The reasons for this are simple: I am starting a new project in the new year and unfortunately cannot put effort into it without removing something else--and with that, Canario has to go.
The decision has been quite difficult because it has taught me a lot about what I can do as a single individual, but at the same time it also taught me of my limitations. I’ve had a few people work with me on Canario over the course of the past four years, but the vast majority of its heavy lifting, maintenance, development, and research has been me and me alone. Overall it has been a tiring experience, but far from anywhere near a regret and really rewarding.
The journey towards ending it started around the summertime when I was playing around with the idea of rebuilding it to be more like other services such as HaveIBeenPwned. I like how Troy Hunt has gone and made it very simple but one aspect I’ve always found lacking about it was that using it for research purposes was very limited. Having said that, his goal isn’t to provide those capabilities but rather to help inform those of when their information has been compromised and or exposed.
As I had gone about in developing this this new capability, I had been sitting on an idea completely different from Canario but kept thinking about it as just a novel idea with little additional thought. However, in September, I found myself looking into the idea a bit further, doing some research into other similar things (I am being vague here yes) that were otherwise lacking in features. I came to the conclusion that this idea would be something worth pursuing. I can make it fund itself with a lot less effort and be able to get people involved with again a lot less effort.
Circling back, Canario has four big problems for me:
- The type of data I am working with is never uniform and never will be. Someone posting a data dump on Pastebin or any other service is going to almost always have it in some unique format where there may be similarities to past dumps, but never enough for me to just automate to near perfection.
- Getting exposed data that isn’t publicly available has so many complications. I have become pretty adept at finding this data, but trying to get people to come to me with that data in the same way others have succeeded has proven to be unsuccessful on my part.
- Trying to get others on-board to work with me has been difficult at best. I’ve had cases where people wanted to get involved but wanted to have strings attached or where they wanted to contribute data but I wasn’t permitted to sell access to it.
- Other people and organisations are doing a better job than me and will continue to do so.
The latter part is really more of a sore point as I have tried to reach out to people but being that by the time I had started to do this, there were others in the space already and trying to improve what I had already done was going to be difficult.
To add to this, I was funding the project out of my own pocket and contributing my free time, so in some ways I wonder if I was being blinded by my egotism to go about it my own way and not let others interfere. One of the difficulties I had overall was trying to come up with a model that would allow it to be self-financed, but every time I’d come up with a model that could work I found it to be very onerous and likely to be of no benefit in the long term.
Having said all that, Canario taught me database design dos and don’ts (and also taught me to hate MySQL and embrace Postgres), allowed me to speak at conferences, has gotten me cited in the media, and it even gave me an opportunity to speak at Facebook to talk about threat intelligence, a topic that I have a lot of mixed opinions about.
So what next?
First of all, when I do close off the service, it’ll just be a hard shutdown. As it stands right now, I have not added any new data since November 15th and I will be leaving it all in place until sometime on December 16th. All user accounts and associated data will be permanently deleted as I do not wish to hold on to this data any further. I’ll do my best to clear up any backup data I have sitting around but for certain the live data will be gone.
All data that has been collected will no longer be available via the site--so search and data viewing will cease to function. If there are requests for copies of the database (again, without user data), I’ll consider them but likely it will not be free and will be as-is--if you plead your case on the “not free” part I’ll hear it.
Second of all, I am starting a new project and I am trying to get others involved. It’s not a pure information security project but at the same time it’s the core aspect of it. I want to make it easier for schools and small businesses to be able to do specific things. Additionally, Canario will continue as a legal entity, acting as a parent to the project.
Obviously right now I am being a bit hush-hush on this idea of mine, but if you’re interested in working with me on this and understand networking and cryptography, let me know--there’s your hint to what I am working on. Aspects of it are going to be open-source.