Peer-to-Peer Goodness

Masem writes "ZDNet is reporting on two products that are based off the peer-to-peer sharing idea that Napster made popular to release two useful tools to the community. First, "Rumor" is a p2p program that helps to spread the updates to virus protections programs by having each client on an intranet act as a p2p node, reducing the load on servers and speeding the distrubtion of the update. The second new program called "Groove Transceiver", designed by Ray Ozzie of Lotus Notes fame, acts like an extended AIM client, allowing large groups of people to communicate as a whole, but without the need for something like an IRC server. It's good to see potentally useful programs attributing their success to the Napster model - hopefully they will help with further defence of it. "

p2p executable file sharing?

[ddstreet]

p2p sharing of mp3 files is one thing, but sharing executable files is absolutely inexcusable. the potential for trojans is staggering, unless there is a central source for a key and signature.

Re:p2p executable file sharing?

[Weezul]

Virus scanners should not be using executables anyway since there are very efficent algorithms for looking for a match from a list of patterns. Now, there are viruses which require code to identify, but people can wait for software updates to find these viruses. Also, it's worth pointing out that someone could trick your virus scanner by sending out a piece of pattern microsoft windows as an update. This would effectivly make everyone think that they were infected and need to reinstall windows.

Actually, it's always astounded me that virus writers did not "seek diversity" and force virus scanners to scan with code instead of pttern matching algorithms. You could potentially make it impossible to scan for viruses by forcing the scanners to do to much work, but it would take a lot of viruses.

I suppose a better idea would be to have a mutating "do not reinfect" flag, but only remember the flag for the last 5 generation and the future 5 generations, i.e. each generation would randomly creat the "do not reinfect flag" for it's children 5 generations down the line nd forget the "do not reinfect" of it's grandparents 5 generations removed. This would mean that the virus would eventually reinfect the same files, but it would take a while.. and it would mean that the virus's distant children would not be vulnerable to the same virus scanner (assuming that the decryption code it's self mutated and could not be used as a pattern for a virus scanner).

Oh my God!

[JohnZed]

A way for groups of people to communicate online in real time! For only $50-$100 per seat! Wow!!! The world will never be the same! I'm so glad to live at the turn of the millennium where we have such radical new technologies.

Re:Peer-to-peer propigation?

[technos]

Oh, http://slashdot.org/articles/0 0/0 5/23/2022208.shtml.. It's been archived, so you'll have to peruse down..

Why is it Google works so much better searching /. than /. itself?

Blind As A Bat

[SunRunner]

All the little hacker kids out there really need to open their eyes to what myCIO has done with their implementation of p2p. Though Rumor supports the same acronym as Napster, they're very different.

First off, application/enterprise p2p is Intra-p2p, not extra. That means that all p2p file sharing is done inside your network, behind your firewall. Additionally, as /stated in the article/, Rumor uses token level authentication. As a network admin, Rumor's implications on a pure technology level intruiges me. No longer do I have to manage 450 desktops which each must go out onto the Internet to grab antivirus dat files. Instead, I spend a significantly smaller amount of time managing one SINGLE access point. Much more secure/efficient, and it gives me more time for Quake. ;)

And Kudos to myCIO for developing Rumor as an application indepedent technology. From perusing their website, they offer everything from at-the-gateway virus scanning, desktop virus scanning, VPN, firewall... One can only hope that they can integrate all these services into a single p2p platform. What I'd give to manage all my security measures from a single access point and control console.

And to anyone who mention sharing of executables... go back to a refresher CS course. ZDNet's right. Implemented correctly, Intra-p2p could possibly be the wave of the future.