Slashdot Mirror
Gnutella Vs. SPAM
darekana writes: "I know you've heard the quote: 'Every new medium will be used for sex.' Well, every new medium also appears to be used for advertising.
Gnutella vs. Flatplanet.net who will win?
From the 'ShareZilla' developers' mouths:
'When the fine folks at Gnutella find a way to filter ShareZilla, we will figure out how to get around their new filters. A subscription to ShareZilla entitles you to that new version of our software at no additional charge.' Beyond the $74.95 (US) initial charge that is."
Yup, using the spammers srength against them - Spamido. Static filtering ain't going to work.
I think I'd have the client check a few different searches and block anything that appears in all of them. Pass the information about the spammers to other clients as well maybe to make it more effective?
Government of the people, by corporate executives, for corporate profits.
Check out blocks http://www.kripto.org/blocks/, which recently appeared on freshmeat
In the blocks model, servers spin off into pods of 10. The 'blocks' of information are then routed through different pods, the origin IP and destination IP aren't known unless you have compromised all the pods in between.
An advantage of the pod model is that it would be easier to kill.spammers.dead pod A could voluntarily drop connections to adjacent pods if people in the pod B (the evil pod) has been feeding crap. pod A could trust adjacent pods that have been reliable in the past, they transmit a message to drop pod B from the loop and pod A does so.
A neat little system, and the cool factor is that multiple versions of the client could implement their own threshholds, filtering policies etc. You get organic filtering as the protocols that actually keep spammers out become the favored clients.
-spRed
disclaimer, I have no affiliation with blocks, and it has some protocol difficulties of its own. (but I do think it is on the right track)
.sig Karma out the wazoo, better to spend points elsewhere if this is above 2 or below 0
Sure, any filter approach will turn into an arms race as people come up with new ways of avoiding filters, and their opponents come up with new ways of catching them.
So have some trusted authorities that moderate stuff - they don't have to be centralized... For example, just like we have warez groups now that release stuff and crack stuff, we could have groups that test stuff out, make sure it's quality, and pgp sign it to give it a seal of approval.
Then, you could program your client to check for that signature on anything you download.
--
--
Mod up a post Rob doesn't like and you'll never mod again
Geez, all I thought there was down there was blue-haired little old ladies from Binghamton who weren't strong enough to start the snowblower anymore.
Are you kidding? We're the beating heart of the porno movie industry, baby!
Also, the primary import location for nearly every drug except marijuana. That, we just grow. 2nd would probably be the CIA's fields in Arkansas.
--
Besides, If you're downloading anything that has a filename like "MAKE MONEY FAST - WWW.SPAM.COM.exe", you deserve to be infected. In fact, you deserve to be shot.
.exe? .com is already an executable file under DOS systems.
Why the
Actually, though, it strikes me as very strange that there so few (in fact, none that I've heard of) file.com viruses that masquerade as URLS. It seems like a filed called "Go To Weirdxxx.com" would fool a lot more people than one called "Love Letter for You.vbs". I'm sure plenty of people have already thought of this, so - can anyone give me an explanation why it isn't seen?
"Beware he who would deny you access to information, for in his heart he deems himself your master."
Like any true spam promoter on the Internet, alas, they will most likely move their operations and continue with their unethical practices. :P
Thanks for reading, and not spamming,
Al Gordon
Sr. UNIX Systems Administrator
DSL.net, Inc.
http://www.dsl.net/
After spending two weeks playing with a limited-depth trust model for Gnutella, you come along with an idea that kicks my ass?!?! Why is this fair?!?!?
This is probably the best answer, snagging a large chunk of spammers and easy to implement, although I'd use comparitive lists of stuff, and not random words. Search once for Pink_Floyd-Have_a_cigar.mp3, then 'CIT coffee mug', then for 'The Phantom Menace', and finally 'K3w7 W4r3z d00d'. Blacklist anyone that responds to more than two.
.sig: Now legally binding!
You are Joe Cool-Hacker, a coder of such prodigious and long-standing skill you make Hiro Protagonist look like B1FF. You are invited to an expensive lunch by an oily but well-heeled guy who wants to discuss a project with you. After the initial pleasantries, Oily Guy gets to the point.
"I have an idea that's going to make millions, and I need someone to write it," says Oily Guy.
"And that is?" you reply.
"It's a new form of advertising."
"Uh...," you begin to say.
"Hang on, let me finish," Oily Guy insists. "It's not 'spam' like you guys like to call it. It's search-based. The ads are offered in response to legitimate searches from Gnutella clients. So unless the user initiates a search, they don't see anything."
You are dubious, but you remain cordial. "So the ads aren't sent unless the received search terms match ad's subject matter."
"Well, that's certainly a possibility," Oily Guy responds.
"What do you mean?"
"Well, the advertisers needs the ability to be as narrow or as broad as they wish. So they could respond only to detailed searches or, if they have a broad-appeal product, they could respond to everything."
"Everything," you deadpan, eyes fixed on Oily Guy.
"Yeah. Just like TV ads. A lot of times the ads have no bearing on the program, but they're still effective."
"Doesn't that diminish the value of the resource? I mean, if you opened the phone book to the plumbers section and got listings for sex clubs, doesn't that make the phone book useless?"
"This ain't a phone book. It's the Internet. And the real results will still be there; there'll just be a few ads in with them. It's not like this is illegal or anything. C'mon, there's tons of money to be made here. Aren't you interested in getting rich?"
At that moment, the server arrives offering fresh coffee. Do you:
The person(s) who wrote this software needs to be identified and blacklisted from further employment in our community. This kind of ethical bankruptcy must not be supported or allowed to continue.
Schwab
Editor, A1-AAA AmeriCaptions
It's not so much the what as the how. If someone were doing this with ANY OF THE CATEGORIES you mentioned -- making every search return an exact match to a renamed file which turns out to be child pornography or bomb making instructions every time -- you'd better believe they'd be taking the same heat, and rightly so. But of course, where's the money in doing that?
Legal commercial advertisements are fine, but this delivery method is NOT. They are not being censored. Imagine if you were looking for a book in a library, and you picked a few up and checked them out, only to find that although the cover looked like the book you wanted, ALL OF THE INSIDE PAGES WERE ADS. Imagine that this happened with every book in the library. You can see how this would piss people off no matter what was in the book -- the point was it's not what you requested.
flatplanet.net wrote a program which spams gnutella. When you perform a search for anything, the flatplanet program returns half a dozen results saying things like F.L.A.T.P.L.A.N.E.T.N.E.T. - [word you searched for here]. They sell the software that they use so that anyone can spam gnutella. Some clients have spam filters and are set to filter out flatplanet by default.
Gnutella users are distributing copyrighted recipes to make their own pink ham based luncheon meat, perhaps you've heard of the Open Sandwich Movement. If not, do a web search on Richard M. Stallham.
Hormel is suing Gnutella, and has a cease and desist order, saying they're losing sales and not recouping the immense amounts of R & D money they've spent creating such delectable ham based foods.
Critics of Hormel say that since SPAM has been around since WWII, they've long recouped their initial investment.
Thank you,
George
Hmmmm, is anyone else seeing the possibility to transmit macroes or virues this way?
First off, check "Jonathan Byron"'s reply. He summed up many of the points quite nicely.
But I just have to chime in, 'cause I recognise the address.
Knights Krossing is a notoriously shadey apartment complex directly across the street from the UCF campus, at the corner of Alafaya and University. I actually used to live about three miles west of there on University.
The complex caters to the least responsible of all the college students there. You rent a BEDROOM in an otherwise (poorly)furnished apartment. Each unit has four of these bed/bathroom combos, and you get paired up with roommates at random if you don't have a group of four. Utilities are included in the rent, but between the four of you, you still wind up paying about twice what it would cost if you were responsible enough to be able to pass a credit check and rent a house. But then, there's totally insufficent parking there, perhaps being right across the street from campus, mabye you make up for the price by not maintaining a car.
Basiclly Knights Krossing is (for the most part) where you get the 'rents/government to pay for you to live if college is simply 13-16th grade (or 17th or 18th as the case may be). I'm talking party central here. Any given night you can drive in there, park in a guest slot (or you WILL get towed) and find a kegger or five open to anyone who staggers up to the door (drinking age? what's that?). It is also where you go if you want to score weed or ecstacy or acid (or possibly something worse) and you don't want to head over to the bad part of town.
*LOTS* of dubious "business" deals go on there. From chem majors selling their cooked up batches of LSD, MDMA, and GHB, to CompSci majors running spam or porn sites (in at least one instance I know of, the FILMING of said porn was done in a Knights Krossing unit too). It's across the street from UCF, so there's bandwidth aplenty, both cable and dsl), and UCF does have a fairly good CompSci program (graduate, at least... undergrad classes are rathar lackluster).
Also, if you note the "technical" contact, you'll see "adelphia.com" adelphia is a notoriously WRETCHED cable company that, in Florida, just HAPPENS to employ a fair number of UCF grads.
Funny how it's such a small world after all...
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
I can't say I like it, but then again, I can't say anything bad about it either. If you want something to be completely anonymous, then you have to deal with everything that comes with that. Sure, you can copy MP3s and warez and whatever else anonymously, but anyone else can use it anonymously to advertise as well. People seem to think that anonymous is great because they can break any law and copy anything they want and can't get touched, well, these people think the same thing. So you get ads with your warez and illegal MP3s, that is something that comes with being completely anonymous. I don't like it particularly, but what they are doing isn't any more wrong than copying software, movies or music on gnutella (which is primarily what it is used for). But that won't stop people from screaming about it because it may inconvience them while they get things they should pay for for free.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
Kinda like eugenics for distributed file sharing . . .
I will be using justinalexander@usa.net for my spam address from now on, since Justin is such a big fan of spam.
I encourage you to join me.
(before you moderate me down, do a whois on flatplanet.net.)
Blacklists are a very good initial approach, but can be thwarted by the use of probabalistic responses. Basically, a SPAMMER would only reply to any given query with some small probability $p$. Then, using the approach of "random query, then real query" will let the SPAMMER through with probability $(1-p)p$. By setting $p=0.5$, the SPAMMER can still get through with probability $0.25$.
Of course, by keeping a cumulative blacklist based on $n$ prior "random queries," the probability of success for a SPAMMER will go down as $p(1-p)^n$. By using $p=1/(n+1)$, the SPAMMER can keep his probability of success above $1/(n+1)^2$. This is bad since practical $n$ is limited by the rate at which the SPAMMER changes his server's identity.
The upshot is that any blacklist-based system is guaranteed to let a lot of SPAM through if the SPAMMERS are adaptive (change identities) and many in number (more than $(n+1)^2$ where $n$ is the effective time constant of adaptation). Collaborative blacklists can increase $n$, but introduce significant trust issues since adversaries can start blacklisting legitimate sites.
Has anyone considered looking for buffer overflows in the ShareZilla code? send a targeted request for '0xFF, 0xFF' or what-have-you and watch the spam factory turn to Jell-o.
Nothing worth doing is worth doing today.
I've been noticing quite a lot of, shall we say, 'unorthodox' activity on Gnutella the last month or so. Someone set up a server to respond to any search with an html page that auto-forwarded the unwary downloader to porn sites (some porn sites pay money for page-views that come from referrals, so probably this was someone doing it to make money). Someone else peridocially puts up a server that responds to searches with "SPAM GNUTELLA!" file references. I've also seen searches that came back with what amounted to spam messages ('make money fast') instead of what was asked for. The wild west lives.
There is a pretty good summary of how it works posted here, but since it's in reply to a low score post I thought it could do with a little more exposure.
<grumble>submitted this story yesterday</grumble>
--
--
E_NOSIG
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
FWIW I wrote a gnutella clone in the early days, but I never got around to completing it. Back then, Gnutella itself wasn't too stable (TTL wraparound anyone?), and a lot of clone developers were sticking their creations on the net before they were (how shall I say it) properly debugged.
Anyway, as a consequence of this, I started collecting good/bad host information - I kept notes on the number of good (valid) and bad (invalid) packets coming in on every connection. Once the bad packets accounted for a certain percentage of the total packets, I said "fsck you" to the connection. Now note, it's not the node that you have the connection to that's creating the bad packets, it's just doing it's job in passing them around. What I was saying is "Hey, you're sending me junk - I don't care if it's not yours, I'm dropping you and talking to someone else". I would drop the connection, blacklist it for a few days, and start a new one instead. During the TTL wraparound time, whilst gnutella was totally unusable, my client was merely slow.
To get to the point: If every client allowed the user to say "this reply is spam", the route can be traced back (via MessageID) in the net to the clients that have a direct connection to the spambot. By creating a new (routed, so efficient) spam alert message, a client could be informed that one of it's neighbours was a spambot, and so (voluntarily) agree to both drop the spambot from the net *and* reply with the ip:port pair of the spambot, this could then be used to blacklist the ip:port pair for a limited time (again, voluntarily, per client).
Given that ip address are not yet (cf. ipv6) a dime-a-dozen, FlatPlanet would have to keep finding a new suply ip address blocks from which to attack.
I haven't kept up to date on gnutella development, but there must be a sizeable number of clones (with source!) by now. The major problem would be in moving people from the old unmodifiable Gnutella client, to a "new and improved" clone.
best wishes,
Mike.
Tales from behind the Lagom Curtain
For a week in July, a pissed-off spammer returned
my email address as every gnutella response...
gnut> find anything
CURRENT RESPONSES
-----------------
1) email matt@steinhoff.net for kiddie porn and anything
216.10.33.21:6345 size:80.854M ref:84279680 speed:10000
I got thousands of email messages looking for
child porn and else
before I nailed the guy.
When the search is distributed, the abuse is
distributed as well.
InitZero
"Child pornography -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Stolen software -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Stolen music -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Stolen movies -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Bomb-making instructions -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"but legal commercial advertisements?"
I receive several of those every day.
Anyone see's the difference?
Yes, it would, but unfortunately, life's not like that. The reason spam is so common, is that it works. It costs so little that you only need a tiny response rate to be making profit. There will always be clueless newbies with the "oh, that's an interesting offer, I'll go and have a look" attitude. From what I've heard, email spam currently gets around a 2% response rate. That's about the same as traditional bulk postal mail, but the costs are so much less that the profit margins are significantly higher. You or I wouldn't buy anything from a spammer, but enough people do that it's not going to go away any time soon.
"The invisible and the non-existent look very much alike." -- Delos B. McKown
It would be valid to say that advertising exists on the internet because of its increased use. Not the other way around.
Internet advertising doesn't really work. People aren't clicking on those banners, and they plain don't like them. A text sponsorship link is going to get more click-thru's than the annoying animated banner that's pissing me off now.
Site that MUST survive off of advertising aren't going to make a profit. If you launch a site and expect advertising to pay the bills, think again. The site must be established before it can even come close to being supported by advertising.
Right now the majority of advertising on the 'net is being done by morons that have no clue what they're doing, like this ShareZilla thing. Advertising is an art, and it can't be successful unless it's well planned and executed.
Think about it, when you get a spam mail, see a banner, or download a dummy file, you're annoyed. Rarely do you want to annoy your customers. When you're watching TV and you see a good commercial, you aren't going to be annoyed. Hell, there's even sites like AdCritic that have commercials you can watch anytime, and people DO. You don't see anything (and you won't) with banner ads or spam mail.
Basically what I'm saying is there is not any real advertising being done on the internet. Right now it's just hacks spamming people, and saying that this made the internet big is just insulting. If anything it is hindering it's evolution.
"Hackers view advertising as damage, and route around it."
I like that, I think I'm gonna quote you on that one.
I see this as a serial killer unleashed on the bootlegging community of Prohibition times. A large community of people breaking the law, but whose only real harm is that perhaps they're depriving companies of revenue. Now they aren't being arrested, but are instead being attacked by other citizens.
I'm not sure how the morality all works out in the end, but in the meantime, I think it's probably a bad idea to directly antagonize the hacker community. Sure, the majority of Gnutella's users are relatively ignorant mp3 and porn sharers, but it's a powerful Open Source networking tool, and has support from some skilled people. If flatplanet declares war on the Gnutella community, I'm betting on Gnutella in the long run.
Besides, how effective can the ads be? I know I would be less likely to buy from a company that was already antagonizing me and whose advertising was presented in the form of an attack.
The user does not have to download any files to see the advertisements. What this thing does is this: Say it hears a search for "blink 182 mp3", it returns something like "VISIT WWW.HOTXXX.COM FOR FREE PORN - blink_182.mp3" The file does not really exist, but it will show up in the user's search results nonetheless.
I've been thinking about this one for a little while. (They've been doing this sort of crap ever since I started playing with gnuttella). I think the thing to do is have the client send out a random search string when it first starts off. Any responses to it should then be filtered out. Problem solved
Am I the only one who remembers what an incredible pain in the ass cancelbots, blackholes, crossposting filters, etc. are? It's a tremendous inconvenience, even more so on a completely distributed system where you have not just each site but each individual *user* to worry about. Does anyone really think that Gnutella spam filtering will be more effective than email spam filtering? ISP's have an incentive to block spam since it clogs up their bandiwdth and mail servers. Do they have any real reason to bother with Gnutella? Why would they care if a bunch of their file-stealing customers get bad results? I bet their bandwidth costs for the average Gnutella user are 10x that of their average customer. If people stopped using Gnutella, they'd be happy!
Walt
What if Gnutella had a built-in query verification step, something wherein each search result gets re-queried, as in "do you really have this file?"
Step 1: The query goes out
Step 2: A result comes back from IP address x.x.x.x
Step 3: A verification transmission is sent to x.x.x.x to confirm the presence of the file
Step 4: Upon successful verification, the file is displayed in the search return window.
Would this add to much new traffic to the network? I'd hope not...
Stop by my site where I write about ERP systems & more
Nobody wants to censor advertisers - they are welcome to put up a web page with their advertisements for those who are interested. However, they aren't welcome to use my network to send me their content without my request (and neither are the publishers of those other types of content). Also, they shouldn't be sending me ads when I really requested music, for instance.
As a separate issue, I don't feel that the information necessarily wants to be free if it is copyrighted. It is a caricature to say that all /.ers feel that way - they are just the most vocal about their opinions.
Your right to not believe: Americans United for Separation of Church and