/supersecrettestinggrounds/ - Super Secret Testing Grounds

1367508931245 png
(1.11 KB, 400x400)

> python

>  https://github.com/HelloZeroNet/ZeroNet/blob/master/src/Tor/TorManager.py

automatic tor download
clearnet! download tor is illegal in some countries
really stupid regex shit
unpacking without verification
starting unverified exe right away

>  helper.httpRequest(...)
is used to download the tor package

but allows ssl stripping

stopped reading from there

 >>/73/
>  What do you guys think of ZeroNet?

Great idea, but.. i don't feel good hosting someone else's content, especially not a dynamic one where anybody can post anything on a website you're seeding.

It would be a perfect software in a world where you can't get into legal trouble by hosting stuff. That's not the world we live in right now tho..

> google docs
wew

Yeah, the anon doing it seemed pretty smart but it needs more encryption, especially on the cache. It suffers the same flaw as the ipfs chan, no one wants to be tricked into downloading and sharing certain shit like baby rape videos our w/e.

ZeroNet doesn't seem very smart to me. It's something anyone with basic knowledge of python and libtorrent-rasterbar can come up with.
I'll stick with technology that came from academics like ipfs.

 >>/77/

Unbelievable. Anyone who doesn't know google is the enemy is too short for this ride.

http://ucavviu7wl6azuw7.onion/thread-9a4c4ee29d5dc16e7af8b684e484ef20c39365a5.html#e7c19d296a1e9bc0c5f21a252d8572cc25b116d4
https://2hu-ch.org/thread-9a4c4ee29d5dc16e7af8b684e484ef20c39365a5.html#e7c19d296a1e9bc0c5f21a252d8572cc25b116d4

 >>/80/
You ok doc? If you host your shit on enemy territory, and the enemy suddenly demands shit, you might as well be compromised.
Hostile territory is still hostile.

 >>/73/
> "decentralized" but backed by bitcoin
> .io
into the trash it goes

 >>/76/
Not how it works. People seed the content they themselves have uploaded, but you can opt in to mirror the entire content of the site, including what everyone else has posted. What you seed is what you download unless you do that.

 >>/83/
Do you even know what bitcoin even is? Try googling it sometime.

1 month later, here's my assessment:
Stay away from zeronet, it's virtually unusable. Oh sure it has full-fledged sites and it's super fast, great. But it has critical flaws that are deeply tied to the whole design of zeronet.
For one, you cannot see any site without fully enabling javascript.
Additionally, you can't submit content without using an ID, even for anonymous submission.
That ID is actually a public/private key pair that you use to sign the content you post. You sign it so that you can later modify it at will. This is the first issue: you can bypass all sanitation and all automatic content generation that a site "suggests". This means you can inject arbitrary malign javascript (remember: you MUST have javascript enabled to see the site at all, so you will infect 100% of site users), change submission date, any part of the text, inject arbitrary images and videos at any time, force other clients to make requests to arbitrary addresses on the clearnet by injecting  tags, etc.
Next, to generate an ID, you cannot have generated an ID within 6 hours of the new request... per IP. This means that there is an ID-IP assoc table that anyone can download at any time and grep through.
To add to that, any site on which you can submit any content needs to log your ID, meaning that you can track someone by ID across posts, across sites (even if the site displays the user as "anonymous", like 0chan does), and as we've already established, you can tie that all to an IP.

Then there's the fact that it's based on torrents, but recommends using tor. Tor over torrents DoS's the network, it's a horrible idea and shows that the authors have no clue what they're doing, privacy or security-wise. Beside, IDs track you across tunnels.

There's also the issue of not enough encryption: site-private info should only be readable by the site admin whereas site-public info (i.e. user submitted content, which should be processed using a series of encryption-preserving operations, thus keeping the site-private info private) should be encrypted on the disk (even though everyone can have the key required to decrypt it).

There's also nothing like a friend-to-friend system to mitigate some of the issues like spam and "bad" content: only disruptors are free to operate on the network, whereas legitimate users have to jump through hoops and still end up in a bind simply to use the network as "intended".

8 png
(76.57 KB, 200x299)

 >>/73/
> What do you guys think of ZeroNet?
Wow this shit is actually malware

> Do you even know what bitcoin even is? Try googling it sometime. 
I know what the blockchain is, and enough to know it has nothing to do with general decentralized applications. I would ask you to show me an example of a single decentralized network backed by blockchain that actually makes sense but I just don't have time to read about that shit anymore. Why would I want the radiation caused by CPU rape that blockchain entails when I can just use torrents or freenet?

> javascript

 >>/86/
> it has nothing to do with general decentralized applications
OK timmy, go play with your friends over at >>>/v/ the adults are trying to have a discussion.

 >>/73/
I installed a node, haven't look at it for months

One thing you have to remember: decentralized AND dynamic content is not possible together. In the terms of Zeronet, dynamic content means dynamic like a blog, not dynamic like pages where you have to login and stuff. Zeronet is basically a dht based cdn provider.

You make a Bitcoin transaction from an address = you uploaded a torrent. Your torrents contain html pages instead of movies. Everyone checks what you have uploaded and start downloading/seeding it.

That is it. No magic, no innovation, just sticking 2 things together in one UI. Actually 3 if you want anonymity over Tor.

 >>/90/
> what is ethereum
> what is maidsafe
> what is zeronet itself even
People who don't know shit shouldn't be allowed to speak up.

 >>/91/
Could you take apart that abstraction for us and point out the flaws more specifically?

 >>/90/
> You make a Bitcoin transaction from an address = you uploaded a torrent.

To be more precise: the torrents are identified by the uploader and not by the hash of the content. This means the content can change.

To fix your analogy:
A Bitcoin transaction = the uploader changed the content of the torrent.

I personally see no reason why one would use Zeronet instead of Freenet.

shit hipster faggot alt-startup tim ferris' book wannabe #513475628761545126354173251746425423642 ?

oh yeah, i think i've heard something like that before like a million times

 >>/92/
> Could you take apart that abstraction for us and point out the flaws more specifically?
Not the same person you replied to, though ZeroNet has decentralized, dynamic content that allow the creation of individual users.

Basically, it's a post full of baseless assumptions and clearly shows that  >>/90/ has literally no idea what the fuck they are talking about let alone even used it.

install gnunet

 >>/84/
> muh js

 >>/76/

I said this exactly, in my 2003 letter to Scientific American magazine in reply to their shitpiece about how clouds would make happiness rain on us.  Torrents of joy from clouds.  Meh, I guess we are all criminals now, especially the cops, but who has letters de marque?

https://en.wikipedia.org/wiki/Letter_of_marque

Bump