1. 21

  2. 11

    I’m appaled by some (if not pretty much all) of the comparisons that Moxie makes. The reasonning isn’t even right: “A implies B” is turned into “B implies A”, therefore “A is equivalent to B”. The example of IP is bogus: it’s typically something that cannot be centralized. Decentralization of email is not the reason email is not encrypted: sharing private keys is.

    Reacting to a few things he says (it’s turning out to be much more than “a few”):

    “Decentralized systems are not inherently encrypted. In fact, most decentralized systems in the world are not end-to-end encrypted by default.” -> logic statements are in the wrong order, and what about HTTPS and IP (which has basically no need for encryption because it’s meant to be the layer everyone on the path sees)

    “I think advocates of decentralization have a different take on privacy which is data ownership.” -> it’s not a different one, it’s an additional one.

    He states people don’t care about owning their data: the reason is because people don’t know that they technically can! Almost everyone who knows about a tiny bit data treatment by large companies (anyone who has followed the news) would like something closer: doesn’t have to be yourself, it can be hosted by friends or group of people or smaller companies close and trustworthy enough.

    He might as well have a gmail account since all his e-mail correspondants use gmail. So… trust gmail with deciding who can talk to whom? Doesn’t seem enviable.

    When he mentions that the servers don’t know about the metadata but IIRC I wasn’t convince by the technical details.

    I think I better stop: he conflates everything and far too often he states that decentralized systems do not have X and therefore cannot have X which proves that decentralized systems are unable to get new features like Y or Z.

    1. 2

      4 / 5 years are not a long time to update the entirety of the internet

      Well, for some people Facebook is “the entirety of the internet” and Facebook is updated multiple times a day.

      This sounds like the enterprise guy who is proud that they now deliver so quickly after only two years. Meanwhile the startup guy is confused because in two years he has started and sold two companies.

      Another comparison is the C++ guy who is proud to make the build 5 minutes faster. The Go guy asks if he meant seconds instead of minutes.

      1. 1

        The article touches on nomadic identity. I think that’s going to be very important in a federated world, especially if we want small, amateur-run instances.

        Hubzilla’s nomadic identity assumes that when it comes time to migrate, either your old server is running, or you have backed up your account from the old server after the last post you cared about but before the server went down.

        (I’m not sure if Hubzilla’s identity system uses cryptographic identity, or whether your friends just trust the new server when it claims that you moved over to it.)

        In my social journaling prototype, I think I’m going to address this with a combination of cryptographic identity (public key announced on server, trust on first observation) and local-first design (i.e. local data is authoritative, and server is just a public mirror of it). If you change servers, and the old server is down (and can’t announce the move) people can at least see that the new server has a signed statement with the same public key saying that the new server is the correct location.