Slashdot Mirror
Ian Clarke on Peer-to-Peer
Simone of O'Reilly writes "On Freenet, the more popular information gets, the more copies it
generates--and the easier it is to find and download. That's just one
significant feature of this promising peer-to-peer network. Freenet
inventor Ian Clarke may not be talking about his new company, Uprizer,
but he has a lot to say about how decentralized architectures can fix
what ails the Internet. Here's the interview." We've heard from Clarke before, but this is an interesting piece.
Actually, very little content is stored directly under a named key. What happens is you store the data under a key whose name is a hash of the contents. Then in a seperate key with a real name you include a redirect to the hash key. So you would only have one copy of, say, the GPL, even if it has a dozen names. MP3s might have a lot more "duplicates", but none exact (ie, you'd have one at 128 bps, one at 112, another at 128 that wasn't quite ripped as well, etc). Nothing can be done about that (well, not easily).
Visit me on #weirdness on the Galaxynet.
The great thing about the Internet now is that I, as an individual, can publish pretty much anything. I can write music and put it out, I can write fiction and put it out where people can come by and access it. Until the early 90s this was just not possible. If my stuff is not enormously popular - so what - people who enjoy that kind of thing can still get it. I can publish to my heart's content and the few hundred readers can read it. Similarly, I can go and get obscure stuff myself - something that wasn't possible before the internet showed up in its current form due to publishing barriers.
But Freenet will just drop this stuff because it's not popular - and this seems like a retrograde step to me. It re-erects those old barriers to publishing that the Internet is destroying - and eventually, Freenet just holds what the Sheeple want. We end up with a network that's no better than TV or the print press - containing only what's popular. We end up with masses of Britney Spears or Blink 182, but you can't find something like the Bottom Feeders or Bradley N. Litwin.
So to summarize: Automatic for the Sheeple.
Oolite: Elite-like game. For Mac, Linux and Windows
Note: For those of you too lazy to read the whole thing, the part I am talking about is on the second page of the aforementioned article.
Free Hans!
According to the K5 article, Stirling advocated the implementation of laws requiring that ID-tags be affixed to data transversing the Freenet.
"I propose a law requiring a transparent tag showing origin and history on any file on any server, and that the file be immediately accessible on request. The authorities should develop and send out a "sniffer" intelligent agent program to detect files not meeting these criteria. Immediately shut down any server/node that doesn't reply properly. With really... severe... penalties for anyone owning hardware harboring pirate files. Sufficient to make them take elaborate precautions not to do so."
Furthermore,
Stirling claims that he talked to the FBI, who told him that they have the ability to penetrate Freenet's anonymity. I suspect that either they were (a) blowing happy smoke Stirling's way, or (b) they were thinking of Carnivore catching the evil copyright violator's insertion at the ISP, before it actually enters the Freenet.
To some extent, I can empathize with Stirling's fears as an author -- I wouldn't necessarily want someone to reproduce my copyrighted works with impunity and scatter to texts to the winds. However, I find Stirling's "draconian" (to use his own words) reaction unsettling.
I'm wondering about the possibility of Stirling's proposed restrictions to Freenet. Are such measures feasible (legally and technologically)?
Sincerely,
Vergil
Insects and Grafitti Photos
Thoughts regarding P2P: What are the implications for security in the P2P world? Seems like it would be very easy for someone to crack into the local client S/W and figure out to breach security on a Peer's machine by sending scripts/etc. If this is possible, the implications could be profound as a cracker could gain access to hundreds of machines as the crack propagated itself around the P2P network. Infected clients could update S/W from a site other than the one intended by the end-user (and thus infect more computers, etc). The possibilites for security violations are endless...how do we prevent/reduce the chances of such harm for P2P networks? I.e. besides using regular security measures, open source, etc. what else would work? Redesign P2P clients to use more client/server architecture for S/W updates/patches (but maintain P2P connections for data - still issues of passing cracks disguised as data remain)? What else?
It's a myth alright. As we saw last year, the Internet has trouble with a well-placed backhoe. Things are getting more robust all the time, but there's always a shortage of bandwidth, and when any significant amount is lost it's acutely felt by everyone.
Packet-based networks were pretty much the development of people who had seen the benefits of then-new timesharing. The ARPANet was bandwith-sharing. (there just weren't that many data lines back then, though early maps of the ARPANet will show how few links there were between IMPs) For any number of nodes n greater than 2, a minimum of n-1 lines are needed; yet there isn't the danger of having a single potential point of failure as in a star topology. (naturally, you want a hell of a lot more lines than n to guard against failure, but it took years to get to that stage)
The nuclear war thing comes from an unrelated but contemporary (late 60's) RAND paper on the subject.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
Nope. Both of them are utter pipe dreams. The "transparent tag showing origin and history" already exists today, except it has a much shorter name and a much more spotty record. They're called "watermarks", and they're pretty much a joke. Just look at SDMI, which has had some brilliant minds tackling the watermark problem and, even after millions of dollars in research, they still haven't managed to come up with a way to stop a really determined 15-year-old.
Translated into modern idiom,
- I propose a law requiring watermarks on every file on every server, and that the files be immediately accessible on request.
Problem number one: watermarks don't work.Problem number two: if the law is going to require that every file on every server be immediately accessible on request, that's going to play hob with e-commerce. Do you really want to place that order for Naked Amazon Women In Bondage from Amazon.com, knowing that anyone can send an email to Amazon saying, "Hi! Pursuant to the new Federal laws, I want to investigate your site to make sure you're not using any of my IP. Please send me all of your customer purchase records."
The alternative to this, which Stirling probably means, is that the watermark be kept available, although the file may not necessarily be. That defeats the purpose of a good watermark; one of the principles of good watermarks is they can't be removed.
- The authorities should develop and send out a `sniffer' intelligent agent program to detect files not meeting these criteria.
Stirling, meet the First Amendment. If I don't want to include watermarks in my original works, neither you nor the government get to say whoopty-doo about it.On a technological note, I've got some experience with smart agents. At the present time, they're really not very smart. Remember that there exist such things as countermeasures; once people figure out what ruleset the expert system behind the agent is using, they'll figure out ways to avoid triggering the agent.
- Immediately shut down any server/node that doesn't reply properly
Violates due process of law. Shutting down a server does Nasty Stuff to online businesses, and would require that a court hearing be held. Remember, nobody can be deprived of life, liberty or property without the due process of law.This is the only proposal which is feasible technologically, BTW. After all, to take down a server all you need is a fire axe and strong arms.
- With really severe penalties for anyone owning hardware harboring pirate files
Violates the legal principle of mens rea, which basically means--"if you had no criminal intent, then you didn't commit a crime". If I'm an ISP and someone is running warez off their shell account, I'm not liable until I'm notified of the illegal copying and I have time to verify the allegations myself.Technologically unfeasible, too, given that many systems will be harbored in foreign countries which are not signatory to any such ludicrous treaty as Stirling is suggesting. To penalize the owners of those servers would require... well, a small Special Forces team could probably convey the US's displeasure, but that seems like overkill, doesn't it?
- Stirling claims that he talked to the FBI, who told him that they have the ability to penetrate Freenet's anonymity
Maybe true, maybe false. Sounds more like happy smoke to me. Think about this: if the FBI does have this capability, why in God's name would they tell anyone about it?Stirling needs to talk to his dealer about the purity of his rock.
Here was something I didn't understand from the explanation of this decentralized, caching system. If I want to post an encrypted document that only I know about for later retrieval (say in 5 years) how does the system prevent it from getting deleted from all nodes for unpopularity? If there is no central authority, doesn't that imply that either: 1. documents can be lost or 2. each peer has to be able to talk to all other peers to preserve unique but unpopular files? DOS sounds a problem with this also.
Look around. How much of your web-surfing time is spent reading totally static documents?
Don't you spend far more time on sites with some form of interactivity, or at the very least, which are updated from hour to hour?
Incidentally, I think the terminal client to terminal client approach is technologically backward. It may have some advantages in preventing censorship (though I'm willing to bet that it would be pretty easy to spoof freenet, one way or another, to lower it's signal-to-noise ratio below slashdot in flat mode, ignoring moderation scores), but it would make far more sense with a true "web" structure than with the internet which is closer in many ways to a free tree. Caching on machines that are only connected to each other through a backbone makes much less sense than caching on the backbone.
--------
As a Freenet developer, I feel compelled to correct some of the inaccuracies being presented by commentors as fact.
"Freenet is an attempt to replace the web." - This is more true than saying that Freenet is a replacement for Napster, but it's still not true. Freenet is better than the web in a couple of ways, mainly anonymity and decentralization. If you don't need these features, then by all means use the web.
"You can't create Slashdot on Freenet because Freenet doesn't have dynamic content." - Sure you can. A web forum was already created, but is currently being overhauled. We already have a web frontend and newsgroups, mail, and hyperlinked documents in Freenet. A web forum is just an HTML frontend to a newsgroup with some bells and whistles. The reason that they use dynamically generated pages is because they use RDMS backends so that the servers can handle the load. Since the load in Freenet is distributed, this isn't necessary. Sometimes you really do need dynamically generated content, but in the case of web forums it's mostly just a performance enhancement.
"Popular == worthless. Freenet will be filled with worthless stuff." - Popularity is local, not global. If you connect to your friends instead of random strangers then the local network will be filled with items of shared interest.
"The problem with Freenet is that unpopular items are dropped." - Popularity is local, not global. You want items that no one in your local network is requesting to disappear. Files go to where they are wanted and disappear from where they are not wanted.
"I can't trust the information that I get out of Freenet." - We have tamper-proof keys that rely on digital signatures and content hashes. If you are worried about authenticity, then use those.
"Freenet must track what people request because it knows what is popular. That leaves an audit trail that compromises anonymity." - Popularity is local, not global. Your node discards items that have not been requested in a while. There is no global rating or tracking of any kind.
"Freenet requires a high-speed connection" - No, but it would certainly be nice.
It seems to me like freenet also needs to track data to a certain extent because it caches the most popular content on other sites. That means there is an audit trail, even more than me setting up an ftp server on the different IP addresses I get with a dialup account, and just send an encrypted email to my friends to upload/download the content that is illegal from there. I would think there is less chance of me getting caught, even though I have to more actively do something considered illegal. Also, keep in mind that I realize freenet is not only going to be used for illegal stuff. But, it is the illegal (illegal is not always immoral, but often unpopular to the powers that be) content that is going to need the most protection and need to be cached the most. Stuff like deCSS mirrors are one example. We might be able to build on the peer to peer model some, but we still need there to be a strong structure based on a server passing clients to each other, or something. The only problem is that we know they won't allow this easily. Just look at napster, who does not distribute mp3's, but is getting in trouble for users doing it.
Anyone else have any better ideas?
Mas vale cholo, que mal acompañado.
Ian wants to basically replace the web with freenet and has said as much. But what he doesn't get is that he is not going to replace the web as we know it with static documents (which is all freenet serves up).
Come on, how could a web site like slashdot possibily exist in freenet? It couldn't. It is simply too dynamic, too frequently updated, and reliant on a coherent and consistent database of comments and articles that simply cannot exist in a distributed network.
Freenet will be a boon for the archival of static and infrequently updated content and web sites, but for anything more dynamic, freenet fails to offer a solution - and as such will nicely complement, but never replace the web.
-josh