out of 700 MB or so. Gigs of wasted bandwidth and disk space, and I'm still not able to think of one good reason why.

Not displaying your WAN IP in Limewire doesn't protect you. If you're behind a router, view your log. You'll see the destination IP of every single outbound connection listed. Any of them with a router can also see yours. If you're a Windows user, drop to a command prompt and enter "netstat -a". Voila - the destination address of every single active connection. Every other Windows user can do this too, and I'd bet everything I own that similar tools are easily available for Linux, Unix, and OS/X.

A return address is stamped on every single packet that Limewire sends, and Limewire doesn't really have any control over that. Whether or not you've heard of protocol analyzers, law enforcement has (for that matter, so have any "mad hax0rz" you might be concerned about). I'm not giving away any secrets here, folks - anyone that an IP would be useful to knows this and more. In short, Limewire reporting your LAN IP this way protects you from people who wouldn't know what to do with your IP, and that's about all.

Which brings me back to my purpose for dropping by - finding out the reason for this class C address thing. What in the name of creation is it supposed to accomplish, besides guaranteeing that an upload which stops will never resume?

When I first figured out why I had several GB worth of temp files for downloads which just never, ever resumed, I started trying to think of one good reason why Limewire would do that. I thought it was a mistake; when I found out that this was not only intentional, but default behavior, it blew my mind. Now, months later, I've thought about it many times (every time I prune garbage from my download list) and the only reason I can think of is "to make Limewire users feel safer than they really are". Is it worth it? Isn't that a disservice to... well, pretty much everyone?