An article on Salon this morning (also being discussed on slashdot), http://www.salon.com/tech/feature/2002/08/08/gnutella_developers/print.html, discusses how the file-trading network Gnutella is being threatened by misbehaving clients. In response, the developers are looking at limiting the network to only authorized clients:
On Gnutella discussion sites, programmers are discussing a number of technical proposals that would make access to the network contingent on good behavior: If you write code that hurts Gnutella, in other words, you don't get to play. One idea would allow only "clients that you can authenticate" to speak on the network, Fisk says. This would include the five-or-so most popular Gnutella applications, including "Limewire, BearShare, Toadnode, Xolox, Gtk-Gnutella, and Gnucleus." If new clients want to join the group, they would need to abide by a certain communication specification.
They intend to do this using digital signatures, and there is precedent for this in past situations where there have been problems:
Alan Cox, a veteran Linux developer, says that he's seen this sort of debate before, and he's not against a system that keeps out malicious users using technology. "Years and years ago this came up with a game called Xtrek," Cox says. People were building clients with unfair capabilities to play the space game -- and the solution, says Cox, was to introduce digital signatures. "Unless a client has been signed, it can't play. You could build any client you wanted, but what you can't do is build an Xtrek client that let you play better."
Not discussed in the article is the technical question of how this can possibly work. If you issue a digital certificate on some Gnutella client, what stops a different client, an unauthorized client, from pretending to be the legitimate one? This is especially acute if the authorized client is open source, as then anyone can see the cert, see exactly what the client does with it, and merely copy that behavior. If only there were a technology in which clients could verify and yes, even trust, each other remotely. Some way in which a digital certificate on a program could actually be verified, perhaps by some kind of remote, trusted hardware device. This way you could know that a remote system was actually running a well-behaved client before admitting it to the net. This would protect Gnutella from not only the kind of opportunistic misbehavior seen today, but the future floods, attacks and DOSing which will be launched in earnest once the content companies get serious about taking this network down. If only... Luckily the cypherpunks are doing all they can to make sure that no such technology ever exists. They will protect us from being able to extend trust across the network. They will make sure that any open network like Gnutella must forever face the challenge of rogue clients. They will make sure that open source systems are especially vulnerable to rogues, helping to drive these projects into closed source form. Be sure and send a note to the Gnutella people reminding them of all you're doing for them, okay, Lucky? --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com