On Wednesday 12 January 2011 10:00:57 Nicolás Reynolds wrote: > Me parece que derrapó un poco al final, pero no deja de ser interesante. > > ------ > http://sheddingbikes.com/posts/1293530004.html > > Shedding Bikes: Programming Culture And Philosophy > > Shedding Bikes > > What do you think? [1][email protected] > > By Zed A. Shaw > > Why I Don't Use Tor > > I have this hypothetical question I've been using periodically to talk > about the relevance of ad hominem in evaluating software: > > What if Hitler gave you a cheese sandwich? > > It's a pretty simple question. Imagine you're sitting there and, yeah, > Hitler is eating across the table from you. He's got a cheese sandwich and > he hands it to you. "Hey, want my grilled cheese?" > > Most normal folks would turn him down, politely most likely but they'd > definitely not eat a sandwich from a guy who used to slowly increase his > doses of arsenic. But also, you're probably thinking, "No way, this guy's > an insane mass murderer, I'm not eating that damn sandwich." > > Ok, change this up some more, what if you were walking by and there was a > box labeled "Cheese Sandwich" and right under that is a Nazi Swastika. You > gonna eat it? No Hitler involved, just a box with a cheese sandwich on it > sitting there looking like you can eat it if you want? > > Sure, you might open it, look at it, maybe sniff it, but most normal people > won't eat it. Why? Because that Swastika has suddenly got you thinking > about the /history/ of this sandwich. Why is that on there? Where did this > thing come from? Is it poisoned? > > Let's go one step further, and say you just find a random sandwich in a > clear plastic bag on a table. Nobody's around, and you're kind of hungry. > You going to eat it? Again, most normal people who can buy a sandwich won't > eat it. It's just laying there. Who knows how long it's been there or what > the hell's been done to it. > > Instinctively, humans have this sense of avoiding things that will poison > them,
sólo un detalle, para el psicoanálisis no hay instinto, sino pulsión: http://es.wikipedia.org/wiki/Pulsion (aunque está en discusión... había un autor que explicaba por qué los humanos no tenemos instintos, y lo hacía con una araña... no recuerdo quién era...) > and that involves using their memories, sense of history, and ability > to think ahead to predict what could happen. This is how we're able to > figure out how to eat a huge range of stuff no other species has figured > out. We use this finely honed sense of "that food will poison you" to avoid > getting sick and to find food that will keep us fed. > parece más una actitud basada en la experiencia que en algo innato (instinto), pero... > Programmers and other "logical" types seem to lose this ability when it > comes to information. They'll frequently get /information poisoned/ with > stupid ideas because they think the motivations and history of the person > telling them something doesn't matter. They remove the context of the words > and evaluate only what's said and nothing else, and then believe the most > absurd stuff ever. > > This belief that any look at a speaker's motivations is "ad hominem" leads > many smart people to believe the incredibly stupid things. > > Everything Has Already Been Said > > The reason evaluating a person's motivations matters these days is because > there's been a massive increase in the amount of information created and > stored over the last 500 or so years. Basically, a whole hell of a lot has > already been said by someone else at some point. In fact, most ideas are so > horribly unoriginal that the only thing you really have to go on when > evaluating them is why someone could be telling you this. > > Let's say I tell you that my software is "language agnostic". Well, that's > been done before in other ways, so you have to look at why I might be > telling you that. The idea itself isn't original or that useful, but if I > then tell you, "because I want people to be able to use the best tool and > not get caught up in language wars," then you can evaluate the statement > better. > > However, if I tell you don't look at my motivations, or where I'm coming > from, or what I used to do, and claiming "ad hominem!" then I'm most likely > trying to trick. An honest person has no problem with you looking past the > words to the motivation. Dishonest people will try to bluff so you don't > look too closely. > > If more technologists did this kind of critical thinking, then it'd be > harder to get them to use potentially dangerous or crap technology. If they > accepted that most everything has been said or tried already, then they can > use motivations and historical context to figure out why things might be > different. They can also use it to call bullshit or question why things are > the way they are. > > The Sordid Past And Present Of Tor > > Tor by itself, without knowing its history, seems like a great idea. You > point your browser at it and suddenly you can view web pages without people > knowing that it's actually you. Great right? > > The p roblem is that Tor's pedigree is less than stellar. First, it was > originally a [2]US Navy project then released to various "hackers" (a word > which in a lot of ways is just synonymous with "NSA collaborator" or at > least a wannabe). Whether the source code started there or just the idea, > you /have/ to ask why the hell the Navy would work on this and then release > it. > no lo sabía :S > The Navy of course gave some hand-wavy answer of wanting to use it, but the > Navy just doesn't do something like this without another reason. Who knows > what it is, but I this makes my spidey sense go off. > > That's the first strike against Tor, but let's look at more reasons to not > use Tor. How about the research that showed [3]how easy it is to break in > various ways. Those might be fixable, so how about that there can be > [4]super nodes that with just a small sample of traffic can figure out a > lot of content? > > Alright, maybe that can be fixed, but then you read about [5]a semi-secret > volunteer group collecting data from 12 ISPs and handing it to the > government. This Project Vigilant apparently has 600-1500 volunteers who > are all hackers collecting and analyzing data and handing it straight to > the government without user consent. Project Vigilant also claims it: > > tracks more than 250 million IP addresses a day and can âEURoedevelop > portfolios on any name, screen name or IP address.âEUR > desastre > Holy crap, that's a lot of traffic analysis. Given how small the "hacker" > community is, that's also a gigantic percentage of hackers and security > experts on the volunteer payroll of a group who's job is to illegally > wiretap people and circumvent the law on behalf of the government. > > I don't have to remind you abou the panic over [6]the OpenBSD and NETSEC > accusations. What about the various entries to the [7]Underhanded C. The > truth is, if a large group of determined and patriotic hackers want to > infiltrate and inject seemingly innocent maliciousness into code they > definitely can. With 600+ potential recruits, they definitely are. > > Conflict Of Interest > > But all of this is just unsubstantiated and could be hypothetical, what > actually worries me is [8]Jacob Appelbaum works on Tor and works for > Wikileaks. This to me is the /Hitler Grilled Cheese/ of the argument, the > historical context that drives me away from Tor. Wikileak's job is to take > people's secrets and show them and who's hiding them to the world. Tor's > job is to do the inverse. The two project's goals don't align, and having > one dude do both gives me the willies. > > You see, if it is fairly probable that there are multiple attacks against > Tor, that there is a group actively trying to collect enough data to make > Tor pointless, a group with enough people to infiltrate the Tor project, > and then Jacob is working for Wikileaks and Tor, then there's too much > going on for me to trust jack and/or squat. Jacob's affiliation with > Wikileaks has made Tor a target big time, in addition to the obvious > conflict of interest. > > For me--and this is /not/ an accusation against Jacob--the chance that > someone on the Tor project is in cahoots with someone else is too high. > It's either the government, this Project Vigilant, or Wikileaks, and who > knows what. When claims surfaced that Wikileaks got its initial set of > magically appearing documents from Tor, I wasn't surprised. Having Jacob > claim otherwise doesn't help at all, and I still won't believe this didn't > happen until possibly decades later when whatever really happens is > declassified. > > Finally, I will go on record right now saying Wikileaks rocks. I think > there needs to be more of this, and actually I think the world will benefit > more from more international coverage and more corporate leaks. But, if > anyone from Wikileaks tries to work with me or on any project I'm on you > bet your ass I'm not trusting them one bit. > > Never trust a traitor, no matter how noble their intentions. > > P.S. I have a long bet that SELinux is an NSA backdoor. Any takers? > > > References: > 1. mailto:[email protected] > 2. http://www.onion-router.net/ > 3. > http://docs.google.com/viewer?url=http://www.csnc.ch/misc/files/publication >s/the_onion_router_v1.1.pdf&pli=1 4. > http://archives.seul.org/or/talk/Apr-2007/msg00039.html > 5. > http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor- >monitors-u-s-internet-providers-says-it-employed-wikileaks-informant/ 6. > http://arstechnica.com/open-source/news/2010/12/fbi-accused-of-planting-bac >kdoor-in-openbsd-ipsec-stack.ars 7. http://underhanded.xcott.com/ > 8. http://en.wikipedia.org/wiki/Jacob_Appelbaum ________________________________________________ Solar-General es una lista abierta a toda la comunidad, sin ninguna moderación, por lo que se apela a la tolerancia y al respeto mutuo. Las opiniones expresadas son responsabilidad exclusiva de sus respectivos/as autores/as. La Asociación Solar no se hace responsable por los mensajes vertidos, ni representan necesariamente el punto de vista de la Asociación Solar. [email protected] https://lists.ourproject.org/cgi-bin/mailman/listinfo/solar-general
