Napster and Beyond

Problem Child: Napster http://www.napster.com/

Napster isn¹t a pure P2P technology, which is what got it in trouble with the music industry in general and with Lars Ulrich of the rock band Metallica in particular. Napster maintains a central database of all music and the hard drive locations where copies of music files can be found. When a user joins Napster, he can have all the music he wants to share added to the Napster database. Someone else can come along looking for "The Thing That Should Not Be" by Metallica, can query this Napster database to find a hard drive where this song is located, and then can upload the file. Real P2P does not have this intermediary database. It is this intermediary database which actually got Napster in trouble, because it meant Lars Ulrich could just go to this database and find all the names of all the people who were sharing Metallica music and take this information to the band¹s lawyers and head for court (not to mention the pot of gold at the end of the rainbow).

Napster is P2P in that Napster expects millions of PCs to open their hard drives and allow others to upload mp3 files directly from these hard drives this is peer-to-peer connection, my hard drive to your hard drive. Napster used a central database because it was an efficient design for major bandwidth traffic, but it is really client/server design. Remember, Napster was facilitating over 50 million downloads at one point in time. The legal flaws in Napster were obvious, and the solution was also obvious: there are many alternatives to Napster. If you go to (http://www.afternapster.com/), you will find at least 80 alternatives to Napster. Maybe the most interesting is Gnutella.

Variation on a Theme: Gnutella http://gnutella.wego.com/

Gnutella isn¹t actually software like Napster. Gnutella is a communication protocol a bit like the common gateway interface (CGI) used by many Web servers. Any software that implements Gnutella¹s communication protocols can communicate with other software applications also implementing these protocols. Currently there are at least 23 variations on Gnutella.

Gnutella begins with "GNU," and that means it is part of the open software movement and covered by the GNU general-purpose license and free to be developed freely by anyone. Gnutella was part of Nullsoft, which was purchased by AOL, which promptly attempted to kill Gnutella. Remember, this was when AOL was just considering joining with Time Warner. A program which encouraged free exchange of all sorts of media was not in either AOL¹s or Time Warner¹s best interest then or now. Regardless, the original Gnutella protocol was reverse engineered and posted to a number of discussion lists and the variation began emerging. It is very decentralized; Napster is very centralized (so it can be taxed). Gnutella is distributed so it is very hard to tax, and it is also more anonymous in that it is very difficult to discover who wants what. Freenet, on the other hand, is even more anonymous.

Anonymously Yours: Freenet http://freenet.sourceforge.net/

According to Adam Langley, Freenet is designed with five main goals in mind:

Prevent censorship of documents
Provide anonymity for users
Remove any single point of failure or control
Efficiently store and distribute documents
Provide plausible deniability for node operators

Resistance to censorship and control and providing anonymity are driving forces in Freenet development to the extent that it is actually difficult to even know how many nodes are currently participating in the Freenet system. Freenet is not alone in its rightful obsession with privacy and anonymity. There are others.

Beyond Control

A common denominator of other P2P projects is an extreme concern with censorship and control. On the Web, every time you click on anything or send email through your local Internet service provider, someone may be collecting your clicks for marketing or other reasons. Because the Web is so insecure, the only way to create security is to bypass it and central control as much as possible.

Red Rover (http://redrover.org), an international anti-censorship project, takes paranoia on the Web to a third-world perspective where actually having certain technology on a hard drive or even a modem in a house is considered politically dangerous and an indicator of the wrong political leanings. Red Rover is an odd combination of plain text, email, word of mouth, and even phone calls to alert subscribers to the location of censored information. Redrover.org is so restricted that I can find the site on the Net but can find absolutely nothing on the site to tell me what to do.

Publius (http://cs1.cs.nyu.edu/waldman/publius/) is a Web-based publishing system that uses extreme redundancy to resist censorship, file tampering, and denial of service attacks which attempt to prevent readers from finding certain information others find objectionable. Documents are stored on multiple server nodes as they are requested. This means the more a document is requested, the more places it is stored, the harder it is to find and delete the information, and thus the redundancy. Publius also allows a publisher to remain anonymous. The name of this project comes from the pen name used by Madison, Hamilton, and Jay when they collectively wrote the Federalist Papers between 1787 and 1788. Publius actually encrypts the documents on a server so the administrator has deniability and so these administrators don¹t even know what is stored on their servers.

There are many others in various states of completion. All are aimed at using P2P technology to allow the free exchange of information unencumbered by censorship and unmediated by collecting market data.

Thom