DOS Attack caused by Data Overload


#1

Problem: Traditional Internet relies on servers that are independently managed and maintained by individuals. The SAFE Network manages and maintains all connections (servers) into a more efficient space. Traditional DOS attacks target the individual server. A DOS attack would have to target the entire SAFE Network. While this is unlikely, it is not impossible. Simply overloading the available storage space on the network would effectively accomplish this attack. One example would be if youtube dumped their entire server onto the network during the early stages. While the attack may be unintentional, it is still a cause for concern.

Solution: Currently, the SAFE Network allows unlimited data to be uploaded. If the upload limit was temporarily “capped” to the storage amount already provided, then the attack would be pointless. In other words, they cannot use more resources than they provide.

So let’s say youtube dumps their server onto the network, but at the same time they use that server as a vault farm. Basically, the videos get uploaded for free. Unused storage space from their server will earn them safecoins.

Q: Some say this disadvantages the poor from the rich.
A: This limit is only temporary. Once the network grows large enough, the limit will expire.

Q: How long will the limit be in place?
A: This should be determined by the community… if they choose this solution.

Q: Why not use safecoin to charge as payment for users who exceed their usage?
A: This has been discussed and leads down a more complex road. We have to consider the floating value of safecoin in relation to national currencies. What happens if those currencies collapse? What happens if they rise in value and make it so cheap for safecoin to buy up 50% of network? The network is supposed to be autonomous and cannot determine human valuations in a free market. It is more stable to measure resource taken by resource given.

Q: What if someone wants to exceed their limit for legitimate reasons?
A: They simply provide more resources to the network, thereby increasing their limit. The free market is already handling this part.


Using the SAFE network without money
Safecoin resource (consumption) model
#2

Yes I see this as a solution for sure. I have thought of this as a long term solution. I will tell you why.

safecoin will not be easily accessible by the normal person to begin with. As the network grows and safecoin is accessible then this changes everything. Looking at any other payment is not a great idea as its as hard as safecoin payments to implement and may reduce privacy.

I should say when we talk of buying resource with safecoin, we mean like dollars or euros in this case, it is not tied to a resource cost. It is merely a unit of exchange. Internal proof of resource tokens are tied to resource supply/demand, they are not enabled and we hope to to enable them.

A thought may be to provide a good limit, say 2Tb per user account from the beginning. After this then the network can ask for a safecoin payment. By that time perhaps we will have enough liquidity in the market to make farming more attractive and the value of safecoin increases (reducing the amount to purchase for the next block of data).

Now an interesting approach may be the master protocol guys or similar. If they could have a safecoin exchange (for fiat and btc) and this was one of the first apps on the network it may work for us from an early stage.

I do wonder though what stops somebody doing this damage on google drive or dropbox. Is it something we fear that will not happen ? (this is the BIG question)

Another left fielder, slow uploads to a speed farmers can cope with. I am sure the network could facilitate this with some clever logic at the maidManagers? This is something I have been playing around with. If we have a good archiving system in place for tertiary storage and then perhaps systems later on for very long term archive and or delete, then it may be interesting.


#3

Sorry for the late edit. I was still flushing out some ideas and have edited my original post.
If you don’t mind, please take a look at the revised solutions and comment ; )


#4

Yes, no prob David. I think the issue is users having to provide a resource. The problem of mobile usage, which could be huge would preclude this part I feel. If we can bash out a mechanism that does not require resources to be provided for these users (who could expand the network very quickly) then it would be amazing. So the purchase resources is OK, not necessarily POR tokens, but via another mechanism.

The other issue with mobile is that they are non routing nodes. I am working on that part to as getting them in the routing and caching chain will help an awful lot, especially in balancing and attack resistance.


#5

Is it an option to consider limiting the amount of private data per account, but having unlimited public data?

What bothers me is that it would be very easy for an attacker to create many accounts. A reasonable limiter would be to implement a decentralised captcha. The MaidManagers could send a captcha to the node upon creation of the account and upon suspicion of abuse? Each application would have to deal with these captcha requests.


#6

Very interesting, a captcha type access mechanism may be a great way of preventing automated scammers. I am no captcha fan, but in this case it may prove to be very interesting. Well worth more thought. Good one @benjaminbollen


#7

I see your point, so let’s simulate this in practice.

If I remember correctly, the system allows a POR (pool) associated with all devices owned by the user.
So a user with a home PC contributes 1TB, while their cellphone gives none.
If that is true, POR usage from the cell phone pulls from the 1TB pool. So that might solve 50% of users.

A person with only a cellphone, will not have that pool of resources. They will need to gain resources through purchasing safecoin from the exchange market. My only concern with that is the stability of it. I’d rather have them raise their limit by giving more resources. This would encourage the network to grow larger in a more decentralized manner. Otherwise, the only guys selling safecoins will be dedicated vault farmers who dominate the safecoin market.

The limit was just temporary until the network grows larger. Or we can try it without the limit and see what happens.

Don’t mind me, just thinking out loud.


#8

I’m not a big fan of them either. I hate wasting brain cycles. At least it is a start to verify (mostly) human beings are using the network.

If we have a problem algorithms in the network cannot solve, but a human could, then a that would be a win-win situation: having humans contribute a simple effort that would help out the network, and hold off bots.


#9

What about biometrics, not to use as passwords, to use as uniqueness. So a person creates an account, their fingerprint is read at say 42 points. This is hashed and written to a network location of type fingerprint. If one exists that user cannot create another account?

I know there are issues (3 in 1000 prints do not work, h/w availability etc.), but this is perhaps an interesting adjunct ? (it helps with voting, ranking and much more).


#10

I’ve been breaking my head over this for some weeks now. I would love to incorporate biometrics in a SAFE way into the network. It would help tremendously with an effort of equal access for all people worldwide. And as you mention, with fair voting etc

The best I’ve come up with so far is to not rely on a single biometric. Instead allow for fingerprint, voiceprint, facial recognition. But obviously you need an entry point into the network: maybe a fingerprint could be hashed, but I’m pretty sure that wouldn’t work with voice or face. It is clearly also not the intent to start a new Facebook with a record of all faces/voices of all people, searchable!!

What could work is that in your initial login files, you privately store a voiceprint and/or faceprint. So that this is used as a ‘second-verification step’


#11

Yes, what I mean is to use a fingerprint as “proof of person” if you like. So rather than a security step its merely a proof you are a unique person.

I agree some better mechanisms than login passwords would be amazing to (trezor type devices perhaps), but I am not really getting at that here. Just a “proof of ‘unique’ person” to stop people having many accounts.


#12

I should say, a hashed fingerprint is akin to you have ‘mined’ a space on the network a human can access. This allows the network to create your account as you are proven unique.


#13

That is a good distinction to make indeed! For the ‘proof of unique person’ could voice be used? Microphones are wide spread, camera’s also a bit, but fingerprint readers aren’t. Especially not worldwide. So that would be a big hurdle, but the concept is brilliant! It would limit to 20 accounts per physical person :slight_smile:


#14

I think perhaps it could. I am not sure, of course not recording a statement, but perhaps if we could detect intonations depth and other factors unique to that person it would work. We need a voice expert, this could indeed be extremely cool, we can hash the variables and ‘mine’ a space.

This is very revolutionary and fixes something that has bothered me for years. Vote without need for ballot papers etc. If we could get some data from a voice, even if it were intentionally trying to be altered by that person, then we may have an amazing plan here.

All humans then can rank, vote and much much more! Humanity sans frontieres :smile:


#15

+1 I can’t yet believe that indeed, combining SAFE with voice biometrics could give you a private unique ID. That potential is huge. Before SAFE I never saw a way of not having a ‘central privacy invading unwieldy database of all people’

Please let there be voice experts already on this list. That would be Christmas :smile:


#16

Also totally anonymous, nobody knows the hash of your “variables” even if they did all they could tell was you were somewhere on the network. We would not link this to an account, just the network would check you can ‘mine’ a space before saving your PMID (public name) and possibly your MAID (data store / get etc. id).

PMID’s created like this would be stored as HPMID (HumanPmid) and others simply as anonymous (PMID), possibly not human id’s

Yip I am liking this one.


#17

A last one, way out there before I go to sleep: curious whether voice can indicate age. Even if it classifies roughly minors from adults, that would be an interesting turn. But this is way out there, and Im not voice expert :slight_smile:


#18

Could be another very interesting issue. Even if a minor did create an account the network could work forward to them becoming an adult. If the variables for mining were not inclusive of that part, but the account was created with that knowledge, then we may solve another problem. I do hope we find a voice expert now. This is potentially enormous Ben, amazing collaboration!


#19

http://en.wikipedia.org/wiki/Speaker_recognition Here is what we need.
May be able to grab this and test it (needs to be very cross platform) https://groups.google.com/forum/#!topic/bob-devel/bflaRK5xXTA


#20

I’m following the discussion and it sounds incredible! We are solving other issues simultaneously. If this could work, we should definitely give it a try. Go for it!