What is Digg?72 Comments
- turbomofo, on 08/25/2008, -2/+42Could it be that certain established diggers have developed very lucrative relationships with various websites and ad agencies as a traffic generating strategy? Naaaah...that's crazy, just forget I mentioned it.
- sathias, on 08/25/2008, -0/+30Somebody forgot the first rule
- inactive, on 08/24/2008, -2/+31Just a question MakiMaki. I really like most of your submissions, your one of the few "big diggers" I actually follow. But how the heck is it possible for you to always be the first one to submit a torrentfreak.com story?!
- madwaxer, on 08/24/2008, -6/+25quick solution to localised p2p:
http://waste.sourceforge.net/
WASTE creates a network of hosts, making whatever connections possible, and typically routes traffic via the path of lowest latency (which effectively ends up as load-balancing, though it is far from ideal).
With at least one host outside of firewalls (or behind a firewall but having one incoming port open), a WASTE network can enable all supported services (including chat and file transfer) between any two hosts.
WASTE uses three main classes of messages: Broadcast messages, routed reply messages, and local management messages.
Broadcast messages are sent from a host when the host wants to either notify or request information from all hosts on the network.
Routed reply messages are sent in response to a broadcast message, routed back to the host that initially broadcast the request.
Local management messages are sent directly between two nodes to negotiate link configuration parameters etc.
The network messaging structure is flexible and there is plenty of room for new message types to enable new services and functionality.
Each link on the network is secured and authenticated, but messages are not secured point to point, which means a trusted user on the network can theoretically spoof and/or sniff traffic. For more information, see the security section.
Security
WASTE builds a distributed network of hosts, and secures each link in the network. In securing each link, WASTE also authenticates each link using public keys.
WASTE also provides a mechanism for hosts on this network to exchange keys automatically with each other once a host is trusted on the network.
How WASTE Secures Links
WASTE secures the links of the WASTE network by using RSA to exchange session keys and authenticate the other end of the connection. Once the hosts have authenticated each other and both have the correct session keys, the connection is encrypted using Blowfish in PCBC mode (using different IVs for each direction of the connection). The oversimplified process for bringing a link up is (see comments in the code and the code itself for a more in depth view):
Both sides exchange public key hashes, and verify that they know that hash
Both sides exchange session keys and challenge-response tokens encrypted with each others public keys.
Both sides decrypt and verify the challenge-response tokens, and begin encrypted communication (a stream of messages, each message is verified using an MD5).
There's a lot more to it than that, but that's the basic idea. The reality of it is that there is also a "Network ID/Name" feature that allows you to easily keep networks from colliding, as well as efforts to obfuscate the whole process (to make WASTE connections difficult to detect). Another unique feature is the way session keys are exchanged and combined so that in order to decrypt past (recorded) traffic, both private keys of a connection need to be recovered.
Note: It might be worth implementing WASTE using a subset of SSL, to avoid any concern of flaws in this protocol. Feedback is gladly accepted on any potential weaknesses of the negotiation. We have spent a decent amount of time analyzing this, and although we have found a few things that are not ideal (i.e. if you know public keys from a network, you can sniff some traffic and do an offline dictionary attack on the network name/ID), but overall it seems decent. The current implementation probably needs work, too.
Why WASTE requires a trusted group
Since the security in WASTE relies on encrypted links, and messages are not encrypted point to point, a node on the trusted network could easily sniff or spoof messages. So yes, your friends can spy on you. But you were not really worried about them, were you?
How WASTE Prevents Information Leakage
WASTE makes an effort to prevent information leakage. WASTE sends all traffic through the same encrypted link(s), and does not (by default) bring up or drop connections in response to any user actions. WASTE messages are sent completely inside an encrypted channel, so a snooping party would have a VERY difficult time determining what kind of traffic is being sent across a link, or where the traffic originated from, or where the traffic was headed to. And because there may be redundant paths in the network, and traffic is load balanced across those paths, it further complicates things. - JeffH, on 08/25/2008, -0/+15So basically the concept of P4P is P2P that detects local sharers and uses them over those who are farther away (while also including a bunch of ***** agencies out to ***** everyone)...
...
...
...
So why don't already established P2P networks just update to do the same thing? Everyone wins. - MakiMaki, on 08/25/2008, -2/+17Hey dude. No secrets really, just RSS. I subscribe to the site like many others and submit stories whenever they show up in my feed reader. I don't get any inside scoops from the torrentfreak guys. It's pretty much luck.
@NathanMahdavi... TF's username is Torrentfreak http://digg.com/users/torrentfreak
@turbomofo.... Sigh. Not another person suggesting this. I don't get paid by torrentfreak. You can email them to check for yourself or get Digg to do an independent audit. I'm totally open. Nothing to fear. Just because someone submits a lot from one site they like doesn't mean he/she is on the payroll. Just something to keep in mind. - DaviDTC, on 08/25/2008, -0/+14michaelb32353 it took you 5 mins to read "What a waste"?
- neko, on 08/25/2008, -0/+13Whatever happened to p3p?
- Rotzooi, on 08/25/2008, -0/+13Buried for inaccuracy. Usenet does not exist.
- ripple123, on 08/25/2008, -4/+16p4p? sounds like a pile of marketing crap trying to hook onto a successful phenomenon. like 'mp4' tried to do
- Roryking, on 08/25/2008, -1/+12Well, with a name like "P4P," I'm not surprised. I can see the MPAA board meeting now... "lets jump on top of this new Pee Too Pee thing before the goddamned Pirateses Bay does"
- eridius, on 08/25/2008, -0/+9mp4 wasn't trying to be "hip" by naming itself after mp3. It was simply another codec to come out of the MPEG group (that's what mp3 stands for - MPEG-1 Audio Layer 3, where MPEG-4 is actually a collection of methods for audio/video encoding, and mp4 specifically is MPEG-4 Part 14).
You also seem to be confused about the fact that mp3 is actually an audio compression codec, where mp4 is a container format. Technically, a .mp4 file (or a .m4a, which is really just a convenience to denote a mp4 file that contains audio only) can contain MP3-encoded audio, though AAC (a.k.a. MPEG-2 Part 7) is the most common audio codec for mp4. - gungaroo22, on 08/25/2008, -1/+10I'm glad your comment didn't turn into a rambling advert!
/sarcasm. - jaxsonk, on 08/25/2008, -1/+10Silence offender.
You have committed the first sin against the Almighty. - wukillabee, on 08/25/2008, -8/+17thats cool but i like to use p9000p, its called usenet
- NathanMahdavi, on 08/25/2008, -2/+10Probably because its the username TF use?
- t3rmv3locity, on 08/25/2008, -0/+7All I have to say to the RIAA and MPAA on pushing their new p2p model is this: good ***** luck.
- paulmer2003, on 08/25/2008, -0/+7Heh, yeah. I suspect that too. I frequently find myself irritated by MakiMaki's posts. He seems to submit a *LOT* of dupes.
- caseypc, on 08/25/2008, -0/+6The RIAA and the MPAA are fighting a war, a war on piracy.
Unfortunately, it's going to turn out like America's war on drugs. Severe punishment if caught, but we all still keep on smoking anyway.
Stop fighting the internet, and embrace it. - toetagger, on 08/25/2008, -0/+6Not only does the P4P group want to squash P2P for ant-piracy - they then want to use it to sell us video and music services and have us handle the loads. This reminds me of the wonderful idea Circuit City came up with for (the original) DIVX. http://en.wikipedia.org/wiki/DIVX_%28Digital_Video ... They want to convert us they way they did Napster.
- counterplex, on 08/25/2008, -0/+6Wasn't WASTE a Nullsoft product that AOL yanked almost immediately?
- cyssero, on 04/18/2009, -1/+7The excessive white space in your post raises my suspicions o_O
Kidding. - Myztry, on 08/25/2008, -0/+6P4P. Laughing my arse off. It takes more than simple rebranding to change it from being P2P.
Any number of different connection methodologies can be used in P2P.
The only difference, is they are trying the take the very path that P2P naturally avoids. Authoritarian Control.
If you just add a middle man, what do you call them? #4 (P4P - Peer to 4 to Peer) - unrealmp3, on 08/25/2008, -0/+5I'll keep my stuff for myself using P1P.
- tito13kfm, on 08/25/2008, -0/+5The newly announced 2g1c protocol is really where the future in sharing is.
- shawnanigans, on 08/25/2008, -0/+4Don't worry, the pirates are always smarter than those who wish to stop them. Except their natural enemy the ninja.
- inactive, on 08/25/2008, -0/+4You wasted five minutes of my life
- funchords, on 08/25/2008, -0/+4The BitTorrent protocol's choke and optimistic-unchoke algorithm already looks for the most efficient peers, which are not necessarily (but usually are) the closest ones. P4P might speed up that process, but after a half hour or so, P4P will not likely be any better than P2P. And, in some cases, it might choose the wrong ones because sometimes the local peer is screwed up.
If users keep the freedom to choose whatever apps they want to use, then P4P is not a threat. It will either win or lose based on how much users like it's performance and on whether it invades their privacy.
But if ISPs plan to force or persuade users to use P4P by throttling, then this is a big problem. - Genma, on 08/25/2008, -0/+3latency is a function of distance and other factors. it's accurate enough and clients already do this in different ways. even if it chooses a peer over another that is further away but lower latency, that usually means the route has greater capacity so it's still preferred. staying within isp limits could actually make the swarm less efficient if the preferred peers are not exchanging complete information, as in favoring local clients with pieces that are less rare than remote ones.
what they want is to attach monetary value and restrictions to an open protocol. they figure if they can find a way to involve the utilities, then they can be used and held accountable to support them, which is not and never will be their role unless something really bad happens. it's the only way they know how to protect the cash. - Suricou, on 08/25/2008, -1/+4Even if your point is good, your presentation makes you look like a foilhead.
- fuzzymuzzy, on 08/25/2008, -1/+4Please tell me you didnt write out that whole thing just for a comment on digg
- DeathfireD, on 08/25/2008, -0/+3Most P2P clients ARE already implementing similar things. In fact Azureus (Vuze) has a plug in called Ono, which basically does what P4P is intending to do, only in a worse way. Utorrent and Azureus also have a system called "optimistic disconnect" which takes the most inactive users or chocked users, and disconnects you from them when an IP from a local user is found trying to connect to you or you to them. Shareaza staff and users have also been talking about implementing an Ono type system into a future release of the new client. Bittorrent Inc. Is working on a localized AS-mapping system, which basically is P4P, only without the ISP being the middle man. So it's pretty clear the idea is a great one, it just needs to stay unregulated and untouched by anti-p2p company's. If and when the RIAA or MPAA start having their way with it, the system will die and thousands of people may face being sued.
As for the article calming p4p would slow down your speeds, I call BS. The way p4p works is not a forced system. Meaning if you still use a bittorrent client that doesn't offer P4P (AS-mapping that your ISP is hosting), you wont noticed a damn thing. Your speeds will still be the same, heck you may even find your self having faster download speeds since people using P4P around you would be making connections to you. - dougbarrett, on 08/25/2008, -0/+2It's OK, by the time the ISP's cooperate with the people coming up with the technology, IPv6 will be working which will allow users to have direct connections without messing around with ports or anything like that, and chances are if the router will have the data encrypted so ISP's will be unable to figure out what is being transmitted over their networks.
- rdvon, on 08/25/2008, -0/+2I don't understand why p4p would need help from ISP's, couldn't a program just ping everyone who is seeding the file and connect to those who are closer to you?
- disgruntledgoat, on 08/25/2008, -0/+2yeah i don't think most people knew what mp3 stood for either when it became popular in the mainstream. When we oldies got our first 14.4k modem we learnt all about it. OH yeah then there was 28k! kick arse!
- anksrivastava, on 08/25/2008, -0/+2Forgive me but p2p suffices all my needs.
- Suricou, on 08/27/2008, -0/+2P4P isn't a technology. It's a marketing plan. It won't work, because it comes with anti-piracy measures (No ISP would touch it otherwise - they are scared enough of usenet). People who use p2p for legal content exist to the same extent as do those who read Playboy for the articles.
- aetherboy, on 08/26/2008, -1/+3Right...because if you were taking payola, that is something you and Torrentfreak would willingly disclose...
- traichea, on 08/25/2008, -0/+23 is totally uncool at the moment.
p3p went the same way as Intel Core 3 - Suricou, on 08/27/2008, -0/+2The ninjas are as keen as anyone to see fall the industry that created the Turtles movies.
- mchisari, on 08/25/2008, -0/+2
He did.
http://www.google.com/search?hl=en&safe=off&q=%22t ... - Suricou, on 08/25/2008, -0/+2You don't get it... Waste is a solution to a different problem, it doesn't help with this one at all.
- DCstewieG, on 08/25/2008, -0/+1Ono is an Azureus plugin which is supposed to do this, though it doesn't simply use ping time. I haven't found it to help all that much though. I don't think enough people use it.
http://torrentfreak.com/speed-up-your-torrents-wit ... - Suricou, on 08/25/2008, -0/+1Type your query into the box that displays the path you are browsing.
- OmegaWolf, on 08/25/2008, -1/+2Whom do those greedy bastards think they're fooling? No one will fall for their trap.
- iJessicaRabbit, on 08/25/2008, -1/+2I RSS to Torrentfreak as well and Maki, you Always beat me!
I'm just happy the stuff gets submitted... I love that website. - Suricou, on 08/27/2008, -0/+1You could do even better by counting how far along the IPs you can go before bits don't match.
- DeathfireD, on 08/25/2008, -0/+1Most routers and firewalls block Pings so the system wouldn't work as intended. I had already suggested something similar on the bittorrent inc. suggestion forums and forgot that Pings don't always work. They kindly reminded me. Another draw back is if ping did work your results would vary when downloading or uploading large files, even if you lived right next to the person the ping may become really bad due to their own computer being busy.
Latency is one problem as well as distance. - MtheoryX, on 08/25/2008, -0/+1@iJessicaRabbit:
If you're using NetNewsWire, there is a minimum refresh rate on RSS feeds.
If it seems like he is getting the stories first, and thus submitting them first, he may be using a client that can refresh at shorter intervals.
May not be much, but perhaps something to consider. -
Show 51 - 72 of 72 discussions
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is