On Mon, Jan 23, 2017 at 10:21:46AM +0100, hiro wrote:
> now that everybody and their kitchen sink has internet it's getting a
> bit late for privacy. teaching people not to use android phones is a
> nearly pointless activity.
> computer security and privacy is now a luxury of the technical elite
> and illiterate or offline people.
>
> software has given all the means to individuals, but culture can
> prevent you from using software in the right way. the more time people
> spend their free-time online the more they synchronize to the global
> way of the internet kiddy culture.
>
> decentralization technically works quite nicely as can be seen with
> bittorrent and bitcoin. but is incomplete in some sense, because
> there's always a central protocol that can be attacked. the faith
> people had in tor made them run into the nets of spying governments.
> even though the tor network is in a way decentralized the number of
> exit nodes is limited, thus easy to observe by one centralized
> intelligence entity. also when people use decentralized networks like
> tor to access multiple personalized and centralized services like
> facebook, google, twitter ebay, amazon, banks, etc. obvious breaches
> occur.
>
> in my opinion going only one step is worse than doing nothing here:
> the false security people get using end-to-end encrypted messengers on
> their automatically updating google phones makes me cringe everytime i
> hear about it.
> as i said, all the tools are there already, it's up to the masses to
> adopt them (they're not). so the work that is left is not technical
> engagement, you have to change how people think and how they interact
> online, unless you're able to make them stop using other centralized
> services you have failed. try with a small group of people first that
> actually has a need for privacy.
+1
Currently, computer security hygiene is first a social and usage issue, then a
technical implementation issue, and finally a mathematical and science issue.
De-centralized and volatile internet "services" imply, mecanicaly, a much less
comfy usage than centralized or non-massively decentralized protocols.
Mecanicaly lambda users are driven to the most comfy internet "services", hence
centralized or non-massively decentralized and non-volatile "services".
Everything has exceptions, bittorrent makes me lie (even though some companies,
proxies of US movie/music majors, are trying hard to take over the protocol by
complexity, see libutp->µtorrent->bittorrent INC->Majors). Its volatility makes
it a really fluid and moving "target", and only a near perfect digital
dictatorship could block it, thus the sabotage or control take over with
complexity (usually c++ components). Many lambda users managed to learn and
use it, and that, very probably, because they could download their
movie/game/series/music in a comfier/free way than getting a
dvd/bluray/cd/locked down device.
De-centralized services, means you can bring back those services in control of
their users. For technically litterate people, that could be mitigated in a
reasonable way, but not all cases.
I heard of the "privacy internet boxes", basically personal email servers,
personal web servers. But, I don't think a lot of email clients support email
addresses with an IPv4/IPv6 address instead of a domain name. I even wonder if
fatty smtp servers do support the feature too (I wrote a really minimal
receiving smtp server, even the smtp protocol in itself is too fat). And with
all that, your emails will end up in spam boxes of big centralized email
services (gmail,yahoo...) or blocked. Freedom and privacy comes with spam, it's
the price to pay.
There are tons of more things to say about those, because those are really
complex issues and evil there is smart and clever.
--
Sylvain
Received on Mon Jan 23 2017 - 14:12:23 CET