privacytools / privacytools.io

🛡🛠 You are being watched. Protect your privacy against global mass surveillance.
https://www.privacyguides.org
Creative Commons Zero v1.0 Universal
3.12k stars 386 forks source link

🆕 Software Suggestion | Distbin | Category: Pastebin #1060

Open WorryTheBirds12 opened 5 years ago

WorryTheBirds12 commented 5 years ago

Description

Distbin is an Pastebin service using ActivityPub. It also allows commenting on a significant portion of its paste(s). Enabling public comment on directly copy-pasted content.

Basic Information

Name: Distbin Category: #paste URL: https://distbin.com/ License: Apache License 2.0 Git/Source Code: https://github.com/gobengo/

Mikaela commented 5 years ago

It looks interesting, but I am not entirely sure on it's privacy.

Participating in places we don't choose also has some hidden risks. What if one of them goes down, gets bought, censored, surveiled, or moderated by policies you don't agree with?

What makes distbin unique is that it supports distributed social interactions. For example, your reply to a post on this distbin can be hosted by another distbin. Or your personal blog. Or your corporate intranet. The conversation can be spread out across the web, instead of siloed in just one place.

Can the data ever be removed? Or is it like SKS keyservers? See also https://github.com/privacytoolsIO/privacytools.io/pull/671#pullrequestreview-231293616 (which also reveals my inner conflict about this).

David-Beetle commented 5 years ago

@Mikaela One of my favorite features about Distbin is that data can stay around for a while. It is great for just publishing data.

You aren't really gonna get the same level of encryption as alternatives. It just wasn't what it was intended for. It has a different use case than PrivateBin.

WorryTheBirds12 commented 5 years ago

Decentralized torrenting like tools are pretty much leaking to the whole world that I'm watching a particular video.

@Mikaela I don't believe Distbin uses Bittorrent (correct me if wrong). I believe it just uses ActivityPub, which is much more private.

Mikaela commented 5 years ago

Can the data ever be removed? Or is it like SKS keyservers?


I believe it just uses ActivityPub, which is much more private.

I think Mastodon itself also says that ActivityPub is not private and it should not be relied upon on truly private messages.

blacklight447 commented 5 years ago

all and all, it seems to be more of an anti censorship tool rather then a privacy tool, so i don't think its appropriate to list it. its a cool tool nonetheless. would people agree with closing?

WorryTheBirds12 commented 5 years ago

all and all, it seems to be more of an anti censorship tool rather then a privacy tool, so i don't think its appropriate to list it. its a cool tool nonetheless. would people agree with closing?

@blacklight447-ptio I would like to better understand the reasoning, it seems like you saying out of scope. However, other services like Mastadon are recommended: https://www.privacytools.io/providers/social-networks/ Despite many concerns, everything on Mastadon is always public.

I think most of use understand the reasoning for this, but is definitely a point to be made.


I think Mastodon itself also says that ActivityPub is not private and it should not be relied upon on truly private messages.

@Mikaela If you have the source, I would like to read this. However, Mastadon never is a good protocol for stuff to be kept private. In fact, no decentralized data structure is.

Protocols like Mastadon share their data with everyone by default.

If you want your data safe, some have considered making it only speak to certain IPs (where authorized users can view) and using E2EE to verify the instance cannot read it.

Distbin, is meant to be social and doesn't yet have an encryption. I will consider creating an issue to discuss this more there as well.

ghbjklhv1 commented 5 years ago

Decentralized torrenting like tools are pretty much leaking to the whole world that I'm watching a particular video.

To add onto what other's have stated: I think Distbin uses Server-to-Server federation (correct if wrong):

https://www.wikipedia.org/wiki/ActivityPub#Server_implementation

From an IP anonymity standpoint, only the server's address is shared. Therefore, it shouldn't have the same issues as Torrenting.