[Wulp]

WentloogWhix, on 23 October 2009 - 08:40 AM, said:

FWIW I have noticed that errors creep into many academic and technical papers, and sadly most of my technical colleages think that bad spelling and lousy grammar is cool. Given the proximity between USC and Hollywood, I think the paper is serious.

It's not only the (numerous) bad spelling which makes this paper more than doubtful. But also some (not necessarily all) of the content is plain wrong, like the statement that it would be possible to fake the set of part hashes.
Read also the thread about this paper that Nissenice linked to.

[WentloogWhix]

I guess a truckload of salt is in order

What we do already know is that it is possible for rogue software to claim to have a complete file, even when it doesn't, and then to pass out random junk for a few weeks to as many unsuspecting eMule users as possible. This was "successful" because eMule did not stop it or determine that the data from those specific sources is rubbish.

I don't know if this is a bug or a missing feature, but the only way to stop it was to try to get the word out about blocking the IP ranges listed in my signature. This method was like using a hammer to squash an ant.

Whether you regard this problem as serious or not, until the corruption handling model is tweaked to cater for this situation, it is bound to continue to annoy some eMule users, and catch out and discourage a lot of unsophisticated users.

No, the sky is not going to fall down and eMule is not doomed, but neither is it secure or infallible.

This post has been edited by WentloogWhix: 24 October 2009 - 12:41 AM

[fox88]

WentloogWhix, on 24 October 2009 - 04:37 AM, said:

but the only way to stop it was to try to get the word out about blocking the IP ranges listed in my signature.

Not like in your signature. Please try to understand that.

WentloogWhix, on 24 October 2009 - 04:37 AM, said:

This method was like using a hammer to squash an ant.

Exactly. That's why you should not misuse tools, or you might get wounded yourself.

[Wulp]

WentloogWhix, on 24 October 2009 - 02:37 AM, said:

it is possible for rogue software to claim to have a complete file, even when it doesn't

Yes

Quote

and then to pass out random junk for a few weeks to as many unsuspecting eMule users as possible.

Yes, after all they can upload whatever they want.

Quote

This was "successful" because eMule did not stop it or determine that the data from those specific sources is rubbish.

No. When I had the AICH hash and when it was possible to get the recovery data
my mule was able to determine the corrupted data as well as its senders.
The problem with noone sending recovery data could theoretically resolved by having and option to attach the whole AICH hashset to an ed2k link, I suppose. Even though it would bloat up the link pretty much and thus wouldn't be used often anyway (and it's not a problem as long as there are also genuine complete sources).
And the AICH root hash is going to be part of the file ID in future versions, if I got it correctly.

Quote

I don't know if this is a bug or a missing feature, but the only way to stop it was to try to get the word out about blocking the IP ranges listed in my signature.

Quote

until the corruption handling model is tweaked to cater for this situation, it is bound to continue to annoy some eMule users, and catch out and discourage a lot of unsophisticated users.

Is it? In all the years I've been using eMule I had not one single file that did not complete because of such pollution attacks. Even your testfile finally worked out without blocking any of your listed IP ranges and without a too big bandwidth waste because of redownloaded data.

I'm not saying there is no need for improvements. But from my experience the current system is already not as bad as you want to make us believe.

[WentloogWhix]

Why won't you believe what I described? Was I wrong in describing the hundreds of MB wasted by the polluters? Was I wrong in my observations of guys like "JK" who spent weeks trying to download the file? Do you think I'm trying to make this up?

My posts did not exaggerate: they provided data and a description of what happened, and my opinion that this would get worse if it wasn't fixed.

When you have all the bandwidth you can use the poisoning is probably not an issue. When you are paying $12 per GB it's an issue. The only reason you can download the test file now is that one member of this forum with a very big pipe offered to make his pipe available, and I added him on my friend slot.

Even so, his copy of eMule said that I was the source of the corruption, when in fact I was the *only* non-corrupt source.

Be my guest: have the last word, and deny whatever you want. I'll reserve the right to say "I told you so" and look smug. Bad guys succeed when the good guys keep their mouths shut.

[Wulp]

WentloogWhix, on 24 October 2009 - 04:18 PM, said:

Why won't you believe what I described? Was I wrong in describing the hundreds of MB wasted by the polluters?

Did I not explained to you countless times and in all detail that it was because of the missing recovery data? Which you later even confirmed. Yes it happened to me too at first, but as soon as the recovery packets were available the file started to continuously make progress. The reason it eventually succeeded is not because there was a fast source (it just made the process faster) but because it was a legit one.

I don't know what's your point about this "JK" guy. Do we know him? Do we know that he got the recovery data? Or that he even had the AICH root hash? Maybe he's not even a legit source...

Quote

Even so, his copy of eMule said that I was the source of the corruption, when in fact I was the *only* non-corrupt source.

If this is true, it's indeed a problem of course. Unfortunately I didn't know which of the sources were you, otherwise I could have paid attention to it while downloading.

To summarize: with the current system, I find in this thread the following problems which (allegedly) may occur:

- Without an attached AICH root hash the AICH system either doesn't work or the root hash can even be faked when there are enough polluters (and few genuine sources). (I even lost the attached hash though I've no idea why it happened and can't reproduce it)

- AICH recovery data may sometimes not be available (rare case though), without it AICH cannot work.

- banning only on user hash basis, not IP basis (only speculation?) and even then could be circumvented (as GilesBathgate describes)

- Clients don't get banned because they send too few data. / Too high CBB banning threshold

- Banning the wrong (non-malicious) clients


That's what I've gathered in this thread. Did I miss anything? I actually don't really know about the last 3 points, so I won't jump to a conclusion.


I think it's getting pointless to repeat the same stuff over and over again and I feel we go in circles since at least the last 3 pages.
If all the allegations really apply, the should be fixed of course.
But as the whole system is going to be reworked anyway I think we should wait for what changes will actually be made.

[GilesBathgate]

Wulp, on 25 October 2009 - 03:47 PM, said:

But as the whole system is going to be reworked anyway I think we should wait for what changes will actually be made.

Do you know something we don't?

[Nissenice]

Frequently Asked Features said:

Features you may or may not see in future eMule versions: (that means its not a promise, just that we are aware of it and consider it as a possibillity, sorted by priority)

• Improved hash resistance - To ensure eMule stays future-proof the current file integrity check mechnanisms which are based on MD4 will be extended to include MD4+SHA1 (currently already used for AICH). This will avoid any possible future attacks against the hashing mechansims.
  
• Autoupdate - ...
  
• ...

Also: http://forum.emule-p...ndpost&p=998640
and http://forum.emule-p...dpost&p=1033828

This post has been edited by Nissenice: 27 October 2009 - 03:21 PM

[klipp]

I must say that what WentloogWhix is saying is also happening for one of the files I was trying to download.

Several clients send me a small amount of data then disconnect.
They are all located in Germany.
None of the clients have a valid identification.

I was finally able to finish the download using this small trick:
- unshared all other files
- keep downloading only the poisoned file
- used all available bandwith to upload the verified chunks

Now I'm powersharing the file hoping to spread it to all the other "non-fake" clients.