Slashdot Mirror

← Back to Stories (view on slashdot.org)

Professor and Student Thwart P2P File Sharing

Posted by timothy on from the oh-the-humanity dept.

Digitus1337 writes "Wired has the story. 'A computer science professor and graduate student have been awarded a patent for a method of thwarting illegal file sharing on peer-to-peer networks by flooding the network with bogus files that look like pirated music.' This raises the question of whether or not companies that are already using such techniques are in violation of the new patent. Good news for subscription services?"

10 of 382 comments (clear)

  1. Uh, prior-art? by Anonymous Coward · · Score: 4, Informative

    Spammers have been doing this for years, ever since Napster and Gnutella came out. And, people have been filtering it since then. Once a P2P system has some sort of trust system built into it, this becomes far less effective.

    1. Re:Uh, prior-art? by Gortbusters.org · · Score: 3, Informative

      This is true in both P2P networks as well as a challenge for large distributed systems. In fact, global operations are always a difficulty. Searching an entire P2P network is a hit or miss operation since you never know when one of your peers will be online/offline. Sometimes that's solved in the protocol, sometimes you need a global system with the protocol.

      One thing about P2P that I've found interesting is how P2P internet phones never really caught on yet. With something like Linphone and SIP, you can have a phone that looks like AIM/Yahoo/MSN. You just double click on a buddy and make a call. No toll charges, no centralized server keeping records of your phone call, pure communication at its best.

      --
      --------
      Free your mind.
    2. Re:Uh, prior-art? by arekq · · Score: 3, Informative
      It is definitely possible to have more than one file having the same MD5 hash, but it is practically impossible to find those files from the hash.

      So, if you just change the positions of the values within the file, it's extremely unlikely that it will have same hash.

      If someone managed to figure out a way to generate a file from a MD5 hash, then it will become useless. (IIRC there's a site that tries to find two files having the same hash, to test the reliability of MD5.)

  2. Not quite by vlad_petric · · Score: 4, Informative
    Patents are retroactive - they're effective from the application day, regardless of the time it takes to process them.

    So it's safe to put 5. Profit :)

    --

    The Raven

  3. but... by AnonymousCowheart · · Score: 3, Informative

    but, as soon as you get a bad download, you erase it, so people dont spread them. If you search for a song using say gtk-gnutella, just download the file that has the most sources. It's highly unlikely that 80+ people will have a bogus song under the file you're looking for. We're in trouble if they start sharing on multiple IP's though...

  4. Good news for subscription services? by SoLoatWork · · Score: 2, Informative

    No, good news for Direct Connect.

    --
    John Susek
  5. Re:This can only be good news for fileswappers. Ma by Space_Soldier · · Score: 0, Informative

    Indeed. The good networks like Gnutella2, EDonkey2000 have hashes. You can flood the networks all you want. You can't flood fake files that pass the hash. The ip address of the flooder is going to be shitlisted.

  6. Re:False patent by 91degrees · · Score: 2, Informative

    That's something I can see working.

    Just supplying a fake file with no music seems like it would never work, simply because there are a lot more file sharers than there are people trying to stop them, and people are really quite likely to isten to at least the first few seconds to check that their downloaded file was the one they thought it was.

    The Cuckoo Egg seems to have worked out a solution to this. I'm quite impressed with the idea. Still not sure it's going to prevent me from downloading music, but I feel it's certainly worth a try. (Yes, I download music. I also realise it's not justifiable, and therefore any reasonable attempts to stop me are perfectly acceptable.)

  7. Re:Would it really matter? by AdamPiotrZochowski · · Score: 2, Informative


    so you are one of the losers who keeps changing the id3 tags.. ;D

    but seriously, its not like its magic to create a checksum of only
    music frames of mp3s. This has been done few times ago, for example
    checkout crc authentication built to mp3, or better yet, use a ready
    tool such as
    linux -> mp3bookhelper
    windows -> mp3-vaccinator

    Another way is to compare tree hashes of files. A tree hash is where
    you break a file into a binary tree, where each leaf is a hash of a
    segment of a file. You combine the hashes of each leaf to get a node
    hash. All the way until you get the root node hash. With a tree hash
    its quite efficient to figure out what part of file is different and
    needs a redownload. That is assuming you are using id3v1 which does
    not change file size. This is yet another reason to avoid
    id3v2/Ape systems.

    --
    /apz, "Dishonor will not trouble me, once I am dead." -- Euripides

  8. Re:Survival of the fittest... by ashot · · Score: 2, Informative

    this used to be true, but not anymore. Now that Bob has a 120GB hard drive he just downloads 50 led zepplin songs to his shared folder and doesn't listen to them.

    --
    -ashot