On Mon, May 12, 2014 at 10:32:29PM -0400, grarpamp wrote: > > The only defense Bittorrent has is the "blocklist" > > Now the fun part... have you guys gone daft? Blocklists and > VPN's as best defense against such 'enforcement', really?
If you're building a blocklist based on network addresses of your adversary who connects to your service, and a) some of your users use VPNs or proxies or the like, yet b) your adversary can use those too, then the result is that the VPNs, proxies, etc will all end up on your blocklist. The unfortunate result is that you end up throwing out all the users who want privacy -- and these are exactly the users who are taking their security into their own hands rather than relying on your blocklist. I fear this is a fundamental limitation for blocklists based on network addresses. Either you end up with an ineffective blocklist, because your adversary starts using addresses shared with your users, or (imo worse) you start fighting with your users to get them to discard their privacy goals so your blocklist can work. One way forward is application-level solutions -- logins, reputation, social network connectivity, etc -- that are less likely to be indistinguishably shared by both your users and your adversary. (And yes, please don't use Tor for your filesharing traffic; I hear there are other tools and networks more suited for bulk transfer.) --Roger _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
