HI STEVE






-------- Original Message --------
On Aug 27, 2019, 12:32 PM, Stephen D. Williams < sdw@lig.net> wrote:


On 8/24/19 11:33 PM, Zenaan Harkness wrote:
On Fri, Aug 23, 2019 at 11:34:53PM -0700, Stephen D. Williams wrote:
For certain common purposes, one would not want anonymity, but pseudonymity
along with certain pairs and groups having true name sharing or reputational
pseudonyms, federated identities, etc.

Messages should have verifiable provenance, protection, and sometimes known chain of evidence.

There should be methods to determine leakers, and similar bad actors.
HA!

SDW-Fed pops up again.

  > There should be methods to determine leakers, and similar bad
  > actors.

Absolutely precious!

Parody, irony, subterfuge attempt, or plain ole Jewish Chutzpah -
whatever in hell your smokin', there ain't no freedom in it...

Chuckle of the day dept.

I generally don't have time to waste with you puerile idiots who imagine that they are bullying people in any meaningful way toward any useful goal at all.  But one message before you two are plonked again.

If you two didn't think so shallowly and stupidly, you would see that features like "methods to determine leakers, and similar bad actors" are useful for groups fearful of illegal or otherwise improper overstep by groups like the FBI, such as by an undercover mole or false flag agent or similar.  So, as per usual, you completely misunderstood the implications, arriving at an exactly opposite misunderstanding.  Typical.

You have inspired an additional feature: Training on a corpus of your rantings to auto-filter certain people from all future systems and communication as being the chronic bad actors you are.  That would be useful here on the now long-polluted Cypherpunks.  The consistency of your insane paranoia and verbal diarrhea certainly means that you are trivial for the authorities to track through any group communication system.

The FBI had a rocky, messy genesis.  And for too long they did things we now solidly think of as improper and wrong.  They still have made some bad mistakes not that long ago.  There are some misguided laws that they are in charge of prosecuting.  However, they are pretty much all good people trying to do the right thing in all circumstances.  If you actually did anything useful in life, had a real job, a real company, or a real family, or if you cared about others at all, there are plenty of circumstances where you would want the FBI around to help.  That doesn't mean that we, as citizens, shouldn't expect excellence, oversight, and strict avoidance of abuse and especially lack of accountability of abuse.  And we should protect our rights in a way that doesn't enable terrorists etc. too much.

At the same time, we should try to find solutions to problems like, as I call it, the Indian Village Whatsapp Rumor Killings - what happens when unfettered encrypted messaging meets impressionable people with not much understanding of the perils of losing provenance & verification along with the asymmetry of sensationalist information flow, and how do we fix it without allowing other problems?

We do have a solution that mostly works: Centralized unencrypted messaging hubs like Facebook, Twitter, et al that can be monitored, data mined, correlated, shared with authorities, etc.  It's a bummer if that is the only workable solution.  With enough rules, that can continue to work most of the time, but it's not optimal.  Too bad this channel is so polluted, by you, that we couldn't work on an alternate solution.  We used to solve problems here.

Solving this properly will involve some balance of crypto, technology, policy, ethics, law, sociology, psychology, and economics.  If you can't understand how things are currently working, you're probably not capable of designing a better alternative.  If you think that the FBI / Google / Amazon / Facebook / Apple are only bad, or are actively trying to spy on you for immoral & illegitimate purposes, etc., that's probably not a good sign of your capability or mental health.  There is a difference between 'this is possible' and 'this multi-billion dollar company would assume they could get away with ______ without any leaks, clearly risking those billions'.  Good to examine and battle over the gray areas, where they do sometimes go too far.  But many are illogically paranoid.  A professional level of security awareness and understanding takes all of that into account, avoiding paranoia.

sdw


      
It should be possible to limit DDoS and similar abuse that tries to disable the network; hard to do if everything is anonymous.

Perhaps this could be layered on to bitmessage or a similar but different system.

Stephen

On 8/23/19 12:22 PM, Steven Schear wrote:
The lead developer is Peter Surda.

On Fri, Aug 23, 2019, 5:07 AM Zenaan Harkness <zen@freedbms.net <mailto:zen@freedbms.net>> wrote:

    On Tue, Aug 20, 2019 at 09:29:52PM -0000, cypherpunk@danwin1210.me <mailto:cypherpunk@danwin1210.me> wrote:
    > Bitmessage - Anonymous, Encrypted, Secure Messaging, Chans, and Broadcasts
    > --------------------------------------------------------------------------
    >
    > There is a uncensorable messaging and discussion network, Bitmessage. It
    > is a decentralized and trustless peer-to-peer protocol. It sports a slick
    > graphical interface that works like a mail client. The UX is snappy and
    > easy even for Grandma. Management of cryptography keys and signing is
    > automatic under the hood and is never exposed to the end user. It is an
    > order of magnitude easier to use than PGP or GnuPG.
    >
    > https://bitmessage.org
    > https://github.com/Bitmessage/PyBitmessage
    >
    > Bitmessage works like the old mixnets or remailers but much more securely.
    > It is highly resistant to eavesdropping and censorship. The lead developer
    > is from the old cypherpunk culture.
    >
    > Bitmessage has several useful features:
    >
    > * Connect via Tor
    > * Anonymous chans
    > * Anonymous broadcasts
    > * Anonymous distributed mailing list repeaters
    > * Private messaging addresses
    > * Automatic management of all cryptography keys
    >
    > You can run bitmessage in a firejail on Linux for extra extra security.
    > We've found only one security hole in over six years of development, and
    > we're pretty confident that it is very secure "out of the box" at this
    > time.
    >
    > If you want to help the network please configure a node to accept incoming
    > connections to increase the speed and security of the network against
    > traffic analysis. The more peers that accept incoming connections the more
    > resilient the network becomes.
    >
    > Please share this resource with all the mailing lists to which you are
    > subscribed, with your friends, and on bulletin boards.
    >
    > I hope to see you on the Bitmessage channel, [chan] cypherpunks.
    >
    > To subscribe to this chan in Bitmessage, click on the 'Chans' tab, then
    > click the 'Add chan' button, then enter the passphrase 'cypherpunks' and
    > click OK.
    >
    > The crypto community has been hijacked by shills who try to control the
    > discussion and keep people in the dark about the sad state of privacy.
    > There are a lot of pro-law-enforcement shills who are trying to move us
    > into back-doored crypto. The "leaders" have hidden agendas. They keep
    > rolling out broken cryptography full of security holes (how convenient),
    > then tell the rest of us to never roll our own crypto (how inconvenient
    > for them), that we should put all our eggs in their leaky basket.
    >
    > a old cypherpunk


    On the face of the above marketing, checking all the right boxes -
    that's a good start.

    Needs to be at the top of a few bucket lists to review the
    architecture, compare, etc.

    Thank you for the heads up...

--