[aviramof]

i see that many softwares and program change and update there version but emule stay the same why is that?

please update and improve emule for all of us.

[tHeWiZaRdOfDoS]

I don't get it, really... again and again some troll arrives and requests a new version.
There is NO hint on what changes or even better fixes are expected from a new version but it's just the plain "release a new version" request.

Let me rephrase that request for you, please correct if I'm wrong:
I hereby request releasing a new version at least every 3 months - simply raise the version number and keep the remaining code as is, I don't care but I'm getting soooo excited whenever I see an available update for any of the programs I'm using!


eMule will change when there's the need for a change. Mature software doesn't need to be re-released again and again, a lot of updates just shows that a program is still in development... you can see that for a lot of programs, games and even OS: they aren't finished but released to "satisfy" the waiting crowd - and afterwards dozens of updates are released to fix the most urgent complaints.

[UserEmule]

tHeWiZaRdOfDoS, on 04 June 2012 - 02:33 AM, said:

I don't get it, really... again and again some troll arrives and requests a new version.
There is NO hint on what changes or even better fixes are expected from a new version but it's just the plain "release a new version" request.

Let me rephrase that request for you, please correct if I'm wrong:
I hereby request releasing a new version at least every 3 months - simply raise the version number and keep the remaining code as is, I don't care but I'm getting soooo excited whenever I see an available update for any of the programs I'm using!


eMule will change when there's the need for a change. Mature software doesn't need to be re-released again and again, a lot of updates just shows that a program is still in development... you can see that for a lot of programs, games and even OS: they aren't finished but released to "satisfy" the waiting crowd - and afterwards dozens of updates are released to fix the most urgent complaints.

Hopefully soon Neo will help the client and put emule back on track to compete with the bittorrent slutfest going on, his client is supposed to have emule/bittorrent in one client and share the files the same hash between both networks and possibly link the overnet back. Then maybe we can see 15 million users on ed2k again, not just faked stats by fake servers to see that much. I also seen about 6 million users on kad a few times, but not very often. Buisyest times seem to be sun/monday as ppl reboot their pc's and emule starts on reboot. I have also seen high amount of users on Friday nights as people are off work and for the weekend off and want to explore. Lets put the emule back on track and add tons of users. Neo if your reading this, keep up the good work, lots are waiting on your release.

[aviramof]

Quote

Hopefully soon Neo will help the client and put emule back on track to compete with the bittorrent slutfest going on, his client is supposed to have emule/bittorrent in one client and share the files the same hash between both networks and possibly link the overnet back. Then maybe we can see 15 million users on ed2k again, not just faked stats by fake servers to see that much. I also seen about 6 million users on kad a few times, but not very often. Buisyest times seem to be sun/monday as ppl reboot their pc's and emule starts on reboot. I have also seen high amount of users on Friday nights as people are off work and for the weekend off and want to explore. Lets put the emule back on track and add tons of users. Neo if your reading this, keep up the good work, lots are waiting on your release.

that sound like a good idea i sure hope that some time it will happen.

[RejZoR]

I just wish KAD would be developed quicker and that clients would auto update so ppl don't use prehistoric versions and devs don't have to have decades old backward compatibility in it just because of those users. That's the very reason why eMule hasn't really improved much for years.

[Famerlor]

But well, WiZ, there is MUCH to be improved in the official client... and remembering when 0.50a was released I can understand that users get the impression this project is dead. To be honest: I have this impression too and that's why new clients for the network are IMO a good thing since the death of the emule-project does not mean to be the death of the ed2k-network.

[DavidXanatos]

UserEmule, on 04 June 2012 - 10:17 AM, said:

Hopefully soon Neo will help the client and put emule back on track to compete with the bittorrent slutfest going on, his client is supposed to have emule/bittorrent in one client and share the files the same hash between both networks and possibly link the overnet back. Then maybe we can see 15 million users on ed2k again, not just faked stats by fake servers to see that much. I also seen about 6 million users on kad a few times, but not very often. Buisyest times seem to be sun/monday as ppl reboot their pc's and emule starts on reboot. I have also seen high amount of users on Friday nights as people are off work and for the weekend off and want to explore. Lets put the emule back on track and add tons of users. Neo if your reading this, keep up the good work, lots are waiting on your release.

The client is already released: http://board.neoload...ta-release.html
though only windows binary right now
we are working on a Linux version (practically done)
and a Mac OS X version (a pain in the A***)


David X.

[Some Support]

DavidXanatos, on 12 August 2012 - 07:22 AM, said:

The client is already released: http://board.neoload...ta-release.html
though only windows binary right now
we are working on a Linux version (practically done)
and a Mac OS X version (a pain in the A***)


David X.

Soo, I wonder: Why is it closed source? (at least I suppose it is, there aren't like any information to find about the app )

[DavidXanatos]

Some Support, on 12 August 2012 - 06:45 PM, said:

Soo, I wonder: Why is it closed source? (at least I suppose it is, there aren't like any information to find about the app )

As mentioned earlier we are starting an own KAD (with ipv6 support) and on this based an anonymous filesharing System, keeping it closed source allows us to gather a large user basis and experimentally develop and improve various resilience features against malicious nodes.

It would be probably a really large hindrance if we would let anyone into the network who might want to harm the project, in this early stage.
So we decided to keep all sensitive components (this being the Main Application and the Neo Kad Module) closed Until we reach a sufficient user basis and made sure the Kad system will be able to effectively mitigate any attacks a reasonably resourceful adversary may throw at it.

You can find more details on the application informations in the about Dialog, it lists all used frameworks and library's, the about text though a bit outdated can also be found on http://update.neoloader.to/

Once the defenses are up and running, we will make the Neo Kad module open source, so that it can be used for any other application, possible applications would be for example a censorship resistant DNS system, or similar.

Our Kad is designed in a way that allows it to intelligently handle arbitrary payload, we achieve this by simply combining Kad operations with a Java script based Index and lookup API, so anyone who wants more functionality than well a basic DHT (being a simple key value store) can write a script that handles the index and runs the lookups, the script is distributed when needed together with the lookup so that it is really an open design for everyone to use (and abuse) the Kad for anything he would want to.

The Kad is also capable handling large binary data so that one might want to implement some sort of OFF-System int our Kad.

As you see the system has a very open design and those must be also very resilient against attacks, which requiters a lot of work.
At the moment we concentrate on the functional parts only which are almost ready so the first neo kad nodes out there will be highly versatile, but pretty much defenseless.
We will implement all envisioned defense systems later on, till that its only protections are the obfuscation and encryption layers preventing foreign nodes from joining and attacking the network.

Also having a filesharing system in to which no MAFIAA lawyers can get in might prove highly beneficial for people leaving in states like the "Banana" Republic of Germany.



If we will make the main application open source as well is a completely different question, at the moment we are not planing to, we think we do an excellent job and do not require external help with the core development.
We might however release an Lite Version as opensource that provides only P2P funkctionality, so no hoster downloads.
Actually the requirements for DLC (JDownlaoder container format) support are incompatible with the GPL as the link protection features require some cryptographic keys to remain secret.

As you surely know there are many popular closed source file sharing applications like for example µTorrent, so there really is no benefit to go open source, unless you are desperate for help.

What we can guaranty however is that if we would to stop the project ever in the Future we would release all components open source (except the DLC keys, that functionality would be lost) so that the client will Definitely remain available for the public.


David X.

This post has been edited by DavidXanatos: 13 August 2012 - 01:53 PM

[Some Support]

Quote

As you surely know there are many popular closed source file sharing applications like for example µTorrent, so there really is no benefit to go open source, unless you are desperate for help.

I just find it somehow amusing that all those free software and open source convictions (btw you are a pirate party member, right?) vanish once you started your own software. Not to mention that the whole software was only possible in the first place because of another project, which was open source and shared its knowledge.

[DavidXanatos]

Some Support, on 13 August 2012 - 09:19 PM, said:

Quote

As you surely know there are many popular closed source file sharing applications like for example µTorrent, so there really is no benefit to go open source, unless you are desperate for help.

I just find it somehow amusing that all those free software and open source convictions (btw you are a pirate party member, right?) vanish once you started your own software. Not to mention that the whole software was only possible in the first place because of another project, which was open source and shared its knowledge.

Yes I am a funding Member of the Austrian pirate party.

As I explained in my previous post the main aim of keeping the components closed source is to maintain high level of service to the Users.
Even JDownloader which is released under the GPL violats its own Licence by not making certain cryptographic components open source.

It simply is required for the maintenance of good filesharing service, to make sure certain undesired mafiose individuals will be effectively kept away from sensitive data that may compromise th quality of service (links) or expose users to threat of litigation.

So the bottom line is that while the most components can be made open source, some components must remain closed to keep said individuals with their malicious clients away.

As wrote in my previous Post it is the plan, to release open source everything that can be without compromising the system.


Are you aware of the fact that if BT would have been closed source and obfuscated (like Skype for example) you wouldn't have today this massive legal turbulences in Germany as no mafiaa lawyer would be able to get to the IP addresses.


Open Source and P2P is a nice idea when th Pirate Partys gets to power respectively it was a a nice idea before the mafia discovered litigation of innocence people as a source of revenue.
At the current climate however an open network simply is not the way to go anymore.

That meaning unless you manage to invent a network design that is able of keeping the sensitive data confidential while at the same time not being closed source itself.


IP addresses can be obfuscated using anonymization techniques and systems providing full deniability, thats why on a long run it will be possible to create a lite client that will provide only P2P file sharing and be open source.


Links howeever are an entirely different Mather.
The JD team wanted to do such thing with their DLC v2 and till now their affords are stuck dead in the sand.


David X.

[tHeWiZaRdOfDoS]

DavidXanatos, on 14 August 2012 - 08:30 AM, said:

As I explained in my previous post the main aim of keeping the components closed source is to maintain high level of service to the Users.
Even JDownloader which is released under the GPL violats its own Licence by not making certain cryptographic components open source.

So it gets down to a "but they also did it" argumentation?!

Quote

It simply is required for the maintenance of good filesharing service, to make sure certain undesired mafiose individuals will be effectively kept away from sensitive data that may compromise th quality of service (links) or expose users to threat of litigation.

So the bottom line is that while the most components can be made open source, some components must remain closed to keep said individuals with their malicious clients away.

This is plain nonsense, take eMule or RetroShare as examples - open source is the way to go in P2P - without it, you cannot trust the system, it's as simple as that.
An open system is even more keen on doing everything to create a great and stable system and to build its system so that other cannot destroy it right from the beginning.

Quote

Are you aware of the fact that if BT would have been closed source and obfuscated (like Skype for example) you wouldn't have today this massive legal turbulences in Germany as no mafiaa lawyer would be able to get to the IP addresses.

To get a sentence like that from a coder like you is really absurd! Obfuscation is nice but it has nothing to do with closed or open source except if you're relying on some secret keys (which you shouldn't). Working around the detection schemes won't work for long, they might simply track for other clues and finally get the laws changed... joining the Pirate Party and legally fighting for your rights is the only working way, at least in the long run.

[DavidXanatos]

tHeWiZaRdOfDoS, on 14 August 2012 - 07:50 AM, said:

So it gets down to a "but they also did it" argumentation?!

No, did you read what I wrote?

It simply is required for the maintenance of good filesharing service, to make sure certain undesired mafiose individuals will be effectively kept away from sensitive data that may compromise th quality of service (links) or expose users to threat of litigation.

Its not "but they also did it" argumentation, it a "its a technical/legal requirement" argumentation with a example that even clients that desperately want to do an open source crowd sourced development, have to keep some components private, in order to ensure the undisturbed function of the system.

Quote

This is plain nonsense, take eMule or RetroShare as examples - open source is the way to go in P2P - without it, you cannot trust the system, it's as simple as that.

And with it you can trust in being observed and to communicate with malicious clients.
eMule who in Germany is using eMule today without a VPN?

Well, thats the theory, how about the reality?
Doy you know of any closed source file sharing system (in the sense that there are also no alternative clients for the network) that would have compromised thousands of its users?
Well I don't.

eMule and BT however compromised to date in Germany 4.3 Millionen users.

So despite whats the theory says,
the reality looks completely different, not the closed source systems are a threat to the users but the open systems.


The reality is that with a closed system you can hope to trust the developers not to compromise you,
while with an open system you can trust in being compromised from the start.

I mean that is simple, the worst thing the developer of an closed system could do would be to give his source code to the MAFIAA so that they can enter the network and start logging.
With an open system the MAFIAA has the codes from the start and can enter the network and start logging.

Its really is as simple as that, the thing you are affair a closed source dev might do is what an open source dev does form the very begging.



as about RetroShare, thay are building a F2F system not P2P system, that means that the users arre responsible them Selfs to make sure not to communicate with malicious nodes, also this makes the afford to enter the network extremely high.
You can not just distribute a nodes.dat some ware or allow random people to join in.
The network operates on explicit mutual trust between the peers that are allowed to directly communicate.

We are going to implement an open for everyone P2P system those we need assurances in the design to exclude malicious nodes.

Quote

An open system is even more keen on doing everything to create a great and stable system and to build its system so that other cannot destroy it right from the beginning.

This is only Dependant on the coders attitude towards the development and not on the form of the release.

I can assure you that we are designing the system with resilience in mind.
The Neo Kad module is written is intended to be released open source once all necessary resilience features are implemented and tested.
This is not some abstract statement of intention it is actually an requirement of one of our further plans, which require not only trust in the security of your system (which would best be served with a closed code base), but also trust in the long term perpetuity of the system which can be only met with an open source design.

But as said, first the developement must be completed, and toll than it will remain closed source.

Quote

To get a sentence like that from a coder like you is really absurd! Obfuscation is nice but it has nothing to do with closed or open source except if you're relying on some secret keys (which you shouldn't).

Of cause Obfuscation has everything to do with being open/closed source, if you don't even know our packet format you will have really a lot of work ahead of you to reverse engineer everything before you can start annoying our nodes.
Being open source leaves you at a JDownlaoder situation, the code is open except the cryptographic keys.
So no one can enter your network despite having 99,9% of the source code, unless he finds out your secret keys.

Now lets leave the plain of theory and look on the reality:
Do you know Skype?
Do you know of any alternative Skype client?
And do you know why there is none?
Because Skype is closed source and employs a lot of encryption and obfuscation to make reverse engineering really really hard.

So in reality closed source + encryption and obfuscation seams to work really fine.

Quote

Working around the detection schemes won't work for long, they might simply track for other clues and finally get the laws changed... joining the Pirate Party and legally fighting for your rights is the only working way, at least in the long run.

Well, I chose to do booth.
This way I don't have to wait until the laws are changed to our benefit, i can live as if we pirates would already have won,
those not waisting valuable years of my life on not sharing files.

David X.

[tHeWiZaRdOfDoS]

DavidXanatos, on 14 August 2012 - 09:31 AM, said:

Its not "but they also did it" argumentation, it a "its a technical/legal requirement" argumentation with a example that even clients that desperately want to do an open source crowd sourced development, have to keep some components private, in order to ensure the undisturbed function of the system.

That isn't true. The problem is that they use a centralised system which isn't reliable and vulnerable. Again, eMule and others show that decentralised open source projects are possible and successful.

Quote

eMule who in Germany is using eMule today without a VPN?

Me for example... but then again, I'm not one of those "I want to download the latest blockbuster illegally and I don't want to get caught". On the other hand, I tried RetroShare for some months now and it's a promising, anonymous (thus secure) communication platform - and you can even (anonymously) download with it

Quote

Doy you know of any closed source file sharing system (in the sense that there are also no alternative clients for the network) that would have compromised thousands of its users?

Well, what does that prove? I don't know of any successful closed source P2P application either - do you? P2P is also about diversity, customization, etc. - how do you get mods and/or new clients that appeal to others or different user groups without being open source?

Quote

eMule and BT however compromised to date in Germany 4.3 Millionen users.

Src? Btw: neither eMule nor BT compromised anyone - it's the users that share illegal stuff that compromise others.

Quote

So despite whats the theory says,
the reality looks completely different, not the closed source systems are a threat to the users but the open systems.

The reality is that with a closed system you can hope to trust the developers not to compromise you,

That's what you say. How about this:
I *think* you are an agent of the MAFIAA or whatever, your client was designed purely for logging as many ppl as possible - of course you will wait until a solid user base has been established before you get the procecutional wave on the road, but then...
How do you want to prove that I don't say the truth? Even releasing parts of your program won't justify your claims - nor mine, but as you know, accusations will stick to the users' heads even if they have no evidence and even after they have been proven to be wrong.

A general question: why should I trust you? Because you're a member of the Austrian Pirate Party? Because you once coded open source mods?

Quote

while with an open system you can trust in being compromised from the start.

No. You can - by yourself and at any time - check out the system in detail and decide by yourself if it's safe enough for you, instead of relying on others.

Quote

I mean that is simple, the worst thing the developer of an closed system could do would be to give his source code to the MAFIAA so that they can enter the network and start logging.
With an open system the MAFIAA has the codes from the start and can enter the network and start logging.

They can't (see RetroShare again - there are others but I didn't check their sources, yet). Besides, closed source also opens a door for viruses, trojan horses, etc. as well as ugly adverts and so on - who can know what's inside your application besides the devs and experienced hackers, maybe?

Quote

Its really is as simple as that, the thing you are affair a closed source dev might do is what an open source dev does form the very begging.

No. The open source dev starts with saying: "Here's my application, I have nothing to hide, check it out, play with it, customize it, enhance it!"
While the closed source dev starts with saying: "Here's my application, it's great, I ensure you, just trust me"
The first one gets trust right from the beginning. The 2nd one needs to either already have a trustful user base or has to earn it over time... but this may take long.

Quote

The Neo Kad module is written is intended to be released open source once all necessary resilience features are implemented and tested.
This is not some abstract statement of intention it is actually an requirement of one of our further plans, which require not only trust in the security of your system (which would best be served with a closed code base), but also trust in the long term perpetuity of the system which can be only met with an open source design.

As stated before: this sounds great but I will wait for the srcs before I'll test your client... but don't you think that having many ppl look over your concept and source code would be advantageous to find bugs and flaws and to finalise the system in less time?

Quote

Now lets leave the plain of theory and look on the reality:
Do you know Skype?
Do you know of any alternative Skype client?
And do you know why there is none?
Because Skype is closed source and employs a lot of encryption and obfuscation to make reverse engineering really really hard.

And...? My question would be: why bother? Do you trust Skype? I don't.

Quote

So in reality closed source + encryption and obfuscation seams to work really fine.

Maybe we have a different view on the term "work fine"

[Tuxman]

DavidXanatos, on 14 August 2012 - 09:31 AM, said:

Now lets leave the plain of theory and look on the reality:
Do you know Skype?
Do you know of any alternative Skype client?
And do you know why there is none?
Because Skype is closed source and employs a lot of encryption and obfuscation to make reverse engineering really really hard.

http://stadt-bremerh...pe-integration/

The Skype API has been open for a while now, including the possibility to use Skype without the actual Skype application.

Just sayin'.

(Anyway, the protocol is known for critical backdoors.)

[DavidXanatos]

tHeWiZaRdOfDoS, on 14 August 2012 - 09:25 AM, said:

That isn't true. The problem is that they use a centralised system

No, the problem is that they have to hide the links from the user while at the same time allowing the client to download those links.
That is the problem.

A "centralised system which isn't reliable and vulnerable" as they use is only one of many Possibilities to achieve that.
Our system will be decentralized and reliable but it will have the same problem, it will have to hide the links form the user while at the same time being able to download them.

This can only be achieved by not allowing foreign clients to enter the "trusted" part of the network.

This means that even if 99% of the client would be made open source the essential components to participate will have to remain closed.
So others may create own networks based on the released code and possibly review it and submit fixes, but they _must not_ be able to make own clients that would participate in the original network.

Quote

Well, what does that prove? I don't know of any successful closed source P2P application either - do you? P2P is also about diversity, customization, etc. - how do you get mods and/or new clients that appeal to others or different user groups without being open source?

How about uTorrent, however they use an open protocol.
Or CryptLoad thay are iirc the second most popular hoster downloader after JDownloader, despite not being under active developement for some time now.

Quote

Src? Btw: neither eMule nor BT compromised anyone - it's the users that share illegal stuff that compromise others.

No its the fact that mafiaa agents can enter the network is what compromise others.
And they can do that only because they have the source.

Quote

That's what you say. How about this:
I *think* you are an agent of the MAFIAA or whatever, your client was designed purely for logging as many ppl as possible - of course you will wait until a solid user base has been established before you get the procecutional wave on the road, but then...
How do you want to prove that I don't say the truth? Even releasing parts of your program won't justify your claims - nor mine, but as you know, accusations will stick to the users' heads even if they have no evidence and even after they have been proven to be wrong.

Well there are some issues with that
1. you can not catch an arbitrary amount of people this way, the offences you are interested in will usually have short Statutes of limitation and the ISP wont keep the IP data indefinitely, so at any point in time you can only compromise a limited number of people.
This isn't much different from when you enter a open P2P filesharing system with your loggers, the damage you can make is limited.

2. The exact same issue you have with open source, how do you know that the original eMule binary does not have some back doors?
Have you disassembled it?
YOu have to trust the person who compiled the binary any way, nomather wather the source is open or closed.
Only that with open source you could in theory compile the application your self, but now how many users do that?
almost non, so for the masses the sources does not have benefits at all.

Quote

No. You can - by yourself and at any time - check out the system in detail and decide by yourself if it's safe enough for you, instead of relying on others.

Well as said only if you are a programmer your self, if you are the 99% you have eider way to relay on others.

Quote

Besides, closed source also opens a door for viruses, trojan horses, etc. as well as ugly adverts and so on - who can know what's inside your application besides the devs and experienced hackers, maybe?

As said this does nto depand on open/closed source its a general problem you have when using precompiled binarys.

Open source is only benefitial for this 1% that can compile it on their own.

Quote

No. The open source dev starts with saying: "Here's my application, I have nothing to hide, check it out, play with it, customize it, enhance it!"
While the closed source dev starts with saying: "Here's my application, it's great, I ensure you, just trust me"
The first one gets trust right from the beginning. The 2nd one needs to either already have a trustful user base or has to earn it over time... but this may take long.

As said above I don't think this apples to the typical 99% user he has to trust someone eider way and so.

About the I have nothing to hide part as I said above we have something to hide the links stored in the network, thay must remain hidden form the MAFIAA as good as possible.

Quote

But don't you think that having many ppl look over your concept and source code would be advantageous to find bugs and flaws and to finalise the system in less time?

Well I really don't think that at the bottom line this would be advantages, I really don't want the censors to get a head start.
If there are qualified people who want to help this might be taken under consideration, but making the source open and than hoping for help knowing that the bad guys are already studying it and preparing their strike, is not worth the risk.

Quote

And...? My question would be: why bother? Do you trust Skype? I don't.

I don't but then the 99% user does, and those are for whom the application is made.
Its a tool for the massed to fight censorship and not some tool for the El33t who is compiling thair stuff on their own.

Tuxman, on 14 August 2012 - 10:33 AM, said:

The Skype API has been open for a while now, including the possibility to use Skype without the actual Skype application.

Just sayin'.

http://developer.sky...ublic/skypekit/

Its a closed source toolkit to allow to connect to skype, but that explicitly does not mean that they let you into their network without any oversight.



David X.

[Tuxman]

DavidXanatos, on 14 August 2012 - 02:22 PM, said:

About the I have nothing to hide part as I said above we have something to hide the links stored in the network, thay must remain hidden form the MAFIAA as good as possible.

Oh, right. The MAFIAA would never be able to simply join the network.

[DavidXanatos]

Tuxman, on 14 August 2012 - 01:31 PM, said:

DavidXanatos, on 14 August 2012 - 02:22 PM, said:

About the I have nothing to hide part as I said above we have something to hide the links stored in the network, thay must remain hidden form the MAFIAA as good as possible.

Oh, right. The MAFIAA would never be able to simply join the network.

Exactly, they would have to invest a lot of money in good hackers to crack the obfuscation and reverse enginiere the protocol.

Meaning, they will start doing that not right away but only when we already have a sufficient user basis,
also it will take time even more time for us to stay ahead.

[Tuxman]

One more reason that you should not get a sufficient user basis.
Bad enough that many P2P newbies don't care what their client actually does (hence the success of µTorrent)...

[Stulle]

I wonder if the client contains any code from the eD2k protocol taken from eMule but not distributed within the available source packages. Like code for source exchange or requesting files from eD2k clients or receiving such requests.

For all I can see, this is the product of a bunch of overly enthusiastic coders (possibly just one or two... who knows? :-D) with poorly reasoned decisions towards closed source. It is a real shame that this board allows discussions about and promotion for this client in any form. All the more so considering that one of the coders exploited the eD2k network with a licence infringing piece of software. Does anyone really think something like this should happen on the board of a client that has been open sourced since before the first binary was released?

This post has been edited by Stulle: 14 August 2012 - 05:58 PM