[cloud] [Noisebridge-discuss] Distributed computing and storage (with some major caveats)

Sai Emrys noisebridge at saizai.com
Fri Jun 26 20:43:40 PDT 2009


On Fri, Jun 26, 2009 at 5:40 PM, Ian<ian at slumbrparty.com> wrote:
> there is a crypto thing called Public Information Retrieval. it lets
> you do just that

Very interesting, thanks for the lead. Will research.

> anyway, you have a decentralized control and command unit which is not
> typical of these systems. distributed systems usually have a
> centralized C&C while decentralized networks either are autonomous or
> require an entry node.

I'd want it to be autonomous. Entry nodes are points of failure -
either by overload, subpoena, hax0r, or other means. (They also make
doing a full node index and compromise of new nodes relatively easy -
both things I want to be resilient to.)

How to do this, I think, greatly depends on how new nodes are created.
If they're created in some way that is itself P2P (e.g. where there's
some viable concepts of 'referral' or 'child nodes'), then one way to
solve it is for the parent to change the package to include a list
generated from the parent of its neighbors (modified to be appropriate
for the child). That way the new node will on birth know a viable
subset of the graph, sufficient to join, without having the problems
inherent in a static (or even psuedo-static, a la fast-cycle DDNS)
entry point.

I'm not sure if this would create a security flaw re. preventing node
indexing, though, but even if it does I think the tradeoff is
worthwhile.

>  from what i have seen implemented so far,
> barring currently research that has not been proven, are that of
> botnets. it is possible. unfortunately, botnets (afaik) dont have a
> lot of the other properties you listed.

In fact what I described is, effectively, a botnet.

However, I've done a bit of research* on extant botnet methods, and
IMHO almost all of 'em are seriously deficient in many ways.

For one, the popular C&C-over-IRC is right out (client/server); newer
stuff (e.g. Conficker) might be better, but I've only seen RE-based
analyses, not usable source. (If you know of some, please send it my
way.)

OTOH some of its techniques are certainly worth copying...

- Sai

* I've got a collection of botnet-related whitepapers on Dropbox, but
it seems a bit hard to share a whole folder without you having an
account. So if you want 'em, sign up here:
https://www.getdropbox.com/referrals/NTQ5OTU1Njk (we'll both get 250MB
more space), ping me w/ what email/username you used, and I'll add you
to the folder.

Or just get this:
http://files.getdropbox.com/u/499556/botnet_whitepapers.tar.gz (give
it a few minutes if it's not up yet)


More information about the cloud mailing list