Is Kazaa Nice
    Violate copyrights?
    Package semi-hidden extra software include ....
       Change DNS server
       Use CPU and disk for distributed computing  http://kazaa-download-kazaa.com/
       Steal refered-to-seller commissions
    Hates kazaalite



Kazaa goals
    Make money through file sharing
       Use peer-peer to save our bandwidth and avoid legal problems
       Show users adds to make revenue
       Provide buy-through oppurtunites for clients
       Provide installs for other companies add-ins
      

Kazaa is under attack
    Legal problems
       Kazaa would like to provide anonymous downloads
       Kazaa cannot exchange copyrighted material
    Hacker attacks
       Kazaa lite and gIFT
       Hacks attacking the network via custom hacker software
          RIAA can do this, as well as script kidds
          If Spammers could access the banner ads, they just might
    Data Attacks
          RIAA could do this
          Spammers could do this
    Idiot Users
          Who want to freeload (download but not share)
          Who change filenames
    Network admins
       Some just like firewalls
       Some actively search out Kazaa
       Some have legal and/or moral fears
       Some have bandwidth concerns
           1/2 to 1/2 of all bandwidth on campuses is used by Kazaa
           Joltid says that between 50% and 80% of all bandwidth at ISPs is used by P-2-P networks??? (see http://www.joltid.com/peercache.html)  
          Kazaa offers tools for net admins to make Kazaa run more effeciently on their networks (saves 50% of P-2-P traffic)
      


Legal Stuff
    Kazaa is HQed in Australia and encorperated in Vanatua
    Kazaa can be suid in the US
       But what can a judge enforce?




Does Kazaa share too much?  http://kazaa-download-kazaa.com/techpaper1.htm
By the end of the 12 hour period 156 distinct users with shared inboxes were found. To further demonstrate that this indicates unintentional file sharing, we examined 20 distinct cases of shares on the inbox.dbx file by manually using the "find more from same user" feature. 19 of the 20 users shared the other email files found in the default Microsoft Outlook Express installation (Sent Items, Deleted Items, Outbox, etc.)


What's known about the achitecture?
    There are no clients and servers
       Everyone is both
       Sometimes called servents
    There are three levels of heirarchy
       Normal servents
          What you probably are
       Supernodes
          One servent per network region elevates himself to be the supernode.
          Every servent in the region talks to the supernode
          Each Supernode has an index of all the servents's available files (see http://www.infoanarchy.org/wiki/wiki.pl?FastTrack)
          Neat way for servents to find local content before global content
          Probably the central server maybe doesn't have a complete list
          How does one become a supernode?
          Why would one want to?
       Central Servers
          Each client has a list compiled in
          They are scattered across national jurisdictions
          They offer a list of excluded-supernodes

What's known about the protocol?
    Searches go to the SuperNodes, then to the Central Servers
    How to find the supernode
       Each servent keeps a cache of ~200 supernodes
       Candidates are chosen in the following way
          traceroute four IP numbers (Scandanavia, North America, Japan, Australia)
          Pick the common hops (these represent your 'route to the world')
          Look for a SuperNode on the 'route to the world'
       Probe them
       Supernodes offer lists of other supernodes
       This probe uses UDP,then TCP as a backup
          Why UDP?
          Why is there a TCP backup?
       Cache is stored in the registry at HKLM\KaZaA\ConnectionInfo\KazaaNet
       There is no backup plan if they failure to find a supernode???
          That's hard to believe
       Each SuperNode offers a 'busy' rating.
       Connect to the client with the smallest busyrating that's closest
    Its based on HTTP and the GET command with region modifiers
       Easy to use, has lots of libraries one can access
       Relatively efficient
       All GETs are done with a has value, not a file name
          Handles renames easily
          Requires that all files to be shared are read in their entirelty at least once
             Is this really done???
       Easily entendable
        It used to be accessable
            As described in Beginings of the Kazaa handshake....http://www.blissed.org/~stucky/kazaa/handshake.html
            http://www.infoanarchy.org/wiki/wiki.pl?FastTrack
       Uses encryption to help against hacker attack
          What kind of encryption???
          How do they hide the keys???
             Maybe like AOL and it's checksumming stuff
    Each download is one or more segments (see http://kzfti.cjb.net/)
          These segments represent the result of one http get command
             They are stored in the *.dat file
             They are ordered by download time, not in file order
             There is also a 'status block' at the end of the *.dat file
                Why the end??
             When all segments are downloaded, they are read off in file order to create the file.
             Hard for them to do a 'partial file' viewer