Continuing the discussion from Talk by Moxie from Signal:
I would like to first acknowledge that the world of cryptography is extremely complicated and that I am but a mere padawan.
I disagree with a lot of his points on decentralized security versus centralized, but do like his overriding point that for software to truly become secure it needs to be made more easily usable.That for technology to be more helpful to humanity, it needs to be simpler to use.
That talk is a repetition of this 2016 blogpost made by moxie:
I find some statements hard, such as XMPP never evolved to mobile.
The developer of the XMPP mobile app conversations, Daniel Gultsch made a rebuttal article at the time
Interesting. I thought Daniel’s counter points were a little weak, but solid points. He could have expounded a bit more.
I think the only real problem with decentralized is that where those systems require technical know-how to deploy, there will be gate keepers blocking things.
If EVERYONE is able to just create their own server with the push of a button, then this roadblock is removed and the decentralized system works much much better.
This kind of simplification is the ultimate sophistication. (sudo Da Vinci)
That’s the other side of the coin, either you do it yourself or you trust someone else to do it. There’s no alternative.
Internet started as fully decentralized. It was one of the extremes which kept it as a niche techy thing. Then it reversed. The pendulum swung too far in the opposite someone’s else direction now (centralisation). So inevitably it’s going to move backwards.
Speaking about iNPUTmice - he actually did both, the product and the service (same as purism btw) to allow people to use either the product, or the service, or both (no tech knowledge required).
There are some projects that aim at that such as:
But you don’t need to create your own server, there are trustworthy services out there, that promote federation
@joao.azevedo - that’s pretty damn cool. I wasn’t aware of FreedomBox until you shared that.
Trust is an ephemeral thing. Once upon a time Google and Amazon were trusted by more people than they are today. One of the core requirements for decentralization, at least for me, is to be able to run in an untrusted environment. Or at least, a mostly untrusted environment. And to do that, at some level, one needs trusted hardware. And this, like Purism, and other vendors, are tackling that.
The talk itself raises some important issues that I think are worthy of consideration. Decentralized systems, by their very nature, are resistant to forced change like protocol updates that come with versioning. They are fragmented. I conceptualize this like the ark in Seven Eves (great book by the way). Able to deform and then reform, avoiding catastrophic damage. But that means that modularity needs consistency in form and function.
So - if the ecosystem is moving - how do decentralized systems keep up? Or should they?