Am 27.01.2014 01:02, schrieb hellekin:
On 11/24/2013 09:31 AM, "Jörg F. Wittenberger" wrote:
I posit that doing yet another social network software - typically
some info sharing - will just inspire the established companies to
copycat the feature.
*** One point with using GNUnet as the framework is that there's no
incentive for a "social network" company such as Facebook or Google to
copycat, because their business model requires what GNUnet removes: a
vector for surveillance, that is: the ability to MITM the users, such
as centralization or control of the servers in a federation.
Ack. (Though: that's not a unique feature of GNUnet and prerequisite to
Askemos.)
Worse: neither the GNUnet framework of today nor the slightly higher
level requirements spelled out by Askemos can ensure that nobody can
ever create a unique resource (SPOF) atop - which in turn would be THE
loophole to mount a MITM attack.
Furthermore: what's being copycat is never the underlying technology
(e.g. GNUnet) nor the systems structure (e.g. Askemos). What's being
copycat is always the "users added value" - the "cat-picture-sharing"
application as seen by the user.
But we are in the offtopic section anyway (IMHO).
Without it, their ability to "monetize" user activity is strongly reduced. One
could argue that they still could bridge over insecure protocols, or
deflect control over the ontologies used to talk about sociability
(which is what FB does with OpenGraph, that does not concern humans
but consumers, workers, and producers).
Ack.
What's often missing (any every so often skipped or "delayed until
we have something to show" is a proper analysis of the *actual*
system structure and requirements.
*** Which system? (I believe in a complexity of interrelated systems.)
I'm starting from the premise that we (the CS people) shall (almost
always) abstain from inventing. Our job is to model.
Wrt. "social network(s)" this would boil down into "model various
communication processes among real persons".
So yes: it's not a single system. A casual talk at the bar is slightly
different from letters which in turn is different from exchanging
arguments in a court case. Somewhere in the middle is the communication
in games like chess.
FB is great an example here
*** My understanding of this and the following argument (labeled 1) is
that you identify an issue where computer scientists in general assume
a necessary basic knowledge of the complexity of their field(s),
whereas other technologies do not need any such prior knowledge to
operate (e.g., there's no need to know how a car operates to drive
it), and so we should work on finding such a zero-knowledge (pun
intended) situation with computers (and computer-mediated social
network services).
I agree with your understanding. However I wanted to make a simpler
statement: at the moment we have a situation where people learn from
using their computerized systems that there are some powers that be who
can simply force things different to their intentions. And since this
power is eventually executed by a single person (who can type the
command or click the button because the access control allows them so)
it is possible to abuse that power.
Thats how it worked in feudalism. The kind had the final say.
At the technical level we should try to build autonomous systems, where
such a control does not exist. (Well, no: where such control extends
only to those parts of the system which are considered private to the
human in control.)
At the social/political level we should oppose signing into law anything
which manifests feudal structures. Otherwise our children will end up
in feudalism again.
Pardon me: such a system should never be assumed to be legally
binding. Period.
*** +1. As computer security is a trade-off, and never absolute,
legally binding a computer user is the door open to abuse, as
demonstrated absolutely by the NSA.
3) [on trust]
*** Indeed, you should see the effervescence of Christian Grothoff
when he describes the threat model of GNUnet. To paraphrase him: all
the peers are potentially compromised, so there's no trust involved at
all.
Indeed. I'm personally preaching that point of view since about 20
years now as well.
4) Look at bitcoin. What a strange hype right now. The
"value"absolutely is speculative no connected to any economic
reason.
*** I would argue that most economic theories of values are built on
sand, as they ignore the basic fact that value is relative to the
desire of the buyer to acquire a product, or his necessity. And the
price buyers are ready to pay are themselves relative to other desires
they hold for other products. All the pricing made by vendors are
absolutely independant of the buyers. Now, please find me a so-called
"economic science" theory of value that tells you that. I'm curious.
I can't. I'm with you.
Plus: I'm not exactly an expert in economic theories.
However wrt. bitcoin we should understand that at least those theories
where I'm half way able to follow make a distinction between wares
(products) and money.
What we would really need was to have a "pre-money" - basically an
electronic bill of exchange (German: Wechsel). Why? Because that
one creates a link between the money's value and actual real-world
assets backing up this value.
*** Do you mean something like the Gold Standard we had before the USA
stole the world economy?
Kinda.
If you read Bruce Schneier sometimes, you'll notice that he reiterates
how people get abstract risks wrong while they understand more immediate
risks much better. At least on average.
That's the trick, which ensures the value in the centuries old concept
of drafts too: those who accept the bill will look at the issuer and
judge the risk of default. When they draw the draft they still share
the risk *for a limited time*. So one unit of money is secured twice be
economic goods evaluated by three parties - good enough on average.
Since my last post I expanded that argument in this article:
http://askemos.org/index.html/?_v=search&_id=3062
(Shows also that things could be faster and less resource hungry than
Bitcoin.)
In general: shortcomings of the implementation feed back into the
legal system AND mind of the general public.
*** That won't change anytime soon, and that's part of the
shortcomings we have to live with, don't you think?
Sadly. But I hope it's not to late to try and fight. Why give up 300
year worth of lessons learned?
I like this quote, by William Gibson: "The future is already here, it's just
unevenly
distributed." Well, same goes for knowledge and belief: each person
has a different understanding of "reality", and the most prestigious
usually spreads the most among people. Before the Snowden Apocalypse,
most of the people on this side of the Net were considered paranoid
lunatics. Now, the perspective is a bit more adjusted, and we might
even be considered visionaries by some. And among the paranoid
visionaries, most still have reality-adjustment issues. Actually, I
don't think any single person, even a genius, actually knows the truth.
That's why we need a sane social environment, where ideas are debated,
provable things proven, and unprovable things respected as such, and
where no single vision is able to dominate absolutely--this is where
our current course of civilization is utterly failing, giving all
power to the "economic vision" like Romans gave all to the Law, and
Byzantium to Religion. We're in a moment of history where complexity
revealed itself with full light shed on our misunderstandings. The
polarization of powers is such that they all look completely idiotic
and unprepared.
+1 - so what to do? Fold and retreat? Get a job as food salesmen?
Frankly and sadly: I'm inclined.
We need social software, which fixes these structural issues. No
single company CAN do that. [snip] That's the chance for free
software. [snip] We need a system, which works *without trusted
parts*.
*** \o/
the **social network** software - here without quotes, bold
instead
*** I prefer "social networking software", i.e. software to support
social networks. I keep coming back to the issue of language, because
the wrong narrative is imposed on us by way of carefully chosen
language, and that's something we need to be careful about as well.
Ack. it's better with the "software". Language is important.
If you find something you have to trust, you found something worth
to be improved.
*** Nice quotable :) But... What is the Askemos "constitution" that...
We would have to trust into not being flawed... Sounds like a question
for which the answer would be... 42.
You mean 101010? (binary) That's pretty close in it's simplicity actually.
It's about a constant (some code) taken to be constant except if one fails.
Remember: The freedom to fail is an individual freedom.
Thanks for asking the question. I took the freedom to cite and answer
it here:
http://askemos.org/index.html?_v=footnote&q=constitution+flawed
full text:
http://askemos.org/index.html?_v=footnote&_id=1223
more
http://en.wikipedia.org/wiki/Social_contract
Or more technically speaking: if one was to break systems into
cells small enough they are much easier to defend, since their
value to the attacker depends on the possible gain, which is
limited by the size of the cells.
*** The opposite of "Too big to fail". I think both approaches are
compatible, and indeed occur in nature. That's probably why we evolved
into complex organisms and not just mold soup.
As every so often: it's a matter of balance. Extremes are rarely a
solution.
Coming back to different kinds of social system software. Talking to
Christian Grothoff at the CCC congress he convinced me that the concept
of "places" in the sense of GNUnet and psycd channels matches a
different model of social networks than what Askemos is about. The
former is more akin to moderated discussion. One has to trust the origin
wrt. the messages being broadcast. So we have to understand a channel
as a private property of its owner. That's in no way wrong if you want
to have a blog with comments. But it's not sufficient for say voting
systems or other games, ledgers etc. In those cases one just needs the
channel state to stay correct even if the owner(s system) fails. (Which
implies: there must be no owner/origin.)
Hence we'll need to use lower level API's from GNUnet to create a more
general "global interpreter" for which one can write autonomous
applications tolerating byzantine failures (a.k.a. Askemos atop of
GNUnet). This will need independence from any "owner" of the state,
because the state is to be maintained by the sovereign - which is the
people and not any single individual, organization etc.
However: we need such a tamper-proofed arbiter.
Best
/Jörg
-- [email protected]
https://lists.tgbit.net/mailman/listinfo.cgi/secu-share
