1. 8

    I use LineageOS for microG, not compiled from source currently, but I did compile CyanogenMod (LineageOS predecessor) a couple times in the past (when a new version was available, but official builds for my device weren’t).

    microG is the only real substitute for Play Services, it provides a FOSS client for Google push notifications and stuff.

    1. 1

      I mention this fairly frequently so I hope I don’t sound like a broken record - one security downside to MicroG is that you need to enable signature spoofing so that it can impersonate the official Google Play Services.

      Personally, I’m willing to give up push notifications for proprietary apps. There are plenty of FOSS apps that don’t depend on Google Cloud Messaging.

      1. 4

        But the impersonation also requires a permission. Only microG is allowed to impersonate Play Services, not any random app you have installed. I’m perfectly fine with that.

    1. 2

      OsmAnd is great! I recently used it to navigate while traveling abroad without internet.

      The UI isn’t quite as polished as Google Maps, and calculating a route locally isn’t as quick as Google’s servers. But it certainly gets the job done.

      1. 3

        I don’t really see the point of using microG? What’s the big benefit of a third party client if one does still continue to use Googles servers?

        Personally, I use CopperheadOS without any google services. Works well for me, but I did not even use GMaps, Whatsapp and so on back when I had “Google Play Services” on my phone. Nowadays it’s fdroid and all its apps, like OSMAnd and so on. Signal from its self-updating APK with a websocket connection instead of “Google Cloud Messaging”. Works just fine, but uses quite a lot of battery.

        1. 5

          Push notifications are a deal breaker for me, also, there are a lot of apps that purposely warn you and kick you out of the app if no Play Services are installed (Google has some security certifications where they mandate you to disallow users without play services from using apps).

          Also, everything I can get from F-Droid that serves my need I do, but not every app that I need has a FOSS alternative (slack, bank, spotify, zoom - to name a few). Plus, I really dislike the idea of having a ~150MB system app that sits their just to “support apps with services”. MicroG serves the basic functionality to provide you with things like push notifications, it’s size is tremendously smaller and it’s open source.

          1. 2

            I’m in the Copperhead camp and don’t really miss push notifications. Slack doesn’t ping me anymore, but that’s just another reason to migrate to FOSS apps designed to work without Google Play (riot/matrix, conversations.im, signal, etc). Cutting down on notifications from bank apps could even be interpreted as a positive side effect.

            One security downside to MicroG is that you need to enable signature spoofing so that it can impersonate the official Google Play Services.

            1. 1

              One security downside to MicroG is that you need to enable signature spoofing so that it can impersonate the official Google Play Services.

              LineageOS people keep saying that, but I don’t see the security issue. There is no slippery slope, and there is literally no other way to replace Google dependencies than to pretend you’re them.

        1. 5

          As exciting as this is, I’m wary about dependency in GNU tools, even though I understand providing an opembsd-culture-friendly implementation would require extra work and could be a nightmare maintainance, with two different codebases for shell scripts, but perhaps gmake could be replaced with something portable.

          1. 12

            This version of Wireguard was written in go, which means it can run on exactly 2 (amd64, i386) of the 13 platforms supported by OpenBSD.

            The original Wireguard implementation written in C is a Linux kernel module.

            A dependency on gmake is the least of all portability worries in this situation.

            1. 18

              While it’s unfortunate that Go on OpenBSD only supports 386 and amd64, Go does support more architectures that are also supported by OpenBSD, specifically arm64 (I wrote the port), arm, mips, power, mips. I have also implemented Go support for sparc64, but for various reasons this wasn’t integrated upstream.

              Go also supports power, and it used to run on the power machines supported by OpenBSD, but sadly now it only runs on more modern power machines, which I believe are not supported by OpenBSD. However, it would be easy to revert the changes that require more modern power machines. There’s nothing fundamental about them, just that the IBM maintainer refused to support such old machines.

              Since Go support both OpenBSD and the architectures mentioned, adding support in Go for OpenBSD+$GOARCH is about a few hours of work, so if there is interest there would not be any problem implementing this.

              I can help and offer advice if anyone is willing to do the work.

              1. 3

                Thanks for your response! I didn’t know that go supports so many platforms.

                Go support for sparc64, but for various reasons this wasn’t integrated

                Let me guess: Nobody wanted to pay the steep electricity bill required to keep a beefy sparc64 machine running?

                1. 23

                  No, that wasn’t the problem. The problem was that my contract with Oracle (who paid me for the port) had simply run out of time before we had a chance to integrate.

                  Development took longer then expected (because SPARC is like that). In fact it took about three times longer than developing the arm64 port. The lower level bits of the Go implementation have been under a constant churn which prevented us from merging the port because we were never quite synced up with upstream. We were playing a whack’a’mole game with upstream. As soon as we merged the latest changes, upstream had diverged again. In the end my contract with Oracle had finished before we were able to merge.

                  This could all have been preventable if Google had let us have a dev.sparc64 branch, but because Google is Google, only Google is allowed to have upstream branches. All other development must happen at tip (impossible for big projects like this, also disallowed by internal Go rules), or in forks that then have to keep up.

                  The Go team uses automated refactoring tools, or sometimes even basic scripts to do large scale refactoring. As we didn’t have access to any of these tools, we had to do the equivalent changes on our side manually, which took a lot of time and effort. If we had an upstream branch, whoever did these refactorings could have simply used the same tools on our code and we would have been good.

                  I estimate we spent more effort trying to keep up with upstream than actually developing the sparc support.

                  As for paying for electricity, Oracle donated one of the first production SPARC S7-2 machines (serial number less than 100) to the Go project. Google refused to pay for hosting this machine (that’s why it’s still sitting next to me as I type this).

                  In my opinion after being involved with Go since the day of the public release, I’d say the Go team at Google is unfortunately very unsympathetic to large scale work done by non-Google people. Not actively hostile. They thanked me for the arm64 port, and I’m sure they are happy somebody did that work, but indirectly hostile in the sense that the way the Go team operates is not compatible with large scale outside contributions.

                  1. 1

                    Having to manually follow automated tools has to suck. I’d be overwhelmed by the tedium or get side-tracked trying to develop my own or something. Has anyone attempted a Go-to-C compiler developed to attempt to side-step all these problems? I originally thought something like that would be useful just to accelerate all the networking stuff being done in Go.

                    1. 2

                      There is gccgo, which is a frontend for gcc. Not quite a transpiler but it does support more architectures than the official compiler.

                      1. 1

                        Yeah, that sounds good. It might have a chance of performing better, too. The thing working against that is the Go compiler is designed for optimizing that language with the gccgo just being coopted. Might be interesting to see if any of the servers or whatever perform better with gccgo. I’d lean toward LLVM, though, given it seems more optimization research goes into it.

                      2. 2

                        The Go team wrote such a (limited) transpiler to convert the Go compiler itself from C to Go.

                        edit: sorry, I misread your comment - you asked for Go 2 C, not the other way around.

                        1. 1

                          Hey, that’s really cool, too! Things like that might be a solution to security of legacy code whose language isn’t that important.

                    2. 1

                      But these people are probably more than comfortable with cryptocurrency mining 🙃

                    3. 3

                      Go also supports power, and it used to run on the power machines supported by OpenBSD, but sadly now it only runs on more modern power machines, which I believe are not supported by OpenBSD. However, it would be easy to revert the changes that require more modern power machines. There’s nothing fundamental about them, just that the IBM maintainer refused to support such old machines.

                      The really stupid part is that Go since 1.9 requires POWER8…. even on big endian systems, which is very pointless because most running big endian PPC is doing it on pre-POWER8 systems (there’s still a lot!) or a big endian only OS. (AIX and OS/400) You tell upstream, but they just shrug at you.

                      1. 3

                        I fought against that change, but lost.

                      2. 2

                        However, it would be easy to revert the changes that require more modern power machines.

                        Do you have a link to a revision number or source tree which has the code to revert? I still use a macppc (32 bit) that I’d love to use Go on.

                        1. 3

                          See issue #19074. Apparently someone from Debian already maintains a POWER5 branch.

                          Unfortunately that won’t help you though. Sorry for speaking too soon. We only ever supported 64 bit power. If macppc is a 32-bit port, this won’t work for you, sorry.

                          1. 3

                            OpenBSD/macppc is indeed 32-bit.

                            I kinda wonder if say, an OpenBSD/power port is feasible; fast-ish POWER6 hardware is getting cheap (like 200$) used and not hard to find. (and again, all pre-P8 POWER HW in 64-bit mode is big endian only) It all depends on developer interest…

                            1. 3

                              Not to mention that one Talos board was closer to two grand than eight or ten. Someone could even sponsor the OpenBSD port by buying some dev’s the base model.

                              1. 3

                                Yeah, thankfully you can still run ppc64be stuff on >=P8 :)

                      3. 2

                        This version of Wireguard was written in go, which means it can run on exactly 2 (amd64, i386)

                        That and syspatch make me regret of buying EdgeRouter Lite instead of saving up for an apu2.

                      4. 2

                        I’m a bit off with the dependency of bash on all platforms. Can’t this be achieved with a more portable script instead (POSIX-sh)?

                        1. 3

                          You don’t have to use wg-quick(8) – the thing that uses bash. You can instead set things up manually (which is really easy; wireguard is very simple after all), and just use wg(8) which only depends on libc.

                          1. 2

                            I think the same as you, I’m sure it is possibe to achieve same results using portable scripts. I’m aware of the conviniences bash offers, but it is big, slow, and prompt to bugs.

                        1. 3

                          I’m always curious about the intended audience with these types of posts. The posts typically paint a straw man picture that there are people unwilling to change the operating model to be more efficient given the option, which is absurd. Should we abandon bitcoin? Is that the thesis here?

                          Clearly the non technical people would probably not know PoW is inefficient but they also have little to no control over the dominance of bitcoin and the way it works. There are strong economic incentives for actors supporting the current structure to keep supporting it as is and the blog post does not address this problem at all.

                          1. 7

                            The cryptocurrency posts themselves paint a strawman that we cant do anything better than corrupt, for-profit, centralized tech unless we switch over to blockchains. That’s a lie with many counterexamples. Bitcoin itself also has huge hype and drawbacks in practice.

                            The author is highlighting that hype and drawbacks. He’s also highlighting a social phenomenon where many proponents try to talk like bad things are good things to downplay them. I’d straight up call that fraud since they’re trying to get people’s money.

                            1. 5

                              I understand that you have a strong opinion on the subject but you’re essentially calling anyone who has an interest in decentralized systems a fraudster. I think it’s disingenuous to say “people who have interests different from my own are by definition fraudsters”.

                              Decentralized, trustless systems have important applications. Bitcoin was created as a response to the banks being involved in widespread fraud. Calling Bitcoin users frauds seems to miss the point in the largest way possible.

                              1. 2

                                “ Bitcoin was created as a response to the banks being involved in widespread fraud.”

                                So were credit unions and non-profits in response to earlier fraud. I don’t see a lot of them involved in things like 2008 crises. I thought even Bitcoin had a non-profit/foundation controlling or supporting it.

                                He’s also highlighting a social phenomenon where many proponents try to talk like bad things are good things to downplay them. I’d straight up call that fraud since they’re trying to get people’s money.

                                That was the key circumstance that I brought up fraud on. The need to use as much energy as Ireland to avoid unscupulous parties screwing up a few transactions a second is one such implication. It’s a total lie since the regular, banking system prevents or catches lots of stuff like that on a daily basis. From there, I pointed out in another comment that a system using regular databases and protocols with distributed checking might take a $5 VPS or one server per participant. Those don’t take the energy of Ireland, insanely-slow transactions, or crypto magic.

                                That the very-smart proponents of Bitcoin don’t investigate such options or tell their potential investors of such alternatives with their risk/reward tradeoffs means they’re more like zealots or con artists. I mean, most people might trust such alternatives since they’re using the regular financial system. They might love solutions that knock out all the real problems they’ve dealt with efficiently plus make plenty of headway on the more rare or hypothetical risks many cryptocurrency proponents worry about all night.

                                Save the best for last. If it’s Bitcoin, they might also want to know it’s primarily a volatile, financial instrument used for speculation instead of a stable currency they can depend on as its proponents are selling it. I know people who are day trading these things right now riding the hype waves profitably while the adopters driving them and sustaining the systems aren’t getting the much better thing people probably promised them. Many of them have also lost money they wouldn’t have lost storing currency in traditional, financial system. Looks like fraud to me.

                                1. 3

                                  The need to use as much energy as Ireland to avoid unscupulous parties screwing up a few transactions a second is one such implication. It’s a total lie since the regular, banking system prevents or catches lots of stuff like that on a daily basis. From there, I pointed out in another comment that a system using regular databases and protocols with distributed checking might take a $5 VPS or one server per participant. Those don’t take the energy of Ireland, insanely-slow transactions, or crypto magic.

                                  It sounds like you might endorse the notion that PayPal is more effective than Bitcoin. PayPal supports more transactions per second, catches a lot of fraud, supports chargebacks when fraud does happen, and doesn’t require proof-of-work – it all runs safely on PayPal’s verified servers. This is all true, and for many people PayPal is fine enough.

                                  However, the centralized nature of PayPal does have some problems. There’s always the risk of getting your account frozen, which has happened to countless people. Minecraft made too much money in 2010. Wikileaks pissed off powerful entities in 2012. Google has over 600,000 results for “paypal accounts frozen”. I hear that PayPal freezes lots of crowdfunding efforts in particular.

                                  What it comes down to is trust. If you can trust the corporate entity PayPal to expedite your transactions and send you on your way, then the status quo is fine. But if you have a problem with PayPal, or PayPal has a problem with you, then you need to find an alternative.

                                  You can see the same problem on a larger scale with the SWIFT network. Nearly every international interbank transfer takes place on SWIFT, and it works fine as long as everyone trusts each other. But if you find yourself on the wrong end of US sanctions, suddenly your banking system comes to a screeching halt. Russia, China, and Iran are all too aware of this problem and are trying to build alternatives. Russia is working on SFPS and China is building CIPS. They’re also both stockpiling gold; another asset that won’t freeze you out at a moment’s notice.

                                  Bitcoin never freezes anyone out of their funds. If you have the private key, you control the bitcoin wallet, period. It’s math, not bureaucracy.

                                  1. 4

                                    “This is all true, and for many people PayPal is fine enough.” “However, the centralized nature of PayPal does have some problems”

                                    You’re almost there. The centralized solution like PayPal works really well except in well-known failure modes. SWIFT is another good example I bring up myself in these discussions as better than Bitcoin so far. There’s centralized companies, esp credit unions or nonprofits, that aren’t doing all the shady stuff PayPal does. That’s by design. There’s cooperatives leaner than Swift, too. So, the logical, first thing to explore is how to mix those protections with centralized companies like PayPal. If we do decentralized, the first thing to explore should be proven tech for centralized case with distributed checking maybe at a granularity of participating organization like with banks and SWIFT. So, so, so much more efficient to do that.

                                    Instead, cryptocurrency proponents paint a false dilemma between for-profit, greedy banks vs distributed, energy-sucking, blockchain system. It’s misleading given all the designs in between. Not to mention they seem to only focus on what for-profit, scumbag banks do instead of what centralized organizations designed for public benefit can do. A little weird to sidestep the whole concept of nonprofit, consumer-focused banks or companies, eh? It’s like they want a specific solution ahead of time looking for justifications for it instead of exploring the vast solution space trying to find what works best for most peoples’ goals.

                                    “Bitcoin never freezes anyone out of their funds. If you have the private key, you control the bitcoin wallet, period. It’s math, not bureaucracy.”

                                    You’re telling me Bitcoin ledgers, exchanges, and/or hardware can’t be blocked or made a felony in a country. I doubt that. Hell, the mining situation makes it look more like a traditional oligopoly. I can’t remember if they’re all in China or not. That would be even worse given it would be an oligopoly whose companies are under control of one government that’s not about libertarianism and greater good. There’s currently more diverse control and subversion difficulty in traditional, banking system right now if not doing business with banks that are scumbags. I’d avoid any of them on the bailout list to start with.

                                    1. 2

                                      Good points all around. On second thought, what you’re describing sounds less like PayPal and more like Ripple.

                                      In May 2011, [the creators of Ripple] began developing a digital currency system in which transactions were verified by consensus among members of the network, rather than by the mining process used by bitcoin, which relies on blockchain ledgers. This new version of the Ripple system was therefore designed to eliminate bitcoin’s reliance on centralized exchanges, use less electricity than bitcoin, and perform transactions much more quickly than bitcoin.

                                      It’s targeting the interbank/SWIFT space, and purports to “do for payments what SMTP did for email”.

                                      1. 2

                                        Oh yeah, I loved their concept when I looked into this stuff. Interledger was my favorite concept but Ripple stood out, too. Obviously, I have some technical disagreements but they’re going in much smarter direction. Their marketing said you can pay for stuff with quick settlements, multiple parties checking stuff, and none of Bitcoin’s energy problems. The quick settlements in a global system probably being the main, selling point for most customers.

                            2. 7

                              there are people unwilling to change the operating model to be more efficient given the option, which is absurd

                              There are absolutely lots of these people unwilling to change the operating model to be more efficient given the option. This is why I looked for claims from reasonably noteworthy bitcoiners and not random nobodies - though the random nobodies use the same arguments, and quote the noteworthy arguments - and linked and quoted them at length to make it clear that this is not straw but actual arguments they make in real life. This is all real. I’m not sure how I could make that clearer.

                              1. 1

                                I don’t see a quote about choosing PoW over efficient alternatives. All the claims quoted in your post all seem to be something along the lines of “the benefits of proof of work are worth it.” To these claims you respond with the argument that they are “highly questionable to anyone who isn’t already a Bitcoin fan.”

                                From my read I’d say you do not address the claim that immutability and a shared transaction concensus is useful with any sort of reasoning or argumentation, just a slew of examples meant to bring doubt in the readers mind. You use terms like “waste” to describe the use of energy, which clearly reveals the a priori and entirely unargued assumption that it is not worth it. A better approach would be to lay down a reasonable framework for analysis and explain the limits of immutability and the price being paid for it within that framework.

                                Ultimately, I still don’t quite understand the thesis of this post. Why should the externality of energy expenditure be regulated by the economics driving it (proponents of PoW blockchains) and not governments?

                            1. 5

                              Posts like this are refreshing and I feel like they bring back some sanity to the crypto-currency madness.

                              We are talking about massive wastes of energy for creating what? I’ve had one friend say better money. I really like to think of money as a problem (read: Debt: The First 5,000 Years) and I’d hope humanity would one day move past money and a resource scarcity based economy.

                              Bitcoin is just more resource scarcity. Fuck crypto-currency in general at sending prices for video cards and dram through the fucking roof. I can’t even build a new system today because DDR4 prices and GPU prices have doubled since last year!

                              1. 3

                                For what it’s worth, DRAM manufacturers have allegedly been conspiring to fix the price higher. So it’s not totally crypto’s fault.

                              1. 13

                                “Truly immutable timestamps could be useful”

                                As with most stuff, there’s already a standard for that. One company, Surety, even puts the hash of their timestamp ledger (hash chains) in the New York Times to create a paper trail. I’m sure the decentralized checking part could be scaled horizontally a bit without much change in protocol or energy usage. The individual operations are still simple enough to do on chips that are a few bucks each.

                                1. 7

                                  there’s already a standard for that. One company…

                                  The big feature that Bitcoin and other blockchains bring to the table is decentralization. If you can rely on a company for stewardship of your ledger, then by all means use a permissioned database like Surety does.

                                  On the trusted timestamping page you linked, if you skip to the decentralized section, you can see it immediately starts talking about Bitcoin.

                                  I’m not sure how much Surety’s service costs, but piggybacking on the Bitcoin or Ethereum blockchains is likely far cheaper. Here is a tutorial on how to store a message as an Ethereum contract. The cost is variable with the string length, but in this case only cost about $0.20. It works by deploying a solidity contract that is just a couple string variables. The output is observable on etherscan.

                                  1. 4

                                    In my model, several foundations in different countries run by different people would agree on a protocol. It would store stuff in SQLite, FoundationDB, or something similarly fast/resilient. A web or app server with plenty of cache would give snapshots of the ledgers. They’d charge a fixed price for bandwidth and storage which could go up as the tech improves.

                                    This setup for something small like hashes with a niche audience could run on $5/mo VM’s. Even dedicated servers, 5-way redundancy with years of compute, storage, and bandwidth would be just over a $1,000 a month. The components theyd use are so vanilla the admins could be part-time. How much does Ethereum or Bitcoin cost in comparison?

                                    1. 4

                                      Check it out, this message cost $0.80. Zero sysadmin effort on my part due to leveraging a preexisting system. Also, the message won’t vanish if I stop paying VPS bills.

                                      If you’re a large corporation that wants to timestamp thousands or millions of messages, the centralized approach could very well be cheaper. For me, verifying maybe a handful of messages per year, it’s way easier to piggyback on a large blockchain project.

                                      1. 4

                                        That’s a decent point. If you’re just externalizing and aimjng for low cost, you can post the messages in threads of diverse forums, Pastebin, etc. I used to do that with hashes on blogs. Never cost a cent.

                                        1. 3

                                          verifying maybe a handful of messages per year

                                          What’s your actual usecase for this? I struggle to see viable usecases for the blockchain beyond speculation so it’s interesting to hear what people consider are valid usecases for it.

                                          1. 2

                                            I should have worded that differently… I don’t timestamp messages all that often. What I meant to convey is that $1000/mo is definitely overkill for anyone with intermittent needs.

                                            Pastebin and forum posts are fine, but centralized. If Pastebin ever goes down, or starts manipulating old posts, then the integrity of your verification is compromised. Embedding the message in Ethereum’s blockchain is a much stronger guarantee of permanence and immutability.

                                            What sorts of blog posts need such tamper-proofing? Anything dealing with warrant canaries, reverse engineering, or low-level firmware might deserve it.

                                            1. 3

                                              I should have worded that differently… I don’t timestamp messages all that often. What I meant to convey is that $1000/mo is definitely overkill for anyone with intermittent need

                                              The $1,000/mo is for the hardware and bandwidth to run the alternative to a blockchain. In the blockchain, you’re a user that pays for a tiny portion that you use. In the alternative, you’d similarly pay for a tiny portion that you use. Maybe a membership fee that covers general cost of operations with you paying the usage parts at cost. I gave the examples of $5 VM’s to illustrate the difference between whatever Bitcoin is doing for mining or transactions. I imagine it takes a bit more hardware than $5/mo.

                                              The other article today said companies were paying $10,000 a unit for what supports this system. My hypothesis was getting orders of magnitude better performance with a year of usage at the same price with five-way checking. Adding actors that don’t trust each other just adds small amounts to the system without dragging down the speed of its main DB’s. Whereas, the folks buying the ASIC’s are spending tens of millions to support almost nothing in terms of transactions. The traditional tech is so cheap that I was using blogs to do my version of it. They didn’t even notice. That’s the difference between crypto-currency tech and traditional tech w/ decentralized checking.

                                              1. 3

                                                Pastebin and forum posts are fine, but centralized. If Pastebin ever goes down, or starts manipulating old posts, then the integrity of your verification is compromised. Embedding the message in Ethereum’s blockchain is a much stronger guarantee of permanence and immutability.

                                                It doesn’t solve the permanence problem, but just signing text is sufficient to address tampering, which doesn’t use a lot of electricity. So is being permanent the selling point? There is also ipfs which doesn’t require PoW but is decentralized, would that + signing be sufficient for your needs?

                                                Basically, I’m still struggling to figure out what the blockchain does that makes the excessive energy usage worthwhile. Maybe I’m just being narrow minded, but I still only really see financial speculation as the primary motivator, so if that becomes unviable, why would anyone continue to run a bitcoin node (and there goes the permanence?)

                                              2. 0

                                                Yeah, you’d really need to know the use case to try to use it as justification for the Bitcoin blockchain and all its baggage. As the full quote from the linked article says:

                                                Truly immutable timestamps could be useful — assuming anyone finds a timestamp use case so important that it warrants a country-sized percentage of the world’s electricity consumption.

                                                1. 2

                                                  Ah, sure. Immutable timestamps are a fun way to piggyback on the existing Bitcoin and Ethereum blockchains, but timestamping by itself is not a justification for those coins existing.

                                        2. 3

                                          plenty of hype here too: https://guardtime.com/ for example

                                          1. 3

                                            Oh Lord… they gotten bitten by the bug. No surprise, though, since it’s a fad with momentum and lots of money. I expect any company that can do a blockchain product to build one just to make money off it. Given their prior work, there’s little reason to think they actually needed a blockchain vs hash chains with distributed checking and/or HSM’s. Just cashing in. ;)

                                            Btw, do check out that Functional-Relational slide deck I submitted. It shows the Out of the Tar Pit solution is essentially what the new, GUI frameworks are doing. It was just years ahead. So, maybe some practical uses for some version of their model.

                                            1. 5

                                              Guardtime’s KSI Blockchain is probably my favourite blockchain hype. The product was first released in 2007 and they only branded it “blockchain” a few years ago … for marketing reasons.

                                              I have a post about it here. In one of their white papers, they literally redefine “blockchain” to mean containing a Merkle tree:

                                              Unlike traditional approaches that depend on asymmetric key cryptography, KSI uses only hash-function cryptography, allowing verification to rely only on the security of hash-functions and the availability of the history of cryptologically linked root hashes (the blockchain).

                                              I hear cryptocurrency people touting Estonia’s BLOCKCHAIN REVOLUTION as great news for Blockchain, and even great news for cryptocurrency. It’s not even a blockchain.

                                              I mean, I have no reason to think there’s anything wrong with it. I’m sure it does its job just fine. But goodness me, it’s the greatest marketing success “blockchain” the buzzword ever saw.

                                              1. 4

                                                If anything, it was a great way to show we didnt need a blockchain when our older concepts were working fine. They might benefit by using the buzzword. Yet, such misleading usage just reinforces the phenomenon where the BS spreads further.

                                                Im not even sure it’s reversible at any level given these fads usually either level off or implode with the name and reputation damage permanently attached to whatever the name touched. AI Winter, expert systems, and Common LISP are some of best examples.

                                                1. 1

                                                  There’s probably a post I need to write on this topic: basically, we’re going to see a resurgence in the popularity of linked lists with hashes, and they’re going to be branded “blockchain(tm)”. There are a few non-bogus projects along these lines, but it’s not so great actually and in all cases they should have just used a frickin database.

                                                  Likely case, we get mostly-working systems that have an eternally painful “blockchain(tm)” implementation at the core that can’t easily be replaced by something sane.

                                          2. 2

                                            I had no idea about surety or even the ability to do that — thanks!

                                            1. 3

                                              Sure thing! Trusted timestamping is actually one of my goto examples for hash-chain-using tech that predates blockchain craze. What timestamping-on-blockchain folks hope to achieve is what such companies have been doing reliably and efficiently for years now. Better to just invest in and improve on efficient models that already work.

                                            2. 2

                                              The standard isn’t the hard part, the trust is.

                                              How much money would it take to bribe the Surety employee who has the fewest scruples? That’s about the ceiling for which you can bet on their authentication service.

                                              1. 4

                                                The thing I push is centralized, standard ledgers with decentralized checking. For Surety done that way, it would take you bribing all the checkers. Alternatively, the HSM’s can mitigate some of the insider risk.

                                            1. 8

                                              Pretty ironic that this is on YouTube.

                                                1. 4

                                                  See also https://d.tube/, hosted on IPFS.

                                                  1. 1

                                                    Hosted on github… ;)

                                                1. 4

                                                  I wonder how do they plan on handling templates. The reason that D’s interoperability with C++ is incomplete is that you would basically need a full C++ compiler to handle templates, so I really am curious to learn how does this work around that requirement.

                                                  I understand that this is actually using a full C++ compiler (llvm), but even so, how is the result going to be turned into D templates?

                                                  1. 3

                                                    I have some ideas about how to handle templates. D can link to C++ template functions and member functions, but needs a C++ source file to instantiate them and a C++ compiler to generate the binary to link to.

                                                    The easiest way is to leave it to the user, but that’s not very ergonomic. So I’m thinking of, at the very least, trying to figure out all instantiations that happen in a .dpp file and automatically generating a C++ source file that should be compiled that the rest of the program can link to.

                                                    I’m not sure yet. I won’t be until I try.

                                                    1. 1

                                                      I wonder how do they plan on handling templates.

                                                      Probably not at all? Templates are not a C feature.

                                                      1. 1

                                                        Please read the article until the end. C++ support is planned.

                                                        1. 4

                                                          My apologies. That is an ambitious goal.

                                                          Looking around the dpp codebase (which is impressively small!) it doesn’t look as though template work has started yet, although I did find official docs that seem to indicate D already has some support for C++ templates. I’m not sure how much complexity it tolerates.

                                                          1. 3

                                                            I take the “impressively small” comment as a compliment both to the D language and to myself! :)

                                                    1. 10

                                                      I think it’s good that we’re going through this downturn, because it will help to flush out projects that aren’t worthwhile. Although I believe in blockchain, it’s undeniable that there’s a lot of hype and fraud floating around.

                                                      The author is absolutely correct that blockchain doesn’t solve untrustworthy data-entry. At best a blockchain makes it easier to audit those issues when they arise, since the tamper-proof log could include the credentials of whoever signed off on the data. If my “smart mango” tests positive for pesticides, in theory we could follow the logistics chain backwards to find who is accountable.

                                                      Ethereum smart contracts suffer from the same problem – if a smart contract needs any data from the outside world, it has to rely on an “oracle” which is trusted to provide accurate information. Some people are working on decentralized oracles, but as far as I know it’s an open problem.

                                                      A common theme I’m noticing is that most of blockchain’s problems occur on the interface between the chain and the real world. “Three exchanges got hacked” is not an indictment of bitcoin itself, so much as whatever code was powering their webserver. Vulnerabilities in bitcoin proper are few and far between, the most notable being the transaction malleability issue that was fixed by segwit.

                                                      The example of buying an ebook with an escrow smart contract is a bit tortured. Since the ebook is off-chain it’s just as complicated for blockchains to deal with as the mango. If you were trading bitcoin for a different crypto-asset, you could perform a cross-chain atomic swap [definition] [example] and avoid the need for escrow altogether.

                                                      Where blockchain really has a chance to shine is digital asset management. Since they represent ownership of real assets, they have real value. And since tokenized securities exist on-chain, they are compatible with atomic swapping. Today it’s difficult to trade assets without the help of a broker (and paying brokerage fees). Blockchains are open 24/7 and cut out the middleman.

                                                      Blockchain is often compared to the internet, but I think a better comparison is the invention of corporations and tradable paper shares. Lord knows there’s been plenty of corporate fraud, but that doesn’t mean joint-stock ownership is a bad idea.

                                                      1. 2

                                                        These are probably the weakest arguments against Bitcoin I’ve seen. But the coolest bit about Bitcoin is that it is completely voluntary, so you do your thing, and we’ll do ours.

                                                        Real arguments against Bitcoin are:

                                                        And I’m sure there are others but literally none of the ones presented here are valid.

                                                        1. 29

                                                          These are probably the weakest arguments against Bitcoin I’ve seen.

                                                          As it says, this is in response to one of the weakest arguments for Bitcoin I’ve seen. But one that keeps coming up.

                                                          But the coolest bit about Bitcoin is that it is completely voluntary, so you do your thing, and we’ll do ours.

                                                          When you’re using literally more electricity than entire countries, that’s a significant externality that is in fact everyone else’s business.

                                                          1. 19

                                                            I would also like to be able to upgrade my gaming PC’s GPU without spending what the entire machine cost.

                                                            This is getting better though.

                                                            1. 1

                                                              For what it’s worth, Bitcoin mining doesn’t use GPUs and hasn’t for several years. GPUs are being used to mine Ethereum, Monero, etc. but not BItcoin or Bitcoin Cash.

                                                            2. 0

                                                              When you’re using literally more electricity than entire countries, that’s a significant externality that is in fact everyone else’s business

                                                              And yet, still less electricity than… Christmas lights in the US or gold mining.

                                                              https://coinaccess.com/blog/bitcoin-power-consumption-put-into-perspective/

                                                              1. 21

                                                                When you reach for “Tu quoque” as your response to a criticism, then you’ve definitely run out of decent arguments.

                                                            3. 13

                                                              Bitcoin (and all blockchain based technology) is doomed to die as the price of energy goes up.

                                                              It also accelerates the exaustion of many energy sources, pushing energy prices up faster for every other use.

                                                              All blockchain based cryptocurrencies are scams, both as currencies and as long term investments.
                                                              They are distributed, energy wasting, ponzi scheme.

                                                              1. 2

                                                                wouldn’t an increase in the cost of energy just make mining difficulty go down? then the network would just use less energy?

                                                                1. 2

                                                                  No, because if you reduce the mining difficulty, you decrease the chain safety.

                                                                  Indeed the fact that the energy cost is higher than the average bitcoin revenue does not means that a well determined pool can’t pay for the difference by double spending.

                                                                  1. 3

                                                                    If energy cost doubles, a mix of two things will happen, as they do when the block reward halves:

                                                                    1. Value goes up, as marginal supply decreases.
                                                                    2. If the demand isn’t there, instead the difficulty falls as miners withdraw from the market.

                                                                    Either way, the mining will happen at a price point where the mining cost (energy+capital) meets the block reward value. This cost is what secures the blockchain by making attacks costly.

                                                                    1. 1

                                                                      Either way, the mining will happen at a price point where the mining cost (energy+capital) meets the block reward value.

                                                                      You forgot one word: average.

                                                                      1. 2

                                                                        It is implied. The sentence makes no sense without it.

                                                                        1. 1

                                                                          And don’t you see the huge security issue?

                                                                2. 1

                                                                  Much of the brains in the cryptocurrency scene appear to be in consensus that PoW is fundamentally flawed and this has been the case for years.

                                                                  PoS has no such energy requirements. Peercoin (2012) was one of the first, Blackcoin, Decred, and many more serve as examples. Ethereum, #2 in “market cap”, is moving to PoS.

                                                                  So to say “ [all blockchain based technology] is doomed to die as the price of energy goes up” is silly.

                                                                  1. 1

                                                                    Much of the brains in the cryptocurrency scene appear to be in consensus that PoW is fundamentally flawed and this has been the case for years.

                                                                    Hum… are you saying that Bitcoin miners have no brain? :-D

                                                                    I know that PoS, in theory, is more efficient.
                                                                    The fun fact is that all implementation I’ve seen in the past were based on PoW based crypto currencies stakes. Is that changed?

                                                                    As for Ethereum, I will be happy to see how they implement the PoS… when they will.

                                                                    1. 2

                                                                      Blackcoin had a tiny PoW bootstrap phase, maybe weeks worth and only a handful of computers. Since then, for years, it has been purely PoS. Ethereum’s goal is to follow Blackcoin’s example, an ICO, then PoW, and finally a PoS phase.

                                                                      The single problem PoW once reasonably solved better than PoS was egalitarian issuance. With miner consolidation this is far from being the case.

                                                                      IMHO, fair issuance is the single biggest problem facing cryptocurrency. It is the unsolved problem at large. Solving this issue would immediately change the entire industry.

                                                                      1. 1

                                                                        Well, proof of stake assumes that people care about the system.

                                                                        It see the cryptocurrency in isolation.

                                                                        An economist would object that a stake holder might get a lot by breaking the currency itself despite the loss in-currency.

                                                                        There are many ways to gain value from a failure: eg buying surrogate goods for cheap and selling them after the competitor’s failure has increased their relative value.

                                                                        Or by predicting the failure and then causing it, and selling consulting and books.

                                                                        Or a stake holder might have a political reason to demage the people with a stake in the currency.

                                                                        I’m afraid that the proof of stake is a naive solution to a misunderstood economical problem. But I’m not sure: I will surely give a look to Ethereum when it will be PoS based.

                                                                  2. 0

                                                                    doomed to die as the price of energy goes up.

                                                                    Even the ones based on proof-of-share consensus mechanisms? How does that relate?

                                                                    1. 3

                                                                      Can you point to a working implementation so that I can give a look?

                                                                      Last time I checked, the proof-of-share did not even worked as a proof-of-concept… but I’m happy to be corrected.

                                                                      1. 2

                                                                        Blackcoin is Proof of Stake. (I’ve not heard of “Proof of Share”).

                                                                        Google returns 617,000 results for “pure pos coin”.

                                                                        1. 1

                                                                          Instructions to get on the Casper Testnet (in alpha) are here: https://hackmd.io/s/Hk6UiFU7z# . No need to bold your words to emphasize your beliefs.

                                                                          1. 3

                                                                            The emphasis was on the key requirement.

                                                                            I’ve seen so many cryptocurrencies died few days after ICO, that I raised the bar to take a new one seriously: if it doesn’t have a stable user base exchanging real goods with it, it’s just another waste of time.

                                                                            Also, note that I’m not against alternative coins. I’d really like to see a working and well designed alt coin.
                                                                            And I like related experiments as GNU Teller.

                                                                            I’m just against scams and people trying to fool other people.
                                                                            For example, Casper Testnet is a PoS based on a PoW (as Etherum currently is).

                                                                            So, let’s try again: do you have a working implementation of a proof of stake to suggest?

                                                                            1. 1

                                                                              It’s not live or open-source, so I’d understand if you’re still skeptical, but Algorand has simulated 500,000 users.

                                                                              1. 1

                                                                                Again I don’t seem to understand your anger. We’re on a tech site discussing tech issues. You seem to be getting emotional about something that’s orthogonal to this discussion. I don’t think that emotional exhorting is particularly conducive to discussion, especially for an informed audience.

                                                                                And I don’t understand what you mean by working implementation. It seems like a testnet does not suffice. If your requirements are: widely popular, commonly traded coin with PoS, then congratulations you have built a set of requirements that are right now impossible to satisfy. If this is your requirement then you’re just invoking the trick question fallacy.

                                                                                Nano is a fairly prominent example of Delegated Proof of Stake and follows a fundamentally very different model than Bitcoin with its UTXOs.

                                                                                1. 3

                                                                                  No anger, just a bit of irony. :-)

                                                                                  By working implementation of a software currency I mean not just code and a few beta tester but a stable userbase that use the currency for real world trades.

                                                                                  Actually that probably the minimal definition of “working implementation” for any currency, not just software ones.

                                                                                  I could become a little lengthy about vaporware, marketing and scams, if I have to explain why an unused software is broken by definition.
                                                                                  I develop an OS myself tha literally nobody use, and I would never sell it as a working implementation of anything.

                                                                                  I will look to Nano and delegated proofs of stake (and I welcome any direct link to papers and code… really).

                                                                                  But frankly, the sarcasm is due to a little disgust I feel for proponents of PoW/blockchain cryptocurrencies (to date, the only real ones I know working, despite broken as actual long term currency): I can understand non programmers that sell what they buy from programmers, but any competent programmer should just say “guys Bitcoin was an experiment, but it’s pretty evident that has been turned to a big ponzi scheme. Keep out of cryptocurrencies! Or you are going to loose your real money for nothing.”

                                                                                  To me, programmers who don’t explain this are either incompetent enough to talk about something they do not understand, or are trying to profit from those other people, selling them their token (directly or indirectly).

                                                                                  This does not means in any way that I don’t think a software currency can be built and work.

                                                                                  But as an hacker, my ethics prevent me from using people’s ignorance against them, as does who sell them “the blockchain revolution”.

                                                                              2. 2

                                                                                The problem is that in the blockchain space, hypotheticals are pretty much worthless.

                                                                                Casper I do respect, they’re putting a lot of work in! But, as I note literally in this article, they’re discovering yet more problems all the time. (The latest: the security flaws.)

                                                                                PoS has been implemented in a ton of tiny altcoins nobody much cares about. Ethereum is a great big coin with hundreds of millions of dollars swilling around in it - this is a different enough use case that I think it needs to be regarded as a completely different thing.

                                                                                The Ethereum PoS FAQ is a string of things they’ve tried that haven’t quite been good enough for this huge use case. I’ll continue to say that I’ll call it definitely achievable when it’s definitely achieved.

                                                                        2. 4

                                                                          ASICboost was fixed by segwit. Bitcoin isn’t subject to ASICboost anymore, but Bitcoin Cash is.

                                                                          1. 2

                                                                            Covert asicboost was fixed with segwit, overt is being used: https://mobile.twitter.com/slush_pool/status/977499667985518592

                                                                        1. 1

                                                                          What a bad article. The author seems illinformed on the subject. The very reason to why Bitcoin (core) has failed are not mentioned at all. Here is the deal: Bitcoin is currently not what Bitcoin was when it was created. Slow peer-to-peer transactions and high processing fees. The current blocksize limit of 1MiB or thereabouts is the sole reason for this. The system can’t handle enough transactions… and when that happens the fees rise fast and the while system become boggled and slow. Currently the fees are much lower than they were in December 2017. Why? Because people have moved to other better alternatives and some have completely stopped using any crypto. It as a bad experience and I don’t blame them for having that stance. I think there is a real possibility of a “death spiral of the blockchain”. Fees will increase and it will become impossible to move coins on the blockchain besides the upper 10% of bitcoin holders. For traders on exchanges bitcoin seems fast; because no transactions are taking place. When you actually decide to move your bitcoins to a wallet you own you’ll pay high fees… if not your transaction could take months to clear or never actually clear.

                                                                          The fork that occurred on 1st August created Bitcoin Cash. This fork is much closer to what the Bitcoin was. Bitcoin Cash is this today. Removal of the segwit code (which hasn’t solved anything), disabling of RBF (replace-by-fee) enabling 0-confirmation transactions again. A new DAA (difficulty adjustment algorithm). Finally increase the block size to 8MiB.

                                                                          The Bitcoin has been crippled on purpose by Blockstream deep in the pockets of bankers and insurance companies. Blockstream is the main contributor to the Bitcoin development. Look at the sponsors; https://www.blockstream.com/about/#investors

                                                                          Before the bankers, and their followers, got indirectly involved in Bitcoin development there never was any discussion about limiting the block size to 1MiB; in fact the opposite was discussed. See; https://twitter.com/adam3us/status/636410827969421312?lang=e https://bitcointalk.org/index.php?topic=1314.msg15143#msg151https://np.reddit.com/r/btc/comments/71h884/pieter_wuille_im_in_favor_of_increasing_the_block/

                                                                          Now all of this has led to a complete divide and clusterfuck of the community. It is an very ugly and toxic environment and is sad to look at. On top of that we now have thousands of alternative coins and blockchains. It’s a mess and it will take time to recover (if ever).

                                                                          The current version of bitcoin is crippled and completely unusable as a currency as is.

                                                                          1. 12

                                                                            Author has literally written a book on the subject.

                                                                            The linked article doesn’t address all the arguments about Bitcoin (the book takes a stab at it). It addresses one very specific “meme” prevalent in the Bitcoin booster community - that the technology is akin to the early days of the internet and that it will therefore automatically become as world-changing as the internet is.

                                                                            This is a dumb argument for the reasons listed in the linked article and I will be happy to link to it if I ever have the misfortune to discuss Bitcoin with someone who brings it up.

                                                                            1. 1

                                                                              Why do you see it as a misfortune to talk about Bitcoin? The topic is extremely interesting because of its history of events and the technology. That’s at least my take on it.

                                                                              1. 2

                                                                                I should have qualified “discussing online, and not here” ;)

                                                                            2. 11

                                                                              That comment is literally spam for Bitcoin Cash, with added banker conspiracy theories.

                                                                              1. 3

                                                                                The linked article doesn’t address all the arguments about Bitcoin (the book takes a stab at it). It addresses one very specific “meme” prevalent in the Bitcoin booster community - that the technology is akin to the early days of the internet and that it will therefore automatically become as world-changing as the internet is.

                                                                                Now I feel really bad about my comment. Was not intended as spam for Bitcoin Cash. I just stated what has actually happened. Banks or not someone has purposefully crippled the Bitcoin. This is hard to deny. There are many alternatives to Bitcoin Cash. Cash is just interesting because it has the original blockchain from before it split 1. August and has many active developers split on many different teams. No Ill-natured attempts like other forks (Bitcoin Gold, Bitcoin Diamond to name a few).

                                                                                Have a nice weekend!

                                                                                1. 6

                                                                                  Banks or not someone has purposefully crippled the Bitcoin.

                                                                                  I don’t agree with this premise. I don’t believe any one entity or entities colluded in crippling Bitcoin. The effects we are observing now (Bitcoin Core under centralized development, Bitcoin Cash under centralized mining) are simply the natural effects of an open source project with purposefully weak governance.

                                                                                  Most open source projects don’t make money directly off their work however. The potential effect on the price of the tokens leads to an even more poisonous atmosphere and debate.

                                                                                  1. 3

                                                                                    simply the natural effects of an open source project with purposefully weak governance.

                                                                                    Yep. Ethereum has at least as many technical crises - but it holds together because the community more or less trusts the dev team to keep pulling rabbits out of the hat. (Ethereum Classic notwithstanding.) And I think they understand that, and know they need some spectacular new achievements in computer science before Ethereum clogs the way Bitcoin did.

                                                                                    1. 1

                                                                                      Fair enough. We are all entitled to our own opinion. I’d look more carefully into the whole history of events. I’m not sure how involved you are in this matter. I’ve been following Bitcoin development since early 2011 and my view is that something did happen to the original idea that is Bitcoin. Conspiracy or not I’m convinced that foul play has diverted or detailed the project. Look at segwit, lightning and re-enabled RBF… it hasn’t really solved anything; only introduced new overly complicated code. Lightning network is a mess currently and it actually makes it harder to do transactions. You have to be online to receive and send payments. You also have to pay for payments. All of this already works without lightning or segwit. In early stages there was not even a blocksize limit. It was later introduced by Satoshi and his view was that the blocksize should increase with usage. Now Bitcoin Cash has 8MiB blocks and it works (blocks are very small today though, but 8MiB blocks have been mined). Why go so far to re-enable RBF, introduce segwit (essentially just changing what counts as space in blocks) and then introduce a whole new transaction paradigm (lightning network; a old-school mesh-network which we know are not got at scaling). All of this instead of changing a hardcoded blocksize limit. It all makes very little sense to me. Look at Satoshi explaning the limit and how easy it would be to change it if needed; https://bitcointalk.org/index.php?topic=1347.msg15139#msg15139 and https://bitcointalk.org/index.php?topic=1347.msg15366#msg15366. There is a great talk about 1GiB blocks by Peter Rizun and Andrew Stone on why it is feasible to have very large blocks; https://www.youtube.com/watch?v=5SJm2ep3X_M&t=805s

                                                                                      What is your take on segwit and lightning network?

                                                                                      1. 2

                                                                                        Frankly, I lost the plot back when Bitcoin XT was proposed…. that’s when /u/Theymos instituted the infamous “altcoin ban”. After that most of the “discussion” on Reddit has been obscured by namecalling and kvetching about who censors who.

                                                                                        As to whether the blocksize should be raised… it’s clear that even if the blocksize were raised across the board, the same issue would only occur a few months or years later. The number of transactions in a block is an inherently limited resource. LN and segwit are attempts to address this reality - by treating Bitcoin itself a bit like gold reserves, that are not easily moved, and adding a network on top of it that can handle the day to day transactions but still being 100% covered by the underlying BTC asset reserves.

                                                                                        Conceptually the idea makes sense, but in practice it’s yet another UI/UX layer on top of a system that’s already fairly user hostile. It’s not clear whether the routing will work, and it seems pretty clear that the end result will be a bunch of “supernodes” that will act a lot like traditional banks, and which will extract fees.

                                                                                        That said, I don’t see why there couldn’t have been a compromise raise of the blocksize while LN was being worked on (the “New York agreement”). This is where the conspiracy theories come in (segwit required removing the configuration that allowed ASICBOOST, Blockstream was in the hands of Big Fees), and, given the generally very opaque nature of the Bitcoin community it’s inevitable that they appear.

                                                                                        Edit: wording

                                                                                2. 3

                                                                                  high processing fees

                                                                                  BTC fees are about $0.04 at the moment. Plus the lightning network is in beta.

                                                                                  1. 1

                                                                                    Yes. I stated why that is and how easy it can increase to a very high fee again.

                                                                                1. 6

                                                                                  That’s the most sensible and collectivism-free piece of RMS’s writing I’ve read in a long time. Bravo.

                                                                                  1. 26

                                                                                    collectivism-free

                                                                                    What does that even mean

                                                                                    1. 1

                                                                                      I’ll let @Sophistifunk speak for emself, but I read this as referring to Stallman’s fundamental mistrust of proprietary anything.

                                                                                      1. 4

                                                                                        Ok, now why is that supposed to be “collectivist”?

                                                                                        1. 1

                                                                                          What the hell is “nur”?

                                                                                          1. 2

                                                                                            A typo made by my oversensitive Samsung keyboard on my phone, which was set to German. “Nur” is German for “only so ultimately, it wasn’t that horrible.

                                                                                          2. -1

                                                                                            OK, let’s look at the definition:

                                                                                            col·lec·tiv·ist kəˈlektivəst/ adjective adjective: collectivist

                                                                                            1.
                                                                                            relating to the practice or principle of giving a group priority over each individual in it.
                                                                                            "collectivist cultures had disciplined and cooperative work forces"
                                                                                            

                                                                                            Stallman’s basic assertion is that individuals should not profit from the creation of software. They may profit from supporting said software, but in his view, software should always be free. I see this as a fundamentally collectivist philosophy.

                                                                                            1. 9

                                                                                              Stallman’s basic assertion is that individuals should not profit from the creation of software.

                                                                                              What, no:

                                                                                              Actually, we encourage people who redistribute free software to charge as much as they wish or can. […] Distributing free software is an opportunity to raise funds for development. Don’t waste it!

                                                                                              https://www.gnu.org/philosophy/selling.html

                                                                                              1. 2

                                                                                                Setting aside that “the definition” is rarely a good argument in open-ended discussions, like these, Stallman doesn’t say that Individual aren’t allowed to profit from Free Software. It’s explicitly allowed and I remember having have read that Emacs used to be sold this way, before the internet, to fund the FSF. And secondly, it doesn’t matter if the software is sold by one person (an individual) or a company (a collective), the rules the GPL sets up stays the same: share your source while distributing software, recursively, exactly by intelligently twisting copyright law back against itself.

                                                                                                And in the end, the four software freedoms were formulated to protect individuals from harmful sodtware, as well as give them the ability to improve upon it, based on their needs.

                                                                                                This is just another example of how empty of an actual meaning the word “collectivism” actually is in practice.

                                                                                            2. 2

                                                                                              What the hell is “emself”?

                                                                                              1. 8

                                                                                                A polite way to refer to someone when you don’t know their gender.

                                                                                                1. 3

                                                                                                  I’ve never seen that before. What’s wrong with “themself”? Does it in some way discriminate against one of the two genders?

                                                                                                  1. 2

                                                                                                    “themself” isn’t an established word either so i guess people pick and choose

                                                                                                2. 7

                                                                                                  At the time of writing I had no idea whether @Sophistifunk was a him or a her. https://en.wikipedia.org/wiki/Spivak_pronoun

                                                                                                  1. 5

                                                                                                    That’s one of the better singular pronouns I’ve seen. It reads like a shortening of plural “them”.

                                                                                                    1. 8

                                                                                                      “they” and “them” are already well established in usage as singular pronouns.

                                                                                                      1. 3

                                                                                                        So you’re saying “I’ll let @Sophistifunk speak for themself” is correct usage in this case?

                                                                                                        I’m not a grammar expert, so I’ll defer to your greater knowledge. I like and use Spivak because, as @pushcx said, it’s a polite way to express “I have no idea what the gender of the person I’m referring to is.”

                                                                                                        1. 7

                                                                                                          Singular “they” has been used in English for hundreds of years. “Themself” is also ancient but was replaced by “themselves” in the 16th century. However, it has recently made a comeback.

                                                                                                          “I’ll let @Sophistifunk speak for themselves” is perfectly correct formal English. “I’ll let @Sophistifunk speak for themself” is also correct by any reasonable standard, but may be considered informal by some readers.

                                                                                                          The OED has a blog entry about ‘themself’.

                                                                                                          1. 2

                                                                                                            I still like Spivak, but thanks for the pointer. That’s good to know :)

                                                                                                          2. 3

                                                                                                            Mirriam-Webster has examples of how “they” is used for indefinite gender and number: https://www.merriam-webster.com/dictionary/they

                                                                                                            They don’t have an entry for the word “themself” and suggest “themselves” instead: https://www.merriam-webster.com/dictionary/themself

                                                                                                3. 1

                                                                                                  I mean that it’s free of the “narrow-scope-communism” he’s usually on about. I don’t think I’m putting false words in his mouth if I say he firmly believes non-communal ownership of software (in the sense you can restrict what others do with it) is some sort of moral wrong and should be fought on all fronts. But I don’t want to call him a communist in the general sense, because he doesn’t go around saying private property in general is evil, just private property in the form of bits.

                                                                                                  1. 5

                                                                                                    Maybe everything to your left looks communist-ish, but I can tell you for sure he’s not a communist. More like a typical left-leaning liberal, but not too much.

                                                                                                    1. 1

                                                                                                      But I don’t want to call him a communist in the general sense, because he doesn’t go around saying private property in general is evil

                                                                                                      Was that somehow unclear?

                                                                                              1. 14

                                                                                                plaintiffs failed to show that they had a reasonable expectation of privacy

                                                                                                grrzrrffrrzrrlk

                                                                                                1. 0

                                                                                                  I’m sorry, but what do you think happens when a person clicks a Facebook Like button embedded on a website? You really didn’t know the click is sent to Facebook for tracking purposes?

                                                                                                  1. 5

                                                                                                    What if I don’t even click it? The fact that it exists on the page means Facebook’s javascript gets to run.

                                                                                                    When a user visits a page with an embedded “like” button, the web browser sends information to both Facebook and the server where the page is located.

                                                                                                    You don’t have to interact with the button for it to track you.

                                                                                                    1. 3

                                                                                                      To wax philosophical for a bit, long ago we called browsers user agents. Which raises the question, who’s the user? If you’re the user and your agent is doing something you don’t want, you should fire it and get a better one.

                                                                                                      1. 2

                                                                                                        Surely for most pages these days 95% of the javascript is for things you either don’t care about or actively work against you (tracking), and 5% is the thing you want. Assuming the user can’t live without the 5%, it is hard to ensure the 5% is run and the 95% is not.

                                                                                                        1. 2

                                                                                                          One of the settings in NoScript allows scripts served from the same domain as the page and disallows all others.

                                                                                                          This fails occasionally (about once a week I have to whitelist another CDN domain) but otherwise has drastically improved my browsing.

                                                                                                          1. 3

                                                                                                            I disabled that because I figured I might stumble on a malicious site and realize it too late. That hasn’t happened, but aimply whitelisting sites you access often amd trust has a similar effect.

                                                                                                            A friend uses throwaway VMs for most of his browsing. A bit like poisoning the data, but if he exhibits the same patterns, despite obviously not using “social media”, that still teaches the beast.

                                                                                                            1. 2

                                                                                                              The setting I’d like to see is per-site whitelists.

                                                                                                              I don’t want first-party scripts to be enabled by default, but just because I whitelist a script in one location doesn’t mean I want it whitelisted everywhere. For instance, twitter.com should also load scripts from twimg.com. But I don’t want their scripts running on other webpages.

                                                                                                              1. 1

                                                                                                                You can get that from uMatrix.

                                                                                                                1. 1

                                                                                                                  Yes, I am an avid user of uMatrix these days.

                                                                                                        2. 2

                                                                                                          You also don’t have to be logged in or even have a Facebook account for the button/javascript to track you. PS. there are 20 or 30 of these buttons in common use and half of them (Google analytics etc.) don’t even have a visual hint they are tracking you. Good times.

                                                                                                    1. 8

                                                                                                      In response to the posters 2nd rant, there is no really clean version of Android or a way to do a fresh install, like you could with Windows (well, until MS started bundling their own ad-ware, but that’s another issue).

                                                                                                      The PC was and is a pretty standard platform. All the bus specs and UEFI are really standard. There are of course, x86_64 devices that are not PCs and not very standard. The PS4 is a great example, and the guys at Fail0ver do a great talk on trying to get Linux booting and running on bizarrely different hardware.

                                                                                                      If ARM was an actual platform/architecture and not just random pins soldered to random chips that vary vastly on every device; that is if it were more like a PC, we’d probably see a free operating system/Linux type explosion on mobile devices like we did with Linux on the PC back in the 90s. I wrote about this issue a while back:

                                                                                                      https://penguindreams.org/blog/android-fragmentation/

                                                                                                      Only Windows mobile devices came with UEFI standard and their bootloaders were all locked. ARM has device trees, but few mobile phones use them. PostmarketOS is probably doing the most in trying to at least turn old phones into usable hardware and keeping our old devices alive.

                                                                                                      I think most of this is intentional from Google. With the OHA, they could force all manufactures to allow a fresh, standard Google OS install in the same way you can reinstall Windows 10 without all the vendor crap. But they don’t and it’s not in their best interest to. They make a lot of money because people need to replace devices. Their new /vendor stuff in newer Android releases is just an ugly hack and doesn’t really address the core fragmentation issue.

                                                                                                      1. 2

                                                                                                        there is no really clean version of Android or a way to do a fresh install

                                                                                                        Stock AOSP supports the Pixel phones, but that’s about it.

                                                                                                      1. 7

                                                                                                        A couple weeks ago @wezm posted a great article on his process of leaving Mac behind. Part of his post mentioned a pain point around a budgeting app, and the requirements document that he had written to replace it. I had been thinking of taking on a self-hostable YNAB style budgeting system for a while and his post (plus the groundwork he shared) was the appropriate kick to get things started.

                                                                                                        I’m off work between jobs this week so will be working on envelope_budget. I’m building against @wezm’s spec in Rust with a goal of a minimal-functional CLI release by the end of this week. I footed out some of the data structures when I got the spec and will be picking up next with serialization, then moving to the CLI binary.

                                                                                                        1. 4

                                                                                                          Have you looked at ledger, hledger, and/or beancount?

                                                                                                          1. 2

                                                                                                            Yes, and this came up in the thread on Wes’ post here. My first goal is to hit the functional requirements for envelope budgeting, but as I work on serialization I may implement a ledger compatible backend for interoperability with that ecosystem.

                                                                                                            The value of this project to me is not just the end result, but the process of building it to keep my Rust use current. There doesn’t seem to be a ledger library for Rust so that could end up being a useful contribution to the community if I go that way for serialization.

                                                                                                        1. 17

                                                                                                          Trying to finish a long running project: my e-ink computer.

                                                                                                          1. 3

                                                                                                            Amazing! Please keep us posted!

                                                                                                            Are you documenting the project anywhere else besides sporadic tweets?

                                                                                                            1. 4

                                                                                                              Yes, I document everything along the way. I do not like to publish about ongoing projects as I tend not to finish them when I do that :).

                                                                                                              Both the code and the CAD designs will be open sourced once the project will be finished.

                                                                                                              I also plan to write a proper blog post about it. I still need to figure out the proper way to do partial refresh with this screen and it should be more or less done (the wooden case still needs some adjustments).

                                                                                                              [Edit] Typos.

                                                                                                              1. 1

                                                                                                                Same, I would definitely be interested in following the project progress.

                                                                                                              2. 2

                                                                                                                Nice! What screen are you using, and how are you controlling it? Have you written any blog posts?

                                                                                                                1. 2

                                                                                                                  It seems to be this one, same marks on the bottom corners and the shield looks the same:

                                                                                                                  https://www.waveshare.com/wiki/7.5inch_e-Paper_HAT

                                                                                                                2. 1

                                                                                                                  Is that a raspi it’s hooked up to? Where did you buy the screen?

                                                                                                                  There is another guy doing e-ink stuff on the internet recently. You should go search for him. He is researching how to get decent refresh rates too.

                                                                                                                  Instead of creating a laptop-like enclosure, you should make a monitor-like enclosure. It will look way better and more reusable.

                                                                                                                  1. 1

                                                                                                                    So, one of the thigns that annoys me about this world is how we don’t have e-ink displays for lots of purposes that nowadays get done with a run of the mill tablet. You don’t need a tablet for things like a board that shows a restaurant menu, or tracking buses in the area. So why can’t I find reasonably sized E-ink displays for such purpses?

                                                                                                                    1. 1

                                                                                                                      Entirely agree with you.

                                                                                                                      I guess it can be explained by the fact that LCD screens have a better brightness, they are better to catch human eye attention.

                                                                                                                      The eink technology is bistable on the other hand, making it highly energy efficient for such applications - when no frequent updates are needed.

                                                                                                                      Energy is cheap nowadays, we don’t really care about energy consumption anymore. But I guess this might change past the peak oil.

                                                                                                                      I guess these techs will start developing as soon as energy becomes scarce and expensive.

                                                                                                                  1. 5

                                                                                                                    Plattsburgh has an allotment of 104 megawatt-hours of electricity per month. When the city goes over this amount, it has to buy electricity on the open market for far higher prices - cost can be seven times higher. When this happens, the residents must share the expense.

                                                                                                                    This is a strange setup. I can see why Bitcoin mining is causing problems in that town.

                                                                                                                    1. 3

                                                                                                                      The facility that serves Plattsburgh is Lower Saranac Hydroelectric. Some output data can be found here: http://globalenergyobservatory.org/geoid/1042

                                                                                                                      I am not sure if the above is accurate, but it quotes an average output of about 30GWh per year, much higher than the allotted 104 MWh per month.

                                                                                                                      Even getting that data took me some digging, and I wasn’t able to find what other townships the facility supports. but it is possible that everyone in a certain area gets a slice and when the total amount reaches a threshold then they need to get power elsewhere.

                                                                                                                      EDIT – more clicking and I found this nice output chart with more recent data: https://www.quandl.com/data/EIA/ELEC_PLANT_GEN_10214_WAT_ALL_M-Net-generation-Lower-Saranac-Hydroelectric-Facility-10214-conventional-hydroelectric-all-primemovers-monthly

                                                                                                                    1. 5

                                                                                                                      There really needs to be a federated github.

                                                                                                                      1. 46

                                                                                                                        Like… git ?

                                                                                                                        1. 21

                                                                                                                          So github but without the hub. May be on to something.

                                                                                                                          1. 7

                                                                                                                            Github is one of my favorite stories when I talk about how decentralized systems centralize.

                                                                                                                            1. 7

                                                                                                                              But did GitHub really centralize something decentralized? Git, as a VCS is still decentralized, nearly everyone who seriously uses it has a git client on their computer, and a local repository for their projects. That part is still massively decentralized.

                                                                                                                              GitHub as a code sharing platform, that allows issues to be raised and discussed, patches/pull requests to be submitted, etc. didn’t previously exist in a decentralized manner. There seems to have always been some central point of reference, be it website or just a mailing list. It’s not as if whole project were just based around cc’ing email to one another all the time. How would new people have gotten involved if that were the case?

                                                                                                                              The only thing I could see as centralising is the relative amount of project hosted on GitHub, but that isn’t really a system which can be properly described as “decentralized” or “centralized”..,

                                                                                                                              1. 4

                                                                                                                                It’s the degree to which people are dependent on the value-adds that github provides beyond git. It’s like a store having a POS that relies on communication with a central server. Sure, they can keep records on paper do sales but it’s not their normal course, so they don’t. This comment on HN sums it up: https://news.ycombinator.com/item?id=16124575

                                                                                                                              2. 1

                                                                                                                                Got any other examples?

                                                                                                                                1. 3

                                                                                                                                  Email would be a prominent one. Most people (and I can’t say I am innocent) use gmail, hotmail, yahoo mail, etc. I belive there is some general law that describes this trend in systems, which can then be applied to the analysis of different topics, for example matter gathering in around other matter in physics or money accumulating itself around organization with more money, etc.

                                                                                                                                  On the other side you have decentralized systems which didn’t really centralized significantly, for whatever reason, such as IRC, but which had a decrease in users over time, which I also find to be an interesting trend.

                                                                                                                                  1. 4

                                                                                                                                    Many businesses run their own email server and also I don’t have to sign up to gmail to send a gmail user an email but I do have to sign up to github.

                                                                                                                                    1. 1

                                                                                                                                      A tendency towards centralisation doesn’t mean that no smaller email servers exist, I’m sorry if you misunderstood me there. But on the other hand, I have heard of quite a few examples where businesses just use gmail with a custom domain, so there’s that.

                                                                                                                                      And it’s true that you don’t have to be on gmail to send an email to a hotmail server, for example, but most of the time, if just a normal person were to set up their mail server, all the major mail providers automatically view this new host as suspicious and potentially harmful, thus more probably redirecting normal messages as spam. This wouldn’t be that common, if the procentual distribution of mail servers weren’t that centralised.

                                                                                                                                  2. 1

                                                                                                                                    Did a talk using them. This cuts to the chase: https://www.youtube.com/watch?v=MgbmGQVa4wc#t=11m35s

                                                                                                                              3. 1

                                                                                                                                Git has a web interface?

                                                                                                                                1. 7

                                                                                                                                  … federation is about data/communications between servers.. but seeing as you asked, yes it does: https://manpages.debian.org/stretch/git-man/gitweb.1.en.html

                                                                                                                                  1. 10

                                                                                                                                    To be fair, whjms did say “a federated github”. The main feature of GitHub is its web interface.

                                                                                                                                    1. 2

                                                                                                                                      Right, and there are literally dozens of git web interfaces. You can “federate” git and use whichever web ui you prefer.

                                                                                                                                      1. 12

                                                                                                                                        But you then miss out on issue tracking, PR tracking, stats, etc. I agree that Git itself provides a decentralized version control system. That’s the whole point. But a federated software development platform is not the same thing. I would personally be very interested to see a federated or otherwise decentralized issue tracking, PR tracking, etc platform.

                                                                                                                                        EDIT: I should point out that any existing system on par with Gitea, Gogs, GitLab, etc could add ActivityPub support and instantly solve this problem.

                                                                                                                                        1. 4

                                                                                                                                          Doesn’t give you access to all the issues, PRs and comments though.

                                                                                                                                          1. 4

                                                                                                                                            git-appraise exists. Still waiting for the equivalent for issues to come along.

                                                                                                                                            https://github.com/google/git-appraise

                                                                                                                                            1. 4

                                                                                                                                              huh git appraise is pretty cool.

                                                                                                                                              I was going to suggest some kind of activitypub/ostatus system for comments. A bit like peertube does to manage comments. But a comment and issue system that is contained within the history of the project would be really interesting. Though it would make git repos take a lot more space for certain projects no?

                                                                                                                                              1. 3

                                                                                                                                                I’d assume that those could potentially be compressed but yes. It’s definitely not ideal. https://www.fossil-scm.org/index.html/doc/tip/www/index.wiki

                                                                                                                                                ^^^^ Unless I’m mistaken, Fossil also tracks that kind of stuff internally. I really like the idea that issues, PRs, and documentation could live in the same place, mostly on account of being able to “go back in time”, and see when you go back to a given version, what issues were open. Sounds useful.

                                                                                                                                            2. 3

                                                                                                                                              BugsEverywhere (https://gitlab.com/bugseverywhere/bugseverywhere), git-issues (https://github.com/duplys/git-issues), sit (https://github.com/sit-it/sit) all embed issues directly in the git repo.

                                                                                                                                              Don’t blame the tool because you chose a service that relies on vendor lock-in.

                                                                                                                                              1. 4

                                                                                                                                                If I recall correctly the problem here is that to create an issue you need write access to the git repo.

                                                                                                                                                Having issues separated out of the repositories can make it easier, if the web interface can federate between services, that’s even better. Similar to Mastodon.

                                                                                                                                                1. 1

                                                                                                                                                  There’s nothing to say that a web interface couldnt provide the ability for others to submit issues.

                                                                                                                                            3. 3

                                                                                                                                              Right, and there are literally dozens of git web interfaces.

                                                                                                                                              Literally dozens of git web interfaces the majority of developers either don’t know or care about. The developers do use GitHub for various reasons. voronoipotato and LeoLamda saying a “federated Github” means the alternative needs to look like or work with Github well enough that those using Github, but ignoring other stuff you mentioned, will switch over to it. I’m not sure what that would take or if it’s even legal far as copying appearance goes. It does sound more practical goal than telling those web developers that there’s piles of git web interfaces out there.

                                                                                                                                              1. 1

                                                                                                                                                Im going to respond to two points in reverse order, deliberately:

                                                                                                                                                or care about.

                                                                                                                                                Well, clearly the person I replied to does care about a git web interface that isn’t reliant on GitHub.com. Otherwise, why would they have replied?

                                                                                                                                                Literally dozens of git web interfaces the majority of developers either don’t know [about]

                                                                                                                                                Given the above - The official git project’s wiki has a whole page dedicated to tools that work with git, including web interfaces. That wiki page is result 5 in google and result 3 in duckduckgo when searching for “git web interface”. If a developer wants a git web interface, and can’t find that information for themselves, nothing you, or I or a magic genie does will help them.

                                                                                                                                        2. 5

                                                                                                                                          It’s not built-in, but Gogs and Gitea are both pretty nice.

                                                                                                                                          1. 2

                                                                                                                                            Hard agree. I run a personal Gogs site and it’s awesome.

                                                                                                                                      2. 7

                                                                                                                                        It would be enough if people stopped putting all their stuff on github.

                                                                                                                                        1. 8

                                                                                                                                          It won’t happen for a while due to network effects. They made it easy to get benefits of a DVCS without directly dealing with one. Being a web app, it can be used on any device. Being free, that naturally pulls people in. There’s also lots of write-ups on using it or solving problems that are a Google away due to its popularity. Any of these can be copied and improved on. The remaining problem is huge amount of code already there.

                                                                                                                                          The next solution won’t be able to copy that since it’s a rare event in general. Like SourceForge and Github did, it will have to create a compelling reason for massive amounts of people to move their code into it while intentionally sacrificing the benefits of their code being on Github specifically. I can’t begin to guess what that would take. I think those wanting no dependency on Github or alternatives will be targeting a niche market. It can still be a good one, though.

                                                                                                                                          1. 2

                                                                                                                                            I hear the ‘network effects’ story every time, but we are not mindless automatons who have to use github because other people are doing it. I’m hosting the code for my open source projects on a self-hosted gitlab server and i’m getting contributions from other people without problems. Maybe it would be more if the code was on github, but being popular isn’t the most important thing for everyone.

                                                                                                                                            1. 1

                                                                                                                                              Just look at sourceforge, if everyone had to set up their own CVS/SVN server back in the say do you think all those projects would have made it onto the internet?

                                                                                                                                              Now we have a similar situation with got, if GitHub/Bitbucket/etc. didn’t exist I’m sure most people would have stuck with sourceforge (Or not bothered if they had to self host).

                                                                                                                                              You can also look at Googlecode to see the problem with not reaching critical mass (IMHO). There were some high profile projects there, but then I’m sure execs said, why are we bothering to host 1% (A guess) of what is on GitHub?

                                                                                                                                              1. 1

                                                                                                                                                ‘Network effects’ doesn’t mean you’re mindless automatons. It means people are likely to jump on bandwagons. It also means that making it easy to connect people together, esp removing friction, makes more of them do stuff together. The massive success of Github vs other interfaces argues my point for me.

                                                                                                                                                “Maybe it would be more if the code was on github”

                                                                                                                                                That’s what I telling you rephrased. Also, expanded to the average project as some will get contributions, some won’t, etc.

                                                                                                                                            2. 4

                                                                                                                                              Heck even I won’t move off of it until there is a superior alternative, sorry.

                                                                                                                                            3. 3

                                                                                                                                              I thought about a project along these lines a while ago. Something along the lines of cgit, which could offer a more or less clean and consistent UI, and a easy to set up backend, making federation viable in the first place. Ideally, it wouldn’t even need accounts, instead Email+GPG could be used, for example by including an external mailing list into the repo, with a few addition markup features, such as internal linking and code highlighting. This “web app” would then effectively only serve as an aggregator of external information, onto one site, making it even easier to federate the entire structure, since the data wouldn’t even be necessarily bound to one server! If one were to be really evil, one could also use GitHub as a backend…

                                                                                                                                              I thought about all of this for a while, but the big downsides from my perspective seemed to be a lack of reliability on servers (which is sadly something we have come to expect with tools such as NPM and Go’s packaging), asynchronous updates could mess stuff up, unless there were to be a central reference repo per project, and the social element in social coding could be hard to achieve. Think of stars, followings, likes, fork overviews, etc. these are all factors which help projects and devs display their reputation, for better or for worse.

                                                                                                                                              Personally, I’m a bit sceptical that something along these lines would manage to have a real attractiveness, at least for now.

                                                                                                                                              1. 3

                                                                                                                                                Lacks a web interface, but there are efforts to use ipfs for a storage backend.

                                                                                                                                                https://github.com/cryptix/git-remote-ipfs

                                                                                                                                                1. 3

                                                                                                                                                  I think there have been proposals for gitlab and gitea/gogs to implement federated pull request. I would certainly love it since I stuff most of my project into my personal gitea instance anyway. Github is merely a code mirror where people happen to be able to file issues.

                                                                                                                                                  1. 3

                                                                                                                                                    I think this would honestly get the work done. Federated pull request, federated issue discussion

                                                                                                                                                    1. 1

                                                                                                                                                      I’m personally a bit torn if a federated github-like should handle it like a fork, ie, if somebody opens an issue they do it on their instance and you get a small notification and you can follow the issue in your own repo

                                                                                                                                                      Or if it should merely allow people to use my instance to file issues directly there like with OAuth or OpenID Connect. Probably something we’ll have to figure out in the process.

                                                                                                                                                      1. 2

                                                                                                                                                        just make it work like gnusocial/mastodon. username@server.com posted an issue on your repo. You can block server, have a whitelist, or let anyone in the world is your oyster.

                                                                                                                                                    2. 1

                                                                                                                                                      Would be nice if I could use my gitlab.com account to make MRs on other gitlab servers.

                                                                                                                                                    3. 1

                                                                                                                                                      I always thought it would be neat to try to implement this via upspin since it already provides identity, permissions, and a global (secure) namespace. Basically, my handwavy thoughts are: design what your “federated github” repo looks like in terms of files. This becomes the API or contract for federation. Maybe certain files are really not files but essentially RPCs and this is implemented by a custom upspin server. You have an issue directory, your actually git directory, and whatever else you feel is important for managing a software project on git represented in a file tree. Now create a local stateless web interface that anyone can fire up (assuming you have an upspin user) and now you can browse the global upspin filesystem and interact with repos ,make pull requests, and file issues.

                                                                                                                                                      I was thinking that centralized versions of this could exist like github for usability for most users. In this case users’ private keys are actually managed by the github like service itself as a base case to achieve equal usability for the masses. The main difference is that the github like service exports all the important information via upspin for others to interact with via their own clients.

                                                                                                                                                    1. 3

                                                                                                                                                      Hey there, welcome to Lobsters!

                                                                                                                                                      Direct-linking of github repos can get a little tedious; I would rather see a short blog post talking about the project and why it’s useful, or what led to its creation.

                                                                                                                                                      1. 1

                                                                                                                                                        Hi Agree. Sorry for that, this is my second post so just try to understand how it works. Added description