Launch of a community safe network

Could be, or more likely an aborted go at installing pi-hole. In not sure how to undo that - time to search a bit.

1 Like

No joy in getting that file. Tried from a couple of computers.

Any chance of checking.

My odroid hc2 arrives in a few days and I am trying to get my xu4 running to test things out

1 Like

Ahh, it was hosted on my Raspberry Pi, which stopped working recently for some reason. I’ll try to find the file and host it somewhere else (or fix the Pi).

3 Likes

Have you tried safe://vault.arm/safe_vault-linux-arm-musl.zip? This is/was on this community safe network, not sure it has survived restarts etc.

3 Likes

Would be good if you could.

Maybe @tfa can add it to his github for the community network. Would help a lot.

3 Likes

hmmm, I checked some chunks stored on my Vault and I could actually read the content of some. Shouldn’t all data be encrypted? Or does this version of the software not support this yet?

4 Likes

An immutable data smaller than 3 kbytes is not split in chunks and isn’t encrypted. In this case the datamap is the original file itself.

2 Likes

Small private files are always encrypted I may assume?

It’s probably another discussion/thread, but I can clearly see some html pages. Normally this would be fine as it is public, but if the content is something abusive, then I am acutally aware that my vault is serving this and I might even get prosecuted if some agency seize my vault.
(I always thought everything was encrypted, so nobody could know what a vault is actually storing)

1 Like

Got to say this is a bit of a worry. Small chunks of unencrypted data… what if I am storing bank details, etc… all it takes is a little luck then for someone to spot data that is valuable.
@nevel could you post a screenshot of what you are describing?

Say its not true? :frowning:

1 Like

Ahh… okay on first glance that looks scary. It is a lot of plain text data!!

But! That looks like publicly available data via website anyway.
What you are doing is sort of like a view source of a publicly available webpage.

I’m not so concerned now.

Comment from devs would be great though.

edit: but! i get what you are saying now. What if this was leaked national security data put up publicly?
You could have every name of every undercover agent in the field, on your hardisk.
Ah, it is a little worrying.

1 Like

I can’t see the image atm but it can’t be the content of a vault. All data, including public data are encrypted on a vault, so neither the owner nor anyone else can tell what it is.

2 Likes

That is probably unencrypted data (and small enough for 1 chunk → no self encryption?) in a _public container (probably by the safe web hosting manager → to _public container).

Two special cases are _public which is used to store unencrypted data (the container is encrypted even if its content is not), and _publicNames which is used to store references to the Public IDs owned by the account.

Let me look for an old question that I asked: what is the added value of encrypting such data, because you have to find the Xor adress first to access it anyways? So e.g. using encrypted container _documents instead of _public.
Here is (part of) the answer: the vault owners (of that chunk) can see the contents of it, for what it is worth.

Edit:
my old question
container reference in safe_client_libs src code

Please correct if I’m wrong in the explanation above.

2 Likes

To be clear: small immutable data (<= 3072 bytes) are currently stored unencrypted in the vaults.

This a problem but it will be corrected with something similar to what I described as “constant indirection with encryption” in the past. As a side effect it will also prevent a vault operator gaming the farming reward issuing GET commands on the chunks he owns.

4 Likes

It’s not ideal to have even public data stored in plain text in my opinion. You could easily write a program to automatically cat through the contents of your vault and uncover all sorts of things that had been assumed by the authors to be secret. Not sure if that’s an education problem or a technology one though.

3 Likes

It has survived and the link still works. The contact list should be updated in safe_vault.crust.config file (see safe_vault.crust.config).

I think Maidsafe should consider adding this target in their safe_vault deliveries (in addition to existing linux, osx, and win binaries).

2 Likes

Raspberry Pi is by far the most popular of these cheap SBC’s.
But are there other of the more popular ones that need another compiled executable version?

I’d say a build for rpi raspbian is a good start (ie armhf) and then later maybe do a 64 bit version (eg for Pine64). I guess see what’s popular. It’s easy enough for community builds to be made. But I agree at least one ARM build by maidsafe could be handy.

1 Like

There is another here that is running that version on a Odroid HC2 if I read their posts correctly

1 Like

Found the post of the other person who got @bart’s Pi version working on an Odroid

2 Likes