Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
integralid 2 days ago

>When you sign up with just a random 32-char string...

There's STILL a browser fingerprint, IP logs to analyze, usage patterns to build a profile from. You may claim you don't collect it, but users need to take your word for it. This is just pseudonymity, which (as many BTC users found out) only gets you halfway there. Real anonymity is way harder, often impossible.

Don't get me wrong, it's good to see organisations that care about privacy and in fact this blog post encouraged me to consider your services in the future. We have some use cases for that at work.

Though by using cloudflare you're NOT putting your money where your mouth is.

ybceo 2 days ago | parent [-]

I was going to say making the platform open source might solve this problem, but then users would have to trust that we are actually running the open source version and not some fork with logging and tracking. This would be an interesting problem / paradox to try to crack.

But you are 100% right, I will look into alternatives for Cloudflare, which we are using because it seems like the cloud hosting industry LOVES to DDoS new players.

integralid a day ago | parent | next [-]

TBH most of those problems are solved by using tor browser. Depending on how much you care: 1. make it possible to use your service with Tor browser, 2. create an .onion site 3. delete your clearnet presence and use only tor.

Without (1), people who really care about anonymity won't even care about you (tor is table stakes). (3) is a really strong vote for anonymity, but don't expect many customers that way.

dns_snek 2 days ago | parent | prev | next [-]

With open source software + reproducible system image builds + TPM + secure boot + remote attestation you could technically achieve some level of certainty that the server is running the software that you expect, but that's not enough.

The operator can passively log the network traffic which allows for de-anonymization and you would need to design your application-layer such that the operator couldn't selectively route your traffic to a non-compliant server.

mazone 2 days ago | parent | prev | next [-]

I wonder if it would be possible to allow people to ssh into the edge servers with enough access to verify no access logs are stored but not enough to cause any problems. Admit i have not thought it through but would be cool having people verify the live environment while running.

dns_snek 2 days ago | parent [-]

You can't really verify anything in this way. SSH is just a protocol, you're trusting the SSH server to give you a shell inside the real production environment instead of giving you a shell inside some elaborate simulation of a production environment. It's about as trustworthy as a policy page saying "we don't keep logs".

mazone a day ago | parent [-]

You are correct. Would need something like distributed ledger to fully prove things.

It might not be possible to verify 100% but the more transparency the better i guess. Seeing the 3 way handshake and connection information, the timings, location of the server. Would need to be quite elaborate to fake. Just thought was a fun idea. Have the customer allowed in to production. A lot more difficult then publish privacy page, source code, fake audit reports.

o999 2 days ago | parent | prev [-]

There are self-hostable solutions for DDoS protection, try Anubis for example.