[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Possibly moving Debian services to a CDN

Am 13.10.2013 um 08:44 schrieb Tollef Fog Heen <tfheen@err.no>:

> The System Administration Team (DSA) are considering moving some of the
> static hosting that Debian currently provides from our infrastructure to
> one or more CDNs. We have received feedback indicating that a broader
> discussion is desired.
> [...]
> We appreciate feedback while we continue our investigation of CDNs.

Although I understand that there will be some benefits of using a CDN, I see some issues as well: 

1) Privacy concerns: Debian would deliver much more data to business companies than necessary. Keep in mind that personalized data is one of the most valuable things to data miners. Currently I choose one mirror site to pull my packages from. I can freely choose that mirror on basis of location, bandwidth, personal likes or, let's say, privacy reasons because I know that this specific mirror doesn't log my IPs. 
When using a CDN, at least in that way I understood your proposal, I'm not free to choose anymore. The company running that CDN will obtain all of data like how many machines are behind a subnet or IP, what kind of machines (intel, sparc, powerpc, m68k, ...) and might know if I forget to update a machine (security). 

2) Integrity concerns: although Debian uses signed package lists and hashed packages, using a CDN would raise the chances that there might be attack vectors by manipulating the traffic. Maybe not be the will of the running company, but there are other groups that might have interest and the power to intercept traffic and manipulating it. This is, of course, also true to current mirror sites, but a centralized CDN will be more convenient to such kind of attackers.

3) Surveillance concerns: together with 1) and 2) goes this one... Using a CDN would make it easier to secret services to collect data, because they have a single point where they can get all wanted data from instead of monitoring several providers and connections. 

4) Dependency concerns: as a project Debian should be as independent as possible. Using a CDN provider will create a big dependency to a specific company, although we might be able to shift companies from time to time. Using multiple CDN providers will mitigate that concern a little bit, but only to a certain degree. Having too many CDN providers will be as difficult to handle as now the many FTP mirror donators. So, there's some trade-off anyway. 

So, after all my strongest concerns are 1), 2) and 3), of course. I'm not a big fan of centralized solutions, but more a great friend of de-centralised ones. Having monocultures is always a bad thing and using large CDNs is driving that kind of monoculture. Diversity is enrichment and should be chosen whenever possible. 

Ciao...            //      Fon: 0381-2744150
      Ingo       \X/       http://blog.windfluechter.net

gpg pubkey:  http://www.juergensmann.de/ij_public_key.asc

Reply to: