-- Leo's gemini proxy
-- Connecting to bbs.geminispace.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8
I'm not sure about a lot of the benifits of the small web. Like there's nothing to stop web crawlers from mining data and using LLMs to associate a user name to a legal name, there's very few people that share the same life story. I bet the archives in Textfiles.com has pointed what a kid said 35 years ago to his late 40's legal name by some Pinkertons. There's also nothing we can do about if one day there's spam like there's Spam in usenet now. There's also nothing we can do if the small web gets bigger and a lot of it becomes dependent on addons. HTTP isn't a bad protocol, but now everything assumes Javascript. What if Gemini gets popular and the new people Javascripify it?
Jan 14 · 4 months ago
Not to say it's all bad, at least it works now. It's very tight knit at the moment full of semi-like minded people. Though I'm not of the same far left allignment most people here. I consider myself a moderate by late 20th century American standards. When there were ethical ways to be finically well off. I look at successful small businesses and think "oh, there's a money laundering front". There's way too much entry level hindering bureaucracy that didn't exist in it's current exaggerated form in the late 20th century. Not to say bureaucracy is 100% bad, I like how California has Citrus protection programs.
This is why threat modeling is a thing. You can ask yourself "what if" until the cows come home. Ultimately it's up to you to decide how much risk-avoidance you need to balance against your quality-of-life requirements.
My personal threat model is different from yours which is different from everyone else's. Pontificating on what-ifs only serves to raise your cortisol levels.
sure, it could happen. But we put our eggs in the basket that this place isn't interesting enough to be wildly popular. The protocol is designed to resist wide popularity but it's certainly not immune.
just being on the internet exposes your privacy, but here it feels like my identity isn't a commodity, being bought and sold and deanonymized for profit.
As a cybersecurity expert, I hate when users tell me everythig is doomed. Strong encryption and onion network work. It significantly increase the complexity to de-anonymize users.
Compared to the HTTP mess, Gemini is well suited to be routed through Tor It is very lightweight and does not require a lot of ressources. If you look at the Tor project, 99% of their ressources (I’m trolling a bit) is spent to make sure a website cannot escape the sandbox.
As for spam, we can use things like proof of work. Again you can take inspiration to what is going on DNM (Dark Net Marketplace). Tor deployed recently (and successfully) an anti spam that make the attacker waste a lot of ressources.
Tor scares the hell out of me, it's A: full of shady people and B; full of feds looking for shady people. I wory about teptations on things that are ethical, but became illegal within my parent's lifetime. Also, a lot of exit nodes are run by feds. it's a lot like that drama with the fediverse mods seeing your "private" messages on instances they don't run. If I have Proton Mail and a friend has cockli, (at least) two insitutions can see those conversations, Proton ands Cockli. We live in a post-privacy era and the more you try to be private, the more you look like a crook. I like trying to be private, it's fun wasting tax money.
Tor is a neutral technology. Nefarious people are going to use it, like they also use credit cards, cars or restaurant. We, everyday people should stop being afraid of using tools.
As for the "feds" running exit nodes, that is partially mitigated on gemini, everything being encrypted by default. If you run a gemini onion capsule, this is "double true": you have the encryption from gemini and the one from Tor.
People should wake up to the fact that most services like Fediverse are not End to End Encrypted, so of course if it is not properly encrypted and data is readable the data is going to be read (no matter how many "gentlemen aggreament" we have).
Protonmails and other are centralized entities. They could inject in their website a malicious javascript just for one user to steal their password. I’m not saying they do, they will probably never do it (and are working actively to make it impossible for them to do so), yet, similar to the Fediverse thing, it is technically doable, and I’m sure it will append at least once.
In one paragraph you complain about proper tools being used by shady people, in the other you also complain about sub part technology being not as strong. You can’t have both, be free, stop being afraid of using a technology.
I don't think the privacy offered by Gemini is in terms of anonymity (although that's not difficult to achieve). It's more that tracking for advertising purposes is extremely hamstrung here, and indeed advertising as it appears on the http web would have a lot of trouble existing on Gemini. Since ads are the root of the algorithmic feeds, clickbait articles, autoplay videos, and most other dark patterns on http web, Gemini remains free from those annoyances.
> There's also nothing we can do if the small web gets bigger and a lot of it becomes dependent on addons.
I would put it like this: if the small web grows bigger, in terms of number of people or the technology stack, then it is no longer "small", and people who were attracted to the smallness would be unlikely to take part in the larger variant. Thus the core of the small web stays intact, even though there might now also be a sizable crowd in the "medium-sized" web, people who are not happy with the big web and who felt the original small web was too sparsely populated and/or limited.
To speculate even further, this medium-sized web would eventually keep growing in complexity and audience size until it succumbs to the same forces that grew the big web.
Personally, I agree that especially Gemini is resistant to large masses of people being attracted to it. HTTP-based parts of the small web could be more susceptible to unwanted growth since they are fully accessible via the ubiquitous web browsers.
Most people that use those "proper tools" are shady people, not normal everyday people. You're almost on aWatch list just by knowing what Tor is.
We had a "medium web" in 2004, it grew like a Chia Pet. The are small web parts that use HTTP(s), but a HTTP browser like Netsurf that doesn't support Javascript or even CSS3 or HTML5 (though I like the last two, they just want to be compatible with RISC OS) is seen as an inferior big web experience because HTTP(s) is now associated with big web functionality. Even in 2004, what is seen as a "medium web" now was only somewhat dependent on Javascript, but it I remember everybody used it to play Pogo and that needed a Flash and Java plugin.
Alternatively, Gopher has been around almost as long as http, and it's still small. These more minimal text-heavy protocols just don't have mass appeal. I think that you're fooling yourself if you think that your grandma or your barber are likely to ever open a Gemini browser in their lifetimes.
Also, what's wrong with Tor? I use it all the time and even host a Snowflake bridge. Hell, it's good as a VPN sometimes if you're trying to access a video or service that's geoblocked. There are plenty of reasonable, legal uses for Tor. Just don't run an *exit* node from your house, there was a guy in my country who did that a few years ago and almost went to jail. But he didn't!
This seems like a user problem to me. Don't post your life story in places you don't have complete control over if you are uncomfortable with the possibility, however remote, that someone might identify you based on your posts. This is as true on Gemini and it would be in HTTP spaces or in IRC channels, anywhere, really.
Don't share personal stories in gritty detail and you can likely sidestep most of this issue. No protocol can protect users' anonymity if they insist on oversharing their personal information.
When I was a kid, it was simple, just don't say where you're from and don't say your name. But a couple hobbies can give you away. a phrase you say can give you away. What gave away the Unibomber was him being unique and saying the proper phrase "eating your cake and having it too" gave him away after his brother called the cops hearing that phrase on TV. Now imagine LLMs doing it today to mine your data. If you casually say your birthday, there are 0.273785079% percent of the earth that share your birthday, that alone narrows it down. Hell, using these examples I made probably narrow me down.
> No protocol can protect users' anonymity if they insist on oversharing their personal information.
If you must share, also make up a lot. If 70 percent of your personal information is fake it will be harder to positive identify you.
If you’ve declared yourself to be born in five years, told stories about your life in six places (five you’ve never been to), and claimed relationships that don’t exist, it’s going to be harder to match you to public data.
Worried about AI matching your text across sites? Start running it through ChatGPT. Ask it to rewrite your message as if it spoken by someone with a huge data set like Donald Trump or Chris-Chan.
Other people mentioned Tor, I'd like to further back that recommendation and add that by actively using it you are helping people who really need it (as in their life and/or freedom may be at risk). If you're not doing anything super illegal then you can bear the risk of being on "a list" as some put it.
Any increase in total Tor traffic is good for the people who really need anonymity. I'd love to see more capules on onion sites, and once Arti matures I'd love to see a Gemini client with built-in Tor!
If Tor can't protect what western nations call "criminals", (though there illegal and unethical things too) what makes you think it can't protect people in autocratic nations? The same Tools that's used to catch cocaine/opiod dealers/buyers and human trafficing/hitman buyers/sellers are the same tools China and Russia and the rest of the 3rd world autocratic institutions can silence dissent. If the shady people aren't safe, what makes you think the people who are ethical by western enlightenment democracy standards are?
Tor can prevent traffic correlation well enough unless you're sending huge amounts of data. Especially if you're using onion sites. And if you're using a bridge from a foreign country, and you're being careful, you can avoid scrutiny. The people using it for this purpose are often being instructed on how to use it safely.
The main risk of Tor for criminals is that they assume it's some kind of magic invisibility cloak. Chances are they will mess up their opsec--most criminals aren't that smart--and I would guess that "dumb criminal using Tor at home" probably stands out more than "dumb criminal working on clearnet from a McDonalds."
-- Response ended
-- Page fetched on Sun May 19 16:31:27 2024