You say a few different things here. I was thinking more privacy could help the "bazaar" work better by keeping people safer from the trolls etc. Zenaan, you sometimes post news articles that can to me seem to criticize e.g. professors in sometimes dangerous ways. When such things happen about software developers it can interfere with their work or even end it permanently. I used to follow a great project called "boomerang", one of the first public decompilers, but right before it became really usable the developer was hired by an information security company and development basically stopped. This probably protected their profits incredibly as the tool was free and such tools cost thousands of dollars commercially. It's lots of fun to start building something with others but it opens you up to more influence from outside the circle. I mentioned earlier working on a group-mad worldofwarcraft server; all I had to do was draft out an outline of the code, show people how to do different parts, and keep hanging out and relating, and it basically built itself with everyone working on something that interested them (one guy didn't code much at all but was excited to learn enough to comment and document everyone else's code which was incredibly helpful)... until a new developer hacked our cvs server and the owner was visited in his home by blizzard lawyers etc etc. There were actually a lot of "teams" working on each their own servers, each one with many people working together for fun. A different project I worked on had everyone interested in one giant team with over a hundred people in it all working for fun with no pay, every day any time of day you could see people online working, but we weren't experienced enough to make a collective design that would ever get finished; everyone wanted their bit included, and the work went for years never releasing. With experience you can talk about such issues and avoid them. The end thing is that I don't have a "cathedral" anymore, so the ways I can contribute are limited. But y'know usually I talk about how important that is, and I left it out. Maybe the Tor situation's history is indicating that the cathedral solution only worked for Tor and i2p and no other similar projects (which I hear about a lot but do not know where to find). I have a couple replies in line below. On Sat, Sep 5, 2020, 6:13 PM Zenaan Harkness <zen@freedbms.net> wrote:
This email is shared from a place of forthrightness (and hope).
https://github.com/ipfs/notes/issues/37
Just to add, I suspect the reason that the state of public anonymity tools is not stronger is that the existing international powerholders, whose power could be reduced by widespread accessible anonymity, take diverse action to slow the release and hinder the effective use of the research.
The way to make things change would be for people like us to agree to work together on forging one right thing in a development community, and use tools of both interpersonal mediation and software development to bring
On Sat, Sep 05, 2020 at 01:07:08PM -0400, Karl wrote: the
result to happen by force of collective determination. It might help if
As Marxos correctly points out, the important ground is usually broken by a single individual - who must have sufficient time and resources, as well as ability.
Once the cathedral has served its purpose, the bazaar can take over.
In both Linus' hits, he created first alone, by himself, in his "personal cathedral" we can say (Linux and Git).
As you know a collection of the basic ideas has been made.
I assume you mean iqnets .. honestly it's hard for me to handle my psychosis well enough to link that with the issue thread at this time, but yes.
I am presently writing submissions in reply for a case in which the right to be heard (in a court case) is being demanded (by the team I am on, against the state), and it looks particularly challenging (read, low probability of success) due to the entrenched statute law which is quite explicit in this case. Nonetheless, in this case, the question must be asked (something like "when there is both a law and a regulation, each allowing the self represented person to appeal on an issue of "was due process afforded", and he chooses the law but did not know the regulation, but the law denies an appeal whereas the regulation allows it, should that self represented person be denied his right to rehearing just because he did not know the regulation, but the law section he chose by default says 'if you use this section, you don't get a rehearing'?").
It's nice to hear what you're up to but I'm not sure what this is relating to; why do you mention it? Are you a lawyer/small org worker/activist? Do you need support? I usually try to find ways to link regulations and human hearts (which are very mushy and vulnerable if respected) such that the human, caring, right things, that get suffering validated both big and small, grows larger. Not saying I'm actually any good at that. It seems sad that someone self-represented; I hear that's usually a way to be at a disadvantage. Take it reasonably easy and do what seems right to you that is within your capacity.
everyone kept themselves more anonymous, collaborated in private as well as
in public, and supported people who ran into personal issues so as to resist disruption and keep the work moving forward.
These are good points, it's just that they assume that "a free for all communicty project" works - and in some cases (simpler things) it can work, and in other cases (maintenance of something already created) it can also work, but in certain cases (somewhat complex from a design perspective), the bazaar tends to not work so well, or not work at all - Marxos is correct about this.
Also, "more privacy during development" is probably not particularly relevant in this instance, except that whoever finds the space to do the initial 'heavy lifting' might find "being less public" to be less distracting to his work than the alternative.
See top-reply. I'm not sure who Marxos is. I'm guessing it's someone from the issue thread I haven't noticed yet. I have trouble navigating the internet and may or may not make it back to the issue thread. Be well, peeps.
wrote:
It's too late for this discussion. IPFS has failed to embrace the concept of free Tor integration from volunteer developers.
That having been said, anonymity is a synonym for traffic analysis resistance; that is to say, even encrypted traffic can be analyzed for
metadata it leaks. Tor is the very weakest of the existing designs for anonymous communication networks however it is the most widely used whereas the other designs from academia have not had much field testing; such as: mix networks, dcnets, verified shuffles and other things can be used to form anonymous communication networks such as private information retrieval, oblivious ram, multi party computation etc.
Tor is trivially broken by any sufficient global adversary by means of timing correlation whereas mixnets are not. There are many other ways to break Tor.
Anonymity aka traffic analysis resistance is not yet a popular security feature because these designs are in some respects ahead of their time... just like not every software project embraces deterministic builds. Just because your white middle class platitude doesn't allow you to understand why people in high risk situations might need these things doesn't mean they are not needed. In fact, in dealing with such folks I find the easiest way to impart the importance to them is to describe military scenarios, e.g. if you were in the military, overseas, you might actually be interested in traffic analysis resistance.
Think about a future brighter than Tor! Think about mixnets, hybrid networks, dcnets and so on. Monoculture is death. Why is Tor the only successful anonymity network? And to a lesser degree I2p? Although the I2p observation is less valid because it's design is so similar to Tor in
On Fri, Sep 4, 2020, 5:49 PM David Stainton <notifications@github.com> the that
it can easily be broken by timing correlation from a sufficiently global adversary.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub <https://github.com/ipfs/notes/issues/37#issuecomment-687407153>, or unsubscribe < https://github.com/notifications/unsubscribe-auth/AACEIIKJAJVQXDV267SEBU3SEF...
.