More highlights...
The O'Reilly P2P Conference -- San Francisco, CA. Feb. 14 - 16, 2001
On this one:
- P2P and IPv6
- P2P and Security
- lessons from SETI@home
- Sun announces JXTA
- Wanted: a survival plan for the music industry -- Napster and the
consequences
2/14/01:
P2P and Ipv6: Christian Huitema (Microsoft)
- An interesting perspective on why p2p will drive the deployment of ipv6.
***********************************************************************
Security Issues Surrounding Distributed and P2P Systems: Nelson Minar
(Popular Power)
Followed immediately by:
Dealing with NATs and Firewalls
- In downloading software clients for distributed computing models: how do
I know that what I am downloading is not malicious or buggy and if I am
the one giving you the computation, how do I know that you won't
substitute your own software and return bad results.
- Building trust and reputation systems. Groove and Aimster do that by
establishing "trust" relations among the group of collaborators who
"know" each other.
Security in p2p systems
P2p security is hard; The real problem is the network as a whole (e.g.,
all able to spread via p2p way-like. Take the latest such as the Anna
kournikova, ILOVEYOU, etc) all in less than 36 hours.
Client/server security: basics are common practice (firewalls,
authentication (server to client and vice versa), encryption, no bugs)
In p2p is harder:
- each computer is untrusted
- peers don't have trust relationships
- capacity for rapid spread of trouble
- individuals can cause local damage that spreads
- everybody could be running different software
- code may be mobile
- decentralization makes auditing difficult
- complex systems that are hard to understand
Some solutions:
- encryption
- authentication
- firewalls
- trust and reputation
- sandboxes: especially for mobile code systems
- dealing with NATs and firewalls:
One of the speakers: "Firewalls are dead! Function of the firewalls will
migrate into the operating system."
Other issues discussed:
- Building p2p to be hostile or friendly
- Centralized units do not like decentralized systems
- What is the good way of working with the IT departments; Develop
technical abilities to work with IT departments; and getting the p2p
people to talk to the IT people.
- Educating IT that p2p can be used as a productivity tool.
***********************************************************************
Lessons from SETI@home: David Anderson
- 2.7 million users in 226 countries
- accumulated 500,000 years of CPU time; rate of computing is 25 teraflops
- staff of three to five people
- critical to the project's success were outreach programs with users
(educational, rewards/acknowledgements, marketing)
- Security (50% of resources devoted to security problems)
- Code is 90% platform-independent and currently works on 80 different
platforms. The most complex was Windows...
********************************************************************
2/15/01:
Keynote: From Unix to Java to XML to Peer-to-Peer: Bill Joy
- Sun announces JXTA: Sun's initiative to provide basic infrastructure
services for p2p applications.
***********************************************************************
Wanted: a survival plan for the music industry -- Napster and the
consequences
- An overview of a whitepaper from Diebold/time Labs; authored by andreas
Becker and Marc Ziegler.
- whitepaper produced: A challenge but also an orientation for the
music industry.
- If you want, you can order the paper (for a hefty sum) at
www.diebold-digital.de
- when more time allows, I will write something on this; overall a few
possible models were presented that the music/recording industry may need to
consider as their current models prove to be out of date.
- some quick scribbled notes:
p2p brought up the antiquity and "out of touch" Internet business strategy
of the recording industry.
- new business models will need to be developed and implemented, with a
revised, if not very different, modern notion of copyright and intellectual
property.
- With the current "search and destroy strategy" the music industry will
only enhance the conflict between artists, online players, and music
listeners; "The music industry will forfeit its central mediator role."
- "Napster, only online for 12 months, already posseses a better brand name
than the established record labels, and [is] thus meeting with widespread
acceptance from the online community. 14,000 songs are exchanged via Napster
per MINUTE - no record label has anything comparable to counter this."
***********************************************************************
[If you want more details/specifics, go to:
http://www.openp2p.com/pub/a/p2p/conference/index.html]
|