Hello. I have some questions about the gain (or loss) of privacy and anonymity in IPFS/IPNS.
For example: if I’m sharing a object with my deamon locally, then somebody request the data of object for me, is possible that this person get some privacy data of me, like IP? Or I can get privacy data of him? The IPFS have some thing that make this process anonymous?
The IPFS have something like SAFE Network’s requests process, that making the request anonymous? In request process of SAFE Network, each node only knows the details of the node one step away in the chain. This process make the request anonymous.
Running ipfs over for introduces complicated problems about security and anonymity.
When the official answer is to say ‘use tor’, then you are in a situation where you can misconfigure your tor daemon and become and exit node for the entire ipfs population originating from for. That’s a bit scary, imo.
What complicated problems does this introduce? It’s been a while since I ran a Tor node (I didn’t like my home IP getting blocked from some websites even for running a relay node), but unless they made it more confusing since then it takes some deliberate configuration to get it running as an exit node. As for getting the implementation correct so IPFS doesn’t leak info while using Tor, I believe that’s what the audit referred to in the thread posted before is meant to address.
IPFS is meant to be transport agnostic; so rather than trying to saddle the protocol itself with the performance overhead and weaknesses of one specific anonymous transport implementation, it can theoretically be made to work with any network (e.g., I2P, Tor) that attempts to provide anonymity if the user needs it.