On Thu, Jun 5, 2014 at 11:23 AM, carlo von lynX <[email protected]> wrote: > ... > the change of attitude needs to happen in the browsers and in the W3C, > not in the gazillions of websites that should all invest serious > amounts of money. browsers should ship with a public-key routing > technology like tor's .onion, i2p's .i2p or gnunet's .gnu.
even better, map public key routed identifiers into IPv6 via ORCHID addressing in overlay networks! (i have a favorite rant on low latency traffic analysis resistant designs, too, but i'll try to keep this on topic ;) > i have about a hundred websites. i can't get certificates for each of > them. but what i will do soon is relaunch them as website.XXXXX.onion > since all it takes is apt-get install tor and a torrc. onions in the namecoin tree also useful (i use this to map a friendly name to multiple onions. there is a good thread on improving hidden service availability and scalability on the tor-dev lists as well, but for now redundancy is my favored approach.) > it launched a month and a half later, but that's because it isn't a > simple campaign like resetthenet. YBTI is about developing the > necessary technology to enable usable end-to-end encryption and > social graph (aka metadata) protection (and a few things more). > so it is a site that aims for a *real* solution. i think resetthenet is more complicated on the social/organization level than you give credit. this makes sense, as the wonderful YBTI is very technical and awesome. technical people tend to think of organization and communication and collaboration aspects as "easy" or "afterthoughts" but i've come to see them as anything but. (often, the easier an effective campaign appears, the more inspired and labored it's creation.) >> i also think all of the technologies you listed above are insufficient >> for a truly decentralized, robust, privacy enhancing infrastructure. > > you mean you agree with me? of course HTTPS etc are all broken and > inadequate. or what are you referring to? i absolutely agree with you that HTTPS and etc are all broken under some reasonable threat models. and i believe all of the technologies you've listed in YBTI are also broken under reasonable threat models. we have a lot of work to do! > no, it is wasted energy. 99% of engineers insisting on working on > horse carriages after 1% told the world they invented a car and > need help improving it. all horse carriages immediately deprecated? transitions take time! > in a couple of years 99% of engineers will find out they have > invested sooo muuuch tiime in a technology which slowly but > steadily turns obsolete do nothing in the interim? instead, i am doing many things. holding my nose paying tithe to the CA cartel. working on better solutions. thinking about how remaining flaws in better options can be further mitigated... please keep up the good work on YBTI! best regards, -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
