Slashdot Mirror
Closed Gnutella System to Prevent Bandwidth Hogs
prostoalex writes: "Salon.com is running a story on Gnutella developers contemplating the creation of a closed or authorization-only system to prevent bandwidth hogging. Turns out, numerous applications, including Xolox and QTraxMax employ quering algorithms that are capable of bringing the network traffic to a halt. While it gets better download speeds for the users of the aforementioned applications, the damage to network traffic as a whole is substantial."
The solution is not authentication - it's building better network infrastructure.
How about implementing per-node policing using a credit system like gnunet? (http://http://www.gnu.org/software/GNUnet/)
Nodes individually keep track of the behavior of their neighbors. Bad or expensive behavior like out-of-spec activity or excessive querying lowers the 'credit' of the node. Good behavior like answering queries increases a node's credit. Credit determines the probability that a node's queries will be answered or passed along and the priority with which they will be treated. Abusively written clients will eventually be ignored out of the network.
I always find it amusing when someone takes a specific implimentation that happens to be similar to a philosophy that they know about, and take that specific example as proof that the whole theory is worthless.
In actuality, gnutella doesn't paralell any serious anarchist philosophy that I have seen very well at all. Most such systems that I have seen proposed generally call for communities of people that work together for benefit of the community and are run by a direct democracy rather than a representative democracy.
In fact anarchy doesn't advocate a state of chaos or lack of laws as much as a lack of hierarchy. It calls for elimination of the concept of "positions of power" where the laws of the land are decided directly by the people themselves and where no person is forced to live by those rules except as the voluntarily accepted price of living within a given community.
gnutella on the other hand is more of a "free for all". More of an "frontier", which isn't very anarchistic at all, as hierarchy is easily created in the frontier, all it takes is a small gang or some guns. Whoever has the most ability to weild deadly power is the top of the hierarchy.
-Steve
"I opened my eyes, and everything went dark again"
While it gets better download speeds for the users of the aforementioned applications, the damage to network traffic as a whole is substantial.
Do you expect the same people who use the network predominantly for breaching copyright to care about the greater good?
They had those on BBS's. They sucked. Unethical people uploaded trash files for credit. And the rest of us, frankly, ran out of quality files to upload after a while.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
I was a part of the Gnutella development clique a while back, and had made a few proposals on improvements to Gnutella clients.
One such proposal, GNL, was to provide a way to define alternate Gnutella networks from the main system, and include ways to limit their behavior. Another proposal, GNV, was a method for administering these networks, and said administration could be performed anonymously.
Many people liked my ideas, until I made the mistake of mentioning that the end result would probably be differentiation of Gnutella into several networks, each specializing in different types of files; it would be like making Gnutella into IRC, with separate server networks providing different flavors of service. I also mentioned that I thought the original Gnutellanet would wither on the vine. They looked on this with horror and dropped my suggestions.
*shrug* I dunno. Considering that, at the time, the Gnutellanet was scaling itself into bloated nonoperation, I thought splitting the Gnet into different specialty networks was a good idea. Clients could even log onto more than one Gnet at a time.
I agree with you that some of the more abusive clients are getting out of control. I don't agree with blocking them outright, though. Gnutella is where it is because it's an open network and an open protocol; I think we have to leave it that way if we expect any future genius to appear on the network. Closing things up and locking the doors, these aren't the appropriate solutions IMO.
I think filtering of abusive apps should be done on the client side of the servent equation. The biggest problems I've seen lately don't involve Xolox specifically, but users of varying servents. People who queue up hundreds of different files to download at a time. People using programs which ignore "Not Shared" or "Refused" replies, and continue to pound my box looking for files that don't exist.
I was out of town for a few days last week (all computers turned off, except for my router box). When I came back, I fired up my Gnutella program. Without even connecting to the network, I was immediately serving uploads. That means that someone was trying to download from me for three full days while a) the files were not shared, b) Gnutella wasn't running, and c) the freaking computer wasn't even turned on! Come on, servent authors: pay some attention when you get "Refused" or "Not Shared" responses. Drop such files from the queue after 2 or 3 failed tries, don't leave them sitting there for eternity.
I want a setting that says "drop all packets from hosts who request a no-longer-shared file." I want a setting that says "drop all packets from hosts who attempt to download while the program is running but not connected to the network." I want a setting that says "drop all packets from hosts who send download requests more than $TIMES per minute." My per-user upload limit is set at 1, so someone queueing up 200 files at a time generates an enormous amount of protocol overhead. It might be 5 hours before that user gets all of his 200 files, all the while he's sending a constant barrage of packets which accomplish nothing.
Gnutella is an open network. Yes, we do need to do something about read-only clients, but I think it should be up to the people to decide what gets done. Provide the users with the appropriate filters and let the majority determine what behavior is good vs. bad.
Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
Because Gnutella wasn't designed, it was hacked up in a weekend as a little closed source Windows file sharing app. Completely unscalable, completely insecure.
After AOL stamped on the writer to remove the program, lots of people reverse engineered the protocol (which was almost trivially easy), and wrote their own clients. Because it was the time of dot-com mania, lots of commercial and semi commercial applications sprung up using the same protocol, without any of the authors ever bothering to consider whether the protocol was usable at all.
It's only now, about 3 years later, that we're finally seeing work to move 'Gnutella' into a more workable system (see the superpeer system of Gnucleus, for example).
-- Help Digitise the Public Domain at DP.
> And the rest of us, frankly, ran out of quality files to upload after a while.
That's implicit in ratios, though. Ratios are - by definition - about quantity over quality. As you point out, imposing UL/DL ratios increases noise.
Not everything that can be measured matters; Not everything that matters can be measured.
All it requires is for about 100 or so people to put a file in a shared directory called Brittneyspearsbarebreasts.jpg or something along those lines. But instead of said picture actually being of Miss Spears beare breats, why not make it something else...such as possibly goatse.cx?
What is interesting to me is that this would be EXACTLY what freeloaders would do if sharing was required. Just something to think about for people who think they have the freeloader issue figured out. It's a lot more difficult than it seems, since file names and file sizes say nothing about the quality of the content being shared.
Also if current Gnutella clients were simply amended to have the option don't allow people with 0 files in their library to download, how long would it be before a client was produced which falsely reported files in it's library, files which didn't exist and you can never download.
If the cable/dsl providers were mostly selling symmetric rather than asymmetric services, I'd bet that those same users would be much less likely to restrict access. Furthermore, I think the providers are well aware of that, so don't expect symmetric service to become common anytime soon.
Here's what I do: Bitty Browser & Andromeda
The problem in general arises when you've set up a situation where if each user acted in both a rational and self-interested way, the system overall would collapse for all the users.
When designing any kind of multi-user system, it's critical to plan for the "what if all the users (or half of them) suddenly got very selfish." What results are things like disk quotas: central-system-enforced limits on individual behavior.
In a system like the gnutella network, where there is no 'central system' to enforce 'community-minded' behavior, the eventual collapse of the system can be predicted as a function of overall population, presuming that there are always a few people who are more selfish than the rest.
Centralized systems like Napster actually had an advantage in that the centralized servers could establish and enforce 'fairness' policies that kept selfish users from triggeringa 'Tragedy of The Commons'.
-Mark
The problem is inherently NP-incomplete.
You want a system without a central authority that can be shut down, so you create a peer-to-peer system.
The peer-to-peer system pretends to be a virtual network over a real network using point-to-point links to establish proximity relationships between sets of peers, mostly ignoring physical proximity and bandwidth constraints.
In order to force the proximity issue and address the bandwidth scaling issues, you invent a concept of "super nodes", which end up being self-selected.
In order to get better performance for themselves, people play "the prisoners dilemma", and rat everyone else out with clients that gang up on requests to ensure disproportionately favorable service.
In order to lock out these clients, you create a central authority, but try to make it decentralized (e.g. "karma", voting, self-regulation, etc.) to maintain the original design goals.
But there are too many strategies to use to attack this. The current "attacks" are taking the form of over-requesting to the point of denial of service... and these are people not intent on destroying the network.
Say you figure out a way to create forced altruism for requests... the node equivalent of the GPL on source code, when you can't enforce the GPL. The natural reaction will be to move on to the next "attack": the "bad guys" pretend they are multiple nodes by avoiding intersecting connectivity with peers, so that dual adjacency won't give them away, and let them be countered.
So you move to a different protocol for "super nodes"; you counter the next obvious attack ("pretend to be a super node") by locking down binaries ("blessed binaries").
But the next attack is to modify the kernel that is running the blessed binaries, and defeat the attack that way (a common "borg" attack on the "blessed binary" NetTrek clients).
Now take active attacks. "Automatic Karma" can deal with dummy files -- "poisoning"... at least until they start intermixing bad with good. But it can't deal with the other issues, without a client lock-down. At which point, you lose repudiability (original design goal out the window: legal attacks work again).
The only real way to deal with this is to define a new protocol that is not virtual point-to-point linked.
And that can be blocked at the routers, unless all other content moves to the same protocol, so it can't be discriminated against.
The only way you are going to be able to create a "blacknet" is to actually create a "blacknet".
-- Terry
Do you expect the same people who use the network predominantly for breaching copyright to care about the greater good?
Do you actually think they copyrights they're breaching have anything to do with the greater good?
Four companies have collectively monopolized music distribution, using copyright. Is this a good thing?
Get real. Record companies are scum. The artist would get more money if I mailed them a quarter, than if I bought the CD. Meanwhile, I would be giving the RIAA more money to keep it illegal to play legally purchased DVDs on my PC. I hope they all go bankrupt. Then we'll have competition.
I'll participate in a free market, but not the current abusive, short-sighted ologoploy. Tell me where I could legally download my 300 favorite CDs for a reasonable fee? I can't. Thankfully record companies don't have a long term business plan. They just keep trying to stifle new technology and get their business model legislated. They should be trying to provide the services people want. That's what they'd be doing in a free market economy. They're trying to tell me what I want. They can bite me.
Life is too short to proofread.
If they make it so that they can control who is on Gnutella, won't the RIAA be able to sue whomever has this control? Bad idea, folks. The simple solution is bandwidth limiting, and blacklists for IP's that are abusive.
BlackGriffen