Matthieu, PubSubHubbub is indeed beautiful :)
As for the the thundering herd problem. Technically (and by design!) Hubs are expecting to be way less numerous than subscribers... which means that the thundering herd problem is practically hard to achieve (as you've found by yourself) in a world where there are at most hundreds of 'open' hubs (which is the kind of world we live in and will probably live in for the foresable future). Some platforms like Wordpress or Status.net actually enable hubs on each install, but I do expect from them to actually be smart enough to filter the pings they get to only care about their very own feeds. I believe there is actually a cost at running a public hub (I know because Superfeedr runs many of them :p), which means that it's unlinleky that many many people (thousands) would do it.... julien On Sun, Oct 7, 2012 at 5:04 PM, Matthieu Rakotojaona < [email protected]> wrote: > Hello everyone, > > I am fairly new to the concept of pubsubhubbub, but I must say I really > like the simplicity of it. > The wiki [1] says that there is no thundering herd problems for > publishers. However, in the scenario where a malicious attacker publishes > the same url to a large number of hubs, they will all try to fetch new > content regarding the URL more or less at the same time. Is this not to be > considered as a problem ? > This point could be eliminated by hubs, if they have a whitelist of known > publishers and only receive a notification of new content for those > publishers. However, this is not feasible for public, general-purpose hubs. > > The same attack can be made towards subscribers, where a malicious > attacker sends a "subscribe" to a large number of hubs with the same > callback, leading each one to verify the subscription with the target at > the same time. Of course the target won't subscribe with any (except the > ones it was already registered), but will still have to process a large > number of requests, even for just a 404. > > In other threads on this mailing-list, I saw that you didn't expect more > than a few public PubSubHubBub hubs, so these scenarios wouldn't apply. > What if you were wrong and many companies started to run public hubs for, > say, traffic analysis ? Or, Planets[2], for instance, could benefit > implementing their own hub in addition to their own subscriber, for > redistributing updates. > > I may be completely wrong on some point, so I would like to know what you > think about it. > > [1] https://code.google.com/p/pubsubhubbub/wiki/ComparingProtocols > [2] https://en.wikipedia.org/wiki/Planet_%28software%29 > > Regards, > -- > Matthieu Rakotojaona >
