Test whether this data can be deleted by blockstack database adminstrator


#1
  1. I used the blockstack id login this forum and just for test if the data really can be controlled by users. Are these texts stored in Gaia, dropbox, Azure blob storage instead of mysql database?Can this post be deleted by blockstack database administrator without my permission?

  2. If I put my data on dropbox, their employees can view contents and delete it, so through blockstack encrypted, can dropbox employees can still know what kind of data I store? What are the data format in front of their eyes? If this forum owner cannot delete this post , can dropbox database administrator delete it?

@jude @larry


#2

1

Discourse (this forum) isn’t run off of the Gaia Hub, so yes, it can be deleted, and it is not stored in “your data bucket.”

If there was a decentralized forum that we were using, technically Blockstack PBC could remove it off your gaiahub because they own the only widely-used gaiahub, gaia.blockstack.org. You can host your own however, if you wanted to!

2

If the data is not encrypted, and/or not obfuscated, then yes, the Dropbox employees will know what it is/ not at least what filetype it is. If a dropbox employee knew your address and knew what content it tied to (say from a gab-like social-media-post gaia-hub-data-address), they could manually delete it, but odds are they won’t know what it ties too.

It’s also why (eventually) it would be good to decentralize the storage and cross-sync the data through different storage backends, but all in good time.


#3

I edited the topic title to keep it relevant.

Yes, we can (and regularly do) delete forum posts here – specifically, ones that are clearly spam, shilling, or off-topic. We also ban IP addresses of users who post spam.

One day, I hope we can migrate off of Discourse to something built natively on Blockstack – in which case, deleting forum posts could never happen. However, such a forum would still need to support moderation – specifically, if an admin flagged something as spam or flagged it as “deleted”, the client would not show it by default (but the client would still be able to show flagged or unindexed posts if the user wants).


#4

Thanks for your answers, I see. Even I use my blockstack id login some websites, the data probably would be stored in traditional mysql database and maybe deleted by site owners.If I choose “my data bucket” ,the data bucket owners may also can delete and find where I store these data.


#5

It can be, but if the app is open source you can check to see if it is using the blockstack functionality properly. In a Gaiahub-styled forum, it would probably not be stored in the database.

Databucket owners can mess with your data, which is why you should choose one that you trust - or even host your own!


#6

This depends on the back-end storage medium as well. A Gaia hub could do things like replicate data to multiple back-end storage systems in multiple different countries, as well as replicate data to BitTorrent, IPFS, DAT, SSB, etc. This would make it harder and harder to tamper with your data.


#7

we all hope that day .


#8

You can also host your own gaia hub, on your own cloud storage account or on your own machine or server so that you would the data administrator. We host gaia hubs for people for convenience but are moving away from that model. In user onboarding you have the option to host your own gaia hub now.

The idea is to make users hosting their own gaia hubs more user friendly.

You are free to contribute to this if you have input.

one of the challenges here is running your own gaia hub requires users using their own FQDN, for the average user, setting up an FQDN is not untuitive, nor is there any streamlined or automated process for people acquiring their own FQDNs, we could funnel people to one but we are biasing them towards a domain provider, and we want people to be able to choose their own readURLs which right now need to be FQDNs

Next, there is the challenge of automating SSL. To make gaia hubs user friendly we need to make it easier to provide SSL for the gaia read url which would be a users FQDN. Because the first process s not automated away to allow for freedom there, the second one is much harder to automate, but are still working hard at making this user friendly and have some options for setting up gaia hubs.

When it comes to replicating data, I would assume it would make it easier to tamper with data the more places it is stored if your concern is bypassing consensus and considering how admins would have physical access to the data.

Furthermore IPFS does not actually duplicate data until a request is made on the IPFS data, it is only hosted on the origin server at that point, and when it is replicated, it is only for a certain period of time. I would not consider IPFS to be a fault tolerant way to ensure data is not tampered with for long term records.