Shareaza

why shareaza 2.6 not use a protocol encryption to encrypt data sent and recieved from Shareaza like limewire

Because you're a C++ geek that can implement it, but you're too lazy to do it and demand the feature from us...

We are not hired to work 10h/day (or more), we are volunteering our free time. You can post a feature request and it will be eventually implemented.

The big reason Shareaza doesn't have it is simply because it did not become as useful as people expected. At the time there were worries that ISPs would use deep packet inspection to spy on P2P traffic and selectively block transfers based on content being transferred. Which would have been bad because it would have given the ISPs the power to decide what their customers do in the internet, which would have made a competitive market of anything related to internet impossible. What actually happened instead was that ISPs implemented more neutral and acceptable (and much cheaper to implement...) bandwidth caps or excessive use policies instead. And protocol encryption is useless against those.

encryption is very hard to do right when the project is open source and the networks are decentralized. There is no central server and anyone can look at the code which rules out both shared keys and public/private key encryption. Being open source that means that you have to do some kind of secure key exchange for every single connection. Then there is the dilemma of which kind of encryption to use - it needs to be fast and secure - and what happens if it is cracked in the near future? Then there is the issue of backwards compatibility... and cross-client compatibility....and cross-network compatibility...and man-in-the-middle attacks...and debugging...


I could go on and on and on...

ps. limewire encryption is crap

what about AES encryption ?

RealVNC use AES-128 for encryption in whole communication and is not slow.

Not saying Shareaza needs encryption, but there is the option of implementing UltraVNC's method. They provide encryption through a plugin system. The drawback is that you would need the same encryption on the other end unless you have coded in some fallback options. But anybody that knows what they're doing can potentially write a plugin.