Peer to Peer and Spam in the Internet

RobertDHaskins writes "A very interesting series of papers from Helsinki University of Technology on the topics of P2P and spam. Written by PhD students they are a little long, but some very good coverage of the state of the art."

Spam is very simple to fix.

[Pig+Hogger]

• Follow the money
• Block networks who let spammers send traffic on them, no matter if it's SMTP, DNS, FTP or HTTP

Once a few big guys find themselves turned into intranets, they'll start paying attention.

Re:Spam is very simple to fix.

[IamGarageGuy+2]

I don't think that will work. You will end up having to hit that stupid "charge sender" button repeatedly, the same way you delete spam now. Also what makes you think you will get a dime from a spammer, how would he pay without havng a Big Brother approach to all email? I wish I had a good idea instead of just shooting your idea down. I would love to see you come up with a way to make that work though.

Re:Spam is very simple to fix.

Parent wrote: "Yeah, but some people would just make everyone pay."

Some people make their friends pay when they every time they go out to lunch too. Those people end up with fewer friends.

(Oh and if they're poor, I don't mind if I pay for emails or lunches.)

Re:Spam is very simple to fix.

[IthnkImParanoid]

So spammers rely even more heavily on hijacked machines, and my grandmother on social security suddenly has a $100,000 bill from her ISP.

Don't see that happening.

Re:Spam is very simple to fix.

[Stalus]

For example, every email has a button saying "charge the sender $0.10". It's at the recipient's option whether or not to charge the guy.

The problem then arises that someone could wage a financial war against any service that sends any sort of e-mail to their users. So, say for instance that someone gets ticked off at slashdot, registers an account, gets a password sent to them and hits the button. Granted, the service could refuse to e-mail anyone that has charged it, but that doesn't stop an army of slashdotters from attacking someone like SCO or Microsoft.

If we could determine which e-mails were legitimate and which ones weren't so that we could decide which of these charges are legitimate, we wouldn't have the spam problem in the first place. I guess the solution is to force users to e-mail you, so that you can e-mail them back.. and then if they charge you, you can charge them back. But does the client trust that the server won't accidentally charge them?

The other question then is who gets this money? If the recipient gets it, then malicious people will just search for anyone to send them e-mail (more likely make a spider to do so) so they can get some extra pennies. If someone else gets it, who do we deem worthy enough to benefit from the e-mail wars mentioned above?

Overall, just sounds like an accounting nightmare, since someone has to account for whether or not an e-mail was sent or not - and then enforce things so that one recipient can only inflict the charge once.

Re:Spam is very simple to fix.

[FallLine]

So spammers rely even more heavily on hijacked machines, and my grandmother on social security suddenly has a $100,000 bill from her ISP.

Don't see that happening.

This concern is way overrated. The potential problems created by this "postage" model is much more tractable and minor (on a grand sclae) than those under the non-market based status quo. Once this "postage" technology is in place, ISPs would be free to enhance it to offer various security protections. For instance, only allow, say, 100 emails a days (a user-definable setting--but default) and notify the user if this happens. Alternatively, warn the user if X emails appear to be spam or are too identical (perhaps send them a visual challenge/response request after 50 emails--remember the false positive ratio wouldn't have to be nearly 0%). This would jack up the complexity of spamming orders of magnitude, the cost for the spammer (having to find new security exploits), and would also give the government a lot more teeth with which to pursue them. Connecting to an open proxy is one thing, literally hacking their machine and stealing money is quite another.

If spammers are in the business of hacking machines like this, then it seems to me that there's a lot quicker and safer ways to make money.

Simple.

[Vo0k]

The more keywords in the file name the lesser chance it will contain anything that makes sense.

In EDonkey it's worth looking at other file names of given share, they often offer some insight. You grab ROTK, check and see 3 other names: FOTR-Extended-Edition, and you may be sure it was some moron who can't tell "1" apart from "3" who renamed it and some more morons download it without checking.

Re:Bias?

[smharr4]

Indeed, while p2p applications may share illegally share content, they are probably not as disruptive as laid out.

Spam is far more disruptive, but is given less coverage in the document.

I would expect more from PhD's, I hope that these were written post-PhD, and not for a doctoral thesis, they seem to be very ill-informed.

Re:Bias?

[dreamchaser]

That wasn't the point being made. The discussion is about the enormous bandwidth requirements of both P2P and Spam on a large scale. Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

Re:Helsinki? Finland? Why in english then?

[Turing+Machine]

Nope, not really. Far more scientific papers are written in English than in any other language, because it's the language most scientists have in common (this is different from being the language spoken by the most people; more people speak Chinese than any other language, but relatively few people who aren't Chinese speak it).

100 years ago, scientific papers were commonly written in German.

200 years ago, they were commonly written in Latin.

Times change.

Re:Bias?

Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

Yeah, those poor ISP's having to endure their customers actually using the product they're selling them.

Re:P2P. SPAM.

[Dukael_Mikakis]

Well, I'm sure that the frivolous bandwidth consumption is annoying, except to those who get free media, and those hoping to make a buck from massed emails.

It is a good point that you make, because much of the stuff that they had written (from a brief I'm-at-work perusal) is stuff that we (at least the slashdot community) already know. It's just compiled into one convenient package that will merit an award of a PhD.

What I feel would have been more interesting (and has been discussed here) would have been the sly coordination of P2P and SPAM, or how the consumer evil and the corporate evil are working together in many cases.

It's no secret now that P2P exists in many different forms and seemingly refuses to be put down, but to the consumer greed of free goods. And it's no secret that SPAM is a blatant abuse of a (relatively) free communication medium to hawk cheap products or worse con people out of money.

The interesting thing is that Kazaa and the like plug your computer full of advertising spyware spawn pop-ups like crazy to make its buck. And even worse, they sell off your cycles to relay the SPAM. I guess when consumer greed and corporate greed get together some awesome (or annoying) things can happen.

Re:Bias?

[Araneas]

The problem is ISP sell a model that tells users they can use their full bandwidth all the time. Except of course if you read the fine print on the AUP buried on some obscure support site.

What is "sold" is not what is delivered.

Re:A collection of amateurish papers

[jcupitt65]

• While censorships are necessary in maintaining law and order in a society
  Um, many people might disagree with that little gem.

But most sensible people would not. Of course there have to be limits on freedom of expression. That's why we have laws on libel, incitement to racial hatred, etc. etc.

A reasonable country will choose a good compromise between the freedom of the individual and the needs of society.

Re:P2P is in its infancy

[jpkunst]

You mean like a poster/moderator/meta-mod system such as implemented right here on /.? Yeah, that's worked wonders for quality assurance on these message boards!

In my opinion, it works quite well. Try reading /. at -1 for a while and see how much fun that is.

JP

Re:Helsinki? Finland? Why in english then?

Helsinki University of Technology has quite large base of foreign students especially from Japan, China and India. Although the general price level in Finland is a bit higher than in many European countries, the free (no admission or semester fees) university education balances nicely.

Because of the large foreign population, most lectures in the ICT programmes are also given in English.

Actually, if you look at the name list on the report, only 5 of 12 of those PhD students are native Finnish.

Anyway, it's nice to see a report from the laboratory I'm studying my major on Slashdot front page. :)

Re:A collection of amateurish papers

[Gubbe]

I believe people do, myself included.

I admit that my original reply may have seemed a bit anti-US, but let's take Finland as an example since the article is finnish and I'm finnish. There isn't really all that much censorship here, so in that respect there is really nothing to give examples of. However, having followed some court cases recently, I can tell you that they are very boring. They are boring because there are no loudmouthed lawyers trying to convince a jury or a judge on why this or that particular tiny loophole or constitutional article should be used to aquit someone who has clearly committed a criminal act.
Up here lawyers state the facts and opinions and the issue is decided based on the applicable laws and Common Sense. If you don't like the results, you can appeal.

And when it comes to "Abuse of power"... I'd like to welcome you to study the recent history of Finland. Yes, there have been events of power abuse, but they haven't ended nicely for those involved and compared to certain figurehead *COUGH*gwb*COUGH* of one big country, any such abuses have been negligible in magnitude.
In fact, our recent prime minister lost her job and is on trial because before the Iraq war she received (arguably because she requested them) some documents regarding the Iraq debacle classified as secret from the president's advisor. The actual trial took a couple of days, was mostly broadcasted on national television and was completely fair towards everyone involved.

I honestly believe that although the Finnish administration does have its faults, it really does have everyone's best interests in mind. I'm sure many Finns agree.
Just because there are people at the helm of the US who care more about the $ than they do about the people doesn't mean that the situation is as desperate in the rest of the world.

Oh, and Mr. Mod. Before you mod me down, ask yourself if you're doing it because this post really should not be seen by anyone, or are you doing it just because you disagree with me. If the latter, I invite you to reply and state your opinion.

Re:Google HTML Link...

[kwenda]

And what is wrong with reading a PDF?

Well, for starters, it takes longer to download the file and then to have the viewer application open than it should.

Secondly, the text in Adobe Acrobat is, by default, harder to read than whatever font you have your browser set to, and isn't possible to change the font in Acrobat Reader. This is annoying.

Thirdly, try to use the oh-so-intuitive text-select tool in Acrobat reader to select a paragraph from this document. When you reach the end of the line, the selection continues in the NEXT COLUMN. That's not only annoying, that's retarded.

PDFs open in a non-standard interface in which the functionality is changed from whatever browser the user was using has changed. In IE, they default to opening in the same window, with the Adobe interface at the top of the window. Would you like a printout of the webpage? Well then you had better not click 'Print' in the IE toolbar, or in the 'File' menu - because all you'll get is a blank page. This is frustrating to computer literate people and damn confusing to computer users (yes, there is a difference).

So you say you want something that allows you to deliver a document online to many people, and you want to have control over some text in columns, a few bulleted lists, some small simple graphics and some hyperlinks? Use HTML. PDF is overkill for this - it's fine for delivering something to a publisher, say - even though they'd probably want it in another format. PDF is the bane of web document delivery.

If you need a form on your webpage that people can fill out, that needs to look the same no matter what, PDF is good for that. IRS Tax forms, for example. This is a fine application for something like PDF. Articles are NOT.

PDFs are annoying to users, they are more difficult to use and deal with than plain HTML even though they offer no big benefit (for this situation), they are larger than they need to be for the task that they are being used for, and they just don't make sense. Don't force your site's users into PDF unless you absolutely have to, because you'll also be forcing your users away.