Slashdot Mirror

← Back to Stories (view on slashdot.org)

Political and Technical Implications of GitTorrent

Posted by CmdrTaco on from the distribute-this-sucka dept.

lkcl writes "The GitTorrent Protocol (GTP) is a protocol for collaborative git repository distribution across the Internet. Git promises to be a distributed software management tool, where a repository can be distributed. Yet, the mechanisms used to date to actually 'distribute,' such as ssh, are very much still centralized. GitTorrent makes Git truly distributed. The initial plans are for reducing mirror loading, however the full plans include totally distributed development: no central mirrors whatsoever. PGP signing (an existing feature of git) and other web-of-trust-based mechanisms will take over from protocols on ports (e.g. ssh) as the access control 'clearing house.' The implications of a truly distributed revision control system are truly staggering: unrestricted software freedom. The playing field is leveled in so many ways, as 'The Web Site' no longer becomes the central choke-point of control. Coming just in time for that all-encompassing Free Software revolution hinted at by The Rebellion Against Vista, this article will explain more fully some of the implications that make this quiet and technically brilliant project, GitTorrent, so important to Software Freedom, from both technical and political perspectives."

52 of 208 comments (clear)

  1. Davros, is that you? by nategoose · · Score: 4, Funny

    Reread the summary in Davros's voice, in creasing the volume and excitement as you get closer to the end. Come on -- it'll be fun.

    1. Re:Davros, is that you? by Tetsujin · · Score: 3, Funny

      Reread the summary in Davros's voice, in creasing the volume and excitement as you get closer to the end. Come on -- it'll be fun.

      What happens when you crease volume and excitement? Is it like one of those Mad fold-ins? Like it'll work out to be "volent" or "exume" or something?

      --
      Bow-ties are cool.
    2. Re:Davros, is that you? by sesshomaru · · Score: 3, Informative

      Here's a clip for an example, for those unfamiliar:

      http://video.google.com/videoplay?docid=7026801162637347552&ei=eyc4SdWjOoL8rAKQiLiTDg&q=genesis+of+the+daleks+davros

      --
      "MIT betrayed all of its basic principles."
  2. This is why people don't take you seriously. by Anonymous Coward · · Score: 5, Insightful

    The hyperbole makes you look like a frothing idiot.

    1. Re:This is why people don't take you seriously. by __aasqbs9791 · · Score: 5, Funny

      Well, I'm like an idiot-savant. Except for the savant part. So I guess the frothing part.

  3. Serve Documentation from GitTorrent by ooglek · · Score: 5, Interesting

    This is cool, your code can be free. But unfortunately you're still stuck with hosting the documentation on a central website of some sort. I'm hopeful someone will whip up a standard for hosting the documentation website. IE PHP + SQlite + GitTorrent docRoot == Distributed website. Now several websites could support any GitTorrent-hosted documentation. Go to any GitTorrentDoc-enabled website, type in the .torrent of the repository, and blam -- the server pulls it down (or has it already cached) and you can page through the fully-dynamic docRoot. Could even contain Trac or something, so all the bug tracking is also in the GitTorrent repository.

    --
    TossableDigits.com: Temporary Phone Numb
    1. Re:Serve Documentation from GitTorrent by ooglek · · Score: 3, Insightful

      Hmm. Except that the problem of SQlite being updated by two or more people at the same time would create problems. Unless BugIDs were md5 hashes, an insert would likely cause problems. And even md5 hashes have collisions, though pretty unlikely even if you have 100,000 bugs.

      --
      TossableDigits.com: Temporary Phone Numb
    2. Re:Serve Documentation from GitTorrent by Beached · · Score: 4, Interesting

      Use a GUID instead. There is an RFC http://www.ietf.org/rfc/rfc4122.txt and its the same algorithm Microsoft uses. It's pretty much guaranteed to be unique if everyone follows the same process. They're used everywhere.

      --
      ---- aut viam inveniam aut faciam
    3. Re:Serve Documentation from GitTorrent by lkcl · · Score: 4, Informative

      This is cool, your code can be free. But unfortunately you're still stuck with hosting the documentation on a central website of some sort.

      no - you're not :) read the article: it mentions that static content such as that generated by ikiwiki could perfectly well be generated by a locally-checked-out (gittorrent-distributed) copy of the documentation

      extend that concept a little further (one step at a time!) and you have, as you rightly mention:

      a standard for hosting the documentation website. IE PHP + SQlite + GitTorrent docRoot == Distributed website.

      yes! although, to be much better, technically, you'd have a distributed SQL server - a peer-to-peer SQL server. there's a project that IngreSQL are keeping an eye on, called "d", that might show some promise, here.

      Could even contain Trac or something, so all the bug tracking is also in the GitTorrent repository.

      yes!

      _now_ you're getting it :)

    4. Re:Serve Documentation from GitTorrent by Free+the+Cowards · · Score: 2, Insightful

      What is it that prevents you from putting the documentation into git as well? Does git somehow refuse to store plain English text?

      --
      If you mod me Overrated, you are admitting that you have no penis.
    5. Re:Serve Documentation from GitTorrent by PouletFou · · Score: 5, Informative

      From TFA : The possibilities that GitTorrent opens up are just mind-blowing. Here are a few: * Imagine that an entire project - its web site, documentation, wiki, bug-tracker, source code and binaries are all managed and stored in a peer-to-peer distributed git repository. o To view the web site, you either go to the main site, http://web-site.org/ or, if you are offline or want faster access, you go to the locally checked out copy.

    6. Re:Serve Documentation from GitTorrent by Anonymous Coward · · Score: 3, Funny

      Yes, thats why there are no comments in the linux kernel

      <ducks>

    7. Re:Serve Documentation from GitTorrent by SanityInAnarchy · · Score: 3, Insightful

      Using sqlite would probably not work very well.

      For issue tracking, a better example would be ditz, which stores issues as plain text. YAML, actually, but close enough. Thus, rather than thinking about this whole separate layer of SQL transactions, you deal with changes to the bug tracker with the same tools you use for managing the code.

      For instance, rather than Trac's retarded behavior of refusing to let you modify an issue when someone else already has (and refusing to let you see their changes without opening a new tab), you'd let Git try to merge them, and fix it manually if necessary.

      PHP would not be a good idea, either, unless it was very well secured -- you'd probably want static files for your wiki, or a safer templating language (Markdown, etc). In fact, no need to make it a wiki -- again, just keep it flat, and use git as the mechanism for distributing changes.

      --
      Don't thank God, thank a doctor!
    8. Re:Serve Documentation from GitTorrent by Anonymous Coward · · Score: 3, Interesting

      I don't get it. How does this really make the development process any more free?

      Well, let's see... the repo is no longer in a single place, it's all over the place. One might conclude that removing access to such a repository might become slightly more difficult, with the proliferation of wifi, and the soon-to-be mesh networking. This has awe-inspiring possibilities for world freedom, nevermind simply software freedom.

  4. If you ask me.... by Chris+Mattern · · Score: 4, Funny

    ...there's too many gits on the internet *now*...

  5. Why? by Rix · · Score: 3, Interesting

    The primary purpose of peer to peer systems are to either avoid censorship or provide lots of cheap/free bandwidth.

    Neither of these really apply to source code management. Hosting is easily sponsored and the files aren't very big anyway. Few projects will face censorship anywhere other than the most regressive regimes (ie, China or the US).

    1. Re:Why? by lkcl · · Score: 4, Insightful

      The primary purpose of peer to peer systems are to either avoid censorship or provide lots of cheap/free bandwidth.

      the primary purposes _now_ are to avoid censorship and to provide lots of cheap/free bandwidth.

      the last major upgrade of debian REDLINED the world's internet backbone infrastructure for a WEEK.

      with the total linux usage only being - what... 1% of the world's desktop systems, and debian being a small fraction of that, the debian mirror system are ALREADY creaking under the load.

      Neither of these really apply to source code management.

      why not?

      Hosting is easily sponsored and the files aren't very big anyway. Few projects will face censorship anywhere other than the most regressive regimes (ie, China or the US).

      i don't _want_ "sponsorship". i don't _want_ my pet project hosted by a large corporation. i want it completely independent.

      i want my web site content hosted and automatically mirrored across the world, along with its bugs database and its wiki all linked together.

      i want people in the emerging markets and the third world to be able to have exactly the same kind of luxury that we do - and they DO NOT have "continuous access to the web site or access to the lovely sponsored hosting".

      think much bigger and you will start to see why this is so damn important.

    2. Re:Why? by Anonymous Coward · · Score: 2, Insightful

      "the files aren't very big anyway."

      Speak for yourself. Ever work on a game or film project?

    3. Re:Why? by BlowChunx · · Score: 2, Funny

      simple answer is to have debian update more often... ;-)

    4. Re:Why? by SanityInAnarchy · · Score: 2, Informative

      I don't see the need, though. Git is small and lightweight. Large-ish projects just work off of Github, which is fast enough. If the central repository goes down, you have other means (mailing list, etc) for getting back in touch -- granted, GitTorrent would do that for you, but it seems a premature optimization when a central repository works most of the time.

      --
      Don't thank God, thank a doctor!
  6. It amuses me by Reality+Master+201 · · Score: 4, Interesting

    The hyperventilation notwithstanding, what amuses me most is the fact that the project is currently hosted at Google Code.

    Try meditation or something.

  7. Re:Not going to change much by GCsoftware · · Score: 5, Funny

    This is a problem in search of a solution.

    I believe you meant "solution in search of a problem."

  8. if your product is so useful by circletimessquare · · Score: 5, Insightful

    you don't need the hype. linking it to the downfall of vista makes us laugh at you

    just describe what it does, dryly, concisely, technically. if it is worthy of the hype, we will supply the hype for you

    but when you supply the hype, we are inclined to believe there's not much really going on with your project. which might not be true. so change your tone, for your own sake

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
    1. Re:if your product is so useful by Jamie's+Nightmare · · Score: 3, Insightful

      What you did was take a boring description and dumped in two whopping spoonfuls of hype. As if that wasn't enough, you put a spiteful cherry on top of the Slashdot submission.

      This was my favorite part:

      A government or an organisation decides that it doesn't want free software to be used, as it undermines their ability to exert "control".

      Great. Not only do I have to worry about Chemtrails and controlled demolition conveniently disguised as terrorism, now I learn the government might want to keep me from getting my free copy of KOffice.

      --
      "When you see a unixer brainwashed beyond saving, kick him out of the door." - Xah Lee
    2. Re:if your product is so useful by jeevesbond · · Score: 2, Informative

      'Whilst' is still widely used in the UK.

      --
      I'm going to transform myself into a mighty hawk. Either that or I'll just go and work at Dixons, haven't decided yet.
  9. What exactly have you been smoking? by Anonymous Coward · · Score: 5, Funny

    Coming just in time for that all-encompassing Free Software revolution hinted at by The Rebellion Against Vista

    Can you also point me to where the rainbow-powered unicorn factories are? I imagine they probably exist in the world you seem to live in, you insufferable twit.

  10. Rebellion you say? by Jamie's+Nightmare · · Score: 3, Insightful

    I would rather see a rebellion on Slashdot against articles that announced FOSS news as if it was predicting the second coming of Christ.

    This story is in no way related the the Microsoft's (perceived) loss in market share, not to mention the fact that those who are dropping windows are moving to Apple, not Linux. But hey, gotta go for every low blow you can get while the news is still fresh, right?

    --
    "When you see a unixer brainwashed beyond saving, kick him out of the door." - Xah Lee
  11. Trademark debacle waiting to happen. by eddy · · Score: 2, Interesting

    BitTorrent Trademark Guidelines: "Misleading or Confusing People. If you are using any of our trademarks in a way that will cause people to get the wrong idea about BitTorrent's involvement in something, you should stop! If you have some reason why you think your proposed use isn't misleading or confusing, let's talk."

    --
    Belief is the currency of delusion.
    1. Re:Trademark debacle waiting to happen. by complete+loony · · Score: 2, Informative

      They've already renamed it MirrorSync and redesigned the entire concept to fit better into the way git repositories already talk to each other.

      --
      09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
  12. Re:Not going to change much by TheRaven64 · · Score: 5, Funny

    If it involves Git and Bittorrent then I suspect it is actually "two problems in search of a problem".

    --
    I am TheRaven on Soylent News
  13. Re:Security implications? by TheRaven64 · · Score: 2, Informative

    As mentioned in the summary, PGP. Each branch will be signed with a PGP key, so if you trust the person who owns the key then you trust the code. If someone tampers with it, then they won't be able to sign it. You can still grab their branch, but only if you trust them.

    --
    I am TheRaven on Soylent News
  14. bandwidth and a website in the FIRST world by lkcl · · Score: 2, Insightful

    across most of europe, america and asia, internet access is near-unlimited.

    have you considered the implications of receiving linux on a CD, and being cut off from the rest of the internet?

    how would a group of 100 developers, or 1000 developers, or 10,000 developers - all of them "used to" the current levels of internet access and speed, cope in a situation where the access to the internet was restricted to intermittent 56k dialup?

  15. Re:would be to tough to control versioning by LingNoi · · Score: 2, Interesting

    I'd be ok as long as you have the right keys..

    Question is, how do you know which keys are trustworthy...

  16. Re:Surpsise honey! Guess what I stole for you! by pushing-robot · · Score: 2, Interesting

    Not at all.

    Git is a means of sharing and tracking changes to source code for a software project. Formerly, you needed a central server to do that. Now, with GitTorrent, it can be distributed among individual machines.

    GitTorrent is designed to lower the bar for starting a multi-person software project, making it easier and cheaper for developers to collaborate with each other.

    As a side effect, since there's no central server, it will be difficult for an authority to take down or block GitTorrent projects. I suspect GitTorrent will be popular with people developing software that is politically or legally troublesome in their country.

    --
    How can I believe you when you tell me what I don't want to hear?
  17. Re:Piracy by compro01 · · Score: 4, Insightful

    Observe the Ubuntu website this coming April when they release a new version and see if you still feel that a website is appropriate to the task. The site gets hammered so hard that it's problematic to even get the .torrent files directly from them, nevermind the ISOs, and it's not feasible to have that kind of bandwidth sitting around unused except for a few days every 6 months, nor is it currently feasible to get that much bandwidth on-demand for a website, but bittorrent allows for just that, as you're pooling the bandwidth of everyone downloading it. You can easily gets amounts of bandwidth that would cost tens of thousands of dollars to have in a conventional manner.

    --
    upon the advice of my lawyer, i have no sig at this time
  18. Point of Web of Trust by autocracy · · Score: 2, Informative

    You're supposed to have a connection to the "web of trust" system. The system isn't meant to work based on the idea of, "Oh, there are a bunch of keys that have signed each other. Must be fine."

    --
    SIG: HUP
  19. Re:Git over Freenet by togofspookware · · Score: 2, Informative

    I forgot to mention that hosting a repository in Freenet actually does have a couple of advantages over having it sit on your (or somewone else's) web server:

    Files in freenet are distributed throughout the network, and persist as long as *someone* on the network still has the file.

    If you are writing a program that government X doesn't like (for kicks, let's say you're living in China and you're developing a 'democracy simulator'), you can host the program in Freenet anonymously - Freenet is designed to make it extremely difficult for anyone to figure out who inserted a particular file, or even on what computers it is being stored.

    Freenet also provides authentication. SSK/USK sites can only be updated by the person who has the insert key. So if you trust the guy that publishes freenet:USK@IdWcgxE2jxySY....nOtKZyFY40,AQACAAE/TOGoSFCP/2/, and you're reasonably sure that nobody else has an insert key, then you can trust that whatever gets put on that Freesite was really put there by him.

    --
    Duct tape, XML, democracy: Not doing the job? Use more.
  20. I want a Choke Point of Control by jdh3.1415 · · Score: 2, Insightful
    This sounds like a nice way to take the load off of the central servers. I don't think it will replace them or make them unnecessary.

    From a technical standpoint, with Git, there's nothing about the central server that is unique. Instead, it's a social convention. Everyone knows where to get the code. Linus discusses this here. http://lwn.net/Articles/246381/

    Perhaps, my imagination is failing; but, I don't think this will change. Most people want to go to a well known trusted place to at least get a secure hash of the code they are downloading.

    For instance, the Debian distro is available via bit torrent. No sane person, downloads the latest Debian .torrent posted by 1337_KeRNeL_haxor on the pirate bay. They get it from debian.com or some other trusted site.

    Also, we really need those central servers. Without them you'll constantly run into distribution problems. Just imagine having to post a message like,"Will someone PLEASE seed the repository. I need to grab the latest kernel."

  21. Debian GPG-signed Web of Trust by lkcl · · Score: 3, Informative

    debian has a keysigning process that creates a web of trust.

    http://www.chaosreigns.com/code/sig2dot/debian.html
    http://www.debian.org/events/keysigning

  22. [Citation Needed] by Rix · · Score: 2, Insightful

    Proof or it didn't happen.

    Why don't you want your pet project hosted by a large corporation? You really just sound like you're whining about nothing.

    I'm pretty sure neither Google Code nor Sourceforge discriminate against the third world.

    1. Re:[Citation Needed] by MMC+Monster · · Score: 2, Informative

      Is sourceforge firewalled anywhere?

      Also, I didn't know that the backbone was strained by a debian release. Did I miss the /. article, or was that not considered "news for nerds"?

      --
      Help! I'm a slashdot refugee.
    2. Re:[Citation Needed] by Prysorra · · Score: 2, Informative

      JFGIgger please.

  23. Re: Good point... by hotkey · · Score: 2, Funny

    I could see this being used to distribute harmful source code

    ...for similar reasons, I suggest we make atoms illegal. It is a widely known fact that atoms can be used to make weapons and bombs. I don't understand why the government isn't doing anything about this. Also, I read somewhere that rapists and murderers are made of atoms.

  24. Dead project by nniillss · · Score: 5, Informative
    Status, according to the project site, http://code.google.com/p/gittorrent/: Currently no-one is actively developing either this developed version or Jonas' C++ implementation.

    The last project entries/downloads are from February 2008. Why such a hype over a dead/dormant project?

    1. Re:Dead project by lkcl · · Score: 2, Interesting

      because it's the *only* project that links git with a p2p protocol. so, i'm interested in seeing it revived.

    2. Re:Dead project by shutdown+-p+now · · Score: 3, Insightful

      So, how about truthfully saying that in TFA, instead of blathering about the winds of change and the impending revolution?

  25. Re:Not going to change much by sakonofie · · Score: 2, Interesting
    From http://code.google.com/p/gittorrent/:

    It might currently come across as a solution looking for a problem - and as one smart-ass with admin rights to the Google Code project reminds you on the source tab, "more alpha than the greek letter". The initial motivation was performance of downloads and in particular reducing load on kernel.org.

    Not convinced this is a good idea yet? Oh don't worry it goes on:

    That's one reason d'etre, but to those who argue that is insufficient justification for its existence, that Git is already fast enough - it is a first step towards applying decentralizing Peer to Peer concepts to Git.

    BTW, an excellent way to convince someone a project really doesn't have a "reason d'etre" is insisting it has multiple "reason d'etre"s.

    If you decentralize the download layer, it's just another small step before you decentralize the push rights and tie it to a web of trust such as PGP, and then you don't actually need discrete mirror sites. Every mirror can track the git repositories the owners want it to carry, and those authorized to sign updates can make signed updates to push the cloud forward.

    You had me at performance and distributing bandwidth costs, and probably should have stopped there. Changing ownership of a project from those who control "The Web Site" to those "authorized to sign updates" doesn't do much for me.
    And srly, "central choke-point of control"? As the parent suggested, can't just fork and start a project on source forge or google code?

  26. Vista rebellion? by Vamman · · Score: 2, Insightful

    You mean someone else supports cleartype fonts now?

    I'm not a Microsoft fan but this shit about a vista rebellion has nothing to do with bringing two technologies together (that also have their warts).

    I'm petty sure the frustrated Vista users won't be benefiting from peer-peer distributed source code anytime soon.

  27. I call bullshit... by jnareb · · Score: 2, Informative

    I call bullshit and gross exagerration. First, GitTorrent lacks any implementation, there is only some code testing concepts in the GTP 0.1, the draft of protocol. Second, Git is distributed version control system by itself, and doesn't need GitTorrent for this: GitTorrent is meant only to distribute the load of initial clone and fetching large parts of history among peers (among clients), reducing load on the server it clones from; no more.

  28. Re:Color me stupid by tytso · · Score: 2, Informative

    A group of developers can start a private project without central hosting using git already, today. Look at the man page for "git-bundle". Git commits can already be exchaged via e-mail.

  29. Big Binaries: I hate them by hachete · · Score: 2, Insightful

    Given that a fair proportion of most of the firms I've worked for do not know how to use SCMS, a lot of the SCMS I've maintained contain rather large binary snapshots. Also, distributed firms. So this might be a useful tool if I could get people to use it. Which is unlikely.

    but the politics? In this case, leave it out. Just a distraction.

    --
    Patriotism is a virtue of the vicious
  30. My solution is very different by syousef · · Score: 2, Funny

    I always check my GIT repository into SVN for safe keeping ;-)

    --
    These posts express my own personal views, not those of my employer