[linux-elitists] RE: [offlist] RE: Connection refused (was: RE: mynetworks = 192.168.1.0/* ?) (fwd)

Aaron Sherman ajs@ajs.com
Tue Sep 17 08:58:08 PDT 2002


On Mon, 2002-09-16 at 17:27, Eugen Leitl wrote:

> Hopefully P2P will die quickly.  I hate it, and so does anyone who has
> to try and secure a network.  It exposes you to every scumbag in the
> world who feels they have a right to invade your privacy.  It has no
> redeeming features whatsoever.  It destroys privacy, eliminates any
> possibility of security and doesn't deliver what it promised to begin
> with.  It was a bad idea that's been proven even worse by the new
> Slapper worm.

1. I'm a security administrator for a large production network. I do not
hate P2P. Do not speak for me.

2. P2P networking will never die. What will die is the isolation of P2P
networking in a vacuum. See below.

3. P2P networking does not destroy privacy any more than Web servers
destroy privacy. Please describe a case where this is not true without
describing a bad client (which is no different than having Macromedia's
Flash plug-in in your Web browser, really).

4. The Slapper worm certainly does discredit P2P. Just like Morris' worm
discredited that Internet thingy. Yes sir!

> AAMOF, at our next security meeting, we will be discussing whether or
> not P2P should simply be banned at the edge of every UTexas campus.

Heh. Good luck in the arms race. You will lose, of course, but I have a
tendency to root for the underdog. If stopping P2P networking was as
easy as blocking a port, it would be dead now.

The moral of the story is this: arms races suck. Beat your swords into
plowshares and start working to improve the state of P2P.

The problems with P2P networking today are all solvable, but it's hard
to see why you should solve them. This is the same problem that that
previous P2P network, USENET, had. USENET had a hierarchy of sorts, but
it was essentially P2P (in fact any two USENET nodes can call themselves
"the network", and never care about anyone else).

P2P networking has suffered recently because applications like Gnutella
only allow limited searching and very little guarantee that useful data
will be found. This makes it a medium which is only useful when the
content you are searching for is a) unavailable elsewhere, or more
expensive in terms of time or money elsewhere; or b) you don't really
care what you get back as long as it loosely matches your criteria.
Copyrighted music falls into the first category and Porn falls into the
second. There's not a whole lot else that fits either of these
categories, and the profusion of those items will generally turn off
anyone who would download things like my photograph of a cat sitting on
a rock, which I offer up on Gnutella :)

However, do not assume that "gigabytes and gigabytes of copyright
infringements" (to quote USENET) are the only applications of P2P. It's
just that currently, that's about all it's suited to, and many people
are highly motivated to use it for these applications.

So, what's needed is a P2P network that allows more tuned searching and
some guarantees that what you request is what you get. The advent of
user-moderated content on the Web should give us our first clue here.
Also, there are a wide array of good indexing techniques out there for
distributed data.

So, if your school is really interested in fighting the evils of current
P2P networking do this: put it to your faculty and students to create a
better P2P network that has lower bandwidth needs (by using something
like the subscription model of multicast, for example)  and provides
access to quality content by using more advances searching and indexing
technique than "the world is your hard drive". Wrap it all up with
Web-based user moderation, allowing the creation of "special interest
subnetworks" and you've got yourself a viable P2P killer app.

The only danger to watch out for is the Freenet trap: don't aim for the
stars on first release. Get something out the door that works well.

Enjoy!

-- 
Aaron Sherman <ajs@ajs.com>
http://www.ajs.com/~ajs




More information about the linux-elitists mailing list