How to Kill a Decentralised Network (such as the Fediverse)
whofearsthenight @ whofearsthenight @lemm.ee Posts 0Comments 408Joined 2 yr. ago
whofearsthenight @ whofearsthenight @lemm.ee
Posts
0
Comments
408
Joined
2 yr. ago
I mean, he died in 2011 and pretty much all of his worst behaviors are well documented and I think he's well regarded in spite of those things, but importantly also because he seemed to learn and grow through his life. The worst things Jobs seem to be responsible for are barely a Tuesday for Elon these days, and the level of talent are also so disparate that putting them in the same sentence is a little absurd.
Holy shit I've argued with you a few times, this comment is actually something I can totally agree on.
Then the left can go back to its usual circular firing squad without risking American Democracy.
Jesus fucking Christ thank you. Republicans just line up to be cucked by Trump and their worst policies. Americans, even Republicans, aren't in favor of these abortion bans, but Trump goes out on the circuit being like "you know, I got those judges in there" and that's a win for him. More benign, but Ted Cruz can have Trump call his wife ugly or whatever and just hop right back on that dick without even enough time to grab some mouthwash and wipe down with a towel.
Meanwhile, the someone anywhere sneezes, Biden doesn't say "bless you" fast enough and that's the fucking news cycle.
$150 for "gigabit" which in practice means I usually get around 450mb.
I just want to pause here and say that this kind of thing, much like basically any bumper sticker ever, is stupid as fuck and I hate it. Whether it's my dumb fucking cousin saying "Killary" or equally annoying mouth breathers talking about "Drumpf." Like, I'm as atheist as the day is long, and holy shit does it make the parent comment annoying to read. Your super great "hillary lied, people died" bumper sticker, the "honk if Trump should go to jail," just all of it. It sucks, I hate it, it's the laziest form of persuasion (spoilers, it's persuading no one, it's just pissing off the people you want to convince.) Oh you didn't capitalize the 'g'? Well fuck it's me the pope, let's peace out and go get tacos this Jesus thing was dumb anyway.
You know, watching religion decline in the west largely as a result of the more fanatical like Johnson, I kinda hope their side wins so we can be done with it. There are few things that are more of a cancer on society (globally as well) than religion and the dogmatic approach to the world that it espouses.
I think you're conflating two different things when it comes to my comment. While I can agree in spirit, and were someone to release a FOSS version of this that did the same thing, I'd go right along with you on the whole "hacker spirit" thing (like the kid who wrote the original exploit and put it up for free on GitHub), but that's not what is happening here. This:
Enabling interoperability in purposely walled gardens for the overall greater good of the Internet?
is not what's happening, this is Beeper just trying to make money basically selling fake ID's so you can get into the club, and the whole "uwu I'm a wittle startup don't hurt me Apple" is just marketing spin for what I have to imagine was the rather insane assumption on the part of Beeper that they thought they found something that was unpatchable, and/or that they could somehow publicly pressure Apple to not sue them out of existence for what is potentially a crime (laws against hacking usually don't give a shit about the method you use to breech a system, just whether that use is authorized which this is clearly not.) Apple has reasonable claim to financial damage as well, since Beeper is using Apple's servers/bandwidth without approval or compensation. Charitably, Beeper might be hoping that this gets the attention of regulators and they'll legislate opening it up, but that ship has sailed in the EU, and the legal argument for doing it in the states is "we don't like green bubbles" so I wouldn't hold my breath, and even then assuming there is a will in the legislature to do this, I have a hard time seeing how Beeper stays funded long enough to see that law pass.
Anyway, I am not saying this because I personally don't want to see iMessage on Android (realistically I'd like the RCS standards body to get their head out of their asses and relegate iMessage and the various Facebook messengers to irrelevance) what I am saying is that Beeper trying to pretend to be a real business is laughable. Like, this is the type of product I would expect to buy in an alternate App Store with bitcoin or something, not something I would expect a real business to release on purpose with all of the fanfare and 100k's of downloads. It's the technical equivalent of putting up a stand in front of Costco advertising that you're going to print and sell fake cards so you can get into Costco, and you're going to do that by plugging your printer setup into Costco's power to do it. oh, and then when Costco cuts off power, you run an extension cord over to a different outlet. Like, you can argue that you think Costco should do away with membership, but we all see what an insane business plan that would be, right?
edit: This is a really good article from the Verge on the whole thing, but I'm afraid it's more nuanced than "Apple BAD!" so ymmv.
It was an exploit
...
but it wasent sketchy
Ah yes, businesses based on exploits. Very not sketchy.
While it's not mostly about security, and I generally agree that Apple's dickitry with regard to iMessage should end (they'd be doing a solid in the US to just release an Android client and monetize via sticker packs or something like it) there is most certainly a security risk for Apple to allow a reverse-engineering of their spec to spoof real iPhones, which is how Beeper works.:
pypush is a POC demo of my recent iMessage reverse-engineering. It can currently register as a new device on an Apple ID, set up encryption keys, and send and receive iMessages!
Now, your quote and the others in this thread:
Beeper didn’t find a security hole, nothing was compromised for Apple.
They sure as fuck did, lol. iMessage isn't public, it's not intended to be used by anyone other than Apple, and the bandwidth and servers are not free. Its not as if every iMessage isn't going through Apple's servers, they're paying for it. Though they didn't find a technical hole like a zero day or compromise iMessage for customers, they absolutely found a security concern for Apple. If you walk in to your house, find your neighbor there grabbing a couple of eggs out of the fridge and they hand wave away and say "don't worry I didn't break a window, I just figured out you keep a spare key under the mat and also I'm going to use these to make cookies for the block party and I'm not going to charge a lot for them and only you have these eggs from your chicken you're hogging them!" you'd kick them out in a hurry and probably call the cops.
So two things:
- We can absolutely be mad at Apple for the lock in effect of iMessage, there were some leaked emails a while ago that confirm what we all know, this is just there to prevent buying your kid a cheap android phone. Personally, I think if Apple was serious about keeping their customers secure, they'd either release an Android client or better, just make sure that the minimum spec for RCS supports E2EE for wide adoption. They can still have a more robust platform with iMessage, and it's still going to integrate with Apple shit in a way that only they could do.
- Anyone, anywhere, who thought that this was a viable business for Beeper has lost their fucking minds. Their model was basically "trust me bro, we're going to socially pressure Apple and that's going to totally work" and while it sounds like they're back up for now, it will be extremely surprising if it stays that way longer than another week or two. It would be akin to someone launching a business being like "well, we didn't hack Microsoft/Google/Facebook, but we're planning on hosting a bajillion users on their backend for free without their approval."
Oh they absolutely will. With Biden, they seem to selectively edit together clips of his minor speaking mistakes, with Trump they edit together the spots where he's coherent.
That's what I was thinking. Boy's got a brain as smooth as a river stone, and somehow that's lost its point?
There is truth in what you're saying, but I think it's missing a lot of nuance especially when it comes to why a lot of the things you're saying are true. A few quick things:
instead of going with DOS
Apple developed the original Mac OS to be the first major GUI OS, and MS was left struggling to catch up. Going with DOS would have been a major step back, and set computing back significantly.
always been isolated from the PC ecosystem.
which was originally more to do with IBM than Apple.
You could barely read PC files, and most PCs couldn’t read Mac files without external software until Apple changed to Mac OS X in 2001.
This was less because Apple wanted it to be that way, and more because Microsoft wanted it that way. The reason things switched in 2001 isn't specifically because of OS X, it's because Apple did a deal with MS in '99 or so (and MS only did it likely to avoid more regulatory scrutiny after losing an anti-trust case) and part of that deal was more interoperability. Apple had advertising campaigns basically saying "don't worry, you can switch to Mac and bring your files with you."
They’re doing nothing different from when they started.
This is also true, but again misses a crucial piece of context - they do it that way because they think it's generally better and makes better products, and I think you'd generally have to be pretty unstable to argue otherwise. Think about snapshots in time - in the 80's when it was DOS and original Mac OS. Do our computers look and work like DOS or Mac now? Compare modern laptops to a '94 powerbook or whatever was on the PC market. The modern phone and the modern OS compared to what came before iPhone. Or take a gander what Android looked like pre/post iPhone announcement; spoilers, it was a blackberry knock off instead of an iPhone knock off.) Even Windows today looks and acts more like macOS than it has since probably the 3.1 days.
Even some of the more seemingly shitty decisions follow this pattern. Remember, iMessage came out at a time when messages cost either $5-20 for what would now seem like an absurdly small block of messages a month or $0.10 a message. Its initial value prop was that it was stupid to pay that much and if you bought an iPhone you could cut your bill way down. Or Lightning instead of micro USB. MicroUSB couldn't fulfill all of the functions Lightning could, and it's a worse connector for a lot of reasons.
I mean, that said, iMessage was definitely designed to keep you on iPhone and it's being deliberately used as lock in, and there are plenty of other shitty things about Apple (like any other corp) but the virulence with which people hate it is often just because they do not get it any more than I see people mindlessly bash Linux usually with insults that haven't been true since 2006.
It's not as good as we want it to be. Those using RCS on Android are almost all using Google's specific implementation, Apple is instead going to be using a more standard implementation. It's probably going to work better than SMS, but it's going to be a far cry from everyone just using any modern internet messaging service.
Def agree that the vast majority don't care about E2EE (though that's probably growing with more news articles like that one where they went after someone for abortion and got their Facebook messages to prove it) I think it's less about blue/green and more about how shitty the interop is. I don't know anyone who is like "I won't talk to green bubbles" but I know plenty who get annoyed when it fucks up the group chat or either side is stuck looking at a postage-stamp sized grainy image (if it even gets delivered.) Really, really blows that the predominate message services in the states are Apple-only iMessage, owned by Facebook, or SMS. I'm over 30, so I am not on Snap and most of my friends aren't, I refuse to use Facebook products, so we're stuck with SMS.
Piracy is a service problem. People will always choose the way of least resistance and that seems to be piracy for the moment.
I said this elsewhere and there are many, many examples of this. For example, in the age of streaming music services where you can pick between a decent handful that have basically everything on each, and that are pretty reasonably priced, how many people are still pirating a ton of music? I know there are some, but if I had to guess, peak music piracy has been gone since the mid oughts. On the other hand, peak video piracy probably hasn't happened yet and probably will continue to grow until a similar situation is reached. Like, there is no way that Sony/Discovery didn't just create another wave of piracy.
But those are people we don’t need to talk about because they wouldn’t pay anyway.
And oft-overlooked, but lots of them couldn't pay. Especially today, arbitrary spending is limited for a lot of people, and I'd hazard a guess again that the vast majority can't afford eight streaming services. They'll buy a couple they find the most value in, and then when they're out of money, how is anyone harmed if they just download content on some of the others?
I want a luxury good and don’t want to pay the price
There are certainly aspects of this, but the primary reason I pirate is not because of this, and I suspect there are quite a few people for whom this is also true. In the early oughts once I started getting some money and in basically the infancy of the digital media age, I did try to buy stuff the corporate way. And I got burned by it too many times (probably 3-4, but really once is probably enough.) So now I don't ever even attempt to "buy" something that is digital and DRM encumbered, and I'm more than fine "demoing" a game or whatever. By the time iTunes started selling movies and TV, my purchasing of content I expected to own was limited only to places that released DRM-free.
These days, I have a little more money that I could be spending on this type of content, but Sony just demonstrated exactly why I -never- will (and they're just the latest in a long line.) You know that there were people that bought stuff that were still in the middle of watching it or just bought it a few minutes ago who Sony/Discovery effectively just robbed. I'm sure Sony/Discovery just created a many, many pirates with this action.
Further, there is far more content than I could possibly purchase, so the money I do spend on digital goods, I do so either with the expectation it's ephemeral (like a subscription service - it's impossible guarantee they'll even stay in business) or that I actually own it, eg: DRM free. If I'm out of money to spend, I can't find a moral or ethical reason that makes piracy wrong, and I think actually it's likely that it benefits everyone. When I was younger especially, I couldn't afford much, but I pirated a lot. In Doctorow's case specifically, I've bought some of his books, but that's only because I was able to download some of the earlier work and then spend the money when I had it. With bands in particular, I can guarantee they have made far more money from me than in a world where piracy didn't exist.
If you apply this type of concept to basically anything else, no one would buy it. If you go to Target and grab a t-shirt, and someone whips out a contract -after- you've paid which they demand you sign before you can have the shirt that they can come to your home and take it whenever they want, no one would do it. Or that you can't wear that shirt into a Walmart without getting sued. Or that you can't cut the sleeves off or turn it into a scarf later. If you went back a second time and bought another shirt and they come and take them both, everyone would look at you like the sucker.
So yeah, if by some magic piracy stopped existing tomorrow, I wouldn't suddenly be a Sony/Discovery customer, I'd just take up woodworking or some shit. While some piracy is probably always going to exist that's as you describe, piracy is a service problem.
I didn't know that. Hmm, sounds like it's decently likely this is a bit overblown then. I mean, I suppose there are a lot of lazy companies out there that will skip this, but that severely limits the functionality in a way that it's going to force the secure method.
This turning out to be true is unsurprising, but if it were, follow it to its logical conclusion and you would see large retailers lobbying the government to increase wages. Like, we live in a fucking police state, the problem is not that we're suddenly an outlaw country, the problem is that people don't make enough money or have enough safety nets to live. It's the same with all of the "Americans feel bad about the economy even though the dow is up, why?" Well, because we can't afford housing and groceries. Simple fucking problem.
Sort of. If you’re receiving a notification from a remote server on iOS or standard android, they go through Apple or googles servers. That said, some apps rather than sending your device the actual notification (where this vulnerability comes from) will instead send a type of invisible notification that basically tells the app to check for a new message or whatever and then will display a local notification so the actual message stays on device and inside of the hosting services servers (like a self host.)
I think it's even slightly different in that Firefox has some dependence on Google (a scary level, actual, if Google ends that deal Mozilla is pretty much fucked) that the fediverse doesn't - the people on the fediverse right now are enough to keep Fedi alive and moving, and I'd find it really, really hard to argue that they aren't there deliberately to avoid being subject to the whims of Meta/Twitter/Reddit, etc. Like, in a lot of ways, it's a sacrifice to be on these services because the bulk of content still exists in the proprietary silos. Because the actual protocols and main developers are also intrinsically motivated by the this separation, it's hard to picture how they could even try to extend/extinguish here.
Like, if Threads fully federates, I'd guess that quite a lot of people block their instance just to keep their hands clean. Those that interact with Threads via Fedi probably fall into the boat that I would. I want some particular content or to follow some people, just not shoveled at me however Meta decides it should be, and not in a way that they can profit from showing me ads. If Meta pulls some bullshit, it's likely the Fedi would more or less just block them entirely then give up and start a Threads account. And I have a hard time seeing a world where they go to Eugen or basically any of the other driving forces in the Fedi and are like "we need you to change Mastodon so we can [do some typical Facebook bullshit" and Eugen are like "yeah cool with me."
I think its more likely that Threads users are eventually going to see fedi users dropping a long comment or some post that is about how it's nice to have a clean ad-free feed and move clients if not over to the fedi in general. It won't be enough to really matter for Meta other than to say "see we don't have a monopoly!" and hey, if the fedi gets a little bigger it's all good for the rest of us.