[Freedombox-discuss] Friendica Red

Russell Edwards russell at edwds.net
Sat Sep 22 03:02:05 UTC 2012


On 22/09/12 12:08, Jonathan Wilkes wrote:
> On 19.09.2012 04:38, Russell Edwards wrote:
>>>   You keep the logs of what happens on /your/ site. But every time you
>>>   comment in a context hosted on another node (wall-to-wall, community,
>>>   "private" messages etc.), you must consider, where will this be
>>>   stored?
>>>
>>> Obviously, I can control what happens on my own server but I have no control
>>> over what other people do with theirs.  That's always going to be
>>> potentially an issue with any system, and the only solution is to choose your
>>> friends carefully, and remove any who seem to have been inactive or who have
>>> moved their accounts.
The risk is greatly amplified if those friends are on megaservers (or 
mega server-farms) hosting thousands or millions of people, because they 
present an opportunity for very efficiently gathering mass surveillance 
data.

This aspect of the risk could be greatly reduced by using a peer-to-peer 
technology where each node represents a single user. Potentially it 
could also be reduced in a client-server system by means of a project 
adopting a policy (obviously not enforceable except by social pressure) 
of a maximum number of users hosted per server.

At the moment, Red is shooting for (commercial, incidentally) 
megaservers, just like Facebook. And "old" Friendica is only prevented 
from doing this by the limited efficiency of its code, which could 
easily be "improved" at some point if no policy prevents it.


>> I don't know about the Facebook connector, since I don't use it myself,
>> but the main point is that use of home servers spoils the dragnet surveillance
>> business model by rendering it uneconomical.  An adversary intent on the bulk
>> collection of dossiers/timelines for commercial and/or political gain would have
>> to compromise each box separately, whereas with a centralized Facebook-like
>> system it's just a matter of someone at the company running an SQL query.
> That is false.  It is not prohibitively expensive.
>
> https://www.eff.org/nsa/faq

Could you elaborate on what you think about that link? Most of it is 
about the NSA effortlessly obtaining data from massively centralised 
databases kept by AT&T - of the same type possessed by Facebook, Google, 
Yahoo, and if all goes to plan, Friendica and Friendica Red megaserver 
admins. Maybe I'm missing the bit of the page about inexpensive 
datagathering from massively decentralised systems?

Russell




More information about the Freedombox-discuss mailing list