Slashdot Mirror

← Back to Stories (view on slashdot.org)

Putting P2P To Work

Posted by ryuzaki0 on from the it's-all-data-anyhow dept.

An anonymous reader writes "Looks like some folks at IBM have had moderate success in getting P2P adopted within the corporate enterprise. One new paper on the site describes experiences in deploying a decentralized search network spanning machines in 43 countries. Another describes a system for peer-to-peer sharing of dynamic web applications instead of static files. The idea is to support development and distribution of simple modules that themselves form meta p2p networks. Neat."

5 of 131 comments (clear)

  1. Security? by cscx · · Score: 5, Interesting

    What stops you from doing a man-in-the-middle attack, as so to speak? I.e., what assures the integrity of the original files, and how do you know that you're obtaining an authentic file?

    1. Re:Security? by JohnFluxx · · Score: 5, Interesting

      No no - look you just sign everything with pgp. The host has to inherently trust _someone_, so the key they trusts signs someones key who signs someone elses key and so on until you have a chain of trust to the signature on the pgp file.

      One way of doing this practically is to joe-bloggs sign his new files with his keys. Then some main server checks over it all, and signs his keys. Then you client get: 1) the file 2) the pgp signature of the file 3) the pgp signature from the main server of the pgp key

      This involves having a main server, however you don't need to talk to it.

      You need some way to make a chain of trust, and a central server/group of servers that everyone trusts is the easiest way.

      JohnFLux

  2. Coming into its own by dirvish · · Score: 5, Interesting

    First academia starts contributing to peer to peer development, now it is being used as a business app. Looks like the folks who would love to see p2p dissapear are out of luck.

    --
    FoundNews.com - get paid to blog.,
  3. For a real challenge, try P2P-ing the database by Hugh+G.+Rekshunne · · Score: 4, Interesting
    The paper discusses "sharing of dynamic content generators, web services, and web applications" using P2P.

    But as usual, the examples are of the trivial, "hello world" class.

    In the real world, dynamic content and web services are linked to some back end database server. Doesn't matter what kind of fancy distributed malarkey you put in place, everything gets serialized back to a skinny pipe when you reach the database server.

    Now a distributed database server based on P2P - that would be news. Oracle had such a project, code-named Andromeda, some 8 years ago but it came to naught cos it ain't that easy.

  4. Other Upcoming Uses by Superfreaker · · Score: 5, Interesting

    Well,
    Earlier I posted to /. on a DRM solution I was deploying for a major record label. Some of you also know that these labels are paying companies to distribute files that look like real audio files, but turn out to be ads, or silence.

    With the system I built, they are going to give downloads of actual music files protected by DRM on these p2p networks, where upon playing it, you will be prompted for payment. You can make payment in the licensing window of WMP. It should be noted this only works for .wma files and not mp3's. However, most p2p users use apps like kazaa where selecting "audio" files will return wma's.

    It will be interesting to see how this works. It can obviously be circumvented using one of the DRM hacks, but I'm sure at least some will buy the files. Especially those on dial up who spent 15 minutes to get one song.

    Is it evil? Sure. Not as evil in my mind as those companies that distribute silence or ads on these networks. Please understand, I have all the same feelings as the concensus here has. But this is a necessary step for the industry to get with the times. The DRM at least will have unlimited play, cd copy, and move to portable device.

    Baby steps. Slow and steady wins the race.