[HN Gopher] BitTorrent v2
___________________________________________________________________
BitTorrent v2
Author : jakobdabo
Score : 356 points
Date : 2020-09-07 19:33 UTC (3 hours ago)
(HTM) web link (blog.libtorrent.org)
(TXT) w3m dump (blog.libtorrent.org)
| mtgx wrote:
| Nothing about privacy improvements/encryption?
| rolleiflex wrote:
| I make P2P tools too. [0] Let me tell you this: Bittorrent is one
| of the few things in the space that actually ... works.
|
| It works not in the sense that there is a white paper that should
| work. Not in the sense that there are a few company-made swarms
| hosted on industrial servers that keep everyone up and alive, so
| that the thing gives the impression the 'P2P' network does work.
| Not in the sense that there is a very-well oiled marketing
| machinery talking about Web 3.0 that allows its founder to go on
| TechCrunch and talk about the upcoming distributed paradise.
|
| Bittorrent works in the way you install it into your computer and
| it does something for you. And for that alone, it has my immense
| respect and attention.
|
| It's a tool that doesn't pitch that it's a P2P tool - it doesn't
| try to convince you with sob stories about how using P2P helps
| fight against the big bad evil web. Instead, you use it because
| it's genuinely the best at what it does: it being P2P is not a
| selling point, it's just how it happens to work, and that is
| exactly what it should be.
|
| That is something all P2P developers should aspire towards.
|
| [0] Aether P2P: https://getaether.net
| cercatrova wrote:
| > It's a tool that doesn't pitch that it's a P2P tool - it
| doesn't try to convince you with sob stories in how using P2P
| helps fight against the big bad evil web. Instead, you use it
| because it's genuinely the best at what it does: it being P2P
| is not a selling point, it's just how it happens to work, and
| that is exactly what it should be.
|
| This should be something that every creator who markets or
| sells products should learn. Consumers don't care how it works,
| it just has to be better than the solution before it. Appealing
| to how things ought to be moralistically doesn't work (for the
| vast majority of consumers). They just don't care, they want a
| solution to their problem.
| im3w1l wrote:
| I think everyone _aspires_ to this. They just fall short.
| cercatrova wrote:
| Perhaps. I see a lot of developers make stuff (non-dev
| related even) but then only list out their technical specs
| and features rather than benefits, as if the programming
| language its written in is supposed to entice (non-dev)
| consumers. A corollary is devs making software for their
| own enjoyment but that which doesn't solve an actual
| problem. I think it's more that they don't think in that
| entrepreneurial mindset yet, but once they realize no one
| is buying, they'll understand for the next time around.
| megameter wrote:
| It's a problem with the creative process itself, I've
| learned, and it isn't different in other mediums. It
| follows the McCloud "Six Steps to Art" - starting with
| surface changes, gradually learning the elements of the
| craft, and eventually settling on a purposeful idea in
| the medium or about the medium.
|
| Most developers, and therefore most projects, get stuck
| somewhere in the middle area, where there is enough skill
| to create features, but no direction or vision for those
| features, other than a basic template based on other
| software.
|
| Often, the project will be called "minimal" to excuse
| having few features, but only a few projects adhere to a
| genuine restriction like SLOC limits or eliminating
| dependencies.
|
| Appeals to commerce as the goal often have a further
| narrowing effect of making one anxious with thoughts like
| "project must moonshot on day 1", but then you look at
| Bittorrent, an all-time software success, and it's like,
| no, this probably wasn't ever going to create the next
| Microsoft. Funds were raised to have a Bittorrent
| company, but the market success it had was always modest
| at best. And yet it did and still does represent an idea
| that people can believe in.
|
| The actual thing that I see every great project do,
| whether it's defined artistically or not, is to define
| up-front some themes and principles that you believe
| cohere well, and then direct the specific elements around
| deeply studying and exploring them. This can manifest as
| a corporate mission statement, or as an artist's
| manifesto, or an academic research subject. In final
| form, it generally manifests as "do one thing
| exceptionally well", since if you have a very clear idea
| of the goal, you can direct all your energy upon it. But
| in the intermediate stages it is still trial and error to
| learn what fits the theme best, what the actual success
| metrics are.
|
| The thing is, if you have coherence in the abstract, it's
| way easier to explain the reason for being: "This is just
| a manifestation of the principles". Being easy to explain
| in turn makes it marketable without resorting to sales
| tricks. And because it deals with general concepts it
| taps into a breadth of appeal that can't be found just by
| looking at any one feature. So adhering to principle sets
| you up for success in a general sense.
| dchuk wrote:
| This is exactly the problem with all cryptocurrency
| currently. It's a massive user experience issue, in the sense
| that users have to experience the technical bullshit of how
| the currencies work, completely missing the brilliant part of
| real money: it just works. I hand people money, they give me
| things. I swipe my credit card, I get things.
|
| I can't remember who aid it originally, but there's a great
| test you can give to any statement or idea. Just immediately
| ask "who cares?" The best product demos I've ever seen answer
| who cares in each part of the pitch. The worst ones just
| rattle off mumbo jumbo forever.
| X6S1x6Okd1st wrote:
| >This should be something that every creator who markets or
| sells products should learn. Consumers don't care how it
| works.
|
| I distinctly remember being a teenager and learning how
| bittorrent worked, thinking it's the coolest thing I'd heard
| of and laboriously explaining how it worked to a friend that
| sounded interested. At the end of the explanation he asked
| "So how do you download music with it?"
|
| And I realized all he cared about was using it to pirate
| music.
|
| It's really easy for programmers to get lost in how cool some
| code or technology is and lose sight of how the rest of the
| world views it.
| DevX101 wrote:
| BitTorrent was one of the few things that once I understood how
| it worked, I realized I was looking at the product of true
| genius.
| sneak wrote:
| The first time I ever felt that way was with the Gnutella
| network; I instantly wrote a client for it from scratch.
|
| Bittorrent only became that level of magical for me when the
| DHT got factored in some time later and magnet links became
| workable.
|
| The other time was Bitcoin.
|
| I'm a big fan of lack of centralized/coordination/tracker
| nodes.
| martinald wrote:
| Really? It's a just an iteration from how eDonkey2000/eMule
| worked, which actually also had a DHT based 'trackeless'
| mode, many years before BT came around.
| bawolff wrote:
| The tit-for-tat algorithm is what makes bit torrent special
| and solved a real problem with the previous gnutella-esque
| generation of p2p file sharing programs. As far as i know
| emule did not have that at the time.
| godzillabrennus wrote:
| Hacking around distributed hash table open source software gave
| me the utmost respect for the people who came up with this
| stuff.
|
| Crypto currencies owe a lot of their successes to the pioneers
| behind technologies that also power bit torrent.
| 1vuio0pswjnm7 wrote:
| Today's consumers and developers of "tech" have been trained
| and convinced to readily accept stuff that works "most of the
| time".
|
| It is the software I download for free that is the most
| reliable IME. Spending more money does not make today's
| consumer computers any more valuable. And that's how it should
| be. The price of hardware (and software) should continue to
| fall.
| tim333 wrote:
| >being P2P is not a selling point
|
| It is kind of a selling point with regards to what most people
| actually use it for. If not P2P the movie / record industries
| would shut down the servers.
| bawolff wrote:
| I think the point is its an implementation detail not an end
| in itself. Users care about the properties it provides, not
| the method (p2p) of obtaining then
| k__ wrote:
| _" there are a few company-made swarms hosted on industrial
| servers that keep everyone up and alive, so that the thing
| gives the impression the 'P2P' network does work"_
|
| What about the trackers?
| simple_phrases wrote:
| DHT makes trackers simply an aggregation and redundancy
| measure.
| joenathanone wrote:
| It should, but in practice it doesn't. I've had torrents
| that I left sitting for weeks not being able to complete,
| until I added a list of trackers to them and found some
| seeders with 100% of the torrent.
| k__ wrote:
| Same here.
|
| BT only worked for new popular stuff.
| Red_Leaves_Flyy wrote:
| I've yet to find something that's truly unavailable.
| Sometimes it takes a few different searches on different
| sites but I've always found the obscure Linux distros
| I've been looking for.
| ksec wrote:
| What is the current relationship between BitTorrent Inc, which I
| think developed the original BT v1 protocol and client, and
| Libtorrent? Which I think was a 3rd party BT Library written in
| C++ because the official version was in Python which was
| resources hungry.
| toyg wrote:
| You got your relationships wrong.
|
| Bram Cohen developed BitTorrent and released a (Python)
| reference implementation in the public domain (later under MIT
| and then GPL licenses); he later founded BitTorrent Inc. and
| assigned this implementation to the company to maintain.
| Eventually BitTorrent Inc dropped this codebase altogether and
| became closed-source with a completely separate project.
|
| Libtorrent is just one of many independent BT libraries that
| have been developed since Bram published the first BT client.
| ksec wrote:
| >You got your relationships wrong.
|
| ??
|
| So there are no relationship between the two?
|
| >Eventually BitTorrent Inc dropped this codebase altogether
| and became closed-source with a completely separate project.
|
| That was from the acquisition of utorrent.
| loeg wrote:
| Correct, no relation between the two.
| [deleted]
| coronadisaster wrote:
| It would be nice to have a torrent system where noone that is
| uploading has all the data for a specific torrent (or at least
| they arent uploading the whole file to any specfic person...
| probably would be harder to prosecute in the event that some
| files become illegal)... You could take 1% of the billonaire's
| fortune and give it to the "victims" and everyone would be happy.
| smabie wrote:
| No one can have all the files and BitTorrent works just fine.
| Though, I don't see why anyone wouldn't want the whole file.
| What's the point if you can't actually use what you downloaded?
| [deleted]
| coronadisaster wrote:
| You could or could not have all files, but you would never
| upload a whole file to a single user (ie: part of a file is
| possibly meaningless if you upload random chunks)
| anaganisk wrote:
| Im not sure how that would work technically speaking if there
| is just a single seeder and leecher, also don't you become an
| accomplice for helping?
| coronadisaster wrote:
| every seeder could technically have all the files but would
| only share random chunks with each user
| bakies wrote:
| Can't this already be true? You do not need the entire torrent
| in order to seed downloads. Clients leeching know which blocks
| seeders are providing and will download what's available.
| pgsandstrom wrote:
| Sounds a bit like freenet: https://freenetproject.org
| luckylion wrote:
| If you share significant parts of a copyright protected work,
| you're probably still on the hook. For most things, it's not
| actually the files that are copyrighted, it's the content
| encoded in them.
|
| At some point, I suppose things get very fuzzy, e.g. you're
| just uploading a single second of an album, but I don't know
| who practically useful that would be.
| sillysaurusx wrote:
| Uploading parts of illegal files is equivalent from a security
| perspective. It seems like there's no advantage to your
| proposal.
|
| The Whonix wiki has an incredible amount of information on
| topics such as this: https://www.whonix.org/wiki/Documentation
|
| Basically, it's very hard to protect the security of users when
| a government seeks to prosecute dissidents. There's a lot to
| take into account. A simple "we saw an upload from IP address
| x.y.z.w containing <illegal file>" will be enough to hang
| whoever it is.
|
| On second thought, I guess it would be a nice addition to let
| users control which files they're seeding, rather than the
| whole torrent. I'm just not sure it's enough to get them off
| the hook in the event of legal troubles.
| jayd16 wrote:
| Ideally, you'd want to come up with some way to pack files
| such that many files share the same chunks. Perhaps you could
| make the act of sharing (all or most of the) legal and
| illegal files indistinguishable.
| p1mrx wrote:
| You could have a protocol where every block of the file is
| actually two "random" blocks XOR'd together, but this
| doesn't really work. If you create a new 1GB torrent,
| you'll need 1GB of new (never seen before) blocks with
| ~100% probability, so it will be obvious who's seeding the
| data.
|
| Or you could make the block size smaller (e.g. 1 bit) and
| tell the lawyers to piss off because 0 and 1 are public
| domain.
| wmf wrote:
| See https://www.scs.stanford.edu/~dm/home/papers/waldman:
| tangler... and https://ansuz.sooke.bc.ca/entry/23
| draugadrotten wrote:
| One change in the v2 protocol stands out here. "Files that
| are identical can also more easily be identified across
| different swarms". Would this per file hash not make it
| easier for such a government to find illegal material shared
| by users. It appears v2 is not suitable for sharing of
| material which could get one in trouble.
| 0-_-0 wrote:
| .zip
| singron wrote:
| I don't think this really matters in practice. The DHT is
| public and you can already scan it to find all the public
| torrents, all the files they contain, and what IPs are
| sharing them.
| marcinzm wrote:
| >probably would be harder to prosecute in the event that some
| files become illegal
|
| Cynically I'd assume they'd just use it to add a conspiracy to
| commit a crime charge to the list since you technically need to
| coordinate with other people.
| AdamJacobMuller wrote:
| No reason you can't do this with the existing protocol. I'm not
| sure how much it helps from a legal POV and i suppose it
| depends upon your threat model, but, its fairly trivially
| doable.
| nabla9 wrote:
| If you want to circumvent the law, you must find a legal
| technicality, not a technical technicality.
|
| The key weakness in every smartass technical technicality to
| circumvent the law is forgetting that _intent_ is core concept
| when the law is interpreted in the court.
|
| Did the defendant have intent to do X? Did the defendant use
| some purpose build technique to avoid doing the most literal
| interpretation X ? .. Yeah, defendant is guilty of doing X.
| spockz wrote:
| IANAL, but afaik this depends on whether the legislation is
| English law or Latin law from origin. Where Latin law is more
| about the intent and english, and therefore US law, is more
| about the letter of the law. Perhaps the distinction is along
| a different axis but this is how I remember.
| nabla9 wrote:
| You are thinking about common law (originated in England)
| vs civil law (based on Roman law) In both systems intent is
| very important in criminal cases.
|
| The real difference is between criminal law and contract
| law. In contract law. In contract law the intention is
| fixed by the language of the contract document. It matters
| less if matter if one party didn't intent to violate the
| contract. It is what it is.
| smabie wrote:
| I've written a torrent client, and I'm skeptical than v2 will
| ever catch on. While it does solve some minor problems, it's not
| a large enough leap forward to justify the costs.
| wmf wrote:
| uTP seemed like a small improvement to me but it happened.
| IshKebab wrote:
| Yeah this definitely feels like a Python 2/3 type situation.
| They solved one minor issue but require the whole world to
| update.
|
| I'm not even convinced they couldn't have done it in a
| backwards compatible way. Why not stick with SHA-1 but _also_
| add SHA-256 for verification for clients that support it?
| userbinator wrote:
| That's an interesting comparison, given that the first
| BitTorrent client was written in Python (2).
| UncleEntity wrote:
| > Why not stick with SHA-1 but also add SHA-256 for
| verification for clients that support it?
|
| Apparently you can do that with 'hybrid' magnet links.
|
| The problem is the two swarms are different so as more people
| move over to v2 the v1 swarms will become smaller and smaller
| -- thus giving people an incentive to upgrade, I suppose.
|
| ...and they seem to have solved more than one minor issue
| since they were breaking things anyway...
| bredren wrote:
| I don't know much about protocol version pacing, but was lack
| of substantial changes part of the reason it has taken 12 full
| years to get a client to support v2?
|
| http://bittorrent.org/beps/bep_0052.html
| rhencke wrote:
| No. It is still a draft proposal.
| Mindless2112 wrote:
| 3 years, not 12. BEP 52 was based on BEP 3 and kept the same
| metadata, including the creation date.
|
| http://bittorrent.org/beps/bep_0003.html
| sedatk wrote:
| Minor problems? Isn't this a security issue? Somebody can
| modify a binary and still have it return the same hash and
| distribute it to people who think that they are receiving an
| authentic file. Is it even an option to keep going with SHA1?
| Even Git, which this is less of an issue, has a plan for
| migrating to SHA2. https://git-scm.com/docs/hash-function-
| transition/
| throwaway2048 wrote:
| This isn't really true, sha1's weakness would require you to
| be the creator of the torrent, which if you are, you can just
| make the binary malicious to begin with.
| Havoc wrote:
| If a couple major players adopt a hybrid system then it could
| perhaps
| loeg wrote:
| libtorrent backs a number of popular clients (Deluge,
| qBittorrent), so that's a good start.
| mhh__ wrote:
| From the perspective of the client would it be a drop in
| replacement like changing a static library or a from the ground
| up rework?
| smabie wrote:
| If they used libtorrent, then it would be easy. If they wrote
| their own system, then it would require a moderate amount of
| work to chance to v2.
| ksec wrote:
| I am going to take a guess, Most people on Mac would be
| using transmission, and People on Windows would be using
| Classic Utorrent.
|
| Both are not based on Libtorrent.
| ogogmad wrote:
| The use of SHA-1 in v1 seems like a major problem.
|
| [edit]
|
| That doesn't imply that BTv2 is the right successor protocol.
| akvadrako wrote:
| It's not currently - collisions are very expensive and only
| in limited contexts. If you wanted to distribute malware via
| torrents your efforts are better spent elsewhere.
| ogogmad wrote:
| Attacks only get better with time.
|
| Also, this seems quite bad:
| https://en.wikipedia.org/wiki/Collision_attack#Chosen-
| prefix...
| loeg wrote:
| That attack isn't relevant to bittorrent swarms. What you
| want is a preimage attack on SHA1.
| [deleted]
| PossiblyKyle wrote:
| Since we're on this topic, what's your torrent client of choice
| HN? I plainly use BitTorrent nowadays
| sp332 wrote:
| I use deluge just because it has a nice client and separate
| server which I leave running on another box.
| kuroguro wrote:
| qbittorrent, hands down :) Open source, cross platform and
| relatively small footprint (native), uTorrent-like UI.
|
| I believe it uses libtorrent under the hood, so this might be
| integrated soon.
| loeg wrote:
| > I believe it uses libtorrent under the hood
|
| Yep: https://www.libtorrent.org/projects.html
| jedberg wrote:
| I use it too, the main reason I switched is it seems to be
| the only one capable of maintaining line speed downloads on
| �100+ megabit links on a Mac.
| vermilingua wrote:
| uTorrent 2.2.1, which unfortunately seems like it won't be
| viable going forward if v2 adoption picks up.
| kuroguro wrote:
| Was using that for a very long time as it's the last version
| without ads. Unfortunately there were multiple
| vulnerabilities disclosed in 2018 and some private trackers
| started blacklisting it (workarounds for the vulns were
| discussed but not sure if any are confirmed as working).
|
| https://bugs.chromium.org/p/project-
| zero/issues/detail?id=15...
| vermilingua wrote:
| This is news to me, thanks for pointing that out. (Not sure
| why I find it surprising, it's a very old piece of software
| now.)
| bserge wrote:
| Why not 3.x?
| Dahoon wrote:
| It's basically malware.
| 0xdeadb00f wrote:
| Transmission. If you're looking for one on android,
| LibreTorrent looks absolutely amazing
| jug wrote:
| Deluge for a server/client model with optional web interface,
| if you for example want to command your Raspberry Pi to add som
| torrents. But for a more traditional one I prefer qBittorrent
| after Ludde abandoned uTorrent.
| bserge wrote:
| uTorrent, it has always been fast and stable.
| Hamuko wrote:
| Been a fan of Transmission on macOS for many years. I just wish
| I could install Transmission on a Linux box and still keep
| using the fantastic Cocoa interface it has on macOS.
| oauea wrote:
| You mean https://github.com/transmission-remote-gui/transgui
| or another gui? You should be able to connect remotely, that
| is pretty much the entire idea behind transmission. A torrent
| daemon with various UIs that use the API.
| martindale wrote:
| Has there been any progress on advancing BEP-46 (mutable
| torrents) [0] along the standards track? I didn't see any mention
| of it in this announcement, despite my hopes of seeing it as a
| flagship feature.
|
| [0]: http://www.bittorrent.org/beps/bep_0046.html
| the8472 wrote:
| The BEP itself is almost trivial. The difficult work is
| implementing it in a client that makes it useful for users and
| content providers.
|
| In the wild west of the internet "update" really only means
| "add" because you don't want the source you barely trust to
| provide some data to issue an update that deletes all the
| previous download from that source. But you also want to avoid
| wasting storage so some size caps and rehashing old data to see
| if it's an incremental update will also be needed.
| crazygringo wrote:
| Very interesting. But I'm not totally clear -- what does this
| mean for compatibility with v1?
|
| The article states that _hybrid_ torrents that support v1 and v2
| can be created. But what does this mean for end-users (clients)?
|
| Will most torrent software be upgraded to support both v1 and v2?
| And will a client be forced to choose from the v1 or v2 swarm, or
| will it be able to download from and seed to both?
|
| I mean it _seems_ like clients would participate in both swarms
| -- I 'd just like to know if that's confirmed.
|
| Also, is is possible to add v2 to existing torrents
| "retroactively"? Who would do that? Or would this solely be for
| new torrents moving forwards?
| the8472 wrote:
| > Also, is is possible to add v2 to existing torrents
| "retroactively"? Who would do that?
|
| You would need the file data to do that, so torrent indexing
| sites could not do it. And since you need the full data you
| could only do it after downloading at which point it doesn't
| add that much value.
|
| > Or would this solely be for new torrents moving forwards?
|
| Indeed. v2 offers a few nice improvements but not world-
| changing ones. So there's no pressure to upgrade existing
| torrents. They'll keep working as-is.
| armitron wrote:
| A v2-aware client that also supported v1 and hybrid torrents
| would tick all boxes and be able to participate in multiple
| swarms (for the same torrent).
|
| The main issue that I see is the existence of millions of
| torrents in private trackers that would have to be manually
| updated for v2.
|
| Are people going to bother? I think not. So for me, v2 is
| practically a new-torrents-only affair.
| ehsankia wrote:
| I think this is fine. Slow migration is often the right
| choice. The important part is to start early, and in a decade
| maybe the vast majority of torrents will be V2.
| oauea wrote:
| The sites could perform a bulk update for all their torrents
| if they so chose.
| danarmak wrote:
| To update you need the data so you can rehash it. A typical
| tracker only has the torrent files and would take a very
| long time and spend a lot of possibly expensive bandwidth
| to download all the tracked torrents. And some torrents may
| not be seeded all the time.
| 22c wrote:
| If nobody has the data, the torrent is effectively dead
| and most private trackers will remove it in time. If it's
| not dead, they can incentivize seeders to re-hash/re-
| upload a v2 compatible torrent if they really wanted to.
|
| Private trackers tend to gamify quite a few aspects of
| their sites (obvious example being the seed ratio
| itself).
| bserge wrote:
| They often just have the magnet links. I haven't looked
| into how that works, but I think the complete data is
| only on the seeders' machines, and the torrent propagates
| through DHT.
| Cyph0n wrote:
| Private trackers do not use magnet links afaik.
| Hitton wrote:
| This is pretty cool. Per-file hash trees is something I've been
| missing for some time now.
| koeng wrote:
| > Identical files will always have the same hash and can more
| easily be moved from one torrent to another (when creating
| torrents) without having to re-hash anything. Files that are
| identical can also more easily be identified across different
| swarms, since their root hash only depends on the content of the
| file.
|
| As a question for someone who knows better - does this mean that
| you can download single files within torrents themselves? I
| imagine if each file is independently hashed, this should be
| possible.
| ColanR wrote:
| If I understand your question correctly, then yes, people do
| that all the time and most bittorrent clients make it super
| easy.
| M2Ys4U wrote:
| >As a question for someone who knows better - does this mean
| that you can download single files within torrents themselves?
|
| Most torrent clients can do this already, but depending on how
| the torrent was created and the size the files involved you
| might download a some of the files on either side.
| xibalba wrote:
| _To me, BitTorrent feels a lot like Blockchain: interesting tech
| that doesn 't seem to be able to find a practical and useful
| application (proportionate to the attendant hype). Which is not
| to say that either can't, they just haven't yet. Why?_
|
| EDIT: while I don't (yet) consider myself delirious, responses to
| this comment have illuminated how little I know about the
| influence and application of BitTorrent. In other words, I
| retract the above opinion.
| slim wrote:
| I estimate that thousands of people use torrent every day since
| 20 years. I use it very often. maybe it's just that nobody uses
| it in your close network
| mawalu wrote:
| You mean beside being responsible for ~50% of the global
| internet traffic in 2009?
| https://en.wikipedia.org/wiki/BitTorrent
| xibalba wrote:
| Insofar as the majority of that traffic is likely illegal (in
| terms of sharing pirated property) I would not consider it
| useful.
| [deleted]
| deathgrips wrote:
| This falls apart when you examine prohibited goods. Guns
| are illegal in most countries because they are _very_
| useful.
| liability wrote:
| It's not legal, therefore it's not practical? That doesn't
| make any sense at all.
| dtech wrote:
| useful != legal
| oblio wrote:
| Yeah, but what's the current number? I'd be surprised if it
| were more than 5-10% these days. 2009 was 11 years ago, the
| internet was a much smaller and less regulated place.
| CyberDildonics wrote:
| You think that if something once took up 50% of all traffic
| on the internet it never found a practical application?
| oblio wrote:
| > proportionate to the attendant hype
|
| From the original comment.
|
| Also, just because it was 50% at some point, it doesn't
| really matter today. Paraphrasing, a technology is only
| as good as it's latest match result.
|
| Perl was once powering the web, nowadays you have to look
| at the web with an electronic microscope to find it...
| bioipbiop wrote:
| Even if it were only 5-10% of internet traffic, that'd be
| huge! Think about how much the internet has exploded in use
| since 2009.
| ffpip wrote:
| Youtube is 37% of all mobile traffic. [1]
|
| [1]- https://www.statista.com/chart/17321/global-
| downstream-mobil...
| risho wrote:
| that is still way WAY more than enough to justify it's
| utility.
| luizfelberti wrote:
| You're delirious.
|
| Setting aside the fact that BitTorrent came about long before
| BitCoin was a glint in Satoshi's eye, it's still massively used
| for content distribution, on top of being a foundational
| technology to several industrial applications: Apache Spark,
| for example, uses BitTorrent to shuffle/broadcast data around
| cluster nodes.
|
| Even when BitTorrent alternatives are used in its place (such
| as IPFS, Dat, or Kademlia), BT was still a massive influence in
| all of their designs, and to the design of any other DHT that
| came about after its release.
|
| All of these, plus other systems that are (in abstract) similar
| constructions, have several industrial applications for asset
| distribution (Netflix uses IPFS to distribute container images
| internally [0], Uber and Alibaba do similar things) and network
| management (DNS for example, is really just a DHT, as are
| several other network protocols)
|
| Ever since BitTorrent came about, it has unequivocally been a
| resounding success. It never for a moment had to look for
| applications, there were already plenty since day one.
|
| [0] https://blog.ipfs.io/2020-02-14-improved-bitswap-for-
| contain...
| thawaway1837 wrote:
| Wasn't the original Skype that Microsoft paid billions for
| also based on BitTorrent technology?
|
| Not BitTorrent exactly, but close enough that if the
| blockchain spinoff was bought for that much the blockchain
| folks would certainly consider (rightfully IMO) a victory in
| the blockchain column.
| wmf wrote:
| Skype was based on JoltID/Kazaa.
| oblio wrote:
| > it's still massively used for content distribution
|
| Is it, though? Youtube doesn't use it, neither do Netflix,
| Hulu, Amazon Prime Video, Disney+, Spotify, etc. Does anybody
| (except for Blizzard) use it? I don't think Steam or the Epic
| store or the App Store or the Play Store use it, either.
|
| I'd be extremely glad to be proven wrong.
| FridgeSeal wrote:
| I remember reading about how Facebook uses it to distribute
| updates amongst servers.
| loeg wrote:
| Windows has some sort of P2P update distribution system,
| although (1) I don't know that it is bittorrent and (2) it
| seems to be massively slower than just using MSFT's servers
| directly, so I'd suggest disabling it. On the order of 100x
| slower.
| toyg wrote:
| I believe Steam uses it. The network graphs they spout show
| behaviours consistent with BT-like activity.
|
| I'm pretty sure the BBC iPlayer used it too, at some point
| (no idea if it's still the case).
|
| Most Linux projects use it.
|
| Any company offering a "download manager" for 1GB+ files,
| is likely to be implementing something similar to BT behind
| the scenes.
|
| The thing is: if bandwidth costs are a real problem for
| you, BT is a killer solution to offload some of those
| costs. If they are little more than a footnote (like for
| the mega-services you list), then BT is unnecessary and it
| will probably slow down overall performance too.
| M2Ys4U wrote:
| v1 of iPlayer used bittorrent, but these days it's all
| streaming.
| yepthatsreality wrote:
| Why...?
|
| BitTorrent has been influential in lots of applications. If you
| really need proof that BitTorrent can move milestones, it help
| perpetuate sites like thepiratebay.org and assisted in the
| advent of modern day streaming services that both the music and
| movie industry neglected for years. It is also a central
| influence for p2p networking and file sharing.
| oblio wrote:
| Yeah, but it's not used anymore, from what I know. Few places
| use it for distribution, I guess they don't consider it worth
| the hassle. Blizzard was using it to distribute binaries.
|
| I guess mobile internet was its downfall as few people want
| to seed from a mobile connection.
| armitron wrote:
| There are vast data archives exposed through private
| trackers that work on top of bittorrent. This isn't widely
| known due to their private, invite-only (and in some cases,
| entirely closed) nature but the fact remains that these
| exist and are fundamental in multiple, widely divergent
| communities.
| oblio wrote:
| Can you give some examples? It all sounds very...
| mysterious. At least, what kind of content are we talking
| about?
| bdekoz wrote:
| A public example is rutracker.org. Another is sci-hub.
| See Joe Karaganis for some cannonical info:
| http://piracy.americanassembly.org/shadow-libraries/
| M2Ys4U wrote:
| >I guess mobile internet was its downfall as few people
| want to seed from a mobile connection.
|
| CGNAT has a lot to answer for, too
| ajtulloch wrote:
| Lots of companies use BT in a datacenter environment to
| efficiently distribute binaries to a large number of hosts.
| oblio wrote:
| Again, this is in the context of the original BitTorrent
| hype. Which was huge. What you're mentioning is small
| potatoes.
| oblio wrote:
| Well, both threaten the establishment. Blockchain would
| basically upend states, with unclear benefits. BitTorrent would
| allow for very efficient distribution of a lot of data, which
| can conflict with copyright.
|
| At least BitTorrent is environment friendly :-)
| m3kw9 wrote:
| Talk about an un-mobile friendly website
| [deleted]
| risho wrote:
| works fine on my phone.
| Stratoscope wrote:
| It even manages to evade the usual "Show simplified view"
| bottom bar that Chrome mobile shows when it detects that a page
| is likely hard to read.
|
| Rather ironically, you get a much more readable view if you
| select "Desktop site" in the Chrome mobile menu and then
| double-tap the main text column.
| kasabali wrote:
| It works just fine on Opera on Android.
|
| Most of the time it's not web sites but browsers, who are
| unfriendly.
| tomxor wrote:
| > [...] not only uses a hash tree, but it forms a hash tree for
| every file in the torrent [...] Files that are identical can also
| more easily be identified across different swarms, since their
| root hash only depends on the content of the file.
|
| Wait, does this mean content addressed blobs across swarms...
| does that mean torrents made by completely different people that
| happen to contain one or more identical files can benefit from
| seeds of the other torrent?
| nurettin wrote:
| I remember one of the original bittorrent guys asking for
| help/recruiting on some IRC channel. He said it was a
| transformative project. He was laughed off as the next "wanna
| create mmorpg" guy. For once they were wrong.
| viktorelofsson wrote:
| If you want to try a client with v2 (and v1+v2 hybrid) support,
| I've just released PicoTorrent v0.20 [0] based on Rasterbar-
| libtorrent 2.0 :)
|
| [0]
| https://github.com/picotorrent/picotorrent/releases/tag/v0.2...
| m00dy wrote:
| hmm, looks like still no support for data streaming :(
| rwmj wrote:
| BitTorrent (v1) supports streaming if your client knows the
| appropriate way to prioritize packets. I've written a streaming
| client using libtorrent-rasterbar and it worked fine. What's
| the problem?
| armitron wrote:
| Nothing stops you from downloading pieces in a specific order
| that allows for streaming. It's the client that determines
| order, not the bittorrent protocol.
| m00dy wrote:
| well, I meant live streaming here.
| FridgeSeal wrote:
| That would require mutable torrents correct?
| lucb1e wrote:
| Um, now this is the third subcomment; you could have edited
| your original comment.
| m3kw9 wrote:
| I feel like a lot of the terms has blockchain in nature but they
| never specifically state it.
| Retr0spectrum wrote:
| Blockchains are just unbalanced merkle trees.
| doctoboggan wrote:
| Bittorrent was pioneering distributed architecture while
| bitcoin was still a future thought in Satoshi's mind.
| sleavey wrote:
| SHA1 has a collision, so now it uses SHA256. How long until a
| SHA256 collision? Shouldn't the new protocol just add support for
| many modern hash functions, and client updates can disable
| support for hashes that become insecure later? Or does this
| introduce its own headaches? That's what SSH does, right?
| armitron wrote:
| Collisions in the context of bittorrent are not a big deal. We
| could (and will, there are millions of torrents around that
| will never be updated) keep using SHA1 and the world is not
| going to end.
| frenchman99 wrote:
| It isn't? Is it not possible to be tricked into downloading a
| malicious binary that you then execute on your computer?
| loeg wrote:
| I don't think so.
|
| 1. The user trusts the source of the .torrent file.
|
| 2. A malicious peer makes a preimage attack in some block
| in an executable file with contents containing some
| malicious executable payload.
|
| 3. The executable wasn't signed, or the targeted block must
| include executable headers.
|
| 4. Some peers get the malicious exe, some don't.
|
| The (2) step is still hard -- preimage attacks on SHA1 are
| still expensive.
|
| And it is probably much easier to bypass SHA1/SHA256
| entirely by just uploading a malicious torrent directly and
| hoping (1) still applies.
| calvinmorrison wrote:
| Unlike the Photoshop 2020 WareZ Cracked Unlocked 2020 Xvid
| Torrentz WZ FUN.torrent, that I just downloaded
| vermilingua wrote:
| Yes, because warez is the only valid use of bittorrent.
|
| Most Linux distros offer an installation iso via torrent,
| large files with many blocks. If you can change just a
| small part of those files, you've got compromised
| machines before the install even begins.
| mlyle wrote:
| Most of the practical hash attacks we've seen allow one
| to create two chunks of data that hash to the same thing,
| not to collide with an arbitrary other block. This
| greatly limits the attack scenarios we need to worry
| about.
|
| (That is, we've got practical collision attacks emerging
| for SHA1, not pre-image attacks).
| flatline wrote:
| They aren't? So someone can craft a payload that contains a
| rootkit or similar and has the same name and hash as the
| thing you wanted, and this is okay? (Disclaimer: I don't know
| all that much about how hashes are used internal to the
| protocol)
| armitron wrote:
| The vast majority of data shared over bittorrent is not
| executable.
|
| So your scenario becomes an issue if you're downloading
| executable data that you deem :trusted: without any
| additional verification besides the hash itself. If that's
| the case, you have bigger worries than the hash.
| dmurray wrote:
| Or if there's a vulnerability in a popular media player.
| sp332 wrote:
| The weakness is a collision, not a pre-image attack. That
| means that a pair of payloads can be crafted together, one
| innocent and one malicious, that have the same hash. But it
| is not feasible to take a given file and make a new
| malicious payload with a matching hash.
|
| So if you get your hash from whoever made the original
| binary, you can know that any binary with a matching hash
| is fine. But it could be a problem if someone creates a new
| pair of binaries and uploads the hash to TPB. You might see
| lots of good reviews from people who got the innocent
| version, but then the peers you connect to send you a
| malicious version with a matching hash.
| heartbeats wrote:
| What if the hashes differ?
| sleavey wrote:
| I expect there would have to be other changes to allow this
| feature, such as the server advertising all the
| available/supported hashes for each chunk.
| Taek wrote:
| I don't think anyone is expecting a sha256 collision in the
| next 20 years. The crypto doesn't seem to leave much wiggle
| room for exploitation.
| noja wrote:
| Don't people always say exactly that? What are the chances of
| a collision if we simultaneously use multiple hashes, does it
| become significantly less likely?
| nemo1618 wrote:
| > don't people always say exactly that?
|
| This is an understandable reaction, but the security margin
| on new crypto is _way_ higher than old crypto. Roughly
| speaking, we went from "I guess if a state-level actor
| dedicated all their resources to this for a few decades,
| they could probably brute-force it" to "Even if you broke 9
| out of 10 rounds in this algorithm, you'd still need to
| harness the energy of every star in the universe for 10
| billion years to brute-force it."
|
| Most algorithms today have been "attacked" in the sense
| that there are tricks we can do that allow us to recover
| the key faster than a simple brute-force attack. But
| "faster" usually means doing something like 2^100
| operations instead of 2^128 -- still far beyond the realm
| of practicality.
|
| It's telling that cryptographers are now seriously
| discussing _reducing_ the security of various algorithms:
| https://eprint.iacr.org/2019/1492
| bamboozled wrote:
| In twenty years, So they have 10-15 years to safely do
| other things.
| toyg wrote:
| _> Don 't people always say exactly that?_
|
| No, "they" don't. SHA1 collisions had been "in the wind"
| for a while, they had been in sight ever since MD5 started
| showing signs of clear weakness in the early '00s.
| Wikipedia has a Rivest quote about it from 2005. There is
| nothing like that for SHA2, although attacks are improving.
|
| _> What are the chances of a collision if we
| simultaneously use multiple hashes_
|
| Define "simultaneous". Shipping twice the hashes for each
| piece seems a big waste of space. If you mean re-hashing
| hashes, it's just a waste of cpu power, since an attacker
| only has to break one or the other to get in a position to
| poison data.
| nabla9 wrote:
| > How long until a SHA256 collision
|
| Very unlikely that this is going to happen any time soon.
|
| Most modern symmetric cryptographic primitives with sizes >=256
| bits are considered safe even against quantum computers. SHA256
| turned out to be even stronger than expected. SHA-3 adoption is
| delayed in many protocols because there is no much need for it
| and hw implementations for SHA256 are commonplace.
| stingraycharles wrote:
| Isn't the fact that OpenSSL et al allow so many arbitrary
| ciphers the reason of a whole load of problems?
| user5994461 wrote:
| Nope, the problem is that software never upgrade their ssl
| stack to support the newer ciphers. Especially Microsoft
| that's easily 10 years behind on the current SSL version.
|
| Without the ability to support multiple versions, it would be
| impossible to upgrade anything at all. That would be a whole
| load of other problems.
| loeg wrote:
| Yep: https://en.wikipedia.org/wiki/Downgrade_attack
|
| > Downgrade attacks have been a consistent problem with the
| SSL/TLS family of protocols; examples of such attacks include
| the POODLE attack.
| johnisgood wrote:
| Why not BLAKE3? I am really curious. I mean, since it exists,
| why not that over SHA256? Because it is relatively new?
| loeg wrote:
| I would guess that the reasoning is similar to why Git is
| moving to SHA256 (from SHA1) rather than to BLAKE3 -- SHA256
| was around 5 years ago and the major design change has been
| in the works for a while (BEP 52 dates to 2017). BLAKE3
| (2019) would be a fine choice today.
| tekacs wrote:
| They use multi-hash [0] in magnet links, presumably for exactly
| this reason.
|
| ... but for consistency (like their narrowing of valid
| bencode), they've presumably chosen one main hash for now, so
| that every client and server doesn't have to handle all of
| these cases as people provide a million variants of the same
| torrent.
|
| [0]: https://github.com/multiformats/multihash
| d33 wrote:
| There are a few things I wish this addressed, but it doesn't. Off
| the top of my head:
|
| 1. the new hash function is going to be broken eventually - what
| happens then? 2. support for "remixes". It would be nice to
| reference pieces from another torrent. Example use case: adding
| subtitles for a movie. Right now it requires either downloading
| the "main" version of the movie and getting the subtitles
| externally, or sharing the file from scratch.
| heartbeats wrote:
| > Identical files will always have the same hash and can more
| easily be moved from one torrent to another (when creating
| torrents) without having to re-hash anything. Files that are
| identical can also more easily be identified across different
| swarms, since their root hash only depends on the content of
| the file.
| lucb1e wrote:
| > the new hash function is going to be broken eventually
|
| SHA-2 will not be broken as easily as SHA-1. This seems to be a
| common misconception in this thread.
|
| Wikipedia: "Since 2005, SHA-1 has not been considered secure
| against well-funded opponents".
|
| This was 10 years after its introduction (1995) and 15 years
| ago. We had 15 friggin' years and we're finally switching git
| and bittorrent around. It took 2017-2005=12 years to get from
| first serious signs of issues to https://shattered.io.
|
| SHA-2 is now 19 years old and the "uh oh, better switch before
| it's too late" recommendation has not come yet. It's
| withstanding the test of time better and there haven't been 12
| years to mature any weaknesses. The theoretically known attacks
| for SHA-2 are fairly insignificant.
|
| Since SHA-2 had a similar construction to SHA-1 (Merkle-
| Damgard), NIST figured they better launch the SHA-3 competition
| at the first sign of trouble and picked something with a very
| different operating principle. For now, however, it's still
| fine. Thomas Pornin put this a bit better than I can:
| https://security.stackexchange.com/a/21116/10863
|
| As for "what happens if/when it will be broken": we could make
| BitTorrentv2 another multi-crypto soup like with TLS, but then
| you open up a can of downgrade attacks, potential null ciphers
| or other such tricks simply due to increased complexity, and
| you still can't switch that quickly because everyone needs to
| take manual action in changing configuration files. Much better
| if we can instead do apt upgrade and let the software take care
| of making security decisions rather than those who install the
| software. (Remember that SSL was designed in 1994, when
| LiveScript/JavaScript didn't even exist yet, DES was state of
| the art, and we wrote books with algorithms because
| cryptography was ammunition. Having multiple options for
| strong/weak ciphers was not yet a crazy idea.)
| proverbialbunny wrote:
| It feels like this isn't a large enough leap forward. It would be
| nice if BitTorrent v2 made it harder for ISPs to identify what is
| bit torrent traffic. AT&T artificially slows down upload speeds.
| mac01021 wrote:
| Why don't ISPs bill by the gigabyte and be done with it?
| jbverschoor wrote:
| BC billshock scares people away. It would set us back to the
| early '90s
| wwwhizz wrote:
| So watching Netflix and YouTube gets more expensive? No,
| thanks. I'm fine with European net-neutrality and pay for
| bandwidth.
| 101008 wrote:
| It would be horrible to live in a world like that. Imagine
| deciding to watch a shorter film on Netflix because you will
| pay less.
| ffpip wrote:
| That's basically what happens with mobile data plans in
| India. Fixed speeds, pay X amount per 1 or 1.2 GB
| freedomben wrote:
| Because customers lose their minds with that model, largely
| as a result of conditioning that "internet" is an unlimited
| resource (which of course it is when instantaneous demand <=
| supply, but during high traffic periods that isn't the case).
|
| Personally I understand the economics around it, but still
| don't like the idea of paying per GB. I would end up skipping
| some Netflix and would get mad at kids for playing Netflix to
| an empty room (much like I currently get mad when they leave
| the lights on in an empty room). It's nice on a personal
| level to avoid that.
| [deleted]
| tyfon wrote:
| That kind of depends on the price pr gb.
|
| To use the power analogy, when I was young the price of
| power was relatively high but in recent times it has now
| dropped to 0.6 NOK / kWh so even charging the car from
| 10-80% (~61 kWh) cost 40 NOK or $4. I do not get mad at the
| kids leaving the light on like my mother did to me.
|
| I (or rather my job) currently pays about 1000 NOK/ month
| for unlimited 500 MBit synchronous fiber internet. I
| transfer maybe 500 GB/month so for it to be cheaper for me
| it would be under 2 NOK/GB or $.2 which sounds really high
| but that is what I currently pay with my usage.
| Dahoon wrote:
| I thought internet in Norway was cheaper than in Denmark.
| Interesting. For comparison I pay 449 DKR/month for
| 1000/1000 unlimited fiber with a guaranteed bandwidth of
| minimum 950 (they are upgrading the network atm. hence
| not a guarantee on the full 1000 yet as some customers
| equipment is too old).
|
| Is it a normal connection or a business connection
| perhaps?
| iso947 wrote:
| Bandwidth to where? Do they really have 1gbit per
| customer peering with say level3? And with cogent, and
| telia? And a full non blocking internal network? And
| enough packet buffers to ensure that microbursts don't
| saturate any link?
| wolco wrote:
| You pay for peace of mind that little Johnny doesn't
| download some crazy amount by accident. Now you don't
| have to monitor family usage so that makes things easier
| as well.
| bserge wrote:
| I _really_ don 't like the idea of limited bandwidth or
| charging per gigabyte because I know ISPs will rip people
| off and still not upgrade their networks to handle more
| traffic.
|
| But I think it would considerably change the Internet
| landscape. No more listening to the _same exact song_
| multiple times on Youtube or Spotify or whatever. No more
| downloading then deleting the same stuff over and over
| again. I think about it often, what a massive waste of
| bandwidth, I don 't even know why. It's a lot of
| electricity used, I guess?
|
| Even though I've got unlimited fiber, I'm looking for some
| sort of local "Internet cache" solution that would store
| _everything_ so it would be re-downloaded from my home
| instead of across the ocean. Would be great for outages,
| too.
| Hamuko wrote:
| > _It 's a lot of electricity used, I guess?_
|
| Is it though? How much electricity is used to serve a
| 1080p Netflix movie several times vs. playing the same
| movie from a local storage medium?
|
| If you asked me, I'd rather burn Bitcoin mining rigs if I
| wanted to get rid of electricity waste.
| bserge wrote:
| Yeah, I don't know. I just think about the bandwidth we
| all use sometimes and it seems extremely wasteful and it
| bothers me for some reason. I use around ~200-300
| GB/month, which I thought was a lot until I saw how much
| other people use :D
| Hamuko wrote:
| > _I use around ~200-300 GB /month_
|
| Pretty sure I use more than that in a day.
| wmf wrote:
| Wait until you hear how much CPU time and RAM is being
| wasted...
| bserge wrote:
| It's actually the reverse that bothers me in that case! I
| have more RAM and CPU time than I can possibly use :D
|
| Unless that's what you meant...
| Bnshsysjab wrote:
| Yeah but your hardware requirements are driven by
| software bloat.
| Red_Leaves_Flyy wrote:
| I think what they're getting is how bloated software has
| become. Some websites download several megabytes of data
| to display a kilobyte or less of actual content.
| liability wrote:
| Why won't ISPs stop advertising 'unlimited' service that is
| actually limited to N gigabytes a month, where N is
| substantially lower than what's possible given the speeds
| they provide?
|
| Because they can get away with it.
| colechristensen wrote:
| Because it is insanely expensive to actually provide that.
| The nature of internet traffic is short bursts, not 100%
| utilization. In a commercial setting you can purchase fixed
| pipes that are entirely yours and they're tens or hundreds
| of times more expensive.
|
| Why wouldn't you want to pool bandwidth with your neighbors
| so you could all get faster speeds when you were using it
| instead of rate limiting everyone?
| jeromegv wrote:
| The issue is that there's no way to know what this limit
| is. I understand the cost, but then tell us exactly how
| many GB I can use at full speed and when does it start to
| throttle. Instead I have to rely on internet anecdotes.
| selectodude wrote:
| They do. I'm pretty aware of what my data transfer limits
| are on both my home and wireless connections. Granted my
| new ISP has no data caps and symmetric gigabit speeds so
| I'm a bit spoiled.
| slyall wrote:
| Well in New Zealand we used to charge-per-byte but as things
| got cheaper this has largely gone away. Some of the cheaper
| how fibre accounts have something like a 100G/month limit but
| I guess it isn't worth the trouble to charge even here where
| bandwidth is much more expensive than the US.
| driverdan wrote:
| 100Gb/month is practically nothing. I primarily use a
| hotspot for internet access and routinely do way more
| traffic than that.
| slyall wrote:
| If you don't use video then it'll be plenty. Plenty of
| people get their TV the old-fashioned way but still want
| fast Internet.
|
| Looking at pricing for Spark (one of the
| largerproviders). [1]
|
| For each of the fibre speed plans you can get 60GB/month,
| for another $10 you get 120GB/month and for a further $10
| you get unlimited traffic.
|
| BTW: "Mb" = Megabits, "MB" = MegaBytes
|
| [1] https://www.spark.co.nz/shop/internet/plans-and-
| pricing/
| geoffmunn wrote:
| Flashback: I was on Actrix which charged $5 per megabyte.
| Downloading Netscape Navigator 2 nearly bankrupted me. I
| used to browse the internet with images disabled, which
| ironically gave me an appreciation for accessibility issues
| which served me well later in life.
|
| When Xtra came out at $2.50 per hour, it was a complete
| game changer.
| gkfasdfasdf wrote:
| Agreed, this would align incentives nicely. Maybe we would
| see more innovation in compression technology that way.
| Hamuko wrote:
| I imagine the data whales would not cover the loss revenue
| from people who just use online banking yet pay the same
| amount.
|
| I've used 15 TB in the last 5 weeks with my torrent client
| alone (and considering my Backblaze backup size, that's not
| nearly all of my traffic), but how many people like me are
| there in the general public?
| hysan wrote:
| Some thought experiments for you to try:
|
| - Does this guarantee that you get the speed that you pay
| for? If not, then should the price during heavy congestion
| cost less per GB? I've had the unfortunate luck of having
| lived in areas where the internet is unusable for anything
| other than email and light browsing during peak hours. Bonus:
| Do you know why this happens? If not, I encourage you to
| research this.
|
| - How will this affect the advertising model of the entire
| internet economy? If you, like me, have lived your whole life
| on a mobile data plan that is priced based on data usage,
| you'll realize just how much bandwidth is consumed by
| advertisements (worst are the video/audio types that auto
| play).
|
| - How will this affect "future" technology such at smart
| homes? Most devices send data back (Amazon Echo devices) and
| the growing security camera ecosystem that sends recordings
| to the cloud would suddenly cost users a ton more.
|
| - Speaking of cloud, what will happen to the gaming industry
| that is heavily cloud based? Many games don't even ship in a
| completed state anymore. Instead, part of the install
| requires downloading a ton of additional updates. Not to
| mention online play, DLC, etc.
|
| There a many many more everyday examples like this that would
| be heavily affected by pricing per GB. Your question sounds
| like a simple solution but like many things in life, that is
| rarely the case.
| colechristensen wrote:
| Because their costs aren't based on usage, but installing and
| maintaining the infrastructure then collecting rent on it.
| Actual usage is an exponential curve and if you bill on it
| you have a few angry users paying for everybody else's
| infrastructure.
| huhtenberg wrote:
| It's nearly impossible to obfuscate a protocol to work around
| filtering.
|
| You'd want to look like some other protocol and you want that
| protocol be encrypted by default. Otherwise yours _will_ get
| fingerprinted via the deep packet inspection.
|
| The most obvious choice is to run your protocol over TLS. But
| then they can just throttle long-lived bulky TLS connections
| where neither side is on 443.
|
| You can then require the responding side be on 443 (which is
| already a big hassle), but they will then throttle down TLS
| connections towards residential IPs or throttle them down
| cumulatively, as a group.
|
| Other choices here are OpenVPN, WireGuard and, possibly, IPsec.
| But, again, it will come down to defeating the throttling of
| multiple inbound bulky connections of the same type, which is
| doubly hard to bypass if you are on a residential IP and your
| ISP is really bent on throttling.
|
| Any successful obfuscation technique is short-lived, so it has
| no place in the protocol itself. Instead it should be delegated
| to a transport layer and the clients should be coded to support
| BT tunneling over X or over Y.
| richardwhiuk wrote:
| This is all true. The best way to make your application work
| now matter what filtering is in place is to disguise it as
| something which the ISP has to make work in order to get
| customers.
|
| Fundamentally, nothing has the same characteristics as
| BitTorrent - almost nothing has the same high uplink
| requirements, which is an absolute signature of BitTorrent
| traffic.
|
| Oh, also some of the shaping is implicit, not explicit. Most
| home internet connections are asymmetric - they dedicate more
| channels to downlink than uplink.
| TheRealPomax wrote:
| Why would the that be the protocol's responsibility?
| greycol wrote:
| I'd assume that a protocol that gets faster for files the
| more nodes who use it and the faster those nodes transmit
| would try to solve real world issues stopping more
| nodes/faster speeds from those nodes.
|
| The word 'responsibility' that you used is of course too
| strong a word, however the comment 'it would be nice' to have
| is definitely true assuming we want downloads to be faster.
| convery wrote:
| Maybe not 'responsibility', but I guess it'd be nice to have
| some kind of proxy protocol so that seeders can proxy
| requests for people with annoying ISPs.. or they could just
| use a VPN like everyone else =P
| kardos wrote:
| > It feels like this isn't a large enough leap forward.
|
| The hash it relies on is broken, so their hand has been forced.
| throwaway2048 wrote:
| sha1 is not meaningfully broken for BitTorrent, It would
| require a second pre-image attack to meaningfully hurt it,
| you can not take an existing hash you don't control and
| synthesize a matching set of incorrect/malicious data.
|
| Second preimage attacks are MUCH harder to pull off, even md5
| is still safe from them, many years after they were found to
| be broken in other contexts.
|
| The only thing that sha1's weakness would let you do in a
| bittorrent context is create a torrent, then let you send
| fake data for a chunk, which really does not seem very
| useful.
| jedberg wrote:
| > AT&T artificially slows down upload speeds
|
| Do you have a source on this? I believe you I just want to know
| more. It explains a lot.
|
| I have a gigabit link. I can download torrents at almost line
| speed. But I can barely get uploads past 5K/s. I spent hours at
| one point trying to tweak every possible setting and eliminate
| every bottleneck, and still couldn't get past 5K/s.
| toyg wrote:
| _> I just want to know more._
|
| There is little to know, it's largely a commercial preference
| (that has, over the years, driven technological research; see
| ADSL for example, the first A is for Asymmetric).
|
| Average consumers are precisely that, _consumers_ : they
| rarely upload anything, but they download tons of content
| (from webpages to streamed media). So it makes sense for
| residential ISPs to maximize downstream bandwidth, since it's
| what consumers will evaluate them on. One way to do that is
| to simply throttle upstream, to ensure resources stay
| available for downstream. (This has the side benefit of
| reducing headaches, i.e. less people distributing
| questionable material on your network...).
|
| If you need good upload speeds, you simply have to talk to
| your ISP.
| [deleted]
___________________________________________________________________
(page generated 2020-09-07 23:00 UTC)