John Borland reviews latest privacy schemes for P2P users on the Internet:
- most peer-to-peer systems require some degree of openness to work at all. In order to download a song from another computer online, a file swapper’s computer must make some kind of connection to it. That leaves a digital record that can be traced back to a person’s Internet service provider, and from there to the account holder.
At the very least, adding anonymity to peer-to-peer systems involves a trade-off in efficiency, creating performance headaches that bring a network to its knees. Some security experts go further, arguing that privacy is impossible to achieve in a peer-to-peer network, given that the technology requires creating direct connections between computers.
“The bottom line is that you just can’t be anonymous on the Internet if you’re going to have some kind of peer transaction,” said Mark Ishikawa, chief executive officer of BayTSP, a company that tracks and identifies file swappers for music labels and Hollywood studios. “There is this myth that you can be anonymous. You can hide, but we can get you.”
Most of the newest generation of file-swapping hopefuls use some kind of encryption, scrambling files so that they become impenetrable strings of data as they are transferred online. This helps keep out some prying eyes, but most monitoring services, such as BayTSP, simply pretend to be an ordinary file-swapper, searching and downloading files instead of trying to break into the network from outside. No matter how powerful the encryption in the network, that digital handshake is required, Net experts say.
Many of the services are also moving toward Internet “proxies” as a way to mask identities. Under this model, the direct handshake between uploaders and downloaders is interrupted by a digital middleman. Instead of being downloaded directly, a file is handed off to another Web server, or passed through another set of computers, before finding its way to the downloader.
….Rohrer’s Mute is a more extreme version of this proxy idea, in which every computer on the file-swapping network becomes a middleman, passing on search queries and actual files that are on their way elsewhere in the network. This makes it nearly impossible to determine who is uploading or downloading what information–-but the model has a cost.
Ordinary file-swapping networks work quickly, because only small bits of information–-search queries and background data–are relayed between most of the computers. In Mute’s model, each computer potentially serves as a courier for vastly larger multimedia files. That can quickly clog people’s Net connections, slowing or stalling the network altogether.
….Spanish developer Pablo Soto, whose Blubster and Piolet software have attracted several hundred thousand users, is taking a decidedly different tack. While including strong encryption and some privacy-enhancing features in a new version of the software expected to be released in the next few weeks, he’s also changing the way files are downloaded.
Information such as an MP3 song will still be downloaded from its original source, he said. But a song will be scrambled, and downloaded simply as raw, unintelligible data. This means that no actual copy of a song is being exchanged, he contends.
If downloaders want to turn that data into useable music, their software must seek elsewhere on the file-swapping network for the encryption “keys” that will unlock the data, transforming it back into an MP3. Separating the download of the data and the keys may help protect file sharers from lawsuits, making it more difficult for courts to say exactly which party is responsible for copyright infringement, Soto said. [CNET]
As P2P privacy gets better it makes P2P more inefficient, as it also drives up the cost of tracking users for legal action, pushing both sides toward a compromise.