news.ycombinator.com
3 votes c/freepost Posted by robocop — 3 votes, 2 commentsSource

I don’t mean to criticize here, I just wish to share a thought, wondering how to make things better. Especially when I see this huge number, 190k accounts, that’s just 5% of their users. It could have been 20 times more accounts.

Let’s play the “What If” game. What it docker hub was decentralized/federated? (and if it already is, seems to be practically centralized, considering the huge number of users)

To copy here what I said on IRC, I think this was going to happen sooner or later. A hub of images that people download and trust blindly is a very juicy target. Other distribution systems such as distro repositories are indeed decentralized, so I think Docker should be too (disclaimer: I don’t know “how much” decentralized it is right now, but I assume very little). The real value of distros is that repositories are vetted by humans that act as a filter for what can get in. More decentralization would mean for me that this human filter could not be there anymore… which is not very appealing. However I’d certainly use a distributed/federated replacement for Docker or any distros repositories if there were a centralized, trusted index of free software. In that case all packages could be distributed via torrent/ed2k/ipfs etc.