Here's a short list of the mainstream abuse that occurs with current file sharing systems:
- Leechers - people who upload far less than they download. In a P2P system, the fundamental rule is that each user 'should' approach a 1 on 1 relation between uploaded bytes and downloaded bytes. Any leechers need to be counteracted by people who upload more than they download.
- Legal Threats - Just for uploading something it's possible (though for now unlikely) you'll get into legal trouble.
- Fake Files - They come in many forms:
- Media is only a few seconds, looped over and over
- Media just has the wrong name.
- Media quality is far worse than one would expect
- Media contains advertisement for something.
- Trojan horse hidden in the media (rare, as only certain formats can carry code and most media formats aren't among them).
The root cause for all these problems is a lack of accountability. If someone is responsible for putting up a fake file, either directly or indirectly (by not checking a file for correctness before putting it in the 'upload' folder), there are no repercussions.
Similar situation for leechers: Even systems that do accounting aren't enough; a leecher can just create a new identity on the fly.
So, let's solve all these problems in one fell swoop by adding accountability to the system.
Introducing: The social network.
You can draw your own social network quite easily: Put yourself in the middle. Add all your friends around you, in a circle, and connect them all to you using a line. Then, ask all of your friends to repeat this process by drawing their friends around their name, and letting their friends do the same, etc, etc, etc.
A social network is eminently accountable; if your friend is acting like a total ass, you can take measures. Aside from accosting them about their behaviour, you can simply drop them out of your circle of friends as a final alternative.
Using that axiom, we base our file sharing system on social networks. There's no central server, there's only a list of IP addresses of your friends.
Filtering out abusers
In order to 'log onto' this network, you first need a friend that's already on the network. If you don't know any, you can start a new little network with your friends. If you end up abusing the system by introducing any of the problems listed earlier, eventually you get kicked out by your friends. At some point you run out of friends (in theory, anyway), and you can't get back on the network.
The program should offer a page listing all your friends and the trading 'balance' in various forms. There's the simple to measure 'uploaded versus downloaded', but also issues like: How often did I have to throw away a file because it was bad quality (assuming the downloading user can take the time to mark a file as 'bad', the software can assign penalty points), how often did this friend provide rare stuff I really wanted, and other esoteric criteria, limited only by how much time a user wants to spend notifying the software about how you rate the downloads from a friend.
The friend with the highest rating gets more of your upload allowance than other friends, ensuring that behaviour on the network you consider useful gets rewarded.
Dodging the RIAA
If you end up getting sued for uploading a file to a friend, that means your friend ratted you out. Your fault for adding that 'friend' to your list. Simple as that. Encryption can ensure that the RIAA massively inspecting network traffic won't endanger you legally.
Turning your circle of a friends into a whole network
If all you have is just your own friends, chances are you won't have access to a whole lot of material. You'll have to also access your friend's friend's resources, and your friend's friend's friend's resources, etcetera.
To accomplish this, you simply ask your friend to start looking for a certain resource on your behalf. Let's say Adam asks Ben to find some resource for him. Ben's friend Clara (who isn't a friend of Adam) has this file. In a perfect world, Ben would download the file from Clara, and Adam would download the file from Ben. However, because this wastes considerable bandwidth, for now we'll have to live with: Ben communicates Adam's IP address to Clara, and Clara can now elect to upload her file to Adam. She accounts this upload to Ben; Ben 'loses' standing with Clara. Similarly, Ben updates his status versus Clara positively and versus Adam negatively (Ben now 'owes' Clara but Adam 'owes' Ben).
At some point this has to stop; while you can trust your friends, and you can trust your friend's friends, at some point you really can't be sure anymore when you're dealing with leechers and the RIAA. The cutoff point is up to the user. Higher cutoff points, meaning there is more opportunity to upload, does mean you get better standings, which you can translate in having access to more files and faster downloads when you need something.
Logistics: How to make this a practical system
central-server-less designs have some problems. For one, you don't always know your friend's IP; not everyone even has a static IP. Furthermore, in order to 'do it right', as it were, it helps if you know you're -really- dealing with your friend and a spoofer. This requires encryption, and encryption without central servers requires PGP-like practices of handing out key hashes scribbled onto bits of paper to ensure your friend's public key is correct.
You can address both of these issues by offering a central logistics server (or using emule-like concepts where there are a number of third-party run servers) which takes care of being an impartial key verifier (if everyone trusts this server and everyone has the public key of this server, keys can be shared between any two persons by having them signed by the key authority) and distributing the IP numbers; all the software has to do is send a single 'ping' packet every so often to the server. Your identity name should be something easy to remember for everyone. Your email address seems like a prime candidate.
Compromise of the central server by ie the record labels is unlikely to be a disaster. Only if they also control local network trunks can they employ man-in-the-middle attacks, using the compromised key server to falsely claim their spoofed key is correct. This takes secret control of both the key server and substantial chunks of the internet network infrastructure. Right now, apparently, they can't even link IPs to a subscriber without a subpoena. Furthermore, the central server is fundamentally not doing anything illegal; they are not even distributing links to illegal content. They can market themselves as a general service that maps email addresses onto IP numbers and certified public keys. Such a server has plenty of legal use and as such would be hard to ban.
Another disadvantage of a decentralized network structure is that searches are potentially difficult. Concepts pioneered by existing file sharing services such as identifying files with a hashcode instead of a filename (as those are prone to change) should be used, of course. A search should work in concentric circles. You send a full search request packet which includes a randomly generated identifier to each of your friends. Only if all of those report back they don't have it for you, do you start asking each of your friends to start asking THEIR friends. All you have to do to accomplish this, is to send a hop count and the identifier to all your friends again; reasonably that won't amount to more than 160 bits at most, which is unlikely to cause a serious load on the network (searches did take up a decent chunk of network bandwidth on the gnutella file sharing system, also an attempt at a decentralized file sharing system).
Your friends showing up directly in your friends' network won't cause duplicate search results. If your friend unwittingly forwards your search request to one of your friends (who has already received this search request from you personally), your friend's computer can filter the duplicate search request easily; both have the same random identifier.
'value' is not just bytes uploaded versus bytes downloaded. One can imagine that someone 4 friends removed will not agree to download something to you unless he or she gets, let's say, triple credit for the effort, as a 'payback' against the increased risk of the target being a leecher or a RIAA informant. The downloader can then accept or reject this request. Each 'friend' in the chain in turn has to accept or reject; that's because the downloader doesn't directly get debited for the token value demanded by the uploader, as explained before. However, accountability always remains:
Let's say Clara, in our previous example, uploads this file to Adam. Adam's a leecher. Ben ends up being responsible for Adam's behaviour; Clara has debited the token value of her upload to Adam to Ben's account; if Ben doesn't return the favour somehow, he'll see dwindling efforts from Clara to supply him with good files at good download rates until, if Ben keeps vouching for leechers, Clara drops Ben from her circle of friends altogether.
Let's say Jack has a modem uplink, or crappy upload (some satellite internet services still have this), or pays per byte. He'd like to contribute to the network, but that costs him a lot of money. Let's say Jack has a friend, Kayleigh, who happens to be jacked in at 100MBit to the local university. Instead of paying through the nose at his ISP, he can of course give Kayleigh a bit of money for her troubles so that Kayleigh tells her software to artificially jack of Jack's rating. This way, Jack can leech all he likes from Kayleigh and her friends (and her friend's friends, etc, etc); Kayleigh will vouch for Jack, and with Kayleigh's luxurious connection, it's unlikely that Jack's leeching behaviour by itself is going to have a serious impact on Kayleigh's status as preferable 'file sharing friend'.
"Paying" for preferential access doesn't have to be done with real money. Someone who somehow manages to get excellent quality copies of movies far before they show up in theaters could get a lot of artificial tokens from friends even with a crappy connection. Someone who has a very large and tidy harddrive with everything named correctly, with subtitles and a high quality release, can also score bonus points (in the form of extra token value) from friends.
In other words, the system not only punishes bad behaviour, it also rewards good behaviour. That's something current systems definitely don't do; you don't get extra download speed on your other bittorrents if you're doing people the considerable service of seeding a very rare release, or some such. This proposed system does, and the accounting is timeless; you can upload something now, and reap the benefits a week later when you have a sudden craving to see some ancient movie or other that's no longer available in stores.
Just about all unwanted effects I've ever considered for a general file sharing service can be counteracted using token value and accountability. As such, it seems to me this system would be a vast improvement compared to the existing file sharing systems.
Naturally, existing cutting edge research on how to get the logistics right (such as the bittorrent protocol's various tricks) should be implemented here wherever possible. ie: Download from multiple sources, download random segments instead of always starting at the beginning, etcetera, etcetera.
I'm looking for comments. Am I missing something important? Has this idea been mentioned before? Is someone working on such a system? Might it be possible to retrofit an existing system with a social network accounting system?
Aside from looking for comments, I'm also trying to get someone to actually write it. I'm currently engaged elsewhere, already programming quite a lot for other projects. I only feel like so much programming per week, and unfortunately my other projects have priority.