Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Grad Student Project Uses Wikis To Stash Data, Miffs Admins

timothy posted more than 5 years ago | from the going-on-the-beg-forgiveness-principle dept.

Networking 268

Anonymous writes "Two graduate students at the Ivy League's Brown University built a P2P system to use abandoned wiki sites to store data. The students were stealing bandwidth from open MediaWiki sites to send data between users as an alternative to BitTorrent. There was immediate backlash as site operators quickly complained to the University. The project appears to be shutdown, but many of the pages still remain on the web. The project homepage was also taken down and the students posted an apology this afternoon." The same submitter links to two different forum discussions on the project.

Sorry! There are no comments related to the filter you selected.

What the Page Originally Said (5, Informative)

Anonymous Coward | more than 5 years ago | (#27553063)

Google Cache still has the old data.

http://209.85.173.132/search?hl=en&q=cache%3Ahttp%3A//graffiti.cs.brown.edu/ [209.85.173.132]

C&P of page text (in case the cache updates quickly):

Graffiti Networks
A Subversive, Internet-Scale Peer-to-Peer File Sharing Model

Abstract:
The proliferation of peer-to-peer (P2P) file sharing protocols is due to their efficient and scalable methods for data dissemination to numerous users. But many of these networks have no provisions to provide users with long term access to filesafter the initial interest has diminished, nor are they able to protect users from malicious clients that wish to implicate them in incriminating activities. We present a new file sharing paradigm that harnesses the potentially unlimited storageof the Internet as a third-party intermediary for peers to indirectly transfer data with each other. We base our decentralized architecture on the premise that users trust file sharing coordinators, but do not trust any other user. Our key contributions in this paper include an overview of the design for a P2P system that implements our new model and a discussion ofthe challenges that such a system will likely encounter.

People:

        * Andrew Pavlo - Brown University
        * Ning Shi - Brown University

Re:What the Page Originally Said (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27553629)

If you are stimulated by new ideas and if you can think for yourself rather than simply accept what The Free Software Foundation dishes out, I think you will find this letter of interest. It is worth noting at the outset that The Free Software Foundation is stepping over the line when it attempts to authorize, promote, celebrate, and legitimize larcenous conformismâ"way over the line. I'm willing to accept that unyielding rigidity is just as much a threat to the continuity of things as stultiloquent Comstockism. I'm even willing to accept that I invite you to talk to it yourself if you feel that I'm misrepresenting its position. But it is hardly surprising that it wants to shift our society from a culture of conscience to a culture of consensus. After all, this is the same cynical lunkhead whose brutal prattle informed us that it is a refined organization with the soundest ethics and morals you can imagine.

If you wonder why I take the stance that I do, it's because some people think I'm exaggerating when I say that the simple-minded and heartless nature of The Free Software Foundation's nostrums should indicate to us that something needs to be done. But I'm not exaggerating; if anything, I'm understating the situation. If The Free Software Foundation wants to advocate annoying allegations, fine. Just don't make me burst into tears while it's at it. You may wonder why The Free Software Foundation is fiddling while Rome burns. It's simply because I recently informed The Free Software Foundation that its dupes fix blame for social stress, economic loss, or loss of political power on a target group whose constructed guilt provides a simplistic explanation. The Free Software Foundation said it'd "look further into the matter." Well, not too much further. After all, to get even the simplest message into the consciousness of benighted hooligans of one sort or another it has to be repeated at least fifty times. Now, I don't want to insult your intelligence by telling you the following fifty times, but I never used to be particularly concerned about its anecdotes. Any damned fool, or so I thought, could see that I think that we need to do more to avoid the extremes of a pessimistic naturalism and an optimistic humanism by combining the truths of both. Or, to express that sentiment without all of the emotionally charged lingo, if it doesn't realize that it's generally considered bad style to exercise both subtlety and thoroughness in managing both the news and the entertainment that gets presented to us, then it should read one of the many self-help books on the subject. I recommend it buy one with big print and lots of pictures. Maybe then The Free Software Foundation will grasp the concept that I've heard it say that honor counts for nothing. Was that just a slip of the lip, or is The Free Software Foundation secretly trying to dispense bread and circuses to poxy charlatans to entice them to infiltrate and then dominate and control the mass media? I once asked The Free Software Foundation that questionâ"I am still waiting for an answer. In the meantime, let me point out that I wonder what would happen if The Free Software Foundation really did increase people's stress and aggression. There's a spooky thought.

The Free Software Foundation's fibs are surrounded by a halo of mercantalism. As an interesting experiment, try to point this out to it. (You might want to don safety equipment first.) I think you'll find that I've managed to come up with a way in which The Free Software Foundation's essays could be made useful. Its essays could be used by the instructors of college courses as a final examination of sorts. Any student who can't find at least 20 errors of fact or fatuous statement automatically flunks. Extra credit goes to students who realize that only the impartial and unimpassioned mind will even consider that we should not concern ourselves with The Free Software Foundation's putative virtue or vice. Rather, we should concern ourselves with our own welfare and with the fact that we must take up the mantle and hold out the prospect of societal peace, prosperity, and a return to sane values and certainties. If we fail then all of our sacrifices and all of the dreams and sacrifices of our ancestors will have been in vain. The key is to realize that if The Free Software Foundation makes fun of me or insults me I hear it, and it hurts. But I take solace in the fact that I am still able to combat the oligophrenic ideology of escapism that has infected the minds of so many juvenile pip-squeaks. I'll end this letter with a personal invitation to The Free Software Foundation itself: If you care to respond to what I wrote, please do, especially if you think that I am being inaccurate or unfair. I do not wish to misrepresent you in any way whatsoever. Pax vobiscum.

Theft? (5, Interesting)

palegray.net (1195047) | more than 5 years ago | (#27553075)

The students were stealing bandwidth from open MediaWiki sites

The fact that some "admin" abandoned a site, with open privileges to post on it, does not constitute theft. I manage servers and write code for a living, and while I'd put a stop to such practices on any site I managed, the use of the term "theft" is laughable.

This is very much reminiscent of Microsoft crying to the media that all their security problems were due to evil hackers, and not their abject failure to follow long-accepted industry practices for code reviews and architecture. My response: cry me a river, and congrats to the grad students for their innovative work in the field of distributed communications.

Re:Theft? (4, Insightful)

Jurily (900488) | more than 5 years ago | (#27553111)

The fact that some "admin" abandoned a site, with open privileges to post on it, does not constitute theft.

It's clearly abuse though, and if the site has any terms of use, this one's in there.

Re:Theft? (5, Insightful)

palegray.net (1195047) | more than 5 years ago | (#27553171)

I deal with this stuff all day long, predominantly from IP connections far outside U.S. jurisdiction. These students were, in my rather experienced and measured opinion, doing the community a favor by pointing out exactly how easy this sort of feat is to pull off.

Their note about using reCAPTCHA is sound advice. Admins who depend on TOS policies and their nation's legal framework to defend against networked threats are negligent in their duties. I don't waste my time worrying about chasing people around for violations of my sites' terms of service. Instead, I focus my efforts on deploying technical solutions that fix the issue.

Re:Theft? (4, Insightful)

Jurily (900488) | more than 5 years ago | (#27553323)

Admins who depend on TOS policies and their nation's legal framework to defend against networked threats are negligent in their duties.

True. But if I don't lock my front door, that doesn't mean it's ok for you to take my stuff.

Re:Theft? (4, Insightful)

palegray.net (1195047) | more than 5 years ago | (#27553351)

That depends entirely on your jurisdictional ability to prosecute me. By my personal code of ethics, I'd never engage in such behavior for commercial gain. Others aren't so picky (reference spammers, phishers, botnet operators, etc).

Add in the fact that wikis are specifically designed to allow open posting of content, and you've got yourself a problem if you're not competent enough to properly secure your site against even the most basic of threats.

Let me put it another way: if I own a gun and leave it on my front porch with a full magazine of ammo in it, I can't bitch when my weapon gets lifted and someone gets killed with it.

Re:Theft? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27553435)

On the other hand, imagine if you have a outlet on your front porch, and somebody comes up and starts using power tools from it.

Re:Theft? (4, Insightful)

palegray.net (1195047) | more than 5 years ago | (#27553921)

I guess I should have secured that outlet to prevent unauthorized access. My property, my responsibility. There's an old saying that your freedoms are only valid to the extent that you're able to defend them.

Re:Theft? (4, Funny)

MrMista_B (891430) | more than 5 years ago | (#27553649)

You sir, are someone I'd trust with the internet.

Re:Theft? (5, Funny)

tagno25 (1518033) | more than 5 years ago | (#27553373)

True. But if I don't lock my front door, that doesn't mean it's ok for you to take my stuff.

But if you are in the UK I can come in and watch the TV if it is on.

Re:Theft? (-1, Redundant)

palegray.net (1195047) | more than 5 years ago | (#27553385)

Well played, sir, well played :).

Re:Theft? (2, Interesting)

perryizgr8 (1370173) | more than 5 years ago | (#27553555)

and if you are in Scandinavia, i can go into any house and use the washroom.

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27553997)

Considering the fact that it's Scandinavia we're talking about, what if there's already an attractive young lady in the washroom? Furthermore, what if my wife is the one who needs to use the washroom? May I legally occupy it when both women are present?

Re:Theft? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27553407)

But can I leave my garbage on your porch?

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27553427)

Does it contain recyclable content such as bottles and cans that I can redeem for cash upon my next trip to Publix? If so, absolutely! I would appreciate it if you'd remove any infectious material prior to dropping it off on my porch, however. I've seen a lot of weird stuff in garbage as a consequence of military service, but I'm not really cool with things like used needles anymore. Please, give me goods equivalent to cash, I'm not gonna stand in your way.

Re:Theft? (1)

Faylone (880739) | more than 5 years ago | (#27553413)

Perhaps, but if you don't lock your door, it's not breaking and entering, just entering. Theft is another matter.

Re:Theft? (0)

Anonymous Coward | more than 5 years ago | (#27553467)

It's still B&E thanks to archaic regulations not matching english--you're breaking the invisible wall of the property. Don't ask me how you're supposed to know this... It's also very often trespass.

Re:Theft? (5, Insightful)

aliquis (678370) | more than 5 years ago | (#27553715)

Don't ask me how you're supposed to know this...

Common sense? Works for most of us ..

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27554015)

I've decided to take a personal interest in your posts.

Re:Theft? (2, Insightful)

andy.ruddock (821066) | more than 5 years ago | (#27553877)

Ah, but trespass is a tort, not a criminal offence (which is why all "trespassers will be prosecuted" signs can safely be ignored).
OTOH "Trespassers will be shot and fed to the dogs" signs should ALWAYS be heeded.

Re:Theft? (2, Interesting)

palegray.net (1195047) | more than 5 years ago | (#27554007)

Just to reinforce the old saying that you only truly have the freedoms that you can actually defend yourself, anyone who enters my home on an unauthorized basis is likely to get a .40 caliber answer to their silent question. Screw prosecuting for trespass.

Re:Theft? (1)

balloonhead (589759) | more than 5 years ago | (#27553933)

It would be more like leaving a sign saying that it was OK to come in and write cool stuff on your wall, then getting pissy because some douchebag came along and wrote a bunch of encoded hex instead.

Re:Theft? (0)

Anonymous Coward | more than 5 years ago | (#27553419)

Regardless, Santa knows who's naughty and nice. And these kids aren't getting any kandy in their stockings this year.

Re:Theft? (1)

Schemat1c (464768) | more than 5 years ago | (#27553561)

I don't waste my time worrying about chasing people around for violations of my sites' terms of service. Instead, I focus my efforts on deploying technical solutions that fix the issue.

Shouldn't that be how we solve all social issues instead of just writing more laws?

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27553619)

Yes, it should absolutely be how we solve social issues. Technical fixes apply to more than just networks and computing platforms; they're equally applicable to most social problems if people are willing to approach the issues from a rational perspective.

It may not be theft... (2, Insightful)

erayd (1131355) | more than 5 years ago | (#27553119)

...but it's far from ethical.

Most open wikis are left that way to encourage collaberation, and usually have a TOS somewhere that prohibits spamming. And even if the TOS doesn't prohibit this, it's bloody obvious that whoever runs the target site doesn't want a pile of meaningless content that isn't relevant and they can't use.

I say good on the university for pulling this project down, and whichever ethics committee approved this project should be replaced - they clearly haven't done their job properly!

Re:It may not be theft... (1, Insightful)

palegray.net (1195047) | more than 5 years ago | (#27553181)

Ethical or not, if these students hadn't done it someone else would have, perhaps someone with far less respect for others. Reference my earlier reply [slashdot.org] in this thread for my opinion on the TOS angle.

Re:It may not be theft... (4, Insightful)

Volante3192 (953645) | more than 5 years ago | (#27553333)

Except being "unethical" doesn't get you put in jail. Only being "illegal."

Re:Theft? (5, Insightful)

caffeinemessiah (918089) | more than 5 years ago | (#27553129)

My response: cry me a river, and congrats to the grad students for their innovative work in the field of distributed communications.

I'd pause before calling this innovative. It doesn't really take much to encrypt data, chop it up and stash it on MediaWiki sites -- either in theory or in practice. If you want something "innovative" in the same vein, I'd vote for the guy who wrote the device driver that lets you use GMail as a drive (spawning many copies [sizlopedia.com] ). Sure it isn't "distributed", but you could set up multiple GMail accounts to handle the contents of your drive. Clogging up other people's wikis is d**k at worst (and possibly a violation of the CFAA), and really not too much of a security threat at best ("oh? my disk is full? hmm...just dump this spammy user account, or restore the last backup, and password protect the whole business.").

What these grad students have done is demonstrate that open mediawiki setups can be spammed. Whee.

Re:Theft? (5, Interesting)

palegray.net (1195047) | more than 5 years ago | (#27553193)

Hey, I agree it was a dick move on the students' part, but I still respect the research. Everything is obvious in hindsight, by the way.

What these students have really done is make a very public demonstration of something that's possible before less ethical parties got a crack at doing it on a large scale. For that, they should be commended. Would you condemn those who release proof-of-concept code for security exploits just because a vendor sat on their ass for months, refusing to care about the problem?

Re:Theft? (2, Informative)

pdbaby (609052) | more than 5 years ago | (#27553651)

This isn't particularly original research, though. I forget the specifics a long time ago (and also the sources, I'm afraid!) but I remember seeing a piece of research years ago talking about how you could treat various systems as short-to-long term storage (a TCP packet aimed at a refusing source can let you store a tiny amount of information for a very short period of time, a url shortening service can store some data for you, a wiki, a guestbook, a slashdot comment, an image hosting site (steganographically insert some content in your image).

The only difference is that the people doing this research actually wasted some peoples bandwidth abusing their websites rather than just positing the concept

Re:Theft? (2, Interesting)

pdbaby (609052) | more than 5 years ago | (#27553663)

I think it was at a similar time to http://michaeldaw.org/news/news-221206 [michaeldaw.org] this, using TinyURL for storage (although I don't think tinyurl had the preview functionality back then?)

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27553817)

I do in fact recall the research you're describing; it was several years ago if I'm not mistaken, and pretty cool stuff. That said, there is a huge difference here; having chunks of data available for retrieval for anywhere from a day to several months is a far cry from the hours I recall from the past research you're describing.

Re:Theft? (-1, Redundant)

mysidia (191772) | more than 5 years ago | (#27553233)

Nah, what would be innovative is posting little blobs all over the web and finding a way to get those pieces back together.

Depending on how much data was actually posted to each individual Wiki.

This is what you get when you allow just ANYONE to edit content and you publish that content.

Perhaps their next act should be to search for derelict articles on abandoned blogs that allow public comments, and use comments to stash bits.

Or register on abandoned forums and utilize publicly viewable 'user profile pages' to transfer blocks of data (some of the redundant profile pages containing the same blocks can even be automatically scrubbed when that particular block of data is now possessed by most of the peers)

I'll agree it wasn't really the intended use of those sites, and the resulting crap flood would be ever bad if the technology ever got popular.

But as a proof-of-concept posting to sites that allow public editing/comments, well, it's not a bad thing per se.

It's really just proving those blogs/wikis/forums need to change their policies.

Either require registration, a valid e-mail address, or at least a captcha answer, before accepting arbitrary text for posting in a public-readable place.

This is equivalent to you posting your e-mail address on your web site and getting random emails you don't like.

Well, then you shouldn't have posted your e-mail address like that! (You're _inviting_ people to e-mail you for random reasons)

Re:Theft? (4, Insightful)

shentino (1139071) | more than 5 years ago | (#27553853)

It's not quite an invitation...

In real life, you can also REVOKE your invitation by

1) telling your guest they are no longer welcome
2) order them to leave, and tell them they are not to return
3) have the police escort them away and give them a trespass warning.
4) have them arrested if they refuse to leave, or return in spite of an official trespass warning
5) Watch them get clapped in irons if they come back again.
6) Repeat step 5 as needed

With spam, it's more like your guest

1) Found your hide-a-key (harvested your address, possibly by decrypting an image)
2) Barged in through an unlocked door (that they unlocked thmselves)
3) Increasingly, disable your security system (aka getting past your filters)
4) Threw a messy party
5) (the possible worst part) Bribed the police so they don't get escorted away (aka signed a pink contract)
6) Has an extensive collection of disguises that protects them from being dinged twice in the same face (botnets and address forgeries)
7) Possibly got tipped off to your address through the slip of the tongue of one of your buddies through the grapevine (sleazy companies that leak your address or sell it)

So anyone who calls spam the natural result of negligence on the part of the account holder is either high and doesn't have a clue what's going on, or is a woefully apathetic approver of the "survival of the fittest" arms race between spammers, providers, and subscribers.

Re:Theft? (5, Funny)

Jafafa Hots (580169) | more than 5 years ago | (#27553633)

Someone oughta think of a way to post chop data files and post them to the usenet - after all, it's just sitting there all abandoned like.

Re:Theft? (1)

Jafafa Hots (580169) | more than 5 years ago | (#27553653)

and in case you don't speak jafafanese, "post chop data files" translates roughly to "chop up data files."

Re:Theft? (2, Interesting)

Anonymous Coward | more than 5 years ago | (#27553369)

The fact that some "admin" abandoned a site, with open privileges to post on it, does not constitute theft.

Indeed. That's just foolishness on their parts. Perhaps they were a bit naive. However, this does in no way excuse or ameliorate the fact that the usage was clearly not authorized, and that doing so does constitute an offense.

You can quibble over calling it theft if you want. It's still not appropriate.

These grad students made a mistake. Exploring the idea? Sure. Pointing out the vulnerability? Fine. Doing it? I'm not surprised it ended up backfiring on them.

Re:Theft? (4, Insightful)

palegray.net (1195047) | more than 5 years ago | (#27553403)

I agree with your points in principle, and would like to offer an alternative means by which the students could have demonstrated their methodology.

These days, $300 will buy you a whitebox computer (assembled yourself, of course) that is capable of running 20 virtual machines. By analyzing the version numbers of common target platforms in the wild, you could conceivably build a virtual network of "real world class" servers with which to demonstrate your technique. Scale this to three or four servers running various wiki platforms, and you've got yourself a virtualized software ecosystem that you can do whatever you want to without fear of repercussions.

Hey, that's what I would have done, but I only have a GED and 15 years of network administration and programming experience ;).

Theft! (1, Insightful)

Anonymous Coward | more than 5 years ago | (#27553751)

The fact is that not all of the wiki sites they spammed were abandoned. Does that change your answer?

Re:Theft? (1)

WaroDaBeast (1211048) | more than 5 years ago | (#27553787)

My response: cry me a river, build a bridge and get over it. Congrats to the grad students for their innovative work in the field of distributed communications.

There, fixed it for ya.

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27553827)

I am in your debt.

Re:Theft? (0)

Anonymous Coward | more than 5 years ago | (#27553797)

Why would anyone attempt to use other people's wikis for storage? Its insecure, so how can you be confident that you can ever retrieve the same data you stored on it?

Re:Theft? (0, Redundant)

SerpentMage (13390) | more than 5 years ago | (#27553959)

>The fact that some "admin" abandoned a site, with open privileges to post on it, does not constitute theft.

The fact that some "home owner" forgot to lock the door to their house does not constitute trespassing!

>I manage servers and write code for a living, and while I'd put a stop to such practices on any site I managed, the use of the term "theft" is laughable.

I own a house and live in a house for a living, and while I'd put a stop to such practices on any property I owned, the use of the term "trespassing" is laughable.

Oh yeah not theft or trespassing at all...

I can't wait to see what the cops would say to that!

Re:Theft? (1)

palegray.net (1195047) | more than 5 years ago | (#27553971)

You really should have reviewed my other posts in this thread before replying. I've already addressed the points you raised here.

Forget the wikis... (5, Funny)

fucket (1256188) | more than 5 years ago | (#27553077)

...I want to hear more about these MILF admins.

Re:Forget the wikis... (0)

Anonymous Coward | more than 5 years ago | (#27553267)

And the title 3 stories below has "culls" in it. Are verbs of the form ABCC teh new shit?

Re:Forget the wikis... (0)

Anonymous Coward | more than 5 years ago | (#27553497)

You must be new here. Let me clue you in:

THERE ARE NO GIRLS ON THE INTERNET!!!

Kobayashi Maru (3, Funny)

retech (1228598) | more than 5 years ago | (#27553091)

Does no one appreciate outside the box thinking anymore? What a shame!

Khaaaaaan! [khaaan.com]

Re:Kobayashi Maru (0)

Anonymous Coward | more than 5 years ago | (#27553103)

In Soviet Russia, box thinks outside of you. Then, box imprisons you in it.

Re:Kobayashi Maru (1)

palegray.net (1195047) | more than 5 years ago | (#27553109)

There's actually a military practice scenario in which part of the scenario name is "Kobayashi Maru." Fun times.

Re:Kobayashi Maru (1)

creimer (824291) | more than 5 years ago | (#27553393)

You would think creative thinking would get extra credit.

Why???? (1)

Pinckney (1098477) | more than 5 years ago | (#27553107)

It's even less ethical than sending your BT traffic over Tor, and strikes me as much less safe. It doesn't seem like it would take many pissed off admins before someone thinks to forward their logs to the appropriate **AA.

Re:Why???? (0, Troll)

afabbro (33948) | more than 5 years ago | (#27553195)

It's even less ethical than sending your BT traffic over Tor,

"Even" less? Pray tell why sending BT traffic over Tor is unethical.

Re:Why???? (5, Insightful)

Cyberax (705495) | more than 5 years ago | (#27553285)

You're abusing TOR network, it was NOT meant to be used for high-bandwidth applications.

Please, stop doing it. Exit nodes do not have unlimited bandwidth.

Re:Why???? (3, Funny)

Lehk228 (705449) | more than 5 years ago | (#27553319)

because if you fill the onion tubes with torrents how are the pedos going to trade their child porn?

Re:Why???? (1)

mysidia (191772) | more than 5 years ago | (#27553309)

That would be a bit difficult to do on any significant scale, considering the low speed of TOR. Anonymity has its price (for Tor users).

As for the ethics of it, I would think there's little question, it's just fine to do that -- so long as you're not in breach of any policies of your exit node.

That is mostly handled by the bittorrent client (anyways).

The BitTorrent protocol has TCP ports 6881 and 6882.

If Tor exit nodes don't allow those two ports, chances are you aren't going to get very far.

If they do, then not only is it not bad to use BitTorrent, you're doing the network a service.

Because across an anonymous network, that sort of traffic will be attempted anyways

You're helping the Tor developers and exit nodes adapt their design or know they need to expand capacity, so anonymous users can exchange anonymously whatever sort of traffic they need...

Whether that traffic be regular HTTP, BT traffic, SSH, or something else like IPsec VPN traffic getting tunneled to a Tor hidden service.

Re:Why???? (2, Interesting)

physicsphairy (720718) | more than 5 years ago | (#27553525)

While I doubt it was the authors' intent, this could actually be useful for creating 'plausible deniability', e.g., you want to provide resources to host legally questionable content, but do not want to open yourself up to any liabilities.

The fact that the content is split between many sites in unrecognizable pieces would also provide legal cover to those wishing to plead ignorant victim rather than willful enabler.

It's sort of like steganography for bandwidth.

Re:Why???? (1)

David Gerard (12369) | more than 5 years ago | (#27553725)

They could call it ... Freenet!

Re:Why???? (2, Informative)

rdebath (884132) | more than 5 years ago | (#27553659)

When the chunks are encrypted there is no way of knowing who the appropriate AA is. As all you have is a little chunk it's impossible to decrypt because the underlying compression layer is missing important data and so you cannot even check your decryption.

You may be able to identify a piece of gzip by frequency analysis as there's a tiny bit of entropy left but a modern compression (7z, rar) will probably leave nothing to distinguish the particular chunk you have.

This Isn't Thinking Outside The Box (4, Insightful)

Anonymous Coward | more than 5 years ago | (#27553141)

It's just stupid. "Hey, we noticed that three quarters of that privately owned parking garage over there isn't being used at any given time. Why don't we open up a car salvage business and store all the derelict junkers that we're parting out in their unused parking spaces?"

These are graduate students?!?

Re:This Isn't Thinking Outside The Box (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27553257)

It's just stupid. "Hey, we noticed that three quarters of that privately owned parking garage over there isn't being used at any given time. Why don't we open up a car salvage business and store all the derelict junkers that we're parting out in their unused parking spaces?"

If the privately owned parking garage has a deliberate policy of allowing the public to come and park whenever they want, for free, you don't have much of an argument.

These are graduate students?!?

Apparently. Graduate students often make good use of things that other people MAKE AVAILABLE FOR FREE.

Re:This Isn't Thinking Outside The Box (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27553515)

Because someone started the car metaphor: The privately owned parking garage doesn't have much of an admissions policy, but it's for the use of the owner and his friends, he doesn't go through much trouble to protect it because theres no reason anyone would really want to park there outside of visiting him. Congrats for prooving him wrong, and coming up with a creative way to use the parking lot he hadn't anticipated... now cut it out.

Tangentially, these places aren't all that 'abandoned' it happened on a wiki I frequent, that has about 15 contributors, the last edit was made within a week.

Re:This Isn't Thinking Outside The Box (1)

scotsghost (1125495) | more than 5 years ago | (#27553695)

Certainly, some of these sites are active. I contribute to one sporadic site that got "volunteered"; a couple of our contributors actually welcomed the experiment. (No idea how the site's admin staff feels about it, though.)

Congrats for prooving him wrong, and coming up with a creative way to use the parking lot he hadn't anticipated... now cut it out.

To their credit, the grad students in charge were completely open about what they were doing. Not in the sense of requesting permission beforehand, but in the sense of providing contact information and some explanation of the experiment. And they were indeed asked to cut it out, and did so (automated removal of the 85k of data they posted to our site). Good for them.

One of our contributors even reposted the data after the automated deletion. It could disappear if the admins take a disliking to it, but for now it's still live.

SlashdotFS (5, Funny)

goombah99 (560566) | more than 5 years ago | (#27553143)

Apparently they don't know about SlashdotFS. This system uses an english hidden markov model sentence constructor to generate plausible comment text and save it as reply's on slashdot. The path through the markov model is variable having multiple word choices at each node so it can encode arbitrary data and can be decoded by replaying the message through the same network model.

It was just a toy till 2003 when a pair of graduate students realized the information density could be dramatically enhanced by introducing spelling, gramatical errors, typo's and l337-speak into the model.

Comments encoding these are usually late posts in the discussion threat and frequently replied to by grammar nazi's.

It's now one of the major Warez dumping sites since it is particularly useful for immutable data of low value.

Re:SlashdotFS (5, Insightful)

adavies42 (746183) | more than 5 years ago | (#27553199)

this is terrifyingly plausible

Re:SlashdotFS (0, Funny)

Anonymous Coward | more than 5 years ago | (#27553417)

Hans Reiser is working on it. One added benefit is you can encrypt data so to the outside observer it just looks like you're posting body dump sites.

Re:SlashdotFS (0)

Anonymous Coward | more than 5 years ago | (#27553691)

Oh goodie. Another Hans Reiser joke. So funny. It was funny for the first few months.

Re:SlashdotFS (1)

Fallingcow (213461) | more than 5 years ago | (#27553549)

A while back I remember seeing frequent gibberish posts that were just similar enough that they seemed to be coming from the same source. They always had the same subject, IIRC.

I figured they were someone's attempt at what the parent mentioned, though far less hidden.

Re:SlashdotFS (3, Funny)

Anonymous Coward | more than 5 years ago | (#27553259)

'SlashdotFS' coments encodin in sohveet russsia, but duz it runn 0n lunix?

Re:SlashdotFS (1)

NovaHorizon (1300173) | more than 5 years ago | (#27553411)

Someone mod the parent up.. that was funny as heck when put in context. oh wait.. that's right, things in context don't get mod points :( .. But can it run crysis?

Re:SlashdotFS (2, Funny)

Voyager529 (1363959) | more than 5 years ago | (#27553445)

But can it run crysis?

Perhaps, but you'd need a Beowulf cluster of them to run Crysis and Vista. Problem is, the Beowulf cluster is too easily Slashdotted.

Re:SlashdotFS (1)

NovaHorizon (1300173) | more than 5 years ago | (#27553461)

I'm not sure if that was a whoosh moment or a perfect addition to the idea of 'common' slashdot comments to store encoding in 0.o

Re:SlashdotFS (1, Informative)

Anonymous Coward | more than 5 years ago | (#27553279)

Funny mods, not interesting.

Re:SlashdotFS (0)

Anonymous Coward | more than 5 years ago | (#27553371)

It might be humor, but is there any rule about when the 'reality following humor' clause can be invoked?

See the audio preview feature on youtube for an example of this.

Re:SlashdotFS (1)

Compholio (770966) | more than 5 years ago | (#27553301)

Apparently they don't know about SlashdotFS. ...

Project page?

More seriously, since slashdot comments are never deleted (like many news sites) you could conceivably make a pretty good system to take advantage of encoding data and posting it anonymously to such sites. Doing so would allow you to hide downloading/uploading in the background of normal posting. The real trick would be coming up with a "good" system for locating desired resources.

Re:SlashdotFS (1)

failedlogic (627314) | more than 5 years ago | (#27553391)

There is one. Its stashed on a bunch of wiki pages as well ... the irony. It does, seriously, compare well to some academic paper generators. Some MIT students made one.

Re:SlashdotFS (2, Informative)

Tumbleweed (3706) | more than 5 years ago | (#27553331)

Apparently they don't know about SlashdotFS.

Sure. Most people don't seem to realize that 'First Post' is part of the meta data of the file system. That's why it seems like nonsense - it really has nothing to do with anything, and the 'people' posting them seem like morons. Artificial stupidity was achieved years ago!

Re:SlashdotFS (3, Interesting)

David Gerard (12369) | more than 5 years ago | (#27553733)

yes, it was [today.com] .

"LOLbot, how do we reverse entropy?"
i dunno lol

I have a friend who seriously tried to tell me that 4chan was a CIA entrapment operation for online activists. I'm not sure even an AI could reach that level of WHAT.

Spammer (0)

Anonymous Coward | more than 5 years ago | (#27553885)

Posting links to 'funny stories' slurped from Slashdot stories on his monetized blog.

Re:SlashdotFS (1)

mysidia (191772) | more than 5 years ago | (#27553353)

Do you have a link to the source code for the SlashdotFS Linux kernel driver?

And I wonder how well does it recover from things like comments getting accidentally deleted or articles vanishing? I would hope it has RAIC support or something like zfs ditto blocks.

I want to try and see how well it works as a root filesystem.. The problem was I always kept running out of disk space.

*EG* }:->

Re:SlashdotFS (1)

Laxori666 (748529) | more than 5 years ago | (#27553551)

I want to implement this now.

Re:SlashdotFS (1)

Hal_Porter (817932) | more than 5 years ago | (#27553557)

Comments encoding these are usually late posts in the discussion threat and frequently replied to by grammar nazi's.

Well played, Sir. Well played.

Re:SlashdotFS (4, Interesting)

joe_bruin (266648) | more than 5 years ago | (#27553575)

I did some research into this a number of years ago (before torrents were around). I found that you can store 64 KB (if I recall correctly) in a slashdot comment. Now, the idea was not to to use slashdot as storage, they'd quickly put a stop to that. The trick is using slashdot and other forums and wikis as a way to get your data into the Google cache, where it will be served rapidly for everyone who wants it. There should also be forward correction data uploaded (like parity files) so that if some segments get lost, they can be recovered. Then what you need is an index file (kind of like a torrent file) that tells you what Google keywords you need to search for to find any given segment of the file, and software that will parse this file, download, and assemble the chunks into the completed data.

I wrote a little bit of code for it. It's all very straightforward, I just never got the time to get enough of it implemented to release anything. With torrents, it seems somewhat worthless to pursue now.

Re:SlashdotFS (5, Funny)

dangitman (862676) | more than 5 years ago | (#27553581)

Comments encoding these are usually late posts in the discussion threat and frequently replied to by grammar nazi's.

Replied to by the grammar Nazi's what?

Re:SlashdotFS (0)

Anonymous Coward | more than 5 years ago | (#27553707)

Replied to by the grammar Nazi's what?

Dingleberry! John Thomas! Willy! Dong!

what, you couldn't guess??

at least they used abandoned sites... (1)

Hungus (585181) | more than 5 years ago | (#27553147)

Unlike ninjavideo who hides files on donation funded sites like archive.org

Big difference between virtual and real worlds... (3, Interesting)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#27553149)

In the real world, good old meatspace, there are actually "abandoned" things and properties. Things that, save for a few extremists of the no-srsly-guys-property-rights-are-eternally-laid-down-by-god-no-matter-what school, we can agree don't actually have owners in any meaningful way. Various peculiar exigencies create them; but they do exist. Taking them over, and bringing them back into productive use, is a clear good.

On the interwebs, the situation is quite different. Since any "location" on the internet corresponds to an active server, actively sucking power and depreciating somewhere, there are no "abandoned" locations on the internet. There are locations that don't change much, or aren't visited much; but they all correspond to real hardware that real people are paying real bills for(though, it is conceivable that, for a short time, a piece of hardware might be lost between the cracks and unpaid for until it dies or the situation is straightened out and it is disconnected). Thus, any scheme that involves making use of "abandoned" location son the internet is a load of crap. At best, it is an obnoxious creative interpretation of a bunch of TOSes. At worst, it is arguably theft of poorly secured server resources. Most of the time, as in this case, it is probably just spam.

Now, on a slightly different topic, it could well be argued that, on the internet, abandoned data can and do exist. Here a more interesting case could be made for the ethical utility of salvage projects, "abandonware" websites probably being the best known example.

OT (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#27553329)

http://www.google.com/ [google.com]

OT.

so boastful (0)

Anonymous Coward | more than 5 years ago | (#27553339)

This project is possibly way too vainglorious for me to handle.

"Abandoned" my pasty white ass (4, Informative)

GuruBuckaroo (833982) | more than 5 years ago | (#27553367)

I found their garbage on my site yesterday. It's not a high-volume site, but it sure as hell isn't abandoned. And after all this apologizing, one of the students still has the complete list of wikis they used available on his student page. This was a serious case of lack of oversight and/or bad judgment.

Re:"Abandoned" my pasty white ass (4, Funny)

physicsphairy (720718) | more than 5 years ago | (#27553499)

It's not a high-volume site, but it sure as hell isn't abandoned.

I see you are still in denial about how much time you spend posting at Slashdot.

Re:"Abandoned" my pasty white ass (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27553701)

Well, my wiki is on the the list as well. Mine gets over 10000 unique views per day, so it isn't a small site by any mean. I wonder what criteria they used to judge 'abandoned' wiki installation, seeing as they use the new installation page as the wiki identifier.
 
I never noticed the spam page though, because I implemented a simple puzzle extension.
 
If these kinds of experiments annoys you, I wonder how you would response to the real wiki spam that seems to flood my site daily before I installed the extension.

Re:"Abandoned" my pasty white ass (3, Informative)

Browzer (17971) | more than 5 years ago | (#27553771)

Criteria:

Once we found a site, our crawler inspected it by probing certain URLs to determine whether it allowed for anonymous edits, or whether it was protected by CAPTCHAs or the lame puzzle authentication plugin.

...Grade... (1)

Quantos (1327889) | more than 5 years ago | (#27553397)

But did they get a good grade on the project?

Hacker Ethics (0)

Anonymous Coward | more than 5 years ago | (#27553509)

Shouldn't one of you be complaining about the Establishment pigs punishing kids for exploring? Or are you getting as tired of being rootkitted as everyone else?

Why go external to begin with? (4, Insightful)

tinkertim (918832) | more than 5 years ago | (#27553519)

This could be demonstrated just as well on sites that they own / control. For instance, with a single domain name, 100 pastebin clones, 100 wikis could be set up and configured differently (i.e. subdomains).

Some of them could have active SPAM policing, captchas, etc .. others could behave as though they had a lazy / dead admin. Others could just mysteriously vanish (i.e. domain expired, no longer hosted, etc).

The results are the same, either way. I wonder why they bothered going for external sites to begin with? All they needed was a cheap p4 and some scripts to automate mediawiki installs.

Why didn't they just stay in the sandbox?

Some say rubbish, I say Brilliant (2, Funny)

ZeroNullVoid (886675) | more than 5 years ago | (#27553537)

This is the best school project I have heard of since I was at university....

Apologize? (4, Insightful)

Talisman (39902) | more than 5 years ago | (#27553763)

"...the students posted an apology this afternoon."

In the words of Vince Vaughn, "Apologize for what, baby? Being awesome?"

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?