On Tue, 14 Jul 2015 02:45:39 -0700, Shelley wrote:

I'm glad it's not just me! That was my reaction too but I held back from commenting, because I feel like I'm always bitching here about cpunks or anyone interested in privacy still using google for any reason. I don't understand it.

I've come to the conclusion that almost without exception, people will opt for convenience over privacy and dignity. Oh, in other news, Google has snapped up several of the new 'public' gTLDs (such as .dev) for their own exclusive use, yay Google. [1] http://sealedabstract.com/rants/google-our-patron-saint-of-the-closed-web/ == Google, Our Patron Saint of the Closed Web ========================================== Lately there’s been a barrage of articles about how Apple is destroying the open web (because “app store, lol”) and it is Time Something Was Done About This: Apple’s paranoid approach to developer relations, and, I assume, relations with other browser vendors (and, in fact, relations to anything outside itself) is becoming a serious liability to the open Web. That is the issue we must confront. Or here: Apple simply does not play well with other vendors when it comes to standardization. The same sort of things we once criticized Microsoft for doing long ago, we give Apple a pass on today. They’re very content to play in their own little sandbox all too often. The answer of course is to petition the Internet Darling Google: In order to forcibly educate Apple to become a responsible web citizen, it is necessary to create a counter-weight; to find a company that will support the open Web and has enough market share to force even web developers who’d prefer to work in iOS only to pay attention to pointer events. That company is Google. Why? Who knows. Maybe because Android is “open”, whatever the hell that means. Maybe it is because Google is strongly pro-net-neutrality, and Apple has made their customary “no comment”. Maybe because Google employees have blogs. The world may never know. Meanwhile, in another part of town, Google has secretly been plotting to destroy the open internet. It started innocently enough Some time around 2008, ICANN determined we didn’t have enough domains. So they decided to open the floodgates on so-called “generic TLDs” or “gTLDs”. Stuff like .app, .ceo, .church, and so on. Of course ICANN cannot actually afford to manage the day-to-day operations of thousands of new TLDs. So they’ve opened the process up to anyone who wants to apply. So you fill out an application, you pay $185,000, there’s a convoluted evaluation process where they ask you questions like whether or not you’re a drug dealer and whether you’re technically qualified to run a TLD, and after a lengthy and bureaucratic review process you basically get your own TLD. It came as no surprise that thousands of applicants came forward in some kind of crazed internet landrush. Many internet companies are placing bets. Amazon made some 76 applications, and Google made even more, with 101. What people did not seem to expect (whether due to incompetence or malice is up for debate) is what they would be used for. Closed TLDs Let’s talk about a domain that’s near and dear to my heart, .dev. Wouldn’t it be great to have a domain for content targeted at software developers? So that you could actually get a domain name for www.[your-side-project].dev? Instead abusing the .io domain which is officially for the British Indian Ocean Territory. Alas, Google does not think much of that plan. Under their shell company “Charleston Road Registry Inc.” (whose “CEO” is merely Google’s in-house counsel), they have applied for control of the .dev domain, which they intend to be: completely closed for the sole use of Google. In case you thought that was a typo, they elaborate: Second-level domain names within the proposed gTLD are intended for registration and use by Google only, and domain names under the new gTLD will not be available to the general public for purchase, sale, or registration. As such, Charleston Road Registry intends to apply for an exemption to the ICANN Registry Operator Code of Conduct as Google is intended to be the sole registrar and registrant. In case you believe Google is drunk and they meant to apply for some other, more Google-specific string, instead of claiming some kind of monopoly over software development in its entitreity, they helpfully clarify that no, they know exactly what they are doing: The proposed gTLD will provide Google with direct association to the term ʺdev,ʺ which is an abbreviation of the word, ʺdevelopment.ʺ The mission of this gTLD, .dev, is to provide a dedicated domain space in which Google can enact second-level domains specific to its projects in development. Specifically, the new gTLD will provide Google with greater ability to create a custom portal for employees to manage products and services in development. I will not bore you with the full application, which is 48 pages and includes such ridiculous details as how Google will respond to abuse claims from itself, and how it will handle disputes from itself if Google files a complaint with Google about Google’s registration of a domain name. Nor will I bother you with the other 100 applications for the other 100 TLDs, which are probably similar but I haven’t read all of them because it’s a Friday night and I have plans, so don’t shoot me if it turns out some of them are more evil than others. But it’s all in there, if you are looking for background material for your next Kafka novel. Update: Somebody did the math. Google wants 27 of them. The backlash begins I know what you’re thinking. “What backlash? I’ve never heard about this.” It turns out that Google’s behavior has annoyed a lot of domain name people. But you haven’t heard about it because you don’t hang out with scummy fly-by-night domainers who run SEO seminars. Nonetheless, there is plenty of buzz about this in those circles. (I can’t believe I just gave them a link.) Governments have also gotten upset too, although you wouldn’t know cause you don’t read boring government reports. The Government of Australia, in particular, has been instrumental in trying to block these proposals. in late 2012 the Australian Government issued 129 early warnings to applicants of strings which raised a number of concerns, including where the applicant was seeking to have exclusive use of a generic term. ICANN’s Governmental Advisory Committee (GAC) subsequently provided advice to the ICANN Board at its Beijing meeting in April 2013, which included a recommendation relating to generic terms, and a non-exhaustive list of generic terms for the Board’s immediate consideration. In response to this controversy, ICANN decided to take a breather and think about if this whole “closed” domain thing was a good idea after all. Google doubles down In response to this criticism, Google backed off on what was clearly an overreach designed to wrest control over the future of the Internet. Haha, just kidding. Instead, Google CIO Ben Fried wrote what I’m pretty sure is the most brazen, jaw-dropping attack on an open Internet that has ever been publicly published by the executive of any Internet company. I mean, flip some words around and it sounds like you’re reading Comcast’s position against Net Neutrality. You should read the entire letter, but here are some highlights. Google opens with a “how-is-this-not-a-parody” argument that owning a TLD and not allowing anyone else to use it “lead[s] to diversified consumer choice”: Today, most Internet users have only one practical choice when it comes to how their TLDs are managed: a completely unrestricted model environment in which any registrant can register any name for any purpose and use it as they see fit. It’s sort of like how North Korea promotes choice because what if some people want to choose a totalitarian regime. They then argue that DNS configuration is too hard and so we should just force all .blog domains to use Google Blogger: By contrast, our application for the .blog TLD describes a new way of automatically linking new second level domains to blogs on our Blogger platform – this approach eliminates the need for any technical configuration on the part of the user and thus makes the domain name more user friendly That Google should be allowed to close TLDs because nobody will notice anyway: Because of the strong user bias toward domains within .com, today a generic .com domain name (e.g., jewelry.com or book.com) is likely to produce more traffic and to be more valuable for a business than a generic TLD. That Google has spent a lot of time and money trying to buy these domains and if you don’t let them bad things will happen Applicants have read the guidebook and relied on the policies contained within to guide their applications. They spent considerable time and money on their applications in the hopes they would be granted the applied for string. At best, retroactively deciding to allow a more restrictive interpretation of the guidebook and at worst going back and “adding in” policy runs the risk of appearing capricious and eroding trust in the process. Do you know what the consequences of not giving Google what they want will be? Do you? DO YOU? DO YOU ICANN?? we must remember that changing the process midstream will have real and practical consequences for businesses and end users alike. “Closed generic TLD”. Who even knows what those words mean anyway? I mean, you’d have to get a dictionary, or maybe (gasp) google it. Words don’t real: In reality, neither of the two words have a contextually appropriate objective definition, and the combined term has no meaning other than what has been invented in recent discussions about the gTLD program. Tell you what though. You know those 101 domains we applied for? We’ll throw you a bone and open 4 of them. That should resolve the “particular sensitivity within the Internet community” about Google closing the Internet. Google has identified four of our current single registrant applications that we will revise: .app, .blog, .cloud and .search. In conclusion Is my conclusion that Apple should get a free pass for hamstringing their web evangelists? No. Get your Safari team a blog, Apple. Let them give a talk at a fucking conference. My point is that if you think Google is some kind of Patron Saint of the Open Web, shit son. Tim Cook on his best day could not conceive of a dastardly plan like this. This is a methodical, coordinated, long-running and well-planned attack on the open web that comes from the highest levels of Google leadership. And we’re giving Apple a free pass? Pshaw. Let’s get serious. These companies are both as good or as bad as we allow them to be. There is no hero here. In the immortal words of John Adams, There is nothing which I dread so much as a division of the republic into two great parties, each arranged under its leader, and concerting measures in opposition to each other. This, in my humble apprehension, is to be dreaded as the greatest political evil under our Constitution.

On 7/15/15, Seth wrote:

... I've come to the conclusion that almost without exception, people will opt for convenience over privacy and dignity.

you should know that convenient and vulnerable is subsidized by the billions, advertisers and intelligence spooks all the same, same as it ever was... [ so worse that predisposition, you've got active adversary on top! ] fun problems :) best regards,

Dnia wtorek, 14 lipca 2015 02:45:39 Shelley pisze:

On July 14, 2015 2:11:35 AM stef wrote:

...

On Mon, Jul 13, 2015 at 10:07:57PM -0400, grarpamp wrote:

...

https://plus.google.com/communities/109624826715876091211 Encryption Rights - Protecting Our Rights to Strongly Encrypt By Lauren Weinstein http://www.vortex.com/lauren

but wtf in the middle of the kraakens tentacles? wth do people still trust google? even laura. wtf? the mind boggles.

--

I'm glad it's not just me! That was my reaction too but I held back from commenting, because I feel like I'm always bitching here about cpunks or anyone interested in privacy still using google for any reason. I don't understand it.

+1 here. Well, I understand the need for more "social" (for want of better word) communication platform than e-mail. For me, this is Twister: http://twister.net.co/ -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147

Dnia sobota, 18 lipca 2015 10:55:52 eden pisze:

...

+1 here.

I'm an admin for a lot of groups. Those groups are run on Yahoo, Google, as well as some that are run on private mailman machines. The question keeps coming up... what is the alternative?

Run your own servers, control your own infrastructure. There are ways to do it. Next on my "ToTest" list is this, for instance: https://github.com/sovereign/sovereign

...

Well, I understand the need for more "social" (for want of better word) communication platform than e-mail. For me, this is Twister: http://twister.net.co/

This looks very interesting. Thank you, i will have to look into it.

But, back to the question: How/where can someone run a simple (ignoring the sign-up required by Yahoo/Google/etc.), public, free (both ways, because paying would require identification) forum, allowing for anonymous posts (but not allowing it to be overrun by trolls), that has a simple searchable (and findable - as in searched by Google, Yahoo, etc.) archive?

The question is not price; the question is whether you are aware that you're always paying in hard cash or private data. If you value your data you will find the cash.

You still have to trust a privately run forum. Trust, as in, will it be censored, altered, still there after the volunteer gets tired of it, etc.?

Run your own forum, or use something like Twister -- censorship doesn't really seem possible there.

In other words, if you want a private discussion group about Privacy, then yes, keep it small and secret... somehow. But if you want a public discussion, what are the alternatives to Google/Yahoo/etc.?

Get more people off of Google/Yahoo/etc. There's also The Federation: http://the-federation.info/ You can even set up more pods/servers. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 That's pretty cool, the indiehosters.net thing which I hadn't seen until now, looks like people might consider hopping onto it to divest somewhat from Google / facebook business models. On 07/21/2015 07:14 AM, Seth wrote:

On Sat, 18 Jul 2015 14:09:21 -0700, rysiek wrote:

...

Run your own servers, control your own infrastructure. There are ways to do it. Next on my "ToTest" list is this, for instance: https://github.com/sovereign/sovereign

Funny you mention the Sovereign project, I stumbled upon it myself for the first time last week.

I had already been in the process of building my own version of essentially the same thing, only geared more towards Parabola GNU/Linux and Open/FreeBSD.

Another interesting project for wresting back control of your data and services is indiehosters [1][2]

Probably a better option for those without copious amounts of free time and the technical skills and desire to implement a DIY solution.

[1] http://www.wired.com/2014/11/indie-hosters/ [2] https://indiehosters.net/

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVrnQXAAoJEGxwq/inSG8CmKEIALR7rppdBNubhMTNGJcPQ1be 4O+NSzCC3h/lAIfdqymOOLmuaEqTigIfFU+8wpbwyKGeg/q/6uCi21hOSgEyb6XW 0ijJG05xEimM1peHk7REndCIzgOG2+JvE4r4I4tOdy1MHyJwxQQq9MK/bN59Seto wVVbtojLrBJ64cTb9rz2Ctgt6cILY1drKU6qP8kftKf8vLOggHyrjetlNXfPnVci pAAU40tlgexDGwtPlwrShAdGcDNcHnwK8rK4VwfC1msem7SIHXj/CfuqBr4wc3+0 qeYB7piBpDn6dgCjNffaETWhpo/XXewccAOfksp2Izu9dpagwFYxYCCN7s2pGoE= =EJks -----END PGP SIGNATURE-----

Dnia niedziela, 19 lipca 2015 11:20:43 Florian Weimer pisze:

* eden:

...

I'm an admin for a lot of groups. Those groups are run on Yahoo,

Google, as well as some that are run on private mailman machines. The question keeps coming up... what is the alternative?

Mailman 3? It is supposed to offer an interface which appeals more to casual users not entirely comfortable with email, while at the same time offering complete email integration.

I've also seen Discourse instances which look quite useful, but I'm not a regular user on such platforms to tell how it works out in practice.

Sympa worked pretty well for me also. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Those who are following this list probably know these options already, but it bears repeating in case a reader has not yet checked one of these out: Diaspora (http://podupti.me), Twister (http://twister.net.co/), TrsstProject (https://github.com/TrsstProject/trsst/releases) And of course, don't forget bitmessage (or pybitmessage available on linux) https://bitmessage.org/wiki/Main_Page On 07/18/2015 11:05 AM, Cathal (Phone) wrote:

Is Twister usable yet? Back when it released in alpha/beta form it was very slow and irregular in updating people's feeds because it was built on libtorrent which scheduled only 10 swarms at any time.

The lack of a useful way to pubsub at the network level seemed to limit Twister to small followerships: if I want to follow 300 people, I have to join 300 swarms, plus a blockchain!

On 18 July 2015 18:07:19 GMT+01:00, rysiek wrote:

...

Well, I understand the need for more "social" (for want of better word)

communication platform than e-mail. For me, this is Twister: http://twister.net.co/

- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVq1kwAAoJEGxwq/inSG8CSHsIAJK5+7K0g6/9mtorBG7sdOef 0ns9eWM6BrwTQ2aVHqRRWcVpXsinba950q0gWxsInzt0l7DOun78YJKqlQB1nsT0 aPh8CIKAMgyIxLc3xKdlJhc7fWH5fGCHSd3dKcgNWBpdOugylgwKD8ZF8552QABH TefMoKQnejlExNsoBch5GORVZ9+JoI7EakMV4Xh/2wwgLtuFgsUHj4Q9QlhaQlKf eD9T/SPC9fgDj4FP8xdaiEstZKrGnUhovC6ha3/cklCHJqDaZJwHMnyQfgnJuHTZ FSWqMtmyC/rF5CRIdsfThFA8GZFzUtC6ZpoWL1V2ztyxId4eOdXZMJ92q2uUaoY= =MM5M -----END PGP SIGNATURE-----