[liberationtech] Any project missing on the updated map of a "GNU Internet" ?

[carlo von lynX]

On Mon, Oct 05, 2015 at 04:17:05PM +0200, Lluís Batlle i Rossell wrote:
> Well, we don't have build farms for ARM, so it is common for people to
> build all there, for example. Following upstream means building more than
> gentoo, because the dependencies are totally explicit at any point.

Oh, good to know. On the other hand it should be safe to randomly use
prebuilt binaries because all binaries are reproducible, so a malevolent
provider cannot know in advance which packages will be checked for
reproducibility... yes?

> As for the rest of your advices, I'm quite aware about the uses of
> leaked metadata, the problems of xmpp, etc. :) I quite follow the project.
> I just wanted to help have more pieces in the map - I do not consider
> them a final solution.

Yes, none of the things on the map solve the entire puzzle. There's
plenty of redundancy while at the same time there isn't a complete
stack ready to go, let alone several.

> Maybe you could mention also somewhere that modern PGP thing (which is pgp at
> the end): keybase.io. It just came to mind.

There are several stop-gap opportunistic approaches to key retrieval
around.. pEp, LEAP. I think we should be leveraging the social graph
for key acquisition instead, with a private distributed implementation
like GNS for example. You use it like an address book and your social
network guarantees that you picked the correct public key, without
any state authority knowing anything.


-- 
  E-mail is public! Talk to me in private using encryption:
         http://loupsycedyglgamf.onion/LynX/
          irc://loupsycedyglgamf.onion:67/lynX
         https://psyced.org:34443/LynX/