Second Perfect Dark “Anonymous” P2P network user arrested

How do the police trace people sharing illegal files on P2P?

People sharing copyrighted movies and music, as well as child porn and other illegal material through non anonymous peer to peer networks are doomed to be arrested.

The police has a big collection of child porn files product of their raids, they hash those seized files (hashing means creating a unique digital fingerprint) then they insert the hashes into some law enforcement only peer to peer custom software they have, they hook it up to Kazaa, Gnutella, and other peer to peer networks.

The police software searches for other files on the network that have the same hashing algorithm (digital fingerprint), if it matches it, then without even looking at the file the cops knows that user is sharing something illegal, now all they have to do is to log it, get the IP and apply for a warrant to search that person’s home.

One way to thwart this system is by retouching that unique file, for example editing a picture with a photo editor and slightly increasing or decreasing the brightness would convert that file into a “new one”, changing just one pixel could do it and still look the same to the human eye.

The police would now have to get their hands onto that illegal file before they can hash it and insert it into their software. Most of the child porn traded in peer to peer networks is old and chances are that the cops have already come accross it before, unless those pictures or videos are digital changed, the hashing algorithm remains the same.

Changing the name of a picture will not alter its unique digital signature! Only retouching it with an image editor will.

Fuzzy hashing

Some new developments in computer forensics allow for fuzzy hashing, there is already software to do this ssdeep is one such program.

Fuzzy hashing matches files whose hashes (digital fingerprint) are similar and slightly changed files will still be matched, although this is no perfect science, at least not yet, and if the file has changed a lot fuzzy hashing will miss it.

What is peer to peer network Perfect Dark?

Perfect dark is a Japanese peer-to-peer (P2P) file-sharing application for Microsoft Windows, its anonymity relies on a mixnet where traffic is forwarded according to a certain probability, as well as the deniability of the distributed datastore (“unity”), which is stored and transferred in encrypted blocks, with the keys distributed separately.

Perfect Dark peer to peer network

Perfect Dark peer to peer network

 Task Force arrests Perfect Dark user

According to AnimeNetworkOnline, Kyoto’s High-Tech Crime Task Force has arrested a man named Noriaki Matsumoto for allegedly uploading anime online, without the copyright holders’ permission. Matsumoto is only the second known person arrested for using Perfect Dark, a very porpular peer to peer network in Japan,¬† intended to maintain its users’ anonymity.

Kyoto police claims that the suspect admitted that he thought he would not get caught because he was using Perfect Dark. Unfortunately they do not reveal how they cracked the network.

Peer to peer networks designed for anonymity

In light of these news, I can’t reccomend any peer to peer network in particular, Freenet seems to be the most popular which means more content available, but it is also slow and you will need the Frost board (a newsgroup like communications board) to make it worthwhile.

Up to this date, nobody has ever been arrested using one of the P2P networks mentioned below but it does not mean they are safe, use them at your own risk.

Anyone sharing copyrighted music should at the very least use full disk encryption with DiskCryptor and never leave the computer unatended, but people breaking the law normally don’t have a brain to bother about encryption.

Alternative  P2P networks

Freenet (Anonymous)

Anonymizing Network

i2P & eepSite (to create i2P sites)

(Do not confuse i2P with peer to peer software!)