Dio9sys@Dio9sys@haunted.computer
Friend sent a link to this new "decentralized, censorship-resistent internet" proposal:
https://ravendevteam.org/betanet/
I will not get into the cryptocurrency part, as I'm sure Molly White is better at that than me, and I will not get i to the cryptography section as I'm sure Soatok Dreamseeker is better at that than me, but I will comment on one quote from the spec:
In this context, I believe "front origin" is the HTTPS packet that is encapsulating the rest of the traffic:
"Clients MUST mirror the front originβs fingerprint class (JA3/JA4 family, ALPN set, extension order, GREASE, H2 SETTINGS, H3 availability)."
...this requirement has got me stumped. Does it mean you have to match the ja4 fingerprint of the front server? How would you reasonably do that in a way that can scale?
Or is it saying that you provide a fingerprint that has to match the same type of fingerprint as the origin? In that case, couldn't you just set a header value that the client pulls and repeats? why would it have to be a fingerprint specifically?
Maybe I am misreading the spec, or that requirement, but it isn't making sense to me.
Kevin Karhan :verified:@kkarhan@infosec.space
@Dio9sys@haunted.computer I've seen many such weird "projects" that oftentimes ain't even #FLOSS and all they do at best is being a shittier version of @torproject@mastodon.social / #Tor with a less-mature & battle-hardened tech stack.
Wrapping in #Shitcoins makes it even worse!
Like I can get if they actually cared about #decentralization they'd use proven tech like #IPFS & #BitTorrent for hosting & file transfer but there are very few people I'd trust to be skilled enough to "roll their own network stack" cuz that's just barely below "roll your own #crypto" and almost noone should do that!