1. 20
  1. 4

    Does this mean it’s possible to just watch the DHT on IPFS and pull data people are inserting? It’s not encrypted in any way?

    1. 8

      That’s exactly what this is :)

      You’re free to publish encrypted content on the IPFS, but you aren’t obligated to.

      1. 6

        And I wouldn’t, since encrypted content on IPFS would be exposed to everyone and brute-forced eventually if anyone cared (once the cipher is broken in the future, etc)

        1. 3

          This is kind of my worry with IPFS. I wanted to have a “private” thing where I could also share with my family in a mostly-secure way (essentially, least chance of leaking everything to the whole world while still being able to access my legitimately-acquired music collection without having to ssh home). Turns out that’s not simple to set up.

          1. 6

            We ([0][1]) are trying to add encryption and other security enhancements, including safe sharing, on top of IPFS. Still pre-alpha though.

            [0] - https://github.com/Peergos/Peergos

            [1] - https://peergos.github.io/book

            1. 5

              You just have to add encryption on before transmission. IPFS is kind of a low level thing (Like how you won’t find any encryption in TCP because that comes later), It really needs good apps built on top to be useful.

              1. 2

                IPFS is a better bittorrent, which is designed to work very well as a replacement for the public web. Private sharing has different requirements – I use syncthing for a similar semantic in private.

                1. 1

                  Do you guys know about upspin ? What do you think of it ? One if its stated goal is security. But it seems to be at quite an early stage for now.

                2. 2

                  Interesting. I bet a lot of inserters aren’t aware. Sounds like a great opportunity for bots that:

                  • look for copyrighted/illegal content, the IP addresses of the nodes seeding them, automating contacting the ISP
                  • Scan for cryptocoin wallets/private keys
                  • Unencrypyted keepass backups, etc

                  More relevant to the article though, I like the Rust code. Very readable!

                  1. 5

                    IPFS is basically just a big torrent swarm. Doing that “copyrighted content scan” thing on the bittorrent DHT is already possible (and I’m pretty sure that’s how they send those notices already)

              2. 2

                By the way, this guide, and the crate it showcases, assumes that you have an IPFS node running on your localhost. It seems that setting that up and running it is out of scope for this guide.

                1. 2

                  Yeah, I didn’t go over that part because it’s quite easy to set up ipfs. Just get the package from your repos or download the binary (statically compiled Go).

                  After that it’s just ipfs init to initialize everything and ipfs daemon to run your local daemon.

                2. 1

                  By the way, if you actually run this, you’ll find some pretty wacky images. I think people only save the weird stuff, so everyone is curating for unusual-ness by default, and this is a fun way to tap into that zeitgeist. Getting an IPFS daemon going using nix-env is really simple.