Re: [GNU/consensus] Map of Projects / Sessions at 30C3

[Andreas Kuckartz]

carlo von lynX:
> So you are advocating for integrating GNUnet or Tor into the
> distribution of web browsers?

I do think that this is one approach. And solutions like Tails are
another one.

>> There are several good reasons why the (vast) majority of users does
>> not want to install software in addition to a web browser to be able
>> to communicate with others. Alternatives or design requirements
>> which do not take that into account will not lead to a different
>> situation.
>
> That is outside the scope of this working group.

Dissemination is mentioned as a topic for the 30C3 assembly. And (at
least) in that context it seems to be in scope.

> People who are not going to have a Tor or GNUnet node on their
> computers can't be helped.

That statement is like "Windows users can't be helped". They can never
have an absolutely secure system without migrating to another operating
system. But that does not imply that improving their security is
impossible as long as they do not make that step. It really depends on
the threats one intends to protect against.

> So let's consider the possibility that the W3C requires all browser
> vendors to upgrade to a "Tor Browser" with built-in end-to-end
> messaging separated from the regular web rendering engines.

To avoid misunderstandings. I do not speek for the W3C, but it can not
and will not "require" that. It does not even require web browsers to
use HTML. It is not involved in specifying such protocols. It also is
not specifying http or requiring that browsers use http. Such
specifications are a matter for the IETF. And you might be aware that
some interesting work is taking place within the IETF recently.

> Let's also presume that the privacy community doesn't fall prey to
> that trojan horse called WebRTC which comes equipped with MITM
> capabilities and missed the chance to at least mandate pinning.

Such decisions are not immutable.

> How many minutes would it take until all major vendors are compelled
> to provide backdoors? How many >90% of humanity are using web browsers
> from insecure sources?
>
> Don't you see that the architecture of the web is completely hopeless?

I do not get what you want to tell me.

Cheers,
Andreas