Slashdot Mirror
Reputation System Fights P2P Junk
yeejiun writes "Many of the files that are shared on p2p networks tend to be junk. Organizations such as the RIAA and music labels regularly pollute these networks with nonsense files masquerading as real music/video files. These junk files make it difficult for users to find what they want on such p2p networks. Some researchers at Cornell University have developed a reputation system called Credence, that works on the Gnutella network, allowing users to tell the good files from the bad ones."
quit downloading crap off of kazaa/grokster/morpheous/etc. dont trust brittneyspearsporno.avi.mpeg.exe
lameness filter thwarted.
Gotta love the torrents!
argumentum ad fallacium: Fallacy of defining a fallacy which allows one to dismiss the argument in question.
Especially when there is no way of checking them in midstream.
if the RIAA is willing to create junk files, you really don't think they are going to create fake accounts to rate their junk files as "good"? ANY system you put in place that gathers "votes" from users can be manipulated.
How is this any better than Bitzi and its Bitprints, which are already built into popular Gnutella servents like BearShare?
"Our client provides a peer-based judgement that a given object will possess the properties with which it is labeled and enables users to evaluate search results for authenticity before downloading."
Sounds exactly like Bitzi to me...
"Many peer-to-peer reputation schemes have been proposed in academia. Credence is the first practical implementation of a peer-to-peer reputation scheme."
I don't think so.
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
If a file appears to by RIAA-affiliated music, treat it as a junk file.
Why bother with music the artist doesn't want you to have? Just forget about it altogether and discover new music, even new types of music that you'd never realize existed, much less that you could enjoy.
Wow. I am so glad that these fine folks researched and invented a rating system for P2P networking. Because then networks like Shareaza and EDonkey wouldn't have to take the credit for having such a system several years ago.
While these "researchers" are writing their self-congratulatory paper for re-implementing other people's work, can I please get a doctorate in working them over with a baseball bat for being such jackasses?
Shocking.
I don't know that their tactics are effective - after all, networks like eDonkey|eMule seem to be pretty good at self-policing. But it's amusing to see the undercurrent of outrage in these 'stories'.
We all know damn well why the *AA folks do what they do.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
I like this idea. Media hordes, read as RIAA and MPAA, will constantly try to find technical ways to put the P2P genie back in the bottle.
/. mobs will just mock them.
For every Napster (Kazaa, etc.) they close, another will be spawned. For every fake or intrusive system they create to battle downloaders, another downloading method will be innovated. For every commercial they feature a celebrity crying copyright heresy,
It's no shattering concept there'll never be a checkmate for either side.
Some aim to please, I aim to tease.
Like what Slash does.
I think the main insight and contribution of the system is that the reputation of a peer according to you is determined by whether he/she votes in a similar manner as you.
So if the RIAA starts spamming Gnutella with lots of junk stuff, you will never vote in the same way as the RIAA dummy accounts, and you don't take their votes into account.
In fact, it seems the system is even smarter than that - it can take votes from people that are strongly uncorrelated with you and use that as negative information. So anything these people vote as valid files, you can treat as garbage as their definition of good/bad files is completely opposite to yours. And assuming you trust your own judgement, that means those files must be bogus.
Reminds me a lot of the google pagerank system, but with explicit learning/training instead of using back-links for determining correlation.
Seems the trust system is prone to spamming itself. If the RIAA (or anyone for that matter) flood the system with bogus votes, then the "honest" votes will get ruled out.
I haven't read the description closely, but it's hard to see why flooding the system would matter- it isn't majority rule, it's who do you trust and who do they trust. If the RIAA has ten million bogus users, I and a few hundred other people vote thumbs down on them but thumbs up for each other, then we have our little corner where a set of honest opinions exist (although it may take a while to initially connect to that group).
The way you would have to spam the system would be to vote honestly for a time and then switch abruptly, but even then the damage would be quickly mitigated as your credibility disappears.
So a 'good' rank is dependent on the whims of people who usually vote the same way that you do. So spammers will see high rated spam and non-spammer will see high rated non-spam. Simple.
The research and motivation for this is important. If peer to peer networks can be subverted, then they have lost their usefulness. IMO, the sharing of copyrighted data is unavoidable, and sacrificing the freedom of a protocol in an attempt to prevent it is shortsighted.
It probably would have been better for Cornell if it had been left as a paper, rather than implementing it.
"A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
This is what happens.
Company XYZ comes up with P2P app.
Distributed online for free.
Users who claim to be legit flock on P2P site.
**AA lawyers swarm.
Site is closed down.
People are sued.
Real losers?
Company XYZ.
Users who are sued as examples.
You just lost the newest P2P site.
Wash. Rinse. Repeat.
lameness filter thwarted.
So, when's Slashdot going to impliment this "golden" system?
Who actually searches for files in the P2P client? Normally you visit some site where the releaser himself posted a torrent or an ed2k link and you download that.
I can't remember the last time I actually searched in eMule.
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
Do people really think that Lord of the Rings deserved to sell just 1 copy, to the p2p hacker who ripped it?
There was a time when home video didn't even exist, and yet movies still got made. After their initial run in theaters, movies would only be shown every now and then on tv late at night. They were basically filler programming for what would have otherwise been dead air. One might even argue that the average quality of new movies has been on a steady decline since then.
Just because I can package something for individual sale and ask people to pay for it doesn't mean it's right, copyrighted or not. Especially when the producers more than recouped the cost of production long before going to video and that copyright is going to be extended ad infinitum.
"Just because I can package something for individual sale and ask people to pay for it doesn't mean it's right, copyrighted or not." Hi, this is reality talking, we'd like to know where you could have possibly formed such a delusional idea that people don't deserve to sell the things they made. I guess I will just go over to McDonalds now and grab a big mac without paying. I don't think it's right to pay and I haven't eaten for about 2 hours, so why should I have to pay?
Too bad he wrote as AC, but he has one of the most insightful points of the entire thread, an entire aspect that is overlooked.
The basic premise of the slashdot story is how cool it is that researchers are defending the acts of people to trade in uncorrupted *illegal* file trading.
After all, it seems the most if not all corrupted files are ones that, if they weren't corrupted, would have been illegal to trade anyway.
I think the RIAA and MPAA are scum sucking pigs who need bacon carved off their arses and handed to them. Still, I also think their concern about massive illegal fileswapping is legitimate, even though the leaders of their respective industries are the ones truly responsible for raping their own artists...
But what the parent is saying (and which is a very legit argument if you ask me) is that if you're looking for a Debian repository, you're almost certainly not going to find a fake file!
If you want to be sure, you can compare the file size to the official one. If it matches, you can be all but completely confidant that it's real.
After all, there are probably far fewer people trying to flood P2P with bogus files just for the hell of it then there are trying to flood P2P with bogus files in an attempt to protect copyright.
That's a lovely, scary, statement you've made there, and it's earned youa buncha karma...care to back up the claims with a citation or two?
Billions? I highly doubt Billions.
"Draco dormiens nunquam titillandus."
You don't get it. You can't infiltrate the trust circle. Those inside would shove you out, once they find out you are no good, so your basic premise fails.
" if p2p files are legit, why do you need checksums.."
To verify that the file is, in fact, legitimate. There are a number of unscrupulous folks out there that would just love to have even just a few people install their trojans. As Ronald Reagan said "Trust, but verify."
This is easily counter-measured by "banning" sources which are unable to send me a valid chunk in X attempts.
I think that there could be an easy counter-measure for every measure that the anti-pirate industry takes.
Every thing they do is just an other inconvenience for the downloader, themselves, the legit downloaders, and Everybody Else (tm).