Most people aren't running IPFS nodes, and IPFS isn't seen yet as a valuable resource by censors. So they'll probably just block the whole domain, and now people won't know about or download IPFS.
We saw this progression with GitHub in China. They were blocked regularly, perhaps in part for allowing GreatFire to host there, but eventually GitHub's existence became more valuable to China than blocking it was. That was the point at which I think that, if you're GitHub, you can start advertising openly about your role in evading censorship, if you want to.
But doing it here at this time in IPFS's growth just seems like risking that growth in censored countries for no good reason.
Lots of different attempts at keeping the vision of "sum total of human knowledge" on the web. :)
I like wikipedia, but I always felt like it was missing crucial pieces of information to make it the "sum total of human knowledge." For example, I can look at the articles for ISO_31-11, Spheres, and Sphere Eversions, but I don't think that information alone is enough for me to go from "society of post-apocalyptic 'we lost how to do math'" to "we can prove sphere eversion is possible once again." I chose this example because I'm shit at math and never learned much of it anyway so I can maybe be considered a mad-max post-apocalyptic uneducated peon? Anyway point is I think there's the crucial "teaching" step missing.
Perhaps with a collection of a great deal more articles together, the result "prove eversion is possible" can be taught, but missing for example the ISO_31-11 article alone would make it monumentally difficult, I feel.
Presuming such a thing ever gets done, an archival copy of Wikipedia + the Wayback Machine pages Wikipedia references would then make a pretty good "sum total of all human knowledge."
Sure, with sufficient time you could recreate the knowledge with brand new engineers but you'd be rediscovering lost information.
Much less far than he actually went, given that Euclid is known solely for compiling existing work. There's not so much reason to do that when it's already been done and you're happily reading the compilation.
It's like saying the formalization of continuity by Weierstrass and Bolzano was compilation because prior mathematicians had already been working with the concepts.
As in, that's a more accurate descriptor(?)
Should Youtube, have refrained from using copyrighted material that contributed to their popularity, given it greatly increased their chances of success compared to the other nascent video sharing sites at the time?
Was reddit.com, wrong for using sock-puppets accounts to kickstart content when they were starting out?
Some will say it's always wrong to use 'x' in a strategy no matter what. Others would argue that while 'x' might be a bit evil, it's necessary to ensure survival, and will result in a greater good (ie the service being useful to millions vs extinction) in the long run.
There's a saying, cutting off the nose to spite the face. That could apply here.
Maybe look at it from a different point of view, if to someone in Turkey trying to access wikipedia it makes a difference then it's already a success.
It's a question of where you want to dray the line, and maybe the consequentialist drawing the line when ipfs takes over the world and gets 3 billions daily users is far fetched.
From the get go the exploitation of illegal content (and other shady tricks) was made for the sole purpose of personal profit and had no intent on making the world a better place.
In other words youtube has been evil from the start, with evil intent, using evil tricks as part of an evil agenda. There was no room for ethics there.
Unless proven otherwise, IPFS seem to not have such a nefarious purpose even to work towards a greater good, due to its nature will hardly ever be made up for sell and has to leverage different mechanisms due to being a protocol and not a website in need of registrations.
Napster was rarely categorised as 'evil' except by 'big content'. In the music industry there was compulsory licencing which enabled it's successor - Spotift. There was nothing similar in video.
Those trying to circumvent censorship leverage the fact that most countries can be modeled as at least somewhat rational actors. For a rational actor, censorship is a delicate balancing act. But this also means those interested in circumvention are also in a balancing act.
Ignoring your tone, it seems to me that you're drawing a false comparison (however to be clear, this isn't the reason why I'm downvoting). Chris's comment recognizes the importance of critical mass of adoption in network effects. He's pointing out that at this stage in its development, censoring governments would have no need to strong-arm IPFS. Simply blocking their domain is much lower profile and as such, much lower risk.
In this scenario there's no point at which "being docile" or "being strong" comes into play. If you think otherwise, then I'd argue that you may be mistaking the primary goal of the effort in question to be an open protest, rather than providing residents of Turkey access to censored information. I think you'd agree that the primary goal is for IPFS to give the people of Turkey Wikipedia, and while it might be nice if they also gave the Turkish government a big bold middle finger in the process, that's not in service of their primary goal.
If you accept that premise, then I'm not sure how you can take this idle musing from Chris and construe it to be evidence of how he'd behave when being legally strong-armed by a government while at the helm of KeyBase. The situation upon which that conclusion would be predicated just simply isn't represented in his original comment.
Finally I'd argue that if this is of critical concern to you, then why are you trusting a third party with your key storage in the first place?
'cjbprime (cjb on Keybase) is an employee of Keybase; he's a different Chris from 'malgorithms (chris on Keybase), who's a founder.
I will now ensure my business persona does not overlap with my personal one and avoid technical discussions where i could otherwise contribute.
We're in a dark political period right now, this stuff is deadly serious. There's 110,000 people that have been detained in Turkey, they're not waiting for a future resistance, they need one right now. Stop spreading FUD about censorship resistance.
He(?) said that drawing attention to yourself while vulnerable is risky. Nowhere did he say anything about being less secure. Arguably it's the same security with more utility - better to be secure and available only to a few (because of limited advertising) than to be equally secure, and available to none because you got blocked early.
Now that last point is definitely arguable, and I think that's what you want to do, but that argument has no connection to the security of the information. Even if you think vocal advertising as an anti-censorship platform is the greater good, it doesn't make the information any more secure.
So what am I missing that explains your vehemence?
For example, when you receive a NSL - do you pull a Lavabit and close shop, or do you backdoor your users?
Given the domain of keybase - this questioning is entirely warranted.
And while we're here. Cjbprime, do you have any NSL's? And what's your policy on warrant canaries?
It's quite a leap to assume that - the poster said nothing of the sort, and saying "I don't want to get shut down so I can help people against censorship" is very different than "I care more about staying open than helping people against censorship"
I'm not saying it's impossible, but I certainly wouldn't assume it
If IPFS is blocked and the people that need anti-censorship tools can't use it then they might as well not have bothered.
I mean what difference does it make if it's 10,000 or 1,000,000 that cannot use it because it's blocked ?
But that's not even the true compromise in this case, because you could have used any other, less network-fragile tool to accomplish the same goal. You could have called up Obi Wan (Freenet) or Yoda (Tor), but instead you handed the job to the ten-year-old kid.
Your house is on fire and the firemen tell you they will not come to help because if they do they may not be able to deal with potential houses on fire in a not so distant hypothetical future ?
We don't currently have a censorship-resistant way to get Wikipedia to Turkey, at all. IPFS is not it, because there's no reason for Turkey not to censor all of IPFS. There is no alternative to IPFS that Turkey won't censor, either.
If IPFS wants to become it (which is a good goal that we should pursue), it first needs to become used / useful enough that Turkey won't be able to censor all of IPFS without significant economic damage to the country.
As said before, it needs to be used/useful to many normal people (like a previous example of GitHub) before there it requires too much political will to effectively block.
(I'm having trouble figuring out exactly how IPFS presents itself at the network layer, and whether an IPFS connection over TCP/IP is noticeably different from some other normal connection type, so I genuinely don't know the answer to this question. It looks like it uses SPDY over TLS, but maybe something in the certificate gives it away?)
I don't know how to make this work with IPFS' P2P approach: a request for www.google.com with a destination IP of some residential Turkey customer looks awfully suspicious. I suppose it's workable if App Engine has a colo inside Turkey.
That means nodes can soon use the Websockets transport to connect to a domain-fronted node (this part already works), which then acts as a relay.
They're still doing the right thing, no doubt.
That's certainly a plausible hypothesis, but without evidence, definitions of words like "weak" and a proper wash through the scientific method, I'm not convinced we can make conclusions like that at this point in time.
It's certainly a more defensible claim than the completely irrelevant ad hominem you made about Keybase being "docile in the face of evil". Why was the commenter's employer relevant to the discussion?
Behavior like this makes people think twice about even trying to engage with the crypto-loving, privacy conscious, free-speech market segment, because even trying to do anything in that direction is met with abuse.
Blind ideology-driven attacks without any kind of strategy may make your hind brain feel all tingly, but they are routinely squashed like a bug by the censorship apparatus, which has plenty of resources to block IPFS at the protocol level.
Rational strategy is not "being docile in the face of evil". It's just not openly marching into battle against a vastly stronger adversary who was only dimly aware of your existence.
Given the exposure and that this is Turkey, the IPFS project may be making the right call here, but strategy, not blind ideology, is the way to make those calls if you want to win.
Force is tilting the balance of power to your side by gathering advantages. Warfare is the Way of deception. Therefore, if able, appear unable; if active, appear inactive; if near, appear far; if far, appear near.
If your enemies have advantage, bait them; if they are confused, capture them; if they are numerous, prepare for them; if they are strong, avoid them; if they are angry, disturb them; if they are humble, make them haughty; if they are relaxed, toil them; if they are united, separate them. Attack where your enemies are not prepared; go to where they do not expect.
This strategy leads to victory in warfare, so do not let the enemy see it. - Sun Tzu, The Art of War
Relatively speaking, I'd say 'our enemies' are extremely strong. Probably best avoided (for the moment) if the overall objective is victory.
If this prediction turns out to be mistaken, will you acknowledge it publicly?
However the benefits of content addressing are so great in terms of performance that I doubt it is possible to prevent it.
IPFS is approaching the issue from the opposite direction of course, but the two are so tightly coupled that I doubt there will be much risk.
IPFS is most likely to fail for any technical problems it may have.
More importantly, I doubt the censorship-efficiency gains would be improved much by banning IPFS, since nobody really uses it yet, and I suspect selling the "anti-censorship" angle will get more non-anti-censorship adopters (i.e. people who just use it for performance gains) in non-Turkey places, compared to staying silent on the anti-censorship angle of IPFS. And more widespread non-Turkey adoption means more pressure on Turkey to allow IPFS.
Relevant CGP Grey video: https://www.youtube.com/watch?v=rStL7niR7gs
How does that make any sense ? ipfs is still available to install from github, ditribution repository and other places. IIANM blocking the ipfs.io doesn't block the protocol.
Moreover the Streisand effect shows that attempt at online censorship has the opposite effect and actually draws more attention to it making your point dubious.
No, that is not what was said.
What was said is, if you're going to claim to be able to circumvent censorship, actually be able to circumvent censorship first. There are connections (HTTPS to GitHub was a specific example that was given) which cannot be censored without significant collateral damage to the GDP of the country. IPFS is not yet one of them. IPFS should become one of them, and then make these sorts of claims.
It's on HN. Most relevant people will know about IPFS soon :)
I think that's overstating the importance and prominence of HN on a whole bunch of different axes.
I'm not sure it's ever advisable. Most users will figure it out and get the word out anyway. Best for the company to focus its advertising on the other ways it provides value.
There's a lot to be said for letting the government save face when they choose to back down, and shouting about how you defied them isn't always a great plan.
Same point was raised about Tor changing its mission (https://twitter.com/torproject/status/635856569201246208), because it makes it vulnerable to states where "human rights", democracy etc. is associated with US propaganda.
It is better to advertise IPFS, GNUNet and FreeNet as a cache layer instead of censorship resistance. CDNs are used usually used due to domain fronting application. Censorship has hard time trying to convince CDNs to block particular sites and services (Signal) and it can't block just like 30% of the internet because of one "violation". But any CDN that advertises itself as VPN or some sort of censorship resistance service is easy to block.
I would never had found and supported freenet if it was advertised as a cache layer, I would be surprise if the larger population would even comprehend what a cache layer is and how it could help them defeat censorship.
Changing Tor to explicitly say "human rights" makes it a red flag in oppressive countries where they may claim these words mean "Western propaganda!". Previously anyone caught with Tor can say they're a network researcher or whatever, now anyone caught with them can be charged with "spreading Western propaganda".
Just like if a torrent client would advertise themselves as a way to get pirated content. Anyone caught with the software can probably be easily convicted of copyright infringement, because they actually have software that advertises itself as copyright infringement software.
In other words, if someone from Turkey (or China or wherever) uses IPFS to bypass censored content, wouldn't it be trivial for the Turkish/Chinese/etc government to make a list with every single person (well, IP) that accessed that content?
While with IPFS, the only data shared from your node, is data you explicitly agreed to share. So data is not implicitly available on the network, people have to agree to help share it.
In simpler terms, it's every bit as traceable as traffic over the network it travels. Its primary advantage is, thus, not being tied to any particular network.
Pinning prevents garbage collection, and is opt-in per piece of content.
ipfs pin add QmT5NvUtoM5nWFfrQdVrFtvGfKFmG7AHE8P34isapyhCxX
For example, it's easy to create nodes on both the open Internet and the private Tor OnionCat IPv6 /48. That should work for any overlay network. And once nodes on such partitioned networks pin content, outside connections are irrelevant. Burst sharing is also possible. Using MPTCP with OnionCat, one can reach 50 Mbps via Tor.[0,1]
IIRC, writing to the same IPNS address is (or will be?) possible with a private key, so allowing multiple computers to write to files under an IPNS address would require distributing the private key for that address?
Also, I wonder how abuse could be dealt with. I've got to imagine that graffiti and malicious edits would be much more rampant without a central server to ban IPs. It seems like a much easier (near-term) solution would be a write-only central server that publishes to an (read-only) IPNS address, where the load could be distributed over IPFS users.
We have some prior work on building a peer-to-peer wiki and dealing with the issues above: http://onlinelibrary.wiley.com/doi/10.1002/cpe.3420/abstract
What this is likely to turn into, in practice, is a forest of dead forks. Division of effort, without a combination of progress.
However, there're a couple of outstanding Ethereum Updates that would make this process easier and faster. I'd suppose that in around one year it should be possible to implement this in a fast and cheap way.
Alternatively, one could use 'Whisper', which is Ethereum's 0MQ alternative, and let multiple users work on the same document at the same time (like Google Docs or a multitude of other editors).
Ethereum is still a very young project, but it would allow to implement a truly decentralized Wikipedia.
I think you've misconstrued how edit conflict resolution works. There is no "locking" involved.
If two editors both open the same revision of a page and save changes, the second editor to submit changes may encounter an edit conflict. In most cases, conflicts are resolved automatically by the wiki engine. If this isn't possible, the second editor is prompted to merge their changes manually, or to reapply their changes.
This is not a locking mechanism. Having an article open for editing does not lock it for future changes; it just records the revision that you started with to help resolve a conflict, should one arise.
Wouldn't both be trivial to go around? For DNS, one could simply use a DNS server outside Turkey. For TCP/IP packets, one could set up a $5 proxy on any provider from around the world.
It used to be case that people with technical knowledge got around DNS blocks by simply changing the DNS servers.
Today you cannot access to Wikipedia even with, say, OpenDNS because now some popular DNS providers are being "hjacked" in Turkey . Yes, hjacking.
The key concern is the fact that an Internet service provider employs an illegal hacking technique under the pressure of a totalitarian government to censor the largest and most collaborative information repository of the whole human history just to cover one article mentioning the truth about that totalitarianism.
Do not think it is too far of a dystopia for the "more advanced" countries like U.S., especially with Trump.
But I bet this is not about the people that can circumvent this. It's for the people outside of the cities, the ones who don't have this knowledge. It's meant to make sure they don't know what's going on. That's more important than convincing the people that can't be convinced.
The moment a place has big international airport it is lost to cosmopolitanism. There is different Teheran lurking under the hijab. And a wild guess Jeddah and Saudi Aramco
So dictators grudgingly secede cultural control in the cuties that are gates to the outsude world, trade and riches, as long as they can control the heartlands.
Sometimes they block by resetting the connection.
Some IP addresses of blocked domains are blocked too.
ISPs must follow the rules or owners of these companies will loose the ownership, as it happened with many anti-AKP companies.
$5 is expencive for average Turkish citizen.
Evading the issue is not a real solution. They will keep blocking web sites. The issue is uneducated people voting for him.
What I don't understand is why do they block ALL versions of wikipedia?
They could have at least provided us with a "safe version" of wikipedia under a governmental domain like wikipedia.diyanet.gov.tr
As a citizen residing in Turkey, I'm concerned, afraid, but mostly frustrated.
It was a weekend project I knocked up about a month ago.
In short, you can pay 4 cents a month (in Bitcoin) per gb to have my ipfs node pin your files.
I've been pondering starting a cheap service that accepts bitcoin (too cheap for CCs and not worth the hassle of paypal), but wasn't sure about the viability of relying on bitcoin as the primary transaction currency.
Bitcoin transactions in testing have worked perfectly & the display is zero conf which means you can pay and see that the payment on the hash the minute.
Customer uptake has been lacking for my project, but I believe that's because I've created something that works really well for two very niche markets (which fortunately have a lot of overlap.) depending on what your project is, you can always add a credit system whereby people can dump $5 or something via credit card and you allocate that to them for them to spend as and when they need.
You have my thanks!
A note on ipfsstore: while ipfsstore provides a very valuable service for those who know why such a a service would be used, the website provides no real information for those who don't already have that prior knowledge. What little information it has is tucked away on a separate page. I think if you clearly advertised the primary value that your service provides (offsite data redundancy/replication) on your landing page, you might see more uptake.
If IPFS and bitcoin ever hit critical mass, I think you'll end up with a surprisingly lucrative venture on your hands.
Otherwise you're welcome & me too.
I've considered a strategy like this where the host is "distributed" across thousands of commodity VPS providers, though. There would need to be VPS providers in the country in question for such a thing to work, which isn't always the case.
Community edited wiki != Censorship
Centrally administered information channels == Censorship
The state has equal power as citizens to make edits. Meanwhile the state has exclusive power to shut down network access, persecute people for publishing edits or providing access to censored information, chilling effects, etc. Pretty big difference.
On the internet 1000 voices don't speak 1000 times louder than one, it would be relatively easy for a small group to widely advertise that there is a discrepancy.
Effective propaganda would only be possible where any contradictions are unable to provide evidence, causing an appeal to authority to become one of the most viable means of resolving the dispute. This is where the majority - but not all - of our current propaganda sits.
IPFS would help. It wouldn't solve disinformation but it would tidy up the game.
In a limited context, for a limited time, they can. There are many situations where this is all that's needed. (Like, the run up to an election.)
it would be relatively easy for a small group to widely advertise that there is a discrepancy.
A large enough, well established enough group would be able to discredit this discrepancy.
For the second case, this is why I talk about the nature of effective propaganda. Evidence is the only reliable way to fight against an authority, as the larger group would be significantly less able to censor evidence they are forced to use unverifiable propaganda - this is much less effective for them.
As I said, this would only work in the short term.
Wikipedia is not a moderation-free environment.
Which is why I pointed out that a large enough group would still have to infiltrate the Wikimedia organization.
That prokaryotes are "primitive" life.
Eskimo words for snow.
Essentially all popular metaphors are based on misconceptions, really.
What now? Do you believe government never restrict access or distort information to their citizens, it is only a failure of lassiez-faire...
Historically governments are the largest propaganda machines
IPFS with snapshots can help people go back to those moments in time and look at articles that are no longer around.
We have evidence that simply blocking the site is happening, what you are proposing is way more expensive.
The above describes Ancient Rome prior to the change of the Republic into the Empire. It also describes the world 1/6th of the way through the 21st century.
I assume IPFS networks can be disrupted by a state actor and only thing that a state actor like the US may have some trouble with is strong encryption. I assume it's also possible that quantum computers, if and when they materialize at scale, would defeat classical encryption.
So my point in putting forward these unverified assumptions is to question whether ANY technology can stand in the way of a determined, major-world-power-type state actor. Personally, I have no reason to believe that's realistic, and all these technologies are toys relative to the billions of dollars in funding that the spy agencies receive.
You can be in the same room with no internet connection whatsoever and still exchange data.
Network transports get added kinda regularly, so far there's TCP, UTP, Websockets, WebRTC, and a couple of work-in-progress transports: Onion, QUIC, FlyWeb
Only some existing systems are known to be broken under quantum computing. Then it comes down to the implementation details.
There is no one who can say that something is not allowed on the network.
That's not to say you won't face legal or social consequences, IPFS isn't anonymous.
IPFS has all of the tools required for censorious node owners to choose to block content, and the protocol doesn't have any underlying mitigations. It's not hard to imagine, especially in places where there's a monopoly of ISPs, like across large parts of the USA and the Middle East, that IPFS nodes might be easily isolated and vulnerable to relatively straightforward censorship.
A tradeoff has to be made. Yes, I censor when I don't pin someone's porn and serve it off my node. At the same time, I'm not preventing anyone else from accessing that information.
Another comparison would be to Bittorrent. Given x.torrent, my refusal to share its contents does, in a sense, make me a censor. But my refusal (unless I'm the sole possessor of its contents) doesn't prevent anyone else from sharing it. So the final contents remain uncensored (in the whole).
Hell, even freenet "censors" in that infrequently accessed content will eventually stop being replicated within the network.
This is only increasing my confidence that networks which are aware of their underlying contents are inherently unable to effectively counter censorship, because individual nodes can always be pressured to drop content, and the Pareto principle guarantees that this censorship will be effective as long as the pressure is put on the most popular nodes.
I hear and am sympathetic to your point of view. Google takes a similar stance with email, Gmail, and spammers; consider, "Yes, Google censors when we don't relay someone's spam and serve it off our servers. At the same time, we're not preventing any other mail relays from forwarding that mail." (I'm not speaking for Google, merely making a rhetorical argument.) This is widely considered a good thing.
I am merely disappointed that IPFS, which has a lot of backing and is growing in popularity, may become both the dominant content-addressable distributed object system, and also remain lacking in terms of anonymity and availability.
(Also, while I am no fan of Freenet, you are equivocating censorship with cache expiration. One is done by people and one is done by an content-oblivious algorithm. Tahoe-LAFS's garbage collection works in the same way and is also not censorship.)
Which makes IPFS a good choice, because there are no "popular nodes", or am I missing something here?
In case of IPFS you can ship HDDs behind the firewall and distribute content internally via local internet, intranets, mesh networks or just by moving files around.
If a censoring body wants some information gone, just devote some attention to lobbying the various gatekeepers in Wikipedia.
Without proper support of an anonymity overlay, using Tor to get around your government's censor doesn't sound like a very wise idea.
But I can only read English! Where's the English version?
This hash doesn't do much for me:
If I can't read it in my language, it's still censored for me.
If you suppress it in one place, people can put it up somewhere else.
If you block one path, people can make the content available through another path.
If you modify it, people know that you modified it, have clear ways to distinguish between your copy and the unmodified copy, and can request the unmodified version without wondering which version they're getting.
If you destroy all the copies on the network, people can add new copies later and all of the existing links will still work.
IPFS can't protect people from a government physically tracking down every copy of the censored content and destroying it -- that requires other efforts external to the protocol (ie. move copies outside their jurisdiction). It does, however, make it possible to move many copies of the content around the world, passing through many hands, serving it through a broad and growing range of paths, without the content losing integrity.
An overly broad scope means that censorship loses its moral oomph.
Edit, more info here, at part 2 https://ipfs.io/ipfs/QmNhFJjGcMPqpuYfxL62VVB9528NXqDNMFXiqN5...
The respective work on making IPFS's routing work safely in an anonymous use case will be upstreamed soon.
It's better to use ipfs trough I2P or Tor if you need anonymity and hide your actions in larger traffic.
> port 4001 is what swarm port IPFS uses to communicate with other nodes
this is not the average sysad we're talking, it's a state actor with access to all local isps resources.
Maybe it's the fact it's (still) a StartSSL cert?
Because of the same trust issues some organisations have their OS and browser installations configured to not trust any certificate signed by startcom or wosign (or a certificate that chains to one of theirs).
Perhaps but it also seems to be a test. IPFS allows the Turkish version of Wikipedia to be available even if there’s no access to the internet backbone.
That’s a game-changer for residents of repressive regimes; they just need a snapshot of the content they care about and distribute it via ad hoc networks and even sneaker net, making it nearly impossible for the government to stop.
That’s a big deal.
As we know, lots of scientists backed up lots of that data; IPFS would have been a great way to backup and distribute the data.
Both source and capture bandwidth are finite resources. Several people with considerable infrastructure (a friend in Finland working at a major network provider is among the archivists) were supporting the effort. The limit is how quickly they can peel data off the source.
A few station wagons (or SUVs) full of SATA or Blu-RAY drives might be even more useful.