diff options
Diffstat (limited to '.html/gossamer/mistakes.html')
| -rw-r--r-- | .html/gossamer/mistakes.html | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/.html/gossamer/mistakes.html b/.html/gossamer/mistakes.html new file mode 100644 index 0000000..d7632f7 --- /dev/null +++ b/.html/gossamer/mistakes.html @@ -0,0 +1,154 @@ +<!DOCTYPE html> +<html> +<head> + <title> + The Codex » + Design Mistakes + </title> + + <link + rel='stylesheet' + type='text/css' + href='http://fonts.googleapis.com/css?family=Buenard:400,700&subset=latin,latin-ext'> + <link + rel="stylesheet" + type="text/css" + href="../media/css/reset.css"> + <link + rel="stylesheet" + type="text/css" + href="../media/css/grimoire.css"> +</head> +<body> + +<div id="shell"> + + <ol id="breadcrumbs"> + + <li class="crumb-0 not-last"> + + <a href="../">index</a> + + </li> + + <li class="crumb-1 not-last"> + + <a href="./">gossamer</a> + + </li> + + <li class="crumb-2 last"> + + mistakes + + </li> + + </ol> + + + + <div id="article"> + <h1 id="design-mistakes">Design Mistakes</h1> +<h2 id="is-gossamer-up">Is Gossamer Up?</h2> +<p><a href="https://twitter.com/megtastique">@megtastique</a> points out that two factors +doom the whole design:</p> +<ol> +<li> +<p>There's no way to remove content from Gossamer once it's published, and</p> +</li> +<li> +<p>Gossamer can anonymously share images.</p> +</li> +</ol> +<p>Combined, these make Gossamer the <em>perfect</em> vehicle for revenge porn and +other gendered, sexually-loaded network abuse.</p> +<p>This alone is enough to doom the design, as written: even restricting the +size of messages to the single kilobyte range still makes it trivial to +irrevocably disseminate <em>links</em> to similar content.</p> +<h2 id="protected-feeds-who-needs-those">Protected Feeds? Who Needs Those?</h2> +<p>Gossamer's design does not carry forward an important Twitter feature: the +protected feed. In brief, protected feeds allow people to be choosy about who +reads their status updates, without necessarily having to pick and choose who +gets to read them on a message by message basis.</p> +<p>This is an important privacy control for people who wish to engage with +people they know without necessarily disclosing their whereabouts and +activities to the world at large. In particular, it's important to vulnerable +people because it allows them to create their own safe spaces.</p> +<p>Protected feeds are not mere technology, either. Protected feeds carry with +them social expectations: Twitter clients often either refuse to copy text +from a protected feed, or present a warning when the user tries to copy text, +which acts as a very cheap and, apparently, quite effective brake on the +casual re-sharing that Twitter encourages for public feeds.</p> +<h2 id="ddos-as-a-service">DDOS As A Service</h2> +<p>Gossamer's network protocol converges towards a total graph, where every node +knows how to connect to every other node, and new information (new posts) +rapidly push out to every single node.</p> +<p>If you've ever been privy to the Twitter “firehose” feed, you'll understand +why this is a drastic mistake. Even a moderately successful social network +sees on the order of millions of messages a day. Delivering <em>all</em> of this +directly to <em>every</em> node <em>all</em> of the time would rapidly drown users in +bandwidth charges and render their internet connections completely unusable.</p> +<p>Gossamer's design also has no concept of “quiet” periods: every fifteen to +thirty seconds, rain or shine, every node is supposed to wake up and exchange +data with some other node, regardless of how long it's been since either node +in the exchange has seen new data. This very effectively ensures that +Gossamer will continue to flood nodes with traffic at all times; the only way +to halt the flood is to shut off the Gossamer client.</p> +<h2 id="passive-nodes-matter">Passive Nodes Matter</h2> +<p>It's impractical to run an inbound data service on a mobile device. Mobile +devices are, by and large, not addressable or reachable by the internet at +large.</p> +<p>Mobile devices also provide a huge proportion of Twitter's content: the +ability to rapidly post photos, location tags, and short text while away from +desks, laptops, and formal internet connections is a huge boon for ad-hoc +social organization. You can invite someone to the pub from your phone, from +in front of the pub.</p> +<p>(This interacts ... poorly with the DDOS point, above.)</p> +<h2 id="traffic-analysis">Traffic Analysis</h2> +<p>When a user enters a new status update or sends a new private message, their +Gossamer node immediately forwards it to at least one other node to inject it +into the network. This makes unencrypted Gossamer relatively vulnerable to +traffic analysis for correlating Gossamer identities with human beings.</p> +<p>Someone at a network “pinch point” -- an ISP, or a coffee shop wifi router -- +can monitor Gossamer traffic entering and exiting nodes on their network and +easily identify which nodes originated which messages, and thus which nodes +have access to which identities. This seriously compromises the effectiveness +of Gossamer's decentralized, self-certifying identities.</p> + </div> + + + +<div id="comments"> +<div id="disqus_thread"></div> +<script type="text/javascript"> + /* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */ + var disqus_shortname = 'grimoire'; // required: replace example with your forum shortname + + /* * * DON'T EDIT BELOW THIS LINE * * */ + (function() { + var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; + dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js'; + (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); + })(); +</script> +<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript> +<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a> +</div> + + + + <div id="footer"> + <p> + + The Codex — + + Powered by <a href="http://markdoc.org/">Markdoc</a>. + +<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/gossamer/mistakes.md">See this page on Bitbucket</a> (<a href="https://bitbucket.org/ojacobson/grimoire.ca/history-node/master/wiki/gossamer/mistakes.md">history</a>). + + </p> + </div> + +</div> +</body> +</html>
\ No newline at end of file |