|
| 1 | +# Privacy and security |
| 2 | + |
| 3 | +DeWeb offers a decentralized way to host and access websites, putting control into users' hands. However, the level of privacy and security depends on how you choose to access DeWeb. |
| 4 | +Below, we’ll detail the available methods, their benefits, and their risks. |
| 5 | + |
| 6 | +## 1. Accessing DeWeb Through a Local Node and Local Provider |
| 7 | +Running both a local node and a local provider is the most secure and private way to access DeWeb. |
| 8 | + _Benefit:_ |
| 9 | + * Full Privacy: No third parties are involved, so your browsing activity is completely private. |
| 10 | + * Data Integrity: Content is fetched directly from the blockchain, ensuring it hasn’t been altered. |
| 11 | + _Risks:_ |
| 12 | + * Malicious websites can still harm you. For example: |
| 13 | + * JavaScript Backdoors: A site might call external servers, revealing your IP address. |
| 14 | + * Phishing: Fake sites could trick you into sharing sensitive information. |
| 15 | + * Wallet Exploits: A malicious site may try to get you to approve unauthorized transactions. |
| 16 | + |
| 17 | +## 2. Accessing DeWeb Through a Local Provider Connected to a Third-Party Node |
| 18 | +If running a local node isn’t an option, using a local provider with a third-party node offers a middle ground. |
| 19 | +_Benefits:_ |
| 20 | + * Improved Setup Simplicity: You don’t need to manage a full node, but your local provider still processes content locally, adding a layer of security. |
| 21 | +_Risks:_ |
| 22 | + * Privacy Concerns: The third-party node can see the sites you access and associate them with your IP address. |
| 23 | + * Tampering Risk: A malicious node could modify the data before sending it to your local provider. |
| 24 | + * Site-Based Risks: Any compromised website can exploit your device, just as in Option 1. |
| 25 | + |
| 26 | +## 3. Accessing DeWeb Through a Third-Party Provider |
| 27 | +For maximum convenience, you can use a third-party provider that retrieves and delivers content directly to your browser. |
| 28 | +_Benefits:_ |
| 29 | + * Ease of Use: No technical setup is needed. You can access DeWeb directly in your browser. |
| 30 | +Risks: |
| 31 | + * Visibility: The provider can track your browsing activity and associate it with your IP address. |
| 32 | + * Content Manipulation: The provider could modify website data, injecting malicious code or redirecting you to fake sites. |
| 33 | + * Site-Based Risks: The same risks from visiting malicious sites apply here as in Options 1 and 2. |
| 34 | + |
| 35 | +## Best Practices for Safe Browsing on DeWeb |
| 36 | + 1. Verify Websites: Only visit trusted websites with verified Massa Name Service (MNS) domains. |
| 37 | + 2. Review Transactions: Carefully check every transaction before signing it with your wallet. |
| 38 | + 3. Stay Updated: Follow official Massa channels for news on registry updates and decentralized tools. |
| 39 | + 4. Understand Immutability: Proposals are underway to make uploaded content immutable, reducing risks of unauthorized changes. |
| 40 | + |
| 41 | +## Looking Ahead |
| 42 | +DeWeb is continuously evolving to improve privacy, security, and ease of use. |
| 43 | +Current registries are temporary solutions, and a fully decentralized registry system is in development to further enhance the experience. |
| 44 | +Also, a browser plugin will be developped to validate website integritity end-to-end which should solve supply chain attack issues when a third party node or provider is used, but not censorship and privacy. So we really recommend you to run a node and a local provider. |
| 45 | + |
| 46 | + |
| 47 | +Whether you prioritize privacy, security, or simplicity, DeWeb gives you the tools to browse the decentralized web in a way that suits your needs. |
0 commit comments