[Freedombox-discuss] Friendica Red

Jonathan Wilkes jancsika at yahoo.com
Sat Sep 22 14:59:44 UTC 2012 




----- Original Message -----
> From: Russell Edwards <russell at edwds.net>
> To: freedombox-discuss at lists.alioth.debian.org
> Cc: 
> Sent: Friday, September 21, 2012 11:02 PM
> Subject: Re: [Freedombox-discuss] Friendica Red
> 
> On 22/09/12 12:08, Jonathan Wilkes wrote:
>>  On 19.09.2012 04:38, Russell Edwards wrote:
>>>>    You keep the logs of what happens on /your/ site. But every time 
> you
>>>>    comment in a context hosted on another node (wall-to-wall, 
> community,
>>>>    "private" messages etc.), you must consider, where will 
> this be
>>>>    stored?
>>>> 
>>>>  Obviously, I can control what happens on my own server but I have 
> no control
>>>>  over what other people do with theirs.  That's always going to 
> be
>>>>  potentially an issue with any system, and the only solution is to 
> choose your
>>>>  friends carefully, and remove any who seem to have been inactive or 
> who have
>>>>  moved their accounts.
> The risk is greatly amplified if those friends are on megaservers (or mega 
> server-farms) hosting thousands or millions of people, because they present an 
> opportunity for very efficiently gathering mass surveillance data.
> 
> This aspect of the risk could be greatly reduced by using a peer-to-peer 
> technology where each node represents a single user. Potentially it could also 
> be reduced in a client-server system by means of a project adopting a policy 
> (obviously not enforceable except by social pressure) of a maximum number of 
> users hosted per server.
> 
> At the moment, Red is shooting for (commercial, incidentally) megaservers, just 
> like Facebook. And "old" Friendica is only prevented from doing this 
> by the limited efficiency of its code, which could easily be 
> "improved" at some point if no policy prevents it.
> 
> 
>>>  I don't know about the Facebook connector, since I don't use it 
> myself,
>>>  but the main point is that use of home servers spoils the dragnet 
> surveillance
>>>  business model by rendering it uneconomical.  An adversary intent on 
> the bulk
>>>  collection of dossiers/timelines for commercial and/or political gain 
> would have
>>>  to compromise each box separately, whereas with a centralized 
> Facebook-like
>>>  system it's just a matter of someone at the company running an SQL 
> query.
>>  That is false.  It is not prohibitively expensive.
>> 
>>  https://www.eff.org/nsa/faq
> 
> Could you elaborate on what you think about that link? Most of it is about the 
> NSA effortlessly obtaining data from massively centralised databases kept by 
> AT&T - of the same type possessed by Facebook, Google, Yahoo, and if all 
> goes to plan, Friendica and Friendica Red megaserver admins. Maybe I'm 
> missing the bit of the page about inexpensive datagathering from massively 
> decentralised systems?

Read the part under this heading:
What do the cases claim about the interception of domestic communications of millions of Americans?

It's basically the equivalent of stealing your neighbor's cable using a splitter, if your neighbor were the
"massively decentralised system" we like to refer to as the internet.  The databases built off what's
coming down the wire through that splitter belong to the NSA, not AT&T, and as I understand it there
are more NSA datacenters (and probably splitters) than just the Folsom Street one in SF.  I believe
Jacob Applebaum has written about them.

-Jonathan

> 
> Russell
> 
> 
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>

More information about the Freedombox-discuss mailing list