SoylentNews is people
SoylentNews
from the where-will-they-store-the-source-code? dept.
Chris Ball, about whom I know very little, gave a talk to the Data Terra Nemo conference on 23/24 May in Berlin. From the conference site, I gathered the following: "Data Terra Nemo is a technical conference for discussing the ideas behind systems and protocols without centralized ownership and how they impact the landscape of the Internet".
Chris gave a presentation regarding a decentralized git repository which he has dubbed 'GitTorrent'. His notes, which he describes as an 'aspirational transcript' of the talk, take the story up:
Why a decentralized GitHub?
First, the practical reasons: GitHub might become untrustworthy, get hacked — or get DDOS'd by China, as happened while I was working on this project! I know GitHub seems to be doing many things right at the moment, but there often comes a point at which companies that have raised $100M in Venture Capital funding start making decisions that their users would strongly prefer them not to.
There are philosophical reasons, too: GitHub is closed source, so we can't make it better ourselves. Mako Hill has an essay called Free Software Needs Free Tools, which describes the problems with depending on proprietary software to produce free software, and I think he's right. To look at it another way: the experience of our collaboration around open source projects is currently being defined by the unmodifiable tools that GitHub has decided that we should use.
So that's the practical and philosophical, and I guess I'll call the third reason the "ironical". It is a massive irony to move from many servers running the CVS and Subversion protocols, to a single centralized server speaking the decentralized Git protocol. Google Code announced its shutdown a few months ago, and their rationale was explicitly along the lines of "everyone's using GitHub anyway, so we don't need to exist anymore". We're quickly heading towards a single central service for all of the world's source code.
So, especially at this conference, I expect you'll agree with me that this level of centralization is unwise.
The talk continues in the first link at the start of this summary.
Original Submission
(Score: 4, Insightful) by janrinok on Sunday May 31 2015, @07:09AM
But perhaps those people are not the target use case? We know about western states wanting to break encryption standards to give them access to anything they want, we know that shutting down those who refuse to play ball with government requests is not something that some nations will think twice about. So the value of this system might be that those who are bright enough to be writing the next clever piece of code are more than capable of using both Git and torrents, and they will benefit because their source code cannot magically disappear or become worthless because of the possibility that the only source is contaminated. If a TLA wants to control the source code, they will have to be able to control each and every distributed git repository because, if they don't, they cannot be sure that they 'control' anything. They haven't managed to do that with other torrents, have they?
End users don't need to know about torrents - they can install packages or programs the same way that they have always done so. Whether those packages are secure or not will not change - but the end user who doesn't know enough to to use torrents probably doesn't care about security of the packages. As long as they can access emails, create and watch videos, and publish cat photographs they will be happy. But those who have decided that there might be a better way than having a society with no privacy whatsoever can have more faith that any code that they produce will exist in so many places it would be hard for a TLA to exert total control. This is not a perfect solution, but perhaps it is a step in the right direction?
[nostyle RIP 06 May 2025]
(Score: 1) by KGIII on Monday June 01 2015, @05:42AM
That may work to some extent (I would still worry about security and things like authentication as well as replication and versioning) but it appeared that the intent was for end-users... Hmm... I like the way you are headed with this line of thinking though. I will ponder it and see what I come up with. I wonder if a more traditional P2P may be the solution? I will ponder.
"So long and thanks for all the fish."