Hacker News new | past | comments | ask | show | jobs | submit login

The point of open protocols is not that there will actually be many providers, but that one could switch providers easily if they do something fishy. It's about the threat, and what can happen on margin.

Keeping a sword dangling over the monopolist's head is reasonable.




You are correct. The greatest threat to someone providing a service based on an open protocol is that users might pick up and leave.

Consequently, a service provider will plow enormous resources into differentiating their service, and generating other lock-in effects, so the users find it hard to leave.

A popular open source protocol is actually the perfect playing field for a would-be monopolist.

The monopolist can make their service better and better with cash and execution, but meanwhile the protocol is stuck at a baseline since a varied ecosystem doesn't upgrade itself as quickly. So it is less and less attractive.


> A popular open source protocol is actually the perfect playing field for a would-be monopolist.

Whereas when there's no popular open source protocol, the OSS ecosystem upgrades itself fast, like a cheetah? :P Whatever mental model you're using here might just be going over my head and I'd appreciate you being more explicit about it


Microsoft: Embrace, Extend, Extinguish.


Riiigght, that makes some sense, thank you! Need to consider to understand if open source is really advantageous, but you've pointed out how it might be


What's an example of an open protocol (what this thread is about) where MSFT successfully followed this strategy?


HTML before IE6. At one point Microsoft owned the web browser market to the same degree that Google owns it today.


Anything from this century?


IE6 was the most popular web browser until 2008. It wasn't until 2010 that we finally could somewhat ignore it when it dropped below 20% market share. It was a happy day when I could completely ignore it in corporate in 2018 when it was uninstalled from all computers.


> A popular open source protocol is actually the perfect playing field for a would-be monopolist.

At first I thought "email seems a good example of this: most people don't want to leave Google, I don't want to leave FastMail"... but then I remembered that I could just leave FastMail and take my email to Google. Which proves the upthread point about the open protocol being a safety net for users.

Can you talk about some examples of monopolised open protocols?


Email is the paradigmatic example. You can export your mailbox and use `pine` if that's your jam. But in the real world, most users of Gmail will depend on at least one feature of Gmail that isn't easily replicable elsewhere.


> Email is the paradigmatic example

But there's no monopoly. There's feature-based lock-in built around the open protocols, and it's very effective, but it's not a monopoly.


I wonder what gmail's churn rate even is? It is surely staggeringly close to zero.


I wouldn’t be surprised if they have more churn via death (people, companies, abandoned projects) than any other single source.


Not if the switching cost is high and/or slow. The problems of a monarchy will not be solved by setting up a competing neighboring kingdom.

To bring the topic back to networking, it has been said that decentralization is the worst form of networking except all those other forms that have been tried from time to time.

(With apologies to Winston Churchill.)


> Not if the switching cost is high and/or slow. The problems of a monarchy will not be solved by setting up a competing neighboring kingdom.

That was how the US grew between 1700 and 1914. Everyone in Europe sick of monarchies just moved out to the new world.

When there isn't a finite amount of land to squat it becomes a viable long term solution.


The U.S. isn’t (and wasn’t) a kingdom.


> Not if the switching cost is high and/or slow.

This seems to be one of the key goals of Jack Dorsey's bluesky over Mastadon. Mastadon apparently has a lot of friction when trying to switch servers, even though it's a federated protocol. Bluesky claims to want make it much more trivial to take your identity to any provider on the federated network.


I bring up open protocols because I think they is necessary, if not sufficient, to keep the switching costs low.


I agree. A few years ago, I wrote an article on this subject :

hello@joe — greeting, editorial rule and name on the Internet

http://apichat.fr/doku.php?id=hello_joe_greeting_editorial_r...


Plus, if these protocols are built on top of cryptographic methods, it might not be so easy for the providers to do something fishy in the first place.


Since somebody chose to downvote the above comment, I think it bears elaboration for those who might not understand. A contemporary example is domain names. The current domain system is a monopoly, and it sucks. You pay companies a never-ending and ever-increasing rent to do literally less than nothing. A domain isn't much more than a key/value pair in a small database. You're paying never-ending rent to them for them to not go out of their way to delete your entry.

Relying on a centralized competitor to offer something better would be dubious. If they gain substantial marketshare there's nothing stopping them from deciding to simply swap back to our current system. It could even be done retroactively since everybody has those lines in their terms and conditions that amount to 'We can do anything, and you can't do anything about it.'

But with a decentralized system you have the possibility of a new type of domain where while one operator may be able to be the only one that can create them, once they transfer that domain to you it becomes literally impossible for them to access, change, or affect it in any way, shape, or form. Decentralization is able to turn various digital goods into something much closer to their physical counterpart where you are buying something that is no longer connected to the seller after checkout. And this can really help ensure the integrity of services that otherwise might be susceptible to bait and switch business models.


I'm not defending registrars/registries per se, but...

> A domain isn't much more than a key/value pair in a small database.

No, it's often a huge investment and important part of security approaches (certificates, validation, email, etc.)

> You're paying never-ending rent to them for them to not go out of their way to delete your entry.

Yes, you're paying them to not update that value to point to someone else's server. Just like you pay your landlord to not only keep your apartment in working order, but to not let someone else live there.

> becomes literally impossible for them to access, change, or affect it in any way, shape, or form

How is this a good thing? Someone takes over your domain and nobody is able to get it back? You just spent millions of dollars on marketing to get people to visit your somenameforme.tld and now it points to another site because your key leaked. ¯\_(ツ)_/¯?


Keys don't "leak" but of course they can be stolen - like any real product. If you spend $40 million on your Van Gogh, and it's stolen - that's not going to be a happy moment. Fortunately keeping a key safe is much easier than keeping a physical asset safe. And you'd only need to access your archive the times when you need to change the IP for your domain or are otherwise transferring/selling it.


Keys can easily leak; there was a high-profile example not so long ago where a bunch of GPG public keys shared factors due to a bug in generation.


SIM swap attacks happening at every level of the mobile industry would probably invoke cool rebuttals as well.

https://consumer.ftc.gov/consumer-alerts/2019/10/sim-swap-sc...

You are not going to be able to pay extra to make rotten to the core pretty.


> A contemporary example is domain names. The current domain system is a monopoly, and it sucks. You pay companies a never-ending and ever-increasing rent to do literally less than nothing. A domain isn't much more than a key/value pair in a small database.

Is there any legal or technical reason why someone can't set up a DNS server that resolves domain names to different IP addresses than those traditionally used?



Beyond network effect, nope. This is one of the more convenient ways to block in-app ads on mobile. Set your DNS to something like AdGuard's servers, and they'll resolve ad delivering domains to a no-op. And suddenly all major third party ads in apps or the web alike are gone.


> Beyond network effect, nope.

So why does no-one do this/ Obviously people do do it for ad-blocking, so why not for other purposes? Too difficult to get traction, perhaps?


You can do it on your own systems all you like, but the thing people love about domain names is that anyone who types in a domain can get to that particular site. The fact that we all generally agree where a domain points to is part of what makes them useful.

If I decide I want to have my personal website be called google.com I can edit my hosts file to point google.com to my webserver and everything works for me, but anybody else going to google.com is going to get Google's page instead unless I somehow convince them to edit their files or use my weird DNS server.

Even if I come up with some great reason that makes people want to accept that google.com is better when it goes to my website instead, what happens when someone else decides they should be able to use google.com for something else and they convince a bunch of people to use their weird DNS server? We could fragment the DNS all over the place and have several conflicting entries for every popular domain name depending on what DNS server you're using but is that really better?


People do, it's just niche.

OpenNIC has a lot of non-ICANN domains but runs in a fashion similar to ICANN (central organization deciding rules for TLDs). Iirc there are some small non-US communities that use this a lot.

There are also a decent amounts of crypto TLDs (.bit for namecoin, Ethereum has a couple, etc).

There are of course a lot of corporations that use custom DNS domains for internal purposes, like .corp or .internal or the like.

It is difficult to get people to change their DNS serves en masse to something non-standard. The lack of being able to get real TLS certificates is also an issue though there is work in this direction: OpenNIC is developing a traditional CA afaik and namecoin has some experimental stuff to support DNSSEC and TLSA to have TLS certs enforced by the blockchain.


There are DNS blocklists for mail servers. It's a slightly different thing, but basically there's if there's an entry it means there's a reputation for the mail sender. Some of them are present/not present and some have a score. Some are against the IP of the sender only, while others are against the domain name or full hostname of the sender. You just set your mail server to do the right lookup against the right DNS server, and incoming mail can be filtered based on the results of the DB someone else is maintaining.


There are a very few alternate roots that have actually gotten traction - the most famous of which is .onion


.onion is weird in that it isn't actually DNS; it doesn't support DNS records (like A, SRV, TXT, etc) and applications that use it don't use DNS to connect to things behind onion services.


There are no legal nor technical reason why someone can't do that. There's also no reason why the TLD can't be a number[1]

1: https://news.ycombinator.com/item?id=2179216


Just to clarify, are you thinking of something like E2EE?


Sure, Binance could run off with your money tomorrow if they wanted you, but if you keep most of your money in your actual Bitcoin wallet and only deposit what you need to, your money is 100% safe.


Big lesson learned from Mtgox.

Unfortunately wallets have their cons too, and there are a lot of people who have lost their passwords or thumbdrives and thus access to their crypto.

No silver bullet.


Web3auth/Torus and Argent trying to solve that problem.

But yeah, the moment you have key recovery, even if it's decentralised and requires multiple parties, you aren't 100% in charge anymore.

But, it's probably a good alternative to being 0% in charge with custodial wallets.


Didn't the Mtgox people finally get their BTC back but only after a few years and the price 100x'd ironically? Either way, diversify ones portfolio including where the moneys are kept.


Don’t know if distribution has happened yet. But there were at least a few investors buying claims, so plenty of people were able to cash out.

You could say that’s actually a better outcome than losing your private key.


100% safe from some forms of loss but you still have various risks associated with passwords, key phrases, wallet phrases, software bugs, backups, etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: