Slashdot Mirror
Gnutella Vs. SPAM
darekana writes: "I know you've heard the quote: 'Every new medium will be used for sex.' Well, every new medium also appears to be used for advertising.
Gnutella vs. Flatplanet.net who will win?
From the 'ShareZilla' developers' mouths:
'When the fine folks at Gnutella find a way to filter ShareZilla, we will figure out how to get around their new filters. A subscription to ShareZilla entitles you to that new version of our software at no additional charge.' Beyond the $74.95 (US) initial charge that is."
Yup, using the spammers srength against them - Spamido. Static filtering ain't going to work.
I think I'd have the client check a few different searches and block anything that appears in all of them. Pass the information about the spammers to other clients as well maybe to make it more effective?
Government of the people, by corporate executives, for corporate profits.
Like any true spam promoter on the Internet, alas, they will most likely move their operations and continue with their unethical practices. :P
Thanks for reading, and not spamming,
Al Gordon
Sr. UNIX Systems Administrator
DSL.net, Inc.
http://www.dsl.net/
After spending two weeks playing with a limited-depth trust model for Gnutella, you come along with an idea that kicks my ass?!?! Why is this fair?!?!?
This is probably the best answer, snagging a large chunk of spammers and easy to implement, although I'd use comparitive lists of stuff, and not random words. Search once for Pink_Floyd-Have_a_cigar.mp3, then 'CIT coffee mug', then for 'The Phantom Menace', and finally 'K3w7 W4r3z d00d'. Blacklist anyone that responds to more than two.
.sig: Now legally binding!
You are Joe Cool-Hacker, a coder of such prodigious and long-standing skill you make Hiro Protagonist look like B1FF. You are invited to an expensive lunch by an oily but well-heeled guy who wants to discuss a project with you. After the initial pleasantries, Oily Guy gets to the point.
"I have an idea that's going to make millions, and I need someone to write it," says Oily Guy.
"And that is?" you reply.
"It's a new form of advertising."
"Uh...," you begin to say.
"Hang on, let me finish," Oily Guy insists. "It's not 'spam' like you guys like to call it. It's search-based. The ads are offered in response to legitimate searches from Gnutella clients. So unless the user initiates a search, they don't see anything."
You are dubious, but you remain cordial. "So the ads aren't sent unless the received search terms match ad's subject matter."
"Well, that's certainly a possibility," Oily Guy responds.
"What do you mean?"
"Well, the advertisers needs the ability to be as narrow or as broad as they wish. So they could respond only to detailed searches or, if they have a broad-appeal product, they could respond to everything."
"Everything," you deadpan, eyes fixed on Oily Guy.
"Yeah. Just like TV ads. A lot of times the ads have no bearing on the program, but they're still effective."
"Doesn't that diminish the value of the resource? I mean, if you opened the phone book to the plumbers section and got listings for sex clubs, doesn't that make the phone book useless?"
"This ain't a phone book. It's the Internet. And the real results will still be there; there'll just be a few ads in with them. It's not like this is illegal or anything. C'mon, there's tons of money to be made here. Aren't you interested in getting rich?"
At that moment, the server arrives offering fresh coffee. Do you:
The person(s) who wrote this software needs to be identified and blacklisted from further employment in our community. This kind of ethical bankruptcy must not be supported or allowed to continue.
Schwab
Editor, A1-AAA AmeriCaptions
It's not so much the what as the how. If someone were doing this with ANY OF THE CATEGORIES you mentioned -- making every search return an exact match to a renamed file which turns out to be child pornography or bomb making instructions every time -- you'd better believe they'd be taking the same heat, and rightly so. But of course, where's the money in doing that?
Legal commercial advertisements are fine, but this delivery method is NOT. They are not being censored. Imagine if you were looking for a book in a library, and you picked a few up and checked them out, only to find that although the cover looked like the book you wanted, ALL OF THE INSIDE PAGES WERE ADS. Imagine that this happened with every book in the library. You can see how this would piss people off no matter what was in the book -- the point was it's not what you requested.
Hmmmm, is anyone else seeing the possibility to transmit macroes or virues this way?
I can't say I like it, but then again, I can't say anything bad about it either. If you want something to be completely anonymous, then you have to deal with everything that comes with that. Sure, you can copy MP3s and warez and whatever else anonymously, but anyone else can use it anonymously to advertise as well. People seem to think that anonymous is great because they can break any law and copy anything they want and can't get touched, well, these people think the same thing. So you get ads with your warez and illegal MP3s, that is something that comes with being completely anonymous. I don't like it particularly, but what they are doing isn't any more wrong than copying software, movies or music on gnutella (which is primarily what it is used for). But that won't stop people from screaming about it because it may inconvience them while they get things they should pay for for free.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
I will be using justinalexander@usa.net for my spam address from now on, since Justin is such a big fan of spam.
I encourage you to join me.
(before you moderate me down, do a whois on flatplanet.net.)
Has anyone considered looking for buffer overflows in the ShareZilla code? send a targeted request for '0xFF, 0xFF' or what-have-you and watch the spam factory turn to Jell-o.
Nothing worth doing is worth doing today.
I've been noticing quite a lot of, shall we say, 'unorthodox' activity on Gnutella the last month or so. Someone set up a server to respond to any search with an html page that auto-forwarded the unwary downloader to porn sites (some porn sites pay money for page-views that come from referrals, so probably this was someone doing it to make money). Someone else peridocially puts up a server that responds to searches with "SPAM GNUTELLA!" file references. I've also seen searches that came back with what amounted to spam messages ('make money fast') instead of what was asked for. The wild west lives.
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
FWIW I wrote a gnutella clone in the early days, but I never got around to completing it. Back then, Gnutella itself wasn't too stable (TTL wraparound anyone?), and a lot of clone developers were sticking their creations on the net before they were (how shall I say it) properly debugged.
Anyway, as a consequence of this, I started collecting good/bad host information - I kept notes on the number of good (valid) and bad (invalid) packets coming in on every connection. Once the bad packets accounted for a certain percentage of the total packets, I said "fsck you" to the connection. Now note, it's not the node that you have the connection to that's creating the bad packets, it's just doing it's job in passing them around. What I was saying is "Hey, you're sending me junk - I don't care if it's not yours, I'm dropping you and talking to someone else". I would drop the connection, blacklist it for a few days, and start a new one instead. During the TTL wraparound time, whilst gnutella was totally unusable, my client was merely slow.
To get to the point: If every client allowed the user to say "this reply is spam", the route can be traced back (via MessageID) in the net to the clients that have a direct connection to the spambot. By creating a new (routed, so efficient) spam alert message, a client could be informed that one of it's neighbours was a spambot, and so (voluntarily) agree to both drop the spambot from the net *and* reply with the ip:port pair of the spambot, this could then be used to blacklist the ip:port pair for a limited time (again, voluntarily, per client).
Given that ip address are not yet (cf. ipv6) a dime-a-dozen, FlatPlanet would have to keep finding a new suply ip address blocks from which to attack.
I haven't kept up to date on gnutella development, but there must be a sizeable number of clones (with source!) by now. The major problem would be in moving people from the old unmodifiable Gnutella client, to a "new and improved" clone.
best wishes,
Mike.
Tales from behind the Lagom Curtain
For a week in July, a pissed-off spammer returned
my email address as every gnutella response...
gnut> find anything
CURRENT RESPONSES
-----------------
1) email matt@steinhoff.net for kiddie porn and anything
216.10.33.21:6345 size:80.854M ref:84279680 speed:10000
I got thousands of email messages looking for
child porn and else
before I nailed the guy.
When the search is distributed, the abuse is
distributed as well.
InitZero
"Child pornography -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Stolen software -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Stolen music -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Stolen movies -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"Bomb-making instructions -- INFORMATION MUST BE FREE!!!!"
I have never received any of that.
"but legal commercial advertisements?"
I receive several of those every day.
Anyone see's the difference?
"Hackers view advertising as damage, and route around it."
I like that, I think I'm gonna quote you on that one.
I see this as a serial killer unleashed on the bootlegging community of Prohibition times. A large community of people breaking the law, but whose only real harm is that perhaps they're depriving companies of revenue. Now they aren't being arrested, but are instead being attacked by other citizens.
I'm not sure how the morality all works out in the end, but in the meantime, I think it's probably a bad idea to directly antagonize the hacker community. Sure, the majority of Gnutella's users are relatively ignorant mp3 and porn sharers, but it's a powerful Open Source networking tool, and has support from some skilled people. If flatplanet declares war on the Gnutella community, I'm betting on Gnutella in the long run.
Besides, how effective can the ads be? I know I would be less likely to buy from a company that was already antagonizing me and whose advertising was presented in the form of an attack.
I've been thinking about this one for a little while. (They've been doing this sort of crap ever since I started playing with gnuttella). I think the thing to do is have the client send out a random search string when it first starts off. Any responses to it should then be filtered out. Problem solved
What if Gnutella had a built-in query verification step, something wherein each search result gets re-queried, as in "do you really have this file?"
Step 1: The query goes out
Step 2: A result comes back from IP address x.x.x.x
Step 3: A verification transmission is sent to x.x.x.x to confirm the presence of the file
Step 4: Upon successful verification, the file is displayed in the search return window.
Would this add to much new traffic to the network? I'd hope not...
Stop by my site where I write about ERP systems & more
Nobody wants to censor advertisers - they are welcome to put up a web page with their advertisements for those who are interested. However, they aren't welcome to use my network to send me their content without my request (and neither are the publishers of those other types of content). Also, they shouldn't be sending me ads when I really requested music, for instance.
As a separate issue, I don't feel that the information necessarily wants to be free if it is copyrighted. It is a caricature to say that all /.ers feel that way - they are just the most vocal about their opinions.
Your right to not believe: Americans United for Separation of Church and