mleku on Nostr: this question of identifying the software being run on the other side of a network ...
this question of identifying the software being run on the other side of a network connection is a bit of a difficult one and one that i can see there being problems with snooping tyrants enforcing software development licensure and preventing broad access to software that is either in-development or outlawed
uncle bob had a good speech on that one and this train of thought has got me wondering
ultimately it doesn't matter, does it? right?
the relay has some database, doesn't mean it's the same as another relay, doesn't mean the same code is running, any protocol decision based on such things probably is doomed to be useless ultimately because you can probably not enforce this for real without an inordinate amount of resources spent because of the bazillion ways that it can probably be worked around
but... well, government... this would be a sign of the latest stage of a technocratic system though, software licensing... it's been a theme in cyberpunk for decades
hm that one is a hard one though... since the only way to verify source code is to hash the binary, and what is the process for how to sign the binary as it's running exactly
that's a good question... it's on my mind because i've been inspecting the CosmWasm architecture this last week and one of the things they have in there is a verification that ensures that a source code and a binary version are linked, this thing is a big issue in smart contract engineering - how to ensure that things are deterministic, and it kinda matters with source code too
there's a lot more to but how exactly can you be sure a server is running the software version it says it is, and not some altered version? you can't! at least not trivially
Published at
2024-10-10 19:58:12Event JSON
{
"id": "f780b64a816d639fd3f1db1746fc0c456ab21d4c6814a260540a09bd3f649f77",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1728590292,
"kind": 1,
"tags": [
[
"e",
"8f53fd2ed63c12a54a0a32f4fbef73a9ee4ee27d457c0a214c1cc5e8982a8ff3",
"",
"mention"
],
[
"q",
"8f53fd2ed63c12a54a0a32f4fbef73a9ee4ee27d457c0a214c1cc5e8982a8ff3",
"",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
],
[
"p",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"",
"mention"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "this question of identifying the software being run on the other side of a network connection is a bit of a difficult one and one that i can see there being problems with snooping tyrants enforcing software development licensure and preventing broad access to software that is either in-development or outlawed\n\nuncle bob had a good speech on that one and this train of thought has got me wondering\n\nultimately it doesn't matter, does it? right?\n\nthe relay has some database, doesn't mean it's the same as another relay, doesn't mean the same code is running, any protocol decision based on such things probably is doomed to be useless ultimately because you can probably not enforce this for real without an inordinate amount of resources spent because of the bazillion ways that it can probably be worked around\n\nbut... well, government... this would be a sign of the latest stage of a technocratic system though, software licensing... it's been a theme in cyberpunk for decades\n\nnostr:nevent1qvzqqqqqqypzqnyqqft6tz9g9pyaqjvp0s4a4tvcfvj6gkke7mddvmj86w68uwe0qqsg75la9mtrcy49fg9r9a8maae6nmjwuf752lq2y9xpe30gnq4glucjawvm3",
"sig": "d386096353be97ff33c8246e7b3e278329d85cd511379a57840b26e6a7bbd5b82dbce154d24e34d1b0fc1538406543dab7aec893c49ae1aa67e9bf7aaa0a7770"
}
