IPFS: Lessons Learned

In my time using IPFS, there were things that I think were very good. Even though the balance in my opinion is net negative, the good parts should be lifted to use with follow on systems (this is what I plan to do).

HTTP Gateway

Probably the best part of the system is that it has an HTTP gateway built in from the beginning. This allows for piecemeal bootstrapping, which is one of the largest problems facing any new protocol or system. The only thing getting in the way of the IPFS implementation being downright awesome was that HTTPS threw a wrench in things.

Retiring IPFS

I have begun the process of retiring my usage of IPFS in favor of a system I am prototyping. Until the new system is up and running, I will be moving all the projects I have been publishing to IPFS to the normal clearnet World Wide Web.

My reasons for retiring IPFS are many, but here are the main ones:

It is not private

While it claims to have a level censorship resistance, as of December 2021, IPFS contains no way to provide data without your public IP from being globally enumerable, along with being able to find out what content you are hosting. This makes it poison to anything that a tyrannical government would want to censor.

Self Hosting

I have for a couple years been self-hosting a number of servers. I run an instance of the NGINX as a front-end for a number of services (primarily gotify and nextcloud). A couple months ago after the domain register I used was hacked, I setup my own DNS server to reduce vulnerability to future hacks.

Over the past week, I have been setting up my own SMTP/IMAP server (that’s email), along with the DNS machinery to have teknomunk@polaris-1.work get mail delivered. As of this writing, receiving email works just fine. Sending still needs work, and I will probably need to use an SMTP relay.

APK Repo

I have setup a minimal APK repository for apps that I come across. Feel free to drop me a line if you have an APK you would like added to this repository. I used these instructions to set things up.

You can find the repo here.

Insecure Internet

The internet is insecure. I don’t mean that the servers on the internet are vulnerable to hacking, or that we need to move to https:// (we do), but rather that the mechanics of the internet are not designed to be secure. End-to-end encryption is not mandated at the IP level. The routing information used to get packets can be faked. Ownership of IP addresses depends on documentation and not cryptography. Rogue DHCP servers are possible. Fake certificates and fake certificate authorities exist. DNSSEC is an improvement but if you want to check yourself, you have to manually fetch the root DNSSEC keys.

Cryptography Library

A couple weeks ago, I started work on a cryptographic library. I plan to use it in another project I have been thinking about for a couple of years, but feel it is past time to make it. I’ll talk about that when it is ready. However, it imposes a number of requirements on the cryptographic library:

  • Must work in both a browser and compiled server code
  • Client code must not require a webserver
  • Elliptic Curve cryptography (secp256k1 curve, same as Bitcoin)

Because of this requirements, I decided to write the code in C++ and compile to both asm.js and to object code (.o) for use in servers.

A Proposal for a New Unit for Measuring High Vacuum

I came across a post on Gab about making a vacuum wax (Faraday Wax) and got sidetracked looking into things high vacuum. I haven’t a clue why, but while looking at a paper on vacuum measurement, saw quantities everywhere expressed as power of ten (10^-5 torr) everywhere and was struck by how clumsy this is. I don’t have any practical experience with high vacuum, just the textbook knowledge I got in college and have pieced together from the internet, but I do have experience with a unit where something similar takes place if it weren’t used: the decibel.

Greenhouse Arc

Yesterday, I was reading posts on Gab and came across this post:

@DemsFearTruth:

Anyone good with math? I’m good with things up to a point, but I’ve not had to figure this type of math since HS.

Trying to figure out how to take a straight line and determine how tall it would be, if bent into an arch.

For example, if the width is 20 feet, and the pvc pipe is 40 feet in length, when bent into shape to arc from side to side of what will be a greenhouse, how tall will it be?

Melting Aluminum

Warning

This is provided for informational purposes. Melting metal is always dangerous. You are responsible for your own safety if you decide to try anything described here. tl;dr Don’t try to sue me because you did something something stupid.

Melting aluminum is not particularly hard or expensive to get a basic setup. You just need to know how to get the metal hot enough to melt.

In the past my setup was a 2-3 foot across pit in the ground with an old rusted out dutch oven to hold the molten metal and a hair dryer attached to a metal pipe with a PVC coupling and duck tape. If you are buying metal pipe, try to avoid galvanized as the zinc will vaporize at the temperatures the fire will reach.

WebAssembly Linux Binary Format

This past week, I setup a custom binary format on my workstation for WebAssembly. Such formats can be setup without modifying the kernel thru the binfmt_misc capability built into the Linux kernel. This allows specifying an interpreter for files that are neither a native binary format nor a script starting with #!.

In my case, I setup an interpreter for WebAssembly using the wasmtime runtime. To do so, I created a file at /etc/binfmt.d/webasm.conf with the contents