Forgot your password?
typodupeerror
Software The Internet

MUTE Grows In Popularity, Iterations 50

Posted by simoniker
from the novamute-not-far-behind dept.
jcr13 writes "MUTE is a search-and-download file sharing network that uses ant-inspired routing to make both downloaders and uploaders anonymous. Version 0.2 was released today (change log). Since its mid-December 0.1 release, MUTE has risen from complete obscurity to one of the top-ten most active SourceForge projects. Several people have described MUTE as a "third-generation file sharing network," with the first two generations being Napster and Gnutella (and generation zero being the web---remember when MP3s were traded through web pages?). Each generation circumvents the tactics that the RIAA used to squash the previous generation. Alas, each generation is less and less efficient (though MUTE's dynamic routing works surprisingly well). MUTE was discussed in a previous Slashdot story. Oh, and if you are wondering, it's M.U.T.E., lady, an acronym, not "mute," and we had best not go into it any further."
This discussion has been archived. No new comments can be posted.

MUTE Grows In Popularity, Iterations

Comments Filter:
  • Network size? (Score:5, Insightful)

    by darkov (261309) on Thursday January 08, 2004 @12:43AM (#7911059)
    So, rather than hyping MUTE, can anyone provide numbers for the network size?
    • How would one collect such numbers?
      • Re:Network size? (Score:3, Interesting)

        by leviramsey (248057) *

        You could try to estimate it by number of nodes you've routed messages to or for. If you had enough nodes logging this information and consolidating it, you could, probabilistically, be arbitrarily close to the actual number of nodes.

        Or at least it seems that way to me.

        • Re:Network size? (Score:3, Informative)

          by BrookHarty (9119)
          The website lists 393 seed hosts. Of course, I tried over 40 and couldn't connect. Unless it has really bad nat/firewall support, which is pretty bad, everyone uses nat routers. You have to have to support passive transfers with multi nat'ed hosts.
  • by You're All Wrong (573825) on Thursday January 08, 2004 @01:08AM (#7911443)
    IRC, FTP, and NNTP
    File sharing on the web is pretty recent though there was some in the early 90s. IRC file trading was well established by then, and FTP goes way back. And of course NNTP would never have bloomed without the a.s.b hierarchy.

    Every generation of kids thinks that they were the generation that invented sex. Every generation of computer users is equally naive too.

    YAW.
    • IRC, FTP, and NNTP fit into "the web/gen 0" category in this context... as non-P2P apps.

      You better watch out old man... or we young punks will invent a new generation of computers that are harder to use than a VCR remote control.
      • Usenet is P2P (Score:3, Insightful)

        by moncyb (456490)

        Errr...NNTP (Usenet) is peer to peer. How do you think all the news servers get their feed? They are peers who pass the posts between each other. Read rfc977. The IHAVE command shows the most obvious proof the protocol was made to be P2P--it is for transferring posts between servers (which are just dedicated peers on the network). You send a post to one server, and it ripples through the other servers--much like a search request on the Gnutella network.

        At least it used to work that way, with all the conso

        • Yeah, I know. There are still servers though. P2P in this context is client-only P2P. No servers.

          Haha. Usenet might as well be renamed Spamnet. Most groups are basically 100% spam it seems like. P2P Spamnet... horrible stuff.
          • P2P simply means that both parties can act as both clients and servers. IRC for file trading is also peer to peer. Ignore the fact that the servers are called servers, you might as well call them hubs for all the serving they do in that context. e.g. when you CTCP TIME, the remote client is the thing that _serves_ the time to your local client. His client is your server, and when he CTCP FINGERs you back, your client is his server. That's what peer to peer is.

            YAW.
  • sorry to go further... but anybody who thinks people are going to pronounce this program as Em. You. Tee. E. and not "myoot" when there is a mute in a trumpet as part of the logo is a dang fool.

    -Rob
  • by aurum42 (712010) on Thursday January 08, 2004 @01:28AM (#7911700)
    From what I can gather from the project page (which is almost entirely presented in the ant colony analogy), this is an interesting idea to ensure anonymity - essentially a routing protocol at the TCP or UDP level, using a probabilistic mechanism to determine reasonably shortest paths. However, I'm not certain what implications this has for bandwidth efficiency, especially for relatively isolated nodes which may have high bandwidth connections to certain NAPs but not others. Might be workable in conjunction with a bittorrent like model with sections of a file downloaded from multiple peers, but keeping track of upload credits might be harder in this case. I doubt this will be much of a barrier to the RIAA however, as they might just decide to go after the machines that are routing the file to their ultimate destination, as this is different from the ISP case (which is still being tried in the courts).
    • I doubt this will be much of a barrier to the RIAA however, as they might just decide to go after the machines that are routing the file to their ultimate destination, as this is different from the ISP case (which is still being tried in the courts).

      You've missed several points:
      1. The RIAA can't tell what files are passing through a node.
      2. The RIAA can't tell if the file they download from your IP is hosted by you, or you are just forwarding it.
      3. MOST IMPORTANTLY, YOU can't tell what files are passing t
      • I did not "miss" any of those points - I was thinking along the lines of a honeypot, where an RIAA minion sets up a server with lots of britney tracks, and watches for connections. I don't know if this is entrapment or not, but probably not. I doubt ignorance of the traffic hosted by your machine will be perceived as a valid excuse by the RIAA or indeed the legal system when the node has voluntarily joined a network primarily used for copyright infringement..but IANAL. If they can threaten an ISP and make t
        • You've still missed the point. Even if they set up a honeypot and you connect, they have NO WAY to tell if you are requesting the file, or merely passing through a request from another node.

          The part about whether or not you can get in trouble by running a node has been addresses by Freenet in their FAQ [sourceforge.net]:

          Is Freenet legal?
          If by legal you mean not illegal, then yes it is. Of course, anything can be found to be illegal at some point in the future, and the law can be an ass sometimes, so we can make no guara
          • Thanks for the excerpt. I do appreciate the fact that in all likelihood, any connection to the RIAA honeypot isn't going to be from the user requesting the file - my point is that there have been near-precedents which seem to indicate that this does not matter. For instance, the RIAA took napster, grokster, Kazaa and so on to court for creating a network for file trading, even though none of those companies themselves were (well not as an aggregate) involved in copyright infringement - they merely enabled c
  • Security holes (Score:4, Interesting)

    by BrookHarty (9119) on Thursday January 08, 2004 @01:34AM (#7911744) Homepage Journal
    I still think you it comes down to the encryption. With enough hosts you could figure out which virtual address are the most reponsive for replies. And make a best guess that person is responsible. Attack in numbers, and then over time, find out which IP's respond, fall back to normal IP logging. Then ask your ISP who had which IP's over time, and go after that user.

    I liked how they stated, the virtual addresses and routing tables will be tweaked for best anti-spaming and spoof checking.

    Seems like they are working hard on the transport, after thats perfected, then you can add all the features like hash checking, multipart downloads, and file searching.

    I like this much better than freenet. Sorry, no internal search engine, and everyone has to give up disk space for cache.

    -
    Secondlife [secondlife.com] for programmers, artists and designers.
    • With enough hosts you could figure out which virtual address are the most reponsive for replies. And make a best guess that person is responsible. Attack in numbers, and then over time, find out which IP's respond, fall back to normal IP logging. Then ask your ISP who had which IP's over time, and go after that user.

      But they can never figure out beyond a reasonable doubt which IP was serving what file. That's an old principle called "plausible deniability", frequently use by both Bush's and Reagan.

      If yo
  • Just tried it out (Score:5, Interesting)

    by Apreche (239272) on Thursday January 08, 2004 @01:40AM (#7911776) Homepage Journal
    So I played with it for about 15 minutes and I found out a few things. First of all, it is really anonymous. There is no freakin' way to find out who anyone is. All you know are the IP addresses of the people who are directly connected to you on the network. You don't know which files they have or anything. And when you download or upload something you have no idea who is at the other end.

    Here are the problems. First off, it is slow and unstable. Not to be unexpected for a non mature project. Another problem is the lack of search results. Searching for led zeppelin, a common band, returned 2 results when I was connected to 20 nodes. That's kind of sad. Last problem is that there are so few features. This is a raw bare bones client. Someone needs to make another client that has more stuff, like DC++ did for direct connect. For now I'll stick to DC for everyday quick p2p and WinMX for those rare hard to find files.
    • Led Zeppelin, a common band!!!
      PaH!!!

      hehe ... they may have their roots in the Midlands, and Planty may well have a black-country accent!! But common ... nah!! lol.

      Guess the real problem with new p2p-networks, is having the quantity of folk, with the quantity of required material. Perhaps the 20nodes you connected to were full of Garage or Grunge...?

  • by Anonymous Coward on Thursday January 08, 2004 @01:51AM (#7911847)

    and generation zero being the web---remember when MP3s were traded through web pages?

    Hell I remember when I actually traded *tapes* with *other people*! I mean I actually went out into the big blue place (eww, sunlight) and after a while I would like be in the same room with another person, or more than one!! And we would use instant messaging, only it was completely audio based and there was no computer or cell phone! The audio came out of my mouth and went straight into the other dude's ear! It was wild!

    Sometimes when we wanted to express happiness, or anger, we would scrunch our faces up to look like emoticons, but turned sideways. It's pretty funny to think about it, lol.... :-) Oh yeah when something was funny we would lol not by typing "lol", but by making a "ha ha ha" sound!

    Anyway then we would take our CDs and the ones we liked that we didn't own, we'd rip to cassette tape (an early encoding mechanism like MP3, but using particles on a plastic tape, really bizarre .. it didn't take any less space but it was still a lossy format). Man, if only the RIAA knew how to track *that* shit (I still have a few hundred tapes somewhere)...

    Anyway I'm glad stuff like MUTE is being developed, because without it, there'd be NO way to listen to other people's music!

    • Several people have described MUTE as a "third-generation file sharing network," with the first two generations being Napster and Gnutella (and generation zero being the web---remember when MP3s were traded through web pages?)

      then apparently...

      Generation -1: Usenet
      Generation -2: Your local "WaReZ" BBS
      Generation -3: Swapping disks & tapes.

      My grandfather, God rest his soul, introduced me to "free" software at the ripe ol' age of 10, by giving me tapes of "free" games for my Tandy Color Computer 2. A
  • by spRed (28066) on Thursday January 08, 2004 @02:22AM (#7912062)
    Wet blanket, HO!

    This looks like a research project, and the author looks like a researcher. This will never be production code (unless forked).

    The source is very hap hazzard right now,
    * no LICENSE or COPYING file
    * bizzare directory structure
    * no INSTALL, README, HACKING files
    * no mailing lists (none!)

    The head sf admin [sourceforge.net] is head of a bunch of other projects too. I didn't check all of them, but I'm pretty sure he's a _member_ of no one else's project. So you have a guy supporting 10 projects (and maybe more not on sourceforge) who has only written academic code, probably only by himself resume [sourceforge.net].
    He also appears to be gung-ho C++, why not turn the 63k of C++ into 6k of python and worry about features instead of memory management? (bittorrent has proven the bottleneck isn't CPU).

    Not a great mix for a successful open source project.
  • Too music-centric (Score:5, Insightful)

    by Nucleon500 (628631) <tcfelker@example.com> on Thursday January 08, 2004 @02:24AM (#7912066) Homepage
    Governments are far too happy to ban the tools instead of just the crime. Copyright infringement is already illegal (as it should be), but since the DMCA, tools like DeCSS with very significant non-infringing uses are illegal. So I fear that at some point, the music industry will try to get P2P itself banned.

    There's two battles: technical and legal. The technical battle is easily won - anonymous communication is possible. But as it becomes easier to communicate with true anonynmity, the temptation to ban such communication increases. I think it's pretty clear that such communication is protected speech, but I predict that Congress will pass a bill saying that it isn't. It will eventually fall to the Supreme Court to re-affirm that anonymous speech is protected too.

    For this reason, I think it would be better if MUTE promoted itself as a tool for speech, not just copyright infringement.

  • SF.net glory... (Score:4, Interesting)

    by AlXtreme (223728) on Thursday January 08, 2004 @04:16AM (#7912614) Homepage Journal
    Finding it odd that I hadn't heard about this MUTE (M.U.T.E. whatever) thingy earlier and that this project was so active on sf.net, I took a quick look at their statistics [sourceforge.net]. Seems strange huh? Well, this article [slashdot.org] explains it all.

    1 Hype your project, get it slashdotted!
    2 Brag about your own project's activity, get it slashdotted again yourself!
    3 ???
    4 PROFIT!!!

    Nice way to keep in the publicity though, could use his PR manager. Self-organizing systems are fun though...

  • by dasunt (249686) on Thursday January 08, 2004 @04:50AM (#7912807)

    Share what only is legal - MP3's where the artist doesn't mind sharing, project gutenburg books, etc.

    Hey, I can dream...

  • > remember when MP3s were traded through web pages?

    Remember when MP3s were traded through DCC and FTP?
  • by Twylite (234238) <twylite@crypt[ ].za ['.co' in gap]> on Thursday January 08, 2004 @09:29AM (#7913815) Homepage

    Anyone bothered to read the MUTE site should be really worried about now. Apart from technical problems and generally suspicious statements, the entire workings of MUTE [sourceforge.net] place every user at the risk of contributory infringement [chillingeffects.org] of copyright.

    Why doesn't MUTE protect you? Because the "RIAA node" only needs to download a single copyright file and use netstat to take the address of its peer (neighbour) node. It then has the ability to track you (i.e. the neighbour, via your ISP) and has proof of your contribution to the infringement (you actively provided infrastructure for the transfer of the copyright material).

    But they need to show you have knowledge of the activity, right? Wrong. First because they'll just subpoena you anyway and it will cost lest to pay the requested amount than to fight them. Second because they only have to prove on a balance of probabilities that you were aware that your "service" was being used for illicit purposes. More on that later.

    You also can't claim that you were just providing a service "like an ISP", because you're not. ISPs protect themselves by being telecommunications carriers (which are largely exempt from monitoring content), or having appropriate AUPs with the customers they provide the service for, or responding in an appropriate manner to compliants. For example if you can't or are not prepared to remove known illegal material from your service when you are notified about it, you become a contributory infringer!

    Alright, so why can ISPs get away with it and you can't? Because they have AUPs, because they respond to complaints, and most importantly because there is a significant non-infringing use for their network. MUTE, on the other hand, is described specifically as a network dedicated to preserving your anonymity for the purpose of trading in illegal MP3s without getting caught by the RIAA.

    Here's an anecdote for you: a landlord was arrested for pimping and money laundering. When he pleaded ignorance the police demonstrated to the court that they could ask virtually any member of the community where there were prostitutes and drug sellers at the building in question, and the answer would be "Yes". So a "reasonable man" was aware of the problem, yet the landlord tried to protect himself by never looking into it. Running a brothel is an offense that attaches to the property owner -- it is his responsibility to take reasonable measures to ensure that the property is not being used for illegal purposes.

    The other problems? Phrases like "military-grade encryption" don't inspire confidence, especially in a system that uses asymmetric cryptography without a PKI (and a PKI in this system would pretty much kill the idea of being anonymous). The "RIAA node" could happily perform a man-in-the-middle attack on all secure connections that are established through it.

    In general the documentation on MUTE appears to give little consideration to side-channel attacks, concentrating on how secure and anonymous the system is algorithmically.

    • By your logic, Freenet is completely invalid and illegal too, right? Anybody running a Freenet node knows they are running a Freenet node, and so they are responsible for anything you can download from them?
      • And anyone supplying internet services knows people could use them to pirate files...

        All it takes is one person (or group) to stand up and make their arguents look stupid... and then we have precedent on our side.
      • Arguably, yes. You are always potentially at liability when you provide infrastructure. In general if it is reasonable to believe that what you are providing is being used for illicit purposes, you need to take steps to ensure that this is not the case, in order to protect yourself.

        That said, I must make it clear that I'm not familiar with the mechanisms of Freenet; and I need to draw your attention to this:

        Freenet is free software which lets you publish and obtain information on the Internet without

  • OK, maybe I'm not quite getting the concept here, but it doesn't seem to me that it would be impossible for the RIAA to track where something came from.

    I read the MUTE blurb about the ants and the arrows in the forest. So I'm wondering, why couldn't the RIAA send their own 'ants' into the system to experimentally figure out which way the 'arrows' are pointing? Sure it would take a bit of work on their part, but it seems like it could be doable. If node X has built up a lot of information about where mes
  • and generation zero being the web---remember when MP3s were traded through web pages?

    I still use web and only web to keep my MP3 collection with songs I like. Everything is legal: goto Google and get what you want without any suspicions from stupid RIAA :)

The one day you'd sell your soul for something, souls are a glut.

Working...