6147Re: [decentralization] Saaf testimony
- Oct 2, 2002lucas@... wrote:
> ====This type of DDoS is different, in that it is not relying on sheer traffic
> Interdiction works by getting in front of potential downloaders when
> someone is serving pirated content using a P2P network. When
> MediaDefender's computer's see someone making a copyrighted file available
> for upload, our computers simply hook into that computer and download the
> file. The goal is not to absorb all of that user's bandwidth but block
> connections to potential downloaders. If the P2P program allows ten
> connections and MediaDefender fills nine, we are blocking 90% of illegal
> uploading. The beauty of Interdiction is that it does not affect anything
> on that computer except the ability to upload pirated files on that
> particular P2P network. The computer user still has full access to e-mail,
> web, and other file sharing programs.
> This is obviously a denial of service attack, and a fairly stupid one.
> Any limited number of providers that attempts to DoS an entire megacluster
> is trying to turn the logic of a DDoS upside down. If that interdiction
> approach works, then DDoS attacks don't work.
to implement a DoS, but issuing a number of file requests to tie up available
download slots on peers sharing copyrighted content.
This is certainly technically feasable, and if they used a distributed network
themselves to implement the attacks it would be hard to defend against.
> Ok, so let's say the purpose is not to DoS the whole network, it's toYes, but if you are tying up a large number of peers it is going to start
> bother an individual user. But the attack only targets user uploads.
> Assuming that the user is uploading out of generosity or laziness, this is
> no attack at all. She waits until the attack is over, totally unbothered,
> and goes back to uploading.
effecting everyone regardless. It sounds like these attacks are intended to
be much longer lived than a traditional DoS as well, as the bandwidth required
is actually very low to simply establish a connection that barely trickles
> But so what -- it doesn't matter whether this attack works. WhatThis one would work fairly well if they did it right. Attacking namespaces
> attacks would work?
and search domains is also annoying, like the false query hits and bogus
music / movie files...
key fingerprint: 9C00 C63E A71D D488 AF17 F406 56FB 71D9 E17D E793
( see html source for public key )
- << Previous post in topic Next post in topic >>