Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] popcorn-time

ChaTo (Carlos Alberto Alejandro CASTILLO Ocaranza) chato at chato.cl
Mon Apr 7 04:06:17 PDT 2014


Hi,

Just as Popcorn already includes a torrent client, it can include a 
BitMessage client, it would be entirely transparent to the users, just 
as the torrent client already is.

The rolling blockchain: it is OK if the "master file" is broadcast every 
two days. BTW the "master file" is a list of mirrors, which can and will 
change, where you can get the meta-data used for popcorn-time to operate.

Bitmessage isn't anonymous to network-level attackers: the person who 
broadcast the file can be behind Tor. It will be make them much harder 
to find than if they have to seed a torrent file. And it can be 
different persons sharing a private key to post from different locations.

* * *

The question is not whether BitMessage is *the* perfect protocol, but 
what protocols are there to distribute a master file in a way that:

- the sender can easily change the master file,
- the receiver can easily locate the master file (a single key to 
locate: a URL or a public key),
- the message is not hosted at a single or a limited number of places 
(because those can be taken down),
- and the sender itself is difficult to find.

Cheers,

On 04/07/2014 01:14 PM, Natanael wrote:
>
> Bitmessage isn't ideal for this.
>
> Both because it has a rolling blockchain (the data to distribute needs 
> to be uploaded repeatedly), because the users will need a special 
> client to download it, and then special instructions to find the file, 
> and because Bitmessage isn't anonymous to network level attackers 
> (your ISP, the router you're connected to, etc), and because of 
> scaling problems.
>
> The easiest way IMHO is to have a network of mirror sites hosting it, 
> reminding people they can download it over Tor.
>
> - Sent from my phone
>
> Den 7 apr 2014 09:50 skrev "ChaTo (Carlos Alberto Alejandro CASTILLO 
> Ocaranza)" <chato at chato.cl <mailto:chato at chato.cl>>:
>
>     Hi,
>
>     An answer to the "single point of failure" of having a URL to pull
>     the content is to use a secure distribution mechanism.
>
>     I think a great candidate is BitMessage, which I have been using
>     for some months now: https://bitmessage.org/wiki/Main_Page
>
>     BitMessage is a secure peer-to-peer communications protocol that
>     allows you to broadcast a message (or receive a broadcast message)
>     without revealing your IP address.
>
>     Cheers,
>
>     On 04/06/2014 11:41 PM, Jonathan Wilkes wrote:
>>     Hi list,
>>          Can some tech liberator out there versed in javascript and
>>     video streaming please take over the popcorn-time project?  It
>>     looks like it was developed pseudonymously by at least three
>>     teams now which have all disappeared (probably due to pressure
>>     from Hollywood).
>>
>>     If you haven't heard of it, see:
>>     https://en.wikipedia.org/wiki/Popcorn_Time
>>
>>     Why should this interest you?
>>
>>     * Licensed GPL v3
>>     * Has the most user-friendly interface I've seen in a piece of
>>     free software
>>     * Runs on GNU/Linux, OSX, Windows
>>     * Streams downloads efficiently and uses Bittorrent to seed while
>>     the user watches (with no setup or intervention by the user)
>>     * Accessibility.  Looks like the project is getting bullied with
>>     a game of whack-a-mole, probably due to pressure from Hollywood.
>>     AFAICT there is no new technology being used-- the original devs
>>     used mostly pre-existing libs to make something that is easy to
>>     use.  What everyone on this list can do using Transmission and
>>     VLC can now be done by non-experts.
>>
>>     How to stop the game of whack-a-mole?
>>
>>     There needs to be something like a "popcorn kernel" team. It
>>     should use exactly the same API as the software currently does,
>>     but just have a place where the user can type in an address from
>>     which to pull the content.  It'd be pretty easy to host a tracker
>>     with one or two public domain titles and test with that.  Then if
>>     a site like archive.org <http://archive.org> decides to adopt the
>>     YTF API to access its public domain videos, users can just add
>>     that address and start streaming the content.  (And again because
>>     they are also seeding this helps out archive.org
>>     <http://archive.org>, so it's a win-win.)
>>
>>     That would remove the only controversial line of code-- the url
>>     of YTF-- so that anyone who wants to improve the software may do
>>     it without being bullied.  Also, if there were a well-known
>>     organization dedicated to hosting and defending free software
>>     that could host the repo and front page it would lower the risk
>>     of a rogue, suspicious site putting up downloads with malware in
>>     them. (And each time Popcorn-time gets resurrected at some new
>>     domain that risk increases.)
>>
>>     The original code is still on github.  Not sure about the other
>>     incarnations.  It's worth noting that there seemed to be quite a
>>     bit of activity on each incarnation (bug fixes, improvements) so
>>     it might be worth it to try to find a link to the most recent
>>     incarnation.  (And since it's git it should be easy to audit the
>>     changes.)
>>
>>     I really wish I knew javascript and node.js.  Then I'd just do it
>>     myself. :)
>>
>>     Best,
>>     Jonathan
>
>     -- 
>     ChaTo (Carlos Castillo) <http://chato.cl/>
>     LinkedIn <http://linkedin.com/in/chato> · Facebook
>     <https://facebook.com/chato> · Twitter <http://twitter.com/chatox>
>
>     --
>     Liberationtech is public & archives are searchable on Google.
>     Violations of list guidelines will get you moderated:
>     https://mailman.stanford.edu/mailman/listinfo/liberationtech.
>     Unsubscribe, change to digest, or change password by emailing
>     moderator at companys at stanford.edu <mailto:companys at stanford.edu>.
>
>
>

-- 
ChaTo (Carlos Castillo) <http://chato.cl/>
LinkedIn <http://linkedin.com/in/chato> · Facebook 
<https://facebook.com/chato> · Twitter <http://twitter.com/chatox>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140407/276565ab/attachment.html>


More information about the liberationtech mailing list