Being unaware of accurate data and facts is pretty much expected given that few people are aware of just how the media companies pollute and attack the various p2p networks, however a quick google of "Media "Defender" with the keyword "TrapperKeeper" will yield information and doubtless some location containing their src file, this src which I have read myself contains a lot of open src code and some MD proprietory parts they have added to interface their "dummy" clients to their keyword search and match system, however the bulk of the system is for multiple networks and demonstrates multiple attack methods, all made possible by analysing the various networks open src clients, this is after all the fastest way to undertake such attacks, Macrovision another company own some patents in the interesting field of anti-p2p techniques (interdiction), pretending such activity is not occuring is strange behaviour I feel.

Knowledge really is power.

https://www.google.co.uk/patents/WO2005043359A1?cl=en&dq=p2p+interdiction&hl=en&sa=X&ved=0ahUKEwiuyd6qy57XAhXCnBoKHZeaCY4Q6AEIKTAA

I think open sourcing Fopnu would make it harder --not easier-- for attackers to exploit it. There are more eyeballs looking for bugs in libre/opensource/free(GPL) software, and open-sourcing it ensures that any weaknesses in the code will be found quickly. So, why not open-source Fopnu? The programmers could organise a crowdfunding campaign to fund their hard work and promise to open-source Fopnu if the campaign reaches a funding target.

As I posted already its pretty easy to assert that there are plenty of great programmers just sitting in the wings waiting to fix up all the new network problems & issues raised by allowing the not so publicly spirited programmers access to the src code, I know first hand this is not the case having ran a similar project myself. I dont see anything to be gained at this present time for either the developer or us if idiots and attackers are left to cherry pick exploits that are only visible using the src code, that sort of mentality is heavily present in the circles of not so good programmers whom want to make a name for themselves on the back of the work of others and let me be clear here writing a whole program like tixati or fopnu is not the work of a few minutes as is often made out to be the case in the movies it takes a lot of sweat anguish and time and wasting time fixing rare but potential exploits is time taken away from features and functionality. Users are fickle, they see a problem and the gossip engine starts and before the truth is revealed many will have bailed out and simply gone elsewhere this too I have seen before, I am not happy myself with the current silence of the key developer here but I respect his work enough to understand the balance of work alters considerably once the src is released, it is no longer something to be enjoyed its a burden to keep fixing holes akin to whack a mole. Unless a group of programmers stepped forward with a proven track record of supporting a network of this sort I suggest we leave things well alone, gambling the future of this new network on maybes and what-if's is a gamble I could never see as any form of logic.

How can we trust that Fopnu is not a honeypot if it's not open-source? A closed-source program could have code written by RIAA/MPAA to catch uploaders of copyrighted files, or the developer could have a way to censor what files are shared on the network. Open-sourcing solves all these potential problems and establishes trust with the users. We want anonymity and security, and we can only have that if the program is open-sourced. We cannot trust secret source code. At this moment Fopnu is just a binary executable and we have no idea what it does on our computers. We must at least have access to read the source code. It is not necessary to open-source the code with a licence like GPL or BSD which allow redistribution and modifications, just sharing the source code for read-only access and recompilation by the users would be enough to establish trust.

I trust this specific developer 1000%, its a sorry day when the only reason you can think of for seeing the src of someones program is to trash talk it.

The Fopnu developer wont reply I'm sure but I will do so on his behalf, if you dont trust the programs creator then simply put dont use it, take note that those questioning the ethics of this particular developer are to put it bluntly "googley challenged" and are in a miniscule minority, Tixati and WinMx are both well known creations of this developer and are globally trusted by millions, to imply otherwise is to join the foil hat brigade in my opinion.

If you had bothered to do any research at all it would be more than clear to you why your scaremonering is both misplaced and frankly insulting.

My apologies to the Fopnu site folks for this post but I am to put it simply, annoyed at the disrepect shown by the previous poster.

Basically every single point put forth by the "Keep it closed source" people is moot. There is NO such thing as security through obscurity. Having more eyes looking at the code won't create more problems (IE people finding more bugs and exploiting them), and even if it did, statistically that person is more likely to report or fix that bug. On that topic, someone was arguing that nobody would contribute, or that we are all just a bunch of people who haven't helped the project that want to jump on board? That's the bloody point! We can't help the project, we can't see the source code. Also trusting the dev? I don't care how much experience or history he has behind him, blind trust is a dangerous thing.

Now, does this mean I don't respect the dev? No, he seems like a pretty nice guy/gal who know a heck of a lot about programming AND networking. But I still can't see any downsides to open sourceing this project. Heck, people who are arguing that an open source project loses direction are also wrong! All you have to do is release the source code and the reject all pull requests from people who want to submit changes, done! They will make their own fork and your project stays yours! On top of that, you can take as much code as you want from their forks, or even other bit torrent/open source project!

I dont see any specifics in your post Guest, once again the claim is made of coders in the wings waiting to pitch in and fix stuff before its even broken.

It is time consuming to keep pointing out the obvious and for pro open src champions to keep "not seeing" any of the points simply because they choose not to, there are valid concerns with open sourcing when it contains proprietory code and protocols, in the rush to jump on the fast train to the future we should not seek to indulge ourselves in the fantasy of discussing this matter as if we have any choice, we are the networks users and the developer is the man whom delivers an online space/platform for us all to enjoy at no cost or responsibility bar our charity towards a few beers or coffees via the donate button.

Security through obscurity does seem to work albiet with a genuine caveat of having a definite time period where this wont be the case but given the skill required to comprehend the material in its non src format and the expertise to work around executable compressors for the time being its secure enough and trivial to contain any annoyance, on the other hand if the src was available the math turns into 20 exploiters and one guy to fight them off and spend all the once productive time on wasted patches and global network client "reboots" that annoy the whole userbase.

I wont be responding any further to this topic so spend some time thinking through your assertions and try looking at the problem from the creators side of the fence.

Sorry but without source code I cannot blindly trust the developer (any developer). As a computer user I feel I have the right to demand to know what a piece of software is doing while executing on my computer and this is only possible if I can read the source code and compile it myself and run my own binary instead of a binary provided by anyone else. Without source code my freedom to know what my computer is doing is denied.

you have no right to demand anything. Absolutely nothing.

you do have the right to write any software you want to run on your computer.
you do have the right not to use software that is not open-source.

fopnu is not a mundane application, such as a word processor. There are entities that have a high interest in compromising a program like fopnu and tixati that is controverial, even illegal in some places due to the sophisticated encryption of communications.

The devteam has spent thousands of hours of their lives working on this. The decision whether or not to open the code is theirs only.

According to Richard M. Stallman programmers who develop closed-source software are doing the wrong thing because they deny the user's freedom to have control over software. I do believe that it is morally wrong to develop closed-source software, all software should be open-source. Security by obscurity is wrong too, while many entities would be interested in compromising a program like Fopnu, I think it would be harder for them to do so if it were open-source.

As it is now, if development by the original developers stops for any reason, these entities that want to attack the network can attempt to reverse-engineer the protocol and crack the binary code of Fopnu executable and users would have no defence against that since they couldn't fix any vulnerabilities found by reverse engineering attacks. At the very least, the developers should nominate some programming literate users to carry on development in case the original developers cannot continue it, and set up a dead man's switch system to e-mail the source code to the nominated persons automatically in case the original developers fail to reset the dead man's switch system for a period of time, such as a week or so.

After reading all of this, my two bits:

It is not my intention to say what is right or wrong, nor what should be done. There's no "one truth".

We don't know what is inside our PCs; Intel, Microsoft, and most companies don't disclose much of their products.
We don't know what is inside our cars, TVs, clothes, food. Actually I don't know much about my own body insides.

Still we use them and anyone can chose a free, open, or DIY way. I'm trying this because it is a new take on the subject.

So use it as is or not; it's not our program - But we can always ask, suggest, or hope.

Whoever think open is the way to go can simply kickstart a new project, why not? Money surely will motivate developers.
But you guys may end up finnancing a team of hackers or mfiaa programmers inserting exploits on it. All have risks.

While I'm sure the open source alternatives would like to adopt new techniques, until now they didn't. I2P has potential but is much of an academic study, maybe being held back by fears.

Making something public will make it an easier target, reverse egineering or not, specially for legal reasons: One can't be sued for creating an anti-sharing tool out of / exploiting open code. Publishing the code just for inspection, without authorization to create derivatives, is unnecessary and often unfruitful.

Developers can submit their work for academic evaluation or third-party auditing, but usually only big companies can afford that.
Conversely, if developers don't go thru the hassles and costs of patenting, their work is exposed.

Sorry for the long post, just trying to put new light on a discussion so far full of case examples and opinions.

Well, It's simple. If I can't read the source (and compile the program myself), I can only conclude that the program is free to collect my personal data or behavior and send it to the author or any one. Or It can be used as a relay to attack other people, etc...
So I won't install this on my machines. sorry

so your saying that you have compiled every bit of software that your operating systems runs (which cant be windows)?
your browser?
media player?
torrents?
everything?

by the way nobody is trying to force you to run Fopnu. If you don't trust it, don't install it, it's your loss. The dev team has shown to most, through their many different projects (WinMX, Tixati, Fopnu, Super Simple Server and others) that they can be trusted.

It's a honeypot dummies!

What is, fopnu? Or closed source software in general?

I am sure that in future sad as it is, this software(Tixati,Fopnu,Darkmx) fate could be same as uTorrent. Someone just buys it and that's the end of it.

He could open source it and then add in a feature in which everyone can configure their node to force agreement to a standardized AUP in order to connect. In order to connect, you would have to agree to indemnify the operator of the node against all liability to the maximum extent allowed by law and to waive all rights to sue the operator in court. The second part of this AUP would state that the node is provided on an "as-is" basis without any warranty of fitness for any particular purpose and that the node operator has no legal obligation to ensure uptime. The third part of the AUP would require that all that connect to the node promise not to compromise the privacy and/or anonymity of the node operator and all other third parties operating nodes. The source code would be released under the GNU Affero GPLv3 or later to help require that attack nodes run by copyright trolls to publish their source code so that we can defend against them.

That is how I would open source fopnu,
All the best,
anon

Open source isn't quite the panacea you think it is.  

Shareaza is open source and still available.  It's still Windows only and hasn't been updated in 8 years.  

For the end user, it doesn't really matter whether something is closed source or open source.  That only makes a difference if you can actually code.  

Gnutella was always open source and back in the olden days, people who used the Gnutella network never called it the Gnutella network.  It was always LimeWire or BearShare or Frostwire.  It kept the network going when those clients were shut down, but it didn't get any name recognition.  People didn't identify with the network, they identified with the client to the point that I remember people refusing to believe that through Shareaza, I could download through both Limewire and BearShare clients (even though they could do the same thing, two clients accessing one network)

eMule got its start from the eDonkey2000 network.  ED2K was always closed source, the reason it's still going now was because when eDonkey2000 was closed down, the protocol was reversed engineered.