

Tell HN: WTF are you waiting for?  Seriously? - spoiledtechie

WTF is everyone waiting for?<p>I read this post and I get the urge to stand up and do something.<p>https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=5932645<p>So what the fuck have you done about it?  We are a group of the most technically minded folks in the world.<p>Why hasn&#x27;t anyone hacked together some sort of activist website yet?  Where are the hobby coding projects that are just about this damn NSA spying and killing the fourth amendment?  If you can devote some cycles to it, then why haven&#x27;t you YET?<p>Its time to take a stand on the internet, because thats OUR DOMAIN, not some government that wishes to control us.  Did you ever read the Hackers Manifesto and get inspired?  Its time to take a stand.  We don&#x27;t have to main HN our place to start planning, but we need some place.<p>So, as of now, if we decided to create some sort of Open source project, who is willing to devote a few cycles a month to its building?<p>Are you willing?
======
david927
I think the most critical thing we could do is to make a small app that
handles direct P2P communication. Let's take the internet where it was built
to go.

For example: Each person stores encrypted their contacts routing information.
You can direct-message (server-less) if the person is online, or if not, send
it encrypted to others who are online, and when the person logs in, it's
routed on to them. You could do micro-blogging like this, where messages pulse
out to two or three degrees of separation, and only if they are validated
(i.e. liked), do they push on further. This lets spam die soon (or sooner if
it's marked as such) but important messages will make their way through the
system.

~~~
sigil
> I think the most critical thing we could do is to make a small app that
> handles direct P2P communication.

Agreed. In order to actually solve the problems we face though, this p2p app
needs to _always_ encrypt messages -- even for indirect messaging. It needs to
solve the authentication problem. And it needs to be opensource for
perpetuity.

Forward secrecy ("I threw away the key") and repudiability ("You can't prove I
sent that") would also be nice. OTR has these and I highly recommend reading
the OTR papers [1] [2].

All in all this is a tall order. Heck, authentication alone is a tall order.
The OTR Pidgin plugin has you enter a shared secret in order to authenticate a
new buddy. I'm not sure this is ideal. Normal users will agree on that shared
secret through an insecure channel like phone or text, or just use a guessable
one, opening the door to a MITM attack at the most critical stage.

I'd rather see a web of trust [3] solution to the authentication problem.
Bootstrapping the trust network is of necessity harder because it requires
more careful interactions, usually f2f, but it does enjoy a viral property:
the more users in the trust network, the easier it is to fill out your
authenticated contacts list, since you'll be getting many of their identities
through WoT introduction.

Maybe the existing GPG web of trust could be used as the base -- ie, offer
import of GPG keys and trust database, or just reuse the GPG code straight up.

[1] [http://www.cypherpunks.ca/otr/otr-
wpes.pdf](http://www.cypherpunks.ca/otr/otr-wpes.pdf)

[2]
[http://www.cypherpunks.ca/~iang/pubs/impauth.pdf](http://www.cypherpunks.ca/~iang/pubs/impauth.pdf)

[3]
[http://en.wikipedia.org/wiki/Web_of_Trust](http://en.wikipedia.org/wiki/Web_of_Trust)

~~~
david927
I know it's hard but I also think it would be one of the most important things
we could do.

If you or anyone else is interested in building this, email me.

------
MortenK
This would have a whole lot more credibility if you had actually done
something yourself, rather than doing the same as everybody else, which is to
say nothing at all except writing a bit of indignant text on a website.

~~~
Chris2048
writing indignant text on a website should the the first step for any
endeavour!

------
dbond
Many projects with similar aims already exist, meshnet
([https://projectmeshnet.org/](https://projectmeshnet.org/)) comes to mind.

People becoming inspired to change the world after recent events need to be
directed to established projects where their (probably short lived) enthusiasm
can make a difference.

~~~
spoiledtechie
This isn't about Technology.

This is about Government and organizing. Not to sit around and code. Its about
organizing.

~~~
dbond
The same principles apply, just like everyone suddenly becomes an expert on
politics just before elections.

I'm from the UK so you could say its worse for me as I'm definitely allowed to
be spied on by the NSA. What are you suggesting should be built/organised?
Protests? Another political party? Aggression?

Governments today have seemingly limitless ability to do whatever they want
and then just shrug it off if they get caught, we on the other hand don't have
that luxury, we have consequences. This is why you'll find few people willing
to stand up and put their ass on the line, the last really notable people
(Aaron Swartz, Edward Snowden) unfortunately aren't doing too well right now.

If something of the scale capable of toppling the current power structure is
to be organised then the tools for doing so need to come first.

------
MattyRad
The two issues that keep the public from taking action are:

-Apathy or laziness

-Not knowing how to effectively make a difference

So let's brainstorm how to address one or both of these.

Apathy and laziness is an economically logical reaction to data collection
because 1) most people don't have time or interest to deal with governemnt
issues, 2) they don't feel their data is relevant, 3) they don't know about
their Constituational rights and don't have the time or effort to defend them,
4) the issue hasn't become serious enough yet. Really, what most people are
doing is just upvoting pre-written opinions they agree with plus relevant
articles they see online (guilty). The most we can ask for is for people to
send cookie-cutter emails (such as the EFF's) to their representatives.

I'm not saying I agree with the current system of government, but without
going into the entire American government system, suffice it to say that we
are supposed to contact our representatives directly. The transaction cost of
doing so requires that a person 1) find out who their rep is 2) compose a
(well-written) email or letter to them and possibly follow up at a later date.
How many of you can say you have done this?

So perhaps we can try and narrow the transaction cost of contacting a rep? How
about a website that automatically finds out your rep, then let's you send
them a voice message with your mic on your computer. This will fix 1) Some of
the effort required, 2) Diminishes the ability to dismiss cookie cutter emails
and letters, 3) Allows the user to send a voice message before they get up
from the computer and become apathetic or forget about the issue. Would this
be a viable solution?

Side-note: If you really want to make the biggest impact, start using Bitcoin.
The government has power over you because they can tax you.

~~~
LoganCale
Emails don't have much effect. I used to email my representatives regularly,
to no effect. I always just got an automated response presumably picked out
from a set by keywords in my email, and the response was usually praising the
thing I was writing to urge them to not support.

Written letters have greater impact, and actual phone calls have far more yet.
I don't think recorded voice messages will have as much of an impact as
actually calling and interacting with someone in their office. They can ignore
recordings just as much as emails, but it's harder to ignore someone who is
actually conversing with you, especially if there are many such people doing
so.

stopwatching.us and others have put together a phone number you can call which
will automatically connect you to your legislators and give you tips on the
sorts of points to make.
[https://call.stopwatching.us/](https://call.stopwatching.us/)

------
e1ven
I think a lot of us are working on things that will help, but there's no
single silver bullet.

I've been working on a secure, unblockable network, at Tavern.com

It uses GPG to encrypt messages, and passes them along by any means possible -
The public internet if possible, Wifi if necessary, or saving to Phones or USB
sticks in the worst case.

If you know Python, I'd love to have your help. Send me your Github username,
and I'll add you.

I'd love to give it a security review before a public release - There are some
rough spots, but I think that having people like us stand up, and do what we
can, is important.

------
kevincrane
I'm in the process of putting together a weekend project inspired by this
(doubling as teaching me everything about webdev because I'd hadn't grasped it
all fully yet).

It's going to be a super simple site, but it will simplify the process of
writing to your representative. In my experiences, physical letters have
yielded better results than emails. I'm basically making a site that will
easily let you select a representative, type out a letter, and it will cheaply
print, address, and mail the letter for you with 25% of the proceeds going to
the charity of their choice.

Any thoughts on that? It's my first real project building and deploying a
website from scratch, so I'm chugging along on it slowly when I get free time
and learning a lot along the way. I don't expect this will be a game-changer
regarding PRISM, but it will be solving a pain point for me where I want to
write my representative but emails seem futile and mailing a letter is
inconvenient.

~~~
MattyRad
I actually just commented about this same sort of thing. Except I think voice
messages would be far more effective, and a rep would actually have to
_listen_ , whereas letters can be easily dismissed and thrown away. How about
a website that utilizes the computer's mic and instantly sends the voice
message to the rep? Wouldn't that be easier, cheaper, and more effective? (Of
course, the scope of creating such as website would be much more difficult)

~~~
kevincrane
That sounds really cool too, and it could be a nice addition later on down the
road. It'd definitely make it a little harder to put together, so I'd probably
save that for after I got the initial version out into the open. Thanks for
the thoughts!

------
LoganCale
I agree. Let's do something. But what? Physical protests? Projects created in
protest? New tools that can actually do something to make a difference, e.g.
meshnets, anonymization & encryption software, email clients with GPG support
built in? Participating in existing projects to do the same?

Some people have started doing things. See:

[https://optin.stopwatching.us](https://optin.stopwatching.us)

[https://call.stopwatching.us](https://call.stopwatching.us)

[http://www.restorethefourth.net](http://www.restorethefourth.net)

And if you have browsed New on HN for the past few weeks, you will have seen
many hobby projects on the subject which received little to no upvotes.

But I agree, let's keep it up and do something.

~~~
LoganCale
And by the way, here's my idea I've been throwing around. It's just an idea
and I'm not sure if it would even work or be worthwhile, but:

A decentralized personal information protocol. Instead of joining a social
network or other online service and putting all your personal information into
their database, you run your own server (either truly on your own server if
you want the most privacy or through a hosting service for this protocol if
you want ease of setup) that contains a certain set of information which
services can request (but you must authorize, like with OAuth). Information
generated within those services is then saved to your server rather than their
own. Thus if you cancel your account, you have sole control of the data. If
they don't allow you to cancel your account, you can just revoke their access
to your server.

Problems:

\- Trust: You can't trust everyone to not save their own copies of the data
themselves. Perhaps this could be semi-solved by having a machine readable
license agreement for your data that the services agree to by connecting to
it, giving you the ability to sue if they violate those terms.

\- Performance: Presumably there would be performance issues in something like
a highly-interconnected social network if each person's data is on its own
server. Some servers would be more reliable than others, too, leading to
instability for the greater service using the data.

\- Public exposure: If the services using your data are, for example,
Facebook-like in nature, where a large amount of the data is publicly
displayed anyway, there is nothing stopping anyone from scraping it off the
public-facing webpage and archiving it.

------
Falkvinge
I'd have to agree. But it's not about everybody converging on one project, as
implied in the question; it's everybody doing their part to create a huge
decentralized mesh - decentralized and uncontrollable.

Most people live in the here and now; if things don't affect their daily
lives, it's not worth attention. But we're all intelligent enough to see where
things are heading. We're also all intelligent enough to know that we can at
least mitigate the effects of expected developments through coding a few
tools.

The more people that think of such tools, the better. But that's not enough.
Being a bit blunt, ideas don't count for shit on their own. The more people
that sit down to code such tools from those ideas, the better.

------
ambiate
Ethics. Plain and simple. Computer scientists are given the ability to destroy
people's lives, destroy companies, and destroy themselves. I do not care if
they're gathering massive amounts of data. I would prefer there to be a system
of checks/balances. There is much worse happening in the world and MUCH better
places to put time and effort for changing the world.

I want the general populace to be controlled... maybe I'm a minority. Without
religion or government, most of my family would be dead or murderers. Shrug.

------
jstanley
It's all very well saying "let's do something" and feeling good about
yourself, but what exactly are you planning to do?

~~~
spoiledtechie
Does it matter just yet? Really?

What matters is the courage to actually stand up and say, I will do something.

Its time to organize and not just sit behind a damn computer. The time is NOW.

Will you organize? If we moved forward, would you help?

~~~
S4M
What have you done yourself?

~~~
spoiledtechie
Exactly my point.

------
zackliscio
I started a really basic project to help raise awareness. It's dead simple,
but the idea is to remind people who aren't on HN all day about the core issue
of privacy instead of focusing on an individual.

[https://news.ycombinator.com/item?id=5933612](https://news.ycombinator.com/item?id=5933612)

------
theklub
I wrote about this before. If we could build a website for the creation of a
new political party. One that allows all of its members to vote on the
direction and political stance of the party. One that allows for transparent
party accounting.

I could go on and on....

------
spoiledtechie
I will devote some cycles.

------
thenomad
Job #1: figure out what to do. What will have the biggest impact for the
smallest risk and time investment?

What's the user story?

------
v0land
> So, as of now, if we decided to create some sort of Open source project, who
> is willing to devote a few cycles a month to its building?

"You can’t solve social problems using technology".

Sorry to disappoint.

~~~
thenomad
Really? Who said that and what backing do they have for such an sweeping
statement?

Looking at the past 75 years, I'd say that technology has solved quite a lot
of social problems. The impact of the washing machine alone, let alone the
Pill, was absolutely huge.

------
trevelyan
Wasn't Barrett Brown working on something?

