wowana.me

website source; use git clone git://wowana.me/wowana.me.git to clone this repository.

decentralisation---lets-start-with-messaging.md (10966B)

 # decentralisation - let's start with messaging
 <!--[time 201712050619.04]-->
 
 in lieu of the recent net neutrality talk, a mesh networking project
 started out of 4chan /g/ in hopes of building a better, open internet. I
 have always been interested in decentralisation, distribution, and
 peer-to-peer mesh, so I set up [a wiki](https://mesh.gentoo.today/) to
 aid in collaborationm, to showcase helpful documentation for new users,
 and to connect ourselves with other meshnet projects around the globe
 such as [sudomesh](https://sudoroom.org/wiki/Mesh) and
 [/r/darknetplan](https://reddit.com/r/darknetplan). best of luck to /g/
 and to the other groups in achieving this goal for an improved internet.
 
 I currently cannot contribute to the physical network itself, as I do
 not have the appropriate hardware, nor am I in any close proximity to
 anyone who would be interested in forming a local mesh with me. but I
 can still think about what could be the best software and protocols to
 use as replacements for current proprietary, trust-based systems. one of
 those things is messaging.
 
 currently we have instant messaging such as Facebook Messenger, XMPP,
 and SMS; group messaging such as IRC, Slack, and Discord; voice chat
 such as telephony, Mumble, TeamSpeak, Skype; forums, Reddit,
 imageboards, NNTP; and E-mail. and of those, I personally want people to
 contact me over XMPP, E-mail, IRC, or SMS. that means I have four
 addresses I can offer someone and I have to rely on the assumption that
 the other person uses at least one of those protocols. already, this is
 a hassle, right? all these protocols and products offer certain
 solutions to issues in other protocols, so we're spread thin, and either
 we have to use them all or we have to cut ties with the people we want
 to contact. on top of that, we have several contact lists to keep up
 with, and overall it's just one big complication.
 
 ## comparison
 
 first off, why do we have so many protocols? what do they perform
 differently? why do people stick with them? I'll try to explain what
 sets each platform apart from the rest so we can gather an idea of what
 people want.
 
 for messaging: SMS, XMPP, social networks
 (Facebook/Hangouts/AIM/Yahoo!), Discord, matrix.org, IRC, and other
 services such as WhatsApp are prevalent. SMS has origins from the phone
 network as a result of the rise of mobile phones, and now that many
 people have a phone number, it's no surprise why SMS is also in common
 use: everyone has it and it's practically free. social network and
 proprietary IM services have been around for ages, and people might
 stick with them because they've had accounts since the initial craze and
 because with some of them they can maintain a relative level of
 anonymity, since they don't have to use their phone number unlike SMS.
 or, they might stick with them because almost everyone today has a
 Facebook or Google account for social networking or mail, so as with
 SMS, <q>everyone has it and it's practically free</q>.
 
 with IRC we see the introduction of easy-to-join group chats, as well as
 the idea of ephemeral identities. IRC is a simple yet robust protocol
 that allowed anyone to join with very little barrier to entry, choose
 whatever nick they want, and either join channels or talk in private
 queries with friends. because of its simplicity, it has achieved
 widespread adoption by the FOSS community, by governments and
 businesses, and by hobby groups. it has also been used as the backbone
 for several popular services such as Twitch and Pesterchum.
 
 XMPP, Discord, and matrix.org all come about at different times, but
 they all have a common theme: they allow easier use on multiple devices.
 XMPP and Matrix also have protocols for end-to-end encryption, and
 Discord has the added benefit of voice (and now video) chat. they are
 essentially the <q>next level up</q> of IRC, although they all cause as
 many issues as they try to fix. XMPP is poorly implemented, and because
 it uses (nonconformant) XML for its stream protocol, we see few people
 willing to actually create their own clients (as opposed to something
 like IRC where I can make a rudimentary client in my sleep if I wanted).
 there are so many XMPP extensions (see the <abbr title="XMPP Extension
 Protocol">XEP</abbr>) and because of this, each client is more than
 likely only going to support their own portion of the available XEPs,
 creating a gradual divide between clients and essentially devolving the
 entire protocol to its bare basics, removing any perceived benefit it
 has over other simpler protocols such as IRC. Discord is proprietary,
 there are no plans to allow for privately-hosted infrastructure, there
 are no plans to open the Discord protocol, and apparently there are no
 plans even to fix most of the bugs regarding usability as well (at
 least, they haven't replied to my E-mails with anything hopeful yet).
 and then there's the new player, Matrix, which aims to become a
 federated (like XMPP) protocol with group chat (like IRC), message
 history (like Slack), and encryption (with
 [double-ratcheting](https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm)).
 too bad Matrix's implementations are slow and buggy, the specification
 relies on HTTPS and JSON (arguably not the best choice if you're signing
 and encrypting messages, or if you're sending any binary data because it
 all gets base64-encoded), and the whole air of it has a hint of
 unprofessionalism to me. they seem to value UX features such as in their
 official client, Riot, over security and performance fixes.
 
 ----
 
 for voice, the contenders are thinner: telephony, Skype, TeamSpeak,
 Mumble, Google Voice, and Discord. like SMS, telephony should be obvious
 -- it was the first real thing to come out that let people communicate
 verbally over long distances. Skype is the most famous to offer voice
 and video chat, albeit as a proprietary service, but since it pretty
 much popularised this, it is still in wide use today. while Skype used
 to be peer-to-peer, Microsoft bought it out and now the infrastructure
 is centralised, which brings us to TeamSpeak: a client/server VoIP
 application targeted to gamers. however, TeamSpeak is proprietary just
 as Skype is, so up next is Mumble which is a libre, open standard for
 VoIP that sadly has less exposure in the gaming community than the
 alternatives. Google Voice is in use because, again, people have Google
 accounts and it's essentially one-click to get a VoIP phone number
 through them. I mentioned Discord's popularity for voice earlier; it
 claims to be a direct competitor to Skype and TeamSpeak so its goal is
 to keep on the competitive edge against those two.
 
 ----
 
 for forums: NNTP/USENET, BBSes, software such as phpBB, imageboards, and
 Reddit. this is pretty much laid out in chronological order, and for the
 most part it's a natural progression (USENET was out first, before the
 Internet, and everyone used it for communication and filesharing; BBSes
 were an answer to dial-up modems since they were text-only with limited
 graphics and filesharing capabilities; conventional forums from the rise
 of the WWW, where everyone wanted their home on the Internet).
 imageboards are set apart by their anonymity and ephemerality, while
 Reddit pretty much replaces the need for forum communities by allowing
 everyone to have a subreddit regarding their own topic or interest, with
 the added bonus (or misfeature, you decide) of being able to vote on
 submissions and comments.
 
 ----
 
 and then of course, we have a need for electronic mail. so far E-mail is
 the de-facto answer for this; most online services require one to have a
 working address in order to register or perform any sort of transaction.
 Bitmessage and I2P-Bote (among others) exist as well, but at this point
 they're only used by enthusiasts, and they each have their own issues.
 
 ## culture
 
 all of these platforms have their own communities, and with these,
 cultures were born. everyone has their own memes and inside jokes,
 related either to members of the community or to the platforms
 themselves. this creates a form of attachment and nostalgia around the
 platforms, which is another reason people will stick with any given
 medium even well after it has <q>died out</q>, decreased in popularity,
 been obsoleted by another objectively better platform.
 
 if we want progression, we're going to have to set the belief aside that
 our community will die out with the medium. the two are realistically
 disjointed and we should treat it as such.
 
 ## so, what's the issue?
 
 as I have mentioned, we have so many communication platforms, resulting
 in so many addresses to manage, and each with their fair share of issues
 (IRC and XMPP are growing less standard between clients as features are
 added; Discord, Skype, Google, Facebook, et cetera are proprietary and
 when they die, the whole platform dies -- they aren't sustainable; phone
 and SMS are not secure at all and have severe limitations due to the
 dependence on the phoneline (and increasingly cellular radio) networks.
 most of these don't have decent standards for message signing,
 encryption, and secure transport. some of these have spam issues, or
 compatibility issues, or UX issues, or scalability issues, or moderation
 issues; the list goes on, really.
 
 ## what's the fix?
 
 I've been thinking for a while that we would probably best benefit from
 a protocol which is conceptually sound: required baseline of security,
 required open standard, required decentralisation so there is no single
 point of failure, forward compatibility with future advancements in
 crypto and transport, et cetera. right now I think I've written enough
 about this, but I will surely update when I solidify some of my ideas
 toward an ideal communication platform that will aim to fix the issues I
 see with existing platforms. right now I believe in a
 <q>registration-but-not-registration</q> system where anyone can join,
 automatically have a keypair generated for them that will be used as
 their handle, so they can chat without worrying too much about coming up
 with passwords or verifying E-mail addresses or whatever. I want to keep
 mobile devices in mind; I personally want something I can bring up once
 on all my devices and have the same message history, same chatrooms and
 queries, same state overall. I don't want to tell people that I'm
 unavailable on one platform because I'm on my phone or whatever; this
 shouldn't be something I need to worry about. I shouldn't need to tack a
 PGP or OTR key or a TLS certificate on top of everything else; the chat
 should be secured and verifiable out of the box.
 
 for a forum platform, I'm not entirely sure yet; I have been focused on
 IM, conference, voice, and mail for now. I want those four things
 together, all using one address, all using similar high-grade open
 encryption schematics, all using reliable redundant decentralised
 infrastructure. I want a mix of all the good from the other platforms,
 and I want it to be easy to use and adopt.