|
|
|
|
| »
Phoenix Labs Interview |
PeerGuardian is an IP blocker
designed to protect your privacy on P2P,
designed with speed and efficiency in mind,
a small efficient firewall type application
that processes all incoming and outgoing
traffic from your computer and filters it
based on a blocklist (a list of IPs to block).
A must if you are sharing files on a P2P
network like FastTrack. That's why I decided
to meet the people at
Phoenix Labs, formerly Methlabs, who are developing PeerGuardian,
and ask them some questions...
• The Phoenix Labs, PeerGuardian Team
• Phrosty:
I'm the coder of PG2, and the resident BOFH
on IRC.
I got involved to scratch an itch- PG 1.x
was taking up loads of CPU. I presented
a very small app in the ML forums and D3F
recruited me on very small replacement for
PG, that is. It was essentially an even
"lite"er version of PGLite version.
• FuRiOuS1: I am FuRiOuS1, or my
real name is James Shanelec, I primarily
respond to posts in the forums, but I also
help with backend things such as coding.
I have been with Phoenix Labs for quite some
time now, I would estimate around 1.5 years.
I first got involved with PeerGuardian through
XS, an older Phoenix Labs project, which is
currently undergoing a recode. I love the
idea of PG, and I highly dislike the methods
of the RIAA and other such organizations,
and I do not agree with them.
• Cerberius: I take
care of any updates needed on the server,
and make sure everything is running smoothly.
Really behind the scenes things. I also
handle all Phoenix Labs transactions and balance
the budget, and help manage the IRC network.
I saw the project and kept an eye on it
because I thought it was interesting. I
started off with running the IRC network
for Phoenix Labs and things progressed from
there.
• D3F: I'm Ken (D3F) McClelland,
my duties at Phoenix Labs consist of supervising
new projects, and coding such projects as
the new version of XSC/XSH and the new driver
level Deep Delete, I also keep the forums
running, and try to keep the community happy
with some public relation duties.
Well I was involved quite a bit before PeerGuardian's
conception. I first met Method will he was
still a college student and he was working
on his Hotline Client Cyclone, he used to
hang out on my hub which was very popular
at the time (200+ users) from there I kind
of ended up starting Phoenix Labs on behalf
of Method and running the community for
him.
• JFM: I'm Joseph Farthing, I deal
with writing things and general press releases/relations.
I also write things that I find interesting
as news, and I'm helping our Linux coders
on the new *nix version of PeerGuardian.
I live in the UK.
Well... other than D3F, I probably joined
this project first. I saw a BBC news article
about two years ago about PeerGuardian,
and I just thought it was "cool". I helped
out at the old PeerGuardian.net website,
before that went down.
• Tegehel: Cyril Van Der Haegen,
Illustrator, doing the GUI for PG2 (Windows)
with Phrosty.
I got involved by looking for an IP blocker.
There were 2 famous ones, Proto and PG2.
PG2 looked simpler, so I went there. Then
I did some GUI replacement as a recommendation,
then Phrosty and D3F had a chat and asked
me to do the UI design, and I accepted.
• What projects
are currently being developed at Phoenix Labs?
• D3F: Currently Phrosty is also
working on the bulk of what powers PeerGuardian,
http://blocklist.org/ which is a very
complicated script which he's using C# to
develop, it will allow people to help create
much stronger lists for use by allowing
a community review and comment process,
as well as information on why ranges are
blocked ect. Myself I've currently spent
most of my time building our new Linux Distro
"PeerNix/PeerLinux" (name hasn't been decided
yet). I succeeded in choosing what
packages we will be using so far and building
and installing it on to raw LSB base (Linux
Standard Base) the next step with that will
be to get the packages to a level we want
and build an installer.
I also just started work on a recode of
XS Client, from its original VB base (built
by method) to a more optimized C++ base,
I've done some of the ground work on it
but I have yet to decide which API I will
use for interface and network work. I'm
currently looking into possibly using Cross-Platform
API such as QT, instead of standard W32
API.
I'm hopping to be able to first recreate
the XS then add multi file swarming, and
auto distribution and review capacities
to files on top that with some degree of
encryption but it will be a long project.
And the last projects I would
have to say are the new Deep Delete which
involves writing a Kernel Hook File system
driver, to securely delete all files and
that of the very shelved PGMA (Control PeerGuardian
from a mobile device).
• Let me move
on to PeerGuardian now. Where do the great
IP lists PeerGuardian uses come from?
• JFM: The
first IPs from the beginning of the project
were found by all sorts of means. Whois
database searches has brought a lot of ranges
but originally all sorts of methods were
used.
• D3F: The blocklist was built very
slowly over time but it originally evolved
out of the ZeroData Blocklist, from there
shortly after PeerGuardian was released
Method created the first incarnation of
the IPDB and allowed public review, this
added greatly to the size of the list, most
of this information as other said was gathered
from whois research and infringement reports,
and to a small degree some social engineering.
From there the list moved to the now defunct
PeerGuardian.net run by Eremini where the
lists were modified and updated by the staff.
When PeerGuardian.net was shut down the
list management for that time fell on the
newly created B.I.S.S., who does a very
good job, but I believe a lot of us think
it's overzealous we currently filter the
lists for general needs, but soon the lists
will again be community reviewed on
http://blocklist.org/.
• Why use PeerGuardian
and not an ordinary firewall to block IPs?
• JFM: A
normal firewall doesn't have the capability
to import that many ranges easily. PeerGuardian
can auto-update, and generally is a "install-and-forget"
solution.
• Phrosty: Firewalls tend to do a
lot more, taking memory and much more CPU
to do it. By focusing on blocking ranges
of IPs, we can take advantage of incredibly
fast search algorithms.
• Who is PeerGuardian
for; who do you think should use PeerGuardian?
• D3F: I Think PeerGuardian is really
for everyone, even if you don't use P2P
it's a great way of blocking access to spyware
sites, and ads in general; well its not
the best for this it does help quite a bit,
especially in today's world where everyone
is constantly afraid of some kind of identity
theft.
• JFM: Yes, the blocklist method
is not perfect, but it's an aid to privacy
in general. There are many groups who like
sending and collecting data about users,
from spyware to the recording industry,
to DRM producers. A blocklist is just a
straight forward approach to block them.
• I think it
is safe to say that PeerGuardian is quite
a success, what gave you an indication that
it was becoming successful?
• Cerberius:
For popularity, I think it's safe to say
that it started with PeerGuardian, and from
there PeerGuardian 2 has become more popular.
It was most noticeable when I saw PeerGuardian
being featured in magazines, such as being
put on those extra CD's you find.
• D3F: *lol* In 2003 when I had large
X,XXX figures charged to my Visa, for using
far too much bandwidth. But I'd say its
been off and on. We have really been quite
popular since about 2003, it dipped a bit
between PG1 and PG2, but we are back on
top now with I'd say at least a 250,000+
installed base of users.
• How many
people do you believe are using PeerGuardian?
• D3F: Well we can't be for sure
because SourceForge who distributes the
binaries doesn't keep there statistics up
to date. Softpedia currently has 177,566
downloads, but I suspect (and bandwidth
usage would probably confirm this) that
it is higher.
• Why do you
think PeerGuardian has been so well received?
• D3F: Probably
has something to do with the RIAA suing
the pants of people, I believe they just
celebrated their 10,000 lawsuit. Other then
that I think its because it just works,
it's very simple to use and update, you
don't really have to know much about a computer
to make it work.
• JFM: It's not perfect, though! Everything depends upon the lists. An MIT survey in 2003 put the PeerGuardian
application at 50% for blocking fake files
on the Kazaa network. We've only improved since
then. The most interesting
thing that survey revealed was that most
fake files (and scans we know) come from
a very small minority of IP addresses blocking
a number of IPs can have a massive improvement
upon security - so the PeerGuardian method
works well. That's why I think it's popular.
• Would you
call PeerGuardian illegal? PeerGuardian
actually helps protect "thieves" (thieves:
that's the name the RIAA/MPAA likes to give
them).
• D3F: No, would you call a firewall
illegal? Would you call a door illegal?
PeerGuardian is simply a tool to that allows
you the choice of who gets access to your
computer.
• JFM: If we turn this around, some
of the spyware which PeerGuardian blocks
uses techniques illegal under E.U. privacy
laws - i.e. it collects personal information
without explicit written confirmation, and
does not allow a user to reclaim data about
themselves. Of course in the UK the Data
Protection Act does not apply to those who
break the law, but the systems used to scan
p2p networks often do not discriminate between
"good" and "bad" users - i.e. those who
are sharing files that have permission to
share. There was a
case in Australia of a website being
threatened with a lawsuit because it hosted
a file that happened to be named after a
film, however the file was actually a couple
of megabyte application that just shared
the same name.
• Phrosty: We don't condone illegal
activities. PeerGuardian is made to
protect your privacy, nothing more.
It is like cops with guns.
• FuRiOuS1: PeerGuardian is most
definitely not illegal. You have the right
to filter out whoever you want from your
own computer. The type of person that is
protected is not our decision, it is the
decision of our users.
• What has been the biggest surprise you've run in to up to now?
• Tegehel:
From a GUI designers standpoint it is to
see the range of reactions to the improvements
(both good and bad). You quickly learn you
can't please everybody.
• Phrosty: Never underestimate the
power of users in finding bugs you never
thought possible. Though I think the biggest
surprise to me was PG2's launch, when the
server hosting Phoenix Labs crashed under the
load within an two hours of putting up the
new page.
• Tegehel: And the fact that most
people don't read the FAQ...
• FuRiOuS1: I'm not quite sure what
I could classify as a big surprise, but
I guess my biggest surprise is the amount
of supporters to our cause.
• D3F: Probably the first time we
were on TV, I never though we would get
that far and that we would always be an
underground thing.
• JFM: Hmm... well actually my biggest
surprise was when Phrosty joined us out
of the blue with new code and ideas. It
had been what I'd hoped for, and the reason
I'd hoped Method would open source the code,
but it was great to see it happen.
• Running a
site or developing a program is not easy,
what do you consider the biggest challenge
you have faced up to now?
• D3F: That
would definitely be PLS (Programmer Laziness
Syndrome) you find yourself full of great
ideas and how to go about implementing something,
but you find yourself writing maybe a few
dozen lines of code and going to do this
or that, over and over again.
• Tegehel: From a GUI standpoint:
packing a max. amount of information within
a very limited space.
• Phrosty: I'm a developer who loves
efficient and minimalistic style apps. I
think getting over that to make PG2 truly
easy to use (with the recent help of Tegehel)
has been the hardest challenge to overcome.
I have found the user and programmer often
think nothing alike.
• Tegehel: Yes, ergonomics and speed.
We need to choose smartly what goes in the
UI and what stays "hidden" (i.e. changeable
in the .conf file only) which is not always
obvious.
• JFM: I'd say that after the initial
interest in PG1 died down we've had to focus
on what's really important to us and the
community here. I think that deciding on
a direction is really important for any
community - a community that is *just* a
community never gets anywhere, so I think
even when PG is perfect and needs no more
work we'll be constantly challenged to try
new ideas.
• FuRiOuS1: Running the website can
be on occasions challenging. The biggest
challenge in running the website is when
problems arise, out of the blue, sometimes
with no apparent cause. One time the server
was down for a whole week.
• Where do you see this project
going from here?
• Phrosty:
Well, PeerGuardian isn't done yet, so I'm
busy. Blocklist.org is also going to take
the evolution one step further. In the end,
I think we would like everything on Phoenix Labs
to integrate easily -all with the focus
on bettering your experience with P2P.
• FuRiOuS1: The past has shown me that the future, sometimes predictable, will lead us to places unexpected.
PeerGuardian 2.1 will feature a plug-in system that will allow developers to write their own features into PG2 in the future.
• JFM: In the short term, the first
priority is PeerGuardian, and then Blocklist.org.
Other than that: Anywhere, everywhere. So
far we've tried P2P security, a P2P client
and a secure deletion system, as well as
lots of sub-projects and plenty of proof-of-concept
code. I certainly don't think there is anything
that we wouldn't try, but we'll always try
to do things a little bit differently.
I'd say we could go anywhere -so long as
we have the dedicated staff and good user-base
and community we can really try to achieve
anything we think we want to. We might fail,
but we can always try.
• D3F: We are constantly trying to
expand are communities horizons and tend
to add things we think our members would
like, we recently created a radio station,
along with that we'll probably be throwing
up some game-servers. After the recode of
XS and Deep Delete are done, I think we
will probably try and get work done on xnet,
which has been an idea method has wanted
to do for years now, which I think would
be cool.
But the priority now is getting
PeerGuardian 2 Final released and getting
Blocklist.org done and filled with lots
of information on the ranges.
• JFM: Yes and probably we'll have
to do a lot of audit work. The database
has little documentation attached to it,
we need to make sure the reasons for the
major ranges inclusion is clearly identified.
• How can others
contribute?
• FuRiOuS1:
By joining us on the forums or on IRC and
making suggestions, all suggestions are
considered.
• JFM: Either by contacting one of
the staff, posting on the
forum,
IRC ect or by signing up on are
SourceForge project page.
We're pretty open about it. Just contact
us with your idea, most of the staff here
got involved by just trying things. Our
entire 3-person Linux Development team was
built from a couple of submissions and ideas
that were posted on the Linux development
forum.
• You mentioned
a radio station before, are there any ideas
circulating at Phoenix Labs to start something
new and what are these ideas?
• JFM: Well
the radio station is something we've wanted
to try for a while. We'll see what we can
do after we've designed a simple schedule
and perhaps a few of our own programs.
Internet radio is wonderfully easy to set
up, so we really had no more excuses not
to try it at least once. It will take a
little time before we get a proper system
set up, but things are positive so far in
the few days that we've been playing.
• D3F: Well we're always looking
at doing new stuff, the radio station and
some game-servers have been talked about
quite a bit, most of our idea's just come
from us brainstorming, as far as idea's
go I have a few but I'd like to get what
we have on the table done first, namely
PG2, XS, DD, Blocklist.org. And for those who don't know, BOFH means Bastard Operator from hell. |
|
|
