Stanford Researchers Trying to Protect P2P Networks

dirvish writes "New Scientist has a story about efforts from researchers at Stanford to protect peer to peer networks from attacks that could be permitted by the proposed Berman Bill. Neil Daswani and Hector Garcia-Molina of the Database Research Department at Stanford University have mathematically modeled the Gnutella network to discriminate between nodes and supernodes. They then tested the nodes to find which rules could be applied to best avoid a malicious node on the network thus conserving bandwidth."

Is all this work really worth it??

[TooCynical]

Maybe the goal of all of these legal machinations is to make it all so much work that it is no longer worth the effort to take the short cut.

Re:Is all this work really worth it??

[Paradox+!-)]

Well, I think userfriendly put it best, in that case.

There's a trade-off the RIAA and others like it (MPAA) don't realize. The kind of tactics they're using are not just driving people away from the sanctioned download sites, but they're driving people away from CDs themselves!

They're hurting their own user base. Right now, it's a very small percentage of that user base, but it's the educated and motivated portion, which is a danger to them in the long-run.

The Republican takeover of the (U.S.) Senate has at least one positive outcome - the indefinite shelving of the Hollings bill.

Re:Is all this work really worth it??

[icewalker]

If the Berman bill is passed, would not this research be considered a circumvention technology according to the DMCA?

JOIN the EFF. It helps.

[laetus]

Circumventing attacks technologically is a good thing.

But stopping Congress from passing bad laws is equally as important. Join the Electronic Frontier Foundation and help build a lobbying group that can defend our rights. Her's more info about what your money can do for all of us.

Honestly...

[acehole]

The riaa/mpaa are going about the whole P2P debacle the wrong way. Havent they learnt the lesson from what happened when they shut down napster? How many P2P services popped up in it's place? and they were even more sophisticated.

You can't cut the head off the p2p snake, you try and at least two or three take it's place.

RIAA/MPAA should be looking at other alternatives rather than going in guns'a blazin'

Re:Honestly...

Thing is, there is no particular alternative for them. They're "scribes in the age of the printing press". Their best hope, which will only slow their demise, is to do as the scribes did in england, and get the king to forbid printing except by royally approved people. That is to say - what they're doing right now, getting the government to pass laws outlawing progress.

They're also trying a tactic not very available to the scribes at the time of the printing press - the production of crippled printing presses that couldn't easily copy some documents. But that's like trying to legislate fixed-type printing presses when the movable-type printing press already exists. Again, won't work in the long run.

In the long run, the internet means that there IS NO "Information Economy". Economy as humanity knows it is effectively the redistribution of scarce resources, and the internet makes information non-scarce. Imagine your neighbour had a magic-car-cloning-ray. Would you begrudge him a clone of your car? You'd still have a car, he'd still have a car, everyone's better off.

It's not like he'd be stealing your car. Well, the internet is a magic-information-cloning-ray.

Re:Honestly...

[ReelOddeeo]

They didn't want Napster to stop trading all music

Ah, but they did want Napster to stop trading all music. I remember on CNet when I saw a major setback in their case when the Judge said that they needed to provide a list of all copyrighted materials that Napster should be blocking. (I'm not discussing here the merits of trying to block selected content.) They weren't able to just close Napster down, because it did have non-infringing uses. If their copyrights were being violated, then they needed to produce a list of the infringed upon works. This was a major setback, and not what they were asking for.

A few years earlier, they sued Dimond for the Rio mp3 player. Stop all playing of sounds on a new type of device, just because it could be used to infringe copyrights. For the same reason this failed.

They also tried to get rid of audio home recording. Remember even back in the 1970's when they started putting these scary sounding copyright warnings on record albums? They didn't want you even copying to a cassette tape.

They want Napster to stop trading all music, because then you would have a way to listen to music that they don't approve of. (This may sound insane, but it is a plausible conclusion from the facts.)

Re:JOIN the EFF. It helps.

[SpikeSpegiel]

More importantly, Join the ACLU. The EFF has practices that unfortunetly go against practicality. The ACLU is an old and established group that fights for our rights. They do fight for our first amendment rights anywhere, including on the web. Lobbying againt the right wing republicans and ashcroft is a good thing

Super-Node and Regular Nodes?

[Zech+Harvey]

This technology seems to be a bit limiting from the story, would someone be able to provide more detail? I'm a bit concerned that it would significantly reduce the ability of a normal node to request files indenpendently of everyone else. It seems right now alot of P2P services suffer from "Me too" style networks, where if it is new and popular, everyone has it. But if it is even remotely indie, it seems you're the only one looking.

(as a slightly off-topic aside) Maybe that's just my bad luck, but I've been noticing that trend for awhile now. I wonder if that was the work of the *AAs...plague diverse and robust information exchange systems with a monomeme. Hmmmm....

Don't you mean

[Rogerborg]

GNU/EFF?

this is just another example...

[Diver777]

of people being able get around anything the RIAA wants! Do they not realize that no matter what copy protection they decide to force on me that somebody will crack it.

If you can see it, and you can hear it, somebody will figure out a way to copy it

Any fighting back is simply bad business for the RIAA. They need to embrace the Internet, and include it in their business model in a much larger way. Gone are the days where people spend $20 on a cd, at least most people.

What about Freenet?

[Nicolai+Haehnle]

I thought Freenet - http://www.freenetproject.org/ - is supposedly designed with DOS attacks etc... in mind.

Yes, it apparently suffered from /. effect after the 0.5 announce, but things are improving.

Knowledge is power

[nuggz]

If the RIAA or another group knows more about how p2p works then everyone else they will have an advantage.

If other groups do research at least it will be a fair fight.

Maybe if looking at different types of attacks methods to protect against them will be found. If effective means can be found to validate requests this could go a long way to reducing all types of DOS attacks.

Attacking defending p2p networks is just a special case. This sort of research may be widely applicable.

Re:But are their motives good?

[smd4985]

well, since i know neil (he is my brother) i can vouch that his motives are good. he is very opposed to the berman anti-p2p hacking bill and he feels that any attempt to hack p2p networks will just be foiled by better p2p infrastructure.
also, i'm not positive who is funding his research (that info is all public, if you look you can find out for sure), but i think it isn't corporate in nature - i think it is the defense dept. the US defense element has a high interest in securing p2p networks from attack since future military operations might be based on p2p technologies.

What about legal attacks?

[SystematicPsycho]

It seems the most vicious and lawful attacks are the ones that go _noticed. They also come along with large costs and could shut the whole network down. These attacks are from music industry and hollywoood based corporations. Not only that but they probably pay malicious hackers to carry out real attacks.

How to respond: find those loopholes and exploits in the legal system. Patch and re-open with a new and improved legal proof network. Continue the work at Stanford.

and once again...

[RebelTycoon]

Nothing will stand inbetween a geek and his porn.

Nothing like earning a Masters/Ph.D that has practical business application.

The answer is rather simple.

[asdfasdfasdfasdf]

Someone needs to come up with a network that has file-rights management that lets you literally *share* your music. Once every device is wireless, even with DRM, you can just own say 25 CDs, and you can allow them to be shared into the network, so long as you lose the right to listen to them as they're being played on someone else's device. Because you (currently) legally own the right to share it (ie, give it away temporarily, as you would a pressed CD), once you've listened to a song, it's released back into the system for someone else to borrow.

Basically, the system will allow you to legally borrow on a song by song basis. This should meet all current legal issues, because you will not be able to listen to a song while someone else is. But, because everyone doesn't listen to the same song at the same time, not everyone has to own every CD.

Even if DRM is implemented, there must be a way to transfer a file from device to device (assumably removing it from one device) This "system" will just facilitate that transfer on a temporary, song-by-song basis, and keep track of who permenently owns an individual song.

Think of it as a "universal library."

I would love to see the record companies try to find some problems with this. I think the supreme court would smack em on their collective asses.

Wireless+"True Sharing"+Lending Distributer = Totally legal way to screw the record companies.

Re:The answer is rather simple.

[brassman]

Unfortunately this common-sense approach has already been shot down in flames. Remember the site where you had to prove that you owned the physical CD before you could access an online copy of it? That should have withstood legal challenge -- but it didn't. The recording industry somehow found the best judge money can buy....

Re:JOIN the EFF. It helps.

[Erasei]

Lobbying againt the right wing republicans and ashcroft is a good thing

That is your opinion, and you have every right to it. It just really bothers me when people say their opinions as facts that everyone else should acknowledge. Personally, I signed a petition showing my support for Ashcroft, which I would sign it again today if it was needed. He agrees with a lot of the things that I agree with. And, Yes, that is my opinion. The ACLU fights for the rights they believe in. Granted, not ever group can defend all of our rights. That is why you should support the group that most aligns with your own ideals. In my case, it would be the EFF, and Ashcroft. The two are made up of- and are people just like you and I. Just as we don't agree, in some cases, they don't either. Such is life.

Long Term

[AntipodesTroll]

In the long term, the most that you can say about the proposed bill, and research into protecting p2p, is that it will simply turn into a technological arms-race.

That will continue indefinetly, the real answer is not to allow such a blatantly stupid and damaging bill to be passed, and if it is passed, to get it struck down as soon as possible. Passing the technological edge back and forward in a war between the media monopolies and their p2p opponents, might sound fun to some, but its not the real answer.

Re:JOIN the EFF. It helps.

[Steve+Franklin]

"which I would sign it again today if it was needed"

No comment required on the above. These are indeed Asscraft's constituents.

The above story describes a classic example of a technical fix for what is essentially a political problem. That congress would even consider a bill legalizing such nefarious activity on the part of a corporate elite speaks volumes about who these people in Washington really are. Though I do believe that the difference between Republicans and Democrats is only a matter of degree, I must say that Asscraft has taken political demagoguery to a level heretofore unknown since the invention of writing.

"Lobbying against the rightwing Republicans and Ashcroft is a good thing."

I would only amend this to say that "lobbying against the rightwing" politicians of whatever party "is a good thing." I would also dare to suggest that lobbying against leftwing politicians who have fallen under the charm of massive corporate campaign contributions to the extent that they support bozo legislation that can only lead to a technological spy-vs-spy series of escalating dirty tricks is a good thing.

Will the riaa ever figure out...

[rynthetyn]

...that they can use piracy to their advantage? In the weeks before Eminem's latest album The Eminem Show was released, people got a hold of bootleg copies of the album, and it became fashionable to be seen driving around with The Eminem Show blaring from your car radio. The presence of pirated cds didn't hurt the sales once the album was released, instead, it just increased interest in the album, and it would be interesting to see how many people went out and bought that album in the first week just because of the publicity from the pirated copies that were floating around.

The RIAA needs to figure out that they can capitalize on the piracy, because whether pirating music is ethical or not, it's going to happen. I wouldn't be surprised to find out that the pre-release bootleg copies of The Eminem Show were really part of a stealth marketing campaign or something.

Re:Bad analogy

[aussersterne]

I do believe the auto companies would be quite upset if people stopped buying cars

But you are missing the point. If we can now clone cars, there is no need for automobile assembly lines, since we can *all* have a car. What the IP proponents are proposing is that the cloning machine be outlawed in order to keep the auto manufacturers in business because they have some inherent right to exist, even at the expense of the populace at large. NOT COOL.

"But who will design the new cars?" some will ask.

Listen, if we have cloning machines and everyone can clone what they need, there will be a great deal more time for hobbyists who like to design new cars to come up with really fun new designs on their own. And as new designs come out, *everyone* can have one. No artificial limits, and everyone benefits, you see?

This is exactly what happens now in the free software community, so often maligned as idealists and communists and whatever else... but nobody can deny that the software is excellent... and that the programmers who work on it are happy, because they can work on what they like to work on, contribute it to the world, and expect other peoples' excellent contributions in return... it's a wonderful new age. Why kill it to save some company?

Missouri told me what Ashcroft was

[paiute]

I had no opinion of Ashcroft until the good people of Missouri, who presumable know him best, voted for a dead man instead of him.

Re:JOIN the EFF. It helps.

[Glytch]

Or maybe the engineers will just kill the legislators with their missiles and avoid the problem entirely. It's hard to pass laws when you're dead.

But trying to tell legislators "we know better than you" is immoral.

Yes, god forbid we should tell our elected representatives what we want them to do. Who the hell do we think we are? Citizens?