While anyone can run a Tor node and register it as available, the tags that Tor relays get assigned and the list of relays is controlled by 9 consensus servers[1] that are run by different members the Tor project (in different countries). They can thus easily block nodes.
It's 10, not 9. And there are severe problems with having a total of 10 DA be the essential source of truth for whole network. It would be trivial to DDoS the DAs and bring down the Tor network or at the very least, disrupt it: https://arxiv.org/abs/2509.10755.
It's the only complaint I have of the current state of Tor. Anyone should be able to run directory authority, regardless if you trust the operator or not (same as normal relays).
Anyone can. The DA code is open source and is used whenever you run a testnet. You can also run a DA on the mainnet - how do you think the 10 primary DAs exist? They're not 10 computers owned by a single organization - they're 10 mutually trusting individuals. However, most of the network won't trust you.
That depends on the country. In Australia, there is an explicit carve-out in the Copyright Act to allow for backups of computer programs[1], and there is also a widely held belief (at least, according to the government) that backups of this kind in general are also considered fair use[2]. Actually, it seems there is a somewhat similar carve-out in the US as well[3].
>there is an explicit carve-out in the Copyright Act to allow for backups of computer programs
But there is not a carve out for breaking DRM to do so. It's not the backup part that is the problem with dumping them. It's that these games are encrypted and decrypting them requires breaking the DRM scheme which is illegal.
There is a separate carve-out for breaking DRM for the purposes of "interoperability"[1], which (as far as I understand) is generally believed to include emulators.
I also disagree more broadly with the initial moral indignation over a perceived violation of copyright law -- legality and morality are two different things, copyright law is meant to be a balanced trade-off between the public and creators but modern copyright laws are a travesty. What ever happened to the hacker ethos behind DeCSS and the anti-"illegal numbers" movement?
>will be done for the sole purpose of achieving interoperability
It's for solely achieving interoperability. It only covers the development of the emulator. Using it to get a picture for explaining what a game is in the blog post is not DRM being broken for solely achieving interoperability.
>What ever happened to the hacker ethos behind DeCSS and the anti-"illegal numbers" movement?
In practice the idea that you can't break laws if you are doing things via a computer is fundamentally flawed.
> Piltdown was rejected 70 years ago, so hardly a current example
Well of course it wasn't a current example -- to quote their original comment:
> Quite frustrating how archeology swings over the years from "we'll believe anything" to "we won't accept any claim without a preserved example". While some of the excesses of the past were clearly excessive ... [emphasis added]
In other words, they feel that historical examples of fanciful theories being mainstream has resulted in an over correction to modern archeology requiring unreasonably strict proof standards.
(There is a certain irony in a user called "AlotOfReading" not reading a fairly short comment carefully...)
> So I don't think I actually have a problem with businesses handing over their customer data if there is a valid warrant or subpoena. That's the system working as intended.
I disagree -- the third party doctrine that allows for governments to avoid serving/addressing warrants to the people whose data is actually being subpoenaed directly leads to things like the FISA warrant-rubber-stamp courts in the US. If the data stored on third-party servers on behalf of someone is not considered "papers and effects" of that person then it is entirely justified to subpoena every email stored on mail.google.com because it's just morally equivalent to a subpoena for "all of Foomatic's business records between 2020-2025".
It seems bonkers to me that things that are essentially implementation details (such as the way that MTAs work and the lack of crypto-obfuscation in email) should allow for a legal interpretation of the 4th amendment that effectively neuters it. Letters sent via snail-mail are handled by several third parties in a very analogous way to emails but (mostly due to historical reasons, such as the fact that letters existed during the drafting of the bill of rights) we do not apply the third-party doctrine to letters.
Of course, the US government has spent decades chipping away at the privacy of snail mail, so eventually we may end up in a world where snail mail and email are treated the same way (just not in a good way).
Could you explain/cite what you mean by letters not working the same way? You're saying government agencies can't give give the same sort of subpoena to said third parties? Or that if they did, it wouldn't work?
Business class flights from Sydney to San Francisco cost A$6k, 6-10x as much as economy. Flights from Sydney to Europe are more like 3-4x (A$7k vs A$2k) but still ludicrously expensive. Good luck convincing your company to expense that for work trips, and most of us don't have SV salaries. Honestly, I still manage to get some work done on long flights, the more annoying thing is flights which don't have power outlets or WiFi.
If you are a point hacker you could spend the points on upgrades (which tend to give you better rates than buying base tickets) but then you're paying for a minor comfort improvement that you wouldn't pay for normally -- which is a textbook example of induced consumption and is playing into exactly how airlines want you to use points.
I wrote a project to do this a few years ago[1], it's mainly missing an automated mechanism to scan the PDFs and a GUI. Maybe you'll find it interesting.
hey, this is a great idea! I'll link into your app from my readme.
I really like that the PDF contains the entire dataset, not just the keys. I see lots of little details around organizing the PDFs, like document hashes, etc, very nice job!
Since you wrote it in Rust, I'd suggest compiling it to wasm and releasing a browser-based version
> Since you wrote it in Rust, I'd suggest compiling it to wasm and releasing a browser-based version
That was my eventual plan for having a single GUI for everything, the only problem is that there isn't a really obvious way to support scanning a PDF you upload -- basically you need a pure-Rust PDF renderer and there isn't one up to the task as far as I could tell. On mobile you could scan each QR code separately (though doing this from a webapp is probably going to be a fairly awful UX and most people would prefer to photograph the whole document and get everything scanned automatically).
Actually, after my comment I took another look and it turns out that only a few months ago someone released a pure-Rust PDF renderer called hayro[1] that seems to fit exactly what I need, so I will work on finishing this bit of paperback as soon as I have some spare time. Pure image scanning (with a webcam, phone camera, or uploading a photo) will also work since QR code scanning libraries like rqrr support scanning all QR codes in an image.
I must admit it was a little surreal to check my own username out of curiosity, only to find that I'm in the top 500 commenters (0.06%) on HN by word count.
The really surprising thing is that I stopped commenting regularly a few years ago so god knows where I would've ranked back in 2020. Then again, I always had a feeling I was too verbose when writing comments, so I guess this is all the proof I needed!
There are much better systems for splitting data than just chunking it into N chunks, the most common is Shamir Secret Sharing[1] (the main benefit being that you can construct an M-of-N scheme easily and having N-1 shards provides you zero information about the secret). One word of caution -- a lot of software developers get enamored by the idea of information-theoretic security when they first run into it, but you eventually realise that useful applications of tools like SSS are actually quite rare.
Shameless plug: I wrote a project a few years ago to create PDF-based backups with sharded keys which would do exactly what I suspect you want[2], unfortunately I got stuck at the "make a nice UI for it" stage (everything works but it's just a CLI tool at the moment). I guess I should take a look at using an LLM for that these days... (I used this to store my password manager root password and necessary keys to pull and decrypt the encrypted backups of my server.)
I must admit that there is a certain sense of nostalgia I get from playing Civ 3 that I never got from any of the other Civ games, but that's probably just because it was the first Civ game I played and got really hooked on as a young kid.
I'm guessing you're referencing my comment, that isn't what I said.
> But the team is not even willing to make promises as big as yours.
Be honest, look at the comment threads for this announcement. Do you honestly think a promise alone would be sufficient to satisfy all of the clamouring voices?
No, people would (rightfully!) ask for more and more proof -- the best proof is going to be to continue building what we are building and then you can judge it on its merits. There are lots of justifiable concerns people have in this area but most either don't really apply what we are building or are much larger social problems that we really are not in a position to affect.
I would also prefer to be to judged based my actions not on wild speculation about what I might theoretically do in the future.
[1]: https://consensus-health.torproject.org/