[liberationtech] [GNU/consensus] Why support "Reset the Net" ? I don't get it

Fri Jun 6 01:37:55 PDT 2014

On Thu, Jun 5, 2014 at 11:23 AM, carlo von lynX
<lynX at time.to.get.psyced.org> wrote:
> ...
> the change of attitude needs to happen in the browsers and in the W3C,
> not in the gazillions of websites that should all invest serious
> amounts of money. browsers should ship with a public-key routing
> technology like tor's .onion, i2p's .i2p or gnunet's .gnu.

even better, map public key routed identifiers into IPv6 via ORCHID
addressing in overlay networks!

(i have a favorite rant on low latency traffic analysis resistant
designs, too, but i'll try to keep this on topic ;)

> i have about a hundred websites. i can't get certificates for each of
> them. but what i will do soon is relaunch them as website.XXXXX.onion
> since all it takes is apt-get install tor and a torrc.

onions in the namecoin tree also useful (i use this to map a friendly
name to multiple onions. there is a good thread on improving hidden
service availability and scalability on the tor-dev lists as well, but
for now redundancy is my favored approach.)

> it launched a month and a half later, but that's because it isn't a
> simple campaign like resetthenet. YBTI is about developing the
> necessary technology to enable usable end-to-end encryption and
> social graph (aka metadata) protection (and a few things more).
> so it is a site that aims for a *real* solution.

i think resetthenet is more complicated on the social/organization
level than you give credit.  this makes sense, as the wonderful YBTI
is very technical and awesome.  technical people tend to think of
organization and communication and collaboration aspects as "easy" or
"afterthoughts" but i've come to see them as anything but.  (often,
the easier an effective campaign appears, the more inspired and
labored it's creation.)

>> i also think all of the technologies you listed above are insufficient
>> for a truly decentralized, robust, privacy enhancing infrastructure.
>
> you mean you agree with me? of course HTTPS etc are all broken and
> inadequate. or what are you referring to?

i absolutely agree with you that HTTPS and etc are all broken under
some reasonable threat models.  and i believe all of the technologies
you've listed in YBTI are also broken under reasonable threat models.

we have a lot of work to do!

> no, it is wasted energy. 99% of engineers insisting on working on
> horse carriages after 1% told the world they invented a car and
> need help improving it.

all horse carriages immediately deprecated?  transitions take time!

> in a couple of years 99% of engineers will find out they have
> invested sooo muuuch tiime in a technology which slowly but
> steadily turns obsolete

do nothing in the interim?  instead, i am doing many things. holding
my nose paying tithe to the CA cartel. working on better solutions.
thinking about how remaining flaws in better options can be further
mitigated...

please keep up the good work on YBTI!

best regards,