DonutVeteran

Scribe link: https://scribe.rip/@rossstalker_5939/web3-is-not-decentralisation-its-a-ploy-to-put-crypto-bros-in-charge-c791752e2bb6

You've written a good analysis, OP. Yes, treating email and mastodon as equal forces in the fight for decentralization is inappropriate. However, email is not as one-sided as you have made it out to be:

• Email does have a community element: mailing lists may be the most obvious example, but email does have the ability to drive community discussion. What is holding it back is obviously its age and ease of use.
• Organizations use email: Many organizations will self-host email simply to manage mailing lists as well as email notifications. Having an email address at a domain signifies your membership in some sort of community; perhaps your workplace or school.
• Ubiquity:
  • Email is still a more universal communication method than any other messaging protocol. You can probably reach anyone through email.
  • There are many organizations, communities, etc. offering email services. They must allow their users to communicate with other servers: no email provider is large enough to disregard all the other providers.
  • There is a widespread expectation that your email address will be able to reach any other email address. In this way it is the most federated, decentralized messaging protocol there is today.

I also have a point to make, both in reference to the blog post linked and your analysis: I would not dismiss federation because of some centralization of servers.

We have a case study in email to show us how a healthier (for all of its faults) federated system can survive without becoming wholly centralized. The best way to prevent centralization from dismantling federated systems is to build in an expectation that a server/service/offering in a federated system will always be able to communicate with another in the same system, like in email. As long as one federated server/service/offering/application does not become its own "brand" compared to the other servers and the base protocol/federated system is all the talk, all will be fine.

For example:

• Let's chat with Element! vs Let's chat with Matrix!
• Let's join Lemmy.ml! vs Let's join a Lemmy instance!
• What's your Gmail? vs What's your email?

The IT security experts received the GEA-1 and GEA-2 algorithms from a source who wishes to remain anonymous and verified their authenticity in the first step. The ciphers had been used to encrypt data traffic over the 2G network, for example when sending emails or visiting websites. The researchers analysed how exactly the algorithms work. They showed that GEA-1 generates encryption keys that are subdivided into three parts, two of which are almost identical. Due to their architecture, these keys are relatively easy to guess.

. . .

The encryptions that GEA-1 and GEA-2 produce are so weak that they could be used to decrypt and read live encrypted data sent over 2G. Today, most data traffic is sent over the 4G network, also called LTE. Moreover, the data is now protected with additional transport encryption. Therefore, the researchers assume that the old vulnerabilities that still exist no longer pose a serious threat to users.

Relevent Ars Technica article: https://arstechnica.com/gadgets/2021/07/audacitys-new-owner-is-in-another-fight-with-the-open-source-community/

Ah, thank you

Just one thing. I'm pretty sure it isn't possible yet to "fold" or collapse comment threads on the web client, correct me if I'm wrong. That would be a really nice improvement now that there are longer conversations on some posts.

I'm not familiar with GitHub Copilot's internal workings, copyright law, or the author of the article. However, some ideas:

GitHub Copilot's underlying technology probably cannot be considered artificial intelligence. At best, it can only be considered a context-aware copy-paste program. However, it probably does what it does due to the programming habits of human developers, and how we structure our code. There are established design patterns - ways to do things - that most developers follow; certain names we give to certain variables, certain design patterns that we use in a specific scenario. If you think of programming as a science, you could say that the optimum code for common scenarios for a language have probably already been written.

Human devs' frequent use of 1) tutorial/example/sample code of frameworks, libraries, whatnot and 2) StackOverflow code strengthens this hypothesis. Copilot is so useful (allegedly) - and blatantly copying, for example, GPL code (allegedly) - simply because a program trained on a dataset of crowdsourced, optimal solutions to problems devs face will more often than not simply take that optimal solution and suggest that solution in its entirety. There's no better solution, right? For all I've heard, GitHub Copilot is built on an "AI" specializing in languages and language autocompletion. It may very well be that the "AI" simply goes, when the dev types this code, what usually comes up after? Oh, that? Let's just suggest that then.

There's no real getting around this issue, as developers probably do this when they write their code too. Just use the best solution, right? However, for many algorithms, developers know how they work and implement them based on that knowledge; not because in most code the algorithm looks like this algorithm in FOSS project XYZ. They probably won't use the same variable names too. Of course, it could be argued that the end product is the same, but the process isn't. This is where the ethical dilemma comes up. How can we ensure that the original solvers of the problem, or task, are credited or gain some sort of material benefit? Copilot probably cannot just include the license of the code it has taken and its author when suggesting code snippets, because of how the dataset may be structured. How could it credit code snippets it uses? Is what it does ethical?

I do agree with the article that Copilot does not currently violate copyright law of code protected by the GPL or other licenses, simply due to exceptions in the application of copyright licenses, or the fine print. I don't know what could be a possible solution.

"OpenPPG" > "OpenPGP" ;)

This is a gem that I've never thought of mentioning here. Kudos for bringing it up!

Well, honestly a lot of FOSS software has been lacking in usability in general, not even accessibility. It's to be expected, as lots of software has basically been born from hobby projects and there is no unifying entity creating everything or defining human interface guidelines, besides perhaps GNOME and KDE.

The thing is that there is a big emphasis in FOSS software to "implement yourself" the features needed because most work is volunteer driven. So unless someone or some organization were to fund a developer or two to implement accessibility features, they don't magically come into being.

Thanks for that article providing a bit more context.

Wenruo's theory is that Zhen Lei submitted this inconsequential patch for Key Performance Indicator (KPI) credit – to do something that gets recognized by an employee performance measurement system as meaningful work.

...

In an email to The Register, Wenruo said, "Some Chinese tech companies are really pushing too hard by assigning almost impossible KPI goals, I think that's the root cause."

"This pushes their employees to do things without using their common sense. And obviously toxic company culture like 996 (9am to 9pm, 6 days a week) and destructive competition."

That's very informative, thanks!

For others curious:

...

In other words, within your browser, it enables a new connection to a hosted virtual machine (VM) that emulates a physical computer’s processor. This process enables the virtual machine to run a variety of guest operating systems using your Web browser as the display monitor.

The VM display is provided by a direct virtual network computing (VNC) connection. VNC is a graphical desktop-sharing system using the remote frame buffer protocol (RFB) to allow remote control of another computer. Multiple users may connect to the VNC server at the same time.

A button sits in the center of the left window edge of the running distro. Click it to slide out a menu with several options for controlling the VNC display window.