I agree with many of your points, Alberto. Our list has been part of many important turning points in grassroots cybersecurity and privacy over the years, but we have mostly talked, rarely turned to action as a community.
We have vetted a lot of lousy programs and helped many developers understand that cybersecurity and privacy is a difficult space. You can't just build an app over night and expect activists to use it. Their lives are at stake. We could create a grassroots action network for Liberationtech. If we did, how would we do it? And this question applies to all of our subscribers. Should we even go there? Should we try to fix some of the problems we see in the community? Should we try to raise money and donate money to great crypto projects? Or should we start a wiki to document all the good and bad solutions and to explain to newbies how to enter the cybersecurity / privacy domain? I just feel we could be more active than we have been so far. We have been around now for nearly a decade. A lot of Liberationtech research was done at Stanford but very rarely did it create practical self-sustaining organizations. Any ideas by the group? We host this community at Stanford, but it is your community, so you should share with us your dreams for making the world a better place through Liberationtech. Best, Yosem On Sat, Feb 11, 2017 at 2:16 PM, Alberto Cammozzo <ac+li...@zeromx.net> wrote: > Difficult question, Yosem. > I would try splitting it in two. > > First, what causes tide turns in general? > > Hard to answer by numbers besides a generic "80/20 rule", but seems > there are other possible triggers besides marketing. > Malcolm Gladwell in "The Tipping Point" suggests that (1) few people > have the power to orient masses (2) some message may be irresistible if > rightly packaged, and (3) the context -even small details- may be very > important. > If marketing has to be excluded, I would concentrate on the context, the > environment. > Environmental concerns may take time to break through, but once grasped, > they easily become part of the common sense. > The concept of "pollution" of the communicative environment may be very > effective in this sense: I can't elaborate on that in short, but see the > "Privacy is the new Green" mantra... > A paper by Jack Balkin is also enlightening on the concept of > "algorithmic nuisance" (externalize social costs) [1]. > This would contribute to a tide change towards decentralization, since > lack of privacy (data appropriation) is fueling centralized platforms. > > > > Second, what specific events or technology can trigger a decentralized > turn? > > I think it may be useful to distinguish the /application/ from the > /infrastructure/ upon which the application is based. > Facebook is an application, the Web, browsers and TCP/IP suite are the > infrastructure upon which FB is built. Same with Gmail and SMTP+IMAP+POP... > VC is willing to invest in a lucrative /application/, but not an > infrastructure that everybody will take advantage from. > From a VC point of view, funding a decentralized infrastructure is > financing free riders. > > The "distributed effort" tries to build an infrastructure AND also > applications that use it, which makes it very hard. > DNS and Certificates are all are part of a centralized architecture. > Security and trust in client/server architectures are also an issue. > A decentralized tide turn does not only mean some new applications > replacing centralized ones, like Facebook vs Myspace: it's more like > TCP/IP supplanting SNA and Bitnet.... > Consider that an application can also be turned into an infrastructural > component, as happened when Netscape went Open Source with Mozilla: the > browser stopped being an application and become part of the infrastructure. > Think also of the GNU/Linux/Debian/LAMP ecosystem as an enabling > environment... [2]. > > That said, we can imagine some way the context may change in favor of a > distributed application+infrastructure. > (1) a new distributed application offers something irresistible that > centralized apps don't have and may find not favorable to offer: lower > costs, higher performance, new functions, better UX. > (2) some "privacy Chernobyl" catastrophe changes general attitude > towards privacy: in that case Diaspora's existing community may > represent the critical mass triggering an infrastructural revolution. > (3) governmental market regulation actions split monopolies > (4) some competitor, fearing of being pushed out of business, releases > its code in F/OSS, helping the decentralized effort and contributing > with a user base. Imagine Google opensourcing its G+ platform in a move > against Facebook: very unlikely, but this would turn a vertical, > centralized SN application into a new infrastructural layer of the > communicative ecosystem upon which new business could thrive... > > Without contextual changes I believe we're in path dependency. > > Bests, > > Alberto > > > [1] Balkin, Jack M. “The Three Laws of Robotics in the Age of Big > Data.” SSRN Scholarly Paper. Rochester, NY: Social Science Research > Network, October 22, 2016. <https://papers.ssrn.com/abstract=2890965.> > [2] Cammozzo A., "Buliding Enabling Environments, Open Source among > open systems", 3rd FLOSS International Workshop on Free/Libre Open > Source Software > 2-3 July 2009, Padua, Italy > <http://cammozzo.com/Papers/Cammozzo-FLOSS2009-090701.pdf> > > > > On 10/02/2017 18:01, Yosem Companys wrote: > > Network effects are powerful. And to create network effects, except in > > the rare case of organic viral growth, requires a lot of marketing and > > advertising. And marketing and advertising requires raising a lot of > > money. And raising a lot of money requires angel investors, venture > > capital investors, and so on. And then you are back at the Silicon > > Valley model of collecting people's information and selling or trading > > it like a commodity. > > > > But I have a question: What's a reasonable metric for success in terms > > of the number of people using a decentralized system? My understanding > > is that Diaspora remains decentralized and has a million or more > > users. Is that good enough? Or do we have to be like email -- > > absolutely ubiquitous? > > > > On Fri, Feb 10, 2017 at 3:00 AM, F LM <flucom...@gmail.com > > <mailto:flucom...@gmail.com>> wrote: > > > > Because of the intangible nature of the internet, people don't > > treat the privacy of their communications with the same bar they > > would treat (we assume) paper correspondence. > > > > Having said that, it's fundamental to understand that people won't > > leave Facebook, Gmail or Windows, simply because, beyond > > theoretical manifestos about abstract concepts such as 'privacy', > > they don't have any reason to do so. > > > > In fact, it's quite the opposite — people won't make the move from > > any of the aforementioned companies for the simple reason that > > everything will be more difficult. And let's cut the BS here — > > easy-to-use and functionality on the "alternatives" are not the best. > > > > That's why I think is critical that the hacker community start > > focusing more on UX. Until my mother can see that Linux is as > > nice, easy-to-use and practical as Windows, only then she will > > start making the change (and even that won't guarantee that she > > leaves Windows, but is a basic a mandatory step). The same can be > > said about IM, social media, email and practically everything. > > > > FL > > > > > On 08-02-2017, at 10:06, Alberto Cammozzo <ac+li...@zeromx.net > > <mailto:ac%2bli...@zeromx.net>> wrote: > > > > > > Richard, you are right: maintaining email servers requires some > > skill > > > and has a cost. > > > Gmail does this reliably and is attractive for most > > non-technical users. > > > > > > But now imagine this: > > > Your favourite snail-mail service offers your university paper > > letters > > > delivery, but at these conditions: > > > 1) being authorized to open the envelope you send > > > 2) reading the letter looking for keywords > > > 3) attaching targeted advertising to your letter, according to > > keywords > > > 4) build and keep a profile of you and your correspondents network > > > 5) eventually deliver the letter along with advertising > > > 6) deliver targeted advertising in envelopes directed to you > > > Would your university accept, even in front of major savings? I > > don't > > > think so. > > > Despite being free, attractive and convenient this would be > > illegal in > > > most countries (in Italy, where I live, secrecy of correspondence > is > > > even a constitutional provision). > > > But, inexplicably, this is pretty much what we accept without > > hesitation > > > with Gmail and most free messaging services. > > > And still, secrecy of paper correspondence is socially required and > > > legally protected. > > > > > > Building a decentralized, reliable, secure, private, open and > > cheap (if > > > not free) infrastructure for delivering and preserving emails at > > least > > > as well as Gmail does is something we should have. > > > By infrastructure I mean something like railways, telephone, power > > > lines, roads, bridges, Internet connectivity: in certain cases they > > > should or may be privately held, but with a major public > commitment. > > > Their main goal is providing a public interest service, build an > > > enabling environment for social and economic life, not only being a > > > business opportunity. > > > And of course I'm not saying we should have national Gmails! > > > I think something more similar to dn42.net <http://dn42.net> and > > zeroNet.io, but at least > > > as attractive and usable as Google services. > > > See also the paper by Aymeric Vitte in this thread. > > > > > > Bests, > > > > > > Alberto > > > > > > > > > > > >> On 07/02/2017 16:10, Richard Brooks wrote: > > >> On the other hand, why are they using gmail? > > >> > > >> Our university outsourced email to Google. They > > >> software up to date, handle the security, provide > > >> convenient cloud access (I personally dislike > > >> their GUIs), etc. For our university, this decision > > >> probably did make our email traffic more secure > > >> as well. > > >> > > >> I am not wild about the decision our university > > >> made, but for most users using Gmail is probably > > >> the more reasonable and secure choice. Not the > > >> choice that I would make for myself. Being spied > > >> on bothers me. > > >> > > >> But, if you want to have the broad base of users > > >> move elsewhere, you need to address the clear > > >> advantages that Gmail provides. > > >> > > >> Political, social, and economics arguments will not > > >> convince most people. > > >> > > >>> On 02/07/2017 07:06 AM, Andrés Pacheco wrote: > > >>> Signore Camozzo hit the nail on the head, twice. So then I > > have to draw the proper conclusion... > > >>> > > >>> 1. We need concerted action to set non-proprietary > > communication standards at the application level, much like the > > TCP-IP Protocols did for the lower layer(s) > > >>> > > >>> 2. This action HAS to be POLITICAL, since it's not just a > > matter of devising technical standards, but to have them ADOPTED > > by the majority. We need the 75% of his email correspondents to > > not use proprietary email platforms (and so forth and so on, and > > including me and this email itself!) > > >>> > > >>> Ergo, it is at best naive trying to separate "Technology" from > > "Politics:" all Technology is Political, and ignoring this only > > rubber stamps the technology of the proprietary powers that be. > > >>> > > >>> Not by chance it's Technology companies at the top of the > > "most valuable company of the world" food chain: Google and Apple. > > If that's not a political statement, then what is? Where is "the > > swamp?" > > >>> > > >>> Regards | Saludos, > > >>> > > >>> Andrés Leopoldo Pacheco Sanfuentes > > >>> <a...@acm.org <mailto:a...@acm.org>> > > >>> > > >>>> On Feb 7, 2017, at 5:34 AM, Alberto Cammozzo > > <ac+li...@zeromx.net <mailto:ac%2bli...@zeromx.net>> wrote: > > >>>> > > >>>> So far so good, but what is it all for? ~75% of my email > > correspondents > > >>>> use Gmail ... > > >>>> You cant decentralize alone... > > >>>> We need to fix this quickly or the information revolution > > will be lost > > >>>> and archived as an annex of the industrial revolution. > > > > > > > > > -- > > > - > > > TagMeNot > > > http://tagMeNot.info > > > @dontTag > > > > > > -- > > > Liberationtech is public & archives are searchable on Google. > > Violations of list guidelines will get you moderated: > > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > <https://mailman.stanford.edu/mailman/listinfo/liberationtech>. > > Unsubscribe, change to digest, or change password by emailing > > moderator at compa...@stanford.edu <mailto:compa...@stanford.edu>. > > -- > > Liberationtech is public & archives are searchable on Google. > > Violations of list guidelines will get you moderated: > > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > <https://mailman.stanford.edu/mailman/listinfo/liberationtech>. > > Unsubscribe, change to digest, or change password by emailing > > moderator at compa...@stanford.edu <mailto:compa...@stanford.edu>. > > > > > > > > > > > -- > - > TagMeNot > http://tagMeNot.info > @dontTag > > -- > Liberationtech is public & archives are searchable on Google. Violations > of list guidelines will get you moderated: https://mailman.stanford.edu/ > mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change > password by emailing moderator at compa...@stanford.edu. >
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
