PeerGuardian
 PeerGuardian 2 under Windows XP | |
| Developer(s) | Phoenix Labs |
|---|---|
| Stable release | |
| Operating system | Cross-platform |
| Type | Firewalls |
| License | GPL or zlib/libpng license (depends on OS) |
| Website | www.phoenixlabs.org |
PeerGuardian and PeerGuardian 2 are free and open source programs developed by Phoenix Labs. They are capable of blocking incoming and outgoing connections based on IP blocklists. Their purpose is to help protect the user's privacy from organizations such as the RIAA and MPAA while using filesharing networks such as FastTrack and BitTorrent [citation needed]. The system is also capable of blocking advertising, spyware, government and educational ranges, depending upon user preferences.
History
The original PeerGuardian (1.0, led by programmer Tim Leonard) was programmed in Visual Basic and quickly became popular among more knowledgeable P2P users despite blocking only the common TCP protocol and being known for high RAM and CPU usage when connected to P2P networks. The original version was made open source, and development began on a new version (2.0, led by programmer Cory Nelson) to resolve the shortcomings of the original. The latest version, PeerGuardian 2, is coded in C and C++ and sits low in the kernel so that it can block all IPv4 protocols and ports.
Operation
On Windows, Linux, and Mac OS X, PeerGuardian uses a driver to queue all incoming and outgoing connections. Connections are checked for their status in the blocklist using a binary search.
Blocklist formats
The blocklist is stored in a number of different formats:
Binary Formats
The binary formats (known as P2B) were created at the release of the first beta version of PeerGuardian 2, in order to create the smallest possible blocklist.
- P2B Version 1 - This format was used only in the earliest releases of PeerGuardian 2. It was compressed using the gzip format. Lists are no longer produced in this format.
- P2B Version 2 - The most widely used format, this is supported among a number of applications, including eMule and the Linux version of PeerGuardian. It is equivalent to the first version of the P2B format, but instead uses UTF-8 to store names. Lists are produced in this format.
- P2B Version 3 - The newest version of the P2B format, this is currently supported only on the latest version of the Windows flavor of PeerGuardian 2. This format uses 7z compression for additional size reduction. Unfortunately, the recent adoption of this format and the somewhat obscure nature of the compression used make this format the least compatible one. Lists are produced in this format.
P2P Plaintext Format
The original format for PeerGuardian version 1.x was a simple plain text format . Unfortunately this meant that lists became very large and cost a lot of bandwidth to distribute, heralding the construction of the smaller binary formats.
The format is as follows:
Range Name:FirstIP-LastIP
For example:
Localhost:127.0.0.1-127.0.0.1
This format is used in eMule, in the SafePeer Azureus plugin and in Protowall.
Criticism
Technology and aims
The design of PeerGuardian is to prevent the computer concerned making or accepting certain types of connection to or from specific IP addresses. The effect of this is that other computers at those addresses will not see activity originating from the given computer, with effects as follows:
- Documentary evidence of what if anything that computer may or may not be doing, cannot be logged by computers at the blocked addresses. This affects organizations who monitor file sharing networks to identify those IPs sharing files in breach of copyright, who will not be able to make a connection to the given computer and will therefore not see legally admissible evidence of any kind if file sharing is happening.
- IPs that are set up to share "bad files" - incomplete or spurious in nature - will not be recognized or connected to by the computer concerned. More generally, any source of malware or the like can also be added and blocked by the same system, as can websites that appear in spam or advertizing with which the user does not wish to receive or send data.
- It is important to note in addition that P2P protection is not the sole purpose of PeerGuardian, a large number of spyware and advertising IP addresses are also monitored, and the purpose of the blocklist.org website is to allow general purpose IP address research.
To bring a successful public or private prosecution in most countries very detailed logs must be obtained as to alleged activity on the network, and there must be proven evidence that particular files are available from that person. Information provided by a tracker or eDonkey peer is insufficient. Organizations hired by RIAA, etc will attempt to connect directly to each individual they wish to investigate to gather evidence. This process is automated and is carried out through high speed connections bought by various subcontractors, such as BayTSP, MediaSentry, and Comcast.
While it can be argued that PeerGuardian prevents the collection of evidence other than an IP address, it is worth noting that the majority of file sharing suits made by the RIAA and MPAA involve no evidence other than an IP address, as the suit is usually settled before trial.[1]. Two RIAA lawsuits, Priority Records v. Brittany Chan and Capitol v. Foster became high profile news stories after the RIAA withdrew their case after a motion for summary judgment forced them to show their evidence. Other cases such as Atlantic v. Anderson have seen the RIAA attempt to obtain access to the alleged infringer's hard drive in an attempt to gather evidence.
Despite the criticism, the development team behind PeerGuardian have clearly and repeatedly stated that PeerGuardian is not and never should be considered 100% protection, clarifying that PeerGuardian is only supposed to help protect one's privacy.
Lists
Another common criticism of the PeerGuardian application is the lists that it utilises. PeerGuardian will block all IP addresses in the blocklist, but the accuracy of the blocklist is critical to the operation of the entire system.
Currently the block lists are maintained by Bluetack. The main list they have stated they use is the "Level 1" list which they claim as being the only IP addresses that need to be urgently blocked by P2P users - among the items on this list are entire p2p networks themselves, local community groups, churches, and several entire major ISPs. However groups such as Macrovision (who use many dynamic IP addresses to directly attack P2P networks) are not included on these lists. This makes the lists somewhat ineffective for their claimed purposes and the largest effect a user would get from using this list is to find themselves blocking large numbers of download sources, hindering the effectiveness of P2P.
As of April 24, 2007 the default "Level 1" list stated as being to block anti-p2p organizations alone blocks 739,154,389 IP Addresses. As of January 2007 there are approximately 2,407,000,000 IP addresses allocated to the Internet. Therefore this list blocks an entire 30.5% of the Internet as supposed anti-P2P. This also ignores factors such as those allocated IP addresses not being in use on the Internet (either due to companies going offline and not returning IP space, or due to large pools of IP space being allocated but not all used all of the time).
The intention of Phoenix Labs is to administer the blocklist in public - opening * Blocklist.org to allow users to comment on and submit ranges that might have been missed by the Bluetack staff. The biggest problem here, as with any wiki, is that the reliability of end user information is dubious.
CPU Usage
Early Windows versions suffered from CPU usage problems. This was caused by the way the first version operated (reading the connection table several times a second). The issue was corrected in the 2.0 version with the introduction of a proper driver-based system.
See also
External links
- Official PeerGuardian website (Phoenix Labs)
- PeerGuardian at SourceForge
- test.blocklist.org, lists.blocklist.org
and www.bluetack.co.uk - blocklists