• cogitase@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    27
    ·
    4 months ago

    I’d love to be able to “seed” the fediverse through p2p hosting of some sort. I’d set aside 1 TB of storage and 20 MB/s for that.

    • TropicalDingdong@lemmy.world
      link
      fedilink
      English
      arrow-up
      28
      arrow-down
      2
      ·
      4 months ago

      Yeah I’ve thought a tiny bit about this but it gets dodgy with things like csam.

      How do we address some one uploading stuff that would get you arrested?

      • astrsk@fedia.io
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        Maybe nobody keeps a complete file? That way no one machine can keep a complete copy of anything let alone access it if it was stored in a single chunk of storage cryptographically? There’s already so much risk for hosts here not sure there’s a way to be safer without invasive technologies.

      • eskimofry@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        Probably arrange it such that not one person/server knows what the stored bytes are. There can be a server where the bytes/blocks get reconstructed where one can check for the bad stuff.

        • LostXOR@fedia.io
          link
          fedilink
          arrow-up
          2
          ·
          4 months ago

          That doesn’t solve the cost problem. Now all the traffic is going through that intermediate server, and someone has to pay for that.

            • LostXOR@fedia.io
              link
              fedilink
              arrow-up
              1
              ·
              4 months ago

              Still, hosting costs were the reason for discussing legal liability. Such a server also increases centralization which isn’t ideal.

        • Skull giver@popplesburger.hilciferous.nl
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          I’m not sure if that makes it better. “I’m sorry officer, I have set up this elaborate cryptographic system to make sure I can’t see the files I host on my website” probably doesn’t violate any laws, but you’d better learn the phone number of a lawyer before you set it up.

          Standard encrypted-at-rest data is probably a better solution. You probably don’t want to go look for illegal content until you’ve read up on the laws of the country you’re hosting in and your own so you know what to do, and what is or isn’t illegal.

      • BrianTheeBiscuiteer@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        4 months ago

        There’s gotta be some kind of limited liability for this kind of thing. I mean, banks wouldn’t be liable if someone put csam in a safe deposit box or (assuming they don’t x-ray packages) UPS shipping csam in a sealed package. I think there just needs to be reasonable safeguards against it but I don’t know if any of that is built into the software.

        • pedroapero@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          4 months ago

          Unfortunately we are at a point where Cisco Cloudflare and Google are held liable for filesharing-related domains their DNS relays are resolving IPs for…

        • SzethFriendOfNimi@lemmy.world
          link
          fedilink
          English
          arrow-up
          12
          ·
          4 months ago

          Issue here is that what’s in a safe deposit box isn’t also being shared/distributed. It is locked away.

          If, however, they made copies of the contents of a box and put it in other boxes … and it came out somebody used that for CSAM then there probably would be some kind of liability.

          Besides CSAM there’s also copyrighted material, etc which section 230 kind of covers but even then gets tricky since there’s a duty to respond to DMCA takedowns in order to get safe harbor protections.

        • Skull giver@popplesburger.hilciferous.nl
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          Generally, if you add contact info for law enforcement and copyright owners, you’re not liable for content hosted on your server, as long as you take appropriate action when notified.

          What that action means differs. For some countries, that means “wipe the data without a trace and inform the police”. For others, you need to collect evidence and submit that to the police, or have the police access your server to collect their own evidence. In some jurisdictions, you’re allowed to verify that CSAM reports are factually correct and action needs to be taken, in others you’re obligated to trust the government and never ever look at those files.

          You’re not going to jail over this, but it’s going to be really annoying to have to explain the Fediverse and how server-to-server communication means you don’t know what user uploaded the files to the police every couple of months.

          • BrianTheeBiscuiteer@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            I could also see this turning into a form of DoS attack. I’m sure there’s very little leeway in ignoring “bad faith” reports so if you have an instance you could be responsible for investigating thousands of reports per day. And if you take the safe route and remove anything that’s reported, until deemed safe, you might as well turn off your instance.

      • lambalicious@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        10
        ·
        4 months ago

        I would hav thought stuff like Lemmy would have configurations to eg.: not allow to upload images locally, only hotlink.

        Anyway, an alternative is “zero knowledge” storage, where you don’t know what you are storing (hence, you can’t “choose” what to host or not host either). Another alternative is disjoint storage, where two different servers store different halves of a file (eg.: an Odd Bytes server and an Even Bytes server), but this means now it’s necessary to hit more servers to recover a file.

        But the sensible thing to do IMO is to apply “common carrier” concept. The water distribution company is not, to my knowledge, held liable when something happens like you fill a bucket of water and share it with someone else.

        • TropicalDingdong@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          1
          ·
          4 months ago

          The water distribution company is not, to my knowledge, held liable when something happens like you fill a bucket of water and share it with someone else.

          No but they are liable if there is lead in the water, even if they don’t know it.

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      English
      arrow-up
      4
      ·
      4 months ago

      It’s unfortunate that it’s so slow, but IPFS would make a lot of sense for Fediverse content, assuming servers would also become IPFS nodes and bother to pin content posted in their servers.

      Unfortunately, very few apps implement the protocol, even fewer implement it efficiently, and it can take seconds per file to resolve new content. On the upside, you’d get a peertube-like system that’d take care of Fediverse hosting with relative ease of development.

      The cryptocurrency bros managed to get IPFS working for them, maybe we should give it a shot too.