What may happen, if uncomplete, unclear advices found ...

[Rollo62 502]

Hi there,

 

I just saw this advice from the website Softacom, about creating successful websites:

Quote

CDN
A Content Delivery Network is a network of servers placed at different locations for providing services to specific regions. In this case, the request/response is handled by servers based on the location, whereas a standalone server has to respond to all the requests as it is the only server available for services. In such a situation, the time for processing requests may increase. Thus, a CDN is a better option to increase the performance of the website.

 

While that is perhaps true, this article didn't mention the dangerous side-effects of CDN:

• At least in Europe, if you use CDN, e.g. Google Fonts, you can be sued by law firms for violating data protection laws.
  This can result in quite high penalties and fines.
   
• Furthermore, public liability insurers for companies may find a breach of their terms and conditions, due to increased risk, and cancel the contract or increase prices.

 

It is therefore advisable to also look at the commercial side of things, even if the technical advice is extremely plausible.

 

In addition to the commercial side, I have always been an advocate of using one's own server space instead of an external CDN in order to minimize access to external servers and perhaps even get better performance.

 

 

[David Schwartz 415]

Keep in mind that data moving over the internet rarely goes directly from the source to the destination; most of the time, it goes through a more-or-less unpredictable route that necessarily involves store-and-forward nodes that could be located pretty much anywhere in the world. In other words, that's exactly how the internet works already. Because of this unpredictability, static caches for data, and perhaps some logical processing, have been set up as nodes in CDNs that help reduce virtual end-to-end delivery times.  They are invisible to the source, and only come into play when a user somewhere makes a request of a site and there's a CDN that has cached the data and can provide a shorter delivery time. Why would the originators of said data (wherever they may be located around the globe) be held liable for local laws in every possible legal jurisdiction where their data might travel, and take an occasional break, on its way to any given consumer?

 

In the absence of CDNs, the data likely goes through MORE servers, that represent MORE sources of risk, and MORE likelihood of violating data protection laws. The difference is that the routing is less predictable (increasing risk) and is invisible to local governments unless they regularly demand that private companies cough up their server logs for analysis -- which I'm guessing is also illegal.

 

So I'm baffled by whatever point you're trying to make because it sounds like CDNs are seen as higher risk than how the internet works nornally, which is fairly random.

 

Also, I'm guessing you're located in Europe, since you mentioned that, and I'm curious how many of your "own server spaces" you have here in America and other countries you serve, "instead of an external CDN in order to minimize access to external servers and perhaps even get better performance."

[dummzeuch 1392]

10 hours ago, David Schwartz said:

I'm curious how many of your "own server spaces" you have here in America and other countries you serve

Rest assured that people and companies in Europe are fully aware of that topic. And even more: Due to some American laws even servers that are hosted in the EU but are owned by American companies or even companies owned by American companies may be questionable.

 

In theory that means that cloud services from Amazon, Microsoft, Google etc. are a no go for European companies. The reality unfortunately is very different, as even governments, universities and schools use these services, because lobbying has so far prevented that the laws are being applied.

[David Schwartz 415]

Maybe these countries should just go back to mandating dial-up access directly between computers in order to ensure the most secure connections. Oh, wait ... the phone systems aren't even secure. 

 

Sorry, I totally miss the point.

 

Maybe someone can explain to me what makes up a 100% secure data circuit, including caching of various time durations up to years, that everybody in the world could use and is not cost-prohibitive. We can proceed from there.

 

 

 

Edited May 13, 2023 by David Schwartz

[dummzeuch 1392]

31 minutes ago, David Schwartz said:

Maybe these countries should just go back to mandating dial-up access directly between computers in order to ensure the most secure connection.

If you say so, it must be right.

[Fr0sT.Brutal 897]

When even the empty page weights 1 Mb I guess there's no big sense in CDN's for fonts or libs. However they add one more point of possible failure.

[David Schwartz 415]

On 5/13/2023 at 5:32 AM, dummzeuch said:

If you say so, it must be right.

A lot of people today don't realize that the original TCP/IP protocols that most of the internet was built upon were designed by DARPA with the explicit design goal of having no single points of failure in order to survive multiple nuclear explosions in locations that would very likely house major data hubs. 

 

They were not concerned with hackers and spoofers and people who had neferious goals focused on hijacking user information and using it for illicit purposes. In fact, they never really imagned their possible existence. It would have been nice if they had.

 

The entire internet was based on a world-wide web of store-and-forward nodes connected by temporary circuits (eg, dial-up wire-lines at the time) that were neither permanent nor hard-wired. That was a "feature" baked into it for the purpose of surviving a nuclear holocaust. In fact, ham radio operators at the time were the first to come up with wireless transmission between nodes.

 

This isn't me saying this, it's DARPA and the people who designed the first four layers of the original 7-layer networking model: physical, data-link, transport, and networking layers.

 

Now, correct me if I'm wrong, but it seems that some political bodies in certain parts of the world want to stick their heads in the sand and pretend that this entire design is a mischaracterization, that the risks posed to user data carried on this network are unacceptable, and therefore the people who originate the data should be held liable for "bad actors" snagging the data in between its initial transmission and when it arrives at its destination, as if everything that's sent out is sent on a dedicated, highly reliable and hard-wired circuit having end-to-end security with no possible means of anybody intercepting the data in between. While that maybe the "ideal" scenario, it's far from current reality. The way the internet is designed is completly contrary to such a model and is unworkable -- neither in the face of a nuclear holocaust nor of modern-day data pirates and attackers. This is true regardless of my personal presence on this planet, or whatever my opinions might be.

 

Don't waste your time attacking the messenger! I had no part in either side of this mess. I just work with it.

 

 

Edited May 16, 2023 by David Schwartz

[dummzeuch 1392]

4 minutes ago, David Schwartz said:

Don't waste your time attacking the messenger!

I don't.

[Sherlock 632]

Granted, TCP/IP is not a real end-to-end connection. But the transferring nodes only get encrypted SSL traffic nowadays anyway. So that is a non-issue and has nothing to do with where real hosts and servers are located, and who is operating them. Politicians might be somewhat out of touch with reality, but in this case I am all for the GDPR.