14 votes

Moxie Marlinspike on decentralization

13 comments

  1. han2k
    Link
    I think people should look at decentralized internet for what it is: a place where trust and verifiability can be systematically achieved. We shouldn't try to kill the existing internet and...

    I think people should look at decentralized internet for what it is: a place where trust and verifiability can be systematically achieved. We shouldn't try to kill the existing internet and replace with the decentralized web, but instead find great use cases that will be best served by the combination of both. I believe we're JUST getting started with distributed computing and utilizing its power.

    And I don't own any crypto :)

    4 votes
  2. tindall
    Link
    The real problem with Moxie's opinions on decentralization aren't that he's wrong - I think he is, but he's very smart and may very well be right - but that he has a lot of people behind him,...

    The real problem with Moxie's opinions on decentralization aren't that he's wrong - I think he is, but he's very smart and may very well be right - but that he has a lot of people behind him, because Signal is great for a lot of other reasons, and his decisions based on those opinions are materially harming usability and future-proofing, and even security for many people with threat models other than those he is specifically interested in addressing.

    3 votes
  3. archevel
    Link
    I started reading the blog post thinking the decentralized systems that it was talking about was synonymous with distributed systems, but it seems to be more about the control of the system than...

    I started reading the blog post thinking the decentralized systems that it was talking about was synonymous with distributed systems, but it seems to be more about the control of the system than its inherent nature. A lot of systems that are controlled by a single entity (Facebook, Gmail, Slack etc) are massively distributed systems (likely architecture in a way to avoid single points of failure).

    Anyway, to me the issue comes down to control. We can build federated/decentralized systems similar to existing centralized systems. However, decentralized systems are susceptible to being coopted by single large players (e.g most e-mails are stored in Gmail). There isn't a technical solution to this. This is a problem that needs to be solved by anti trust enforcement. Consistently breaking up the big tech companies will likely lead to smaller companies having to settle on common protocols. That might make innovation in those areas slower since more coordination is needed to introduce new widely available concepts. But then again that's not necessarily solely a bad thing...

    A side effect of proper anti trust enforcement might be that a lot of existing business models will fail. If companies don't have data about a large enough user populations to be interesting for ads, then maybe the power of adtech will lessen. OTOH if people with similar interests congregate to the same company, then advertiser's might actually have an easier time targeting the demographic they're interested in...

    3 votes
  4. [10]
    Eric_the_Cerise
    Link
    It seems to me that the vast majority of both Moxie's arguments and the author's, claiming "centralized web services are better than decentralized because XYZ" ... ultimately boil down to...

    It seems to me that the vast majority of both Moxie's arguments and the author's, claiming "centralized web services are better than decentralized because XYZ" ... ultimately boil down to "centralized web services are backed by $100 billion in ad revenue, while decentralized services are mostly dependent upon donations".

    In other words, centralized services are "better" mainly because the legal and tech environment is heavily slanted in their favor.

    1 vote
    1. [9]
      skybrian
      Link Parent
      I didn’t get that at all. Where does it say that?

      I didn’t get that at all. Where does it say that?

      1 vote
      1. [4]
        archevel
        Link Parent
        The following quotes seem to support that interpretation. Centralized apps can change faster: Centralized apps can easier fine what's needed: Centralized apps can make it costly for censorship:...

        The following quotes seem to support that interpretation.

        Centralized apps can change faster:

        He uses a raft of examples of centralized systems that have out-evolved their decentralized competitors, including Slack vs. IRC, Facebook vs. e-mail, WhatsApp vs. XMPP. The [6:04] decentralized protocols are stuck in time, whereas the centralized protocols are constantly iterating.

        Centralized apps can easier fine what's needed:

        The idea that, for example, "Twitter but decentralized" would take market share away from Twitter is implausible. It would lack Twitter's ways of finding out what its users want...

        Centralized apps can make it costly for censorship:

        Centralized services such as WhatsApp and Signal use techniques such as proxy sharding (each user can discover only a small subset of the access points) to make it hard for the censor to discover all the service access points quickly, and domain fronting to make it costly to block the access points the censor does discover.

        Centralized apps run by business have the vast resources to maintain and develop software:

        Marlinspike concludes that the problem is that developing and deploying technology involves "buildings full or rooms full of people sitting in front of computers 8 hours/day every day forever".

        To varying degrees these point to centralized apps controlled by large corporations having an easier time responding to change.

        4 votes
        1. [3]
          skybrian
          Link Parent
          Ok makes sense. Though I think the bigger nonprofits could probably hold their own. Wikipedia is not a decentralized app and I think it would be hard to make it one.

          Ok makes sense. Though I think the bigger nonprofits could probably hold their own. Wikipedia is not a decentralized app and I think it would be hard to make it one.

          1 vote
          1. [2]
            archevel
            Link Parent
            Not so sure about that myself. Seems like a decentralized wiki would be fairly straightforward. What aspects of Wikipedia do you see as hard to decentralize?

            Not so sure about that myself. Seems like a decentralized wiki would be fairly straightforward. What aspects of Wikipedia do you see as hard to decentralize?

            1. skybrian
              Link Parent
              Wikipedia editors need to come to a consensus opinion and keep spammers and trolls out. The bureaucratic process used to handle disputes seems pretty important, and those rules need to be adjusted...

              Wikipedia editors need to come to a consensus opinion and keep spammers and trolls out. The bureaucratic process used to handle disputes seems pretty important, and those rules need to be adjusted sometimes. Moderating Wikipedia is a cumbersome judicial process. Somehow it manages not to be overwhelmed with fake news and conspiracies.

              Distributed systems seem to be built on the idea that all nodes are equal and using algorithms to settle conflicts and I don’t know how that would work? In the end, there needs to be a canonical version of Wikipedia and I don’t see that being done automatically by algorithm, like cryptocurrencies do it.

              6 votes
      2. [4]
        Eric_the_Cerise
        Link Parent
        I was probably extrapolating ... my main takeaway is that centralized services tend to have more resources at their disposal, probably by an order of magnitude or two, for constant testing,...

        I was probably extrapolating ... my main takeaway is that centralized services tend to have more resources at their disposal, probably by an order of magnitude or two, for constant testing, innovation, advancement, etc.

        1 vote
        1. [3]
          skybrian
          Link Parent
          Yes I think that’s true, but it also seems like even a small team changing a single app is going to have an easier time than many teams agreeing to a protocol change and upgrading all their apps....

          Yes I think that’s true, but it also seems like even a small team changing a single app is going to have an easier time than many teams agreeing to a protocol change and upgrading all their apps. A good example was the heated debate about raising the Bitcoin block size, and that’s essentially just increasing a constant. Sometimes the hard part is not the code, it’s the politics.

          So there are ways in which change is more difficult for a decentralized community even putting aside the disparity in resources.

          1 vote
          1. [2]
            tindall
            Link Parent
            I think this is often a problem with protocol design. The example you give is a clear case of this; the blockchain protocol for Bitcoin was not well thought through at all, and was not designed...

            Yes I think that’s true, but it also seems like even a small team changing a single app is going to have an easier time than many teams agreeing to a protocol change and upgrading all their apps.

            I think this is often a problem with protocol design. The example you give is a clear case of this; the blockchain protocol for Bitcoin was not well thought through at all, and was not designed with extensibility or evolution in mind, as well as mandating some extremely disadvantageous technical decisions for clients. On the other hand, there are many problems with the ActivityPub protocol that Mastodon, Pleroma, etc use, but there are many diverse software platforms which use it, all sufficiently compatible to co-federate but with drastically different, and constantly evolving feature sets.

            Another great example is the BitTorrent protocol. It's kind of a mess, but it works well enough for everyone that we're only now, twenty years (!) later, looking at a version 2; and that's not really because of new features, but instead because cryptography has evolved in ways the original authors couldn't have anticipated.

            1 vote
            1. skybrian
              Link Parent
              Yes, and another example might be RSS. The key point is that a lot of design decisions are not part of the protocol and don’t need to be standardized. But it seems like this works better when...

              Yes, and another example might be RSS. The key point is that a lot of design decisions are not part of the protocol and don’t need to be standardized.

              But it seems like this works better when policy decisions aren’t part of the protocol (each node does its own thing). Sticky problems with security, privacy, and so on just don’t get resolved. Which is okay at small scale. At larger scale you get something like email where everyone has spam filters, there is no guarantee anyone gets any messages, and it’s still basically insecure. It seems likely to happen with ActivityPub too, as everyone makes their own decisions about who to block?

              It’s no coincidence that Moxie Marlinspike is working on security and privacy, which is playing in hard mode.

              2 votes