Peer to Peer and Spam in the Internet

RobertDHaskins writes "A very interesting series of papers from Helsinki University of Technology on the topics of P2P and spam. Written by PhD students they are a little long, but some very good coverage of the state of the art."

Google HTML Link...

[bc90021]

...for those that don't wanna read the PDF:

Here.

Re:Google HTML Link...

[Woogiemonger]

...for those that don't wanna read the PDF:

Got another link? That HTML version yer pointing to only goes up to page 49 out of well over 100 pages. I guess google's automatic PDF to HTML conversion caps itself at 49 pages.

Re:Google HTML Link...

[kwenda]

And what is wrong with reading a PDF?

Well, for starters, it takes longer to download the file and then to have the viewer application open than it should.

Secondly, the text in Adobe Acrobat is, by default, harder to read than whatever font you have your browser set to, and isn't possible to change the font in Acrobat Reader. This is annoying.

Thirdly, try to use the oh-so-intuitive text-select tool in Acrobat reader to select a paragraph from this document. When you reach the end of the line, the selection continues in the NEXT COLUMN. That's not only annoying, that's retarded.

PDFs open in a non-standard interface in which the functionality is changed from whatever browser the user was using has changed. In IE, they default to opening in the same window, with the Adobe interface at the top of the window. Would you like a printout of the webpage? Well then you had better not click 'Print' in the IE toolbar, or in the 'File' menu - because all you'll get is a blank page. This is frustrating to computer literate people and damn confusing to computer users (yes, there is a difference).

So you say you want something that allows you to deliver a document online to many people, and you want to have control over some text in columns, a few bulleted lists, some small simple graphics and some hyperlinks? Use HTML. PDF is overkill for this - it's fine for delivering something to a publisher, say - even though they'd probably want it in another format. PDF is the bane of web document delivery.

If you need a form on your webpage that people can fill out, that needs to look the same no matter what, PDF is good for that. IRS Tax forms, for example. This is a fine application for something like PDF. Articles are NOT.

PDFs are annoying to users, they are more difficult to use and deal with than plain HTML even though they offer no big benefit (for this situation), they are larger than they need to be for the task that they are being used for, and they just don't make sense. Don't force your site's users into PDF unless you absolutely have to, because you'll also be forcing your users away.

Spam is very simple to fix.

[Pig+Hogger]

• Follow the money
• Block networks who let spammers send traffic on them, no matter if it's SMTP, DNS, FTP or HTTP

Once a few big guys find themselves turned into intranets, they'll start paying attention.

Re:Spam is very simple to fix.

[ron_ivi]

Or use a "sender pays but only if the recipient wants to charge" scheme.

For example, every email has a button saying "charge the sender $0.10". It's at the recipient's option whether or not to charge the guy.

For emails from friends I'd never hit the button. For spams I would.

Re:Spam is very simple to fix.

[MicktheMech]

For emails from friends I'd never hit the button. For spams I would.

Yeah, but some people would just make everyone pay. I'm sure it's a supportline operators dream. It may not pay much, but it would definitely recoup some expenses. The minute there's a possibility that I'll have to pay for every e-mail I send is the day I stop sending them.

Re:Spam is very simple to fix.

Yeah. Real easy to fix. That's why it has been fixed. Try that bs. when the spammer is in Russia and is clustered across three different ISPs. So you want to block Russia from the Internet ?

The current spam law is absolutely going to move spam out of american internet space and into foreign countries. Then it becomes a political issue. You know how quickly political issues get solved.

Honestly, you sound like a marketing engineer. Stay away from the network mmmmkay ?

Re:Spam is very simple to fix.

[IamGarageGuy+2]

I don't think that will work. You will end up having to hit that stupid "charge sender" button repeatedly, the same way you delete spam now. Also what makes you think you will get a dime from a spammer, how would he pay without havng a Big Brother approach to all email? I wish I had a good idea instead of just shooting your idea down. I would love to see you come up with a way to make that work though.

Re:Spam is very simple to fix.

Parent wrote: "You will end up having to hit that stupid "charge sender" button repeatedly, the same way you delete spam now. "

Raise the price to $0.50 / email, I'd actually enjoy it.

If I can get through 5 spams / minute I'd be making and extra $100/hour just for reading email.

Re:Spam is very simple to fix.

[powerpuffgirls]

That'll probably create another 'profession' after the Spam-Boom.

(Note in all lower cases now in the post-Spam-Boom era)
work from home and make $3000 a day by clicking the charge button

Re:Spam is very simple to fix.

[IthnkImParanoid]

So spammers rely even more heavily on hijacked machines, and my grandmother on social security suddenly has a $100,000 bill from her ISP.

Don't see that happening.

Re:Spam is very simple to fix.

[Stalus]

For example, every email has a button saying "charge the sender $0.10". It's at the recipient's option whether or not to charge the guy.

The problem then arises that someone could wage a financial war against any service that sends any sort of e-mail to their users. So, say for instance that someone gets ticked off at slashdot, registers an account, gets a password sent to them and hits the button. Granted, the service could refuse to e-mail anyone that has charged it, but that doesn't stop an army of slashdotters from attacking someone like SCO or Microsoft.

If we could determine which e-mails were legitimate and which ones weren't so that we could decide which of these charges are legitimate, we wouldn't have the spam problem in the first place. I guess the solution is to force users to e-mail you, so that you can e-mail them back.. and then if they charge you, you can charge them back. But does the client trust that the server won't accidentally charge them?

The other question then is who gets this money? If the recipient gets it, then malicious people will just search for anyone to send them e-mail (more likely make a spider to do so) so they can get some extra pennies. If someone else gets it, who do we deem worthy enough to benefit from the e-mail wars mentioned above?

Overall, just sounds like an accounting nightmare, since someone has to account for whether or not an e-mail was sent or not - and then enforce things so that one recipient can only inflict the charge once.

Re:Spam is very simple to fix.

The other question then is who gets this money?

Simple. I do. Hand it over.

Sincerely,
Darl McBride

Re:Spam is very simple to fix.

[WormholeFiend]

I've already blocked Russia ip adresses from sending me email.

I dont know anyone there, yet the security department at Microsoft.ru kept sending me friendly patches attached to their messages.

Re:Spam is very simple to fix.

[FallLine]

So spammers rely even more heavily on hijacked machines, and my grandmother on social security suddenly has a $100,000 bill from her ISP.

Don't see that happening.

This concern is way overrated. The potential problems created by this "postage" model is much more tractable and minor (on a grand sclae) than those under the non-market based status quo. Once this "postage" technology is in place, ISPs would be free to enhance it to offer various security protections. For instance, only allow, say, 100 emails a days (a user-definable setting--but default) and notify the user if this happens. Alternatively, warn the user if X emails appear to be spam or are too identical (perhaps send them a visual challenge/response request after 50 emails--remember the false positive ratio wouldn't have to be nearly 0%). This would jack up the complexity of spamming orders of magnitude, the cost for the spammer (having to find new security exploits), and would also give the government a lot more teeth with which to pursue them. Connecting to an open proxy is one thing, literally hacking their machine and stealing money is quite another.

If spammers are in the business of hacking machines like this, then it seems to me that there's a lot quicker and safer ways to make money.

Way too long

[JohnGrahamCumming]

I don't have time to read a document hundreds of pages long, especially not one that's packed with information: I need a quick summary.

Could someone post a one line summary? For example,

Linux good; Microsoft bad; SCO evil; RMS god.

John.

Re:Way too long

[Tuxedo+Jack]

This is Slashdot. You don't have to read the article.

See?

Re:Way too long

[Hex4def6]

This is Slashdot. You don't have to read the article.

See?

I totally disagree with every point you've just made,
will go into great detail about why I think you're
wrong, and as an aside cast inferances on your lineage.

:P

Re:Way too long

[Bob+McCown]

This is Slashdot. You don't have to read the article.

See?

I totally disagree with every point you've just made,
will go into great detail about why I think you're
wrong, and as an aside cast inferances on your lineage.

And I'll point out your grammer and speeling mistakes, while makeing some of my own!

Re:Way too long

[Have+Blue]

I'll point out that you must be new here.

Bias?

[gid13]

From the paper: "The idea was to learn about the disruptive and also annoying phenomena that have become very commonplace over the past couple of years in the internet: namely, the Peer-to-Peer traffic and applications and the unsolicited and unwanted e-mail or Spam."

I think bundling p2p and spam is either totally missing the point, or attempting to influence the opinions of people who don't know better. The users of p2p want what they get for the most part (maybe not viruses and fakes, but the author seems to be targeting p2p due to the copyrighted content).

Re:Bias?

[smharr4]

Indeed, while p2p applications may share illegally share content, they are probably not as disruptive as laid out.

Spam is far more disruptive, but is given less coverage in the document.

I would expect more from PhD's, I hope that these were written post-PhD, and not for a doctoral thesis, they seem to be very ill-informed.

Re:Bias?

[dreamchaser]

That wasn't the point being made. The discussion is about the enormous bandwidth requirements of both P2P and Spam on a large scale. Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

Re:Bias?

[happyfrogcow]

universities, from what i hear, have enormous problems with the amount of p2p traffic hogging bandwidth.

Re:Bias?

Many a college campus network has had it's Internet pipe saturated by both spam and users of P2P software, and many an ISP has been affected in the same manner by both as well.

Yeah, those poor ISP's having to endure their customers actually using the product they're selling them.

Re:Bias?

[Araneas]

The problem is ISP sell a model that tells users they can use their full bandwidth all the time. Except of course if you read the fine print on the AUP buried on some obscure support site.

What is "sold" is not what is delivered.

P2P is in its infancy

[CrazyJim0]

Its true that a bunch of computers can simulate a server for a game.

If you have 6 computers transfering information to each of them, you can create almost the same environment that 6 computers feeding off a server is.

If you place the anti-cheat code on every computer, you form a community to check against cheats.

If you also store every character's information on every computer, then you can watch for hacks there too.

Given its extrodinarily complicated, and fails to mob rule(conspiracy of hackers to overwhelm the system)... Its something that could be done.

I'm sure theres even more complicated things you can do with P2P, such as organizing nodes for filesharing and so on.

Re:P2P is in its infancy

[jjeffries]

I'm sure theres even more complicated things you can do with P2P, such as organizing nodes for filesharing and so on.

P2P filesharing, what a great idea! I wonder when somebody's going to try to do that...

Re:P2P is in its infancy

[Dukael_Mikakis]

What you say is true, and is the perfect solution ... in the same sense that Communism is the perfect government (don't call Homeland Security).

Communism depends on every person contributing (essentially) equally and taking equally, and the system falls apart if one (or worse, several) individuals decide to take advantage of the community.

This is why Blizzard had to instigate centralized servers where all the games are run, and all Diablo characters were stored. People were hacking and HexEditing their characters too much to be trusted.

The trust ring would help, but, like you say, a mob of cheaters can bring the whole thing down by sufficiently fooling the community into believing the hack over the truth.

I mean, just look at P2P (or filesharing) today. When grabbing something off of Kazaa, music you're downloading could be pr0n, or a different song, or a 30 second sample that the RIAA put on to prevent the real one from being grabbed. However, from a centralized, controlled server (iTunes) you know what you're getting beforehand (essentially) cheat-free.

Of course, with true P2P everybody gets access to the product mostly free, whereas in the capitalistic model of iTunes, one entity has all the power and control, and hence will be profiting from all of this.

Re:P2P is in its infancy

[Dukael_Mikakis]

a replacement peer to peer trusted reviewer system should be perfectly viable using encryption to guarantee the validity of a particular vouch for a link. Good reviewers, identified by their public key, build their reputation by word of mouth (or text of keyboard)

You mean like a poster/moderator/meta-mod system such as implemented right here on /.? Yeah, that's worked wonders for quality assurance on these message boards!

Re:P2P is in its infancy

[jpkunst]

You mean like a poster/moderator/meta-mod system such as implemented right here on /.? Yeah, that's worked wonders for quality assurance on these message boards!

In my opinion, it works quite well. Try reading /. at -1 for a while and see how much fun that is.

JP

Helsinki? Finland? Why in english then?

[MikeCapone]

Maybe I'm missing something, but isn't it curious that these papers from a Finn university are in english?

Re:Helsinki? Finland? Why in english then?

[bandy]

The Finns decided more than a decade ago that the Lingua Franca of Computer Science was English.

Re:Helsinki? Finland? Why in english then?

In Northern Europe people can speak generally 3 languages fluently. The have good schools there. They generally have better goverments as well.

Did I say that ?

I meant to say that they are a bunch of liberal left-wing socialist radicals who get their english training in order to become terrorists.

Am I American again ?

Phew!

Re:Helsinki? Finland? Why in english then?

[Turing+Machine]

Nope, not really. Far more scientific papers are written in English than in any other language, because it's the language most scientists have in common (this is different from being the language spoken by the most people; more people speak Chinese than any other language, but relatively few people who aren't Chinese speak it).

100 years ago, scientific papers were commonly written in German.

200 years ago, they were commonly written in Latin.

Times change.

Simple.

[Vo0k]

The more keywords in the file name the lesser chance it will contain anything that makes sense.

In EDonkey it's worth looking at other file names of given share, they often offer some insight. You grab ROTK, check and see 3 other names: FOTR-Extended-Edition, and you may be sure it was some moron who can't tell "1" apart from "3" who renamed it and some more morons download it without checking.

Re:Ugh, that PDF link hung my browser...

If you are using windows, it oftens appears that a PDF has hung the browser when it's actually the Adobe Reader sitting in the background with a dialog box asking if you want to upgrade your version. Try minimizing the browser window[s] and see if you can find a dialog like that.

-- former windows guy, just trying to be helpful

P2P. SPAM.

[powerpuffgirls]

I think it's worth mentioning this article talks about P2P, then about SPAM.

While it doesn't imply they are somehow related in their functions, the common nature of these two is the bandwidth consumption, which as stated by the author, can be annoying and disruptive.

Re:P2P. SPAM.

[Dukael_Mikakis]

Well, I'm sure that the frivolous bandwidth consumption is annoying, except to those who get free media, and those hoping to make a buck from massed emails.

It is a good point that you make, because much of the stuff that they had written (from a brief I'm-at-work perusal) is stuff that we (at least the slashdot community) already know. It's just compiled into one convenient package that will merit an award of a PhD.

What I feel would have been more interesting (and has been discussed here) would have been the sly coordination of P2P and SPAM, or how the consumer evil and the corporate evil are working together in many cases.

It's no secret now that P2P exists in many different forms and seemingly refuses to be put down, but to the consumer greed of free goods. And it's no secret that SPAM is a blatant abuse of a (relatively) free communication medium to hawk cheap products or worse con people out of money.

The interesting thing is that Kazaa and the like plug your computer full of advertising spyware spawn pop-ups like crazy to make its buck. And even worse, they sell off your cycles to relay the SPAM. I guess when consumer greed and corporate greed get together some awesome (or annoying) things can happen.

Very thorough

[dj245]

What a massive article, covers gnutella, freenet, napster, NAT Translation, hordes, all the hows and the underlying technology and concepts. But...

Why isn't there a service where you can get full-speed from behind a firewall without portmapping? College students everywhere would rejoice. When I'm home I port forward and get the full pipe, but when I'm at college the firewall keeps my download speeds nice and slow. I know this because every once and a while I'll get lucky and some BT seed will connect and start sending me 80kb/s for about five minutes and stop. They made Supernodes to make the network more scalable and to make it work with firewalls. Can they make it work at full speed with firewalls?

Re:Very thorough

[E-Rock]

If it's like what the Universtiy where I works does, it's using packet analysis and capping your activity. It's forcing you to share and play nice with the other 100 - 100,000 people on the network. Now, why the dorms aren't physcially segmented from the rest of campus I'll never be able to explain.

Finns do a lot of things in funny languages

The Finns have noticed that no-one understands Finnish, so they've become extremely good at putting things in more popular languages. For example you can get the news in Latin courtesy of Finnish Radio (today's headline: Kerry candidatus democratarum.)

A collection of amateurish papers

It looks like a collection of papers from a first-year compsci class assignment.

For example, this is in the introduction to the Freenet section:

While censorships are necessary in maintaining law and order in a society

Um, many people might disagree with that little gem.

Re:A collection of amateurish papers

[jcupitt65]

• While censorships are necessary in maintaining law and order in a society
  Um, many people might disagree with that little gem.

But most sensible people would not. Of course there have to be limits on freedom of expression. That's why we have laws on libel, incitement to racial hatred, etc. etc.

A reasonable country will choose a good compromise between the freedom of the individual and the needs of society.

Re:A collection of amateurish papers

[Gubbe]

I believe people do, myself included.

I admit that my original reply may have seemed a bit anti-US, but let's take Finland as an example since the article is finnish and I'm finnish. There isn't really all that much censorship here, so in that respect there is really nothing to give examples of. However, having followed some court cases recently, I can tell you that they are very boring. They are boring because there are no loudmouthed lawyers trying to convince a jury or a judge on why this or that particular tiny loophole or constitutional article should be used to aquit someone who has clearly committed a criminal act.
Up here lawyers state the facts and opinions and the issue is decided based on the applicable laws and Common Sense. If you don't like the results, you can appeal.

And when it comes to "Abuse of power"... I'd like to welcome you to study the recent history of Finland. Yes, there have been events of power abuse, but they haven't ended nicely for those involved and compared to certain figurehead *COUGH*gwb*COUGH* of one big country, any such abuses have been negligible in magnitude.
In fact, our recent prime minister lost her job and is on trial because before the Iraq war she received (arguably because she requested them) some documents regarding the Iraq debacle classified as secret from the president's advisor. The actual trial took a couple of days, was mostly broadcasted on national television and was completely fair towards everyone involved.

I honestly believe that although the Finnish administration does have its faults, it really does have everyone's best interests in mind. I'm sure many Finns agree.
Just because there are people at the helm of the US who care more about the $ than they do about the people doesn't mean that the situation is as desperate in the rest of the world.

Oh, and Mr. Mod. Before you mod me down, ask yourself if you're doing it because this post really should not be seen by anyone, or are you doing it just because you disagree with me. If the latter, I invite you to reply and state your opinion.

Re:Ugh, that PDF link hung my browser...

[l1gunman]

The hang-up for me comes when exiting the PDF view by going back to the linking page or exiting the browser. Takes a good 10 seconds or so to go back the first time. Seems to be less on subsequent trips back and forth. This has something to do with the interaction between the Adobe plug-in and, in my case, Mozilla.

It's actually kind of funny

[Atario]

The professor is clearly biased (or purposely acting biased) against P2P, lumping it together with spam as "parasitic and threaten[ing of] the purpose the Internet was designed for". How he figures sending files to one another is a subversion of the Internet's purpose, I dunno.

But the students' papers are all about how effective and efficient the various P2P architectures out there are and how they might be improved. Heh. Bless you, students.

And you can't forget...

[danielsfca2]

And I'll post using the login New Here and say "No, I'm New Here."

And I'll keep thinking it's funny each time I do it.