this post was submitted on 06 Nov 2023
183 points (95.5% liked)

Open Source

31185 readers
496 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Most of the problems in the current internet landscape is caused by the cost of centralized servers. What problems are stopping us from running the fediverse on a peer to peer torrent based network? I would assume latency, but couldn't that be solved by larger pre caching in clients? Of course interaction and authentication should be handled centrally, but media sharing which is the largest strain on servers could be eased by clients sending media between each other. What am I missing? Torrenting seems to be such an elegant solution.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 74 points 1 year ago (1 children)

Authentication and authorization can not be handled centrally if the host performing the actual action you want to apply those to can not be trusted.

Media sharing is mainly a legal problem. With decentralized solutions you couldn't easily delete illegal content and anyone hosting it would potentially be legally liable.

[–] uis 2 points 1 year ago

and anyone hosting it would potentially be legally liable.

Bullshit in many countries. Well, I know two of them: USA and Russia. First requires intention, second has explicitly excludes P2P from liability.

[–] [email protected] 50 points 1 year ago (2 children)

Quite a few systems use torrent style distribution.

Heck, even Windows uses a distributed bandwidth system where you can set it to download chunks of updates from local networked systems.

All technologies, like bittorrent, nonSQL databases, blockchain, AI and the like become used as an invisible part of systems once the idiotic hype about the technology wanes.

[–] [email protected] 9 points 1 year ago (4 children)

Except blockchain solves no useful problems so you will never find it behind anything that isn't explicitly using it for marketing.

[–] [email protected] 25 points 1 year ago (2 children)

But what if we used AI driven, cloud integrated blockchain to create a hybrid platform for your business needs?

[–] [email protected] 6 points 1 year ago

Synergy that!

load more comments (1 replies)
[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

https://www.astralcodexten.com/p/why-im-less-than-infinitely-hostile

tldr: there are some legitimate use cases. But not in the first world. And they are unrelated to what crypt-bros are trying to sell.

disclaimer 1: the javascript for the comments is really bad and may freeze your browser

disclaimer 2: while the ideas in the article are interesting, they are flawed (or at least debatable). See comment-section for details.

[–] [email protected] 4 points 1 year ago (3 children)

Git is a distributed block chain, from a certain point of view.

[–] [email protected] 2 points 1 year ago

Distributed but high trust.

Zero-trust blockchain tech has no value. There is no such thing as a zero trust system in real life.

load more comments (2 replies)
[–] [email protected] 2 points 1 year ago

To me blockchain just means merkle trees. I know that's not how everyone else defines it, I'm not trying to start a debate, but tools like git use that technology as well. (Not that Bitcoin invented them or anything.)

load more comments (1 replies)
[–] TCB13 40 points 1 year ago (7 children)

Better question: how come we aren't all using XMPP for chat instead of the current mess we have? Why can’t we just bring back XMPP with encryption? I don’t get people, all for federation and shit but when it comes to messages everyone suddenly forget that XMPP is the original and truly open messaging solution. You can message anyone by email no matter what’s or where’s their server. Pretty much like lemmy, true interoperability.

[–] Asudox 29 points 1 year ago (1 children)

Currently, attempts at bringing back XMPP has been horrible. Some instances have different plugins, which often break things. Some have e2ee some don't. XMPP is great but the current attempts are bad. Matrix is good enough for now.

[–] TCB13 12 points 1 year ago* (last edited 1 year ago) (6 children)

I believe the worst part of XMPP isn't the instances but the lack of a decent cross platform client that actually supports everything and has a decent UI. For eg. iOS clients are all shit. Without decent clients and push notifications people won't be using XMPP ever.

Matrix is good enough for now.

Questionable...

[–] [email protected] 13 points 1 year ago (1 children)

What's wrong with Matrix in your opinion? I found it works fine for chat and group chat. Maybe video and audio calls lack but other than that it works fine.

[–] Asudox 4 points 1 year ago (3 children)

There are some things such as metadata leakage and the server isn't the best at being lightweight.

[–] [email protected] 3 points 1 year ago

I have read that they have improve the metadata leakage. And the server being lightweight is being working on too , on the new version.

load more comments (2 replies)
load more comments (5 replies)
[–] [email protected] 22 points 1 year ago* (last edited 1 year ago) (1 children)

I feel the same way about RSS feeds. It's a technology meant to keep up with updates on nearly anything across the internet. Even social media sites. It's been available for ages. But no one is pushing for sites to provide them. 🤷‍♂️

[–] TCB13 5 points 1 year ago

That's why I use FreshRSS.

[–] [email protected] 13 points 1 year ago
[–] [email protected] 11 points 1 year ago

Meanwhile, IRC just keeps trucking on.

[–] [email protected] 10 points 1 year ago (2 children)

The software landscape for XMPP isn't the best. I twisted the arms of my immediate family and have them using XMPP messaging with a Snikket server I set up, and we've had lots of issues between OMEMO support and the lack of good messaging clients for iOS. It works, but it isn't the smooth-out-of-the-box experience that non-techies want/need.

load more comments (2 replies)
load more comments (2 replies)
[–] [email protected] 32 points 1 year ago (1 children)

Torrenting requires way more resources than people realize. It's easy to look at your torrents' download speeds and think "oh, that's less than a normal download, like from Steam, so it must not take nearly as many resources" -- it's not all about bandwidth. The amount of encryption and hashing involved in torrenting is fairly CPU heavy (every ~4 MB piece has to be hashed and verified), especially if your CPU doesn't have onboard encryption hardware (think mobile devices). The sheer number of connections involved even in just one torrent can also bog down a network like you wouldn't believe -- anyone who runs a home seedbox can attest.

[–] uis 3 points 1 year ago

"oh, that's less than a normal download, like from Steam, so it must not take nearly as many resources"

For me it's always more.

The amount of encryption and hashing involved in torrenting is fairly CPU heavy

Same amount of encryption https requires. Hashing is completely optional and is not required for operation, encription is optional too, but other peers may require it.

every ~4 MB piece has to be hashed and verified

Which is same. I'm not sure, but steam probably verifies file at some stage too.

The sheer number of connections involved even in just one torrent can also bog down a network like you wouldn't believe -- anyone who runs a home seedbox can attest.

There is not difference between 4kpkts for 500 connections vs 4kpkts for 1 connection for network itself. IP and UDP don't even have such concept. Network is stateless. But shitty routers with small conntrack table on the other hand...

[–] [email protected] 28 points 1 year ago* (last edited 1 year ago)

The short answer is that while torrents show great possibility for content distribution (as an alternative to CDNs for example), they inherently rely on some centralized resources and don't make sense for a lot of use cases. Most websites are a bunch of small files, torrenting is really much more useful for offloading large bandwidth loads. On small files, the overhead for torrents is a waste. That's why your favorite linux ISO has a torrent but your favourite website doesn't.

One major issue is difficulty in accurately tracking the contribution of each member of the swarm. I download a file and I seed it to the next person, sounds great right? But what if the next person doesn't come along for a long time? Do I keep that slot open for them just in case? How long? How I prove I actually "paid my dues" whether that was waiting for peers or actually delivering to them? How do we track users across different swarms? Do we want a single user ID to be tracked across all content they've ever downloaded? When you get into the weeds with these kinds of questions you can see how quickly torrenting is not a great technology for a number of use cases.

Being somewhat centralized, by the way, is how BitTorrent solved the spam issue which plagued P2P networks prior to it. Instead of searching the entire network and everything it contains (and everything every spammer added it to it), you instead rely on a trusted messenger like a torrent index to find your content. The torrent file or magnet link points to a link in a DHT and there you go, no need to worry about trusting peers since you are downloading a file by hash not by name. And you know the hash is right because some trusted messenger gave it to you. Without some form of centralization (as in previous P2P networks), your view of the network was whatever your closest peers wanted it to be, which you essentially got assigned at random and had no reason to trust or not trust. You couldn't verify they were accurately letting you participate in the wider network. Even a 100% trustworthy peer was only as good as the other peers they were connected to. For every one peer passing you bad data, you needed at least two peers to prove them wrong.

Blockchain gets us close to solving some of these problems as we now have technology for establishing distributed ledgers which could track things like network behavior over time, upload/download ratio, etc. This solves the "who do I trust to say this other peer is a good one?" problem: you trust the ledger. But an underlying problem to applying Blockchain to solve this problem is that ultimately people are just going to be self-reporting their bandwidth. Get another peer to validate it, you say? Of course! But how do we know that peer is not the same person (how do we avoid sybil attacks)? Until we have a solid way to do "proof of bandwidth" or "proof of network availability", that problem will remain. There are many people working on this problem (they've already solved proof of storage so perhaps this could be solved in a similar way) but as of right now I know of no good working implementation that protects against sybil attacks. Then again, if you can use blockchain or some other technology to establish some kind of decentralized datastore for humanity, you don't need torrents at all as you would instead be using that other base layer protocol for storage and retrieval.

IPFS was intended as a decentralized replacement for much of the way the the current internet works. It was supposed to be this "other protocol", but the system is byzantinely complex and seems to have suffered from a lack of usability, good leadership, and promotion. When you have an awesome technology and nobody uses it, there are always good reasons for lack of adoption. I don't know enough about those reasons to really cover them here, but suffice to say they actually do exist. Then again, IPFS has been around for a while now (15 years?) and people use it for stuff so clearly it has some utility.

That said, if you want to code on this problem and contribute to helping solve data storage/transmission problems, there are certainly many OSS projects which could use your help.

[–] [email protected] 27 points 1 year ago (1 children)

You're basically talking about IPFS. I think their problem is that they gave it a local HTTP interface and the documentation is... in need of improvements.

[–] Acters 7 points 1 year ago (1 children)

I always shy away from newer tech because of lackluster documentation and poor leadership. The latter is rare enough. Without proper documentation, I feel like I have to read the code and make my own notes to put into their documentation platform. Which is not what I want to do when I use it. Contributing is nice, but when doing something a core member would do without credit, it will dissuade me from participating.

load more comments (1 replies)
[–] [email protected] 12 points 1 year ago (1 children)

I would not want to neither deal with security issues nor pay the data costs associated with some an app being able to connecting to my phone to download media

[–] [email protected] 2 points 1 year ago (1 children)

What if not everyone had to be a seeder?

[–] [email protected] 19 points 1 year ago (2 children)

You rapidly end up with a freeloader issue.

[–] [email protected] 8 points 1 year ago

Don't see how this is much different to today's way of doing things where pretty much everyone is a freeloader to the centralized server. The major benefit is that it doesn't have to be just one server anymore.

[–] [email protected] 8 points 1 year ago (1 children)

not if you give benefits to seeder, just like private trackers

[–] [email protected] 5 points 1 year ago

The trackers themselves are centralized. The .torrent file you download from a private tracker has a unique private ID tied to your account, which the torrent client advertises to the tracker when it phones home to the announce URL, alongside your leech/seed metadata.

[–] [email protected] 11 points 1 year ago (2 children)

For me I've had issues with getting organzational support for use anything close to p2p, with things like "keep that bot net off my system" being said. On personal side I had issues with ISPs assuming traffic was illegal in nature and sending me bogus cease and desist notices.

Agreed though. At least webrtc has a strong market. IPFS and other web3 things also have tried to find footholds in common use, so the fight isn't over for sure!

[–] [email protected] 3 points 1 year ago

Another good example in the fediverse space is peertube too!

[–] uis 2 points 1 year ago

On personal side I had issues with ISPs assuming traffic was illegal in nature and sending me bogus cease and desist notices.

On the other hand check if you can sue them for bogus cease and desists. Of you can, do it after changing ISP.

[–] [email protected] 10 points 1 year ago

In my mind, Veilid (https://veilid.com/) is trying to solve this exact problem.

It's only been public since the last DefCon, so it's a little raw at the moment. That said, it is also only a framework - specific applications need to be built.

See also their Discord: https://discord.com/channels/1077244355439509565/ and GitLab: https://gitlab.com/veilid/

[–] einlander 6 points 1 year ago (3 children)
[–] [email protected] 21 points 1 year ago (1 children)

Gotta love the heavy use of buzzword technologies and no actual information on what is actual is. Then you click the "How does it work?" button and it takes you to a Google powerpoint... so much for the sleek website design.

[–] [email protected] 3 points 1 year ago

A side effect that is very common with anything related with cryptocurrencies

[–] blackfire 3 points 1 year ago

This is the only system i am aware of using torrent based content sharing. Its not a great system though as you are essentially downloading a whole archive everytime you connect so it just grows and grows unless you set some retention

load more comments (1 replies)
[–] [email protected] 6 points 1 year ago

Most clients are web browsers and support for torrents in http is the same as for every other file.

So that would only give us a use for torrents as a form of content distribution plattform to get the actual files closer to the client.

In cases where we have actual non browser clients: i like to curate what i am distributing and don't want to distribute anything i happen stumble upon or would you be willing to store and more importantly share everything you find on 4chan or that might show up in your mastodon feed?

[–] [email protected] 3 points 1 year ago (1 children)

The instance is the aggregator, if it's P2P then the aggregation is done by the client. In a torrent swarm you contribute bandwidth, not processing power

[–] bigboismith 3 points 1 year ago (2 children)

I'm not necessarily experienced with server hosting, but isnt bandwidth the primary cost of fediverse instances for example? There shouldn't be to much logical work compared to delivering content?

[–] [email protected] 5 points 1 year ago (2 children)

Fediverse instances with image hosting are bandwidth limited, but that's just a normal result of image hosting. If you remove image hosting then the bottleneck becomes processing power again.

load more comments (2 replies)
[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Sure, but this is largely because currently each client doesn't need to aggregate the whole fediverse. In a decentralised network, you can't split the sum total of processing required to run the fediverse equally amongst peers. Each peer would need to do more or less the same aggregation job, so the total processing required would be exponentially more than with the current setup. You could still argue it's a negligible processing cost per client, but it's certainly way less efficient overall even if we assume perfect i/o etc in the p2p system and even if the client only needs to federate the user selected content

Also just practically deploying a client app that can federate/aggregate constantly in the background (kinda required for full participation) and scale with the growth of fedi without becoming a resource hog I imagine would be pretty tough, like maybe possible yeah but I feel like it makes sense why it isn't like that also

load more comments
view more: next ›