Re: Parasitic Computing

From: Rod Smith (rodsmith@speaker.rodsbooks.com)
Date: 01/01/02 

From: rodsmith@speaker.rodsbooks.com (Rod Smith)
Date: Tue, 01 Jan 2002 19:54:05 GMT

In article <e59f93b2.0201010825.440630ab@posting.google.com>,
        osiris@deltaville.net (Michael Erskine) writes:
>
> Network bandwidth is (as you know) like a river flowing into the
> ocean. If you go up stream you find less and less bandwidth per node.
> Since this problem is essentially a bandwidth limitation problem the
> limits of the computational resource are well distributed thru the
> contribuiting nodes as a natural consequence of the evolution of the
> network itself. Upstream nodes, end user systems, have small
> bandwidth but large wasted computational power. Downstream nodes,
> server systems, have high bandwidth and less wasted computational
> power. Therefore stealing computational cycles (if it can be done
> efficiently) becomes lucrative to the BIG GUYS, not to the LITTLE
> GUYS.

This might provide one means of defense (or at least retaliation)
against somebody trying this. Unlike a spammer, who also steals
computing resources from victims, somebody who perpetrates this scheme
can't use a "throwaway" account; these big pipes are expensive to
install and maintain, so if the perp is caught and cut off, that'll be
a major loss. This can be a deterrent, if the people who control the
big pipes implement and enforce (even sporadically) policies against
such actions.

> The difference between this technology and the SeTi project is that
> SeTi is borrowing compute time from willing contribuitors. This
> technology can steal compute time from unknowing victims.

A couple of points:

1) SETI (note all caps) is not a single project, but a term that
   applies to several unrelated projects with the same aim -- to locate
   intelligent extraterrestrial life. You're referring to one specific
   SETI project that's known as SETI@Home, which is unrelated to
   Excite@Home, the failing ISP. I just want to throw this out to try
   to keep the terminology correct and on-track.
2) SETI@Home doesn't operate in a way that's terribly similar to
   parasite computing, although I suppose at a broad enough level of
   abstraction they are similar. SETI@Home involves the installation of
   a special client package on each node. This package does extensive
   computation on a data set sent from a server, and the results are
   returned to this same server. The parasite computing method uses the
   standard TCP/IP stack to cause the victim to perform a simple
   computation for the parasite system, so it requires no special client
   software. That's an important distinction that might be getting a bit
   lost in this discussion.

> Imagine a system based upon the concept. A parasite system, designed
> specifically to distribute a problem across a hundred million
> computers. In each processing cycle it forwards a hundred million
> bits (packets) to a hundred million computers.

I'm no expert on the subject, but it seems to me there may be another
weakness buried in here. Suppose for the sake of argument that
parasitic computing using this method becomes commonplace, and a
problem. All it would take would be a few systems deliberately
configured to return bogus results to completely disrupt the
computation. Of course, this would probably render these systems
useless for normal network use, but I bet some people would do it
anyhow, utilizing otherwise unused IP addresses. In fact, a system with
two network interfaces could remain usable, with one card deliberately
"poisoned" to foil parasitic computation. OTOH, this could make the
problem worse, since the thieves might then try performing each
computation multiple times. That would greatly complicate the
computations, though, making it less economically viable. Parasites
might also draw up blacklists of known poisoned IP addresses. 

-- 
Rod Smith, rodsmith@rodsbooks.com
http://www.rodsbooks.com
Author of books on Linux & multi-OS configuration

Relevant Pages

  • Re: Parasitic Computing
    ... view the technology as much of a threat, ... Network bandwidth is like a river flowing into the ... If you go up stream you find less and less bandwidth per node. ... across thousands of much slower upstream nodes (victims). ...
    (comp.os.linux.security)
  • Re: Routing and bandwidth problem
    ... Subject: Routing and bandwidth problem ... > so that each client is properly isolated into their own network and cannot ... It seems to me that multiple Ethernet cards ... > Connex automatically scans all messages for viruses using RAV AntiVirus. ...
    (RedHat)
  • Re: Finding the bandwidth bandit
    ... The network was set up by a contractor and they have a VPN tunnel between our plant, the corporate office and rackspace where the FSMO DC Sits and use these Linksys VPN boxes to keep up the VPN tunnels. ... The ISA server will be able to tell me which user is using up the most bandwidth and I have a strong feeling that whomever ISA says that person is, is most likely the one sucking up the bandwidth all day long. ...
    (microsoft.public.windows.server.networking)
  • Re: IRC-based Olympic Coverage
    ... >> when it comes to network and computer security. ... anything to do with IRC. ... Looking at what experience have told me, regular web browsing at work ... E-Mail will probably top the list (total bandwidth over 24 hours, ...
    (comp.security.firewalls)
  • Re: Band Width
    ... My wife came home with a complete schematic of the Network setup where she ... Is this truly a "bandwidth" concern? ... If she is listening to radio at 32kbps and their LAN is a 100mbps network ... internet connection, then on paper that still leaves 90% of your LAN ...
    (microsoft.public.win2000.advanced_server)