Re: PARASITIC COMPUTING - WHAT'S NEXT

From: Brian Carvalho (Brian.Carvalho@verizon.net)
Date: 10/23/01 

Message-ID: <000e01c15bb6$3a401be0$14d7e6d0@26broadway>
From: "Brian Carvalho" <Brian.Carvalho@verizon.net>
To: <focus-ids@securityfocus.com>
Subject: Re: PARASITIC COMPUTING - WHAT'S NEXT
Date: Tue, 23 Oct 2001 07:31:11 -0400

Yes indeed this was only proof of concept, and that was stated in their
article, however, what I meant from my comments is:

1) The subject of this thread is misleading and can lead to a little
unjustified
hysteria. What it boils down to is that any machine using the TCP protocol
has been performing computations without you knowing it all along. Its
called
TCP Checksum. Whichever way the equation or checksum is written is a
trivial issue.

2) There was so much "fluff" in the proof of concept that there is no
credible
means to say "parasitic computing" can or cannot be used in a more practical
method.

BC

----- Original Message -----
From: <aleph1@securityfocus.com>
To: <brian.carvalho@verizon.net>
Cc: "Bartholomew Simpson" <focusyne@yahoo.com>;
<focus-ids@securityfocus.com>
Sent: Tuesday, October 23, 2001 12:22 AM
Subject: Re: PARASITIC COMPUTING - WHAT'S NEXT

> * brian.carvalho@verizon.net (brian.carvalho@verizon.net) [011023 03:40]:
> >
> > Surely there is a more efficiant way of performing computations
> > than to forge tons of TCP header info and deal with tons of
> > unnecessary traffic and dropped packets due to failed
> > "answers".
>
> As they clearly point out in their paper this is simply a proof of
> concept. They clearly state the TCP checksum implementation does not
> provide a good ROI (the computation they can extract from remote CPUs
> via this method is minimal compared to the cycles they spend generating,
> sending, and receiving the packets). Nonetheless, there might be other
> areas that can be exploited that have a better ROI making parasitic
computing
> payoff. In particular they say SSL/TSL may be an interesting area to
explore.
>
> > BC
>
> --
> Elias Levy
> SecurityFocus
> http://www.securityfocus.com/
> Si vis pacem, para bellum

Relevant Pages

  • Re: PARASITIC COMPUTING - WHATS NEXT
    ... PARASITIC COMPUTING - WHAT'S NEXT ... "TCP CHECKSUM!!!" ... They state you can send forged packets to a target (a web ... PARASITIC COMPUTING - WHAT'S NEXT ...
    (Focus-IDS)
  • Re: 10/100 Ethernet Chips
    ... >the biggest problem for reaching such a rate is the CRC computing of the ... which needs a lot of computing time. ... The TCP checksum is just a sum - no CRC involved. ... though that achiving full datarate with a microcontroller is hard. ...
    (comp.arch.embedded)