Tag Archives: P2P

From the Ashes of Blue Frog

The Blue Frog may be no more,  but the vigilantes are. Seems that despite the death of Blue Security in the face of a spammer’s wrath, the service has built an appetite for fighting back. Eric B. Parizo of SearchSecurity.com reports on a new independent group called Okopipi who intend “to pick up where Blue Security left off by creating an open source, peer-to-peer software program that automatically sends “unsubscribe” messages to spammers and/or reports them to the proper authorities.”

Okopipi has already merged with a similar effort known as Black Frog and has recruited about 160 independent programmers, who are dissecting the open source code from Blue Security’s Blue Frog product. The idea seems to be the same: automatically sending opt-out requests to Web sites referenced in received spam messages, the idea is to over-burden the spammer’s servers (or those of the product he’s advertising) as a deterrence and incentive to register with Okopipi. By registering he can cleanse his spam list of Okopipi members.

Some tweaks seem to be under consideration: Processing will take place on users’ machines and then on a set of servers which will be hidden to try to prevent the kind of denial-of-service attack that brought down Blue Frog.

Possible problems: I noticed that some of the half million (quite a feat, when you think about it) Blue Frog users were quite, shall we say, passionate about the endeavour. These are the kind of folk now switching to Okopipi. This, then, could become an all-out war in which a lot of innocent bystanders get burned. The Internet is a holistic thing; if Denial of Service attacks proliferate, it may affect the speed and accessibility of a lot of other parts of it, as the Blue Frog experience revealed. (TypePad was inaccessible for several hours.)

Another worry: Richi Jennings, an analyst with San Francisco-based Ferris Research, points out on Eric’s piece that project organizers must ensure that spammers don’t infiltrate the effort and plant backdoor programs within the software. “If I’m going to download the Black Frog application,” Jennings said, “I want to be sure that the spammers aren’t inserting code into it to use my machine as a zombie.” I guess this would happen if spammers signed up for the service and then fiddled with the P2P distributed Black Frog program.

Another problem, pointed out by Martin McKeay, a security professional based in Santa Rosa, Calif., that spammers will quickly figure out that the weak link in all this is it rests on the idea of a legitimate link in the email for unsubscribing, and that spammers will just include a false link in there. Actually I thought the link Blue Frog used wasn’t unsubscribe (which is usually fake, since if it wasn’t would then pull the spammer back within the law) but the purchase link. How, otherwise, would folks be able to buy their Viagra?

One element I’d like to understand better is the other weakness in the Blue Frog system: That however the process is encrypted, spammers can easily see who are members of the antispam group by comparing their email lists before and after running it through the Blue Frog/Black Frog list. Any member who is on the spammer’s list will now be vulnerable to the kind of mass email attack that Blue Frog’s destroyer launched. How is Okopipi going to solve that one?

Verso Helps Block China Traffic

Verso Technologies has announced its first major deal for its Internet filtering technology — in China. Verso is best known for its high-profile promises to block Skype VoIP traffic, which have raised a few eyebrows, and very little take-up, in the U.S. and Europe. However, clearly this is exactly what the unidentified Chinese mobile carrier wants to do, according to Verso’s press release:

“The trial is representative of the significant opportunities for Verso’s products in the Chinese market, where VoIP is highly regulated and the use of Skype software has been deemed illegal,” said Yves Desmet, senior vice president, worldwide sales, Verso Technologies. “More and more countries are following China’s direction in evaluating the risks associated with the growing popularity of P2P communication such as Skype, due to intense security concerns with the use of this medium for unlawful purposes and its impact on carriers’ revenues and the bottlenecks their networks are experiencing. We believe that this is just the beginning of a tremendous opportunity for Verso.”

VoIP from non-official operators is potentially illegal in China, at least for now, and major telecom operators there have been blocking Skype with some success. But I am not sure Verso’s Desmet is correct in saying “ the use of Skype software has been deemed illegal” . I can find no reference to substantiate that. Is Verso being misleading by saying that, and using phrases such as “intense security concerns with the use of this medium for unlawful purposes” to make it sound like Skype and its ilk are a hotbed of triad and Al Qaeda activity?

More generally, when Verso talks of “security concerns” it’s talking about blocking viruses, illegal content (P2P files etc) and other unwanted nasties, as well as recently aired fears that Skype may have security holes allowing hackers to carry data anonymously. But of course in China “security” carries an extra connotation. VoIP, unlike ordinary telecommunicatons, is hard to monitor, eavesdrop and tap. Is Verso helping China to limit free speech? (No, says Verso, in a piece on Slyck by Thomas Mennecke.)

I’m not quite clear about why a mobile operator would be that interested in this technology. I suppose we’re talking about people using Skype and such like over mobile networks. Still, what is clear is that Verso sees this as the thin end of a big, lucrative wedge:

“We are seeing broad applicability for this type of solution on a global basis by the service provider community, as these potential customers look to preserve and maintain security, comply with regulations, improve their revenue opportunities and optimize their network.”

Shutting Skype Out

Who actually pays for Skype? How about the network operators, who have to put up with all the extra traffic? And what are they doing about it? A piece from VOIP Planet, Keeping Skype @Bay, points to the arrival of products specifically designed to block Skype (and other p2p traffic) from their networks:

Skype is the poster child for such ‘undesirable’ traffic, from the point of view of facilities based network operators, as the VoIP technology provider and its peers bring no network capacity to the party; they essentially piggyback on others’ pipes.

And this is not just a minor nuisance.

Monty Bannerman, president and CEO of Verso, pointed out to VoIPplanet.com that NANOG [the North American Network Operators’ Group] has probes all over the primary backbones. “They’ve been able to measure the rise in peer-to-peer traffic,” Bannerman said. “The last stats I saw—and that was at least a year ago—at that point over 30 percent of the backbone was p2p traffic—and rapidly growing.” This is traffic that brings in not a penny for the carriers whose networks the p2p traffic traverses.

For smaller network operators this is poison, the piece says:

“It’s one thing if you’re just having a rise in certain kind of traffic and its driving more capacity and people are buying bigger pipes from you as a carrier. But if that same traffic is robbing your paid subscriber base, it’s like eating poison every day,” Bannerman said. “There are really two camps here.” Bannerman continued. “There’s the p2p camp that says Skype’s an incredible new thing that everyone loves, but if you’re watching your business model being eroded every day, you’re in the other camp.”

Certainly the company mentioned, Verso, makes no bones about the fact it’s Skype they’re offering to block with their products. In a press release issued on Sept 14 it says of Skype calls:

 However, these calls typically run through multiple carriers’ IP networks and consume large amounts of bandwidth.  This traffic runs outside the traditional carrier revenue generation models and is therefore highly undesirable for them.  Furthermore, carriers currently do not have a feasible way to separately monitor and restrict this type of traffic on their network.  Verso’s new technology would fill this void.

Five days later, in another press release about its new NetSpective 2.0 Enterprise Filtering Technology, it mentions Skype again, aiming at somewhat different concerns:

 Additionally, the application specifically targets and blocks Skype software, which enables users to utilize the Internet to place undetectable and un-monitored voice calls to another end-user running a Skype application, leaving enterprise organizations open to a variety of liabilities and potential virus infections.

That’s interesting. Undetectable and unmonitored calls? What about mobile calls?

What’s also interesting about this is that Verso has its own VoIP product. One can’t help but wonder about the legal and ethical aspects of blocking one VoIP carrier traffic while offering your own product. Indeed, the VOIP Planet article specifically quotes Verso president Monty Bannerman as saying its filtering software could distinguish between certain kinds of traffic, so it “could actually degrade certain types of traffic—or prioritize others.”

I imagine this kind of thing is going to come to center stage as Skype (and competitors) grow. And as the VOIP Planet says, there are regulations about this kind of thing, though they differ from country to country.

[Andy Abramson of VoIP Watch has an interesting take on this debate.]

Could The Fake Beheading Have Been Proven Earlier?

I know it’s easy to be smart after the event, but were there enough clues on the Internet for journalists to have figured out the Benjamin Vanderford video was a fake before AP and others published the news?

There were some clues, at least. From the video we were able to know his name and his home town, even his home address. From that checks on Google would have thrown up the following at the very least:

  • Him, or someone with the same name, was running for office:  A piece on The Examiner website on May 31 mentions “Benjamin Vanderford, 22-year-old political independent, musician and video-game programmer” as being a District 4 candidate and a member of something called the Candidates Collaborative.
  • sfbulldog, an online resource for politics and the arts, also mentions Vanderford, or someone with the same name on May 22, who was, according to the author H Brown, “smarter than me (not saying a lot, I know) … has great web site and hell of a sense of humor. Fine young writer. A future in politics if he’s serious and could shock everyone if his web site catches on.” Unfortunately the website address mentioned is not cited. (It was possibly this one, mentioned on the Northeast Intelligence Network in its early assessment of the video but not cited. The link itself is no longer active.)

Already, however, we’re getting a picture of someone who seems likely to be the Vanderford in question, since he’s from that town, appears to be the same age, and is the only Benjamin Vanderford in San Francisco area. He’s also a guy with a sense of humour, running for office, smart and with a website worth checking out. What’s he doing in Iraq, and why is there no mention of that fact?

That, I suspect, should be enough. Did any journalists try calling his home to confirm? Vanderford says he had circulated the video on P2P networks such as KaZaA for several weeks. Would a savvy journalist have been aware of this? Perhaps not. But as the The San Francisco Chronicle points out, usually material which is gathered from the Internet carries qualifying phrases. But this time the fact that the video had appeared on a Islamic website that has in the past posted communiques and videos from Islamic radical groups appeared to be enough to convince several news agencies to go ahead.

Bottom line: Any material that appears on the Internet should be checked, wherever it appears. In this case, with the guy’s name and address so clearly stated, it would seem to make sense to make some rudimentary checks first before announcing he has been killed.

Heart Embraces File Sharing

Have record companies suddenly changed their minds about file sharing?

A press release from file sharing software company RazorPop and record label Sovereign Artists yesterday trumpeted the release of Heart’s New CD “Jupiter’s Darling” over the TrustyFiles P2P file sharing network as the “first time a major artist has ever released music from a CD to file sharers”.

The release quotes RazorPop CEO Marc Freedman as saying: “When a legendary band like Heart embraces file sharing, you know it’s become mainstream. Don’t be misled by the entertainment terror campaigns designed to instill fear and stunt innovation. The real focus should be on the artists and making music. A wide majority of musicians support P2P file sharing. There’s been an explosion in its use by independent artists.”

So does it mean that big artists and major labels are just going to throw their music out to the unpaying, unwashed masses? Er, no. The press release says the “files are in Windows Media Player format and can be played on most major media player software and portable music player devices.” So far, so good. But while the files look like they’re in the WM format, they are actually what are called Weed files, which as the press release explains, “provide 5 free Heart songs for new users”. So what does that mean, exactly?

A press release from WeedFiles last month explains what actually happens. While Weed files can be freely shared, each user is given three free plays, and then invited to buy the file. If they do, they can then freely share that file with others, each of whom are given three more plays. If they then buy the song, the original buyer will get a 20% commission.

Actually, this is a good idea and it deserves a try. Not least, the original artist makes 50% from the sale of each song, which is a significant step up for most artists. And it turns out that other networks are also releasing the Heart material at the same time, according to p2pnet. It’s just a shame that the original press release is misleading.

 

News: The Virus Forecast: Yucky

 Virus writers are getting smarter. It’s official. The latest bi-annual Internet Security Threat Report from Symantec found that 64 per cent of all new attacks targeted vulnerabilities less than one year old. The Blaster worm, for example, appeared only 26 days after the vulnerability it exploited was announced, according to The Register.
 
Symantec’s study paints a picture of a rise in more sophisticated and faster spreading worms, and the increased use by virus writers of new vectors for infection (such as P2P networks and IM applications), The Register says. Symantec reports that the increasing prevalence of blended threats, which use a combination of malicious code and vulnerabilities to launch a cyber attack, remains one of the most significant security issues companies face this year.
 
The future? Symantec expects to see greater worm propagation resulting in overloads to network hardware, crippling network traffic, and seriously preventing both individuals and businesses from using the Internet. Told ya.

News: The RIAA Are After You

If you’re in the U.S., and have ever used Grokster, KaZaa or another file sharing program to download mp3 files, expect a call. The RIAA are out to get you, and they don’t care whether you’re a granny. According to Associated Press, one 50 year-old grandfather in California was shocked to learn this week that the RIAA had subpoenaed his ISP to provide his name and address for downloading songs from the internet. But the man was not the downloader – it was a member of his family.

The RIAA has served subpoenas to Internet service providers, which will ultimately end in lawsuits. TechTV has published a number of the P2P user names filed with the US District Court in Washington, DC, mainly Kazaa users. In the end this list could be massive, raising the possibility of a backlash and a half.

My tupennies’ worth? I think the RIAA should have been more circumspect. My understanding is that the vast majority of mp3 files out there are from a small number of uploaders, and if they can be closed down, the file-sharing world will be less appealing. Get rid of them and you may have little more than an informal ‘tasting net’ where folk can check out music without having to pay for it first (a little like the old cassette days). Or am I being hopelessly romantic?

Software: Grokster Goes Pro

 If you haven’t heard of it before, it sounds like something painful that happens to a guy in his mid 40s, or a vital piece of plumbing under the sink, but Grokster is actually a file-sharing program, and it’s going pro. From its haven in the West Indies, the company has released a $20 version “in response to a growing user demand and willingness to pay for a version of the software that is void of annoying pop-up ads and the cluster of optional software  programs that accompany all of the major P2P software clients on the market today.” (In English that means the free version that everyone uses now comes with lots of pesky ads and snooping software to annoy you while you download pirated music illegally.)
 
 
Grokster last April won a suit brought against it by the RIAA and the MPAAand has, it says, “since secured its position as one of the world’s most popular software programs and has established a brand name known around the globe, boasting users in every country on earth.” I don’t want to get into the ethics and legality of MP3 swapping, but it strikes me that if folk are exchanging music for free online, they’re not likely to be the kind of folk to want to shell out $20 for software. And if they are, they can hardly plead poverty for their piracy, can they? Or am I missing something?