Private data, seems impossible to filter because the chucks are encrypted / re-encrypted.
Public data, filtering this can be made a choice, as a node operator you should be given the option to speicify xor address to a prohibited list (which could be managed by a government account). On a client this would block GET requests (like a host file). Useful for also blocking Ads maybe?
That way the user can filter any content they like, but it’s a choice, you don’t have to, and you can add multiple government filters if you want to. It’s nice and simple and the network is still decentralise because its a choice, you vote with your configuration file.
I agree with the download side client, but strongly disagree with the upload client in terms of creating the dream of a censorship resistant platform. We won’t be talking about the upload of things we would probably all agree on, we must accept that governments have, are, and will continue to censor information that is harmful to them. As such they can create mammoth lists of hashes of any and all material (even their most classified secrets) and use such to not only censor whistle-blowers, but potentially catch them and silence them with nobody even knowing.
Not sure where that quote came from, but the download client doesn’t have to be a node and I think for app store acceptance filtering will need to be at the data consumer level - the download client. Which at it’s most basic is a browser that can read data from SN.
So long as such a SN browser has filtering built-in, then app-stores would hopefully accept such software. And we probably need app stores to accept such browsers - as, if we don’t have many data consumers, SN just becomes a private data storage system in the end.
Encrypted data would be private to that individual by definition. Thats impossible to stop. Filtering harmful public data (displayed on webpages etc) is where the value of being able to configure your client / nodes adds value.
It’s no different to a host file to block ads, or parental controls on a childs laptop. Its standard practise today, and I don’t feel like it removes any value / ideals from the safe network.
There is no way for you to know. I suppose if it comes to a case in court it might be revealed that the hash was for classified material, but … I would bet that the perpetrator would plead out before it reached that level and possibly they’d simply be indefinitely detained until they did or they died (think Julian Assange). So in the end it would never be revealed what the hash was really for.
Upload client. Just to be clear for everyone.
yes, which means only those who don’t know much about code and security would be caught up in the nets … which would include a lot of potential whistle-blowers or other anti-government types who are sharing info the gov. is able to create hashes for.
True and fine for private data, but for those attempting to share public data to inform the public, this won’t work well.
I feel any potential whistleblowers will at least do some research first, i also feel confident some anon entity will publish info on how to bypass all this stuff.
Possibly so. But if we don’t have to enable a system that could potentially be used by the State to go after political dissidents to get to a product that is still socially acceptable, then why should we assist the State?
I think we have to assume worst case scenario’s here. If the filter is only on the download client, then plausible deniability for the downloader if they are identified as attempting to pull something the State doesn’t like.
But if we put that filter on the uploader, then there is no deniability. We could be casting them into hell.
I guess it will all boil down to how much the team need to comply with regs.
Id rather they comply than cancel working on the project or land up in legal issues because of it.
an ever growing list of hashes is going to be a significant processing burden for nodes (and network bandwidth), so implementing such a scheme could be complex and time consuming to make it efficient, and still could work against decentralisation by requiring higher node capability.
interesting point, but I think the amount of 64/128 byte comparisons a modern processor can perform in an index and compressed file structure like “Apache Parquet” would be a lot.
If a vault/client had a local copy of the hashes it wanted to ignore, my gut feeling is you wouldn’t even notice, but I could be wrong.
I agree the compliance will never end … but it’s a continual battle on both sides. So I’d want Maidsafe to finish the project to the best of their ability no matter what. The code will then exist and if we really really really have to fork it, then we can do so and know that the base code works.
Yep, that’s a possibility too. But sharing the keys is another tricky matter. It’s putting more hurdles between the people and reporters/whistle-blowers. Many would-be reporters may simply not try if the barriers are too great or too many … so we’d all lose out.
IMO, the order of attempts to build the network should be:
zero filtering
filtering in the download apps
filtering in the upload apps
filtering at node level - although as @neo pointed out, there are no hashes of chunked self-encrypted data, so node would have to put all data back together and then scan against DB - a load of extra work.
I don’t know the threat Maidsafe is anticipating here - I expect it’s in all the legal obligations that they have as a corp, and also concerns about laws regarding personal liability here. We really need a lawyer in here to help shed more light. as to which options/levels are going to be minimally needed … however lazy lawyers will also just say to cover all of your bases and don’t take chances … So need a really great lawyer here, not just an average one.
Also, a hash list is not a great defence. If we take any image/video and replace a single-pixel it’s a new hash. So the proposals are a cat and mouse game. If there were a solution to hellish thoughts then we may need a higher being to help us here
I keep coming back to education and the ability of humankind to transcend evil (here we must we talking about evil, not political influence, but unarguably evil) but so far we cannot. Seems governments and regulators have after years come up with hash lists and I cannot see them working and are easily circumvented. Evil people will work hard to bypass these lists and it’s so simple.
Good, we are having the discussions though. I see the censor a wee bit (it’s never a wee bit) and censor nothing as extremes that will never meet. However, there are some projects like @JimCollinson mentions to try and get safe consensus from may orgs and present these to node operators as voluntary options. That gives folk issues, if you ban something that nodes request then you will be punished. That’s also interesting.
There are so many angles to this that I feel there are no technical solutions beyond hash lists, which as I say are next to useless. This is why the big tech use people, and then the problems are worse.
Anyway, it’s worth probing to see what we can come up with that is smart, very smart and in my opinion, that means simple.
