View
221
Download
1
Category
Tags:
Preview:
Citation preview
Copyright2005
1
P2P Technology and Its Implications
Roger ClarkeXamax Consultancy Pty Ltd, Canberra
Visiting Professor at A.N.U., U.N.S.W., Uni. of Hong Kong
http://www.anu.edu.au/people/Roger.Clarke/...
.../EC/ANUSems.html#Sem16 , P2P-Pol-0508.ppt
Department of Computer ScienceA.N.U., 3 August 2005
Copyright2005
2
P2P Technologyand Its Legal and Policy
Implications
Themes• Where It Came From• What It Is• How It’s Different• What It Can Be Used For• What It Is Used For• Its Implications for:
• eBusiness Strategy• Regulators• Consumers and Citizens
Copyright2005
3
Star Topology / Master-Slave Architecture
1950s Onwards
MasterComputer
Slave‘Dumb
Terminal’
Copyright2005
4
The ARPANet’s Peer-to-Peer Topology
1969 Onwards Multi-Organisational
PeerComputer
PeerComputer
PeerComputer
PeerComputer
PeerComputer
PeerComputer
Copyright2005
5
‘The PC’ Era – Still Peer-to-PeerMid-Late 1970s Onwards
SmallPC
BBSin
SmallPC
SmallPCs
SmallPC
SmallPC
- to -
Copyright2005
6
Client-Server Architecturemid-1980s Onwards, esp. mid-1990s
Onwards Multi-Organisational
ServerSoftware
inLarge
CentralHost
ClientSoftware
inSmall
RemotePC
PCsin
LocalArea
Network
Copyright2005
7
Client-Server Architecturemid-1980s Onwards, esp. mid-1990s
Onwards Internet-Mediated
Serverin
Host
Clientin
Workstation
Clientin
Workstation
Clientin
Workstation
Clientin
Workstation
Clientin
Workstation
Clientin
Workstation
Serverin
Host
Serverin
Host
Copyright2005
8
Key Developments Since the Mid-1990s
• Workstation Capacity (now rivals Hosts)• Workstation Diversity (vast, expanding)
desktops, laptops, handhelds, smartcards, ...phones, PDAs, cameras, ... carburettors, fridges, ... RFID tags, ...
• Broadband Connectivity (now widespread)This enables dispersion and replicationof devices capable of providing services
• Wireless Connectivity (rapidly increasing)This enables Mobilitywhich means Devices change networkswhich means their IP-addresses change
Copyright2005
9
Wireless Comms Using Electromagnetic Radiation
• Wide Area Networks – Satellite (Geosynch, Low)GS is Large footprint, very high latency (c. 2 secs)
• Wide Area Networks – Cellular (to 20km per cell)1 – Analogue Cellular, e.g. AMPS, TACS2 – Digital Cellular, e.g. GSM, CDMA3 – ‘3G’, e.g. GSM/GPRS and W-CDMA
• Wide Area Networks – ‘WiMax’, IEEE 802.16• Local Area Networks – ‘WiFi’ (10-100 m radius)
e.g. IEEE 802.11x esp. 11b,g / Apple Airport• Personal Area Networks (1-10 metres)
e.g. Bluetooth (or beamed infra-red)
Copyright2005
10
P2P – The Motivation
• “P2P is class of applications that take advantage of resources (storage, processing capacity, content, human presence) available at the edges of the Internet”
• A program is both Client and Server:• a workstation provides services to others
e.g. a music playstation can be a mixer too• So Workstations also acts as Hosts
Copyright2005
11
Multiply-Connected Topology / P2P Architecture
Late 1980s but esp. Late 1990s Onwards Internet-Mediated
PowerfulWork-andPlay-Workstations
(1)Conventional
Depiction
Copyright2005
12
Multiply-Connected Topology / P2P Architecture
Late 1980s but esp. Late 1990s Onwards Internet-Mediated
(2)PreferredDepiction
Client / Serverin
Workstation
Client / Serverin
Workstation
Client / Serverin
Workstation
Client / Serverin
Workstation
Client / Serverin
Workstation
Client / Serverin
Workstation
Copyright2005
13
P2P – Towards a Technical Definition
P2P is a network architecture in which each node
is capable of performing each of the functions
necessary to support the network
and in practice many nodes do perform many of the functions
Copyright2005
14
The Essential Nature of P2P• In principle, Every Device is a Client and a Server• In practice, Many Devices perform Server-functions• Collaboration is inherent• Clients can find Servers• ‘Single Points-of-Failure’ / Bottlenecks / Chokepoints
are avoided by means of networking dynamics • Enough Devices with Enough Resources participate as
Servers for discovery, and as Servers for services• 'Free-Riding' / 'Over-Grazing' of the 'Commons'
is restrained through software and psych. features
Copyright2005
15
Categories of P2P
Pure• Functions and objects are distributed across all nodes, so
no one node is critical to the network's operation; so control is very difficult – USENET, Fidonet, Freenet, Gnutella(1)
Compromised / ‘Two-Tier’• Functions and objects are highly distributed; the index is
substantially but not fully distributed – FastTrack, Gnutella(2)
Hybrid• Functions and objects are (highly?) distributed; the index is
heirarchical (the DNS) or centralised (Napster, BitTorrent)
Copyright2005
16
Why P2P Is Attractive• Much-Reduced Dependence on individual devices
and sub-networks (no central servers)• Robustness not Fragility (no single point-of-failure)• Resilience / Quick Recovery (inbuilt redundancy)• Resistance to Denial of Service (D)DOS Attacks
(no central servers)
• Much-Improved Scalability (proportionality)• Improved Servicing of Highly-Peaked Demand
(more devices on the demand-side implies there are also more server-resources)
Copyright2005
17
P2P Applications1. Of Long Standing
• ARPANET services generally, from 1969• Message Transfer Agents, since 1972
(SMTP), which perform both server and client functions
• USENET since 1979, now Internet Netnews• Fidonet file/message transfer system, since
1984• Domain Name System (DNS), since 1984,
a collaborative scheme, each server also a client
Copyright2005
18
Recently-Emerged P2P Applications2. Processing Services (cf. Grid
Computing)• Pattern-Searching of Data (e.g. SETI@home)• Data-Space Searching, in particular as part
of a collaborative key-discovery process (e.g. EFF's DES cracking project)
• Numerical Methods, large-scale / brute-force(e.g. fluid dynamics experiments, meteorology)
• Gaming, multi-player, networked• Message Transfer:
• conferencing/chat/instant messaging• cooperative publishing
Copyright2005
19
Recently-Emerged P2P Applications
3. Access to Digital Objects• Software:
• Fixes/Patches• Releases
• Virus Signatures• Announcements, e.g. of
technical info, business info, entertainment ‘info’, sports results, promotional messages, advertisements
• News Reports, by news organisations, and by members of the public
• Emergency Services Data• Backup and Recovery
Data• Games Data, e.g. scenes
and battle configurations• Archived Messages, for
conferencing/chat/IM, and cooperative publishing
• Learning Materials, in various formats
• Entertainment Materials,
in various formats
Copyright2005
20
The Predominant Use 1998-2005
• Consumer Sharing of Entertainment Materials:
• recorded music, in MP3 and other formats
• video, as bandwidths increase
• Copyright-owning corporations assert that a large proportion of those file-transfers is being performed in breach of copyright law
• There is evidence to support the assertion
Copyright2005
21
Indicators of Scale• In Sep 2002, 31m Americans used P2P to share music• In 2003, FastTrack peaked at 5.5m users and 60% of
the market, then fell due to publicity about lawsuits• By 2004:
• P2P data volumes estimated at 10% of traffic (Web 50%, all email incl. spam 3%)
• simultaneous users c. 10m• c. 50 m searches per day• FastTrack still had 4m users (40% of market)
and enabled access to 2m files, >10 terabytes• 50% of files audio, 25% video, 25% other
Copyright2005
22
P2P Networks and Protocols
http://en.wikipedia.org/wiki/Peer-to-peer#Networks.2C_protocols_and_applications
BitTorrent network: ABC, Azureus, BitAnarch, BitComet, BitSpirit, BitTornado, BitTorrent, BitTorrent++, BitTorrent.Net, G3 Torrent, mlMac, MLDonkey, QTorrent, SimpleBT, Shareaza, TomatoTorrent (Mac OS X) [2], TorrentStormeDonkey network: aMule (Linux, Mac OS X, others), eDonkey2000, eMule, LMule, MindGem, MLDonkey, mlMac, Shareaza, xMule, iMesh Light, ed2k (eDonkey 2000 protocol)FastTrack protocol: giFT, Grokster, iMesh (and its variants stripped of adware including iMesh Light), Kazaa by Sharman Networks (and its variants stripped of adware including: Kazaa Lite, K++, Diet Kaza and CleanKazaa), KCeasy, Mammoth, MLDonkey, mlMac, PoisonedFreenet network: Entropy (on its own network), Freenet, FrostGnutella network: Acquisitionx (Mac OS X), BearShare, BetBug, Cabos, CocoGnut (RISC OS) [3], Gnucleus Grokster, iMesh, gtk-gnutella (Unix), LimeWire (Java), MLDonkey, mlMac, Morpheus, Phex Poisoned, Swapper, Shareaza, XoloXGnutella2 network: Adagio, Caribou, Gnucleus, iMesh, MLDonkey, mlMac, Morpheus, Shareaza, TrustyFilesJoltid PeerEnabler: Altnet, Bullguard, Joltid, Kazaa, Kazaa LiteNapster network: Napigator, OpenNap, WinMX
Applejuice network: Applejuice Client, Avalanche, CAKE network: BirthdayCAKE the reference implementation of CAKE, Direct Connect network: BCDC++, CZDC++, DC++, NeoModus Direct Connect, JavaDC, DCGUI-QT, HyperCast [4], Kad Network (using Kademila protocol): eMule, MindGem, MLDonkey, LUSerNet (using LUSerNet protocol): LUSerNet, MANOLITO/MP2P network: Blubster, Piolet, RockItNet, TVP2P type networks: CoolStreaming, Cybersky-TV, WPNP network: WinMXOther networks: Akamai, Alpine, ANts P2P, Ares Galaxy, Audiogalaxy network, Carracho, Chord, The Circle, Coral[5], Dexter, Diet-Agents, EarthStation 5 network, Evernet, FileTopia, GNUnet, Grapevine, Groove, Hotwire, iFolder[6], konspire2b, Madster/Aimster, MUTE, Napshare, OpenFT (Poisoned), P-Grid[7], IRC @find and XDCC, used by IRC clients including: mIRC and Trillian, JXTA, Peersites [8], MojoNation, Mnet, Overnet network, Peercasting type networks: PeerCast, IceShare - P2P implementation of IceCast, Freecast, Scour, Scribe, Skype, Solipsis a massively multi-participant virtual world, SongSpy network, Soulseek, SPIN, SpinXpress, SquidCam [9], Swarmcast, WASTE, Warez P2P, Winny, AsagumoWeb, OpenExt, Tesla, soribada, fileswapping, XSC
Copyright2005
23
P2P Multi-Protocol Applications
http://en.wikipedia.org/wiki/Peer-to-peer#Networks.2C_protocols_and_applications
eMule (Edonkey Network, Kad Network) (Microsoft Windows, Linux)aMule (eDonkey network) (Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD, Windows and Solaris Op Environmt)Epicea (Epicea, BitTorrent, Edonkey Network, Overnet, FastTrack, Gnutella) (Microsoft Windows)GiFT (own OpenFT protocol, and with plugins - FastTrack, eDonkey and Gnutella)
and xfactor (uses GiFT) (Mac OS X)Gnucleus (Gnutella, Gnutella2) (Microsoft Windows)Hydranode (eDonkey2000) (Microsoft Windows, Linux, Mac OS X)iMesh (Fasttrack, Edonkey Network, Gnutella, Gnutella2) (Microsoft Windows)Kazaa (FastTrack, Joltid PeerEnabler) (Microsoft Windows)Kazaa Lite (FastTrack, Joltid PeerEnabler) (Microsoft Windows)KCeasy (Gnutella, Ares, giFT)MindGem (Edonkey Network, Kademlia)MLDonkey (BitTorrent, eDonkey, FastTrack, Gnutella, Gnutella2, Kademlia)
(MS Windows, Linux, Mac OS X, Palm OS, Java)mlMac (BitTorrent, eDonkey, FastTrack, Gnutella, Gnutella2)Morpheus (Gnutella, Gnutella2) (Microsoft Windows)Poisoned (FastTrack, Gnutella)Shareaza (BitTorrent, eDonkey, Gnutella, Gnutella2) (Microsoft Windows)WinMX (Napster, WPNP) (Microsoft Windows)XNap (OpenNAP, GiFT, Limewire, Overnet, ICQ, IRC) (Java)Zultrax (Gnutella, ZEPP)
Copyright2005
24
Technical Concerns about P2P• Address Volatility: old addresses may not work
(hence trust based on repetitive dealings is difficult)• Absence of Central Control (hence risk of anarchy)• Inadequate Server Participation (over-grazing)• Security Challenges:
• Malware, embedded or infiltrated• Surreptitious Enlistment (at least potential)• Vulnerability to Masquerade• Vulnerability to Pollution Attacks (decoys)
Copyright2005
25
Business and Government Concerns about P2P
• Address Volatility, plus Inadequate Identifiers, hence:
• difficulty in identifying and locating users• reduction in user accountability
• Absence of Central Control, hence:• reduction in technology-provider accountability• no single point for a denial of service attack
• Challenge to Authority:• of Copyright-Owners over Users• of Censors over Users
Copyright2005
26
P2P Architecture’sResilience and Robustness
A Direct Implication
• The removal of a device as a result of the execution of a warrant or injunction is indistinguishable from other forms of denial of service attack
• In John Gilmore’s words:
“The Internet treats censorshipas damage, and routes around it”
Copyright2005
27
The P2P Battleground – 1998-2005
• MP3
• Napster
• FastTrack, et many als.
• CD-quality digital soundin files sized 1 MB/minute
• a central catalogue of a distributed database, to facilitate sharing of MP3 files
• a distributed catalogue of a distributed database, to facilitate sharing of (MP3?) files
Copyright2005
28
Use of the Law to Destroy Napster
1999-2002
• Napster was P2P-with-a-chokepointIt relied on a central directory of file-names and host-identities
• Court action resulted in closure of the directory, and hence the collapse of the system as a whole
• Many P2P applications have some central facility that can be attacked in such a manner, incl. AOL Instant Messenger, ICQ, DNS(Replication does not remove central control)
Copyright2005
29
Use of the Law to Constrain P2P Generally
2002-• A critical central service represents a chokepoint.
If it’s within jurisdictional reach (and the US is highly aggressive in extending its laws beyond its territories), then it can be attacked through the courts
• Gnutella, FastTrack and many other P2P services decentralise their directories as well as their storage
• Court action intended to preclude such P2P services will need to gain injunctions against production, dissemination and use of the tools and/or protocols
Copyright2005
30
Challenges for Copyright-Owners
• Identification of Copyright Objects
• Identification of Devices that store those objects and that traffic in them
• Demonstrating:Unauthorised Reproduction, Publication, Adaptation and/or Authorisation
• Identification of the Person Responsible for a breach
• Association of the Person with the Device used to perform the act that constitutes the breach
• Location of the responsible Person• Bringing Suit (e.g. jurisdiction)• Collection and Presentation of
Evidence sufficient to win even civil, let alone criminal cases
• Proposing Interventions that could be awarded by court injunction
Copyright2005
31
Who To Sue?Protocol – Owners? Originators?
Publishers?
• BitTorrent (BitTorrent Inc. and/or Bram Cohen)
• eDonkey (“FileHash.com
is a search engine”. Pardon? Meta Machine Inc., NY?)
• FastTrack (Niklas Zennström?, Janus Friis?,
Jaan Tallinn?, and/or Consumer Empowerment?)
• Freenet (Ian Clarke?, Matthew Toseland?, the Freenet Project?)
• Gnutella (Justin Frankel?, Tom Pepper?, Nullsoft?, the Gnutella community?)
• Gnutella 2 (Michael Stokes?, the Gnutella2 community?)
• Joltid (Niklas Zennström and/or Joltid, Stockholm)
• Skype (Niklas Zennström and/or Global Index)
Copyright2005
32
Copyright2005
33
Who To Sue? Providers of Applications/Client-Server
Packages?• Kazaa Media Desktop
(Sharman, Vanuatu and/or Altnet, Sherman Oaks CA and/or Nikki Hemmings and/or Kevin Bermeister and/or Anthony Rose)
• Grokster (Grokster Ltd, Nevis in the Caribbean)
• Morpheus (StreamCast, formerly MusicCity)
• Kazaa Lite (Sharman??)• iMesh (Elon Oren of
Israel?)• MLDonkey (Fabrice Le
Fessant?, INRIA?)• WinMX (Frontcode
Technologies?)
Copyright2005
34
Copyright2005
35
The Copyright-Owner Fightback
• Legal – Lawsuits and Publicity• Political – Copyright Expansionism• Technological – Digital Rights
Management• Reduction of the Power at the Edges• New Business Models
Copyright2005
36
What’s Different about Copyright Objects Now, and in the Future
• Digital not physical / Bits not atoms• Copying is intrinsic to transmission• Copying is performed by the consumer
=> Consumers now need a copyright licence
• Copies for personal use are indistinguishablefrom copies for re-sale, and copies for adaptation
• Copiability and Adaptability are intrinsic=> Appropriation is a virtue, but still
a vice
Copyright2005
37
Copyright Expansionism• Accidental extension through buffers, cache• Lawyers’ ‘nastygrams’ and misuse of process• Lobbying for, and Enactment of, Laws:
• extending copyright laws• criminalising hitherto civil law breaches• enlisting law enforcement agency support• transferring enforcement costs to the State
• DMCA-based Gaoling, no bail, delayed charges, charges withdrawn once chilling effect achieved
• Embedment in Marketspace Mechanismsof Existing, Expanded and Imagined Rights
Copyright2005
38
Digital Rights Management Technologies
Passive Technologies
• Object-Protection under the owner's control• Object-Protection while it is in transit• Means of Tracing Rogue Copies:
• 'Watermarking' technology (to uniquely identify the publication)
• 'Fingerprinting' technology (to uniquely identify the particular copy)
• Object-Protection under a licensee’s control
Copyright2005
39
Digital Rights Management Technologies
Active Technologies – 1 of 2
• Notification to the licensee of their rightsat the time that the object is accessed
• Identification of licensees• Authentication of identities• Destruction / Disablement of the data object
in the event of licence expiry or breach(cf. the sterility gene in proprietary GM crops)
Copyright2005
40
Digital Rights Management Technologies
Active Technologies – 2 of 2
• Enforcement Mechanisms, client-side• Prevention, e.g. preclude actions that
breach permissions for printing display• Recording of actions that exercise
permissions under the licence• Recording of (attempts to) breach the
licence, e.g. making copies beyond the limit
• Reporting of (attempts to) breach the licence
Copyright2005
41
Ways to Reduce the Power at the Edge
• Make workstations ‘diskless’ or ‘thin’• Prevent software from being stored, and require
users to download a copy each time it is used (the Application Service Provider – ASP – model)
• Connect remote devices via asymmetric links, high-bandwidth downwards, low upwards (SDSL’s 1:1 ratio cf. ADSL and cable’s 2:1, 4:1 and even 8:1)
• Insert in every consumer-device:• Identifiers• Location and Tracking Technology
• Upgrade / Replace the Internet Protocol Suite
Copyright2005
42
A More Constructive Closed Approach
• Identify customers’ price resistance-point(by finding out ‘what the market will bear’)
• Set prices accordingly(and thereby sustain payment morality)
• Discourage and prosecute breaches where the purpose is commercial
• Take no action over breaches by consumers(time-shifting, format-change, sharing?)
• A Case Study:• Apple iTunes charges USD 0.99 per
track!??
Recommended