Alex H vs RazorPop’s Freedman
p2pnet.net News:- On Wednesday we ran a follow-up to Alex H’s criticism of Marc Freedman’s TrustyFiles p2p application, zeroing in on a flaw that allows users to report a file – any file – to the various organizations who work to combat the proliferation of online child pornography.
The post comprised 20 questions from Alex addressed to RazorPop boss Freedman and we promised to publish his answers.
Head over to the post for exchanges between Alex H and Freedman.
Read on >>>>>>>>>>>>>>>>>>>>>>>>
I don’t know. I suggest you contact them.
By Marc Freedman – RazorPop
You have a concern that our child porn reporting features will be used for copyright infringement access by the entertainment industry. That frankly is absurd. Individual reports such as those generated by our software are a poor way to collect data. As you yourself have made clear, the reports have low quality, represent limited information, and are an incomplete picture of a person’s actual activity.
The entertainment industry uses organizations like BayTSP with servers and systems that scan the P2P networks to automatically identify, collate, and report suspected infringement. Our reporting is insignificant in comparison in terms of quantity, quality, and accuracy. Even if the entertainment industry could magically obtain a database of our reports it would be worthless and unnecessary to them.
You have a concern about the security of data being processed. The public and private organizations involved already process extremely sensitive data and have systems and procedures in place to handle that. An Internet-generated report could have actual names and incidents. In comparison our software-generated reports tell much less.
The addition of our reports has no affect on security.
Alex H: Does RazorPop acknowledge that there is an inherent weakness in the TrustyFiles application to allow mass abuse of the reporting feature?
Freedman: Any system can be abused. Can people abuse TrustyFiles? Yes.
Alex H: If yes, is RazorPop considering the removal of this feature?
Freedman: If the processors of the reports and the FBI believe our reporting process is not useful or needs to be changed, through excessive abuse or any other reason, we will remove or change the reports.
Alex H: Considering the decentralized nature of the TrustyFiles application, how does RazorPop intend to "recall" the software from users who have already installed it?
Freedman: A recall implies a significant defect or harm, which is not the case. There are a number of ways the reports can be interrupted or ignored in the processing chain, which are more elegant solutions compared to any such recall.
Alex H: How does RazorPop plan to stop the proliferation, through p2p networks, of the TrustyFiles version(s) containing these features?
Freedman: See the answer to 3.
Alex H: What precisely does P2P PATROL do when "co-coordinating" efforts between p2p developers, private anti-child pornography organizations and the authorities?
Freedman: See the press release at http://biz.yahoo.com/bw/050216/165190_1.html, regarding some of the P2P PATROL’s activity. Contact the DCIA for more information.
[The DCIA is a Sharman Networks, Altnet, Brilliant Digital Entertainment funded ‘trade’ group – Ed]
Alex H: Are individuals employed by or working for private anti-child pornography organizations required to undergo criminal background checks before commencing their duties?
Freedman: I don’t know. I suggest you contact them.
Alex H: Is the Child Pornography Hotline or any other organization creating a "rejected reports" database of files which do NOT contain child pornography and is any personally identifiable information on the people sharing those files held within that database or another?
Freedman: I don’t know. I suggest you contact them.
Alex H: Will the FBI and/or any similar authority guarantee they will not pursue individuals, reported through the TrustyFiles application, for the sharing of material found NOT to contain child pornography?
Freedman: I don’t know. I suggest you contact them.
Alex H: What protections are there against copyright trade organizations getting access to individual’s sharing habits?
Freedman: That is a P2P architecture question. Most P2P protocols make user and file information transparent. So the answer is there are no such protections against anyone. That data is available to any client on that network.
Alex H: Does the Association of Sites Advocating Child Protection’s Child Pornography Hotline enjoy any type of legal exemption from subpoenas or civil lawsuits which the MPAA/RIAA use to gain access to a "rejected reports" database?
Freedman: I don’t know. I suggest you contact them.
Alex H: Is the Child Pornography Hotline or any other organization creating a database of verified hashes for files containing child pornography?
Freedman: I don’t know. I suggest you contact them.
Alex H: If yes, who is responsible for the appropriate level of security required for this database?
Freedman: I don’t know. I suggest you contact them.
Alex H: Has the security of this database been made available for outside, independent scrutiny and, if so, was it found to be adequate?
Freedman: I don’t know. I suggest you contact them.
Alex H: What systems are in place to deal with the negative effects of a malicious wide scale, mass reporting attack?
Freedman: See the answer to 3.
Alex H: Is the reporting system (especially the receiving end) able to be simply shut off?
Freedman: See the answer to 3.
Alex H: If yes, what happens to genuine reports sent in by concerned individuals during an attack period?
Freedman: If the reporting system was interrupted in some way, no reports would be processed.
Alex H: Will RazorPop be financially aiding any of the private anti-child pornography organizations as a result of their inevitably increased workload due to the TrustyFiles reporting features?
Freedman: There has been no evidence of an increased workload at this time. If reporting is abused, resulting in a huge increase of reports, the processing organizations have the option of terminating or canceling the reporting service.
Alex H: What would be RazorPop’s response if developers or users of other P2P clients decided to ban TrustyFiles clients from connecting to them due to security fears?
Freedman: You have not identified any security problems. All data provided by reports is already available on the networks and used by organizations as discussed in COPYRIGHT INFRINGEMENT above.
Alex H: Is RazorPop or any of its employees receiving any type of incentive (financial or otherwise) for implementing the child pornography reporting features?
Freedman: No.
Alex H: Is RazorPop considering or has RazorPop already implemented any more GPLed code, systems designed by external organizations or other third party add-ons to the TrustyFiles application?
Freedman: Our TrustyFiles software contains no GPL code.
=================
Something you think we should know? tips[at]p2pnet.net
March 6th, 2005 at 1:57 am
Several months ago, Ashton and others disassembled the code and proved that Freedman was lying. Both Trustyfiles version 2.1 and 2.2 did in fact contain stolen GPL code from GiFT-FastTrack.
http://64.233.161.104/search?q=cache:0xuxK6rUNUYJ:www.slyck.com/forums/viewtopic.php%3Ft%3D5424%26postdays%3D0%26postorder%3Dasc%26start%3D75%26sid%3Dddf12408725ad556b818e161c4280e0b+site:slyck.com&hl=en&ie=UTF-8
Marc Freedman is a liar, has always been a liar, and in all probability will always be a liar.
March 13th, 2005 at 5:30 pm
Please state facts and not allegations. Several months ago I stated that TrustyFiles 2.1 did have GPL code and was not properly attributed.
There was no GPL code in TrustyFiles 2.2. In that release Ashton only showed that our code had similar functionality, which would be expected. That is different from using GPL code. As I wrote in my response to Alex, our current software – TrustyFiles 2.4 – has no GPL code.
Marc Freedman,
RazorPop, developer of TrustyFiles