3. Existing problems and the future of SIA

Existing problems and the future of SIA


  • @xurious
    You said

    • "Sia is not supposed to be a consumer grade product. It's designed to be the back end for storage that consumer and enterprise applications use."

    IF that is case perhaps they should not falsify or erroneously compare themselves to Amazon and Dropbox to the public- as this creates confusion of expectation level from investor down to renter/ host.

    Unofficial User / Tester / Analyst of Sia ( w/Renter and Host experience)

    0
  • M

    SiaHub even displays the IPs of the hosts!

    Folks, as many have said, IPs are public in the network for services like Sia.

    However, and I'm surprised this has not come up, there's always the option to use Tor to obfuscate your IP. Sia does not support Tor, not sure if it's on the roadmap. Other distributed crypto storage projects however are very much looking into this. Check those out if IP privacy is a concern!

    0

  • @moorsc0de

    Amazon s3 is a enterprise grade product. There will be a sia based dropbox clone in the future (nextcloud + sia plugin is a start.)

    Yes, there is confusion. That confusion revolves around people jumping in feet first instead of reading the technology, asking questions and critically thinking about it's application. Instead people just go "oh, i can enable hosting? Great." Then they complain about losing SC because they have no idea how the tech works.

    --
    SiaMining.com -- Your PPS Sia Pool.
    I'm not affiliated or work on the Sia/Nebulous team.

    0

  • @maol said in Existing problems and the future of SIA:

    SiaHub even displays the IPs of the hosts!

    Folks, as many have said, IPs are public in the network for services like Sia.

    However, and I'm surprised this has not come up, there's always the option to use Tor to obfuscate your IP. Sia does not support Tor, not sure if it's on the roadmap. Other distributed crypto storage projects however are very much looking into this. Check those out if IP privacy is a concern!

    Sia doesn't need to support tor. Nothing is stopping you from running Tor and then using Sia on top of it.

    --
    SiaMining.com -- Your PPS Sia Pool.
    I'm not affiliated or work on the Sia/Nebulous team.

    0
  • M

    @xurious said in Existing problems and the future of SIA:

    Sia doesn't need to support tor. Nothing is stopping you from running Tor and then using Sia on top of it.

    Really, would that work for hosting and renting in the normal Sia network? And would it be secure, i.e. not accidentally leak your IP?

    0

  • @xurious
    "Instead people just go "oh, i can enable hosting? Great." Then they complain about losing SC because they have no idea how the tech works."

    And your stance is Sia doesn't have a responsibility in explaining the technology they created? We all know they have failed in that department.
    Interesting comment

    Esp since Sia has ancillary products like MINEBOX and ASIC Miners coming out.

    Unofficial User / Tester / Analyst of Sia ( w/Renter and Host experience)

    0
  • B

    @maol TOR is not what it seems to be, plus the speed will be limited

    @xurious Don't worry about the technical side, anything can be done with code and SIA's own blockchain. It may not be a hack-proof solution, but still better than siahub. If a dev would join this discussion this talk would be over by now. The fact that we have no official statement for hosts' security alone is problematic. I assure you, if things stay as they are, one day, suddenly the lights will go off. Mark my words.

    0
  • M

    @bugger said in Existing problems and the future of SIA:

    @maol TOR is not what it seems to be, plus the speed will be limited

    You can't always have both security and convenience. @xurious pointed out above that the proposed solution doesn't add any security. The only reasonable way to hide IP addresses in peer to peer technologies is through Tor, or similar protocols. Everything else is trying to implement security through obscurity (which can easily be circumvented) at best, or snake oil at worst.

    anything can be done with code and SIA's own blockchain. It may not be a hack-proof solution, but still better than siahub. If a dev would join this discussion this talk would be over by now.

    It's been said before, and I think people pointed it out above, that hiding people's IPs is not on the roadmap for the devs, and that this is a conscious decision. Accept it and move on - I was trying to help you move on by pointing out existing alternatives that may be better suited for your understanding of what makes a secure file sharing solution.

    The fact that we have no official statement for hosts' security alone is problematic.

    I don't want the devs to come to every thread of a new joiner who misunderstands the purpose of Sia, and answer the same questions again and again. They should be coding instead, and focus on the relevant discussions.

    I assure you, if things stay as they are, one day, suddenly the lights will go off. Mark my words.

    I wanted to say something witty, but I'm too tired of this, so let me just point to Dr. Doom instead.

    0

  • @bugger from discussions I have had- many just arent saying anything.. but the lights been off.

    Unofficial User / Tester / Analyst of Sia ( w/Renter and Host experience)

    0
  • B

    @maol stop twisting my words. I never talked about hiding IPs of SIA users. I talk about basic encryption of the hosts' IP. Even if you have TOR IP you can get DDoSed, but you can't DDoS an encrypted IP. If you have basic knowledge of coding and encryption this is child's play. Considering that devs shouldn't get feedback and try to resolve community issues then they may as well delete this forum.

    @moorsc0de At the end those who will survive are data centers. Now that I think of it again it's not a bad idea. Better to have your files on data centers than on home users' HDD.

    0
  • M

    @bugger said in Existing problems and the future of SIA:

    @maol stop twisting my words. I never talked about hiding IPs of SIA users. I talk about basic encryption of the hosts' IP. Even if you have TOR IP you can get DDoSed, but you can't DDoS an encrypted IP. If you have basic knowledge of coding and encryption this is child's play. Considering that devs shouldn't get feedback and try to resolve community issues then they may as well delete this forum.

    Sorry I wasn't very precise in my answer - I also meant the hosters' IP. Agree that encrypting hosters' IP addresses is trivial. However - and let's try again to look at this as a technology problems:

    What I fail to understand in that situation is how that's going to be implemented in a way that renters can unencrypt hoster IPs, but somebody else (such as a hacker, script kiddy or just SiaHub/SiaPulse) can't? This is based on the assumptions that renters need to be able to speak to the hosters IP to upload or download files.

    Separately, since this is a blockchain based solution, all parties sending funds (SC, SF) will be known with their IPs. This includes transactions typically done by hosters (collateral) and renters (file contracts). I'm a bit out of my depth as to the spcifics of the Sia protocol, but I'd think this is another way to identify hosters that can't be avoided.

    0
  • P

    New here, so here it goes.

    Hiding IPs for the sole purpose of not being able to generate a list of IPs for DDoS or MDoS seems reasonable. However, since SIA is decentralized, it is not possible to hide IPs. For example, if I'm downloading a file from a node hosting a file, all I need to do is "netstat -an" and I will get a list of all IPs my computer is connected to. Not hard to find out which one is the SIA node from that point.

    As long as there is no list that can be generated of all hosts, it is reasonably safe.

    1
  • K

    This post is deleted!
    0
  • K

    This post is deleted!
    0
Log in to reply