Re: [Sks-devel] Cease of operation: *.gnupg.pub

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Cease of operation: *.gnupg.pub

From:	Travis
Subject:	Re: [Sks-devel] Cease of operation: *.gnupg.pub
Date:	Mon, 23 Apr 2018 10:43:24 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0

On 04/23/2018 10:24 AM, Franck Nijhof wrote:
> Hi there,
> 
> Via this message, I am announcing the cease of operations on the servers: 
> *.gnupg.pub.
> 
> I have started this experiment some time ago and have enjoyed it pretty much 
> and reached my goal; Getting my server in the pools most of the time,  by 
> getting the highest possible score (without HA).
> 
> The time has also come to make some confessions. Those scores my server got, 
> are not real. I have studied the code running the pools quite a bit and 
> discovered quite a few flaws in it. Which I successfully exploited to get a 
> higher ranking, resulting in my pretty low budget VPS to be in multiple pools 
> almost all the time. I am not going to expose those flaws right here. 
> Nevertheless, I do think it is pretty severe that this system is that easy to 
> manipulate. Even worse; I did not even get into doing extreme things since 
> that was not necessary at all.
> 
> With all due respect, the code running the SKS pools and website are in a 
> pretty sad state. In my humble opinion the code should be made public on a 
> decent open source platform (e.g., GitHub), refactored and exposed as much as 
> possible in order to gain feedback and improvements from other developers. 
> While doing that, add some decent CI/CD as, including some static code 
> analysis tooling.
> 
> Don't worry; the data is not being exploited at all. Nor did peering with me 
> had any effect on your services. That was never my intention of this little 
> project.
> 
> Thank you for learning me so much from GPG and the inner working of the SKS 
> pools that are so important to the GnuPG community and its users.
> 
> With kind regards,
> 
> Franck Nijhof

The code is available at:

https://bitbucket.org/skskeyserver/sks-keyserver/overview
https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=summary

It'll be great to have your contributions to help improve the project.

Travis

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Cease of operation: *.gnupg.pub, Franck Nijhof, 2018/04/23
- Re: [Sks-devel] Cease of operation: *.gnupg.pub, Travis <=
  - Re: [Sks-devel] Cease of operation: *.gnupg.pub, Franck Nijhof, 2018/04/23
    - Re: [Sks-devel] Cease of operation: *.gnupg.pub, Valentin Brandl, 2018/04/24
    - Re: [Sks-devel] Cease of operation: *.gnupg.pub, Kristian Fiskerstrand, 2018/04/24
    - Re: [Sks-devel] Cease of operation: *.gnupg.pub, Franck Nijhof, 2018/04/24
    - Re: [Sks-devel] Cease of operation: *.gnupg.pub, Kristian Fiskerstrand, 2018/04/24

Prev by Date: [Sks-devel] Cease of operation: *.gnupg.pub
Next by Date: Re: [Sks-devel] disk space
Previous by thread: [Sks-devel] Cease of operation: *.gnupg.pub
Next by thread: Re: [Sks-devel] Cease of operation: *.gnupg.pub
Index(es):
- Date
- Thread