To not pollute the list I respond to 4 interesting authors in a single mail!
On 05/09/2014 03:23 AM, Doug Schuler wrote: > Realistically we need to develop an entire suite of publicly > owned tools. Could the development and implementation be > massively distributed? http://youbroketheinternet.org and the Wau Holland Stiftung behind it are somehow naively trying to make suitable projects interact in a way that at least one new Internet stack comes out of it. There is a map on the site that mentions the various projects and there are video presentations of many of them. Once realized, the new stack would need to get deployed to humanity, which I think is much more feasible than people think - after all smartphones got out there, too, and, at the beginning, the new network operates as an overlay over the old, so it installs like an app. I2P and Orbot are already taking that step now. I personally work on secushare which helps GNUnet out on the upper scalability and applicability layers. > Or is it over? We lost all the other media.... >From my perspective of potential technologies I say it is very much in our hands. It doesn't even take enormous efforts, just a bit more attention to the folks that are doing the job. The problem is that most people have difficulty telling which ones are the ones doing the job that is actually needed, and which are investing huge amounts of time in infrastructure that won't do, faling pray to the fallacy that an upgrade of something existing has better chances of getting deployed - history has not confirmed that thinking. The GNU Internet will spread like some new app and people will spend less and less time in the old one. > "In just a few short years, starting in 1998, this company has grown to > employ almost 50,000 people worldwide, generated sixty billion dollars > in revenue last year, and has a current market capitalization of more > than 350 billion dollars. Google is not only the biggest search engine > in the world, but along with Youtube (the second biggest search engine > in the world) it also has the largest video platform, with Chrome the > biggest browser, with Gmail the most widely used e-mail provider, and > with Android the biggest operating system for mobile devices." From: > An open letter to Eric Schmidt: Why we fear Google As long as the Internet is itself agile, these things can change faster than you think. Myspace and Compuserve were big too. And Napster. Not as huge, but.. if we deploy a GNU Internet, it could come with a web browser that treats privacy better than Google's Chrome and Firefox offerings.. the you can use Search and Youtube more safely. At the same time the GNU Internet could develop proper distributed search and video distribution without involving any companies. E-Mail would be gone and replaced since it cannot be secured properly. The challenge is to be able to distribute essential software without getting tangled up with special interest. Maybe the Tor model works. Android however remains a tricky issue. You can't just fix that by installing an app. All of hardware and operating systems is a difficult issue really.. luckily those are not the vectors for bulk surveillance. And if they became so, judges would be able to rule as it would no longer be passive surveillance. On 05/09/2014 03:31 AM, Anthony Papillion wrote: > I fear we've already lost. I used to think that it would just take > some sort of major scandal to wake people up to the fact that > relinquishing their privacy wasn't such a good idea. Then, I thought, > they'd stand up in outrage and take their privacy back with > pitchforks. Then Snowden showed up and nothing really happened. Most > people didn't actually change the things they do because, well, it's > not convenient. Actually there has been a slight cognitive advancement in the last year.. we went from "I have nothing to hide" to "But what could I possibly do?" Our infrastructure is a mess, what people can do is learn to use difficult to use protection software, that falls open when they fail to use it right. That won't work, ever. You can make all the crypto parties you like and write easy to learn PGP instructions at no end. Some week ago at a YBTI presentation I asked a hacker audience how many do OTR. Most hands went up. Then I asked how many of them have at least one contact they do opportunistic OTR with because they don't have the patience to share secrets or check fingerprints. Same show of hands. "But what could I possibly do?" needs to be answered with "install this new Internet. It works slightly different than the old, but you'll get used to it. It is actually easier. You can forget all about addresses and @ signs. You don't even need to be able to read and write any longer. All you need to do is learn how to do the bluetooth handshake or QR code scan. Or how to add a friend from somebody else's friend list like you already do on Facebook." That software doesn't exist yet, but from what I can tell all the open research questions are closed - we just need to plug the pieces together. But before we even have a new Internet, we can answer "talk to people, go out on the streets, share awareness that your democracy is at stake. It's not just about a lost privilege that so far hasn't affected your everyday life, so you don't know why you should be picking up the pitchfork, but you should." People are looking at the results of a broken democracy.. wrong people getting elected, corruption taking place, huge problems of humanity, society and ecology not being tackled, but they are looking at the finger instead of looking at the moon. They don't see that this is all happening because they have lost their ability to exercise democracy and they don't even notice it. They are being steered and yet they are not pulling out their pitchforks because of that. Nice examples of steered minds you get when you interview young hipsters from eastern Ucraine, southern Virginia or mainland China. They need to understand that to start reclaiming democracy they need to stop being a predictable and manipulateable populace. They need to get their brains out of big data. Out of Facebook. Out of clear-text e-mail. On 05/09/2014 05:56 AM, Jonathan Wilkes wrote: > You could only say such a thing if you completely ignore entire > categories of software development like documentation and > usability-improvements to the same extent that companies like Google and > Apple embrace them. Luckily that is getting some more attention lately. Even radically different technologies like ours are paying a lot of attention to usability and seeking assistance in UI design etc as we move forward. >> Then Snowden showed up and nothing really happened. Most >> people didn't actually change the things they do because, well, it's >> not convenient. > > Not only is it not convenient, it is dangerous. How is the > non-technical user supposed to judge whether the implementation of a > piece of privacy-preserving software lives up to its claims? Especially > if technical users like yourself have given up? [if I weren't lazy, I'd > have links here to stories about that silly app that claimed to erase > the pictures "permanently" after the recipient viewed them for a couple > of seconds]. Yes, that is a point why we need a clean slate restart of security. Tools that put something on top are far too fragile and fall open when you just click the wrong icon (see OTR, PGP, SSL). We need crypto at the foundation of Internet routing and no option to disable it. That's what dozens of new projects are doing, and not getting enough attention for. Only Tor gets some, although it currently only addresses a little part of the use cases. We need a whole infrastructure like Tor. On 05/09/2014 03:18 AM, Jonathan Wilkes wrote: > Is Tor with NoScript turned on globally enough? Aynone please correct me if I'm wrong, I may not be 100% up-to-date on web tech. You also need something that takes care of the cookies, and the cookies are difficult to take care of - if you actively use any of the Google offerings, then they may stop working as you expect if you reject those google cookies that the NSA uses to identify people. So the NSA may not see where you currently are, but while you surf they know who you are, and they may be able to correlate your G-Mail identity with your sexual interests. But even if cookies are dealt with, your recurrent use of the same exit node may allow for some correlation. You can hit the "new identity" button or configure Tor more harshly to use separate circuits for each website you access. The best would be to forbid your browser from accessing Google services, but then a lot of websites will look broken, because Google's market dominance stems from the dependencies they managed to sneak into websites all over the world. Web devs in the 00s thought it was hip and cool and didn't understand the side effects. Several open source web tools even come with Google includes baked into the code. If there was a way to turn off those Google CDN services next week, it would still take months for all of the web to remove those dependencies from their websites. The web is married to Google because politically inept devs took a tragical political decision in hordes, and it hasn't really been challenged in a decade. And then there are Facebook and Twitter with their "share this" and "like that" scripts all over the web. So those are also mines that need sweeping. That's why I'd rather make a new web that supports no HTTP links. Onion websites are much safer than the regular web, they have no Google dependencies. Make a new web and try to use the old one less and less. Slowly migrate away from it. I salute every website that offers its content also via .onion and am planning to migrate some hundred sites to it soonish. P.S. Doug, it just struck me where we met before. It was in Milan at Fiorella's workshop on e-democracy tools. I gave the Liquid Feedback presentation. I really can't wait to have secushare out there so I can throw voting technology into it and produce a serverless equivalent tool to LQFB. Then the peoples can deliberate without even needing to ask anyone for a place to do it. -- http://youbroketheinternet.org http://secushare.org Please use the attached PGP key for an encrypted reply, if you can. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
