Techrights

Time to Remove gmnisrv, Its Developer is Busy Attacking People Instead of Patching Security Flaws

Posted by Roy Schestowitz on Oct 28, 2024

Microsoft Attack Dogs Don't Scare Us
Mumble (and Murmur), an End-to-end Encrypted (E2EE) Communication Tool for Voice (Group Chats Included), Likely Withstood Over a Decade Without Security Flaws
HTTPS image: Agate for Gemini Protocol

4 years ago (almost exactly!) this site became available in plain text form. Then came bulletins, IPFS, and finally Gemini Protocol in the early weeks of 2021. We always used Agate for that. The sister site temporarily used another server, where the Gemini stuff got served by Drew DeVault's gmnisrv, which "is no longer maintained." See, Mr. DeVault is busy launching sites that defame the founder of GNU/Linux instead of writing or maintaining software (or improving SourceHut, making it robust to DDoS attacks). For more information see drewdevault-report.org or the more detailed DeVault report. This post isn't about the person but the software, which is now abandoned.

HTTPS: Drew DeVault
↺ HTTPS: gmnisrv
making it robust to DDoS attacks
see drewdevault-report.org
↺ HTTPS: DeVault report
HTTPS image: gmnisrv

Agate generally works well for us and never had any security breaches. Agate itself had vulnerabilities found; they were promptly patched every time. "The Agate [AppArmor] profile has been running since early this year," an associate reminds me, "also with no errors/warnings, also knock on wood."

We've only ever used Agate and gmnisrv, so we cannot comment on any other servers for Gemini.

Geminispace itself is growing; which Gemini server will dominate? We don't know. There's a wide range of them. This page has a list of 35 different Gemini servers. █

Geminispace itself is growing
↺ HTTPS: This page has a list of 35 different Gemini servers
HTTPS: █
HTTPS image: Gemini Servers
gemini.techrights.org