Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Political and Technical Implications of GitTorrent

CmdrTaco posted more than 5 years ago | from the distribute-this-sucka dept.

Programming 208

lkcl writes "The GitTorrent Protocol (GTP) is a protocol for collaborative git repository distribution across the Internet. Git promises to be a distributed software management tool, where a repository can be distributed. Yet, the mechanisms used to date to actually 'distribute,' such as ssh, are very much still centralized. GitTorrent makes Git truly distributed. The initial plans are for reducing mirror loading, however the full plans include totally distributed development: no central mirrors whatsoever. PGP signing (an existing feature of git) and other web-of-trust-based mechanisms will take over from protocols on ports (e.g. ssh) as the access control 'clearing house.' The implications of a truly distributed revision control system are truly staggering: unrestricted software freedom. The playing field is leveled in so many ways, as 'The Web Site' no longer becomes the central choke-point of control. Coming just in time for that all-encompassing Free Software revolution hinted at by The Rebellion Against Vista, this article will explain more fully some of the implications that make this quiet and technically brilliant project, GitTorrent, so important to Software Freedom, from both technical and political perspectives."

Sorry! There are no comments related to the filter you selected.

Davros, is that you? (4, Funny)

nategoose (1004564) | more than 5 years ago | (#25991695)

Reread the summary in Davros's voice, in creasing the volume and excitement as you get closer to the end. Come on -- it'll be fun.

Re:Davros, is that you? (1)

Clover_Kicker (20761) | more than 5 years ago | (#25991869)

Comic Book Guy voice would be better.

no central mirrors
What
So
EVER!!!!

Re:Davros, is that you? (3, Funny)

Tetsujin (103070) | more than 5 years ago | (#25992547)

Reread the summary in Davros's voice, in creasing the volume and excitement as you get closer to the end. Come on -- it'll be fun.

What happens when you crease volume and excitement? Is it like one of those Mad fold-ins? Like it'll work out to be "volent" or "exume" or something?

Re:Davros, is that you? (1)

wealthychef (584778) | more than 5 years ago | (#25992659)

What happens when you crease volume and excitement?

You get "exhume" and "vomit."

Re:Davros, is that you? (1)

inkhaton (938495) | more than 5 years ago | (#25992567)

Relating to this article. Just a suggestion but dont call this technology ***torrent because this is a sure way to align it with the already demonized bittorrent. Its almost like trying to start a new politcal party called the Mazi party.

Re:Davros, is that you? (1)

A nonymous Coward (7548) | more than 5 years ago | (#25992911)

Its almost like trying to start a new politcal party called the Mazi party.

Can we have politically incorrect Maziballs then?

This is why people don't take you seriously. (5, Insightful)

Anonymous Coward | more than 5 years ago | (#25991721)

The hyperbole makes you look like a frothing idiot.

Re:This is why people don't take you seriously. (0, Troll)

lkcl (517947) | more than 5 years ago | (#25992677)

oh _goodie_! i always wanted to be a _frothing_ idiot.

Re:This is why people don't take you seriously. (1)

nextekcarl (1402899) | more than 5 years ago | (#25992783)

I have half of that already!

Re:This is why people don't take you seriously. (1)

splat-boing (1406119) | more than 5 years ago | (#25992963)

I have half of that already!

which half? frothing? Or idiot?

Re:This is why people don't take you seriously. (5, Funny)

nextekcarl (1402899) | more than 5 years ago | (#25993039)

Well, I'm like an idiot-savant. Except for the savant part. So I guess the frothing part.

Re:This is why people don't take you seriously. (1)

ParanoiaBOTS (903635) | more than 5 years ago | (#25993003)

oh _goodie_! i always wanted to be a _frothing_ idiot.

Using underscores for no reason is most definitely helping

Serve Documentation from GitTorrent (5, Interesting)

ooglek (98453) | more than 5 years ago | (#25991753)

This is cool, your code can be free. But unfortunately you're still stuck with hosting the documentation on a central website of some sort. I'm hopeful someone will whip up a standard for hosting the documentation website. IE PHP + SQlite + GitTorrent docRoot == Distributed website. Now several websites could support any GitTorrent-hosted documentation. Go to any GitTorrentDoc-enabled website, type in the .torrent of the repository, and blam -- the server pulls it down (or has it already cached) and you can page through the fully-dynamic docRoot. Could even contain Trac or something, so all the bug tracking is also in the GitTorrent repository.

Re:Serve Documentation from GitTorrent (3, Insightful)

ooglek (98453) | more than 5 years ago | (#25991833)

Hmm. Except that the problem of SQlite being updated by two or more people at the same time would create problems. Unless BugIDs were md5 hashes, an insert would likely cause problems. And even md5 hashes have collisions, though pretty unlikely even if you have 100,000 bugs.

Re:Serve Documentation from GitTorrent (4, Interesting)

Beached (52204) | more than 5 years ago | (#25991933)

Use a GUID instead. There is an RFC http://www.ietf.org/rfc/rfc4122.txt [ietf.org] and its the same algorithm Microsoft uses. It's pretty much guaranteed to be unique if everyone follows the same process. They're used everywhere.

Re:Serve Documentation from GitTorrent (4, Informative)

lkcl (517947) | more than 5 years ago | (#25992135)

This is cool, your code can be free. But unfortunately you're still stuck with hosting the documentation on a central website of some sort.

no - you're not :) read the article [advogato.org] : it mentions that static content such as that generated by ikiwiki could perfectly well be generated by a locally-checked-out (gittorrent-distributed) copy of the documentation

extend that concept a little further (one step at a time!) and you have, as you rightly mention:

a standard for hosting the documentation website. IE PHP + SQlite + GitTorrent docRoot == Distributed website.

yes! although, to be much better, technically, you'd have a distributed SQL server - a peer-to-peer SQL server. there's a project that IngreSQL are keeping an eye on, called "d", that might show some promise, here.

Could even contain Trac or something, so all the bug tracking is also in the GitTorrent repository.

yes!

_now_ you're getting it :)

Re:Serve Documentation from GitTorrent (1)

Radhruin (875377) | more than 5 years ago | (#25992977)

There are already a few solutions for bug tracking in a git repository (here [github.com] is one example that also includes a minimalist web interface), though from what I've seen nothing really compares to hosted solutions as of yet. It's great for simple projects, though, especially when you're just starting out and want to keep track of todo items and such.

Re:Serve Documentation from GitTorrent (2, Insightful)

Free the Cowards (1280296) | more than 5 years ago | (#25992203)

What is it that prevents you from putting the documentation into git as well? Does git somehow refuse to store plain English text?

Re:Serve Documentation from GitTorrent (3, Funny)

Anonymous Coward | more than 5 years ago | (#25992695)

Yes, thats why there are no comments in the linux kernel

<ducks>

Re:Serve Documentation from GitTorrent (5, Informative)

PouletFou (1221320) | more than 5 years ago | (#25992349)

From TFA : The possibilities that GitTorrent opens up are just mind-blowing. Here are a few: * Imagine that an entire project - its web site, documentation, wiki, bug-tracker, source code and binaries are all managed and stored in a peer-to-peer distributed git repository. o To view the web site, you either go to the main site, http://web-site.org/ [web-site.org] or, if you are offline or want faster access, you go to the locally checked out copy.

If you ask me.... (4, Funny)

Chris Mattern (191822) | more than 5 years ago | (#25991765)

...there's too many gits on the internet *now*...

would be to tough to control versioning (0)

Anonymous Coward | more than 5 years ago | (#25991773)

this could make quite a mess, especially with malicious users.

Re:would be to tough to control versioning (2, Interesting)

LingNoi (1066278) | more than 5 years ago | (#25992377)

I'd be ok as long as you have the right keys..

Question is, how do you know which keys are trustworthy...

Why? (3, Interesting)

Rix (54095) | more than 5 years ago | (#25991799)

The primary purpose of peer to peer systems are to either avoid censorship or provide lots of cheap/free bandwidth.

Neither of these really apply to source code management. Hosting is easily sponsored and the files aren't very big anyway. Few projects will face censorship anywhere other than the most regressive regimes (ie, China or the US).

most regressive regimes (ie, China or the US)... (0)

Anonymous Coward | more than 5 years ago | (#25992117)

sad but true...

Land of the free... my ass.

Re:most regressive regimes (ie, China or the US).. (0)

Anonymous Coward | more than 5 years ago | (#25992517)

Really?! Your ass is now the land of the free.. Very inspiring. When can I move there?

Re:most regressive regimes (ie, China or the US).. (0)

Anonymous Coward | more than 5 years ago | (#25992819)

Yep. He gives up his ass freely.

Re:Why? (1, Funny)

Anonymous Coward | more than 5 years ago | (#25992121)

And so few people write code there, why even bother?

Re:Why? (1)

Chandon Seldon (43083) | more than 5 years ago | (#25992129)

Think of it as abstracting away servers, sort of like the "cloud computing" concept but from a different angle. At minimum, it gives you automatic load balancing between mirrors.

I'm not sure if this particular implementation is the greatest thing since sliced bread, but there are still a ton of areas where just adding distribution + pgp signatures will make the world a better place.

Re:Why? (4, Insightful)

lkcl (517947) | more than 5 years ago | (#25992239)

The primary purpose of peer to peer systems are to either avoid censorship or provide lots of cheap/free bandwidth.

the primary purposes _now_ are to avoid censorship and to provide lots of cheap/free bandwidth.

the last major upgrade of debian REDLINED the world's internet backbone infrastructure for a WEEK.

with the total linux usage only being - what... 1% of the world's desktop systems, and debian being a small fraction of that, the debian mirror system are ALREADY creaking under the load.

Neither of these really apply to source code management.

why not?

Hosting is easily sponsored and the files aren't very big anyway. Few projects will face censorship anywhere other than the most regressive regimes (ie, China or the US).

i don't _want_ "sponsorship". i don't _want_ my pet project hosted by a large corporation. i want it completely independent.

i want my web site content hosted and automatically mirrored across the world, along with its bugs database and its wiki all linked together.

i want people in the emerging markets and the third world to be able to have exactly the same kind of luxury that we do - and they DO NOT have "continuous access to the web site or access to the lovely sponsored hosting".

think much bigger and you will start to see why this is so damn important.

[Citation Needed] (2, Insightful)

Rix (54095) | more than 5 years ago | (#25992779)

Proof or it didn't happen.

Why don't you want your pet project hosted by a large corporation? You really just sound like you're whining about nothing.

I'm pretty sure neither Google Code nor Sourceforge discriminate against the third world.

Re:[Citation Needed] (1)

camperdave (969942) | more than 5 years ago | (#25993045)

I'm pretty sure neither Google Code nor Sourceforge discriminate against the third world.

But it could easily be the other way around. You could be a third world developer and have a great piece of software to share, say KQuicken for Linux, but you can't reach sourceforge because of your government's firewall.

Re:[Citation Needed] (2, Informative)

MMC Monster (602931) | more than 5 years ago | (#25993093)

Is sourceforge firewalled anywhere?

Also, I didn't know that the backbone was strained by a debian release. Did I miss the /. article, or was that not considered "news for nerds"?

Re:Why? (2, Insightful)

Anonymous Coward | more than 5 years ago | (#25992283)

"the files aren't very big anyway."

Speak for yourself. Ever work on a game or film project?

Doesn't really apply (1)

Rix (54095) | more than 5 years ago | (#25992809)

I don't see why you'd keep a film project in a SCM, and game art assets can be kept separate from the code anyway. SCMs won't track them very well.

Re:Doesn't really apply (1)

grumbel (592662) | more than 5 years ago | (#25993035)

I don't see why you'd keep a film project in a SCM

For the same reason you keep source in SCM.

SCMs won't track them very well.

Centralized SCM do quite fine, Git on the other side does rather horrible since it forces you to checkout the complete history of the project, not so much a problem with text files, but a huge issue with binary blobs, which don't diff well and thus don't compress. A 'git clone' can easily get 10 times as large as a 'svn checkout' for a project with lots of binary stuff.

Not going to change much (1)

LingNoi (1066278) | more than 5 years ago | (#25991849)

A website and bandwidth has never been a chokepoint, sourceforge and google code has for years provided bandwidth.

This is a problem in search of a solution.

Re:Not going to change much (5, Funny)

GCsoftware (68281) | more than 5 years ago | (#25991901)

This is a problem in search of a solution.

I believe you meant "solution in search of a problem."

Re:Not going to change much (5, Funny)

TheRaven64 (641858) | more than 5 years ago | (#25992213)

If it involves Git and Bittorrent then I suspect it is actually "two problems in search of a problem".

Re:Not going to change much (1)

LingNoi (1066278) | more than 5 years ago | (#25992461)

hah, yeah I bummed that up..

After looking it a little more it sounds like a good concept and I'd be interested to see how it turns out.

It wouldn't be that useful for projects though since projects rarely fork so there isn't much of a need to have the whole website, forum, etc in git along with it.

Re:Not going to change much (0)

genner (694963) | more than 5 years ago | (#25992467)

This is a problem in search of a solution.

I believe you meant "solution in search of a problem."

Why would you want a soultion in search of a problem? He had it right the first time.

bandwidth and a website in the FIRST world (2, Insightful)

lkcl (517947) | more than 5 years ago | (#25992305)

across most of europe, america and asia, internet access is near-unlimited.

have you considered the implications of receiving linux on a CD, and being cut off from the rest of the internet?

how would a group of 100 developers, or 1000 developers, or 10,000 developers - all of them "used to" the current levels of internet access and speed, cope in a situation where the access to the internet was restricted to intermittent 56k dialup?

Re:Not going to change much (2, Interesting)

sakonofie (979872) | more than 5 years ago | (#25993081)

From http://code.google.com/p/gittorrent/ [google.com] :

It might currently come across as a solution looking for a problem - and as one smart-ass with admin rights to the Google Code project reminds you on the source tab, "more alpha than the greek letter". The initial motivation was performance of downloads and in particular reducing load on kernel.org.

Not convinced this is a good idea yet? Oh don't worry it goes on:

That's one reason d'etre, but to those who argue that is insufficient justification for its existence, that Git is already fast enough - it is a first step towards applying decentralizing Peer to Peer concepts to Git.

BTW, an excellent way to convince someone a project really doesn't have a "reason d'etre" is insisting it has multiple "reason d'etre"s.

If you decentralize the download layer, it's just another small step before you decentralize the push rights and tie it to a web of trust such as PGP, and then you don't actually need discrete mirror sites. Every mirror can track the git repositories the owners want it to carry, and those authorized to sign updates can make signed updates to push the cloud forward.

You had me at performance and distributing bandwidth costs, and probably should have stopped there. Changing ownership of a project from those who control "The Web Site" to those "authorized to sign updates" doesn't do much for me.
And srly, "central choke-point of control"? As the parent suggested, can't just fork and start a project on source forge or google code?

I still use WANdisco (1)

vinnyjames (1330917) | more than 5 years ago | (#25991851)

it keeps everything in sync across multiple locations, provides access control, and works with all my user's existing clients / IDEs.

Re:I still use WANdisco (1)

adiposity (684943) | more than 5 years ago | (#25992701)

How's the speed?

Re:I still use WANdisco (1)

vinnyjames (1330917) | more than 5 years ago | (#25992921)

read speeds are almost identical. for writes there is a slight delay to get transactional agreement from a majority of the sites and then the write happens to the local server. the users can't tell the difference.

It amuses me (4, Interesting)

Reality Master 201 (578873) | more than 5 years ago | (#25991853)

The hyperventilation notwithstanding, what amuses me most is the fact that the project is currently hosted at Google Code.

Try meditation or something.

Re:It amuses me (1)

lkcl (517947) | more than 5 years ago | (#25992421)

ohmmmmmmmmmmmm

"i am at onnnne with the universe. i am greeeen!"

the project was found by accident: the author of the article and the project's authors are not related, in any way.

think of google code as a bootstrap mechanism: you have to get from here to there _somehow_, and if it wasn't for the old, you'd never get a leg-up into the new....

Piracy (-1, Offtopic)

Farmer Pete (1350093) | more than 5 years ago | (#25991877)

Software Freedom = Stealing? Any reason for a centralized torrent list site (even if it is technically decentralized physically) seems to only have one point...making itself immune to prosecution for doing illegal things. Yes, there are a ton of legit uses for Bittorrent, but all of these legit uses could be hosted on a website (much like torrents are today) without feat of prosecution. Am I missing something, or is this all about the piracy?

Re:Piracy (0)

Anonymous Coward | more than 5 years ago | (#25992169)

for example, when ubuntu makes a new release, their servers are usually hit pretty hard, if their servers go down, people can still distribute the iso using bittorrent and the more people that use it the faster it goes

Re:Piracy (4, Insightful)

compro01 (777531) | more than 5 years ago | (#25992523)

Observe the Ubuntu website this coming April when they release a new version and see if you still feel that a website is appropriate to the task. The site gets hammered so hard that it's problematic to even get the .torrent files directly from them, nevermind the ISOs, and it's not feasible to have that kind of bandwidth sitting around unused except for a few days every 6 months, nor is it currently feasible to get that much bandwidth on-demand for a website, but bittorrent allows for just that, as you're pooling the bandwidth of everyone downloading it. You can easily gets amounts of bandwidth that would cost tens of thousands of dollars to have in a conventional manner.

if your product is so useful (5, Insightful)

circletimessquare (444983) | more than 5 years ago | (#25991911)

you don't need the hype. linking it to the downfall of vista makes us laugh at you

just describe what it does, dryly, concisely, technically. if it is worthy of the hype, we will supply the hype for you

but when you supply the hype, we are inclined to believe there's not much really going on with your project. which might not be true. so change your tone, for your own sake

Re:if your product is so useful (0)

lkcl (517947) | more than 5 years ago | (#25992059)

GitTorrent isn't my project. and, if you read the description of the projecton its own, gittorrent looks utterly boring.

Read the article - which i _did_ write - http://advogato.org/article/994.html [advogato.org] - to get an idea of what the absolutely massive implications are.

whilst many people would be capable of making the same deductions, many people are not.

so, consequently, i thought it best to spell them out. not least so that other people who are _not_ as technically aware as you or i, who may be just coming in or out of university, can take a look at the list of inter-related projects listed on the original article, and go "cool!"

Re:if your product is so useful (-1, Offtopic)

Clover_Kicker (20761) | more than 5 years ago | (#25992127)

"whilst"?

Seriously?

Re:if your product is so useful (1)

zehaeva (1136559) | more than 5 years ago | (#25992315)

oddly enough him using such an archaic word didn't even register in my head, maybe I read too much Shakespeare? ~z

Re:if your product is so useful (1)

Emb3rz (1210286) | more than 5 years ago | (#25992511)

didn't even register in my head, maybe I read too much Shakespeare?

Same for me, except that it was playing Runescape what did it for me..

You RSers know what I'm talking about. :)

Re:if your product is so useful (1)

ipb (569735) | more than 5 years ago | (#25992409)

"whilst"?

Seriously?

Srsly

Re:if your product is so useful (2, Informative)

jeevesbond (1066726) | more than 5 years ago | (#25992455)

'Whilst' is still widely used in the UK.

Re:if your product is so useful (3, Insightful)

Jamie's Nightmare (1410247) | more than 5 years ago | (#25992435)

What you did was take a boring description and dumped in two whopping spoonfuls of hype. As if that wasn't enough, you put a spiteful cherry on top of the Slashdot submission.

This was my favorite part:

A government or an organisation decides that it doesn't want free software to be used, as it undermines their ability to exert "control".

Great. Not only do I have to worry about Chemtrails and controlled demolition conveniently disguised as terrorism, now I learn the government might want to keep me from getting my free copy of KOffice.

Re:if your product is so useful (1)

dedazo (737510) | more than 5 years ago | (#25992635)

gittorrent looks utterly boring

If the project has technical merits, like the GP said, all you need to do is explain what it is. This is Slashdot, not Digg. People will figure out whether or not the hype is deserved.

The only thing that "rebellion against Vista" bit got you was well-deserved dismissal and ridicule, so you ended up screwing up your valiant effort anyway.

Re:if your product is so useful (1)

elrous0 (869638) | more than 5 years ago | (#25992895)

Dugg down for not including the requisite flame or "OMG, this is so awesome!"

Wait, did you say this was /.? Nevermind.

Re:if your product is so useful (1)

drsmithy (35869) | more than 5 years ago | (#25993051)

whilst many people would be capable of making the same deductions, many people are not.

I think the word you're after here is 'paranoia', not "deductions".

I don't see GitTorrent offering any meaningful advantage. In any managed software project, the "choke point" is the person or person who decides what goes into a given relaese, not anything technical.

Pot calling kettle (0)

Anonymous Coward | more than 5 years ago | (#25992163)

I bet gittorrent takes over the world before you get that movie finished.

The Rebellion Against Vista (0)

Anonymous Coward | more than 5 years ago | (#25991977)

By rebellion, you mean waiting for whatever MS comes up with next while Linux and Mac get the scraps.

It may be hard for me to admit, but I'm running 2008 x64 server and I love it. MS will flog the vista code base into a useable desktop before gitwhatever changes anything.

re: (1, Insightful)

NigelT (1265592) | more than 5 years ago | (#25992013)

I could see this being used to distribute harmful source code...code that would otherwise violate the terms of service of such sites as sourceforge or Google Code. -- http://nigelt.blog.com/ [blog.com]

Re: Good point... (2, Funny)

hotkey (969493) | more than 5 years ago | (#25992873)

I could see this being used to distribute harmful source code

...for similar reasons, I suggest we make atoms illegal. It is a widely known fact that atoms can be used to make weapons and bombs. I don't understand why the government isn't doing anything about this. Also, I read somewhere that rapists and murderers are made of atoms.

What exactly have you been smoking? (5, Funny)

Anonymous Coward | more than 5 years ago | (#25992029)

Coming just in time for that all-encompassing Free Software revolution hinted at by The Rebellion Against Vista

Can you also point me to where the rainbow-powered unicorn factories are? I imagine they probably exist in the world you seem to live in, you insufferable twit.

Re:What exactly have you been smoking? (1)

Qubit (100461) | more than 5 years ago | (#25992909)

Can you also point me to where the rainbow-powered unicorn factories are?

They used to be here on Slashdot [cnet.com] ...

Color me stupid (1)

Enderandrew (866215) | more than 5 years ago | (#25992061)

But a central repository doesn't disappear when seeders disappear, and it is more easily controlled to protect commits. The magic of git is that I can easily have a private branch, and then easily merge it. But is this really a good idea?

Re:Color me stupid (1)

lkcl (517947) | more than 5 years ago | (#25992475)

there's nothing to stop an EXISTING site from being the one that publishes their "central" repository via gittorrent. in fact, that's the whole point - initially - of gittorrent: to take the load off the "central" repositories, currently utilising http mirroring.

but thank you - i will make mention of that, explicitly, in the article.

Security implications? (1)

zooblethorpe (686757) | more than 5 years ago | (#25992067)

The nice part about a repository hosted on a well-known site is (relative) confidence in the security of the code. If a repo is fully distributed, what's to protect against someone at a node adding malicious code? And, if something malicious is discovered in software you downloaded, how do you track it back to the source node?

Curious,

Re:Security implications? (1)

Sloppy (14984) | more than 5 years ago | (#25992253)

The nice part about a repository hosted on a well-known site is (relative) confidence in the security of the code. If a repo is fully distributed, what's to protect against someone at a node adding malicious code? And, if something malicious is discovered in software you downloaded, how do you track it back to the source node?

Wasn't that answered in the summary?

PGP signing (an existing feature of git) and other web-of-trust-based mechanisms will take over from protocols on ports (e.g. ssh) as the access control 'clearing house.'

Re:Security implications? (2, Informative)

TheRaven64 (641858) | more than 5 years ago | (#25992289)

As mentioned in the summary, PGP. Each branch will be signed with a PGP key, so if you trust the person who owns the key then you trust the code. If someone tampers with it, then they won't be able to sign it. You can still grab their branch, but only if you trust them.

Surpsise honey! Guess what I stole for you! (-1, Troll)

mumblestheclown (569987) | more than 5 years ago | (#25992081)

I couldnt quite figure out from the mindnumbingly hyped nonsense headline what it is the product actually does, so I'm just going to assume it's a way to "give" copyright infringing movies / music / software to others in yet another way that claims to stay one step ahead of the law. Furthermore, somebody in the comments will argue that it's a perfectly legitimate and convenient way to distribute linux ISOs. Was I close?

Re:Surpsise honey! Guess what I stole for you! (1)

togofspookware (464119) | more than 5 years ago | (#25992299)

> Was I close?

Not so much. Git is a revision control system. The linked-to project is about using BitTorrent to distribute Git repositories. The hype at the end of the summary is unrelated and can be totally ignored. It's not likely that anyone would GitTorrent for distributing movies or non-free software. It'd be possible, but silly.

Re:Surpsise honey! Guess what I stole for you! (2, Interesting)

pushing-robot (1037830) | more than 5 years ago | (#25992381)

Not at all.

Git is a means of sharing and tracking changes to source code for a software project. Formerly, you needed a central server to do that. Now, with GitTorrent, it can be distributed among individual machines.

GitTorrent is designed to lower the bar for starting a multi-person software project, making it easier and cheaper for developers to collaborate with each other.

As a side effect, since there's no central server, it will be difficult for an authority to take down or block GitTorrent projects. I suspect GitTorrent will be popular with people developing software that is politically or legally troublesome in their country.

Rebellion you say? (3, Insightful)

Jamie's Nightmare (1410247) | more than 5 years ago | (#25992157)

I would rather see a rebellion on Slashdot against articles that announced FOSS news as if it was predicting the second coming of Christ.

This story is in no way related the the Microsoft's (perceived) loss in market share, not to mention the fact that those who are dropping windows are moving to Apple, not Linux. But hey, gotta go for every low blow you can get while the news is still fresh, right?

Git over Freenet (1)

togofspookware (464119) | more than 5 years ago | (#25992167)

It's funny that this is at the top of the front page just now. Just a few minutes ago I managed to insert my first Git repository into Freenet (that is, the first Git repo that I have inserted into Freenet, but not my first Git repository). Since git supports cloning and pulling over HTTP, it already supports doing the same thing through FProxy (an HTTP proxy that allows you to browse Freenet's content as if it were regular websites).

What this doesn't allow you to do is *push* changes to other people's repositories. What you'd need to do in this case is have every developer insert their own git repository into freenet, which others could pull from, and then incorporate into their own repositories. So the accusation that really, truly distributed version control would allow other people to mess up your repositories is hogwash. If someone makes crappy changes, you don't pull from them.

In case you'd like to try it, the freesite for my program (it's a Ruby implementation of the Freenet Client Protocol, not terribly interesting by itself) is here: freenet:USK@IdWcgxE2jxySYQvAWac4LoGfnU~tGVm7xvRCgvyjp3c,bKLoSHTgen8TW6gQpemdCeh4SKCTwVM~qnOtKZyFY40,AQACAAE/TOGoSFCP/2/ . To git it, you'd just run

git clone http://localhost:8888/freenet:USK@IdWcgxE2jxySYQvAWac4LoGfnU~tGVm7xvRCgvyjp3c,bKLoSHTgen8TW6gQpemdCeh4SKCTwVM~qnOtKZyFY40,AQACAAE/TOGoSFCP/2/TOGoSFCP.git/ [localhost]

Of course, you need Freenet installed in order to be able to resolve that URL ~_~

Re:Git over Freenet (2, Informative)

togofspookware (464119) | more than 5 years ago | (#25992563)

I forgot to mention that hosting a repository in Freenet actually does have a couple of advantages over having it sit on your (or somewone else's) web server:

Files in freenet are distributed throughout the network, and persist as long as *someone* on the network still has the file.

If you are writing a program that government X doesn't like (for kicks, let's say you're living in China and you're developing a 'democracy simulator'), you can host the program in Freenet anonymously - Freenet is designed to make it extremely difficult for anyone to figure out who inserted a particular file, or even on what computers it is being stored.

Freenet also provides authentication. SSK/USK sites can only be updated by the person who has the insert key. So if you trust the guy that publishes freenet:USK@IdWcgxE2jxySY....nOtKZyFY40,AQACAAE/TOGoSFCP/2/, and you're reasonably sure that nobody else has an insert key, then you can trust that whatever gets put on that Freesite was really put there by him.

Trademark debacle waiting to happen. (2, Interesting)

eddy (18759) | more than 5 years ago | (#25992175)

BitTorrent Trademark Guidelines: [bittorrent.com] "Misleading or Confusing People. If you are using any of our trademarks in a way that will cause people to get the wrong idea about BitTorrent's involvement in something, you should stop! If you have some reason why you think your proposed use isn't misleading or confusing, let's talk."

What political implications? (1)

MikeRT (947531) | more than 5 years ago | (#25992225)

The only software that provides people with true political power to counterbalance that of others is software that gives them actual power in the political realm. That means software that can take control of resources or kill people and break things. You know what would be a program with political implications? A semi-sentient AI that a rebel group could use to infiltrate its government's command-and-control systems and intelligently make them target their own forces.

A distributed repository has no political implications that mirroring in general don't have already have.

Re:What political implications? (1)

lkcl (517947) | more than 5 years ago | (#25992515)

A distributed repository has no political implications that mirroring in general don't have already have.

China. Dubai. internet access is monitored and censored. In Dubai, if a mime-encoded download *happens* to have the letters "sEx" in it, it gets shut off.

Re:What political implications? (1)

richlv (778496) | more than 5 years ago | (#25993095)

darn. they can't read about sussex, england.
and they can't register at hostels/hotels/conferences where sex has to be specified (this actually happened at my workplace where some admin had set overzealous filters on his own).

Pontiac GitTorrent GTP (0)

Anonymous Coward | more than 5 years ago | (#25992227)

So is this a new car from Pontiac or something?

No responsibility (1)

Animats (122034) | more than 5 years ago | (#25992251)

This is an iffy idea for data that actually matters. The "torrent" type systems sort of work because they're willing to accept very poor data integrity in exchange for free music and video. Even that's going downhill, as more content shows up with logos, ads, and other various dreck tacked on.

When it doesn't work, or something gets lost, who do you blame?

Security is supposed to be through "signing". Who's signing what? Does everybody sign their own check-in, do servers sign collections of files, or what? How do you prevent the insertion of hostile code?

The problem with "web of trust" systems is that it's too easy to create phony identities on line, who then pretend to trust each other. Like link farms for search engine spamming.

Git already has GPG signing (1)

lkcl (517947) | more than 5 years ago | (#25992363)

read the article [advogato.org] : in it, you will see links to the fact that Git already has GPG signing on tags.

also, you will see references to KeyNote [columbia.edu] , aka RFC 2704 [ietf.org] . for convenience, i'm cut/pasting the top bit, here:

"Trust management, introduced in the PolicyMaker system [BFL96], is a unified approach to specifying and interpreting security policies, credentials, and relationships; it allows direct authorization of security-critical actions. A trust-management system provides standard, general-purpose mechanisms for specifying application security policies and credentials. Trust-management credentials describe a specific delegation of trust and subsume the role of public key certificates; unlike traditional certificates, which bind keys to names, credentials can bind keys directly to the authorization to perform specific tasks."

Point of Web of Trust (2, Informative)

autocracy (192714) | more than 5 years ago | (#25992531)

You're supposed to have a connection to the "web of trust" system. The system isn't meant to work based on the idea of, "Oh, there are a bunch of keys that have signed each other. Must be fine."

Hey lkcl (0)

Anonymous Coward | more than 5 years ago | (#25992275)

Hey lkcl! Having written the last words of the summary did you spontaneously come in your pants?

Oh, I'm sorry, I've just come.

Isnt that horse dead and stuff?! (1)

Phizzle (1109923) | more than 5 years ago | (#25992331)

Cool read up to the bagging on Vista part. Look, its really simple, my Vista PCs work, work fine and are stable, which is a hell of a lot more than I can say about my frigging Ubuntu box and laptop which had choked since 8.04 and forced me to reformat the box to Vista and laptop to BackTrack 3.

What about persistence? (1)

wealthychef (584778) | more than 5 years ago | (#25992693)

I don't know how this would work with software, as Bit Torrent files seem to have a half-life of sorts, so that older files might disappear. What ensures that the entire list of files expected is actually available, and how do you browse "the repository" for a project?

Re:What about persistence? (1)

lkcl (517947) | more than 5 years ago | (#25992849)

Persistence happens by mistake when people forget to clean out their gittorrent-backed git repositories.

the nice thing about using gittorrent is that you would end up with copies of the bits of source code and the binaries that YOU were interested in - and, consequently, so would anyone else.

so, if you were a maintainer of a project, you would be interested in hosting a "central" repository, just like is done now, keeping all the revisions of the software, but it would *happen* to also be _distributed_...

in many ways, you have to _forget_ what bittorrent is currently used for, and think a bit deeper about what it _can_ be used for...

I want a Choke Point of Control (2, Insightful)

jdh3.1415 (800944) | more than 5 years ago | (#25992703)

This sounds like a nice way to take the load off of the central servers. I don't think it will replace them or make them unnecessary.

From a technical standpoint, with Git, there's nothing about the central server that is unique. Instead, it's a social convention. Everyone knows where to get the code. Linus discusses this here. http://lwn.net/Articles/246381/ [lwn.net]

Perhaps, my imagination is failing; but, I don't think this will change. Most people want to go to a well known trusted place to at least get a secure hash of the code they are downloading.

For instance, the Debian distro is available via bit torrent. No sane person, downloads the latest Debian .torrent posted by 1337_KeRNeL_haxor on the pirate bay. They get it from debian.com or some other trusted site.

Also, we really need those central servers. Without them you'll constantly run into distribution problems. Just imagine having to post a message like,"Will someone PLEASE seed the repository. I need to grab the latest kernel."

Freak out the RIAA (1)

MarkvW (1037596) | more than 5 years ago | (#25992829)

This is a very legitimate torrent use that will frustrate the RIAA in its attempts to stamp out torrents.

promises to be (1)

baomike (143457) | more than 5 years ago | (#25992913)

right up there with
proposed
planned
we might get to it someday
we needed something to fill the hole

Dead project (5, Informative)

nniillss (577580) | more than 5 years ago | (#25993079)

Status, according to the project site, http://code.google.com/p/gittorrent/ [google.com] : Currently no-one is actively developing either this developed version or Jonas' C++ implementation.

The last project entries/downloads are from February 2008. Why such a hype over a dead/dormant project?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?