I'm a simple man, I see blockchain, I downvote.
this post was submitted on 29 Aug 2023
55 points (100.0% liked)
Technology
37707 readers
212 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
I understand the impulse, but I think that’s a knee-jerk reaction. I am immediately suspicious of any technology that claims to use blockchains.
Possibly. But it's a well-deserved knee-jerk reaction. I just really hate reading anything the sick mind of a cryptobro has come up with.
load more comments
(1 replies)
I don't see how blockchain (in this case) adds any value over a federation like Matrix.
I doubt these bozos know of federation. Hell they forgot about the existence of p2p based comms like jami.
load more comments
(4 replies)
Publishing everything on a blockchain means that everybody who's running a node has access to a copy. If confidentiality of communications is an issue, this may as well be a data breach with a few more steps. Also, how does giving everybody running a part of or monitoring the blockchain equate with "control over personal data?"
Centralized control: Only one entity can see it. Blockchain: Lots of third parties run a node, so every node can see it.
Each channel has a separate ledger: That makes surveillance of a particular communications channel much easier. Thanks. Also, each user has to have a keypair; great for pseudnonymity, lousy for repudiability.
Messages cannot be altered but they can be audited to prove their metadata. Did they learn nothing from the Obama administration? At this point in the paper I can't shake the feeling that this is a deliberate effort to invert all of the properties of privacy.
Smart contract: Yay, more deliberately memory unsafe programming. I guess they never played with Core Wars as kids, either.
An attacker would be unable to breach the network: An attacker would just have to stand up a node. If channels are side ledgers on a blockchain, and the network assumes that nodes can come and go (which they all do, as far back as bitcoind), any node can join, say "Hey, I'd like to join this channel," and get at the very least a pointer to the side ledger for that channel.
Long-term storage of communications is dangerous, mm'kay?
Publishing everything on a blockchain means that everybody who’s running a node has access to a copy
I'm not sure that's the case, although the article is rather vague. It says:
[...] the user must register with a node of their choice using their public key. Once registered, users can create channels and invite others to join. Each channel has a separate ledger hosted by the nodes. [...] The data in the ledgers are encrypted, and the secret key is managed by the users of the channel.
IIUC, nodes will not have access to private keys, neither those from users nor those from channels. Users could use their keys to exchange the channel's private key without the node getting to know it. I don't quite understand how user's would exchange their public keys without the node being able to play MITM, though...
Edit: Removed an irrelevant sentence from the quote
I believe their point was that even encrypted messages convey data. So if you have a record of all the encrypted messages, you can still tell who was talking, when they were talking, and approximately how much they said, even if you can't read the messages.
If you wait until someone is gone and then loudly raid their house, you don't need to read their messages to guess the content of what they send to people as soon as they find out. Now you know who else you want to target, despite not being able to read a single message.
This type of metadata analysis is able to reveal a lot about what's being communicated. It's why private communication should be ephemeral, so that only what's directly intercepted can be scrutinized.
That was exactly why I said "Did they learn nothing from the Obama administration?"
From 2014: "We kill people based on metadata." (Michael Hayden, former DIRNSA, 2014.ev)
There is no "harmless" here.
load more comments
(5 replies)
People are still looking for problems to which blockchain is the solution.
So far we’ve found none.
We've found plenty of problems for the blockchain. We've set up a whole system of cryptocurrencies based on it, serving millions of people who want to avoid tax, scam others, launder money, and purchase a signature in a blockchain pointing to a JSON file pointing to a JPEG!
For people in countries with terrible financial institutions and inflation in the three digits, cryptocurrency has been a great method to store value, especially compared to the local currency. In Turkey or Argentina you'd have more money left if you invested it all into bitcoin five years ago compared to keeping it in a local bank. Rich people will use real currencies for the same effect, but in time of financial crisis foreign currencies can quickly become available in very limited supply. Cryptocurrencies solve this by making the process as digital as possible, if you can find a company accepting your degrading currency, you can turn it into something that's not great, but better than whatever the fuck your government is doing to your money.
load more comments
(1 replies)
load more comments
(8 replies)
No, this is already solved without scam shit tied in.
Eh, I wouldn't go as far as calling distributed ledger tech a scam. Sure, 99% of the current ecosystem is at best digital tulip trading if not an outright scam, but that doesn't mean everything blockchain-related is a scam.
There's valid use cases for what's essentially a distributed database with immutable history (or a "smart contract" system which is essentially a distributed singleton VM with immutable state history), but NFTs etc ain't it. Fintech will probably incorporate some of the stuff that came out of the blockchain craze, but I figure that at best it'll be like Linux; most people who use the internet interact with Linux systems pretty much all the time, and of course Android is a Linux-based phone OS, but very few actually run Linux or even care about the whole concept. It's just part of the infrastructure, which in my assumption some kinds of blockchain-ish technologies might be. Probably just not the public networks people associate with it now, but private / internal ones with limited validator sets etc
People keep saying there’s a valid use case for this but what is it? Basically any distributed ledger would actually perform better, be more secure, and be easier to use as a centralized database.
Well... Banking. I'm not going to write a long explanation like other commenters, but each bank having their independent ledger and syncronizing them each X time, with lots of manual intervention is not optimal. Ditributed Ledgers allow for banks to share the information with each other and for transactions to be done instantly, without dispute issues. This technology is already being used internally within the financial industry, and it's going to stay since it facilitates a lot of internal work to the beenfit of the users.
Edit: As an extra point, these distributed ledgers are not really distributed between everyone, banks store them in secured environments and share them with other partner banks, in a controlled environment.
load more comments
(35 replies)
Blockchain is a tool for scammers used for scamming, and has almost exclusively been used for such.
Fuck no. What is better is p2p, or federated. No Blockchain is needed, and this is one of those examples where Blockchain is jammed into something where it really doesn't need to be, nor should it be. The last thing we want is for our encrypted messages be permanently stored. Element is federated, and they're working on getting it to be p2p. Some nerd will probably mention XMPP too.
I disagree here. with p2p/federated you have to worry about if your microprovider goes out. I think blockchain would be a useful way to keep a users preferences and to keep usernames distinct.
I disagree here. with p2p/federated you have to worry about if your microprovider goes out.
This Quarks protocol still seems to require reliance on "nodes," which is the same thing as a federated service, with extra steps. It's more overhead without any of the portability you want.
p2p has no middle man. There's nothing to go out. Blockchain is a literal plague, especially in this scenario when a simple database can handle this. MXIDs already provide distinct usernames. Preferences are often stores client side.
You do not need to burn a tree, push a Ponzi scheme, and make this data permanently public to solve this. That is a terrible idea, and any solution you come up with will be always better without a Blockchain.
load more comments
(15 replies)
load more comments
(1 replies)
What the fuck do encrypted messages need a ledger for?
Because Postgres is too difficult? :)
So your thoughts can be monitored by authoritarians.
To get governments interested in it... for tracking it's own netizens... because just about everyone is dealing with CSAM!
load more comments
(1 replies)
retain control
Notably, in Quarks, every user operation and information exchange that takes part on a channel is carried out via the ledger's so-called smart contract. In practice, this means that no-one outside of a channel should be able to send or read messages on it. In addition, all messages on the channels cannot be altered or edited, yet they can be audited, meaning that users should be able to derive information about when they were created, sent, delivered, and so on.
Ah, yes. I definitely want anyone in the world to figure out who I'm communicating with by checking the timestamps of when various messages were delivered. Much like how the "anonymous" Bitcoin could be pretty easily de-anonymized just by checking where various bitcoins go and inferring who those wallets likely belonged to.
load more comments
(2 replies)
I'm not entirely convinced this needs a blockchain. I guess Hyperledger (Fabric, I'm assuming) is a handy way of guaranteeing a total order for a channel's messages / events and making sure history is immutable, but it seems a bit unwieldy for a distributed messaging app despite being somewhat modular.
Most of their goals aren't specifically dependent on anything blockchain-like, and the ones that are seem like they could be implemented in a much "cleaner" way than having to bring in Hyperledger and all that it involves
Entirely overengineered. Redundant with better solutions. This is being pushed for hidden reasons.
Yea, you lost me at "blockchain".
How is this better than a normal messaging protocol like Matrix? What does blockchain add to the solution?
Just what I want, a permanent record replicated everywhere for every flippent thing I say. Hard pass.
Blockchain is a solution in search of a problem. And it hasn't found one to solve yet.
There are lots of knee-jerk reactions because people saw the word "blockchain" in the title. It's as intellectually lazy as the shills who refuse to criticize the crypto industry for its shady parts
This just sounds like a decentralized Slack, with a blockchain to ensure all nodes have the same data. The details are sparse, but this sounds like a proof of authority system to achieve consensus between authorized nodes in the network. No cryptocurrency involved. It's just using blockchain as a consensus algorithm between decentralized nodes(which is what it was designed for).
It doesn't say, but since their target demo seems to be enterprises, my guess is that the idea would be companies run their own node in the network, which would allow a high degree of security and be interoperable with other enterprises.
"But you could use a federated system..."
I'm all for the growth of the fediverse, but it still has many problems. If you're running a large enterprise that needs a guarantee that all your messages are synced, in the right order, and nothing has been removed later, a proof-of-authority blockchain is a better system than something federated
This just sounds like a decentralized Slack, with a blockchain to ensure all nodes have the same data.
We've had this since the late 1980's. It's called IRC.
So, if I understand that correctly, the user is now the target instead. Is that better?
load more comments
(1 replies)
view more: next ›