WASTE
Encyclopedia
WASTE is a peer-to-peer
and friend-to-friend
protocol and software application developed by Justin Frankel
at Nullsoft
in 2003 that features instant messaging, chat rooms and file browsing/sharing capabilities. The name WASTE is a reference to Thomas Pynchon
's novel The Crying of Lot 49
. In the novel, W.A.S.T.E. is (among other things) an underground postal service.
After its release, WASTE was removed from distribution by AOL
, Nullsoft's parent company. The original page was replaced with a statement claiming that the posting of the software was unauthorized and that no lawful rights to it were held by anyone who had downloaded it, in spite of the original claim that the software was released under the terms of the GNU General Public License
.
Several developers have modified and upgraded the WASTE client and protocol. The SourceForge edition is considered by many to be the "official" development branch, but there are several forks
.
by connecting to a group of trusted computers, as determined by the users. This kind of network is commonly referred to as a darknet
. It uses strong encryption
to ensure that third parties cannot decipher the messages being transferred. The same encryption is used to transmit and receive instant messages, chat, and files, maintain the connection, and browse and search.
s), meaning there is no central hub or server that everyone connects to. Peers must connect to each other individually. Normally, this is accomplished by having individuals sharing their RSA public keys, ensuring that their computers are accessible via the appropriate ports (one or more parties must have an IP address
and port that can be reached by the other), and entering the IP address and port of someone on the network to connect to.
Once connected to the network, public keys are automatically exchanged amongst members (provided enough of the members are set to forward and accept public keys), and nodes will then attempt to connect to each other, strengthening the network (decreasing the odds that any one node going down will collapse or shut out any part of the network), as well as increasing the number of possible routes from any given point to any other point, decreasing latency and bandwidth required for communication and file transfer.
Since WASTE connects small, private groups rather than large, public ones, the network search feature is one of the fastest of all the decentralized P2P applications. Its instant messaging and file sharing capabilities are much closer to those of AOL Instant Messenger
than more typical file sharing
programs. Members of the network can create private and public chat rooms, instant message each other, browse each other's files, and trade files, including the pushing or active sending of files by hosts, as well as the more common downloading by users. Simple drag-and-drop to chat boxes will send files to their intended destinations.
The suggested size for a WASTE network (referred to as a "mesh" by users) is 10-50 node
s, though it has been suggested that the size of the network is less critical than the ratio of nodes willing to route traffic to those that are not. With original Justin Frankel
client legacy groups now exceeding five years of age, it's not uncommon for stable meshes to host multiple terabytes of secure content.
By default, WASTE listens to incoming connections on port 1337. This was probably chosen because of 1337's leet
connotations.
Since there is no central hub, WASTE networks typically employ a password
or passphrase
, also called a "network name" to prevent collision. That is, a member from one network connecting to a member of another network, thus bridging the two networks. By assigning a unique identifier (passphrase) to your network, the risk of collisions can be reduced, particularly with the original clients.
WASTE 1.7.4 for Windows was released on 24 December 2008, and was current . This is a new branch on SourceForge created because of inactivity on the main WASTE development branch. This is the most fully featured version to date.
A cross-platform (including Linux
, Mac OS
, and Microsoft Windows
) beta version of WASTE called Waste 1.5 beta 4 aka wxWaste, using the WxWidgets
toolkit is available.
VIA Technologies
released a fork of WASTE under the name PadlockSL, but removed the product's website after a few weeks. The user interface was written in Qt and the client was available for Linux and Windows.
Peer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
and friend-to-friend
Friend-to-friend
A friend-to-friend computer network is a type of peer-to-peer network in which users only make direct connections with people they know. Passwords or digital signatures can be used for authentication....
protocol and software application developed by Justin Frankel
Justin Frankel
Justin Frankel is an American computer programmer best known for his work on the Winamp media player application and for inventing the gnutella peer-to-peer network...
at Nullsoft
Nullsoft
Nullsoft, Inc. is a software house founded in Sedona, Arizona in 1997 by Justin Frankel. Its most known products include the Winamp media player and the SHOUTcast MP3 streaming media server. In recent years, their open source installer system, NSIS, has also risen in popularity as a widely used...
in 2003 that features instant messaging, chat rooms and file browsing/sharing capabilities. The name WASTE is a reference to Thomas Pynchon
Thomas Pynchon
Thomas Ruggles Pynchon, Jr. is an American novelist. For his most praised novel, Gravity's Rainbow, Pynchon received the National Book Award, and is regularly cited as a contender for the Nobel Prize in Literature...
's novel The Crying of Lot 49
The Crying of Lot 49
The Crying of Lot 49 is a novel by Thomas Pynchon, first published in 1966. The shortest of Pynchon's novels, it is about a woman, Oedipa Maas, possibly unearthing the centuries-old conflict between two mail distribution companies, Thurn und Taxis and the Trystero...
. In the novel, W.A.S.T.E. is (among other things) an underground postal service.
After its release, WASTE was removed from distribution by AOL
AOL
AOL Inc. is an American global Internet services and media company. AOL is headquartered at 770 Broadway in New York. Founded in 1983 as Control Video Corporation, it has franchised its services to companies in several nations around the world or set up international versions of its services...
, Nullsoft's parent company. The original page was replaced with a statement claiming that the posting of the software was unauthorized and that no lawful rights to it were held by anyone who had downloaded it, in spite of the original claim that the software was released under the terms of the GNU General Public License
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
.
Several developers have modified and upgraded the WASTE client and protocol. The SourceForge edition is considered by many to be the "official" development branch, but there are several forks
Fork (software development)
In software engineering, a project fork happens when developers take a legal copy of source code from one software package and start independent development on it, creating a distinct piece of software...
.
Description
WASTE is a decentralized chat, instant messaging and file sharing program and protocol. It behaves similarly to a virtual private networkVirtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
by connecting to a group of trusted computers, as determined by the users. This kind of network is commonly referred to as a darknet
Darknet
The term darknet refers to any private, distributed P2P filesharing network, where connections are made only between trusted peers using non-standard protocols and ports...
. It uses strong encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
to ensure that third parties cannot decipher the messages being transferred. The same encryption is used to transmit and receive instant messages, chat, and files, maintain the connection, and browse and search.
WASTE Networks
WASTE networks are decentralized (see social networkSocial network
A social network is a social structure made up of individuals called "nodes", which are tied by one or more specific types of interdependency, such as friendship, kinship, common interest, financial exchange, dislike, sexual relationships, or relationships of beliefs, knowledge or prestige.Social...
s), meaning there is no central hub or server that everyone connects to. Peers must connect to each other individually. Normally, this is accomplished by having individuals sharing their RSA public keys, ensuring that their computers are accessible via the appropriate ports (one or more parties must have an IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
and port that can be reached by the other), and entering the IP address and port of someone on the network to connect to.
Once connected to the network, public keys are automatically exchanged amongst members (provided enough of the members are set to forward and accept public keys), and nodes will then attempt to connect to each other, strengthening the network (decreasing the odds that any one node going down will collapse or shut out any part of the network), as well as increasing the number of possible routes from any given point to any other point, decreasing latency and bandwidth required for communication and file transfer.
Since WASTE connects small, private groups rather than large, public ones, the network search feature is one of the fastest of all the decentralized P2P applications. Its instant messaging and file sharing capabilities are much closer to those of AOL Instant Messenger
AOL Instant Messenger
AOL Instant Messenger is an instant messaging and presence computer program which uses the proprietary OSCAR instant messaging protocol and the TOC protocol to allow registered users to communicate in real time. It was released by AOL in May 1997...
than more typical file sharing
File sharing
File sharing is the practice of distributing or providing access to digitally stored information, such as computer programs, multimedia , documents, or electronic books. It may be implemented through a variety of ways...
programs. Members of the network can create private and public chat rooms, instant message each other, browse each other's files, and trade files, including the pushing or active sending of files by hosts, as well as the more common downloading by users. Simple drag-and-drop to chat boxes will send files to their intended destinations.
The suggested size for a WASTE network (referred to as a "mesh" by users) is 10-50 node
Node (networking)
In communication networks, a node is a connection point, either a redistribution point or a communication endpoint . The definition of a node depends on the network and protocol layer referred to...
s, though it has been suggested that the size of the network is less critical than the ratio of nodes willing to route traffic to those that are not. With original Justin Frankel
Justin Frankel
Justin Frankel is an American computer programmer best known for his work on the Winamp media player application and for inventing the gnutella peer-to-peer network...
client legacy groups now exceeding five years of age, it's not uncommon for stable meshes to host multiple terabytes of secure content.
By default, WASTE listens to incoming connections on port 1337. This was probably chosen because of 1337's leet
Leet
Leet , also known as eleet or leetspeak, is an alternative alphabet for the English language that is used primarily on the Internet. It uses various combinations of ASCII characters to replace Latinate letters...
connotations.
Since there is no central hub, WASTE networks typically employ a password
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
or passphrase
Passphrase
A passphrase is a sequence of words or other text used to control access to a computer system, program or data. A passphrase is similar to a password in usage, but is generally longer for added security. Passphrases are often used to control both access to, and operation of, cryptographic programs...
, also called a "network name" to prevent collision. That is, a member from one network connecting to a member of another network, thus bridging the two networks. By assigning a unique identifier (passphrase) to your network, the risk of collisions can be reduced, particularly with the original clients.
Nullnets
"Nullnets" are networks without a passphrase. It is impossible to know how many nullnets exist, but there is one primary nullnet. The best way to access the nullnet is to post your credentials to the WASTE Key Exchange. The nullnet can easily merge with other nullnets because there is no passphrase, which makes it a great place for public discussion and file sharing.Strengths
- Secured through the trade of RSA public keys, allowing for safe and secure communication and data transfer with trusted hosts.
- The distributed nature means that the network isn't dependent on anyone setting up a server to act as a hub. Contrast this with other P2PPeer-to-peerPeer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
and chat protocols that require you to connect to a server. This means there is no single point of vulnerability for the network. - Similarly, there is no single group leader, everyone on the network is equal in what they can or cannot do, including inviting other members in to the group, nor can any member kick another from the group, exclude them from public chats, etc.
- WASTE can obfuscate its protocol, making it difficult to detect that WASTE is being used.
- WASTE has a "Saturate" feature which adds random traffic, making traffic analysisTraffic analysisTraffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and...
more difficult. - The nodes (each a trusted connection) automatically determine the lowest latency route for traffic and, in doing so, load balance. This also improves privacy, because packets often take different routes.
Shortcomings
- Trading public keys, enabling port forwardingPort forwardingPort forwarding or port mapping is a name given to the combined technique of# translating the address and/or port number of a packet to a new destination# possibly accepting such packet in a packet filter...
on your firewall (if necessary), and connecting to each other can be a difficult and/or tedious process, especially for those who aren't very technically proficient. - Due to the network's distributed nature, it is impossible to "kick" someone from the network once they've gained access. Since every member of the network will have that member's public key, all that member needs to do to regain access is to connect to another member. Coordinating the change of the network name is exceedingly difficult, so the best course of action is to create another network and migrate everyone over to the new network. This could, of course, also be seen as a strength.
- Since there is no central server, once someone disconnects from the network, they must know at least one network IP address to reconnect. It is possible that the network will drift from all the IP addresses used before so that none is known, and it becomes necessary to contact a network member and ask for address information to be able to reconnect. Indeed, it is possible that a network could unknowingly split into two this way. It takes at least some coordination to keep a WASTE network intact; this can be as simple as one or more volunteers with a static IP address or a fixed dynamic DNSDynamic DNSDynamic DNS or DDNS is a term used for the updating in real time of Internet Domain Name System name servers to keep up to date the active DNS configuration of their configured hostnames, addresses and other information....
(DDNS) address (available free of charge from a number of providers) keeping their node up to allow people to reconnect to the network. - While encryption is performed using the BlowfishBlowfish (cipher)Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date...
algorithm, which is thought to be strong, the PCBC mode used has several known security flaws. - Nicknames are not "registered," which allows eavesdropping and spoofing. WASTE version 1.6 reduces the chances of eavesdropping by using public keys for communication, but as network members may choose any nickname a user must know and recognize the hashCryptographic hash functionA cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...
of the person they wish to communicate with to be sure of their identity. - To connect from behind a firewall, one party must have the proper port forwarded to their computer; as WASTE networks do not depend on a central server there is no way around this. However, as long as one node accepts incoming connections it can act as a server, connecting nodes that cannot themselves accept incoming connections. Indeed, the long-term stability of a WASTE network depends on these hubs.
Versions
As of version 1.7, WASTE comes in an experimental and a stable release. The experimental branch implements a new 16k packet size, which improves overhead and transfer speeds, but is not compatible with previous versions which support a 4k packet size.WASTE 1.7.4 for Windows was released on 24 December 2008, and was current . This is a new branch on SourceForge created because of inactivity on the main WASTE development branch. This is the most fully featured version to date.
A cross-platform (including Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, Mac OS
Mac OS
Mac OS is a series of graphical user interface-based operating systems developed by Apple Inc. for their Macintosh line of computer systems. The Macintosh user experience is credited with popularizing the graphical user interface...
, and Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
) beta version of WASTE called Waste 1.5 beta 4 aka wxWaste, using the WxWidgets
WxWidgets
wxWidgets is a widget toolkit for creating graphical user interfaces for cross-platform applications. wxWidgets enables a program's GUI code to compile and run on several computer platforms with minimal or no code changes...
toolkit is available.
VIA Technologies
VIA Technologies
VIA Technologies is a Taiwanese manufacturer of integrated circuits, mainly motherboard chipsets, CPUs, and memory, and is part of the Formosa Plastics Group. It is the world's largest independent manufacturer of motherboard chipsets...
released a fork of WASTE under the name PadlockSL, but removed the product's website after a few weeks. The user interface was written in Qt and the client was available for Linux and Windows.
See also
- Darknet
- Friend-to-friendFriend-to-friendA friend-to-friend computer network is a type of peer-to-peer network in which users only make direct connections with people they know. Passwords or digital signatures can be used for authentication....
(F2F) - File sharingFile sharingFile sharing is the practice of distributing or providing access to digitally stored information, such as computer programs, multimedia , documents, or electronic books. It may be implemented through a variety of ways...
- Peer-to-peerPeer-to-peerPeer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
(P2P) - GnutellaGnutellaGnutella is a large peer-to-peer network which, at the time of its creation, was the first decentralized peer-to-peer network of its kind, leading to other, later networks adopting the model...
- NullsoftNullsoftNullsoft, Inc. is a software house founded in Sedona, Arizona in 1997 by Justin Frankel. Its most known products include the Winamp media player and the SHOUTcast MP3 streaming media server. In recent years, their open source installer system, NSIS, has also risen in popularity as a widely used...
- Justin FrankelJustin FrankelJustin Frankel is an American computer programmer best known for his work on the Winamp media player application and for inventing the gnutella peer-to-peer network...
External links
- WASTE again - fork of WASTE
- Original WASTE SourceForge site - now defunct
- The World's Most Dangerous Geek (Rolling Stone interview with Justin Frankel)
- The Invisible Inner Circle
- Anonymous Communication With Waste
- 'Secure File Transfer With WASTE - Introductory video' by Russell Sayers at showmedoShowmedoShowMeDo is a video sharing website where users can upload, view and share Video tutorials.Most of the screencasts focus on themes related to computer programming languages and Open Source software, especially Python....
- The Zer0Share Project - Jack Spratts' Darknet