Peer to Peer and Spam in the Internet

RobertDHaskins writes "A very interesting series of papers from Helsinki University of Technology on the topics of P2P and spam. Written by PhD students they are a little long, but some very good coverage of the state of the art."

Google HTML Link...

[bc90021]

...for those that don't wanna read the PDF:

Here.

Re:Google HTML Link...

[Woogiemonger]

...for those that don't wanna read the PDF:

Got another link? That HTML version yer pointing to only goes up to page 49 out of well over 100 pages. I guess google's automatic PDF to HTML conversion caps itself at 49 pages.

Re:Google HTML Link...

[Elvisisdead]

Could also possibly be because the free plugin for Acrobat 5 that OCRs PDF files will only do 50 pages? So maybe it's Adobe's plugin that capped it when Google used it?

Re:Google HTML Link...

[/dev/trash]

And what is wrong with reading a PDF?

Re:Google HTML Link...

[kwenda]

And what is wrong with reading a PDF?

Well, for starters, it takes longer to download the file and then to have the viewer application open than it should.

Secondly, the text in Adobe Acrobat is, by default, harder to read than whatever font you have your browser set to, and isn't possible to change the font in Acrobat Reader. This is annoying.

Thirdly, try to use the oh-so-intuitive text-select tool in Acrobat reader to select a paragraph from this document. When you reach the end of the line, the selection continues in the NEXT COLUMN. That's not only annoying, that's retarded.

PDFs open in a non-standard interface in which the functionality is changed from whatever browser the user was using has changed. In IE, they default to opening in the same window, with the Adobe interface at the top of the window. Would you like a printout of the webpage? Well then you had better not click 'Print' in the IE toolbar, or in the 'File' menu - because all you'll get is a blank page. This is frustrating to computer literate people and damn confusing to computer users (yes, there is a difference).

So you say you want something that allows you to deliver a document online to many people, and you want to have control over some text in columns, a few bulleted lists, some small simple graphics and some hyperlinks? Use HTML. PDF is overkill for this - it's fine for delivering something to a publisher, say - even though they'd probably want it in another format. PDF is the bane of web document delivery.

If you need a form on your webpage that people can fill out, that needs to look the same no matter what, PDF is good for that. IRS Tax forms, for example. This is a fine application for something like PDF. Articles are NOT.

PDFs are annoying to users, they are more difficult to use and deal with than plain HTML even though they offer no big benefit (for this situation), they are larger than they need to be for the task that they are being used for, and they just don't make sense. Don't force your site's users into PDF unless you absolutely have to, because you'll also be forcing your users away.

Re:Google HTML Link...

[BeyondALL]

..those lazy people over at Adobe won't port AdobeReader to his self written 1337nix maybe...???

Re:Google HTML Link...

[mad.frog]

Dammit, I wish the /. editors would put something like [warning, freaking slow-to-load PDF link] next to PDF links!

It's not quite as bad as stealthy goatse links, but damn, it's close.

Re:Google HTML Link...

[jonadab]

> And what is wrong with reading a PDF?

1. Acrobat Reader ignores my system colour settings and displays the document
with black text on a white background. I'll go snowblind in two minutes.
This is a deal-breaker for me; it's not just about what I want to do; I
*cannot* read long documents in this format. (My eyes are more sensitive
to light than average; it's an accessibility requirement for me that I
be able to enforce a toned-down color scheme for everything.)
2. Acrobat Reader ignores my font settings and displays the text in whatever
ugly and hard-to-read font the author chose.
3. Acrobat Reader requires me to scroll to the bottom of each page, then
hit the next page button and *scroll back up to the top*. I can't just
scroll smoothly through the document like I can with a web page. I am
continually amazed that Adobe apparently continues to think this is a
reasonable user interface; I've seen better user interfaces designed by
high-school students creating "programs" in PowerPoint for English class.
4. Searching never works right in Acrobat Reader, and frequently text
selection and clipboard operations don't work properly either, so that
if I wanted to (say) quote a snippet of the article that I want to talk
about on slashdot, I'd have to retype it. What is this, 1982? I want
my clipboard, not excuses.
5. If I want to increase the text size, I have to just zoom in, and then
I'll end up with a horizontal scrollbar and need to scroll back and forth
as I read each line. If I want fewer words per line for easier reading,
I'm fresh out.
6. What's so wrong with HTML, which is actually very widely supported,
that people feel the need to go looking for other formats to write
their web documents in?

Re:Google HTML Link...

[JuggleGeek]

I hate PDF's. Hit page-down, wait 5 seconds (sometimes longer) for the next page to show. Hit page-up, wait again. They drive me crazy.

Re:Google HTML Link...

[Captain+Splendid]

Amen, brother, amen. The PDF's time passed in 97.

Re:Google HTML Link...

[Asprin]

I get around this by MANUALLY TURNING OFF THE FREAKING STUPID ACROBAT BROWSER PLUGIN INTEGRATION which, unfortunately, actually works for FireFox.

Maybe they'll 'fix' that problem with the next Firefox release - I can't for the life of me figure out why you'd want to look at a PDF in a window rather than download and save it, but that's just my opinion.

Ugh, that PDF link hung my browser...

[turnstyle]

Just a head's up...

Re:Ugh, that PDF link hung my browser...

I hate that. One of these days, I'll get around to fixing that here.

Re:Ugh, that PDF link hung my browser...

If you are using windows, it oftens appears that a PDF has hung the browser when it's actually the Adobe Reader sitting in the background with a dialog box asking if you want to upgrade your version. Try minimizing the browser window[s] and see if you can find a dialog like that.

-- former windows guy, just trying to be helpful

Re:Ugh, that PDF link hung my browser...

[l1gunman]

The hang-up for me comes when exiting the PDF view by going back to the linking page or exiting the browser. Takes a good 10 seconds or so to go back the first time. Seems to be less on subsequent trips back and forth. This has something to do with the interaction between the Adobe plug-in and, in my case, Mozilla.

Re:Ugh, that PDF link hung my browser...

[iminplaya]

I don't even open PDF's with my browser anymore, for precisely that reason. It will hang until it's finished downloading. If it's a big file, you'll being waiting for a response for a very long time. Just save the link to your hard drive, and open it with your reader.

Spam is very simple to fix.

[Pig+Hogger]

• Follow the money
• Block networks who let spammers send traffic on them, no matter if it's SMTP, DNS, FTP or HTTP

Once a few big guys find themselves turned into intranets, they'll start paying attention.

Re:Spam is very simple to fix.

[ron_ivi]

Or use a "sender pays but only if the recipient wants to charge" scheme.

For example, every email has a button saying "charge the sender $0.10". It's at the recipient's option whether or not to charge the guy.

For emails from friends I'd never hit the button. For spams I would.

Re:Spam is very simple to fix.

[MicktheMech]

For emails from friends I'd never hit the button. For spams I would.

Yeah, but some people would just make everyone pay. I'm sure it's a supportline operators dream. It may not pay much, but it would definitely recoup some expenses. The minute there's a possibility that I'll have to pay for every e-mail I send is the day I stop sending them.

Re:Spam is very simple to fix.

Yeah. Real easy to fix. That's why it has been fixed. Try that bs. when the spammer is in Russia and is clustered across three different ISPs. So you want to block Russia from the Internet ?

The current spam law is absolutely going to move spam out of american internet space and into foreign countries. Then it becomes a political issue. You know how quickly political issues get solved.

Honestly, you sound like a marketing engineer. Stay away from the network mmmmkay ?

Re:Spam is very simple to fix.

[IamGarageGuy+2]

I don't think that will work. You will end up having to hit that stupid "charge sender" button repeatedly, the same way you delete spam now. Also what makes you think you will get a dime from a spammer, how would he pay without havng a Big Brother approach to all email? I wish I had a good idea instead of just shooting your idea down. I would love to see you come up with a way to make that work though.

Re:Spam is very simple to fix.

Parent wrote: "You will end up having to hit that stupid "charge sender" button repeatedly, the same way you delete spam now. "

Raise the price to $0.50 / email, I'd actually enjoy it.

If I can get through 5 spams / minute I'd be making and extra $100/hour just for reading email.

Re:Spam is very simple to fix.

[powerpuffgirls]

That'll probably create another 'profession' after the Spam-Boom.

(Note in all lower cases now in the post-Spam-Boom era)
work from home and make $3000 a day by clicking the charge button

Re:Spam is very simple to fix.

Parent wrote: "Yeah, but some people would just make everyone pay."

Some people make their friends pay when they every time they go out to lunch too. Those people end up with fewer friends.

(Oh and if they're poor, I don't mind if I pay for emails or lunches.)

Re:Spam is very simple to fix.

[IthnkImParanoid]

So spammers rely even more heavily on hijacked machines, and my grandmother on social security suddenly has a $100,000 bill from her ISP.

Don't see that happening.

Re:Spam is very simple to fix.

[Stalus]

For example, every email has a button saying "charge the sender $0.10". It's at the recipient's option whether or not to charge the guy.

The problem then arises that someone could wage a financial war against any service that sends any sort of e-mail to their users. So, say for instance that someone gets ticked off at slashdot, registers an account, gets a password sent to them and hits the button. Granted, the service could refuse to e-mail anyone that has charged it, but that doesn't stop an army of slashdotters from attacking someone like SCO or Microsoft.

If we could determine which e-mails were legitimate and which ones weren't so that we could decide which of these charges are legitimate, we wouldn't have the spam problem in the first place. I guess the solution is to force users to e-mail you, so that you can e-mail them back.. and then if they charge you, you can charge them back. But does the client trust that the server won't accidentally charge them?

The other question then is who gets this money? If the recipient gets it, then malicious people will just search for anyone to send them e-mail (more likely make a spider to do so) so they can get some extra pennies. If someone else gets it, who do we deem worthy enough to benefit from the e-mail wars mentioned above?

Overall, just sounds like an accounting nightmare, since someone has to account for whether or not an e-mail was sent or not - and then enforce things so that one recipient can only inflict the charge once.

Re:Spam is very simple to fix.

The other question then is who gets this money?

Simple. I do. Hand it over.

Sincerely,
Darl McBride

Re:Spam is very simple to fix.

[spentrent]

"Follow the money?"

Where? Straight to Canada and Asia?

Then we get the SortaInternet.

Psssst! Ever look for free porn on the Internet? If so, you are supporting spammers. Vote with your wallet.

Yeah, that's gonna happen.

Re:Spam is very simple to fix.

[WormholeFiend]

I've already blocked Russia ip adresses from sending me email.

I dont know anyone there, yet the security department at Microsoft.ru kept sending me friendly patches attached to their messages.

Re:Spam is very simple to fix.

[gnu-generation-one]

"Or use a "sender pays but only if the recipient wants to charge" scheme."

And find some other way of distributing mailing lists, implement it, and migrate all the mailing lists to it.

Re:Spam is very simple to fix.

[56uSquareWave]

This is something I have always said. I think a system where by IPs or ISPs (which ever is more relevant) get temporary bans after spam is logged. At the moment some ISP already bock IPs, for example Demon block all residential IPs, which means we have to use our ISPs smarthost.

But if a sliding scale of punishments was implemented, say:

days banned from sending mail = 2^number of offences so far

By offence that would be one bulk of spam, not each spam :) obviously with well defined definitions of what an offence is.

This would mean ISPs would have to take note, if they got banned.

Some would say that this could lead to ISPs playing dirty tricks on each other, but any good ISP will know who is using its servers and could sue the person who spams for loss of earnings incurred by the ISP being unable to send mail to the specific host. This would of course only work if everybody did it.

maybe?

Re:Spam is very simple to fix.

[FallLine]

So spammers rely even more heavily on hijacked machines, and my grandmother on social security suddenly has a $100,000 bill from her ISP.

Don't see that happening.

This concern is way overrated. The potential problems created by this "postage" model is much more tractable and minor (on a grand sclae) than those under the non-market based status quo. Once this "postage" technology is in place, ISPs would be free to enhance it to offer various security protections. For instance, only allow, say, 100 emails a days (a user-definable setting--but default) and notify the user if this happens. Alternatively, warn the user if X emails appear to be spam or are too identical (perhaps send them a visual challenge/response request after 50 emails--remember the false positive ratio wouldn't have to be nearly 0%). This would jack up the complexity of spamming orders of magnitude, the cost for the spammer (having to find new security exploits), and would also give the government a lot more teeth with which to pursue them. Connecting to an open proxy is one thing, literally hacking their machine and stealing money is quite another.

If spammers are in the business of hacking machines like this, then it seems to me that there's a lot quicker and safer ways to make money.

Re:Spam is very simple to fix.

[I7D]

After reading the bill your grandmother would probably see no problem with sending spam to all those nice people.

Re:Spam is very simple to fix.

[Pig+Hogger]

You're the one who sounds like the salesdroid. Only a salesdroid has such a blatant misunderstanding on how the Internet works.

Re:Spam is very simple to fix.

[netsharc]

What if some hot Russian girl is totally into you after seeing your picture on the internet, and sends you an email? That's what happened to me, and she's flying over tomorrow using a plane ticket which she bought with the money I transferred to her!

But wait, I don't have my pic online...

Re:Spam is very simple to fix.

[ForestGrump]

at making $100/hour, you can feel free to quit your McDonalds job and flag spam all day long.

Re:Spam is very simple to fix.

[Art+Pollard]

No, this is not the case. The way it would work is this: The sender deposits say $10 in a private (i.e., non-government) escrow account. When the sender sends e-mail, they would get a key from the escrow agency (certifying that the funds are present) and include it in the e-mail.

The recipient's e-mail client on the other hand would look to see if a valid key is present. If it is, then it would let the e-mail through and the user could decide if the e-mail is spam or not and whether to ding the sender say $0.10. The key would be used to obtain the funds from the escrow agency. If the key isn't present then a number of things could happen such as:

• The mail is trashed.
• The mail is filtered into a spam folder
• The mail is spam filtered (more closely) to see if it spam.
• A challenge is sent back to the user to make them prove they are human. (Like those numbers/letters you have to enter on some web pages to prove you are human.)
• Etc...

Not long ago, a spammer accidentally let their stats out as to how many people responded to a spam. I don't remember the exact figures but it was on the order of 20 responses (not purchases) per 100,000 spams sent. It would not take much cost to make it such that it is not cost efficient to send spam. (At $0.01, the above mailing would cost $1,000 which is more than one is going to get from selling a couple bottles of penis enlargement pills. $0.10 would be $10,000 which even more proves my point.)

The escrow agency would make money by collecting a percentage of the money charged the spammers as well as on the interest on the money in the escrow accounts. Would everybody be able to afford it? Yes, pretty much, $5.00 would last virtually indefinitely if a person didn't spam.

If the ICANN Spam act allowed for people to collect (like some state laws do and which ICANN did away with) then the whole spam situation could go away. If it allowed the recipient to collect say $10 per spam that would be perfect. Why? Some enterprising attorney could make a deal with an ISP (and their customers) to do the collections. Then it isn't a user going after $10 but an attorney going after $100,000 (1,000 users X $10.)

Just my $0.00002, this is SlashDot after all.

-Art

Slash what? And what is a .sig anyway?

Re:Spam is very simple to fix.

[JuggleGeek]

Or use a "sender pays but only if the recipient wants to charge" scheme.

It is currently not possible to tell who sent the mail. Spammers send mail claiming to be from my domain quite often. Are you planning to charge me when they spam you? Screw that.

Until email has a way to verify who actually sent it, you can't even start talking about billing for it. Once you can verify who sent it, I believe spam gets a lot easier to deal with.

Even without looking at the problems associated with "who does the billing, who tracks it, how do you avoid spammers joe-jobbing someone then billing Joe for the spam that he supposedly spent, etc, pay to email simply isn't ready.

And I seriously doubt that it will be needed or useful once the verification is possible - because it gets a lot easier to solve the problem then.

Re:Spam is very simple to fix.

[JuggleGeek]

So you want to block Russia from the Internet ?

Having never received legitimate mail from Russia, China, or Korea, I say to hell with all of them. Yeah, I'd block them. They can block me back - won't bother me a bit.

Way too long

[JohnGrahamCumming]

I don't have time to read a document hundreds of pages long, especially not one that's packed with information: I need a quick summary.

Could someone post a one line summary? For example,

Linux good; Microsoft bad; SCO evil; RMS god.

John.

Re:Way too long

[Tuxedo+Jack]

This is Slashdot. You don't have to read the article.

See?

Re:Way too long

[gkuz]

Could someone post a one line summary? For example, Linux good; Microsoft bad; SCO evil; RMS god.

Sure. Linux good; Microsoft bad; SCO evil; RMS god. Oh, and spam is bad.

Re:Way too long

[Hex4def6]

This is Slashdot. You don't have to read the article.

See?

I totally disagree with every point you've just made,
will go into great detail about why I think you're
wrong, and as an aside cast inferances on your lineage.

:P

Re:Way too long

P2P is to Linux as Microsoft is to spam.

Re:Way too long

[Bob+McCown]

This is Slashdot. You don't have to read the article.

See?

I totally disagree with every point you've just made,
will go into great detail about why I think you're
wrong, and as an aside cast inferances on your lineage.

And I'll point out your grammer and speeling mistakes, while makeing some of my own!

Re:Way too long

[Have+Blue]

I'll point out that you must be new here.

Re:Way too long

[MyHair]

And I'll post a troll. I think "ROT-13?" is becomming one now. Or I could go for classic *BSD is dyeing [sic], Stephen King or a gross pic link. Or perhaps I'll put offensive words in the subject.

Re:Way too long

I am new here, you insensitive clod.

Re:Way too long

This is Slashdot, you must be GNU here.

Re:Way too long

[vena]

and i'll form the head!

Re:Way too long

[Tenebrious1]

I don't have time to read a document hundreds of pages long, especially not one that's packed with information: I need a quick summary. Could someone post a one line summary? For example,

Here you go.
P2P- hot issue, good. Spam- hot issue, bad, no fix.

Re:Way too long

[Hays]

And I'll point out your grammer and speeling mistakes, while makeing some of my own!

Then I'll casually include a link to goatse.

Bias?

[gid13]

From the paper: "The idea was to learn about the disruptive and also annoying phenomena that have become very commonplace over the past couple of years in the internet: namely, the Peer-to-Peer traffic and applications and the unsolicited and unwanted e-mail or Spam."

I think bundling p2p and spam is either totally missing the point, or attempting to influence the opinions of people who don't know better. The users of p2p want what they get for the most part (maybe not viruses and fakes, but the author seems to be targeting p2p due to the copyrighted content).

Re:Bias?

[smharr4]

Indeed, while p2p applications may share illegally share content, they are probably not as disruptive as laid out.

Spam is far more disruptive, but is given less coverage in the document.

I would expect more from PhD's, I hope that these were written post-PhD, and not for a doctoral thesis, they seem to be very ill-informed.

Re:Bias?

[dreamchaser]

That wasn't the point being made. The discussion is about the enormous bandwidth requirements of both P2P and Spam on a large scale. Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

Re:Bias?

[happyfrogcow]

universities, from what i hear, have enormous problems with the amount of p2p traffic hogging bandwidth.

Re:Bias?

Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

Yeah, those poor ISP's having to endure their customers actually using the product they're selling them.

Re:Bias?

how is this interesting? It is reasonable to bundle p2p and spam in the same papers to point out that both make excessive use of system resources, and those systems aren't usually yours to (ab)use. However, the distinction needs to be made, and probably is in the paper (i havn't read it), that p2p is simply a tool, much the same as email is a tool.

Re:Bias?

[dreamchaser]

As in any business, you have to balance your input costs vs. the price you charge for your product. ISP's do NOT use a model where everyone is going to use their maximum bandwidth at all times. If they did then the cost would go up quite a bit. I have no problem with that, it's how the free market works. What would be interesting would be all the whining that would ensue, much of it from the people who use the most bandwidth.

I wasn't passing judgement, I was merely pointing out that the parent was incorrect in the assessment they made of the gist of the paper(s).

Re:Bias?

Yeah, and what about people who don't use P2P? We get something we don't want, viz. higher access costs that subsidize the 10% of users who use 90% of the bandwidth. You could argue that the "users" of spam, i.e. the dipshits who pay spammers to advertise for them, the assholes who get paid to spam, and the morons who actually buy stuff from the spam they receive, "want what they get for the most part," but just like in P2P there are significant numbers of people who don't benefit but pay a cost.

And another thing, just because something starts out with an assumption or axiom doesn't mean it's 'biased.' By that standard, everything is biased. The problem is hidden bias, not things that are clearly stated in the first sentence of the paper.

Re:Bias?

[Araneas]

The problem is ISP sell a model that tells users they can use their full bandwidth all the time. Except of course if you read the fine print on the AUP buried on some obscure support site.

What is "sold" is not what is delivered.

Re:Bias?

[gpinzone]

As in any business, you have to balance your input costs vs. the price you charge for your product. ISP's do NOT use a model where everyone is going to use their maximum bandwidth at all times. If they did then the cost would go up quite a bit.

Baloney. Prices are only partially based on the costs. Prices are more directly linked with demand and unbiased competition. Who decided that ISPs should make a certain percentage profits while other business work on much larger and smaller margins? The reason we pay what we do for broadband is because that's what the market will bear. If ISPs discovered a way to cut their costs by 10%, do you honestly think they're going to pass that savings on to you? Hell no.

Re:Bias?

[Suidae]

Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

This would be much less of an issue if network bandwidth providers would simply charge for actual amount of this limited resource that each user actually uses. Yes, its a bit more work for the provider to monitor actual usage, but it would more firmly link supply to demand.

It would also encourage people to demand better security from their operating systems so they don't have to pay the bandwidth charges incurred by DDoS and spam clients installed without their knowledge. ISP's could even provide abnormal usage warnings to give people a clue that something is happening (ie, Hello user, your email traffic has gone up by 123,475% this week, perhaps you should run a virus scan).

Re:Bias?

[dreamchaser]

You obviously know very little about how a business operates. No, they wouldn't automatically lower their prices, but they would as soon as one of their competitors started to steal their business with their lower prices. Of course demand has a lot to do with the equation, but input costs vs. output (profit centers) are the initial definers of the baseline cost to the customer. There are a lot of tradeoffs, and supply and demand can put upwards or downwards pressure on said price of course. However, the fact remains that the model used is not one where they expect everyone to consume maximum bandwidth.

Re:Bias?

[burns210]

It seems like a large RAID 0 cache server would be really useful for colleges, do they use them often?

If studentA download file X of 700 megs, and tells 5 of his friends who download that same file, that would save a lot of bandwidth if they could just pull that file of the cache server automatically.

Re:Bias?

[gpinzone]

No, they wouldn't automatically lower their prices, but they would as soon as one of their competitors started to steal their business with their lower prices.

Ah, but that's where your ignorance of supply and demand shines through. As long as people are willing to pay a premium for a product, no matter how low it costs, the providers will continue to charge that regardless of the competition. Unless you believe that prices eventually stabilize in the marketplace to be the bare minimum that every company can scrape by a profit and any miscalculation sends the entire market into bankruptcy. Yeah right. Just like the music industry charges more for CDs than tapes even though they're cheaper to produce. Cost driven, my ass.

The Internet cannot be run like the local phone company. I'm sure they would LIKE all data to be bursty (like voice calls) so they can keep multiplexing tens or hundreds of users on the same pipe. However, that's NOT how people WANT to use the Internet. Don't like it? Buy more pipes!

Re:Bias?

[happyfrogcow]

maybe, but colleges aren't in the business of supporting p2p apps.

Re:Bias?

[burns210]

agreed.

They ARE, however, in the business of trying to conserve resources(to an extent, atleast)... So using a web cache server may benefit p2p apps, it will benefit all web use... Downloading a trendy 1meg flash game or the latest linux distro or the.... etc, etc, etc.

P2P is in its infancy

[CrazyJim0]

Its true that a bunch of computers can simulate a server for a game.

If you have 6 computers transfering information to each of them, you can create almost the same environment that 6 computers feeding off a server is.

If you place the anti-cheat code on every computer, you form a community to check against cheats.

If you also store every character's information on every computer, then you can watch for hacks there too.

Given its extrodinarily complicated, and fails to mob rule(conspiracy of hackers to overwhelm the system)... Its something that could be done.

I'm sure theres even more complicated things you can do with P2P, such as organizing nodes for filesharing and so on.

Re:P2P is in its infancy

[jjeffries]

I'm sure theres even more complicated things you can do with P2P, such as organizing nodes for filesharing and so on.

P2P filesharing, what a great idea! I wonder when somebody's going to try to do that...

Re:P2P is in its infancy

Bravo, nice one! This is what subtle is all about folks...

Re:P2P is in its infancy

Funny but the article does not even mention games. Why don't you read the article next time Slashbot ?

Re:P2P is in its infancy

[Dukael_Mikakis]

What you say is true, and is the perfect solution ... in the same sense that Communism is the perfect government (don't call Homeland Security).

Communism depends on every person contributing (essentially) equally and taking equally, and the system falls apart if one (or worse, several) individuals decide to take advantage of the community.

This is why Blizzard had to instigate centralized servers where all the games are run, and all Diablo characters were stored. People were hacking and HexEditing their characters too much to be trusted.

The trust ring would help, but, like you say, a mob of cheaters can bring the whole thing down by sufficiently fooling the community into believing the hack over the truth.

I mean, just look at P2P (or filesharing) today. When grabbing something off of Kazaa, music you're downloading could be pr0n, or a different song, or a 30 second sample that the RIAA put on to prevent the real one from being grabbed. However, from a centralized, controlled server (iTunes) you know what you're getting beforehand (essentially) cheat-free.

Of course, with true P2P everybody gets access to the product mostly free, whereas in the capitalistic model of iTunes, one entity has all the power and control, and hence will be profiting from all of this.

Re:P2P is in its infancy

I mean, just look at P2P (or filesharing) today. When grabbing something off of Kazaa, music you're downloading could be pr0n, or a different song, or a 30 second sample that the RIAA put on to prevent the real one from being grabbed.

Sure, so you need someone to vouch for a file and some way of identifying that a file is the one vouched for.

At the moment that means something like Sharereactor.

Even assuming that sites like Sharereactor can't cope with traffic levels or fall to legal problems in the long term, a replacement peer to peer trusted reviewer system should be perfectly viable using encryption to guarantee the validity of a particular vouch for a link. Good reviewers, identified by their public key, build their reputation by word of mouth (or text of keyboard) just like the p2p networks themselves, or for that matter commercial sites, need to.

I don't think assuring quality will be as hard as you think it will.

Re:P2P is in its infancy

[Dukael_Mikakis]

a replacement peer to peer trusted reviewer system should be perfectly viable using encryption to guarantee the validity of a particular vouch for a link. Good reviewers, identified by their public key, build their reputation by word of mouth (or text of keyboard)

You mean like a poster/moderator/meta-mod system such as implemented right here on /.? Yeah, that's worked wonders for quality assurance on these message boards!

Re:P2P is in its infancy

[jpkunst]

You mean like a poster/moderator/meta-mod system such as implemented right here on /.? Yeah, that's worked wonders for quality assurance on these message boards!

In my opinion, it works quite well. Try reading /. at -1 for a while and see how much fun that is.

JP

Re:P2P is in its infancy

No. I mean nothing at all like Slashdot moderation.

If you have seen Sharereactor then you should already understand what I'm saying. In order to be able to verify file integrity you need a KNOWN (not anonymous moderator) source that you find reliable to vouch for the files. As a website, Sharereactor achieves this. I know when I go to that URL that I'm getting references from the source I've chosen. They don't provide the files themselves of course, and I don't need to download the file to check that they say it's a valid file.

If they (and the other sites like them) can continue to do that then the problem is already solved. If we assume on the other hand that a central source can't meet the bandwidth needs longterm (definitely a problem for Sharereactor at times) or that legal pressure closes down all such sites then we'd need an alternative way of verifying that we're getting a reference from the source that we're trying to. That can be done over the p2p networks themselves with the aid of encryption to verify source. That's it.

Re:P2P is in its infancy

[Dukael_Mikakis]

It is very interesting. So it'd be *similar* to browsing /. with "friends +5" and "foes -5" in that if you trust a certain particular UID, then you'll trust anything that user will say.

Except since the user doesn't provide the files, but only verify them, then it'd be like saying that Dukael moderated this +1, so I'll trust his judgment and give it more (additional) weight.

I'll definitely check it out, but I wonder if it actually improves the selection, or if it just saves you time from sifting through trash. I.e. I presume that there are no *more* files to get for any particular song (or whatever), but now you won't have to waste time looking for it?

Helsinki? Finland? Why in english then?

[MikeCapone]

Maybe I'm missing something, but isn't it curious that these papers from a Finn university are in english?

Re:Helsinki? Finland? Why in english then?

[bandy]

The Finns decided more than a decade ago that the Lingua Franca of Computer Science was English.

Re:Helsinki? Finland? Why in english then?

[CoolMoDee]

Because English is understood by more Computer Sciense people than Finnish, atleast that is my guess.

Re:Helsinki? Finland? Why in english then?

In Northern Europe people can speak generally 3 languages fluently. The have good schools there. They generally have better goverments as well.

Did I say that ?

I meant to say that they are a bunch of liberal left-wing socialist radicals who get their english training in order to become terrorists.

Am I American again ?

Phew!

Re:Helsinki? Finland? Why in english then?

[Turing+Machine]

Nope, not really. Far more scientific papers are written in English than in any other language, because it's the language most scientists have in common (this is different from being the language spoken by the most people; more people speak Chinese than any other language, but relatively few people who aren't Chinese speak it).

100 years ago, scientific papers were commonly written in German.

200 years ago, they were commonly written in Latin.

Times change.

Re:Helsinki? Finland? Why in english then?

[laalto]

If you look at the names of the authors, many of them look e.g. Russian. Not all students in Finnish universities speak Finnish.

Re:Helsinki? Finland? Why in english then?

So why are "Lingua Franca," "a priori," and other non-English phrases and terms used so often?

Re:Helsinki? Finland? Why in english then?

Because English is one of the few languages in the world that is not controlled by an elite organization that creates words, like say French where elitists invent words like "courriel". Thus words in English tend to be borrowed from other languages when they are available-- because it's easier to borrow than create anew.

Re:Helsinki? Finland? Why in english then?

[wili]

There are several good reasons. Listed in order of importance:

1) A good comp. sci paper written in Finnish would have zero circulation; the number of people that could read it is way too small (read: zero references, can't publish in any decent conference/journal).

2) The Finnish language lacks the necessary terminology in the not-so-well established fields. For example, I've published a couple of computer graphics papers in conferences and journals -- I couldn't have ever written those papers in Finnish, as I haven't got a clue about the "correct" (= made-up and never used) terms. In a similar fashion, I can't fluently follow computer graphics papers written in Finnish...

3) English is the primary working language at computer-related companies. For example, the company I work at has all of its code, documentation, manuals, customer communication etc. in English.

Re:Helsinki? Finland? Why in english then?

100 years from now it will probably be klingon...

Re:Helsinki? Finland? Why in english then?

[4r0g]

Just imagine if Linus Torvalds had written everything related to Linux in Swedish or (gasp) Finnish! Would you be using it? Thought not.

Re:Helsinki? Finland? Why in english then?

Helsinki University of Technology has quite large base of foreign students especially from Japan, China and India. Although the general price level in Finland is a bit higher than in many European countries, the free (no admission or semester fees) university education balances nicely.

Because of the large foreign population, most lectures in the ICT programmes are also given in English.

Actually, if you look at the name list on the report, only 5 of 12 of those PhD students are native Finnish.

Anyway, it's nice to see a report from the laboratory I'm studying my major on Slashdot front page. :)

Re:Helsinki? Finland? Why in english then?

[plj]

But hey, read the release notes of Linux kernel v. 0.01; there was a hard-coded Finnish keyboard!

Unfortunately, at the same time it probably lacked proper support for other charsets than ASCII...

Re:Helsinki? Finland? Why in english then?

[plj]

Yes, you are. If you would really be one of us liberal left-wing socialist radicals who have got our english training in order to become terrorists, you would know that although both Finnish and Swedish are mandatory in Finnish schools only 10 % or so of those 90 % of population who have Finnish as their mother tongue actually are fluent with it. English, on the other hand, is not mandatory for anyone, but practically everyone in schools are actually reading it as their major foreign language.

The stereotype of a typical Swedish teacher in a Finnish school for Finnish-speakers is near-sixties mouse-sized woman, who desperately tries to teach when teenage boys are mainly shooting each other with erasers at the back side of the class... and yes, I do have some practical experience of that, and I am also currently an undergraduate CS student, who have no idea how to pass that mandatory Swedish exam, which all students are required to take before they can graduate...

Re:Helsinki? Finland? Why in english then?

[geighaus]

I study in HUT and today's official strategy of the university is to make studying more international with the emphasis on English. With more and more international students studying here, many courses are held in English (even with native Finnish professors, lecturers and assistents). Plus another problem is that there are no simply adequate Finnish translations for many computer-related words.

Re:Helsinki? Finland? Why in english then?

[JuggleGeek]

Not all students in Finnish universities speak Finnish.

Not all Americans speak English. Trust me on this - I live in Texas. :^)

Re:Helsinki? Finland? Why in english then?

[GnarlyNome]

Because English has a bigger voculabary
(present company excepted)

Obligatory

[qbert911]

In Soviet Russia.. Dissertation writes You!

Simple.

[Vo0k]

The more keywords in the file name the lesser chance it will contain anything that makes sense.

In EDonkey it's worth looking at other file names of given share, they often offer some insight. You grab ROTK, check and see 3 other names: FOTR-Extended-Edition, and you may be sure it was some moron who can't tell "1" apart from "3" who renamed it and some more morons download it without checking.

Re:Simple.

[General+Sherman]

Oh, I know, it's hilarious.

One file will be names ROTK-Extended-Edition and another with the same MD5 sum will be some porno name, it's absurdly obvious.

And other times you can tell just because of the file size. I've seen GTA3, in only 12k!

A good tool is ShareReactor Fakecheck for those truly tricky files. Help them out, report fake ed2k links. I know I do all the time, mlnet even has a handy little link that does it automatically for you in the web interface.

P2P. SPAM.

[powerpuffgirls]

I think it's worth mentioning this article talks about P2P, then about SPAM.

While it doesn't imply they are somehow related in their functions, the common nature of these two is the bandwidth consumption, which as stated by the author, can be annoying and disruptive.

Re:P2P. SPAM.

[Dukael_Mikakis]

Well, I'm sure that the frivolous bandwidth consumption is annoying, except to those who get free media, and those hoping to make a buck from massed emails.

It is a good point that you make, because much of the stuff that they had written (from a brief I'm-at-work perusal) is stuff that we (at least the slashdot community) already know. It's just compiled into one convenient package that will merit an award of a PhD.

What I feel would have been more interesting (and has been discussed here) would have been the sly coordination of P2P and SPAM, or how the consumer evil and the corporate evil are working together in many cases.

It's no secret now that P2P exists in many different forms and seemingly refuses to be put down, but to the consumer greed of free goods. And it's no secret that SPAM is a blatant abuse of a (relatively) free communication medium to hawk cheap products or worse con people out of money.

The interesting thing is that Kazaa and the like plug your computer full of advertising spyware spawn pop-ups like crazy to make its buck. And even worse, they sell off your cycles to relay the SPAM. I guess when consumer greed and corporate greed get together some awesome (or annoying) things can happen.

P2P Spamming, eh?

Can we get the RIAA to shut these guys down?

Very thorough

[dj245]

What a massive article, covers gnutella, freenet, napster, NAT Translation, hordes, all the hows and the underlying technology and concepts. But...

Why isn't there a service where you can get full-speed from behind a firewall without portmapping? College students everywhere would rejoice. When I'm home I port forward and get the full pipe, but when I'm at college the firewall keeps my download speeds nice and slow. I know this because every once and a while I'll get lucky and some BT seed will connect and start sending me 80kb/s for about five minutes and stop. They made Supernodes to make the network more scalable and to make it work with firewalls. Can they make it work at full speed with firewalls?

Re:Very thorough

Ummmm, Isnt that the point of their firewall, if you steal the whole pipe, what about the other users...

Re:Very thorough

it may be possible with stun but that requires implementing thier own reliable transport over udp (not fun)

the fact is that with tcp and nats you can only connect if one side is not behind a nat as on a lot of bittorerrent files a lot of users are behind nats said users can find it difficult to find peers

Re:Very thorough

[E-Rock]

If it's like what the Universtiy where I works does, it's using packet analysis and capping your activity. It's forcing you to share and play nice with the other 100 - 100,000 people on the network. Now, why the dorms aren't physcially segmented from the rest of campus I'll never be able to explain.

Re:Very thorough

[WebGangsta]

but when I'm at college the firewall keeps my download speeds nice and slow

Don't feel like you're being singled out. Universities have been paying through the nose for bandwidth over the last 2-4 years because of college students who feel that it is their unalienable right to freely download whatever they want. Putting bandwidth limits in place is the least of your concerns... be happy that they didn't shut down your ability to use P2P on their network at all.

You could try talking with your university IT folks and see if they'll up the bandwidth limits during off-peak hours (say, 9pm-6am). On the other hand, depending on the size of your college, it may not be the IT folks limiting you -- it could be hundreds of your fellow students all P2P'ing (or not uninstalling spyware) at the same time sucking your precious bandwidth away.

Re:Very thorough

[edgedmurasame]

However, you're going to have a field day with the IPSEC/SSH users who've found pipes unencumbered by such. That, and people who start getting plain evil and doing something about that filter. Not to mention when they've turned a P2P network's traffic into incomprehensible packets, and/or traffic that adapts to get highest queues to deal with the QoS problem. Good luck, it's only a matter of time before that packet shaper goes useless...

Finns do a lot of things in funny languages

The Finns have noticed that no-one understands Finnish, so they've become extremely good at putting things in more popular languages. For example you can get the news in Latin courtesy of Finnish Radio (today's headline: Kerry candidatus democratarum.)

Re:Finns do a lot of things in funny languages

[JuggleGeek]

The Finns have noticed that no-one understands Finnish, so they've become extremely good at putting things in more popular languages. For example you can get the news in Latin courtesy of Finnish Radio

They want more people to understand, so they go to Latin, a dead language? That's so very sad.

Plural of "virus": the mystery unravelled

What's more, the Nuntii Latini site announces:

Propter vira computatoria electrogrammata appendicibus instructa aperire non possumus.

(Because of computer viruses, we can't open email attachments.) So we learn that they believe that the plural of "virus" is "vira". Don't forget to deluge them with pedantic mail if they're wrong.

A collection of amateurish papers

It looks like a collection of papers from a first-year compsci class assignment.

For example, this is in the introduction to the Freenet section:

While censorships are necessary in maintaining law and order in a society

Um, many people might disagree with that little gem.

Re:A collection of amateurish papers

[Gubbe]

Many might.
Many might also start comparing the "law and order" of the US against the "law and order" of countries that use common sense in making and interpreting laws, including those regarding freedom of speech.

food for thought...

Re:A collection of amateurish papers

[jcupitt65]

• While censorships are necessary in maintaining law and order in a society
  Um, many people might disagree with that little gem.

But most sensible people would not. Of course there have to be limits on freedom of expression. That's why we have laws on libel, incitement to racial hatred, etc. etc.

A reasonable country will choose a good compromise between the freedom of the individual and the needs of society.

Re:A collection of amateurish papers

[Big_Al_B]

But who defines "common sense" for you?

I hope they've got everyone's best interests in mind.

I'm sure they do. "Abuse of power" is rare. Hardly happens anywhere, historically speaking. (/sarcasm)

Re:A collection of amateurish papers

[Gubbe]

I believe people do, myself included.

I admit that my original reply may have seemed a bit anti-US, but let's take Finland as an example since the article is finnish and I'm finnish. There isn't really all that much censorship here, so in that respect there is really nothing to give examples of. However, having followed some court cases recently, I can tell you that they are very boring. They are boring because there are no loudmouthed lawyers trying to convince a jury or a judge on why this or that particular tiny loophole or constitutional article should be used to aquit someone who has clearly committed a criminal act.
Up here lawyers state the facts and opinions and the issue is decided based on the applicable laws and Common Sense. If you don't like the results, you can appeal.

And when it comes to "Abuse of power"... I'd like to welcome you to study the recent history of Finland. Yes, there have been events of power abuse, but they haven't ended nicely for those involved and compared to certain figurehead *COUGH*gwb*COUGH* of one big country, any such abuses have been negligible in magnitude.
In fact, our recent prime minister lost her job and is on trial because before the Iraq war she received (arguably because she requested them) some documents regarding the Iraq debacle classified as secret from the president's advisor. The actual trial took a couple of days, was mostly broadcasted on national television and was completely fair towards everyone involved.

I honestly believe that although the Finnish administration does have its faults, it really does have everyone's best interests in mind. I'm sure many Finns agree.
Just because there are people at the helm of the US who care more about the $ than they do about the people doesn't mean that the situation is as desperate in the rest of the world.

Oh, and Mr. Mod. Before you mod me down, ask yourself if you're doing it because this post really should not be seen by anyone, or are you doing it just because you disagree with me. If the latter, I invite you to reply and state your opinion.

Re:A collection of amateurish papers

[Big_Al_B]

I believe people do, myself included.

Common sense requires common experience. That's a difficult requirement to meet in a geographically large and economically diverse population. Probably easier to achieve in Finland...

I admit that my original reply may have seemed a bit anti-US

Yes. But that's okay, and it's not what I'm responding to.

My point is that law is a tangible entity and "common sense" is decidely intangible. You can't decide legality on "common sense" in a land where there's too much diversity to call any sense "common to all people."

They are boring because there are no loudmouthed lawyers trying to convince a jury or a judge on why this or that particular tiny loophole or constitutional article...

Excellent example of a lack of "common sensibility" between you and me. To me, "innocent until proven guilty" is common sense. In the US, the burden is on the prosecutor (an arm of the state) to prove criminality, not on the defendant to prove innocence. Even if someone is "clearly" guilty of the spirit of the law, a loophole or constitutional article/amendment that contradicts the written law is an acceptible, albeit unsavory, legal defense. See, "spirit of the law" and "common sense" are both intangible, written laws are significantly more tangible.

... should be used to aquit someone who has clearly committed a criminal act.

By "clearly" you're refering to the clarity that the trial is attempting to establish? If this clarity is predetermined in Finland, why even have a trial court system? Courts may, and probably should, be boring for many reasons, but predetermined criminality shouldn't be one of them.

And when it comes to "Abuse of power"... I'd like to welcome you to study the recent history of Finland...

The recent history of any single nation is weak anecdotal evidence for any given argument, and fairly useless in this context. Human history across any geopolitical boundaries gives us overwhelming evidence of our tendencies to abuse power.

and compared to certain figurehead...

Believe me, there's plenty of national debate regarding our leaders' performance. And you know little about where I stand on that, because it's way off-topic.

I honestly believe that although the Finnish administration does have its faults, it really does have everyone's best interests in mind. I'm sure many Finns agree.

Again, then why have courts? If the state is infallibly benevolent, then there's no point to them, but that's a BIG "if."

I admit that I really don't know enough about Finland to judge how naive you are. So I won't.

there are people at them helm of the US who care more about the $ than they do about the people

Assuming that is true, I'm sure you'll admit the US doesn't even come close to cornering this market.

Common sense :^) shows that most nations are in the same predicament.

Re:A collection of amateurish papers

The Finnish criminal system is also based on the principle of innocent until proven guilty. Just so you know, the "common sense" approach also includes the concept of reasonable doubt.

Re:problems with the internet

[BritGeek]

Cor Strewth!

It might solve the problem, but the social implications are horrific. I am assuming, despite the lack of an April 1st date, that this is a subtle joke?..

Alternatively, if the poster *is* serious, it is reminiscent of the old joke whose punchline is "you can't get there from here".

Re:problems with the internet

[phats+garage]

hehe I think it took about 5 minutes to reach -1.

Still I'm pretty surprised that its already 2004 and the nets still pretty open. Whats to stop industry from rolling something like this out?

This idea has significant merit

[cagle_.25]

The idea of optional charging has been floated before, and these objections have been raised before. I don't think that the objections are fatal, however:

I've *never* been lured into sending someone else an e-mail. The only way I could imagine someone doing it is either (a) sending me an e-mail first, or (b) setting up a website with a "click here to e-mail me about ..." In case (a), if someone charged me, I would turn around and charge them for the original e-mail, and we would be even. Listservs could work on a similar basis: a small, one-stamp's-worth registration fee that is forfeited if you ever charge them.
In case (b), people would quickly learn not to click on links that they don't trust, which is a desirable outcome.

Malicious or vengeful charging is also a non-issue. Simply give each "charge" (I prefer to call it a "reusable stamp") a time limit (perhaps one day, or three); then, the amount of damage that any one person can do to another is small and easily caught. Once bitten, twice shy: if you charge me, then I won't e-mail you anymore, which is the desired outcome.

Enforcement is a harder problem. To do this, a third party would have to be trusted to hold small amounts of money from everyone (and larger amounts of money for listservs), and mail would have to be routed through that person. I forsee that putting a serious crimp into e-mail bandwidth. Also, the more centralized the money-holding system, the more tempting it will be for electronic thieves.

Notwithstanding, I think it is very much worth trying to solve this last problem. At this point, there are only two live options for dealing with Spam: either ICAAN and e-mail users decide to self-regulate, or else national governments will step in and regulate for us. Do you want a government to decide what is spam and what isn't?

Out of the self-regulatory options, I like the reusable stamps the best for three reasons:
(1) It gives the end-user the decision about what is spam
(2) Unlike filters, it places the cost of spamming on the sender instead of the receiver
(3) Also unlike filters, it results in reduced levels of spam being sent instead of increased levels of gibberish-coated spam being sent.

Regards,
Jeff Cagle

It's actually kind of funny

[Atario]

The professor is clearly biased (or purposely acting biased) against P2P, lumping it together with spam as "parasitic and threaten[ing of] the purpose the Internet was designed for". How he figures sending files to one another is a subversion of the Internet's purpose, I dunno.

But the students' papers are all about how effective and efficient the various P2P architectures out there are and how they might be improved. Heh. Bless you, students.

And you can't forget...

[danielsfca2]

And I'll post using the login New Here and say "No, I'm New Here."

And I'll keep thinking it's funny each time I do it.

Re:And you can't forget...

[paulcammish]

And I'll welcome our new "Im new here" overlords...

Maybe that would teach your stupid grandma

to not let her computer get hijacked

Re:problems with the internet

[Welsh+Dwarf]

Even if it isn't it'd never work. You just can't detect encrypted content. My JPEG file could contain an mp3 once the headers are stripped off, and who'd know the difference, short of parsing the whole file, looking at the result, and realizing that it's a mess.

This technique is already used to fool some web browsers (ie IE) into downloading a file as binary instead of getting it as text...

Lock up the current net, and another one will spring up underneath. It'd probably be kind of like freenet, except that it'd be implemented at a much lower level (cap the necessary technologies over your PPP or eth interface, and talk to that). Sure bandwidth would suffer, but the information would remain free, and uncontrollable.

Cloudmark Spamnet?

[superultra]

I'm using Cloudmark's Spamnet, which is essentially what they seem to be talking about (although I didn't read all 109 pages). Seems to work well enough. It tosses about 105 spam a day for me and I have about one or two slip through that I myself block.

Hahahaha, you sir deserve a medal!

(Argh, the cat got my tongue!)

Mod Up.

I didn't think this would work originally, but this method sounds good!