We’ve had enough of digital monopolies and surveillance capitalism. We want an alternative world that works for everyone, just like the original intention of the web and net.
We seek a world of open platforms and protocols with real choices of applications and services for people. We care about privacy, transparency and autonomy. Our tools and organisations should fundamentally be accountable and resilient.
Multiple-server verification is a guard against untrusted peers, not closed source.
On Tue, Jun 3, 2014 at 9:35 AM, Eric Mill <email@example.com> wrote:
I'm not sure how verifying the output of a server also verifies that the code running on a server is unmodified? Or am I misunderstanding?
On Tue, Jun 3, 2014 at 2:29 AM, Jörg F. Wittenberger <Joerg.Wittenberger@softeyes.net> wrote:
Am 02.06.2014 17:34, schrieb Eric Mill:
Agreed.I'd go so far as to say being closed source completely rules it out from being part of the decentralized web.
This BTW is only correct as far as it pertains to the secrecy of the information handled by the software. Though even unmodified code would often leave data accessible to administrators anyways.
Certainly, open source software that is hosted on a server can still be silently backdoored in some ways -- you can't generally verify that the server is running the same code that's in public source control.
To assess correctness of execution there is a proven way: one can always run the software at multiple server (or rather peers in that case) at the same time and have them audit each other.
(I.e. each peer would almost act as if it was the server, but check with the net whether the result is acceptable according the the underlying "smart contract". The check could be done via Bitcoin-alike block chains or using byzantine agreement. Maybe other options I'm not aware of.)
So far I only know of askemos.org doing so in practice (to the extend that the website itself is hosted that way). Though at least Ethereum works towards the same goal. (With Askemos taking the per-contract byzantine agreement route and Ethereum using the global blockchain approach.)
But all the intentions, architecture, security, community engagement, good faith participation, etc. of the project are all obscured by closing the source. They exist apart.
On Mon, Jun 2, 2014 at 5:33 AM, Stephan Tual <firstname.lastname@example.org> wrote:
Agreed - closed source really sucks.
Stephan TualChief Communications Officer--sk. stephan.tualtw. @stephantual
On Monday, 2 June 2014 at 10:10, Steve Phillips wrote:OpenGarden sounds awesome, but it's closed source :-(. The founders aren't worried about that though, it seems: https://twitter.com/elimisteve/status/473086170725756928
On Mon, Jun 2, 2014 at 1:04 AM, Francis Irving <email@example.com> wrote:
FireChat, an iPhone app that does mesh network messaging, had an
article in the Economist this month (can't find it to link to,
and paywalled anyway).
It seems to be one app of a thing called OpenGarden, which is a
meshnetwork thingy for iPhones:
The Economist article was pretty good at explaining it to the general
reader, and why mesh networks might help with resilience, and gives
the shorter term application of use in football stadiums et al.