2024-09-19T20:20:00+02:00 I don't like Australians!
And then deleted it, fearing the Australian Mafia (which, as we know, is very powerful in Bavaria). But I got the hash for it,
p5zdahq, and that timestamp has tt written all over it. That's my proof! π
π
π
2024-09-19T20:20:00+02:00\tI don't like Australians!
And then deleted it, fearing the Australian Mafia (which, as we know, is very powerful in Bavaria). But I got the hash for it,
p5zdahq, and that timestamp has tt written all over it. That's my proof! π
π
π
In fact, I really don't. I love'em! 8-)
We would need to sign each message in a feed, so others could verify that this was actually part of that feed and not made up. But then we end up in the crypto debate for identities again, which I'm not a big fan of. :-)
I just want to highlight, one might get a false sense of message authenticity, if one just briefly looks at the hashes.
Invent anything you want, say feed A writes message text B at timestamp C. You simply create the hash D for it and reply to precisely that D as subject in your own feed E with your message text F at timestamp G. This gets hashed to H.
Now then, some a client J fetches your feed E. It sees your response from time G with text F where in the subject you reference hash D. Since client J does not know about hash D, it simply asks some peers about it. If it happens to query your yarnd for it, you could happily serve it your invention: "You wanna know about hash D? Oh, that's easy, feed A wrote B at time C."
The client J then verifies it and since everthing lines up, it looks legitimate and puts this record in its cache or displays it to the user or whatever. It does not even matter, if the client J follows feed A or not. The message text B at C with hash D could have just deleted or edited in the meantime.
Congrats, you successfully spread rumors. :-D
yarnd would have to be maliciously fabricating a Twt with the Hash D.
yarnd would have to be maliciously fabricating a Twt with the Hash D.
> In order for this to be true,
yarnd would have to be maliciously fabricating a Twt with the Hash D.Yep, thatβs one way.
Now, I have *no idea* how any of the gossipping stuff in Yarn works, but maybe a malicious pod could also inject such a fabricated twt into *your* cache by gossipping it?
Either way, hashes are just integrity checks basically, not proof that a certain feed published a certain twt.
> In order for this to be true,
yarnd would have to be maliciously fabricating a Twt with the Hash D.Yep, thatβs one way.
Now, I have *no idea* how any of the gossipping stuff in Yarn works, but maybe a malicious pod could also inject such a fabricated twt into *your* cache by gossipping it?
Either way, hashes are just integrity checks basically, not proof that a certain feed published a certain twt.
> In order for this to be true,
yarnd would have to be maliciously fabricating a Twt with the Hash D.Yep, thatβs one way.
Now, I have *no idea* how any of the gossipping stuff in Yarn works, but maybe a malicious pod could also inject such a fabricated twt into *your* cache by gossipping it?
Either way, hashes are just integrity checks basically, not proof that a certain feed published a certain twt.
> In order for this to be true,
yarnd would have to be maliciously fabricating a Twt with the Hash D.Yep, thatβs one way.
Now, I have *no idea* how any of the gossipping stuff in Yarn works, but maybe a malicious pod could also inject such a fabricated twt into *your* cache by gossipping it?
Either way, hashes are just integrity checks basically, not proof that a certain feed published a certain twt.