Trying to make a p2p file sharing system kinda like torrents and am wondering about security
Bassically, Im wondering if it would be possible to create a system in the image below (worlds being the files(sandboxed code)).
I was wondering mainly concerning ddos and how the whole thing would compare to how the internet currently works - having servers hosted by single individuals
29 Replies
Essentially, the central server would be the tracker server
is there a reason you can't just use torrents?
the way torrents get around this is by not having a central server at all
there are registries like the pirate bay or whatever but those are not centralized
they are registeries for tracker servers right?
what would be the tracker server?
are tracker servers peers?
ok so i don't actually know that much about torrenting but my understanding is that there is no tracker server
also, the metadate would need to be updated very very fast
though now im starting to realize how little i know
😭
so im just gonna stop talking out of my butt and just say you can read the torrent standard, most standards aren't super difficult
ok thanks, where can i find ressources on torrents?
BitTorrent
BitTorrent is a communication protocol for peer-to-peer file sharing (P2P), which enables users to distribute data and electronic files over the Internet in a decentralized manner. The protocol is developed and maintained by Rainberry, Inc., and was first released in 2001.
To send or receive files, users use a BitTorrent client on their Internet...
ofc
ok so it looks like bittorrent does use tracking servers but as far as i can tell it looks like they're effectively just matchmakers
not proper central servers
yes, but would't a central server containning a checksum greatly improve security?
no not really
why not?
because the moment the central server gets hacked every nottorrent breaks
makes sense
if you know anything about how bitcoin works vs a central banking system, one thing bitcoin does (famously!) well is that it's almost impossible to hack because you would have to alter the blockchain on millions of computers
and like, websites, they get access to the ip's of the clients right? So is there a difference between the normal hosting methode and the bittorrent when it comes to targeted attacks
yes, completely different
isn't it the same with torrents?
because bittorrent is completely decentralized, your only real option is to disseminate a poisoned torrent file
otherwise you'd have to take over every single seeder and even then you'd have to verify the checksum somehow stays the same
has there ever been situations where that has happend?
yep! that's the analogy im making
i would assume so, at least on some scale
but having a centralized server wouldn't solve this
how about the fact that I need the metadate to update quite fast
would I use a central server or just another p2p system
why would you need to?
bassically, search engine type thing, file tags, user reviews/reports, etc
well for anything centralized you would need to do that for a large system anyway
you're basically describing google for torrents so yes you would need to update metadata a lot
so in this case a centralised server would be ideal?