RE: Hive's centralisation problem

avatar

You are viewing a single comment's thread:

What would you personally suggest we would use at PeakD instead of CloudFare? Open to suggestions. I'm not the programmer but would pass along suggestions in house.

We have limited development time going to a lot of things and usually feature development is highest on the list since in general hive is very very small and our goal is to develop a set of features that we can start marketing with.

so these issues you bring up are ultimately important but not presently highly important because as you stated they are theoretical issues (true as they are theoretically) but not present. Though it would be nice to see more diversification of nodes.

You missed a big one the blacklists the nodes use... they all are pretty much the same (pull from same source) meaning there is a big issue with centralization of blocking power. Now the proposal by @blocktrades for users (hopefully trusted ones) to create their own lists and choose what lists to follow could perhaps solve this issue.



0
0
0.000
2 comments
avatar

Well, I'm most in favour of a do it yourself method. Getting a server on a host with built in DDoS mitigation and rolling your own haproxy setup. Doing so will require having someone familiar with Linux and webserver management. I've set up servers like this before, although they're often set up to be far more protective of their origin IP than PeakD would need.

On top of that, Cloudflare tends to give website maintainers a false sense of security. However, it looks like PeakD has been properly configured as I was only able to find out that you use Hetzner for part of your infrastructure.

Also, worth noting, if you're using OVH as your host, they already provide built in DDoS mitigation.

If you need a CDN, there's plenty of those. You've got Rackspace, Akamai, Limelight, CDN77, and Amazon Cloudfront to name a few.

Also, blocklist sharing sounds good on paper but turns out horrific in practice. It's been done on Twitter before and ended up being a complete disaster. It'd be far better to implement some form of Trust Propagation, however it would be very difficult to do so in a way that scales well.

0
0
0.000