1. 5

    This discussion is a false-choice between “should Google/CloudFlare violate my privacy” and “should ISPs violate my privacy”.

    1. 1

      Then please enlighten us, what are the other options?

      1. -1

        I don’t pretend to know all of the options, but I do know some. There could be others that are better than these:

        • Home routers that do resolution for you through blockchain namespaces via thin clients or full nodes
        • CJDNS
        • Mesh networks and local ISPs like Sonic.net

        For those who are concerned about IP tracking as well, we already have onion-routed protocols, and new ones like mix-nets, Vuvuzela and still more.

        When big-name companies publicly make embarrassing and shortsighted decisions, suddenly we forget innovation is a thing?

        1. 4

          I’m sorry, but… what just happened to simply running your own local resolver? You can easily setup a local unbound to resolve names for you. You can just as easily rent a VM somewhere, setup unbound as a DNS-over-TLS/DNS-over-HTTPS resolver and use that as your own private DNS server.

          There seems to be no need to turn to something obscure when the answer might as well be simple. This doesn’t even require innovation. It just requires you to care enough to take matters into your own hands, or come together as collectives and run DoT/DoH resolvers yourself.

          1. 1

            I’m sorry, but… what just happened to simply running your own local resolver? You can easily setup a local unbound to resolve names for you.

            This is exactly how it works today. My understanding is that the DoH stuff that Firefox wants to do will undermine this by disrespecting the DHCP info with the DNS server info.

            1. 0

              The “DoH stuff” can indeed be configured to “undermine” the DNS Server provided by DHCP. But that’s not a bad thing. You have the choice of setting up your own DoT/DoH-capable DNS resolver and configure your system and/or firefox to use this. You can also tell firefox not to care about using DoH at all. “Disrespecting” the settings aquired by DHCP is, in general, a feature, not a bug. I don’t want to trust DNS resolvers provided by e.g. hotels or other public wifi networks. I want to use my own resolver via a secure connection. DNS-over-TLS and DNS-over-HTTPS allow me to do just that.

              1. 1

                You might do that, you nerd, but nobody else, including your grandma or most of your friends and family will.

                We need to design better systems for them, or there will be a revolution.

          2. 1

            No one has forgotten innovation is a thing, everyone is concerned about how to actually launch a DNS replacement that gets widespread adoption for the average user, with minimal breakage.

            1. 0

              everyone is concerned about how to actually launch a DNS replacement that gets widespread adoption for the average user, with minimal breakage.

              Some people are. (Like the ones behind the projects I mentioned.)

              Others seem more focused on discussing (and justifying) whether it’s better to send everyone’s DNS to CloudFlare or to Comcast.

              1. 1

                We’re having this discussion because DoH / DoC is the first solution that actually seems to have any meaningful chance of getting traction, and privacy is the major concern people have with it.

                1. -4

                  Who says it’s a solution? You? Seems like a problem to me.

                  1. 1

                    I’m sorry, I refuse to participate in disingenuous discussions. If you genuinely see zero advantages for end users, you should reread the original post.

                    1. -2

                      I’m sorry, is the advantage their data is being sent to CloudFlare instead of Comcast?

                      1. 1

                        The advantage is that DoH lets me and more importantly, my friends, evade South Korean censorship of North Korean websites.

                        1. 0

                          Cloudflare already has (lots of) my data, so I guess that is an advantage. More than my isps, since they’re terminating ssl on a lot of sites I use.

        1. 6

          I’ve been using Matrix as a glorified IRC bouncer for over a year, it’s pretty good, but Synapse still occasionally chokes on “forward extremities” and becomes completely unresponsive so you have to run a SQL query to clean up and wait for a while for it to become responsive again :(

          worst offenders seem to be IRC-bridged rooms with a high join/part turnover. Such as #mozilla_#rust:matrix.org, #mozilla_#rust-offtopic:matrix.org, and #haskell:matrix.org

          Riot-web has been fast enough for me, but I prefer Fractal, because GTK :)

          1. 4

            Bridges are also choking (and gettign out of sync) in low/moderare-traffic 200 user channels where 90% don’t rejoin because bouncers. I still haven’t really seen an advantage.

            1. 2

              It’s one of the big issues where no alternative for IRC really exists yet.

              Riot also starts choking once the rooms grow over a few thousand memberd that join and part constantly — while even the simplest IRC clients handle it fine.

              It’ll be interesting to see how this develops in the next years, but for now it looks like the time for Matrix to replace IRC isn’t just quite ready yet.

              1. 7

                From the client/user point of view, riot is certainly as optimal as it is subotimal. It is fairly usable and nice, but also incredibly ressource hungry and slow at times. I would like to see more native clients (in particular console clients), but this would certainly increase friction in terms of client support for features and changes.

                This also extends to the operational point of view: It’s not just that matrix/synapse is simply slow at times, it’s that the design is by default way more ressource intensive than IRC. An ircd requires basically nothing in terms of ressources to serve quite a seizable number of users. synapse on the other hand requires quite a lot of CPU power in addition to metric ton of space in it’s database (especially if your users join large rooms). Joining the main matrix channel is almost certain to cause hours of full CPU usage and increase the db size by a few hundred MB.

                Of course matrix and irc provide different featuresets, but right now I feel that matrix may never be ideal for large group chats simply by design. I can’t quite see how rooms like the matrix main channel will ever be “ok” for a matrix server.

                All this being said, matrix works nicely for one-on-one and small group chats, which is what most of my users do.

                1. 4

                  The actual design of the Matrix spec doesn’t have any issues that I have seen but the current software seems more like a prototype in production. Hopefully dendrite and some updates to riot can speed everything up because thats one of the main issues I see with it now.

                  1. 2

                    Yeah, that’s what I’ve seen so far, too. The spec is great, but the implementation is rather meh. Which means that at least it should be easy to fix later on.

                    1. 2

                      The spec does require a lot more resources than IRC, though, specifically in the form of maintaining logs and allowing searching of them. I wouldn’t be surprised if there are other implementations/settings that come out to auto-kill logs after a month or something (I don’t think that necessarily violates the spec and is pretty handy for GDPR)

                      1. 1

                        We also do log storage and fulltext search in the Quassel bouncer (and its ecosystem), and yet we don’t have nearly as much performance issues as Matrix does.

                        This is mostly an implementation problem, I’m sure it can be fixed over the years.

                2. 1

                  I have been using fractal as well. I like the gui but it does seem to use a high amount of CPU usage. Also doesn’t support end to end crypto yet.

                  1. 1

                    Just tried Fractal on Mac OS. Amazing (and a bit horrible) that it looks exactly like Gnome. Perhaps somebody (me?!) will make a decent version in the future, though.