For anyone who wonders, this is related to cryptocurrencies
How so?
The company running the project is heavily involved with cryptocurrency. https://radworks.org/
They seem to be running their own “DAO” as well. https://www.tally.xyz/gov/radworks
I was so excited when I read the title. Of course they would add crypto ._.
@pcouy Don’t confuse crypto with cryptography; I don’t see anything about cryptocurrencies here
I admit they hid it pretty well, but look again. Radworks, the entity behind Radicle, is a DAO, which makes anything they do related to cryptocurrencies
The most important questions about any p2p service:
- why would anyone store my data?
- why would I store someone else’s data?
- how can i be sure that someone else’s data is not CSAM: i found the answer you can select what repos to sync
It seems to me it’s IPFS again, but now for git repos. And it has the same problems as IPFS
I believe the thinking should be the other way around.
No one wants to store your code, and you shouldn’t store anybody’s code either. But suppose you have a group of people who want to collaborate on (or just mirror) a codebase, so they already decided to store it on their machines. This project gives them a decentralized tool to coordinate their efforts, and their code/issues/patches will be stored and accessible as long as they are interested in it.
Like, the tool doesn’t give you a reason to use it, but if you have a reason then here is a tool to help you.
Same question. P2p was initially used to pirate stuff e.g. movies which isn’t a private property and streaming that through p2p made a lot of sense. But for codes I don’t know if its appropriate or not…
Why is CSAM the only traffic you object to? When you run torrent clients and such how do you filter out CSAM peers from the DHT?
There were other similar initiatives where everything is encrypted, so you cannot be sure what others store on your node. For torrent you can select what torrent you download and share.
I was thinking about Storj, where you get “money” for hosting other people’s content in a similar p2p fashion. For Storj the answer to the first 2 questions are money, but you can’t answer the third, because encryption. (“Money” is not real money but some strange crypto, but that’s not important now.)
CSAM is just the worst possible example, it’s forbidden in most countries of the world, and no sane people should be ok storing it. The main thing is, if you host other people’s content, can you know what is the content, do you have some word if you want to host it or not.
You do not have a choice what your machine passes on from your peers via the DHT
DHT returns an ip based on a hash, what do you mean.
If you solely rely on DHT for searching for new things to download, than yes, that’s a good way to get unwanted material on your hard disk, I don’t recommend to do that to anybody at the curtent state of the technology. Don’t mix up things deliberately, usually people don’t do that, they get a torrent file or magnet link from a trusted source, than DHT can’t mess it up.
Participating in the DHT allows others to find torrents and peers, without filtering, beause your machine is sharing information from your DHT peers.
Interesting where you try to draw the line
As I understand DHT is just addresses and hashes, not the actual data.
I draw the line this way: If I disconnect the computer from the network any given time, does it store the questionable data.
Would running an onion relay that helps people access illegal material be fine? Nothing gets stored on your machine
More importantly, why would you want to host code on a few likely-totally-unreliable computers, when you can host on a few servers which are bulletproof with redundancy?
Github has a SLA of 99.9% uptime reliability lol
I thought it’s the CalDav and CardDav server.
Yeah. I wish folks would do a simple web search before picking names. Radicale has been around for years; it even has a domain, radicale.org .
@jeena That’s Radic*a*le
I see, I read it so fast that I didn’t see it.
This doesn’t pass the smell test.
- Instructs to pipe the output of
curlinsh - Assumes that
shisbash[1] - “Community” behind it is apparently originating in Berlin, and is now a “nonprofit foundation in Switzerland”, but has no publicly disclosed legal structure anymore.
- “Community” behind it uses discord, but not revolt, matrix, simplex or others.
- “Community” behind it uses twitter, but not mastodon.
- Cryptobros.
sh <(curl -sSf https://url.redacted/script)↩︎
Installing by piping from curl is pretty common and not a red flag in and of itself. Even Rust is installed this way. If you don’t trust the URL, you also shouldn’t trust any binary installers downloaded from that website.
Rust is a red flag
Why?
Crates is insecure and, as pointed out above, so is piping curl to bash for installing rust Dev tools
- Instructs to pipe the output of
What benefit does this have over forjero, which I believe is doing this and already very widespread?
