Idea to make RS safer

If you want to help the RetroShare team and project, you can do some small tasks. Designers, testers, translators, please come...
Forum rules
Please read the forum's rules carefully before posting. This forum should not be used to post RetroShare usage related questions.

Idea to make RS safer

Postby ByTheTime » Sun Jan 13, 2013 1:55 pm

I just had an idea to make RS saver. Some time ago a RS user was forced to pay 10.000€ because he was forwarding a file. Files can be identified by their Hash-Code, or? So what if you change some bytes? If you demage the file by changing or deleting some bytes when uplaoding and add/change them back when downlaoding, it's harder to identify it.
ByTheTime
 
Posts: 14
Joined: Tue May 29, 2012 8:40 am

Re: Idea to make RS safer

Postby apoapo » Mon Jan 14, 2013 5:09 pm

Little correction: The user didnt have to pay 10000 €. The lawyers salary was like if the value of discussion was 10.000€.

(Actaul costs are around 500€)
apoapo
 
Posts: 189
Joined: Sun Jan 10, 2010 12:55 pm

Re: Idea to make RS safer

Postby waseihou » Fri Feb 08, 2013 2:04 pm

Hash is not the problem, but the content. The file was tunneled anyway so he could not detect it or change it or not transmit it anyway. Germans have some stupid laws as we can see in this case.

To make RS safer, it would have to sligthly change what it does:

1. Add signed files (like BEP 35 in torrents), to do this, RS would have to maintain identity within identity (or several "hidden identities") to sign files. So user with identity Bob would have another hidden identity Alice (pair of PGP keys saved encrypted as a part of Bob identity/profile) and they could sign some files with Alice's public key - this would be called "public signed file". Alice would be generally called "releaser".

2. Any user could maintain a list of signatures of trusted releasers. Any public signed file would be transferred a different way - it would not go through encrypted tunnel between uploader and downloader, but it would go encrpyted only between nodes on the path, but it would be decrypted on each node, signature and possibly name checked against list of trusted releasers, and if it passed it would be transmitted to another node in the path and possibly saved to cache to make future transmitting faster.

3. Some trusted releaser could act as an CA and sign a list of other trusted releasers (ie. another web of trust)

4. This would have several advantages: Popular files would be cached and thus quickly available, any user could act according to court order if he was struck with bad luck, no too much illegal content like CP on the network. Also only quality content would survive.

So if the user is by court forbidden to relay "THAT ONE SONG", then he could still filter it but participate on transmision of other files, no need to stop using RetroShare at all.
waseihou
 
Posts: 20
Joined: Thu Jun 28, 2012 2:27 pm

Re: Idea to make RS safer

Postby Distro » Fri Feb 08, 2013 4:44 pm

ByTheTime wrote:I just had an idea to make RS saver. Some time ago a RS user was forced to pay 10.000€ because he was forwarding a file. Files can be identified by their Hash-Code, or? So what if you change some bytes? If you demage the file by changing or deleting some bytes when uplaoding and add/change them back when downlaoding, it's harder to identify it.

Wouldn’t help at all because the lawyer/troll just has to download the file and sue the friend who forwarded it to him (which is what supposedly happened in the German case).
Distro
 
Posts: 303
Joined: Sun Sep 04, 2011 7:33 pm

Re: Idea to make RS safer

Postby Distro » Fri Feb 08, 2013 4:56 pm

waseihou wrote:Hash is not the problem, but the content. The file was tunneled anyway so he could not detect it or change it or not transmit it anyway.

It’s actually possible. Files are not encrypted end-to-end.
4. This would have several advantages: Popular files would be cached and thus quickly available, any user could act according to court order if he was struck with bad luck, no too much illegal content like CP on the network. Also only quality content would survive.

I’ll only comment on this for now: I don’t see how having files signed by their releasers could help filtering individual songs.
Distro
 
Posts: 303
Joined: Sun Sep 04, 2011 7:33 pm

Re: Idea to make RS safer

Postby waseihou » Fri Feb 08, 2013 7:15 pm

It’s actually possible. Files are not encrypted end-to-end.

I have always thought, that the transmission is secure, so that intermediary nodes cannot see what is being transmitted. It is not so?

ll only comment on this for now: I don’t see how having files signed by their releasers could help filtering individual songs.

The main reason for this is to not have files encrypted end to end as I supposed it works, to allow caching. But many people would object that they do not want to cache nasty content like CP (child pornography) and that's why the concept is being refused (for example in oneswarm). By caching only signed files, people could be 99.9% sure that their favourite release groups will not share such content, so from a moral point of view they would not object to cache it. The ability to partially filter is only a little useful, but it is also part of this. If the filtering is done on the level that filename and known hashes are being filtered by the user to whom court ordered not to transmit the file, it is I thing strong point that he did enough to stop this. Also, he would not transmit or cache just anything except the forbidden file, he would do this only with files signed by the release group. The filtering could be even on the per file level, so he would have a list of well known hashes (for example taken from magnets from The PIrate Bay) he would allow to transmit and cache, and a blacklist of those few files he was ordered not to transmit.
waseihou
 
Posts: 20
Joined: Thu Jun 28, 2012 2:27 pm

Re: Idea to make RS safer

Postby cave » Mon Feb 18, 2013 7:57 am

hi,

It is easy possible to create with 3 employees 3 new RetroShare Users with the RetroShare-Windows-Portable.
Employee Alice is connected with Employee Bob. Employee Charlie is connected with Bob. Only Bob is connected to both.

Alice shares a file encrypted through User Bob to Charlie. Charlie writes down the IP Address from Bob while he was downloading the File Alice shared for him. Then he goes to court claiming a case of "STÖRERHAFTUNG" which exists only in Germany.



the IP's of the sued user "rechner3" was from an IP Range from the lawyers (Rasch Legal).

The e-mail of the user "rechner3" was "pm.hh.04@gmail" it is possible that pm stands for the anti Piracy Company "ProMedia"
hh == "Hansestadt Hamburg".

and other indications that lead to the lawyer company and anti-piracy company.


The maximum value of discussion was 10k. If a lawsuit had been started, this value would have been cut down.
There was never a lawsuit to discuss the case and start a prove collection or discussion.

There is only a contract with rechner3 and the anti-piracy company, where rechner3 committed to not use RetroShare again.

the IP's of the sued user "rechner3" was from an IP Range from the lawyers (Rasch Legal).

The e-mail of the user "rechner3" was "pm.hh.04@gmail" it is possible that pm stands for the anti Piracy Company "ProMedia"
hh == "Hansestadt Hamburg".

rechner3 was never seen afterwards.


It looks like, this was a "forged" case to be present in the media with a high value sentence.
cave
 
Posts: 109
Joined: Tue Nov 13, 2012 10:27 pm


Return to Contribute and help the RetroShare project

Who is online

Users browsing this forum: No registered users and 1 guest

cron