To that point as well, the internet already "works how real life works." Sick of Company X and the way their business treats employees? Shop elsewhere, remembering that it won't be as convenient with fewer choices. Sick of Google tracking the websites you visit? Use a search engine that doesn't track you, remembering that they probably can't pay as much for great engineers.
It's Conway's Law. We are largely constrained to create systems (including the internet) that mirror the organizational structure we're a part of. Yes, we can evolve and revolutionize occasionally, but it will always mirror "real life" because they will always influence each other.
Hard sell. There's a reason why the government has laws against monopolies. Especially when it comes to the internet, consumers tend to choose the best/fastest product over the most ethical one.
- Ubuntu is my daily driver OS, with Windows getting booted once in a blue moon to play some games
- Firefox for 80% of my browsing (the other 20% is Chromium on a Chromebook, which seems to run faster than FF even in an Ubuntu chroot with crouton)
- Thunderbird and a plain ol' IMAP mail server for email
- Maybe half of my messaging has moved to Signal
- Searx.me for web searches, sure I'm using the Google results more often than not, but at least my queries are anonymized, and switching to other providers is easy
I started a business on a very boring, conventional tech stack that gets a lot of hate on HN--PHP and WordPress--but it's a free and ethical stack, and I sleep better at night because of that. I gave our latest hire most of the same desktop software I use, and so far no major problems.
I'll grant you that the UI of some of this software is a little creaky, but I get by, and overall I'd say most of the nasty bugs we have to deal with in our toolkit are in closed source SaaS stuff.
Some notable unethical holdouts include occasional Skype/Hangouts calls, Slack, Google Docs, and Dropbox. Also a bunch of small-time SaaS products. But give me time.
That's not exactly a unique feature of this stack. Most web stacks are free and open source.
- The company supports or enables injustice or human rights violations - The company collects a lot of personal information and does creepy or obscure stuff with it
- The company does not release the source of its products
Virtually all SaaS gets dinged because of #3, and in a perfect world we'd somehow replace them all with self-hosted, open source alternatives, but that's a tall order.
I'm not a zealot about any of this, I just make sure I set aside a little time aside every quarter to evaluate ethical alternatives. Legitimately "doing no evil" is absolutely a benefit I'll pay money for.
EDIT: Bit of a brain-fart. IMAP is just a client of a mail server. So to rephrase my question - what mail server do you use?
Also, having run an email startup in London, patching and anti-spam at almost any scale is nontrivial.
For volume mailing we use ESPs like Mailgun and Sendgrid. Occasional deliverability problems are a fact of life at those.
Popular, easy and cheap wins most of the time, even if it hides deferred costs like terrible security and engineering choices.
I realize this isn't exactly what you're talking about, but it is indeed possible to unplug your WAN connection and plug something else in instead. Amateur radio operators do this amazing and fun thing with self-discovering, self-linking mesh networks. Great fun to learn and explore!
A good starting point: http://www.broadband-hamnet.org/
it is NOT a replacement for your home internet connection
being an Amateur Radio network, it can only carry traffic that is allowed under FCC Part 97 rules
several types of internet traffic violate these rules
also, it is NOT a replacement for your home internet connection
finally, it is N O T a replacement for your home internet connection
and by the way, it most certainly CANNOT be used in any way with your business network
If you're impatient, you can skip the first 10 minutes and 40 seconds: https://www.youtube.com/watch?v=DoeNbZlxfUM#t=10m40s
When it becomes technologically possible to interface electronics into our brains, corporations will have almost unprecedented opportunities to do some really terrible things directly when the world becomes socially-pressured to be neurally-connected.
I say "almost" because the manufacturing of consent and desires exist now and it is popularly believed to "apply other people but never me," a direct connection has the potential to make this manipulation cheaper and stimulate the brain in ways a glowing screen looks like banging rocks together.
We are replacing things above TCP/IP like DNS, Certificate Authorities (CAs), how data is discovered, data silos, and dependence on remote servers for running your apps.
http://blockstack.org/whitepaper.pdf has more details.
I do use alternative search engines; however, look at the traffic on just about any website and you'll see Google ip traffic spewing in all directions. I'm quite confident that tracking still occurs, regardless of how I get from one site to the other. This can be locked down a bit, but not 100% and not without effort and maintenance.
You have fundamentally misunderstood how Google tracks your visits. If website uses AdSense, they track you, if website uses Google Analytics, they track you, or Google fonts or scripts or what ever, they track you.
This means that the problem is much larger and the solution is not very simple.
There are ways to prevent those requests, however. Install a chrome extension to block all adsense & analytics requests, fonts, etc. Black hole their IP addresses or DNS. There are plenty of concerted efforts to improve anonymity despite these issues (e.g. the TOR browser).
There are varying costs to these approaches but it's not impossible, or even that hard if you trust the Tor team more than Google.
I'm not saying there aren't additional avenues worth investigating, but that you nearly always have to decide how much efficiency/cost you're willing to pay for anonymity.
I did a test, beside IP address also User-Agent, Accept-Language and Referer headers were sent.
Perhaps not good for very precise finger printing but still more that you claimed and can be cross correlated with other requests with more precise information.
Google has claimed that they do not use this cases for tracking. One can believe this statement, or one can prefer to not do.
and from there:
It does not give you perfect match but is much more precise than just the IP address and with limited number of users would be probably sufficient to distinguish different users behind single IP address.
I then assumed that at certain moment this user can be uniquely identified (by AdSense, Analytics etc).
Then accesses to pages without active tracking but with links to Google fonts or other passive API can be still identified with high confidence given the access happens from the same network.
I do not know if such extra signal is interesting for Google, but it can be acquired. Also mind you that using an ad blocker is also a signal and can be assumed from the access pattern.
The same logic applies also to an user who uses ad blocking but still uses limited Google services.
Again I do not know how much Google finds this kind of signal interesting but it is possible to collect it.
Power corrupts, and absolute power corrupts absolutely? Or did you mean, you can fool some of the people all of the time, and all of the people some of the time, but you can't fool all of the people all of the time ...
This saying needs a caveat - sometimes, you can fool all of the people for enough time to complete your evil scheme.
It's more like: "You can fool enough of the people for enough of the time to complete your evil scheme".
My thoughts exactly. A truly new internet would require new pipes, not just another protocol layer.
Seems that it's just a matter if the most efficient structure being this way for both cases rather than us mimicking the workplace in the structuring of the Internet.
So you can get around the law...but only by risking the integration of something that should be kept secret into the organizational structure...which makes its way into your system. Most people aren't willing to cross that threshold.
So Conway's law is true for most people, just not all.
If you want to think about it from the adversarial point of view, you can say that all programs are designed to transform or destroy organizations; programs mirror organizational structures because people want to determine the "resonant frequency" of an organization and understand its "social vulnerabilities" in much the same way a physical structure has structural vulnerabilities.
I don't understand how this is dangerous. can you please give an example? I guess if you mimic more complex organization it may be dangerous.
And a blog
curl -o 1.htm https://blockstack-site-api.herokuapp.com/v1/blog-rss
tr -cd '\12\40-\176' < 1.htm > 2.htm
0. It's self-promoting a panacea "fix" as a product at the wrong level of abstraction.
1. Protocols and standards exist for interoperability.
2. Tries to rebuild everything (supply- and demand-sides) while fixing very little.
Fix what's here and now for the benefit of everyone with a migration path, not for the benefit of a few in a temporary, constrained, arbitrary way divides people similarly to the way Facebook tried to foist another internet onto the third-world.
I agree that rebuilding everything is hard and that's why we reuse not only TCP/IP and everything below TCP/IP in the stack, but we also reuse existing infrastructure in a decentralized way.
We've already built this stack and have been running it in production for 3+ years. Please see our peer-reviewed research papers and our whitepaper at http://blockstack.org/papers for more details. Happy to answer any questions!
I don't really know much about blockchain, but I know to access whatever this is, I still have to pay Comcast 50 bucks a month for the right to use their "tubes."
> Today we are proud to announce the Blockstack browser, which allows developers everywhere to access a whole new internet.
reminded me of then-Senator Ted Stevens' take on net neutrality
> Ten movies streaming across that, that Internet, and what happens to your own personal Internet? I just the other day got... an Internet was sent by my staff at 10 o'clock in the morning on Friday. I got it yesterday [Tuesday]. Why? Because it got tangled up with all these things going on the Internet commercially.
In other words, what a load of hot air! Looking forward to their $50M seed round.
I'd highly recommend looking at our peer-reviewed research papers at http://blockstack.org/papers. We've been obsessed with performance and scalability and 3-4 years of research, engineering, and hard work went into this.
We already have enough money and are grateful for having investors like Union Square Ventures, Naval Ravikant, Y Combinator, SV Angel, Lux Capital, and others who share our vision. Building a truly decentralized internet will take years/decades and we're looking forward to growing our open-source community that can take on this grand challenge.
Thanks for the link! This kind of project is really exciting, so I'm sorry if the nitpicking detracts any from your awesome aspirations :-)
I just the other day got... an Internet was sent by my staff at 10 o'clock in the morning on Friday. I got it yesterday
I had to go back to listen to the original. Man what a trip.
Why Chrome and not Firefox? In their context, the later makes way more sense.
Regular bitcoin only deals with tiny transactions and already it takes days to download its blockchain on an older DSL link.
Also, how is this better than just, you know, running your own website? Is that too Web 1.0 for today's hip youth? How much aggregate computer power is necessary to deliver one page in this system? How about 10 years from now when it has petabytes of data to deliver?
Only naming (identity) is pegged to Bitcoin, blockstack has a virtual blockchain on top of this which has functionality akin to DNS (and CA). That DNS can point to your storage, so you can have things on Dropbox or Amazon S3 or wherever.
So it scales pretty well, you don't download what you're not interested it. It will work with a lot of infrastructre/services that exist, but you can cut out a lot of middle men.
You could host your application code on your Amazon S3. But when a user runs it, the app can store private data in THEIR chosen storage. And if you have public data, that could be either stored with their chosen storage without encryption (only signature) so it is public, or indeed you could store it in your application storage.
That would allow for real world use without having to rely on things like "pinning".
GPG encrypted messages with a huge list of fallbacks where messages got stored. (Pastes, private subreddit, Facebook via RSS).
The code was truly awful, but the premise was we just needed each others public keys, and all was good. (Killed the project when one of us lost their private key, and we realized hardcoding the public keys had been a terrible idea).
I don't think I have the code anymore, but shouldn't be much more than a weekend project if you stick with text only.
Please link to summaries of what has been done, why, and where it's going.
(On the face of it, a "blockchain" seems like a god-awful fundament for a distributed net, compared to e.g. IPFS.)
I mention this because in the previous threads regarding crypto currencies, people were asking for some value-creation technologies based on blockchains (other than speculation and money laundering)
Is it? I thought you didn't do anything on the bitcoin chain without value changing hands.
Is there some kind of high-level overview available for those of us who are totally unfamiliar with the inner workings of blockchains, and would nonetheless like to gain a firm enough grasp to understand what Blockstack actually offers? I'd love to read such a thing, but haven't yet found it on the Blockstack site.
This is an overview of how blockstack works: https://blockstack.org/docs/how-blockstack-works
This is a description regarding the transaction fees on the bitcoin blockchain: https://en.bitcoin.it/wiki/Transaction_fees
Here are some real time stats regarding the costs/byte of info to be stored in the blockchain (in satoshis - 1 USD is approx 45k satoshis at today's BTC price)
This is DNS on top of the blockchain right?
Though where it deviates some is:
"Even though only data record hashes are stored in blockchain transactions, we can use them to verify the authenticity and integrity of the data itself once we get it. For example, you can host your data in S3, and other peers can verify your data by first obtaining the hash from Blockstack DNS and then checking it against your data's hash."
So functionally what this is solving is (I'm asking here):
- Nobody can take your domain away b/c they don't have the keys, so stuff like domain sniping, ISP interference, Government seizure, etc. are less likely (notwithstanding https://xkcd.com/538/)
- Every piece of data is checksummed so you can (and maybe this is what the Blockstack browsers are doing) verify that it hasn't been tampered with ala MITM.
But even with that, I'm still unclear on just what's the right way to think about this. Like if I setup a new web site on a domain, would I also enter in every file on the page as a separate 'data record hash'?
Here's a profile: https://blockstack.s3.amazonaws.com/muneeb.id
Here's how a simple zone file looks (from https://onename.com/muneeb.json):
_http._tcp IN URI 10 1 "https://blockstack.s3.amazonaws.com/muneeb.id"
Only the domain registrations hit the blockchain and it's a one-time operation (just like buying a domain name for your website or app).
From what I remember, ZeroNet ran in whatever browser you used to access it.
That's why is good to use a dedicated device/OS user or at least browser profile to access your bank and doing random browsing.
Since it's done to curb terrorism and protect children from predators, isn't this what most people want? I mean, I personally would rather shoot myself than live like that, but I'm not most people. I seem to recall that the UK's internet censorship bill (or whatever exactly it was, someone correct me please) has majority voter support.
So, it's like a Smoodie?
I kind of feel it will not take off, no windows support etc, but you never know, if anything is hot these days, it is blockchain solutions.
I've registered an ID. I did it through onename.com which pays the registration fee for you (as a way to get more people into it, it won't stay that way).
Read the blockstack papers, they're the best info around and makes everything clearer. It is a bit hard to wrap heads around. I've been trying to unsuccessfully explain it many times, there's so many good ideas and so much potential there!
(I'm unaffiliated btw, but have been following the project for a long time)
Edit: transitorykris.id is now registered.. but doesn't appear linked to my keys.
Yes! Users should be in control of their data and Blockstack enables this. There are also practical advantages for developers.
User control of data means you don't have to have the responsibility and cost that comes along with storing other people's information. With lots of user data, you're a valuable target for hackers and governments. It also frees you from maintaining expensive backend infrastructure and devops. This lets your app scale without a huge bill from your favorite cloud infrastructure provider.
"Blockstack binds (human-readable) domains to public keys to establish ownership of domains. These domains have associated data records as well. These small bindings are stored on the blockchain and are tamper resistant. The actual payload from the data records is stored outside of the blockchain because blockchains have limited storage space and are not meant to be used as general-purpose databases."
Also, it stores much data in the blockchain, so it has scaling problems. Blockstack stores the zone file data in its own Atlas (DHT-inspired) network, and the zone files point to where the actual application-level data is stored.
Blockstack can work on top of any blockchain, so if Bitcoin is not the most secure anymore, it could be moved. Separating into different layers allows scaling and resiliency. And you don't have to run a blockchain, which is good, because that already exists.
Basing anything on proof-of-work puts you in a perpetual race to control more compute than your adversaries.
Where it says "storage layer" it has things like Dropbox and S3, in some versions of the picture it also has IPFS. This is up to the user. As long as you can fetch it, it can be used. Usually that would mean you'd have to use HTTP, but it depends on the browser you're running.
You can also read about 'Gaia' (where it uses storage as Dropbox/S3 as 'dumb harddrives' where it can dump encrypted blobs on) in the whitepaper: https://blockstack.org/whitepaper.pdf
Lets take a fun game. How about all of Atari 2600?
Ok.. This is remote, across all the machines that have that IPFS hash. In other words, its not local.
(in console) ipfs pin add QmacAqRVhJX9eS7YJX1vY3ifFKF9CduDqPEgaCUSa4x5xb
Now its local!
Or lets do something more than a game... How about Node-Red in browser(PageNodes)?
EDIT: I had the point in my head, but didn't put it down here. In other words, we already have this technology, and not using buzzword-bingo like "Its the interwebz but with blockchains!". These links are direct proof that it not only exists, but is working right now.
And in reality, making a type of blockchain in IPFS would not be hard. It's an immutable data structure, with append-only characteristics.
And, I also am partial to IPFS, primarily because it feels like a proper IETF-internet scale project. ZeroNET looks prettier, but.. throw away. Again, some subjective feel there, but IPFS feels elegant.
Primarily, I see ZeroNET as its competitor. And ZeroNET has the bling and the wow factor, but much of the underlying system is.. unfinished. It also requires some heafty frontend with backing DB as well. It seems cobbled on and over-engineered.
IPFS, on the other hand, is clean and clear of its focus. It's simple enough to do as it purports. It works now. It seamlessly works with gateways to allow non-IPFS users to access the network. It's network agnostic: ip4, 6, and whatever else is a protocol addon. And it seems to be on its way to an IETF standard.
ipfs is a decent storage system, but i think there are better ways to model applications for a decentralized world.
Blockstack provides naming, identity and security (you know what public key is connected to "myname.id").
Most of us would not stand for this in our real, everyday lives. But on the internet, we tolerate and even expect it. We become dependent on nameless, faceless, remote parties just by connecting. On the internet, we are powerless. Our existence on the internet is defined by others, whether that other be a mega-corporation or a government.
Now, we can change that.
Beautiful mission statement.
What am I missing?
The problem that the blockchain solves is essentially one of decentralised consensus on mutable data. Decentralised consensus on immutable data is "easy" (see Bittorrent, IPFS), but getting everyone to agree on who owns "yoursite.com" and what data it points to fundamentally depends on a universally agreed key-value mapping. Using a blockchain allows everyone to agree on such a mapping, with some nice extras thrown in like blind auctions and public key crypto. Namecoin and the newly launched Ethereum Name Service work similarly.
The big question given the inefficiency of proof-of-work blockchains is whether there are other ways to do decentralised mutable data. I'm currently working for MaidSafe, whose approach is based on a more traditional DHT and voting amongst randomised groups of nodes. We're still in alpha however, so for now the working systems are all blockchain based.
This is not a new Internet. This is a good way to waste time, effort, and money on something that's had a lot more thought put into the comprehensiveness of its rhetoric than into the comprehensiveness of its actual offering.
This still requires you to have your normal internet to connect to it and use it.