I’m wondering if Peergos uses the anonymous user ID to track when a user makes a payment, like Cryptee does?
Do you have a link to a description of what you are talking about? We do need to know if a given user has paid to enforce storage allowances. Being a subscription service we also need to be able to trigger a new payment for a user every month/year.
If you want to use it without paying you are free to self host, which has all the same features, and you can share/communicate with anyone on any other server.
1 Like
Btw, I see here (GitHub - Peergos/Peergos: A p2p, secure file storage, social network and application protocol) that your last audit was more than 5 years ago. Do you have any plans on doing a new one at all?
We had an audit a few months ago, but need to update some parts of our site to reference it more.
You can see our blog about it here:
https://peergos.org/posts/security-audit-2024
And you can see the report here:
2 Likes
slightly off topic but, ive always been interested, how do you decide on which auditing company to use?
Cure53 we chose based on their reputation and who works for them. The recent audit was paid for by NLNet because we were a previous Next Generation Internet grant recipient from the EU, and the auditor there, Radically Open Security, is partnered with them (and also awesome).
2 Likes
Perhaps doing something like Mullvad does?
You can pay with cash or XMR which removes tracability but no refunds as a consequence.
This may require a whole lot of set up and production for Peergos to manage and ensure before they can do the same as Mullvad. Would it be great? Absolutely. As much as I am guessing this is not feasible to them - I hope it one day will be. But that won’t stop me from buying it today nor it should anyone.
3 Likes
Thank you for your response. I haven’t created an account yet and plan to pay for a subscription as self hosting is too technical for me. According to your Privacy Policy, you collect usernames and payment information (such as name, card number, billing address etc.). My question is: when I make a payment, will my username be linked to my real identity?
1 Like
Yes, currently the usernames are linked to the payments for the reasons above. Though we don’t store any payment details, that is all handled by Stripe.
What you can do is this:
Enable us to buy a 1 year subscription first. We get the code in the email. Then we create an account with Peergos and enter the code to activate the account in full.
This way, only Stripe will know who we are but you will not be able to link the subscription to the username.
This must be feasible though, right? I hope you consider this.
2 Likes
Yeah, this wouldn’t be in my threat model but this more comes from a space where having a platform like this would enable people to protest peacfully and organize p2p online without putting their lives or police lives at risk. That said, this would be everything Tim May predicted and governments haven’t been super fond of this idea:
Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure, so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions. Combined with emerging information markets, crypto anarchy will create a liquid market for any and all material which can be put into words and pictures. And just as a seemingly minor invention like barbed wire made possible the fencing-off of vast ranches and farms, thus altering forever the concepts of land and property rights in the frontier West, so too will the seemingly minor discovery out of an arcane branch of mathematics come to be the wire clippers which dismantle the barbed wire around intellectual property.
This will distribute power to the people large states exploit in the way the internet was originally thought to do. These people won’t have the resources to host their own Peergos, so for this reason, I think for this platform to be viable for full-blown adoption, it fundamentally will need this at some point or it’s just another fun tech idea.
2 Likes
Hopefully, Peergos will consider and implement this in the future.
1 Like
Yes, we’ll definitely do something like this in the future when we’re a little less busy building core peergos features.
3 Likes
Thanks for confirming this and that it will indeed and eventually come to Peergos.
Your core development is indeed more important but I am reasonably hoping for this to be done by the end the year at most. Or maybe as an early Christmas present? Hope you can make that happen.
Thanks!
1 Like
Thank you for confirming this! I understand that this isn’t a priority at the moment, but I’ll keep an eye out 
1 Like