If an app on one device connects to an app on another via Veilid, it shouldn’t be possible for either client to know the other’s IP address or location from that connectivity, which is good for privacy, for instance. The app makers can’t get that info, either.
Is that considered a new thing? I don’t think I’ve ever encountered a P2P service/protocol that also masks IP addresses.
They state they take inspiration from Tor and IPFS, so there are added transport layers below the top layer “P2P” that obfuscates ones IP address. It’s nothing new really, and I’m honestly not sure what the advantages are over something like I2P, which largely doesn’t suffer from Tor’s issues of node ownership as there are no guard or exit nodes to own (unless expressly configured), while also being faster overall.
You right. There are still IP addresses; you can’t really just yank out layer3 and call it a day.
Here is a piece from their website about the “Secure envelopes”:
“Each node hop only knows about the next one This is similar to onion routing, but assumes that the source is fully in control of the Safety Route and the destination is fully in control of the Private Route.”
There’s also a packet diagram. It’s just encapsulation inception. There are also IP addresses listed as being encapsulated in the packets for additional node hops.
I guess from the perspective of the source and destination, they don’t know each other’s IPs. So there is that v0v.
This is precisely it, and is a similar approach to the ones used by other anonymization networks as well. This allows your entry node to know your node/IP is using the network, but with a secure end-to-end tunnel, nobody along that tunnel knows the entire source -> destination path or data, so it is usually considered sufficiently anonymous and secure.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacyguides@lemmy.one
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
We prefer posting about open-source software whenever possible.
No soliciting engagement: Don’t ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don’t repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Is that considered a new thing? I don’t think I’ve ever encountered a P2P service/protocol that also masks IP addresses.
They just had to add i2p transport to ipfs, could be done in 200 LoC
They state they take inspiration from Tor and IPFS, so there are added transport layers below the top layer “P2P” that obfuscates ones IP address. It’s nothing new really, and I’m honestly not sure what the advantages are over something like I2P, which largely doesn’t suffer from Tor’s issues of node ownership as there are no guard or exit nodes to own (unless expressly configured), while also being faster overall.
Idk what it means because for networks to work you need an ip address to send the data to your device.
You right. There are still IP addresses; you can’t really just yank out layer3 and call it a day.
Here is a piece from their website about the “Secure envelopes”:
“Each node hop only knows about the next one This is similar to onion routing, but assumes that the source is fully in control of the Safety Route and the destination is fully in control of the Private Route.”
There’s also a packet diagram. It’s just encapsulation inception. There are also IP addresses listed as being encapsulated in the packets for additional node hops.
I guess from the perspective of the source and destination, they don’t know each other’s IPs. So there is that v0v.
This is precisely it, and is a similar approach to the ones used by other anonymization networks as well. This allows your entry node to know your node/IP is using the network, but with a secure end-to-end tunnel, nobody along that tunnel knows the entire source -> destination path or data, so it is usually considered sufficiently anonymous and secure.
I agree but then again you can use traffic correlation to guess the source ip.
Again? If it isnt the 3rd time this week…
Can someone ELI5?
Hacktivist group made a privacy framework so people can make more secure apps
Anyone (supposedly) can make an app off of it, not just security people, which is good
What kind of apps?
@HughJanus @Hazzia they built a Signal-like IM app as a proof of concept. It’s called VeilidChat.
https://veilid.com/chat/
I can’t see anything on the Gitlab without an account. Where is the repository?
Tried looking with my account, but the link just goes to a 404
I checked on their profile and indeed there is no veilidchat or similar repository.
Using the site search with duckduckgo it gives the same link that goes nowhere, so probably there was a repo but it got taken down? I’ve no idea.
I guess anything from the fediverse for example. Chat, voice, video. Not sure about storage like ipfs but why not.