Anonymity Networks and Developer Determination

Karl gmkarl at gmail.com
Sat Sep 5 16:05:58 PDT 2020 

You say a few different things here.

I was thinking more privacy could help the "bazaar" work better by keeping
people safer from the trolls etc.  Zenaan, you sometimes post news articles
that can to me seem to criticize e.g. professors in sometimes dangerous
ways.  When such things happen about software developers it can interfere
with their work or even end it permanently.

I used to follow a great project called "boomerang", one of the first
public decompilers, but right before it became really usable the developer
was hired by an information security company and development basically
stopped.  This probably protected their profits incredibly as the tool was
free and such tools cost thousands of dollars commercially.

It's lots of fun to start building something with others but it opens you
up to more influence from outside the circle.  I mentioned earlier working
on a group-mad worldofwarcraft server; all I had to do was draft out an
outline of the code, show people how to do different parts, and keep
hanging out and relating, and it basically built itself with everyone
working on something that interested them (one guy didn't code much at all
but was excited to learn enough to comment and document everyone else's
code which was incredibly helpful)... until a new developer hacked our cvs
server and the owner was visited in his home by blizzard lawyers etc etc.
There were actually a lot of "teams" working on each their own servers,
each one with many people working together for fun.

A different project I worked on had everyone interested in one giant team
with over a hundred people in it all working for fun with no pay, every day
any time of day you could see people online working, but we weren't
experienced enough to make a collective design that would ever get
finished; everyone wanted their bit included, and the work went for years
never releasing.  With experience you can talk about such issues and avoid
them.

The end thing is that I don't have a "cathedral" anymore, so the ways I can
contribute are limited.  But y'know usually I talk about how important that
is, and I left it out.  Maybe the Tor situation's history is indicating
that the cathedral solution only worked for Tor and i2p and no other
similar projects (which I hear about a lot but do not know where to find).

I have a couple replies in line below.

On Sat, Sep 5, 2020, 6:13 PM Zenaan Harkness <zen at freedbms.net> wrote:

> On Sat, Sep 05, 2020 at 01:07:08PM -0400, Karl wrote:
> > This email is shared from a place of forthrightness (and hope).
> >
> > https://github.com/ipfs/notes/issues/37
> >
> > Just to add, I suspect the reason that the state of public anonymity
> tools
> > is not stronger is that the existing international powerholders, whose
> > power could be reduced by widespread accessible anonymity, take diverse
> > action to slow the release and hinder the effective use of the research.
> >
> > The way to make things change would be for people like us to agree to
> work
> > together on forging one right thing in a development community, and use
> > tools of both interpersonal mediation and software development to bring
> the
> > result to happen by force of collective determination. It might help if
>
>
> As Marxos correctly points out, the important ground is usually broken by
> a single individual - who must have sufficient time and resources, as well
> as ability.
>
> Once the cathedral has served its purpose, the bazaar can take over.
>
> In both Linus' hits, he created first alone, by himself, in his "personal
> cathedral" we can say (Linux and Git).
>
> As you know a collection of the basic ideas has been made.
>

I assume you mean iqnets .. honestly it's hard for me to handle my
psychosis well enough to link that with the issue thread at this time, but
yes.


> I am presently writing submissions in reply for a case in which the right
> to be heard (in a court case) is being demanded (by the team I am on,
> against the state), and it looks particularly challenging (read, low
> probability of success) due to the entrenched statute law which is quite
> explicit in this case.  Nonetheless, in this case, the question must be
> asked (something like "when there is both a law and a regulation, each
> allowing the self represented person to appeal on an issue of "was due
> process afforded", and he chooses the law but did not know the regulation,
> but the law denies an appeal whereas the regulation allows it, should that
> self represented person be denied his right to rehearing just because he
> did not know the regulation, but the law section he chose by default says
> 'if you use this section, you don't get a rehearing'?").
>

It's nice to hear what you're up to but I'm not sure what this is relating
to; why do you mention it?  Are you a lawyer/small org worker/activist?  Do
you need support?

I usually try to find ways to link regulations and human hearts (which are
very mushy and vulnerable if respected) such that the human, caring, right
things, that get suffering validated both big and small, grows larger.
 Not saying I'm actually any good at that.  It seems sad that someone
self-represented; I hear that's usually a way to be at a disadvantage.
Take it reasonably easy and do what seems right to you that is within your
capacity.

> everyone kept themselves more anonymous, collaborated in private as well
> as
> > in public, and supported people who ran into personal issues so as to
> > resist disruption and keep the work moving forward.
>
>
> These are good points, it's just that they assume that "a free for all
> communicty project" works - and in some cases (simpler things) it can work,
> and in other cases (maintenance of something already created) it can also
> work, but in certain cases (somewhat complex from a design perspective),
> the bazaar tends to not work so well, or not work at all - Marxos is
> correct about this.
>
> Also, "more privacy during development" is probably not particularly
> relevant in this instance, except that whoever finds the space to do the
> initial 'heavy lifting' might find "being less public" to be less
> distracting to his work than the alternative.
>

See top-reply.

I'm not sure who Marxos is.  I'm guessing it's someone from the issue
thread I haven't noticed yet.  I have trouble navigating the internet and
may or may not make it back to the issue thread.

Be well, peeps.

> On Fri, Sep 4, 2020, 5:49 PM David Stainton <notifications at github.com>
> > wrote:
> >
> > > It's too late for this discussion. IPFS has failed to embrace the
> concept
> > > of free Tor integration from volunteer developers.
> > >
> > > That having been said, anonymity is a synonym for traffic analysis
> > > resistance; that is to say, even encrypted traffic can be analyzed for
> the
> > > metadata it leaks. Tor is the very weakest of the existing designs for
> > > anonymous communication networks however it is the most widely used
> whereas
> > > the other designs from academia have not had much field testing; such
> as:
> > > mix networks, dcnets, verified shuffles and other things can be used to
> > > form anonymous communication networks such as private information
> > > retrieval, oblivious ram, multi party computation etc.
> > >
> > > Tor is trivially broken by any sufficient global adversary by means of
> > > timing correlation whereas mixnets are not. There are many other ways
> to
> > > break Tor.
> > >
> > > Anonymity aka traffic analysis resistance is not yet a popular security
> > > feature because these designs are in some respects ahead of their
> time...
> > > just like not every software project embraces deterministic builds.
> Just
> > > because your white middle class platitude doesn't allow you to
> understand
> > > why people in high risk situations might need these things doesn't mean
> > > they are not needed. In fact, in dealing with such folks I find the
> easiest
> > > way to impart the importance to them is to describe military scenarios,
> > > e.g. if you were in the military, overseas, you might actually be
> > > interested in traffic analysis resistance.
> > >
> > > Think about a future brighter than Tor! Think about mixnets, hybrid
> > > networks, dcnets and so on. Monoculture is death. Why is Tor the only
> > > successful anonymity network? And to a lesser degree I2p? Although the
> I2p
> > > observation is less valid because it's design is so similar to Tor in
> that
> > > it can easily be broken by timing correlation from a sufficiently
> global
> > > adversary.
> > >
> > > —
> > > You are receiving this because you commented.
> > > Reply to this email directly, view it on GitHub
> > > <https://github.com/ipfs/notes/issues/37#issuecomment-687407153>, or
> > > unsubscribe
> > > <
> https://github.com/notifications/unsubscribe-auth/AACEIIKJAJVQXDV267SEBU3SEFOGDANCNFSM4BOOQVOA
> >
> > > .
> > >
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 11360 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20200905/9923b410/attachment.txt>

More information about the cypherpunks mailing list