h a l f b a k e r y
Trying to contain nuts.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
or get an account
One of the problems of distributed non-anonymous networks like Gnutella is that you give your IP address away once you upload or download a file. It would be possible to put proxy or socks server(s) in between, but who would want to give their bandwidth away so that you can download the new Metallica
MP3? Especially since they would run out of bandwidth quickly.
I think a distributed network where users can exchange bandwidth for proxying would be a viable solution.
It would work like this: You have a small client program that works in the background. You configure it as the proxy server ("localhost") in the applications you want to anonymize. Upon start, it connects to a distributed Gnutella-like network. You can choose a certain amount of bandwidth to share (which you can choose only in blocks of 16, 32, 64, 128, 256, 512 ... kbps). You could set how much bandwidth you would like to use in return (usually the same amount, but possibly 0 as well if you're just idling anyway).
Now, the program would, within regular time intervals, search for users who share a definable amount of bandwidth. If it finds one, it checks how much they want. If it is smaller or equal than what we're offering, it connects to them. If we've paid less than we're offering, our offered amount of bandwidth is reduced by the amount we paid. If we've paid exactly the same as we're offering, we disconnect from the distributed network until our connection to the proxy is lost.
All data is then proxied through this "servant", thereby anonymizing the IP address. In turn, all their data is proxied through us using the amount of bandwidth that we have offered.
1) Chaining several proxies. You could make a request for several blocks of identical bandwidth and chain the resulting proxies together, thereby increasing anonymity.
2) The proxy would "see" all the files that go through it. Since that is the case anyway, it might as well cache them within a definable amount of disk size. Users would be able to view the content of their cache and maybe find files of interest to them. Of course that could be seen as a violation of privacy, but the alternative would be security through obscurity. Encryption seems to be no option if we're proxying unencrypted content (WWW for example).
1) High-Low exchanges. I request 16 kbps and offer 512 kbps. Someone else offers 512 kbps and requests 512 kbps. I connect to them and now they only offer 496 kbps. This, however, is a "bad number": It cannot be searched for. Possible solution: Deny exchanges that lead to bad numbers.
2) Users lying about their offered or requested speed. In both cases, the average bandwidth used would have to checked by the other user's client, and react accordingly (disconnect/scale down).
Anonymity loves company [mab, Jul 03 2000, last modified Oct 17 2004]
ntk.net: "LGPLed too, and launched at DefCon. This is so anarcho-PC, it hurts." [jutta, Jul 03 2000]
Tor, the onion router
Tor is the EFF's entry into this fray, no caching though [wiml, Sep 01 2006]
||Avi Rubin and Mike Reiter's "Crowds" project is almost exactly this, with most of the details worked out. It's a working system; get the code and run it.
||Crowds isn't GPLed. Or at least, you can't get the source without asking for it -- I didn't read the fine print.
||I dl'ed Mojo Nation last night and it looks pretty good -- GPLed, so they won't introduce spyware into my machine (see http://www.grc.com's OptOut). Provisions for "selling" your bandwidth, disk space, and CPU cycles. Not sure the market will reward you more than the cost of electricity, though...
Sep 02 2000, last modified Sep 03 2000|| |
||Opt-out no longer exists...he's rewriting it. The rest of the website is worth it, though...
||Wouldn't anonymous web access be just the thing spammers, hate rings, and child pornographers would want most? I'm sure there are a lot of valid reasons that speak well for this idea, but not everyone on the web is legitimate.
||[ye_river_xiv], you forgot terrorists and organized crime (even before 9/11, there was much discussion in cypherpunkish circles about "should we really build anonymous networks? how do we keep the child pornographers out?"). I'd rather not reahash the arguments on HB, though.