I have this weird idea for a distributed and private Mastodon instance:
- the instance would be Tor-only
- anybody* could help host an instance they like by installing and running some software (let's say a "node")
- the nodes would connect with each other and coordinate which one should do what (storage, database, http, etc)
- by using OnionBalance one can split the traffic among all the "http" instances
*not really "anybody" because this would make it trivial to take down the instance
but if we change the trust model to a federation with a strong "leader", then it basically becomes pretty similar to what we have here today, with the added benefit that the admin doesn't have to carry all the costs of running the instance
if the traffic is sufficiently spread around, then it could potentially become feasible to host the entire instance outside of the cloud, avoiding any kind of "deplatforming"
@ikmertz it looks like tor has some nice dos protections built in, especially for v3 hidden services. ideally i'd try to use those instead of relying on external providers
@gugou_daktulios @ikmertz are you referring to dos attacks towards the whole tor network or individual onion endpoints?
i'm not too familiar with those stuff, but i read the tor manpage and it had a few interesting options to limit bandwidth burts to prevent dos attacks.
plus, there's a way to kill circuits that spams too much, and considering that building a circuit is fairly expensive, this would limit the capacity of an attacker to take down an hidden service
@afilini @ikmertz individual hidden services. I guess those things can help, especially against unmotivated attackers, but they are not prevending DoS entirely. I am not entirely familiar with that world, but recently Dread admin threaten to boot from Dream all dark markets which will be discovered DoSing each other (as he/she was in the known that multiple markets where paying attackers to do that). So yes, it still a problem.
@afilini Check out Zeronet
@Seccour that could help for some stuff, but it would mainly distribute just the http part, not all the other components of a mastodon instance (storage, background processing, etc)
still very interesting, i'll take it into account as well
@afilini Really only issue I can think of would be changing the dynamic of trusting privacy of DMs from one entity to multiple, but that's already kind of a problem cross-instance anyway and a general weakness of Mastodon.
@shinobimonkey @afilini The real solution to that problem is e2ee.
@kekcoin @shinobimonkey yeah that's true, but again people should just avoid non-e2e dms anyway, regardless of how/how many people run the instance
@afilini @shinobimonkey Eh. It's just another visibility setting to your posts. As long as you take the limitations into account they are a reasonably fine tool (though, admittedly, their presentation is likely to give the wrong idea).
@afilini how about a message board client that reads/writes to IPFS? Someone has a project like this called "boards": https://github.com/ipfs/awesome-ipfs
@rusticbison i'm not a huge fan of ipfs myself because it doesn't really replicate data unless many people download a specific file. i guess it would work, but I'd try with something else first if possible
@afilini from a UX standpoint IPFS is also really slow and often unreliable. Maybe webasm w/ local storage in the browser is better, especially if you don't try to persist content forever.
@afilini pretty sure a kind of ddos protection is needed. Perhaps a lightning network integration?