WASTE

From Wikipedia, the free encyclopedia

This article is about the file sharing network and application. For other uses, see Waste (disambiguation).

WASTE is a peer-to-peer and friend-to-friend protocol and software application developed by Justin Frankel at Nullsoft in 2003 that features instant messaging, chat rooms & file browsing/sharing capabilities. The name WASTE is a reference to Thomas Pynchon's novel The Crying of Lot 49, in which it is an acronym for "We Await Silent Tristero's Empire". In the novel, W.A.S.T.E. is an underground postal service.

After its release, WASTE was removed from distribution by AOL, Nullsoft's parent company. The original page was replaced with a statement claiming that the posting of the software was unauthorized and that no lawful rights to it were held by anyone who had downloaded it, in spite of the original claim that the software was released under the GNU General Public License.

Several developers have modified and upgraded the WASTE client and protocol. The SourceForge edition is considered by many to be the "official" development branch. No new betas have been released since March 2005, and few if any minor releases.

Contents

[edit] Description

WASTE is a decentralized chat, instant messaging and file sharing program & protocol. It behaves similar to a virtual private network by connecting to a group of trusted computers, as determined by the users. This kind of network is commonly referred to as a darknet. It employs heavy encryption to ensure that third parties cannot decipher the messages being transferred. The same encryption is used to transmit and receive instant messages, chat, and files, maintain the connection, and browse and search.

[edit] WASTE Networks

WASTE networks are decentralized (see social networks), meaning there is no central hub or server that everyone connects to. Peers must connect to each other individually. Normally, this is accomplished by having individuals sharing their RSA public keys, ensuring that their computers are accessible via the appropriate ports (one or more parties must have an IP address & port that can be reached by the other), and entering the IP address & port someone on the network to connect to.

Once connected to the network, public keys are automatically exchanged amongst members (provided enough of the members are set to forward & accept public keys), and nodes will then attempt to connect to each other, strengthening the network (decreasing the odds that any one node going down will collapse or shut out any part of the network), as well as increasing the number of possible routes from any given point to any other point, decreasing latency and bandwidth required for communication and file transfer.

Since WASTE connects small, private groups rather than large, public ones, the network search feature is one of the fastest of all the decentralized P2P applications. Its instant messaging & file sharing capabilities are much closer to those of AOL Instant Messenger than more typical file sharing programs. Members of the network can create private and public chat rooms, instant message each other, browse each other's files, and trade files, including the pushing or active sending of files by hosts, as well as the more common downloading by users. Simple drag-and-drop to chat boxes will send files to their intended destinations.

The suggested size for a WASTE network (referred to as a "mesh" by users) is 10-50 nodes, though it has been suggested that the size of the network is less critical than the ratio of nodes willing to route traffic to those that are not. With original Frankel client legacy groups now exceeding three years of age, it's not uncommon for stable meshes to host multiple terabytes of secure content.

By default, WASTE listens to incoming connections on port 1337. This was probably chosen because of 1337's leet connotations.

Since there is no central hub, WASTE networks typically employ a password or passphrase, also called a "network name" to prevent collision. That is, a member from one network connecting to a member of another network, thus bridging the two networks. By assigning a unique identifier (passphrase) to your network, the risk of collisions can be reduced, particularly with the original clients.

[edit] Nullnets

There does exist, however, a "nullnet" which is a network without a passphrase. It is impossible to know how many nullnets exist, but there is a public key exchange for connecting people to the nullnet.[1] This nullnet, like most nullnets, is inherently insecure - anyone can join simply by posting their public key & IP address, but can be a useful resource for connecting people for chat and/or filesharing similar to IRC. The WASTE Yahoo! Group[2] also has many members who are on the nullnet, but by far the best way to get connected is to post your information to the public key exchange and patiently wait for them to add your key & connect to you.

[edit] Strengths

  • Secured through the trade of RSA public keys, allowing for safe and secure communication & data transfer with trusted hosts.
  • The distributed nature means that the network isn't dependent on anyone setting up a server to act as a hub. Contrast this with other P2P and chat protocols that require you to connect to a server. This means there is no single point of vulnerability for the network.
  • Similarly, there is no single group leader, everyone on the network is equal in what they can or cannot do, including inviting other members in to the group, nor can any member kick another from the group, exclude them from public chats, etc.
  • WASTE can obfuscate its protocol, making it difficult to detect that WASTE is being used.
  • WASTE has a "Saturate" feature which adds random traffic, making traffic analysis more difficult.
  • The nodes (each a trusted connection) automatically determine the lowest latency route for traffic and, in doing so, load balance. This also improves privacy, because packets often take different routes.

[edit] Shortcomings

  • Trading public keys, enabling port forwarding on your firewall (if necessary), and connecting to each other can be a difficult and/or tedious process, especially for those who aren't very technically proficient.
  • The cross-platform beta version (based on wxWidgets) is currently very immature.
  • Due to the network's distributed nature, it is impossible to "kick" someone from the network once they've gained access. Since every member of the network will have that member's public key, all that member needs to do to regain access is to connect to another member. Coordinating the change of the network name is exceedingly difficult, so the best course of action is to create another network and migrate everyone over to the new network. This could, of course, also be seen as a strength.
  • Since there is no central server, once someone disconnects from the network, they must attempt any and all previously known IP addresses to reconnect. It is possible that the network will drift from those IP addresses and they will need to contact some of the members of the network in another way (i.e. email, instant message, etc.) in order to reconnect. Indeed, it is possible that one network could unknowingly split into two networks this way. It takes at least a mild amount of coordination to keep a WASTE network intact. This can be as simple as one or more volunteers with a static IP address (or a domain name, which can be freely obtainable[3][4]) keeping their node up to allow people to reconnect to the network.
  • Though the network itself is encrypted, transmissions within the network itself are not encrypted, allowing for eavesdropping and spoofing. This has been partially addressed in "unofficial" release 1.6, which allows for chat that is encrypted using the recipient's public key, preventing eavesdropping. These enhancements have not been incorporated into the SourceForge version.
  • Nicknames are not "registered," again, allowing for eavesdropping or spoofing. Once again, WASTE version 1.6 uses public keys for communication, reducing the chances of eavesdropping, but anyone can still choose any nickname they want so one must know and recognize the public key of the person they're addressing to be sure it's really them.
  • In order to connect from behind a firewall, one party must have the proper port forwarded to their computer. It should be noted, however, that because WASTE networks do not depend on an individual server to connect them, there is no way around this, though it is possible to set up a single WASTE node on a publicly accessible computer to act as an intermediary server for the purpose of connecting two or more computers that are behind a firewall. Without a third party server, techniques such as hole punching will not work, though it is possible, in theory, that a WASTE node on a publicly accessible computer could act as a server, but this feature has not been included in WASTE (and probably never will be).

[edit] Versions

The latest Windows release on SourceForge is 1.5 beta 3.[5]

A "non-official" 1.6 Windows edition addresses some UI and privacy concerns.[6]

A cross-platform (including Linux, Mac OS and Microsoft Windows) beta version of WASTE using the WxWidgets toolkit is available.[7]

VIA Technologies released a fork of WASTE under the name PadlockSL, but removed the product's website after a few weeks. The user interface was written in Qt and the client was available for Linux and Windows.[8]

[edit] See also

Portal:Free software
 Free software Portal

[edit] References

  1. ^ http://www.waste.vimicorp.com/wp/
  2. ^ http://tech.groups.yahoo.com/group/waste-discuss/
  3. ^ http://www.no-ip.com/
  4. ^ http://www.dyndns.com/
  5. ^ http://sourceforge.net/project/showfiles.php?group_id=82356
  6. ^ http://board.planetpeer.de/index.php?topic=1859.msg9155
  7. ^ http://sourceforge.net/project/showfiles.php?group_id=82356
  8. ^ http://slashdot.org/it/04/04/16/1215204.shtml

[edit] External links

Retrieved from "http://en.wikipedia.org../../../w/a/s/WASTE_5f05.html"