The
Graffiti Network or
Graffiti Networks project was created by
Andy Pavlo (Brown) and
Ning Shi (Brown) as part of a
networked systems class by
John Jannotti at
Brown University.
The project specifies as its motivation the the lack either user anonymity or long-term data permanents in existing
peer-to-peer network systems such as
BitTorrent. It lists as advantages for their system:
1. A newly arriving peer can still download files even if all other peers have long disconnected
2. A peer does not need to know about the existence of other peers
3. A tracker does not need multiple peers in order to enforce tit-for-tat policies.
The first two points seem reasonable to discuss from current information, although the third point is a little more unclear as the final paper has not been published. In BitTorrent,
tit-for-tat is a method that peers employ to prevent
freeloading. If a client notices that a peer is not returning desired data at the same rate as the client is providing the peer with requested data, it will throttle or terminate the connection. Some
trackers may also implement fairness logic based upon reported upload counts, but this is often open to manipulation.
Metcalfe's Law indicates that a network's value increases with its size, and this holds true for peer-to-peer networks as they rely on connected nodes to transfer data.
A peer-to-peer network with only one node is pointless as the node either has the data it wants--in which case it can't give the data to anyone--or it needs data, and has no source from which to retrieve it.
Graffiti gets around this by removing the peer-to-peer aspect. What they've done is created a
highly-distributed,
highly-unoptimized,
networked file system with a traditional
client-server model. The system has two classes of problems, technical and social.
Technically, the project is inefficient, and relies on untrusted third parties to maintain stored data despite having no incentive to do so (in some sense this is also a social problem, as the third parties have incentives to
not preserve data). If the tracker is the only system that is omniscient, it also becomes a single source of failure, as if it goes down connecting clients can no longer find parts of a file, nor store new parts. If this information
is shareable by a
peer-to-peer model, the project claims won't hold in this use case, but the system may continue to be usable if
concurrency issues can be resolved. This is in itself could be a difficult prospect, and the project web site leads me to believe that this case was not addressed.
Socially, the project is repulsive. Back before the modern web, before even the word "
spam" was associated with
electronic mail,
FTP dumping was a prevalent scourge. Users would find
anonymous FTP servers that allowed public uploads and downloads for a specified purpose, and use them to transfer unrelated files. Graffiti does the same thing, encoded as
ASCII text, and spread across wiki pages. It interferes with existing communities, and unlike deleting a file on an FTP server, the records, space used, and inconvenience caused can persist even after the page is "deleted". Amazingly, the project went back through all the sites it hijacked and "deleted" its content--by creating
another revision, which contained just a brief message without any data. The content--in one page I saw, this was a little under 100KB--is still recorded in the database as the previous revision.
The project's authors suggest using
CAPTCHAs as a solution to protect against their system and other automated attacks. However, the
reasons why CAPTCHAs are not the answer is out of scope for this article.
Singular vs Plural The message left by the project on
wiki sites uses the singular, while the project home page uses the plural.