-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Preventing modified GDS #26
Comments
You can't prevent this. In which ways could a modified GDS instance harm the network? |
Mentoring Servers for Example, as you already wrote |
Mentoring Servers are servers you personally trust. |
Another Strategy is that we'll solve this Problem when it's there. I think that this Problem will appear... |
It will happen - but the question is if it has to be prevented. |
I hope that GDS ends up being a whole lot of protocols, and a "reference" implementation to go with it. I think it's important that other programmers should be able to write their own implementation of GDS if they want to. For example, let's say Google wants to provide GDS as part of a Google account. Or your ISP, as part of your subscription. I think it would be great if this was possible. If that's the route GDS takes, modified GDS is a feature, not a problem :) |
With decentrality come issues with trust. Developers of competetive online games know this issue too well - You can't trust anything that comes in over the network. One notable exception are 'trusted friends' that a instance owner trusts with defending their instances against malware and not expoiting that trust. From a security standpoint we should be very careful to not expose potentially harmful RPC interfaces to untrusted instances, one example of which is a proposed solution to the "instance discovery" problem that proposed to "ping" a GDS instance and notify other known instances. How could a potential attacker exploit this: "Wow, there's a GDS instance over there at tl;dr: security should always be kept in mind when developing decentral applications. |
It could be a huge Problem if GDS-Instances get modified to harm the whole GDS-Network.
We need a good way
The text was updated successfully, but these errors were encountered: