There is a proxy in between, from your example: socks5h://relay.8333.space:8882
That transfers all the control to this proxy alone, they get to choose what and how they want to display 👀
If it is someone with malicious intent, they will do whatever they want.
it's end to end encrypted, so no.
curl -s -x socks5h://relay.8333.space:8882 https://nprofile1qqs8a8nk09fhrxylcd42haz8ev4cprhnk5egntvs0whafvaaxpk8plgpzemhxue69uhhyetvv9ujuwpnxvejuumsv93k2g6k9kr/v1/info --insecure
This command makes a request to relay.8333.space:8882 with a profile key; it is up to the server to decide if they actually want to serve the real content; they can just swap it out for something they run themselves (pretty much how pi-hole works by swapping DNS of ad agencies to trash), and the certs are self-signed.
You would never know if what you see is actually coming from your own host or has been altered.
this is a demo. you can just as well download the cert and tell curl to use that to verify.
you'll be convinced once I demo an ssh session on nws
how I do ssh:
https://github.com/bitfinexcom/hypertele
Holesail uses Hypertele but combines it into an importable npm package.
Actually no, it is inspired from hypertele but is a separate package with a lot more features.
To expose SSH just do: sudo holesail --live 22
ha, posted at the same time lol
you mean they create their own version of hypertele using DHTs, rather than hypertele directly?
Looking forward to it mate, no hard feelings I am just worried about the security issues with this system.
Even if it is a demo, it uses a relay which is a proxy. Proxies can change content, or the host itself
Oddbean new post about login | logout