[p2p-hackers] BitTorrent measurements / fully decentralized systems

coderman coderman at peertech.org
Wed Dec 15 06:11:56 UTC 2004


http://pds.twi.tudelft.nl/~pawel/pub/btmeasurement.pdf 
<http://pds.twi.tudelft.nl/%7Epawel/pub/btmeasurement.pdf>

Interesting results.  It took 5 days of seeding a 1.87G file
before it started completing among participating peers.
Given the MPAA action against trackers and individuals this
suggests their attacks will be effective against many in the
current architecture.

[I'm not going to argue copyright issues; I will simply state
that where corporations and/or governments can influence
availability for legitimate reasons they can also do the same
for less noble purposes.]

The need for decentralization of trackers is mentioned along
with the caveat that such changes increase vulnerability to
other attacks.

"One of the big advantages of BitTorrent/Suprnova is the high level of
integrity of both the content and the meta-data due to the working of
its global components. We have shown that only 20 moderators
combined with numerous other volunteers solve the fake-file problem
on BitTorrent/Suprnova. However, this comes at a price: system
availability is hampered by the global nature of these components.
Decentralization would provide an obvious solution, but makes the
meta-data more vulnerable. Also, a decentralized scheme such as in
Kazaa has no availability problems but lacks integrity, since Kazaa is
plagued with many fake files. Clearly, decentralization is an unsolved
issue that needs further research."

We have been talking about this in another channel and a few
thoughts were discussed.

There has been much talk of private social group networks / social
networks with file sharing.  These services are usually centralized
and thus constrained by contributory / vicarious liability concerns:
they would have to police the networks.  Same set of issues.

[or some like to claim decentralization while relying on a trusted
 certificate authority or other index.  heh]

The decentralized variants have their own set of problems, mainly
identity and reputation as well as discovery / search.

Consider a live linux dvd (4.8G / 8.5G) that contains all of the software
you need to participate in a private network, pre distribution of keys
for all the peers known to the one who created it, and an innate ability
for the dvd to clone itself - this provides a distribution mechanism
for keys (identity), applications themselves (which are currently
being targeted) and also caching for 4-8G of resources (initial
introduction / resource discovery / search in replicated indexes).

Passing a few dvd-r's between friends could approach some significant
bandwidth levels and provide a good base of seeds for things like ISO
distribution where the initial seeding takes a significant amount of time.
(this is something i'm playing with: a live linux ISO that includes
a bittorrent client and the ability to seed itself once booted)

---

There was a paper posted a few months back with an excellent survey
of search in decentralized networks:

http://uluru.ee.unsw.edu.au/~john/tr-unsw-ee-p2p-1-1.pdf

A number of the methods mentioned could benefit from a replicating
ISO bootstrap like described above.


Regards,



More information about the P2p-hackers mailing list