awesome, I am never optimizing another jpg again.
Interesting idea, with unintended consequences that I fear will make it not work.
Topic: DDoS, the ultimate solution (Read 1561 times)
This is basically what MAFIAA and Ko pulled of with all those CD/DVD blanks levy in countries like Canada. Nice gig if you can get it.
afik this might actually work
Vote AGAINST this idea.
Reason:
It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
Well under the current network architecture yes. But I think this would be very helpful in a picopeering darknet since it would have to implement fork of tcp/ip.Reason:
It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
More later of I figure out exactly what OP meant..
Also, what if you send all that $5 to yourself? That wouldn't prevent DDOS at all.
Example: Set up an IP, a.a.a.a. Get all your botnets to visit a.a.a.a, which doesn't respond at all (or responds using a fixed message that takes no processing time) 10000000 times, then visit facebook 9999 times. You still completed the DDOS, at no cost to yourself due to rounding.
Example: Set up an IP, a.a.a.a. Get all your botnets to visit a.a.a.a, which doesn't respond at all (or responds using a fixed message that takes no processing time) 10000000 times, then visit facebook 9999 times. You still completed the DDOS, at no cost to yourself due to rounding.
This is like saying the solution to crime is more private security and burglar alarms. Sure, that helps, but only because we don't have *real* solutions.
But... that is exactly how it works with "vanilla" crime, no?
You're inventing solutions based on technology that doesn't exist anyway. So why not invent good ones rather than mediocre ones?
Well, point
Vote AGAINST this idea.
Reason:
It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
Reason:
It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
Methinks there exists no network neutrality at the global scale, since, you know, China, Belarus and other such countries.
I think a more practical solution is to get an angry mob together and go kick the asses of those DDoSers.
Alas, we're quite far from punching people in the face via TCP/IP. That would solve so many problems...
I think a more practical solution is to get an angry mob together and go kick the asses of those DDoSers.
Vote AGAINST this idea.
Reason:
It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
Reason:
It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
As for the DDoS case, methinks that de-facto market reason for counteracting it at ISP level would remain, as customers who are damaged by such actions above the measure to which it is compensated would still seek to migrate to a better ISP.
This is like saying the solution to crime is more private security and burglar alarms. Sure, that helps, but only because we don't have *real* solutions.Then allow us to push filters up the router chain.
Quote
Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...
Indeed, re-optimizing one's scripts to "milk" micropayments out of userbase would become an issue, that I have to agree with.
And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.
I don't agree. Damage less minimal compensation after the fact that is not tied to the amount of damage can be *much* worse. This jibes with common sense (how can you complain about attacks when someone is paying you for taking them?) and with experience.
A good example is a day care center that had a huge problem with late pickups. That meant an employee had to stay late, and none of their employees wanted to do that. So they had an idea -- make people pay $5/minute for late pickups. Guess what -- late pickups shot through the roof. Why? Because with this system, people now felt they had a right to make late pickups and weren't working so hard to avoid the inconvenience. They quickly got rid of the penalty.
I don't agree. Damage less minimal compensation after the fact that is not tied to the amount of damage can be *much* worse. This jibes with common sense (how can you complain about attacks when someone is paying you for taking them?) and with experience.
A good example is a day care center that had a huge problem with late pickups. That meant an employee had to stay late, and none of their employees wanted to do that. So they had an idea -- make people pay $5/minute for late pickups. Guess what -- late pickups shot through the roof. Why? Because with this system, people now felt they had a right to make late pickups and weren't working so hard to avoid the inconvenience. They quickly got rid of the penalty.
Well that is somewhat peculiar.
Is there a paper about that daycare case for me to read ?
As for the DDoS case, methinks that de-facto market reason for counteracting it at ISP level would remain, as customers who are damaged by such actions above the measure to which it is compensated would still seek to migrate to a better ISP.
Then allow us to push filters up the router chain.
I would if I could, but I can't
Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.
Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...
And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.
Well, yes, but it is still better to have (damage - compensation) than just damage
A good example is a day care center that had a huge problem with late pickups. That meant an employee had to stay late, and none of their employees wanted to do that. So they had an idea -- make people pay $5/minute for late pickups. Guess what -- late pickups shot through the roof. Why? Because with this system, people now felt they had a right to make late pickups and weren't working so hard to avoid the inconvenience. They quickly got rid of the penalty.
Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.
Yay, whitelisted!
You see, in a way every packet you send already has a cost (even if you are on what is deceptively called "unmetered")
The idea here is to have a tiny payment to the receiving side being "attached" to every packet, so that every site you visit receives a tiny tiny (under normal, non DDoS situation) payment
The biggest problem with this scheme is that it creates several perverse incentives. For example, sites with no value whatsoever and very low bandwidth could use malware to launch DDoS attacks on themselves to make money. Even if they only had a miniscule amount of bandwidth, they would still get paid for packets that never made it to their pipe.
Well, some folks already more or less do that when they hire botswarms to hit their ads and counters, though the "pay packet" scheme would indeed somewhat increase the incentive to attract even more "non-consensual" traffic.
Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.
Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...
Well, yes, but it is still better to have (damage - compensation) than just damage
Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.
Of course, the technology is (almost) completely hypothetical, but methinks it's still a nice idea worthy of some (fairly relaxed) contemplation.
DDOS are usually made from botnets with thousands of compromised machines, you cannot charge the machine owners or ISP's for that traffic
You see, in a way every packet you send already has a cost (even if you are on what is deceptively called "unmetered")
The idea here is to have a tiny payment to the receiving side being "attached" to every packet, so that every site you visit receives a tiny tiny (under normal, non DDoS situation) payment
The biggest problem with this scheme is that it creates several perverse incentives. For example, sites with no value whatsoever and very low bandwidth could use malware to launch DDoS attacks on themselves to make money. Even if they only had a miniscule amount of bandwidth, they would still get paid for packets that never made it to their pipe.
Well, some folks already more or less do that when they hire botswarms to hit their ads and counters, though the "pay packet" scheme would indeed somewhat increase the incentive to attract even more "non-consensual" traffic.
Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.
Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...
And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.
Well, yes, but it is still better to have (damage - compensation) than just damage
Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.
Of course, the technology is (almost) completely hypothetical, but methinks it's still a nice idea worthy of some (fairly relaxed) contemplation.
And it was developed by bitcoiners, me and Lolocust.
You would pay, for example £10 per month to connect to the internet, much like as things are today, but only some of that would go to your ISP/maintenance of the internet, lets say £5. The other £5 would be split among the addresses you sent packets to in proportion of how many packets (or how much data) you sent to them. So for example if you used half the packets you sent that month attacking another address then the owner of that address would receive £2.50, as well as money from anyone else attacking his address.
The biggest problem with this scheme is that it creates several perverse incentives. For example, sites with no value whatsoever and very low bandwidth could use malware to launch DDoS attacks on themselves to make money. Even if they only had a miniscule amount of bandwidth, they would still get paid for packets that never made it to their pipe.You would pay, for example £10 per month to connect to the internet, much like as things are today, but only some of that would go to your ISP/maintenance of the internet, lets say £5. The other £5 would be split among the addresses you sent packets to in proportion of how many packets (or how much data) you sent to them. So for example if you used half the packets you sent that month attacking another address then the owner of that address would receive £2.50, as well as money from anyone else attacking his address.
Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.
If the receiving ISP keeps the money, nothing is done to stop DDoS attacks. Neither the sender nor their ISP pays any more money, they just change who gets it, so they have no incentive to stop the attacks. And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.
Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.
DDOS are usually made from botnets with thousands of compromised machines, you cannot charge the machine owners or ISP's for that traffic
The idea is that the money you currently pay to your ISP will be partly divided among the sites you visit. This could be interesting not only to defeat DDOS, but also to help supporting websites.
DDOS are usually made from botnets with thousands of compromised machines, you cannot charge the machine owners or ISP's for that traffic
You will also have to contact every hosting service to tell them to start accepting payments. How will I earn money with my web server running at my laptop in my basement? And how are you going to pay me Euros when I get visits from Zimbabwe?
The idea was developed :¬P We havn't implemented it yet. Every ISP may need to be on board if it were to be implmented.
Interesting concept. But how did you develop this solution? You created an ISP?
And it was developed by bitcoiners, me and Lolocust.
You would pay, for example £10 per month to connect to the internet, much like as things are today, but only some of that would go to your ISP/maintenance of the internet, lets say £5. The other £5 would be split among the addresses you sent packets to in proportion of how many packets (or how much data) you sent to them. So for example if you used half the packets you sent that month attacking another address then the owner of that address would receive £2.50, as well as money from anyone else attacking his address.
You would pay, for example £10 per month to connect to the internet, much like as things are today, but only some of that would go to your ISP/maintenance of the internet, lets say £5. The other £5 would be split among the addresses you sent packets to in proportion of how many packets (or how much data) you sent to them. So for example if you used half the packets you sent that month attacking another address then the owner of that address would receive £2.50, as well as money from anyone else attacking his address.