
We need decentralized communication - johnboyer
https://medium.com/@johnnyboyer/we-need-decentralized-communication-now-c2a462a2330a
======
brenden2
A big thing that annoys me about buzzwords like "decentralized" is that
they're not binary. Another one that's largely lost meaning is "blockchain".
Decentralized is relative and depends entirely on the context.

They do tend to represent ideas like anti-censorship, individualism, and
(sometimes) privacy. I think it makes more sense to discuss these topics in
terms of the actual implication of what you're decentralizing, and how it
actually helps.

For example, the Internet itself is decentralized. But from the perspective of
your particular ISP, it's not at all decentralized (if your ISP turns off your
Internet, it's game over).

Email is also decentralized, but so what? Most people use the same email
providers so it's somewhat meaningless for SMTP itself to be decentralized.
Google can still read your emails.

The problem with using these terms instead of more tangible language (i.e.,
language that describes what the thing is actually doing) is that they tend to
get hijacked by scammers/marketers who just want to harness their popularity
for their own ends.

~~~
OrderlyTiamat
> E-mailadres is also decentralized, but so what? Most people use the same
> email providers so it's somewhat meaningless for SMTP itself to be
> decentralized. Google can still read your emails.

I actually think email is almost the ideal implementation of a decentralized
network. You're always going to have giants in any communication network-
that's simple the reality. Email allows people to use these giants or, and
critically, it allows people to join in the conversation while not using those
giants. It is open. Suppose this were to happen with twitter or facebook,
where the protocol was open and people using networks like mastodon could
simply join in. That is a way to achieve decentralization, with the benefits
that go with it. If you don't want google to read your mail, you and your
correspondences can choose not to. Twitter and Facebook offer no such choice.

~~~
no_identd
>You're always going to have giants in any communication network

I suppose you make that claim based on the assumption that any electronic long
range communication system at most reduces to a network?

If so, your assumption—while applicable to our current global communications
network—doesn't cover the communication systems which could (& hopefully
would) already exist if the ARPAnet originators hadn't messed this up by
dropping the Internet layer and renaming the Network Layer to the 'Inter'net
layer. It got Telcos exactly what they needed to remain giants.

~~~
bavell
> if the ARPAnet originators hadn't messed this up by dropping the Internet
> layer and renaming the Network Layer to the 'Inter'net layer.

Can you send elaborate? Genuinely curious.

~~~
tgragnato
[https://en.wikipedia.org/wiki/History_of_the_Internet](https://en.wikipedia.org/wiki/History_of_the_Internet)

Back in the day the network layer was not standardised nor interoperable. The
"International Network Working Group" provided a communication protocol
(TCP/IP) capable of hiding the differences of the different networks.

> the job of the TCP is merely to take a stream of messages produced by one
> HOST and reproduce the stream at a foreign receiving HOST without change.
> [Cerf]

That network of networks demonstrated the feasibility of the concept of
interconnection. The resulting net eventually became the global inter-
network... INTERNET

~~~
no_identd
Not my point tho, see here:

[https://news.ycombinator.com/item?id=21108739](https://news.ycombinator.com/item?id=21108739)

Interconnected Network Networking (what we have today)≠Interconnected
Internetwork Internetworking (what we should have but don't)

The latter enables recursive structures, the former doesn't.

~~~
bavell
Thank you, this is what I was looking for.

------
piotrkubisa
> We need decentralized communication

> Although Riot has made significant progress in the past few months, there is
> still a long way to go before it becomes a suitable drop-in replacement for
> platforms such as WhatsApp or Discord.

The problem with adoption client based on Matrix protocol is clearly lack of
the quality of clients and being so annoying for users. I think it also stands
true for other protocols like IRC or XMPP. In my humble opinion, clients for
all 3 are far behind Telegram or WhatsApp or even BBM.

Looking on commits in repos of various Riot clients, I am not sure if there is
significant progress (yes, it's a bit unfair to said that, but comparing to
let's say webpack repository, number of random contributions is quite low).
For Android there are two versions - Riot and RiotX. RiotX is in early stage
development (I'd say it's unusable), while the Riot just gets minor changes.
iOS client is OK. Web and desktop client (based on electron) is not as simple
as Slack to get start and running. I keep fingers crossed for Riot developers
and spontaneous contributors to improve those clients - without good, simple
to use clients there isn't any chance for Matrix to be adopted widely as
WhatsApp or Telegram are.

Centralization is not really important factor for most of people during
selection of communicator. IM is a tool and if it does not do its job
properly, people will look for better alternatives. Just, please take a look
how many sysadmins/devops switched to Slack from IRC. Please stop writing yet
another article how centralization is bad - just help Vector.im,
TheLounge.chat or other group to bring such IM client where most of people
will be comfortable to use it.

~~~
CM30
In other words, the project needs UI and UX designers, and more of a focus on
a polished user experience.

Which seems to be an issue a lot of open source, decentralised projects have
to be honest. They get a lot of programmers involved, but seem to struggle to
get the aesthetics/design side up to par.

What would it take to get the kinds of designers found at the likes of Slack,
Discord, WhatsApp, etc working on open source projects lke Matrix?

~~~
kixiQu
....money?

------
esotericn
[https://www.youtube.com/watch?v=KbWfzyQBWrU](https://www.youtube.com/watch?v=KbWfzyQBWrU)

> Most Popular Instant Messengers 1997 - 2019

WhatsApp has approx. 2 billion users. The beginning of that video starts out
with messengers (not including things like IRC and email) that have a few
million.

This is just the Eternal September effect.

You and I can just crack out nginx and host a site. The author of this post
didn't even do that; what hope is there for the rest?

An instant messenger, even a secure one, needs a proper marketing budget in
order to succeed out in the real world. It doesn't just need to be superior -
it needs to be _advertised_.

------
lixtra
> Decentralization is paramount to restoring privacy and freedom to the
> internet.

We have to start with reconquering our phones. A decentralized app cannot be
hinged on a centralized appstore.

~~~
Pneumaticat
F-Droid [1] has addressed this pretty well for Android devices.

[1]:
[https://f-droid.org/en/packages/im.vector.alpha/](https://f-droid.org/en/packages/im.vector.alpha/)

~~~
haunter
Until F-Droid removes the app from the store for whatever reason

~~~
dublinben
F-Droid supports adding additional repositories, so there is no "the store."

------
ken
There’s some juicy irony in seeing “We need decentralized communication
(medium.com)”. I see no mention the the elephant in the room.

~~~
GhostVII
Just because you need something, doesn't mean you need to use it.
Decentralized communication is a fallback in the event that centralized
communication fails, in the same way that cash is a fallback in the case that
credit cards fail/are blocked. I don't carry cash, and I don't use
decentralized communication methods, but I still think both are very important
to have.

~~~
fragmede
If you need cash because the card network is down, then it's already too late
to get cash. Thus, it's important to test the decentralized methods, just like
it's important to test your backups. And if they haven't been tested (and have
up to date instructions!) the only safe assumption is to assume they don't
work.

------
dsparkman
You want to send something sensitive, mail a letter. In the US, the
protections on ease dropping on physical mail is quite good. Requires an
actual warrant in an actual court, unlike most electronic communications.

Otherwise, assume your communications are being collected and perused.

------
blakewatters
The analysis I have read here is far over-indexed on the technology and
privacy aspects. Pushing a new messaging platform involves a fundamental
change in consumer behavior and this in turn requires engineering, product,
design, and marketing to execute in concert. This is why corporations continue
to out-deliver Open Source in anything that touches the consumer.

“If we build it, they will come.” Is just a lazy fantasy that lets you stay in
your comfort zone, fixing bugs, refactoring modules, and pushing features for
the next release.

If Matrix is to succeed as a technology it needs a real, highly competent go
to market team and strategy. And I think you have to build some very
compelling user experiences to drive switching and combine that with
import/invitation features and outreach (pushes, email, etc) to even have a
look at the basket. Alignment across platforms is just table stakes.

------
no_identd
Oh for crying out loud. No, we need UNcentralizable communication, as to avert
undecentralization/recentralization.

Federation=bad:

[https://news.ycombinator.com/item?id=19959687](https://news.ycombinator.com/item?id=19959687)

Unfortunately, any communication protocol which mathematically always reduces
to ye olde beads-on-a-string with enough extra steps to hide this even from
most experts makes this fundamentally impossible… — …and both IP 4 and IPv6
fall into that category, despite their very name implying otherwise:

[https://news.ycombinator.com/item?id=19867467](https://news.ycombinator.com/item?id=19867467)

Two brief quotes from over there:

"[…]

This does not mean that we should be doing OSI. Good grief, no. …

[…]

————

[…]

[22] Someone will ask, What about IPv6? It does nothing for these problems but
make them worse and the problem it does solve is not a problem.

[…]"

------
linuxftw
We could have decentralized communications if we ever actually use IPV6 in
production. Static IP's for all, much easier to self-host.

The other large issue is once you self-host, you're now liable for moderation
of illegal content. I'm not sure how to fix that part.

~~~
no_identd
No we couldn't, because, despite its name, IPv6—just like it's
predecessor—functions as a network protocol and can't support internetworking
at all.

Consider RINA and/or GNUnet instead. IPv6 just represents a bandaid.

------
kop316
"This means the only way WhatsApp could comply with these demands is by
completely altering their software with insecure cryptography."

I get what the author is trying to say, but getting technical details like
this incorrect makes it difficult for me to want to keep reading these types
of articles. There is no need for WhatsApp, et all to make the crypto
insecure, all it needs to do is keep a record of the keys in a centralized
database. That's why having centralized Commination isn't good, all you have
to do is own the key handling process and you're good.

To follow the analogy in the article, the lock is fine, just 3 letter agencies
have the key.

~~~
johnboyer
It was my understanding that the asymmetric key pair was generated locally,
and only the public key was exchanged. I am unsure about whether or not this
is a requirement of the Signal protocol, but Signal itself will only store the
private key locally, meaning they would need to alter their software in order
to store said keys in a centralized database.

~~~
kop316
You are correct. However, that doesn't make the cipher insecure.

The reason I make this distinction is because it makes other attack vectors
different. If the cipher was made insecure, then the whole thing couldn't be
trusted because anyone can now attack the cipher.

However, if the keys are being stored in a database, it means that the cipher
it means you can either attack and get the keys on the local device or the
center database.

Those are two radically different attack venues with entirely different
consequences on the encryption scheme.

Edit: Thinking about it too, it also makes the defense against it a lot
different too. Say I'm in a country that only allows WhatsApp for this reason
(WhatsApp allows key sharing). If I wanted to, I could crack the software and
just stub out the part that sends the key (or send a dummy key as well). You
still get the protections of a secure cipher, and no one else has the key now.
If the cipher was weakened, then you couldn't do this.

------
karmakaze
"[...] used against suspected terrorists, pedophiles and other serious
criminals."

This isn't even a slippery slope, 'suspected, other serious criminals' is
subjective enough to apply at will in any instance.

~~~
xkcd-sucks
Joker 2: The mayor of Gotham recruits Batman, because law enforcement has no
jurisdiction over silly criminals

------
reilly3000
My beef with Riot (at least as of 18 months ago) was how cumbersome it was to
set up encrypted channels, especially on multiple devices. I'm not at a place
where I can do much about that, but happy to support somebody who can (if its
still an issue).

------
jpswade
Like IRC?

