The "decentralized web" comprises much, much more than a project backed by a cryptocurrency--Ethereum, in this case. The decentralized web includes ZeroNet, .dat sites (directly accessible from the Beaker Browser), and many more. I don't like how they seem to want to conflate the term unilaterally with their own project.
I2P sites are centralized (as in no resources are shared between parties at all when serving sites; if the owner shuts down, their site does too), although it operates in a P2P manner (through an overlay network, of course). Same thing with tor. I don't know about Freenet nor hyperboria, to be honest.
I've been on i2p almost a decade ago, the level of filth and illegality of the content there made me very quickly reconsider what network I wanted to participate in.
Don't know if that has changed but I honestly don't want to know, I'd stay away from it if I were you.
Heh, replace i2p with any technology that connects humans to each other and you'll get the same.
I remember many saying the same about the internet when it first became mainstream as well. "What's the use of connecting with other anonymous people? Sounds like ripe for committing crimes. Normal people just talk with each other in person or on the phone"
Any network is prone to go through the same phases of "Just nerds > just nerds and some others who don't have a place > Broader community > Mainstream > Old, left-behind people"
I have been using it for almost a year and I haven't find a single instance of what you're describing. I haven't been searching for it, either. It's a great tool with great promise with regards to avoiding censorship and surveillance. I wish more people tried it.
>I'd stay away from it if I were you.
I'd rather recommend anyone on this thread to try it and form an opinion for themselves.
[0] Official I2P Java client download: https://geti2p.net/en/download. Once started, you should check the router console, on localhost:7657. You can check the firewall settings on localhost:7657/confignet (which TCP/UDP ports to open, for instance).
[0a] If you want to host an eepsite (I2P's anonymous websites), you should follow indications located on localhost:7658. You'll have to set 'http://localhost:4444' as your browser's proxy to visit eepsites (*.i2p).
The decentralized web isn't using non-web projects or web abstraction layers. The decentralized web is everyone hosting their own webserver from home. It's easy, everyone has a fast enough connection, and without the motives and requirements of a business it's safe.
Opera, back in it's old age before dying and becoming a Chinese owned Chrome skin approached this. It allowed anyone to easily and simply host their own content by running a webserver in the browser. Opera handled the human-compatible naming/look-up side but realistically even IP addresses that change are fine.
> The decentralized web isn't using non-web projects or web abstraction layers. The decentralized web is everyone hosting their own webserver from home. It's easy, everyone has a fast enough connection, and without the motives and requirements of a business it's safe.
This attitude is IMO exactly why the decentralized web movement outside of the blockchain/crypto space has not come further than it has in the last two decades. I run my own website out of a VPS and even that is nontrivial: occasional outages due to SSL certificates expiring, the VPS getting shut down because my credit card expires so the auto-payments stop working, troubles with the server software itself, etc etc. Meanwhile, if you just dump stuff onto one of these decentralized layers or even just a blockchain, you publish once, it's easy and it's there forever.
I truly believe that for "fully decentralized" to be viable, it must mean "serverless" (as in no servers, meaning no single computers whose IP addresses or DNS names or equivalents are explicitly referenced in a line of client-side code, not meaning that AWS lambda stuff). That does mean you're making significant efficiency tradeoffs for the foreseeable future; for some types of applications it's worth it and for others it's not.
See, that's your problem. You use a VPS. You use centralized SSL certs (instead of self-signing for a decade), you don't pay for the totally not required VPS. All that stuff if absolutely unneeded complexity and cost. This isn't a business you don't need 2 TB of bandwidth/month and all the nines uptime. There's no need for paying someone to host for you it just makes it harder.
self-host. Don't have someone else "self"-host for you.
You can't tell me that $5 a month for a VPS is more expensive than the administrative overhead of self-hosting in your own house. The average person on this website probably earns that in less than 10 minutes. On the other hand, it'll cost you $25 to get a Raspberry Pi and at least a few hours to get your Linux distribution of choice flashed and running so that it's project-ready. That's before you even get httpd installed, start stuffing around with port forwarding and firewall rules, configure dynamic DNS, etc. Of course, most VPS providers will also give you PaaS, so you don't need to do any sort of system or application configuration whatsoever - you can just actually run your website.
I personally self-host because it's neat and interesting to me, but not because it's simple and cheap - if you want to actually get a website or some other service running on the WWW going, VPSs are a god-send. Also, consider the fact that unless I do actually use a Raspberry Pi, which is very flexible but underpowered, I'm going to be paying for potentially quite expensive new hardware and electricity if I self-host, as well as bandwidth. These are all non-issues with a VPS.
Also, SSL certs are necessarily centralised, because they operate on a web of trust in a world where we don't know who to trust or not. If you have a website using a certificate which is self-signed, I'm not going to trust it unless I know you personally, because if I don't know you personally I have no way of determining that you are who you say you are - only a trusted CA is going to do that. That's why a green-padlock in your browser means 'One of a limited number of root CAs trusted by the distributors of this browser says this site is owned by who it says its owned by', not just 'this site is owned by who it says its owned by'.
One problem is that many ISP's use NAT, meaning that other computers can't connect to your computer! Unless your computer initiated the connection.
Most ISP's will give you a public IP if you ask though.
This is probably for the good though, as most software don't take security seriously, example listening on a public port by default, with the default password.
Not MiFi or other cellular connections, unless you get a special type of service. Might not be NAT, but it's definitely firewalled upstream against opening ports for listening.
> One problem is that many ISP's use NAT, meaning that other computers can't connect to your computer! Unless your computer initiated the connection. Most ISP's will give you a public IP if you ask though.
Actually, my experience has been the exact opposite on both points with every ISP I've ever had (in the United States). I've never had a problem setting up a dynamic DNS server to access my home network from outside. Likewise, I've never had an ISP that will give you a static IPv4 address. Maybe it's just luck on my part, but I was under the impression mine was the most common experience these days (for this country).
I live in Canada. I have a public version 4 IP address, although it is dynamic, but does not change that often. However, they once changed it to use NAT, but I was able to disable NAT easily enough on the modem, so that I could use a proper internet connection.
Assuming that an IP address is only assigned to you and not to other users (via a NAT that you have no control over), it's easy to occasionally ping your DNS server with your IPv4 address and assign a hostname to it.
If your DNS provider has an API, it's probably the first example in the API documentation. If not, there's DuckDNS and similar.
This is true, though there are still often port limitations. For example, with residential connections here, port 25, 80, and 443 are filtered incoming, so you can't run a web server or SMTP server on a normal port. Also servers technically violate the AUP. Business connections have no such restrictions.
Static IP isn't necessary for hosting from home but a "Non-NAT" connection is. If you don't have a static IP, you can use a service such as dynaDNS or something which runs on your server and keeps informing your subdomain to use the ever changing dynamic address. But if your device sits behind a NAT, then its not accessible from outside at all (unless the device initiates the connection), thus its impossible to host if your ISP has placed you behind a NAT. But the plus point, on the other hand, is increased security which is probably good for the majority of people.
One problem for ISP is that there are not enough IP addresses. local IP's have been used for mobile connections for a while, and now also for stationary connections.
>The decentralized web is everyone hosting their own webserver from home. It's easy, everyone has a fast enough connection,
I don't think it's that "easy" regardless of whether you're talking about cable-modem/router port-forwarding, or new IPv6 addresses, or even turnkey web host appliances.
In any case, I'll copy&paste one of my previous comments on NAT or ease-of-use not being the real barrier people think it is:
>Even if this thread's article's vision of IPv6 improving direct connectivity were to happen, I still claim the overwhelming majority of programmers would continue to choose something like Github rather than host their repositories on personal home servers. Personally, I wouldn't want my repo to be traced back to my home's ip address. I don't want China DDOS'ing my home ISP connection if they don't like my iPhone app that monitors Hong Kong. If I was a female, I wouldn't want my home git repo to give away my ip address and invite digital stalkers. I'd use Github just for the ability to shield my home's IPv6 address for privacy and safety.
>If the programmers -- which we can think of as technical thought leaders -- aren't leading by example (with git) for decentralization, why would we realistically expect other mainstream consumers to adopt decentralized setups? Yes, there will always be decentralized communities but it will always remain niche.
The idea that your IP address should be kept secret and that you should only interact with the rest of the internet through corporate third parties for protection is both obscene and absurd.
In 20+ years of home self-hosting I've never been DoS'd except on my tor hidden service (also served from home) and because it was tor all I had to do was change 1 number in my config file to limit it. Super easy.
>The idea that your IP address should be kept secret and that you should only interact with the rest of the internet through corporate third parties for protection is both obscene and absurd.
If I want to publish a web page with some anonymity and I'd prefer that readers not know whether it's in Kansas vs New York, then my home ip address is one less piece of information readers don't need to know about. It's totally reasonable for my particular preferences. Of course, the ip privacy is not absolute but relative -- and that can be good enough. Github/Youtube/HN will know my home ip address but everybody else interacting with those sites don't need to.
I'm not going to give up some privacy of my ip address just to fulfill your ideals of "decentralization". That's not a good enough reason. And looking at your webpsite, your self-report of 20-years of no DDOS attacks is irrelevant to what I might want to publish. Maybe I want to write essays on more controversial topics than what you chose to write about.
I find it interesting that you posted a previous comment about not wanting "trackers":
https://news.ycombinator.com/item?id=22835625 : >I have never carried a cell phone (smart of otherwise) in my life. I leave my dumb phone at home or take the battery out. I hope that these tracking bracelets which others voluntarily carry will not be forced and required in the future.
Knowing the approximate state or county your ISP is in is not tracking. It's location.
Cell phones with base station multilateration track the cell phone's location 24/7/365 and in the USA that data is accumulated for 2-5 years. Over that time they get to know you and your averaged patterns of movement (<100m) very, very well.
Your IP is how you interact with the internet. Trying to 'hide' it or whatever because you worry about someone knowing your ISP's general location is shooting yourself in the leg. And after you'll start relying on third party services to do what you can't do anymore because of gimping and give away even more private information.
That said, I'm not against using anonymity networks. I host many tor onion services from the very desktop home computer I'm typing to you on. I also support i2p with bandwidth and bitcoin as a full node.
Only if by 'everyone' you mean 'not everyone.' Broadband is far from universal.
> The decentralized web is everyone hosting their own webserver from home.
Only of by 'decentralized' you mean 'centralized.' The point of decentralization is that there isn't one and only one place (a 'center') at which you can find a given resource.
I self-hosted my website on 56k for years and it was fine.
And no, the point point of decentralization is literally that. Decentralization. What you're talking about is business crap leaking into areas it shouldn't. Uptime, availability, CDNs. All completely unneeded. Might as well be making straw airplanes to go full cargo cult.
Some can barely afford a cheap prepaid phone to make occasional calls, let alone a landline to tie up 24/7. Even then, running a web server is not trivial for most of the general public, a dial-up or DSL line is unlikely to come with a static IP address, and if folks don't know how to run a webserver, they certainly don't know how to set up a hostname with dynamic DNS.
> What you're talking about is business crap leaking into areas it shouldn't. Uptime, availability, CDNs. All completely unneeded.
No. You're talking about that. My point was much more basic.
Anyone on 56k isn't going to be able to use tor or i2p or any of the other services any better. But unlike hosting from home those things all add overhead data use too. The majority of people in industrialized countries have a megabit or two.
As for "My point was much more basic", it doesn't count if you edit your post. That's a real jerk move to do after someone has already responded.
Running a server from one's own home violates the terms of service of many ISPs. Even if you are not a business, ISPs expect you to pay more for their business plan if you want to run a server.
This is the thing, so many people tell it's fine to run a server at home even if violated ISPs TOS. But it's not fine, if I'm away from home and need to access it, the worst that could happen is my ISP cutting that connection to my own machine. Even if things are great now, there's Wireguard, even baked in on linux with 5.6 kernel. There's just to many artificial boundaries that selfhosting at home can't catch on.
Last time I checked, I might violate the terms of my ISP, but that's by very strict definition. Remote access and "server hosting" could be one and the same depending on how you look at it.
running a server at home is still centralised though - you have one central server, one point of failure. Power cut at home? ISP disconnects you? DDoS? Front page on HN and your ADSL cant handle the load? Government censorsip or other tin-hatery? Your centralised server is down and people can't see your stuff.
The point of decentralised stuff is there is no centralised server, but rather the content is decentralised and thus available when things inevitably go offline. So if your home server goes offline for whatever reason then no biggie - some other node on the network serves your stuff instead.
Depends what you mean by "server". Is the service you're interested in available only via that one server? Specifically, you could host your own twitter-equivalent handle from your own server, and the server going down wouldn't bring down the twitter-equivalent-service. Or your server with your blog going down doesn't bring down everyone's blog.
I'd say we should keep the decentralised and replicated-for-reliability concepts slightly separate. They are interesting together, but they're orthogonal.
My experience with Vivaldi was not good. It was always the slowest browser.
Brave was always the fastest.
I don't trust Chrome because it's serving Google, his Evil Master (aka The Money Maker).
I find Firefox the most trustworthy.
Working with Vivaldi right now.
It's alright. Its nowhere near as fast as OG Opera used to be, though it at least feels faster than most other browsers on the market. Vivaldi also has a tendency to tack on unnecessary things and updates bit by bit, the same problem Opera had.
It feels like this is simply the cycle most new browsers go through now. They start out minimal and fast, then slowly fall for the issue of having to validate time spent developing, so they sell out.
(Or alternatively, we stop putting oversized JS frameworks/libs and ridiculous tracking systems inside our pages)
Sure. But additional layers of complexity that don't add anything useful just makes it harder for people to participate and centralizes them into services that handle the complexity for them.
So I finally took the plunge into learning what IPFS is about. And I must say.
Content-addressing is FAR easier to understand than location addressing. In fact, it's the way most people think of a url. I'm sharing "this picture." When you post to Facebook, you're "writing to your friends and family," not "uploading my stuff to a faceless corporation for them to monetize in whatever way they see fit." I mean, folks have a better understanding that that's what they're doing NOW, but a honestly IPFS seems closer to the way people intuitively use and think about the web.
Personally, I find IPFS incredibly useful (when it works). Especially since it makes your content faster and more available than running your own web server at home.
Maybe I'm missing something but how is your stuff replicated when you use IPFS? I thought you just shared a link to the content which resides on your own machine.
Whenever someone visits your content, they download and redistribute it, like a torrent. You can also pay for services like eternum.io to (additionally) distribute your content.
Most ISPs use NAT now. No home user is directly connected to the internet. Probably a good thing since consumer routers aren't exactly known for being secure.
At least in Brave it doesn't seem like a "proper" decentralized implementation as it simply redirects to gateway.ipfs.io which is gateways run by the IPFS organization/Protocol Labs.
So while it works, the browser is neither natively resolving the content nor help sharing it further.
The demonstration from the video/GIF says "Support for ENS+IPFS in Firefox via the MetaMask extension" but it's also clearly using the public gateways instead of fetching the content via IPFS in the browser. Seems weird that they are using that as an example. They could have used the IPFS Companion extension and at least it would have seemed to work in the demonstration.
So while it seems to be getting there (at least the domain resolve seems to work via _something_), the implementation of IPFS in both Brave and MetaMask doesn't go the full way and enable off-internet content fetching or offline caching as a better integration would get.
Author of the blogpost writes: "Browsers with native support" and "it should work without special extensions" while we both know that's not true. So it's misleading.
It does indeed, and seems to work fine. The problem is not that it's impossible, the problem is that the author is misleading people. See https://news.ycombinator.com/item?id=22848023
I didn't know about Cliqz. I'm always curious about new browsers. I just installed it, but it does not open "almonit.eth". Any idea why? Maybe I did something wrong.
Still I see the following "There are at least five browsers with native support for ENS+IPFS websites. That means you can just type “almonit.eth/” into the URL bar and it should work without special extensions." on https://medium.com/the-ethereum-name-service/all-the-ways-yo...
"almonit.eth" is not a Dat website, but a ENS+IPFS website. Cliqz supports Dat. You can check out some Dat websites and apps here: https://hashbase.io/
And check out Beaker Browser for more info! (Beaker itself doesn't work on mobile, but it's a really cool browser.)
Thanks for linking, I'll check it out! I'm occasionally running Beaker Browser to publish my https-first website also over dat, but I'd gladly switch to a better dat-capable browser.
> A decentralized website makes both parts censorship-resistant: it uses IPFS (a distributed file storage network) for storage
This is a bit over-prescriptive: there are other distributed file storage networks out there. For example, Sia's Skynet. (Disclaimer: I maintain a Skynet portal)
Also... it's not censorship-resistant. IPFS doesn't provide secrecy. The content can be censored by anyone offering you connection when they query your node if it stores specific information.
The way to analyze whether something is centralized is to look at its namespace. Federation is not decentralization. You're not a first class speaker if your name can simply be taken away.
I do remember AlterNIC and other such attempts, but they aren't germane to decentralization. Being able to switch to an alternative federation root is still federation.
The point is that one is free to run one's own root if need be.
Similarly to the post you replied to - centralisation of name resolution is by market choice, not technological lock. The incentive is for everyone to coalesce around one service though.
Sure, just as one can keep their own /etc/hosts. But we're talking about coordination between groups of people, and the power structures that result therein. An alternative root just creates a new instance with the same structure.
> centralisation of name resolution is by market choice, not technological lock. The incentive is for everyone to coalesce around one service though
The technological deficiency creates the market incentive towards centralization. If one could easily remap (eg ycombinator.com -> ycombinator.com.icann), DNS would have had a fighting chance. But what we really want is the ability to reconcile-merge differing perspectives, rather than competing all-or-nothing trees.
Nobody cares that something is centralized either. There is no preference either way.
Simple hierarchical systems like DNS have been faster, easier to implement, and have scaled better. If someone can make decentralized alternatives competitive they have a chance.
The bottom line to always remember is that 99% of your users, even technical ones, don't care one bit how it works. They only care that it does.
What does Ethereum have to do with surfing a decentralized Web? Or like what is it bringing to the party? I would imagine most of this is just IPFS, right? Aren't there other like non cryptocurrency based distributed dns systems? I'm just confused how cryptocurrency popped up, or what am I just totally fucking missing?
You can't have decentralized DNS without some form of shared state, where the shared state must resolve the problem of "if I use key X to change the owner to Y, but then later on someone hacks my key and sends a message to change the owner to Z, how does the world know that Y came first?". This is equivalent to the double spending problem, and so a solution to this problem implies blockchains or some other architecture that can support a cryptocurrency.
A lot of the other responses here are too complicated and specific. Here's my attempt to put it into easier-to-digest terms:
In a traditional web stack you have a backend and a frontend. The frontend is the stuff the browser runs, and, simplifying a bit, the backend is everything else.
Ethereum smart contracts basically let you replace your backend logic and database with code that runs on the Ethereum blockchain network. Depending on your application can decide to run only a few parts of your backend on Ethereum, or the entire backend.
It's very slow when compared to traditional backends like nodejs, etc, but it has the benefits of censorship resistance and excellent availability. Better still, you don't need to run or maintain servers to support it if you don't want to (although there are benefits to doing so).
In this case, they're using Ethereum's replacement for DNS, ENS.
Interesting. It crashed my phone’s web browser (not firefox) on first load, then worked fine after that. I suspect it has something to do with the animated screen shot thing.
Shameless plug, for people who want to learn how to build decentralized applications on ethereum / solidity smart contracts, I have hundreds of tutorials on my youtube channel EatTheBlocks: https://m.youtube.com/channel/UCZM8XQjNOyG2ElPpEUtNasA
I'm from Almonit, one of the organizations mentioned in the article. We create a decentralized search engine for Dwebsites, almonit.eth . It also got a (almost) complete list of existing Dwebsites.
The extension let you either setup your own IPFS/Ethereum nodes, or use existing gateways.
To try to be as decentralized as possible, the extension chooses (by default) a different random gateway in each new session (like, every time to open the browser). We call it "decentralization by randomization". You can also edit the gateway list if you don't like the ones we began with.
This site can’t be reached
almonit.eth’s server IP address could not be found.
Try:
Checking the connection
Checking the proxy, firewall, and DNS configuration
ERR_NAME_NOT_RESOLVED
Everyone always seems so handwavey when they talk about "decentralized" web. It seems more like a string of buzzwords than an actual technical definition.
What are the actual properties of the "decentralized web" that make it "decentralized"?
