I'm working on an open project that is attempting to cross reference p2p application requirements and solution sets. It would be very useful to me to quote portions of the following exchange by James and Morten. Is permission required or desired? If so, may I?
If off-list quoting is ok, should I quote anonymously or with attribution? The project is PeerPoint: https://docs.google.com/document/d/1TkAUpUxdfKGr_5Qio2SlZcnBu_sgnZWdoVTZuD_Regs/edit?pli=1# Thanks, Richard ----------- Date: Mon, 16 Jul 2012 19:09:26 +1000 > From: "James A. Donald" <[email protected]> > To: [email protected] > Subject: Re: [p2p-hackers] Securing and enforcing good behavior on > structured overlay nets > Message-ID: <[email protected]> > Content-Type: text/plain; charset=UTF-8; format=flowed > > On Fri, Jul 13, 2012 at 1:33 PM, Morten Olsen Lysgaard > <[email protected]>wrote: > > A year ago I researched DHTs quite extensively. I found them vastly > > interesting for a long time dream of mine. A time-shared cooperative > > storage network. A system, where public files can be stored. > > At the time i was thinking a gigantic music storage service which would > > let people stream songs from other peers as long as they contributed > back. > > > > I implemented Chord in Haskell and with it a replicated and fault > tolerant > > storage layer, but then I realized that I had no knowledge of securing > this > > DHT. I didn't even know what security would mean on such a network. How > do > > you prevent malicious nodes from destroying all the data, or creating a > > million peers. How do you enforce good behavior so that people share > their > > disk space and bandwidth? All these questions popped up in my head. > > > > TLDR; I'm wondering if anyone here have experience with, or know of, > > techniques for securing the function of structured overlay networks with > no > > central authority. I find this problem really really hard. > > This is of course a massive unsolved problem, and any useful advance you > make is likely to be widely imitated. > > It is related to the problem of preventing "search engine optimization", > at which task google keep a very large team of very smart engineers > working full time. The measures they have taken to reduce search engine > optimization have had a significant adverse effect on google's search > results, as has search engine optimization itself. > > > One of the many problems to be solved is trust. We have an existing > solution that works very well: The git model: This model allows us to > assemble a very large body of true data and protect it from bad people. > > Most people choose to trust one guy, call him the king, or unelected > president for life. He trusts a handful of people, and accepts their > version of the truth. Call them the lords. Each of those people trust > a bunch of other people, and so on and so forth, so a big and detailed > collection of true data from a big and diverse bunch of people is > collected together and ultimately approved by one guy. > > This does not sound very decentralized, but it is decentralized indeed, > because one can have, and often do have, several kings, and always do > have numerous potential kings, and anyone can choose which king he has > confidence in. > > It is not a star network, but rather a network where the number of > really important nodes is manageably small. > > And in practice, we have several different skews of the truth, several > different skews of the big pile of truth. > > > > ------------------------------ >
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
