Comment by smt88
20 hours ago
The distribution system you're describing exists and has been in use for decades. You just distribute the build using bittorrent.
20 hours ago
The distribution system you're describing exists and has been in use for decades. You just distribute the build using bittorrent.
And if someone invests in having >90% of the peers offer a malicious file and serve DHTs matching that file?
Torrent files are hashed, so it's exactly the same risk profile as the comment I was referring to. But generally hashing algorithms are collision-proof enough that what you're describing is basically impossible (requiring many years of compute time).
IIRC BitTorrent still uses SHA-1, which is becoming more problematic.
1 reply →