The question seemed to imply that. And yes, it is infeasible, with SHA1 or MD5; but if it were implemented with a lesser method like CRC32, then the transfers could indeed be subject to sabotage.
The Red Hat ISOs are conforming to the posted MD5 checksum. They are fine.
The Knoppix image in question was investigated, and a definite difference was found between the original ISO image and the one available via BitTorrent. The difference is one *BIT*. The person who made a.torrent for the distribution apparently had a bad copy, and neglected to check the signature.
Thankfully, therefore, no one has to worry about the corrupted Knoppix copy having been Trojaned. And when BT becomes more mainstream and is used for primary data transfer, the distributors will almost certainly have known-good copies and this won't happen again.
A SHA1 signature is included for every chunk, inside the.torrent file. This is, among other things, to prevent transfers from being sabotaged by people producing chunks with bad content but the same checksum. Otherwise you might receive the entire file and discover you have some corrupt data, and you'd have to delete it and start over.
BT does a pretty good stress-test on your network drivers. This has been examined carefully, and it is not a flaw in the BT codebase. As mentioned before, other programs, such as WinMX, can also have similar effects.
Until recently (and possibly even now), BitTorrent had a problem that often caused the completion meter to climb above 100%. (This occurred when corrupt data was received and had to be redownloaded.) As a result, many people terminated the transfer before BitTorrent had reported, "Succeeded!" Hence, corrupt files.
On the other hand, the torrent initiator may have had a corrupt image to work with. It can happen.
In any case, BitTorrent uses the SHA1 secure hash algorithm, which is comparable to MD5, to verify downloads. So long as the.torrent file was created by someone with a legitimate copy, the result should be just as good. Since BitTorrent is really meant to be used directly by file distributors, this shouldn't pose a problem in the future.
Oh yeah... Right now, the RH9 ISOs are being distributed via BitTorrent at over a gigabit per second. Even Akamai would have to stretch a little to source that kind of bandwidth.
It is similar, in that it is a swarming protocol. It has some major differences, though, some of which you might not consider advantageous. It can only share one file (or a set of files) at a time. It is meant to be orchestrated by an entity which distributes the.torrent definition files. There is no search function; it is just a file transfer protocol.
This makes it ideal for the distribution of legitimate content where usual methods would swamp servers or cost too much for bandwidth. And while it can be used for piracy, it really isn't meant for that.
Red Hat would go broke distributing their ISOs via Akamai's network. Akamai is a good service, but bandwidth costs money.
Using BitTorrent means that the same people using up bandwidth downloading the files are also contributing bandwidth uploading them to others, simultaneously. It's an elegant solution, and doesn't cost Red Hat anything.
(Well, if Red Hat were running the tracker, it would cost them a pittance in bandwidth, but since this is an experiment, the BT team is providing that bandwidth.)
BT doesn't work that way. It starts uploading pieces of the file you've already downloaded, shortly after you start downloading. It's not a matter of what you're sharing, because you're only sharing the file being transferred. And everyone downloading is a contributor.
The effects of these laws will be the same as all the other stupid laws out there. Y'know, it's impossible to be living in the US nowadays without breaking SOME law or other. And mostly, the authorities ignore it, unless they're pushed by someone or some event, or unless you cross one of them. At that point, the Powers That Be will audit your life with a fine sieve and use anything they can dig up to make your life miserable.
There are other techniques for measuring the level of chaos in a set of data, and they'd probably yield more consistent results than running the data through an algorithm meant for an entirely different purpose.
Google has been expanding into the specialized search arena -- how 'bout a code-specific search page?
Google's spiders could look into archive files, determine the type of code included, parse documentation files and even determine what sort of license said code was under.
You know it's only a matter of time 'til CERT starts modifying their reports so each company's report is unique. Then they'll find which company's leaking them, and stop giving them information.
I don't know if your notebook can be easily connected to trickle charge. Most laptops' DC in are designed for a full-current connection, and the charging circuitry won't function properly with a less-than-optimal supply.
There are two possibilities I can see; one is, to remove your battery (or get a spare) and trickle-charge it outside of the laptop; or to trickle-charge an external battery and use that as a voltage input. I recommend the latter; I don't know what the Powerbook's battery terminals are like, but I suspect it'd be inconvenient to hook up to.
Yes, I'd say it's very important to obtain a European Computer Drivers License before working or vacationing in Europe. Otherwise, you will not be allowed to use your laptop or rent a larger PC, but will instead have to take taxis or walk to places you need to go. Training for the ECDL is especially important if you wish to drive your computer on the autobahn; without that training, you could have a very serious crash.
Slashdot Mirror
The question seemed to imply that. And yes, it is infeasible, with SHA1 or MD5; but if it were implemented with a lesser method like CRC32, then the transfers could indeed be subject to sabotage.
The Red Hat ISOs are conforming to the posted MD5 checksum. They are fine.
.torrent for the distribution apparently had a bad copy, and neglected to check the signature.
The Knoppix image in question was investigated, and a definite difference was found between the original ISO image and the one available via BitTorrent. The difference is one *BIT*. The person who made a
Thankfully, therefore, no one has to worry about the corrupted Knoppix copy having been Trojaned. And when BT becomes more mainstream and is used for primary data transfer, the distributors will almost certainly have known-good copies and this won't happen again.
A SHA1 signature is included for every chunk, inside the .torrent file. This is, among other things, to prevent transfers from being sabotaged by people producing chunks with bad content but the same checksum. Otherwise you might receive the entire file and discover you have some corrupt data, and you'd have to delete it and start over.
Hey, I'd LOVE to see a C version of the program. Please feel free to rewrite it. You can grab the source at http://sourceforge.net/projects/bittorrent/.
And I'd have to disagree that Python is as bad as Java. I will admit, it isn't as low-level as C, but it's nowhere near as annoying as Java can get.
Could you please post the checksums here?
BT does a pretty good stress-test on your network drivers. This has been examined carefully, and it is not a flaw in the BT codebase. As mentioned before, other programs, such as WinMX, can also have similar effects.
Until recently (and possibly even now), BitTorrent had a problem that often caused the completion meter to climb above 100%. (This occurred when corrupt data was received and had to be redownloaded.) As a result, many people terminated the transfer before BitTorrent had reported, "Succeeded!" Hence, corrupt files.
.torrent file was created by someone with a legitimate copy, the result should be just as good. Since BitTorrent is really meant to be used directly by file distributors, this shouldn't pose a problem in the future.
On the other hand, the torrent initiator may have had a corrupt image to work with. It can happen.
In any case, BitTorrent uses the SHA1 secure hash algorithm, which is comparable to MD5, to verify downloads. So long as the
Oh yeah... Right now, the RH9 ISOs are being distributed via BitTorrent at over a gigabit per second. Even Akamai would have to stretch a little to source that kind of bandwidth.
No, really. I'm serious. There were some problems with the name server.
As of this post, there are >1300 people downloading, and things seem to be scaling fine. The tracker ought to be able to handle at least 6000 clients.
It is similar, in that it is a swarming protocol. It has some major differences, though, some of which you might not consider advantageous. It can only share one file (or a set of files) at a time. It is meant to be orchestrated by an entity which distributes the .torrent definition files. There is no search function; it is just a file transfer protocol.
This makes it ideal for the distribution of legitimate content where usual methods would swamp servers or cost too much for bandwidth. And while it can be used for piracy, it really isn't meant for that.
Red Hat would go broke distributing their ISOs via Akamai's network. Akamai is a good service, but bandwidth costs money.
Using BitTorrent means that the same people using up bandwidth downloading the files are also contributing bandwidth uploading them to others, simultaneously. It's an elegant solution, and doesn't cost Red Hat anything.
(Well, if Red Hat were running the tracker, it would cost them a pittance in bandwidth, but since this is an experiment, the BT team is providing that bandwidth.)
Yup! And so far, it seems the weak link in the whole shebang is the DNS...
If you're having problems getting BitTorrent to work, especially "bad data from tracker", use:
http://207.44.142.96/redhat9.torrent
BT doesn't work that way. It starts uploading pieces of the file you've already downloaded, shortly after you start downloading. It's not a matter of what you're sharing, because you're only sharing the file being transferred. And everyone downloading is a contributor.
The effects of these laws will be the same as all the other stupid laws out there. Y'know, it's impossible to be living in the US nowadays without breaking SOME law or other. And mostly, the authorities ignore it, unless they're pushed by someone or some event, or unless you cross one of them. At that point, the Powers That Be will audit your life with a fine sieve and use anything they can dig up to make your life miserable.
Google already does this in the case of PDF files; I don't think zip/rar/tgz would be a huge stretch.
Heck, Google could even monitor CVS sites...
There are other techniques for measuring the level of chaos in a set of data, and they'd probably yield more consistent results than running the data through an algorithm meant for an entirely different purpose.
Umm... I called that number and got a 404 error. I think it's been Slashdotted.
Google has been expanding into the specialized search arena -- how 'bout a code-specific search page?
Google's spiders could look into archive files, determine the type of code included, parse documentation files and even determine what sort of license said code was under.
Judging from the number of messages posted under this subject, I suspect there won't be enough interest to keep the project going.
:-P
You know it's only a matter of time 'til CERT starts modifying their reports so each company's report is unique. Then they'll find which company's leaking them, and stop giving them information.
His real name is Smeagol. Don't say the G word, or he'll turn into a homicidal lunatic and start stealing our rings!
I don't know if your notebook can be easily connected to trickle charge. Most laptops' DC in are designed for a full-current connection, and the charging circuitry won't function properly with a less-than-optimal supply.
There are two possibilities I can see; one is, to remove your battery (or get a spare) and trickle-charge it outside of the laptop; or to trickle-charge an external battery and use that as a voltage input. I recommend the latter; I don't know what the Powerbook's battery terminals are like, but I suspect it'd be inconvenient to hook up to.
Most HDTVs don't do that great at displaying computer video.
I keep waiting for a video card designed only to do HDTV output, but no one seems to want to do it...
Yes, I'd say it's very important to obtain a European Computer Drivers License before working or vacationing in Europe. Otherwise, you will not be allowed to use your laptop or rent a larger PC, but will instead have to take taxis or walk to places you need to go. Training for the ECDL is especially important if you wish to drive your computer on the autobahn; without that training, you could have a very serious crash.
Hee. Check your link please; the company you mentioned is more into hydroponics than horsepower.