Slashdot Mirror
Peer-to-Peer Goodness
Masem writes "ZDNet is reporting on two products that are based off the peer-to-peer sharing idea that Napster made popular to release two useful tools to the community. First, "Rumor" is a p2p program that helps to spread the updates to virus protections programs by having each client on an intranet act as a p2p node, reducing the load on servers and speeding the distrubtion of the update. The second new program called "Groove Transceiver", designed by Ray Ozzie of Lotus Notes fame, acts like an extended AIM client, allowing large groups of people to communicate as a whole, but without the need for something like an IRC server. It's good to see potentally useful programs attributing their success to the Napster model - hopefully they will help with further defence of it.
"
with icq being owned by AIM, maybe it is time for a new alternative to aohell...hopefully, this new IM won't be bogged down with advertisements...
How Jaded Are You?
Unfortunately I think the Napster model is out... too easy to lay blame... But, distributed peer to peer like Gnutella...not scalable enough and no clean interfaces... I think if anything like Napster comes around again it's gonna survive using a subscription model... nothing else will really hold sway.. I wish it did work...but hey...you know what a wish is worth..
"Helping to keep you two steps ahead of the Thought Police!"
p2p sharing of mp3 files is one thing, but sharing executable files is absolutely inexcusable. the potential for trojans is staggering, unless there is a central source for a key and signature.
I wonder how long it is going to be before someone hacks the distributed anti-viral updates so it spreads a nice and mallicious trojan.
Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
... is such a dangerous thing though. How long will it be until some secretary or executive type gets a bogus e-mail virus warning and sends out the virus "update" that ruins everyones computers?
"An American Voting for Bush is like a Chicken voting for Col.Sanders"
So what's the point? The point is, the distribution sites don't get slashdotted.
the napster model, you dumb fucks. peer-to-peer networking has been around for fucking years. watch less TV.
Leading the partnership for a Slashdot-Free Slashdot, Son of Dog
... isn't spreading AV updates through insecure nodes a BAD idea? I thought the point of those is that you want them to be secure and good, not themselves compromised!
Its bad enough that theoretically someone with an important enough of a router could screw with stuff as it is being downloaded, I don't want this to be too easy...
IBM had PL/1, with syntax worse than JOSS,
And everywhere the language went, it was a total loss...
before some enterprising individual writes a virus to exploit this, say, automatic sharing of updates to virus protectors? Say, removing the signatures of certain virii? Or possibly, hell, just turning the protector itself into an infector?
/msg over irc now. But usually it's on a private server, and the nut-kicking principle can apply. Not so if everyone is suddenly a "peer".
As for distributed conversations, unless there's some strong crypto in there, not to mention good anonymization of the packets, I sure wouldn't want to discuss anything private, since any old schmoe with a little know-how along the conversation path would be able to read all about whatever I was discussing.
Yes, I
What I'd prefer to see is something similar to the cypherpunk remailer networks for irc, something akin to onion routing or somesuch. Probably too much overhead though, and living in the States, I couldn't even work on it and release it.
--
It's pretty pathetic when karma can drop when you do nothing
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
This Link on Yahoo, has some interesting quotes on the inspiration behind Groove.
I smiled at the quote about EverQuest...
Burris
A way for groups of people to communicate online in real time! For only $50-$100 per seat! Wow!!! The world will never be the same! I'm so glad to live at the turn of the millennium where we have such radical new technologies.
Include concepts from the Eternity Service and you could make a real good case for adopting this tool in an environment where The Powers That Be decided to adopt a monolith document repository system or a centralized email system that seem to be down way too much.
How soon before we see an open source version?
Ignoring the obvious stuff about hax0red antivirus updates...
Groove looks pretty cool. First the bad news: Right now it's Windows-only, the protocols are undocumented, and there may be patents involved. But the good news is that these guys seem to have a good attitude. They're definitely in it for the long haul, actually thinking their design through (unlike Napster, Gnutella, etc.), and putting in security that would make a cypherpunk proud. And they're promising to release protocol docs so that other apps can interoperate with it.
This interview at the O'Reilly Network seems to have some interesting technical bits.
I had at least made it to the minimum requirements section. PII, 50MB for applications, 150MB for data? I thought ICQ 99 and ICQ2000b were fat bloated blimps...
But then it is supposed to be more/different than ICQ/AIM or the P2P flavor of the month. Somewhere I saw it described at NetMeeting on steroids. The Next Generation of Groupware. I'm not exactly sure what it is supposed to be, the few pages of the site that I could get to download weren't exactly descriptive.
Still, I wanna check it out, even if it just becomes more trash clogging up my Windoze Registry. Mainly cause I've got assorted projects spread across the world with mainly Windows Users (must... resist... temptation... to insert L there) to deal with. Anything to make it easier. So, UH, anyone played with it yet? Or should I listen to that little (BSD) devil on my shoulder saying "200MB? you should know it will suck regardless of who designed it. STICK TO EMAIL"
Bleh!
These websites also have that story:
, 00.html?tw=wn20000729i cleID=18579
http://www.wired.com/news/technology/0,1282,37874
http://www.crn.com/sections/News/top_news.asp?Art
err, yeah... let me write my own virus def file and then spread it around. it'll include portions of 'win.com' and the office package, so that they are scanned and deleted like the viruses they are. :)
eudas
Blessed is he who expects the worst, for he shall not be disappointed.
So all I have to do is submit my virus to this, and infect my intranet?
I'll pass, thanks anyway.
--
I'm surprised that I haven't seen something like this for the warez and iso scene. Of course with the large file sizes, it's not nearly as effective as napster.
One, I know I've played with that update model. Two, didn't we discuss the peer-to-peer update on a old Ask Slashdot? Or mabye it was an article on DDOS..
I hope they have patented it, cuz some lawyer is going to have fun talking to me!
.sig: Now legally binding!
For one, it was dog slow. My usage was on a celeron 333 with 128 megs of ram on win2k, and it felt quite sluggish. Whenever you want to add more modules or different shared spaces, you need to download them from the Groove servers, update your software, and pray that the other person you are Grooving with has the module. It was quite slow.
Often, I could not connect to other Groove users. This is, of course, to be expected from a beta test, but it was frequently not allowing me to communicate at all with others on Groove. And even on my 384 k dsl line, the VoIP was quite bad.
That being said, I think that Groove is a kick-ass product. The idea is really cool and I believe they are intending to do (at least for a consumer product) branding with Portals and major media names. The idea that the company is just giving out suggestions for how to use it seems promising...they are letting the users (corporate and consumer) figure out how Groove can be a "killer app". Although it seems wasteful, I think they are planning on skinning capabilites so that you could have a "Matrix 2" skin and talk about the Matrix movies with your friends, or a Pepsi skin, and whatnot.
Did I mention it was slow?
Since the announcement today, the servers have been completely bogged down. I imagine this is from all the press they are getting. Anyway, try to get it. I think its cool, just slow... Oh yeah, its win32 only, but my employee friend told me they have MacOS X and Linux in the works...
I dont have a
I have no idea how this might relate to other P2P applications, but it seems like IP Multicasting solves these 2 problems in a more scalable fashion - too bad it hasn't taken off...
>> The Christian religion has been and still is the principal enemy of moral progress in the world.
Simply attributing a declarative like this to some famous name is not proof. At best it is argument by authority. Where are your arguments? What line of logical reasoning leads you to such a dim-witted statement?
Ok, this is flamin' when I shouldn't, but - where are your brains? It's a sig that presents a small portion of someone's beliefs. Considering a /. sig has a limit of 120 characters, I'm fairly certain that the person in question wasn't going to add a paragraph, or even a 50 page paper on the subject. And if he did, you'd probably flame even harder that he took up your precious bandwidth doing it.
It's definitely not a discussion relating to P2P networking in the context of the original /. article which was presented for discussion. Neither is my comment, of course ;-)
PS: Didn't say I agreed or disagreed with the comment, but, I didn't bother to save my karma by posting as an AC either ;-)
Davis Ray Sickmon, Jr - looking for something to read? Check out my three free novels at MidnightRyder.org
The files distributed are not binaries, and are signed. If you can't trust the AV update software to compare signatures, then it doesn't matter where the file came from. Furthermore, the most damage an invalid AV rule can do is give a false positive and cause an uninfected file to be..."cleaned". You do back up your workstations, don't you?
Right?
From the article's description (given ZDNet is not exactly a bastion of accuracy), this "Groove Transciver" thing sounds an awful lot like Hotline, which has been around for quite a while now.
----
Life if possible, art at any cost.
anyone here heard of digital signatures? come on guys.. think about it for a minute. this is no less risky than downloading an update off a webserver, infact probably more secure because you can verify the sig and make sure it can from a non-web accessable (and therefore non-externally-crackable) source (such as a vault). cracked webservers are a dime a dozen.. try messing with a DSA sig. basic encryption here folks.
- The only viable solution to the virus problem is a secure machine (OS and apps). Anti-virus software is to computer security as an automatic sentry gun is to home security. It does more harm than good, no matter how well it's administrated.
- So now the virus writers can check their virii against the latest definitions without even hitting the main servers? They'll appreciate that.
:)
- Why make a different app for sharing of each kind of file? Why not a single distributed master-less network with distributed trust and market-based load balancing that is content-agnostic? (MojoNation)
p2p group messaging:- Oh great, another way my friends who've just discovered the internet can bug me.
- Why just text messages? Why not extend existing protocols to be peer2peer broadcast rather than simply point-to-point? Oh wait, we have that already. It's called EMAIL.
- What's wrong with a MUD (or MOO)? Is it so hard to run one or find a friendly one? I don't seem to have any trouble...
Looks like more attempts by TheMan(tm) to capitalize on and control the one thing He can never completely own.If you read it you would know that the files are authenticated by them before you download them.
All the little hacker kids out there really need to open their eyes to what myCIO has done with their implementation of p2p. Though Rumor supports the same acronym as Napster, they're very different.
/stated in the article/, Rumor uses token level authentication. As a network admin, Rumor's implications on a pure technology level intruiges me. No longer do I have to manage 450 desktops which each must go out onto the Internet to grab antivirus dat files. Instead, I spend a significantly smaller amount of time managing one SINGLE access point. Much more secure/efficient, and it gives me more time for Quake. ;)
First off, application/enterprise p2p is Intra-p2p, not extra. That means that all p2p file sharing is done inside your network, behind your firewall. Additionally, as
And Kudos to myCIO for developing Rumor as an application indepedent technology. From perusing their website, they offer everything from at-the-gateway virus scanning, desktop virus scanning, VPN, firewall... One can only hope that they can integrate all these services into a single p2p platform. What I'd give to manage all my security measures from a single access point and control console.
And to anyone who mention sharing of executables... go back to a refresher CS course. ZDNet's right. Implemented correctly, Intra-p2p could possibly be the wave of the future.
~SunRunner~
Aren't the described applications closer in their workings to things like gnutella?--considering that they are not based on a central server and all--and as far as the chat client goes---you can do that with gnutella now!--just take a look at the search monitor window!
;-}
Slackware: old school feel, new school gear.
And I can't help but think some of this is just to 'cash in' on the big p2p frenzy these days.
Gimme a break. p2p is *old* technology, not new. It's using p2p in a large, distributed fashion that is new.
As a distribution model, this might seem neat. It also could be considered distributed caching, or something like freenet.
Really, as an organization, I have no problems haveing my few hundred or thousand users grab virus updates off a central server; how is having them fetch it off their neighbors somehow better? In certain network architectures, this may work better.... but really.
Instant messaging? You mean like... talk in unix?
Certainly, there is an application for instant messaging. Part of the centralized nature of instant messaging is so peopel can find each other; with a slight bit more effor,t ICQ woudl not NEED a server.. but that's too much work for joe average to do. Heck.. most of the reason for the central server is due to dynamic IP addressing anyway..
Would P2p gaming work? I'm tired of not being able to play Cstroke/TFC/Quake because of goofy server hang-ups. Or would this just be a cheaters' haven?
I'm disappointed. I want p2p emacs. Not a text editor, but I want a p2p base that's open source and as powerful as emacs. Then we could all write our own MUDs or chat services or encryption services, file fiddling, or whatever the heck we feel like on this solid p2p base. And then I can browse .el files or
something to download new p2p plugins.
Hopefully in all the hype one of the p2p lemmings will come up with something more original and useful, rather than just another for-the-money p2p Valley play.
The project is a cross between a peer-to-peer client network and a centralized server network. Clients use their resources to enable crawling the Internet and then report back to a central server which will serve up searches for the public. Web administrators will want to run the client to enable auto indexing of the sites they host on their servers.
We should have a client ready sometime in November, so be sure to check back with us then.
The site is located at http://www.grub.org
Kord
http://sourceforge.net/projects/hum anc asting
Humancasting is an open source attempt to tap into the processing power of desktops to enable individual broadcasting to a large audience, please take a look.
--
DigitalContent PAC
OliverWillis.Com
An Operative with an Agenda
Speaking as someone who has to use Notes every day, I'd like the programmers responsible for Notes to keep their new projects to themselves. :-)
Please.
Ray Ozzie started Groove in 1997, pre-Napster. Technology like this doesn't get written overnight. Saying that this is "cashing in" on the Napster P2P frenzy is ridiculous.
First, read the O'Reilly interview with them. Some decent ideas there.
Second, after downloading it and playing around a little bit it has some intriguing features. I'm going to play more. I'm reccomending to other people to try playing with it too.
Bleh!
Why would anyone need virus protection software? Does anyone else besides me get sick of the idea that computers are innately susceptible to virii? The whole concept is so absurd, and yet so ingrained into our subconscious.
Question, is the Groove Transciever Open Source etc? I know that many OS MMORPGs are basing a large part of their servers off of IRC servers. If this technology is freely available, then the expensive server end of OS MMORPGs may have a very valid workaround that would remove an almost prohibitive cost from the system.
So far I've gotten all my Karma from telling people they are wrong... :)
If you can get one of the little DDOS wariors on that Groove thing, this will be a fast and extremely effective way to attack.
Oh.. about encryption. Yeah the files will be signed, whatever. But all it takes is to compromise the originating host. (The anti-viri providor host) or the host that provides public keys then it can propagate from there.
getting any executables is a bad idea.
would you have gotten it if he included tags?
Agreed hopefully eiter freenet or something like it will provide some basic fuctionallity. I would like to see distributed anonymous p2p emoney
This is my sig, exciting huh!
I downloaded groove (after wading through multiple failures of their NT web server) and played with it for 1/2 hour. In its current form, the UI appears as a organizing shell with several applets. The applets operate cleanly, but with limited functionality. (The notepad is can display multiple fonts). All of the applets are "live" spaces that update ~real time on everbodies screen who is viewing that particular applet. The applets include:
notepad
browser(with bookmarks)
outliner
forum
chat
sketchpad
calendar
contact manager
file repository
(and more)
Applets can be organized into collections, which are appropriate for a task (like organizing a meeting or presentation)
Pluses: The eye candy is pleasent. The secure shared workspace is a good thing, the kind of thing that engineering groups need. (Certainly mine does)
Minus: I didn't see anything in the way of different permission levels. I would think that that should be built into the framework itself. Also, the shell permits multiple copies of an applet to be added to a workspace, to allow, say, different topics to be discussed. These instances can be named, and are accessed via tabs like a multipage spreadsheet. I don't see how this would scale beyond 20 pages. So I don't see enough hierarchy in the system to handle life size projects. Even if multiple workspaces are used, I didn't see any hierarchy there either.
I have seen a lot of tools which seemed really useful until the number of items being managed exceeded what would fit on a page.
I like the concept, I like the attitude, I plan to get some of my co-workers to play with it, but it needs more in the way of content management.
I agree, it's very good to see new, innovative applications built on a p2p model. However, this will NOT help Napster because these programs are not Napster-like! These programs are true p2p, whereas Napster is only pseudo-p2p. The term Napster-like is very nice because EVERBODY knows what Napster is, so if you say "Napster-like" everyone knows what that means (or at least, they think they do). An illustration of why this is misleading:
Napster looks like this:
client <--> Napster-server <--> client
True the server is only involved in the initial phase of a transaction, acting as the "negotiator" of a file-sharing session; once the two clients are talking the server drops out. But the server is, BY DESIGN, involved in every client-to-client session, and you can never have a client that is more than once removed from the server (i.e. no client can turn around and act as the server to another client, and the chain is never more than two clients long).
By contrast, a true peer-to-peer implementation is "smooth" - that is, all the nodes are clients. So it looks like this:
client <--> client <--> client <--> client <--> ...
If there is ANY server involved (which must be the case with Rumour, though not with Groove), it is at the END of the chain:
server <--> client <--> client <--> client <--> ...
Thus one client talks to the server and then shares that information with other clients, which share the info with other clients... In reality the "chain" I've drawn is actually a tree, but the topology isn't important. The important point is that most of the clients NEVER talk to the server, whereas with Napster every client MUST talk to the server!
The terms "server" and "client" are themselves ambiguous, but that's at least partially the fault of trying to force an apricot (Napster) to be an orange (p2p)! In Napster, what I have called the "server" is more of a broker between "clients" (user's computers). One of the clients acts as a "server" in each transaction, in the sense that it's serving files out, but no client can serve files to another client without going through the Napster server/broker. So it only makes sense to call the machine/site that brokers EVERY single session the "server". In the "true" p2p model the server (if there is one at all) acts in the more traditional sense (serving files), but is not generally involved in any given transaction.
And, of course, there's the small point that neither chat (ala AIM, ICQ, or NetMeeting) nor virus-information-file sharing involves potential copyright infringement. Chat's pretty self-explanatory, and virus info is "safe" because you still have to have a working copy of the anti-virus engine in order to use it.
I defy anyone to present a good reason why any of this should HELP Napster's defence(sic).
Maybe the latest p2p apps will not help Napster, but at least the excitement they create will help the people formerly known as Napster employees. :)
On a somewhat related topic, I think that a successful p2p model would be able to support topologies ranging from purely clientclient all the way to clientserver. Some problems are just better suited for a clientserver approach whereas others are more clientclient (sorry, peerpeer.)
I haven't seen many people talk about this... but how will the latest p2p software integrate with what's out there already? I just don't see the browser and the web being replaced by the Groove client. In which case, Groove has to somehow integrate with the web. How?
In addition, I thought Groove had to eventually replicate with a "replicating server" or whatever it is called making it not a pure p2p app. As far as I know, there is NOT a single working (or even semi-working) p2p app out there 'cause namespace management & resolution, search, and security get ya.