[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Version checking (was Re: 25 tbreg relays in directory)

On 30.04.09 00:24, Tripple Moon wrote:
> Yes I agree that those other factors, which were not mentioned yet, are 
> ofcourse also elements to take into account for differences. And like i 
> previously already admitted this is a difficult topic to make foolproof.
Actually you don't come with any concrete suggestions how you would like to do
it. That is not surprising because what you want to do is impossible.

> But...i disagree with your argument that my approach would contradict the 
> idea of Open-Source as that has noting todo with program's operational 
> logic but more with the public availability of the source codes.
Ok. Lets examine:
1) You publish source code - ok. But that alone is not open source.
2) You want to prevent people from compiling the code themselves.
3) You want to prevent people from changing and using the code.
4) You want to prevent people from writing alternative implementations.
I don't see how you can do this and still claim to support open source. (Maybe
you should read some more at http://www.fsf.org/ and http://www.opensource.org/.)

[I will skip the rest, it would be a repetition.]

> I think we all agree that there is a growing need to "somehow" keep the tor
> network operating at maximum compatibility and stability. If the tor
> application wont get means to authenticate itself's internals, then im
> afraid (IMHO) we will be looking at a future with *many* independent tor
> networks who are not connected to each others cloud because of
> differences...
For the purpose of inter-operability of networks or parts of a network there
exist design specifications which exactly describe how a client must behave.
It is not important, which language is used for programming or which platform,
compiler, libs, etc. as long as the software behaves according to that. (Would
you require that all the systems connected to the internet are authenticated
the way you desire? The result would be a mono-culture of systems which will
all fail at the same time with the same problem.)
The only thing you _might_ do: check for specific (mis-)behaviour of a given
node. (But the internet would not exist in its current form if the systems are
not at least partially accepting non-conforming behaviour.)

And if someone writes a client not behaving? First the chance is high, that it
will give a 'bad' user experience (performance, but most of all anonymity).
There is then little chance that that client will gain enough distribution to
be relevant. But if it does and it finally result in a split of networks? Ok,
let the better one win. ;-)