Gergely Nagy

Budapest, Hungary

A tiny mouse, a hacker.

  • Christopher Allan Webber at 2017-04-10T04:24:12Z

    This one hits all the hypernerd buzzwords, but in earnest: Lisp, CLOS, SemWeb, reasoner, truth maintenance systems..

    Gergely Nagy, Charles ☕ Stanhope likes this.

  • Possible routes for distributed anti-abuse systems

    Christopher Allan Webber at 2017-04-04T21:30:34Z

    Also on my blog

    I work on federated standards and systems, particularly ActivityPub. Of course, if you work on this stuff, every now and then the question of "how do you deal with abuse?" very rightly comes up. Most recently Mastadon has gotten some attention, which is great! But of course, people are raising the question, can federation systems really protect people from abuse? (It's not the first time to come up either; at LibrePlanet in 2015 a number of us held a "social justice for federated free software systems" dinner and were discussing things then.) It's an important question to ask, and I'm afraid the answer is, "not reliably yet". But in this blogpost I hope to show that there may be some hope for the future.

    A few things I think you want out of such a system:

    • It should actually be decentralized. It's possible to run a mega-node that everyone screens their content against, but then what's the point?
    • The most important thing is for the system to prevent attackers from being able to deliver hateful content. An attack in a social system means getting your message across, so that's what we don't want to happen.
    • But who are we protecting, and against what? It's difficult to know, because even very progressive groups often don't anticipate who they need to protect; "social justice" groups of the past are often exclusionary against other groups until they find out they need to be otherwise (eg in each of these important social movements, some prominent members have had problems including other social justice groups: racist sufferagists, civil rights activists exclusionary against gay and lesbian groups, gay and lesbian groups exclusionary against transgender individuals...). The point is: if we haven't gotten it all right in the past, we might not get it all right in the present, so the most important thing is to allow communities to protect themselves from hate.

    Of course, keep in mind that no technology system is going to be perfect; these are all mitigators. But what technical decisions you make do also affect who is empowered in a system, so it's also still important to work on these, though none of them are panaceas.

    With those core bits down, what strategies are available? There are a few I've been paying close attention to (keep in mind that I am an expert in zero of these routes at present):

    • Federated Blocklists: The easiest "starter" route. And good news! If you're using the ActivityPub standard, there's already a Block activity, and you could build up group-moderated collections of people to block. A decent first step, but I don't think it gets you very far; for one thing, being the maintainer of a public blocklist is a risky activity; trolls might use that information to attack you. That and merging/squashing blocklists might be awkward in this system.
    • Federated reputation systems: You could also take it a step further by using something like the Stellar consensus protocol (more info in paper form or even a graphic novel). Stellar is a cryptographically signed ledger. Okay, yes, that makes it a kind of blockchain, but it's not necessarily restricted to use of cryptocurrencies... you can track any kinds of transactions with it. Which means we could also track blocklists, or even less binary reputation systems! But what's most interesting about Stellar is that it's also federated... and in this case, federation means you can choose what groups you trust... but due to math'y concepts that I occasionally totally get upon being explained to me and then forget the moment someone asks me to explain to someone else, consensus is still enforced within the "slices" of groups you are following. You can imagine maybe the needs of an LGBT community and a Furry community might overlap, but they might not be the same, and maybe you'd be subscribed to just one or both, or neither. Or pick your other social groups, go wild. That said, I'm not sure how to make these "transactions" not public in this system, so it's very out there in the open, but since there's a voting system built-in maybe particular individuals won't be as liable for being attacked as individuals maintaining a blocklist are. Introducing a sliding-scale "social reputation system" may also introduce other dangerous problems, though I think Stellar's design is probably the least dangerous of all of these since it probably will still keep abusers out of a particular targeted group, but will allow marginalized-but-not-recognized-by-larger groups still avenues to set up their own slices as well.
    • "Charging" for disributing messages: Hoo boy, this one's going to be controvercial! This was suggested to me by someone smart in the whole distributed technology space. It's not necessarily what we would normally consider real money that would be charged to distribute things... it could be a kind of "whuffie" cryptocurrency that you have to pay. Well the upside to this is it would keep low-funded abusers out of a system... the downside is that you've now basically powered your decentralized social network through pay-to-play capitalism. Unfortunately, even if the cryptocurrency is just some "social media fun money", imaginary currencies have a way of turning into real currencies; see paying for in-game currency in any massively multiplayer game ever. I don't think this gives us the power dynamics we want in our system, but it's worth noting that "it's one way to do it"... with serious side effects.
    • Web of trust / Friend of a Friend networks: Well researched in crypto systems, though nobody's built really good UIs for them. Still, a lot of potential if the system was somehow made friendly and didn't require showing up to a nerd-heavy "keysigning party"... if the system could have marking who you trust and who you don't (and not just as in terms of verifying keys) built as an elegant part of the UI, then yes I think this could be a good component for recognizing who you might allow to send you messages. There are also risks in having these associations be completely public, though I think web of trust systems don't necessarily have to be public... you can recurse outward from the individuals you do already know.
    • Distributed recommendation systems: Think of recommender systems in (sorry for the centralized system references) Amazon, Netflix, or any of the major social networks (Twitter, Facebook, etc). Is there a way to tell if someone or some message may be relevant to you, depending on who else you follow? Almost nobody seems to be doing research here, but not quite nobody; here's one paper: Collaborative Filtering with Privacy. Would it work? I have no idea, but the paper's title sure sounds compelling.
    • Good ol' basyesian filtering: Unfortunately, I think that there's too many side channels for attacks for just processing a message's statistical contents to be good enough, though I think it's probably a good component of an anti-abuse system. In fact, maybe we should be talking about solutions that can use multiple components, and be very adaptive...
    • Distributed machine learning sets: Probably way too computationally expensive to run in a decentralized network, but maybe I'm wrong. Maybe this can be done in a the right way, but I get the impression that without the training dataset it's probably not useful? Prove me wrong! But I also just don't know enough about machine learning. Has the right property of being adaptive, though.
    • Genetic programs: Okay, I hear you saying, "what?? genetic programming?? as in programs that evolve?" It's a field of study that has quite a bit of research behind it, but very little application in the real world... but it might be a good basis for filtering systems in a federated network (I'm beginning to explore this but I have no idea if it will bear fruit). Programs might evolve on your machine and mine which adapt to the changing nature of social attacks. And best of all, in a distributed network, we might be able to send our genetic anti-abuse programs to each other... and they could breed and make new anti-abuse baby programs! However, for this to work the programs would have to carry part of the information of their "experiences" from parent to child. After all, a program isn't going to very likely randomly bump into finding out that a hateful group has started using "cuck" as a slur. But programs keep information around while they run, and it's possible that parent programs could teach wordlists and other information to their children, or to other programs. And if you already have a trust network, your programs could propagate their techniques and information with each other. (There's a risk of a side channel attack though: you might be able to find some of the content of information sent/received by checking the wordlists or etc being passed around by these programs.) (You'd definitely want your programs sandboxed if you took this route, and I think it would be good for filtering only... if you expose output methods, your programs might start talking on the network, and who knows what would happen!) One big upside to this is that if it worked, it should work in a distributed system... you're effectively occasionally bringing the anti-abuse hamster cages together now and then. However, you do get into an ontology problem... if these programs are making up wordlists and binding them to generated symbols, you're effectively generating a new language. That's not too far from human-generated language, and so at that point you're talking about a computer-generated natural language... but I think there may be evolutionary incentive to agree upon terms. Setting up the "fitness" of the program (same with the machine learning route) would also have to involve determining what filtering is useful / isn't useful to the user of the program, and that's a whole challenging problem domain of its own (though you could start with just manually marking correct/incorrect the way people train their spam filters with spam/ham). But... okay by now this sounds pretty far-fetched, I know, but I think it has some promise... I'm beginning to explore it with a derivative of some of the ideas from PushGP. I'm not sure if any of these ideas will work but I think this is both the most entertainingly exciting and crazy at the same time. (On another side, I also think there's an untapped potential for roguelike AI that's driven by genetic algorithms...) There's definitely one huge downside to this though, even if it was effective (the same problem machine learning groups have)... the programs would be nearly unreadable to humans! Would this really be the only source of information you'd want to trust?
    • Expert / constraint based systems: Everyone's super into "machine learning" based systems right now, but it's hard to tell what on earth those systems are doing, even when their results are impressive (not far off from genetic algorithms, as above! but genetic algorithms may not require the same crazy large centralized datasets that machine learning systems tend to). Luckily there's a whole other branch of AI involving "expert systems" and "symbolic reasoning" and etc. The most promising of these I think is the propagator model by Sussman / Radul / and many others (if you've seen the constraint system in SICP, this is a grandchild of that design). One interesting thing about the propagator model is that it can come to conclusions from exploring many different sources, and it can tell you how it came to those conclusions. These systems are incredible and under-explored, though there's a catch: usually they're hand-wired, or the rules are added manually (which is partly how you can tell where the conclusions came from, since the symbols for those sources may be labeled by a human... but who knows, maybe there's a way to map a machines concept of some term to a human's anyway). I think this won't probably be adaptive enough for the fast-changing world of different attack structures... but! but! we've explored a lot of other ideas above, and maybe you have some combination of a reputation system, and a genetic programming system, and etc, and this branch of study could be a great route to glue those very differing systems together and get a sense of what may be safe / unsafe from different sources... and at least understand how each source, on its macro level, contributed to a conclusion about whether or not to trust a message or individual.

    Okay, well that's it I think! Those are all the routes I've been thinking about. None of these routes are proven, but I hope that gives some evidence that there are avenues worth exploring... and that there is likely hope for the federated web to protect people... and maybe we could even do it better for the silos. After all, if we could do filtering as well as the big orgs, even if it were just at or nearly at the same level (which isn't as good as I'd like), that's already a win: it would mean we could protect people, and also preserve the autonomy of marginalized groups... who aren't very likely to be well protected by centralized regimes if push really does come to shove.

    I hope that inspires some people! If you have other routes that should be added to this list or you're exploring or would like to explore one of these directions, please contact me. Once the W3C Social Working Group wraps up, I'm to be co-chair of the following Social Community Group, and this is something we want to explore there.

    der.hans, Gergely Nagy, Sean Tilley, Scott Sweeny and 4 others likes this.

    Sarah Elkins, Mike Linksvayer shared this.

    I'm happy to see that the Matrix folks also see this as "the single biggest existential threat" and "a problem that the whole decentralised web community has in common"... apparently they already have been looking at the Stellar approach. More from their FOSDEM talk slides. I agree that this is a problem facing the whole decentralized web, and I'm glad / hopeful that there's interest in working together. Now's a good time to be implementing and experimenting!

    Christopher Allan Webber at 2017-04-05T01:33:00Z

    Sean Tilley, Charles ☕ Stanhope, Mike Linksvayer likes this.

    Seems I cannot like, share or comment from datamost at the moment.

    Patchwork people are also already thinking about these issues.

    Clacke moved to and at 2017-04-05T07:25:09Z

  • Phyllis Fox, saving Lisp history

    Christopher Allan Webber at 2017-03-08T18:54:01Z

    crossposted from my blog

    In honor of International Womens' Day, let's celebrate a woman, Phyllis Fox, who may have saved Lisp from the dustbin of history... by documenting it. From her oral history:

    HAIGH: So you say that you wrote the first LISP manual?

    FOX: Now, this was not because I was a great LISP programmer, but they never documented or wrote down anything, especially McCarthy. Nobody in that group ever wrote down anything. McCarthy was furious that they didn’t document the code, but he wouldn’t do it, either. So I learned enough LISP that I could write it and ask them questions and write some more. One of the people in the group was a student named Jim Slagel, who was blind. He learned LISP sort of from me, because I would read him what I had written and he would tell me about LISP and I would write some more. His mind was incredible. He could give lectures. Have you ever seen a blind person lecture?

    HAIGH: No.

    FOX: They write on a black (or white) board, and then they put a finger on the board at the point they have stopped to keep the place. Then they talk some more and then they go on writing. His mind was remarkable. He was very helpful to me. But I wrote those manuals. I would ask questions from Minsky or McCarthy, and I got it done. I think it was helpful for people to have it. I guess, essentially I’m a documenter. If you’re looking for it, that’s what I am.

    Phyllis Fox did a lot more than that, but as a Lisp enthusiast, thank you to Dr. Fox for preserving our programming knowledge!

    der.hans, Claes Wallin (韋嘉誠), Mike Linksvayer, Tyng-Ruey Chuang and 7 others likes this.

    der.hans, Sarah Elkins, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠) and 1 others shared this.

    If you'd like to see that documentation: and there is P Fox on the front cover. (This document is probably in the public domain due to the lack of copyright notice, which was a requirement of U.S. copyright law at that time, so yay to it also being Free.)

    Jason Self at 2017-03-09T02:12:11Z

    Claes Wallin (韋嘉誠), Tyng-Ruey Chuang, Christopher Allan Webber likes this.

  • joeyh at 2017-01-08T21:55:23Z

    Just one example of new Android suck: Having developer mode hidden behind clicking on just the right menu item 7 times in a row. Seriously?

    Claes Wallin (韋嘉誠),, Gergely Nagy likes this.

  • git annex metadata gui

    joeyh at 2016-12-07T20:06:42Z

    I always wanted this to exist. So awesome that someone (not me) has gone and built it.

    git-annex's metadata facilities have been somewhat of a hidden feature for power users. It will be interesting if that gets wider use. The metadata is synced as part of the git repo, and automatically merged.

    Claes Wallin (韋嘉誠), Gergely Nagy likes this.

    Claes Wallin (韋嘉誠) shared this.

  • hole in one

    joeyh at 2016-12-07T15:58:45Z

    \o/ git-annex get over tor worked the first time I tried it

    (After 2+ weeks developing the feature)

    Claes Wallin (韋嘉誠), Stephen Michael Kellat, Nathan Willis, Andrew E and 6 others likes this.

    Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠) and 1 others shared this.

  • tinc

    joeyh at 2016-04-28T12:29:36Z

    cabal update
    Downloading the latest package list from
    cabal: does not exist

    Kete Foy, Alex Jordan, Gergely Nagy likes this.

  • the dreams of the 90 are alive in my xmonad

    joeyh at 2016-04-01T16:58:39Z

    • wikipedia via telnet
    • metafilter via gopher
    • via nntp with special NSA appearance
    • xeyes

    mcepl, tester-jumper, Guido Arnold, jcrbr0 and 13 others likes this.

    tester-jumper, Arcee, Arcee, Arcee and 3 others shared this.

  • joeyh at 2016-02-19T21:04:56Z

    "Until we can be confident that these strings will never be used as a weapon, their presence probably needs to become a Debian policy violation." -- phil hands

    j1mc, Mike Linksvayer, Gergely Nagy, Douglas Perkins and 1 others likes this.

    Stephen Michael Kellat, Christopher Allan Webber shared this.

  • Watch Guile/ Guix FOSDEM talks from the comfort of your own chair!

    guile at 2016-02-08T17:38:25Z

    mnd, Alex Jordan, Mike Linksvayer, Gergely Nagy and 2 others likes this.

    Ben Sturmfels, David Thompson, Christopher Allan Webber shared this.

  • joeyh at 2015-12-31T20:12:12Z

    "whenever you are in a situation like that when people have given so much to you, one of the first instincts is like what can I do for you, what can I give back?"

    Ian, you helped so many of us find our answers to that question.

    mray, Francisco M García Claramonte, Gergely Nagy, Christopher Allan Webber and 1 others likes this.

  • The Internet of Code

    joeyh at 2015-10-23T05:20:04Z

    The internet of (alien non-recursive url-based perfectly sandboxed) code

    If you don't know haskell or lambda calculus, skip 19:30 for the start of the payoff.

    Gergely Nagy likes this.

    From that description, I was half expecting a talk about Urbit.

    Screwtape at 2015-10-23T11:20:22Z

  • view source

    joeyh at 2015-10-22T16:39:56Z

    Saw this talk & was dying to see the source. .. which is this haskell:

    Christopher Allan Webber, Gergely Nagy likes this.

    This has haskell compiled to javascript, with FRP, dynamically generated reactive svg diagrams, and the demo is just a couple hundred lines of code.

    joeyh at 2015-10-22T16:41:47Z

    Christopher Allan Webber likes this.

  • Christopher Allan Webber at 2015-10-17T00:58:55Z

    Using lists as fake value boxes in python because python doesn't know how to lexical scope

    Gergely Nagy likes this.

    Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Olivier Mehani, Olivier Mehani and 1 others shared this.

    Show all 6 replies
    Python 3 has the 'nonlocal' keyword that does exactly what you want (if you inserted "nonlocal x" as the first line of _func(), it would do the right thing)... but, well, you don't get it unless you switch to Python 3.

    Screwtape at 2015-10-17T08:02:19Z

    Claes Wallin (韋嘉誠), Christopher Allan Webber, likes this.

    Ah! Okay that's helpful :)

    Christopher Allan Webber at 2015-10-17T13:27:29Z

    @Christopher Allan Webber Thank you for the thorough explanation!

    Charles ☕ Stanhope at 2015-10-17T15:04:41Z likes this.

  • David Thompson at 2015-10-16T12:53:29Z

    A fantastic little Emacs Lisp poem by RMS:

    In days long ago,
    When clocks were so slow,
    These basic keystrokes
    Took too long for folks,
    Unless they were writ
    In C code to flit.
    Today that's not so,
    In Lisp they can go.

    rsd, GNUstav Huarcaya, Francisco M García Claramonte, testbeta and 5 others likes this.

    GNUstav Huarcaya, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Christopher Allan Webber shared this.

    Rather, here (that focus part of the URL doesn't update properly, apparently).

    Claes Wallin (韋嘉誠) at 2015-10-16T15:00:21Z

    David Thompson likes this.

  • joeyh at 2015-10-08T14:41:58Z

    Basic git hygiene at this point probably includes only merging git commits from others that are gpg signed (as well as gpg signing as many commits yourself as you can without going mad at the password prompts).

    Unfortunately, tooling doesn't make this easy, and some things like git format-patch are actively unhelpful by not preserving gpg signatures.

    Mike Linksvayer, Efraim Flashner, Elena ``of Valhalla'', Gergely Nagy and 1 others likes this.

    Also, note that signed git tags are only a signature of the sha1, so cannot be used to detect a collision attack.

    Checking git commit signatures can detect a collision attack. Of course, that checking is also not enabled by default, and there's not yet a config to change that.

    joeyh at 2015-10-08T16:41:58Z

  • Lars Wirzenius at 2015-10-06T11:43:42Z

    Unacceptable excuses for bad behaviour in free software development:
    1. Linus and other kernel developers do it.
    2. You have self-diagnosed as having Asperger's.
    3. You value code quality over other people's feelings.
    4. You get angry a lot.
    5. You think other people are just wrong about everything.
    6. You thought of a funny insult.
    7. You're uneasy having people in the project who're unlike you.

    Mikkel Kirkgaard Nielsen, Sean Tilley, Charles ☕ Stanhope, The Anarcat and 18 others likes this.

    delib, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Javier Sancho and 7 others shared this.

    Show all 5 replies
    Number 3 ("code quality is more important than people's feelings") is often used to justify things like the Linux kernel development atmosphere.

    Lars Wirzenius at 2015-10-06T15:50:03Z

    Claes Wallin (韋嘉誠), Christopher Allan Webber likes this.

    They believe bad behaviour is what gets them ahead because that's what got them where they are so far. We are somehow meant to feel sorry for them because they come from broken family backgrounds even though they are spoiled rotten.

    jrobertson at 2015-10-06T17:16:08Z

    Claes Wallin (韋嘉誠) likes this.

    > because that's what got them where they are so far.

    They could have gotten where they are so far in spite of (rather than because of) the behaviors. There's always the chance that several people saying "I'm not going to take this anymore" around the same time will shift momentum away from a previously-successful project or organization. at 2015-10-07T01:53:35Z

    Claes Wallin (韋嘉誠), jrobertson likes this.

    @lnxwalt That's true, the person with the bad behaviour has typically proved they can make the grade, give the company what they want, work hard, demonstrate their talents. At this point they use their value as a kind of credit system to get away with behaviour that others don't seem to get away with.

    jrobertson at 2015-10-07T05:53:13Z

    Claes Wallin (韋嘉誠) likes this.