49 comments

[ 3.4 ms ] story [ 50.1 ms ] thread
Just a wishlist of ideas with no real technical solutions.

It was strange seeing the mixing of trolls, and bank security concerns.They are pretty different in nature. Im also surprised there was no mention of ip addresses.

I think internet is broken, but more at a technical level, its too easy to have isp accidently break large portions.

ex. Pakistan bringing youtube down accidently in 2008.

Agreed, it reads like a bunch of troll and self absorbed points. My ISP in India throttles every Public DNS servers except theirs (which I don't trust, is randomly censored) so browsing doesn't work at times. I am forced to keep a `dnscrypt-proxy` with `pdnsd` cache on a Raspberry Pi running to mitigate this.

Yes, the Internet is broken -- both accidentally and deliberately.

If I may ask, which ISP? Do ISPs care that much about following govt orders about censorship?
Hathway Cable in NCR.

I dunno if they care about govt. orders but if you query their dns for a "blocked" website it answers with an invalid IP:

    dig @202.88.149.25 thepiratebay.org

    ;; ANSWER SECTION:
    thepiratebay.org.	65346	IN	A	0.0.0.0
And Google DNS at `8.8.8.8` just times out. :/
Walter Isaacson was outed by Wikileaks as colluding directly with the Clinton campaign so you can see why he would want to 'fix' the Internet.

Edit: source https://wikileaks.org/podesta-emails/emailid/6056

To be accurate, my reading of the source you linked shows him as being willing to cooperate with the campaign on Q & A questions asked.
You're spinning things in the most negative light possible ("outed," "colluding") -- but you're right! He apparently interacted with the Clinton campaign. Quelle horreur!

Given the damaging nature of all of the fake news and trolling flying around during the campaign -- including the metric buttload of mountains-made-from-molehills relating to Hillary's e-mails -- I can absolutely understand how someone might think the internet needs some fixing.

I don't agree with the ideas he presents in the article, but I also don't think having a connection to Hillary Clinton's campaign reveals any nefarious intent.

Nefarious not, but it is clearly stated in the article where he is coming from.

"Its inherent lack of security has allowed Russian actors to screw with our democratic process."

Well, he maybe cares deeply about cyberbullying, to me his arguments feel a bit - dishonest?

He clearly stated in the article where he's coming from... but that makes him seem dishonest to you?

I'm not really sure what you're expecting. He's seen something that he felt when horribly awry and he's made some proposals he thinks could improve things.

Exactly, to me it reads he wants to regulate the internet because of political reasons, but he is mixing in a lot of other things that makes it more opaque.

I agree with the parent, it reads like a political piece to me too that has little to do with technology and such it is nice to have a disclaimer about his affiliation*

*disclaimer: I'm not American nor living in the US

Reminds me of the fictional TruYou product from the book The Circle. Which is a fascinating read that explores how "good" intentions like this can end in undesirable results.
On the one hand, I have some trouble recommending The Circle because it's so heavy-handed and overwrought. I nearly put it down. But, if you read it as a deliberately over-the-top "if this goes on" cautionary tale, it's a lot easier to appreciate it IMO.
True - I liked that it had some points to think about and a few insights, but it is fairly heavy-handed.

Just finished Cumulus as a similar recommendation to the Circle and hated it. It made the Circle look wonderfully nuanced in comparison. Characters frequently recapped previous chapters, every implication and inference was enumerated explicitly in great detail, etc. essentially no thinking required.

"Let's fix the internet by putting in place an all-powerful central party to enforce new rules, which under best circumstances will be merely a horrible rent-seeking entity, and under worst circumstances will slowly turn the world into a totalitarian dystopia"
Plato needs warning labels.
I feel this is a great time to point out that Plato disliked a lot of democracy.
It's true, lots of the internet is broken, and in very fundamental ways. Unfortunately, we need a group of technical people a lot more knowledgeable than W.I. (well intended though he may be) to do the fixing.
The author confuses the web with the Internet. Lots of those ideas, especially regarding two-way links, security and automatic micropayments, have already been proposed and failed by Project Xanadu. One of the Web precessors. The web succeeded over 'better' alternatives, because on a system where the whole world has to agree on a standard, the unix philosophy of 'worse is better' always wins.
Could there reasonably be multiple competing "internets" -- with different protocols, different 'rules', design and so on?

I don't pretend to know how to 'fix' anything (much less something as complex as the internet), but I do feel like it would be beneficial to have some competition in this space, to whatever degree it's possible.

When there's only one option, a variety of problems associated with monolithic systems and monopolies will inevitably arise--as we've seen with the current system.

In some ways, there are. If you consider china's Great Firewall, Tor, I2P, various encrypted spaces. They aren't the "internet" so much as a layer over the internet.
The author confuses consequences with anonymity.

The reason why I don't run up and call random people cunts is the risk that I might get punched.

ID is only one part of that. However bulletproof ID does not yield security. What it does do is allow people/governments to persecute people with much better precision.

The problem of anonymous information sources has been around for millenia. There is a reason you don't trust the shit the drunk bloke spouts at the pub: its mostly bollocks.

The main problem is that normal people, right up to the news producers have suspended their critical faculties.(for different reasons)

"a website I've never seen before, has lots of adverts for escorts and MILFs said that something happened" its not happened.

"a rumour on twitter said..." its a fucking rumour. Find the source and it might become fact. Until then, its the same as hearing it in the fucking playground.

Now, if you're a news producer, I know you want to beat your main rival. But each time you don't bother to fact check, the value of your news drops.

100% agreed with the anonymous information sources and people trusting them too much. I mean, look at the gaming press. You wanna why no one takes them seriously? Because they're willing to post just about anything sources be damned so long as it gets clicks. Some guy posting on Twitter or Reddit is almost always front page news for them, and as you point out, the value of their content has basically fell through the floor as a result.

Removing anonymity won't fix crap like that.

Only slightly related, there is no clearly defined concept of IDs ("identity"). It's not a technical issue.

Identification is a tricky issue, influenced by human, social, and political decisions. It's also very easy to trick identification routines.

A very practical example is email addresses for groups or organizations. It's not clear what's identified by such an administrative email address. The people who read it and send in its name? Some more abstract concept? Depends on the situation. I'm too tired to find a better example, but you get the idea...

So the best thing is to say, email addresses identify, well, themselves, and also where to route emails to these adresses.

You can't build technology without clear concepts. Or with too many, incompatible, concepts for that matter. I don't see a better way than layering (i.e separation of concerns).

I agree that we've got a cultural problem rather than a technical problem with anonymity.

I for one love to listen to the drunk bloke at the pub. Sure almost nothing he says makes sense, some of it is wildly offensive. The opportunity to listen in invaluable, and I'd fight tooth and claw for his right to a soapbox. Every once in a while he'll say something that challenges my assumptions, and makes me think long and hard.

I model my mind seeking an accurate world view as similar to the simulated annealing algorithm. Without noise in the system it's very easy to get stuck in a local maximum. Without anonymity there's simply too much incentive to stay with the status quo.

There are few distinctions to be made. First, authonticity of a user and a machine, in order to validate an email, you need to know which person sent it. I'm not sure how to enable it technically without having an "all knowing" central entity.

Breaching the security of applications is a very deep problem which is unrelated to the internet. The current computing architecture is exposed to vulns. Both local and remote in a very similar manner.

Regarding the democratic process that have been tampered with, thia is done way before the internet, and will probably go on forever[1]

[1] http://www.huppi.com/kangaroo/CIAtimeline.html

With every idea mentioned (some good, some worse), there is between 1 and 5 flags going off, already imagining the possible misuse of all of the "updates".

Yes, much could be improved about the internet/web. But if we can see misuse in the ideas offered right after reading, the proposed new system would probably be worse than what we have now after some time. It at least took a while to exploit what we have, not 30 seconds.

This sounds like the same, completely failed argument for mandatory "real names" on google+ and facebook...
This is the core problem. It's an engineering solution to a social problem. Real names won't keep trolls and racists from being trolls and racists, unless there's sufficient social pressure to keep them from behaving badly. Today's internet has large patches of social support for racists and trolls (stormfront, the alt-right, r/thedonald...), who certainly don't have any problem with saying horrible things on Facebook.

That said, there are strains of trolling which could be helped by an option to dump anonymously sourced messages. Like the Lindy West troll sending emails addressed from her dead father, or Scott Adams signing up for a thousand sock puppet accounts to drop pro-Adams propaganda in strange corners of the internet...

What's needed is real, verified ID TO Google etc, not ON Google etc. If I troll, give up my ID to the police. Meanwhile, give me anonymity. So, consequences for bad behavior, yes; a permanent record of all my intellectual fails and exposure to rw retaliation from all comers for my political opinions; no. For this, verified credit cards have to exist (non-burners) and Google has to charge them 3 cents to verify they're good. (There are many excellent extant engineering solutions to social problems. Locks are. So are clothes, and baths.)
(comment deleted)
This is every bad idea about "how to fix the Internet" of the last 15 years, restated.

In fact, we don't have to change anything about TCP/IP to create fully authenticated Internet services. Without any changes to Internet hardware or programming languages, we can use public key cryptography to allow people to prove their identity to a third party and use that identity to access other services. In places where anonymity is problematic, those services can simply disallow unauthenticated users.

The reason we don't have services like this isn't technological, has little to do with money, and nothing to do with privacy concerns. The problem is that not enough people want this service. If they did, it would exist already.

Meanwhile, the idea that fundamental changes to Internet protocols would alleviate security problems is as old as IPSEC: it was literally the pitch Robert Stratton gave to assembled hackers at Summercon in 1995. The problem with the pitch is that Internet protocols and hardware have practically nothing to do with security; rather, the core security problem is that all programs have bugs, and bugs can be assembled into levers for unexpected behavior. Take it up with Edsgar Djikstra, not Vint Cerf.

> the core security problem is that all programs have bugs, and bugs can be assembled into levers for unexpected behavior.

the core security problem enabling that is all kinds of widely used computers being fail-open by default down to the lowest levels.

> But those of us who choose, at times, not to be anonymous and not to deal with people who are anonymous should have that right as well. That’s the way it works in the real world.

It's like I tell mugging victims - you should have stayed on the ID-only sidewalks

This problem started with the first technique that allowed the content of a communication to be physically separated from its source: printing. The real problem is not the internet, or printing, but that communicating has become the dominant form of action, providing us with the illusion of having full control over the reality of our lives.
And why does everything need to be on medium now? What happened with blogs? What happens when medium closes down with all that content?

Does writing on medium.com make you more sophisticated? I don't understand this craziness.

Blogs close down too. I would guess the median medium article will last longer than the median blog article.
No they don't —unless their author let it. My blog won't shut down even if my provider does. I'll just move it somewhere else.

Of course, if you're posting on blogpost or such, it is not your blog —it's Alphabet's. If it were your personal blog, you wouldn't have put this "signal inappropriate content" button, would you?

I mean that domain names expire. I just had some of mine expire (which I am sure I had set to auto renew).

If an author is willing to move their content if their provider shuts down, that is not much different than migrating their content if medium shuts down.

Well, domain name expiration is a problem. If you pay attention though, no domain name will ever expire —under current DNS rules at least.

My own domain name is in .fr, and if it expires I have a chance to renew it before someone else is allowed to take it. There's a few weeks of delay, but truly losing a .fr name requires the owner to be really negligent. I believe .com names are more easily lost, though.

I think it gets you views.
Does it help with getting people to find your content?
It gets incremental views. It looks attractive. I suspect that some people (incorrectly) think a piece has more authority if it's on Medium or another related publishing platform than if it's on a personal blog.

Personally, I cross-post to Medium if I write something that might be of general professional interest. The private notes feature is useful if an editor is doing a copyedit pass and I also think Medium works better if a piece is going to be linked as part of a newsletter or whatever.

Finally, if someone only writes posts once in a while, it may make more sense for them to use Medium than maintain their own blog.

Don't fix what isn't broken.
Just your normal pile of terrible ideas asserted with extreme confidence. Sorry Walter, it's not anonymity which kills the internet. You want to assign provenance to every IP packet? That'd just exponentiate the danger of a tyrannical intelligence agency.

No thanks.

Short version: Micropayments and signed emails.
Here's what I'd change at the low levels:

- All new mobile devices must use IPv6 only. (No more NAT at the ISP level.)

- All IPv6 devices should be able to reach each other if they want to, without going through a server. (End to end voice, video, and messaging without the need for a server.)

- Anything with a big packet buffer must use fair queuing. This includes home routers, interfaces with big buffers, and cable DOCSIS nodes, but not backbone routers. ("Bufferbloat" fix)

- Better ingress filtering at ISPs, to limit bogus source IP addresses to addresses which can legitimately come in via a path. (Single-packet DDOS reduction)

- DNSSEC everywhere (DNS spoofing fix)

- Get rid of the delayed ACK timer in TCP. ("Nagle algorithm" fix)

My 'fix the Internet' gripe is to finally stop assuming that 1500 bytes is a large MTU. It's not 1990 anymore. We can send much larger packets if only PMTUD worked. But NAT, but 1280 bytes in IPv6 land, but ...
Sounds like a suggestion to build a single-source closed vendor-lockin online system, much like early for-pay bbs systems or similar like compuserve. If the internet was built to this suggestion, it probably wouldn't even exist anymore by now as it would have flopped. Or at least limited to a particular country and for especially interested technical users. Terrible :(
> Now the problem is nobody can tell if you’re a troll. Or a hacker. Or a bot.

Indeed. I have some trouble deciding if the author is a troll or a bot.