[pp.int.general] MeowCat, a new internet messaging platform

Antonio Garcia ningunotro at hotmail.com
Sun Jul 22 13:49:50 CEST 2012


You are proving my point, Nuno... considering the present sociological mix... if you can't make programs and protocols foolproof... security and privacy depends on the paranoia (or lack thereof) of ALL the users. If you stick to those you trust... you'll be only a few. As a political movement... you'll imperatively need to be more... so you'll lower your exigences and start communicating with people taking security risks.

I do not have to know technical details of Retroshare or any other solution to assert that... it follows automatically from standard social and political imperatives under present circumstances. Security and trust are antagonists to political spreading like wildfire... and as the latter is what we long for... the first will be given up.

Consider the ongoing discussion about opening up and bringing transparency to the pp-leaders mailing list. Majority, under present circumstances, will not consider drawbacks... they will blindly ask for what they take as the ultimate solution against corruption and power-grabbing, no matter how naive a position this is. You won't get the time to convince them of the fact that they are wrong.

So, we have to be very careful with the tools we propose, because once the majority finds them fit for any purpose they can imagine... you won't be able to take it back from them... for any reason, even good ones.

I've got similar concerns about Liquid Feedback.

Antonio

Date: Sat, 21 Jul 2012 16:43:43 +0100
From: nuno.cardoso at pp-international.net
To: pp.international.general at lists.pirateweb.net
Subject: Re: [pp.int.general] MeowCat, a new internet messaging platform

On Fri, Jul 20, 2012 at 5:49 PM, Antonio Garcia <ningunotro at hotmail.com> wrote:







Date: Fri, 20 Jul 2012 16:45:19 +0100
From: nuno.cardoso at pp-international.net
To: pp.international.general at lists.pirateweb.net



Subject: Re: [pp.int.general] MeowCat, a new internet messaging platform

On Fri, Jul 20, 2012 at 3:45 PM, Antonio Garcia <ningunotro at hotmail.com> wrote:








Nuno,

If you can trace all the connections... sooner or later you will have access to enough indiscretions, or even maybe force a few :( , so that the encryption in itself will not really matter.





Retroshare is a F2F system. You only connect to those you trust.

>> Then you have to admit it is not suitable for a political party trying to get heaps of new members soon, to have also a voters base that will bring it some results in elections. If you stick only to those you trust to adhere to the same strict standards on trust as you handle... you are bound to stay alone or have no privacy at all. Those really adhering to the necessary standards are a very small minority... and you always have to fear finally trusting someone that does not care at all.




Again your words prove that you didn't even look into the program you are commenting on. Please, inform yourself before you comment.You only connect to those you trust, and they connect to those they trust, and so on, and those subsets don't have to intersect and end up creating a larger network. Connections despite being made only to those you trust, can reach the larger network anonymously hopping through trusted connections using a Turtle router (original idea). You do know the concept of six degrees of separation right? Same thing...


 >> This is mass dinamics and mere factual statistics. You can ignore the facts, it will get you no closer to a solution.



So please, follow your advice and don't ignore the facts of Retroshare, learn them first before speaking of what you don't fully know yet. 


Everything is encrypted from connection to connection, so you can't track a single packet beyond any hop, you can't even know if the information it contained stopped or continued to a final destination.



The only possible "indiscretions" are those you are willing to connect to, your Friends, and "force a few" you can't do unless you break the mathematical laws that provide PGP it's strengths.




>> Yes, your friends. Unless you choose them very well, vulnerable to ordinary phishing, no need to break their encryption keys. Not everyone is plenty aware of the dangers.




So please stop throwing FUD concepts at a technology that you clearly don't know and that don't even apply. Phishing? Really?If someone is going to start adding and trusting people he doesn't really know into a Friend2Friend system it's is own problem, he's basically transforming it for himself into a normal Peer2Peer, or as I like to call them, Promiscuous2Promiscuous, but that doesn't affect anyone beyond him, precisely because of the technology. That user may be an idiot, but the technology protects everyone else from his stupidity.


 
Please inform yourself on the technologies before spreading FUD, and if you really found a way to break it please provide a working example and not some vague rambling that doesn't even make sense. I already saw this pattern in the LQFB/eVoting debate on the PP-EU list and it starts to hint a bit of Technophobia. Sorry to put it so bluntly, but it really, really, really looks like it.




>> I am no technophobe at all. The security breach is in our brains and our statistical behaviour as members of the crowd, not necessarily in the technology.




OK, then just stop attacking the technologies with FUD and focus on the real problem then, the people. If you concern is phishing, start educating them about phishing, how it works, and that it can even work without computers under other names on the greater scope of Social Engineering. It's a problem about trusting things blindly just because they look official or whatever, not because this or that technology.


Yesterday someone was talking about a new service from Google... who would scramble the faces on videos you upload for you.





Now, people might find it an interesting feature... but if I were police searching for people and evidence... I would have paid for google to offer such a service, as a honeypot for naive activists.





So you are comparing a libre open source program with full scrutiny available by looking at the source code (I did, I even compile my own copy from source) where the User is in full control to a proprietary service from mega corporation where the User is the product being sold and that has policies that force cooperation with governments on demand? O....K....




>> Well, no, you seem biased ;( ... I was not talking about the technology at all, let even comparing more than one... I was talking about inconscience of the people towards danger and risks.

>> I was saying that if you upload UNSCRAMBLED faces and trust Google to scramble them for you... the police might be highly interested in obtaining from Google the unscrambled version you gave them... of the faces someone thought were worth scrambling... there is a higher probability for finding interesting faces there... than in randomly uploaded videos of crowds. And at that moment it is Google who decides, not you. You may not even get to know you turned in your friends with your ignorant and irresponsible behaviour.




Ok, so forget about the technology, my reasoning persists with the same wording, you are comparing a situation "where the User is in full control" to one "where the User is the product being sold"... No need for bias or technology in the reasoning.


 >> See, technology was just attrezzo for the reasoning.




Yet a reasoning that makes no sense because it puts in the same bag two very distinct things... 


>> Let's not forget to be intelligent just because technology can help us to be lazy.

Sometimes people don't need to be geniuses to gain from technology, even if they are lazy, they just need to NOT be stupid.


If one is going to use a F2F as a promiscuous P2P then I guess he's using a hammer on a screw and a screwdriver on a nail.
Pirate regards,Nuno

____________________________________________________
Pirate Parties International - General Talk
pp.international.general at lists.pirateweb.net
http://lists.pirateweb.net/mailman/listinfo/pp.international.general 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pirateweb.net/pipermail/pp.international.general/attachments/20120722/ed0ca744/attachment.html>


More information about the pp.international.general mailing list