Shamar @Shamar@qoto.org

@ljwrites

While this is the smartest objection to my usual comparison of free software and free speech, I think you are missing an important detail.

#FreeSoftware is a work-aroud to defeat unjust #Copyright laws.

If I take #Microsoft #Windows code (or executables, it doesn't change much), modify it and publicily share the result under any form, I'm going to be criminalised and actually indicted for copyright infridgement.

Now for a #hacker, programming is a form of expression just like writing is for everybody else.

International copyright laws and agreements is basically statal censorship for economical (thus ideological and political) gain.

Now, one might argue that #hackers are a tiny minority that do not deserve such right to expression and it have to sacrify it for the other mainstream programmers.

And it's surely true that the #OpenSource people did their best to take Free Software from hackers to turn it into an exploitative, ethically washed, #marketing tool.

And I agree that, because of that, we are reaching the limits of what a #copyleft licence, however strong, can protect.

For example, thanks to the progress of #hardware, we can all see that all free software copyleft forgot the right (duty?) to #SelfHosting.

But free software still stands as a tool to create a protected zone of free programming expression in a hostil environment ruled by (corporate friendly) copyright law.

Since copyright infrigement can lead hackers to statal jail, free software IS free speech.

@wim_v12e@octodon.social

Well... actually lambda calculus AND bb encoding. But I'm quite familiar with lambda calculus and I see that BB encoding can enhance what you can do with it.

@alice

@wim_v12e@octodon.social

BB encoding.

@alice

@wim_v12e@octodon.social

I'd like to read such blog.
I like the idea a lot in particular because it does NOT play well with typeclasses.

BTW, you should also add an example of interpretation.

@alice

Crazy web service idea of the week.

GET /$HASH_OF_URL
return the hashes of the contents followed by first recorded timestamp. One per line.

POST /add?$URL
queue the hashing of URL's content (it will be executed sometime in the future)

@yarmo

Actually a clear separation between encryption&signing on one side and identity management in the other would allow to separate packaging, deployment and upgrade.

For example you could install the browser-only system on a server that do not provide any serverside scripting.

This would reduce the attack surface both for the server and for the visitor.

It's not safe(TM) anyway, but it could be useful in some self-hosted system.

@yarmo

Fine thanks!

A question: did you consider to separate the crypto functionality that can be executed in the browser and the identity related ones in two different applications?

While I don't like crypto done in Javascript, I think a clear separation of concerns would reduce the attack surface.

@yarmo

Interesting tool, good for self-hosting.

Where does cryptography happen? On the browser or on the server?

@michi@social.tchncs.de

I'll dive deeper into the Play Services thing. Actually I know about the advertising ID and routinarily change it (but I'd like an App that change it once an hour... i looked to write it myself but apparently I can't find the proper Android's API to use).

As for the Tor Browser's plugin, I'd say it doesn't take #uMatrix into account.
It prevents third parties HTTP requests to be sent, so there's nothing to anonymize.

@icedquinn

Didn't know... thanks!

@ademalsasa @alcinnz @Nixfreak

@icedquinn

Uhm... good point!

Actually I did not think about them... but do they enable smartphones to use an ethernet connection?

@ademalsasa @alcinnz @Nixfreak