How do the police trace people sharing illegal files on P2P?
People sharing copyrighted movies and music, as well as child porn and other illegal material through non anonymous peer to peer networks are doomed to be arrested.
The police has a big collection of child porn files product of their raids, they hash those seized files (hashing means creating a unique digital fingerprint) then they insert the hashes into some law enforcement only peer to peer custom software they have, they hook it up to Kazaa, Gnutella, and other peer to peer networks.
The police software searches for other files on the network that have the same hashing algorithm (digital fingerprint), if it matches it, then without even looking at the file the cops knows that user is sharing something illegal, now all they have to do is to log it, get the IP and apply for a warrant to search that person’s home.
One way to thwart this system is by retouching that unique file, for example editing a picture with a photo editor and slightly increasing or decreasing the brightness would convert that file into a “new one”, changing just one pixel could do it and still look the same to the human eye.
The police would now have to get their hands onto that illegal file before they can hash it and insert it into their software. Most of the child porn traded in peer to peer networks is old and chances are that the cops have already come accross it before, unless those pictures or videos are digital changed, the hashing algorithm remains the same.
Changing the name of a picture will not alter its unique digital signature! Only retouching it with an image editor will.
Some new developments in computer forensics allow for fuzzy hashing, there is already software to do this ssdeep is one such program.
Fuzzy hashing matches files whose hashes (digital fingerprint) are similar and slightly changed files will still be matched, although this is no perfect science, at least not yet, and if the file has changed a lot fuzzy hashing will miss it.
What is peer to peer network Perfect Dark?
Perfect dark is a Japanese peer-to-peer (P2P) file-sharing application for Microsoft Windows, its anonymity relies on a mixnet where traffic is forwarded according to a certain probability, as well as the deniability of the distributed datastore (“unity”), which is stored and transferred in encrypted blocks, with the keys distributed separately.
Kyoto’s High-Tech Crime Task Force arrests Perfect Dark user
According to AnimeNetworkOnline, Kyoto’s High-Tech Crime Task Force has arrested a man named Noriaki Matsumoto for allegedly uploading anime online, without the copyright holders’ permission. Matsumoto is only the second known person arrested for using Perfect Dark, a very porpular peer to peer network in Japan, intended to maintain its users’ anonymity.
Kyoto police claims that the suspect admitted that he thought he would not get caught because he was using Perfect Dark. Unfortunately they do not reveal how they cracked the network.
Peer to peer networks designed for anonymity
In light of these news, I can’t reccomend any peer to peer network in particular, Freenet seems to be the most popular which means more content available, but it is also slow and you will need the Frost board (a newsgroup like communications board) to make it worthwhile.
Up to this date, nobody has ever been arrested using one of the P2P networks mentioned below but it does not mean they are safe, use them at your own risk.
Anyone sharing copyrighted music should at the very least use full disk encryption with Truecrypt and never leave the computer unatended, but people breaking the law normally don’t have a brain to bother about encryption.
Alternative P2P networks for anonymous file sharing
(Do not confuse i2P with peer to peer software per se!)