mirror volunteers needed

Greg Broiles gbroiles at well.com
Tue Oct 16 11:20:06 PDT 2001 

At 07:56 PM 10/16/2001 +1000, Julian Assange wrote:
>The anonymous push nature of the mirroring software. We can support
>non-unix pull mirrors too, provided there are enough push mirrors
>to feed from. The software could be ported to other operating
>systems without too much difficulty, but that's another project.

I get the impression this isn't exactly "mirroring" static content, but 
participating in a distributed publishing/retrieval system, a la Freenet 
and Mojo Nation or BitTorrent .. or maybe more like Gnutella or Kazaa .. or 
even Publius, which was nice but never seemed to catch on.

Is that correct?


> > The mirror would presumably need a fixed IP address. Are there any other
> > requirements?
>
>An ability to create mail-aliases, gpg, perl5, and a good sense of humour :)

What software are you using? Is it well-known? Debugged? Is the source 
available? (well, it's Perl, I guess..)

I don't mind mirroring Cryptome, but I'm pretty wary of installing other 
people's newly-hacked-up code in a [quasi-]production environment .. your 
proposal creates two kinds of risk. The first, which is relatively familiar 
by now, is content risk, from people angry about the content .. the second 
is the risk of security problems in the code or its 
configuration/installation, and that sounds like a bigger issue to me.

Why not just use one of the existing distributed systems for this content? 
If you put content in the Gnutella or Kazaa systems, you can give us 
filenames or search strings and then we just make locally cached copies and 
leave machines running (even crappy little windows boxes) to create 
dispersed hard-to-clobber-them-all content. If you put it in the 
Mojo/Freenet/BitTorrent systems, and make the URLs of the content 
publically available, helpful people can make local copies of all or parts 
of your files pretty easily, too.

Or, alternately, make just content available as a .zip or .tgz, and let 
others serve it using FTP/HTTP servers they're already familiar with.

If you can find a way to separate the content risk from the untrusted 
software risk, this project (whatever it is) might have a better chance of 
success.


--
Greg Broiles
gbroiles at well.com
"We have found and closed the thing you watch us with." -- New Delhi street kids

More information about the cypherpunks-legacy mailing list