PDA

View Full Version : Peer Guardian False Security!



The_Verifier
06-29-2003, 08:19 PM
For the millionth time. I would like to tell everbody using peer guardian or peer buddy. It does not work, it will not work, and it can not work heres why: First at any given second there are billions of computers connected to the internet ,any single one of thes could be the riaa etc. theres no way to check the ip address of every single one to see who they are, impossible. Secondly they wouldn't even have their computer listed they would appear to be a regular user. Third they have programs that can change their ip every couple of seconds meaning unless you block every incoming and outgoing connection they will get in if they want to you can not block them and allow other users to connect to you, this is impossible. Again they would make themselves look just like a fellow peer. peer guardian is false security than can not work. there is no point in even using it, just cause your getting hits with it doesn't mean its a bad computer it could just be a kazza user thats in the R.I.A.A range it is probably not the R.I.A.A. ANyways you really should not fool yourself into thinking that you are protected because you can not be as long as other users connect to you, the only safe way is to use an encrypted file sharing program if anyone would ever develop a decent one.

P.S. soory for bad english

Illuminati
06-29-2003, 08:42 PM
Right now, it's effectively the best chance we have from keeping safe from the RIAA et al, even if it doesn't work 100% (which practically all PG users accept but still use). PG is only as effective as the care you put for it - There'll be a difference between updating it once a week and once every 6 months.

As a wise man's told me recently, "Don't give us problems - Give us solutions"

DVD PIRATE
06-29-2003, 08:52 PM
thats technology for u though...as soon as some one thinks up somthing ,some one else thinks up a way around it and vice-versa..nothing much the end user like me and u can do but sit around waiting for the dust to settle <_< <_< <_< <_<

J'Pol
06-29-2003, 09:16 PM
Originally posted by DVD PIRATE@29 June 2003 - 21:52
as soon as some one thinks up somthing ,some one else thinks up a way around it and vice-versa..
So as soon as someone else thinks of a way round it, someone thinks something up.

How bizarre.

AR8
06-29-2003, 09:29 PM
But even if the RIAA stops File-Sharing Programs, like DVD Pirate said, the odds are, society will most likely find ANOTHER way to get free media, right? I&#39;d concur to this.

Switeck
06-29-2003, 09:49 PM
Originally posted by DVD PIRATE@29 June 2003 - 15:52
nothing much the end user like me and u can do but sit around waiting for the dust to settle <_<
There are so many free tools out now that you could go HUNTING the bad guys that Peer Guardian is supposed to block (which it sometimes doesn&#39;t for various reasons.)

And there is THIS message board to spread the word if you find anything particularly interesting.

I don&#39;t mean posting big, long blocklists you use in Peer Guardian -- but rather CHECKING individual entries in Peer Guardian to see if any part of them is what they say they are&#33;

The haystack won&#39;t seem as big if we have more people doing this.
We are many, split up, and somewhat hard-to-find (ip-wise). :ph34r:
Plus, we outnumber them. B)

What we&#39;re hunting for, despite what others have said, are almost entirely in fixed ip ranges. They DO have many ip ranges, but they cannot just disconnect and reboot to get a new ip address. Once we find and verify a web range they&#39;re using, it costs them serious money to get a new one if they wish to change. (A T-1 line can easily cost &#036;1k/month.)

Even a WHOIS check is enough to verify many of these ip ranges in Peer Guardian, but it&#39;s far more than 1 person alone can easily do. If it&#39;s a match, no more searching needs to be done -- but if it&#39;s not the range may STILL be a partially or totally hostile one hidden inside a large ISP.

dingdongding
06-29-2003, 11:27 PM
Originally posted by The_Verifier@29 June 2003 - 20:19
For the millionth time. I would like to tell everbody using peer guardian or peer buddy. It does not work, it will not work, and it can not work heres why: First at any given second there are billions of computers connected to the internet ,any single one of thes could be the riaa etc. theres no way to check the ip address of every single one to see who they are, impossible. Secondly they wouldn&#39;t even have their computer listed they would appear to be a regular user. Third they have programs that can change their ip every couple of seconds meaning unless you block every incoming and outgoing connection they will get in if they want to you can not block them and allow other users to connect to you, this is impossible. Again they would make themselves look just like a fellow peer. peer guardian is false security than can not work. there is no point in even using it, just cause your getting hits with it doesn&#39;t mean its a bad computer it could just be a kazza user thats in the R.I.A.A range it is probably not the R.I.A.A. ANyways you really should not fool yourself into thinking that you are protected because you can not be as long as other users connect to you, the only safe way is to use an encrypted file sharing program if anyone would ever develop a decent one.

P.S. soory for bad english


i thought better about posting the more sophisticated methods of determining where the anti p2p groups operate from so i&#39;ll just second switeck...
i&#39;m tired of hearing ppl advocate apathy...although i do agree the future is encrypted file sharing and the like i personally can&#39;t do much about that right now...so there&#39;s no need to discourage ppl from using pg and or importing the ips into a personal firewall etc- escpecially when you apparently don&#39;t understand the methods used in finding the ranges (beyond whois searches)

The_Verifier
06-29-2003, 11:47 PM
I&#39;m not trying to discourage anybody from using P.G. nor am I saying it is worthless. I&#39;m just saying it will not protect you thats all. I am also not trying to discourage sharing, I think we should all share then maybe they will just give up and realize they can&#39;t stop p2p which they can&#39;t. Peer guardian would have a good purpose if they would use it only for the ips of people who don&#39;t share but blocking out 8 million computers. then you wonder why you can&#39;t download from anybody and why nobodys sharing when you are probably blocking a lot of kazaa users from connect to you because of all the broad ranges.

The_Verifier
06-29-2003, 11:56 PM
just remember they have to get your computer "hard drive" to actually prove anything, and you will probably get a letter from your isp first. I don&#39;t use peer guardian. why because they will probably warn me first which if they do I will deny it. they have to get your hard drive they won&#39;t be getting mine period. I will burn it as they are breaking the door down. Besides I just use a portable hard drive which plugs into my usb port it can be easily unplugged and stashed. I would recommend you just do the same and quit being paranoid. you will know if your in trouble, and by the way for those of u who do you use peer guardian you won&#39;t be getting any of my files because peer guardian blocks out my ip and I am just a regular like the rest of you. Share lots and screw them what are they going do? Sue me I&#39;ll just file bankruptcy the next day they r not getting my computer or a fricking dime out of me period. Peer guardian or not&#33;&#33;&#33;&#33;

asmithz
06-29-2003, 11:57 PM
it helps me i get RIAA blocks alot i run it a a percuaion also i use norton firewall

Rat Faced
06-30-2003, 12:00 AM
Like a seatbelt may not stop you getting killed in a RTA, it reduces the risk.

Peergardian is one tool that can help reduce the risk...there is no 100% method.

As people have perceived a reduced risk, they are less likely to stop sharing, and so the network survives.

To just ignore tools that reduce risks, is merely being foolhardy.

The_Verifier
06-30-2003, 12:26 AM
Again everbody should stay up to date on the News. Your right, all the established sites do have fixed ip&#39;s which won&#39;t change because it would cost to much money. But do you think they would even use one ip thats on peer guardian to try to catch you?? As if they don&#39;t know about peer guardian. The R.I.A.A is claiming to be loosing billions of dollars a year because of us. "Even though almost all the stuff I download, I would of never went out and bought anyway so how they figure this I don&#39;t know" anyways they are serious they are teaming up with the F.B.I and they won&#39;t be using traditional methods. and its not hard to change your ip or is it expensive. There are programs which they are using which mask their true ip and change their ip every couple of seconds if you don&#39;t wnat to believe me, then don&#39;t. You can also just change your isp or use a new computer to get a different ip. They are not stupid and they will look just like a regular p2p user You will never know it is the R.I.A.A the F.B.I. or the guy next door. They now about peer guardian and it is not even the smallest prob for them. Don&#39;t be surprised if in the sharman Networks helps them to save themselves.

The_Verifier
06-30-2003, 12:53 AM
If I offended anybody, me sorry . Last word of advice if you are still sure blocking 800 million computers will keep you safe then you should put thos ip&#39;s in a firewall not peer guardian as peer guardian only checks for connections that have already been made a firewall keeps them from ever connecting in the first place. Peer guardian only checks every 400 milliseconds which is plenty of time for the riaa to have already been in got an image of ur directories and be out before it even boots them off. Just thought the truth should be known.

dingdongding
06-30-2003, 04:54 AM
this could go on forever so i&#39;ll just stick to a few points

one, there are a finite number of ips- yes there are dynamic ips but show me proof that the majority of commerical hosts use them for u.s. businesses

two, there are sophisticated means of determining the ranges that anti p2p groups use

three, i personally have had several connections closed by pg from mpaa and overpeer ips (verified ranges beyond using whois searches) specifically when i was sharing movies as far as the mpaa and with overpeer pg was blocking me from dl bogus music files (and i was never notifies by my isp)

four, you are right that it&#39;s better to import the ips into a real firewall but not everyone has that option

five, if you use the recommended pg database there are nowhere near 800 million ips- currently there are 52.48 million and the list is currently being edited for duplicates so that number should go down significantly...


it&#39;s not about being offended or whatever it&#39;s about sticking to the facts- i&#39;m a regular at another forum (ftc) and i&#39;m seeing the same thing over there- someone saying stuff like "don&#39;t use peerguardian&#33;" and "do you really think they use the ips in whois searches"- it&#39;s one thing to question something it&#39;s another to look into the facts...

Switeck
06-30-2003, 09:51 AM
Originally posted by The_Verifier@29 June 2003 - 19:26
But do you think they would even use one ip thats on peer guardian to try to catch you??

... anyways they are serious they are teaming up with the F.B.I and they won&#39;t be using traditional methods. and its not hard to change your ip or is it expensive. There are programs which they are using which mask their true ip and change their ip every couple of seconds if you don&#39;t wnat to believe me, then don&#39;t. You can also just change your isp or use a new computer to get a different ip. They are not stupid and they will look just like a regular p2p user You will never know it is the R.I.A.A the F.B.I. or the guy next door. They now about peer guardian and it is not even the smallest prob for them. Don&#39;t be surprised if in the sharman Networks helps them to save themselves.Yes -- Once they&#39;ve paid lots of cash for the lines and the equipment to &#39;get to work&#39;, even if Peer Guardian makes them a little less successful it would be a bigger waste of their money (from their point of view) to NOT use &#39;known&#39; ips. We&#39;re kidding ourselves if we think many people on Kazaa percent-wise are running Peer Guardian... and of them even fewer are regularly updating their block lists to keep the most relevant ones.

Making something a large-scale computing network operation (instead of home-users scale) also means it&#39;s harder to work from dynamic ip addresses. Even for me to change my LAN ip range requires manually changing properties on every computer I&#39;ve got connected to my router and making router setting changes. This would be further compounded if my computers weren&#39;t all at one location. No doubt they&#39;ve had "teething problems" with their search methods in the past because of similar issues.

P2P file sharing has an odd property: to work, it almost HAS to have a direct connection between To-From parties. This includes giving out real ip addresses. An indirect consequence is it can make privacy while doing so (ie:hiding your ip) difficult to impossible. Kazaa is even WORSE than most in that regard in that NATed users even with port-forwarding on are treated as firewalled with an unknown ip (found only via the supernode they&#39;re connected to.)

Proxy servers would cripple download/upload speeds and make connecting to other firewalled users _impossible_ on Kazaa, at least using Kazaa software. So that might limit who they can find to non-firewalled/non-NATed users -- or more heavily tilted towards 56k users.

If they make specialized software, they may run afoul of the DMCA and Kazaa&#39;s makers (because of the reverse-engineering laws they&#39;re breaking in SO many ways) AND will (by the nature of the workarounds needed to connect with most users) be easier to spot than typical &#39;firewalled&#39; users. Their connection attempts may resemble (TCP packets) HTTP requests on Kazaa&#39;s ports, use UDP packets, and/or will have to connect THROUGH the supernode tree (showing up in LOTS of places which people running supernodes can track.)

The FBI was once called on to end the sale and consumption of alcohol in the US. THAT was too big a task for them too. File sharing makes that pale in comparison. For them to be even remotely effective, they&#39;ll have to use methods ANYONE who gives lip-service to freedom and privacy will have to openly denounce as tyranny or be a hypocrit. They&#39;ll have to do so much out in the open that it will be hard for people to just say it only affects criminals/no one they know. And the closer they get to zero-tolerance laws and enforcements, the worse it will look.

Lastly, some of us are very serious too. Peer Guardian is only 1 of many ways we are fighting back.