Slashdot Mirror
AT&T Labs Backs Publius, A Freenet-Like System
joseph writes: "This article on C|Net announces Publius, a system similar to Freenet, meant to battle censorship on the Internet. What makes this approach interesting is its backing from AT&T Labs. Of particular interest in the article are the safeguards against the common opposition to such projects, like their use for piracy. Publius features no search utility and a maximum file size of 100k."
anonymous shared networks are vulnerable to spammers. visit flatplanet.net for a demo of a VERY insidous method of broadcasting spam across freent like networks. this sort of thing has started to appear on gnutella networks already.
Well, you see, there's this high performance compression method many people use for compressing audio speech into a much higher density-per-byte format called written language, expresed in ASCII. Unless you're illiterate, the bandwidth savings is incredible.
Ah, but don't you see? This system will fulfill the few legitimate needs that the more open-to-use-by-pirates systems also serve. So this system removes the excuses which are offered for why Freenet, etc., is needed. Since those needs are met by this system, there's no reason for the other methods to exist. They can be done away with and the cries that 'poor abused women will no longer be able to communicate' are untrue and irrelevant.
Stripping the legitimacy away from the Wares and IP pirates is a noble undertaking. You're all just about theft, and everybody knows it. Deal with it.
Say I write an article, saying in effect that DB2 bites in comparison to Oracle. IBM doesn't like this, and sues me for slander, libel, and false claims harming their business. None of those claims are true, and are in fact laughable
WHAT????? Prepare to meet your maker.
love,
The IBM legal team
This strikes me as a serious shortcoming. Since it's not searchable, you can only get a file if you got the URL through other channels--in which case, you could just get the file itself through those same channels. Unless, of course, the project includes the URL in their directory--which itself exposes them to legal sanctions (eg court orders to remove certain URLs from directory), so they might as well just host the file directly. Publius does have some nice redundancy features, but that seems to be its only advantage.
Either a medium is censorable or it's not. You can't give yourself the ability to censor porn, without also giving yourself the ability to censor political speech.
WWJD? JWRTFM!!!
Of course, the obvious problem with eliminating searching is that somebody then has to index it. In this case, say I published an article about how AT&T were doing this, that and the other and were behaving unethically. Would they publish this? Probably not.
:|
Then again, the problems of systems like freenet is that the people who really need it would be drowned out by people looking for Britney Spears mp3s/mpegs
With the current system of copyright and the fact that so many people want to abuse it, there is never going to be an easy common ground....
(not that I am (necessarily) advocating the destruction of copyright, merely the difficulties of living within an imperfect world)
1) Did you use it? It's not an application, you use it through your web browser (by setting an HTTP proxy). It's clearly oriented towards text.
2) Saying something will win if it has fewer rules is silly. Freenet hosters can invoke both criminal and civil liabilty for what's stored on thier servers. By reducing how easy it is to do that, you reduce the chance of liability. See the recent discussion on programmer liabilty - it's nice to think that you can be immune from what people do with software you create, but that isn't always the case (not that that's good).
3) Regardless, this is going to be attacked violently once the posters from alt.scientology discover it =)
--
I imagine, in theory, it would be possible to submit the images in an HTML tree seperately, and <img> them all in one page, making collections of images possible.
As for videos, yeah, you have a point. But that doesn't make the system useless by a long shot.
--
I second that. This is way better, has searching, and years worth of archives.
--
You create a gzipped tar file of MozillaR16, MozillaR16.tar.gz. You use a simple utility to seperate it out into 100K pieces:
piece00000 through piece99999 (10 gigs of data there, in 100K pieces!)
If you abandoned these on Publius they'd be useless, there's no information on reassembling them into a whole and unless you're very careful there can be ambiguity in what fragment of the archive goes with what other fragment of the archive.
You calculate the MD128 hash of each piece and rename it with the hash as part of the information:
MozillaR16-0x01234567012345670123456701234567 and so on.
You append all these filenames into a file
MozillaR16.build
Now if you want the files in MozillaR16 you get the MozillaR16.build file. Your client sends out queries for the various 100K packages that build up MozillaR16.tar.gz.
This could be truely distributed in that there isn't the necessity that any one site contains the whole list of fragments needed to build an archive. You could add in a translation layer so that any individual file is a cross section of the overall archive itself such that by itself it contains little or no information. Think of grabbing 100K bytes of the archive at random and inserting them into files with offset information. Any single file would not contain any distinguishable information. It might be a safety feature against being accused of carrying certain types of information.
Why? Why would you want to use something like Publius for that? If you already own the track, then encode it yourself. If you haven't, then you're only interested in pirating it, right? If you had a legitimate use (e.g., evaluating a band before deciding to buy it) you wouldn't need the full 20 minute epic, and a 2 minute sampler should suffice, and may even fit in the 100K limit at low quality. If you like it, go and buy the CD...
"The invisible and the non-existent look very much alike." -- Delos B. McKown
nah, more like split(1) and cat(1).
#define X(x,y) x##y
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@cordes ,
It is, at least, a sign that attitudes may be changing. If the commercial environment is tough enough, and the old Cold War fattened bag of government goodies is running out, big companies of all types might pay more attention to the desire of customers to have the benefits of privacy, fair use, and just generally fair treatment.
I wrote parts of this stuff
That's a fascinating point, and you may be right. But in MLK's day, how would he have gotten the word out other than being in front waving a standard? For good or ill, this provides another way for people to communicate, and predicting the effect on society is a crap shot.
An interesting analogy, actualy, is the Kilroy story. I'm not familiar w/ the details but (I believe it was during one of the world wars?) the phrase "Kilroy was here" started showing up in bathroom stalls and such all over the world in an entirely anonymous way. Peaple simply saw it in one place, and put it up someplace else. Whatever the reason, it captured people's imagination -- and isn't that all you need to do to effect social change?
Wow, I'd love to use this system to publish the Publius PDF. That way people could anonymously learn how to set up their own censorship resistant networks.
Oh wait, the PDF is 233k...
--
Why can't I moderate something "Wrong" or at least "Grossly Misinformed"?
you should visit the Stile Project for all of your MPEG encoded pr0n needs. Stile has conviently encoded a lot of stuff in MPEG format which should play back fine in Linux with an appropriate player (try one based on Loki's SMPEG library, or even the bare-bones player that comes with the SMPEG distribution.)
After all, you can go ahead and set up your own unlimited public storage network now if you wanted. Got a few RAID arrays laying around?
Folks,
:) I get a series of errors like:
/usr/local/apache/cgi-bin/publius_server.pl line 87.
I spent some time this morning trying to set up Publius on my YDL server, but I'm getting series of Perl errors. (I'm a born-again Perl user, but only recently reborn.
Bareword "RC_BAD_REQUEST" not allowed while "strict subs" in use at
Finally it fails with "Premature end of script headers." I assume it's something related to Status.pm, based on earlier errors, but I dunno.
Can anybody help me out? I'd love to take part in Publius.
-Waldo
-------------------
I don't usually reply to a block of comments, but I feel the need on this occasion. Two blocks of comments in fact.
First, all those saying "here is how to avoid the 100K limit". Get a clue guys. Obviously you can avoid it. We all can figure out how. We can probably write an automated client to do it for us. The service itself is still extremely useful as a free-speech mechanism. And that is its intention. What is more important to you, sharing large binaries over a non-searchable mechanism or free speech? Go use ftp and archie!!
To everybody saying "No search? It's useless!". Again, get a clue guys.
Consider a website, http://www.example.org. The / page contains a cookie, randomly generated. The contents of the / page are randomly generated, but link into the rest of the website. All the links are based on your cookie (perhaps using javascript) and so none of them work for anybody else - behind the web site is a large dynamic SQL generation tool, running realtime.
That's the situation. You have now a website that's effectively impossible to search (any results you provide will be invalid links).
If the front page of that website always contains a link to a copy of the US Constitution, within that website, can you find it? Yes. Every time. Go to the site, click on the link.
All you needed to know was the site - www.example.com.
So, in the same way, consider Publius. Everything stored in Publius has a URL. That URL can be on a page in Publius that has a URL. Suddenly it's looking a bit like a website. All you need is the entry point, and the links to follow, and you can find what you need.
The entry point is the dodgy area. If that can be targeted by here then the content is vulnerable. But since the entry point is not a single node, and no individual node has the capability of displaying anything dodgy, it is effectively impossible to legislate/subpeona/sue any individual site. And if sites are hosted worldwide, most of them wont even be in your durisdiction.
Ok, my argument has flaws. I've spotted a couple of them myself, feel free to point out others. But the basic principle is (I believe) sound. And I can see the benefits of such a system, even within my own country (the UK). When something like deCSS turns up, the benefits apply almost anywhere. So embrace the new system, use it, appreciate it. Don't moan about a lack of a search engine - you don't actually need it.
~Cederic
But sad to say, plain .TXT is not
much of a marketing tool these days. Tom Paine's
handprinted manifestos lit the fire of revolution;
today, only a multimedia manifesto would catch
the public attention. We are a society of Web surfers and couch potatoes. The revolution had better be televized, or it's not gonna fly.
(It's offtopic, but those televised images of the Bosnian prisoner camps that TMiB mentions are a great example. It turns out they were faked (there's an article and even a video with the skinny on how it was done. But they sure built up a lot of sympathy for the Bosnian Muslim separatist movement, didn't they?!)
But pirate radio and TV transmitters are easy to jam and track down. That leaves computers. Freenet is not going to be a speed demon, and Publius will enforce this 100k limit. So the single most important way for people of limited means to disseminate controversial information is, I would argue, the Web. And, in fact, just about any political or controversial group you'd care to name has a Web site by now.
Once the Web becomes truly a mass medium worldwide, I predict that we will soon start seeing national governments go after the Web sites of movements they don't like. Thing is, some of those sites will be backed by other national governments. I wonder what the 'net will look like then. More firewalls like China's? Special agents attacking server rooms? ISP workers getting threatened like judges in South America?
"Publius features no search utility and a maximum file size of 100k," and is therefore useless.
Just be sure to wear the gold uniform when you beam down -- you know what happens when you wear the red one.
No, it is not useless. It is designed for people with a REAL reason for being anonymous, yet wanting to spread information. For example, whistlerblowers, or people in countries with a less than perfect track record of censorship.
Except that, without the ability to do searches, no one will be able to find the material in question. Giving out the precise key is tantamount to publishing, so anonymity is preserved at one level, but possibly compromised at another.
Furthermore, whistleblowers and the like often need audio-visual proof of what has happened, such as audio recordings (ideally compressed with ogg or mp3 format for space), images, and even video footage. How is one going to reasonably publish that kind of important evidence of wrongdoing with a 100K filesize limit? By breaking up the files into 100K chunks? Then why not get rid of that limit to begin with.
It is not designed for pirates who want their MP3's (go to freenet for that sort of stuff).
This is a very unfair characterization of freenet and downright slandorous.
Freenet is intended to do precisely the same thing as publius, with the exception that freenet make no judgement whatsoever about content. Publius may make use of some better algorithms, but has also clearly made policy choices which make it less than ideal for dissidents to skirt censorship (such as the lack of searchability and the filesize limit, and worse: a philosophy of passing judgement on material and what is "fit" to be protected from censorship and what is not, with who deciding such criteria an open question). FreeNet can always adopt better encryption and storage approaches now or in the future, without making the same kinds of misguided compromises.
FreeNet remains IMHO the most promising approach to thwarting censorship of all kinds, today and in the future.
The Future of Human Evolution: Autonomy
Of particular interest in the article are the safeguards against the common opposition to such projects, like their use for piracy. Publius features no search utility and a maximum file size of 100k.
An admirable effort, but this just means that someone will circulate a third-party utility that does indexing and can reassemble fragmented files from 100k packets.
Still, it should cut down on the number of people storing CD images.
Am I the only person who remembers years of UUEncoding large files into small chunks for usenet? It is trivial to work around such a limitation, which makes intentionally adding it in the first place just stupid.
Until they haul in UCITA, and show that you couldn't have installed their software without agreeing to their licensing agreement, which happen to prohibit benchmarking, profiling, comparisons, or any other mention of their product without their express permission.
And before you state how silly that is... MS, Oracle, and I'm sure other database vendors routinely put these kind of restrictions in their licenses, today, without having the 1000-pound gorilla of UCITA to back them up. I seem to recall MS, at least, trying to enforce it in one case.
"Great men are not always wise: neither do the aged understand judgement." Job 32:9
True, and I know that is common practice on usenet, but it still is kind of a pain. Still, it will be interesting when people do that, and the RIAA goes up aginst AT&T
:)
Maybe we will get lucky and they will destroy each other
Finkployd
I kinda did that on purpose :)
Finkployd
Agreed, but there is also a perfect method already in place to spread information (well, almost) called FreeNet. Not only does it have search capabilities, but it imposes no limit on what you can spread.
Finkployd
Wrong, I have a couple hundred MP3s, and all of them downloaded from napster. I also own the equivilant CD for every song on my PC. Why didn't I just rip them myself? I'm lazy. :)
Finkployd
When you can get Pink Floyd's Echoes (a good 20+ minute song) in some format (perhaps mp5) and compressed to under 100k, then I'll sit up and take notice :)
Seriously, what does this offer over freenet aside from "let's make those whining children over at the RIAA happy" type restrictions? If it's the same as freenet, but with a strict set of rules, then freenet will eventually beat it no matter how much corporate money it has backing it.
Finkployd
Ok, so what? It's just like FreeNet but smaller, and it doesn't have micropayments like MojoNation. This is boring, the state of the art is already one upped it.
--
You're just jealous because the voices only talk to me.
Let's test how serious they are by publishing a list of AT&T calling card numbers :)
--
--
Mod up a post Rob doesn't like and you'll never mod again
Here's a simple example. Suppose we have three servers that store information (n=3). We want to store a number on the servers such that each server individually doesn't know the number, but any two servers taken together are enough to reconstruct the number (k=2). The system we can use is to encode the number as an angle. Draw a line at that angle to horizontal, and choose three random points on the line. Send a single point to each server. Each server knows one point, but it can't figure out the angle of the line. But if you put the information from two servers together, you get two points which lets you draw the original line (and hence figure out the angle and get the information). Of course with bigger n and k you need real cryptographic systems (and not just lines).
Now, I'm not here to debate the ethics of filesharing. I think there can be a good case made for the legitimacy of mp3s under certain circumstanes, but that's besides the point. Whether or not you believe mp3 sharing is right has nothing to do with whether or not it is illegal. And if it is considered illegal (which it almost certainly will be, seeing how the RIAA 0wnz Congress), then the RIAA can attack systems like Freenet and possibly even get them declared illegal. Now here we have an alternative which can accomplish the legitimate and considerably more important use of Freenet without being attacked by the RIAA.
I am not an idiot. Please use my name to email me.
"That's right, I'm quoting myself."
-Upsilon
Napster was wonderful, in that the idea spawned dozens of clones. We can never go back. These distributed file-sharing services are here to stay.
The new problem is the sheer number of clones, gnutella, napster/opennap, sx, freenet, blocks [just saw on FM], and now this. There are onyl so many internet savvy people out there. Why will this service take off? you need people to use it. And people won't come unless others are using it.
The question now is interoperability. How can we defragment these services, which in the logn run, the voerabundance will *hurt* access to information.
Marketing this 100k/file limit as a safeguard is a total joke. If Publius ever becomes popular, you know that some VB kiddie with too much time is going to whip together a program that splits up and reassembles files into 99k chunks.
You mean like say... a TCP/IP stack?
AT&T also started funding my BlackHoleNet project. See, what you do is you send a file (less than 100K, so break that MP3's into 100 files!) and BlackHoleNet sends it to a special device (/dev/null). Later, when you want to get a file out it is retrieved from a different special device (/dev/random). The only remaining bug in my system is that the process of traversing the wormhole from /dev/null to /dev/random is somehow scrambling the files. I just need some funding to get over this last hurdle.
--
Linux MAPI Server!
http://www.openone.com/software/MailOne/
(Exchange Migration HOWTO coming soon)
On a side note, they can, if they wanted, create a key that can unlock if x% of they total key is present. Thus data won't be lost by on person losing the key.
---
-
ping -f 255.255.255.255 # if only
If so, the 100K limitation would be pretty easy to blast out, as would b ethe dependance on the good graces of a single company (AT&T) in a single country (USA).
Hmm - actually, it may be more useful to leave the filesize limitation in - move it to something like 500K chunks. Then add something similar to the keysplitting to redundantly split the actual content as well. Put those split parts on differenet servers with redundancy on a distributed net, and you have cryptogtaphically secure, redundant information that protects the servers from knowing the content and hence prevents their ability to be pressured legally. Plus the redundancy of the parts and their ability to be reconsituted via the net from multiple sources makes it nearly impossible to eliminate content.
Combining this with Freenet shoudl be an object for anyone that really values freedom.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
It's all in the words folks. The Chinese Government doesn't give a toss about its citizens downloading MP3s. It *does* care a lot about what they read...
--- Hot Shot City is particularly good.
The MP3 format is not the most effective for all audio data.
If your really making a point, you don't need music. Music is what MP3 was designed for.
Speech can be encoded in a simple u-law format. This is basically a slightly modified WAV file (requires virtually no processing), at 64 kbps. This is telephone standard, and is barely considered a form of compression.
ADPCM (Adaptive differenial pulse code modulation) gets to 32 kbps, by exploting sample to sample differences.
You can use a CELP (Code Exicted Linear Prediction) algorithm, to get easily recognisable speech in 4800 bps (that's 4.8 kbps).
If you push it, and have plenty of decode time available, some clever acoustic vector prediction, and an LPC algorithm can get you as low as 300 bps, although prehaps 1200 bps is more reasonable.
This extreme compression will also distrocrt the voice, making it more difficult to identify. This is hardly a problem.
At 4.8 kbps, you can get 20 minutes of speech in 100k. Compare that to MP3.
see comp.speech FAQ for more data.
So we all know that Pulius is hackable. The safeguards are easily circumvented or whatnot. The point of Publius is not, as many here see it, to provide what is essentially an encrypted geocities site.
The purpose *is* to "strike a blow against censorship". By putting safeguards in place, Publius establishes an unassailable incarnation of free speech on the net. There isn't a bad-mojo buisiness plan behind closed doors to profit from copyrighted material. There aren't scads of copyrighted songs getting traded (though at some point there probably will be). Big Companies can't attack Publius.
What this means is that a bastion for digital distribution is being established, apart from corporations that have a huge interest in controlling this stuff.
So stop whining about the restrictions. If they piss you off, write a tool to split the files. Write (even more useful) a search engine. Publius is the skeleton by which we can build a legitimate file sharing system with a watertight defense.
---------
---------
Get back to me when my brain starts working.
But it IS the point. Publius didn't encourage those utilities. Some anonymous user did. And who's to say they're only for use with publius? Maybe the program splits up files for you in the case you wanted to try doing raid-striping on your own or something... :)
Anyways, publius as an entity is free from attack if they don't create those utilities.
---------
---------
Get back to me when my brain starts working.
The newsgroups will only allow so many lines, I believe...So they have many utilities which will break up 20 meg posts into 93 parts, and then piece them together later...
But with other services that do the same thing, who will use this?
I just gave it a shot and it's kind of weird to use. I like the idea... but What good is the free speech if it's nearly inaccesible?
Apparently to read a document you have to know the full URL which is HUGE. And since there is no search You can't find things on the subject of say... "Search and Seizure." You would have to wade through the web and find a link to the Publius Document.
The encryption and the anonymity are great. And i understand not having a search function... but I think that it is at the expense of ease of use and actually getting the free speech "heard".
these systems are very important...i wonder if they have thought of the p[rotection against spammers angle ? especially now that the first spammer (flatplanet.net) has surfaced on gnutella networks.
Limiting the file size to 100kB will drastically hurt this systems ability to support the freedom of speech. Unlike the days of the original Publius and the Federalist papers, not all speech today is, or can be, in the form of text.
Next time Will Smith gets a video of the NSA killing a Senator he will be able to upload it to Freenet. Will he be able to place it on Publius?
Does it say something about the sick influence of money in our world that they are willing to tolerate the usage of the system by child pornographers, but not by people who don't feel like giving money to the RIAA?
It's called an Information Dispersal Algorithm, or IDA.
See: http://www.acm.org/pubs/citations/journals/jacm/1
Let's take this the next step. I proposed a system a couple of years ago that would eliminate the single point of failure of these systems. I propose that the system *never* write any of the bits of a data element to persistent store. Instead, use a probabalistic Markovian algorithm to immediately re-multicast the data to a number of other hosts in the system, thereby keeping the data always in the *net* (i.e. the routers), and never in the systems themselves. If you want a particular file, your client sends a query in the form of a bias-inducing message that propogates through the system as a diffusing computating. In essence, the bits you are interested in end up in your lap with higher probability, so you just wait a time interval (probably O(lg d*h) where d is # of data elements and h is # hosts participating, based on my back-of-the-envelope calculations given the algorithm I've played with) and the bits happen to show up on your computer and your client reassembles the data appropriately. This is similar to the software distribution multicast work out of MSFT that uses FEC (Forward Error Correction). See GemmelSchoolerGray99 at http://www.cs.caltech.edu/~schooler/papers/FcastTR -99-14.ps for more information.
Joseph R. Kiniry
http://www.cs.caltech.edu/~kiniry/
California Institute of Technology
Joseph R. Kiniry
http://kind.ucd.ie/~kiniry/
Lecturer
UCD School of Computer Science and Informatics
I'm wondering just how that cryptography is implemented, whereby having less than n of n shares still permits us to read the document. The pdf on their site seems to involve MD5 hashes in the process, but I was wondering if someone more cryptographically inclined could elaborate. Of mathematical note, they generate d*ln(d) shares, where d is the number of servers. This has something to do with the coupon collector problem, and that if you check d*ln(d) servers you get to every "unique" server.
All in all it seems a really good system; hopefully the common carrier concept will be better applied. Since the pages can be retrieved with special (CGI based I think) URLs, they could probably be indexed by standart search engines such as Google. I hope this works out
Q:Doctor, how many autopsies have you performed on dead people?
A:All my autopsies have been performed on dead peop
If submitting a document generate URLs to access it and if to access the document you have to use URLs, how does the system prevent knowing what people upload/download just with traffic analysis (even if the data itself is not in "clear text")?
Note the traffic analysis would be based on the URLs, not on the random servers the data parts are stored on.
I thought that GETs were supposed to be idempotent? Then they should be indexable.
Additionally you might need is (probably already exists, there is nothing new under the sun) epiration dates for GETted pages.
Johan
erm.
litteracy in the asian continent is usually quite high.
But isn't the Publius system based on a "pull" (request/response) architecture, much the same as the Web itself? If so, "spam" in Publius should be no worse than a Web page with "spam" -- it isn't affecting anybody who doesn't request it. (Indeed, the use of the term "spam" for a non-push publishing method seems counter to the meaning of the term itself.)
Politics...
No Laughing Allowed!
Publius has been on /. before, guys.
You'd think Hemos would take five seconds to use /.'s own damn search engine to check for past stories.
Jonathan David Pearce
Jonathan Pearce jonathan@pearce.name
3EAAFB2A http://www.jonathan.pearce.name/
It is a simple matter to make a client that breaks files up into 100k bytes :-) and reconstructs them. How about that search capability? Well, that just means having an index. An index is info and can likewise be broken up into 100k pieces. So the client looks to a common place for the index, downloads the most current version (or does some sort of nifty caching so that only the most used portions are downloaded at first), finds the references, builds a list of urls, downloads the data, patches it together, and voila! you have just downloaded 100MB of mp3s, and not only that, but it sounds like availability will be MUCH better than Napster/Gnutella-like systems!
Helping with organizational effectiveness is our job.
Anonymity may breed distrust, but if you're not anonymous, they sue you into the ground. Piss off someone with money, or a powerful lobby, or a big corporation, and you might as well be dead. They'll make sure no one hears you. This is the age of the frivilous lawsuit, where anyone wishing to silence someone else may do so simply by making it horribly expensive to exist.
Say I write an article, saying in effect that DB2 bites in comparison to Oracle. IBM doesn't like this, and sues me for slander, libel, and false claims harming their business. None of those claims are true, and are in fact laughable, but I still have to hire a laywer and spend huge amounts of money just to get the judge to not rule by default against me for a huge sum. In the mean time, no other publisher is going to hire me or take my works for fee because of the lawsuit. And what if the judge dismisses? Well, that doesn't happen. IBM drops the suit, and refiles next week.
Pretty soon I'm 20K in the hole, the article was pulled so no one ever saw it, and IBM offers to drop the suit if I retract my statements and only write 'the truth', as their marketing dept sees fit to spin it..
You know what? I'd do it too.
.sig: Now legally binding!
Finally, there's a system out there that's free of the oppressive influence of evil Slashdot moderators ;-)
Publius, Freenet, Napster, and Gnutella all simply represent the next step in the development of full-fledged system software for the Internet. The Web browser effectively provided a global, read-only file system for the Internet, and these engines are attempts to standardize the method used to locate content on that file system independently of any single search site such as Yahoo or Google.
Piracy is only the killer app that is driving these technologies into the mainstream. Their real value will emerge when developers start to code next-generation applications that are built on them from the ground up for a variety of new applications, yet unimagined. All of this is part of a pendulum-swing away from the centralized, server-centric computing that has been in fashion for the past few years, and back towards client-oriented, peer-to-peer applications that take full advantage of desktop hardware.
The issue I see with this being like the "Snow Crash" repository is that it's artificially limited. The "Snow Crash" repository had voice and video feed, as well as extensive AI.
A better bet would be a system that is not at all limited, like Freenet. While it may eventually host a fair % of pirates, that's not the point of the system, it is built to provide a network of anonymous and ubiquitous data availability without allowing for contentious files to be deleted. Publius, on the other hand, is psuedo limited to text (although posting multipart fragments of a warez file is still entirely possible).
Unbreakable toys can be used to break other toys.
Here we are at /. discussing a tool that has obviously been crafted to help encourage online collaboration without enabling the D00DZ who want to distribute WAREZ. What are the first reactions?
It sucks cuz I can't distribute illegal files
It just makes the suits who are concerned about abuse say "See: we told you so. All they want to do is abuse it."
That's entirely the point. If you want to distribute LEGAL files then you don't need a system like this. You're assuming that a file being illegal means that it is a "bad" file. This is not necessarily the case, as what is legal may be dictated by malevolent (or at least not benevolent) forces.
Unbreakable toys can be used to break other toys.
I think this is silly, and can't wait to get my hands on the actually system. If what they say is true, its only a matter of time before censorship is enforced in evil ways. For instance, the author of the article states that, and I quote:
"Mechanisms are in place to detect if the content has been tampered with. The publishing process produces a special URL that is used to recover the data and the shares. The published content is cryptographically tied to the URL, so that any modification to the content or the URL results in the retriever being unable to find the information, or a failed verification. "
The Key words were "any modification to the content or the URL results in the retriever being unable to find the information". This tells me that if I wanted to hack into their system that I should focus on modifing the content, or rather the text file that is stored on the server.
The smallest deviation in the encrypted content will break the encryption as it is being decyphered by the respective keys.
Also, what about linking? I saw no mention of the effects of "deep linking" in the article anywhere. What I mean to say is that a site, say slashdot, might decide to link to an article on the Publius system. Do they intend to block all headers comeing from IP's that are non-Publius? They simply state that "content is cryptographically tied to the URL". What does that mean? Are they saying the url is dynamically generated by the Publius system with a changing key, or static but the keys are somehow encoded into the URL all the time, in a static way? Who knows.
That being said, would you want to even attempt to decypher the URL? Not me! Considering todays high-power cyrphtographic technologies, hacking the cypher is crazy(with todays best technology). However, methods to cause a system to grant root access by means of are available online the instant they are discovered. Typically the discovery is caused by a honey-pot system being hacked, and watching how they script-kiddies did it. Too late, your content is now being displayed as a bunch of garbage, and the root kit is being passed around the circles of wanna'be crackers. By the time packet storm shows how to proctect the system, hundreds of sites could be comprimised.
Now that might be a relitively short time frame from from hacked, to protected from. But still, the system could be hacked, and thats the bottom line.
I'm waitting for the formal anouncment. This is vaporware until then, just remember that! =)
It isn't a lie if you belive it.
Slashdot Article Lots of info.
--
Never trust anyone over 90000.
We just need a few bytes to index the starting and ending digits in pi where the song is located. Since pi is infinite and random, it's gotta be in there somewhere.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
This is refreshing for 2 major reasons, it is actually backed by someone with major clout, namely AT&T.
Second, this system is out to provide a safehouse for truly free speech, and not to provide a safehouse for rampant piracy.
With the right development, I wouldn't be suprised if this could be developed into a robust information repository (Like the library in SnowCrash?) However, it will be interesting to see if it becomes popular because it won't attract those who are really just in it for the warez and mp3z.
-cpytel
This "privacy" talk is just a bullcrap fog wall for people who want to pirate files. Don't kid yourself.
Mike Roberto
- GAIM: MicroBerto
Berto
It comes down to a matter of support. If I say something that can end me in jail, or the poor house for stating my views, then I will not speak. If however, I can speek freely, and then other's join my perspective, and enough are there, then, and not before can a Figurehead come to light.
Why did the founding father's hide behind psydonims(sp?)? Because it was safe, however once there was support for their idea's, they were able to come out and be the standard bearers.
What good is it to be able to share files and information anonymously if you can't search it to find what your looking for??
Even libraries have at least a cardfile to point you in the right direction..
they give you a url.. but then they'll stop you from speading the url the same way they'd stop you from speading the file before, so the system's useless...
>To quote the TV series "Daria," "It's a sick, sad, world."
Sort of self-fulfilling isn't it?
How can you watch that crap from the network that gutted Ren and Stempy.
--
--
blinko - "the nail that sticks up gets hammered down"
- "Where did you here that?"
- "A bloke in the Publius told me."
Titter.(Quick reminder for the slow of brain a Pub is like a Bar, but British)
Thad
Thad
so what, you can't trade pop music, but you can't trade most of the stuff on project gutenberg either due to the 100kb limit. this is an intentionally crippled system for the weak christian masses.
Insanity is the last line of defence for the master diplomat. But you have to lay the groundwork early.
Its pretty rediculous to think that some one won't eventually invent a search engine for this. Its going to happen.
...meant to battle censorship on the Internet.
This is also interesting:
This is not AT&T saying "We made another Napster everybody, and guess what? Its corporate sponsored! So don't worry about the RIAA." Truth is, that this is probably just going to be used by the czechs and 1st-amendment-deprived citizens of the world. Publius is not much service to Americans.
Except if the MPAA case goes the wrong way (and Software code is censored)...then you can bet that DeCSS will be everywhere on this network.
Time will tell.
-Fred
"Nobody ever went broke underestimating the intelligence of the American Public." - H.L. Mencken
Since the pages can be retrieved with special (CGI based I think) URLs, they could probably be indexed by standart search engines
Many search engines (such as webcrawler) automatically throw out all URLs containing a ? because they don't want to waste the resources to index CGI.
---------------Adopt a bird today!
<O
( \
XGNOME vs. KDE: the game!
Will I retire or break 10K?
Yeah, its not like it`d take you more than 30 mins to write a proggy to split/combine them in the right order in a pleasant foolproof way
DISCLAIMER: I've never used Publius!
Usenet servers are known to dislike big posts, so when I want to download an ISO of the real OpenBSD cd, the coolguy who posted it split it up into many (many many many) parts that Pan can reassemble. I don't know how applicable this is to publius, but I think it's relevant. Of course, 650 MB into 100K chunks (using 1000 byte kilobytes) would be 6500 parts. That's a lot by any standard.
-------
Oh shit! I forgot to click "Post Anonymously"...
In addition to unlimited file size, and no AT&T censorship, Freenet will be fully searchable.
Yeah, this story was already posted...
Of all the comments to this story, the ones that get to me are the ones complaining about the lack of MP3s. People, we have enough Napster-like clones out there, we don't need any more! File-sharing programs are a Good Thing(tm), but because of programs like Napster, Gnutella, and Freenet, people see this programs as only being useful to MP3 traders and warez kiddies. The great thing about Publius is that it implements true free speech, i.e. the sharing of sensitive and critical information without fear of reprisal, without worrying about MP3 traders and warez kiddies. And because of that, maybe some people will get turned on to the idea of file-sharing programs, and will see them as something more than another road for piracy. It'll be interesting to see how this program will function down the road, and I hope it continues to develop.
Remember, just because you can't download a copy of AutoCAD or a Britney Spears CD from it doesn't make Publius useless. There's plenty of Napster-like programs out there, don't make Publius into another one.
--
--
The real Raunchola isn't cool enough to have any imposters
The other day I heard someone say how the words of the founding fathers of the United States, upon which the US government is supposedly based and the people proud of, would be considered radical and dangerous these days.
To quote the TV series "Daria," "It's a sick, sad, world."
But lets face it, it's really a case of people wanting to keep the silenced silent.
Eh...
You mean "the shiny things network?" I don't watch it much, but then, I don't watch TV much. I leave ZDTV on for background noise and a good occasional laugh.
Eh...
Ha-ha... well, then, it's perfect for porn!
(Trade secrets, product rumors, & illegal device compatibility descriptions - like DeCSS - will fit nicely, too.)
--
--
He lives in a world where those who do not run the client software of the omnipresent meme are unacceptable.
it sounds like AT&T will do some kind of vetting on materials submitted to the system - and the concept of "interesting" content itself emphasises that there will indeed be censorship at the front-end of the system, even if it is immune to censorship at the receiving end.
What happens when someone tries to submit deCSS code to the system? Will AT&T allow that as "interesting" ? or not allow it for fear of legal reprisal? if the former, everyone should submit all the open source code you can find as separate packages! keep code free as in speech! if the latter case, then Publius is a joke.
--
______________________________________________
Don't blame me - I voted for Howard Dean. http://dean2004.blogspot.com
This stuff is pretty cool! Check out a couple of things I just uploaded! ...
http://!publius!/010300023/0IdQDL6B9mM=Z6wwisqfMc4 =1Bnu/VAF+Iw=xHq5Tp55jJ4=j8j6kdj3STA=rdq oYZKfe9U=VCRBjIZPkss=/rz7cJ780KM=7EU5qjTq0bw=vM+Ia RIyYW8=
http://!publius!/010300023/3uYkNEXhQYY=fF0/M7kp1qw =e7chLBAE1iU=bn81tEZ3ySQ=z8P/iEbZdLg=RpM 7ld6CvFg=LtDJFjd3B10=dcDQIZR2jUs=2ZFEFKCvKRY=c/zIl rbMxVo=
NEAT!!!
............ no.
Marketing this 100k/file limit as a safeguard is a total joke. If Publius ever becomes popular, you know that some VB kiddie with too much time is going to whip together a program that splits up and reassembles files into 99k chunks. OTOH, maybe as long as the lawyers can make such a program too complicated for judges to understand, other organizations really will have a problem censoring it.
lets say i go to the store, rack up a bill of $250 and now need to pay. I just go to my cell phone, use the encrypted uplink to $250 in an anonymous url location, give the cashier the url on the display - and wala. a totally anonymous digital transaction has taken place. it works even better for people who work under the table. they can earn money without anyone (even their employer) being able to proove how much they earn. And employers can buy their services, without anyone being able to proove that the employer broke the law. But my favorite will be when all my stocks are held by an offshore company outside the juristiction of us tax law. Each stock will be represented by a digital certificate - wich the owner can verify and trade anonymously without record or trace. Sales taxes, bye bye. Income taxes, bye bye. property taxes - yeah they're still arround, but only the properties that they can show that I own.
Just my 2 øre.
Will work for bandwidth!
It's not spamming the viewer, in this case - it's spamming the server. Every document posted consumes finite server resources. That's a concern when the system doesn't charge for the use of space. What's the FINANCIAL end of Publius like? How are they planning on paying for it? Or are AT&T just establishing it out-of-pocket as a public good?
nifty little utility to split/reassemble all those little bits of larger files
Sounds a whole lot like how us "oldies" used to move pr0n (and more serious stuff too - just can't remember what it was) over the Usenet with uuencode. As I said - nothing new - just old stuff another way.
Black holes are where God divided by zero
The article touches on both concerns, but I just gotta ask it again: What's the point without a search tool? Is there really enough content being censored (to the point of disappearing from say, Google's cache...where I go whenever I need something that's offline) to make this system useful? And they say now that they don't consider the requirement that items be reviewed to be censorship...give it time. There will be SOMETHING legal, important, and interesting to some which they will reject. Overall, sounds like a good idea, though.
What's the point if you can't do a search of the contents? Basically it works out to the same thing as free web hosting. That is free web hosting where you are limited to 100K files sizes. Smells like a public relations ploy or some other technique used to garner "good will".
I love reading slashdot. It combines links to interesting, newsworthy articles WITH commentary. But I don't read all 500 posts about .NET, or DeCSS, or whatever. I read the highest scores first, because my time is valuable.
If Publius is to be effective, ie. getting me to read it as part of my routine, it NEEDS indexing, searching and moderating. The most valuable resource in the 21st century is going to be the attention of humans, specifically wealthy and educated humans. Think about it, that is what advertisers pay Billions of dollars a year for.
How is Publius going to attract and keep attention?
Dave
Begs a question though: if there's no search feature, than the long URLs are going to have to be placed on normal web servers. Doesn't this defeat the security?
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
I like the "over multiple servers" approach for handling files (as CNet describes, like a Jigsaw puzzle). Do any other networks function like this?
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
"Publius features no search utility"
:-)
But originally 'the internet' had no 'search facility'. The search facilities were meta-web-pages. If Publius provides any way of querying the existance of documents, it will be possible to cobble together some kind of search facility. It is likely to be a fairly transaction intensive process, so the publius servers better be prepared (like a web-suck for files asking for things even if they don't exist).
So there's a 100K limit on files? Where did that arbitrary limit come from? Thinks... Someone remind me how big a document containing just 'hello world' is in the latest version of MSWord? (I've been told it's about 80K when saved as HTML)... An attempt to stamp out use of MSWord perhaps?
FatPhil
Also FatPhil on SoylentNews, id 863
From their discussion of preventing "Denial of Service" attacks on Publius, which would also be effective against spammers:
"Publius, like all Web services, is susceptible to de-
nial of service attacks. An adversary could use Publius
to publish content until the disk space on all servers
is full. This could also affect other applications run-
ning on the same server. We take a simple measure of
limiting each publishing command to 100K. A better
approach would be to charge for space.
An interesting approach to this problem is a CPU
cycle based payment scheme known as Hash Cash
(http://www.cypherspace.org/~adam/hashcash/).
The idea behind this system is to require the publisher
to do some work before publishing. Thus, it becomes
difficult to efficiently fill the server disk. Hopefully,
the attack can be detected before the disk is full. In
Hash Cash, a client wishing to store a file on a par-
ticular server first requests a challenge string c and
a number, b, from that server. The client must find
another string, s, such that at least b bits of H(c . s)
match b bits of H(s) where H is a secure hash function
such as MD5 and "." is the concatenation operator.
That is, the client must find partial collisions in the
hash function.
The higher the value of b, the more time the client
requires to find a matching string. The client then
sends s to the server along with the file to be stored.
The server only stores the file if H(s) passes the b bit
matching test on H(c . s). Another scheme we are
considering is to limit, based on client IP address, the
amount of data that a client can store on a particular
Publius server within a certain period of time. While
not perfect, this raises the bar a bit, and requires the
attacker to exert more effort. We have not imple-
mented either of these protection mechanisms yet."
This will probably be considered a flame but I think it needs to be said.
/. readers say it key to the internet. No doubt eventually someone will make a wrapper so that mp3s and such can be put on Publius but that is not really a good thing.
Finally someone has produced a product that uses the technology Napster and Gnutella are based on to do something good. Despite what many proponents of Napster and Gnutella say, the main use of those programs is to get around having to pay for music and other electronic info like videos.
Some of the posts already on this board say "What is the use of this program?" Now we just have to split the mp3s into lots of little files. The people saying this apparently totally miss the purpose of this program. It is NOT to get music without paying for it. It is to help people communicate in an anonymous and secure way. Which many of the
I think it is great that a major corporation has helped to produce a product like this. Especially one that goes against what many government agencies want, that being anonymous, encrypted communications across the internet.
Just my $.02
Rich
In similar news, IBM is releasing a program that will allow you to read encrypted data from DVDs. All encrypted data will be accessible, except for ones and zeroes.
-
-
Give me liberty or give me something of equal or lesser value from your glossy 32-page catalog.
I actually think the 100k file limit is a good move. Yes, it's trivial to work around, but only for those with more nous than the average user of this sort of system.
Of the millions of Napsterites, I would guess that a very large percentage indeed wouldn't have the knowledge or - more importantly - the patience to take a really big file apart for posting or to bother to track down the whole thing and put it back together. Napster's great strength for copyright violation was that it was very, very easy to use indeed.
Adding a significant amount of ballsaching effort (whether assembling a dispersed file by hand or writing the script to do it) to the process of getting an MP3 or big piece of software is going to discourage the casual pirate, just as the trouble of getting through locked doors and windows and an alarm system will discourage the opportunist burglar.
In effect, it's likely to head Napster-style legal trouble off at the pass.
-- AndrewD
A Maze of Twisty Little Laws, All Different.
Okay, my first thought is about censorship.
It works a bit like Slashdot commenting, except the Publius people do the modding, not the users. They get this giant collection of anonymous pages, and they pick out a few and label them "interesting." Somebody posted in the C-Net article that this doesn't remove censorship, it merely transfers it to the Publius staff, allowing them to censor something by labeling it "uninteresting." Is this really true? Can you only reach the "interesting" sites? Or are "uninteresting" sites reachable but not advertised? Because the latter doesn't seem to be censorship to me, but the former clearly is.
My other thought is Filtering. They claim that this technology prevents censorship. Does the prevention lie in the fact that you can't filter these sites, or in the fact that you can't delete them, or what? Because they can easily be filtered, you just have to have a filtering program that interprets what it reads, like your browser does, then filters the end result, rather than the inital scripting. As for deletion, if the US wants it deleted, they can order AT&T to delete it just as they could if it was hosted normally. So what is it that they are actually accomplishing? I'm missing something.
As an Internet publisher myself, I'm a bit miffed as to what's going on here. Sure, I publish stuff about sports, which is not exactly Earth-shattering in terms of societal impact (though I can argue for its societal worth, mind you), but what seems weird to me is that this is a way to hide behind the computer screen.
Looking at the root of the name of Publius -- familiar with the Federalist Papers myself, because I have to soon explain why we made all those changes in the UAH SGA last year anyway -- I see their point, but societal change is more often brought about by grassroots efforts led by out-in-front, standard-bearing individuals.
To demonstrate my point, could the American Civil Rights movement have progressed without someone like Rev. Dr. Martin Luther King, Jr., marching? Sure, he could have sat in Atlanta (or Memphis, or Selma, or . . .) and written beautiful works on what was wrong with the oppression of "Negroes" in American society. I dare say his impact was strengthened by his visible action.
Heck, to take it to a whole other level, Jesus Christ himself could have just written a bunch of stuff, but I guarantee fewer people would be affected by Christianity -- whether you have a positive or negative view of it -- without some decisive action in there.
Anonymity breeds a small hair of distrust. If you're going to take over the world, you've got to have people's trust.
--
<><
-- Geof F. Morris
The AT&T backing was discussed in one of the comments to that article IIRC...
--
michael was here.
--
Secure servers: It is publicly known who runs the servers, but it can be kept private what server has what. In order to download something, I need to know where to get the key shares. The server doesn't know that. Also, a server can't know what it's hosting without the ability to download it. However, things are less secure in that all this means that if I know how to get something I know who is hosting it, and a govt. etc. could use an attack based on such. So servers are both more and less secure.
The last two are really just based on the document format and software architecture.
This was all written without knowledge of the code, and is jst my interpretation of the web site.
---
100k is perfect for... p000rn in jpeg format. ;-)
Got friends?
This is the kind of reaction that fuels the fires of distrust.
Here we are at /. discussing a tool that has obviously been crafted to help encourage online collaboration without enabling the D00DZ who want to distribute WAREZ. What are the first reactions?
It just makes the suits who are concerned about abuse say "See: we told you so. All they want to do is abuse it."
We shouldn't mindlessly rally around the suits just because they think it's cool. But, we shouldn't snub it because it's not made for warez distributors. Let's judge it on some other basis.
Paco is an employee of Tovaris, Inc. who speaks his own mind and not theirs.
Founder's Camp
Founder's Camp
News for non-Nerds. Stuff that matters.