it won't solve the legality problem, but here's a simple solution to the file test problem. it's obvious, really.
wrt checksums, i agree you can't really trust the person you're trying to donwload from. however, you have partially seen a solution with judges, you just haven't gone far enough with the idea.
consider a new kind of P2P... dual channel.
channel A = b/w for transfer of files.
channel B = judge traffic.
now consider three machines, X, Y, and Z. X wants to get a file from Y, but wants to be sure the file Y is sending isn't hacked in some way. so X randomly picks a new machine, Z, and asks Z if it believes Y has an authentic copy. X thinks the answer is 'yes' (default) since it has no information about the machine Y. Z also has no information about Y, so it says yes as well with non-authoritarian response (default).
now there are two cases. Y sends a valid file, or Y doesn't.
case 1: Y sends a valid file. X receives the file into the queue "untested". when X checks the file, the file is either marked Valid or Invalid. on a Valid, X notifies Z that the file was correct, and everything is ok. X and Z now have hard data and can provide an authoritarian response to any queries about machine Y.
case 2: Y sends a bogus file. repeat scenario, but notify fake. now X and Z know that Y is sending fake files.
how does this solve the problem? obviously, you begin to propagate truth through the system. machines that can't be trusted don't get traffic. you can obviously increase the number of machines in the discussion(s) for judging and broadcasting results.
to avoid spoofing the judge channel, no "notify" events of a judge result can take place without a corresponding query first. spurious 'valid' postings are tossed, and perhaps chalked up as hard evidence of a rogue system and hence untrustworthy.
this scheme works, but has one weakness: multiple machines can directly target the P2P network. here, RIAA machine A and B work in tandem. for every x in P2Pnet, A queries x about B, then A sends to x that B is good.
while this is a valid weakness, it's also a _short-lived_ weakness. by factoring in negative results at a higher weight, and keeping a history for some amount of time T, it becomes clear that negative feedback from bad files at certain machines will push through the network.
if a negative event has 3x the weight of a positive event, then these deliberate attacks can only succeed for a short period until sufficient negative feedback is in the network. by making T large enough, those machines involved in the rogue entries will be denied from further efforts (since it's IP based, not name based).
This argument about copyright is all well and interesting, but it's not addressing the real topic. The real topic is whether or not Napster in and of itself is illegal. Is the sole purpose of the program for piracy (that is, copyright violation)?
Anyone reasonably familiar with past cases will quickly realize that the US Supreme Court has ALREADY answered this question. When the photocopy machine first came out by Xerox, the book industry sued and screamed equivelantly pathetic arguments against it. "It will just be used to copy books, and we'll lose all our revenue..." they cried. The Court said, in a loose paraphrasing, "you're on crack", and struck down an earlier ruling against the photocopy machine. Therefore, we all now know and love our local 24/7 copy store. (See "A Gift of Fire", can't recall the author at the moment.)
How many people do you see out there photocopying the latest Robert Jordan book, rather than purchasing it? It's just not worth it. If the RIAA truly wants to stop this, they'll lower the price of the CD to a more realistic value instead of gouging consumers, much like the issue with books. If a paperback cost me $50, I might consider photocopying it. But it costs $6. (Remember when they were $2.50?) If a CD cost $5, no one would bother with Napster for a full album, the Net's too damn slow. (We all do realize that it costs the music industry about $0.50 to mass manufacture CDs, with pretty inserts and all, right?)
Fundamentally, the program Napster does not violate any laws. It is no more dangerous than a photocopy machine. The use to which it is put by the user defines whether or not the instance of use is legal. This is the same problem as arguments against guns, knives, axes, hammers, etc. The tool in and of itself is not dangerous -- the user of the tool may be. Does that mean that we should have 5-day waiting periods before you can purchase an axe? Or a big kitchen knife?
So what the heck is the big deal? RIAA needs to die, everyone knows that. But Napster is not an illegal program. The courts will bear this out if it goes on long enough, and someone at Napster's legal counsel has a clue.
Slashdot Mirror
it won't solve the legality problem, but here's a simple solution to the file test problem. it's obvious, really.
... dual channel.
wrt checksums, i agree you can't really trust the person you're trying to donwload from. however, you have partially seen a solution with judges, you just haven't gone far enough with the idea.
consider a new kind of P2P
channel A = b/w for transfer of files.
channel B = judge traffic.
now consider three machines, X, Y, and Z. X wants to get a file from Y, but wants to be sure the file Y is sending isn't hacked in some way. so X randomly picks a new machine, Z, and asks Z if it believes Y has an authentic copy. X thinks the answer is 'yes' (default) since it has no information about the machine Y. Z also has no information about Y, so it says yes as well with non-authoritarian response (default).
now there are two cases. Y sends a valid file, or Y doesn't.
case 1: Y sends a valid file. X receives the file into the queue "untested". when X checks the file, the file is either marked Valid or Invalid. on a Valid, X notifies Z that the file was correct, and everything is ok. X and Z now have hard data and can provide an authoritarian response to any queries about machine Y.
case 2: Y sends a bogus file. repeat scenario, but notify fake. now X and Z know that Y is sending fake files.
how does this solve the problem? obviously, you begin to propagate truth through the system. machines that can't be trusted don't get traffic. you can obviously increase the number of machines in the discussion(s) for judging and broadcasting results.
to avoid spoofing the judge channel, no "notify" events of a judge result can take place without a corresponding query first. spurious 'valid' postings are tossed, and perhaps chalked up as hard evidence of a rogue system and hence untrustworthy.
this scheme works, but has one weakness: multiple machines can directly target the P2P network. here, RIAA machine A and B work in tandem. for every x in P2Pnet, A queries x about B, then A sends to x that B is good.
while this is a valid weakness, it's also a _short-lived_ weakness. by factoring in negative results at a higher weight, and keeping a history for some amount of time T, it becomes clear that negative feedback from bad files at certain machines will push through the network.
if a negative event has 3x the weight of a positive event, then these deliberate attacks can only succeed for a short period until sufficient negative feedback is in the network. by making T large enough, those machines involved in the rogue entries will be denied from further efforts (since it's IP based, not name based).
anyone see any weaknesses with this idea?
This argument about copyright is all well and interesting, but it's not addressing the real topic. The real topic is whether or not Napster in and of itself is illegal. Is the sole purpose of the program for piracy (that is, copyright violation)?
Anyone reasonably familiar with past cases will quickly realize that the US Supreme Court has ALREADY answered this question. When the photocopy machine first came out by Xerox, the book industry sued and screamed equivelantly pathetic arguments against it. "It will just be used to copy books, and we'll lose all our revenue..." they cried. The Court said, in a loose paraphrasing, "you're on crack", and struck down an earlier ruling against the photocopy machine. Therefore, we all now know and love our local 24/7 copy store. (See "A Gift of Fire", can't recall the author at the moment.)
How many people do you see out there photocopying the latest Robert Jordan book, rather than purchasing it? It's just not worth it. If the RIAA truly wants to stop this, they'll lower the price of the CD to a more realistic value instead of gouging consumers, much like the issue with books. If a paperback cost me $50, I might consider photocopying it. But it costs $6. (Remember when they were $2.50?) If a CD cost $5, no one would bother with Napster for a full album, the Net's too damn slow. (We all do realize that it costs the music industry about $0.50 to mass manufacture CDs, with pretty inserts and all, right?)
Fundamentally, the program Napster does not violate any laws. It is no more dangerous than a photocopy machine. The use to which it is put by the user defines whether or not the instance of use is legal. This is the same problem as arguments against guns, knives, axes, hammers, etc. The tool in and of itself is not dangerous -- the user of the tool may be. Does that mean that we should have 5-day waiting periods before you can purchase an axe? Or a big kitchen knife?
So what the heck is the big deal? RIAA needs to die, everyone knows that. But Napster is not an illegal program. The courts will bear this out if it goes on long enough, and someone at Napster's legal counsel has a clue.