Slashdot Mirror

← Back to Stories (view on slashdot.org)

Putting P2P To Work

Posted by ryuzaki0 on from the it's-all-data-anyhow dept.

An anonymous reader writes "Looks like some folks at IBM have had moderate success in getting P2P adopted within the corporate enterprise. One new paper on the site describes experiences in deploying a decentralized search network spanning machines in 43 countries. Another describes a system for peer-to-peer sharing of dynamic web applications instead of static files. The idea is to support development and distribution of simple modules that themselves form meta p2p networks. Neat."

15 of 131 comments (clear)

  1. fp by leerpm · · Score: 0, Interesting

    So is their source code available as open-source? :)

  2. Security? by cscx · · Score: 5, Interesting

    What stops you from doing a man-in-the-middle attack, as so to speak? I.e., what assures the integrity of the original files, and how do you know that you're obtaining an authentic file?

    1. Re:Security? by Chris_Stankowitz · · Score: 3, Interesting

      Well, for starters, I don't see why you would need a man in the middle attack on a LAN. To perform a man in the middle attack on a LAN you need a system on the LAN as well. At this point why bother with a man in the middle attack.

      I think the kind of security issues you would be most concerned about would be confidentiality. My guess would be that you only place insensitive files on the P2P network, or develop P2P software that has user defined rights. That of course could lead to elevation of privileges attacks. Either way you cut it.

      This is all still info that is "internal" to IBM. As everyone knows (or should know) the largest security risk that all companies face comes from internally to begin with. So its not as though these files are not accessible by a malicious and knowledgeable person on the inside already.

      There are many ways that the risk can be mitigated with such a system. I could go on for paragraphs on this. I think the concept of using P2P internal for corporations has many advantages and could be come a great tool. Much like any other means of sharing information digitally all the security risk will have to be assessed before it goes into "production"

    2. Re:Security? by JohnFluxx · · Score: 5, Interesting

      No no - look you just sign everything with pgp. The host has to inherently trust _someone_, so the key they trusts signs someones key who signs someone elses key and so on until you have a chain of trust to the signature on the pgp file.

      One way of doing this practically is to joe-bloggs sign his new files with his keys. Then some main server checks over it all, and signs his keys. Then you client get: 1) the file 2) the pgp signature of the file 3) the pgp signature from the main server of the pgp key

      This involves having a main server, however you don't need to talk to it.

      You need some way to make a chain of trust, and a central server/group of servers that everyone trusts is the easiest way.

      JohnFLux

  3. Coming into its own by dirvish · · Score: 5, Interesting

    First academia starts contributing to peer to peer development, now it is being used as a business app. Looks like the folks who would love to see p2p dissapear are out of luck.

    --
    FoundNews.com - get paid to blog.,
  4. For a real challenge, try P2P-ing the database by Hugh+G.+Rekshunne · · Score: 4, Interesting
    The paper discusses "sharing of dynamic content generators, web services, and web applications" using P2P.

    But as usual, the examples are of the trivial, "hello world" class.

    In the real world, dynamic content and web services are linked to some back end database server. Doesn't matter what kind of fancy distributed malarkey you put in place, everything gets serialized back to a skinny pipe when you reach the database server.

    Now a distributed database server based on P2P - that would be news. Oracle had such a project, code-named Andromeda, some 8 years ago but it came to naught cos it ain't that easy.

    1. Re:For a real challenge, try P2P-ing the database by mcroydon · · Score: 2, Interesting

      From what I can remember, Microsoft is currently working on a p2p database. I would love to see something similar implemented in the *nix community. I know it would be hard as hell, but it'd be nice to have something that sets up easier than an openmosix cluster, preferably something that you can install once and forget about...

      --
      6.02x10^23, baby!
  5. Other Upcoming Uses by Superfreaker · · Score: 5, Interesting

    Well,
    Earlier I posted to /. on a DRM solution I was deploying for a major record label. Some of you also know that these labels are paying companies to distribute files that look like real audio files, but turn out to be ads, or silence.

    With the system I built, they are going to give downloads of actual music files protected by DRM on these p2p networks, where upon playing it, you will be prompted for payment. You can make payment in the licensing window of WMP. It should be noted this only works for .wma files and not mp3's. However, most p2p users use apps like kazaa where selecting "audio" files will return wma's.

    It will be interesting to see how this works. It can obviously be circumvented using one of the DRM hacks, but I'm sure at least some will buy the files. Especially those on dial up who spent 15 minutes to get one song.

    Is it evil? Sure. Not as evil in my mind as those companies that distribute silence or ads on these networks. Please understand, I have all the same feelings as the concensus here has. But this is a necessary step for the industry to get with the times. The DRM at least will have unlimited play, cd copy, and move to portable device.

    Baby steps. Slow and steady wins the race.

    1. Re:Other Upcoming Uses by LostCluster · · Score: 3, Interesting

      Okay... So how long until somebody writes the one where it looks like you've downloaded the song and it then pops up the DRM window. User types in the info to buy, and off it goes to the hacker who charges a whole lot more than what he said he would! The risk of it being a fake one of these discredits the real ones, and this technology goes down the drain due to inability to be trusted.

    2. Re:Other Upcoming Uses by Superfreaker · · Score: 3, Interesting

      Again, please let me emphasize, I am an average /. poster with the same exact feelings. I have HATED all experiences with DRM before I started working with it.

      When I was initially apprached, I pushed MP3's hard, I even built the system around MP3's at first. They brought up DRM. I never worked with DRM and as I mentioned before, implementing DRM was the most horrific experience ever.

      I am not a hero. DRM IS WRONG, IMHO. But, it is the same with software serialization. Even that is wrong, but it is a fact of our use of computers. The only thing we can do is to make it as easy as possible.

      Ask yourself, What should DRM do? Not what it does (inconvenience people, anger everyone, etc..) It is to simply make sure that the people who paid for an item, get to play the songs, those who did not pay for the song, should have to pay. That is what DRM *should* do.

      Does it do it in all of my previous experience? No, of course not. Is it MS's fault, partially. What have I personally done different? Well, I made it a little easier and more transparent. Its it completely silent in its process? No, of course not, the toll just is not there yet.

      What do I think of things like palladium. I'm scared. But in this respect, I think I am doing a good thing, and I am proud of improving something so horrible. Again, I have the same concerns as most of us here (even if I am a Win developer :-)

      Hope that helps. I'm open to off list discussion...

  6. Meta Bracket This... by Quirk · · Score: 3, Interesting
    The idea is to support development and distribution of simple modules that themselves form meta p2p networks. Neat."

    The american anthropolgist and all around genius Gregory Bateson was among the first to investigate theories of meta bracketing as sources of information. His two best books 'Steps to an Ecology of the Mind', and 'Mind and Nature: A Necessary Unity' are both excellent reads and brilliant insights into the human psyche.

    --
    "Academicians are more likely to share each other's toothbrush than each other's nomenclature."
    Cohen
  7. another thought... by shaitand · · Score: 2, Interesting

    When will microsoft make a p2p filesharing app, will they include it with the next release of windows? That should piss the riaa off but I don't think microsoft cares as long as they use a propriatary protocol so it only communicates with windows boxes. I mean, Microsoft can afford to keep an eternal court case going with the riaa.

  8. Excellent for college application! by dethl · · Score: 2, Interesting

    Colleges could cut down on bandwidth due to the "abuse" of P2P applications by students and staff. With most networks at 100baseT, local P2P would be quick, easy, and efficient, and save bandwidth for other stuff. Still, someone would get onto Gnutella or Kazaa and download stuff, but then again, if one person downloads the new Harry Potter movie, the local P2P network can send copies all over the campus in a few seconds...that would kick a$$

    --
    "Some fight for law. Some fight for justice. What will you fight for? One day, you will see."
  9. give ibm credit by narkotix · · Score: 1, Interesting

    atleast they are giving all these technologies "devalued" by other companies and organisations - p2p, linux, etc - a shot...and they are making a wad of cash at the same time. Its great to see that a large corporation like ibm see what us "hackers, warez kiddies and 3l33t folks" have been using for quite a long time! They contribute alot and give it back to the community, just like sun and others like them do. Heck if your makin money off somtehing free, wouldnt it be "morally" right to give something back!

    --
    We played dungeons and dragons for 3 hours.....then i was slain by an elf
  10. P2O vs the Slashdot effect by TomRC · · Score: 3, Interesting

    What we REALLY need is P2P software for slashdotters, to counter the slashdot effect.

    It's practically the perfect application for P2P.