Having your own email/domain isn’t about privacy. Email has become essentially the key to almost everything in modern life. If I lose access to my email I lose access to basically everything I own and it would be a massive hassle to switch emails. Banks, schools, apps, etc. Often times these services won’t even let you change to a new email if you don’t have access to an existing one. Some use email as 2factor. It’s a nightmare. Owning your own domain separately is crucial. Who hosts your email matters less.
Is it known that domain registrars are better than GMail in this regard? Not asking sarcastically, but I had my domain taken over by registrar(not released to public, just registrar took control of it) after few week of notice when auto renew failed to charge my credit card, and my credit card was working fine elsewhere. Also many registrar like Namecheap cancelled subscription for Russian customers during this invasion. Not to mention incidents like [0]
Now you know why there are still some people that still take "web3" seriously. It's the only system where you are not at the mercy of some external entity to be always benevolent.
Seriously, ENS and Handshake alone should be enough of a reason to silence all of those who keep repeating "but blockchain has no real world applications".
And that's why web3 frustrates me to no end. Decentralized services were common in the "old" internet, web3 just takes than and adds a layer of ponzi and speculation on top of them.
If bittorent was invented today you'd have to buy into some pyramid scheme to use it.
Beyond that having a trusted third party does suck for some things, but at least it means that I have a recourse if something goes wrong. With cryptocrap I'm one hack away from losing my life savings, my domain, the history of all my transactions and even my monkey pictures!
Domains weren't decentralized at any point in history. IP address allocation is also managed centrally.
> but at least it means that I have a recourse if something goes wrong
Have you actually tried it out? I lost several domains through no fault of mine (2 times fault of registrar, 1 time fault of national TLD manager) and absolutely nobody helped me. Even tried suing - in 2 cases (the registrar fault) I got small monetary compensation for lost profit (so good luck with personal domains) but the domain was always lost forever. And when it was the TLD's fault I got nothing whatsoever.
The problem with decentralized systems that don't include a currency component is that there's no extrinsic incentive to contribute anything to the network, only to consume.
BitTorrent suffers from this problem; they even have a term for it: leeching. It's managed to survive despite this purely off of the generosity and goodwill of a community of dedicated users, but if BitTorrent were to ever have its eternal September moment I suspect the problem would quickly be felt rather acutely.
With other systems like decentralized cloud storage[1] or decentralized DNS[2] where (unlike with BitTorrent) there are no inherent practical limits on how many resources a single user can consume, the consequences of not including a currency component would be even more severe.
As for the "no recourse" problem, that's inherent to the very idea of self-sovereignty. Yes it's a weakness with decentralized systems, but it's also their greatest strength.
> If bittorent was invented today you'd have to buy into some pyramid scheme to use it.
Bitcoin was effectively invented 'today', yet you don't have to buy into a pyramid scheme to use it.[1] For example, you could simply use it for cross-border remittance to avoid paying Western Union's high fees, without ever holding bitcoin, by using an app like Strike to send dollars from the US to El Salvador (using bitcoin's instantaneous lightning network as the payment rails behind the scenes)[2]. Or you could prove the existence of a digital document at a certain time by using Peter Todd's Open Timestamps[3], which simply puts a hash or your file into an Op Return on bitcoin's blockchain. Or, you could work on developing software or providing support or writing tutorials for the bisq protocol, get paid for your work with their bisq token (which is simply colored bitcoin), and cash out to have you national currency dumped in your bank account using the bisq software which has been developed and supported by a decentralized community with its governance built directly on bitcoin.[4]
If you really still think bitcoin is a pyramid scheme, there's plenty or ways one could benefit from it without having to "buy in" or hold it. But if you put in the time and learn, you'll discover bitcoin is innovative technology, distinctly separate from the crypto space awash with scams and rug-pulls, like the fiat world already is.
Tell me how decentralized services allow applications to be permissionless, censorship- and sybil-resistant without a blockchain. I will make both of us rich.
Tells us how blockchain allows applications to be permissionless, censorship- and sybil-resistant in any way that matters and doesn't conflict with the use of said apps.
What are you afraid of, really? People that can make innovations?
My point was that the reason that people are doing all this work on the blockchain because no other solution has been shown to be better. Anyone that says "blockchain is not needed for that" should at least provide a better solution, or say "I actually prefer to keep the status quo".
I’m not the OP, but I think there is a very real concern that a single person or single group of people who create the “new better system” can significantly drain the resources of everyone else.
We actively see this all the time on smaller scales (credit cards, global franchises, FAANG), but the idea of someone doing it at a larger scale should make us hesitate.
- You do realize that the comment was tongue-in-cheek?
- There is no "resource draining" here. Even if someone found a way to solve the problem of distributed consensus without using a blockchain and found a way to make money out of it, they would be rich by wealth creation: new products, new services, new business.
> You do realize that the comment was tongue-in-cheek?
Why would I? It's well-established that tone does not come across through text.
> There is no "resource draining" here. Even if someone found a way to solve the problem of distributed consensus without using a blockchain and found a way to make money out of it, they would be rich by wealth creation: new products, new services, new business.
While I see what you're saying, I don't think I properly explained my point as yours is not a counter to it. By "resource draining" I mean that overall the creators could get richer compared to everyone else. Even if they took say $0.01 from every transaction those pennies slowly add up. A dollar 'spent' by changing hands 10 times is actually $0.90. A dollar 'spent' 100 times has been effectively drained of all it's value with that value funnelled to the hands of those running the system. In a scenario like that, wealth creation as you've defined it actually pours fuel on the fire. Every business uses a huge amount of transactions to pay operational costs, and all of their customers generate transactions every time they pay.
We currently have this playing out in various ways (for example franchise markups) and even though it's so highly fragmented it's still an issue where wealth is concentrating at the top. So it follows that if the rich get richer, the rest must get less rich by comparison.
because I am teaching myself to make stereograms. Lipton spent a few years in the 1970s figuring out how to make quality stereo movies with the goal of developing a better system for exhibiting stereo movies. In 1980 he wrote a book (that book) which was a lot like a PhD thesis, he then invented the modern system for 3D movies with circular polarized light and sold his company in 2005. In the end he "got rich" but it wasn't quick.
The blockhead ideology is a lot like the Amway ideology... Really working, creating something, building something, serving customers, is a lot of work for not enough remuneration. There's got to be some magic secret to riches without effort, and once you've got people to believe it exists, you can exploit them.
> Web3 is often more interested in moving money around (e.g. "Ponzi Schemes") than really creating anything.
And "Web 2.0" was more interested in taking some Unix utility and turning them into a web service that could be walled off and monetized. There hardly was any ~real innovation~.
There's plenty of really good criticisms of cryptocurrencies, but that's not one of them.
The whole point of proof of work is Sybil-resistance. Because your voting power is tied to your hash rate, you can't just conjure up a bunch of voting power by creating as many wallets as you want. Ethereum's move to proof of stake keeps Sybil resistance but trades the power consumption of PoW for some amount of centralisation (because you need to hold funds to vote).
Gas doesn't do much for Cybil resistance, it's largely meant to stop you from clogging up the network by publishing a transaction that executes the busy beaver function on some nasty input, or something similarly hostile.
> It's the only system where you are not at the mercy of some external entity to be always benevolent.
Until the owners of the network run away after extracting all the value they can, or they decide to fork it because it’s in their best interest, or they end it because it’s not as profitable as they wanted, or your exchange decides to halt trading so they don’t lose money, or, or, or.
It's a problem of most buzzwords, there is no formal definition and it largely depends on context.
If I were to give you my attempt of an definition, it would be: the main idea behind "web3" is to have systems where no single entity can gate-keep users. It's not supposed to be "better than web 1.0", but mostly to be a contrast with the "walled garden" platforms and social networks that defined "web 2.0".
So, by that definition, social media services powered by ActivityPub that allow communication between different services are a step towards web3 compared with the "web 2.0" social networks like Facebook or Twitter. Messaging protocols that Matrix, XMPP are a step towards web3 in comparison with basically any messenger protocol that is controlled by Big Tech, etc. Content distribution based on systems like IPFS are a step towards web3 in comparison with traditional websites.
The main thing is these systems still have central points where users can be controlled or censored. An user of Mastodon (or any federated service) can be kicked out by the server admin and will have no recourse to get access back.
To be fully permissionless, a distributed system needs to be able to reach consensus without having to appeal to any central authority. "Consensus" here means basically anything about the "state" of the distributed system: was this message really sent by Alice to Bob? If Charlie wants to buy an e-book from David, how can we verify if Charlie has sent the payment to David, and how can David prove that Charlie now has access to the e-book file? This is the part where blockchain helps.
Thanks; the last part seems like "non-repudiation" - I did not think we need either centralized entities OR blockchain for that; I may be wrong though?
Maybe it was a bad example to talk about messaging. It's not just the "is this data really who they claimed to be", but also "is this data part of transaction between multiple parties who do not trust each other"?
You need to have distributed consensus to avoid double-spending. Can you have distributed consensus without blockchain? Yes, but only if your participants are selected a priori, e.g, Distributed Paxos.
The problem that blockchains solve is that it is the only practical way to solve consensus between parties that do not trust each other and that are not pre-agreed on.
The "they" you denied existed, of course. Look, the frame of your argument here is "the blockchain won't ever unilaterally make decisions you don't like like a big centralized tech company". And they do, and have, multiple times in the past. And lots of people didn't like that, in each case.
No. You are talking about three different groups and you calling both by the same "they":
- One "they" is the Ethereum developers making new developments and proposing changes to the "main" blockchain.
- The other "they" is the thousands of people who are developing and using applications that can be used by the most people, and care (mostly) about having one blockchain where they can reach the most people.
- The third "they" are the ones running the nodes and making sure that the network is functional.
What I am saying is that none of these groups can unilaterally decide the course of the blockchain. Your confusion does not make my statement wrong.
You're splitting hairs. Sure, your carefully constructed "microtheys" don't have the power you fear. But someone does[1]. And they act. And have.
[1] As currently constructed, it (probably) requires a 51% attack by staked ETH owners. There's a lot more wealth concentration on the blockchain than you think there is, this isn't a lot of actual people!
I'm all for healthy skepticism, but you are far from it.
> There's a lot more wealth concentration on the blockchain
First, with Ethereum you need 67% of the staked ETH to make an attack on the network.
Second, stakers do not have power to change consensus rules. They are not able to dictate how people transact (not without losing their take) and they are not able to change transactions.
Third, do you understand that even if one single entity had that much power to launch an attack of the network, it would not be in their interest to do so? If the network got to be controlled by any single entity, the other people would simply lose confidence on it, they would stop using it and then all of the staked token would lose its value.
> Third, do you understand that even if one single entity had that much power to launch an attack of the network, it would not be in their interest to do so?
If that were true, then why was the Ethereum network attacked and forked last month?
I think what's happening here is that you've confusing "blockchain consensus" with "not evil", because you trust the giant faceless organization making decisions about the future of your activity in their system to act in something approximating your personal interests.
Just like people trust Google and Microsoft with their email. Get it now?
As to which entities are "really" more trustworthy, I'll just drop this link and flee: https://web3isgoinggreat.com/
What attack are you referring about? What fork are you talking about?
Please, provide actual information instead of throwing around sites that are clearly just helping you to confirm your biases.
> you've (sic) confusing "blockchain consensus" with "not evil" because you trust the giant faceless organization making decisions
Not really. The thing that I care about is self-sovereignty. I do not want to depend on a system where any single entity or institution (whether is a big corporation or a government) can have this type of control over me and that leave without choice.
But it seems that it doesn't really matter what I think though, you already have made your mind and you are not interested in a healthy discussion. Have a good one.
> What?! What attack are you referring about? What fork are you talking about?
Wait, really? On September 15th, someone attacked the Ethereum blockchain and stole all the value, handing it off to this other coin. Our coins are still there, but per current markets they're only worth 0.47% of the value they should have. I can't believe you missed that.
Now, obviously you think that's different. And that this giant act of fiat by a centralized operating body was a GOOD act of fiat by a centralized operating body. But it was still a giant act of fiat by a centralized operating body, which points out that the kind of "self-sovereignty" you believe in doesn't exist. You are and will always remain solvent at the whim of the people running the economy you're part of. That's simply the truth.
The difference is that you trust the ETH cabal where you don't trust email providers. And I think that's misplaced.
There was no "giant act of fiat". The merge only happened because the overwhelming majority of participants were in full support of such a change. At no single point of time, the ETH developers had any way to decree that the beacon chain was the only one that had any value.
> That's simply the truth.
Thank you though for finally showing that you are just full of dishonest rhetoric.
Explain how "government by the overwhelming majority" is consistent with "self-sovereignty"? Some people didn't want the merge to happen. It happened anyway. What about their "self-sovereignty"?
Again, you're just saying that you thought this fork was a good fork. And for the record: I agree, it was a good fork. But it was still a fork, and thus still a successful attack on the network. Someday, one of those attacks might be on your interests.
And your answer will be that you TRUST that it won't. But that is still an act of TRUST and not "sovereignty". If they want to steal your coins, they can. They've proved it multiple times.
So, getting back to the point this topic is about: does it really seem so odd that people trust Gmail? You have to trust people in this world to not mess up your stuff.
You really think that any of this BS rhetoric is flying?
> What about their "self-sovereignty"?
Self-sovereignty is not about "always getting things my way". Is about being able to participate in a system without having some higher authority controlling access.
> successful attack on the network.
A "successful" attack is when someone manages to subvert the system to do something for their personal favor. The system was not subverted. for the merge to happen, the rules had to be defined and followed by everyone. Fuck, the reason that the merge was postponed so many times is because they wanted to have SIX different clients that could reliably participate in the beacon chain.
> If they want to steal your coins, they can.
No one stole anything. The old ETH PoW chain is still there. No one's balances got altered. The fact that most people started seeing that as worthless was not "by fiat".
No. The "They" that did the fork only managed to do it because there was a majority consensus agreement to switch to the forked chain. If the majority refused to follow, there forked chain would have died or become a thing for the minority. Just like EthPOW vs ETH POS.
Seriously, why is it that every discussion about crypto has the same bullshit talking points? Do you guys have a list of "standard basic list of BS arguments that I will throw at the discussion just to see it sticks"? Is it ignorance? Is it malice?
> The "They" that did the fork only managed to do it because there was a majority consensus agreement to switch to the forked chain.
A majority you may not agree with. So you’re still at the mercy of external entities, contradicting your original point.
> Seriously, why is it that every discussion about crypto has the same bullshit talking points?
Because proponents keep repeating the same debunked invalid talking points. Like saying anything they disagree with is FUD. That expression has become the Godwin’s law of blockchain discussions: it doesn’t advance the conversation, it’s just shorthand for “I angrily disagree with you”.
> So you’re still at the mercy of external entities
The people that didn't agree with the "DAO fork" continued on the original chain. None of them were forced to follow the majority. This is a huge important difference.
> None of them were forced to follow the majority. This is a huge important difference.
Quite the contrary, it’s a meaningless difference. Most systems have that feature.
Imagine everyone in your friends circle uses Signal. Then they decide to change to WhatsApp but you and one other refuse to do so. No one forces you to follow the majority, you simply deal with the consequences of not doing so. For example, you may have less of a voice in the decision of where to go to dinner together because you're not part of the main conversation.
You are (once again?) changing the actors and the power relationships between them and pretending it doesn't matter.
It's one thing to have "your friends" moving from one network to another. It's a completely different thing to have a network where there is an owner who can kick you out unilaterally.
None of the people that are using Ethereum Classic are disallowed to ever use ETH if they so want. They haven't been censored to continue participating in that network. It's just that to participate they must accept that the consensus of truth has changed.
Don't attribute to malice what could simply be ignorance. Right now, people need to pit in some serious time (upwards of 100 hours minimum) learning about true decentralized open technologies like bitcoin, so I think uninformed ignorance is far more likely than malice in almost all cases... unless the uninformed person stands to profit from his or her ignorance.
I'm not sure Ethereum is anywhere near as decentralized and bitcoin, because the Ethereum foundation and the large stakeholders (now that they have the miners the boot) appear to wield a huge amount of power.
The most likely reason almost all of hackernews wants to do nothing but make fun of crypto and the people involved is they just don't understand it.
If only they invested the 100+ hours learning it like we did then maybe they would understand its value. I mean thats the only option - either its uninformed ignorance (which we think) or actual malice. There can't be a third option.
The thing I don't understand is the concept "majority" in the crypto space. There is no way to prove that one person doesn't control the majority of the voting power.
If I own a large portion of the supply split across several hundred wallets and I vote one way, smaller owners may be influenced by the appearance of hundreds of votes being cast one way vs the other. We see this in the real world, where some people are willing to just vote for what they think is the majority sentiment when they don't have strong opinions on a matter.
I've heard arguments along the lines of "those with more invested into the project should have more voting power" but that to me just sounds like an incentive to centralize.
If I'm a small player, I either go with the majority or see my investment become worthless, or in a fantasy world where crypto is used for anything other than wild speculation, I see my utility greatly diminished as I'm no longer able to interact with the "majority". Sure, I might still be able to interact with those left behind, but the pressure to move over to the majority fork is going to pull more and more people towards that.
I see federation of content as a much more approachable means to re-decentralization of the internet.
We still rely on centralized DNS. As we still rely on ISPs to make sure our packets can leave our local networks, and on international treaties to make sure we can communicate with networks in other countries, but unless you want everyone to start developing and maintaining a decentralized physical computer network for free, we'll always need to trust a number of institutions to do this thing where we can communicate with someone on the other side of the world within a few milliseconds.
Voting has nothing to with the consensus mechanisms to determine who is allowed to choose what block is appended to the chain. Why are you bringing up "voting" into the discussion here?
Noone is out to get you. The world is not trying to "FUD" their way to your own demise.
Its just... noone wants to hear people hawking their pedo pesos constantly and how "WEB3 (powered by pedo pesos) will help us all!".
Its tiring. I'm over it. Most of us are. We wish you no ill will or harm, heck most of us hope you all wake up, but in the meantime we don't want to hear it.
That's clearly not what forking means in this context. You can't make the existing "instance" run different code, and it's users don't have to care if you run your own modified copy.
If a project is actually decentralized, you can't simply fork the code to fork the community. In truly decentralized systems, the consensus rules define whether one is into the system or not.
The big problem here is that most of the systems in crypto are really startups run by a small group of founders. Very few of these projects are really decentralized.
Handshake was co-founded by the guy claiming to be a Korean prince who attacked (and killed) freenode and was very abusive to the open source projects formerly there. I wouldn't touch it. He is extremely litigative. ref: http://www.hashedpost.com/2018/11/hashed-people-handshake-co...
Well you are still at the mercy of whoever's maintaining the network, aka some random-ass people all over the world. Aside from the few main ones, crypto networks are infamously ever changing and you're more likely to register a domain on something that won't even exist in 2 years because it collapsed completely. Maybe Eth is to big to fail now, but maybe it isn't.
That is the kind of tired, cheap, wrong argument that it so easily debunked, but "skeptics" still keep using.
Let me see if you really interested in a healthy debate or just proud of your ignorance: do you know that when using web3 for domains, you'd still be running the email servers that use the traditional protocols? You won't be losing any of your messages. You'd still be authenticating against a traditional server.
There is nothing about using web3 for domains that would lead you to lost access to your data.
You're right, you won't lose access to your emails, you'll lose access to your address, which really is the bit that I care more about - losing ability to log into sites and services is what really scares me about losing my email.
But now the important question - how does a web3 domain name solve the domain problem any better than just buying a domain, especially considering that "Permission to fail" is being touted as a web3 feature?
> losing ability to log into sites and services is what really scares me about losing my email.
That is also not a problem. Maybe current "login with web3" implementations rely only on your primary ENS record for authentication, but there is nothing stopping a MFA system where the ENS name is only one of the factors.
E.g: you could build a system that uses ENS as the first factor and a regular PGP client cert as the second. There are also "social recovery" systems. Even if you lose your keys, you can have a secondary address that can vouch for you.
IOW, stop arguing like you are the only one aware of the current limitations and that the thousands of people working on the space are just stupid. Before spewing ignorant arguments, you should learn a thing or two .
Can you point me to a blog post that explains how to use web3 name assignment technologies, in combination with MFA, to own and manage a domain that is robust to DNS provider shenanigans, crypto hacks I can’t anticipate or understand, and targeted harassment?
This is a genuine question. I’m in the market for new tools to manage my personal and business domains.
not a direct answer, I think way to design this system would be to make an ENS (with a competing resolver technology) and point that to IPFS hashes
in parallel, you would also look into how to secure your address, where the ENS is stored in
IPFS doesn't offer compute nodes and databases, so you would design your web offering around not needing that, completely rule out that idea in favor of a different one, or incorporate a different solution in addition to your frontend
but basically the way you design web 3 applications is not the same as web 2 applications to begin with. trying to straddle both worlds results in the worse experience. most similarities I can think of are kind of like omnivores trying substitute tofu based foods and having a bad experience, and attributing that experience to non-meat diets when it is just worse than a pescatarian, vegan and vegetarian cuisine.
> how does a web3 domain name solve the domain problem any better than just buying a domain?
I don't see how you addressed that. Apparently we would need to implement whole new systems? I understand, you gotta bring try to bring it into the domain and get belligerent to obfuscate the answers to simple questions, but I don't see how this addresses my concern.
> stop arguing like you are the only one aware of the current limitations and that the thousands of people working on the space
Ah, ok, so this is all in theory. Simpler answer would be "it isn't, but maybe one day it is." Thanks, I read between the lines and answered my own question!
> Before spewing ignorant arguments, you should learn a thing or two.
> how does a web3 domain name solve the domain problem any better than just buying a domain?
Was that your question? The answer is simple: once you lease (ENS only works with leases, just like traditional domain registrars, so I'll void the term "buy") a web3 domain, there is no one that can unilaterally take it away from you.
> Ah, ok, so this is all in theory.
Not exactly. It's possible, but impractical. If you are willing to accept the really poor UX and the lack of general adoption, you could build such a system today.
> The answer is simple: once you lease (ENS only works with leases, just like traditional domain registrars, so I'll void the term "buy") a web3 domain, there is no one that can unilaterally take it away from you.
This is all in the context of someone who didn't pay their domain renewal, and so it lapsed a few weeks later. How would this system behave differently?
“Permission to fail” is a desirable property in a research setting, not a global name service. This justification is in tension with the one offered above, and there’s been no evidence so far that “web3” is becoming more resilient instead of less resilient.
This is a cop-out: of course there are people with absurd risk or reliability profiles, for whom just about anything might be suitable. The entire point of systems like DNS are that they’re universal substrates that don’t require any exceptional selection. Economies and ecosystems are built on reliable and universal substrates.
My perception of resiliency is based on this[1], which has reliably increased in volume and quantity by year.
An exploiter's bug bounty on a still functioning yield farm that flash loaned itself, getting frontrun by a MEV searcher because the exploiter didn't hide their transaction directly with a block producer via bribery? That sentence wasn't possible a year ago. And now we all know not to design a smart contract powering a farm that way. I don't view that as failure. A regulatory sandbox would have deliberated for 5 years before allowing a launch and still never found that problem, resulting in a following multi year pause, committee report, and disbanding. I view this much faster higher iterative version as a win.
It's not that it has no applications, it's that almost all applications it's suggested for wouldn't actually be improved by having a persistent history, write-only, distributed data backing. Until someone writes a blockchain protocol that allows data to be purged by an individual in a way that forces everyone else's records to update accordingly (i.e. to comply with laws around PII) web3 isn't a solution, it just makes the problem harder.
For the sake of argument, let's say that all email was hosted on ENS. Let's say that somebody, doesn't matter who, went ahead and forked the chain into ENS'. We now have two disconnected chains, ENS and ENS'. If I were to buy a domain on ENS', i would not also own the domain on ENS, so someone else buys that. Who now receives the mail sent to that domain?
If your choice in any way depends on the configuration of the mail server then your decentralized system has accomplished absolutely nothing, because the mail provider is still the gatekeeper.
That's the beauty of it - we'd have a decentralized marketplace for deciding which one counts! Every email sender can choose to use one or the other, and the best one should win in the marketplace of ideas!
> If your choice in any way depends on the configuration of the mail server then your decentralized system has accomplished absolutely nothing, because the mail provider is still the gatekeeper.
This is a strawman. If you are talking about a decentralized system, you don't need the mail provider to send the message for you. Your email application would (and should) be able to resolve the IP address of the destination server for you, and it would (and should) be able to verify that the end server is who the sender expects it to be.
So, what would happen is that if you are on ENS', your view of the network would follow the consensus established by the ENS' chain. If you try to send a message to an email server that is on ENS, they would fail to provide a valid confirmation that they can respond for the IP address that you think they are on. It would be akin to failing a DNSSEC query.
I’m not necessarily defending web3, but you’re asking the wrong question. Your same question could have been asked about email in general in the early aughts. But clearly, mass adoption happened, and the calculus changed. Sure, your statement is strictly correct, but completely uninteresting.
What question did I ask that was "the wrong question"? I thought both the questions I put were rhetorical. Let's try:
"What does email have to do with email domains?"
"How does one receive email from e.g. one's bank, at an email domain?"
No, I don't think my questions could equally have been asked about email in the early aughts (nor at any other time - those rewritten questions don't make sense).
Mass adoption had already happened by the early aughts; email was adopted universally in the corporate world in the mid-nineties.
Of course, what is interesting to you is your business.
All you need is to have DNS servers reading ENS' equivalent of MX records. Failing that, you can even have that implemented at the email client or OS level.
Sorry, but that seems to require that my bank and all my friends adopt some skanky modified DNS resolver. Is that right? How exactly does that benefit them?
And the alternative you're suggesting is that they replace their OS, or adopt some mutant mail client? Few of my friends have ever used a proper email client at all. And which alternative OS implements this? And again, what incentive do my correspondents have to switch OS?
Really, if this is "all I need", it's clearly not a proposal that has much to do with the real world.
If your friends wants to access a website that has been blocked by some authority, they can with this system. With the status quo, they can not.
> replace their OS or adopt some mutant mail client?
No, there is nothing stopping MS or Apple from adding this functionality to their own systems. All it would take is for them to see increased demand for it.
> not a proposal that has much to do with the real world.
What I am describing is a possible solution for a very specific problem, namely the lack of distributed identity systems (domain names) that are permissionless and censorship-resistant.
You are right that this is not a concern for the majority of people "in the real world", but the whole conversation started because someone is talking about how many people lost access to their emails and domains due to abuse/mismanagement/arbitrary rule enforcement from different domain registrars.
IOW, if you are okay with the status quo, good for you. But consider yourself privileged and don't dismiss the complaints of those who are building and asking for better alternatives.
> If your friends wants to access a website that has been blocked by some authority, they can with this system. With the status quo, they can not.
OK; if the blockage is that authoritative DNS records are unavailable, this system could help. At the cost of all visitors installing an alternative DNS client stack. But most websites subject to DNS blocking just move to a new domain; TPB seems to manage. More generally, you could simply move your DNS hosting out of the reach of the problematic authority. Unless the website owner made the mistake of using a subdomain of e.g. a repressive CCTLD.
> IOW, if you are okay with the status quo, good for you.
I'm not OK with the status-quo; we know DNS is problematic. But you suggested that this system is simple ("All you need is..."). You didn't mention that (a) the problem it addresses is constrained to the blocking of authoritative DNS, nor (b) that no alternative mail client or OS actually exists.
> At the cost of all visitors installing an alternative DNS client stack.
That will be a requirement only until the bigger players don't integrate this directly. Nothing stopping Cloudflare/Google/OpenDNS to provide integration with ENS.
Anyway, you make it sound like this is just a niche required by a few dozen people. The Brave browser is used by 60 million people already and can handle .eth TLD (and other TLDs from unstoppable domains) natively. It is not a big of a deal as you are making it out to be.
> More generally, you could simply move your DNS hosting out of the reach of the problematic authority.
Or we can build a system where we do not have to play whack-a-mole just to use a service?
> You didn't mention that (a) the problem it addresses is constrained to the blocking of authoritative DNS,
I said that is the most obvious benefit, but I didn't say it was constrained to that. Look up again at the top of the thread: people are getting shut out of "reputable" registrars established in "democratic jurisdictions" without recourse.
Ofcourse it could be part of the solution but just slapping current available solutions onto this problem won't solve it. It could be part of a solution I agree but in it's current state I rather not complicate this further with a technology in it's infancy.
> The other day someone suggested making real estate NFTs.
Looking at the current implementations, it is a terrible idea. But it doesn't mean that the problem can not be solved.
> What happens if the "owner" of some real estate loses their key?
Just spitballing here: take the idea of social recovery further to include the current legal institutions as a backup instead of the main authority. For example, a contract that manages such high-value NFTs could require a set of government-sanctioned notaries who would have permission to transfer the NFT to any new address. So if you are the owner and you lose the key (or you get hacked), you could be made whole by presenting some type of "real world" legal evidence to the notary.
For underlying security, of course. The point is that the ability to also tokenize a real physical asset opens a world of possibilities.
Can you take a collaterized loan on a share of your home from anyone in the world, if you have only the government database?
Can we have a "decentralized AirBnB" where you have can the NFT represents who have access to the house with "just a government database"?
Can you pool the resources from thousands of strangers to form a "REIT DAO", who then go on to invest on a scale that is only accessible for the Vanguards and Blackrocks around?
This would be simply too risky to be even considered by people if we constrain ourselves only to digital assets, but if we can have a system where the institutions work as a safeguard, why not leverage it?
What is the jurisdiction of "Tokenized Blockchain Corp"? What happens if you live on a country that is under economic sanctions? What happens if there is any type of rug pull? What happens if the Corp gets "too big to fail" and its managers corrupt it? I surely don't want to end up with another Tether in our hands.
We don't need to completely disrupt the current institutions, when they are functional and work in the interests of the people. Quite the opposite, when they are functional they are more efficient (time- and resource-wise) than any decentralized system.
Skipping the middleman doesn't solve any of these issues, except for the possibility that Tokenized Blockchain Corp is corrupt. So write an iron-clad contract with Tokenized Blockchain Corp regarding how your house is to be managed, and the courts will enforce it for you.
It can't be Tether because you can see that only one NFT is minted for your house.
The jurisdiction is, of course, where the house is.
Public Key Cryptography isn't an alternative to email. Public keys aren't a convenient way to refer to addressees, and PK algorithms are a very inefficient way of sending messages, which is why they are generally used to send the key for a symmetrically-encrypted transmission.
I see this advice (that you should use a custom domain) and it makes me a bit hesitant in that I’m not sure I necessarily trust a registrar more than I trust Google not to allow phishing/hijack/deletion.
That said there’s really two issues if you seperate out the inbox - access to new emails, and access to the historical emails you’ve accumulated. The second can be partially helped by downloading all mail + attachments from the server and keeping a backup.
The first is more complicated either way you look at it.
I find thinking about the whole thing far too stressful.
Especially now that so many of my photos and documents are 'backed up' to Google photos and drive.
Balancing the risk of these black swan events is beyond me. Why ever would Google ban me? But they might. Why ever would Tutanota mess up my private domain? Or ban me? But they might!
Both are risky, but at least you can decouple your address from your storage.
If something happens to your gmail, you lose both your address and your storage at once.
If it is your domain, you presumably still have access to your host (which may just be gmail). And if you lose access to your host, at least you can still redirect your domain somewhere else.
Nothing is foolproof, but you can split one large dependency into two smaller dependencies.
If you change your security model from gmail to a registrar you need to redo the risk assessment, or rely on someone else to do that risk assessment for your (i.e. base your decision on third-party recommendations/best practices).
A free service is covered under very different customer protection than a paid product, but your country of origin matter as does the country where the registrar is located and the country where the registry is located (registry is generally the upstream provider of the registrar). It would be difficult legal fight when the TLD is .eu, operated by Belgium company (EURid), with the domain registered by a American company (Namecheap), while you the customer is located in Russia. Your bank could also in theory be a forth country involved.
If you want legal protection as a domain owner the best advice is generally to use a cTLD of your own country with registrar located also within your own borders. It naturally depend a bit on how stable the country is and how good the customer protection laws.
I also strongly recommend against registrars where responsibility is on you to renew the domain, rather than those that have contracts that run continuously until cancellation (who will also bill you if you fail the payment). For domain names it is a better model for both the customer and registrar, in contrast for a subscription service like a news paper. It is a bad default to automatically loose the domain name.
If you live in Sweden, yes. Outside of that area I don't know. I can only guess that enforcing bills is something that is much harder once you pass national lines.
Is this really a thing? I had a .eu
domain for years. I only let it go this year(it was on annual renewal) . My registered address was and is still in UK and I never had any trouble from my registrar(eurodns) about the EU domain. Or do they do it based on the payment method? (I might have used an EU cc to renew)?
It seems .eu domains are more or less only available to people who live in the EU/EEA, hold EU/EEA citizenship or businesses that conduct business in the region.
And that was always so; it's not "more-or-less", you've never been able to have a .eu domain unless you "belong to" the EU, for various values of "belong to". Always read the T&C.
You're being downvoted but this is actually good advice.
As someone who worked in domain names for 5 years, I often suggest to either use one of the historical gTLDs (com, net, info, org) or the ccTLD of your country if it's popular enough (.fr for France, .uk/.co.uk for United Kingdom, etc.)
Never use the ccTLD of a different country than yours, eligibility rules can change with very short notice. For .eu the notice was long enough but nothing guarantees it to be the case. Some trendy ccTLDs also have crappy infrastructure (.so of Somalia for example has provoked at least one outage for Notion.so).
Be very careful with newGTLDs, some of these are outright scam. There are some reliable newGTLDS (.app/.dev from Google for example, yeah, even though it's Google they have to play by ICANN's rules) but if you don't know how to determine the reliability of a newGTLD, just stick with .com/.net.
As I said before, it does not matter. Before someone had an email address and now they don't, and it could happen to anyone with an .eu domain. This is what matters. It is an unreliable TLD for email addresses that you want to last.
Nothings perfect. I think if you use a reputable register with support and a paid email host with support you have less risk than a gmail where they can lock you out and you cant do password recovery because some filter triggered.
I would add two other things.
- Prepay the domain for a large number of years (10y) to avoid billing issues.
- Keep a local copy of your email on atleast one machine (either just in a desktop client, or do regular exports).
Yep. For the last month, I have been exclusively giving out GMail as "my personal email" instead of <personal domain>.ru, but it was more of an emotional thing. Thinking of it, I genuinely don't know which of these is less reliable in the long run for a Russian citizen: GMail, Russian registrar or a foreign registrar for <personal domain>.<some other TLD>.
I've used https://www.pairnic.com for ~15 years, and they're lovely. I've had domains expire several times, and they've never given me grief. They're small enough to give a shit.
But what's the alternative? Does SMTP even work without a domain? I dipped my toes in this far enough to connect a custom domain to a mailbox hosted by bluehost so I don't know too much but I always seek to separate from Google et al wherever possible. I thought the buck stops at DNS and domain registration though, short of like, that gnu internet project I vaguely remember, what's the alternative?
It is, but don't expecting people understand what [email protected] is a perfectly valid address, nor the anti-spam systems or designers of web/mail apps and services.
You can theoretically send email to an IP address directly, like someone@[127.0.0.1], but I imagine a lot of the programs and websites you'd want to use don't know that. And you're still left with the problem of needing to get that IP address from someone who can arbitrarily take it away from you.
So far Gandi was posted as reliable company and over last 10 years I had no issues with them. One good feature is that you dont have to be owner to renew domain name registered with them. So in case you temporary lose access to your account you can still pay for domains. They also allow to keep credit balance for auto renew.
I really didnt have much of issues to talk about so no idea how good is their support at solving them, but at least I have peace of mind when it comes to renewal.
Anybody can read my email, it's cleartext after all. ISP, registar, etc. I pay for my email as part of my yearly domain fee: 2 domains (personal and self employed work), 2 registars. I download them over POP3, store them locally in Thunderbird, backup them locally (encrypted disk) and remotely (duplicity, can't even remember, too early in the morning.) This protects me against some attacks, not against everything. The only online services I really care about are banks. Everything else is disposable. I call my customers, give them a new Google and AWS account, that's it. Or ask them to create an account for me until I sort out the problem. Protecting against state level actors is a different thing. No plans for that. After all they can knock my door and deal with me in person.
Go through that exercise of ditching that email. You will find out the 2-3 things you need absolute plan a/b/c for.
Seriously, reset your email password to something you can never remember and write it down and have someone hold it for a month (don’t tell them what is it, tuck it in an envelope). Let your mind run circles around your fears and you’ll find out how little that email account owns you.
Freezing one credit card will shut off all your frivolous subscriptions (Spotify, Netflix, Prime).
You’ll call your internet provider because you don’t want that cut off.
You’ll call your bank, brokerage.
You’ll remember your bosses contact info, and the one person at work you trust.
You’ll let the most important people know (could be as few as one) that you’re off the grid, in your terms. You’ll memorize their number.
You’ll realize all the people you could care less about, or they about you, if neither of you ever heard from each other again.
Kind of a freeing thing. Then you’ll make a new email, and you’ll never add that much cruft to it ever again.
If it is just an inconvenience, then this exercise is unnecessary. This is more for those who believe they cannot survive without it (inconvenience vs survival).
Look, it’s one thing to say “I cannot live without my kids”, and have some asshole say “ditch them. Move, adopt new ones, you’ll see how stupid that attachment is”.
You guys are literally acting like e-mail is some cornerstone of a life well lived.
I’ll agree with the insufferable part though :)
The rest of your comment, I’ll just attribute to you projecting, which we all do, no one is better.
You're the one attaching moral judgements to it. Speaking of projecting.
We're just saying that email is either necessary or a massive increase in convenience for engaging in a wide array of common digital interactions, including some that are extremely hard to get away from (utilities, banks, etc), and others that are part of what makes life worth living, rather than just subsistence survival (streaming services, online games, other luxuries).
Doing without something that's technically possible to avoid, but wastes a whole lot of your time and mental energy, and does not materially harm you in any way, does not make you a better person. Nor does it make you a worse person. It's something that's a personal choice.
Smugly presenting yourself as somehow better than us because you do without such things does make you a worse person.
I think you are just wrong. I simply provided some advice to someone who feels they can’t do without something that is possible to do without (or at least in a much more reduced manner).
But I do like the irony, some of you inferred I said “I am better than you”. The words are written by you - “makes you a worse person”, which I don’t need to make any inference on, I know what you said.
I’d give the same advice to anyone that believes they can’t live without coffee. Whether they drink it or not is none of my business, but their exclamation of an impossibility is something I might chime in on.
Start the thread again, I picked a specific thing to address with the GP. Don’t care if he/she uses email, the whole world uses email lol.
Just for shits and giggles:
I get a few text alerts from my bank, I check things out with the bank app. I read the utility mail (yes the paper bill) once a month. No email involved. If I lost my email, my bank and electricity would be fine. So would my internet. It’s not impossible.
Morality seeping into this discussion and holier than thou interpretations (casted on to me), are interesting and I’ll consider everyone’s input carefully and adjust going forward.
I see you are getting a lot of negative comments so wanted to let you know I agree this is a good thing. Creating chaos is the only way to take away power from digital bureaucracy and surveillance systems. Make multiple conflicting linkedin profiles in your name, share a WhatsApp account with friends, delete and recreate your Instagram profile every year.
> "Let your mind run circles around your fears and you’ll find out how little that email account owns you."
This year I have recieved an email from a city councill if a city where I no longer live, that were about to sue me for underpaying some
bill years ago.
If I followed your advise I would be on the hook for serous money and headache
That email could have been sitting in your junk folder for all you know. Even with access to your account it would have been a dumb way to serve someone a summons.
Following my advice or not, email could have still fucked you.
No, it sucks. A summons usually requires them to serve it for-sure somehow (in-person or someone in your home that accepts it for you).
They had no idea where you were, so you fell for the pre-action letter. They would have never gone through the trouble of where-in-America—are-you to sue you.
It’s all perspective. I think your phone number is more like water. If anything happens to your phone, you can simply take one physical trip down to your carriers store and get a new one with the same number. That’s water.
A bunch of email accounts that your whole life is tied down to where you can’t even get someone on customer service on the line 24/7? No, that’s Soda.
I’m just saying, this is the diet equivalent of giving up sugary drinks and switching to water.
It's actually an exercise in True freedom, trying to detach your life from all socials/spaces
Remove/minimize socials, move to multiple countries more than a couple times a year. form new friend groups/communities, learning to min-max essentials
Diet: try fasting, appreciate simple meals after a lengthy fast
Exactly! Good one. People just don't realize how much of this stuff is just jetsam and dross.
What the hell would happen if the service ever seriously failed for long periods or GPS failed overnight (which it easily could)? People would have to resort to what they did pre-internet. Back then, the world still worked (and some would argue even better because the internet 'toy' wasn't around to distract everyone and wreak havoc on the world).
Believe it or not, we actually built the modern world without email and the smartphone.
Using your own domain also has advantages in terms of being able to use aliases for different websites so (when, not if) an address gets leaked you can > /dev/null it.
If you're cheap like me you can give family members their own subdomain so everyone can have aliases for the cost of a single domain.
It's sad to think back on myself nearly two decades ago when Gmail first launched as invitation service and I thought I was being smart by not paying for my own domain, little did I know how evil Google would turn out to be in terms of locking people out of their own accounts with no recourse.
OK, but if the point was to obfuscate your "precious" address and use some other "throwaway" address, then this does not work. Your email address can be easily deconstructed and used for spam
What email do you use with domain registrar? I ended up switching most if mine domains to google domains simply because i find its ui more convenient for me, all eggs in one basket i guess. But how do you ensure that you aren’t gonna loose access to your domain account?
Given the way Google locks out accounts with no support or appeal I can't think of a worse registrar to use.
I use my ISP's email address with my registrar, if they want to keep getting paid each month its in their interests to keep that email address working.
At this point some government entity should provide a way to have an inalienable electronic address. There are strong protections for regular mail, that ensure that mail gets delivered. Cell carriers are required to port numbers. Since email addresses are tied to domain, there should be some usps-like service that allows to have an address, that can be related to a provider of your choosing. And this address is tied to your identity, which you can verify by physically visiting usps or dmv if all else fails.
Email is intrinsically an unreliable service, and always has been. It's a "best-effort" service. But at least email is honest about it up-front, and tries to address reliability in the RFCs.
That was in reference to regular mail. USPS was one of the first fed agencies and mail was one of the few original functionals of the central government. On top of USPS being one of the largest agencies, there is also legal protection against tempering with mail and usps has its own enforcement branch.
In case of email, it probably should simpler. Gov only serves as an address book, essentially. But does minimum of tech implementing it. Given how domain MX records work, does not seem possible. So i think email relay is the closest thing.
I think email is ever diminishing as a communication medium because it's just so terribly broken. You can't verify the sender is who they say they are, you can't be sure that the recipient receives your message and is the only one to see it.
I don't use it for personal communication anymore. With some businesses perhaps but most of that has relegated email to a buggy notification service ("come check our portal for your message") because email can't be trusted with confidential data.
It still has an important role in the identity process but that's mainly for historical reasons. It's also grossly unsuited for that and I don't understand why open ID federation like OpenID never took off.
With my own domain being hosted by Google Legacy Workspace or whatever they call it, I've been wondering about this, and wondering if there has there any evidence of Google cutting off an entire domain randomly.
To deal with that possibility I've been thinking what the easiest and most reliable way of providing a "failover" for my domain's mail is.
Buy Fastmail account (seriously, they should pay us money for advertising them so much).
In your DNS/registrar settings add Fastmail as a secondary MX, disable DKIM and SPF.
Customize it for your needs (necessary mailboxes/addresses/identities etc).
Switch over primary MX to FM (maybe keeping G as a secondary for a week).
Somewhat optional, but requires some effort - make G send any incoming email to some address not on your domain. You can buy some temp domain and slap it to FM too, it doesn't matter, except you would have two copies of mails for migration time.
After mails start to flow to FM reliably (not from Google) remove G. from MX records completely.
At this point you would know if something is wrong if some mail would be routed through G. instead of FM (by receiving them to that forwading address).
If everything is okay - remove your G. workplace so it has no chance to mess things up.
Before that move your mail from G to FM. If it's only thousands - even connecting Outlook (and maybe Thunderbird?) to both through IMAP and drag and drop mails from one account to another would work. If it's millions... clean up it first. You don't need news on newest sales from 2014.
PS I'm not moved out from my Gmail account but I culled things there HARD. I also moved everything worthy (notably - registrars and mail providers) to my personal domain mail addresses. If I lose it - it wouldn't be that painful anymore.
I know (and I even had one) but that's for users who actually bothered to use a referral, not for ones who saw so much adver^W mentions and just got an account.
I was being a bit sarcastic there, though. If anything, new clients => company receives money to stay afloat.
Heaven forbid, how did you become so utterly dependent on this technology? You're probably one of those who insists in using your phone instead of paying cash or using cards. You also probably use Twitter, Facebook and Google's Gmail too.
If so, then you can't be helped.
If you organize thing right you don't need to be so dependent on ephemeral technology (unless you're in Communist China, governments haven't made email compulsory yet. If they ever do then I'd demand free hardware to participate).
BTW, I'm not an email Luddite, I have and have had email addresses since the late 1970s (in the days before the internet) using The Source etc. and after that I've run my own email servers and so on. Right, I was in the vanguard of the email service but I've never let it rule me or my life.
P.S.: it really isn't that hard, for years I successfully ran a large IT department in a well-known organization and I refused to have an email address because I got damn sick of the CEO defaulting to email when all he had to do was to walk out of his office door and into mine—or use the good old POTS telephone! Yes, there are still many alternatives if you look (that is, unless you actually like being ruled over).
