Decentralized Storage Comparison
mirimir at riseup.net
Thu Jan 31 17:55:54 PST 2019
On 01/31/2019 04:04 PM, Punk wrote:
> On Wed, 30 Jan 2019 20:51:44 -0700
> Mirimir <mirimir at riseup.net> wrote:
>> However, all of these distributed storage systems are similarly
>> vulnerable, more or less. You are potentially screwed if an adversary
>> can 1) peer directly with you, and get your IP address; and 2) send you
>> file fragments that are (even though encrypted) identifiable by hash or
> Well by running freenet or something like it you are guaranteed to store and forward fragments of 'bad'(LMAO) files. That's the basic design of the system. And that means an 'adversary' like the american nazi govt can persecute any freenet user if they so choose. They don't even need to explicitly send parts of an 'ilegal' file to a particular client.
Yes, they can probably calculate hashes for fragments of any files. But
generally, they do need to peer directly with you. Although some systems
enable request forwarding, and nodes can see the names of indirectly
connected nodes. But they can't see those IPs, just the IP of the node
that handled the forwarding.
>> If you didn't encrypt locally, they may find bad stuff (even
>> if only as temp files). And if you did encrypt locally, they may jail
>> you for contempt unless you reveal the passphrase(s).
> in other words, if you live in a police state you are fucked. There clearly is no crpytographic 'workaround' here.
Yeah, basically. Your only hope is not attracting attention.
>> So anyway, if you use any of these distributed storage systems, make
>> sure that you peer only with people you trust,
> that may be better but it's not too practical.
I agree. But it's what Freenet devs recommend. And not only is it not
practical for many new users, it's not very reliable. Because you have
no way to know which of your "friends" are state agents, or informers.
>> and make sure that you
>> encrypt everything, locally and in transit. And if you must peer
>> promiscuously, make sure that you obscure your IP address. Use a VPN, at
>> least. And better, use a VPN plus Tor or I2P.
More information about the cypherpunks