[FFmpeg-devel] [PATCH] ipfsgateway: Remove default gateway

Michael Niedermayer michael at niedermayer.cc
Sat Aug 13 19:29:23 EEST 2022 

On Fri, Aug 12, 2022 at 07:21:02PM +0200, Timo Rothenpieler wrote:
> On 12.08.2022 19:18, Michael Niedermayer wrote:
> > And i dont think removing IPFS support entirely from FFmpeg is a smart choice.
> 
> I wouldn't at all be upset about having proper IPFS support in FFmpeg,
> there's no argument there.
> 
> The issue is that this has very little to do with actual/native IPFS
> support, but it's just a url rewriter, which on top of that comes with a
> hardcoded in default gateway. Which is run by a to me unknown company, with
> unknown interests.

I fully support better IPFS support 
what iam a bit "upset" about is that running a IPFS node is presented as
if that was more private than using a gateway.

If you use a gateway there are 2 options
A. the gateway is honest then you have decent privacy
B. the gateway logs you, in which case you have no privacy

OTOH if you run a node
You have no privacy either way

Consider this:
If i want to know who downloads assetXYZ i can simple create 1000 nodes each
sharing assetXYZ. (this can in reality be 1 node pretending to be 1000)
If you now request assetXYZ from IPFS then the node you use will likely
download it straight from one of my 1000 nodes, i get your IP, yes we
have a encrypted connection but that goes straight to my attack nodes
you notice nothing of this, i log your IP and time.

If you used some public gateway, i would just log the time and IP of that
public gateway

If you want really private IPFS with you need TOR or something
equivalent.
If someone posts a patch to add native TOR support i surely wont be unhappy
I also would very welcome more native IPFS support but that alone does not
fix the privacy / logging issue

Also i would be VERY happy if iam wrong and running a IPFS node can be made
100% secure and private

independant of this, i would very much welcome the current gateway code to
be extended to verify the content so the gateway cannot modify it!
And this should be enabled for non local gateways by default i think

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Nations do behave wisely once they have exhausted all other alternatives. 
-- Abba Eban
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20220813/6e1d7c95/attachment.sig>

More information about the ffmpeg-devel mailing list