Front page
Silflay Hraka?

Bigwig is a systems administrator at a public university
Hrairoo is the proprietor of a quality used bookstore
Kehaar is.
Woundwort is a professor of counseling at a private university

The Hraka RSS feed

bigwig AT

Friends of Hraka
Daily Pundit
cut on the bias
Meryl Yourish
This Blog Is Full Of Crap
Winds of Change
A Small Victory
Silent Running
Dr. Weevil
Little Green Footballs
Fragments from Floyd
The Feces Flinging Monkey
the skwib
Dean's World
Little Tiny Lies
The Redsugar Muse
Natalie Solent
From the Mrs.
The Anti-Idiotarian Rottweiler
On the Third Hand
Public Nuisance
Not a Fish
Electric Venom
Skippy, The Bush Kangaroo
Common Sense and Wonder
Neither Here Nor There
The Greatest Jeneration
Ipse Dixit
Blog On the Run
Redwood Dragon
Greeblie Blog
Have A Cuppa Tea
A Dog's Life
Iberian Notes
Midwest Conservative Journal
A Voyage to Arcturus
Trojan Horseshoes
In Context
The People's Republic of Seabrook
Country Store
Blog Critics
Chicago Boyz
Hippy Hill News
Kyle Still Free Press
The Devil's Excrement
The Fat Guy
War Liberal
Assume the Position
Balloon Juice
Iron Pen In A Velvet Glove
Freedom Lives
Where Worlds Collide
Knot by Numbers
How Appealing
South Knox Bubba
Heretical Ideas
The Kitchen Cabinet
Bo Cowgill
Raving Atheist
The Short Strange Trip
Shark Blog
Ron Bailey's Weblog
Cornfield Commentary
Northwest Notes
The Blog from the Core
The Talking Dog
WTF Is It Now??
Blue Streak
Smarter Harper's Index
nikita demosthenes
Bloviating Inanities
Sneakeasy's Joint
Ravenwood's Universe
The Eleven Day Empire
World Wide Rant
All American
The Rant
The Johnny Bacardi Show
The Head Heeb
Viking Pundit
Oscar Jr. Was Here
Just Some Poor Schmuck
Katy & Bruce Loebrich
But How's The Coffee?
Roscoe Ellis
Sasha Castel
Susskins Central Dispatch
Josh Heit
Aaron's Rantblog
As I was saying...
Blog O' Dob
Dr. Frank's Blogs Of War
Betsy's Page
A Knob for Brightness
Fresh Bilge
The Politburo Diktat
Drumwaster's rants
Curt's Page
The Razor
An Unsealed Room
The Legal Bean
Helloooo chapter two!
As I Was Saying...
SkeptiLog AGOG!
Tong family blog
Vox Beth
I was thinking
Judicious Asininity
This Woman's Work
Fragrant Lotus
Single Southern Guy
Jay Solo's Verbosity
Snooze Button Dreams
You Big Mouth, You!
From the Inside looking Out
Night of the Lepus
No Watermelons Allowed
From The Inside Looking Out
Lies, Damn Lies, and Statistics
Suburban Blight
The SmarterCop
Dog of Flanders
From Behind the Wall of Sleep
Beaker's Corner
Bad State of Gruntledness
Who Tends The Fires
Granny Rant
Elegance Against Ignorance
Say What?
Blown Fuse
Wait 'til Next Year
The Pryhills
The Whomping Willow
The National Debate
The Skeptician
Zach Everson
Geekward Ho
Life in New Orleans
Rotten Miracles
The Biomes Blog
See What You Share
Blog d’Elisson
Your Philosophy Sucks
Watauga Rambler
Socialized Medicine
Verging on Pertinence
Read My Lips
The Flannel Avenger
Butch Howard's WebLog
Castle Argghhh!
Andrew Hofer
Moron Abroad
White Pebble
Darn Floor
Pajama Pundits
Goddess Training 101
A & W
Medical Madhouse
Slowly Going Sane
The Oubliette
American Future
Right Side Redux
See The Donkey
Newbie Trucker
The Right Scale
Running Scared
Ramblings Journal
Focus On Reality
Wyatt's Torch

March 02, 2004

The CD Potlatch: A Completely Theoretical Construct

At one point in my SANS class we covered stealth scanning, one of the many methods a more adept hacker might use to map a network without being detected. Though there are a number of aspects to stealth scanning, one of the more important is that a scan is set to run very slowly, often sending just a few packets per hour to the target network, where they will almost certainly be lost in the noise generated by regular traffic, not to mention the ubiquitous script kiddie scans. There might be one or two entries in a network log from a stealth scan for every thousand generated by a script kiddie. The hope is that the stealthed attempts appear so innocuous in comparison that they are essentially ignored by systems administrators with both little time on their hands and bigger fires to deal with in the first place.

For the most part, that hope is a valid one, though many of the most common kiddie scans are now filtered out.

Right now, p2p networks like Gnutella and Kazaa are the equivalent of the script kiddie scans to the RIAA, except that the RIAA can't afford to ignore them. To date, the best response that organization has come up with to file trading is to skim off some of the top traders and sue them, though the strategy has had mixed results thus far.

Theoretically the RIAA could eventually work its way down the chain to the less active traders, though the sheer number of people on a p2p network at one time would limit the number of cases the RIAA's lawyers could prosecute. But as long as there are ISP logs of an individual user's activity, and there always will be, anyone who trades over a p2p network could be subject to prosecution, at least until the p2p networks become completely encrypted.

So at the moment what's needed, from the point of view of a person used to trading files at will, is a p2p equivalent of a stealth scan.

Stealth scans work not only by being slow, but by targeting only one address at a time, rather than scanning a list of all possible hosts on a network at once. The p2p equivalent should be the same.

What I have in mind is a type of temporary trust network, where the membership is extremely limited--the fewer the better, in fact--call it a cd potlatch. Members of the potlatch would send each other a list* of the songs they possess, then trade songs or cds on a one for one basis, either by snail mail or private ftp. Once the transactions between them are complete, each updates his list, ends the association, and contacts another person. In a few months time the potlatch could re-connect and start the process again. For security's sake, neither shares his contact list with the other, sharing only song information. The truly paranoid could use throwaway email addresses for each contact.

Essentially, it's the same process most people already use with their friends, where burned copies of desired cds are swapped back and forth, extended over long distances and using the Internet or snail mail in lieu of physically handing over a copied cd. Surely something similar is already being done in many corners of the internet--it's just not been formally described, at least not anywhere that I have looked thus far.

Note that such a practice is probably just as illegal in the eyes of the RIAA as participating in Gnutella and Kazaa is, though as I am not a lawyer, who knows?

*Which can be exported from programs like iTunes to a spreadsheet in a matter of minutes. In fact, here's my list, which I exported just now in order to see what the process would be. Feel free to make fun of my taste. Sadly, this is less than half what the Sainted Wife and I own between us. My God, the money we've spent on cds.

And yes, they're all bought and paid for. Once upon a time I had 17+ gigs of Napster downloads, but the hard drive they were on blew out one night, to my great dismay.

Posted by Bigwig at March 2, 2004 12:42 PM | TrackBack
First time visitor to House Hraka? Wondering if everything we produce could possibly be as brilliant/stupid/evil/pedantic/insipid/inspired as the post you just read? Check out the Hraka Essentials, the (mostly) reader-selected guide to Hraka's best posts, and decide for yourself.

Anyone with that much Crowded House and Joe Jackson has automatic entry into the good taste club.

Posted by: Simon at March 10, 2004 08:38 PM
Post a comment Note: Comments with more than two dashes per line will be blocked as spam.

Remember personal info?