/tech/ - Technology

Technology & Computing


New Reply
Name
X
Sage
Subject
Message
Files Max 5 files32MB total
Password
[New Reply]


45e99aef2cca795fa3531a8af49e97644cdbee928bc7bf7743c4234657945881.png (u)
[Hide] (25KB, 256x256)
Lately I've been interested in looking for a final solution to the imageboard problem, deplatforming and relying on centralized authorities for hosting. P2P through TOR seems like the most logical path forward. But the software would also need to be accessible, easily installed and understood by just about anyone, and easily secure/private by default.

Retroshare seemed like a decent choice, but unfortunately its forum function is significantly lacking in features. I haven't investigate too much into zeronet either but from what I recall that was a very bloated piece of software and I'm looking for something that's light and simple. Then there's BitChan (>>507) which fits most of the bill but contrasted with Retroshare is not simple to setup.

I know there is essentially nothing else out there so this thread isn't necessarily asking to be spoonfed some unknown piece of software that went under the radar of anons. But I think the concept of P2P imageboards should be further explored even though the failure of zeronet soured a lot of peoples perspective on the concept. Imageboards are so simple by nature I feel this shouldn't be as difficult as it is. Retroshare comes close but as I understand it you can't really moderate the forums that you create. Plus the media integration is basically non-existent, though media is a lesser concern. But having everything routed through tor and being able to mail, message, and have public forums all in a single small client available on every operating system is the kind of seamlessness that a program needs for widespread adoption.
>>845 (OP) 
Really I should have made the subject "Peer2Peer Imageboard/Forum solutions", because that more accurately describes what I'm interested in. But you get the point.
c37.jpg (u)
[Hide] (74.9KB, 495x528)
bump

>. P2P through TOR seems like the most logical path forward. But the software would also need to be accessible, easily installed and understood by just about anyone, and easily secure/private by default.

People ITT can directly help by making a guide or linking to good resources on how to do this.
Replies: >>860
This thread gets made again and again, yet anons only discuss the things that don't matter. The implementation is largely unimportant, language and code bloat autism aside. If you want a decentralized imageboard architecture, here are the three problems you need to solve: how to come up with a new pseudonymous identity that doesn't reveal much about the poster, how to keep that identity on the server for as little as you can (preferably not to keep it at all and just use it for an authorization handshake) and what measures to put in place to limit media content spam or make it possible to store large amounts of it. Nothing that exists right now fits all 3 criteria, so if you have something in mind get to work.

If you think I'm the biggest faggot in the world for suggesting identities, keep in mind that right now IPs serve that role for the WWW. Tor imageboards using currently existing engines already get spammed because the only address there is localhost. The only solution outside of that is more people to moderate content and captcha. One is basically amplifying the jannie problem, the other is just one layer in a proper security stack that is otherwise easily defeated if you don't use JS shit. Web of trust is dogshit because of the barrier of entry, cutting down the 3.5 anons that browse imageboards outside of redditchan to 1.5, as well as creating echo chambers. One option would be to use SSH keys or any other public-private key pair algorithm. But then you need to figure out for how long you would need to keep them on the server and overall visibility. That is, something to the effect of using the public key for the handshake when posting, not tying them to posts as IDs in the database and having an activity rating for each. Newer keys get to post less or have a more difficult posting challenge and after some posts or time you get to a rating where it's all the same. Combine that with some non-JS captchas and you have a potential pseudo-identity to softblock immediate spam.

Next is media content, the inevitable image, PDF and WEBM dump threads and where to keep them. This is why centralized or federated solutions are more practical than fully P2P ones. To have fast enough access to posts with media requires some nodes in a P2P swarm to operate more or less 24/7. Not everyone has the means or desire to do that. How do you identify the nodes that do? You can label them as trusted to enable faster loading times, but at that point you've already returned to a federated model. A mixnet P2P could solve this, where you have what are essentially server nodes that also act as trackers. As you are reading the thread, you may be chosen to offload some of the media content to other peers. The trusted nodes can also act as the webring of today, but have load balancing negotiations added on top to more efficiently store files attached to posts. That being said, you have to understand that any P2P solution deanonymizes you to an extent. By design, you need to peer with others at certain intervals. And a malicious entity, using Tor as an example, can track such a web because of how interconnected it is.

>>859
>bumping a thread on a slow board
What are you doing, nigger?
Replies: >>861 >>864 >>1148
>>860
>>bumping a thread on a slow board
fucking let him, it's not that big a deal

Decentralized imageboards so far have two practical problems:
>Meshnets/P2P approach
Spam CP on it; FUD and van whoever's left
With a bad setup, it's possible to identify posters (thanks 08chan)
Can spam it to shit in general
>Tor or similar
Put your controlled node in first position to the entry point; now it's a free MitM that you don't even have to set up (makes you wonder just how much Guard nodes are gov-controlled)
Can also subvert/control/blackmail the administration with social engineering since the site is centralized

My hot take on it is that P2P approach is fixable by first making users subscribe to a mandatory user-created filter list of their choice to prevent them from downloading illegal things while proxy chain is kinda-sorta alright under a VPN, but not an option since you need multiple backflips to find a trustworthy one that can actually tell the Big Gov to fuck off and not everyone can be expected to do this. Shitboards of today aren't populated enough to survive another migration unless clearnet dies, though it's not a waste to prepare for when the purges start.
>>860
>Web of trust is dogshit because of the barrier of entry
A web of trust is literally the only way to make this work because otherwise you drown in spam and sybils. Decentralized moderation won't work, because it will naturally centralize once load increases; there's basically no good incentive to moderate such a board for free.

>inb4 but XYZ did it
XYZ has probably 100 users at most. I've used completely(!) unmoderated forums before: They work when nobody knows about them and you have two dozen fags there. They go up in flames as soon as user count increases.
Replies: >>888
bfee5c932e8f6716abedcd547dae0b4eee4b04d8254ecbfd4dedf828854c2115.jpg (u)
[Hide] (27KB, 296x296)
>TFW I can't into computers and can't help.
Replies: >>867
>>865
Nobody can do the computer. If you learn to glue together 2 pieces of shit into a barely functional big shit, you'll basically be about as good as anyone else.
I see this subject come up over and over again and what most people keep suggesting is exactly what 08chan+tor already is. The identity shit was not even as big of an issue as it was made out to be as you could change the identity whenever you wanted. Identities were implemented to make it easier to deal with cheese spam if I remember correctly without considering how it could be used to track posters across threads. Blacklists which you could even opt out of were used to remove cheese and moderate in general, blacklisted posts/identities would never even get downloaded or seeded.
Replies: >>871 >>875 >>889
>>870
The one and only time I tried zeronet it was ridiculously sluggish and hard to run on low end hardware. Maybe it's worth another look, though.
Replies: >>872 >>875
>>871
>ridiculously sluggish and hard to run on low end hardware
Forgot about that, GUI is some html5 async abomination if I remember correctly, on top of that it could also be slow because everyone stopped using it so no peers 08chan was most of zeronet's users for a while.
Replies: >>873
>>872
Yeah I just got it running again now. For starters it isn't push button to get working over TOR. The configuration isn't all that difficult, just editing the torrc file and adding some permissions, but I'm sad to say the average capability of anons is probably below even that. Also holy fuck this shit has such a cancerous UI, animations flailing around my screen giving me eye cancer shit swooping into view and swooping out.

I want to put my fucking first through the skull of whoever the fuck thought this was acceptable. I don't care if things take awhile to load because of low peers, but holy fuck I just want static pages with static images, and static text, and static media. I don't need epic zooming and wobbling and fucking shaking. JUST LIST TEXT AND IMAGES WHY IS EVERYTHING ON MY SCREEN MOVING ALL THE TIME
Replies: >>874
ClipboardImage.png (u)
[Hide] (173.5KB, 1126x455)
>>873
Now drag the right sidebar out for even more ebin animations :^)
>>870
>you could change the identity whenever you wanted
>Identities were implemented to make it easier to deal with cheese spam
Spot the problem.

>>871
Unlikely, Zeronet devs have a history of being complete morons. Non-CSPRNGs for crypto, pulls in the entire web shitstack, claims that are completely untestable, and on top of that, the project presents itself like a scam (look at the fucking website). Ever since it was shilled on /pol/ back in 2017 or so I have no idea why anyone ever gave it the time of day.
Replies: >>878
>>875
>Spot the problem.
No shit, it did help a bit though but they should have just implemented the blacklists without identities. Still, they are not the end all they are often made out to be.
>>864
I agree that it's the only way for a fully decentralized P2P network. That's why my overall message for the post was that a federated network with Bitchute-like clients as peers who temporarily help with content delivery during peak times is a better model.
>>870
>I see this subject come up over and over again and what most people keep suggesting is exactly what 08chan+tor already is. 
<REGISTER TO POST BECAUSE WE CANNOT DEAL WITH SPAM
die teen
Replies: >>890
>>889
Thats not how it worked.
>>845 (OP) 
I wish there weren't so many web-based approaches. I'd rather have a general API specification and a simple protocol than a full on system with even CSS and shit. People need to get the fuck out of their webbrowsers. That's why I liked the nntpchan approach, but it's not perfect. The whole thing should work as a command line application, as a tui, as a desktop gui, sure, also some kind of web implementation. But in general there seems to be too much of a focus on specific implementations. Everyone's kind of doing his own thing from start to finish but there is a lack of generalization. Would be nice if all these solutions were able to communicate with each other in the end.
>>845 (OP) 
Personally speaking federated imageboards looks to be a better solution than p2p. P2P services honestly suck.
Replies: >>972
>>942
Federated imageboards still depend on hosting providers and centralized administration which has proven to be on multiple occasions a significant problem given the nature of the communities. A P2P imageboard that can be forked by anyone at any moment the second they want to fragment away from the original BO solves many issues. If the BO abandons the board, just fork it, if the BO chimps out, just fork it.

Too many times have sites gone down and content been lost while we depend on central authorities. Imageboards are most just text and small files, they're a prime candidate for P2P. I wish retroshare had some good imageboard software in it, the rest of its features are great besides the shitty forums. It would be awesome to have mail, file sharing, microblogging, IRC, and imageboards bundled into one neat little P2P over TOR software suite.

Retroshare is almost the perfect solution, or at least the best thing I've found that even comes close to a solution.
>>845 (OP) 
Freenet?
Replies: >>1003
>>998
Don't use Freenet. It's very easy to be traced by police.
Replies: >>1032
I'd say one possible option is to create a stand-alone imageboard consolidator, then copies of it can not only scrape their own favorite boards, but share content with each other thereafter P2P-style across onion links to fill in each other's missing content.

Kind of like a standalone BitTorrent client, but for imageboards & without the raw IP issue.
Replies: >>1030
>>1029
>can not only scrape their own favorite boards
I guess I should clarify my idea here a little. So a user of the standalone would point the scraper to their favorite imageboards, whether clearnet, Tor, Freenet, I2P, w/e, then thereafter this DL'd content would be available via P2P sharing with other users of the same content.

If an important site is deplatformed, so what? All the content is still on potentially hundreds/thousands of client machines, and readily available to everyone else using this network.
Replies: >>1031
>>1030
>and readily available to everyone else using this network.
And could provide some kind of exporter process to quickly get the deplatformed system not only back up and running elsewhere but replicated across a large number or recovery sites thereafter.
Replies: >>1033
>>1003
proofs or is this just meaningless FUD?
>>1031
And as far as spam, D&C, derailing, goonops etc. goes, individual users of the software can 'report' the content and if new content entering the network gets a lot of reports then it can be shuffled into a 'do not download' listing based on individual user's specified choices. So if glowniggers or other goons are trying to spread misinformation, cp, w/e, then that new content can get quickly flagged by consensus and can be kept from even downloading into client machines after being marked so.

Additionally, you could have autistic, self-appointed 'gate-keepers' who could incessantly watch their favorite boards and immediately blacklist anything they didn't like. Any like-minded users could subscribe to their lists ala AdBlocker-style, and content would be avoided that way. Anyone who became really adroit at blocking exactly what these groups didn't want to see would quietly (and quickly) form a positive reputation with that group. 

Using this type approach even unwanted content that managed to arrive on a client's machine could be scrubbed off according to these lists afterwards.
>>1033
-Further description about subscribing to the gatekeeper's lists
Any content a user blocks could be compared to these 'adblocker' lists and a heuristic could present that gatekeeper's list to the user with a 'likelihood of taste compatibility' score and offer to subscribe. If the matching algorithm is successful at making a good match in user tastes, then that user should have far less 'nuisance' to report about afterwards, the autist doing all the heavy lifting for them beforehand.
Replies: >>1064
>>1033
What would be the defense against malicious spam? I'm assuming that the Good Samaritan clause is applicable, that is 24 hours to delete illegal content. Say an imageboard gets spammed with pizza, the scraper mirrors it and now it's potentially mirrored on a number of clients, all of which have their IP visible to peers even if it's the IP of a VPN or an onionshare link. How do you propagate deletions of content that isn't spam, which isn't a pressing issue as it can be moderated out with time?
Replies: >>1066
>>1033
>votebanning
Welcome to reddit 2.0.
Replies: >>1065
>>1033
Any system that doesn't depend on a central moderation authority is too complex to be manageable. What you need is decentralized distribution of the content, but centralized authority over which content is distributed and removed from the network.

So you "subscribe" to a BO of /v/, but anyone could fork /v/ and become the new BO of that newly spawned /v/ fork. After that hard fork any new posts made on either board would be isolated to their own networks, and if people wanted they could choose to subscribe to the new BO's authority instead and begin seeding his network of content.

Any consensus moderation system that deviates from traditional moderation is just going to be exposed to abuse or in the best case scenario really fucking shitty. Traditional centralized moderation works fine, the issue that needs solving isn't how to moderated an imageboard but how to host and distribute the content.

I wonder if this can be achieved through blockchain tech like Ethereum. Too bad I'm a no dev brainlet and couldn't even begin to comprehend that sort of shit.
Replies: >>1064 >>1068 >>1069
>>1042
>Any system that doesn't depend on a central moderation authority is too complex to be manageable
No, see >>1034
Decentralized authority is manageable with the subscription pattern. Similar to git forking and merging. Users can pull moderation just like patches and diffs. They can also build on top of other's work and open their changes to pulls. Note that there is no ownership of the board, each user only owns the node they are on. There is and should be no need for a "management". It should also be not possible to be managed in order to protect the network from (((mass censorship))).
Usage will be different but it is still very easy to understand and handle for each individual user. Just pull lists I want, configure attachments to be downloaded only after all subscribed list's approval. To publish your work, add your own bans and deletes on top of the result and open it up for pulling.
Traditional centralized moderation doesn't work fine. BOs and mods can be compromised, they can also disappear and show up a month later. Previously, the only measure possible for dropping quality is to leave. Now, it is possible to just fork the moderation. Users won't ever be lost anymore. The network can also support any and all kinds of preferences by having different moderation for the same content.
Nothing really different from sharing your local post filters.
Replies: >>1067
>>1040
Actually, it's up to each individual whether they want to pull the moderation or not.
>>1039
>What would be the defense against malicious spam? 
Addressed in a basic way already:
>>1033
>Using this type approach even unwanted content that managed to arrive on a client's machine could be scrubbed off according to these lists afterwards.
>>1064
Yes, I think you've got a workable idea Anon. Seems worth exploring of publish/subscribe. Both for board's content and also for moderation as well. Individuals who were doing something a lot of people were also interested in would naturally 'bubble to the top' simply by dint of interest in their publish.
>>1042
>Any system that doesn't depend on a central moderation authority is too complex to be manageable.
I'm not inclined to think so. This system is intended to enable experience Anons to share the boards they like and share the moderation they choose. The intent isn't to help newfags get on board necessarily. If someone wants to create a "babby's first imageboard" experience, then that could also be a part of it I suppose ,and the software could even default to that list as an initial setup.

Apart from that the 'management' is simply left up to the individual, and they can share their moderation with everyone else. The ones who already know their shit will both find it easy, and will immediately rise to the top on the content/moderation lists.
>>1042
>Traditional centralized moderation works fine
Fine until the next Red Flag gayop intended to destroy it. With the Bolsheviks in power in the US now, you can be sure they will do everything in their power to remove anything like imageboards from existing. 'Traditional Centralized' systems are natural targets for this kind of Commie Pogrom kikery.
You know it occurs to me that one expedient for choosing what lists to subscribe could be to have some kind of 'show additional moderation' button that would in a very fluid, responsive way help you discover what a board's content looks like under different publish-moderators. Anything that's objectionable to you might already be marked so by some anon, and if you saw enough of his agreeable edits/deletions/bans then you could try out his published changes. Or, if you decide you don't like it so much after all, simply revert it and any excluded content would simply flow to you from the ones you still had active.

As suggested already ITT, I presume the best way to kick-start the system is simply to clone boards that already exist today across the Internet. I'm guessing this could even feature the idea of 'consolidating' different boards that are on the same topic? Maybe all /tech/-type boards, regardless whether they were named /g/, /tech/, /gentoo/ or w/e on their parent site could function in this system as one huge-ass /tech/ conglomerate. All shared amongst the network nodes via P2P over Tor onion services.
Replies: >>1071 >>1072 >>1076
>>1070
One other thing, instead of just having 'Ghost' conversations with cloned threads from clearnet IBs (ala 4plebs), why not make the conversation two-way? Can't the client software also act as a normal client with a standard view into a normal board? So, this zzz/tech board could be cloned into the Anon-Net lol somebody come up with a name for this soon system, then any nodes that wanted to could 'talk back' to the source board's poster (ie, zzz/tech anon) through it as well. And for site like this one that already provide their own onion service, it should be a snap to keep the comms simple and orderly.
>>1070
The original plan had been laid out in Julay/tech/: https://alogs.theguntretort.com/tech/res/2743.html#q2743
It took into account the transport layer and protection against great firewall style censorship.
Pasta:
Idea: >p2p >semi-centralized moderation >anon via Tor/i2p/freenet/loki/Gnunet >hierarchial tag based "boards" Idea detailed: >all posts + data(eg:images) is seed and transfered by p2p >moderation providers can be subscribed, anyone can be a moderation provider >moderation can be inherited with some personal changes >banned posts/checksums/regexs will not be seeded >anonymity can be provided through any chosen protocol >overboard is root, eg: /tech/robowaifu, /pol/left Reasons: >no single point of failure >easy moderation, semi-decentralized, less drama >no central cost, no donation necessary (everyone keep their machine on all the time anyways) Problems & possible solutions: >cannot ban a poster <regex ban possible <whitelist style moderation provider >post latency/conflict/feds mods <blockchain? >moderation latency, problem for blacklisting moderation (eg:download CP before banned) <don't decrypt/show posts after moderation lastpost counter How is this better than the current model? >Not everyone can pay for a server, but everyone has a computer >Massive boards possible, with combined moderation and stuff >grouping boards allows wide topic discussion and stuff
Replies: >>1073 >>1074
>>1072
Thanks Anon, I didn't know about that. I'll go check it out now.
>>1072
Format fucked up.
Idea: 
>p2p 
>semi-centralized moderation 
>anon via Tor/i2p/freenet/loki/Gnunet 
>hierarchial tag based "boards" 
Idea detailed: 
>all posts + data(eg:images) is seed and transfered by p2p 
>moderation providers can be subscribed, anyone can be a moderation provider 
>moderation can be inherited with some personal changes 
>banned posts/checksums/regexs will not be seeded 
>anonymity can be provided through any chosen protocol 
>overboard is root, eg: /tech/robowaifu, /pol/left 
Reasons: 
>no single point of failure 
>easy moderation, semi-decentralized, less drama 
>no central cost, no donation necessary (everyone keep their machine on all the time anyways) 
Problems & possible solutions: 
>cannot ban a poster 
<regex ban possible 
<whitelist style moderation provider 
>post latency/conflict/feds mods 
<blockchain? 
>moderation latency, problem for blacklisting moderation (eg:download CP before banned) 
<don't decrypt/show posts after moderation lastpost counter 
How is this better than the current model? 
>Not everyone can pay for a server, but everyone has a computer 
>Massive boards possible, with combined moderation and stuff 
>grouping boards allows wide topic discussion and stuff
Replies: >>1075 >>1077
>>1074
Looks like the original source the alogs/tech poster quoted was on the Julay/meta which is apparently gone. Fortunately, I have all of julay/meta archived personally so I can probably dig that original thread back up at some point. Glad I did.
>>1070
Some additional thinking on the 'show additional moderation' thing. We should have some kind of multi-diff function that would over this. Just like diff, but potentially pulling from more than source, depending on the particular history of that content. All identical edits, etc., would be consolidated into a single diff element so you weren't looking at a long list of redundant information.
Replies: >>1078
>>1074
Seems like a comprehensive approach.
>Massive boards possible, with combined moderation and stuff 
I'd say boards shouldn't be "combined". Users should be able to view an overboard of all the post lists(boards) they subscribe to, but in order for each board to deploy the nuanced rules they generally need they have to be distinct entities to a certain degree.
Replies: >>1079
>>1076
BTW, I used to use some kind of addon when I was snotnosed that allowed anyone using that plugin to make comments about any webpage and they looked like sticky notes when the page was rendered using the plugin. Maybe some idea kind of like that.

Anybody remember what that thing was called? I've forgotten now.
>>1077
>but in order for each board to deploy the nuanced rules they generally need they have to be distinct entities to a certain degree.
Yeah, that seems reasonable to some extent. Personally I would like having every.single. tech-ish board available as one 'board' (with it's own catalog view). No worries if anyone feels otherwise, just a personal desire from my viewpoint.

But I certainly understand what you're say and why that would be a good thing Anon.
Replies: >>1080
>>1079
>Personally I would like having every.single. tech-ish board available as one 'board' (with it's own catalog view). No worries if anyone feels otherwise, just a personal desire from my viewpoint.
I don't necessarily take issue with it. In fact I think the ability to tailor your imageboard browsing experience so all the boards and threads contained within are easily accessible and discoverable is vital.

I don't think your ability to do that should be limited, but that things should be clearly labeled and defined as to not confuse retards who are posting in one /tech/ board then click on a /tech2/ thread, post a soyjak, and get their shit deleted then sperg out. So I guess I'm against pre-configured meta-post lists for people to subscribe to that aren't actually curated but just point to other moderated lists resulting in consistent clashes of people adhering to the wrong rule sets in the wrong threads.

I think meta-boards that combine multiple boards should have to be manually set by each individual user.
Replies: >>1081
>>1080
>I think meta-boards that combine multiple boards should have to be manually set by each individual user.
Yes that might be a workable compromise approach. Regardless of whether the set is pulled from a publisher, or home-spun by Anon, there needs to be a rational mechanism defined to delineate the sources back to their originals (and vice versa, in the case of two-way traffic).
Replies: >>1082
>>1081
>a rational mechanism defined to delineate the sources back to their originals
I guess what I have in mind here is some way for a client to get to an unedited version of the original posting, even if it was initially seeded to them by a publisher who edited it. For example if there was a publisher that in general I liked his edits, etc., but he was particularly squeamish about saying the word 'nigger' and put some kind of dopey word filter on it where that post says some thing "That retarded fucking double-friend ruined everything!", then I'd like the opportunity to recover the original text by some other pathway so I could read it properly: "That retarded double-nigger ruined everything!"
Replies: >>1083
>>1082
Lol it's getting late. Just put a big button along the post headers
View Original :^)

I'm off for now, cheers /tech/.
Replies: >>1100
>>1083
This isn't IRC faggot, you don't need to literally sign off.
Replies: >>1101
>>1100
Don't get your panties in a know bro. It's just good manners where I'm from.
So, I think BitTorrent's DHT mechanism should suffice for peer discovery across the onion service distributed system. I figure the project code repo itself will maintain a known list of trusted peers to bootstrap a new node into the system.
Can someone here point out a solid reason this wouldn't work? Or suggest a better approach than DHT?
>>860
>how to come up with a new pseudonymous identity that doesn't reveal much about the poster
This has been on my mind for a few years now, and I think I've got a decent solution via cryptography.

Associate each user post with a unique asymmetric key pair and divide posts into "good" and "bad" sets. In order to submit a new post, a user must provide a ring signature over the set of "good" posts - anonymously proving that at least one of those posts was made by them. This scheme by itself isn't particularly compelling, since a user can simply rely on a single "good" post. However, by restricting the maximum ring size and/or invalidating posts over a certain age, correlation attacks are made possible. If the correlation is something that the user can measure, the user is forced to decide between continued "bad" posting and their anonymity; the only way to decrease correlation is to create "good" posts. A user with no valid posts or only posts with an undesirably high correlation from re-use is effectively banished without having been de-anonymised. Users who don't care about their anonymity will end up with extremely high correlation which can then be used to automatically invalidate their posts.

This scheme can be extended by requiring an additional signature over the user accounts (asymmetric keypairs, again) in order to maintain exclusivity. This is because the private key of the account can be used to de-anonymise the user's previous signatures (in some schemes). Alternatively, it should be possible to construct deniable signatures that protect users against key disclosure laws at the cost of not being able to restrict this behavior.

Why haven't I implemented this yet? I don't have to cryptographic chops to prove the soundness of this scheme, nor do I have an audited ring signature implementation to build this with. There's also the concern that if you're going to take anonymity seriously, then you need to consider the following attacks:
>the set of posts the user is aware of or has downloaded serves as a fingerprint
>the server can mount a sybil attack on the user to reduce their anonymity set
>the user's client can itself be fingerprinted. I am not aware of any protocol where this has been proven not to be the case.
Replies: >>1224
>>1148
All good posts, and I appreciate the effort Anon. But if you end up with "And no, no way to get there from here" and just leave it hanging at that, then it's all just a nigger-pill tarbaby.

I have a feeling you don't actually think it's impossible though (your apparent conclusion notwithstanding) so even if you don't feel qualified to, why not take a whack at it? Or at least a more detailed description of the requirements? You certainly have more to offer on the topic than most of the rest of us do Anon.
Replies: >>1239
>>1224
>just leave it hanging
>your apparent conclusion 
It appears there's been a miscommunication; I was just listing out further obstacles in the hopes of additional discussion, or for someone more knowledgeable to pick up the torch. While the Sybil attack is a serious issue in the age of GPT-3, everything else is definitely manageable for someone with formal cryptographic experience. To give some ideas:
>have an audited ring signature implementation to build this with
This is important because there are many non-obvious side-channel attacks in even the most innocuous cryptosystems. However, if post generation is performed offline, then perhaps Cryptol (https://cryptol.net) could be used as a decent compromise since it eliminates large classes of programming errors and opens the code to scrutiny.
>the set of posts the user is aware of or has downloaded serves as a fingerprint
This can potentially be mitigated by either Freenet or Private Information Retrieval techniques. I didn't mention these because the former has other issues related to the way it provides plausible deniability, and the latter because it has serious performance issues.
>the server can mount a Sybil attack on the user to reduce their anonymity set
The issue with this one is it's essentially the same kind of catch-22 as trying to ban people while preserving anonymity. Even if everyone knew eachother IRL, and then the account extension to the scheme was used, a user could still flood the forum with fake posts. In principle, PoW could be applied, but given that even relatively large cryptos are "cheap" to 51% attack, I doubt anything short of 4chan or reddit-sized populations would benefit from it. The only thing working in our favor here is that GPT-3 is still discernible in conversations, so users could potentially notice such attacks in action.
>the user's client can itself be fingerprinted.
Freenet also solves this problem, since everyone's using the same client. However, I would prefer to build on a simpler protocol that allows people to write or use clients that they trust, instead of relying on a large centralized project that may be compromised. Then again, I use and rely on tor. As for the possibility of just doing it all in the browser, the issue here is that you have to trust the server to send uncompromized code. There might be a solution in using bookmarklets to act as a trusted codebase that bootstraps the rest, but I don't know of any research that confirms it as a valid tool; in the very least, there's a tension between allowing updates to the code and keeping old, well-verified code around. There's also the fact that javascript is a trash fire.

>why not take a whack at it?
Because it feels like an overwhelming task and I'm terrified that I'm full of shit and could put a lot of people in serious danger. I am also not in a good position to provide hosting, unless people are willing to donate enough XMR for me to anonymously buy it. If people are seriously interested in the idea, I guess I could give it a stab if only to raise awareness. That is, it bears repeating:
>I don't have to cryptographic chops to prove the soundness of this scheme
I am deeply worried about my own proposal because it's deliberately playing with fire by employing correlation attacks against the users. I have no idea whether the foundational assumption that producing more "good" posts reduces the correlation is true. While there is precedent for this kind of hijink in cryptogaphy (FHE being a recent example), it could easily not be the case here.

>Or at least a more detailed description of the requirements?
Is there anything in particular you think needs more detail? I didn't want to elaborate too much since I type like a fag.

>You certainly have more to offer on the topic than most of the rest of us do Anon.
I would hope not, otherwise "we" are fucked.
Replies: >>2049
>>1239
Is FHE applicable for user registration?
Replies: >>2419
>>845 (OP) 
This is all well and good but is there any want from the mods to implement something like this? It seems all the chans with users don't want to upset the status quo
Replies: >>2419 >>2420
Wow it's been a while. Had a friend with some crypto knowledge look at the problem a while back but we fell out of contact and he's busy with his own stuff.
>>2049
In what way? What problem is there with registration that needs to be solved? FHE just allows you to perform arbitrary operations on encrypted data. You could use it to implement a bunch of other cryptographic primitives/protocols, but there are often more efficient, specialized solutions for them. Besides, the issues with registration are arguably more soft/social - how do you filter the tards and glowies while preserving their anonymity?
>>2174
Maybe not right now, but it's inevitable that chans are going to be shoah'd. Decentralization and darknets are the only way they can survive the near future.
>>2174
gladly
>inb4 implying chans with users
Replies: >>2421 >>2423
>>2420
>#nolife
>>2420
LOOOOOOOOL
Get niggered
>>845 (OP) 
Internet is a decentralyzed medium, its not that decentralization leads to things getting any better. A good example of this is bit coin, which is now under the monopoly of Chinese cryptofarms. 
The rot is even deeper, decentraliztion/federalization movement, even if it were successful in the first place and people leave the centralized parties en masse, will only result in the cycle being repeated once again. 
What we need to do is go to the root of the issue and pluck it from there.
Replies: >>2534
What about building an IB system riding on top of the Tribler system?
>>2509

What would that be, anon?

66 replies | 4 files
Connecting...
Show Post Actions

Actions:

Captcha:

Instructions
- news - rules - faq -
jschan 0.1.4