• 5 Posts
Joined 3Y ago
Cake day: Jul 26, 2020

cross-posted from: https://szmer.info/post/298256 > And what do they blame? > > > a bug in an open source library > > Of course. Happy to build his product on open source code, happy to train his models on open source code, but as soon as shit hits the fan, he will push FLOSS under the bus without as much as a moment of consideration.

Yeah, I know. Still, we can make it clear what we think about that. 😉

Santa and “GDPR jokes”
> He’s making a list, he’s checking it twice, he’s gonna find out who’s naughty and nice, Santa Claus is in breach of the GDPR. Best introduction to GDPR I have seen so far. And I've seen a bunch.

Elton John “Dear Johned” Elon
> All my life I’ve tried to use music to bring people together. Yet it saddens me to see how misinformation is now being used to divide our world. > I’ve decided to no longer use Twitter, given their recent change in policy which will allow misinformation to flourish unchecked.

Which fits the definition of “nasty people” in my book!

The OP is on-point. It’s not about the particular ideological tinge, it’s about the caustic experience of interfacing with them.

I don’t think this phrase means what you think it means; I do in fact put my money where my mouth is.

My mouth is clearly in the “blockchain-based privacy projects are very likely to be either misguided or outright scams, and this particular project has red flags all over” area. And so my money is on “I need to use tools that actually work; there is low likelihood that this project is such a tool; therefore I shall not waste my time on it”.

Demanding that I spent hours analyzing a project that has so many red flags just because you happen do disagree with me is somewhat weird. I’ve spent enough time having this conversation at all, but hey, that’s good entertainment value!

It’s not on me to disprove random project’s exorbitant claims (“prevents traffic analysis by an adversary capable of watching the entire network, including the NSA”). It’s on the project in question to prove them.

So far I have not seen such proof. I have, on the other hand, seen quite a lot of things that suggest that these claims might, in fact, be unsubstantiated.

I could retort by saying: prove to me that the project’s claims are true, “instead of going hurr durr it’s great I love it” (nice veiled ad hominem there, by the way). But I won’t, even though so far I have arguably provided more concrete reasons why I see this project as problematic than you did for your positive take on it.

Telling persons why they’ve decided to use tokens and not rely on pure altruism is not token hyping.

When the rubber hits the road, “using tokens” in this case means simply relying on greed. And relying on greed instead of altruism for something as fundamental as privacy is very telling. It’s not going to end well.

All the claims against tor and i2p are discussed in numerous academic papers and are acknowledged by the developers themselves

I was not talking about claims about i2p or Tor. I was talking about the claims Nym people make about their own project. I see little reason to trust them on those claims.

You’re entitled to your opinion. I am entitled to mine. I don’t think we will see eye to eye here. In 10 years we will perhaps know; I expect Tor to still be around and useful then, as opposed to Nym.

Sure, here’s my comment:

They make extremely strong claims, and strong claims require strong proof. I do not see such proof anywhere. What I see is that they play fast and loose with website visitor privacy and seem to focus mainly on token hyping.

I would not trust it for anything even remotely sensitive. And I still fully expect them to show up on https://web3isgoinggreat.com/ sooner or later.

While security by obscurity may have been cutting-edge at the turn of the millennium, such an approach is rapidly showing its age. Nym’s cutting-edge mixnet design

I think they really need to use “cutting-edge” more in their materials. Will make them look even more serious and trustworthy.

Also, when you quote whole blocks of text from their materials, please have the decency to mark them as quotes.

Anyway, I stand by my assessment.

I’ve read through dozens of white-papers of “revolutionary” blockchain-based tech startups, all promising to solve Very Important Problems, none actually solving such problems. But sure, let’s start here:

Nym tokens provide credentialed access to privacy-enhanced and uncensored internet communication for a unit of time.

This is “privacy for the rich” model. Unsurprisingly: poor people can’t push the token to the moon! And looking at their website it is clear they focus more on hyping the token than on actual privacy.

Speaking of their website, this privacy-focused project done clearly by people that care a lot about digital human rights and want to fight surveillance capitalism directly includes on their website stuff from fonts.google.com, googleapis.com, youtube.com, play.google.com, doubleclick.net. Looks legit to me!

It’s fascinating how they talk down Tor (“because Tor does not add timing obfuscation or cover traffic to obscure the traffic patterns in circuits”), but fail to mention i2p which solves these issues without the need for bollockschain tokens. Makes sense — Nym seems to basically be i2p with a blockchain token bolted onto it so that it can become an investment vehicle.

So either they did not know about i2p, an important and reasonably well known project which has been around for almost 20 years and is very clearly in the same problem space, or they intentionally decided not to mention it because it would make them look bad. Take your pick: are they ignorant, or disingenuous? Either is a great trait for a project that aims at protecting privacy from the NSA, no less.

On a general level, it is safe to assume any blockchain-based project that offers any kind of token and is in any way monetizable is (at best) a solution in search of a problem, or (at worst) a scam, often Ponzi-shaped, until clearly proven otherwise.

I mean, even the most basic promise of Ethereum smart contracts — that smart contracts are binding, transactions are not going to be reverted, and nobody controls the whole network — flew right out the window just because DAO smart contract had a bug and somebody exploited it; and we can’t have that, can we, if people are meant to invest in this, eh?

Privacy and decentralization are too important subjects to be used by cryptobros in their money extraction schemes.

If you think my opinion was not well informed, think again.

> Rosja przygotowała listy ukraińskich polityków i innych prominentnych osób, które będą celem aresztowania lub zabójstwa w przypadku rosyjskiej napaści na Ukrainę. Zapraszamy do śledzenia relacji na żywo.

I tend to tell people who are not convinced that privacy is important these things:

  1. you don’t know how the data can be used or by whom
  2. not just you, but anyone who you are in contact with
    • if someobody gets your data, they can use that against anyone you know; if somebody knows you’re gay, or that you vote for a particular party, they can make assumptions about your friends and family
    • example: Facebook’s ghost profiles
  3. not just now, you don’t know how things change in 5, 10, 15 years