Slashdot Mirror
Collapsing P2P Networks
Andrew writes "I'm a undergraduate at the University of Washington, and after seeing this article on Salon, I dusted off a paper I had written last year. I examined P2P networks under a model usually used in describing animal populations, and found that it may be possible to cause a collapse in the network based on the intrinsic nature of the technology. Just as in animal populations, P2P networks require a sizable "critical mass" of users, and overharvesting can cause a systemic collapse - what if this were done on purpose? Quite ominously, my second recommendation on disruption was carrying damaged or incorrectly named files. You can read theabstract and the actual paper"
You know what we do with those types, don't you?
I have been pwned because my
As you have spent some time studying this field, you have probably run into realworld P2P happenings that follow the "rules" stated in your paper, could you name these, causes and results and the services in question?
There will never be a lack of "food" available as long as enough peoople share their files. So, I don't see a point where there will be too many users. More users just equals more files available. And with things like the new WinMX 3.0 you dl off of multiple people at one time, so if you find a song that, say, 30 different people all have, then chances are it is gonna be the real song with no problems.
--Note to self. Add witty sig here, someday...
True, the music industry could make tons of phony user aliases and bombard the servers with numerous useless queries and corrupt files. But where does it stop? This same technique could be used by companies to overload a competitors internet servers and capabilities... This method, though very possible, seems more like a mild virus attack that could potentially lead to a backlash of similar attacks from some pretty pissed off users.
Seems like a plausible solution, with some negative side effects.
my last sig was too controversial... now, a new and improved useless sig!
All these P2P programs can have a lot of problems:
- music downloaded can be wrong or low quality
- music is often illegal
- download is speed is really slow
What labels should do is let users download music for a small fee. For example by buying 100 songs for 100 bucks. Songs to be chosen by the user at any time.
I think a service like this can be really succesfull. The labels do not need to be affraid of piracy because of the crappy quality or low survival rate of these programs.
DNA is the ultimate spaghetti code.
As stated in Salon there are a lot of bogus files. As for now there is enough stuff out there to get the song you want. However, maybe this is just a first try of the music industry to frustrate users of p2p networks. When they get things going they could probably flood the networks with songs, without any means to distinguish them from the good ones.
The practice of flooding the system with bad files is far more sinister than most of us realise.
This is actually the next step in the Taliban's fight against capitalism. They are continuing their religious war, attempting to reduce our morale by preventing us listening to music, except in short frustrating bursts of the same 10 seconds.
Their aim is to reduce us, to bring us down from within by sabotaging our right to Good Music In MP3 Format.
We Will NOT give in.
Uh, wait. Why did they start with 'No Doubt'?
So does that include my Goldfish and Parrot disrupting p2p?
Would a Slashdot style system of user moderation of shared files be a solution? Perhaps public and private keys to sign files as your online handle. Well known names would sson spring up and their signature could be used to verify the quality of the shared file before downloading. Of course there are many reasons people wouldn't want to sign files they might be sharing or have downloaded...
P2P as a concept is unlikely to collapse
Networks come and go, and encounter obstacles as the number of people using the network increases, but as one reaches "critical mass" another is born because the first became too unstable
There are a large number of p2p networks at the moment, some are more successful than others, but importantly they use very different technologies, some of which are less affected by increasing numbers of users
The fasttrack model appears quite comfortable with several million users, when the orignal gnutella protocol couldnt cope with that number (iirc)
I'm sure that a number of p2p protocol designers will attempt to use the ideas in the paper to avoid the various pitfalls
not to mention the first two sentences:
:)
"Peer to peer networks have generated significant attention in the recent past, especially file trading networks such as Gnutella commonly found and Morpheusin ecological models of fish and birds. If the mode."
still an interesting read, though
HAH. I read the article but not the blurb. Is that a /. first?
The paper is a year old.
I wonder what the review of it was or if the prof or assistant even caught it.
Who run Barter Town?
From the introduction in the paper:
> This paper aims to address the following
> questions:
> 1. How must the depensation model be modified
> in order to account for conceptual
> differences between P2P networks and animal
> populations?
> 2. What are the conditions necessary to cause
> catastrophes in P2P networks?
> 3. What does the model imply about other ways
> to limit or stop P2P networks?
> 4. What is the most effective method to stop
> P2P networks?
I bet if you'd set out to answer a more interesting question, you'd have obtained a more interesting answer.
Natural populations are well known for their ability to adapt to their environment; to mutate or change their behaviour in response to stimuli (threats) in their surroundings. If you truly wish to study P2P networks as if they are ecosystems or populations, there are plenty of more productive entymological questions to be asked.
This paper reads like a biologist saying "given, say, fish - how can we go about killing them?"
Nice to see *some* scientific analysis of this subject, however misdirected.
These sigs are more interesting tha
a few years ago a denial of service attack was launched against the gnutella p2p network. this was done by sending out large 'ping' packets, which were then sent all throughout the network, effectively using up the entire bandwidth of many slower nodes. i don't recall how this was stopped, perhaps by a client update, or maybe the attackers just stopped. if the later is the case, gnutella is probably still vulnerable to such attacks.
trying
very
hard
to
think
of
porn
joke
Invoicing, Time Tracking, Reporting
Just make a Beowolf cluster of these networks then?
Great Linux Site
...Our four, four! potential strategies are:
In fact, it was really a client server application which only on downloading a file did it actually make any connection with any other user.
True P2P has no server and needs no server. Napster had and needed such a thing to work.
Personally I wouldn't call it peer-to-peer at all, but if I was forced to, I'd far rather call it a hybrid P2P and Client/Server solution.
Avantslash - View Slashdot cleanly on your mobile phone.
Because everyone knows but none have yet said it.
Sharereactor/Edonkey cannot be flooded with damaged or renamed files and neither can any other network/client that relies on hashes of the downloads to ensure the file is the same.
As for using loads of bandwidth by doing loads of useless searches in an automated way, it would be very interesting to see how the different networks coped with this, especially the "next gen" edonkey, which is called "flock" and is in beta, and is supposed to use no servers...
graspee
it seems that a simple and relatively inexpensive measure, which Herron says requires no more than "an intern in a room," might be worth serious consideration on the part of the recording industry.
Further questions about the proposed intern scheme were referred by Stacey Herron to her associate Mr William Clinton, recently put in charge of seeing the 'preferred files replicate and populate'
Antiquis temporibus, nati tibi similes in rupibus ventosissimis exponebantur ad necem.
You'll ruin it for all of us!
I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.
if a user doesn't like a previewed track, "then the industry and that record would have benefited from [that user's] ignorance."
I'm suprised the record labels let Britney Spears have any time at all in that case - hell, think of the teenage boy market if all they knew was what she looked like *grin*
Antiquis temporibus, nati tibi similes in rupibus ventosissimis exponebantur ad necem.
i just redownloaded his paper and he fixed some of his errors, seems he doesn't want a few thousand people seeing how much of a tard he is :)
The RIAA will use this to their advantage if they are not doing so already. If the P2P community does not stay one step ahead, the RIAA will literally make Gnutella and other file sharing systems useless.
A system that permits sharing of copyrighted material is hardly going to provide a simple way back to resolve the real originator of the material. It is difficult to prove but probably likely that many bad files come from persons connected with the production and distribution of the original material.
There are several sites now that publish checksums and sizes of P2P files. If you trust the site, then you have a way of validating files.
The main issue remains is so-called leaching. That is, those who take but do not give. This may be out of fear or out of selfishness or it may even be just that the user is new. The community response seems to allow small downloads to anyone but to restrict larger downloads to those who do share themselves. I believe there are even some automated tools that will perform this check.
The failiar of ANY system is ultimatly inevitable. Best bet is to play with it while it still works
Choice 4 is much more likely to give "good" results since more of the major holders of illegal material are targetted
Holywood would get better results by shutting down illegal DVD manufactureres of spiderman in korea (or wherever they are) rather than someone who makes a copy for his friends
Choice 1 gives everyone the same chance of being targetted and thus small time distributers/downloaders will be hit a higher percentage of the time and not have as great an effect on the overall level of content available
"music is often illegal"
Today's pop music is so bad it OUGHT to be illegal.
Collobarative Recommendations such as Amazon.com uses, (or Eigentaste or RecTree in academia) finally have algorithms that make it fast enough for an average PC to perform the operations. A decentralized version would not only foil spoofing and spamming, but would let you discover new things beyond the industry marketing machine. Does anyone have information on such work?
"There's so much left to know/ and I'm on the road to find out." -Cat Stevens
I agree that it would probably be possible to quite easily kill any P2P network; imagine one of the nodes in any Gnutella-type network sending faked information all over the place or something similar, or some kind of malignant Direct Connect client.
But let's say that the music industry/whoever did this, would it be legal just because P2P networks are "possibly used" for distributing copyrighted material?
I don't see the difference between sinking someones Direct Connect hub and launching a DoS attack against a webserver.
This is hardly news. I can't remember the last time that I shared a music file from gnutella that was correctly named, labelled, untruncated and not a radio edit (mea non culpla, the first thing that I do is to fix the damn things, before making them available for re-sharing).
For exe's, it's even worse. There seems to be a deliberate misnamimg of some files, e.g. GTA2 labelled as GTA3, or in some bizarre cases files named as "game Foo (actually game Bar)". What on earth is the point of that? If you're warning that there are misnamed versions out there with this filesize, then say that, otherwise just name it correctly and be done with it.
Porn is the worst of all. I've lost count of the number of god damn bangbus promos (or worse, trailers that spawn popups) that I've shared and ditched, and I'm now so sick of it that I won't download anything under 5MB (most of the trailers are smaller than that).
What I can't understand in all this is that I'm sharing these from other gnutella users. Sure, they are injected through malice (or avarice), but what is wrong in the heads of users that they don't understand that this is our network, and our responsibility to clean up the file naming? Nobody is going to step in and do it for us. It's only going to get worse over time, and I'd rather download three different but accurately named versions of the same file than one misnamed version that turns out to be another badly encoded asian lipstick lesbian popup spawning commercial.
Repeat the mantra: our network, our responsibility.
If you were blocking sigs, you wouldn't have to read this.
Yes.. there are plenty of morons on the P2P
networks.
Hell.. the majority of the files out there
are incomplete and/or corrupt and yet....
none of the morons sharing them ever delete them.
Gee... sounds a lot like the crap you have to
go through on a daily basis with live people.
Another technology hampered by Morons. Figures.
from the Salon article:
;-)
"All it takes is an intern in a room."
Isn't that how a President was brought down?
People in cars cause accidents....accidents in cars cause people
You've noticed this too? Is there any trend to the IPs of machines sharing these? Are they all at sony.com or something? (Hey, they could be grievously stupid...) In any case, perhaps some provider like Gnucleus could provide a realtime ban-list of this kind of abuse. Centralizing this information wouldn't have any legal ramifications, and while it's a flawed, stopgap solution, it would work, at least for a while.
.url files you get sometimes? I think it's just spammers doing some of this, and not the actual media industries.
I wonder if those results are virii or something. I usually just filter them out by requiring filesizes about 100k...
Have you noticed the "[searchterms] free bangbus passes.htm" and
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Please. If the corps employed black hats for any reason, do you think they'd admit it? Unless there's firm evidence to link the corp to the attack---which there's no reason for them to leave---there's no way to touch 'em. Bastards.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Unlike traditional web site DoS attacks, based on sending malformed messages (provable intent), DoS attacks in P2P can look like normal requests from normal clients that just come in really fast. IANAL, but much criminal law arises from intent, and the web DoSers (or bounce DoSers) clearly have intent. P2P networks just have a high-overhead protocol.
I don't think, in the end, that you can rely on laws to stop such problems. If you design a flooding mechanism into a protocol, you better be sure to rate-limit somehow... Maybe make people do some amount of work to perform a flood (though precomputation becomes problematic, because you want it to some extent, but not too extreme an extent).
How can the first post to note this fact be redundant?
Moronic moderator alert
Who run Barter Town?
The main issue remains is so-called leaching. That is, those who take but do not give.
You mean like how people take music for free and do nothing to reward the person who created it?
Labels be damned, just give something back to the people doing the actual work.
-r
Just because something is free does not mean you have to take it.
The problem would be---what makes the rating system any more trustworthy than the files themselves? Remember, both eBay and Slashdot have centralized control, a metasystem above the individual users.
Such a metasystem, in a P2P environment, would need to be decentralized and yet trustworthy. (It's must not be as easy for a spoofing client to say "I'm trustworthy" as it is for them to say "I have files to share! Download my pustulent VBS payload!".) This is a complex research question, to which there's no one simple answer. A lot of people are trying, though... see some of the threads on this story for good links on the subject.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Works great too.
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
Things are looking very bad for *P2P. As many of us are already aware, *P2P continues to lose market share, and it's car keys all the time. Red ink flows like a river of blood, and a river of blood would be pretty cool, but not when it's *P2P's blood. FreeP2P is the most endangered of them all, and since I've never even heard of it, it must be hurtin'.
Umm, something about a charnel house being turned over, and 2 usenet post about P2P, and bought out by someone who ruined everything. Yeah. And so P2P for all practical purposes is dead. Long live P2P!
The most interesting parallel animal model has got to be the experiment designed to reduce (or eliminate) Tsetse fly (and other insects ) populations by releasing large numbers of sterilized males into the natural population.
The process of P2P sharing would correspond to mating, since you have to have two participants. A successful mating would correspond to a user getting the file they wanted, and therefore being more likely to use the service in the future. Getting a dud file is like a wild female mating with a sterilized male. Yields no offspring, user is less likely to continue using service. One or two cases of sterile matings have no impact, but when it is a significant percentage the population will decline, I'm sure the parallel with P2P holds.
The author seems focused on studying the best way to eliminate P2P, though, so he's probably hoping to get research grant money from RIAA.
Light cup, beer drink, thin so chain, neck turtle fat, man I won't say it again
Sounds like a client side problem. I don't have popups in my browser. I can only wonder what messed up program would put popups in video files. Mplayer sure doesn't have that problem :-D
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Within so few sentences...
countermeasure: webs of trust & md5 hashes
and
the best way to deflect it would be hiding your identity
Put simply you cannot hide identity and be a trusted partner in a transaction. And the cost of setting up "trust" mechanisms should be understated, I can generate my own CA and own X509s from openssl. How will you know what CA to trust ? Commerical ones cost money.
An Eye for an Eye will make the whole world blind - Gandhi
most downloads you try on any p2p network fail. because the user is too stupid to open up their firewall, or they intentionally closed it so it looks like you are sharing files but you really aren't, or they fill it with bogus files, etc...
I have had to resort to a harvester approach on gnutella. set the bot looking for XY without Z and snag everything that matches this until I stop it. Yes I end up downloading that song 35 times, but out of those 35 files, maybe 2 are acceptable... so deleting I go.
It's getting worse based on lazyness and pure stupidity and including pure greed. (I downloaded an mp3 that was nothing but a porn site advertisment.. EVERYTHINg from this one user was that same porn advert.. and he had at least 60 files all named popular band/song)
unregulated P2P sucks and is getting worse. Most of us old-timers are reverting back to IRC and private ftp stashes (20-30 friends all dropping files there, retrieving etc...)
Do not look at laser with remaining good eye.
seriously, "joe schmoe" today is a whole lot different than "joe schmoe" will be in 5 years. People change; technology that today seems bleeding edge will tomorrow be an electric can opener. Not even noticed as "technology" by most people.
Also, as software evolves, "md5 lookups" will not be as difficult as they are now, and when the average person realizes that "md5 lookup" means the same thing as "click the box for trusted search" they will click the dang box (or it will be built in to the software so that there isn't even be a box to click). KaZaA etc suck right now; they are at the stage in software development as, say, ms works for DOS 1.0. Compare that to a modern word processing program and extrapolate a bit, and you'll have some idea of where p2p apps are headed.
this shit that we call "technology" really isnt that hard to get a basic grasp of. When my wife needs to know how to do this stuff in order to read the latest stephen king book, or my daughter needs to know it to listen to {boy band x} she will learn it.
... and there is no doubt, that one day he will be
where the eye of his telescope has already been
What if there is a AUP applied to the p2p network that forbids 'flooding' 'advertisements', etc.
Then Sony/etc would be libel for 'damages' caused by resorce usage that fell outside the agreement?
Just a thought.. It works for other areas.. why not here? Perhaps finally a USEFUL AUP...
---- Booth was a patriot ----
Well for starters you can read music magazines, then get names of groups to *sample* that way...
Its how i did it.. or you browse other files on that users machine to see what else they listen too.. bet a lot of the time they have similar interststs...
Not saying im 100% legit either, but i have fonud several groups id never have spent money on 'just to see', but DID after i heard a few tracks..
And no.. some lameass partial track sampling system wouldnt have got me to buy it..
---- Booth was a patriot ----
It is already well known that modeling the network as a Poisson distribution allows analysis of the cluster lifetime. This was first done in pandurangan et al "Building Low Diameter P2P Networks" and much developed in Liben-Nowell et al "Observations on the dynamic evolution of peer-to-peer networks." See "Half-life lower bound" at http://www.cs.rice.edu/Conferences/IPTPS02/187.pdf
A large number of p2p networks don't need any more sabotage than the creators do themselves by bundling the sharing programs with spyware. Nothing has hurt my p2p use more than the difficulty in finding decent p2p programs without malicious malware attached. I'm all for sharing files, but not at the expense of my privacy and system stability. I almost wonder if the Record companies didn't suggest this business model to the p2p software companies deliberately.
As a big bunch of CRAP! HaHA! I have seen though your clever FACADE! You will never work in this town again!
Aren't the users of these networks already doing this all on their own? I've seen versions of songs performed by bands that were dead by the time the song named in the title was actually written, Beethoven Symphonies attributed to nearly everyone else, etc. 99% of any group of users knows crap, and they seek to prove it at every turn, and yet these networks haven't killed themselves off from inside yet.
--- http://foo.ca
So this paper makes it easier to bring down a P2P network, then, after your efforts, you settle down and have a nice piece of pie for dessert.
Anybody want a peanut?
As an experiment:
Try to download eminem's without me from gnutella. You get a lot of matches but only a small percentage of files are working.
It seems like someone is running a bot that's looking over what kind of eminem files are being shared. After this it uses the name and file size to share the same file except with random data.
Gnucleus combines files with same size and name for multipart downloading and thus is deeply affected by this. Even if some part is correct chances are that it is going to discard that specific part (overlap test) and use the corrupted data. If whoever is doing this has a fast connection and accepts a lot of downloads they can seriously affect the ability to transfer specific files.
Besides, do you have a firewall yourself? (A serious one) Do you check your logs from time to time? Well, I do and there is no way in hell I will leave an unprotected box on the internet.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Hmm... how would you control who has access to the undernet? If access was given out by a central authority or privileged users, then it would be difficult to get the critical mass needed to start the service. On the other hand, if access is free, well it's not really an undernet, is it?
I think that the solution would involve many small "undernet" groups, each group pruning its own users, and then linking these undernets together. If an undernet is hit with a load of RIAA spammers, then have your undernet ignore all traffic from it. If your undernet is spammy, join a new one.
The theory is that if the Gnutella network could be cut into autonomous but smaller sections, it would be easier to authenticate users. Ultrapeers are already starting to partition.
I don't think this needs to be done on the IP level. OpenSSH or Kerberos could be used to create Undernet UDP/TCP connections that would be secure.
Of course, it's all pie-in-the-sky since i'm too busy to code it.
While the P2P networks may be similar to flesh and blood animals, the biggest difference is that evolution in P2P networking software occurs on timescales a biological system could not hope to match.
Given a threat to its existance, a P2P network can adapt in a matter of hours at best, weeks or months at worst. To change the behavior, defenses, etc... of a biological animal would take thousands of years at best. The flip side is that new threats are developed almost as fast. But the bottom line is, eventually the signal:noise ratio on a P2P system can be tuned enough to allow a signal to get through, no matter what problems might plague it.
Worst case scenario is that you have a voting system that allows *very* different users to vote on certain file share hosts, the ones with the most votes are generally going to be a valid source of the files... while this will present a higher profile target for the major corporations, if you have 10,000 of these high vote people, it's going to be financially problematic.
Even if you have one or two, (or 50) cases of ballot box stuffing when it comes to high vote hosts, an authorized admin of some sort could flag that particular host as being bogus.
There are many, many spin offs of this concept that would make it next to impossible for any single entity to compromise the P2P network into non-existance. It may be cumbersom, but it would work.
XP comes with a firewall builtin...Many people run ZoneAlarm and similar applications. Go and have a check at Shields Up and check at least if your netbios ports aren't open. Okay? Kind advice of this lame Unix-guy...
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
There is no reason why this has to be true. There are software solutions to this that work fine.
Where are they? They are coming...and they will be here. Just wait and see.
Your signatures belong to me.
Still waiting for someone to impliment a decentralized user location system. Limewire already has a basic basic chat interface.
I was struck by the applicability of the general strategy to a p2p network like al-qaida remnants. And relieved that there are ways to skin this cat...
;
;
;
>>
1 Randomly selecting and litigating against terrorists that we are able to capture
2 Creating fake terrorists (plants) that carry (damaged plans/trojans)
3 Broadcasting fake information in the known clusters (recruiting nodes like mosques) in order to degrade network performance
4 Selectively targeting capture/litigation against the small percentage of terrorists that carry disproportionate authority within al-qaida.
Of course I just could tell my friends to install some kind of W32 ftp server, but I fear that they will keep it running all the time compromising their own security. Many of them aren't even capable of installing WS_FTP (a bare-bones ftp-client which I happen to like a lot) so they are not able to upload songs to my server.
Most of the time I take the easy way: I post a certain song I want to share on my webserver and give them the URL. This is much easier for non-computer inclined people. (I am aware of ftp://username@somehost.tld/ but this doesn't allow uploads) Yes, I know http has much more overhead than ftp, but it's the price I'm willing to pay. Hey, and now they even have it more easy: I don't need to give my IP anymore. Thanks to dyndns I have one of my domain names pointed directly at my server. Best 30$ I spent in ages
Thanks to all the people who replied to my post, it was truly interesting (picked your post because it was the *most* interesting). I just regret I got modded up that high. Someone modded me "Overrated" (which I deserved IMHO), which made me lose my glorious 50 Karma. Oh, well...incentive enough to try to post insightful comments ;-)
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
I wonder how difficult it would be to create a pseudo-KaZaA client (since modifying the current one would be against the EULA) that would return erroneous results when the network tries to make your computer part of AltNet's "global computer resource-sharing program". If it was possible, what are the legal/moral ramifications of disrupting a for-profit P2P program in this manner?
Dupe posts are
Finally a little question for the P2P junks out there: many people claim they get to learn new kinds of music by P2P sharing. I won't say it isn't true, but how? You still need a handle to search new stuff? You just type in random keywords, or what? Just curious, because I'd like to broaden my musical horizonts a bit.
There are three things I do to find new music:
1) Type in random keywords. This may seem silly, but it can yield interesting results.
2) Search for a genre. You would be surprised at the amount of music that people catagorize/name by genre. Pick a genre that you don't know very well (IDM, dub, afrobeat) and search for it. You will get a seemingly random selection of music. Download these, listen to them and if you like them, search for the artist and/or stuff in the id3 tag. You will find more of their stuff, plus usually stuff they did with their friends.
3) Listen to KEXP. KEXP is possibly the best radio station in the world. They stream cd quality over the web. They are a public station (I'm a member) from Seattle. Check their time schedule (it's Pacific America time) and check out DJ Riz. This guy is the most inventive, relaxing, best DJ around.
yep, thats it: separate the server from the client portion of the p2p-system.
;)
first: a super-node like server, that collects all info from the content-servers and brokers the connection from the clients, processes search requests etc.
second: a content-server, the "criminal" part, where all the data is hosted. this server handles only OUTGOING connections, it always uses push-method to send the data.
third and last: the client, that open a listen port on the client machine. for downloads, it connects first to the brokers to search their database of content, and then signals download requests *to the brokers*, the brokers keep those requests in a "mailbox", that all servers check every x seconds. if a download request is found, the *server* starts sending the files to the client.
that way numerous issues are solved:
-the content-servers cannot be wild-card searched, no one can make greedy searches to know what content a particular user hosts. this ensures a certain amount of privacy for the content-sharing peers. if MPAA-paid detectives find that host at ip foo.bar hosts "metallica - enter xman.mp3", it is rather difficult to find how much more content that particular node is sharing.
-the clients put newly downloaded stuff directly in the shared folder as usual, but after many succesful downloads, no "evidence" is piled up on a part of the network that is viewable from outside. these clients have open sockets, so that the push-connections from the servers are coming through, but they are more like a sink-hole than anything else. cannot be queried.
- the brokers have another open port for the the servers and the clients, they aggregate supply and demand, but cannot be held liable for anything they do, since they do not host anything themselves.
those three parts of the "phoenix123 p2p network of the future(TM)" are either combined on one machine using different ports or distributed through the network like the system eDonkey2000 uses. maybe some kind of reward should be given for downloading clients, that have a broker and/or a content server running - slightly higher download priority maybe. (sure there will be hacks to spoof an open client etc, but nevermind - if the network load is low enough not many will care. people cannibalizing free-as-in-beer p2p-networks are just shabby)
this is just a small thought, maybe it's useful maybe it's not. problems with pple behind NAT-gateways are to mention... (maybe the brokers could detect such a situation and instruct the server to temporarily open ONE port just for ONE file for ONE client, so that the firewalled client can download its stuff) - oh and btw all the programming HAS to be done in java. performance issues aside, it is absolutely crucial that all platforms can run this, be it linux, win32 or mac or whatever AND java is mostly immune to buffer overflow issues unlike c++. critical points would be that the brokers do not know what its connected server have, all servers process their own search-requests and pass the results back to the brokers.
ideally, this would lead to massive content servers that are totally nebulous, you cannot prove they exist unless you download one file, you cannot prove they have anything more than that single file (so the pirated content value is too low for court appeal) unless you download more, but for that, you would have to make a VERY VERY lucky guess on the filename. critical is also the broker-architecture, that ensures, no one can flood the network with endless greedy searches. maybe the broker shut down connected nodes (clients or other brokers) that appear to flood them or are cancer nodes that behave wrong.
with the broker filtering and limiting the forwarding of search results and download requests, each broker has a limited scope on the network and unless a sufficient amount of nodes is compromised, nobody could map out anything. add a lousy 10bit encryption or a resolving "data-envelope" that only the intended recipient can open, and the necessary amount to track each individual exponentially diverts to positive infinity.
if it's bullshit, reply. if it's the coolest thing you ever thought of, reply, too! - java programmer willing to do such a thing with help of others... and YES!, it will run on linux. and on mac os X and if we code 1337 enough, maybe on MIDlet devices
If Interscope is trying to reduce file sharing, their approach may or may not work on its own merits. However, it disturbs me to see what is a pretty clear misapplication of a scientific theory.
Is it just me, or does applying an organic population model, correct or not, seem particularly inappropriate to solve the problem that the MPAA percieves itself to have?
An organic model presupposes an expansion model based on breeding. The population of users of P2P networks has an organic analog, but the client population connected to a network are not organic in nature at all: on the contrary, they can be produced and destroyed at will. If one were to shut down a "critical population" of the servers, one could induce another "critical population" of the servers overnight, whether through concerted effort or just blind fluctuation in interest.
A computer user can choose to run an application for P2P file sharing "at will." A computer user running a P2P node can suddenly be shut down or choose to stop. Consequently, a user not running a P2P client can choose to run one at any time, adding to the population.
Neither of the above cases is at all possible in an organic breeding system: deer do not simply disappear at will and re-appear. If we were to try to model population control models based on external whim, we'd fail quite miserably: but mis-applying a theory based on an organic breeding model is just as stupid.
If you're talking about the population of deer, it is important to note that monkeys can't jump from the trees and decide to be deer any time they so desire.
I'm afraid this is another example of what Feynman called "cargo cult science." The author clearly wants two things to be analagous, so he merely fiddles the variables of the model into his area of interest and creates science. If you want to model a peer-to-peer networking model, I beleive you would be better served by starting from first principles.
The users who are reported frequently by several users over a few days should be checked and then banned, with their IPs logged. If they are found to be populating the network with fake songs, ban their IPs. I would start by banning any IP addresses which are known to belong to the RIAA.
Albuquerque PC
I remember some groups decided to "move" somewhere else in the tree to try to avoid spam -- this worked for a while, but it really wansn't practical to move a community over and over. Simularly, many users cycle through email addresses when the old ones get on too many spam lists, but that means that friends can't keep up with them. (And really, email is the first and biggest p2p application.)
Using multiple p2p applications/transports/networks might make it harder to degrade the overall system, than using any one. A smart client might be able to automate that process.
A few people here seem to think that it means that you'd want to just sue random people on the network. That's not true - the idea is that you'd watch what people were searching for, and sue people that were GUILTY of downloading copyrighted files.
Although this is a fairly aggressive analogy, what this is really proposing is similar to what happens with holding people hostage. Although it may be that a large group of people could overtake a gunman, the potential damage the gunman could do on one person keeps everyone in line. Same scenario here, except that it's with time-consuming/stress-inducing litigation.
Here's a wild-ass idea.
How do real life societies of humans and animals protect their communities from invasion?
I will assume that the number of "legitimate" users vastly outnumbers the invaders.
Could it be possible to mark or remember hosts who pass around bogus files, and then pass that information to other users on the network?
For example, I download a file from a user or group of users. When the download completes, I naturally check it. The P2P client then pops up a window asking me whether the file was valid or not. If not, I hit "no". This "no" could then be associated in some sort of metafile that inclues the IP address and other identifying information about the host, and this metafile can be shared with all other users on the network.
Like a virus, I could merge my metafile with the metafiles of other users on the system.
On subsequent searches, the client will check the host results list against my metafile and warn me who the probable invaders are. I could also set filters that automatically exclude hosts from uploading and downloading if they have more than say, 5, black marks against them, effectively blackballing them from the network.
I realise that the invaders could easily change their IP address, but after passing 5 bad files they'd be off the network again.
"Reactionaries must be deprived of the right to voice their opinions; only the people have that right." - Mao
Yeah. You're making a difference. Does not change that the majority of people trading files are doing so for one reason: they want musicians (or other creative people) to do the work and they want to give nothing back.
For every single example of someone, like yourself, who does give back, how many do not? And, if it weren't for the tax, would you voluntarily contribute money to the artists?
Now, if this home recording tax were international, then we'd have something. And for the record I would support that idea. I'm sure countless people here would oppose it as being "unfair."
-r
Just because something is free does not mean you have to take it.
They could be stopped by the legal system if it weren't for the fact that they have an immensely powerful lobby. The courts will rule in favor of the corps to avoid reprisals in increases of record prices, etc. They can't be hit by antitrust because so many of them are based offshore, and the supreme court is afraid to touch them.