Slashdot Mirror
Collapsing P2P Networks
Andrew writes "I'm a undergraduate at the University of Washington, and after seeing this article on Salon, I dusted off a paper I had written last year. I examined P2P networks under a model usually used in describing animal populations, and found that it may be possible to cause a collapse in the network based on the intrinsic nature of the technology. Just as in animal populations, P2P networks require a sizable "critical mass" of users, and overharvesting can cause a systemic collapse - what if this were done on purpose? Quite ominously, my second recommendation on disruption was carrying damaged or incorrectly named files. You can read theabstract and the actual paper"
The practice of flooding the system with bad files is far more sinister than most of us realise.
This is actually the next step in the Taliban's fight against capitalism. They are continuing their religious war, attempting to reduce our morale by preventing us listening to music, except in short frustrating bursts of the same 10 seconds.
Their aim is to reduce us, to bring us down from within by sabotaging our right to Good Music In MP3 Format.
We Will NOT give in.
Uh, wait. Why did they start with 'No Doubt'?
Would a Slashdot style system of user moderation of shared files be a solution? Perhaps public and private keys to sign files as your online handle. Well known names would sson spring up and their signature could be used to verify the quality of the shared file before downloading. Of course there are many reasons people wouldn't want to sign files they might be sharing or have downloaded...
P2P as a concept is unlikely to collapse
Networks come and go, and encounter obstacles as the number of people using the network increases, but as one reaches "critical mass" another is born because the first became too unstable
There are a large number of p2p networks at the moment, some are more successful than others, but importantly they use very different technologies, some of which are less affected by increasing numbers of users
The fasttrack model appears quite comfortable with several million users, when the orignal gnutella protocol couldnt cope with that number (iirc)
I'm sure that a number of p2p protocol designers will attempt to use the ideas in the paper to avoid the various pitfalls
From the introduction in the paper:
> This paper aims to address the following
> questions:
> 1. How must the depensation model be modified
> in order to account for conceptual
> differences between P2P networks and animal
> populations?
> 2. What are the conditions necessary to cause
> catastrophes in P2P networks?
> 3. What does the model imply about other ways
> to limit or stop P2P networks?
> 4. What is the most effective method to stop
> P2P networks?
I bet if you'd set out to answer a more interesting question, you'd have obtained a more interesting answer.
Natural populations are well known for their ability to adapt to their environment; to mutate or change their behaviour in response to stimuli (threats) in their surroundings. If you truly wish to study P2P networks as if they are ecosystems or populations, there are plenty of more productive entymological questions to be asked.
This paper reads like a biologist saying "given, say, fish - how can we go about killing them?"
Nice to see *some* scientific analysis of this subject, however misdirected.
These sigs are more interesting tha
In fact, it was really a client server application which only on downloading a file did it actually make any connection with any other user.
True P2P has no server and needs no server. Napster had and needed such a thing to work.
Personally I wouldn't call it peer-to-peer at all, but if I was forced to, I'd far rather call it a hybrid P2P and Client/Server solution.
Avantslash - View Slashdot cleanly on your mobile phone.
Isn't that the point though? You can't go to court suing Sony because they created a lot of damaged versions of their songs. How does this sound?
"I was trying to download an illegal copy of their copyrighted music and it was damaged!"
I think this is one case where they could simply set up some distributed PC's (different IP's in different class C's) and just have P2P clients serving 'bad' versions of their own copyrighted music. Set up a little consortium of several different records companies, and it becomes DAMN hard to apply an effective filter.
You might counter by setting up a central key list of 'correct' MD5 checksums, but then THAT list becomes a target of litigation from the RIAA.
I don't like it, but it is an elegant solution. Use the power of P2P against itself. Anonymity works both ways.
Not just answers, the correct questions.
Collobarative Recommendations such as Amazon.com uses, (or Eigentaste or RecTree in academia) finally have algorithms that make it fast enough for an average PC to perform the operations. A decentralized version would not only foil spoofing and spamming, but would let you discover new things beyond the industry marketing machine. Does anyone have information on such work?
"There's so much left to know/ and I'm on the road to find out." -Cat Stevens
I agree that it would probably be possible to quite easily kill any P2P network; imagine one of the nodes in any Gnutella-type network sending faked information all over the place or something similar, or some kind of malignant Direct Connect client.
But let's say that the music industry/whoever did this, would it be legal just because P2P networks are "possibly used" for distributing copyrighted material?
I don't see the difference between sinking someones Direct Connect hub and launching a DoS attack against a webserver.
This is hardly news. I can't remember the last time that I shared a music file from gnutella that was correctly named, labelled, untruncated and not a radio edit (mea non culpla, the first thing that I do is to fix the damn things, before making them available for re-sharing).
For exe's, it's even worse. There seems to be a deliberate misnamimg of some files, e.g. GTA2 labelled as GTA3, or in some bizarre cases files named as "game Foo (actually game Bar)". What on earth is the point of that? If you're warning that there are misnamed versions out there with this filesize, then say that, otherwise just name it correctly and be done with it.
Porn is the worst of all. I've lost count of the number of god damn bangbus promos (or worse, trailers that spawn popups) that I've shared and ditched, and I'm now so sick of it that I won't download anything under 5MB (most of the trailers are smaller than that).
What I can't understand in all this is that I'm sharing these from other gnutella users. Sure, they are injected through malice (or avarice), but what is wrong in the heads of users that they don't understand that this is our network, and our responsibility to clean up the file naming? Nobody is going to step in and do it for us. It's only going to get worse over time, and I'd rather download three different but accurately named versions of the same file than one misnamed version that turns out to be another badly encoded asian lipstick lesbian popup spawning commercial.
Repeat the mantra: our network, our responsibility.
If you were blocking sigs, you wouldn't have to read this.
While I agree entirely with the fact that leeching is a problem, you should consider these facts:
- Not many people have the bandwith to share. I don't, I share nevertheless but restrict upload speed to 3KByte/second and 2 allowed connections. Why? I have only DSL 256/64kbps, which means I have about 8Kbyte/second upload and I give away a potential 6. I find that generous. This is however not enough! People do not have the patience to wait at these speeds, most of the time uploads that start on my machine (I check that from time to time) about 99% are cancelled by the remote side.
- Firewalls. I have a firewall... and I will not in any case turn it of because I want to run Gnucleus. This effectively reduces my own choices to download: anyone who runs a firewall too is not able to communicate with my machines. If everyone runs a firewall, P2P networks like Gnutella would become useless. PUSH only works when the receiver does not have a firewall.
So technically this makes me a leech: I want to share files but due to bandwidth restrictions and due to firewall issues my sharing-abilities are clearly diminished. I have the goodwill but not the resources.Yet, I download! Most of the time pr0n, and from time to time music (usually when I heard a good song on the radio).
It wouldn't be the first time a P2P client advertising T1 performance aborts me and I find that very frustrating. Probably people using the tools you mentioned, and considering me a leech. Nice...
Oh, and one thing about the whole P2P thing I don't like are the insanely large filenames filled with idiot keywords. Keywords in filenames....tsss.... Better would be a kind of database that associates keywords with files you chose on your harddisk. At least that way your files could have halfway decent-length filenames. Of course maintaining that would be a bit of work, but maintaining a filesystem filled with junk-filenames isn't any better.
Finally a little question for the P2P junks out there: many people claim they get to learn new kinds of music by P2P sharing. I won't say it isn't true, but how? You still need a handle to search new stuff? You just type in random keywords, or what? Just curious, because I'd like to broaden my musical horizonts a bit.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
I think this is one case where they could simply set up some distributed PC's (different IP's in different class C's) and just have P2P clients serving 'bad' versions of their own copyrighted music.
,to some extent. ... at 20k or so, I'm not interested. But still, it means somebody's written a client that replies to the P2P network with flawed data deliberately.
Somebody is already doing this
Searches on gnutella (for just about anything) bring up hits with file names like "your search terms.MPG"
You are in a twisty maze of processor lines, all alike.
There is a lot of hype here.
Good point. I actually very much approve of these tactics being used to hinder people freeloading, despite being shocked how expensive music and films are too buy.
However, I am very much for record compaies distributing music via the internet. By cutting out the end retailer, who typically take 50% of the final price of the CD, and removing the cost of media manufacture, there is no reason why these goods shouldn't be available for those that want to download them. There'll always be the hardcore fans who want the boxed editions (check out special edition box sets, etc..) but a lot of people also are only concerned about the actual music. In fact, it could probably even be argued that if music companies sold the music in MP3 formats, the die-hard music afficionardos would still buy the real CDs just for the quality difference.
But back to the P2P issue. You get what you pay for. If you expect to download things for free, you can hardly complain when those things aren't what you expected. If you use a warez search engine, chances are you'll spend the next 10 minutes closing all the popup windows, even if you never actually downloaded anything! You don't see many people up in arms about that.
And if you think the record companies don't deserve their profits, think again... Why do you think there are always scores of new bands signing up to these labels? Because the record companies invest heavily in lots of bands, many of whom will flop dismally. They invest in advertising, gigs, promotional CDs, PR parties, you name it. If they end up making 10 times the profit you think is far on a particular band, bear in mind that there were probalby four other bands that they promoted that didn't make it that got the chance.
There's a slight difference here between the Warez sites and these new "tactics".
With the warez sites, the ads are there because these guys can't find anyone else to host them, so they need the money for the ads. The ads are not being put up by Bungie, or Blizzard or EA or any of the other companies.
As for the p2p networks however, these files are being placed with the intent of misleading the consumer. Unfortunately for the people trying to use this tactic is in the same way that moderation works on slashdot, so does moderation work in p2p. If a file is a crappy sound loop, no one (or very few people) will keep the file. They will simply go back out untill they find the right file. Then once they have it, they'll keep it. So picture it like this.
The company distributes 100 sound loop files. After a month or so, the number of soundloop files is probably still 100 give or take (and with certain programs like Limewire, identical files are grouped). Now, as soon as one person buys the CD, there is a legit copy (legit meaning real). One person downloads his copy, now there are 2. One person downloads from each of them, 4. One download from each of them, 8. 16, 32, 64, 128. Etc etc etc. In the mean time, the sound loop is still at 100.
Sure the soundloop tactic would be effective maybe for the first few weeks, but afterwards, it's more a waste of money.
T Money
World Domination with a plastic spoon since 1984
The most interesting parallel animal model has got to be the experiment designed to reduce (or eliminate) Tsetse fly (and other insects ) populations by releasing large numbers of sterilized males into the natural population.
The process of P2P sharing would correspond to mating, since you have to have two participants. A successful mating would correspond to a user getting the file they wanted, and therefore being more likely to use the service in the future. Getting a dud file is like a wild female mating with a sterilized male. Yields no offspring, user is less likely to continue using service. One or two cases of sterile matings have no impact, but when it is a significant percentage the population will decline, I'm sure the parallel with P2P holds.
The author seems focused on studying the best way to eliminate P2P, though, so he's probably hoping to get research grant money from RIAA.
Light cup, beer drink, thin so chain, neck turtle fat, man I won't say it again
Aiding the enemy, huh?
Only if you believe in security through obscurity.
If these weaknesses exist, then sooner or later the RIAA & MPAA will find them. The RIAA will probably hire some "experts" and pay them big wads of cash for "consulting" to find such weaknesses. I wouldn't expect them to monitor Slashdot for research relevent to the P2P battles -- they are far too arrogant for that. Consider their CSS encryption scheme and misguided attempts to use watermarking, which were derided as buffoonery here. This is a battle that will be won by the side that has the better scientific analysis, and I believe that open discussion is a better scientific analysis paradigm.
I think that ultimately, the weaknesses this author discusses must be addressed through some kind of peer review/rating system. A desireable attribute of a P2P system would be robustness to "attack". The internet has posed tremendously interesting problems in "signal-to-noise" improvement, and making networked systems filter noise better is a very desirable feature with important societal implications. Analysis like this can only spur the drive for solutions. If that drive is stronger on the P2P side than the publisher's side, then P2P will perpetually be ahead.
An open forum might be able to achieve a state of "innovation dominance" over a "proprietary" opponent if a critical mass is achieved such that the opponent's practical capability is maximized only if they spend all of their time trying to "keep up" with innovations available in the open forum. Knowledge is power, so the more knowledge that enters the fray via an open forum, the closer that forum is to innovation dominance.