On Sat, 25 Aug 2001, Gary Jeffers wrote:
My fellow Cypherpunks,
Ray Dillinger believes that scanning would assist oppressors as much as regular users. Joseph Ashwood agrees with this and further thinks that the Internet overhead of a scanner would be a serious problem.
Not really. To that extent, a gnutella scanner is probably already in the hands of any law enforcement types that are interested, and there's no reason gnutella itself ought not benefit from the same technology. Better points, since I need to spell them out, are: (a) If scanning is done in a clumsy way it generates a lot of network traffic and twangs a lot of alarms at various firewalls. (b) scanning is a "hot button" issue with a fair number of people and could generate complaints. (c) complaints about gnutella scanning would be "legal ammo" for people who wanted to shut it down. I think that all network applications ought to be able to find other nodes running other copies of the application - but be very careful how you design it, so as not to piss people off.
As far as Joseph Ashwood's claim that the Internet overhead would be too much. Is his point exaggerated? Would it be possible to write low overhead scanners? I do not have the "skill set" to say. Maybe he is right, maybe not. Anybody got something definitive to say on this?
A nice low-overhead scanner that doesn't generate complaints, would be a request and response on some other protocol. If you write a little cgi program, say IsGnutellaThere.cgi, and have gnutella users drop it into their apache (or iis, or whatever) directory, then you can make an HTTP request on port 80. IsGnutellaThere.cgi would run and check to see if the gnutella server is up and what port it's on, maybe check a table to find other gnutellas that it knows about, and return that information in an http response. Then gnutella users who wanted to be scannable (and not all of them will) could drop the program into their CGI directory, and scan-enabled gnutellas could just learn how to make a simple HTTP request and keep that table up-to-date for IsGnutellaThere.cgi to access. HTTP is low-overhead and innocuous, and there's already a hole for it in most firewalls. It won't generate alarms. A straight-up "scanning" approach most definitely will. Bear