Why use your own computer when you can make use of other people's? Researchers at the University of Notre Dame in Indiana have demonstrated "parasitic" computing -- using other people's servers to do your own processing, they said in an article in this week's Nature magazine.
The process is similar to that used by the likes of SETI@home (Search for Extraterrestrial Intelligence), which uses the processing power of millions of desktop PCs to scan data from a radio telescope in the hope of finding signs of life in outer space, said Nature in an introduction.
The difference with parasitic computing is that the Notre Dame researchers did not ask for permission from the server owners. However, they did not have to hack to gain direct access to anyone's computer but used the infrastructure of the Internet itself to create a virtual machine.
Researchers Albert-Lásló Barabási, Vincent Freeh, Hawoong Jeong and Jay Brockman hijacked the infrastructure to show what is possible using the Internet, said Nature.
A data validation program called a checksum is used, which runs on the TCP (Transmission Control Protocol (TCP) connection between Internet-connected computers. It forces the connected Web servers to solve a specific mathematical problem, the researchers said.
The protocols are in place to ensure reliable communication but they can be exploited to compute with the communication infrastructure, turning the Internet into a distributed computer. Servers will then unwittingly perform computation on behalf of an uninvited user, solving complex computational problems when they engage in standard communication and without being aware they are doing so.
In the event, it was more difficult and more time-consuming to process the information this way than to use the university's own computers, the researchers said, but the experiment shows interesting possibilities for using the Internet, and raises important ethical questions about the use of other people's computers.
It also raises legal questions about the use of other people's servers.
As with anything Internet-related, "the first is the question of jurisdiction," said Michael Aikenhead, a lecturer at the University of Durham, U.K.'s Centre for Law and Computing.
"Who actually tries any offense that might have occurred?" he said. If servers in North America, Europe and Asia are affected, each jurisdiction may treat the activity differently.
"In terms of U.K. law, I've not heard of any situation directly on point and find it difficult to see how the law could prevent such activity. The Computer Misuse Act 1990 Section 1 is aimed at 'unauthorized access to computer material.' The complication arises as to whether the access is unauthorized given that the servers are connected to the public Internet."
The same difficulty applies to other sections of the Act, such as Section 3 which prohibits unauthorized modification of computer material or any activity that impairs the operation of a computer, he said.
The situation raises questions of what a server owner actually consents to by connecting the server to the Internet, Aikenhead said.