Slashdot Mirror
NSF Grants for Decentralized Infrastructure Research
billbaggins writes "The NSF has given a grant to the IRIS project to research something called Distributed Hash Tables as a tool for creating networks that don't have "centralized points of vulnerability". The chief purpose seems to be to stop DoS attacks, intentional or otherwise. Check out their press release (text or Word format) and also the news coverage (CNN and NYTimes, among others)."
http://slashdot.org/article.pl?sid=02/09/25/171322 4&mode=thread&tid=95
I guess they're more worried about Votester than we thought!
Mordor...a magical, mythical land where women are more rare than dragons--but where every man would rather find a dragon
The RIAA won't stand for this. They want the power to DoS and are pushing legislation to make it legal for them. So this will probably be in violation of the DMCA somehow. They'll get their bloodsuc- I mean lawyers right on it.
The /. effect!
s200.org - visit it (me), love it (me).
They must have heard about the "Slashdot effect"
Welcome to the land of the free...pay toll ahead...no photography...please open your bag...
Who knew hemp could also help improve the internet?
"However," replied the universe, "The fact has not created in me A sense of obligation."
You think that the NSF would be more concerned with seceding and watching out for UNATCO, but I guess they need a decentralized network to subvert the world data hub housed at Area 51...
Hmm. It seems this could be used to cut down on the time spent doing nitty-gritty stuff on each P2P project. "Gnutella like" projects might in the future spend more time doing GUI clients instead of implementing P2P specifications and protocols.
It will be interesting to see which areas are going to be covered. I guess a way of identification will be included, so the "traditional" P2P projects will probably have to spend some time counter the identification stuff as well.
In a society that believes in nothing, fear becomes the only agenda ~ Bill Durodié
"The Non-Slashdot-Fund has dumped a load of money to the IReallyIsn'tSlashdot project to research an anti-slashdot technology called Distributed Hash Tables as a tool for creating networks that are involnerable to slashdots. The chief purpose seems to be to stop Death-of-you-by-Slashdot attacks, from front page or otherwise."
What we see depends on mainly what we look for. -- John Lubbock Now search for that bug slave!
Agreed, ICQ can take up 25%+ of your cpu, Internet Explorer Download Manager will take up 20%, Chimera will eat 30%, top will take 10% as a monitoring fee, and your mouse cursor moving will take up 10% leaving 5% for remaining programs and visual effects.
What we see depends on mainly what we look for. -- John Lubbock Now search for that bug slave!
Well last time I was in Amsterdam they had these "Distributed Hash Tables". After about 2 hours I was feeling very decentralized.
Funny thing, last few years people have been calling client/server systems distributed systems. For me they are not distributed as the architect has simply decided to draw a line some where between the datafocused stuff (the provider) and the end user interface fluff (the consumer) and separated the logic into two components (often on separate nodes) The relationship on a conceptual level is always 1..* where many identical consumers use one and the same provider. For me distributed is P2P where a node can both provide and consume data centered services, rather than simply relying on others provide or consume (file-swapping p2p and the SETI apps are good examples).
Anyway, that's my immediate reflection.
In a society that believes in nothing, fear becomes the only agenda ~ Bill Durodié
Wasn't that the goal of the ARPANET project that led to the Internet in the first place? I guess it didn't work.
It's Slashdot's evil twin... SlashNOT
Can anyone explain to me how this is different from Freenet?
Freenet has a Decentralized Architecture, which is specifically designed to resist DOS attacks, by making each client that views the page into a possible server..
With freenet, any DDOS attempt would actually make the content MORE accessable, as it spread it to more and more nodes..
Colin Davis
god this got modded up? i swear, all someone has to do is mention freenet on slasdot, sigh..
It's not like freenet. freenet searches work just like gnutella, randomly. it's a completely retarded way to organize a network. A distributed hash table like Circle solves this by organizing the network in a logical, storable and efficient way.
Basically compare a binary search vs. a random search, where the random search is like O(n) except you may just miss something.
-Jon
this is my sig.
Thought the I2 said it would never have DoS/DDoS problems because everything was decentralized? Granted, all the schools/gov't are keeping it under lock and key, and virtually unatainable by any single entity (oc3 minimum dedicated connection).
Anyways, sounds like some kids who helped design this part of I2, finnally graduated, and decided it needed to be implimented on the regular Internet...
On the other hand, the I2 was supposed to be in heavy use about 3 years ago...
Becuase this story was posted on Wednesday already. Not only that, but it was the very last story on the topic of the "Internet". Either the mods have short memory loss, or they did not bother to look at the first posting which mentioned the IRIS grant as well.
NOTE to Mods: DifferentTitle != DifferentStory
sdf
All networks have some centralized point of vulnerability. I really fail to see how distributed hash tables will reduce the vulnerability. The internet is probably the most decentralized network in the world, and even it has very vulnerable points. Someone attacking the internet would have a hard time taking it down, completely. However taking it down to a point of general unusability is within feasability given the current situtation and architechure. Today's internet has some very vulnerable points, namely the clients. A worm written in java that abused multiple platform security hole could easily render the internet unusable. I really fail to see how any sort of research is going to solve this problem. A better approach IMHO would be to
1) elminate completely the use of plaintext protocols
2)Start using our CPU's to the fullest using the computer to gaurd against software failure. One easy step would be to eliminate decrementing stacks. It's alot hard to overflow into a a memory space behind you then ahead of you.
Just my 2 cents
Berners-Lee wanted a peer to peer Internet. Not centralized web servers broadcasting to the many.
t ml
c leID=0 0048144-10D2-1C70-84A9809EC588EF21
http://www.apple.com/macosx/jaguar/rendezvous.h
Rendezvous and P2P, along with other technologies could put the distributed back into the Internet.
Making it closer to what the designers intended.
[The semantic web]
http://www.sciam.com/print_version.cfm?arti
Two well-known academic DHT projects are Chord and Kademlia.
Kademlia is the basis for VarVar and EDonkey's successor, Overnet. There's an experimental effort to add a Chord-style query routing option to Gnutella, to find exact files over the whole network with far less traffic.
sup
Freenet searches do not work like Gnutella, as you would know if you knew anything about Freenet.
Freenet's search has, through multiple independent simulation-based studies (cited in the link I give above), been demonstrated to have logarithmic scalability, not the linear scalability you claim.
To inject some facts into this conversation - Freenet isn't exactly the same as a distributed hashtable, as it doesn't guarantee retrievability of information, but this is probably an inevitable consequence of achieving Freenet's goals, and Freenet's developers aren't shy about it.
The claims you have made about Freenet are total FUD.
I'm certain this is just a clever move by those NSF terrorists to facilitate their upcoming anti-UNATCO plots!
A quick Google search reveals these tidbits on DHT vulnerabilities:
Security Considerations for Peer-to-Peer Distributed Hash TablesAchilles Heel of the DHT
You may stop prevent conventional DoS attacks, but denials of service will never die. Just give it a reason to adapt.
Route this, you motherfucking ass-hats!!
Route this, you motherfucking ass-hats!!
Um... yeah!!
I'm a homosexual, BTW.
heh
Version 1.0 by Anonymous Pancake
As an assistant member of the security team of a large fortune 500 company, I have discovered a new form of terrorism stemming from the deepest underground of the Internet. A site catering to hackers, communists and anti-Americans called Slashdot.org has created a new type of denial-of-service attack known as 'the Slashdot effect'. This attack has been used against what are seen as the enemies of the 'Open source movement' which include many large American companies such as Microsoft as well as many American media companies such as Time-Warner-AOL. The Slashdot Effect could have a potentially crippling effect on the American computer industry and I feel it is justified to offer my own advice on this problem.
What is the Slashdot Effect?
The Slashdot Effect (also known as Slashdotting) is a new form of denial-of-service attack stemming from the site Slashdot.org. Once they find a 'target' (whether it be a large media company or small personal homepage) the URL of the site is posted on the front page of Slashdot.org. Members of this site attempt as quickly as they can to follow these links and overload the target server. This causes the 'target' website to slow to a grinding halt before going offline. It can sometimes take days or even weeks for the site to recover from such a surge of traffic, and often the servers can be damaged beyond repair (that is, they cannot be fixed with a simple defrag!).
Who is normally the target of the Slashdot Effect and how is it done?
Many American companies have already been attacked by the Slashdot Effect. Targets often include news sites such as the New York Times as well as well as large American companies such as Intel. Sites that criticize the open-source movement are a prime target. For example, lets say an American media website such as the London Times does a review of a little known operating system known as Linux. Linux is an operating system developed by a hacker from communist Finland, which is based on code stolen from an American operating system known as Unix. It was created in cooperation with a communist group known as g.n.u. (Which stands for Glorified Novelty Unix) and is generally unusable by non-hackers. Obviously since it is such an archaic and unstable operating system compared to those made by American companies such as Microsoft it would get a bad review on the London Times. Once a Slashdot member discovers this honest review the URL would be posted on the front page of Slashdot.org. A flood of users would follow the link to the site and bring the server to a grinding halt. Since most of these users are terrorists they would probably have ads disabled using European hacking software. This would mean a potential loss of thousands of dollars worth of ad revenue. To top it off, members of Slashdot.org often plagiarize the articles and post it on illegal mirrors, furthering the loss of ad revenue. Members of Slashdot are rewarded for plagiarizing in the form of 'Karma', a form of hacker currency, on Slashdot.org.
What can I do to avoid the Slashdot Effect and how would I deal with it if it happened?
The easiest way to avoid the Slashdot effect is to refrain from posting anything about any open-source software, especially Linux. Focus your website on fine American companies such as Microsoft. You can also set up your server to reject any links from Slashdot.org, something many people have done. If you think your site is being attacked by the Slashdot Effect, contact the authorities immediately and report this act of terrorism. The penalties against hacker/terrorists are stiff and you can feel confident that the perpetrators of this terror will be punished in the harshest possible means.
Good luck and God bless America!
The slashdot crowd should be sending serious funding in the way of this project.
...ceterum censeo Carthaginem esse delendam.
The ARPAnet was designed in such a way that given relatively static and constrained topology (with unpredictable connectivity) there was a reasonable certainty that a message arriving at a controlled access point could eventually reach its destination provided some route was available, however indirect. That's a tractable problem.
The (commercial) Internet does not have a relatively static or constrained topology - if it readjusted its routes in the same was as the ARPAnet did, the only traffic that would ever travel on the Internet would be continuous routing updates. It also depends not only on a few critical messages eventually arriving, but on a mass of traffic from arbitrary locations being conveyed without a significant deviation from "normal" throughput. That's an intractable problem.
Without significantly greater control (and you'll all be voting for that, right) the best the Internet can hope for is that all that massive overcapacity of fibre provision in most of the western world is deployed to provide some redundancy and headroom to deal with DoS.
However, that isn't a particularly interesting way to spend government money - perhaps they'd be better trying "remove viewing" to spot those foreign hackers in action...
Slashdot is run by Cheney. He sends us like lemmings towards evil lefty websites so that those who truly need to be educated in the ways of socialism (e.g: monkeys that can control robot arms) can not access the sites. It is all a cunning plot...
s200.org - visit it (me), love it (me).
And they're starting their initial experiments with slashdot, by distributing multiple copies of each story to provide redundancy.
All the major DHT groups are involved. I wonder which DHT they're going to use.....
Rice: Pastry (n-Hypercube)
MIT: Chord (Ring-based)
Berkeley: Tapestry
ICSI: CAN (Mesh-based)
You probably have it configured incorrectly -
mine works great!
Other posters have made interesting comparisons with Freenet, etc., but this research initiative seems (from the limited information in the linked project funding announcement) to be about persistent and replicated global data sharing. (Well, I guess that Freenet does that grin :-)
For programmers: spend an evening or two playing with either JavaSpaces or IBM's distributed tuple space stuff - fun and educational if you havn't already checked it out.
-Mark
As my Programming Languages instructor would say "Insert any drug references here." when discussing Hash Tables as something other than a table where you keep your hash.
-- Any comments seen here are not mine, but a mixture of alchohol and lack of sleep.
This kind of system may be more resistant to technical problems like DoS, but I think that it's much more important for it to be resistant to political problems.
No, I am not talking about legal problems like court orders. If the system as any central point there is the problem of who gets to control it. With no center it will be much easier for everyone to agree on the protocol without endless politicking.
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
so I see a lot of misconceptions about what the ITR is. People say it's like Freenet, or gnutella, no. DHTs are all "structured" decentralized peer to peer networks. That means there is a well defined routing algorithm between any node and any other node given a node ID in the system. What's more, it gives you the ability to deterministically find an object, unlike any of the existing p2p software applications.
This is more about how to build large scale network applications such as multicast and file systems in an efficient way. DHTs like Tapestry (http://www.cs.berkeley.edu/~ravenben/tapestry), Pastry (http://research.microsoft.com/~antr/), Chord (http://www.pdos.lcs.mit.edu/chord/) and CAN are MUCH better at finding a single unique file than anything before. You can use it to find copies of britney spears, but that's not the point.
Finally, these systems perform with contraints on performance, unlike Freenet. You're guaranteed to either find it or know it's not there (in the absence of failure corner cases) in a # of hops logarithmic to the size of the network. And all this is done without any super servers or supernodes to maintain the network. It is fully decentralized.
Please quit being such a whiny little faggot, mmmk?
kthxbye
Um, yeah. How exactly can you configure an MP3 player incorrectly? It is what it is... slow.
- Chord from MIT.
- CANfrom
ICSI.
- Pastry/Tapestry from UC Berkeley/Rice.
- Kademlia from NYU.
Now look who the NSF are funding for IRIS: MIT, ICSI, UC Berkeley, NYU, Rice. All the main DHT people in one project. That's got to be good.- Fzz
Achord is a DHT that can give some Anonymity protections.
You're just jealous because the voices only talk to me.
Last night the power went out. Good thing my camera had a flash....
The neighbors thought it was lightning in my house, so they called the cops.
-- Steven Wright
- this post brought to you by the Automated Last Post Generator...