Join my C# project on sourceforge
-
Hi there! Since there seems to lots of competent developers around here I think I'll try some fishing... I've just started a .Net C# project for creating a secure P2P (Or friend to friend as I like to call it) software. Main goal is to create an application with chat and file sharing that is private for all users on the particular net and provides file sharing with multiple source dl and hashing for all data transfers (no bloody wrong bytes wanted). Just have a look at FriendsNet at sourceforge, any help programming or nonprogramming is appretiated. Project is public domain so (ab)use it any way you like. /Regards Albert
You seem to be describing an emule implemented in C#, am I right? What would be the advantages over emule? And what do you mean by "secure"? Saying you are about to create a secure P2P sounds like all other or most P2P are insecure. What vulnerability do you see?
Help me dominate the world - click this link and my army will grow
-
Hi there! Since there seems to lots of competent developers around here I think I'll try some fishing... I've just started a .Net C# project for creating a secure P2P (Or friend to friend as I like to call it) software. Main goal is to create an application with chat and file sharing that is private for all users on the particular net and provides file sharing with multiple source dl and hashing for all data transfers (no bloody wrong bytes wanted). Just have a look at FriendsNet at sourceforge, any help programming or nonprogramming is appretiated. Project is public domain so (ab)use it any way you like. /Regards Albert
-
Hi there! Since there seems to lots of competent developers around here I think I'll try some fishing... I've just started a .Net C# project for creating a secure P2P (Or friend to friend as I like to call it) software. Main goal is to create an application with chat and file sharing that is private for all users on the particular net and provides file sharing with multiple source dl and hashing for all data transfers (no bloody wrong bytes wanted). Just have a look at FriendsNet at sourceforge, any help programming or nonprogramming is appretiated. Project is public domain so (ab)use it any way you like. /Regards Albert
Open source meets closed source. The world implodes.
Todd C. Wilson (meme@nopcode.com) NOPcode.com Visual Face Lift: Skinning for apps Listen! Audio Server: Be the music "Flow with whatever may happen and let your mind be free: Stay centered by accepting whatever you are doing. This is the Way." - Chuang-Tzu "Zen in the Martial Arts"
-
Here you go: http://sourceforge.net/projects/friendsnet/
-
You seem to be describing an emule implemented in C#, am I right? What would be the advantages over emule? And what do you mean by "secure"? Saying you are about to create a secure P2P sounds like all other or most P2P are insecure. What vulnerability do you see?
Help me dominate the world - click this link and my army will grow
Actually this program is more friend2friend communication, meaning you can't just dl the software and enter any massive network with thousands of users dl from them and let them dl from you. The application is not meant for massive file trading either like traditional P2P. To make it more secure a user name and password are required for loggin in to a server (or hub if you like). When logged in to the server you get the secure key required for encrypting all trafic between clients. So it's a trade of limiting yourself to a server where all users are required to have some affiliation with the server operator. If you wanted to you could simply have some anonymous access but that would only turn the network to other traditional P2P network. I started the project to have create a reliable chatting file sharing application with a couple of friends (which gave the name FriendsNet). When connected the server I know that only me and my friends should be able to chatt with me and dl files from me. Of course the network is only as safe as the server operator requires it to be so you have to rely on the server operator to not allow anybody to connect, but since the operator in the FriendsNet that I'm going to be connected to is my friend I choose to trust him, if I don't I can run the server myself. I haven't tried emule, but if it does this already I'll try it instead.
-
-
Actually this program is more friend2friend communication, meaning you can't just dl the software and enter any massive network with thousands of users dl from them and let them dl from you. The application is not meant for massive file trading either like traditional P2P. To make it more secure a user name and password are required for loggin in to a server (or hub if you like). When logged in to the server you get the secure key required for encrypting all trafic between clients. So it's a trade of limiting yourself to a server where all users are required to have some affiliation with the server operator. If you wanted to you could simply have some anonymous access but that would only turn the network to other traditional P2P network. I started the project to have create a reliable chatting file sharing application with a couple of friends (which gave the name FriendsNet). When connected the server I know that only me and my friends should be able to chatt with me and dl files from me. Of course the network is only as safe as the server operator requires it to be so you have to rely on the server operator to not allow anybody to connect, but since the operator in the FriendsNet that I'm going to be connected to is my friend I choose to trust him, if I don't I can run the server myself. I haven't tried emule, but if it does this already I'll try it instead.
Well, if it needs a server, it would be only a matter of adding a login command to emule and emule server. The rest, emule already does, with an incredible ease of use and reliability. Emule is coded using MFC.
Help me dominate the world - click this link and my army will grow
-
Well, if it needs a server, it would be only a matter of adding a login command to emule and emule server. The rest, emule already does, with an incredible ease of use and reliability. Emule is coded using MFC.
Help me dominate the world - click this link and my army will grow
-
Shouldn't encryption be a feature of the network, not the software? It's just a matter of tunneling it over, e.g., SSH.
Help me dominate the world - click this link and my army will grow
-
Well, if it needs a server, it would be only a matter of adding a login command to emule and emule server. The rest, emule already does, with an incredible ease of use and reliability. Emule is coded using MFC.
Help me dominate the world - click this link and my army will grow
Daniel Turini wrote: Emule is coded using MFC. By any chance did you wrote the code for the eMule application?
"Whidbey"..."Orcas"...Roadmap
This signature was created by "Code Project Quoter". -
Daniel Turini wrote: Emule is coded using MFC. By any chance did you wrote the code for the eMule application?
"Whidbey"..."Orcas"...Roadmap
This signature was created by "Code Project Quoter".No, but I made a mod for me, so I know some of emule internals. If you're curious, it's kind of a piracy warning bot. My machine provides servers with file names and hashes that doesn't exist but I want to monitor if someone is trying to download it. Once someone requests the download I can log his/her IP and then at least, be warned of who is trying to pirate my software (if they first downloaded a demo from me and filled a form). One could even do some market research. It's not fully ready yet, but it's fun testing it while creating some fictitious pr0n movies or games and see some people desperate to download them. People also show their stupidity when trying to download files like 'Windows XP SP3 cracked.exe'.
Help me dominate the world - click this link and my army will grow
-
Shouldn't encryption be a feature of the network, not the software? It's just a matter of tunneling it over, e.g., SSH.
Help me dominate the world - click this link and my army will grow
Yes, it could be done that way, but it's such a mess configuring that stuff, exchangin keys with the possibility to pick up the phone and verify a fingerprint is much easier (I guess that is sufficient to detect a MITM attack). If possible it would be nice to avoid MITM attacks automatically but unless I can get help implementing a security scheme to do that, using the phone will have to do.
-
No, but I made a mod for me, so I know some of emule internals. If you're curious, it's kind of a piracy warning bot. My machine provides servers with file names and hashes that doesn't exist but I want to monitor if someone is trying to download it. Once someone requests the download I can log his/her IP and then at least, be warned of who is trying to pirate my software (if they first downloaded a demo from me and filled a form). One could even do some market research. It's not fully ready yet, but it's fun testing it while creating some fictitious pr0n movies or games and see some people desperate to download them. People also show their stupidity when trying to download files like 'Windows XP SP3 cracked.exe'.
Help me dominate the world - click this link and my army will grow
Daniel Turini wrote: If you're curious, it's kind of a piracy warning bot. Interesting! Daniel Turini wrote: My machine provides servers with file names and hashes that doesn't exist but I want to monitor if someone is trying to download it I never used eMule, but if I get it correctly you are offering your software(dummy) out on the net (via eMule) just to catch and warn those leechers? :~ Daniel Turini wrote: People also show their stupidity when trying to download files like 'Windows XP SP3 cracked.exe'. ROTFL :laugh:
"Whidbey"..."Orcas"...Roadmap
This signature was created by "Code Project Quoter". -
Daniel Turini wrote: If you're curious, it's kind of a piracy warning bot. Interesting! Daniel Turini wrote: My machine provides servers with file names and hashes that doesn't exist but I want to monitor if someone is trying to download it I never used eMule, but if I get it correctly you are offering your software(dummy) out on the net (via eMule) just to catch and warn those leechers? :~ Daniel Turini wrote: People also show their stupidity when trying to download files like 'Windows XP SP3 cracked.exe'. ROTFL :laugh:
"Whidbey"..."Orcas"...Roadmap
This signature was created by "Code Project Quoter".Kant wrote: I never used eMule, but if I get it correctly you are offering your software(dummy) out on the net (via eMule) just to catch and warn those leechers? Actually, not. I do not to have a great concern about my own software, because it's a credit & risk assessment system for corporate environment. It's a 24x7 app, and moreover, would you leave the decision to give someone a couple 10E6 dollars to a pirate software? What I'm doing is (IMO) a revolutionary research that may allow, in the future, to use the own power of P2P software to attack piracy. I don't even need to give my software, I can "hack the system" and offer things that do not even exist (like 'Windows XP SP3 cracked.exe'). I can pollute the namespace offering lots of applications and let people slowly download big bogus data. This way, the number of sources quickly increases. There are so many funny ways to mess with P2P networks that I really don't understand why RIAA is not doing it yet (this is a lie: I do understand; RIAA is stupid). The main hidden flaw on P2P networks is the absence of a reliability system; you simply don't know who is reliable and who's not. This has two interesting implications: 1. Once you stablish such a system is easy to send to jail the most reliable peers, because they would be the root distributors, so it will never be stablished. 2. Since you don't know who is reliable, a big number (~1000) of unreliable peers can mess the whole system. You can, e.g., flood the queue of a distributor of a true file, so no one can download it, and offer lots of fake downloads, so all the bandwidth of downloaders gets sucked while trying to download fakes. Eventually people will get tired of downloading fakes. To understand what I'm talking about, try googling for, e.g., britney spears mp3. Then, enter some sites and try to find a single real britney mp3 (beware of popups and ActiveX).
Help me dominate the world - click this link and my army will grow
-
Hi there! Since there seems to lots of competent developers around here I think I'll try some fishing... I've just started a .Net C# project for creating a secure P2P (Or friend to friend as I like to call it) software. Main goal is to create an application with chat and file sharing that is private for all users on the particular net and provides file sharing with multiple source dl and hashing for all data transfers (no bloody wrong bytes wanted). Just have a look at FriendsNet at sourceforge, any help programming or nonprogramming is appretiated. Project is public domain so (ab)use it any way you like. /Regards Albert
Do you know about www.jabber.org[^] Take a look at that... Looks similar with what you want to build. Free your mind...
-
Kant wrote: I never used eMule, but if I get it correctly you are offering your software(dummy) out on the net (via eMule) just to catch and warn those leechers? Actually, not. I do not to have a great concern about my own software, because it's a credit & risk assessment system for corporate environment. It's a 24x7 app, and moreover, would you leave the decision to give someone a couple 10E6 dollars to a pirate software? What I'm doing is (IMO) a revolutionary research that may allow, in the future, to use the own power of P2P software to attack piracy. I don't even need to give my software, I can "hack the system" and offer things that do not even exist (like 'Windows XP SP3 cracked.exe'). I can pollute the namespace offering lots of applications and let people slowly download big bogus data. This way, the number of sources quickly increases. There are so many funny ways to mess with P2P networks that I really don't understand why RIAA is not doing it yet (this is a lie: I do understand; RIAA is stupid). The main hidden flaw on P2P networks is the absence of a reliability system; you simply don't know who is reliable and who's not. This has two interesting implications: 1. Once you stablish such a system is easy to send to jail the most reliable peers, because they would be the root distributors, so it will never be stablished. 2. Since you don't know who is reliable, a big number (~1000) of unreliable peers can mess the whole system. You can, e.g., flood the queue of a distributor of a true file, so no one can download it, and offer lots of fake downloads, so all the bandwidth of downloaders gets sucked while trying to download fakes. Eventually people will get tired of downloading fakes. To understand what I'm talking about, try googling for, e.g., britney spears mp3. Then, enter some sites and try to find a single real britney mp3 (beware of popups and ActiveX).
Help me dominate the world - click this link and my army will grow
Daniel Turini wrote: There are so many funny ways to mess with P2P networks that I really don't understand why RIAA is not doing it yet (this is a lie: I do understand; RIAA is stupid). I think RIAA is doing this. I read somewhere they were uploading mp3 files with the first 15 or 20 seconds of the song, then either noise or just blankness for the remainder of the track.
-
Hi there! Since there seems to lots of competent developers around here I think I'll try some fishing... I've just started a .Net C# project for creating a secure P2P (Or friend to friend as I like to call it) software. Main goal is to create an application with chat and file sharing that is private for all users on the particular net and provides file sharing with multiple source dl and hashing for all data transfers (no bloody wrong bytes wanted). Just have a look at FriendsNet at sourceforge, any help programming or nonprogramming is appretiated. Project is public domain so (ab)use it any way you like. /Regards Albert
Asking for help on CodeProject articles and projects is cool. Asking for help on offsite projects is a little discourteous. cheers, Chris Maunder
-
Daniel Turini wrote: There are so many funny ways to mess with P2P networks that I really don't understand why RIAA is not doing it yet (this is a lie: I do understand; RIAA is stupid). I think RIAA is doing this. I read somewhere they were uploading mp3 files with the first 15 or 20 seconds of the song, then either noise or just blankness for the remainder of the track.
Jeff Martin wrote: I think RIAA is doing this. I read somewhere they were uploading mp3 files with the first 15 or 20 seconds of the song, then either noise or just blankness for the remainder of the track. This doesn't work. Modern P2P networks, like emule, can filter and sort files by the number of sources. Emule has even a fake search, on www.sharereactor.com. What I'm researching is a dynamic system, with some sort of intelligence. Again, the trick is how you can appear to be a reliable source and, at the same time screw up the reliable sources. My current technique depends heavily on the file size, the bigger, and the better. Files under 100~200Mb will be hard to protect. So, MP3 will go unprotected. But movies, full albums, discographies, games and big software can be protected. The thing that makes it harder is: I don't want it to be an attack based on a bug, because bugs can be corrected. I want it to be something closely linked to the whole P2P concept, so it can’t be beaten. I'm aware that my technique still has lots of flaws, that is why I'm still researching. Maybe soon I’ll discover that I’m not smart enough (highly probable) and will give up, but I’ll burn some neurons before giving up.
Help me dominate the world - click this link and my army will grow