[LINK] Big Brother poised to hit the 'Net

Rick Welykochy rick@praxis.com.au
Sat, 24 Mar 2001 23:55:23 +1100 

Damien Miller wrote:
> 
> On Sat, 24 Mar 2001, Rick Welykochy wrote:
> >
> > I was alluding to making "wire-tapping" capabilities available
> > on the Internet for the Napster users. To anyone. This capability
> > is certainly illegal in other media like voice telephony unless
> > sanctioned by a judge.
> 
> You are not "tapping" anything. You are making collection to a number
> of servers and gathering the information that they provide. As far
> as I could see, none of the tools listed in the article performed
> interception of on-the-wire traffic.

I have in the past defined "tapping" as making a connection to a point-to-point
network transmission where the "tapper" is part of neither point, as in an
eavesdropper. I extend "tapping" to include gathering information about
such point-to-point communications and making them available (publicly) to
anyone who asks. And doing so without a warrant in other media is illegal,
for the most mundane and obvious reasons.


> > The keyword of your failure to comprehend is "client". Napster and
> > other file-sharing protocols use a peer-to-peer model. By attaching
> > a Media Tracker Napster client to the net, one can sniff, wiretap and
> > view all Napster traffic.
> 
> You berate me for using the word "client" and then use it youself in the
> very next sentence?

The MT "client" is a spook used to communicate information obtained
by tapping a Napster peer or perr connection back to an observer.

Of course, you're right in saying that any Napster client can communicate
the same information to any observer, but what a hassle! You'd have
to manually download and collate hundreds of thousands of pages of
information to accomplish what a determined MT client could do within
a few steady days of operation. Only it would take a human months or
even years to do the same with 100% accuracy and reliability.

To use a Napster client to create a database of all accesses to a specific
(or even combined) set of Napster peers would take years and lots of headaches.

The MT client makes this effortless, relying on open peer-to-peer
communication to accomplish its sole task: tapping into your Internet
usage and making it publicly available to *anyone*.


> If I had to guess, I would say that the software in question pretends it
> is a Napster server with songs available and sits there listening for
> search queries.
> 
> Napster queries use a client-server model. They are still centrally
> mediated through the *.napster.com servers. The fact that this
> software is able to exist _at all_ is evidence that the service is not
> truly "peer-to-peer".

A peer does the same. Napster is peer-to-peer, and we talk of the
"client" being the requesting end and the "server" as being the response
end for ease of reference and comprehension. 


> > Any peer sharing network on the 'Net is subject this form of privacy
> > violation.
> 
> Only time will give the answer to this, but I expect your assertion to be
> untrue.

Using data mining and warehousing, through the concerted efforts of
single-minded media moguls, a profile of your Internet usage as transmitted
through peering protocols like Napster, ICQ and other instant messaging
systems could be published instantly. Now, whether or not such publication
is a violation of your privacy is open to debate. I would think it would
be such a violation.

The question perhaps remains of collecting without publishing. If no-one
sees, hears or reads the data, has anyone's privacy been violated?


--
Rick Welykochy || Praxis Services Pty Limited