Bandwidth is the new tool to fight hackers

5,211 reads

@ mohitmamoria Mohit Mamoria I teach difficult subjects in simple language.

Can we use blockchains to economically disincentivize the hackers?

I am often asked, “How is blockchain different from the other p2p networks that have existed long before?”

To this, my answer is, “Technically, nothing. Economically, everything.”

As soon as the words leave my mouth, a weird expression turns up on their face. I enjoy it for a minute before I start explaining what I meant.

Blockchain is not a new technology

“Every once in a while, a new technology, an old problem, and a big idea turn into an innovation.” — Dean Kamen

Before you start sending me hate emails, allow me to explain myself.

Every moving part of the blockchain has existed independently for a long time. We had peer-to-peer networks and cryptography long before blockchain came into the picture. A blockchain is just an arrangement of these technologies. If you are an engineer, you will not find anything new technically in the blockchain protocol.

The difference is that, this time, we have found a way to attach value to the cryptographic and peer-to-peer aspect of the network. Through cryptography and distributed consensus, we can now send virtual money, and we can also exchange value through tokens attached to objects of value.

The economic side of the blockchain makes it different from any other peer-to-peer network.

A decentralized protocol like blockchain is made up of tens of thousands of computers, wherein each of them contributes to the network through distributed authentication, verification and consensus. In return, these nodes are rewarded for their contribution.

As an added resiliency feature, if one computer goes down, the network stays up. If two computers go down, the network stays up. The network stays available until the last computer is standing.

When a tree falls down in a forest, the forest doesn’t cease to exist.

Blockchain is immutable economically, not technically.

What does this have to do with bandwidth?

“Nothing happens, and nothing happens, and then everything happens.” — Fay Weldon

Which brings us to my main point.

The other side of distributed tech — the “bad” side of it — is that malicious hackers have long been using networks of zombie computers or botnets to execute traffic-based attacks in the form of distributed denial-of-service or DDoS attacks.

The attacks do not come from a single computer that one can simply block, but rather from thousands of devices — usually compromised zombie computers — spread throughout the world. This makes it nearly impossible to track and block all of them.

In October 2016, Dyn, a company that controls an enormous part of the internet’s DNS infrastructure, was hit by the largest DDoS attack the world had ever seen. Over 1.2 Tbps of malicious connections brought down this cornerstone of the internet. Sites including Twitter, Netflix, Reddit, and CNN were all completely shut down for an entire day. Billions of dollars were lost because of that attack.

Blockchain startups like Filecoin and Siacoin have revolutionized hard disk sharing and monetization to create a Dropbox killer. Golem allow users to “donate” their spare computation power to allow others to get access to a distributed and collective powerful supercomputer.

Now, comes bandwidth.

By the way, I am editor of a weekly newsletter, Unmade, which delivers one startup idea to your inboxes every week.

A new business model for sharing resources

“By giving people the power to share, we’re making the world more transparent.” — Mark Zuckerberg

Given the distributed model of the blockchain, and the economic value that can be attached to transactions, it therefore makes sense that blockchains can be also used in making sure the internet is healthy and secure.

This approach is taken by Gladius, which is launching a distributed, peer-to-peer network wherein thousands of computers across the globe can share their excess bandwidth, storage, and resources, in order to fight back against DDoS.

This is done by acting as a global proxy server for traffic. Gladius’ network sits between a server and users or clients that access websites. If it’s a legitimate request, it is let through. If bad botnet traffic is detected, it is deflected and absorbed by the distributed network of nodes, thus negating the impact of a DDoS.

It does not stop there, however. During “peacetime” when there are no DDoS attacks, this very same network acts as a content delivery network or CDN, which caches website content and speeds up webpage loading.

The clear benefit here, of course, is that website owners do not need to spend excessive amounts of money to speed up their websites and for DDoS protection. The added benefit is that everyone wins. In all of this, the blockchain provides a mechanism for compensating all the users who contribute their computers’ resources, in the form of cryptographic tokens. These can be used to purchase services on the network, or even exchanged for cash.

A chain is only as good as its weakest link, but the blockchain gives us strength in numbers.

It is becoming cheaper to actually launch DDoS attacks. For as low as $5, anyone can purchase access to a botnet and start eating up a target server’s bandwidth, thus causing mayhem. For $400 you can practically take down any site — even ones protected by industry standards such as Cloudflare. This entire DDoS network for rent is capable of hitting sites with 125 Gbps of traffic. This means that the actual cost of an organized DDoS attacks “using a botnet of 1000 workstations can amount to $7 per hour.”

Gladius can help users fight back by likewise making it inexpensive and accessible to protect websites against DDoS. Website owners no longer need to spend thousands of dollars per month even if they do not get attacked (case in point, a popular service provider charges $200 per month flat rate, but that is only for minimal usage). With a peer-to-peer and pay-as-you-go scheme, even small businesses can easily fit it into their budget.

Conclusion: Will this disincentivize DDoS?

“The rabbit runs faster than the fox, because the rabbit is running for his life while the fox is only running for his dinner.” — R. Dawkins

If users could earn from DDoS protection, and if it becomes more expensive for attackers to execute their botnet attacks, will it stop DDoS at its tracks eventually? Of course, there is no clear answer at this point, since perpetrators might eventually shift to other business models or attack vectors. But this is a good start, since we are effectively taking advantage of the excess bandwidth and resources that were previously not accessible.

I mean, making money passively while helping other people across the globe sounds pretty good to me.

Hackers have already weaponized bandwidth in order to attack legitimate websites. It’s high time we also do the same — by using excess bandwidth to defend against such attacks.

Thanks for reading! :) If you liked it, please support by clapping 👏🏻 and sharing the post. Feel free to leave a comment 💬 below.

—

About the author

Mohit Mamoria is the CEO of godtoken.org (a crypto fund) and the editor of a weekly newsletter,Unmade, which delivers one startup idea from the future to your inboxes.

He writes regularly for world’s largest publications including HackerNoon, TechCrunch, TheNextWeb, CoinTelegraph among others.

Have feedback? Let’s be friends on Twitter. 🙌🏻

Tags