Wednesday, December 31, 2008

A Lack of reality...

The P2P news/filesharing community is a small one, and there's not that many of us. However, the first thing you need when reporting ANY news, is a firm grasp on reality. This is what makes this blog post by Zeropaid writer Drew Wilson so unfortunate.

If you check the google trends for the 4 main p2p news websites (torrentfreak, zeropaid, slyck and p2pnet) you'll see that his success hasn't been as great as he makes out. However, if you have low expectations you'll be pleased at the little things. Personally I'm delighted that last week, TorrentFreak broke the half million subscriber barrier in our RSS feeds, just as last week Drew was pleased an Italian site picked up on a comment in his oink story. Then again, we can't all have major British newspapers favourably commenting on the calibre of the reporting on the topic, versus the BBC.

This past year has been a blast though. I can't wait to see what 2009 brings, but I can only hope it'll be interesting.

Saturday, September 27, 2008

Another example of the problems with Blocklists

By now, most of you will know I'm no fan of blocklists. The simple fact is that even with the best will in the world, they're still often wildly inaccurate. Generally, the people you target with blocklists don't tend to be very cooperative with those that want to block them.

I've mentioned before how ineffective P2P blocklists have been, and even the website ones don't work. The Italian block of the Pirate bay has been overturned, and if anything drew more traffic to the site, as did the Danish block. The Fin's have decided to go one better though, and block a site in the name of protection; protection from the scourge of the internet – Child Pornography.

It's such a shame then, that the site blocked by Finnish ISP DNA is that of the World Wide Web Consortium (W3C). The W3C is a standards body, that amongst other things sets the standards for the HTML that created this page. To presume that such a site would distributing child porn is ludicrous in the extreme, however customers of DNA that attempt to visit the site of the standards body get redirected to this site.

The Finnish Pirate Party (or Piraattipuolue) also objects to this, with party spokesman Kaj Sotala sayingIf the website of a large, well-known and significant organization can end up blocked, is there any reason to believe that some smaller and less known sites doesn’t share its fate? Based on experience so far, none whatsoever”. They also call on the government to stop wasting resources on these lists, which just try and cover up the problem, rather than trying to address it.

I heartily agree. I've seen countless times that people rely on blocklists to try and defer judgement. “The list said it's bad, so it must be”.There are doubtless going to be people who will think their computers have been compromised as accesses to a highly regarded site bring child porn warnings. In the same way, people who use programs like PeerGuardian think that they are being bombarded with connections from antip2p companies. “It said that MediaDefender was hitting me with 20 requests a minute” is the typical response when asked to elaborate, “so that's how I know they've been doing it.

The response is the same in both cases – how accurate is the list? If the list is not accurate, not reliable, no matter what it says you can't believe it. If you replace every MediaDefender label on a PeerGuardian blocklist with “God”, when you torrent, are you not only proving the existence of God, but that he likes to download Heroes as well? Both blocklists are just labels on IP addresses that someone has created. The Finnish list is on a definitive subject, by a government agency, with accountability, and it still gets it wrong. Are a couple of paranoid kids, having to guess at IPs and refusing, ever to be accountable going to be more accurate?

Sunday, February 24, 2008

ESET - PG2 is malware

Original story - TorrentFreak
A Personal Perspective

Sometimes, there are stories where the twists and turns are mindboggling; where the statements and positions made by some groups make you wonder if they live in the same world. There are times when you not only want to report the news, but comment on it as well. I must admit, writing the above story, it was hard to keep objective, and I must thank my researcher for keeping me focused. However, a role reversal such as this, involving a group I have covered before (and kept an eye on since), is one I could not personally let go without some sort of comment.

Perhaps the greatest irony in this though, is the attitudes of the Bluetack people, when they're on the receiving end, In short, both NOD32 and PeerGuardian2 are programs that run on a computer, and use updatable lists to identify bad, or potentially bad items. Both also allow entries on the list to be circumvented, with 'exclusions' or 'allow' lists. However, if an entry is added to the Bluetack lists that deemed unwelcome by some, you will find the Bluetack people all over the net, saying “just add it to the allow” and “better to be safe than sorry”. However, someone does it back, they go demanding, inciting harassment, and making abusive assertions. It would appear that what is sauce for the goose, is not sauce for the gander.

Of course, in the end, it all depends who you trust more to be accurate and diligent in their lists. Either a large international company that makes it's business from the accuracy of lists and it's reputation, or a group of anonymous people on the net. Perhaps the most telling fact is that whilst a Bluetack admin was able to post addresses and phone numbers for multiple ESET offices, there are precisely zero phone numbers, addresses, or even real names listed for Bluetack. Were they to disappear tomorrow, with the $3,300 or so donated for future server costs, there is no way to know who has it. There is a lot of trust in some easily discarded internet identities. In short, this might explain their attitudes – when they finally can't bluff/lie/exaggerate their way out of yet another paranoid, and ill-justified addition to their list, they can simply drop the identities.

If Bluetack were serious about what they were doing, and wish to actually build some credibility, perhaps they could start by standing behind their decisions. Starting by revealing who they are, and acknowledging personal responsibility for their blocks. Of course, they will decline on grounds of privacy (which is why they have anonymizing services like Tor and Relakks blocked), and possibly claim that revealing their real names will lead to harassment or similar. Personally, if they REALLY believed these blocks are justified and legitimate, they have no reason to worry. Finally, it amazes me that whilst those that run PeerGuardian feel themselves to be net-savvy, and would never run a program sent to them out of the blue, by someone they don't know, they will not only run, but defend data and assertions made by people who deliberately go out of their way so as to be unidentifiable. Indeed, the only reason such a group would operate in this manner would be to make it near impossible to be held legally accountable for their actions or statements.