A mini project for your enjoyment -
A self hosted annotation supporting pastebin alternative using ipfs and genius
You’re right that a lot of web security features go out the window. Top of the list is any CSRF protections.
I wouldn’t log into a service or do anything trusty over an ipfs gateway… Gateways are more a neat hack than the meat of ipfs.
What about the custom domain thing? Is it a redirect or does the browser actually know that it’s a separate domain? (Basically, has anyone tried this yet?)
Yes, that would put some of the security back for some visitors depending on how they visit the site.
If you want to get familiar with IPFS and related internet technologies, your time would be much better spent grabbing the client and jumping in that way. IPFS is a fundamentally different way of approaching the internet that focuses on what you’re getting over who you’re getting it from.
I’ve always shyed away from IPFS for that very reason. Figuring out where to get something based on a file hash sounds computationally hard and overall just slow. I can’t imagine anything like that running on phones, laptops, etc without destroying all hopes of good battery life and reasonable performance.
Maybe it does work, though. I just downloaded it on my laptop and it got warm very fast, but files I tried to get loaded reasonably quickly.
So Clouldfare wants to help decentralisation by… making it more centralised?
if they are adding ipfs nodes, who cares? you can always run your own gateway if you don’t like it.
Does more nodes help IPFS, or is it more nodes that pin content that is more useful? The pull model, where data sits at origin unless pinned, seems like originators of the data would always have the problem of how to distribute it so as not to face the “thundering herd” of initial requesters.
As far as I know the protocol doesn’t actively push blocks around, the various nodes have to request and pull them. That only happens if a client requests the block to the node. The protocol also doesn’t provide incentive for the nodes to keep the data around. I don’t know what is the default retention logic on the actual nodes.
In practice what this translates to is that there isn’t much guarantee for data to stay around. Typically a client will want to get the data over HTTP and only address a single gateway (like the CloudFlare one) so the only copies would be in the serving node (your laptop / server) and that single gateway. If your laptop disappears, CloudFlare will probably flush it’s cache at some point and your page will have disappeared entirely.
Hopefully in the future the browsers will be talking IPFS directly and store local copies. That way the network would become much more resilient to data loss.
a nice system might be a provider where you pay upfront the lifetime price of hosting something with storage costs extrapolated into the future.
Files should probably devalue over time or maybe be maintained financially by people who want to access them. Eternity is a long time for a single payment.
I believe that the IPFS authors realized the issue with the protocol and that https://filecoin.io/ is one of the answer that they could come up with.
I guess it does make sense. If the Internet does shift to become more decentralized, Cloudflare would want a piece of that pie as well. Worst case nobody uses this service and they close it eventually, and best case they just future-proofed their business.
I also think that having them run an IPFS node is pretty helpful. If there’s a way to translate a website addressed proxied by Cloudflare into a file hash, it would help decentralization.
Anyone tried using ipfs with fuse under OpenBSD?
(Official build instructions for OpenBSD disable fuse for now: https://github.com/ipfs/go-ipfs/blob/master/docs/openbsd.md)