- cross-posted to:
- asklemmygrad@lemmygrad.ml
- cross-posted to:
- asklemmygrad@lemmygrad.ml
that would be super cool! if we could get the deprogram boys to repost their videos there it would be awesome! i need to stop watching YouTube anyway
What’s a PeerTube instance exactly?
Like, an account?
I added a video on top
Ah, thanks.
wait so can you see the IP address of the other people watching the same video. That’s so insanely bad for privacy lmao. Maybe the peer part can be disabled? Of course that means it’s expensive to host (although using cloud object storage might reduce costs).
This is what it says in the documentation
P2P & Privacy
PeerTube uses the BitTorrent protocol to share bandwidth between users by default to help lower the load on the server, but ultimately leaves you the choice to switch back to regular streaming exclusively from the server of the video. What follows applies only if you want to keep using the P2P mode of PeerTube.
The main threat to your privacy induced by BitTorrent lies in your IP address being stored in the instance’s BitTorrent tracker as long as you download or watch the video.
What are the consequences? In theory, someone with enough technical skills could create a script that tracks which IP is downloading which video. In practice, this is much more difficult because:
An HTTP request has to be sent on each tracker for each video to spy. If we want to spy all PeerTube’s videos, we have to send as many requests as there are videos (so potentially a lot) For each request sent, the tracker returns random peers at a limited number. For instance, if there are 1000 peers in the swarm and the tracker sends only 20 peers for each request, there must be at least 50 requests sent to know every peer in the swarm Those requests have to be sent regularly to know who starts/stops watching a video. It is easy to detect that kind of behaviour If an IP address is stored in the tracker, it doesn’t mean that the person behind the IP (if this person exists) has watched the video The IP address is a vague information: usually, it regularly changes and can represent many persons or entities Web peers are not publicly accessible: because we use the websocket transport, the protocol is different from classic BitTorrent tracker. When you are in a web browser, you send a signal containing your IP address to the tracker that will randomly choose other peers to forward the information to. See this document for more information The worst-case scenario of an average person spying on their friends is quite unlikely. There are much more effective ways to get that kind of information.
Thanks for checking. It’s good that you can disable P2P, but the article is definitely overconfident. They mention that IP addresses are ephemeral, but you usually keep them for a while and they’re allocated from a pool.
Their whole math with all the peers and stuff is also weird because usually 1000 people aren’t going to have some random video cached.