You are viewing a single comment's thread.

view the rest of the comments →

0
2

[–] collegetoker 0 points 2 points (+2|-0) ago 

Why not just forego the server, make it p2p, and keep that 1 dollar a day for yourself?

0
2

[–] goatboy [S] 0 points 2 points (+2|-0) ago  (edited ago)

Advertising. How do we communicate with the public in a way that is simple, efficient, and broad? It is one thing to create a service. It is something else entirely to make everyone aware of and use that service.

Although, I think you have a very valid point. if we could build it like a p2p craigslist, maybe we could do away with a centralized server all together. We need some way for users to easily access and bid on a ride and have drivers nearby willing to perform the service. Maybe we could make it a bid per mile and drivers could set their minimum fee per mile, region willing to work in, and number of passengers and baggage willing to take. We could implement a rating system like ebay where users rate the experience after each use.

0
0

[–] Vailx ago 

There's several practical concerns with peer-to-peer. The internet has a bunch of things that make it kinda poor at peer-to-peer for things that need to be fully nonymous and verified. A person can have multiple IP addresses or accounts. An IP address or account can be controlled by multiple people.

When dealing with things like file sharing, this is generally ok- you can focus on the data itself being correct, and prove that with a very small subset of the data. You still run into problems with denial-of-service, but that is at least usually illegal (doesn't make it not happen, but if it were legal the internet would be shut down by the first guy who could profit from doing so), and can end up with parts of the DDOS bot not being as effective as others, etc.

So lets say it was peer-to-peer. I open the program, you open the program, they make a connection- either directly to each other, or through a few peers that pass the message along. You state that you are offering your services as a driver in location A, and I'm looking for a driver in location A. How do you know I'm legit? I could be, for instance, a taxi company looking to waste your time- a bot that generates random requests. You could also be a taxi company looking to waste my time- registering fraudulent drivers to destroy the service. The fact that there's no "central guardian" of this creates a big problem, because there's no one to basically ask the cops to patrol their network. There's also no "trusted agent" in this- someone to validate (and later exclude) me in some fashion if I'm malicious, and certainly no one to do a background check on a driver ahead of time. Also, what prevents an informational type actor from gathering up all the information that network has on every driver and customer? As it is peer to peer, compromised nodes can be used to make some kind of network attack.

Some of these problems could be mitigated, but never really eliminated. If you look at how many peer-to-peer networks were attacked- with spam (fake drivers, fake customers), faked connections, etc., you see a situation where one bad actor can have a disproportionate effect. In the cases of stuff like file sharing, you can at least generally automate the verification and blacklisting to some degree. Maybe that's just a technical problem in cases like this, but I suspect its somewhat of an insurmountable one.

0
0

[–] collegetoker ago  (edited ago)

Couldn't you resolve this with accounts attached to cryptographic signatures to ensure that users aren't abusing the system? Also if you're using credit cards as the payment method, couldn't you blacklist a card that has been shown to exhibit fraudulent activity? This same principle could be applied even if you are using a payment processor to convert dollars into bitcoin.

Also, you can check for mock locations (in android), preventing automated abuse.:

public static boolean isMockSettingsON(Context context) {
    // returns true if mock location enabled, false if not enabled.
    if (Settings.Secure.getString(context.getContentResolver(),
                                Settings.Secure.ALLOW_MOCK_LOCATION).equals("0"))
        return false;
    else
        return true;
}