[fpc-other] [fpc-pascal] Google Code closing down

Mark Morgan Lloyd markMLl.fpc-other at telemetry.co.uk
Sun Mar 15 12:27:21 CET 2015 

Graeme Geldenhuys wrote:
> Hello Mark Morgan,

If you /don't/ mind, the name is Mark Morgan Lloyd. The original Morgan 
Lloyd (strictly, Morgan Llwyd) was a churchman of considerable renown, 
and at some point my family adopted his name which persists to the 
current generation.

As far as the Git advocacy goes: frankly, old chap, I don't give a damn. 
My major criterion is the jurisdiction and laws (and de-facto 
regulations and conventions) under which a service operates, I'd prefer 
to use Subversion since that's what I'm marginally familiar with, but 
I've got nothing in particular against Git except that if you're typical 
of its users then perhaps I ought to have.

>> Losing Google Code is unfortunate, particularly after losing Berlios.
> 
> Yes, we agree on something. Gitorious will be lost soon too. It is sad
> seeing these services disappear and taking lots of open source software
> with them.

Thanks for the heads-up.

>> The obvious alternative for a small project would be to run an svn 
>> server as a parasite on a router: something like svnserve (possibly with
> 
> Again, a clear indication that you have NEVER used Git before. Git is
> infinitely faster and easier to setup.

You are very close there to quoting me out of context, which is 
something that I'm not prepared to tolerate. I agree that in-context, I 
could probably better have written

"The obvious alternative for a small project would be to run an svn (or 
git etc.) server as a parasite on a router: something like svnserve (or 
equivalent, possibly with an SSH wrapper) is pretty small. There's 
obviously the risk that the server will be lost, but if collaborative 
users are persuaded to pull and republish the entire repository (svnsync 
or whatever) that can be mitigated."

HOWEVER, the thing that I was trying to emphasise was the next 
paragraph, where I warned that from recent experience exposing SSH will 
result in undesired traffic, and even if Subversion (or Git, or anything 
else) has as good implicit security as SSH if it's considered to offer a 
potential entry point for hackers then /it/ /will/ be attacked.

If there are constant hacker attacks it will inflate the amount of data 
that passes through the routers (DSL, leased line or whatever) even if 
it's rejected by the firewalls, and this might attract ISP charges which 
are obviously highly undesirable. This could possibly be avoided by 
using an unfamiliar port, but at best this is "security by obscurity" 
and it has the disadvantage that published data probably won't be 
noticed by people like archive.org or Google.

-- 
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk

[Opinions above are the author's, not those of his employers or colleagues]

More information about the fpc-other mailing list