Comments | andrewducker: Interesting Links for 14-08-2014

andrewducker

Interesting Links for 14-08-2014

Aug 14, 2014 12:00

What's behind the battle over breast-cancer drugs between NICE and Roche?
(tags: breasts cancer drugs nhs uk )
The UK government is looking forward to turning off the copper telecoms networks
(tags: uk telecoms broadband networking )
Robin Williams' daughter leaves social media after receiving abuse
(tags: abuse death OhForFucksSake )
An American ( Read more... )

viafanf, music, transparentsociety, death, decentralisation, sight, life, usa, bluetooth, nhs, games, broadband, breasts, abuse, welfare, links, drugs, healthcare, ohforfuckssake, telecoms, uk, networking, police, apple, communication, blindness, magnets, mentalhealth, murder, money, cancer, depression, epicstupidity, iphone, speakers, psychology, evolution, war, disabilities

Leave a comment

Back to all threads

Centralised messaging fanf August 14 2014, 14:03:11 UTC

There is a point between p2p and centralized, which is a trapezoidal model: a mesh of p2p servers each of which has clients radiating in a star topology. Like email or jabber or perhaps IRC (tho it's server topology is spanning tree rather than p2p mesh).

The problems with mesh-of-stars seem to be: harder to deal with spam, harder to add new features, harder to do client-to-client feature negotiation. And platitudes about openness and competition are not enough to justify the costs of open protocol development.

It's a shame.

Re: Centralised messaging andrewducker August 14 2014, 14:12:14 UTC

It is a shame, because I'd love it to work well ( ... )

Re: Centralised messaging fanf August 14 2014, 21:17:06 UTC

One option for revocation is to periodically roll the keys and re-encrypt the posts (which is analogous to the way DNSSEC does it).

It is worth keeping in mind that you can easily go overboard with the crypto stunts, since a reader can always cache their own copy of the article. So you can have a fixed symmetric key per article which gets periodically re-encrypted for each reader, using that reader's short-term revokable key. Re-encrypting the per-article keys is easier than re-encrypting whole articles.

I think that's enough for now because I am supposed to be having fun at worldcon, not crypto narging in your comments :-)

Re: Centralised messaging andrewducker August 14 2014, 21:18:50 UTC

I can't go to Loncon - I demand that you entertain me instead!

Seriously though, I agree both that it would be far too easy to go overboard, and that you should be off having fun :->

Re: Centralised messaging notlosers August 14 2014, 21:48:44 UTC

Seems to me that it's a key per user. Here's how we're doing it: https://www.marcus-povey.co.uk/2014/05/29/friend-only-posts-and-openpgp-sign-in-on-a-distributed-social-network/

So effectively it comes down to key discovery, an integrated reader, and signed requests to other peoples' site feeds. The feed is dynamically generated, so you only see items as part of the feed if the user you've authenticated as with your signed request has the right to see them.

Interactions are handled via something simple like micropub and webmentions (see http://indiewebcamp.com), and spam actually becomes easier to deal with, because suddenly you can use your first and n-level social graph as a core metric.

Known's got an integrated feed reader coming by August 25, fwiw.

Re: Centralised messaging steer August 15 2014, 02:11:05 UTC

There are quite a few p2p social networks in the lit. It was quite trendy about five years ago but they never catch on. One way to do it is to have group and individual access limitations. For individuals you encrypt n copies for the n people you want to access using their public keys. This is not so bad if the item is text. You might be able to save space on larger items by encrypting a decryption key. For group auth you send out a key to the users in that group (encrypted with their public key).

There is a removal of permissions problem but really you are highlighting that removal of permissions is bad security in any document system (you are relying on being lucky that the person removed did not see already).

Re: Centralised messaging steer August 15 2014, 01:54:18 UTC

I can't think of a p2p protocol which does what you say. The mesh part is a curious choice as mesh is a really inefficient topology - large diameter. Mesh networks tend to only be used where you have no choice... e.g. wireless where geography constraints you. So if you have the connectivity to form a star your network edge why would you make core mesh? They're bad for pretty much everything. I am not sure what you mean by a trapezoidal network. (Context, I was paid to research streaming p2p video for two years ( ... )

Re: Centralised messaging fanf August 20 2014, 12:56:46 UTC

The usual mesh of servers (as in mail or jabber) is only connected on demand and has a diameter of 1. (I mean mesh in the abstract topological sense rather than any more specific p2p or mobile ad-hoc networking sense.)

Background app wakeups rely on a central server with better connectivity. An advantage of mesh-of-stars is that you get simpler mobile connectivity (no need for clever ad-hoc networking) and the server size is decentralized / federated.

Back to all threads