Natanael's recent activity

  1. Comment on There’s No Such Thing as a Right Not to be Called a Nazi in ~misc

    Natanael
    Link
    The "free speech" tag is misspelled

    The "free speech" tag is misspelled

    1 vote
  2. Comment on Tildes, what is your take on current terms of copyright? in ~talk

    Natanael
    Link Parent
    We could have a tiered copyright system, with a few simple tiers. Full protection, first X years after publication (maybe 10 years?). Similar to today (except made more sensible). Reduced...

    We could have a tiered copyright system, with a few simple tiers.

    Full protection, first X years after publication (maybe 10 years?). Similar to today (except made more sensible).

    Reduced protection, from year 10 to perhaps year 50 (regardless of author lifetime). All commercial works falls under forced mechanical licensing, making everything available to license for commercial use without complicated negotiations. Non-commercial use exceptions are much wider and more lenient.

    Moral rights / attribution only, from year 50+ to X years after author's death (whichever comes first). Everything is free to use, with correct attribution.

    Branding is a trademark issue, and thus unrelated.

    3 votes
  3. Comment on Which messenger(s) do you currently use? If you had your preference, what single messaging service would you prefer to use? in ~talk

    Natanael
    Link Parent
    I haven't seen a big computer security group here in tildes yet, but I can suggest https://reddit.com/r/netsec for general computer security news and discussion, and https://reddit.com/r/crypto...

    I haven't seen a big computer security group here in tildes yet, but I can suggest https://reddit.com/r/netsec for general computer security news and discussion, and https://reddit.com/r/crypto for cryptography discussion (full disclosure, I'm a moderator of /r/crypto).

  4. Comment on What are you an "expert" on? in ~talk

    Natanael
    Link
    Cryptography. Maybe not completely an expert, but I know a whole lot about the field, including knowing about subfields in it you probably didn't even wouldn't think was possible. Did you for...

    Cryptography.

    Maybe not completely an expert, but I know a whole lot about the field, including knowing about subfields in it you probably didn't even wouldn't think was possible. Did you for example know Zero-knowledge proofs is a thing?

    Much of the knowledge comes from a mix of my interest in the field with being a moderator of reddit's /r/crypto (which means I keep up with new submissions), as well as being a subscriber to the good old cryptography mailing list metzdowd. I read a whole lot about it, simply put. So I know a ton about protocols, algorithms and attack models, etc.

    3 votes
  5. Comment on The Internet's Hidden Rules: An Empirical Study of Reddit Norm Violations at Micro, Meso, and Macro scales. in ~science

    Natanael
    Link Parent
    As I see it, it is only meaningful to post a comment to say thank you to somebody if the comment has a notable connection to you, such as if it was first posted in reply to you or you had a...

    As I see it, it is only meaningful to post a comment to say thank you to somebody if the comment has a notable connection to you, such as if it was first posted in reply to you or you had a similar problem which they solved (or similar).

    Randomly thanking somebody if you're not immediately affected by the comment is noisy.

  6. Comment on Daily Tildes discussion - starting some moderation in ~tildes.official

    Natanael
    Link Parent
    People already take bad advice from the web. That's how MD5 is perpetuated, it's why people use CBC unauthenticated, it's why people use salts and IV:s wrong, etc... This has ALREADY caused...

    People already take bad advice from the web. That's how MD5 is perpetuated, it's why people use CBC unauthenticated, it's why people use salts and IV:s wrong, etc...

    This has ALREADY caused massive troubles. Hacked websites, leaked passwords, stolen money, leaked data.

    This is a genuine problem.

    Bad advice right when a new critical vulnerability like efail and heartbleed gets published could destroy entire companies.

    Meanwhile our sub has actual professional cryptographers from places like Google and more. In our sub people actually have a real chance to get correct advice.

    And I intend to make sure that the people with actual competence keep their visibility over bad advice and spam.

    It's not even ownership. I don't care who runs it. I just care about their competence. Yes, actually.

    If you visited the sub you wouldn't find much at all that qualifies as toxic. And I can completely honestly say I've gotten praise more often than complaints, by a ratio of at least 3x or so, no exaggeration. That's because I'm active and proactive, trying to halt conflicts before they flare up, keeping the quality high (and know the field well enough to do so).

    The main problem I see here is that out of the people who know the field as well as me, most of them either lack the particular set of soft skills that makes one a good mod, or they don't want to be one (or lack the time). And the other people with mod skills won't recognize bad advice or snake oil, and can't do it alone.

    IMHO the correct solution isn't to allow the place with a long history to be co-opted. At most I'd lock the original and create two new ones, with redirects to both (alternatively rename the original, create a locked page with redirects in its place). This isn't about ownership, it's about disruption. Just because you're louder, you don't automatically get to displace people who already were there. Also, it ruins old bookmarks and confuses people.

  7. Comment on Daily Tildes discussion - starting some moderation in ~tildes.official

    Natanael
    Link Parent
    How is bad security advice not time sensitive? Especially in a popular thread? And we shouldn't need to change the name. Only a verification that the submitter actually read the rules.

    How is bad security advice not time sensitive? Especially in a popular thread?

    And we shouldn't need to change the name. Only a verification that the submitter actually read the rules.

  8. Comment on Daily Tildes discussion - starting some moderation in ~tildes.official

    Natanael
    (edited )
    Link Parent
    Wrong. The ambiguity came later, the subreddit was created before Bitcoin even was released. Nobody in computing / tech had used crypto to mean anything other than cryptography until years later...

    Wrong. The ambiguity came later, the subreddit was created before Bitcoin even was released. Nobody in computing / tech had used crypto to mean anything other than cryptography until years later when Bitcoin and altcoins started to get popular.

    It's not our fault that others later added another meaning.

    If parent ~ mods can't follow them in a shit-hits-the-fan situation, your rules are wrong.

    No.

    As an example, an experienced cryptography mod would understand that stream ciphers don't allow key + IV reuse and would then warn somebody giving bad advice, so that people don't follow it erroneously. Same with recommendations to use ECB block mode, MD5 for hashing, etc. The parent group's mods can't be expected to understand such details.

    You're making the mistake of assuming everything can be condensed to simple rules. That intricate knowledge of the field isn't always necessary.

    To moderate a cryptography sub, you need to be able to tell competent people and safe software from charlatans and snake oil. This can't be left to popular opinion. Algorithms can't trivially evaluate this.

    1 vote
  9. Comment on <deleted topic> in ~tildes

  10. Comment on Daily Tildes discussion - Haunted by Data in ~tildes.official

    Natanael
    Link Parent
    Apple has a limited usage of differential privacy. Don't remember exactly what for.

    Apple has a limited usage of differential privacy. Don't remember exactly what for.

    2 votes
  11. Comment on <deleted topic> in ~tildes

  12. Comment on Daily Tildes discussion - starting some moderation in ~tildes.official

    Natanael
    Link Parent
    A) the main difference is that tilde can't guarantee being able to sustain a certain atmosphere / culture. There's for example no guarantee that /r/crypto wouldn't eventually be co-opted by...

    A) the main difference is that tilde can't guarantee being able to sustain a certain atmosphere / culture. There's for example no guarantee that /r/crypto wouldn't eventually be co-opted by cryptocurrency fans, away from us cryptography fans, especially due to their larger numbers. This is not necessarily a good thing for all communities.

    Moderation from ~comp which would be the likely root wouldn't likely understand what rules a cryptography group needs.

    B) I don't see what argument you're making here. Why don't you look at my subreddit for a while to see how it works in practice?

  13. Comment on Daily Tildes discussion - starting some moderation in ~tildes.official

    Natanael
    (edited )
    Link Parent
    A) impossible to know in advance. It came out of nowhere. You're effectively saying that literally ALL tiny communities are doing something wrong for being unprepared for a literal 1000x jump in...

    A) impossible to know in advance. It came out of nowhere. You're effectively saying that literally ALL tiny communities are doing something wrong for being unprepared for a literal 1000x jump in activity. We had never had to have extra moderators for 24/7 coverage before. We had never even been close. The automoderator rules had been sufficient until then.

    Keeping the thread open would have required at least 3-4 mods available at any given time, hawking over the moderation & comments logs. Probably a total of like 10 people (taking turns) with knowledge of the sub's topic and culture and with proper moderation skills, plus good communication.

    That's not remotely plausible. The only other option is closing the entire subreddit. That thread just couldn't have been left unsupervised.

    B) there was valuable and relevant information in there, but people in the thread was starting conflicts, there was harmful speculation, insults all over. It was a mess. Allowing people to still see it but not add anything more was IMHO the best choice. The useful information managed to reach the top, and there was links out to other threads in other subreddits for people to follow if they wanted to. However, all the conflict WOULD have spilled over into the rest of the subreddit, if unchecked.

    1 vote
  14. Comment on Daily Tildes discussion - Haunted by Data in ~tildes.official

    Natanael
    Link Parent
    Client side encryption protocols like differential privacy

    Client side encryption protocols like differential privacy

    1 vote
  15. Comment on Daily Tildes discussion - Haunted by Data in ~tildes.official

    Natanael
    Link Parent
    Client side encryption protocols, stuff like differential privacy. Mixnets and other anonymization techniques. @deimos

    Client side encryption protocols, stuff like differential privacy. Mixnets and other anonymization techniques. @deimos

    1 vote
  16. Comment on <deleted topic> in ~tildes

    Natanael
    Link Parent
    I've been spending a few hours on catching up, because I haven't been here for the last 16 days.

    I've been spending a few hours on catching up, because I haven't been here for the last 16 days.

    3 votes
  17. Comment on <deleted topic> in ~tildes

    Natanael
    Link Parent
    I'm thinking a bit more sitewide and meta commentary about the site as a whole. Not just from a tilde development viewpoint, but what's happening in different groups.

    I'm thinking a bit more sitewide and meta commentary about the site as a whole. Not just from a tilde development viewpoint, but what's happening in different groups.

    2 votes
  18. Comment on Daily Tildes discussion - starting some moderation in ~tildes.official

    Natanael
    Link Parent
    I've locked a thread once. We're two mods in /r/crypto (cryptography), I was the only one online, it was nearing bedtime, and our sub suddenly got hit with a thread with Assange drama, flooded by...

    I've locked a thread once. We're two mods in /r/crypto (cryptography), I was the only one online, it was nearing bedtime, and our sub suddenly got hit with a thread with Assange drama, flooded by users from +10x larger subs, with things heating up, and with every question repeated dozens of times by different people, speculation everywhere.

    No thank you, I'm not staying up late to handle that. And I'm definitely not letting that go unsupervised. And I had nobody else to call in with such a short notice. So locking it is.

    I'd be impressed for you to find an argument for why that was the wrong call.

  19. Comment on Suggestion: Users can upload GPG public keys in ~tildes

  20. Comment on Daily Tildes discussion - the importance of content in ~tildes.official

    Natanael
    Link Parent
    I would suggest ~tilde.tldr, or a .tldr per group, or perhaps even something like ~tildedr for more visibility, in which meta commentary about site activity can be posted

    I would suggest ~tilde.tldr, or a .tldr per group, or perhaps even something like ~tildedr for more visibility, in which meta commentary about site activity can be posted