Cornell University researches say they have a new program, which can filter spam out of the peer-to-peer file-swapping network pool. Yet, some analysts think the new program could prove problematic if it also filters out the decoy files the music and movie industries are said to send through the P2P networks to discourage swappers.
Called Credence, and not necessarily named for a certain legendary rock and roll group, the program is described as allowing different computers to "gossip" with each other in the background, trying to determine which files are trustworthy and which should be bypassed.
The Cornell researchers have said they lifted a page from Google, with the program's design toward pumping search result accuracy along the "trusted recommendations of other trusted users" model.
"I believe in people; I think most people are honest," said project leader Emin Gun Sirer to ZDNet. "I think it will be people on the periphery who will be kept out."
P2P has been plagued by junk files and spam from pretty much the time the concept was born, with spammers discovering quickly enough that the networks equaled a new unsolicited advertising field, ZDNet said. But the news site also pondered aloud whether a program like Credence could improve search results so well that copyright infringement could become even more efficient.
And it isn't even certain just what good Credence would do against spam in the first place. "Users tend to learn to detect and ignore it," said Greg Bilson, the chief technology officer for P2P program LimeWire."It does hamper the user experience a bit, but isn't as bad as endless volumes of e-mail spam, for example."
"Our system relies on honest peers judging the authenticity of online content, and allows clients to securely tabulate and manage object endorsements across the network," Credence's creators say. "We employ a novel voter correlation scheme to weight the opinions of peers, which provides an incentive for peers to vote honestly and mitigates the impact of dishonest peers."
The proverbial jury may be out on Credence's effectiveness as a spam sweeper, but the program may also have done LimeWire a favor: the Credence developers said that, while putting the program into place, they spotted two LimeWire flaws, logo and magnet port vulnerabilities, that let anyone on the LimeWire network read any file on any machine tied to the Gnutella system through LiveWire.
LiveWire, the Credence team said, responded immediately to their discovery and had a patch for the flaws ready within hours of that report.
