> The parasite node creates 2n specially constructed messages designed to evaluate a potential solution. The design of the message, exploiting the TCP checksum, is described in Fig. 3. These messages are sent to many target servers throughout the Internet. ...
> The message received by a target servercontains an IP header, a TCP header, and a candidate solution (values for x(i)). The operators in the Boolean equation determine the value of the checksum, which is in the TCP header. The parasite node injects each message into the network at the IP level (Fig. 1), bypassing TCP. After receiving the message, the target server verifies the data integrity of the TCP segment by calculating a TCP checksum.
> The construction of the message (Fig. 3) ensures that the TCP checksum fails for all messages containing an invalid solution to the posed SAT problem. Thus, a message that passes the TCP
checksum contains a correct solution. The target server will respond to each message it receives (even if it does not understand the request). As a result, all messages containing invalid solutions are
dropped in the TCP layer. Only a message which encodes a valid solution `reaches' the target server, which sends a response to the `request' it received.
Another bit about the practical usefulness at this point:
> The TCP checksum provides a series of additions and a comparison at the cost of hundreds of machine cycles to send and receive messages, which makes it computationally inefficient. To make the model viable, the computation-to-communication ratio must increase in order that the computation exported by the parasitic node is larger than the amount of cycles required by the node to solve the problem itself instead of sending it to the target. However, it is important to emphasize that these are drawbacks of the presented
implementation and do not represent fundamental obstacles for parasitic computing. It remains to be seen whether a higher-level implementation of a parasitic computer could execute in an efficient manner.
Though it requires active participation from the participant, i.e. visiting the "infected" website. Whereas this method requires no actions on part of the server, beyond behaving normally.
Makes me wonder what other sort of things a given server is participating in without realizing it. I don't see how you could use this exact technique(TCP checksums) to mine crypto, for example, but there might be some relatively common web applications out there that could be exploited in a similar way.
It's a shame how so many websites just don't function even with minimal Javascript features turned off, because that's essentially the only way to really defend against this sort of malware.
There's blacklisting which can be used in uBlock, and you can limit the processorusage of threads within a browser with whitelisting. E.g. "Hacker News is requesting excessive usage of your GPU. Would you like to allow this usage?"
I wrote a java applet which would calculate the digits of PI, when it loaded it would fetch the most current result by polling a CGI - and every minute or so that it was running it would upload its progress to that same CGI.
That was back in 1998, or so. When Java Applets were almost useful. I showed a pretty animation, and stole your resources!
I know of a few organizations that buy multicore systems for their staff, and then "reserve" a few cores as part of a local grid computer. I think of this as more "symbiotic" computing than parasitic.
There's several vendors for it but typically there's some kind of service that runs on the organization's desktop machines that are centrally controlled by a job scheduler/server.
I don't have a lot of familiarity with them other than in conversation. But here's a few:
That sounds pretty interesting. My wife's work has a dedicated rendering machine that sits idle something like 75% of the time. (And apparently due to contract issues, they can't farm it out to an external server somewhere.)
After a little digging, I was able to find http://sci-hub.la. Really sad they're having domain issues :( (direct IP access seems to be a little broken at the moment)
> The parasite node creates 2n specially constructed messages designed to evaluate a potential solution. The design of the message, exploiting the TCP checksum, is described in Fig. 3. These messages are sent to many target servers throughout the Internet. ...
> The message received by a target servercontains an IP header, a TCP header, and a candidate solution (values for x(i)). The operators in the Boolean equation determine the value of the checksum, which is in the TCP header. The parasite node injects each message into the network at the IP level (Fig. 1), bypassing TCP. After receiving the message, the target server verifies the data integrity of the TCP segment by calculating a TCP checksum.
> The construction of the message (Fig. 3) ensures that the TCP checksum fails for all messages containing an invalid solution to the posed SAT problem. Thus, a message that passes the TCP checksum contains a correct solution. The target server will respond to each message it receives (even if it does not understand the request). As a result, all messages containing invalid solutions are dropped in the TCP layer. Only a message which encodes a valid solution `reaches' the target server, which sends a response to the `request' it received.
References: http://web.archive.org/web/20161106073051/http://www3.nd.edu...