Declare Your Independence with IPFS! ~ Corbett Report Extras

submitted by JasonCarswellDAT Mod from (youtube.com)

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]cyber_burn 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

ipfs sounds really interesting. haven't read much about it - what prevents a malicious node from attacking users?

like someone's node saying they have the website you're looking for, but they've added additional malicious code.

edit: oh cool i found this. they use immutable hashes for content. https://medium.com/@yaniv_g/hosting-websites-on-ipfs-with-ipns-b94659c42b52

though according to this person's explanation, you might have to check the hash yourself manually? doesn't seem like that would be hard to automate. couldn't you kick a node off the network if they have a different hash or just not connect users to that node if the hash doesn't match the content hash of what they're trying to access.

[–]Arundel 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

ipfs sounds really interesting. haven't read much about it - what prevents a malicious node from attacking users?

like someone's node saying they have the website you're looking for, but they've added additional malicious code.

Content-addressing is what makes this impossible.

The attack you describe is possible with HTTP, but impossible with IPFS.

HTTP retrieves files based on where they are. Switch the files at that location, and the user downloads malicious files instead.

IPFS retrieves files based on what they are. So you look for a file hash, and it retrieves the exact file you ask for, regardless of where it is.