CDN

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 14 15:56 [raw]

Aren't CDNs just a ground layer for fast censorship switches? What are the odds that the shadow state owns and controls the front companies that operate CDNs?

BM-2cUWUSWSuyLn69kMeozBWpVLDz3Pd31F7W
Mar 15 20:22 [raw]

If a site does not trust a CDN to serve the content they have been tasked with serving, then they should not use that CDN. I use two daily. I also have a download server where security is important, in that case I have built my own CDN. It is more expensive, but it gets the job done. Nobody is forcing you to use any given CDN. If you dont want to use one, dont.

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 16 03:54 [raw]

> If a site does not trust a CDN (...), then they should not use that CDN. > If a site does not trust A (web)site is a bunch of data and scripts on a computer filesystem. It is incapable of trust or autonomous action. The people and/or AI who control the website (usually a different group to the website users or developers) make the decision to use a CDN, based on factors that may not even include trust, or the "middleman risk" to put it more broadly. It's usually a dumb cost optimization decision that often goes against --and overrides-- any middleman concerns. After all, there's no column for "trust" on a business P&L sheet.

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 16 05:07 [raw]

The real hope here should be that IPFS gets native support in Web Browsers. Better than a CDN.

BM-2cUWUSWSuyLn69kMeozBWpVLDz3Pd31F7W
Mar 16 18:14 [raw]

> The people and/or AI who control the website (usually a different group to the website users or developers) make the decision to use a CDN, based on factors that may not even include trust, or the "middleman risk" to put it more broadly. It's usually a dumb cost optimization decision that often goes against --and overrides-- any middleman concerns You mean people like me, who build and operate websites? Yes, there are some people who put blind trust in anything. This includes both the developers and users. They are the ones who tend to get into trouble. There are also developers who take pride in their work and understand how security works. In one case I mentinoed I had a situation where it was not a good idea to use a CDN. In that case I had to make the decision to spend a little extra to build out my own platform. Not everyone on the internet is out to get you.

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 16 18:24 [raw]

> A (web)site is a bunch of data and scripts on a computer filesystem. It is incapable of trust or autonomous action. You're attacking a scarecrow. We all know what he meant. The site is the face of the admin. When we say the site does this or that we mean that everyone involved in production and hosting designed the site to do this or that. Let's not get cranky over semantics ;)

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 16 18:25 [raw]

> Not everyone on the internet is out to get you. True, except for the Russians and that Chinese altcoin scammer. They /are/ out to get you. The problem with CDNs (cloudflare?) is that they effect censorship in reverse. Sites using their security features deny access from anonymizing networks. If the sites identify you with a TOR exit node they will not let you sign up. They are using CDN APIs to effect these decisions.

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 16 18:39 [raw]

As far as security is concerned, mind sharing how you keep your bitmessage secure? Since you're experienced with this professionally you probably have some decent advice for an end user like Grampa Jones. I have installed Bitmessage (obviously) but I absolutely do not trust that it's secure. I switched from Windows to Linux but I'm not sold that Linux is so secure, either, as if just using Linux makes me secure.

BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L
Mar 16 19:05 [raw]

> After all, there's no column for "trust" on a business P&L sheet. There's also no column for "ethics".

[chan] 411
BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L