I really like what’s happening with SourceHut[^1]; that aims to make a lighter-weight, very self-hostable forge.
How many of the problems that these decentralized systems aim to solve could be in large part mitigated by more self hosting? For sure, there are some technically desirable aspects of decentralization: higher resilience to data loss, etc. but the problems of centralized, closed-source, freedom-destroying services can be affected quite a bit by running your own $service.
Came to post the same thing. I feel like this is the sleeper ground breaking tech that everyone will have claimed to used first. The Velvet Underground of Web4.
I love that Git is distributed in the sense that all copies are equal. But I think the current Github, Bitbucket etc. status quo is okay. Not optimal but it works most of the time.
How well does the scenario scale in this sense that there could be hash collisions across the number of projects available on GitHub? Or was it simplified in its search for a SHA hash only?
I would imagine some hash collisions between all repositories in GitHub exist at this point.
Git is now using SHA256, so there is quite very close to zero risk. Trying to intentionally create a SHA1 collision is also going to be "quite difficult" for the foreseeable future.
Not by default, and I don't think it's officially stable yet (but I haven't checked the status in a while). I'm not even sure github supports SHA256 repos.
Thanks, seems right. Someone asked github in a discussion 18 months ago[1], and they said soon, but there's still no sign of progress, no issues to track, no indication soon really was in the pipeline.
IDK. Such Bitcoin operarios probably aren't $0.08 anymore, and have unpleasant externalities. And not sure I want all my repos public. Also could be some MITM attacks in there somewhere.
I'm generally opposed to bitcoin, but this is one place where it'd make sense that you'd want to store up to 80 bytes globally. Current transaction costs seem to be ~$1.75.
The whole identity thing was really more of a suggestion than final tool in GitTorrent. Chris Ball also has done some work more recently with Keybase, but not in connection to GitTorrent and Keybase post Zoom is dead, but that sort of solution would probably fit. Certificate Transparency is popular. Alas, projects like Google Keyserver went archived: that'd be a great way to publish a key & validate it across time.
I don't believe there's any creative MITM attacks on BitTorrent we have to worry about. The content has to hash out.
In general I dislike this form of post, where there's a scattershot litany of non-backed up complaints & concerns, a big blast of naysaying. I don't think anyone is compelled to fully accept, but immediately polarizing yourself against something so heavily, so quickly, & not admitting some possibility: it's a existentially risky doubt-monster of humanity's, this pervading doubt. Please try to show some balance, some recognition of upsides, share a little bit that you think positivity might be possible.
How many of the problems that these decentralized systems aim to solve could be in large part mitigated by more self hosting? For sure, there are some technically desirable aspects of decentralization: higher resilience to data loss, etc. but the problems of centralized, closed-source, freedom-destroying services can be affected quite a bit by running your own $service.
[1]: https://sr.ht/