Sneaky calculations: how to trick other people's computers into solving your math problems.Browsing the World Wide Web is a breeze. Just click on a link or type in a Web-page identifier--the so-called uniform resource locator See URL. (World-Wide Web) Uniform Resource Locator - (URL, previously "Universal") A standard way of specifying the location of an object, typically a web page, on the Internet. Other types of object are described below. , or URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. . More often than not, the requested page appears on your screen within seconds, downloaded from a computer that could be anywhere in the world. We owe such reliable, speedy service to a standard set of procedures that governs communication between computers connected to the Internet. Largely invisible to the user, these protocols orchestrate an intricate duet of messages between interacting computers to guarantee that the right page appears in the right place at the right time. Those very same protocols, however, can be used for purposes entirely unintended by the protocols' designers. The communication system that brings you the Web page of your choice can be exploited to perform computations. In effect, one computer can co-opt other Internet computers to solve pieces of a complex computational problem In theoretical computer science, a computational problem is a mathematical object representing a question that computers might want to solve. For example, "given any number x, determine whether x is prime" is a computational problem. . The enslaved Enslaved may refer to:
Physicists Albert-Laszo Barabasi and Hawoong Jeong and computer scientists Jay B. Brockman and Vincent W. Freeh of the University of Notre Dame Notre Dame IPA: [nɔtʁ dam] is French for Our Lady, referring to the Virgin Mary. In the United States of America, Notre Dame in Indiana describe their scheme in the Aug. 30 NATURE. They call it parasitic computing Parasitic computing is a computing technology where a remote computer tricks a target computer into performing computations of a complex nature under disguise of a standard communications session. . "The target computers are unaware that they have performed computation for the benefit of a commanding node," the researchers remark. It's a brilliant demonstration of how to solve difficult problems by subverting protocol features, says computer scientist Matthias Bauer of the Friedrich Alexander University of Erlangen-Nuremburg in Germany. The fact that the target computers are unwitting participants in a computation differentiates this scheme from other efforts to use the processing power of thousands of computers distributed throughout the world for massive data crunching. In the SETI@home project, for instance, users must install special software that enables their computers, when otherwise idle, to download and scan data from radiotelescopes for signals that might point to the existence of extraterrestrial life “Green people” redirects here. For green people in fantasy fiction, see Goblinoid. Extraterrestrial life is life originating outside of the Earth. It is the subject of astrobiology, and its existence remains theoretical. (SN: 3/4/00, p. 152). "If parasitic computing imitates nature by not killing the parasite's host, it could be an interesting technology," Bauer observes. However, like parasitism parasitism: see parasite. parasitism Relationship between two species in which one benefits at the expense of the other. Ectoparasites live on the body surface of the host; endoparasites live in their hosts' organs, tissues, or cells and often rely in biology, parasitic computing can have deleterious effects. It could slightly slow a co-opted computer, but on a larger scale, it might clog or even bring down the Internet. The seemingly simple request for a Web page involves a significant amount of frenetic behind-the-scenes computation aimed at finding, delivering, and displaying the desired page. One key component, governed by the so-called transmission control protocol (TCP (1) (Transmission Control Protocol) The reliable transport protocol within the TCP/IP protocol suite. TCP ensures that all data arrive accurately and 100% intact at the other end. ), involves a calculation to determine whether a chunk of data was delivered without error. Information sent across the Internet is typically split into small chunks, or packets, that travel--often independently of each other--to their common destination. Each packet bears a header providing data about its source and destination and carrying a numerical value related to the packet's contents. * When a computer receives a packet of information, it checks for errors by performing a calculation and comparing the result with the numerical value in the packet's header (see How TCP error detection works). Such a calculation would detect, for example, the change of one bit from 0 to 1 or 1 to 0. Packets found to be corrupted are discarded. In that case, the interrogating computer receives nothing and eventually displays, "The server is not responding" or something similar. To obtain "experimental evidence of the principle of parasitic computing," Barabfisi and his colleagues embedded potential solutions to a particular mathematical question (see Getting satisfaction) in Web request messages sent from their own computers. When other computers linked to the Internet received the messages and put them through the standard TCP error-detecting routine, they also incidentally relayed information about the validity of the embedded answers. If a message incorporated a correct answer, it survived the target computer's error check, and the target computer replied to the interrogating computer. Otherwise, the target computer dropped the message and sent nothing back to the interrogator in·ter·ro·gate tr.v. in·ter·ro·gat·ed, in·ter·ro·gat·ing, in·ter·ro·gates 1. To examine by questioning formally or officially. See Synonyms at ask. 2. . Hence, each reply would signal a correct solution. In effect, by capitalizing on a calculation that Internet computers do anyway, Barabfisi and his coworkers tricked each target computer into handling a small piece of a large mathematical puzzle
The Notre Dame team tested its scheme by exploiting several "consenting though unwitting" Web site hosts in North America North America, third largest continent (1990 est. pop. 365,000,000), c.9,400,000 sq mi (24,346,000 sq km), the northern of the two continents of the Western Hemisphere. , Europe, and Asia. Subsequent experiments were conducted over local networks. "Parasitic computing does not compromise the security of the targeted servers," the researchers insist. It "accesses only those parts of the servers that have been made explicitly available for Internet communication." Nonetheless, Jeong comments, the team's demonstration raises many issues about the "ownership" of resources connected to the Internet. For instance, what does a computer owner actually consent to by connecting the computer to the Internet? Does that consent include uncompensated uncompensated (  n·kômˑ·p use in parasitic-computing projects? At the same time, "if one considers how much computing power and bandwidth are used by programs nowadays without the consent of the user, one could ask if it really makes a big difference," Bauer says. For example, newly installed software may automatically link to a company's Web server for license information and updates. Also, Web servers often deliver unsolicited advertising or download information to remote computers. "It is certain that if your space is public, someone is using it without your knowledge and in a way you did not intend," Barabasi and his colleagues contend. Although parasitic computing does not threaten the security of a target computer, it could delay the services that the target computer normally provides. On a sufficiently large In mathematics, the phrase sufficiently large is used in contexts such as:
The example chosen and implemented by Barabasi and his collaborators in their parasitic computing experiments poses no threat. Their primary goal was simply to prove the idea that the communications protocol Hardware and software standards that govern data transmission between computers. The term "protocol" is very generic and is used for hundreds of different communications methods. A protocol may define the packet structure of the data transmitted or the control commands that manage the of the Internet could be used to carry out computations. Indeed, the mathematical problem they used as a test for parasitic computing could have been solved much more practically and in less time on a desktop computer. Finding a way to increase the efficiency of the process would make parasitic computing more attractive for working out mathematical problems. It remains to be seen whether that can be done. Despite the inefficiency and impracticality of their approach so far, the Notre Dame team already has encountered criticism for calling attention to ways that communication could be turned into computation. The researchers responded with the following statement: "By publishing our work we wish to bring the Internet's various existing vulnerabilities to the attention of both the scientific community and the society at large, so that the ethical, legal, and scientific ramifications ramifications npl → Auswirkungen pl raised by it can be resolved." Moreover, similar schemes could be used for purposes less innocent than mathematical calculation. "There are many ways to bring down the Internet and its attached systems," warns security expert Peter G. Neumann Peter G. Neumann is a researcher who has worked on the Multics operating system in the 1960s. He edits the Computer Risks columns for ACM Software Engineering Notes and Communications of the ACM. He founded ACM SIGSOFT and is a Fellow of the ACM, IEEE and AAAS. of SRI International (company) SRI International - One of the world's largest contract research firms. Founded in 1946 in conjuction with Stanford University as the Stanford Research Institute, they later became fully independent and were incorporated as a non-profit organisation under U.S. in Menlo Park Menlo Park. 1 Residential city (1990 pop. 28,040), San Mateo co., W Calif.; inc. 1874. Electronic equipment and aerospace products are manufactured in the city. Menlo College and a Stanford Univ. research institute are there. 2 Uninc. , Calif. Consider what Bauer describes as "villain-to-victim" computing--schemes that take advantage of various Internet protocols Refers to all the standards that keep the Internet running. The foundation protocol is TCP/IP, which provides the basic communications mechanism as well as ways to copy files (FTP) and send e-mail (SMTP). for sharing or storing information. Such covert links could permit individuals to communicate via approved channels yet escape detection or filtering, a possibility now heightened by concern about terrorism. In the continuing cat-and-mouse game between parasite and host, and villain and victim, software-based systems to detect intruders enable Web site hosts to monitor requests made to their servers. For instance, Aaron Walters, Tom Slabach, and Curt Freeland of Notre Dame have written instructions that catch the specific sort of intrusion represented by parasitic computing based on TCP error checking. Although you can find a way to detect a specific version of parasitic computing, "I think it is impossible to protect against all ... techniques," Jeong says. "Whenever you're connected to the net, there will be a part someone can exploit." There is a simple defense, of course. Just disconnect. RELATED ARTICLE: How TCP error detection works All Web computers perform a simple calculation that lets a receiving computer check whether a particular message or packet arrived without getting corrupted along the way. The sending computer first breaks the entire message into segments, each consisting of 16 bits. All the segments are then added together using a variant of binary arithmetic that in which numbers are expressed according to the binary scale, or in which two figures only, 0 and 1, are used, in lieu of ten; the cipher multiplying everything by two, as in common arithmetic by ten. Thus, 1 is one; 10 is two; 11 is three; 100 is four, etc. See also: Binary that gives a 16-bit result. Suppose the result is 1110101011011011. The sending computer flips each bit in the result so that Os becomes 1s and 1s becomes 0s, obtaining the complementary string 0001010100100100. This complementary string is incorporated into the message header The identification lines at the beginning of an e-mail message, such as To:, From:, Subject: and Date:. , and the message is sent. The receiving computer breaks the incoming message into 16-bit segments, calculates the sum, then adds it to the complementary string in the header. If the message arrived unscathed, the result--called a checksum--is a string of 16 1s. If any bit in the message is altered during transmission, the checksum A value used to ensure data are stored or transmitted without error. It is created by calculating the binary values in a block of data using some algorithm and storing the results with the data. would be different. In that case, the receiving computer would drop the message and send nothing back to the interrogating computer. Otherwise, a message that passes the error-detection stage goes through the hyper-text transmission protocol (HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. ), which attempts to interpret the message's content. --I.P Getting satisfaction To demonstrate the feasibility of parasitic computing, Barabasi and his collaborators chose a mathematical question known as the satisfiability problem (SN: 5/6/00, p. 296). Consider, for example, two variables, x and y, and the logical statement (x OR y) AND ((NOT x) OR (NOT y)). The OR means that the clause (x OR y) is true if either x or y is true, and the AND means that the clause (x AND y) is true only if both x and y are true. Solving the given problem means assigning a value of true or false to each of the two variables so that the entire statement is satisfied. Here, x must be true and y false, or vice versa VICE VERSA. On the contrary; on opposite sides. , for the statement to be true. The researchers chose a much more complex satisfiability problem that involved 16 variables and the logical operations AND and XOR (eXclusive OR) A Boolean logic operation that is widely used in cryptography as well as in generating parity bits for error checking and fault tolerance. XOR compares two input bits and generates one output bit. The logic is simple. If the bits are the same, the result is 0. . The operator XOR means that the clause (x XOR y) is true only if x is true and y is false or if x is false and y is true. First, the interrogating computer generated all [2.sup.16] possible solutions to the given satisfiability problem. In this test case, only one of those solutions was valid. The computer then created a message and a header for each possible solution so that a target computer--at, say, a company or magazine Web site--performing TCP error detection would obtain the correct result only if the message contained a valid solution. If the result was incorrect, the target computer would drop the message. The message containing the valid solution then went through the hyper-text transmission protocol (HTTP). However, because the original message was not a legitimate Web request, the receiving computer responded with a message saying something like, "Page not found." Nevertheless, from the header information in the one returned message, the interrogating computer identified the solution to the posed satisfiability problem. --I.P |
|
||||||||||||||||||
is true for sufficiently large
Printer friendly
Cite/link
Email
Feedback
Reader Opinion