The Pirate Bay Co-Founder Starting P2P-DNS

An anonymous reader writes "The Pirate Bay Co-Founder, Peter Sunde, has started a new project which will provide a decentralized p2p based DNS system. This is a direct result of the increasing control which the US government has over ICANN. The project is called P2P-DNS and according to the project's wiki, this is how the project is described: 'P2P-DNS is a community project that will free internet users from imperial control of DNS by ICANN. In order to prevent unjust prosecution or denial of service, P2P-DNS will operate as a distributed and less centralized service hosted by the users of DNS. Temporary substitutes, (as Alpha and Beta developments), are being made ready for deployment. A network with no centralized points of failure, (per the original design of the internet), remains our goal. P2P-DNS is developing rapidly.'"

I love the idea,

[pecosdave]

But there is so, so much potential for spammers to kill it before it gets out of the gate good. Spammers so far have killed quite a large number of things that used to be cool on the internet and they're not going to stop until they're reigned in or nobody uses anything electronic anymore because of them.

Re:I love the idea,

[fuzzyfuzzyfungus]

I'd be more concerned by advertisers/audience tracker types than spammers(though, it is true, the botnet herders probably have enough hosts that, barring clever design, all domain names will point to h3rbal v15gra...)

There was a story a while back, I think it hit slashdot, about a university research group that set up a bugged tor node in order to explore that network. Because, unlike most of the idealists and tinfoil hats running tor nodes, they had a 100Mb symmetric line or something equally punchy, they had become the exit node of choice for some alarming percentage of the system by the end of their study.

Similarly, in the classic P2P scenarios, there are usually a few super seeders on University or colo connections, who end up moving a surprising percentage of the total traffic; because their connections are markedly better(and have basically 100% uptime compared to all the casual kids. Even when the casual kids actually introduce the material to the swarm, much of it ends up moving through the big guys.

I would imagine, again barring careful design(which would be tricky; because speed is of the essence with DNS lookups, unless you want your experience to suck), that it would be fairly trivial for google, Phorm, Neilson(if they aren't still living in the 19th century), or the like to set up a few P2P DNS servers that, for a few hundred bucks a month per geographic region, are by far the most responsive and fastest in the area(basic dual-socket 1u colo box on a gigabit line, we aren't talking crazy money here) which would give them near-ISP level of insight into where users of the P2P DNS are going...

Re:I love the idea,

[Rich0]

Cost to send a bazillion spam emails from other people's computers:? Pretty close to zero.

Benefit from doing so:? Not much, but greater than zero.

Cost:benefit ratio:? Probably better than buying blue chip stocks.

Re:I love the idea,

[Beardo+the+Bearded]

Spam doesn't sell products. Spam is itself the product. Spammers sell the spam service to people who think that spam works. "If only 1/10th of 1% buy, then you meet your ROI!" but that's just a lie to get the cash.

The emails themselves are the product that is being purchased. The items being hawked are irrelevant.

Re:I love the idea,

[M.+Baranczak]

I'd be more concerned by advertisers/audience tracker types than spammers

There's a difference?

Good luck with that.

[Skarecrow77]

When you violate US copyright law, the feds really just kinda laugh and say "ok, sure, whatever."
When you try and prevent the US government from taking over something they've set their sights on dominating, they're a whole other kind of aggressive beast.

watch your back dude...

Re:Good luck with that.

[vlm]

Up Next - "The Pirate Bay Co-Founded killed in mysterious accident"

Accused of rape in a friendly foreign country, more likely.

Re:Good luck with that.

[Barefoot+Monkey]

"The Pirate Bay Co-Founder ... and alleged rapist ... has started a new project which will provide a decentralized p2p based ..."

That should be a new meme. Simply put "an alleged rapist" after every reference to anyone at all, until that particular vector of character assassination becomes meaningless.

It's important to ensure that your subject actually is an alleged rapist though - otherwise you're just being inaccurate and libellous. The trick is to tell someone (a friend sitting next to you at the time will do) that the subject is a rapist, thus permanently transforming the subject into an alleged rapist even if the person you told is fully aware of the meme. It's safe to then clarify that the subject is not actually a rapist, since there is no such thing as "a formerly-alleged rapist".

This idea is inspired by Godwin (an alleged rapist) and his well-known counter-meme, Godwin's Law.

Re:Good luck with that.

[networkBoy]

raped to death by Canadian ninja turtles in a friendly foreign country?

Been Tried...

[nweaver]

This has been tried, several times. With the same problems popping up again and again.

Such as "The DNS is a hierarchical namespace, P2P type controls work only for flat namespaces. Yet generally people like hierarchical namespaces."

and "Without a good notion of cryptographic trust, you're doomed in a P2P setting. And if you think a PKI is hard to get right...".

Re:Been Tried...

[vlm]

>Such as "The DNS is a hierarchical namespace, P2P type controls work only for flat namespaces. Yet generally people like hierarchical namespaces."

Its the other way around, people generally hate hierarchical namespaces.

Outside the US, the whole "co.uk" type thing is tolerated, not enjoyed. Inside the US, the unwashed masses are completely mystified by *.state.us addresses to the point that they are mostly unused, with domains like "cityname.com" or "schoolname.org" as the modern preferred choice. Also "AOL keywords" have been replaced by "www.facebook.com/whatever". You see, each step in the edu/gov/us hierarchy contains a nearly impenetrable bureaucracy, but registering a ".com" at godaddy just takes 5 minutes and a credit card...

Re:Been Tried...

[werfu]

Then go flat namespace. Why do we really need hierarchical namespace? I mean, people don't bother if its .com, .net or .org. Its a convention. Anyway, most people now protect their domain name by buying other domain suffix. Or like my mom that has google as her start page, and enter the url she wants to go directly into the google search textbox then press search. IMO domain suffix are overrated and provide more bloat to the net than it does good. Just look at the mess the .co domain is doing. A lot of domain scammers have already taken well known domains to make moneys from people entering things like hotmail.co. If there was no domain suffix, you would simply enter gmail and then get to gmail. Who cares about country anyway on the net.

Re:Been Tried...

[TheRaven64]

I read a paper a few years ago, which showed a strong correlation between programmers and hierarchical thinkers. This isn't entirely surprising - most programming languages arrange code in hierarchical structures (modules, classes, subroutines, nested scopes, and so on), so to be able to use one you need to be good at thinking in terms of hierarchy. Programmers therefore tend to assume that thinking in terms of hierarchies is normal for humans. In fact, the study showed that it's only easy for something like 5-10% of the population.

iTunes is a good example. It arranges music in a flat layout and lets you filter it based on various properties. A typical programmer reaction is 'why would I want that? My music is arranged in an artist/album/track directory structure already'. It's one of the main reasons why programmers tend to be terrible at designing user interfaces for non-programmers.

Lack of Adoption ... Again

[eldavojohn]

From the article:

This is not the first time that an alternative Domain Name System has been proposed. Starting with AlterNIC in 1997, alternative DNS has had a controversial history. Many have ceased to function now because of the lack of adoption from users. However, coming right after the controversial seizure of 80 domains by the US government, P2P-DNS might just get enough support to make it a success.

My personal problem with the seizure of 80 domains really isn't that big of a deal. It sucks and it's probably a sign of the abuse of power from the DHS's Immigration and Customs Enforcement (ICE). But in the end, it was widely announced and advertised. It wasn't done under the cover of secrecy and they at least gave reasons as to why they were seized. For me, this isn't a reason to change the DNS root server that I use. Especially facing slower resolve times and security issues like DNS poisoning.

I can tell you I'm not interested in that trade off ... yet. If we see the US government doing what China's doing and not announcing who's being seized and why, then you will see me jump on board this.

My close friend used borntrade.net which was a knockoff jersey site from a factory in China. Their crime? Avoiding tariffs and not paying tribute to the NHL/MLB/NFL/NBA gods. He might want to use your DNS but I would assume it would only be to conduct business through borntrade.net and not to actually use it on a daily basis. Disclaimer: I think I've seen borntrade bots spamming the Slashdot forums before but now that it's just a DHS/DoJ logo splash screen, you can rest assured I'm not some guy trying to send you there by way of a fake comment.

I would guess that despite the domains being seized, you're going to see the general public not care that much and again the project will fail from lack of adoption. Clandestine government working against the people? Yeah, a few more people are going to hop on board and put up with the speed and security issues. But could someone outline how the whole public would get on board with this? I mean, assuming it's as simple as a browser plugin you can't even get people to install those when the benefits are obvious.

So let's keep trying

A completely decentralized internet would be nothing less than the holy grail of communications. So let's try to support those who strive for this noble goal. A centralized network, no matter how "democratic", is ultimately founded on political power, and I certainly don't have to explain why political power can't be trusted.

Re:2 questions

[werfu]

2: would this be a router's worst nightmare? In tree structure that ISPs has put us in, yes. But if this structure ever fails and we get back to the original net design, which is a mesh network, than it would not be such a problem. DNS change would be propagated to next nodes, wave like. IMO the problems come from the centralization and tree structure the net has become. We've seen fiber optic cable cutting net access to a whole part of the world. What would happen in a global war? Or a megalomaniac terrorist decided to cut net links all around the world? Worst economical crash ever? We're too dependent on big telcos and governments infrastructures. The net should be open, free for anyone. Simply by airwaves, like a big shout going unstopped around the world. Alright, enough dreaming here, I'm out :)

Re:The ultimate in decentralization:

[maxume]

All you have to do now is automate the process of updating it.

You could have some sort of program that acted both as a client and a server...

WINS - Yes, WINS - Windows Internet Naming System

[Joe+U]

Most major systems have a WINS client, I doubt nearly anyone is using it at home.

Write a resolver that mimics WINS to the client and then behind the scenes use a modern P2P encrypted network.

No client work is needed, no DNS passthru is needed and no DNS baggage is needed.

Now you have a foothold until you spend the time to write a native client.

Peter Sunde says...

[SgtKeeling]

From Peter Sunde's twitter:

Plz stop saying I'm the guy behind the new DNS-system. I'm just one of lots of people with interest in it. Everyone does their part!

https://twitter.com/#!/brokep/status/9684729515220992

yawn

[burris]

Before embarking in this project, shouldn't he finish his replacement for BitTorrent he announced a few years back?

I'm sure the DNS project will be as successful as that one.

Violence is the answer.

[Lilith's+Heart-shape]

If spammers are such a problem, then we just need a distributed final solution to the spammer question. I recommend the new German microwave ovens; they seat five thousand.

Re:Violence is the answer.

[Aurisor]

Your post advocates a

( ) technical ( ) legislative ( ) market-based (X) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
(X) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

(X) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(X) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
(X) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

What SPAM doesn't kill, gets stronger....

[malakai]

You are looking at this from the wrong point of view. It is not that SPAM kills good products. Instead SPAM kills products that were poorly designed and/or implemented.

Let's say SPAM didn't exist. Let us say that you create some new Killer App 4.0. You release it. Someone doesn't like you. They don't like your company, or they don't like someone using your product. They don't want to make a buck, they just want to grief. At this point, whatever flaws would have been exploited by a SPAM'er, is going to be exploited by this griefer.

SPAM IS GOOD. Our infrastructure and our original set of RFC's are BAD. They were built in too clean of a room. They worked initially in the original sterile environment, but they are failing to cope with the current non-sterile environment. All internet products need a much more healthy immune systems. And SPAM, if it's good for nothing, is good for building an Immune systems ( have you tasted it )?