Hi, I would like to point you to a recent work we made that we believe might be of interest to the BitTorrent/P2P community.
In this work that will be presented at IMC'11, we show what we believe to be a significant privacy issue for most P2P protocols. -We show that leveraging on Skype, we can map a social identity (name, age, location, email address, etc.) to an IP address fully inconspicuously. This attack works for all (500M) Skype users. This is severe as an attacker does not need the ISP support (that an individual cannot usually get) to retrieve the social identity linked to an IP address. -We show that we can then follow the mobility of a Skype user, and we found that we can indeed observe real mobility patterns for a large fraction of Skype users. -Finally, we were able to link a Skype identity to a list of BitTorrent downloads even if the user is behind a NAT or a proxy (we use the predictability of the IP-ID in IP headers to make sure that two different applications are running on the same host). That attack described uses Skype, but would also work with several other popular VoIP systems. All details are available here: http://hal.inria.fr/inria-00632780/en/ Regards, Arnaud. _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
