a couple of unclear questions

[Nabokov]

Hello folks

Well, I've been wandering around here and there all summer - vacation. Back to the grind.

Anyway - during Spring period I used emule more extensively and noted that my broadband connection became a little more erratic. Realtime email to Blackberry sms became skewed for example. Emails delayed, strange timeouts on various projects, 20% reduction on subscribed usenet speeds. That sort of thing.

Using the rudimentary and very rusty skills I have - I could find nothing unusual on the line. At worst, 100-200ms delay at my main capital city hub [whatever it's called - where the ISP outsources and exchanges data over oceans and skies].

Peerblock would note a very extensive range of private ad trackers and such like - after a while they disappear. But only after a while. Also something about an Amazon EC2 cloud. Now I know Amazon provides its cloud computing services - so I assume it is impossible to know who is using the service for what purpose.

Essentially - although I like emule, I'm unconvinced about privacy and security. Any suggestions?

I returned to SSL encryption on usenet - not that I feel I really need to, but nonetheless. I do nothing else extraordinary. I tried to reinstall TOR - which I hadn't used for some time - only to find I can't get it to work at all anymore.

The spring problem creeped me out - I'll admit. So any advice and reassurance would be appreciated.

Help fellows?

Nabokov

[Phuzzy4242]

Is there anything specific that makes you think eMule is the cause of the problems? Your internet connection could be intermittently flaky without you being aware of it, and for sure your ISP won't admit it. I've had it to the gills with ISP techs trying to tell me stuff like my phone cord needs to be reversed for the data to flow smoothly. I use a freeware program called PingLog that periodically pings an IP address and logs it to show how much downtime is on the line side of things - it's hard for an ISP to counter that.

The one thing that might give you more peace of mind security-wise is to install a good firewall, not the useless one that's in Windows, and of course antivirus and anti-malware software. I can't recommend a decent antivirus because I haven't found one - Norton, McAfee, Symantec, all the major ones, miss almost everything. I can recommend Malwarebytes and SuperAntiSpyware for anti-malware protection, along with SpywareBlaster - lots of experience where they snuff the bad guys while the "antivirus" programs totally miss them. Firewalls, antivirus, and anti-malware can all be found free, but pay version usually have more features like real-time protection and automatic updating.

I had an issue with DreamMule wanting to go to their "news" web page all the time so I put that page in my Hosts file pointing to 127.0.0.1. Some of the others want to "phone home", but my firewall blocks that.

Always use safe downloading - you don't know where that file's been, so scan it for bad guys before running it. If a program has an installer, I use UniversalExtractor to split all the files out of it so they can be scanned with multiple antivirus and anti-malware programs. If it's encoded so it won't extract, I don't run or install it, no matter how great a program it is. Period.

P2P is inherently UN-private but you can make it a lot more secure. You have to decide if it's worth it for your situation or not.

[BizarreLoveTriangle]

during Spring period I used emule more extensively and noted that my broadband connection became a little more erratic. Realtime email to Blackberry sms became skewed for example. Emails delayed, strange timeouts on various projects, 20% reduction on subscribed usenet speeds. That sort of thing.

Well, if you dedicate some bandwith to eMule, you have less for other things

When you download from Usenet, you are connected to 1 server only. In P2P network you are connected to 1000s of peers. Some cheaper networking equipment may not cope with so many connections very well.

Most ISPs throttle P2P traffic. That throttling may also affect non-P2P connections.

It is of course annoying that everyone can see your IP, but anonymous filesharing is about 10 times slower (and the user base is very small), so it is not practical.

@Phuzzy: no, P2P is not *inherently* un-private. The principle of anonymous filesharing is that two peers never connect to each other directly, but through several other peers that act as proxies; at the same time the data is encrypted in such a way that the middle peers neither know the content of the data nor who is the source and destination. The same principle is used by Tor (so-called "onion routing").

And downloading *any* EXEs via P2P is a big no-no (unless the files are digitally signed or you know the checksum). Antivirus software only detects *known* viruses. It will not find out that I have modified the EXE to do bad things in your PC.

[Phuzzy4242]

@Phuzzy: no, P2P is not *inherently* un-private. The principle of anonymous filesharing is that two peers never connect to each other directly, but through several other peers that act as proxies; at the same time the data is encrypted in such a way that the middle peers neither know the content of the data nor who is the source and destination. The same principle is used by Tor (so-called "onion routing").

And downloading *any* EXEs via P2P is a big no-no (unless the files are digitally signed or you know the checksum). Antivirus software only detects *known* viruses. It will not find out that I have modified the EXE to do bad things in your PC.

It's un-private because even if you use an anonymous proxy, the points between you and the proxy are discoverable - it just depends on the tools you use, especially if you're a government agency with government powers. You can make it more difficult but you can't make it impossible, and the more secure it is, the more interested in it government is - they want to know what you're hiding. The only secure network is one that isn't connected to anything.

Executables of any type are harmless so long as they're not executed - downloading one won't infect your PC if it's not run. Yes, there are bad guys that autorun, but they come in through other avenues such as Internet Exploder, not through a file download. You have to watch out for misnamed files, and it's best to look at a download with a lister or hex editor to check its signature - it's not uncommon for an exe to be named zip or have a long filename like harmlessfile.mp3.............................exe so you don't see it's really a program, not a music file. It pays to be paranoid but that doesn't have to stop you in your tracks.

[Nabokov]

Is there anything specific that makes you think eMule is the cause of the problems? Your internet connection could be intermittently flaky without you being aware of it, and for sure your ISP won't admit it. I've had it to the gills with ISP techs trying to tell me stuff like my phone cord needs to be reversed for the data to flow smoothly. I use a freeware program called PingLog that periodically pings an IP address and logs it to show how much downtime is on the line side of things - it's hard for an ISP to counter that.

The one thing that might give you more peace of mind security-wise is to install a good firewall, not the useless one that's in Windows, and of course antivirus and anti-malware software. I can't recommend a decent antivirus because I haven't found one - Norton, McAfee, Symantec, all the major ones, miss almost everything. I can recommend Malwarebytes and SuperAntiSpyware for anti-malware protection, along with SpywareBlaster - lots of experience where they snuff the bad guys while the "antivirus" programs totally miss them. Firewalls, antivirus, and anti-malware can all be found free, but pay version usually have more features like real-time protection and automatic updating.

I had an issue with DreamMule wanting to go to their "news" web page all the time so I put that page in my Hosts file pointing to 127.0.0.1. Some of the others want to "phone home", but my firewall blocks that.

Always use safe downloading - you don't know where that file's been, so scan it for bad guys before running it. If a program has an installer, I use UniversalExtractor to split all the files out of it so they can be scanned with multiple antivirus and anti-malware programs. If it's encoded so it won't extract, I don't run or install it, no matter how great a program it is. Period.

P2P is inherently UN-private but you can make it a lot more secure. You have to decide if it's worth it for your situation or not.

Thanks Phuzzy - you always give a man in need a moment, deeply appreciated.

I use zonealarm pro and nod32 - paid for. Costs me a good 100 a year but worth it. So far as I can tell, PC is all clear - I occassionally run an antirootkit or spybot - all clear again. I never tried pinglog though - thanks for the pointer.

It may well be just the ISP - and to be fair my ISP was doing major line overhauls last spring. Maybe I'm just too hypervigilant...

I never ever open exe files without nod32'ing them - and only then will I run it on another PC, just to be sure.

My problem was on the line - so it could have just been the ISP like you suggest.

[Nabokov]

Thanks also Bizarre.

All the advice you give her I follow - but you're right to reiterate these basic rules of course.

I have a separate unconnected home network [hehe]. I'm bang up to date with paid for firewall+antivirus suites, truecryp, ccleaner, antispyware etc.

I'm glad to hear P2P runs on similar principles to TOR - I wasn't fully aware of the proxy issue. Sadly, I cannot seem to get TOR to run at all now. Which is interesting...

Like you say Bizarre, The Man is more interested in what is kept hidden. Most of the time I have no need to hide anything. Although I've returned to using SSL on usenet more as a matter of principle than anything else. Usenet is not what it was anyway. But er... You never know when you want to visit e-book.technical for that quantum theory pdf or advanced inorganic chemistry, perhaps even some histology or woodworking monthly

Anyway, I guess the info I seek is black hat or more. Ready cooked of course. I can't be bothered learning advanced C++ and Assembly just to check um, my kernel and fishing line.

[BizarreLoveTriangle]

It's un-private because even if you use an anonymous proxy, the points between you and the proxy are discoverable - it just depends on the tools you use, especially if you're a government agency with government powers. You can make it more difficult but you can't make it impossible, and the more secure it is, the more interested in it government is - they want to know what you're hiding. The only secure network is one that isn't connected to anything.

Onion routing is a bit different than a regular anonymous proxy. In case of onion routing, the "proxy" has no way to tell if the data packet (which is encrypted anyway) originates from me or if I am just another "proxy" that is relaying someone else's traffic.

But you are right -- if the government has a large part of Internet under their control, they can use traffic analysis to break the anonymity, specially if the user base is not large enough. If *everyone* was using anonymous P2P, then the government would be out of luck, though

[BizarreLoveTriangle]

I'm glad to hear P2P runs on similar principles to TOR

Well, yes, there *are* P2P networks that run on similar principles to Tor, but eMule is *not* one of them. Most anonymous P2P networks are experimental and not really useful (low effective anonymity due to small user base, extremely low download speeds). Look here for an overview: http://en.wikipedia.org/wiki/Anonymous_P2P

[Nabokov]

Thanks Bizarre - I always appreciate pointers. Feel free to point out any other good websites I can digest in nuggets!

[BizarreLoveTriangle]

Thanks Bizarre - I always appreciate pointers. Feel free to point out any other good websites I can digest in nuggets!

Found another interesting link:

http://en.wikipedia.org/wiki/Incompatib ... ing_System

Might be somewhat off-topic, though