this post was submitted on 05 Mar 2024
131 points (87.4% liked)

Open Source

31406 readers
66 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Radicle: Open-Source, Peer-to-Peer, GitHub Alternative
https://radicle.xyz/
@opensource

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 33 points 8 months ago* (last edited 8 months ago) (4 children)

The most important questions about any p2p service:

  • why would anyone store my data?
  • why would I store someone else's data?
  • how can i be sure that someone else's data is not CSAM: i found the answer you can select what repos to sync

It seems to me it's IPFS again, but now for git repos. And it has the same problems as IPFS

[–] [email protected] 20 points 8 months ago* (last edited 8 months ago)

I believe the thinking should be the other way around.

No one wants to store your code, and you shouldn't store anybody's code either. But suppose you have a group of people who want to collaborate on (or just mirror) a codebase, so they already decided to store it on their machines. This project gives them a decentralized tool to coordinate their efforts, and their code/issues/patches will be stored and accessible as long as they are interested in it.

Like, the tool doesn't give you a reason to use it, but if you have a reason then here is a tool to help you.

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago)

Same question. P2p was initially used to pirate stuff e.g. movies which isn't a private property and streaming that through p2p made a lot of sense. But for codes I don't know if its appropriate or not...

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago) (1 children)

Why is CSAM the only traffic you object to? When you run torrent clients and such how do you filter out CSAM peers from the DHT?

[–] [email protected] 5 points 8 months ago (1 children)

There were other similar initiatives where everything is encrypted, so you cannot be sure what others store on your node. For torrent you can select what torrent you download and share.

I was thinking about Storj, where you get "money" for hosting other people's content in a similar p2p fashion. For Storj the answer to the first 2 questions are money, but you can't answer the third, because encryption. ("Money" is not real money but some strange crypto, but that's not important now.)

CSAM is just the worst possible example, it's forbidden in most countries of the world, and no sane people should be ok storing it. The main thing is, if you host other people's content, can you know what is the content, do you have some word if you want to host it or not.

[–] [email protected] 1 points 8 months ago (1 children)

You do not have a choice what your machine passes on from your peers via the DHT

[–] [email protected] 0 points 8 months ago (1 children)

DHT returns an ip based on a hash, what do you mean.

If you solely rely on DHT for searching for new things to download, than yes, that's a good way to get unwanted material on your hard disk, I don't recommend to do that to anybody at the curtent state of the technology. Don't mix up things deliberately, usually people don't do that, they get a torrent file or magnet link from a trusted source, than DHT can't mess it up.

[–] [email protected] 3 points 8 months ago* (last edited 8 months ago) (1 children)

Participating in the DHT allows others to find torrents and peers, without filtering, beause your machine is sharing information from your DHT peers.

Interesting where you try to draw the line

[–] [email protected] 1 points 8 months ago (1 children)

As I understand DHT is just addresses and hashes, not the actual data.

I draw the line this way: If I disconnect the computer from the network any given time, does it store the questionable data.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago) (1 children)

Would running an onion relay that helps people access illegal material be fine? Nothing gets stored on your machine

[–] [email protected] 2 points 8 months ago (1 children)

Yes?

Do you want to ban the internet because people using it for bad things? Basically you say the same thing.

I don't care what other people do, I care what they could do with me.

[–] [email protected] 1 points 8 months ago

I never suggested such a thing, was just curious on your viewpoint.

The way I see it, as any platform or service gets more users, traffic and messages the probability that it will be used for nefarious purposes approaches 100%. It's the nature of life, it'll happen anywhere and everywhere people can communicate or interact. It's counter productive to ban technology like encryption or decentralised services just because someone might use it in a way the government doesn't like, or for other nefarious purposes.

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)

Here's another response I got from someone from radicle regarding this.

That's a great Q.

Radicle can support a federated model, where known major seeds are connected with multiple smaller clusters. >Radicle supports also completely self-sustaining and disconnected clusters of nodes networked between themselves >within that cluster. And of course any other network topography in between.

There's a promising active proposal to establish a dedicated new Radworks Organization tasked with solving the >incentivization and reward problem for seeds. https://community.radworks.org/t/discussion-rgp-22-start-the...

Additionally, similar to how one can "star" a repo on GitHub, one can "seed" a repo on Radicle. "Starring" a repo is >often a toast of support, akin to an emoji reaction, with little more effect other than that, but in Radicle "seeding" a >project, goes beyond incrementing a vanity metric: it actively supports propagating that project across the Radicle >network. The count of seedings per repo can also be used as a differentiator between original and "copy-cat" ones.