Hi,

There's a lot of projects aiming to create decentralized forums. One of them is, as you know, FMS.

FMS has the obvious downside of having to install Freenet, along with the various Web of Trust hassle.

Another one was Usenet. And a later project following the same idea, NNTPchan.

Now, my idea is this: You set up a public (onion or clearnet) frontend where you can make and read posts, with its back-end being FMS.

(It would be possible to further extend this concept too. For instance, what's stopping anyone from registering a new FMS identity, a new e-mail account, writing some code, and exposing this mailing list over FMS? The possibilities are endless, and all such applications would automatically peer with one another by virtue of using the same common back-end)

Frontends would be disposable and dime-a-dozen; a front-end with too picky trust lists could get replaced by any other, a front-end with too lax posting standards would get blacklisted, and a front-end with too harsh posting standards wouldn't get used by anybody.

This has some pretty significant upsides. For one, it's not possible to take out the whole network of nodes, as happened to NNTPchan. So assuming Freenet isn't taken down, you have a server with absolutely no interesting content and an indestructible backend. With the backend on a hidden service and a clearnet server just passing through HTTPS, adversaries wouldn't even have anything to go on. And in Europe, the operator of a proxy has absolutely no legal responsibility anyway, as long as he doesn't interfere with the content.

This makes FMS -> frontend trivial: copy all messages with high enough trust score, carry out no filtering at all, done. No need to filter piracy/CP more than the network already does.

But how about the other way around? Since users would be anonymous or at least psuedonymous, the FMS model for spam filtering breaks down. If you would put a CAPTCHA for posting, the amount of spam would be very low, but there still might be some which would cause it to get blacklisted by some users.

My idea is that each user posting would get some kind of unique name (e.g. truncated salted IP hash, or for Tor users a cookie they need to solve say 20 captchas to get - maybe you could do JS PoW or something like that). Then the frontend would post with its key but that name. It would also assign message trust slightly above zero, but no list trust.

Do you think this would work? It's a bit ugly taking the IPs, but not disastrously bad. The server wouldn't need to do any IP banning of pathological cases. It could carry out basic spam filtering (e.g. Bayes), but it wouldn't have to. Captchas might be possible to replace with rate limits.

Specifically, a user that didn't like this would set list trust of the master identity to 0. Do you reckon this would happen?

Reply via email to