It's too soon to give up on gnutella just because LimeWire LLC stopped supporting gnutella
and a few spammers and a trojan are being a temporary nuisance.
I can save FrostWire from the spammers.. I'm working on a couple of changes right now, in fact.
If necessary I'll fork FW 4 with new spamfighting features, dust off LimeWire (now that Marc is
safely out of the range of blowback) or perhaps even cross-pollinate both with each other's spam
defences so that both may keep on going.
Interest in gnutella will soon surge once the next wave of harassment tactics hit american users
of bittorrent and they realize that gnutella, G2 and other methods don't broadcast your position
copyright trolls and their contractors through forced sharing.
For now I'll post specifics in this private forum to help stay ahead of the spammers and MAFIAA
Let's continue FrostWire 4.28.# as 428 H.O. to evoke the muscle car meme and grab a little attention.
After that, 429 Cobra Jet, Ferrari 430 or Bell 430 (helicopter), and on like that, skipping numbers for
which we can't find sexy tags. Soon users will be offering to name the next ones for us
As for the spam right now:
Start a new forum devoted to security and spamfighting. People who can help gather data
and make sense of it will naturally want to help out and a lot of people would be willing to report
what they see as it happens once in awhile if they think we're listening. It won't take long to gather
good information with a lot of help.
Preload the keyword filter in the source code right now with my list in the Three Tips thread
and later you can have the preloaded data appended to whatever the user has now as a
part of the upgrade process. If the user has a large list, maybe a sort and merge to remove
duplicates might be a good idea. We can run an ongoing thread in the forums to crowdsource
the task of keeping this filter up to date and there will be no shortage of volunteers.
Preload the host filter with a list I am nearly finished making now. Boiling it down to fit inside the
48K limit (with room left over) while blocking all the commercial spammers and every known P2P
organization and contractors on BT and gnutella is why I have been out of touch lately.
I'll start making hostiles.txt files again, which will effectively neutralize most of the few trojans that
make it past preloaded filters. I use a rare BearShare beta to gather thousands of addresses.
With these immediate fixes in place people won't have to come to the forums and use our advice
to do it for themselves. Everybody will benefit right away as soon as they upgrade to 428 H.O.
Future tools can be like these, which I've seen work before on BearShare and LimeWire 5:
Add a trap to gnutella packet handling to drop search hits with known bad parameters before passing
them to the GUI or forwarding them to peers and leaves. Known bad parameters so far are port 27016
and a surprisingly limited list of GUIDs used by trojans. I'm gathering those GUIDS right now and it won't
take long at all.
Let the first few peers found in hostiles.txt connect as hosts instead of blocking them but isolate them
from the network without showing them in the GUI. Hostiles.txt will then act as a means of capturing
and neutralizing them instead of just blocking them from a subset of FrostWire nodes. BearShare did
it secretly for awhile and it put quickly OverPeer out of business. Naturally, like BearShare, the feature
should only capture a few instead of just blocking all connections before finding out their purpose before
blocking the rest as usual and all uploads/downloads should still block them all. This means adding calls
to the hostiles list in a few modules and turning the original call off when a capture slot is open and back on
when all those hidden peer slots are filled. It sounds complicated at first but it's just a few lines here and
there aside from the hidden host slots, which simulate activity to keep them from disconnecting.
BearShare's closely related trick was to let a limited number of hostiles partly connect after SYN and ACK
after hidden slots were full but just letting them time out instead of dropping connections. This is why any
Bear with PDF files shared will still see Tiversa constantly trying to download from them but timing out after the
maximum possible interval. This was controlled so that there were never too many half-open connections
to get in the way so XP users after SP2 only had a few of those at a time while other Windows versions had
a handful more.
Import some spam fighting tools from the last few versions of LimeWire that they developed and controlled from
the office. We can get also most of tools that gathered IP's and hashes to block in real time.