On Thu, Jun 05, 2014 at 04:06:25AM -0700, coderman wrote: > in terms of first steps, the https push is the most approachable. > passive, blanket surveillance resistance maybe a band-aid, yet still > useful.
but without intervening into browser certification politics it's just a huge advertizement campaign for the certification industry. i presume that wasn't intentional, but still.. that's what it boils down to. the change of attitude needs to happen in the browsers and in the W3C, not in the gazillions of websites that should all invest serious amounts of money. browsers should ship with a public-key routing technology like tor's .onion, i2p's .i2p or gnunet's .gnu. i have about a hundred websites. i can't get certificates for each of them. but what i will do soon is relaunch them as website.XXXXX.onion since all it takes is apt-get install tor and a torrc. > > If it was that simple we could have done such a > > campaign the same day the revelations came out. > > how long did youbroketheinternet.org take? ;) it launched a month and a half later, but that's because it isn't a simple campaign like resetthenet. YBTI is about developing the necessary technology to enable usable end-to-end encryption and social graph (aka metadata) protection (and a few things more). so it is a site that aims for a *real* solution. > i also think all of the technologies you listed above are insufficient > for a truly decentralized, robust, privacy enhancing infrastructure. you mean you agree with me? of course HTTPS etc are all broken and inadequate. or what are you referring to? > and finally, i think we should all be working on these types of > efforts, and others, per our interests even if they have flaws. no, it is wasted energy. 99% of engineers insisting on working on horse carriages after 1% told the world they invented a car and need help improving it. to make a comparison, and to reply to jonathan: of course I know gnunet is much more than just a TLS and HTTPS replacement, but since people tend to think of TLS being such a huge thing, it's good to put that in perspective that gnunet can be a better TLS by design, as a side effect of all the things it is. in a couple of years 99% of engineers will find out they have invested sooo muuuch tiime in a technology which slowly but steadily turns obsolete - at least i hope it goes that way because if we stick to the broken internet we are going to rid ourselves of what is left of democracy. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
