I know this is a weird question but I was reading through a JSON manual and it got me thinking. Could one send PHP, or any other language which is typically used with server side coding to something OTHER than a server and use it with SAFE instead of a server? Like if I recall correctly AJAX is where one uses javascript + xml and PHP together but PHP is typically reliant on a server. But could one rig PHP to run off say node.js or something else or set up SAFE to mimick server functions enough so that PHP could send and receive messages to and from it?
1 Like
I was thing about this yesterdayā¦
I suspect what can happen is that you will have Servers attached to SAFE ā They will listen for messages routed over the SAFE network and will update SAFE with new data. So, While there are "no servers in SAFE, There certainly could be servers listening to SAFE and Writing to SAFEā¦
Most data can be requested from the clientside without server interventionā¦ They will just get a map out of structured data that tells them where the data lives and how to fetch it ā Queries can run clientside over most datasetsā¦
4 Likes
Continuing on from @jreighley
PHP is only special because it is running on the server and accessing a centralised database, even if just files and not a formal database. AJAX is really just a way to format requests to the server (running PHP often) and how to use the returned info.
So really your question can be rephrased as can we directly access data (bases) from the APP. And @jreighley covers that.
1 Like
I suspect what can happen is that you will have Servers attached to SAFE ā They will listen for messages routed over the SAFE network and will update SAFE with new data. So, While there are "no servers in SAFE, There certainly could be servers listening to SAFE and Writing to SAFEā¦
The metacurrency project have developed a protocol for doing this (canāt recall the name but easy to find).
OK, that would protect you from law-enforcement officers (LEO) walking in and seizing the server. However, your data can be leaked in other ways:
-
The server operators have the server at their premises and arenāt very efficient at securing the console, or they are crooked, or they cave in to LEO demands to implement spying on the data transmissions at a point prior to encryption.
-
The server is at a third party data centre - all of the above, probably worse since it is even more convenient for LEO to get the cooperation of the data center provider. The server operators donāt even need to know.
Anyway, it just seems inelegant, like an automobile being pulled along by a horse; you build an incredible, new, SAFE network, and use it as a glorified VPN.
Well, Servers are still protected by the routing system just like clients areā¦ Nobody should be able to trace where they are than they would any other client. A server would just be a client as far as the network could tell ā one that read and wrote a lot of dataā¦ In essence that isnāt any different than how anything else on SAFE will work.
The servers could also store all their data and programs on SAFE. So even if they where raided, what they where doing wouldnāt be stored locally.
Computers have risk. That will never change, SAFE only makes it SAFErā¦
It would be nicer to have distributed computing in SAFEā¦ You probably could set up Etherium or something like that to run the servicesā¦ SAFE has distributed computing stuff on itās radar now ā But for now, out of the box, that is most likely how it works.
1 Like
So am I correct in saying the server has to have the launcher running to be able to access data from safe? If the server is raided are my credentials at risk and all data is accessible now?
Depends on how you design it. I would be careful.
If I where to do it, the 'Server" would probably be a SAFE appā¦ Until you logged in, it wouldnāt exist, and after you logged out it wouldnāt exist, but you would have to be logged on all the time for the system to work - and that is a riskā¦
You could probably have many clients running the update services from many locations, and many different accounts, if you engineered it right.
But you are wiser to run services from servers in jurisdictions where what you are doing is legalā¦
1 Like
Interestingā¦ Iāll have to let the synapses fire on this for a bit. Thanks.
A server could be located by traffic analysis over time, by a global observer, by injecting data at a client and observing when and where a similar-sized chunk of data comes out. That scenario has already been been established as feasible for Tor given some months of continuous attack, and I donāt see how SAFE would be different in that regard. Such analysis is hit and miss in the short term but grows more certain over 3 months or more, and for an end-point such as a server with a fixed IP with many clients communicating with it.
Once a server is identified as a suspect server then LEO just go to the hosting company and demand that the server be tapped, with hardware or software.
The unencrypted data flow is accessible to anyone with access to the console and the necessary tools.
Irrelevant. The data and programs have to be loaded into the serverās RAM at some point in order to run the programs and process the data.
[EDIT]I was referring to your scenario of a single computer operating as a server. However, a āserverā that is actually a changing pool of client machines would be another matter altogether.
Uhm , What do you propose?
What I suggest will work. It may not be ideal for every application, but data needs to get into the network somehow. And it needs to have co-ordinated writes if it is going to be trustableā¦
What is the difference between a person putting data onto the network via the SAFE client and a machine putting data on the network via the same means? Not much. The risks are the risksā¦
Lets take a simple example. Comments on a blog post. How are they going to get published?
Iām just analysing the idea; I have no aggressive intent or ego investment, and Iām happy to be shown better ways of doing things.
I was just saying that, for a persistent server, it can be tracked down about as well as it might be on the Tor network (if there were the same number of machines in the network, obviously).
There are some useful āhidden servicesā on Tor, but the expectation that one might have for SAFE is much higher, such as some form of compute layer.
As a stop-gap, I would propose frequent changing of IP address, including providers, and if the server is portable, then connect at free wifi spots on a random basis.
I think something like apache zookeeper could be built to coordinate many different nodes processing write/updatesā¦
I donāt think there is any difference between a āserverā and any other client when it comes down to the bare bonesā¦ The risks are insanely small compared to most anything on the marketā¦
But yes, if somebody where to raid you while the service was running they probably could scrape your ram and make a case against you ā
But they would have to find you first, and that is no easy task in SAFEā¦ Remember they donāt know what the data is that is being uploaded. It is all just gibberish routed though a rather blind X/OR processā¦ Besides these severs really arenāt uploading anything ā Just updating database indexes (Structured data) to show where information lives so that various clients know what to ask the network to retrieveā¦ The traffic generated from such updates would be quite small ā and probably indistinguishable from other things that SAFE clients would be doing constantlyā¦
Hi, youāre just repeating yourself, and Iāve already addressed the points you raised. Iāll leave it at that.
I disagree that you ave addressed my points, but I will also happy leave it at that if you choose to not engage
How is alleged 'server" any different than any other client? What identifies itās PUTS as anything different from anyone else? As far as the network is concerned it is all just encrypted gibberish, right? All I have to do is transmit one āGIT style hashā to the network as a Structured data update, and the underling behavior of a website can change. That isnāt really detectable or unique behaviorā¦
SAFE is an significant upgrade on TOR. That has been addressed many times over thoughā¦
1 Like
I think it would be enough to proxy the SAFE packets to localhost running web server + php. Such as Tor does with SOCKS.
This is why much of āthe sceneā makes use of servers running on encrypted partitions with deadman switches. Itās not security through obscurity or any kind of hiding shell game, but once the server is located, it makes things challenging for LEO.
1 Like