NPR had a program last Sunday about Bittorrent, the author, etc. It was a good program, though it was geared more towards the less-technical, for obvious reasons.

Their take on it is that it is going to revolutionize the Internet and challenge capitalism’s ‘ownership’ paradigm. I think that’s a bit heady and sensational, but there’s no doubt its been somewhat pivotal in changing the way files are shared.

Bittorrent’s biggest hurdle in my mind is repudiation. How do I establish a level of trust for a given chunk received from user X? Ideally, I would think it’s best to establish trust at a chunk-by-chunk basis, so that an application doesn’t have to assemble all the various chunks before verification can occur, because that would be another attack vector on the system.

this seems like the perennial problem with network-level filters – they can identify the protocol but not the application without some kind of integration with the end-points… that leaves them without a valuable piece of contextual information about the communication that’s being attempted (though the application isn’t the end of the story context-wise)…

the identification bit seems like a kludge to overcome that problem, but that said, conventional bittorrent clients do report their name and version… some clients allow you to see a breakdown of the various types of clients you’re connected to… further, some sites/trackers have in the past banned certain clients for abuse (some special clients were made that leached but didn’t seed)… to highlight how much of a kludge an identification bit is, though, the people making those abusive clients adapted to the banning by making their clients lie about the clients’ identification…