I have this weird idea for a distributed and private Mastodon instance:
- the instance would be Tor-only
- anybody* could help host an instance they like by installing and running some software (let's say a "node")
- the nodes would connect with each other and coordinate which one should do what (storage, database, http, etc)
- by using OnionBalance one can split the traffic among all the "http" instances
*not really "anybody" because this would make it trivial to take down the instance
if the traffic is sufficiently spread around, then it could potentially become feasible to host the entire instance outside of the cloud, avoiding any kind of "deplatforming"
@ikmertz it looks like tor has some nice dos protections built in, especially for v3 hidden services. ideally i'd try to use those instead of relying on external providers
i'm not too familiar with those stuff, but i read the tor manpage and it had a few interesting options to limit bandwidth burts to prevent dos attacks.
plus, there's a way to kill circuits that spams too much, and considering that building a circuit is fairly expensive, this would limit the capacity of an attacker to take down an hidden service
@afilini @ikmertz individual hidden services. I guess those things can help, especially against unmotivated attackers, but they are not prevending DoS entirely. I am not entirely familiar with that world, but recently Dread admin threaten to boot from Dream all dark markets which will be discovered DoSing each other (as he/she was in the known that multiple markets where paying attackers to do that). So yes, it still a problem.
@Seccour that could help for some stuff, but it would mainly distribute just the http part, not all the other components of a mastodon instance (storage, background processing, etc)
still very interesting, i'll take it into account as well
@afilini Really only issue I can think of would be changing the dynamic of trusting privacy of DMs from one entity to multiple, but that's already kind of a problem cross-instance anyway and a general weakness of Mastodon.
@rusticbison i'm not a huge fan of ipfs myself because it doesn't really replicate data unless many people download a specific file. i guess it would work, but I'd try with something else first if possible
@afilini from a UX standpoint IPFS is also really slow and often unreliable. Maybe webasm w/ local storage in the browser is better, especially if you don't try to persist content forever.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!