occasionally useful ruby, ubuntu, etc



So I always have a lot of ideas bouncing around in my head. I think I'm going to try to write about them here before attempting to implement them, partly so I can just walk through the idea and get it down in writing.

On that note, one of my recent ideas was this idea of a "distributed webserver". Okay, great, turns out it's actually been done and/or researched before. But I hadn't quite found the idea I was thinking about. My idea was to have a [email protected] the same way you have [email protected] or [email protected] or BOINC. The goal would be to have a distributed webserver that ran on untrusted clients with full site rendering and database capaibilities, serving pages to users' browsers. Sounds like sort of a cool idea, right? Distributed stuff is always cool, plus you might actually get better end-user performance if you whip some geocoding into the mix (i.e. servers are picked based on proximity to user). To install on your server, you could download what would essentially be VirtualBox plus an image, and then run a bit of config and be good to go.

My inspiration for the idea is that it would be cool to be able to get a VPS for myself and sell the excess cycles/bandwidth/storage to web sites I like.

It is technically feasible, I believe. It would take some amazing coding to actually get working exactly as imagined, but I think it's possible. However, there are some serious flaws. The first and foremost flaw is, of course, security, since the clients are untrusted. This is possible in a couple ways.

* Any data stored on the server could be snooped by the owner of the server. This might not be such a terrible thing, but if your site even has so much as a registration feature, there could be issues with passwords or email addresses. This could be separated (separate database, not distributed), but there are other times when it might not be so simple.

* Doctoring information sent to the client. For whatever reason suppose I have malicious intent towards TheCompany. I install this distributed web server on my VPS, specify TheCompany as the service I'd like to help, and then proceed to magically sprinkle pr0n in all the content that I send out on behalf of TheCompany. Or redirect to my site or a competitor's site. Yes, I'm sure they'd really appreciate that.

So I thought of one solution: encryption! Unfortunately, this is not actually a good solution, since even in the case of full-disk encryption, either the data is stored unencrypted in memory, and/or the key to decrypt the data is stored unencrypted (obviously) in memory. In either case, you're trading performance for a small bit of security. And if have your encrypted data in the same space as someone else's VPS, they have all the time in the world to crack your encryption.

So much for that. There is still opportunity for distributed web servers with *trusted* hosts, but...that's not nearly as much fun. Oh well!

Filed under: idea, musing Leave a comment
Comments (0) Trackbacks (0)

No comments yet.

Leave a comment

No trackbacks yet.