I explicitly want a tool to help me visually modify nodes and edges in a reasonably sized graph.
The modification bit is really key, as it the ability to maintain multiple distinct edges between two nodes.
I want to steer way from diagramming tools because in my experience they don't scale. And I'm not really interested in visualization tools as I already have a workflow for that.
"Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers."
The computer, however, will stop you from recording DRM'd content.
Find it fascinating that when faced with drawing safety and security boundaries, the primary beneficiary is not the owner of the device, or the person using it, but random corporations who control the intellectual property rights.
I find it equally fascinating that in order to get anywhere near an integrated computing experience in 2024 we apparently need constant recording and transformer models.
No structured file systems, no permission models, no shared stores, no capabilities - just firehose the display output and hope for the best.
@sarahjamielewis it's infuriating to me that every operating system is full of APIs for rendering text to the screen, only for us to take pictures of that text and scrape it back out with OCR.
Lately I've been engaging in low-frequency, in-depth, long form email exchanges with a few people regarding our shared research interests.
Most of these happened organically, but I've got so much joy and utility out of them that I would like to extend an invitation to anyone who would like the same:
If we share research topics (privacy/security/decentralization/search/e-voting etc.) and you would like to send/receive long detailed emails about problems/ideas on your mind then please reach out.
Specifically: "The server is “untrusted” in the sense [it] learn[s] nothing about users & messages besides what is inherently observable from its pattern of requests, and it should not have access to sensitive metadata, or sender or receiver information"
Seems like a very weak definition of "untrusted", especially when two comparison techniques explicitly attempt to restrict knowledge derived from access patterns.
@sarahjamielewis Thanks for your comments, this is exactly the kind of feedback we’re hoping for with this post.
The language of "untrusted" is perhaps clumsy- we’re trying to describe a server that could potentially be deployed in a cloud environment, but it’s true it’s still privileged compared to a given internet user. And the attack scenario you raise is valid: obfuscating access patterns and detecting active attacks and dishonest servers are open problems.
@sarahjamielewis As far as we know, PIR and OMR don’t address our use-case (eg, whether the OMR detector can identify returning users based on their detection key), but we’re open to feedback.
Mind if we open a GitHub ticket summarizing these concerns, particularly the server attack scenarios, and if so would you like to be attributed? Also, if you’re open to being in touch, we’d be glad to do so on any platform you prefer.
I highly recommend it. I think it captures the history beautifully and its a nice reminder of how these projects play out over decades.
It can be very easy to get caught up in the day-by-day/week-by-week rush/drama/critiques/effort and having a history like this puts that nicely in perspective.
A list of research/project ideas that I have no time to pursue fully, but which I would be very interested in helping out/mentoring. If any of these sound interesting then please get in touch.
People have a right to access and use secure tooling that enables them to leverage modern cryptography.
The alternative is absurd. A demand to deliberately subvert foundational economic infrastructure. A position that should be laughed out of any sensible room.
If, through some twist of fate, the printing press had arrived after the internet we'd be reading op-eds about the dangers of "anonymous reading" and demands for "accountable bookselling"
@sarahjamielewis to be fair, the printing press (and pretty much all other disruptive technology) has generated plenty of controversy in their own right. Such is the cycle of progress - there's always excessive push back until the new technology is accepted and a middle ground is found.
For a while now I've been thinking about where microblogging/blogging fits in my life.
After various experiments over the years, I settled on going back to writing my website in a text editor, without regard for consistency or categories.
We have mathematical and engineering tools to do analysis.
We have decades on decades of research literature, rooted in cryptographic analysis, statistical methods, probability theory, and computer science detailing how privacy preserving system are broken.
Just how one can tell that a badly engineered bridge will collapse before it is built, one can assess that a "privacy preserving" tool will not preserve privacy.
I really, really don't want to be calling out specific people or projects, I don't think it's a useful thing to do - but it makes me so sad to see people, whose work I deeply respect, volunteering/writing/promoting a tool whose privacy claims are fundamentally unsound.
Privacy tools that a metadata resistant are essential, but please technically vet the projects you a promoting.
I feel like the one major lesson I learned from the crypto-hype era is that most people don't care about technical arguments, at all.
There are projects tackling hard problems using sound methodologies, there are projects talking about hard problems and selling a story (either intentionally, or because they don't know any better).
There is a difference between those two kinds of projects and I wish more people cared about that.
A few people have asked for specific details, and I'm not going to call out a specific project; However, someone asked about general red flags and I will list a few here:
Beware of "metadata resistant" privacy apps that:
Advertise Real time Audio / Video.
Have Offline messaging on mobile / without self hosting some kind of server
Have "No Identities"
Rolled their own onion-routing
Rolled their own mixnet
Implement offline storage with 3rd party servers that is somehow efficient.
A topic I would love to read a deep analysis on is how certain actions e.g. blocking, moderation/filtering, "self-deleting" messages etc. transform from passive server-side actions to client active actions in decentralized systems and if/how that breaks down against existing ingrained metaphors and expectations.
@sarahjamielewis An interesting wrinkle there is how Mastodon, as a mid-step "Federated" between "Centralized and "Decentralized", is also a mid-step on passive/active moderation (since assuming there is a good ratio of users to servers, the blocking looks "passive" between servers, but "active" once a server has received a copy of a post). This offers some privacy/safety advantages over a true decentralized system.
I have frequent conversations that fit under this topic; typically either attempting to clarify user expectation or debating implementation in light of that expectation.
My general speculation is that our current nomenclature is insufficient and too rooted in, and shaped by, existing, centralized systems.
Something that does trouble me is that most people who try out @cwtch try out the Android version - it is the way of the world that mobile computers are far more numerous than others.
But this does give a terrible first impression because as much as we have invested into Android over the years it still does not come close to the stability and usefulness of the desktop versions.
Metadata resistant communication is hard. Metadata resistant communication on mobile is harder.
Our team has used Cwtch for our daily communication for years now. I've used it for communicated with many others during the same time. And I am aware of others who use it for similar purposes.
Enough to say that it is stable, it is useable. Albeit with some rough edges which we are slowly sanding down despite very limited funding and a complex deployment space.
Clearly I need to do a better job at distinguishing what makes @cwtch good - and I wish we had the budget to really try and solve some more of the harder problems in the space.
Cwtch needs more champions, and more volunteers. People who can tackle those problems, and to bug me to focus on fixing specific issues.
I would really appreciate, and be willing to pay for, a news source that restricted itself to covering legislative, judicial, and corporate machinations at the local/regional/national level while staying away from reporting on press conferences / inane social media statements / speculation / punditry.
i.e. reports on what people are doing, rather than what they are saying.
Would appreciate recommendations along these lines.