
Show HN: IPFessay – Publish uncensorable essays to IPFS - StavrosK
https://gitlab.com/stavros/IPFessay
======
jstanley
For context: IPFS is a distributed content-addressable storage system that is
web compatible. If you want to learn how to use IPFS directly (i.e. without
using and trusting a public gateway), start with the Getting Started guide:
[https://ipfs.io/docs/getting-started/](https://ipfs.io/docs/getting-started/)

(I'm not the OP, but) If you want to use IPFessay without installing IPFS, you
can use it on my hardbin.com public writable gateway (most gateways are not
writable) at:

[https://hardbin.com/ipfs/QmQUrYJ6sCSDV6duC4Db7U8NXZG3DpNrVF7...](https://hardbin.com/ipfs/QmQUrYJ6sCSDV6duC4Db7U8NXZG3DpNrVF77XtcrbWYiJY)

and the sample essay:

[https://hardbin.com/ipfs/QmWFSuFDaApxK6DaBzEXdSXhb325fQY1hHn...](https://hardbin.com/ipfs/QmWFSuFDaApxK6DaBzEXdSXhb325fQY1hHn7Jc32DS77UK)

And if you want your resulting essay to stick around, you can pay a service
like ipfsstore.it to pin it for you:
[http://ipfsstore.it/](http://ipfsstore.it/)

EDIT: It doesn't actually work on my public gateway because it uses the IPFS
node API instead of the standard writable gateway API. I'll submit a pull
request to make it use the normal writable gateway API tomorrow.

EDIT2: StavrosK has updated it to use the gateway API! I updated the hash link
so it does now work :)

~~~
StavrosK
Hey, thanks! Can we make it use your API by default, or perhaps as a fallback?

I'm not sure what the difference between the Node API and the Gateway API is,
I had to hack around this by reading the js-ipfs code. If there's a better way
to interface with the gateway without including the entire js-ipfs 2.5 MB
file, please let me know.

~~~
jstanley
It's not my API, it's the standard IPFS writable gateway API, documented here:
[https://discuss.ipfs.io/t/writeable-http-
gateways/210](https://discuss.ipfs.io/t/writeable-http-gateways/210)

And there's an example usage here:
[https://github.com/jes/hardbin/blob/master/js/hardbin.js#L25](https://github.com/jes/hardbin/blob/master/js/hardbin.js#L25)

There is currently a bug which means you first need to DELETE the filename (in
my case "content") that you are trying to replace if it already exists, but
apart from that it is straightforward.

I started fixing the bug here [https://github.com/ipfs/go-
ipfs/pull/3931](https://github.com/ipfs/go-ipfs/pull/3931) but ran out of
steam - hopefully I'll continue soon.

~~~
StavrosK
Sorry, I meant your gateway. Thanks for the documentation, I had no idea this
existed. I'll have a look, but if you already know how to use this API and
would like to issue a MR, I'd be grateful.

EDIT: I have updated it to use the Gateway API, thanks for letting me know.

~~~
jstanley
Excellent! I updated my comment.

> Here's the permanent, immutable IPFS link to your essay: >
> /ipfsQmZo1JgakWB2ZYrA75P3b7eZxvwP1vKpDw2y7WJJhj8j7p

There's a "/" missing in here :)

~~~
StavrosK
Fixed, thanks! I have taken the liberty of linking things to hardbin.com,
including the IPNS link:

[https://hardbin.com/ipns/QmSWnBwMKZ28tcgMFdihD8XS7p6QzdRSGf7...](https://hardbin.com/ipns/QmSWnBwMKZ28tcgMFdihD8XS7p6QzdRSGf71cCybaETSsU/)

Thanks for your help!

------
dublinben
IPFS isn't "uncensorable" and shouldn't be promoted as such. Nodes must openly
host your content for it to be available in the network.

~~~
jstanley
Everybody on the network is a node. As long as anybody who is hosting the
content (even implicitly, in their cache) is online, it remains reachable.

~~~
Klathmon
Doesn't that create some legal issues?

By viewing some of these IPFS links higher up in the thread am I
"distributing" their contents in the eyes of the law?

~~~
jstanley
Unlikely. Even if you saw something "bad", you have a perfectly reasonable
explanation. I don't think it'll be a problem.

~~~
roywiggins
I mean, people have had doors kicked down for operating Tor exits.

[http://www.npr.org/sections/alltechconsidered/2016/04/04/472...](http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-
a-dark-web-volunteer-gets-raided-by-the-police)

> Seattle police spokesman Sean Whitcomb says the department understands how
> Tor relays work, and they knew Robinson was a Tor host.

> "Knowing that, moving in, it doesn't automatically preclude the idea that
> the people running Tor are not also involved in child porn," Whitcomb says.
> "It does offer a plausible alibi, but it's still something that we need to
> check out."

------
amelius
Starting from May 18, 2018, the EU will enforce "the right to be forgotten".

Will it be illegal to run IPFS servers within the EU?

~~~
diggan
Running IPFS by itself does not mean you're hosting all content in the IPFS
network. Rather, you need to explicitly agree to share content for it to be
served.

If you are hosting certain content, I guess someone can approach the node
owner and request you to take the content offline. But nodes outside EU could
still host the content.

~~~
StavrosK
> Rather, you need to explicitly agree to share content for it to be served.

Hmm, how do you do that? My node is sharing all content in its cache by
default, AFAICT.

~~~
diggan
Accessing content puts it in the cache, which would be removed when `ipfs repo
gc` is run (or automatically at certain points). However, content that is
pinned will survive the GC, which is the explicit approval of content that
should be seeded for as long as the node exists (or until you run `ipfs pin rm
$HASH && ipfs repo gc`)

~~~
StavrosK
Ah, by "all content" you meant " _all_ content", I see. Yes, but "explicit
agreement" is just "loading the content", so it's not _very_ explicit.

------
ysleepy
Does it enforce Cross-Origin Policies?

Since the addresses are just path components and not subdomains this may be an
issue.

It's just a feeling this might get relevant, especially with PUT/POST write
API and so on. Even just running on localhost might pose issues.

~~~
StavrosK
Does what enforce it? The browser does, that's why you need to set CORS on
your local node for it to work. What's the scenario you're thinking of?

~~~
ysleepy
Different authors and documents are considered part of the same domain since
the tokens are just path elements. The whole IPFS gateway might be considered
one big domain.

So javascript in an essay can access/put the API.

I didn't really look into it too much, just wanted to give a pointer that this
might need to be considered. In the sense that it might have security
implications.

~~~
StavrosK
No, you're right in this, if you have it enabled, any app can put stuff to
your endpoint. The people of IPFS are working on fixing this problem, but I
personally think that the risk is low enough. Maybe I'm just not creative
enough in thinking about attacks, though.

------
TazeTSchnitzel
These are only as “uncensorable” as any other IPFS object, right?

Which is to say, not very. IPFS isn't even encrypted right now.

~~~
StavrosK
Yes, they are.

Although, how is IPFS censorable? As long as you can connect to a node, you
can retrieve its content. You'd have to prevent connection to the entire
network to censor something (minus the encryption that you correctly stated).

~~~
TazeTSchnitzel
> You'd have to prevent connection to the entire network to censor something

That's not necessary if you can perform deep packet inspection or a MITM
attack on IPFS traffic, which there's nothing to stop you doing right now.

~~~
StavrosK
There's nothing to stop you _now_ , but that's just because there's no
encryption. Once encryption is implemented, this will be harder/impossible to
do (especially since it's trivial for a client to verify that the content it
got for some hash is correct).

~~~
TazeTSchnitzel
Perhaps it'll be a great system if or when that happens. But it is a stretch
to call it “uncensorable” when it isn't, and clearly hasn't been designed for
it.

~~~
StavrosK
I don't know, when censorship entails deep packet inspection between _all
pairs of nodes on the internet_ , I'm good with "uncensorable" as a shorthand
for "practically impossible to censor unless you control the entire internet".

~~~
tscs37
You don't need to control the entire Internet.

See: Firewall of China.

You only need to control the big fiber paths of which there aren't many. Of
just in general the exit and entry points between countries.

The Internet is not an open mesh.

~~~
StavrosK
Even with the firewall, you can't control what's going on inside of China, and
you only need one node inside to fetch something from the outside, and that's
it.

~~~
tscs37
You can certainly control incoming traffic to china.

And once inside, you are subject to extreme government spying which can easily
mean that everyone who gets a hold of unallowed content "vanishes".

Furthermore, this is an issue not even encryption can fully solve, you still
need to do a key exchange which means you need to either find a source of
trust in the other side via sidechannels (aka PKI, TOFU or similar) or you
allow everyone to easily intercept the data without much effort (aka skip-
verify on TLS)

The internet in china is not lacking in surveillance and censorship.

This is an issue that even Tor is still chewing on a lot, afaik plain Tor
connections in China are not very welcome and even blocked.

So unless you claim that your crypt and security is better and more
battletested than Tor, I'd say IPFS is anything but censorship resistant.

~~~
diggan
You can always have a USB-stick with the IPFS repository on it, and travel to
china, setup your node within and start sharing it. People can trust the data
is correct as they request the data based on the hash.

Another way to distribute once the data is within China is to do it via
private networks built with cjdns or similar

~~~
tscs37
This assumes that your USB stick doesn't get checked on the airport.

Secondly, people can exactly not trust the data because there is no way to
trustlessly get those hashes to begin with from within IPFS and you get back
to normal HTTP which... is censorable.

Lastly, this also assumes that the one running the node is not arrested
either.

>Another way to distribute once the data is within China is to do it via
private networks built with cjdns or similar

Which again, assumes cjdns and other methods do not get people into possibly
lethal trouble or aren't censored/outright blocked to begin with.

edit: You also forgot about the government blocking IPFS within their own
country.

------
camdenlock
So, is IPFS more than Freenet + a fresh coat of 2017 paint?

~~~
diggan
Yeah, I would say the biggest difference is in how content gets reshared. With
Freenet, content gets reshared by nodes as soon as it enters the network, and
users are unaware of what content exactly they are sharing.

While IPFS is not implicitly pushing content but nodes needs to request
content and then reshare it.

~~~
STRML
This is very important, because it removes some of the most prevalent
criticisms about Freenet. If you don't agree with some content (re: legality
or any reason you wish), don't access it/share it. Freenet doesn't give you
that choice, but IPFS does.

------
VMG
I don't think "essays" are in great danger of being censored on the internet.

~~~
sp332
Germany has been raiding homes over Facebook posts. Right now they're
considering a law to fine social media companies who don't remove certain
posts within 24 hours.
[https://www.nytimes.com/2017/06/20/world/europe/germany-36-a...](https://www.nytimes.com/2017/06/20/world/europe/germany-36-accused-
of-hateful-postings-over-social-media.html)

Twitter already blocks known Nazi accounts in certain countries.
[https://twitter.com/map/status/869594711991963653](https://twitter.com/map/status/869594711991963653)

~~~
StavrosK
And you don't have true freedom of speech unless you allow speech you disagree
with... I wonder how we got to the current "speech is free unless you're
someone we don't like" society, and I say this as someone who dislikes Nazis.

I want to write a post on tolerance one of these days, and how tolerating
things you like isn't really tolerance.

~~~
schoen
> how tolerating things you like isn't really tolerance

This idea was presented in section 1 of

[https://slatestarcodex.com/2014/09/30/i-can-tolerate-
anythin...](https://slatestarcodex.com/2014/09/30/i-can-tolerate-anything-
except-the-outgroup/)

~~~
StavrosK
Yes, I had read that, it's a very interesting piece. I had some more thoughts
on the matter, but that article is definitely worth a read.

