Home > Articles > Security > General Security and Privacy

  • Print
  • + Share This
Like this article? We recommend Potential Security Problems

Potential Security Problems

Unless big problems with the crypto turn up in security reviews of the software (keep an eye on what Bruce Schneier has to say about this), Vanish looks conceptually solid.

The biggest concern I have about this technology is that access to the Vuze-OpenDHT (OpenDHT is a network protocol) network is required at this time.

This may be a more serious problem than this appears; Adeona depended on another OpenDHT network for a slightly different purpose, and that's why it never worked correctly and now doesn't work at all due to the fact that the academic OpenDHT network it used is shut down. Note that the Adeona developers are promising a new network Real Soon Now.

Vanish uses a modified Vuze client. Not that this is in itself a problem, the Vuze license is GPL2. The Vuze-OpenDHT network is sponsored by Vuze, a commercial enterprise that uses OpenDHT to provide the backbone for a commercial P2P platform.

If you’ve used Linux and never heard of Vuze, you probably have a copy of the Azureus Java-based BitTorrent P2P client. Vuze is a VC-funded startup company wrapped around Vuze, the renamed and revamped Azureus software and accompanying network. It’s now advertised as a P2P HDTV content delivery platform.

However, should Vuze decide to for business reasons or be pressured by governments to disallow Vanish clients from access to the network, the problem is obvious.

At this time, Vuze is providing active if unofficial support for Vanish, so at this time there's no problem. All I can say is that if this becomes important to you or your organization, keep an eye on news items connected with Vanish, particularly on the Vanish website (there’s no RSS feed yet). I think the ultimate solution will be the use of several P2P networks simultaneously, which will provide some degree of redundancy. In any case, I'm sure the hash generation/network access problems are solvable with or without the Vuze network.

  • + Share This
  • 🔖 Save To Your Account