Gemini server logging formats and practices

It was thus said that the Great Dave Huseby once stated:
> I love your enthusiasm Sean. I'm going to reply in kind and call out when
> I'm trolling you. Just remember that I appreciate your position and thank
> you for sharing your perspective. I'm sincere as Fred Rogers when I say
> that. Now...let the trolling begin! Let's see who can flame each other
> better. ; )
> 
> On Tue, May 12, 2020, at 8:06 PM, Sean Conner wrote:
> >   Back in 1989, the Internet as we know it was still five years away. 
> > Commerical activity was against the rules and the only people who were on
> > the Internet back then where largely academics (students, instructors,
> > professors) at universities and a few researchers at some select companies
> > (like IBM, Sun or Symbolics).  I would think that had you seriously
> > presented this argument at the time, people might have looked at you
> > strangely.  While people were still largely trustful of other users, the
> > Morris Worm of Nov 1988 was still quite recent and if not for logging, it
> > would have taken much longer to stop.
> 
> You're not wrong. I was. It was 1991, not 1989: 
> 
> => http://ksi.cpsc.ucalgary.ca/archives/WWW-TALK/www-talk-1991.messages/1.html
> 
> Dismissive troll: The rest of what you said above is irrelevant, missing
> the point, and distracting.
>  
> >   So a not-so-hypothetical situation here---if I were to put on my Gemini
> > server "I LOG ALL THE IPS!", honestly, how could I get your consent (or
> > non-consent)?  I can't get it from you prior to your connection, because I
> > don't know you will connect.  I can't get your concent afterwards because I
> > already have your IP.  And would such a disclaimer have to be added to every
> > page?  How can you know prior to requesting a Gemini page that the server
> > will log your IP address?
> 
> You're not wrong. IP is what we have. You seemed to have completely missed
> that I'm making philosophical arguments.

  I come across people who make grand statements like yours.  Such as
Stanislav:

	The Loper OS Project aims to remake computing. I am aware that
	others have tried and failed. Laughing? The job is not nearly as
	difficult as it sounds.  Much of the complexity found in modern
	systems software is accidental, rather than inherent. A large
	portion of my thinking has gone into figuring out what parts of an
	operating system are non-axiomatic - vestiges from a computational
	Stone Age which could safely be swept away.

		http://www.loper-os.org/?p=4#selection-33.0-41.338

(written in 2007; he's still writing at his blog today, but no Loper OS). 
There was Fran?ois-Ren? Rideau Dang-Vu B?n with his TUNES operating system:

	TUNES is a project to replace existing Operating Systems, Languages,
	and User Interfaces by a completely rethought Computing System,
	based on a correctness-proof-secure higher-order reflective
	self-extensible fine-grained distributed persistent fault-tolerant
	version-aware decentralized (no-kernel) object system.

		http://tunes.org/papers/WhyNewOS/WhyNewOS.html

(I recall when it was first announced in 1992---I thought it was silly back
then; again, TUNES is no longer).  Then there's Richard Kulisz:

	PlanNine has modularity, composability, distribution and half of
	uniformity. You can also include reliability.

	Unix has only modularity and many people seem to act like it's the
	"best OS of all time."

	ErosOs satisfies Reliability, TransparentPersistence and most of
	security.  It doesn't seem to give very practical security.

	BlueAbyss aims to satisfy all of the principles to the utmost,
	except for Correctness Proofs, which I see as a costly fad that adds
	little value.

		https://wiki.c2.com/?OperatingSystemsDesignPrinciples

(again, grand plans and not much to show for it years later).  And finally
to round out these examples, I present Curtis Yarvin and Urbit---and I still
can't decide if it's an elaborate troll or an earnest endevour, but Urbit
was introduced with this:

	This spec defines one function, Nock.

	2 Structures

	A noun is an atom or a cell.  An atom is any unsigned integer.
	A cell is an ordered pair of any two nouns.

	3 Pseudocode

	Brackets enclose cells.  [a b c] is [a [b c]].

	*a is Nock(a).  Reductions match top-down.

	4 Reductions

	?[a b]           => 0
	?a               => 1

	^[a b]           => ^[a b]
	^a               => (a + 1)

	=[a a]           => 0
	=[a b]           => 1
	=a               => =a

	/[1 a]           => a
	/[2 a b]         => a
	/[3 a b]         => b
	/[(a + a) b]     => /[2 /[a b]]
	/[(a + a + 1) b] => /[3 /[a b]]
	/a               => /a

	*[a 0 b]         => /[b a]
	*[a 1 b]         => b
	*[a 2 b c d]     => *[a 3 [0 1] 3 [1 c d] [1 0] 3 [1 2 3] [1 0] 5 5 b]
	*[a 3 b]         => **[a b]
	*[a 4 b]         => ?*[a b]
	*[a 5 b]         => ^*[a b]
	*[a 6 b]         => =*[a b]
	*[a [b c] d]     => [*[a b c] *[a d]]
	*a               => *a

		https://www.unqualified-reservations.org/2010/01/maxwells-equations-of-software/

And further elaborates:

	Urbit is a static functional namespace: a programming environment
	specified as a single stateless, frozen function. The Urbit function
	is Maxwellian: formally defined by a small system of axioms. Urbit,
	while a cool toy, is designed for practical computing.

		https://moronlab.blogspot.com/2010/01/urbit-functional-programming-from.html

(and it seems to have become A Thing at https://urbit.org/, although Curtis
is no longer associated with the project).

  I present these examples (and there are more I have saved) as a means of
explanation---I come across these grand sweeping statements that we're doing
this all wrong and we must, MUST! change how it all works because the
current way is (to be charitable) not optimum!  And in all these cases, it's
all words, no implementation (except for Urbit, but even they cheat by not
using Nock but "optimizing" it with native code).

  Your message came across exactly like that to me---IP is bad, we must use
this other technology now!

  And I will admit that my reply might have been a bit incendiary.

> Time for you to catch up with the rest of us Sean. It's only a matter of
> time now. People--including me--are already working on a mixnet that
> leverages this. Once we unlock that achievement, Gemini will be able to
> stop relying on IP entirely.

  I'll patiently await the results.  <troll>Hopefully it won't take as long
as TUNES, Loper OS, Blue Abyss, or Urbit.</troll>

> Concern troll: I'm worried about you. Hopefully post-mixnet you'll have a
> better attitude about the state of the world. Stress kills y'know ; )

  I know.  Thanks.

> You're not wrong. I made a mistake implying the Gemini had *anything* to
> do with my efforts fix the Internet status quo. i gave three, one-hour
> presentations last week at the Internet Identity Workshop and decided I
> was going to walk the walk and *not* publish my papers on the web. 

  Good for you.  At least now I know you are serious enough to work on this.

> My support for pseudonimity is a philosophical line in the sand. The only
> way for users to maintain leverage against surveillance capitalism to do
> all they can to maintain pseudonimity and privacy. My contributions to the
> Gemini community are mostly philosophical. There's no reason we have to do
> things the same way just because that's how it's always been done. 

  True enough, but the issue I have is people questioning the design and
declaring it should have been done another way, *without doing any work*. 
Not even a proof-of-concept.

  When solderpunk first designed the protocol, I had a problem with the then
defined status codes.  I ignored that aspect when writing the first server,
opting instead to reuse HTTP codes.  That lead to a long discussion and
finally the design we have.  But the crutial point is that *there was code!*

> > > Anyway, back to logging. I don't think it is our place as server operators
> > > to collect IP addresses without consent since it isn't our data. 
> > 
> >   Technically, the IP address you use to access a server isn't yours either. 
> > It's the providers.  They are just letting you use it.
> 
> You're not wrong.
> 
> Troll: Again, you're answering a philosophical argument with a technical
> one. I'm starting to think you're uncomfortable discussing philosophy and
> always run to the comfort of black and white, right angles and straight
> jackets....I mean straight walls. ; )

  My best friend has a degree in Philosophy, so I'm not unconfortable with
it.  But there comes a time when Reality comes knocking at the door ...

> When I send you a packet, my computer fills in the source IP address. That
> source IP address is personally identifiable information the vast majority
> of the time. It's the same as me filling in my address on an envelope. I
> may rent, and not own, the house--and therefore the address--that I live
> in but legally, my address is considered personally identifiable
> information (PII) and protected under the GDPR and CCPA. I'm suggesting
> that to gain a consistent and coherent philosophy about user sovereignty
> to make the internet better with truly decentralized systems, we should
> all start thinking of IP addresses as PII and build/configure systems
> accordingly.

  And that's easy to say.  It's another thing to implement it.

> Thanks for your reply Sean. 

  You're welcome.

> It was fun replying to you. I understand what
> you're saying and you're not wrong with all of your technical details. But
> I was speaking in philosophical terms as guiding principles for making
> decisions going forward. I reject the current status quo. I only look back
> to remind myself of what went wrong but all of my energy is focused ahead
> of me. I think Aaron's quote is apropos here:
> 
> "What is the most important thing you could be working on in the world
> right now? ... And if you're not working on that, why aren't you?"

  Was that Aaron Swartz?

> Troll: maybe you should work on learning Rust and meditating ; )

  Rusty meditation?  What are you on about? 8-P

  -spc

---

Previous in thread (11 of 25): 🗣️ solderpunk (solderpunk (a) SDF.ORG)

Next in thread (13 of 25): 🗣️ colecmac (a) protonmail.com (colecmac (a) protonmail.com)

View entire thread.