Threads for Monokles

    1. 9

      The article is quite right, but I’d add a fourth world to it: IoT. TLS is increasingly being used in situations that have very IoT specific needs and wouldn’t fit in Web scenarios at all. It’s not the same as just “non-Web services” because IoT and embedded systems have a whole set of requirements that largely overlaps within their domain but doesn’t generalize to anything that’s “non-Web”.

    2. 1

      Regarding tampering:

      Even the most perfectly secured voting system proposed by academics doesn’t solve the problem. It’ll detect voter tampering, but doesn’t resolve when tampering is detected. What do you do with tampered votes? If you throw them out, it means one candidate wins. If you somehow fix them, it means the other candidate wins. Or, you try to rerun the election, in which case a third candidate wins.

      I feel like Estonia’s e-voting system solved this quite nicely, as a side effect of their hilariously low-tech mitigation against voter coercion: It simply allows voters to recast their vote for an unlimited number of times, until the voting deadline. It seems to me that at this point, if a tampered vote is detected after the deadline, it can either be dropped, or, if enough tampered votes have been detected, a second election round can be started with little cost (it’s electronic after all!) after having fixed the issue at hand.

    3. 3

      I wrote the content in which became this blog article and was the changes on our website

      1. 4

        Thanks for the links (and your contribution), interesting stuff. I had a discussion about the recommendations on that site just the other day within my friend group. Most people thought it was confusing that services/software/protocols are kind of interleaved in there. It looks like that’s mostly cleared up now (e.g. instead of promoting Riot, it’s now Matrix).

        That said, the blog post mentions Telegram is without encryption by default. While it doesn’t do E2EE, stating it doesn’t do encryption at all is not completely true either. As shady as MTProto is, it does provide encryption. This might just be a simplification catering to non-crypto-savvy users though, but it stood out to me.

        I’m really rooting for Matrix, I hope that the client ecosystem becomes more mature so we don’t all have to rely on Riot as much, and that enough people start using it as a “main” IM thing.

        1. 3

          Yes it’s been quite a work in progress and has certainly taken me and the team (and our contributors in particular djoate) quite some time.

          We will be doing the same to the email section in the coming months. We plan to launch that with a criteria mentioned here. I have contacted all the providers listed, and we will be keeping the ones which meet the new requirements to stay listed. We want to see more providers implement these RFCs or place priority on it as that will be good for everyone.

          The deadline given to providers for that is March 2020 to coincide with the deprecation of TLS 1.0 and 1.1 in major browsers.

          That said, the blog post mentions Telegram is without encryption by default. While it doesn’t do E2EE, stating it doesn’t do encryption at all is not completely true either. As shady as MTProto is, it does provide encryption. This might just be a simplification catering to non-crypto-savvy users though, but it stood out to me.

          One of the things we place importance on is security auditing, as we like to see things are verified. My understanding is that Telegram’s MTProto 2.0 has not been formally audited. I don’t agree with releasing a product first and auditing later. This may make sense from a business point of view, but if people put trust in a product and it then fails them, that could have terrible consequences.

          They provide “cracking competitions” which are a bit of a marketing red flag and really don’t add too much value by themselves.

          Our site is placing more importance on auditing and formal verification by external parties. We’re doing this because we live in a world where we are swamped with marketing spiel that, you can’t really trust.

          I’m really rooting for Matrix, I hope that the client ecosystem becomes more mature so we don’t all have to rely on Riot as much, and that enough people start using it as a “main” IM thing.

          I think this is very well a possibility. The spec is in great shape, unlike some other federated instant messaging platforms.

    4. 9

      I have pre-ordered one, and have to say I have mixed feelings about this. Been looking forward to the Librem V for a while now, can’t wait to have an actual linux device to manage my day-to-day activities. I hope I’ll be able to customize its behavior with some ad-hoc hackery like I do with my other devices. I really appreciate their honesty with this announcement, because they evidently realize that shipping to everyone within a few months is not going to happen, and a tiered schedule like this makes it feel more down-to-earth and realistic to me.

      However, it’s pretty clear from the fact that only the Q2 2020 onwards devices are fully CE certified, that Europe is fucked for some more months, and I don’t know how I feel about the fact that what should essentially be the same model, will be delivered in multiple batches each with their own gimmicks. If I take one of the earlier batches I’ll forever be sour that I didn’t have the patience to wait for a better CPU, but if I wait for that one my Oneplus One (~2013?) might actually die before then, and I’ll be forced to buy some shitty intermediate phone.

      All in all, I guess this is positive though. They’ll be delivering, after all. I just hope that there will be enough impatient peers to claim a phone from the earlier batches, so that I will have a spot in the final one.

      1. 1

        Is there a practical need for whole device certification? Is importing a device with only the radio certified and using it forbidden?

    5. 39

      In C:

      #define K * 1024

      DONE! Snorts cocaine.

        1. 3

          Not by much, and runs the risk of some not understanding.

        2. 2

          I always find it weird that the precedence of << is lower than + in C. So 1 + 1 << 1 evaluates to 4 instead of 3 like I would expect.

          1. 4

            If I recall correctly, << and >> were added to the language after there were already a dozen or so C programmers, and they didn’t want to force everybody to re-learn the precedence rules.

            1. 2

              Reminds me of how the Makefile syntax was bugged, but by the time the author realized it, it was too late.

              1. 3

                You mean that you always have to use a single tab? I actually like that.

                1. 2

                  So many people like spaces. I like tabs.

                  1. 3

                    Tabs for indentation, spaces for layout works fine for me. Then the tab width doesn’t matter anymore (because let’s face it: 1 tab = 8 spaces is ridiculous).

                    1. 2

                      8-space tabs is the only way to write C.

        3. 1

          plus you get the benefit that the compiler will probably prevent you from applying it to a float or double.

          1. 3

            Under the circumstances, is that really a benefit?

      1. 11

        This is also very easy to do generically in D:

        auto K(T)(T n) { return n * 1024;}

        D’s Uniform Function call Syntax and Compile-Time Function Execution allow you to use this elegantly and without any runtime overhead, without having to specify anything else:

        enum x = 512.K;

        enum y = 2048L.K; //(for long int type)

    6. 3

      Skimming the linked post and the Wikipedia article it looks as if PTP is optimized for speed/accuracy, not security:

      According to John Eidson, who led the IEEE 1588-2002 standardization effort, “IEEE 1588 is designed to fill a niche not well served by either of the two dominant protocols, NTP and GPS. IEEE 1588 is designed for local systems requiring accuracies beyond those attainable using NTP. It is also designed for applications that cannot bear the cost of a GPS receiver at each node, or for which GPS signals are inaccessible.”

      (my emphasis)

      If you already have someone in your local network sending DoS packages you might have bigger issues than having your time signals out of sync.

      1. 3

        True, it is aimed at local networks.

        These kinds of protocols are used in industrial systems and as we’re moving towards a world where these industrial networks and devices attain internet connectivity (the Industrial Internet of Things), security is becoming increasingly important. Industrial system and protocol security is kind of like IoT security (spoiler: a joke), so the research is relevant, if not a bit obvious to any security-oriented individual[1].

        I remember looking at this protocol a month or so ago myself and just not knowing whether I should be laughing or crying. I thought this type of naive optimism was long gone in networked protocols. I think that the reason these types of papers are appearing now is because of this movement towards internet-connected industrial networks.

        [1] Going by the linked article, haven’t read the paper itself yet.

        1. 1

          You make good points. I’m unfamiliar with industrial systems but the global trend is towards “internet everything” so protocols developed in more comfortable times have to be updated or replaced.

        2. 1

          Maybe we should not put industrial sites on the internet.

          1. 1

            I mean, we can try, but physical security is never perfect. People tailgate into buildings. People find “lost” USB keys and plug them in to something to see what they do. People accept bribes. People working for state actors take jobs as janitors.

    7. 7

      First, a technical note. ActivityPub does not formally define the followers only post. It was just kind of invented later, and it shows. Alice wants to post something like “I’m having a sad day“, which is kinda personal and negative, so she makes it followers only. Bob sees it, and replies “Sorry about your tough day.” Bob’s software is really smart and noticed that Alice’s post was followers only, so therefore Bob’s reply is followers only as well, and thus Bob’s reply gets sent to… Bob’s followers. Who are not Alice’s followers. So now, while they can’t see Alice’s post, they can certainly make some inferences about what was posted based on the contents of Bob’s reply. I don’t know who decided this was the smart thing to do. I am inclined to say it’s not that smart.

      Followers-only scope was introduced by Mastodon, and it’s 100% as bad as Ted says. It absolutely breaks the possibility of having any meaningful kind of threading, and as far as I can tell it is purely the result of what was easy to implement given the original Twitter-like design of the app itself.

      I believe there are plans in Pleroma to do something better, but better infrastructure in Pleroma tends to have a hard time making into the front-end, so I guess we’ll see what we see, someday.

      1. 1

        That sounds pretty broken. I wonder what the right approach actually is. In a decentralised system, what prevents a follower from sharing a message (or the key to decrypt a messy?).

        1. 3

          The lesser known Zot protocol incorporates privacy as a design requirement from the start, which is why I prefer it over ActivityPub. To my knowledge, how Zot solves this particular issue is enabled by their identity system, where all entities have key pairs allowing others to verify the authenticity and integrity of any post in the network. From the message spec:

          Followups to any post (replies, likes, reactions, etc.) MUST be sent as a private activity (single recipient) to the sender of the original with a message type ‘response’. This is referred to as an “upstream delivery”. Additionally these activities MUST provide an ‘inReplyTo’ element set to the id of the activity that is the object of the response. Implementations SHOULD support multi-level likes. Servers MAY support multi-level comments. The original sender MUST resend the followups to all of the original message recipients using message type ‘activity’. This is referred to as a “downstream delivery”. This single-source mechanism ensures the original sender’s privacy settings are respected and conversations are kept intact for all recipients of the original message.

          For those interested, I recommend taking a look at Zap and Hubzilla (Hubzilla also federates with ActivityPub, Friendica, Diaspora, and some other protocols to an extent). They’re really interesting, and I wish Zot would see more adoption in the fediverse.

    8. 10

      It’s going to be interesting to see how much this is going to affect the future of how the WWW functions. GDPR sure didn’t manage to be as severe of a measure as we’d hoped it be. Heck, I’m having troubles getting the relevant authorities to understand clear violations that I’ve forwarded to them, where they then end up just being dismissed.

      But this law here is of course not for the people, no… This is here for the copyright holders, and they carry much more power. So will this actually result in the mess we expect it to be?

      1. 25

        GDPR and the earlier cookie law have created a huge amount of pointless popup alert boxes on sites everywhere.

        1. 10

          The one thing I can say is that, due to the GDPR, you have the choice to reject many cookies which you couldn’t do before (without ad-blockers or such). That’s at least something.

          1. 10

            Another amazing part of GDPR is data exports. Before hardly any website had it to lock you in.

          2. 4

            You had this choice before though, it’s normal to make a cookies whitelist for example in firefox with no addons. The GDPR lets you trust the site that wants to track you to not give you the cookies instead of you having personal autonomy and choosing not to save the cookies with your own client.

            1. 26

              I think this attitude is a bit selfish since not every non-technical person wants to be tracked, and it’s also counter-productive, since even the way you block cookies is gonna be used to track you. The race between tracker and trackee can never be won by any of them if governments don’t make it illegal. I for one am very happy about the GDPR, and I’m glad we’re finally tackling privacy in scale.

              1. 2

                it’s not selfish it’s empowering

                if a non-technical person is having trouble we can volunteer to teach them and try to get browsers to implement better UX

                GDPR isn’t goverments making tracking illegal

                1. 15

                  I admire your spirit, but I think it’s a bit naive to think that everyone has time for all kinds of empowerment. My friends and family want privacy without friction, without me around, and without becoming computers hackers themselves.

            2. 18

              It’s now illegal for the site to unnecessarily break functionality based on rejecting those cookies though. It’s also there responsibility to identify which cookies are actually necessary for functionality.

        2. 4

          On Europe we’re starting to sign GDPR papers for everything we do… even for buying glasses…

          1. 12

            Goes on to show how much information about us is being implicitly collected in my honest opinion, whether for advertisement or administration.

            1. 1

              Most of the time, you don’t even have a copy of the document, it’s mostly a tl;dr document full of legal jargon that nobody reads… it might be a good thing, but far from perfect.

      2. 4

        “The Net interprets censorship as damage, and routes around it.”

        1. 22

          That old canard is increasingly untrue as governments and supercorps like Google, Amazon, and Facebook seek to control as much of the Internet as they can by building walled gardens and exerting their influence on how the protocols that make up the internet are standardized.

          1. 13

            I believe John Gilmore was referring to old-fashioned direct government censorship, but I think his argument applies just as well to the soft corporate variety. Life goes on outside those garden walls. We have quite a Cambrian explosion of distributed protocols going on at the moment, and strong crypto. Supercorps rise and fall. I think we’ll be OK.

            Anyway, I’m disappointed by the ruling as well; I just doubt that the sky is really falling.

            1. 4

              I agree that it is not the sky falling. It is a burden for startups and innovation in Europe though. We need new business ideas for the news business. Unfortunately, we now committed to life support for the big old publishers like Springer.

              At least, we will probably have some startups applying fancy AI techniques to implement upload filters. If they become profitable enough then Google will start its own service which is for free (in exchange for sniffing all the data of course). Maybe some lucky ones get bought before they are bankrupt. I believe this decision is neutral or positive for Google.

              The hope is that creatives earn more, but Germany already tried it with the ancillary copyright for press publishers (German: Leistungsschutzrecht für Presseverleger) in 2013. It did not work.

              1. 2

                Another idea for a nice AI startup I had: Summarizing of news with natural language processing. I do not see that writing news with an AI is illegal, only copying the words/sentences would be illegal.

                Maybe however, you cannot make public from where you aggregated your original news that you feed into your AI :)

          2. 4

            Governments, corporations, and individual political activists are certainly trying to censor the internet, at least the most popularly-accessible portions of it. I think the slogan is better conceptualized as an aspiration for technologists interested in information freedom - we should interpret censorship as damage (rather than counting on the internet as it currently works to just automatically do it for us) and we should build technologies that make it possible for ordinary people to bypass it.

      3. 2

        I can see a really attitude shift coming when the EU finally gets around to imposing significant fines. I worked with quite a few organisations that’ve a taken ‘bare minimum and wait and see’ attitude who’d make big changes if the law was shown to have teeth. Obviously pure speculation though.

    9. 2

      I think the fediverse is worth iterating. Not to be dismissive of this work, but I’m not really interested in a competing standard. If we think Mastodon is too heavyweight (and there’s a good case to be made that it is) then let’s come up with lighter implementations and evolve the ActivityPub protocol to be simpler and more responsive.

      1. 3

        The problem is that ActivityPub is almost too simple. It ensures people can communicate just as much as “you must use an Earth language” does. You must build on top of AP to make real apps.

        Of course Moxie has a point too: federation means you get crap implantations that don’t play nicely with others, or don’t accept capital letters where they should. Who knows, there might even be a subset of implementations that accept Unicode smart quotes. This is inherent in using federation, and the only solution is to use good implantations that somehow confirm with the bad ones.

        1. 2

          Oh this doesn’t even federate with everyone else? An imperfect solution that actually works is a lot better than one that doesn’t even work. “I federate only with myself and don’t follow standards” is as good as “I don’t federate”. If they can find a way to coordinate with other instances to improve the standards or their usage that’s great, otherwise this mostly just exists as a little hobby project.

        2. 1

          Forgive my ignorance here, is that really federation or is it just that the ActivityPub protocol needs to be tightened up to allow for less interpretation in the implementations?

          Maybe a reference test suite or something?

          1. 2

            This is essentially what litepub ( is trying to do.

          2. 1

            The ActivityPub protocol is extremely generic. It simple defines a vocabulary for transmitting actions and behaviors in a JSON payload, according to a very generic schema. Think of it as a small bit of window dressing over RDF. There’s also a few gaps, and some missing features that were added in later (such as with signatures), and you end up with standards hell.

            1. 1

              Sounds like this is what @mercer was talking about with Litepub and both Pleroma and Pixelfed currently support it based on that page.

              This is essentially what I was advocating. Don’t throw the baby out with the bathwater. Fix it! :)

              (Wait I’m not sure whether that analogy extends in that direction but.. You get the idea :)

              1. 1

                I think ActivityPub does need some major tweaks at its core, something that seems already hard to do given the traction it has gained.

                I’d actually like to see more adoption of a lesser-known protocol, Zot ( as used by Hubzilla and Zap ). It has a slightly different take on the entire concept of sharing content, where it starts out with the idea of sharing things just with those you want to share them with, but also e.g. only allow them to share things with you if you agree to this (or, of course, accept all incoming messages). Privacy by default, basically. This, in my opinion is something where ActivityPub falls short.

                Maybe adoption is ‘t necessary – maybe AP is flexible enough to shift to something like Zot… If so I’d definitely be interested in that.