Oddbean new post about | logout
Daniel Wigton | 4 months ago (raw) | export | reply | flag +2 
 This is hilarious, because if you do all the alternatives you basically get what I have wanted for years. I wouldn't mind the breakage at all. I'd just join the new thing.

The only other changes I'd add would be wireguard instead of web sockets and every client is a relay, but not all relays are clients.
Magister Michael Dilger M.Sc. | 4 months ago (raw) | root | parent | reply | flag 
 I'm thinking of javascript clients in web browsers as we have today. They can't do wireguard. I don't even think they can do DNS lookups.

Also wireguard isn't going to protect anybody's IP address. VPNs work only by virtue of mixing a bunch of people into the same IP address and adding an extra hop.

I've looked into WebTransport, abusing HTTP/2, and other alternatives over QUIC and I think that websockets is still the best choice.

As for every client being a relay, please elaborate. What does this bring us?
ChipTuner | 4 months ago (raw) | root | parent | reply | flag 
 > Also wireguard isn't going to protect anybody's IP address. VPNs work only by virtue of mixing a bunch of people into the same IP address and adding an extra hop.
And trusting a "public" provider. Assuming you are using a shared VPN of course. Otherwise you are just moving your physical location.
Daniel Wigton | 4 months ago (raw) | root | parent | reply | flag 
 You could specify a nested wireguard protocol to allow connections through existing wireguard tunnels. Then you can do something like TOR eventually. I wouldn't do it straight away, I'd just limited the packet size to allow for encapsulation without fragmentation.
mleku | 4 months ago (raw) | root | parent | reply | flag 
 my VPS only knows my IP address, they don't KYC me, and they are in a foreign jurisdiction

it's still identifiable but not physical location identifiable

also there is no tooling to change them periodically, if me and 100 other people all ran one each and we changed our endpoint every half hour or so it would be pretty good i think

the thing is the anti-VPN defenses out there are so full on, even though my VPS is just a known VPS address they treat it like a VPN very often, even though the address is stable and all

internet security is broken af
ChipTuner | 4 months ago (raw) | root | parent | reply | flag 
 Yes, you made my point exactly :)
Rand | 4 months ago (raw) | root | parent | reply | flag 
 this is my biggest bitch/internet security/IP/ can't go back to couch serfing:)
Rand | 4 months ago (raw) | root | parent | reply | flag 
 surfing
Daniel Wigton | 4 months ago (raw) | root | parent | reply | flag 
 Every client being a relay gets people a way to communicate with close contacts even if all the big relays conspire against them or become paid only. I wouldn't make them wide open by default. Standard relays still make sense even if they only act as hole-punch or turn servers.

The very basic idea is that if you aren't hosting your own data, it's not really your data. You don't, however, want to ask ordinary people to set up servers. Instead you have their clients collaborate on where to store data. Ordinary people would just know that they have limited storage depending on the devices they've pooled.

In response to wireguard not working in browsers. It should. I would lean toward making a Nostr browser like notedeck that nostr:nprofile1qqsr9cvzwc652r4m83d86ykplrnm9dg5gwdvzzn8ameanlvut35wy3gprpmhxw309akk7mnpvshx5c34x5hxxmmd8gurqwpsqyxhwumn8ghj7mn0wvhxcmmvqyvhwumn8ghj7urewfsk66ty9enxjct5dfskvtnrdaks7vj9m5 is working on. It doesn't have to start out as complex as a full browser. But if it does all the network and protocol layer stuff, then developers can just target something like a webassembly VM that has some extra functionality exposed like a render target.

Then applications can just be another event type.
vinney | opfn.co | 4 months ago (raw) | root | parent | reply | flag 
 Imagine if "setting up servers" was trivial and normal people could do it as easily as running a client?