Gnutella Vs. SPAM

darekana writes: "I know you've heard the quote: 'Every new medium will be used for sex.' Well, every new medium also appears to be used for advertising. Gnutella vs. Flatplanet.net who will win? From the 'ShareZilla' developers' mouths: 'When the fine folks at Gnutella find a way to filter ShareZilla, we will figure out how to get around their new filters. A subscription to ShareZilla entitles you to that new version of our software at no additional charge.' Beyond the $74.95 (US) initial charge that is."

Re:Time to cut Florida off the 'Net.

[I+R+A+Aggie]

Will someone please explain to me what it is about Floridians especially that attracts them to shady business models?

A lot of it is those damn carpetbaggers. Steve Reptile...err...Respis (the pheromone/cable descrambler/whatever spammer) is also located in Orlando. Hmmm...I wonder if these guys are in "business" together?

James

Re:Slashdot values

[streetlawyer]

In what way is putting files on a network and making them available for search engines "PUSH" media? In the words of a favourite slashdot phrase "They'll be arresting the search engines next!!!"

For god's sake

[SimonK]

This isn't +3 insightful, its -1 Troll. And well below Mr So-called-lawyer's usual high standards as well.

He hasn't even read the article for god's sake.

Idiots.

Simon - who originally moderated this down, and wants the points back since the battle's clearly lost.

extending my reply

[HiThere]

I see gnutella developing into a sort of public library for all kinds of files. It can be important to know what the document is that you retrieve. It should be unnecessary to know who gave you the copy. But then I consider censorship to be an evil, and want to make the job of the censor as difficult as possible, so that only those rare things that actually should be censored (e.g., how to create weapons of mass destruction) are. By my proposal, all you would need to keep secret are the title/key combination.

Re:Wonder if this could be dangerous?

[jroller]

Here's the first few lines of something that I happened to find the first time I tried gnutella.

Might be interesting to search for some of these names and see how well this thing is doing. The one I got is generation 5.

Option Explicit
Dim CurrentFilename, CurrentGeneration, InfectionDate
CurrentFilename = "AssFucking Collage Teens 15 Girls.asf.vbs"
CurrentGeneration = 5
InfectionDate = "7/16/2000, 6:29:52 AM"
const ProgramName = "Gnutella Worm v1.2 By LeGaLiZeBuDz"
const ProgramDate = "2000 May 28. The first v1.2 Gnutella Worm."
' Watching CurrentGeneration will be quite interesting. I wonder if
' anyone ever studied this compared with real viral spreading.
' Version History:
' 1.2 o Following Enhancements:
' o Now Sets INI to remove completed uploads and downloads, covers my tracks while searching for Victims.
' o Re-Coded for better performance while editing ini and victim files.
'
' 1.1 o Now copies itself to a list of target keyword instead of just current filename
' o Fixed a bug with Ini path... (1.0 didn't work at all. he he.)
'
' 1.0 o Initial Release
'
' Behavior Control Parameters
Dim NewFilenames, GnutellaPath, GnutellaIni, VictimFilename
NewFilenames = Array(ProgramName & ".vbs", "JennaJamesonmovie.asf.vbs", "PamelaAndersonmovie.mov.vbs", "AsiaCarerramovie.avi.vbs", "xxxFTPmovie.mov.vbs", "ASFCompressor(Noqualityloss).zip.vbs", "collegesex.jpg.vbs", "Gladiator.jpg.vbs", "Battlefield Earth.asf.vbs", "Evangelioncompleteepisodesscripts.txt.vbs", "ScanMaster.jpg.vbs", "How to eat pussy.avi.vbs", "AliciaSilverstone.jpg.vbs", "PearlJam.mp3.vbs", "Mp3compressor(Halfthesizebutsamequality).zip.vbs" , "NapsterMetallicaCrack.zip.vbs", "Santana.mp3.vbs", "NSync.mp3.vbs", "Nirvana.mp3.vbs", "ShaniaTwain.mp3.vbs", "Jesuslovesyou.txt.vbs", "GnutellaUpgrade.zip.vbs", "OFFICIALGnutellaOptionPack.ZIP.vbs", "AssFucking
Collage Teens 15 Girls.asf.vbs")

Re:How to combat spam

[fatphil]

"If customers of flatplanet find that gnutella users don't respond to such advertisements, they won't use flatplanet's product."

If they're sentient enough to know how effective their adverts are then you could even reply to the advert saying "as I saw your advert via a Gnutella-propogated advert I will never buy anything from your company".

However, I often doubt there's anything sentient behind any of these companies.

I want a way of spoof-request bombing them, but don't know how gnutella works to know if this is possible.

FatPhil

Re:Spamming/Filtering

[Nickbot]

It's called regular expressions.

/[Ww].*[Oo].*[Rr].*[Dd]/d

very handy.

Re:Slashdot values

[streetlawyer]

No advertiser is "sending you anything". They are making their files available on the Gnutella network. They happen to be improving the visibility of their files by exploiting the network protocols, but that's their perogative; if you're going to say that "the rules of the game" are against that, then you'd better have a snappy explanation about why the rules of the game don't rule out child porn.

Re:How to combat spam

[sdo1]

If customers of flatplanet find that gnutella users don't respond to such advertisements, they won't use flatplanet's product

I'm not sure you understand the economies of spam. The spammer, flatplanet in this case, makes their money off of pathetic companies that pay them to spam. Spam never works for the product being advertised, but that's OK and Justin knows this. He collects his eighty bucks for advertisting Company A, and Company A is out eighty bucks and gets pretty much nothing in return. Justin continues touting what a great advertising medium this is, so Company B comes along... etc etc.

-S

Re:Rant about online advertising.

[ekidder]

No, I never have. But I get almost 0 spam. Maybe 1 or 2 every few months. So, I'm probably not the best person to ask :) And I'm still only a tiny tiny part of the sample set.

Re:Slashdot values

[I+R+A+Aggie]

Child pornography -- INFORMATION MUST BE FREE!!!!
Stolen software -- INFORMATION MUST BE FREE!!!!
Stolen music -- INFORMATION MUST BE FREE!!!!
Stolen movies -- INFORMATION MUST BE FREE!!!!

All already prosecutable under various laws and jurisdictions.

Bomb-making instructions -- INFORMATION MUST BE FREE!!!!

Did you know you might be able to find a copy of the Anarchist's Cookbook at an alternative bookstore??

but legal commercial advertisements?

Ah, but if you live in the USA, you should know that commercial speech doesn't enjoy the same protections afforded to non-commercial speec. HTH. HAND.

James

Re:Wonder if this could be dangerous?

[M-G]

There are also some VBS files being served up with different searches. Of course, you'd have to be a complete idiot to blindly download and open a VBS file, but apparenlty a lot of people are. When run, it copies itself to a whole bunch of filenames, including porn names, various music artist names, and even a couple of Gnutella 'upgrade' names.

It then modifies the INI file to make sure you're set to share the VBS files.

Nothing terribly destructive here, but it would be pretty trivial to make it nasty...

Re:Rant about online advertising.

[sik+puppy]

I worked for a tv station. You know those crappy infomercials selling stupid widgets that cost 29.99, etc?

EVERY time that infomercial runs, the company has paid $2500-$5000 or more! How many losers have to buy that widget to pay for the run? The same ones keep running and running and running. They would not keep paying to run the infomercial if they were losing money...so someone out there is buying, and enough to justify the cost of sending.

maybe we need to organize some kind of campaign, like a public service announcement, to discourage people from buying anything they see advertised this way, along with a public list of companies and their execs who insist on using offensive advertising models. Build it into the next revision?

my .02

You become enlightened grasshopper.

[Moderation+abuser]

Yup, using the spammers srength against them - Spamido. Static filtering ain't going to work.

I think I'd have the client check a few different searches and block anything that appears in all of them. Pass the information about the spammers to other clients as well maybe to make it more effective?

Re:You become enlightened grasshopper.

[flyneye]

heh heh how 'bout adding a DDOS attack when all the clients get the address.thus pouring hot lead up spammers ass.Next best thing to ripping out their liver.

Probably Not Long-Term

[walnut]

Sure, then the guys at sharezilla would then allow a legitimate transaction to take place, figure out what defines a legitimate transaction, and then spoof a legitimate transaction... no dice, just delay.

Re:Probably Not Long-Term

[TopShelf]

The idea is just to ensure that IP addresses aren't faked - if a verification message is sent to x.x.x.x, and nothing comes back, the client doesn't bother to display it in the query hits window.

Somebody else raised the very legitimate question of how this would effect clients behind firewalls. Would a change in the protocol, accomodating a proxy server or firewall IP address relative to the client, help? I ain't no IP guru, just curious.

Re:Probably Not Long-Term

[kyanite]

This would be a solution. The "stealth mode" doesn't send back the real ip address. So, if we try their fake ip address when we do a verification packet, we will see it is fake. If they decide to actually send a their real ip address, then they you can then automatically have your client ignore any subsequent replies from their server. This would effectively mess up the stealth mode operation. Remember that stealth mode is used for the spam and it is supposed to hide the server so people won't get pissed off and crack their system and shut them down.
_________________________
Words of Wisdom:

Time for a technical fix...

[Tau+Zero]

Some spammers have developed Gnutella client / node software that serves ads instead of what was asked for.

It can scramble the IP (return address) so that its users don't get "wacked" in revenge.

Legitimate sites wouldn't do that, so it's time to change the protocol so that any responders have to allow themselves to be "pinged" to confirm that they actually exist and issued the response. No response to the ping, or a "That wasn't me" response, and the client doesn't bother displaying anything. Result: Sharezilla becomes useless.

I can see another spam-cancelling service arising from this, too. Once each server has to confirm its existence before its search results will display and the anonymous spam problem is dealt with, it wouldn't be at all difficult to generate random queries and look for returns that have the characteristics of spam. Once a spamming host is identified, it can be put in a blocklist (or hacked, or DDOS'ed, etc). The mind boggles at the possibilities.
--

Re:Possible soluition?

[stevey]

GNUCleus, a GPL'd GNUTella clone for Windows, which I work on sporadically, had the ability for users to filter out IP's that are ignored.

The first thing I do is to dyke out all results from "10.0.x.x", and "127.0.0.1", etc.

The best solution I've found is to filter out all results which report stupid download speeds.

Heres a search result I just got - when looking for the GNUTella macro virus I mentioned earlier:

F-l-a-t-P-l-a-n-e-t N-e-t - .vbs 8,288,203 VBScript File 41.123.55.154 10000kBs

Filtering out all results of 10000Kbs seems to remove 95% of the spam

Steve
---

Good start. Use it to identify spammers.

[PacoVore]

The client then checks the results and ... adds it to a filter list.

The client could maintain its filter list (in memory or on disk) and make it a potential search result. E.g. a search for "KnownSpammers.txt" would result in that client's list of known spam bots.

I'm not saying that anyone should actually go off and do anything to the known spammers. :)

Spammers are only happy to spam when they feel relatively confident about their anonymity. If we take that away, they'll be less likely to spam.

It wouldn't suprise me if the RIAA funded this...

[emil]

These people are desperate to stop file sharing of any kind.

Will the RIAA remain clueless about this technology forever? Will they attack it only through the courts or legislation? Is it unthinkable that they would stoop to sabotage or other subversive measures?

I think not.

Could 'Justin' deliberately be attracting flak?

[lewko]

I wonder if 'Justin' is doing this specifically to ATTRACT abusive email etc.

This would very likely contribute to a highly up to date mailing list for use in 'conventional' spam.

I for one look forward to reading his home address in a forum soon :-)

Re:Advertising in Gnuella a good thing?

[Benwick]

Keep in mind that no online company using advertising as its profit model has made any money.

Blocks, Gnutella variant

[spRed]

Check out blocks http://www.kripto.org/blocks/, which recently appeared on freshmeat

In the blocks model, servers spin off into pods of 10. The 'blocks' of information are then routed through different pods, the origin IP and destination IP aren't known unless you have compromised all the pods in between.

An advantage of the pod model is that it would be easier to kill.spammers.dead pod A could voluntarily drop connections to adjacent pods if people in the pod B (the evil pod) has been feeding crap. pod A could trust adjacent pods that have been reliable in the past, they transmit a message to drop pod B from the loop and pod A does so.

A neat little system, and the cool factor is that multiple versions of the client could implement their own threshholds, filtering policies etc. You get organic filtering as the protocols that actually keep spammers out become the favored clients.

-spRed

disclaimer, I have no affiliation with blocks, and it has some protocol difficulties of its own. (but I do think it is on the right track)

Missing a broader issue

[pianoman113]

There is a larger issue here that I have only seen one post hint at: censorship. If Gnutella has a client that can censor unwanted ads, why can't they be required to produce a "responsible" client. By declaring war on the spam, Gnutella has opened a can of worms that should have best been left closed. It is all well and good to hate junk search returns, but leave it to a user to write a filter, not the original author. I think this issue just made things worse than they were before.
A more practical suggestion is trusted addresses. If you catch a spammer, simply block your search from hitting their ip. That kind of filtering will be effective.

Re:Why pay 80 quid for it?

[evanbd]

That's really easy. This is being sold to companies, not consumers. So suppose it takes a programmer 2 days to write an easy-to-use program. No matter how much they pay, that's a LOT more than $80. In fact, it's $80 only if they pay the programmer minimum wage.

---

What?

[Eimi+Metamorphoumai]

Does anyone have any detail/background/anything? I have NO idea what this article is about.

Re:What?

[SanjuroE]

I also didn't know about this. I thought /. carried this kind of news, but apparently not.

So where do I go for this kind of news?

Re:What?

[Coward,+Anonymous]

flatplanet.net wrote a program which spams gnutella. When you perform a search for anything, the flatplanet program returns half a dozen results saying things like F.L.A.T.P.L.A.N.E.T.N.E.T. - [word you searched for here]. They sell the software that they use so that anyone can spam gnutella. Some clients have spam filters and are set to filter out flatplanet by default.

Re:What?

[georgeha]

Gnutella users are distributing copyrighted recipes to make their own pink ham based luncheon meat, perhaps you've heard of the Open Sandwich Movement. If not, do a web search on Richard M. Stallham.

Hormel is suing Gnutella, and has a cease and desist order, saying they're losing sales and not recouping the immense amounts of R & D money they've spent creating such delectable ham based foods.

Critics of Hormel say that since SPAM has been around since WWII, they've long recouped their initial investment.

Thank you,

George

Re:What?

[bgarrett]

Has anyone considered looking for buffer overflows in the ShareZilla code? send a targeted request for '0xFF, 0xFF' or what-have-you and watch the spam factory turn to Jell-o.

Re:Wonder if this could be dangerous?

[HiThere]

Signatures are starting to look pretty important!

The answer: moderation

[Mike+Schiraldi]

Sure, any filter approach will turn into an arms race as people come up with new ways of avoiding filters, and their opponents come up with new ways of catching them.

So have some trusted authorities that moderate stuff - they don't have to be centralized... For example, just like we have warez groups now that release stuff and crack stuff, we could have groups that test stuff out, make sure it's quality, and pgp sign it to give it a seal of approval.

Then, you could program your client to check for that signature on anything you download.
--

Re:The answer: moderation

[Michael+Spencer+Jr.]

Yes, exactly!

I proposed this exact thing (with details) to the GnutellaDev and GnutellaNG mailing lists -- look for mailing list archive entries with something about protecting against content dilution.

GnutellaNG didn't think too much about it...probably because I rambled and didn't structure my very long email well at all. Most people probably didn't even read it...my own fault.

I have re-proposed the same idea to Blocks (another distributed filesharing system that is NOT Gnutella-like -- http://www.kripto.org/blocks) and we seem to be running with it. We're currently going to be making alpha testers go out and download GPG themselves, and a future version of the client will automatically find and verify cryptographic material out on the Blocks network.

Blocks is going to be different than Gnutella -- it'll require more bandwidth, more clueful users, and require the client to be connected for days at a time to really get the most benefit. But in tradeoff you get much more anonymity and deniability of content, and in the future you'll get true content verification -- no more wasted downloads.

--Michael Spencer
blocks@mspencer.net

Re:The answer: moderation

[Mike+Schiraldi]

How will having pgp-signed 'authoritative' files available prevent search-result spamming?

You only display search results that have been signed by one of the people you list as "trusted authorities"
--

Re:The answer: moderation

[disarray]

How will having pgp-signed 'authoritative' files available prevent search-result spamming?

Re:These assh*les deserve what they get

[smartin]

You mean like: Free naked Natalie Portman pictures here. :)

Re:Network Abuse

[eudas]

it is a corporation subverting an open source project for its own profits. this is, in and of itself, grossly unethical, immoral, and just plain wrong.

however, a more interesting but potentially paranoid point is this: what do you think the potential is that this is an (unofficial of course) RIAA/MPAA sponsored subversion of another file-sharing tool to render it useless? this would be a double-whammy to filesharing as they hammer napster in the courts, or might potentially be an indication that they've decided that legal action against such things is ineffective and therefore must take direct action themselves to ruin these tools.

anyway, just a few concepts.

eudas

Ad is what made internet big

[ibot]

Although internet is about sharing but isn't ad that made internet grow the way it did. Most of the initial dot-com had ad revenue as the sole stream of revenue. Like spam we aren't going to see the end of ad soon either.

Founder's Camp

Re:Ad is what made internet big

[decaym]

There is a big difference between ads such as banners and SPAM. Banner ads pay to keep a site running. SPAM is a parasite that chews up resources without providing any value back (except to the SPAM sender). If anything, SPAM is hurting the growth of the Internet.

Re:Ad is what made internet big

[Drey]

Yes, advertising helped make the Internet what it is today. A pity that we can't go back in time and help it grow up right.
--
Making iDirt 1.82 a safer place, one bug at a time.

Florida - Scam Capitol

[Jonathan+Byron]

Florida is inexpensive - a 3/2 house runs around $100k. In most counties, your 'homestead' is protected in bankruptcy proceedings - scam artists can hang on to land and buildings up to $1 million when their schemes unravel. No state income tax, so add 6% to your take-home. The weather is nice if you like Turkish baths and lightning). We have beaches where the water is warm. And what snake-oil salesman wouldn't feel at home with alligators in his backyard??

Re:Florida - Scam Capitol

[BigBlockMopar]

Florida is inexpensive - a 3/2 house runs around $100k.

Up here in Toronto, I live in a three-bedroom 2-bath house on a big main street and right beside a housing project (gunshots and Acuras with loud stereos all night). Despite that, it's valued at over $279,000 CDN. And that doesn't include the snowblower I need to get into and out of the driveway for five months of the year.

$100k. Wow.

In most counties, your 'homestead' is protected in bankruptcy proceedings - scam artists can hang on to land and buildings up to $1 million when their schemes unravel.

Mega-wow. Of course, that's only meant to promote legitimate enterpreneurs. Sure.

No state income tax, so add 6% to your take-home.

Wow.

The weather is nice if you like Turkish baths and lightning). We have beaches where the water is warm.

Yeah, I've gotta say, I've been to Florida a couple of times, and I love the climate. Both times were in August, both times I felt right at home in the sweltering heat and humidity. (I like being too hot more than being too cold.)

And what snake-oil salesman wouldn't feel at home with alligators in his backyard??

Yeah, and he gets to crush all the smaller reptiles that always seem to be underfoot there.

Now, I understand. Thank you.

hrm

[atopian]

It looks like the slashdot effect is already beginning to take hold of this site....

Why would someone make a product that utilizes a service that someone else runs that would not be ameniable to the new product and thus try to shut it down? And doesnt this go against some form of law or another with the GNU licence?

Instant Messaging Wars for Profit?

[lw54]

When they [Gnutella] figure out how to filter out ShareZilla, you will need to purchase the next version to keep up with the new technology.

Sounds a lot like someone is making money off something very similar to the Instant-Messaging wars.

Am I mistaken?

USENet spam on Gnutella?

[Benwick]

As long as we're on the subject of Gnutella abuses, can anyone explain to me the weird Usenet addresses I'm getting when I do GNUtella searches these days? Things like:

www.usenet-replayer.com/short-archive/part/alt/fre aky/things/done/with/dishware/17852: How to turn a plate into a vibrator - pladiddilio@asjkgfasg.com

...only I get about 60 of 'em for any search. Is this some kind of strange ad? Or what? I had the feeling these filenames might actually be randomly generated just to take up space and slow down the Gnutella net, or something. But overall I don't see any point in it.

Care to explain more?

[linuxonceleron]

The link to flatplanet.net is /.ed already it seems. I assume that they are distrubting advertisments in what appear to be files that people are looking for. I'm sure there's something to differentiate them from the other legitamite files on gnutella. flatplanet's gnutella nodes most likley report themselves as being a very high speed to entice users for example. Also, aren't the images that are really adverts going to be a fixed size, I don't think many people expect their porn images to be the filesize of a banner ad.

Re:Care to explain more?

[harmonica]

IIRC, they send replies on any query you might come up with, which makes them a real pain in the ass (right now, 33.131.204.88:4242 for me). I guess I'll switch to a Gnutella software that lets you ban certain IP's (meaning that results from them aren't displayed and that results routed via your node coming from them are dropped).

I guess a system like Gnutella must be able to live with that kind of abuse. OTOH, I wouldn't be too sad when I hear that someone did something nasty to their servers!

Re:Care to explain more?

[Myddrin]

Sadly, they claim that ShareZilla has a "stealth" mode, which sounds like a hacked gnutella server which will only return a string (no file name), and will also scramble the ip address... Looks like banning IP addresses isn't going to be the ultimate solution.....

Re:Care to explain more?

[brunes69]

The user does not have to download any files to see the advertisements. What this thing does is this: Say it hears a search for "blink 182 mp3", it returns something like "VISIT WWW.HOTXXX.COM FOR FREE PORN - blink_182.mp3" The file does not really exist, but it will show up in the user's search results nonetheless.

Re:Probalistic Analysis of Blacklists

[Omnifarious]

This could be fixed by having the blacklisters be a known list of people who digitally sign their blacklists. That way, if some blacklister blacklists something you disagree with, you can easily filter their blacklists. This also prevents the blacklisters from being prosecuted for copyright violation. This is sort of like the Usenet cancel moose concept.

A number of the suggested schemes have the disadvantage of giving out the ID of someone who can be implicated in copyright violations by the actions required of them by the protocol.

Just doing my part to help destroy the obsolete notion of copyright.

Re:Time to cut Florida off the 'Net.

[Syberghost]

Geez, all I thought there was down there was blue-haired little old ladies from Binghamton who weren't strong enough to start the snowblower anymore.

Are you kidding? We're the beating heart of the porno movie industry, baby!

Also, the primary import location for nearly every drug except marijuana. That, we just grow. 2nd would probably be the CIA's fields in Arkansas.

--

Re:What about IP verification???

[Omnifarious]

It wouldn't have as much traffic as the search itself. The search itself is spammed out over the entire net, then the replies come back. Sending out the verification requests to the particular sites that supposedly responded would be somewhat less traffic than the initial search request.

Re:Slashdot values

[Omnifarious]

Yeah, the difference is that some of those things are things you might want, and one of those things is something you get whether you want it or not.

BTW, I don't agree with the first one. I've thought about it a lot, and while I really and truly do believe very strongly in the first ammendment, the actions that are taken to produce child pornography are not ones that I wish to in any way legitamize. Most of the children who are involved in child pornography are horribly exploited and end up living (often short) horribly painful lives.

Time for a visit from "Uncle" Vinnie

Maybe it's just time that someone has the creator visited (in Meatspace) by "Uncle Vinnie", who can "Make them an offer the can't refuse", like Excedrin headache #.357

Do that to one or two spammers (with a manifesto note - "death to spammers"), and watch how fast they stop

Re:Time for a visit from "Uncle" Vinnie

[Winged+Cat]

Nice idea...unfortunately, that only applies if the spammers think there's a chance they can get caught. Look at the laws against, say, junk faxes and scams in the U.S., then see how many operations there are whose business models are what those laws were designed to prevent, and yet who operate (at a profit, even) thinking that they are perfectly legitimate - just disliked.

Re:Network Abuse

Spammers have already destroyed most of the quick updating www search indexes. This is very similar to a time not long ago when you could purchase a $150 script that would automatically submit thousands of pages a day to the major search indexes (AV, Google, WebCrawler, take your pick).. Mostly it was used for sex, but dont blame all the problems on porn, plenty of people are using this garbage to sell DVDs, SDRAM, MLM schemes and many other things.

Call me crazy, but I do not see situtations like this going completely away, ever.

If *YOU* want to do something, complain/yell/scream at the hosting providers of the products being spammed. Don't feel bad, do you think the spammer feels bad about annoying you? Annoy their providers as much as you can, make them have to switch providers often. Make the spammers lives as difficult as you can, that is all you can do. If every single person that encounters spam would complain about it instead of just deleting/ignoring it, the level would drop dramatically. Do not believe that someone else will complain for you, do it yourself, get that spammer back! He wastes plenty of your time, waste some of his!

Ahem, I posted this story over a week ago :) !

[wdavies]

2000-07-31 21:34:09 Spam for Gnutella? (articles,spam) (rejected)

Peeved :)

Winton

Re:Wonder if this could be dangerous?

[Chiasmus_]

Besides, If you're downloading anything that has a filename like "MAKE MONEY FAST - WWW.SPAM.COM.exe", you deserve to be infected. In fact, you deserve to be shot.

Why the .exe? .com is already an executable file under DOS systems.

Actually, though, it strikes me as very strange that there so few (in fact, none that I've heard of) file.com viruses that masquerade as URLS. It seems like a filed called "Go To Weirdxxx.com" would fool a lot more people than one called "Love Letter for You.vbs". I'm sure plenty of people have already thought of this, so - can anyone give me an explanation why it isn't seen?

Re:Who Wrote This Abomination?

[orl770]

It is amazing to me how short-sighted some people are. First of all, hearing people complain that their new protocol for stealing music is under attack by advertisers like FlatPlanet is laughable. But here is the chill up all of your spines.... If you continue to groan and attack FlatPlanet and Sharezilla, what if the guy decides to give the software away for free and flood gnutella with nothing but advertisements? Ever think of that? Bet you didn't, but it's a sobering thought...

Possible GPL violation.

[IPFreely]

OK, So I've not fully investigated their client program, but...

1) It is likely that they used the GNUTella client as a basis for their program.
2) They are selling their programs, so they are probably not just releasing it source and all under GPL.
3) They violate the GPL.

At the very least, you can demand that they prove that they are not using GNUTella code (by examination of the source by someone familiar with gnutella), or that they release all of their code as GPL. This would kill the profit motive for Flatworld.net

Of course it could but _not_ JavaScript!

[CptnHarlock]

Seen one? I've seen lots and lots. But hey, who cares! Are you stupid enough to not check the filextention you should burn in cyberhell (XibalbA?). There are programs like the one discussed here that generate vbs scripts with the filename being whatever you searched for.

One more note: JavaScript can not do any damage that I know of. To make JavaScript do damage you have to probably use some bugs in the JavaScrip implmentation. Vbs on the other hand is _made_ that way and whoever uses it (runs vbs'es or uses IE) deserves whatever is coming to him/her.

Thank you
//Frisco
--
"No se rinde el gallo rojo, sólo cuando ya está muerto."

Anonymous advertising

[Kanasta]

Gnutella tells you to go to www.xyz.com to buy product xyz. You don't know what their IP is. How does that help the spammer if they're obviously connected to the said xyz.com selling their xyz product?


---

flatplanet.net Shut Down (aka Re:What?)

[slashdevnull]

For those of you wondering what happened to http://www.flatplanet.net, they have been shut down. The timing of this article on /. could not have been timed better, as www.flatplanet.net was scheduled for disconnect today due to complaints against the software they sell, which was found to be against DSL.net's AUP and TOS.

Like any true spam promoter on the Internet, alas, they will most likely move their operations and continue with their unethical practices. :P

Thanks for reading, and not spamming,

Al Gordon
Sr. UNIX Systems Administrator
DSL.net, Inc.
http://www.dsl.net/

Moderate the parent up

[technos]

After spending two weeks playing with a limited-depth trust model for Gnutella, you come along with an idea that kicks my ass?!?! Why is this fair?!?!?

This is probably the best answer, snagging a large chunk of spammers and easy to implement, although I'd use comparitive lists of stuff, and not random words. Search once for Pink_Floyd-Have_a_cigar.mp3, then 'CIT coffee mug', then for 'The Phantom Menace', and finally 'K3w7 W4r3z d00d'. Blacklist anyone that responds to more than two.

Re:For those experiencing the "Slashdot Effect"

[Mojojojo+Monkey+Inc.]

poor karma monkey.

www.spam.com and the SPAM Luncheon Meat can

[yerricde]

Do NOT say www.SPAM.com when referring to bad advertising practices. The domain "SPAM.com" is registered to Hormel Foods Corp, and so is the trademark "SPAM" luncheon meat.
<O
( \
XGNOME vs. KDE: the game!

Re:Slashdot values

[BigBlockMopar]

Legal commercial advertisements are fine, but this delivery method is NOT. They are not being censored. Imagine if you were looking for a book in a library, and you picked a few up and checked them out, only to find that although the cover looked like the book you wanted, ALL OF THE INSIDE PAGES WERE ADS. Imagine that this happened with every book in the library.

Actually, I'd liken it more to stickers with ads stuck to the pages of the library books.

Obscuring the text you're wanting to read, you'd have to peel the stickers off the pages (and occasionally lift the text you want to read with them) before you could actually make such a defaced book useful again.

I'm sure that legitimate Gnutella sharing servers will still be in there somewhere, but I really don't like the looks of the future Gnutella if this system is allowed to survive.

Imagine getting 100+ responses to every search, 96 of each responses being from spam. It would take forever to find anything, effectively killing Gnutella's usefulness.

Perhaps the RIAA/MPAA had something to do with this?

I suggest we take steps to destroy it now. Anyone have an offshore ISP that is immune to legal action from yanking Sharezilla's website?

Man, oh man, if only I were in high school again. I beat the snot out of a kid who was tearing the pages out of books because he was too cheap to use the photocopier. (I was a bit of an unorthodox library geek back then, and while I was also an autoshop grease-monkey and an electronics lab terror, I've always loved books.) Anyone who assumes that nerds are placid sheep is an idiot. I see a wonderful parallel here... do any Slashdotters have nothing to lose?

Re:What about IP verification??? Won't work

[leshert]

It's a feature of Gnutella that it doesn't rely on an IP address to communicate with a client. For example, at home I have machines behind a firewall. Their IP addresses are in the range 192.168.0.XXX, which is a "private" or non-routable IP address--it doesn't exist except within the confines of my LAN. I have only one IP address for my entire LAN, and that's my firewall box (my ISP charges another $25/month for additional IPs...).

If Gnutella didn't work this way, I wouldn't be able to use it.

I agree, but it could be exploited..

[SethJohnson]

I'd love to see www.flatplanet.com hardcoded into this Ddos retaliation scheme. But if we followed through with your suggestion, the sword could be turned on us. Paul Allen could purchase a copy of the ShareZilla client, then start spamming Gnutella clients with SlashDot.org-EnterSandman.mp3 responses. Everyone's modified Gnutella client would then Ddos attack slashdot...

Seth

A possible solution

[Signail11]

Hash cash (no, it's not paying for access through the distribution of drugs). Basically, it is a way of ensuring that the server receiving and acting on a request must spend a certain amount of time computing some function of the input in order to be able to send information back. This normally would not bother a typical user who would only need to respond to requests that match a real file if you set the delay to something like a tenth of a second on a normal computer in use today. The amount of work that needs to be done could be increased to keep up with the growth in speed of computers.

A possible protocol based on hashing:
*Each client selects a random nonce constructed by appending n bits to a representation of the current time in seconds, as well as a header describing how much hash cash would be needed for a valid response.
*Any software receiving the query would be required to construct say x different collisions on the first y-bits of the hash of the nonce, with the input restricted to appending more information to the random nonce.
*If the original client does not a receive a reply containing valid, distinct units of hash cash, the client silently discards the information and places the offending IP on a blocklist. The original client keeps track of the last m units of hash cash to prevent duplicates.
*Each client may set its own threshold for how much hash cash will be needed for a valid reply. Responding clients may choose not to respond if it decides that too much hash cash would be needed.

There are many other alternatives that offer even more control over how much work would be required.

Re:Too easy to get around?...

[CyberChrist]

A good way around this spam problem would involve
a public/private key system.

Let me explain. Alice has a good collection of
glam rock mp3s, horse porn, or whatever tickles
Bob's fancy. Bob sees the search reply which
apparently contains 'horse porn.mpg' or whatever,
which is signed with alice's public key,
then sends the user (who might or might not be alice) a challenge, encrypted with this key.

If the challenge is returned in plaintext,
Bob knows that the file IS originating from
alice, and unless alice has a good reason to
spam Bob, then he knows he'll be getting what
he sees.

Obviously this sytem relies on knowing in advance
a list of public keys for trusted users. I guess
the idea here is that you can have searches that
either return results from everyone, or only from
people you trust. If somebody returns a file
which is later verified as 'good', you could
add their public key to your list of 'known good'
trusted content providers. If somebody spams
you, you could blacklist this key. Of course,
spammers are likely to change public keys every
few minutes, but there is an incentive for people
who supply reliable content to hang onto a 'trusted' keypair.

I'm not sure how hard this would be to implement, obviously the cryptographic exchange would take
place via a direct tcp or udp connection, and not
via the gnutella network itself.

reputation manager

[gojix]

I think gnutella would really profit from a reputation manager as preached by Jakob Nielsen.

Spam floats to the bottom. Quality servers float to the top.

Just a thought

Re:What about IP verification??? Won't work

[vawlk]

PUSH requests travel through the network ultimately getting back to you through your outbound connections that you initiated. At that point, since you are behind a firewall with a nonrouting ip, you PUSH the file to him since he can't directly request it from you.

Re:How to combat spam

[eudas]

if you reply saying 'i dont like flatplanet and i wont ever buy anything from you', they will just harvest your email address from your email that you sent to them complaining and put it on their list of email addresses to spam and sell to other spammers.

eudas

Re:justin's parents phone #

[Kirkoff]

Sorry, the area code for orlando is 407.

Re:The Basics (of Paranoia)

[Kirkoff]

I moved from the Orlando area too early. I wonder how ol' Justin would like..... err, umm, never mine... :-)

Re:Wonder if this could be dangerous?

[smillie]

There are very few compilers that will produce com files. Assemblers will of course but how many script kiddies can do assembler? And good old Turbo Pascal 3.0 would. I can't think of any others that will make a com program.

Re:What about the 1-800 number SPAM?

[driehuis]

800 numbers are easy... Just call them, explain that you don't want to hear from them again. At length. Leave a message if you get voicemail. Tell them you're very interested in the offer, and would they call you back at 237-414-433mumble, that's 237-414-433mumble.

It ain't AT&T picking up the phone bill for 800 service!

Even though international calls to US 800 numbers aren't toll free, I still call them. 3.5 dollarcents per minute is not going to keep me from calling back. Sometimes, venting helps.

Abuse of a system, downfall of the abuser?

[sporty]

I'm sorry, but if I advertise say, my sex portal site, providing I had one (anyone lend me one? heh), wouldn't the millions if not thousands of people just attack THOSE sites?

Just a theory =)

---

Gnutella Death Penalty

[Cyberllama]

If you think about it, the way information travels across the gnutella network is much the same the way newsgroups posts spread..from server to server to server. With that in mind, it should be simple enough to simply implement a gnutella death penalty wherein everyone simply adds in the ip of the spam producing server into a list bad ips. If enough people do it, any server that gets packets from that ip will drop them. So pong packets won't get through ( and thus the ip won't make it into host catchers) and also their search results won't appear in your results list. I'm sure there are a few bumps in this idea, and it does invovle mass participation as well as a client upgrade, but it does seem to be the way to do it.

Difference between signal and noise

[MeandmyShadow]

In the GNUtella network, any sort of information is allowed. So yes, you could add your ads to the whole mix. However, subverting the system to return false information is not kosher. In this case, it's not the same as simply having a similarly named file. They respond to each and every request the same way. They are not adding to the system. They deserve to be filtered.

Re:Network Abuse

[Cyberllama]

Doesn't this qaulify as a DOS attack under the law? They are sending tons of unrequested, unnecessary packets and essentially flooding the network with them. Keep in mind that search results are sent along the chain of servers also, meaning that when they send these search results back (false results) to every single search. You're not just recieving the responses to your searches, but also to other peoples searches that you forward along. This creates TONS of useless traffic that you must forward along and I think can easily be one of the causes of gnuetallas current fragmented state. (More people = more searches = more false responses from sharezilla that you're forced to forward = more wasted bandwidth)

Re:Network Abuse

[radar+bunny]

Besides, how effective can the ads be? I know I would be less likely to buy from a company that was already antagonizing me and whose advertising was presented in the form of an attack.

this is what's always bothered me about spam. I mean who is actually viwing a spam email or chat message ans daying "yea yea..i got buy that or goto that web page?"

apparently someone is... but who?

How I'd get past that...

[IPFreely]

I'd have the ShareZilla client examin other gnutella clients and pass along the IP address of some other valid client rather than just make one up. Then you get a proper gnutella response.
If it is really good, it would have the address and file reference of someone who actually has the selected file.

For every vision there is an equal and opposite revision

Re:How I'd get past that...

[TopShelf]

But the client at the false IP address, even if it's on the Gnutella network, wouldn't have the file "www.flatnet.com blah blah blah", so the verification would fail. I'm thinking that you pass the file name (not just the search string) in the verification request.

Re:Since the site's slashdotted already...

[onyxruby]

only criminals need privacy!

I believe you forgot the "and anonymous cowards"

Re:What about IP verification??? Won't work

[TopShelf]

How would those clients on your LAN handle a Push request? By GUID? What I was thinking of was something similar to a Push request, just to verify that there is someone on the network at that IP address or GUID, I guess...

Who Wrote This Abomination?

[ewhac]

You are Joe Cool-Hacker, a coder of such prodigious and long-standing skill you make Hiro Protagonist look like B1FF. You are invited to an expensive lunch by an oily but well-heeled guy who wants to discuss a project with you. After the initial pleasantries, Oily Guy gets to the point.

"I have an idea that's going to make millions, and I need someone to write it," says Oily Guy.
"And that is?" you reply.
"It's a new form of advertising."
"Uh...," you begin to say.
"Hang on, let me finish," Oily Guy insists. "It's not 'spam' like you guys like to call it. It's search-based. The ads are offered in response to legitimate searches from Gnutella clients. So unless the user initiates a search, they don't see anything."

You are dubious, but you remain cordial. "So the ads aren't sent unless the received search terms match ad's subject matter."
"Well, that's certainly a possibility," Oily Guy responds.
"What do you mean?"
"Well, the advertisers needs the ability to be as narrow or as broad as they wish. So they could respond only to detailed searches or, if they have a broad-appeal product, they could respond to everything."
"Everything," you deadpan, eyes fixed on Oily Guy.
"Yeah. Just like TV ads. A lot of times the ads have no bearing on the program, but they're still effective."
"Doesn't that diminish the value of the resource? I mean, if you opened the phone book to the plumbers section and got listings for sex clubs, doesn't that make the phone book useless?"
"This ain't a phone book. It's the Internet. And the real results will still be there; there'll just be a few ads in with them. It's not like this is illegal or anything. C'mon, there's tons of money to be made here. Aren't you interested in getting rich?"

At that moment, the server arrives offering fresh coffee. Do you:

1. Kick Oily Guy in the 'nads,
2. Grab the coffee pot from the server and upturn it over Oily Guy,
3. Sell out the entire Internet community for your own meager personal gain and agree to write the software.

The person(s) who wrote this software needs to be identified and blacklisted from further employment in our community. This kind of ethical bankruptcy must not be supported or allowed to continue.

Schwab

Re:Network Abuse

[um...+Lucas]

Yes... these people are so much worse than the hackers that post exploits and binaries on their sites prior to even telling a given browser or server vendor in advance so that they can issue a patch for it...

And so much worse than those kids that hack web pages just to show that the level of security isn't up to snuff....

And so much worse than those Napster users spending their days and nights downloading mp3's which they have no right to have and then uploading them to the world...

No.

Seeing "www.ad-here.com - blink182.mp3" when you're searching for something constitutes an inconvenience, not an outright abuse, IMO...

A good solution?

[Riplakish]

Create a free-beer version that does exactly what Sharezilla does and watch all of the spammers flock to it like flies on shit. Why spend $75 for something when you can get it for free, right?

Make Sharezilla fight a two-front war by trying to combat GNUTella's filtering and disabling the free-beer version (a'la AOL Messenger fighting Microsoft and Yahoo's IM's accessing their clients). Sharezilla will go out of business due to lack of sales. Their server's will be shut down due to this, taking down the free-beer client with it.

Re:Flatplanet SPAM Solution!

[Quietust]

Or, as suggested earlier, modify Gnutella to use a system like this:

[Client 1:Broadcast] Anyone got any mp3s from this band?
[Client 2->Client 1] Yeah.
[Client 1->Client 2] Cool. Which ones do you have?
[Client 2->Client 1] I've got this one and that one.
[Client 1->Client 2] *** Send file
Trying to spoof would have a result like this:

[Client 1:Broadcast] Anyone got any mp3s from this band?
[Spoofed Spambot->Client 1] Yeah.
[Client 1->Spoofed Spambot] Cool. Which ones do you have?
[Status] No response from Spoofed Spambot.

Of course, the spambot could just assume that you're going to query it for results and send them anyways. Which is why a 'cookie' could be included; if the reply does not contain that cookie, ignore it.

-- Sig (120 chars) --
Your friendly neighborhood mIRC scripter.

Re:Network Abuse

[SpookyFish]

The question is, where do you draw the line on what abuse is? Universities think napster sucks their bandwidth, just wait until pr0nster comes out..

Re:[Not] A possible solution

[JasonChu]

Basically, it is a way of ensuring that the server receiving and acting on a request must spend a certain amount of time computing some function of the input in order to be able to send information back. . . The amount of work that needs to be done could be increased to keep up with the growth in speed of computers.

I fear that your entire premise is flawed. A system like this might work for a clearing-house system (e.g. Napster), but fundamentally infeasible for a distributed system such as Gnutella (see title).

In a Napsterish system, this would be an easier task, as you would only have to deal with one server. Gnutella, on the other hand, deals with numerous servers, and source is available allowing any would-be spammers to easily circumvent any safe guards built into it (and they could just tell their server to route to different servers for each request until the time limit is up or whatever).

[We are assuming that spammers have half a brain, but enterprising companies like the makers of Spamzilla, whose server was first slashdotted, and then apparently taken down, would probably be more than happy to create such as system.]

Furthermore, how can "The amount of work that needs to be done . . . [inccrease] to keep up with the growth in speed of computers?" Aside from any problems mentioned above (distributed nature, source availability), how would you ensure that someone would run the "correct" version for their hardware? Hell, Linux can run on a multi-processor Sparc or crawl on a 386. People don't upgrade all of their systems everytime a new top-of-the-line system comes out and it would be impossible to force people to choose the right settings.

Many users of Gnutella wouldn't be completely sure how to set the correct versions, and though an auto-detect feature could be implemented, it still is not perfect. Many people may find an old version and decide to use that.

There are many holes in your argument (and this may not be the most lucid rebuttal) that stem from your attempt to divide Gnutella in to a client/server setup, when it is actually a client+server setup. Moreover, your system would be impractical to see through to completion.

Re:Since the site's slashdotted already...

[Harik]

ShareZilla is network abuse and Gnutella itself isn't? That's rich. (I'm one of those annoying gits who think that tcp/80 ought to be used for http and if you're running something other than http over that port, then you're abusing the network. Gnutella shouldn't let users bind below tcp/1024. It's that simple.)

And I'm one of those annoying 'gits' who actually takes the 30 seconds needed to determine... wow, gnutella is running http with extensions! Imagine that!

In fact, you can point a webbrowser there and fetch a URL. (which is how the gnutella-webproxy works. It searches, and returns links to the URLS of the finds. You connect directly.)

If you want to prevent network abuse you have to design the network to resist tampering by abusers.

This I completely agree on. Freenet is much better designed and it still has abuse potential. Although most of the ways I can see to abuse it stem from the cryptography not being fully 'there'... hashes of strings 'labelling' data is inherently abusable. Simply collide the string, or return arbritrary data for the string. The intended data-hash label method is cryptographically difficult to abuse. Then all you have to do is trust the person giving you the data tag. (Another problem entirely)

--Dan

Re:Wonder if this could be dangerous?

[great+om]

sorry, i haven't used dos or windows in a while, but couldn't one just take(for example) a compiled virus called Iloveyou.exe and rename it iloveyou.com, and have it work?

Re:Network Abuse

[Harik]

That's the dirty little secret of spam-software companies: Spam doesn't work. It gets you kicked off your ISP, it gets you tons of flame mail, it may even get you sued. In the beginning there was spam, and it was only a couple of messages a week at most, and newbies who didn't know what it was figured it must be legit. Now even most newbies know better, and if not they learn fast. Sad fact of life: Spam _DOES_ work. Everytime I nuke a spammer drop box, besides the flame there are idiots inquiring to the services. It really does fall into the same category as direct mail solicitation... send out a million snail mails, get 100 responses. Send out a million emails, get 5 responses. Email is a hell of a lot cheaper then meatspace marketing.

The only way to stop spam is to make it expensive. Otherwise it will continue to attract new people. The fortune 500 are starting to spam, and they've got the resources to do it.

--Dan

What about the 1-800 number SPAM?

[j_snare]

Has anyone come up with something they can do about the people who post 1-800 numbers (or whatever number) and don't give a site or e-mail?

I'd presume they'd start using stuff like this if we started retaliating in numbers..

Re:Slashdot values

[streetlawyer]

Nope, I'm afraid you're sadly wrong; FreeNet's Ian Clarke condoned its distribution in an interview, claiming that it was a consequence of FreeNet which he was willing to tolerate, and he was defended in this by a number of the very same Slashbots who have stormed this thread with anti-spam diatribes.

They aren't files, they are spoofed file names.

[mgl]

Streetlawyer, The ads are returned to the Gnutella client on every search. They are not real files on the network. They are fakes, generated on the fly in response to every query that passes through the parasitic SPAM client.

Re:For those experiencing the "Slashdot Effect"

[Riplakish]

Why was this modded down? I could understand if the previous post was posted 30 minutes before, but 1 MINUTE separated the posts. In other words the other poster hit the submit button a few seconds before me.

In cases like this, modding down is just a waste of moderator points. Get a life.

Re:FlatPlanet are wrong - they can be banned

[Mike+Connell]

> You get the IP of the person responding in the packet directly, don't you? so just blacklist and send out a broadcast spam alert.

As far as my aging memory can remember, the IP:port pair in the reply is there so that firewalled machines can request a PUSH connection, instead of connecting themselves. In other words, it doesn't have to be correct, and I think the flatplanet site says that they munge this value.

From the other replies to the post, I'm thinking that although it would work, the "right thing" would be to do PK encryption. Then you can really trust a node. I think that something in the style of the PGP web-of-trust system would work here.

best wishes,
Mike.

Re:Network Abuse

[Winged+Cat]

How many times has a newbie relative of yours sent you the cookie recipe?

Never. My relatives - and just about anyone who exchanges e-mail with me (and where I'm pretty sure they're not a spammer themselves) - know better, or they do after the first offense (usually from the volume of angry e-mail from my friends who they've CCed, before I even see their e-mail) if they don't already.

Spamming and Freenet

[blanu]

We believed that we've fixed this problem in Freenet. We only send the hash of the key ("filename", "search string", whatever) into the network, but the file is signed with the unhashed key. Results that are not properly signed are automatically rejected. The result is that a node can only return a file (and have it accepted) if it actually has a file inserted under the same key. It can't fake it. Of course, we don't have searching. This only stops spamming when you actually request a file. Searches have to be transmitted in the clear. To make that harder to spam you need a web of trust system with reputations and ratings so that you can find good, valid content.

Re:Wonder if this could be dangerous?

[guran]

Been there done that...

Re:Wonder if this could be dangerous?

[DavidTC]

No, morons are starting to look even stupider. :) Let them walk into traffic, clears out the gene pool.

-David T. C.

Re:Rant about online advertising.

[warpeightbot]

This is the hell of the whole situation:

• I spend $80 to send an advertisement to X people, where X is a really God-forsakenly large number. I'll say 8000, because I like it. Keep in mind that unlike commercials or billboards or the like, this is a *one-time* cost.
• 99% of those 8000 just ignore my advertisement.

See, the ad men have got us conned into thinking that every pair of eyeballs that gets laid on their content is worth something to us. This is what has the whole media industry (and things dependent on it, like sports) so way fsking out of control, is that these big faceless corporate machines like, say, Pepsico or Kellogs or you-know-who up in Redmond are convinced beyond the shadow of a doubt that every doofus that sees their ad is statistimagically going to ante up another umpteen centicredits and fatten their coffers even more. And the little guys believe it too, because if it works for Megacorp, it must work for them, and so I get a hand-addressed envelope for "resident" in the mail with a couple of little hand-cut flyers for real estate... this poor deluded young lady thinks she's going to strike it rich by spamming our whole complex and wasting goddess knows how many trees.... and so we get spam any which way but loose across the net; banner ads, popup windows, email, usenet articles, Slashdot comments.... and there's no opt-in, only opt-out in which we have to tell them who we are to get them to stop.... now they have a list of potential subversives.... *sigh*

How do we make it stop?

I don't know. I'd sure like some ideas. But I think the most cost-effective way to do things is the moral equivalent of the yellow pages. If I want a given product, I'll go searching thru an index, and at that point I'm asking to see ads. I *might* be interested in a "what's new" area... anonymously tailored to my interests. Other than that, I prefer my world ad-free... and for damn sure I shouldn't be having to pay the freight for anyone else's content (banner ads, popups, or anything else that wastes my bandwidth). If I'm getting a service for free (radio, broadcast TV) that's one thing, but if I'm paying, real content only, please. Anything else is just going to annoy me, or worse.

--
Do not meddle in the affairs of the BOFH,
for he is subtle and quick to*#![[NO CARRIER

Re:For those experiencing the "Slashdot Effect"

[Riplakish]

I know it's a troll, but what the hell:

Did I mention anything about karma? If you re-read what I posted, I said it was a waste of moderator points. Other more useful posts could have been modded up, instead of 4 mod points being wasted on a post that was only intended to help with a /.ed website. I didn't even expect the my original post would be modded up at all, because it didn't add any original insight to the topic. It was just a public service. Although I see that the post before mine got modded up to 5 (why???)

Re:Thank you for your response; please read mine

[DavidTC]

There are actually two bad things here. The first is, yes, people putting blank books on the shelf that look like other books, but merely have ads in them. That, in itself, isn't the really bad part.

The 'ads in searches' is. The best analogies is that someone randomly inserted 'ad cards' into the card catalog (pretending we still had those), where, everytime you tried to look up a book, you got a couple of ads.

-David T. C.

Cut it off at the source

[alleria]

Okay, what we have to do is massively DOS flatplanet continuously. Not just the SlashDDOS effect, but _continuously_. Until their site becomes unusable, and they have to move.

And then do it to them over and over again. If they're scrambling their IP, this might be the only way to attack them.

A second option would be to target their customers, and DOS them, preferably telling them why they're being DOSed.

Re:the question is

[acb]

The one bone-dumb idiot in 10 million who responds to "MAKE MONEY FAST" spams and pyramid schemes. And once Mr. Spammer has their credit card number, it's mission accomplished...

Re:Wonder if this could be dangerous?

[Chiasmus_]

Assemblers will of course but how many script kiddies can do assembler?

Fortunately for the script kiddies, it doesn't take a whole lot of assembler knowledge to really fuck everything up :) Trust me, I know.

Re:Slashdot values

[skimmer]

It's not so much the what as the how. If someone were doing this with ANY OF THE CATEGORIES you mentioned -- making every search return an exact match to a renamed file which turns out to be child pornography or bomb making instructions every time -- you'd better believe they'd be taking the same heat, and rightly so. But of course, where's the money in doing that?

Legal commercial advertisements are fine, but this delivery method is NOT. They are not being censored. Imagine if you were looking for a book in a library, and you picked a few up and checked them out, only to find that although the cover looked like the book you wanted, ALL OF THE INSIDE PAGES WERE ADS. Imagine that this happened with every book in the library. You can see how this would piss people off no matter what was in the book -- the point was it's not what you requested.

filtering idea

[SethJohnson]

Ok, I think this would work:

1. When each Gnutella client connects to the network, it issues a user-configureable search for a non-existent file. Supercalifragilisticexpialidocious.mov for example.

2. The client then checks the results and chops the appended text string from the original search term and adds it to a filter list.

3. The filter list is used both to screen out spam results the client receives and also refuses to route them as results of other people's searches.

4. For performance, the client purges filter text entries that are over x days old.

At first glance, it might seem that these extraneous queries are going to add an excessive amount of traffic to Gnutella.net, but this additional traffic will be minimal compared to the amount of spam traffic this technique will silence. ShareZilla's defense against this strategy would likely be to add a dynamic variable to the returned text, such as a timestamp. There are methods available to deal with that, though.

Seth

Re:Companies fake competitors' spam for their bene

[British]

That's probably what's stopping of spam difficult.

Let's think about this. When you spam, you are advertising a product/service. YOu have to leave some sort of legitimate contact info so people can buy YOUR stuff., SO, logical choice would be to call their 1-800 order number and bitch the hell out of them, right? What if the spammer was advertising someone else?

So I guess that would leave it to go directly after the spammers themselves, whether it is a legitimate or a competitor's phone number/mailing addy. Argh.

Re:Network Abuse

[Old+Man+Kensey]

radar bunny wrote:

this is what's always bothered me about spam. I mean who is actually viwing a spam email or chat message ans daying "yea yea..i got buy that or goto that web page?"

apparently someone is... but who?

That's the dirty little secret of spam-software companies: Spam doesn't work. It gets you kicked off your ISP, it gets you tons of flame mail, it may even get you sued. In the beginning there was spam, and it was only a couple of messages a week at most, and newbies who didn't know what it was figured it must be legit. Now even most newbies know better, and if not they learn fast.

Where the only real money in spam is, is in selling spam software and services to people who think spam is the answer to their marketing woes... and there are fewer people that gullible every day.

Ultimately spam is going to kill what little effectiveness it actually has (yes, there are people who are so desperately in debt, or impotent, or whatever, that they'll even try something that came to them out of a spammer's noxious droppings), just like banner ads have done: precisely because they're so ubiquitous. Like static on your TV screen, you learn to just filter it out (both electronically and mentally), which is why banner ad clickthroughs are a tiny fraction of a fraction of a percent these days.

When I did ISP admin work I dealt twice with a local chickenboner (as nanae calls small-time spammers), and he fit every stereotype you ever heard in the net-abuse groups: sleazy, shady, nearly bankrupt and desperate to make a quick buck any way he could, besides having a persecution complex bordering on clinical paranoia. Ultimately he ended up being profiled by a local paper because of his other failed ventures.

Re:Rant about online advertising.

[Damien+Vryce]

"Always count on the power of human stupidity." and "There's a sucker born every day." These seem to be the motto spammers live by.

Sometimes the fact that spam does make profit based on these ideas leaves me rather disappointed in humanity.

Re:Slashdot values

[DavidTC]

Um, how the hell can the rules of the game rule out child porn?

And, yes, we're straining to filter these ads and not child porn, for quite a few reasons. a) Sharing child porn is exactly what the system is designed for....or any files at all, and b) the child porn on the net isn't hurting most of us at all. The lying search results are.

-David T. C.

Re:Slashdot values

[DavidTC]

This 'kiddie porn' thing is really worrying you, isn't it? You know, I'm willing to bet most kiddie porn images on the net are actual violations of copyright, and were, at one time, in a for-profit magazine. And that's the real reason kiddie porn is illegal...because the production is illegal. Managing some insanely complicated AI system to keep kiddie porn off gnutella doesn't really help if the images were already producted and everything, just not put online, does it?

Now, yes, I'm sure there are a few amatures who abuse kid to produce porn for free, but, I think the abusing the kids would probably happen without the porn, anyway.

So the only places it can come from is a) for prohit place (Which need to be shutdown when sold instead of chasing after the images they produce that end up on the net.), or b) Amatures, who'd abuse the frigging kids anyway (I'm not saying that is, in anyway, acceptable, just that I don't think taking pictures while people abuse kids makes it better or worse.) The actual 'trading kiddie porn images' isn't the problem.

-David T. C.

One question:

[DavidTC]

Who the heck is Gnutella? You mean Nullsoft? Nullsoft is no long 'offically' producing clients.

-David T. C.

Re:Slashdot values

[FreekyGeek]

Don't be a buffoon, John - no one on Slashdot has ever condoned, or approved of, the dissemination of "kiddie porn" in any way. I've been reading Slashdot for years, and nothing I've ever read here, posted either by the maintainers or users, could be construed to mean that they approve of "kiddie porn", or oppose prosecution of the scumbags who deal it. Just because people question the methods used to find such things doesn't mean they approve of it.

Re:Slashdot values

[streetlawyer]

child porn on the net isn't hurting most of us at all. The lying search results are.

Don't you think that's just a little bit of a callous attitude?

Re:Slashdot values

[set]

the fact that the ads show up on my screen show that something was sent to me, regardless of how big it actually was, and even shadier is the fact that they have said that when gnutella has filtering implemented, they will find a way around it. do you work for flatplanet or something?

Wonder if this could be dangerous?

[dustpuppy]

In addition, ShareZilla can transmit an MP3 file (if that's what the user is requesting), or it can transmit a Movie, Text, HTML, VS, etc.

Hmmmm, is anyone else seeing the possibility to transmit macroes or virues this way?

Re:Wonder if this could be dangerous?

[stevey]

Pick a random .exe file, and rename it foo.com.

It'll still run properly, cos Windows, and MS-DOS, determine the file type by looking at the header..

Steve
---

Re:Wonder if this could be dangerous?

[generic-man]

Surprisingly, you can! I just tried this on my system (Windows NT 4.0 SP6) and it ran the .com executable just like the .exe one. The only downside is that the icon is reset to a simple generic program icon. (Not like that'll stop someone sufficiently dumb.)

Re:Wonder if this could be dangerous?

[SlightlyMadman]

Are you joking? That's what Gnutella does, it transfers binaries. You could transfer a macro or trojan with Gnutella since its inception (although I've seen clients that will block .vbs files from your search). Just never open an untrusted script or executable, and you should be fine.

Re:Wonder if this could be dangerous?

[brunes69]

The only files that you could transmit a macro or virus in would be like *.doc, *.exe, etc. And what would be the difference between downloading one of these from ANY GnuTella user or this service?

Besides, If you're downloading anything that has a filename like "MAKE MONEY FAST - WWW.SPAM.COM.exe", you deserve to be infected. In fact, you deserve to be shot.

Re:Wonder if this could be dangerous?

[stevey]

Yes I've seen one already.

It would do the search result spoofing, so if you searched for "Pink Floyd" it would return "Pink Floyd.vbs"

The vbs file would then attempt to modify your file sharing directories, via textually modifying your .ini file to share your root drive.

At the time I was impressed .. a potentially better way would be to have the script be a JavaScript embedded inside a HTML file - most browsers allow lots of malicious things inside script on HTML files on the local machine

(IE. "Local Intranet" on IE).

Steve
---

Re:Time to cut Florida off the 'Net.

[Rev.LoveJoy]

The elderly and their money are easily parted.

-- RLJ

Network Abuse

[Deven]

This is one of the clearest examples of network abuse I've seen. These people seem to have fewer scruples than the average script kiddie.

It's unfortunate, but people are going to have to start designing applications and protocols with this sort of deliberate abuse and subversion in mind. (Of course, protecting against it is easier said than done...)

Re:Network Abuse

[generic-man]

I'm sure Martin Luther King and Gandhi would be proud that you refuse to pay for music. Napster Inc. should expect its Nobel Peace Prize real soon now.

Re:Network Abuse

[monkeyfamily]

WALL-MART must be destroyed! Shoplift there whenever possible - they've put huge numbers of small stores out of business with their anti-competitive practices (ie. cutting prices & losing money when they enter a town, till their local competition is dead, then jacking them back up)

Re:Network Abuse

[gowen]

This is one of the clearest examples of network abuse I've seen. These people seem to have fewer scruples than the average script kiddie.

But it is ironic that a network tool that is popular because it enables people to do things of dubious moral character (copyright violations) is being f*cked over by people doing even less moral things. Given that no-one had heard of Gnutella 6 months ago, it won't take long for a replacement that deals with this in some way (killfiles, moderation, whatever).

I guess a new slogan is needed:
"Hackers view advertising as damage, and route around it."

Re:Network Abuse

[Ketzer]

"Hackers view advertising as damage, and route around it."

I like that, I think I'm gonna quote you on that one.

I see this as a serial killer unleashed on the bootlegging community of Prohibition times. A large community of people breaking the law, but whose only real harm is that perhaps they're depriving companies of revenue. Now they aren't being arrested, but are instead being attacked by other citizens.

I'm not sure how the morality all works out in the end, but in the meantime, I think it's probably a bad idea to directly antagonize the hacker community. Sure, the majority of Gnutella's users are relatively ignorant mp3 and porn sharers, but it's a powerful Open Source networking tool, and has support from some skilled people. If flatplanet declares war on the Gnutella community, I'm betting on Gnutella in the long run.

Besides, how effective can the ads be? I know I would be less likely to buy from a company that was already antagonizing me and whose advertising was presented in the form of an attack.

Re:Network Abuse

[Ketzer]

Yes, it's a lot like Amazon and a few other online retailers.

They fail to turn a profit, but people keep investing their millions, because they're sure that any day now those millions of viewers they've accumulated are going to start showering them with purchases.

The difference is that Amazon *might* just pull it off, because their "viewers" are there voluntarily looking for stuff to buy, and if Amazon could cut their costs down, they've got the income to turn a profit.

Spam on the other hand, seems to me to be all cost (albeit probably a small one) and no revenue. Personally, I have been known to follow an ad banner or two. I'm not sure if I've ever bought something off one. It's hard to really determine what is "spam" and what is just advertising. But I can say that pop-up windows in my web-browser get closed angrily instead of read, and unsolicited emails get deleted. It's one thing to pay for ad-banners, which support the page I'm visiting or service I'm using, but unsolicited email is quite another.

Re:Network Abuse

[jmagar.com]

Actually, spam is the most effect advertising tool on the web today. No joke. Banner ads are second to spam.

Spam certainly doesn't work on the typical /. reader but send my grandfather an email and he'll gladly jump to your site, simply because he doesn't have any thing else to do today. Same goes for the average AOLer or any newbie who is just getting into the internet. They are unaware of the social implications of spam and continue to support it.

How many times has a newbie relative of yours sent you the cookie recipe?

Cheers,
Mike

Re:the question is

[TCaptain]

Even more telling is their return policy which guarantees your money back if their software doesn't do what they say it will do...now I'm sure all the happy clueless little spammers will rush and get this app, misreading the return policy into a guarantee of profits when in fact all it promises is that you will reach a number of users

But then again, I wonder if ANY spamming company is stupid enough to guarantee profits? Anyone know?

Re:Slashdot values

[Trifthen]

Sure, if you want to download that crap. But think of a few other things, you small minded little crack monkey.

Ever read Cryptonomicon? Ever hear of putting information that some governments want to censor, in a place that makes it available? That's why stuff like this is perfect for a lot of things. Declaration of independance? I can find one on teh web, compare it to my country's, and make an informed decision on what I should lobby for. Censorship? On the net, I think not. Anonymous is just that much harder. It's called a data-haven, you freaking moron. Get it through your thick skull. Any platform can be abused by putting illegal crap on it, but you can't cut your nose of to spite your face.

Chose to ignore it all you want, but it isn't as simple as you put it. Besides that, advertisements usually cost money. These people are trying to turn low overhead into max profits without having to go through the channels that honest businesses use. TV, radio, ads, etc. They're cheap, worthless bastards just like the people who post porn and warez on this system. They're abusing it for their own ends, period.

Trademark infringement.

[angelo]

I fed the troll from flatplanet.net in a feedback to spam.com:

http://www.flatplanet.net/ is improperly using your intellectual property, an image of your can to promote "spamming" software. I suggest your take them to the boards.

have a nice day.

This would be interesting, if spam.com wasn't so glitchy. Perhaps someone else can get through?

Of course /. STILL uses the can for the "spam" stories, but they don't profit directly from it.

Re: can't access flatplanet

[Monstre]

I can't seem to access them either. Looks like their servers suck as much as their nefarious schemes. I don't get why someone would want to *do* something like that. But then, I don't get why people play the lottery either.

The Basics

[Jawbox]

Here are the basics, from the way I understand them. The company flatplanet.com is offering a 80 USD software packagew that allows a user to spam the Gnuetella network. For you eighty buck, you not only get the software, but a upgrade path for each time Gnuetella figures out a way to filter the software.

Isn't progress great, its spammers like this that kill off things like Usenet and now Gnuetella. Mark my words, this program will do more damage to Gnutella than the RIAA could ever hope to.

Re:The Basics

[TCaptain]

Actually there ARE only 12 people who post to usenet, the rest are spammers or AOLers with "Me too" messages. :)

Re:The Basics

[DrQu+xum]

Isn't progress great, its spammers like this that kill off things like Usenet and now Gnuetella. Mark my words, this program will do more damage to Gnutella than the RIAA could ever hope to.

<conspiracy mode=on>
My God, you've hit on it -- RIAA are trying to destroy gnutella through spam! If they can't sue it, they subvert it.
</conspiracy>

Re:The Basics

Usenet isn't dead yet! It's feeling better! Really!

When are people going to stop exaggerating the news of its death? From the way folks make it sound there are like 12 people world-wide posting to Usenet. Sheesh!

Re:The Basics

[Golias]

That reminds me of a comment Yogi Berra once said when asked about his favorite restaurant:

"Nobody goes there anymore. It's too crowded."

The Good, the Bad, and the Truly Evil: Salesmen

[teasea]

Jesus! and so many call us evil pirates. Herein lies the true heart of evil.

I love Gnutella. Just goes to show that no good deed goes unpunished.

Re:[Not] A possible solution

[Signail11]

Your rebuttal derives from a misunderstanding of the protocol that I proposed. Every user selects their own threshold for how much work they want others to have to do before their *own* client will choose to display results. In turn any user receiving a request can set a threshold for how much work they choose to do in computing collisions; if the user decides that computing a 19-bit collision would take too long on his/her computer, the program would simply drop the request. The argument that different servers could be routed through is true, but irrelevant: the primary filtering will occur on the client that has sent the query and intervening servers (if any) may choose to ignore the hash cash if they choose (although this would result in slightly lower utilization efficiency, in that if intervening servers *did* check the hash cash to meet *their own* threshold, blatantly obvious spam could be dropped immediately). The scheme is based that if enough proportion of people set reasonable thresholds (that they decide personally is sufficient for imposing a great enough cost of spammers while only causing a reasonable delay for other users), it will develop an immune system of sorts against mass spam, whose senders would find it impossible to do the computations that would meet the general threshold standards. The system is in fact rather easy to implement; I might consider writing the patch myself and submitting it in a week or so.

Since it's slashdotted...

[generic-man]

A search on Google turned up only two hits to Sharezilla. One was the site mentioned in the article; the other was this comment from a /. article posted last month. Could be helpful.

Re:Since it's slashdotted...

[sstrick]

I had the page up from before it was slashdotted. This is taken from : http://www.flatplanet.net/nu.html

What is ShareZilla?

ShareZilla is a quick, cheap, and easy way to promote your products, services and web-sites across the latest and greatest thing on the Internet: Gnutella. ShareZilla intercepts every Gnutella search that comes across its network horizon and re-transmits an ad back to the person originating the request. In addition, ShareZilla can transmit an MP3 file (if that's what the user is requesting), or it can transmit a Movie, Text, HTML, VS, etc.

When the search originator sends out a request like: "Strawberry Rhubarb Pie" ShareZilla will return a string like this:

"WWW.FlatPlanet.Net - Strawberry Rhubarb Pie.mp3"

This is very useful if you're on the web to make money. If you're not on the web to make money, this is just a really neat way of finding out about the latest commercial press release about Strawberry Rhubarb Pie.

What is Stealth Mode?

While running in stealth mode ShareZilla responds to search requests with a advertisement string, instead of a file. Since the viewer of the ad does not need to download any files (or viruses) to their system to get your ad across, ShareZilla takes the opportunity to scramble its home IP address and other identifiying data that would otherwise be necessary to download a file, or find out who and where you are.

Since the response to the search does not include any return address, ShareZilla uses Gnutella Net's natural anonimity to keep your home IP address from being discovered. This way you don't have to wory about any number of hack attacks, which can only be done once the hacker knows your home IP.

OHMYGOD!!!

[SvnLyrBrto]

I just moved to San Francisco from Orlando a few months ago.

First off, check "Jonathan Byron"'s reply. He summed up many of the points quite nicely.

But I just have to chime in, 'cause I recognise the address.

Knights Krossing is a notoriously shadey apartment complex directly across the street from the UCF campus, at the corner of Alafaya and University. I actually used to live about three miles west of there on University.

The complex caters to the least responsible of all the college students there. You rent a BEDROOM in an otherwise (poorly)furnished apartment. Each unit has four of these bed/bathroom combos, and you get paired up with roommates at random if you don't have a group of four. Utilities are included in the rent, but between the four of you, you still wind up paying about twice what it would cost if you were responsible enough to be able to pass a credit check and rent a house. But then, there's totally insufficent parking there, perhaps being right across the street from campus, mabye you make up for the price by not maintaining a car.

Basiclly Knights Krossing is (for the most part) where you get the 'rents/government to pay for you to live if college is simply 13-16th grade (or 17th or 18th as the case may be). I'm talking party central here. Any given night you can drive in there, park in a guest slot (or you WILL get towed) and find a kegger or five open to anyone who staggers up to the door (drinking age? what's that?). It is also where you go if you want to score weed or ecstacy or acid (or possibly something worse) and you don't want to head over to the bad part of town.

*LOTS* of dubious "business" deals go on there. From chem majors selling their cooked up batches of LSD, MDMA, and GHB, to CompSci majors running spam or porn sites (in at least one instance I know of, the FILMING of said porn was done in a Knights Krossing unit too). It's across the street from UCF, so there's bandwidth aplenty, both cable and dsl), and UCF does have a fairly good CompSci program (graduate, at least... undergrad classes are rathar lackluster).

Also, if you note the "technical" contact, you'll see "adelphia.com" adelphia is a notoriously WRETCHED cable company that, in Florida, just HAPPENS to employ a fair number of UCF grads.

Funny how it's such a small world after all...

john
Resistance is NOT futile!!!

Haiku:
I am not a drone.
Remove the collective if

Re:OHMYGOD!!!

[isfry]

To go on with this I looked at the ip pool for the site and it is in a dsl pool it looks like the site is hosted in someone's home on a dsl link in the Palm Beach area. So it might be some guy going to school to learn to spam and using his parent's house at home to host this thing. Hence why it tanked with the first hint of /.dom.

Don't Respond

[Ssolstice]

Wouldn't it be best to not buy or browse anything that is advertised? I mean, if gnutella users hate the advertisements, how will the advertisers make money of us if we don't buy or go their sites?

Re:Don't Respond

[Tet]

Wouldn't it be best to not buy or browse anything that is advertised?

Yes, it would, but unfortunately, life's not like that. The reason spam is so common, is that it works. It costs so little that you only need a tiny response rate to be making profit. There will always be clueless newbies with the "oh, that's an interesting offer, I'll go and have a look" attitude. From what I've heard, email spam currently gets around a 2% response rate. That's about the same as traditional bulk postal mail, but the costs are so much less that the profit margins are significantly higher. You or I wouldn't buy anything from a spammer, but enough people do that it's not going to go away any time soon.

Re:Don't Respond

[TCaptain]

The way I understand it, there are two factors at work here. First, there IS a small percentage of people who are dumb enough to buy from spammers (and there always will be until every one in the world is born as an experienced net user. Second, I'm betting that its the same phenomenon on the marketting side, companies try it, see the small (or negative) results and give it up...but for every company that does, there's five more clueless entrepeneurs who figure "What the hell, let's give it a shot" who create MORE spam.

I don't advocate illegal tactics, however, I only see one solution to the problem and that's to make it painful/annoying/costly/troublesome for people to use spam as a "legitimate marketting technique" (I actually was TOLD this from a company marketter when I called to complain about the spam). I would imagine that should this become a reality either by laws (and enforcement of those same laws) or by other means, then companies won't want to risk it. On a personal level, we can always "educate" the people around us about not buying spam products...

"I am NOT a procrastinator...I'm temporally challenged" - myself

This will be solved pretty quick.

[Gannoc]

Gnutella simply puts something in their program stating,

"Keep Gnutella ad free. Inform advertisers that you will not purchase their products or services while they use any advertising method that interferes with the gnutella network."

Re:Time to cut Florida off the 'Net.

[BigBlockMopar]

The elderly and their money are easily parted.

Forget their money. I want nana's cherry old rust-free low-mileage 1974 Plymouth Scamp.

(Let's face it, Florida's roads will be safer if she takes the bus to bingo instead. Scamp vs. Honda = slightly dented Scamp, completely flattened Honda.)

Re:Since the site's slashdotted already...

[katre]

No, there is a use to showing the checksum in the returned string.
If I get five results, 4 of which have a checksum of 0x2343245, and another which has a checksum of 0x00003, then I can guess which is a forgery.
Sure, they've put their ad into my search, but at least I won't be accidentally downlaoding their commercial jingle.

Oldschool DOS knowledge.

[ucblockhead]

Ok, you probably don't care, but you could just as easily name it just "MAKE MONEY FAST - WWW.SPAM.COM". It would execute just as well.

The way to deal with Spammers

[NumberSyx]

I read recently in 2600 magazine, an article about how to deal with spammers. According to the article the best way to deal with spammers is to waste the only resource of thiers we can, time. What we do is when one of these spams pops up, we goto the website and email the webmaster or thier service provider, complaining that the file they advertised was not available on thier website. Demand they make the file available. If you are really mean, suggest you will file a complaint with thier local Better Business Bureau or Chamber of Commerce. Better yet, do searches on copyrighted MP3's and then turn them in for illegally distributing copyrighted material, this has a special irony to it, turning the two great evils of the Internet against each other.

Jesus died for sombodies sins, but not mine.

It's not about Gnutella

[Hrothgar+The+Great]

The problem is not singular to Gnutella. Deceptive advertising is prevalent in nearly every forum for communication or sharing of any kind available. I certainly never encouraged anyone to download pirated content, and though this is most of what comprises the content of Gnutella, I could just as easily be searching for something legitimate.

Or i could be using altavista.com and have a bunch of non-existent *.cx sites point me to clickheretofind.com, no matter what I search for. (Yes, this actually happened last year).

Re:I have a new spam address

[blakethompson]

Surely you meant to say "justinalexander@usa.net". I don't think the mailto: tag got put into your original justinalexander@usa.net address. But if I was justinalexander@usa.net I'd get mad because I'm sure that putting his email address (justinalexander@usa.net) up on Slashdot will generate a lot of unwanted mail to him (justinalexander@usa.net).

Have a nice day, justinalexander@usa.net

Pay for something that I get free

[Dungeon+Dweller]

Much like paying for sex, I don't see why I should pay 80 bucks to get onto gnutella. "COME Use our software that logs into gnutella. Pay 80 bucks to do so! If they cut us off, we'll find a way to get back on."

Cool... And I care because?

Re:[Not] A possible solution

[JasonChu]

Every user selects their own threshold for how much work they want others to have to do before their *own* client will choose to display results. In turn any user receiving a request can set a threshold for how much work they choose to do in computing collisions; if the user decides that computing a 19-bit collision would take too long on his/her computer, the program would simply drop the request.

. . .they decide personally is sufficient for imposing a great enough cost of spammers while only causing a reasonable delay for other users

So what you are arguing for is an elitist network? Even if users do play nice, and set what they consider to be "reasonable" settings, you still have no provision for older hardware. Only those with the processing power to handle complex computations will be able to use the network; this is even worse than it is now where you must have a high speed connection to be able to nudge your way on.

Perhaps you can afford to buy the most expensive computers. . .perhaps even a beowulf cluster of them (can you imagine . . .), but some of us are trying to save money for other things and not blow our entire savings on the latest hardware to be able to exchange files in a "free" system.

What you advocate would completely ruin the Gnutella system and community--not save it.

Re:Could there be GPL violations here? - No

[DarkMan]

Firstly, you are assuming that they modified an existing client, and did not write thier own. Whilst it is straightforward to write one, I agress that they probably just modified an existing (GPLd) client.

However, doing so does _not_ require them to release thier source. All it does is require them to make the source available to anyone that that distribute the binary to.

I really don't think that most spammers are up there with the GPL and all the legal issues, so all the need to do is sell the binary, and hope no one asks for the source.

Even if someone does get the source, then how likely are they to distribute it, being a spammer dumb enough to by this? I just don't think that it's going to be spread widely.

This is not a 'loophole' in the GPL, nor is it a fixable problem.

(Not currently a lawyer)

Maybe I'm stupid...

[freebe]

... but that summary was incoherent (did CT remove some text somewhere) and I'm left with absolutely know idea of where the spam is or how or why. Can somebody explain the story to me, for those of us without osmosis and who don't know the story?

Re:Maybe I'm stupid...

[swdunlop]

You're not the only one, Free.. Taco, you need either more caffiene, or some sleep. I don't think today's article was even English.

Re:Maybe I'm stupid...

[Fishstick]

If you're referring to the summary, it was written by the one who submitted the article, darekana, not CT. I agree that it didn't make much sense. I would have thought CT would at least wait for another to submit the story with a more coherent summrary, but then you've got darekana bitching about how he submitted it two days ago... *sigh*

Re:[Not] A possible solution

[Signail11]

If you insist on imagining words that do not exist in my posting, I don't think it's productive for me to continue to reply substantively. If people set thresholds high enough that people with much older computers are not willing to tolerate such a high delay, it is their choice to do so. Subnetworks form all of the time even today. Even today, if you are running off of a 14.4 dialup, I wouldn't expect many people to be sharing files with you. The computational burden threshold can be set low enough that (does some back of the hand calculations) a 386 running at 25 Mhz will incur at most a half second delay, while still preventing a top of the line spam machine from responding to more than a couple dozen queries at the same time. I submit that it is better to take proactive measures against spammers, who will certainly ruin the Gnutella system for *all* of its users, that may have the negative consequence of reducing, but not totally eliminating, the worth of the system to a small minority of its users.

Viruses in gnutella

[DrQu+xum]

I believe I've already seen something of this nature in gnutella - getting the search-string and reporting a file "[string].mp3.vbs".
Hopefully nobody on gnutella is stupid enough to download an unknown vbs script. :)

Re:Viruses in gnutella

[Thuktun]

Confirmed. The few times I used it, I saw lots of these.

I got daring and looked at the VBScript source on one of these. It traversed your shared directories and replaced all your files with copies of itself. Some Gnutella clients apparently have the ability to ignore responses from certain nodes, so ignoring infected users shouldn't be too difficult, if you pay attention to what you're doing

I don't expect the unwashed masses to be able to figure that out, though. Look at how well VBS.Loveletter spread.

Re: Their Response

[KeithKraut]

I can see it now . . . Distributed Gnutella Spammers!

How else you going to get those numbers crunching fast enough?

SPAM!

[kirE_lateM]

SPAM and german Nutella.

Re:SPAM!

[nomadic]

Not a very appetizing thought.
--

Re: Their Response (clarification)

[KeithKraut]

Yeah, um, that was supposed to be:

Distributed Gnutella Spam Farms!

Kinda like spamzilla@home . . .

Too easy to get around?...

[BLKMGK]

If you're only method for ensuring it's NOT a SPAMMER is to ask the supposed source IP if it's really got a file then this ought to be easy to defeat - yes? Simply cache a list of "real" files on real IPs (not yours of course) and then spit that back out. The verification check would find the file - yes? Perhaps I've missed something here - are they prepending the crap to the file name or is there some form of description that they've screwing with?

Let's jusy hope they don't find another ISP anytime soon!

Re:Too easy to get around?...

[TopShelf]

Exactly - the file name is the ad, in this fake-IP Stealth Mode. If you search for "Ozzy", a file returns as a query hit that reads "www.flatnet.com - get your porn here at blah blah blah... ozzy.mp3"

To get around this the way you're suggesting, the spammer would have to dynamically create the bogus filenames on these other IP addresses - something they could possibly do if they had the access on that other machine while running the software. But unless it's an unwitting partner in the process (trojan?), it exposes at least one of the spammer's machines.

Like I mentioned, I'm no IP guru. This is starting to make my head hurt...

good with the bad

[dirk]

I can't say I like it, but then again, I can't say anything bad about it either. If you want something to be completely anonymous, then you have to deal with everything that comes with that. Sure, you can copy MP3s and warez and whatever else anonymously, but anyone else can use it anonymously to advertise as well. People seem to think that anonymous is great because they can break any law and copy anything they want and can't get touched, well, these people think the same thing. So you get ads with your warez and illegal MP3s, that is something that comes with being completely anonymous. I don't like it particularly, but what they are doing isn't any more wrong than copying software, movies or music on gnutella (which is primarily what it is used for). But that won't stop people from screaming about it because it may inconvience them while they get things they should pay for for free.

Kinda like . . .

[TheMeister]

I submit that it is better to take proactive measures against spammers, who will certainly ruin the Gnutella system for *all* of its users, that may have the negative consequence of reducing, but not totally eliminating, the worth of the system to a small minority of its users.

Kinda like eugenics for distributed file sharing . . .

Hardly a suprise

[Cool+Hand+Luke]

It will be interesting to see how Gnutella developers deal with filtering SPAM, but, since Gnutella is Open Sourced, clever SPAMmers such be able to look at what type of filtering is in place and come up with counter measures.

Seems like the anonimity of Gnutella is working against itself. It would be ironic (in the Alanis sense, I guess) if SPAMmers make Gnutella as effective at trafficking W@r3z as Usenet...

George Lee

Re:Hardly a suprise

[Sloppy]

It will be interesting to see how Gnutella developers deal with filtering SPAM, but, since Gnutella is Open Sourced, clever SPAMmers such be able to look at what type of filtering is in place and come up with counter measures.

That is why the final solution is going to have to be social rather than technical. Probably some kind of web-of-trust where someone rates files and/or servers based on whether they're spam or not. No amount of analyzing the source code is going to give the bastards the ability to fake RSA or DH signatures.

---

Ads? What ads? I don't see no stinkin' ads!

[BLKMGK]

Banner blocking software is a wonderful thing! I don't know what response the sites get back but AtGuard (since sold to Symantec dammit) blocks banners VERY well! It also blocks refers, cookies (instance by instance or site by site), and Java if I desire. It can prevent animated GIF files from looping endlessly too if you don't like the distractions. Last but not least - a nice fairly simple firewall is included. It may not be Fort Knox in the way of firewalls but the banner blocking alone saves me ton's of bandwidth on my crappy modem!

Lot's of banner blocking software out there besides AtGuard - check into it - you'll be very glad you did...

Rant about online advertising.

[scrutty]

I couldn't really understand whether this was supposed to be a joke or not , when I first saw it linked of memepool a couple of days ago.

Things like this just make my mind boggle. Advertising / spam on the net really drives me nuts. Why do people seem to think that by pissing off thousands of customers simultaneously thay will somehow pick up revenues ? Where do these people keep their clue ??

I really fail to see the point of this sharezilla thing, unless its just designed to be a complete GNUtella spoiler that drives people away from the service.

Or maybe its a gag. Whatever.

Marketeers are worse than lawyers. And adverisers are the worst form of Marketeer , cos they con themselves that they are "creatives". And as for advertisers that work in "new media" they have to be the lowest of all

... whatever

Re:Rant about online advertising.

[ekidder]

Something that just occured to me. The thought is still completely forming, so bear with me a moment. Okay, think of it this way:
* I spend $80 to send an advertisement to X people, where X is a really God-forsakenly large number. I'll say 8000, because I like it. Keep in mind that unlike commercials or billboards or the like, this is a *one-time* cost.
* 99% of those 8000 just ignore my advertisement. However, they don't actually cost me any more money and the 1% who bought my product (which hypothetically costs $1) just paid for my advertising fees.
* If I want more revenue..I send it to another 8000 people.
Therefor, I am thinking that this advertising is based on the idea that in a sufficiently large amount of people, -someone- will pay you money. And you can always get more people -at no additional cost-.

Commercials on TV and billboards have to be craftier than that, because they have continuous fees. Spammers don't.

Eric ze Kidder

Re:Rant about online advertising.

[scrutty]

I appreciate this. But I find it incredibly hard to believe that spam, or at least spam of the caliber that I generally see works at all. Have you ever followed any up ?

Re:Slashdot values

[DavidTC]

Don't you think that's just a little bit of a callous attitude?

Damnit, I wrote a nice response to this, and Netscape for some reason closed the window. Anyway, basically, many, many bad things happen to other people. These things do not harm us. Clild porn is one of them. I do not wake up, eat breakfast, get annoyed by child porn, and go to woke. I'd never get anything done if Ipayed attention to all the bad things in the world, I have to pick a few causes and stick with them. You cause seems to be child porn, which is great, it is a worthwhile cause.

That said, the only problem with you creating a solution to get rid of child porn is hampered by the a) I mentioned and you didn't: Anyone can get on the network, and anyone can share files. If you have a solution to that, speak up. Don't wail 'What about the child porn!'. That doesn't solve anything. Also, see this for why banning child porn on Gnutella won't help anything. In fact, now that I actually think more about it, I wish so many people would pirate child porn that the entire industry collapses.

-David T. C.

Ohh

[Dungeon+Dweller]

80 bucks for a mod that returns spam to any search. I could write that in an afternoon, and it's still lame.

Re:Good start. Use it to identify spammers.

[SethJohnson]

This list idea would be good because it would alleviate the overhead of each client dynamically building its own spam filters.

One potential problem / benefit of using distributed indexes (or lists) rather than each client dynamically generating them is that they're susceptible to manipulation. Remember that list of 300k Napster users that Metallica compiled? They could just as easily append it to the "KnownSpammers.txt" file. This may be a benefit as it would enable people to protect their intellectual property within the Gnutella system. The problem is that entities like the Scientologists could also add entries to the "KnownSpammers.txt" lists for each host offering their texts, or whatever it is they keep hassling ISP's about.

The other challenge of such a list-based system is that it may not scale well (especially with Lars Ulrich appending 300k entries each week). It's really only essential for each client to be aware of the spammers operating on nodes near it on the Gnutella network. A list would have to be comprehensive for the entire network and would be a little overkill.

Perhaps a good implementation of the list would be if there were some sort of moderation system. It would have to be very similar to the slashdot system (automatic, logrithm based round-robin) because if there were official moderators in the system, then that give someone a target to sue. If these moderators were building the list, then that would help keep Lars Ulrich under control.

PacoVore's other good suggestion here is that the list be generated by the client, then offered as a search result. This would be great because users could gather up a bunch of lists, then experiment with searches to find which lists are an effective balance of no spam and no Lars Ulrich entries.(i.e. The goal being large results sets returned with little or no spam results returned).


Seth

I have a new spam address

I will be using justinalexander@usa.net for my spam address from now on, since Justin is such a big fan of spam.

I encourage you to join me.

(before you moderate me down, do a whois on flatplanet.net.)

alt.flatplanet.shaezilla.die.die.die

[synaptik]

Nice emulation of Stevenson's dialogue-writing style, ewhac.

Probalistic Analysis of Blacklists

[sahai]

Blacklists are a very good initial approach, but can be thwarted by the use of probabalistic responses. Basically, a SPAMMER would only reply to any given query with some small probability $p$. Then, using the approach of "random query, then real query" will let the SPAMMER through with probability $(1-p)p$. By setting $p=0.5$, the SPAMMER can still get through with probability $0.25$.

Of course, by keeping a cumulative blacklist based on $n$ prior "random queries," the probability of success for a SPAMMER will go down as $p(1-p)^n$. By using $p=1/(n+1)$, the SPAMMER can keep his probability of success above $1/(n+1)^2$. This is bad since practical $n$ is limited by the rate at which the SPAMMER changes his server's identity.

The upshot is that any blacklist-based system is guaranteed to let a lot of SPAM through if the SPAMMERS are adaptive (change identities) and many in number (more than $(n+1)^2$ where $n$ is the effective time constant of adaptation). Collaborative blacklists can increase $n$, but introduce significant trust issues since adversaries can start blacklisting legitimate sites.

Re:Slashdot values

[DavidTC]

Remind me again not to write messages when I just wake up. That first paragraph was before a shower, the second after, and this you can really tell. Now I'm actually glad Netscape closed my first response. :)

-David T. C.

Re:Slashdot values

[Omnifarious]

Yeah, there is that argument. *sigh* It's a hard problem.

Re:What about IP verification??? Won't work

[DeQuincey]

Then what does it rely on? Are you using NAT (Network Address Translation) or maybe a proxy on your firewall? I have a similar setup, most TCP/IP apps don't have a problem with it..

Re:A better answer

[botono9]

A program like GnoLife could do this job, sending random requests (or other methods for finding spambots) and keeping a list of the nodes. Then log in with a client that checks with this program's list and avoids connecting to those addresses, and kills any incoming connections from those addresses.

botono9
All limits are self-imposed.

The Basics (of Paranoia)

[Halloween+Jack]

Isn't progress great, its spammers like this that kill off things like Usenet and now Gnuetella. Mark my words, this program will do more damage to Gnutella than the RIAA could ever hope to.

And do we know who owns flatplanet?

Re:The Basics (of Paranoia)

[wierdo]

1214 Knights Krossing Cir. Apt 105b Orlando, FL 32817 US

Wow, next time I'm on the east side of Orlando, around UCF, I'll be sure to drop by and kick in the asshole's door. Wait, no, I won't do that, I'll just put a bug in his ear. (Do you know how painful that is?) That's it! That's what the punishment for spamming should be. Having a bug put in your ear and your hands tied behind your back for a night. Mmmmm...

-Nathan

Re:The Basics (of Paranoia)

[ScuzzMonkey]

Registrant:
Flat Planet, Inc. (FLATPLANET2-DOM)
1214 Knights Krossing Cir. Apt 105b
Orlando, FL 32817
US

Domain Name: FLATPLANET.NET

Administrative Contact, Billing Contact:
Alexander, Justin (JA7080) justinalexander@USA.NET
N/A
12124 Knights Krossing Cir. Apt 105b
Orlando, FL 32817
(407)362-2212 (FAX) (561)795-6548
Technical Contact, Zone Contact:
Howell, Scott (SH1012) showell@ADELPHIA.NET
Wallace Technology
9944 Gardens East Drive
Palm Beach Gardens, FL 33410
561-691-4410

Record last updated on 13-Jul-2000.
Record expires on 08-Nov-2000.
Record created on 08-Nov-1998.
Database last updated on 8-Aug-2000 19:41:10 EDT.

Domain servers in listed order:

MIA.WALTECH.COM 208.204.251.45
NS3.SUPERB.NET 207.228.226.5

Gnutella vs Spam

[TheBitPit]

An idea popped into my head as I was reading about the possible methods of filtering spam from Gnutella responses. Instead of sending a random series of characters that the spam software could easily detect using a dictionary lookup, search for some real music that you are not trying to download. Then filter all sites that responded to that request. For example if you want some classical music request a song by a rock group and then filter out all responses from sites that responsed the the rock group request.

OPENSOURCE GNUTELLA SPAMMER

[RWFresh]

Someone release an opensource spammer.That should cripple the marketing genuis behind flatplanet.net. Make a joke out of the stupid product of the year. A GNUTELLA spammer is like selling billboard space in the Sahara. rw

Re:Slashdot values

[ethereal]

I guess I was thinking more of spam than Gnutella ads in my original response.

They happen to be improving the visibility of their files by exploiting the network protocols, but that's their perogative; if you're going to say that "the rules of the game" are against that, then you'd better have a snappy explanation about why the rules of the game don't rule out child porn.

From the perspective of a Gnutella user (although I currently am not one) content (child porn, etc) is not the issue; labeling is. This Gnutella problem is the same as web sites that use keyword spam in their META tags to increase their ranking in search engines. In some cases it sounds like flatplanet isn't even going to provide a file, just and advertisement and a fake IP address. I'm not sure that you can call them "rules" since by design there is no central Gnutella authority, but the standards of the community are on the side of fairly representing the files which you are providing.

IMHO, anyone can provide anything on Gnutella with any name they want - ultimately there's no technical way to force them to adhere to truth in labeling standards. But on the other hand it's fair for the network users to develop a trust metric to help them separate out the wheat from the chaff. If that involves discarding search results from some clients or some networks, then so be it; it's not censorship to refuse to accept traffic from questionable parts of the net.

How to combat spam

[SolipsistX]

Gnutella is a tool, and like any other tool it can be used both for good and bad purposes.

There is a way to combat this kind of abuse. Ignore the ads. And be vocal about it. If customers of flatplanet find that gnutella users don't respond to such advertisements, they won't use flatplanet's product.

Of course there are a few issue with this. It doesn't cost much to use this system, so even if it draws in a few people, it will be justified to the advertisers. Also, in some cases where a product is selective advertised (Only on searches where certain keywords come up) it may be effective. Links to Brittney porn may go over well with people who search for her mp3. I also doubt it will be long before this program shows up on warez sites and people start using it to throw garbage and flame into the search result. I think this could end up being the biggest problem.

Ok, may be I mis-interpreted what Sharzilla is ...

[dustpuppy]

My understanding on visiting the site was that it would modify the title that you got when you searched for a particular file so that it could display advertisements. This would be in addition to whatever binary you were transmitting.

Of course, not that the site is semi-/.'ed, I'm having trouble re-reading that page to check ... sigh.

What the hell is wrong here??

[Dedman]

I submitted an article about gnutella and freenet, while there still was a freenet. This Sucks. \ | .\|,, \_/ Eatme, I taste like spam, I've had a good few years to degrade: Dedman

Blackholing spammers and their ISPs is key

[stuyman]

We've been dealing with the spammers for long enough with email to know what the solution is. We get filters in our gnutella clients alla procmail, which will eventually mature to the point where they can stop these morons. We can also implement something like MAPS RBL or ORBS (note:The little "disagreement" between them aside, it is a good idea) that will blackhole them from Gnutella by not taking traffic on their IPs. If they don't stop, you blackhole their ISPs. ISPs are *very* quick to respond to this sort of thing. a Usenet Death Penalty (UDP) has pretty much always solved the problem of uncooperative ISPs.

Re:Blackholing spammers and their ISPs is key

[wnissen]

Am I the only one who remembers what an incredible pain in the ass cancelbots, blackholes, crossposting filters, etc. are? It's a tremendous inconvenience, even more so on a completely distributed system where you have not just each site but each individual *user* to worry about. Does anyone really think that Gnutella spam filtering will be more effective than email spam filtering? ISP's have an incentive to block spam since it clogs up their bandiwdth and mail servers. Do they have any real reason to bother with Gnutella? Why would they care if a bunch of their file-stealing customers get bad results? I bet their bandwidth costs for the average Gnutella user are 10x that of their average customer. If people stopped using Gnutella, they'd be happy!

Walt

Spam without retaliation?

[SquidBoy]

From the FlatPlanet website:

Since the response to the search does not include any return address, ShareZilla uses Gnutella Net's natural anonimity to keep your home IP address from being discovered. This way you don't have to wory about any number of hack attacks, which can only be done once the hacker knows your home IP (sic)

This means ShareZilla allows anyone to spam, spam, spam in a (supposedly) undetectable way, free from retailiatory hackage.

However, there is a simple solution. There is one organization whose IP address we do know, www.flatplanet.com.

Re:Spam without retaliation?

[sambo99]

Actually when sharzilla connects to g-net, the gnutella client it connects to has its IP address....

Re:Spam without retaliation?

[SquidBoy]

Sorry www.flatplanet.net

so pass a law

[kaisyain]

So maybe all the libertarians on slashdot can lobby government to pass a law requiring people to not abuse META tags and other such things, because it is fucking with their freedom.

Re:Thank you for your response; please read mine

[skimmer]

I think you have the wrong idea on just exactly what the problem with this company is. The 'how' is very important, it is NOT the same as any other file. The 'how' is this: (quoted from their website)

What is ShareZilla?

"ShareZilla is a quick, cheap, and easy way to promote your products, services and web-sites across the latest and greatest thing on the Internet: Gnutella. ShareZilla intercepts every Gnutella search that comes across its network horizon and re-transmits an ad back to the person originating the request. In addition, ShareZilla can transmit an MP3 file (if that's what the user is requesting), or it can transmit a Movie, Text, HTML, VS, etc.

When the search originator sends out a request like:
"Strawberry Rhubarb Pie"
ShareZilla will return a string like this:
"WWW.FlatPlanet.Net - Strawberry Rhubarb Pie.mp3"

This is very useful if you're on the web to make money. If you're not on the web to make money, this is just a really neat way of finding out about the latest commercial press release about Strawberry Rhubarb Pie."

>The files are being placed on the Gnutella network just like any others.

As you can see, this is very much false. Before the search was sent, there is no file called 'Strawberry Rhubard Pie'. Since the distributed nature of Gnutella means that every search request gets passed through every user eventually, they can effectively respond to EVERY SINGLE SEARCH REQUEST OF EVERY SINGLE USER. This is doing much more than simply placing the files on the network.

I think the library analogy holds, at least in the most important respect. You request a file, you get something which looks like that file, but redirects you to another website. Or, in the simplest case, it just a blank book with the add in the title.

Filterning isn't the issue. To use your phone analogy, imagine if your OUTGOING calls, rather than taking you to the number you dialed, connected you to audio commercials. Of course, to be completely accurate analogy the call would somehow have to return both the commercials and the real number you were trying to reach.
The censoring or information is an entirely different issue, only somewhat sideways related to this. 'They' (being the users, as Gnutella is just a protocal) are trying to stop someone from hijacking all of the searches and the possible collapse of any useful traffic on the network as a result.

Not Gnu (sorry, couldn't resist)

[John+Jorsett]

I've been noticing quite a lot of, shall we say, 'unorthodox' activity on Gnutella the last month or so. Someone set up a server to respond to any search with an html page that auto-forwarded the unwary downloader to porn sites (some porn sites pay money for page-views that come from referrals, so probably this was someone doing it to make money). Someone else peridocially puts up a server that responds to searches with "SPAM GNUTELLA!" file references. I've also seen searches that came back with what amounted to spam messages ('make money fast') instead of what was asked for. The wild west lives.

Re:Since the site's slashdotted already...

[j+h+woodyatt]

ShareZilla is network abuse and Gnutella itself isn't? That's rich. (I'm one of those annoying gits who think that tcp/80 ought to be used for http and if you're running something other than http over that port, then you're abusing the network. Gnutella shouldn't let users bind below tcp/1024. It's that simple.)

About ShareZilla-- I'm laughing my sorry ass off. All those boneheads who were hyping Gnutella when it first arrived on the scene should have listened to us oldtimers who were telling you that, as an application protocol, it sucks rocks. You're getting what you asked for.

ShareZilla is only the beginning. I'm waiting for the real fun to begin when the blackhats start swinging their malevolent gaze around to it. If you want to prevent network abuse you have to design the network to resist tampering by abusers.

The Gnutella network is a child's toy. (And Jason, if you're reading this, you should read this and give me a call. I may have a hobby project for you.)

Re:Time to cut Florida off the 'Net.

[Jbrecken]

Will someone please explain to me what it is about Floridians especially that attracts them to shady business models?

Doesn't The Mouse own most of Orlando?

Re:It will go away pretty quick

[Ranger+Rick]

That's not the point. Sure, only one in 5,000 people will respond to an ad like that, but it costs so little to send out 1,000,000,000 messages that they'll do it anyways.

If it wasn't profitable for *someone*, there wouldn't be add banners and spammers.

:wq!

Gnutella is Broken.

[Elwood+P+Dowd]

The Gnutella protocol is elegant and broken. It can be corrupted by very few corrupt nodes. In order to defeat legal & corruptive attacks, we need a distributed *trust-based* file transfer system. Otherwise, we will fail. Now if only I could write readable code...
--

Flatplanet & Sharezilla

[Rupert]

There is a pretty good summary of how it works posted here, but since it's in reply to a low score post I thought it could do with a little more exposure.

<grumble>submitted this story yesterday</grumble>

--

Re:Ok, may be I mis-interpreted what Sharzilla is

[SlightlyMadman]

What it does is respond to any search it monitors by taking a file you have specified (probably a .mpg tv-style ad, or a .mp3 radio-style ad), renaming it so it contains the words of the search, and spitting it back to the person. If you put a .vbs file into it, hoping to spread a macro virus, it would still need to be named .vbs for someone to be able to execute it, and anyone who downloads and executes a .vbs file from an untrusted public forum deserves to have their hands cut off.

Since the site's slashdotted already...

[Deven]

I managed to fetch the text of the front page of the flatplanet.net website before it got slashdotted. Here it is:

What is ShareZilla?

ShareZilla is a quick, cheap, and easy way to promote your products, services and web-sites across the latest and greatest thing on the Internet: Gnutella. ShareZilla intercepts every Gnutella search that comes across its network horizon and re-transmits an ad back to the person originating the request. In addition, ShareZilla can transmit an MP3 file (if that's what the user is requesting), or it can transmit a Movie, Text, HTML, VS, etc.

When the search originator sends out a request like:
"Strawberry Rhubarb Pie"
ShareZilla will return a string like this:
"WWW.FlatPlanet.Net - Strawberry Rhubarb Pie.mp3"

This is very useful if you're on the web to make money. If you're not on the web to make money, this is just a really neat way of finding out about the latest commercial press release about Strawberry Rhubarb Pie.

What is Stealth Mode?

While running in stealth mode ShareZilla responds to search requests with a advertisement string, instead of a file. Since the viewer of the ad does not need to download any files (or viruses) to their system to get your ad across, ShareZilla takes the opportunity to scramble its home IP address and other identifiying data that would otherwise be necessary to download a file, or find out who and where you are.

Since the response to the search does not include any return address, ShareZilla uses Gnutella Net's natural anonimity to keep your home IP address from being discovered. This way you don't have to wory about any number of hack attacks, which can only be done once the hacker knows your home IP.

As I mentioned in my previous post, I consider this a clearcut case of network abuse. The very existence of this "stealth mode" is obvious evidence that they know how unscrupulous their actions are, but they clearly don't care...

Re:Since the site's slashdotted already...

[perky]

err. how about forcing search respondents ip to be published, thereby negating staethy running. Or am I missing something huge here?

Re:Since the site's slashdotted already...

[HiThere]

Missing something huge? I think so.
I consider the relative anonymity of gnutella to be more significant than it's current use. The solution to the imposter problem will probably be publishing a kind of signiture, a document signiture, as a kind of filter. That way instead of just requesting "a Strawberry rubarb pie recipe", one would need to ask, and filter it against the document checksum (which should be the first bytes transmitted). It it doesn't match, then abort the transmission. If it does match, then check the file using the checksum as a key, and only display/save the file if the checksum matches.

It might be better to have the file encrypted, and then use the "checksum" to decrypt it block by block, but there would need to be parity bits that would only allow decryption to proceed if the checksum matched the expected value. This would prevent forgeries from being received at the block level rather than requiring the entire file to be received before the forgery could be determined.

This has the cost that you must know more about what you are looking for. If you don't know the checksum and key, then it will be easy to slip forgeries into any anonymous channel. If you do, then it can be sufficiently difficult that it isn't worth the effort.

Slashdot values

[streetlawyer]

Child pornography -- INFORMATION MUST BE FREE!!!!

Stolen software -- INFORMATION MUST BE FREE!!!!

Stolen music -- INFORMATION MUST BE FREE!!!!

Stolen movies -- INFORMATION MUST BE FREE!!!!

Bomb-making instructions -- INFORMATION MUST BE FREE!!!!

but legal commercial advertisements? -- CENSOR THEM!!! CUT THEM OUT OF THE NETWORK!! FILTER THEM!!! CENSOR!!! CENSOR!! BASTARDS!!

Come on, isn't it just a little bit hypocritical?

Re:Slashdot values

[bornie]

"Child pornography -- INFORMATION MUST BE FREE!!!!"

I have never received any of that.

"Stolen software -- INFORMATION MUST BE FREE!!!!"

I have never received any of that.

"Stolen music -- INFORMATION MUST BE FREE!!!!"

I have never received any of that.

"Stolen movies -- INFORMATION MUST BE FREE!!!!"

I have never received any of that.

"Bomb-making instructions -- INFORMATION MUST BE FREE!!!!"

I have never received any of that.

"but legal commercial advertisements?"

I receive several of those every day.

Anyone see's the difference?

Re:Slashdot values

[rao]

Interesting. By equating unrelated transactions you have exposed a contradiction.

I have a few questions:

I receive junk mail in my mailbox. Since the USPS believes that "Information must be free". By extension, I conclude that the US government does so to. By the same logic, can people download music and movies and whatever they damn well please? Yes? No?

I like to listen to music. Can my neighbor play his stereo at deafening volume levels throughout the day?Yes? No?

People download music from web sites. Should people tolerate receiving .mp3 files in their mailbox when they didn't ask for it? Yes? No?

The point is this-
People don't want PUSH technology. They're tired of PUSH media such as television, radio, magazines and newspapers. The web is different. People like the freedom it provides. That's why they won't tolerate spam and banner ads. PUSH is anathema to the web. The sooner the PUSHers realize it, the better.

Finally- Nobody said these spammers can't put up their stuff on their web pages. They're free to do so.



-rao

Re:Slashdot values

[ethereal]

Nobody wants to censor advertisers - they are welcome to put up a web page with their advertisements for those who are interested. However, they aren't welcome to use my network to send me their content without my request (and neither are the publishers of those other types of content). Also, they shouldn't be sending me ads when I really requested music, for instance.

As a separate issue, I don't feel that the information necessarily wants to be free if it is copyrighted. It is a caricature to say that all /.ers feel that way - they are just the most vocal about their opinions.

Re:I like the idea, but it defeats the purpose.

[gwalla]

1. What would stop the MPAA or the RIAA from saying node x is sending out spam (in the form of "pirated" MP3z) and then having him disconnected from the net.
2. What's to stop the spambot from moving to another IP and declaring to everyone on the net that your node (the original complainer of the spam) is a bad apple and disconnected you from the net.
3. Think of the potential wide scale mischeif script kiddies could have.

If spam notices are signed, these problems magically disappear. Only accept notices from sources you trust.

---
Zardoz has spoken!

Re:moderate this shit down

[Eimi+Metamorphoumai]

If you can get there. I was comment #2, and it was /.'d then. Besides, if this company is scum, do we really want to be feeding their banner ads?

Oh, please

[Elvis+Maximus]

This looks to me like an extra large troll with fries on the side.

-

It goes like this...

[codemonkey_uk]

Some spammers have developed Gnutella client / node software that serves ads instead of what was asked for.

It can scramble the IP (return address) so that its users don't get "wacked" in revenge.

They are selling it to other spammers.

They know its "wrong" and that people will fight back, and they don't give a damn.

This may contaminate the gnutella filespace with junk, and "we" don't like that.

Thad

75 seconds and not marked "troll" yet?

[streetlawyer]

C'mon, moderators, make the satire complete! Do your duty!




streeetlawya, abusing the +1 bonus since 1999

Help!

[Kryffpi]

Ok. Gnutella seems involved...somehow.
Filtering of ShareZilla seems to be crucial to the story too.
This has what to do with advertizing (or porn)?

This article severely lacks any form of the instant gratification I, as a 21st century consumer, have come to expect. Am I (that is "we" - the slashdot readers) expected to reverse engineer the story oursleves?

Re:Help!

[steelhawk]

I think you were supposed to click the links and read for yourselves...

But now the flatplanet.net site got /.ed very fast... =/

--

Advertising in Gnuella a good thing?

[Grant+Elliott]

I was thinking about this just the other day. MP3's are here to stay and there's very little purpose in fighting them. What it comes down to is that we need a way to make the distribution of MP3's legal. It was suggested a while ago that the record companies distribute MP3's with advertisements embedded at the end of the song. The obvious flaw in this plan is that it would be way to easy to filter out.

What shoud probably end up happening is that programs like Napster and Gnuella will give the record companies free ad space in their software in the form of a banner bar at the bottom of the window. True, it could be filtered as well, but what would be the point? The vast majority of users would simply put up with it and happily download legal MP3's. At least the record companies would get something out of all this...

the question is

[Evro]

Who would buy anything from somebody lame enough to use this annoyance?

__________________________________________________ ___

Re:the question is

[Lt]

flatplanet doesn't care if ther user ever make money. As long as they sell a copy of Sharezilla.

preventing SPAM

[evanbd]

OK, I have been using the gnotella 0.73 client for a while now, and I like it's spam protection. While its not great, its akin to first-gen email spam filters. It helps. It currently has options to ignore vbs files, ignore htm and html files, and ignore flatplanet spam. not enough, but a start.

---

FlatPlanet are wrong - they can be banned

[Mike+Connell]

FWIW I wrote a gnutella clone in the early days, but I never got around to completing it. Back then, Gnutella itself wasn't too stable (TTL wraparound anyone?), and a lot of clone developers were sticking their creations on the net before they were (how shall I say it) properly debugged.

Anyway, as a consequence of this, I started collecting good/bad host information - I kept notes on the number of good (valid) and bad (invalid) packets coming in on every connection. Once the bad packets accounted for a certain percentage of the total packets, I said "fsck you" to the connection. Now note, it's not the node that you have the connection to that's creating the bad packets, it's just doing it's job in passing them around. What I was saying is "Hey, you're sending me junk - I don't care if it's not yours, I'm dropping you and talking to someone else". I would drop the connection, blacklist it for a few days, and start a new one instead. During the TTL wraparound time, whilst gnutella was totally unusable, my client was merely slow.

To get to the point: If every client allowed the user to say "this reply is spam", the route can be traced back (via MessageID) in the net to the clients that have a direct connection to the spambot. By creating a new (routed, so efficient) spam alert message, a client could be informed that one of it's neighbours was a spambot, and so (voluntarily) agree to both drop the spambot from the net *and* reply with the ip:port pair of the spambot, this could then be used to blacklist the ip:port pair for a limited time (again, voluntarily, per client).

Given that ip address are not yet (cf. ipv6) a dime-a-dozen, FlatPlanet would have to keep finding a new suply ip address blocks from which to attack.

I haven't kept up to date on gnutella development, but there must be a sizeable number of clones (with source!) by now. The major problem would be in moving people from the old unmodifiable Gnutella client, to a "new and improved" clone.

best wishes,
Mike.

Re:FlatPlanet are wrong - they can be banned

[Donavan]

I had also thought a public key system... Spam me and I inform all the other nodes that know and trust me not to trust packets with your sig...

Re:FlatPlanet are wrong - they can be banned

[evanbd]

I like it... but a few thoughts. You get the IP of the person responding in the packet directly, don't you? so just blacklist and send out a broadcast spam alert. Anything already on your blacklist is ignored, no alert. Then maybe if you get a certain number of SPAM alerts about an IP (5 or so?) you add it to your blacklist. Now, this opens a bunch of other problems for abuse. Maybe just temporarily blacklist on alerts, and have additional alerts continue it. Maybe only send a blacklist if you can successfully download the first 100 bytes to prevent IP spoofing. I'm sure there are other ways... I have other toughts, but I think the gnutelladev / gnutellang lists are a better place for them.

---

Re:FlatPlanet are wrong - they can be banned

[harmonica]

The original Gnutella client isn't the 'officially recommended' client anymore -- they now ask you to use Gnotella.

With the old client you couldn't restrict bandwidth or number of node connections, so it is a good idea to pick another one if you're connected for more than an hour.

And there is a ton of other clients, some with source.

This brings out interesting aspects

[omenoracle]

Of distributed file sharing. I never thought that things like gnutella would be torn apart by the internet community, instead of being legally hassled to death by the government(e.g. sued). Hmmm....to bad we can't excommunicate them.

Could there be GPL violations here?

[crisco]

Cause most of the gnutella clients are gpl'd, right? And they obviously wrote a version with the search stuff modified. So what are the chances that whatever they are selling is just modified GPL software. I mean, anyone that would generate spam would probably have no problems with the GPL, right?

Unless, of course, they are also doing this to point out some of the problems with the distributed system. Helluva way to point them out though.

More Insidious Than Spam is Harassment

[InitZero]

For a week in July, a pissed-off spammer returned
my email address as every gnutella response...

gnut> find anything
CURRENT RESPONSES
-----------------
1) email matt@steinhoff.net for kiddie porn and anything
216.10.33.21:6345 size:80.854M ref:84279680 speed:10000

I got thousands of email messages looking for

child porn and else
before I nailed the guy.

When the search is distributed, the abuse is
distributed as well.

InitZero

ahhhh, thank you

[streetlawyer]

I knew you wouldn't disappoint me.

Fun Project. . .DDoS people like that!

[heller]

Someone should write a gnutella client that sits and monitors all search results for urls & email addresses and starts a DDoS against those sites as they are detected.

Note: this is a sarcastic comment and i'm not actually encouraging anyone to perform any illegal acts.

** Martin

Gnotella has flatplanet spam filtering code

[aderusha]

Check out what is probably the best gnutella clone out there, with built in spam filtering:

http://gnotella.nerdherd.net/

Re:Whose moderation do you trust?

[Sloppy]

Then you have the problem of knowing which moderators to trust.

Trial and error.

---

Re:These assh*les deserver what they get

[evanbd]

DoS attacks, flatplanet.net would be a good place

aren't we already doing this? I mean, the site seems down due to slashdot... Just find something new about them every day or so, post a story, and voila!

---

Spamming/Filtering

[ibm1130]

One of the techniques used by the Spamsters seems to be word e.obfuscation by punctuation. Basically take a WORD and modify it so that it is still visually readable but uses spaces or unobtrusive punctuation to make it difficult to filter. For instance WORD W,O,R,D W,O.R'D ... Seems to me it should be possible to create a filter that counts punctuation in a subject header and filters anything with more that say # of any one type or a total of more than # of any type. Not perfect of course but it would complicate the lives of the spamming skunk-weasels and anything that accomplishes this is by definition a Good Thing.

The spammers have to reveal themselves in some way

[Moderation+abuser]

There's always some inherent weakness, for example, with email spam they have to harvest mail addresses in some way to build a mailing list to send spam.

The addresses they harvest can be poisoned using a spamido technique so that they waste their time sending spam to /dev/null all over the internet. A waste of my bandwidth, but not my time.

It's the spammers underlying weakness that should be exploited. A spammers strength and weakness are the same thing grasshopper.

I don't know anything about Gnutella but I'll bet that there are certain characteristics that can be used to make spam a waste of time.

Pardon my ignorance -

"Junkbuster for Gnutella?" Then I can create my own darn blockfile.

Re:Ad is what made internet big --- BAH!!

[trcooper]

Advertising is not what made the internet big. What made the internet big is the sheer numbers of people who have flocked to it. Advertisers have tried to take advantage of this influx of eyes, but from what I can see they haven't had a huge amount of success.

It would be valid to say that advertising exists on the internet because of its increased use. Not the other way around.

Internet advertising doesn't really work. People aren't clicking on those banners, and they plain don't like them. A text sponsorship link is going to get more click-thru's than the annoying animated banner that's pissing me off now.

Site that MUST survive off of advertising aren't going to make a profit. If you launch a site and expect advertising to pay the bills, think again. The site must be established before it can even come close to being supported by advertising.

Right now the majority of advertising on the 'net is being done by morons that have no clue what they're doing, like this ShareZilla thing. Advertising is an art, and it can't be successful unless it's well planned and executed.

Think about it, when you get a spam mail, see a banner, or download a dummy file, you're annoyed. Rarely do you want to annoy your customers. When you're watching TV and you see a good commercial, you aren't going to be annoyed. Hell, there's even sites like AdCritic that have commercials you can watch anytime, and people DO. You don't see anything (and you won't) with banner ads or spam mail.

Basically what I'm saying is there is not any real advertising being done on the internet. Right now it's just hacks spamming people, and saying that this made the internet big is just insulting. If anything it is hindering it's evolution.

Deception

[Hrothgar+The+Great]

The problem lies in the deceptive motives of people who come up with these types of programs. If whatever service they sell is not interesting enough to attract customers based on its own merits, they attempt instead to trick customers into reading about their service, with the hopes that a few of these accidental readers will be interested in what they have to offer. Trying to stick an ad in front of someone is fine with me; it's been done for a long time, but trying to disguise your ad as something entirely different? I think we have to draw a line between advertising and fraud at some point...

hashcash is the solution

I remember reading in the Publius white paper something about hashcash. Seems like it was a system in which a certain amount of CPU work was requred calculating some primes or somesuch in order to limit the amount of material that can be published. With something like hashcash in place, spammers would be required to have vast amounts of CPU power available in order to get the reach they wanted, thus neatly raising the price of entry. Gnutella has flaws, but they are avoidable in newer sharing protocols.

WE NEED BLOOOOOOOD!

[^_^x]

>;)

Why don't we just post a headline with a link to their site every day on /.? That should keep them down for at least a week. ^_^

Client changes

[LowneWulf]

Gnutella's next client:
Every search that has freeplanet keywords in it responds with a 65k ping to www.freeplanet.com

Of course spoof the source address. Anonymity works two ways.

These assh*les deserver what they get

[smartin]

I think that anybody that subverts stuff like this to force unwanted advertising down peoples throats deserve whatever anybody does to them. Not that I'm suggesting that anyone should :) but if the script kiddies need to practice their DoS attacks, flatplanet.net would be a good place to start.

Companies fake competitors' spam for their benefit

[evilandi]

Loads of people have commented along the lines of "well nobody in their right mind buys something because of a spam advert, so surely spamming will die off?".

They're missing the point.

Spam is frequently used by companies who put their COMPETITOR'S names and products on the spam adverts. Thereby their competitors get all the abuse and the original company looks holier-than-thou.

For some people, the bad customer reaction to spam is the whole damn point of spam. Bad press for your competitors is good press for yourself. If you can wind your competitor up in trouble by faking some spam- particularly if the originator is difficult to trace as per gnutella- then you win.

--

[OT]Re:Wonderful!

[wnissen]

I regard this post's parent and the replies to be fairly offensive. If /. is truly a discussion site and not a club, moderators should see this for what it is: harassment based on race.

Sorry for my rant,
Walt

Why pay 80 quid for it?

[grahamsz]

Much as i'm opposed to this product and company (flatplanet that is) I cant see why anyone would part with their cash for it.

The gnutella protocol is open now, and given the limited implementation I wrote of it (only search & download) in about 6 hours it's beyond me why anyone would actually purchase a product to deliberately destroy their brand name.

What I can see however is someone like [insertmonopolisticsoftwarecompanyofyourchoice] planting virus riddled versions of [insertmicrosoftofficeversionofyourchoice] to try and back their point that pirated software is of a lower standard than their own.

2 insdious functions

[stinkydog]

This product looks to have 2 modes of operation. 1> Returning a false search hit and allowing you to download an incorrect file. (The metallica mp3 you download turns out to be an anti-piracy jingle from the RIAA) This would work similary to the Cucko recordings being circulated by other souls. When you download you do get the IP address (which you can send to your neighborhood script kiddie for some DOS action) 2> Returning an add with the search results aka: Smell the Glove.MP3 Buy Dr. Stinkydog's special anti spam cream at WWW.goat.se Annoying? Yes but they do not have any files to serve (otherwise you get that IP address) I do not think this will end civilization as we know it but you never know.

Whose moderation do you trust?

[Tau+Zero]

So have some trusted authorities that moderate stuff - they don't have to be centralized...

Then you have the problem of knowing which moderators to trust. It's almost circular, but not quite. It also means that the next targets of the spammers will be the moderation services.

We're right back to the assertion that the most valuable service in the networked age is editting. The editorial services of the moderators are going to be the only things which make this searchable in any reasonable amount of time, and therefore give it value. The future, it is now.
--

Congradulations....

[Meridun]

... you've just designed a new script kiddie attack system.

Actually, you have a very good idea that would work well in a normal network. However, since a good weight of the gnutella network is based on anonymity, the idea of shared spam blackhole lists is one that is dubious at best. All it would really take is a small number of malicious users to start sending fake blacklist packets, and you would have a trust war with different machines reporting other machines as untrusted.

Gnutella is a wonderful idea, and some of the clients, especially gnotella are getting really good at filtering, but I think that filtering on an anonymous network MUST be done at the client level. If you get spam, drop the packets. But anything that requires trust between nodes CANNOT work with anonymity.

Disregard. Meant as reply to a thread.

[Meridun]

Disregard. Meant as reply to a thread.

Congradulations....

[Meridun]

... you've just designed a new script kiddie attack system.

Actually, you have a very good idea that would work well in a normal network. However, since a good weight of the gnutella network is based on anonymity, the idea of shared spam blackhole lists is one that is dubious at best. All it would really take is a small number of malicious users to start sending fake blacklist packets, and you would have a trust war with different machines reporting other machines as untrusted.

Gnutella is a wonderful idea, and some of the clients, especially gnotella are getting really good at filtering, but I think that filtering on an anonymous network MUST be done at the client level. If you get spam, drop the packets. But anything that requires trust between nodes CANNOT work with anonymity.

A better answer

[SaoSao]

I've been thinking about this one for a little while. (They've been doing this sort of crap ever since I started playing with gnuttella). I think the thing to do is have the client send out a random search string when it first starts off. Any responses to it should then be filtered out. Problem solved

Re:For those experiencing the "Slashdot Effect"

[heller]

Since the response to the search does not include any return address, ShareZilla uses Gnutella Net's natural anonimity to keep your home IP address from being discovered. This way you don't have to wory about any number of hack attacks, which can only be done once the hacker knows your home IP.

Uh. Presumably you're using this advertising method to drive people to something that is yours. Whether it's a website or an email address or a realworld place. . .which ever it is, that is still vulnerable to attacks. Are people really this dumb?

** Martin

Time to cut Florida off the 'Net.

[BigBlockMopar]

12124 Knights Krossing Cir. Apt 105b Orlando, FL 32817 (407)362-2212 (FAX) (561)795-6548

Will someone please explain to me what it is about Floridians especially that attracts them to shady business models?

I don't get it. But I do know that clearly half of my spam comes from Florida. (40% of it is from the other 49 states, especially southern states; the other 10% is from gross third-world nations.)

Geez, all I thought there was down there was blue-haired little old ladies from Binghamton who weren't strong enough to start the snowblower anymore.

I've got a nice pair of wire cutters. If someone tells me where the fiber is routed, I'll happily take 'em out at their borders.

New slogan

[Tau+Zero]

Hackers view advertising as noise, and work to filter it.
--

Same spam on slashdot as gnutella

[cvincent]

Just about every comment I see on /. has a sig with "MAKE MONEY SLOWLY" or "want a better job?" or someone with "shameless plugs" for their products. Most of them are links to posters sponsors...why complain about the crap the gnutella is getting when the problem is here too? Its disturbing to see nothing but ads when I am viewing peoples comments!

I like the idea, but it defeats the purpose.

[earache]

I understand your position, but would like to point a couple of issues with it:

1. What would stop the MPAA or the RIAA from saying node x is sending out spam (in the form of "pirated" MP3z) and then having him disconnected from the net.
2. What's to stop the spambot from moving to another IP and declaring to everyone on the net that your node (the original complainer of the spam) is a bad apple and disconnected you from the net.
3. Think of the potential wide scale mischeif script kiddies could have.

What about IP verification???

[TopShelf]

If I understand correctly, the spammer in Stealth Mode sends out replies to queries such as "www.spammer.org blah blah blah (your query)" with a false return IP address.

What if Gnutella had a built-in query verification step, something wherein each search result gets re-queried, as in "do you really have this file?"

Step 1: The query goes out

Step 2: A result comes back from IP address x.x.x.x

Step 3: A verification transmission is sent to x.x.x.x to confirm the presence of the file

Step 4: Upon successful verification, the file is displayed in the search return window.

Would this add to much new traffic to the network? I'd hope not...

hahahaha

[ChadM]

if any elite script kiddies are reading, think how funny it would be to DDoS www.flatplanet.net. "what?!?!?! you mean people are doing unethical things to US!!? i would've never seen it coming...."