docs
docs copied to clipboard
dat-ecosystem-archive
Twitter Question: Why disable dht?
In his tweet @Msfeldstein asks:
Why does @dat_project mention disabling bittorrent dht for improved privacy? Does a dht or library like discovery-swarm have the same privacy expectations (~security by obscurity of read/discovery key)?
Referring to: https://github.com/datproject/docs/blob/master/docs/learn-more-security.md#how-can-i-create-stronger-privacy-protections-for-my-data
The Bittorrent DHT can end up exposing your IP address to potentially random people and the peer introduction (bootstrap) servers. They still won't know what you're sharing, unless they have the original dat url, but they know the discovery key and potentially who you are sharing with.
It would be nice to do a threat model for this and have a diagram people can see.
I thought the dat address was the discovery key, is that not the case?
On Thu, Mar 14, 2019 at 3:44 PM Karissa McKelvey [email protected] wrote:
The Bittorrent DHT can end up exposing your IP address to potentially random people and the peer introduction (bootstrap) servers. They still won't know what you're sharing, unless they have the original dat url, but they know the discovery key and potentially who you are sharing with.
It would be nice to do a threat model for this and have a diagram people can see.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/datproject/docs/issues/149#issuecomment-473094262, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJ1bxza1V-iELcJJAzvwyz5zLlg-c6Sks5vWtDQgaJpZM4b0Lma .
In the discovery network, we use the "discovery key" to obscure the actual address
Hyperswarm is still making use of a DHT, right? What does it change from bittorrent-dht that makes it more desirable for Dat?
I disabled the bittorrent-dht because I was getting really poor results and a lot of extra traffic. I never investigated the cause of the poor connectivity. @mafintosh ultimately made the call to build out the new hyperswarm dht. I believe it was to give us the flexibility to introduce features such as hole-punching via the dht.
Thanks hashing it to get the discovery key makes total sense.
On Thu, Mar 14, 2019 at 3:53 PM RangerMauve [email protected] wrote:
Hyperswarm is still making use of a DHT, right? What does it change from bittorrent-dht that makes it more desirable for Dat?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/datproject/docs/issues/149#issuecomment-473096321, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJ1b5BN1dk56C5dn5ghht-sddFAHtfLks5vWtLsgaJpZM4b0Lma .
There is always tradeoffs for privacy. For some use cases a dht might be more useful for peer discovery and the privacy trade offs are worth it, others not. This is why hypercore-protocol is agnostic to the peer discovery mechanism, and it's nice to be able to pick and choose this based on your concerns. I've also been musing about peer discovery over encrypted email (pgp), which could be interesting to bridge ecosystems :)
I would further add that by sharing a set of discovery keys, it is possible to Profile dat clients. I.e. if the same set of discovery keys is shared by different ips it is likely that it was the same peer all along.
I find the email approach inspiring! It leads me to think that there would be a place for a dat-peer:<discovery-key>/<transport>?ip=<ip>&port=<port> link. Like dat-peer:abc...123/tcp?ip=192.168.1.6&port=1234 to add a peer to a peer to a DAT.