@mr @aral
I know that Maths can't be contained, that algorithms are just numbers, that the back door intended for the goodies could fall in the hands of the baddies… as I said, I'm an ally.
That being said: of course there's middle ground with regards to #encryption! — very few issues in life are either black or white. Let's not oversimplify or advocate for the extreme; at least not without examining or trying alternatives.
#E2E isn't all that different from other great powers that societies (try to) control: firearms, natural resources, the press, drugs, etc. In those cases, we seek balances between #freedom and #security. Why not here?
For instance: we trust seven human beings with the private keys to DNSSEC worldwide (even if those keys could fall in the wrong hands); we trust judges in democratic countries to suspend the rights of individuals when it's necessary to prevent harm to others (even at the risk of them abusing that capacity sometimes); we trust the police to use weapons that we ban for ourselves (instead of throwing our hands up in the air, saying “it's futile! criminals will find ways to get those weapons anyway!”, and making any weapon freely available to anyone)… Note the parallelisms with the three arguments most commonly used in favour of unrestricted E2E.
We could restrict strong encryption to people without criminal records (child abusers, terrorists, etc). We could demand that any system or app implementing strong encryption be “licensed” by democratic states (quickly, for free, without purpose limitations) so that in the event of a warrant it'll be easier to inventory exhibits and to spot illegal uses of encryption where the most incriminating evidence might be. In many day-to-day use cases, we could advocate for strong encryption (non-E2E) where the master key is the cryptographic product of three or four secret keys: one held by a representative of the company offering the service; one held by the corresponding Supreme Court, MoJ, or analogous democratic institution; one provided by some special department of the UNHRC. We could legally bundle “free E2E encryption for all” together much tougher laws that would harshly punish any party involved, or any witness to the communication/data, if they don't report “encrypted” crimes, or if they don't disclose any private keys in their possession in the course of investigations.
I'm not saying these ideas are particularly wise, or even feasible. I am no expert. I'm just saying: let's try to empower citizens and protect privacy without gifting all malicious actors in the world with amazing sacrosanct invisibility blankets.
@aral
I'm much more pro- than against-#encryption, so count me on your side. Still, that kind of black-or-white approach isn't helpful here (as with many other issues).
Why alienate fellow defenders of #E2E who might have a more nuanced view? Can't we admit that there will be instances of people, uses, circumstances, and tools, where we might want a well-argumented, good-intentioned warrant to be able to penetrate into secret data or communications — for the common good?
I don't have a solution at hand that could balance the best of both worlds. But to admit that it'll be hard and that in the pursuit of legit concerns sometimes individual rights will be sadly infringed upon (as IRL, all the time) is not the same as not even trying and resorting to the extreme.
tripu
boosted
"Anemoia" is the feeling of nostalgia for a time you haven't experienced
I don't know if there's an equivalent term for places, but I've never been to Japan and yet this quiet street gives me the same vibe
#Photography by Ryo
https://www.flickr.com/photos/moojie/14950084067/in/photostream/
tripu
boosted
🇳🇱
After a week of working on re architecting the QOTO servers I'm mostly there. I had to write a whole new load-balancer from the ground up. The old one didnt work with docker-swarm.
The load balancer is now automated like before AND distributed. So basically I never need to worry about obtaining or configuring ssl certs or even fussing with nginx configuration. When i bring a new service up into the swarm I simply add some labels to the service and the load balancer I wrote will automatically detect it and rewrite its own nginx configuration, obtain new certs (or renew existing ones) and automatically route itself to the new service.
This was the bulk of the work, I put the source code up for it (its three containers) here for anyone who might want to steal it, I'll be documenting it and cleaning it up tomorrow:
https://git.qoto.org/modjular/swarm-proxy
I also automated the process of bringing up new nodes in the swarm so I wrote a whole bunch of scripts for that in a separate repo (I'll share that tomorrow). So at this point its just a matter of actually bringing the services up in the new framework. So far I've tested it with two services and works great.
So starting tomorrow I can start migrating QOTO services to the new framework hopefully. Its amazing how easy this is going to make my life.
This.
What the bloody fuck, #apple https://www.theverge.com/2020/10/8/21506995/apple-forced-in-app-purchase-protonmail-ceo-wordpress-iap Forcing Protonm...
I had been very suspicious of #JohnMcAfee's flamboyant bullish assertions about #crypto in the short term. Now it all makes sense.
https://www.whoismcafee.com/u-s-securities-and-exchange-commission-sec-sues-mcafee-for-pumping-initial-coin-offerings-icos/
tripu
boosted
tripu
boosted
You don't own your Kindle books, Amazon reminds customer
https://www.nbcnews.com/technolog/you-dont-own-your-kindle-books-amazon-reminds-customer-1C6626211 @particl
tripu
boosted
The NSA phone #surveillance program was illegal and expensive: And it did not stop a single terrorist attack. https://tutanota.com/blog/posts/nsa-phone-surveillance-illegal-expensive @Tutanota
“It would be wrong for us to ignore the unearned #privilege that exists in #Nodejs. Much of the project leadership is #white, and a majority are men. We are and have been systematically complicit in perpetuating the issues that led us to where we are.”
https://nodejs.org/en/black-lives-matter/
#BLM #MoralGrandstanding #CollectiveGuilt #software #JS
https://www.econlib.org/the-illogic-of-collective-guilt/
tripu
boosted
My friend Yoko explained this Japanese custom: the pre-addressed return envelope has 行 (iki) after the destination address, but people cross it out and write 御中 (onchū), literally "honorable inside", the equivalent of 様 (sama) for organizations.
Why wouldn't they just print it that way? Because it would be rude to use honorifics for your own company! 😅
#japanese
«Desde el asalto a la división de poderes hasta la connivencia con la violencia, desde el ataque planificado y sistemático a la unidad territorial hasta la imposición de una ideología, convertida en moral totalitaria y acompañada de una censura propia de la Inquisición. Cada atropello a las libertades protagonizado por este Gobierno, incluida la libertad de conciencia, tiene su correlato en un episodio del pasado comunista que despertó la respuesta fascista y llevó a los españoles al desastre.»
https://www.elespanol.com/opinion/tribunas/20200930/gobierno-recuerdo-odio/524567541_12.html
tripu
boosted
Mass adoption matters.
https://twitter.com/helveticade/status/1311721201883058177
RT @helveticade@twitter.com
Sci-hub is more meaningful, politically radical and has had more impact than any decentralisation or blockchain software project of the past 10 years.
🐦🔗: https://twitter.com/helveticade/status/1311721201883058177
“I recognise that I can use part of my income to do a significant amount of good. Since I can live well enough on a smaller income, I pledge that for the rest of my life or until the day I retire, I shall give at least ten percent of what I earn to whichever organisations can most effectively use it to improve the lives of others, now and in the years to come. I make this pledge freely, openly, and sincerely.”
#EffectiveAltruism #EA #GivingWhatWeCan #GWWC #pledge
https://www.givingwhatwecan.org/pledge/
tripu
boosted
Yo siempre encantado, en casos como este, de «generar más interacciones» y «hacer ganar visibilidad».
Contexto: https://social.politicaconciencia.org/@DrBenway/104943003505648487
@Jngorria@quey.org
@DrBenway Tu @tripu eres tonto hasta las dos y luego ya todo el día, a parte de un petulante... Y porque uses palabras educadas no quiere decir qu...
