distributed.net Contest Setback

← Back to Stories (view on slashdot.org)

distributed.net Contest Setback

Posted by Roblimo on Sunday January 9, 2000 @02:12AM from the it-ain't-over-yet dept.

meisenst writes "distributed.net is reporting that there was a problem earlier on in the CSC project (a few weeks ago) and that about 25% of the blocks will have to be re-done. Their announcement is here." We've gotten more than a few submissions about distributed.net showing more than 100% of all packets processed, but held off posting it until we had the official word. And here it is.

19 of 92 comments (clear)

Min score:

Reason:

Sort:

annoying, but minor by cetan · 2000-01-08 21:27 · Score: 5

distributed.net is made up of humans, people make mistakes. It's not the end of the world, but it is a little annoying.

On the plus side, with the current key rates the remaining 25% will be cracked within a week or two.

The other plus is that the key may not be at the very end of the remaining 25% of the keyspace and therefore we will finish even quicker!

--
In Soviet Russia...michael would be rotting in Siberia!
1. Re:annoying, but minor by Abigail-II · 2000-01-09 04:59 · Score: 2
  
  Why they think that a good attacker would not be able to reverse engineer their code?
  First of all,the problem appeared on the _server_ side, not on the client. Opening the source of the client wouldn't have made any difference.
  Second, this has be discussed several times before. distributed.net is well aware that their code can be reversed engineered. But it does raise a bar. And they rather have a few attempts to disrupt the contest than many. And it isn't that distributed.net hasn't tried a fully open source client. They did. And the script kiddies had their fun, so now the source is partially closed.
  It's written in pretty tight C, and main crypto routines are in Asm, which make the program extremely easy to analyze
  Yeah, specially since you can download the source of the crypto routines. Isn't it remarkable that the whiners about open source/closed source don't even know most of the code can be downloaded?
  -- Abigail
2. Re:annoying, but minor by cetan · 2000-01-09 07:46 · Score: 2
  
  Since when do I speak for all of slashdot?
  
  Since when is my opinion gospel truth?
  
  I wish someone would have told me, I'd have used that to my benefit a long time ago.
  
  I'm sorry your feelings were hurt by comments made towards Seti@home....maybe you should talk to a grief counselor about it. I know that I never made any such comments.
  
  --
  In Soviet Russia...michael would be rotting in Siberia!
It doesn�t look too bad... by mjuarez · 2000-01-08 21:29 · Score: 2

Its only about a week of additional effort... probably the most hit will be the RC-64 project, which has been diminishing its rate slightly recently because of people flocking to CSC... hopefully, just another week is needed before getting all the people working back on RC-64.

Go distributed!
1. Re:It doesn�t look too bad... by Abigail-II · 2000-01-09 05:23 · Score: 2
  
  probably the most hit will be the RC-64 project
  Uhm, no. It only effects CSC.
  -- Abigail
Accuracy in reporting! by Vladinator · 2000-01-08 21:33 · Score: 2

It's VERY important to note that "Official" work about the CSC keyspace being over 100% was ALREADY explained!

It works like this: D.Net rechecks blocks from suspicious clients. D.Net rechecks they by handing out those blocks again. D.Net has said repeatedly that they give full credit for EVERY block handed out in this way from the keyservers. AS SUCH it's easy to have the total go over 100% - this had NOTHING to do with the server problem. The article posted does not make this clear, and should be revised!

Hey Rob, howabout that tarball!
Oops... Another 24 hours now...

--
"Going to war without France is like going deer hunting without your accordion." - Jed Babbin
1. Re:Accuracy in reporting! by D.+Taylor · 2000-01-08 22:18 · Score: 2
  
  It is in effect a stats error. The problem is:
  
  To be fair to everyone, everyone is given credit for the block, if it is a 'virgin' one, or a reissued one (however, not if it is a duplicate block, they are filtered by the keymaster before reaching the stats).
  
  The way the stats server currently counts the percentage complete, is simply counting all the blocks it is told have been completed, and dividing that by the number of blocks in the keyspace.
  
  Because people are being credited individually for duplicate blocks, the total no. of blocks done includes these duplicate blocks.
  
  To fix it, the stats need to know if a block has been reissued, and if so, only give credit to the participant -- but not the whole effort, as doing the same block twice *doesnt* increase our keyrate.
  --
  David Taylor
  davidt-sd@xfiles.nildram.spam.co.uk
  [To e-mail me: s/\.spam//]
Eco damage by jonathanclark · 2000-01-08 21:35 · Score: 2

I wonder how many barrels of oil that wasted.

--
-- Virtual Windows Project
1. Re:Eco damage by jonathanclark · 2000-01-08 22:00 · Score: 2
  
  Many people leave their machines on overnight for the soul purpose of distributed.net. I leave mine on overnight because I don't want to wait for a boot in the morning. heh. I also don't have to use my heater in the winter..
  
  Seriously, I'd like to see a calculation on how many barrels of oil per hour/day go to distributed.net.
  
  --
  -- Virtual Windows Project
2. Re:Eco damage by dattaway · 2000-01-08 22:34 · Score: 3
  
  Ah, power consumption! My utility company provides the 125 volt standard; right now its at 123.2 RMS volts at the outlet. Currently my two computers (desktop and laptop) on the UPS main at full CPU load and my 17" monitor at half brightness are using 1754mA, which makes for 216.1 watts. At 8 cents per kilowatt hour, that will net me $12.44 a month.
  
  My monitor consumes 1055mA, or 130 watts, or $7.49 a month. Turning it off could be a big savings.
  
  The main computer required to host web pages, etc., consumes 600mA, or 73.9 watts, or $4.26 a month. That's under full load, cracking CSC, serving MP3's, and providing limited remote control functions for the house.
  
  My laptop with the screen off, consumes the remainder of the power.
  
  Let's see how much power is saved by turning off the monitor, CSC cracking, MP3's, and the monitor... 1658mA, or 204 watts total. 8 watts saved? Well, there's too much going on this setup, so the savings are insignificant.
3. Re:Eco damage by dattaway · 2000-01-09 20:30 · Score: 2
  
  I wonder if my true-RMS voltmeter was telling the truth...
More than one problem by D.+Taylor · 2000-01-08 21:47 · Score: 4

There is actually more than one problem with CSC, which is causing it to go over 100%

First: dbaker (Daniel Baker), released an official anno uncement explaining that the same blocks were being issued to multiple clients, to attempt to detect cheaters.
Then dbaker released another anno uncement in his .plan, stating that 9-12% of the keyspace was being duplicated.

Second: nugget (David McNett), released an announcement stating that there had been a problem with the keymaster generating invalid blocks, resulting in 25% of the keyspace being duplicated.

So, one remaining question is, are they still sending out ~10% 'verification blocks'? Or have they abandoned that to allow us to complete the project faster?

We have reached 112% due to verification blocks and could reach 140% due to 25% of the keyspace being corrupt. However, if 12% of the 25% new blocks are duplicated, then we could reach about 155%...
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]
1. Re:More than one problem by BovineOne · 2000-01-08 21:58 · Score: 2
  
  We've attempted to scale back verification blocks slightly now, however to help ensure the validity of the network, we're continuing to do re-verification work as frequently as deemed necessary.
  
  --
  Don't waste those cycles! Put them to use! http://www.distributed.net/
Re:Does that mean we'll have to do them again? by BovineOne · 2000-01-08 21:52 · Score: 2

The invalid keyblocks have already begun redistribution, so yes they will be reprocessed (correctly this time). The person who correctly resubmits a validly re-computed version of that block will also receive credit. It's not possible for the old previously distributed version of the block to capture the second-pass credit for the block because the invalidly computed blocks are now being screened and discarded as they arrive at the keymaster.

--
Don't waste those cycles! Put them to use! http://www.distributed.net/
Yeah, I know it's a troll. by TomG · 2000-01-08 22:18 · Score: 2

While most of dnet's client software is open source, the keymaster and proxy software is not. The problem that was found was found in the closed sourced keymaster software. This bug may have been fixed sooner if the source were available. I don't understand why the source needs to be closed for the keymaster software. Proxy and networking, I understand the arguments for (though I do not necessarily agree with).

TomG
1. Re:Yeah, I know it's a troll. by BovineOne · 2000-01-08 22:39 · Score: 2
  
  Unfortunately, we've reviewed the proxy codebase and there is very little useful code in it that can be usefully disseminated without weakening the [non]-security of our data protocol. These are the same problems that prevent us from releasing source to all parts of the client (we've released most all of the non-network parts of the client at source already).
  Quite truthfully, releasing binary-only clients still does not completely eliminate the possibility of sabotage, since it is relatively easy for any knowledgeable person to disasemble or patch binaries. This is actually quite a trivial task, so we urge you not to try. Indeed, security through obscurity is actually not secure at all, and we do not claim it to be such.
  We understand the problems that are preventing us from becoming fully open source and are working to solve them. We have already done a lot of research work in this area and are working towards an eventual solution that can be fully open source. The data re-verification introduced in CSC is part of this! You can check out some of our work in this area at opcodeauth
  
  --
  Don't waste those cycles! Put them to use! http://www.distributed.net/
My Hat Is Off... by Krellis · 2000-01-08 23:26 · Score: 2

... to nugget. In all honesty, it can take a lot to admit that you fucked up, and that's what this is. As he said; they're human too, and mistakes happen. We should just be glad that this got caught before we were at like 200% and wondering what the hell was going on :)

Now let's get cracking and finish this thing, and my applause again to nugget for getting it all fixed and admitting it.

---
Tim Wilde
Gimme 42 daemons!
Re:keymaster source? by meisenst · 2000-01-09 01:03 · Score: 2

If they were to release the keymaster source, or the client source as written somewhere above, there could be rampant abuse of the source in order to produce what some people would think of as desirable results.

We've seen this before, actually, and it's still in the process of being dealt with; the release of the Quake source to the hungry open source world. Immediately, those few (it's always the few) who have suspicious morals began to use the Quake source to cheat, effectively giving themselves impressive handicaps.

The same thing could most certainly be done with distributed.net source, especially if one knows how to trick the keymaster into thinking certain things (a block is done without really being done, a client submitted 100 packets instead of 10, who knows). It is for this reason that I not only thank distributed.net for -not- releasing their source, but applaud their decision to not do so.

Sure, I'd be more than happy to know how they do what they're doing so well, and yes, the bug would probably have been noticed/squashed more quickly had there been a few thousand code monkeys jabbering away at it, but to be quite honest, the distributed.net team responded as quickly as they could, and in a very professional manner. So, there's really nothing to complain about, IMHO.

meisenst

--
Green's Law of Debate: Anything is possible if you don't know what you're talking about.
Re:duplicates by BovineOne · 2000-01-09 12:58 · Score: 2

Duplicates are ignored and logged separately, that is how you were noticed. The purpose of the "cease and desist" email is to notify the person of a couple of things:
1) If you were trying to cheat, we've noticed you and your efforts are ineffectual.
2) If you somehow have a broken client, read-only disk, or have run out of disk space and are inadvertantly submitting duplicates, you might want to check on it. You might be wasting cpu or network bandwidth that you are not aware of.

--
Don't waste those cycles! Put them to use! http://www.distributed.net/