How to win the P2P war and stuff the content maffiaa

19 Nov 2007 | 12:52 GMT

By Charlie Demerjian

THE IMPOTENT LEGAL rampage of the content mafiaa has had a lot of effect lately - people hate them, piracy is way up, and the word is out that they are no longer necessary or relevant. Their legal shenanigans are annoying, but there is a simple thing that someone can write to make them totally irrelevant.

Let's back up to what they are doing. Their lawsuits against the handicapped, aged and non-computer users have pretty much run their course. In the meantime, piracy has gone up by hundreds of times. The new legal tactics like trying to hold colleges' feet to the fire are going to have about the same effect, a lot of innocent people will suffer and the few remaining people that haven't heard will hear about Piracy: The Better Choice(TM)(R)(C).

In short, pirates couldn't ask for a better PR machine than the content mafiaa's legal team. It would be impossible to get the word out as to how easy and effective piracy is without them. The problem is that their stupidities do have an effect, it hurts my ability to find and download legal materials via P2P.

When I want to get the latest Fedora Core build or check out Vuse, I can't without something or someone causing me slowdowns or getting on someone's radar. Tracker sites are getting nailed one by one for the most dubious reasons and, in general, precedents are being set unfairly on the backs of those who can't afford to defend themselves.

There is one way to stop this litigious, greedy game of whack-a-mole, and it is the same way that P2P services themselves evolved from a single target to an unstoppable hydra. Someone needs to write a torrent tracker site construction kit (TTSCK).

Think about it: the way the mafiaa stopped Napster was by suing a central authority. They went after the database and killed it. Legal dubiousnesses aside, there was a single point of failure, and the legal vultures put a stake in it.

The result was pretty obvious, P2P protocols became disaggregated, first eDonkey/eMule, then on to BitTorrent, each became more and more decentralised and content - in this case the metadata, not the files - became redundant. Killing the messenger in this case became impossible, and the mafiaa lost by winning. The people adapted better, faster and smarter than they could be reacted to.

Torrents are now unassailable, in addition to being the method of choice for distribution for just about every major open source project out there, there are just to many nodes out there for all the lawyers in the world working 24/7 to put a dent in. The cat is out of the bag.

So the mafiaa, in its myopic rage, attacked the tracker aggregation sites one by one. These sites contain absolutely nothing illegal, if you download a .torrent file and open it in a text editor, you will see it is nothing more than a list of files and a location. Try and tell me a directory listing of files you don't have on hand is infringing on someone's copyright. If you can prove this in court, short Amazon stock because they list such things - track listings and chapter titles are just as infringing.

What effect has this attack on tracker sites had? Well, to use the example of Oink, it has been entirely negative for the mafiaa. I didn't know what Oink was, as I had never heard of it, until it was busted. I now do know the names of the two successor sites now based on news reports of what happened after Oink went to piggy heaven. Should I ever care, I now know where to go for illegal torrents. I suspect there are several million more like me who were handed a roadmap by just about every IT news site out there, along with the news that absolutely zero people using the site were busted along with the ops. Can you say own goal?

Getting back to the point of what you and I can do to distract the mafiaa while defanging them, the idea is simple: decentralise the tracker sites. Make them self-replicating, encrypted from start to finish, and multi-homed.

How do you do this? Someone needs to write a TTSCK so any idiot with the barest minimum knowledge of setting up a site can put up a tracker site node. I assume there aren't more than a few dozen tracker sites that matter, and every time one gets killed, a few more spring up. With thousands, they become impervious to attack.

If you get a cease and desist letter, legal or not, don't fight it, take the site down. Get a new ISP, and put it up again and join the swarm again. Some sites will be more popular than others, some will have no purpose other than to keep the database alive and replicated. You could even put in 'dark' nodes where there is no outside access, just a supernode that replicates the databases of torrents. Try swatting one of those under legal pretenses if there are no users downloading from it.

The TTSCK needs a few key attributes. First, it must be 100 per cent free, legal and open source. You must be able to get it for nothing, set it up for nothing, and improve on it openly. Second, it must be very easy to set up, scripted with ample help files, taking nothing more than Azareus to run. Third, to join the swarm, you must be able to do it from any point on the swarm, that is, any site should allow any other site to join with the click of a link.

On the more technical side, all traffic must be encrypted 100 per cent of the time, and must pass over ports commonly used by net protocols, HTTP, ICMP, POP, and SSH to name a few. Lets see how far the ISPs get when they try and filter HTML off the backbones, especially encrypted traffic on port 443. Also, each new node must not only connect to the node it joined from, but also at least a dozen others, preferably randomly selected.

If you want to be really snarky, writers of the TTSCK can put in a nice EULA that determines who and what is allowed to be on the network. Preclude common methods of poisoning and spying on the network. If the mafiaa does either of those things, the comedy of them arguing EULAs are invalid is worth the price paid to do it. In fact, it might be worth it to let them set a precedent that EULAs are invalid. That will send a few corporate lawyers into twitching fits, which side do they weigh in on?

In the end, what needs to be done is take the tracker aggregators out of the attack loop. The method is simple, distribute the infrastructure and make it easy to set up. This isn't rocket science, nor does it do anything other than rehash pieces of what is there already. Someone need to package it ASAP, and then the war, not just a battle, with the content mafiaa will be won. µ

© 2007 Incisive Media Investments Ltd. 2007