Decentralize BitTorrent with Kenosis 327
UnderScan writes "Eric Ries, writer/programmer/CTO, authored an article 'Kenosis and the World Free Web' at Freshmeat [Owned by Slashdot's Parent OSTG]. Kenosis is described as a 'fully-distributed peer-to-peer RPC system built on top of XMLRPC.' He has combined his Kenosis with BitTorrent & removed the need for a centralized tracker. He states: 'To demonstrate Kenosis's suitability for these new applications, we have used it to improve upon another peer-to-peer filesharing application that Just Works: BitTorrent. BitTorrent does one thing incredibly well. Using a centralized "tracker," BitTorrent manages efficient distribution of data that is in high demand. We have extended BitTorrent, using Kenosis, to eliminate this dependence on a centralized tracker.'
See also the Kenosis README for details on using Kenosis-enabled BitTorrent."
ke.no.sis (Score:5, Informative)
The relinquishment of the form of God by Jesus in becoming man and suffering death.
Re:ke.no.sis (Score:2)
Although the resurrection is important, kenosis only refers to Christ's act of humbling himself by the "emptying" of himself and taking on human form; it doesn't refer to the totality of Christ's human life, passion, and resurrection...
Re:ke.no.sis (Score:5, Funny)
Which is why they take Friday off, hide colored eggs, and eat chocolate bunnies - it helps them remember... uh..
What is it exactly it helps them remember?
Re:ke.no.sis (Score:2, Funny)
Re:ke.no.sis (Score:2)
How I miss Bill Hicks.
Re:ke.no.sis (Score:4, Informative)
C'mon people, thing of the big picture! (Score:5, Funny)
Re:C'mon people, thing of the big picture! (Score:5, Funny)
Welcome to mole country. Here's your hammer. Happy whacking.
Still falls just a bit short. (Score:5, Interesting)
Then this falls a bit short of the "killer p2p app" moniker that it *almost* deserves.
Re:Still falls just a bit short. (Score:2)
Re:Still falls just a bit short. (Score:2)
P2P basis is that everyone sends data to anyone in the net. I don't think it can be "anonymous" - you'll be always connecting to someone's computer to download part of a file. It you want to "anonymize" it you'd have to go trought a central server and that doesn't works because it's centralized. You could play some tricks l
Re:Still falls just a bit short. (Score:2)
Someone came up with one way to get around this. Basically, you setup a P2P network where everyone is only allowed to download from peers.
Let's take a simple, single-path example. Computer A connects to computer B and requests TinyLinux.iso.
A doesn't know if B *owns* the file or not, or is getting it from computer C.
B
Re:Still falls just a bit short. (Score:3, Funny)
Re:Still falls just a bit short. (Score:3, Insightful)
From the feature list... (Score:4, Interesting)
Kenosis works in almost any networking environnment, including restrictive corporate firewalls, because it uses XMLRPC for its network communications. It can also work with an HTTP proxy.
This alone makes a worthwhile project, for those stuck behind firewalls/proxies.
Nope (Score:3, Informative)
Re:Nope (Score:2, Informative)
Anyway, if your comment is correct, then it doesn't offer anything new over BT in this regard, as BT already uses HTTP to connect to the tracker [dessent.net].
Hi there... (Score:2, Funny)
Enough, already!
Re:Hi there... (Score:3, Insightful)
There are enough non-bittorrent articles to fill your workday, so move along, nothing to see here.
Bittorrent and p2p arp the hot topics of today (given all the police raids). New projects are certainly worth discussing.
Forced Evolution (Score:5, Insightful)
It is just like Scour net (web based/centralized), then napster (p2p/centralized), then kazaa (p2p/decentralized). Every time they go after a technology, they force it to evolve into the next phase. They will never win IMHO.
Re:Forced Evolution (Score:3, Insightful)
Remember that the next time one of your relatives' or friends' car gets stolen and stripped. Sure the technology to bypass all of the alarms and security measure not to mention the chop-shop techniques keep improving to the point where they keep outpacing the police. To paraphrase you
Re:Forced Evolution (Score:3, Insightful)
Well, I used BT to get the Rubyx Linux distribution. It was available through BitTorrent and then a proprietary P2P method devised by the developer of Rubyx Linux.
That was the only two ways to get it... the maintainer ran the rubyx website off his home DSL modem.
As you can see, people *DO* use BT for legitimate reasons and people like me utilize that.
Granted, the majority of people pirate using BT
Re:Forced Evolution (Score:2)
A few days ago, there was a paper mentioned on Slashdot about safecracking. I found it fascinating, and it was really very eye-opening, because it cut th
Re:Forced Evolution (Score:2)
3rd gen was an obvious move from 2nd gen. 2nd gen(Gnutella) was a smart, but obvious move from 1st gen(napster).
4th Gen? I have no idea. A
Re:Forced Evolution (Score:2)
P2P transfer, P2P search, P2P speed, and P2P anonymity. Actually, Kazaa had all of these except anonymity (it was speedy in many ways, but not nearly as optimized as B
Re:Forced Evolution (Score:2)
People use "revolutionary" in the sense of an idea or concept which is mind-blowing, and brings us in a direction we have never encountered prior. "Evolutionary" is used to describe a system which is usefully extended, modded, but altogether not an unforseeable feat from the perspective of the original object or concept's invention.
But I think we have them con-fused. Rev
Re:Hello draconian DRM (Score:2)
Problems with decentralization (Score:3, Insightful)
Re:Problems with decentralization (Score:2, Informative)
You still
Re:Problems with decentralization (Score:2)
Remarkably, you are not the first to think of this problem. (Sarcasm.)
No central server? (Score:3, Insightful)
Well, since there is a central DNS server at bt.kenosisp2p.org, how can they sincerely declare this to have no central point of failure? Yeah, of course dns propagates, but turn off this central DNS server and in a few days everything is gone, right?
Re:No central server? (Score:5, Informative)
Re:No central server? (Score:4, Informative)
Wrong! The DNS server is a hack. Normal bittorrent links lead directly to a tracker. Kenosis bittorrent links lead to HASH.their.server.name. BitTorrent-Kenosis clients will recognize this and use the network. The purpose of the DNS (and the reason it's not btkn://HASH or something) is that legacy clients going there will be given the IP of any Kenosis client that can act as a tracker for it. Killing that DNS would kill legacy clients but not the enhanced P2P ones.
The Leia Principle Holds True (Score:4, Funny)
When will the Empire^H^H^H^H^H^H *AA ever learn?
Not really decentralized? (Score:2, Insightful)
Re:Not really decentralized? (Score:2)
Great Step, but still no safe haven for fileshares (Score:5, Interesting)
This is an important step, but it still does not hide the user's IPs from the *AA.
From the Article:
It does not address problems of anonymity, privacy, or distributed data retention, although we hope to address these issues in future versions.
Zero Defect Software? (Score:5, Insightful)
This thing doesn't make any fucking sense.
I was really excited by this slashdot story, because I think something like this could be very very useful. I have to say that I was disappointed a bit by the download.
No docs or pointers at the top of the tarball.
One of the READMEs on the site says try "test.py" for an example, which seems to just hang.
Elsewhere it says to fire up bittorrent
trackers and clients.
There clearly is a lot of work that has gone into this, and the idea sounds really promising, but it looks like it needs a better end-user documentation before it's ready for primetime.
Re:Zero Defect Software? (Score:2)
Whaaa?!? On Freshmeat? That's unpossible.
Re:Zero Defect Software? (Score:3, Interesting)
At that point I removed it.
Re:Zero Defect Software? (Score:3, Informative)
kenosis/nodetest.py
Re:Zero Defect Software? (Score:2)
Re:Zero Defect Software? (Score:3, Informative)
Do we really need... (Score:4, Insightful)
Do we really need yet another bloated python p2p app? I can feel the flamebait and troll mods comming.. but seriously: Python sucks at gui work. It has to use generic wrappeers, like wxPython, that are extremely inefficient. Sure, like Pearl or Java, you can write gui apps using Python... but they always come out slow and over-weight.
Consider the BitTorrent client. Just running the application, without an actual torrent being transfered, consumes 23 MB of memory (on Windows) -- for that cheesy, very simplistic little GUI. When you actually start running a torrent through it, it'll easily chew 40 MB's and gobble considerably more CPU time than a comparable program written in C/C++.
I'm not saying Python isn't a useful language... But it was not designed to run P2P apps.
Just because a programming language can be extended to creating GUI applications does not mean it's a good idea. Python's strengths are elsewhere, and I for one am tired of the BitTorrent community using it to write p2p clients in.
Now go ahead and mod me down for having a modicum of common sense.
Re:Do we really need... (Score:3, Insightful)
Sure, like Pearl or Java,
Pearl? You mean Perl, right?
Just running the application, without an actual torrent being transfered, consumes 23 MB of memory (on Windows) -- for that cheesy, very simplistic little GUI.
Python itself is awesome when it comes to rapid prototyping. But nothing forces you to use it. ctorrent is a nice BT CLI client written in C, which won't use that much memory. Remember: it's about the protocol itself. As soon as it stabilizes, the apps could be recoded in C.
Re:Do we really need... (Score:2, Informative)
The size of the application comes from one thing, wxWidgets which, you guessed it, is written in C++ and not python. The MacOS version runs directly on ObjectC and is
Re:Do we really need... (Score:3, Insightful)
Just because a programming language can be extended to creating GUI applications does not mean it's a good idea.
I don't follow, what does P2P have to do with a GUI?
Re:Do we really need... (Score:3, Interesting)
Re:Do we really need... (Score:3, Funny)
This isn't the MPAA's worst nightmare (yet) (Score:5, Interesting)
However, it's only a very short matter of time. The author explains that such a thing could be easily created with this framework. Clearly he could have done it if he wanted, so I'm guessing this is a purposeful strategy on his part to avoid any potential direct or indirect personal liability or legal issues down the road...
-R
Re:This isn't the MPAA's worst nightmare (yet) (Score:2)
Absolutely no way could the MPAA go after the "kenosisp2p" DNS server. Otherwise all DNS servers are committing copyright infringement. When you feed "ftp://www.moviewarezsite.com/pub/MPAA_Movie_Here . avi" into a program, it does the exact same thing as this.
The MPAA could not go after the DNS server that resolves "www.moviewarezsite.com" (yah, good luck!) - but they could go after the holder of the IP address that it resolves to.
Re:This isn't the MPAA's worst nightmare (yet) (Score:2)
Maybe it would be illegal according to a judge, there's never been a court sueing based on this premise before has there? The situation is also a TAD bit different than your example.
In the end though www.your-favorite-pirate-tracker.com would stil
Circumventing central DNS servers with spam! (Score:3, Insightful)
The problem with Kenosis is, of course, it's reliance upon a central DNS server to point to a list of distributed trackers. Many will undoubtely point out, that this DNS server could be taken off, and that's it.
Now how can we really circumvent this problem? One solution would be to advertize a list of DNS resolvers on USENET. A preconfigured list of newsgroups could be used to bootstrap this, and new usegroups (should the original newsgroups get closed) could be regularly advertized as well. A client would just go to those newsgroups, and fetch the updated list of DNS servers, newsgroups etc...
This system would be much more resilient to attacks by RIAA or MPAA because they won't have a single point to attack. Closing newsgroups is much more difficult than taking one DNS server from the upper zone.
Another way to advertize the DNS servers would be via spam! Yes, you didn't misread this. One can easily encode the location of DNS servers in spams and have clients read those spams, effectively extracting an updated list every now and then!
This is very important, because spam is already used as a covert channel to prevent traffic analysis. Specialy crafted spam checkers can extract useful information from spams. One such information would be the distributed location of trackers (or DNS servers that point to them).
Just because it's unethical (to piggy back useful data on top of spam), doesn't mean that it's not already used on a quite wide scale. There's no reason why it shouldn't work on a new generation of distributed BitTorrent trackers!
Re:Circumventing central DNS servers with spam! (Score:2, Insightful)
The system does not rely on a single DNS server. Only for backwards-compatibility.
Re:Circumventing central DNS servers with spam! (Score:2, Informative)
Re:Circumventing central DNS servers with spam! (Score:2)
Decentralized? (Score:3, Interesting)
Decentralized, my ass.
Re:Decentralized? (Score:3, Insightful)
Free Culture Good, Piracy Bad (Score:3, Interesting)
The fact that this can get through firewalls and that it won't fail under heavy load (as happens with bittorrent trackers) are the important things.
What "good, legal content"? (Score:3, Interesting)
There is a ton of good legal content that will be created once the bandwidth issue is solved.
Oh really? Watch the big copyright owners sue the independent producers of so-called "good legal content", alleging that the so-called "good legal content" is in fact subconsciously copied from an existing copyrighted work. It could happen, especially with music [slashdot.org].
An actual case: read it and weep. (Score:3, Interesting)
Basically a bunch of speculation, that COULD happen. I COULD get hit by a bus ... Call us when it ACTUALLY happens.*
Had you taken the time to click the link, you'd see a bunch of cases leading up to one where it has happened. In Bright Tunes Music v. Harrisongs Music [columbia.edu], George Harrison got sued and lost for inadvertently copying a song on his solo debut album.
0 defects...Can see at least one (Score:3, Insightful)
Re:0 defects...Can see at least one (Score:2)
We are looking for help (Score:5, Informative)
(I am one of the authors of Kenosis.)
We are planning improvements to Kenosis in a number of areas such as better integration with BitTorrent, a more distributed BT tracker, simulation of larger Kenosis networks and making Kenosis work over NAT.
We'd love help with any of these or other areas.
Please join the mailing list [sourceforge.net] to get involved.
What about Azureus ? (Score:2, Insightful)
A good start (Score:3, Insightful)
Quite useful (Score:5, Informative)
Re:Quite useful (Score:2)
"Outside piracy, how useful is this?"
"this" not being bittorrent, but being bittorrent without a central server. I have to ask the same question.
I would not take the risk of a corrupted server just to gain what? anonymity?
Re:Quite useful (Score:4, Insightful)
So, since computers are used to pirate stuff, we should ban them too? That will really make the music and movie industries happy. Not so much for software industry though.
-Em
Re:Quite useful (Score:3, Insightful)
Re:Quite useful (Score:2, Insightful)
Decentralizing tracking makes it easier to set up files. It also elminates a single point of failure, and some bandwidth issues of the host (tracking traffic is relatively small, but it can still add up very quickly as peers go into the 10s of thousands.)
Imagine you had a video of a very recent disaster. You could put it on a normal tracker, but you would first have to find one that was willing, and then you would have
Re:Quite useful (Score:3, Funny)
high speed package delivery
Does UPS know about this?
Is how those DHL guys in the yellow vans became really successful overnight?
Re:Quite useful (Score:2, Interesting)
Re:This will be considered a troll, but... (Score:5, Insightful)
Re:This will be considered a troll, but... (Score:4, Insightful)
Re:This will be considered a troll, but... (Score:3, Insightful)
Re:This will be considered a troll, but... (Score:3, Insightful)
Re:This will be considered a troll, but... (Score:5, Informative)
That being said, the busiest torrents I've seen are for copyright-infringing material, so I guess it's still a boon for piracy.
Re:This will be considered a troll, but... (Score:2)
Re:This will be considered a troll, but... (Score:4, Insightful)
OTOH - if - for example - you crack a proprietary video codec so that it is suited for full-length movies distribution, add a cracked proprietary sound codec, name it all after a proprietary technology, then take some others' source, tweak it a bit, urge other peoples to contribute promising that it will be "free for ever", then demand money for it - it is still ok if you form a company! You can even put your certification on hardware players and stuff. Voila. (Yes, I do troll, "mod me down". But better yet - reply).
Re:This will be considered a troll, but... (Score:2)
Re:This will be considered a troll, but... (Score:5, Informative)
1: Start serving falsely-labelled file data that is correctly represented internally. There appears to be no moderation system built in, so bogus file data will pollute the system.
2: Start serving any file data that is inaccurately represented internally. For example, make all of your hash entries but one accurate, but make that one hash entry inaccurate. Users end up downloading most of the bad file before it errors out. Depending on the setup of the server and client, they may continue trying to get the data from elsewhere, in which case you could serve larger amounts of corrupted data, possibly by using bad clients working in conjunction.
3: Hash cracking: Brute force hash cracking could allow fake data to pass as real, hash-matching data; only a single cracked piece per file is needed. This would probably be economically inefficient, however, compared to #1 and #2 in terms of the ability to disrupt network usage.
4: Mass peer suits. If BT is the download manager here, getting the people who have the file being shared is laughably simple.
There's probably also some risks for their proposed change to allow multiple seeders, but I'd need to think about it for a while.
1, 2, and 3 require an "intelligent" client. In real life, we inherently weed out those who give bad data simply by our experiences and the experiences of those we know. The more we trust a person, the more we trust what they tell us about others. This sort of system tends to inherently isolate out the bad apples, even if they work together. Even if, working together, they manage to convince a good client that they're right and others are wrong, that good client too will simply be viewed as a liar and its data shunned. Overall, the system will remain intact. It's no easy programming task, however; yet, it is doable, as evidenced by the fact that we, as humans, do it every day.
#4 has a simple solution: Involuntary mirroring. If this system would automatically force the mirroring of data into a cache on the destination machine, and serve it from there, there would be no way to know whether a person was actually uploading copyrighted material or simply acting as a "router". Since our law has finally started to catch on to the fact that it is unreasonable to sue those whose computers pass through illegal data that they had no realistic way of knowing about, it would effectively anonymize *all* data on the network.
Re:This will be considered a troll, but... (Score:3, Informative)
Can't be done. There is a moderation system built-in to BT. The SHA1 hashes which identify the file chunks simply cannot be 'correctly represented internally'. If you know a way of doing this without changing the chunk size by several gigabytes, I think some crypto researchers would like to talk to you.
Any reasonably coded clien
It's even easier than that (Score:3, Insightful)
If you look at their readme file, they're just using the hash of the file kept in the
Re:This will be considered a troll, but... (Score:2)
Actually, even for piracy it's still not very useful. It takes the legal battle to the next logical step: the user
Re:This will be considered a troll, but... (Score:2)
Re:This will be considered a troll, but... (Score:4, Insightful)
Re:This will be considered a troll, but... (Score:2, Insightful)
I don't think it's that useful for piracy (Score:2)
Re:I don't think it's that useful for piracy (Score:2)
Since this decentralizes the trackers, what this most means is that the torrent hosting websites (places like suprnova was... hosted torrents but others were trackers) will be hit harder.
It's concievable that Kenosis could be used to host the torrents themselves. At that point, the MPAA could change their mind and start sueing end users ala the RIAA.
Re:This will be considered a troll, but... (Score:2)
Think how handy this would have been when I was downloading those hundreds of megabytes of Tsunami homemade camcorder videos, mpegs, etc. to play in Kaffeine.
Or what about if I want to distribute a customized CD of something that is non copyright infringing? A custom Knoppix CD? A custom OpenOffice.org cd? etc. Why are steps in the evolution of software that eventually will make it easy for everyone to share, and to download huge files a bad thing?
Why does ev
Re:Wait (Score:3, Informative)
Look, so long as the MPAA goons can trace at least one packet of a movie download to your IP address, you have liability. And with BT, as long as you're downloading, you're also uploading. Use torrent, and your ass is exposed, regardless of whether the index is centralized or decentralized. Call me paranoid, but that's how I look at it.
Re:Wait (Score:2)
Are you an MBA or something? (Score:5, Insightful)
Seriously... I don't see how to make money off this...
Seriously...why is that important? Did you even read the article? The author of this BitTorrent enhancement does not even use the word "money"--it is WAY down the list of motivations for its creation, not does it seem to be about getting pr0n and warez. This guy sounds like an idealist in a very true sense--it's about decentralisation of control--making content available without being reliant on central servers.
I think this would be immensely useful. The reliance on central BT trackers has been shown to be BTs primary weak point--once a torrent is located and transfer is initiated it is incredibly robust.
Besides the fact that the admins of BT trackers are being harassed into submission by MPAA and RIAA, the more popular trackers seemed to be quite unreliable. If this innovation (open sourced to boot) addresses the reliablity issues in LOCATING the content that BT is so good at DISTRIBUTING then it could be start a dramatic shift in how we use the Internet, much like the WWW was.
It doesn't even have to be about piracy. Used within a VPN or on a corporate WAN it would make distribution of a large number of big applications much easier to distribute. I make VMWare and ghost images of machines that are many gigabytes and this solution would be a great way of distrubuting them to a large customer with global sites (keep in mind that these clients are legally permitted to use these images--my employer is a stickler for that).
A small operator could distribute software this way and save on the costs and time associated with maintaining a critical server with big pipe to the 'net. Security patches could be distributed this way very effectively without reliance on a single entity for distribution. The possibilities are endless. It might not be a money making machine, but it is the kind of thing that (if it works well) could change the face of computing.
Re:Python (Score:5, Insightful)
What, you mean, by using the right tool for the job instead of language snobbery?
Re:Python (Score:3, Informative)
Even network-limited programs like a bt client still need to worry about GUI responsiveness and memory usage. It would be insane to write the first implementation of such a program in C/C++ -- Perl and Python were given to us by gods to prototype these sorts of projects -- but once the
Re:Python (Score:2)
But that's exactly the point. Kids who don't know anything about programming thinking that changing the language is going to make their network throughput faster, not realizing that the interpreter overhead is dwarfed by the time spent blocking ahd context-switching.
Not to mention that a select() loop based Python approach probably beats a threaded C++ solution in performance anyway.
Re:I don't get it. (Score:3, Informative)
That's got nothing to do with the decentralised network itself.
Re:Why? (Score:2)
Re:YAP2PA (Score:2)
I agree. Joe Fourpack needs P2P applications with better GUI's; and a standard p2p is needed so that everyone's shared file collections are not scattered amongst different p2p protocols.