Pretty ominous considering the UK government:

1. has recently funded a propaganda campaign against end-to-end encryption

2. is pushing through laws which target the awful, and deliberately vague notion of "conduct that is not illegal but has the potential to cause harm".
It's no secret that I have a hold "professional organizations" and "registries" as a whole in pretty low regard. One of the reasons I got into hacking in the first place was because it was one of the few paths where progress was not gate-kept by useless bureaucratic bullshit.
I'd be inclined to just argue along those lines if it wasn't for the fact that I am genuinely fearful of the authoritarian direction the UK has been heading down for the last 15 years or so - and what governments will do with the ridiculous amount of power they are accumulating.
At face value all of these proposals are hilariously self defeating, and many are plainly unworkable given the state of the internet and the industry. But they hide a dark undertone which seeks to abolish any kind of public legitimacy for those deemed doing "unethical" work.
To drive this home: It's not hard to image a future in the UK where "revealing security flaws in public infrastructure" or 'building end-to-end encrypted systems" is conduct classified as "not-illegal but has the potential to cause harm" and thus censored by all "legitimate" orgs

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Sarah Jamie Lewis

Sarah Jamie Lewis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SarahJamieLewis

Jan 26
Deletion in p2p systems is weird because it violates many of the expectations that people have from centralized solutions.

e.g. If Alice purges all data about Bob as a contact, then the next time Bob attempts to connect to Alice it will be interpreted as a fresh request.
Alice is then left with 2 options: either add Bob as a contact again, or block Bob from all future conversations. Nether is great.

So "deletion" must mean something else to the app e.g. maybe we want to only display a new authentication request if Bob actually sends a message.
But that necessitates a "shadow record" or "placeholder" sitting in the storage engine that Alice might be unaware of if she has expectations other systems.

We can build UX to try and break those expectations, but "deletion" is then fundamentally the wrong word.
Read 10 tweets
Jan 24
In one future: identity is "verified" through intrusive facial analysis & state documents. Data is hosted, & trivially censored, by large conglomerates.

In another future: identities are bound through cryptography & data is distributed through uncensorable overlay networks.
There are laws being debated around the world right now that attempt to set the course for a future where human interaction is mediated through universal surveillance.

There is a very real choice to make regarding which future you want to contribute to, and build towards.
Through action, or inaction, you will contribute towards building one of these futures.

You have to ask yourself if the paths you are, or the decisions that your are making, are leading to a future that you want.
Read 6 tweets
Jan 21
Metadata resistant app question of the day.

In @cwtch_im, file sharing is done via a torrent-like protocol where the file is chunked & each part can be requested individually (maybe from different people). Only the root hash is initially sent.

How should acks work?
A few caveats:

(2) Is currently implicit in the protocol as all messages are acknowledged

(3) might not always be possible right away (in group contexts) and so requires some extra effort on the recipients end.
Option (3) Also viscerally *feels* like a read receipt to me, even though it isn't necessary (we do allow auto downloading of images e.g.) - and so I think if we went that direction I would feel compelled to make it optional (but then it isn't an ack...)
Read 8 tweets
Jan 14
As PoS is seen as inevitable for some cryptos there is an interesting meta shift away from "stop saying our consensus is centralized" towards "yes, the consensus is 'technically' centralized but *how* we arrive at consensus is less important than *what* we do with the consensus"
A few years ago i think I would have been under the impression that such rhetoric would effectively kill a community as they drop their committent to decentralization and concentrate power in a few hands.

lol
It feels like we are heading towards a point where there are the very few PoW currencies that have enough staying power to survive, and the rest of crypto will blend into a handful of very centralized payment processing hubs.

All claiming victory.
Read 11 tweets
Jan 11
In a decentralized metadata resistant messenger where direct peer to peer messages may be unavailable because the other party is offline - what is the best way to order the conversation list:
(Note: Any solution to offline delivery likely carries an additional security assumption either in order to protect the metadata inherent to the conversation or in the risk involved in outsourcing storage)
This is actually slightly complicated by another factor: @cwtch_im doesn't save p2p conversation histories by default. It's a UX preference we adopted from Ricochet and does mean that "last message time" might be "Never" for some contacts even if you talk to them often.
Read 5 tweets
Dec 13, 2021
It's been a while since I've visited this topic, and with some vacation coming up I think I might want to dive into it some more. I would really like to find some kind of solution to this.

I'm going to dump some thoughts about approaches I've already tried in this thread.
Failed Approach #1: Custom Wiki

What worked: flexible, linkable some nice features like reference embedding and basic term rewriting / derivation.

What didn't work: lack of formalization, everything felt too ad-hoc,

Perhaps salvageable with process.

Failed Approach #2: Literate Programming.

What worked: Nothing, literate programming tools are terrible.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(