From: "Douglas R. Floyd" <dfloyd@IO.COM>
Date: Fri, 19 Jul 1996 09:43:07 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Opiated file systems
In-Reply-To: <ae13d749190210044435@[205.199.118.202]>
Message-ID: <199607182213.RAA10532@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> (Friends of mine have worked on "remote storage" ideas for exactly such
> applications. Clearly there are many options: storage in other local sites,
> storage in offshore sites, encrypted storage, even storage by a "priest"
> functionary ("Son, I am ready to receive your digitally transmitted
> confession.").)

The problem I ran into firsthand with archive sites is that they tend to
turn into porn or pirated software servers.  One could then have the
software delete after a download.  Anyway, one is always open to a denial
of service attack where someone just throws chunks of /dev/random at you.

(About last April when I wrote an offsite secure storage program, I was
testing it on another site.  Some 2 bit children found out about it and
decided to turn it into a porn server, causing major bandwidth to be taken
up.  I then set it to delete any files grabbed when one specifies the MD5
hash.  This stopped the onrush of outgoing stuff, however I got a
bunch of people dumping large amounts of random junk just to deny others
service out of spite.  To foil this, I set a per megabyte limit.  Then,
they just anon-remailed bunches of little files.  I got tired of the abuse
and pulled the plug on it.  It didn't even reach beta testing.)

If someone has any ideas on how to slow down attacks like this, please
E-mail me.  It would be nice to have an offsite storage place, but without
the necessity of giving a bunch of personal info (as with Mcaffee's
WebStor).