Grad Student Project Uses Wikis To Stash Data, Miffs Admins 268
Anonymous writes "Two graduate students at the Ivy League's Brown University built a P2P system to use abandoned wiki sites to store data. The students were stealing bandwidth from open MediaWiki sites to send data between users as an alternative to BitTorrent. There was immediate backlash as site operators quickly complained to the University. The project appears to be shutdown, but many of the pages still remain on the web. The project homepage was also taken down and the students posted an apology this afternoon." The same submitter links to two different forum discussions on the project.
What the Page Originally Said (Score:5, Informative)
Google Cache still has the old data.
http://209.85.173.132/search?hl=en&q=cache%3Ahttp%3A//graffiti.cs.brown.edu/ [209.85.173.132]
C&P of page text (in case the cache updates quickly):
Graffiti Networks
A Subversive, Internet-Scale Peer-to-Peer File Sharing Model
Abstract:
The proliferation of peer-to-peer (P2P) file sharing protocols is due to their efficient and scalable methods for data dissemination to numerous users. But many of these networks have no provisions to provide users with long term access to filesafter the initial interest has diminished, nor are they able to protect users from malicious clients that wish to implicate them in incriminating activities. We present a new file sharing paradigm that harnesses the potentially unlimited storageof the Internet as a third-party intermediary for peers to indirectly transfer data with each other. We base our decentralized architecture on the premise that users trust file sharing coordinators, but do not trust any other user. Our key contributions in this paper include an overview of the design for a P2P system that implements our new model and a discussion ofthe challenges that such a system will likely encounter.
People:
* Andrew Pavlo - Brown University
* Ning Shi - Brown University
Re:SlashdotFS (Score:1, Informative)
Funny mods, not interesting.
Re:SlashdotFS (Score:3, Informative)
Apparently they don't know about SlashdotFS.
Sure. Most people don't seem to realize that 'First Post' is part of the meta data of the file system. That's why it seems like nonsense - it really has nothing to do with anything, and the 'people' posting them seem like morons. Artificial stupidity was achieved years ago!
"Abandoned" my pasty white ass (Score:5, Informative)
I found their garbage on my site yesterday. It's not a high-volume site, but it sure as hell isn't abandoned. And after all this apologizing, one of the students still has the complete list of wikis they used available on his student page. This was a serious case of lack of oversight and/or bad judgment.
Re:Theft? (Score:3, Informative)
This isn't particularly original research, though. I forget the specifics a long time ago (and also the sources, I'm afraid!) but I remember seeing a piece of research years ago talking about how you could treat various systems as short-to-long term storage (a TCP packet aimed at a refusing source can let you store a tiny amount of information for a very short period of time, a url shortening service can store some data for you, a wiki, a guestbook, a slashdot comment, an image hosting site (steganographically insert some content in your image).
The only difference is that the people doing this research actually wasted some peoples bandwidth abusing their websites rather than just positing the concept
Re:Why???? (Score:3, Informative)
When the chunks are encrypted there is no way of knowing who the appropriate AA is. As all you have is a little chunk it's impossible to decrypt because the underlying compression layer is missing important data and so you cannot even check your decryption.
You may be able to identify a piece of gzip by frequency analysis as there's a tiny bit of entropy left but a modern compression (7z, rar) will probably leave nothing to distinguish the particular chunk you have.
Re:"Abandoned" my pasty white ass (Score:3, Informative)
Criteria:
Once we found a site, our crawler inspected it by probing certain URLs to determine whether it allowed for anonymous edits, or whether it was protected by CAPTCHAs or the lame puzzle authentication plugin.
Re:Its NOT stealing (Score:3, Informative)
No, they weren't using "abandoned resources", they were using wikis with anonymous editing enabled so that they could experiment with what amounts to decentralized bandwidth leeching.
Re:Theft? (Score:5, Informative)
Depends on the country you live in. Here in the US, criminal trespass is a crime, and can result in 6 months to a year in jail. Repeated offenses, or trespass with a weapon doubles that.
Re:Big difference between virtual and real worlds. (Score:3, Informative)
Just to sum up: this is similar to some guy you don't know storing materials in the empty space of your back yard.
Re:Theft? (Score:3, Informative)
That would be the law in whatever state you're in. Criminal trespass is not a federal crime, so the law on it will vary from state to state. It's probably broadly similar everywhere in the US, though.
Fuck these guys. (Score:4, Informative)
Fuck these guys.
They didn't hit just abandoned wikis. In fact, when they first started doing this back in January, they didn't leave any information about what they were doing, and they used proxy servers to hide where they came from.
Evidence [untergrund.net], my wiki was hit and I had no clue what was going on.
Re:Theft? (Score:2, Informative)
No, that's not true. http://law.justia.com/vermont/codes/title13/section03705.html [justia.com]
If there's a sign that that reasonably prohibits trespass, then it's a crime. And "trespassers will be prosecuted" makes it clear that you're trespassing.