Salta al contenuto principale

The Internet was built as a kind of decentralized democracy. Change is slow and messy but it protects us from a single entity forcing their will on us.

When you move your data and social graph to a closed platform you vote for authoritarian rule.

Such choices never end well.

reshared this

in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
Many trusted their data and social graph to VK in Russia under a benevolent dictator that fought for their rights.

The Russian government saw him replaced with someone more ethically flexible and now they control those systems.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
Many trusted all the Apple marketing on privacy.

In China, Taiwan, and Hong Kong we saw apps and emoji used for dissent were banned, rooms on private networks like Telegram were pressured to be banned, and encryption keys for iMessage/iCloud were handed over to the CCP.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
The Oculus VR team intended to protect users on their network from excessive surveillance and abuse.

They sold to Facebook, who told them they would carry that vision forward and never require Facebook accounts.

Facebook changed their mind when they saw value in the data.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
The founders of WhatsApp sought to provide easy secure communication for the masses, but scaling is hard and expensive.

Facebook offered to buy them and help them scale their vision for privacy, and keep them independent.

Spoiler: they lied.

Henry Edward Hardy reshared this.

in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
The masses are now flocking move their data and social graphs to Signal, yet another closed network run by a well meaning benevolent dictator.

I am sure if will be different this time.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
We have a choice.

HTTP is standard and controlled by no single party. You can choose whatever web browser or ISP you want and people who made different choices can all communicate and cooperate.

Same story with SMTP, ActivityPub, or Matrix.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
Building huge networks with decentralized control means you get new features slower, and sometimes rollouts are messier, but to adopt anything else is to abandon the very freedom that allowed the internet to become what it is today, instead of all being owned by someone like AOL.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
I once thought I too could protect the data of a lot of users.

I ran a machine learning company that analyzed social media data.

Unlike competitors I made this a free public search engine.

Investors demanded I turn it into a political propaganda machine.

I ultimately quit.
in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
I ran infrastructure, and security at Pebble and was unquestionably the loudest voice for privacy.

But then we got acquired by Fitbit. I realized I could not protect user data anymore. I quit.

Now that data is owned by Google.

reshared this

in reply to Lance R. Vick

Lance R. Vick
Lance R. Vick
Any single entity that thinks they can protect a huge pile of valuable data forever is as naive as I once was.

We must stop taking the easy road or picking things based only on their UX.

Learn to use decentralized systems and teach others or the free internet won't survive.
in reply to Adonay Felipe Nogueira

Lance R. Vick
Lance R. Vick
the matrix protocol is public and many are implementing clients and servers.

XMPP while first of its kind, is also heavily XML based and was largely developed without universal end to end encryption, or battery budget in mind.

Matrix corrects a lot of the XMPP failings that made it ineffecient and expensive to scale which is exactly why Facebook, Google, and others abandoned it for their large scale deployments.
in reply to Lance R. Vick

federico
federico
They both leak all traffic metadata, depend on DNS and on trusting servers a lot. I hope the world can learn from #Briar
#Briar
in reply to federico

Lance R. Vick
Lance R. Vick
Briar is awesome but won't scale nearly as well. You can run your own server and house your own metadata on matrix though. Tradeoffs.

On that note, Matrix p2p is in testing now though where each client can be a server for itself automagically.
in reply to Lance R. Vick

Elena ``of Valhalla''
Elena ``of Valhalla''
xmpp was designed from the start to be easy to expand and adapt to new needs: it is of course still heavily XML based (not that it really matters if you're not writing an xmpp server or a client without using an existing library), but the battery budget issues have been solved since a few years and end to end encryption is, with some caveats on the metadata that also apply to matrix, working as well as most alternatives.

The standard did have a few years of stagnation, just around the time when facebook and google started defederating from it (but afaik they kept using xmpp for quite some time, although they added some proprietary extensions with time), but it has since recovered.
in reply to Elena ``of Valhalla''

Adonay Felipe Nogueira
Adonay Felipe Nogueira
I agree with you.

The argument that “it's bad becaus of XML” is moot. Sure it does consume more resources depending on the message, but with the #XMPP #XEP for push notifications, it provides incentive for account providers to make those push services available for their own accounts, thus no longer depending on #GAFAM and such like.
#xmpp #GAFAM #xep
in reply to Adonay Felipe Nogueira

federico
federico
This old post comes to mind. https://xmpp.org/about/myths.html
Yet, both JSON and XML require linear parsing and do not support zero-copy operation. It's like racing donkeys VS mules.
in reply to Lance R. Vick

Christine Lemmer-Webber
Christine Lemmer-Webber
> the matrix protocol is public and many are implementing clients and servers.

Clients, yes. But servers? I thought there was basically only one real server implementation that anyone used?
in reply to Christine Lemmer-Webber

Christine Lemmer-Webber
Christine Lemmer-Webber
I'm glad Matrix exists and am glad for the work they are doing, don't get me wrong
in reply to Christine Lemmer-Webber

Slacktoid
Slacktoid
Synapse is the proof of concept server, anyone is can make their own server code, Dendrite is one such example.
They just need to implement the different specs. This issue is that matrix is growing really fast and servers like dendrite are fairly new. There will soon be a time when dendrite catches up fully and only needs to add new features as and when they come.
@lrvick @adfeno
@Adonay Felipe Nogueira @Lance R. Vick
in reply to Lance R. Vick

∿ und̷e̷l̷ě̷t̷e̷d̷
∿ und̷e̷l̷ě̷t̷e̷d̷
I heard about the censorship, but didn't know about the private keys handover - can you share some details/sources?
in reply to ∿ und̷e̷l̷ě̷t̷e̷d̷

Lance R. Vick
Lance R. Vick
china mandated all services that operate in their country must host all hardware and HSMs there and ensure a path exists for user monitoring.

Some left China over this. Apple readily complied. Some more evidence:

https://blog.cryptographyengineering.com/2018/01/16/icloud-in-china/

Apple can run different firmware with different rules on different HSMs, and even encrypt data to an extra special set of keys.

Apple web services in China are hosted locally and controlled by the CCP without question now.
Unknown parent

Lance R. Vick
Lance R. Vick
if light servers are what you are after, look at dendrite. Light enough to run inside a web browser for p2p setups.

Synapse was a great protocol MVP but it is a monster to run and likely has outlived it's usefulness.

Questo sito utilizza cookie per riconosce gli utenti loggati e quelli che tornano a visitare. Proseguendo la navigazione su questo sito, accetti l'utilizzo di questi cookie.