Anonymity: Death of the Stateless Web

[UnunoctiumTesticles]

hamiltino, yes (from your Youtube slander) ignorance is bliss and you are suffering from it. The slick salesmanship marketing videos you linked to did not address the technical issues in my second reply to herzmeister.

Specifically afaics MaidSafe has no designed ability to deal with the bandwidth economics. Please don’t post more redundant noise (herzmeister already posted one of those slick marketing videos that lack sufficient technical details) in this thread until you've done your homework. This is a moderated thread and I will delete obnoxious or excessive noise. High signal-to-noise ratio content is always welcome, most especially if it teaches me something I didn’t already know, changes my mind on some issue, or helps me to see how others are thinking about things.

Update:

I see he edited his message to remove the links to the marketing videos and he instead inserted a link to some vague forum post that doesn't address the bandwidth economics issue at all.

Here are the links he deleted from his post:

https://www.youtube.com/watch?v=Jnvwv4z17b4&list=UUhDck5R_C9i6XTrS66tbwOw

https://www.youtube.com/watch?v=txvKSeCaEP0&list=UUhDck5R_C9i6XTrS66tbwOw

Think again https://www.maidsafe.org/t/safe-web-browsing/139/2?



http://www.youtube.com/watch?v=SY7pM8k8moY&t=2m29s

Also I see David Lavine confirms my assertion that MaidSafe doesn't provide IP anonymity:

https://www.youtube.com/watch?list=UUhDck5R_C9i6XTrS66tbwOw&feature=player_detailpage&v=_NBrIJrULaM#t=177

Because you only need to compromise the 4 nodes closest to you (i.e. analogous your entry guard nodes in Tor).

Also he never answers the question as to how consensus is reached:

https://www.youtube.com/watch?list=UUhDck5R_C9i6XTrS66tbwOw&feature=player_detailpage&v=fmW9feSp0xM

He side-steps the issue of how disagreements within the local set are resolved. Shrinking the set to any membership larger than 1 means you still need a consensus mechanism. Yet another example of him being vague.

[1713555981]

1713555981

[1713555981]

1713555981

[phillipsjk]

That could be argued for any OS - yet web apps have become more and more predominant (especially in business - if you don't have a web version of a business app now you are *dead* and you just need to look at any major ERP system to see this).

I think the goal there is cross-platform support. The difficulty is that many of those "web apps" are just ActiveX programs, negating any cross-platform capability beyond Ms Windows iterations. I suppose easy updating is a benefit as well.

I’m ecstatic that most of the votes are No. This means I am still (even 10 years hence) far ahead of most people. I assume most people haven’t quite yet grasped why HTML (static documents, a 100% immutable declarative language) was a special case that would not apply forever into the future. Humans are like that. They project the present into the future, without thinking about what made the present and what changed.

Well, that is obviously where we disagree. I believe that there should be a separation between code and data. I will be sticking with HTML 4.01 Strict, despite the W3C making HTML5 a recommendation. IMO, you simply can not have a secure web-browser if it runs arbitrary code. (HTML5 got rid of the DTD declaration: meaning that changes to the standard can be implemented without updating the standard changing the version number)

Despite it's history of security vulnerabilities, (and the run-time being bundled with browser tool-bars), I think JAVA (including applets) is a better approach to running untrusted code in a sand-box. Leave HTML to serve up static web-pages. The problem is that developers do not like it because the users get fine-grain control over what the software can actually do. For example, the user can prohibit network or disk access.

[UnunoctiumTesticles]

I am still unconvinced that HTTP is going to die - IMO it is going to *change* (perhaps too gradually for the OPs liking) and things like CIYAM Open are starting to show just how far it can change (to become a "secure" and stateful protocol).

I am not convinced it needs to die. For example I think perhaps it can even sit on top of an high latency network anonymity layer as it does on Tor now, just sans the exit nodes.

My point is HTML5 is no longer in control. The web browser stranglehold is evaporating finally! Yahoo! So we are free to innovate on prior assumptions of low latency. Apps can more intelligently deal with high latency if the incentive is worth it (true anonymity). Users will drive the demand.

That could be argued for any OS - yet web apps have become more and more predominant (especially in business - if you don't have a web version of a business app now you are *dead* and you just need to look at any major ERP system to see this).

I think the goal there is cross-platform support. The difficulty is that many of those "web apps" are just ActiveX programs, negating any cross-platform capability beyond Ms Windows iterations. I suppose easy updating is a benefit as well.

Businesses are conservative (with their internal apps) because maximizing adoption is not their goal (a category error unless they get push back from employees but web apps aren’t that far behind yet). So they want the most accessible and most ubiquitous platform.

I’m ecstatic that most of the votes are No. This means I am still (even 10 years hence) far ahead of most people. I assume most people haven’t quite yet grasped why HTML (static documents, a 100% immutable declarative language) was a special case that would not apply forever into the future. Humans are like that. They project the present into the future, without thinking about what made the present and what changed.

Well, that is obviously where we disagree. I believe that there should be a separation between code and data. I will be sticking with HTML 4.01 Strict, despite the W3C making HTML5 a recommendation. IMO, you simply can not have a secure web-browser if it runs arbitrary code. (HTML5 got rid of the DTD declaration: meaning that changes to the standard can be implemented without updating the standard changing the version number)

You suffer the same myopia that the W3C did when I tried to explain to them that cross-site script injection was a non-security hole, but rather the holes in the outer sandbox were the problem. And by limiting what code sites could load, we were not increasing security but decreasing functionality and creating kafkaesque, security theatre.

Android finally got it correct and each app runs in an process sandbox, so bad code can’t do anything external to the app. The app can only write to its private section of the file system, unless the user has authorized other permissions.

W3C had effectively moved an operating system concern into user mode. What a fucking load of unnecessary tsuris!

The same myopia I was battling 10 years ago on W3C discussion lists. I gave up! It is like an irrational religion.

Despite it's history of security vulnerabilities, (and the run-time being bundled with browser tool-bars), I think JAVA (including applets) is a better approach to running untrusted code in a sand-box. Leave HTML to serve up static web-pages. The problem is that developers do not like it because the users get fine-grain control over what the software can actually do. For example, the user can prohibit network or disk access.

Separation of code and layout+static content is a good programming paradigm for semantic reasons, but it is orthogonal to the security sandbox issue. And this is how it is done by default on Android with XML resources and code.

On Android, I can choose from dozen languages that run on the JVM, including Jython (Python), Java, Scala, etc..

The entire web page should be sandboxed in its own process and let the developer do what ever he wants. For static web pages, you don't need to spend a process on each one. It is as if the W3C never made the fundamental categorical distinction between a long-lived (stateful) app and a stateless static web page.

You know why? Because they (just the EU beaucrats) didn’t want to lose control and give up their importance and power. Also because they believed in some religious purity of a declarative (immutable) nirvana paradigm (where everything is so purely defined, semantic, and contained, etc).

The top-down, oppressive, religious micro management by the W3C was really a drag on my creativity.

[UnunoctiumTesticles]

In Android, your application’s Activities, ContentProviders, etc have a Uri. Thus, I can envision when you type the app Uri (or its abbreviation) in a browser, you run the installed or install the app. So it can become as seamless as the web. It appears disjoint for now and the web appears to be easier and more readily accessed, but it doesn’t have to remain this way. Then web sites could also be placed as favorite icons on your desktop (which you can do now but not so easy or readily achieved as installing an app and seeing its icon appear there).

[phillipsjk]

On Android, I can choose from dozen languages that run on the JVM, including Jython (Python), Java, Scala, etc..

The entire web page should be sandboxed in its own process and let the developer do what ever he wants. For static web pages, you don't need to spend a process on each one. It is as if the W3C never made the fundamental categorical distinction between a long-lived (stateful) app and a stateless static web page.

I don't think we strongly disagree on this point: just on the methods. Java applets were one such clear distinction. Of course, other than the fine-grained control, there was also the (dreaded) "loading Java..." message (and delay) that made the thing unpopular. Android largely follows the Java philosophy: to the point that they were sued over the use of the API.

I believe that web-browsers have become too complex. Because, as you mention, they are being asked to operate as an OS in user-land. One thing Chrome gets right is leveraging OS services by spawning each web-page as its' own process. It is resource heavy for simple web-pages, but actually lets you track down which page is using all of your CPU time/memory.

[UnunoctiumTesticles]

phillipsjk, good to hear. Yeah I would prefer the web browser be a rendering (android.app.)Activity or Fragment and provide an HTTP ContentProvider which can be hooked into it (or substituted) and not try to be the OS.

Orthogonality and separation-of-concerns.

Looks like we agree on we are headed towards convergence?

P.S. In the transposed direction of misuse or incorrect design, I was listening to this masscan developer explain (how to scan the entire internet in 3 minutes with commodity hardware) in his C10M video about how web servers shouldn't move packet processing into the OS by using threads, because Linux was not designed to be real-time OS but rather optimized to be a multi-user OS. And instead do the logic in user mode.

[phillipsjk]

phillipsjk, good to hear.

Looks like we agree on we are headed towards convergence?

I hope not. As I said, I believe there should be a clear distinction between data and code. I was using lynx as my primary browser at least until 2005. It really stopped adapting to new HTML revisions after HTML 3.2. HTML 4 introduced style-sheets, which were never really implemented by lynx.

Edit: I like CSS, just lynx does not.
Edit2: I still try to avoid running client-side scripts as much as possible though.

[UnunoctiumTesticles]

phillipsjk, good to hear.

Looks like we agree on we are headed towards convergence?

I hope not. As I said, I believe there should be a clear distinction between data and code. I was using lynx as my primary browser at least until 2005. It really stopped adapting to new HTML revisions after HTML 3.2. HTML 4 introduced style-sheets, which were never really implemented by lynx.

I edited my post to explain I mean convergence via orthogonality and separation-of-concerns.

If you are programmer (especially if you understand the Unix design philosophy) then you know the value of these concepts instead of trying to have one monolithic thing do everything you need.

Then you can mix-n-match to retain the flavor you desire.

HTML should not be a dominating force on how I can distribute apps as seamless content to my users. You may prefer a strict static content model without JavaScript, but other users have other preferences such as for some HTML is just a rendering engine that is used in some contexts within their stateful app. Developers should be allowed to serve all users well, including you (if there are enough of you, else you can roll your own).

P.S. You are conflating the issue of good semantic design with the orthogonal issue of security.

I fought against Daniel Glazman's spaghetization of the orthogonality between code and data with XBL (because CSS was not the correct semantic layer to bind code!). I was for registering events instead of embedding them in the HTML file. Etc.. But I don't think you can build a dynamic web page and not have any code manipulating the page. We are talking only about good semantic programming, not about security unless it is just security theatre. The broader the scope of your sandbox, the less fined grained permissions you need to ask the user about. Because users have no fucking clue and just click "yes" any way, so then you don't have security. Android is trying to design to reduce the need to ask the user for permissions.

[UnunoctiumTesticles]

My favorite Mozilla kafkaesque, security theatre fuck-up for the ages. I warned there and exactly what I warned happened. And so he eventually closed the bug to further comments after receiving 100 complaints over the next two years as I warned him.

[UnunoctiumTesticles]

Remember I [AnonyMint] was telling everyone in 2013 that Tor was not anonymous because of timing analysis due to being a low latency network and Sybil attacks on the relay nodes by national security agencies. And everyone thought I was crazy. And now we see new research that says 81% of the users can be identified. Sigh.

The title and content of the OP is not about the death of all stateless content, rather I think it quite explicitly says death of the Stateless Web.

This salient distinction is that the content and rending model (e.g. HTML) shouldn’t have a monopoly over the transport model (e.g. HTTP).

The Web is becoming more general and the transport layer is detaching from market dominance by the rendering layer.

This enables new opportunities and possibilities.

I wonder what the No voters are thinking? Is my presentation too abstracted? Perhaps I need to incorporate the above summary.


Update: done.

The title and content of this epistle is not about the death of all stateless content, rather I think it quite explicitly says death of the Stateless Web. This salient distinction is that per the Unix design principles of least presumptions, orthogonality, and separation-of-concerns, the content and rending model (e.g. HTML) shouldn’t have a monopoly over the transport model (e.g. HTTP). The Web is becoming more general, stateful, and the transport layer is detaching from market dominance by the rendering layer. This creates new opportunities and possibilities.

Even in Europe for example Switzerland is increasing gun control (oh grasshopper please understand why a lack of private arms means Putin’s ground forces can run over Europe like a hot knife through warm butter).

[UnunoctiumTesticles]

Wow 9 ÷ 11 = 82% voted ‘no’ thus far (or 90% if exclude my vote).

The ubiquity of Dunning–Kruger ignorance needs to be culled by action in the market place. This vast preponderance of ignorance means there is a huge opportunity here because most do not realize the paradigm shift yet.

I suspect it escaped the logic of readers that stateless content can increase (even in proportion) and yet orthogonality of transport and content can proliferate.

P.S. if the  ‘no’ votes are pertaining to the rise of the global police state and the need for anonymity, I can only sigh again soon. I was watching the NBA (i.e. Rome’s bread and circus, or the Roaring 1920’s socialite glitter & glee) and realized why most people today would again think it is ludicrous to claim such horrific outcomes as we approach the cliff.

[UnunoctiumTesticles]

I’d feel facetious and subject to accusation of being non-objectively biased if I did not acknowledge some serious security theatre I submitted an Android Issue on today.

https://code.google.com/p/android/issues/detail?id=80335

Documentation states, “There is no security enforced with these files. For example, any application holding WRITE_EXTERNAL_STORAGE can write to these files.”

I understand files stored in the returned directory can be accessed by the user via explicit actions such as by connecting the device to a computer via USB or removing the SD storage card. Thus security can not be guaranteed in all cases for these files.

However, there is a critically important scenario where security can and should be provided.

Users may install an app and despite approving the WRITE_EXTERNAL_STORAGE permission, not realize they have just enabled that app to corrupt the data files of other apps that have stored external data files. Users are not programmers and thus do not think in terms of the implications of obscure logic. They may think that particular write permission gives that app permission to write date for itself to the external directory, but not presume it enables that app to corrupt the external data of other apps. Why should the user presume Android was designed stupid?

In other words, the user likely views the write permission as a way for the user to get access to those data files with those aforementioned explicit actions, but not as permission to do unnecessary harm. The Unix design principles of least surprise and rule of silence apply:

http://catb.org/~esr/writings/taoup/html/ch01s06.html#id2878339

There is simply no reason to enable a trojan app to apply social engineering to trick the user into enabling something the user has no reasonable reason to assume would happen.

For example, I would like to store an SQLite database on the removeable media because it enables the user to be sure that data has no traces even after being deleted. And because it enables the user to instantly remove that data from the system in a heartbeat in an emergency.

And I think this is a very piss poor Android design that the user could unwittingly enable a trojan that would corrupt their data.

Also note that many or most users are oblivious to the meaning of security permission prompts and confirm them always.

In other words, WRITE_EXTERNAL_STORAGE permission should only apply to Environment.getExternalStoragePublicDirectory) directories. Since Kitkat it is no longer required for writing to the app’s own private external directory.

[UnunoctiumTesticles]

I've gotten some feedback from at least one of my supporters that he is not able to quickly discern the significance of the OP (readers should also read the linked OP).

Until recently the majority of the user demand for traffic on the internet has been HTML over HTTP, i.e. what I refer to in the OP as the stateless Web. That traffic is required to be low latency, because the caching mechanisms are not typically smart enough especially with dynamically changing content (e.g. forums, social networking sites) to give a satisfactory user experience if the transport between server and client is high latency.

Yeah there are other protocols on the internet, such as SMTP which delivers email and doesn't require low latency transfer. And even P2P over UDP versus TCP/IP. But the majority of the market has been focused on HTML over HTTP.

Users become accustomed to the simplifying unification of accessing any content via the web browser. This provided some benefits for developers and content authors too as they could "code once, run every where".

But this had the tradeoff of retarding innovation on those areas that would require stepping outside the web browser’s myopically designed security sandbox or require a different model of interaction that could interopt well with high latency transport. Many even myopically cheered that this security sandbox was a major advantage.

There were some attempts such as Flash, ActiveX plugins, Silverlight, etc but these lacked the holistic purpose, demand, and system design that could cross the chasm to simplifying unification via sufficient market adoption.

I am positing that mobile apps, and more likely Android apps in particular, is a paradigm which is crossing the chasm. And even migrating towards the desktop and laptop to bring further unification.

This opens up new opportunities for fast moving innovation outside the confines of the slowly innovating (top-down standards driven, e.g. W3C.org) web browser. I posit one of those opportunities is to interopt with a hypothetical high latency transport, which would have the benefit of being truly anonymous because Tor and low latency ostensibly can not be anonymous.

The innovations might be so far outside the paradigm of the web browser content platform, that the web browser might not be able to incorporate such innovations without ceasing to be any semblance of what it was. If the web browser becomes essentially Android or something closer to what Android is, then the W3C (top-down, stifling morass) lost control. If Android (or something like it) is a standard that runs every where, then we haven’t lost the "code once, run every where" advantage. What is really accomplished is making the content platform more programmable with more granularity of modularity of Android APIs instead of the "all or nothing" monolithic imposition of the web browser APIs (by for example having a more holistic security sandbox model).

[HCLivess]

No, web is simply developing faster than regulations.

[247casino]

The sheeple don't care about being anonymous and most of the world is still in 3rd world areas with no net access other than wifi on a cheap smart phone at the local wifi cafe.

The future net will be an AI network and people will have neural implants to put the net right into their optic nerve center, then the next generation will be that dna will be manipulated to have the human brain able to connect on an alpha wave like they do the akashic record now.

There will be no anonymity, there is none now, the AI that created you tracks you through alpha waves now and that AI makes you do what that AI wants through alpha waves as well

[UnunoctiumTesticles]

The sheeple don't care about being anonymous...

They don't need to care. They only need to be aided by the paradigm shift I am describing, specifically the usurpation of the top-down morass of web standards by the viral diversity of a programmable, secure platform such as Android which is on 80% of their smartphones.

...and most of the world is still in 3rd world areas with no net access other than wifi on a cheap smart phone at the local wifi cafe.

You see they need offline app solutions for their high latency network access. So extremely high latency in fact, sometimes they have to wait hours or days to reconnect to the net or connect over very slow GSM or overloaded 3G networks.

The No votes come from neophytes who don't understand the issues.

[Soros Shorts]

I posit one of those opportunities is to interopt with a hypothetical high latency transport, which would have the benefit of being truly anonymous because Tor and low latency ostensibly can not be anonymous.

What kind of high latency numbers are you talking about? 10 seconds? 30 seconds? More? In my experience important data more often than not is also time critical in nature.

[UnunoctiumTesticles]

I posit one of those opportunities is to interopt with a hypothetical high latency transport, which would have the benefit of being truly anonymous because Tor and low latency ostensibly can not be anonymous.

What kind of high latency numbers are you talking about? 10 seconds? 30 seconds? More? In my experience important data more often than not is also time critical in nature.

Data on the internet ranges in time criticality. For example, posting new Likes and photos to Facebook is not that time critical, but Facebook interactive chat or a stock quotes application are time critical.

There are two components to the latency on a high latency variant of Tor:

1. The greater number of hops (onion layers or nodes) between the client and the server requires some additional latency for each hop.

2. The randomization of when to forward each packet at each hop increases latency at each hop by the time window over which that randomization occurs. As the volume of traffic increases, the time window can shrink because the anonymity mix (of packets forwarded by the node) per unit time has increased.

Let's assume the system can have an algorithm that attempts to choose paths through the nodes of the network that keep latency below 50ms per hop[1]. If that can be achieved, then assuming #2 is reduced to negligible as traffic volume increases, then 10 hops would be 0.5 seconds on average latency. 100 hops would be 5 seconds. Since the client and hidden service server each get to decide half of the onion layer path (with a rendezvous node in the middle), they can choose a latency and anonymity tradeoff that matches their application.

[1]	http://www.webperformancetoday.com/2012/04/02/latency-101-what-is-latency-and-why-is-it-such-a-big-deal/ http://www.sqlskills.com/blogs/paul/are-io-latencies-killing-your-performance/

[2112]

Users become accustomed to the simplifying unification of accessing any content via the web browser. This provided some benefits for developers and content authors too as they could "code once, run every where".

But this had the tradeoff of retarding innovation on those areas that would require stepping outside the web browser’s myopically designed security sandbox or require a different model of interaction that could interopt well with high latency transport. Many even myopically cheered that this security sandbox was a major advantage.

There were some attempts such as Flash, ActiveX plugins, Silverlight, etc but these lacked the holistic purpose, demand, and system design that could cross the chasm to simplifying unification via sufficient market adoption.

I am positing that mobile apps, and more likely Android apps in particular, is a paradigm which is crossing the chasm. And even migrating towards the desktop and laptop to bring further unification.

I think you are overstating the importance of the "user experience" and discounting the value provided by "robot experience" (by robot I mean the indexing and search engines). One of the most important factors of the growth of "web" was that HTML became some approximation of the lowest common denominator of information interchange. XML family of standards tried, but failed to improve on the HTML model with this regard.

I don't want to devalue your insight, but here is a recent example of "UX uber alles" problem:

http://torrentfreak.com/fail-mpaa-makes-legal-content-unfindable-google-141122/

exhibited by the "overapplification" of the user experience. I'm sorry for the ugly, hastily coined word. I don't know the better term. But from my childhood I still remember a paper pop-up book for "Puss in boots" which could be animated by hands. It was very cute, but didn't meaningfully improve the classic text printed in the plain book.

Edit: One more link from today that is tangentially related to the subject matter:

http://news.slashdot.org/story/14/11/23/1714255/blame-america-for-everything-you-hate-about-internet-culture

[UnunoctiumTesticles]

Users become accustomed to the simplifying unification of accessing any content via the web browser. This provided some benefits for developers and content authors too as they could "code once, run every where".

But this had the tradeoff of retarding innovation on those areas that would require stepping outside the web browser’s myopically designed security sandbox or require a different model of interaction that could interopt well with high latency transport. Many even myopically cheered that this security sandbox was a major advantage.

There were some attempts such as Flash, ActiveX plugins, Silverlight, etc but these lacked the holistic purpose, demand, and system design that could cross the chasm to simplifying unification via sufficient market adoption.

I am positing that mobile apps, and more likely Android apps in particular, is a paradigm which is crossing the chasm. And even migrating towards the desktop and laptop to bring further unification.

I think you are overstating the importance of the "user experience" and discounting the value provided by "robot experience" (by robot I mean the indexing and search engines). One of the most important factors of the growth of "web" was that HTML became some approximation of the lowest common denominator of information interchange. XML family of standards tried, but failed to improve on the HTML model with this regard.

I don't want to devalue your insight, but here is a recent example of "UX uber alles" problem:

http://torrentfreak.com/fail-mpaa-makes-legal-content-unfindable-google-141122/

exhibited by the "overapplification" of the user experience. I'm sorry for the ugly, hastily coined word. I don't know the better term. But from my childhood I still remember a paper pop-up book for "Puss in boots" which could be animated by hands. It was very cute, but didn't meaningfully improve the classic text printed in the plain book.

Edit: One more link from today that is tangentially related to the subject matter:

http://news.slashdot.org/story/14/11/23/1714255/blame-america-for-everything-you-hate-about-internet-culture

I had thought of this, so it is good you raise the issue, so I can respond with my prior thoughts.

1. Those applications that require some advances in user experience does not eliminate those applications where standards for content make semantics more transparent. Both can continue to proliferate, i.e. we shouldn't prevent the former if requiring always the latter would make some applications not exist at all.

2. Those applications that require some advances in user experience could in many cases also publish stateless content (or any other standard for making semantics more transparent), e.g. an application for interacting with a forum offline or on high latency (for example to access it over a high latency truly anonymous network), could coexist with a website version of the forum.

P.S. I hate pay walls and login walls when I am surfing the web for news or research.