Darn, I have to go now. Apologies for the considerable latency there might be getting back to you on this, haha!

Thanks for the effortpost! Scuttlebutt in particular is similar in spirit, although I agree with the blog post that the implementation sounds funny. One conceptual difference, I think, is Scuttlebutt sounding fully decentralised, which necessarily introduces an O(n²) kind of overhead. Hubs could operate more like the content distribution networks that already exist in really locked-down countries, which are proven to work, just with the new protocol as a lower risk way of getting to the end user. Their own page is loading blank for me, unfortunately.

Public keys were identities, and were bound to devices; unfortunately people may have multiple devices, or change devices over time, so this was a hindrance.

I’m not sure why even they added that, haha. How hard is moving a private key? I’m also imagining it would be pretty routine to just discard a key-identity and make a new one, for anonymity’s sake.

I mention all these because, in an extreme censorship environment, any local state (session history on paper, an app on a smartphone, an odd device) might not be good to have around. So usability may require reducing the total amount of state that a command carries. The current working directory at the time a command is run changes the meaning and outcome of the command; you may not remember that directory in a day or two. The vocabulary and syntax of command-line switches are easy to look up in online manuals - but are there offline manuals? I don’t know if this avenue of inquiry helps you, but it’s interesting to think about for a moment.

Some local state is probably necessary for usability. I mean, at the very least you need to have the software, which is probably illegal itself. The trick, as always with contraband, is either hiding it or not getting searched in the first place. In emergency situations having a way to securely delete everything quickly is the best that can be done, I think.

I don’t expect the average user wouldn’t be writing shell scripts themselves. There should be user-friendly frontends for common tasks like email messaging, but that doesn’t help developers. A certain level of statelessness at the hub end would be good, just to avoid unwanted interactions like that. Maybe execution always starts with the same environment variables in the same directory, and your payload bootstraps other shell scripts or actual programs needed to add context.

No problem!

I mean, I guess you could just programmatically insert a > after every command. That’s actually a pretty good idea. It’s kind of obvious now that you mention it, haha!

It would be better if the tools expected to be used this way, but as a quick kludge for a project about something else it’s probably sufficient.

Probably Rust, although I’m not married to it. I’m just at the planning stage right now, though.

One open question is if you can use a fairly standard transceiver like a Bluetooth chip, or if you need an SDR. Obviously they weren’t designed with this in mind, by maybe there’s a profile that’s close enough.

Packets should have a few kilobytes of payload so you can fit a postquantum cryptographic artifact. Thankfully, even with a BCH code, it seems doable to fit that much in a 1-second burst in a standard amateur radio voice channel, for testing. (In actual clandestine use I’d expect you’d want to go as wide as the hardware can support)

As envisioned there would be someone operating a hub, which might have actual network access through some means, and on which the containers run. They would send out runners to collect traffic from busy public spaces which might serve as hubs for burst activity, and dump outgoing packets, all without giving up any locations.

Accounts with their own small container would be opened by sending in a public key, and then further communication would be by standard symmetric algorithm - except in testing, because that’s an amateur radio no-no, so just signed cleartext. ID would be derived from signature fingerprint, as I have been thinking about it. I have a lightweight hash scheme in mind that would allow awarding of credit for retransmitting packets in a way that couldn’t be cheated.

You’d want to have some ability to detect and move around jamming, or just other people’s bursts. That’s more hardware research, basically.

You can do all those things while also not supporting FAANG

Depends. If you can find another employer that’s more ethical (which is not guaranteed just because they’re smaller) and pays as much with as flexible a work schedule, yeah, you should probably do that. Otherwise it might indeed be necessary.

I don’t know, are we doing concequentialist ethics here, or deontological? I feel like we’ve reached the level of splitting hairs where we need to decide. For the purpose of actual advice people reading might follow, I’d say just try and be a good person, and don’t let perfect be the enemy of better.

I mean, a lot of companies do stuff like that, and yet you still need money to live. Just working there doesn’t necessarily make it your fault; by that logic it would be a sin to work checkout at Walmart, because you’ll have the same blood on your hands as the Waltons.

I don’t really like talking about capitalism as if it’s a well defined concept, but, no ethical consumption under.

I’m not ignoring the other two things listed, I’m realistic.

I didn’t mean you, FYI. I mean someone who does work for a FAANG and is looking for more justification to do nothing for the common good.

Theoretical computer scientists, historians of mathematics.

I’m not sure where I heard the term exactly, but I know I have multiple times.

West Ed is still dope. I don’t know about submarines, but they have a 10/10 water park in there, and a bunch of other stuff.

Man, I wish that became more of a thing here. I’m good enough at being a weird shut-in without the architecture pushing me to do so.

Yeah, that’s probably worth a look. Good suggestion. There’s also delay-tolerant protocols for space and similar, but I don’t know if any of them define an endpoint, as opposed to just a transport layer.

Why not? Unlike Schindler you don’t have to worry about how many beatings are necessary to keep up appearances, and you might have a specific role that exposes you to very little evil at all. Meanwhile, you can donate some of that big wage to people like EFF, or volunteer using the flexible schedule.

I was kind of assuming that, since FAANG are American, but I’d guess they probably have foreign employees as well.

Canadians make pretty much the same as Europeans, I think. The Americans have a bunch of monopolies, and are characteristically weird and nationalist about who they share the spoils with. (I know, it’s not all of you guys, but it’s definitely some)

Alright then. Thanks for the info!

Government agencies, in my experience, tend to believe in security through obscurity; even the ones that don’t worry about spies as much as NASA. That said, maybe it’s worth a shot. I’ll have to figure out who’s the best person to bug.

Yeah, I do worry someone will read the “work for a FAANG” part, and ignore the other two things listed. It’s absolutely not enough to go “welp, I’m just a little cog following orders”.

Maybe a one-man boycott is the wrong way to put it. Multi-person boycotts are obviously built from individual people. I guess my real point is that there’s not a one-size-fits-all solution; you actually have to look at the world, look at how you want it to be, and figure out how you can help make that happen from your place in it.

Agreed. Just working for somebody bad doesn’t necessarily mean you’ve given up, though. I mean, they made a movie about Schindler, and we all know who he worked for.

Yeah, I want not real time. The goal of having containers in the first place is to enable as much as possible without needing to put a human in the loop, since you have no idea how long each packet will spend in transit.

If I could emulate Curiosity’s onboard computer that would be a decent starting point.

I like that! I’m going to steal it.

They are. You can get .debs through other sources quite often, though.