MaidSafe IPO on Mastercoin

[cass]

Lukybit is on this forum from the beginning back in the time when the forum had a few members . His contributions were and are one of the most insightful around here. He's very passionate about 3I and there is no question in my mind he was not trying to to pump anything. You may disagree with his opinions but I will never question his intentions.

Luckybit is a Hero member. 
His reputation is clearly established in his prolific and thoughtful posts. 

indeed

I actually have read his posts and engaged him in a meaningful manner, but it seems 100% one direction.

True believer 

[gamey]

It is fascinating to me that his pumping has not become apparent.  Regardless, I don't think that pumping/hyping/promoting is a bad thing.  I don't think Luckybit is a nefarious actor or any such thing.  I just think that if you engage him about ideas, you'll get nowhere because he is not looking for the best ideas.  He is just looking to promote.  Nothing wrong with that, but... As that other guy said, best just to realize it and read him without engagement (ignore?).   I actually have read his posts and engaged him in a meaningful manner, but it seems 100% one direction.

[unimercio]

Lukybit is on this forum from the beginning back in the time when the forum had a few members . His contributions were and are one of the most insightful around here. He's very passionate about 3I and there is no question in my mind he was not trying to to pump anything. You may disagree with his opinions but I will never question his intentions.

[Stan]

Luckybit is a Hero member. 
His reputation is clearly established in his prolific and thoughtful posts. 

[oco101]

Lukybit is on this forum from the beginning back in the time when the forum had a few members . His contributions were and are one of the most insightful around here. He's very passionate about 3I and there is no question in my mind he was not trying to to pump anything. You may disagree with his opinions but I will never question his intentions.

[donkeypong]

I don't know luckybit personally, but I have found luckybit's postings to be some of the most intelligent and insightful on this forum. In my opinion, luckybit isn't pumping anything, just genuinely sharing one or two good ideas from elsewhere.

[luckybit]

THat is because your objective here is nothing but promotion, so what others say has little effect on your pages  and pages of ...... thoughts.

Thats what he does, hidden in huge arguments. He was arguing about the BTS XT initial price and when I argued against it with some points his answer was that I was doing that to decrease the price and collect them on the cheap. Thats when he I realized he was not arguing but just promoting and decided to ignore his posts.

I realized it when he said something about blackcoin being a perfect fit for a bitshares collaboration/airdrop.  His arguments could be applied to any coin, but he just continued on and on about blackcoin.  It became obvious.  I would love to see the incentives behind his actions.  He is a determined person.

Luckybit -  All you've done is demonstrate you can click around on github and read comments.  You worded it like you had found something.  I could waste my time showing you the ip code if I cared enough, but it is pointless.  I'll take the hint. 

So what will you hype next ?   

Reverse psychology isn't going to work. Save us both the time and ignore me so I can focus on more important topics.

End of discussion.

[gamey]

THat is because your objective here is nothing but promotion, so what others say has little effect on your pages  and pages of ...... thoughts.

Thats what he does, hidden in huge arguments. He was arguing about the BTS XT initial price and when I argued against it with some points his answer was that I was doing that to decrease the price and collect them on the cheap. Thats when he I realized he was not arguing but just promoting and decided to ignore his posts.

I realized it when he said something about blackcoin being a perfect fit for a bitshares collaboration/airdrop.  His arguments could be applied to any coin, but he just continued on and on about blackcoin.  It became obvious.  I would love to see the incentives behind his actions.  He is a determined person.

Luckybit -  All you've done is demonstrate you can click around on github and read comments.  You worded it like you had found something.  I could waste my time showing you the ip code if I cared enough, but it is pointless.  I'll take the hint. 

So what will you hype next ?   

[luckybit]

Maidsafe has one primary challenge:  Latency

Disk storage is cheap and abundant....
Bandwidth can be facilitated with bittorrent style downloads.

It is the initial lookup of the data you require that is the challenge.   If you divide a large file up into multiple chunks then the majority of your time will be spent finding the chunk.   Lookup times scale with log(n).

Their other problem is load balancing and price fixing.... not all data is in equal demand nor costs an equal amount to host.   

Unless you can resolve the price fixing and load-balancing issue as well as the latency challenge the system will not scale well. 

If their application is to store your personal data in the cloud rather than hosting data for others to download, then it is a much smaller nitch and far less interesting.

MaidSafe seems to be using an ant colony optimization algorithm (Freenet used something like this originally), which is supposed to try to reduce latency.

Unfortunately I'm not very good at explaining this stuff so I will post Dr. Irvine's quotes

http://bitcoinmagazine.com/12397/maidsafe-is-making-data-safe/

In Irvine’s words, “every node is like a group of ants; while a drop of water could kill one, when all the millions of nodes come together, that is when you see scalability.  When one node tries to delete information, other neighbors can report that node to one another and removed the compromised node from the network.”

As a node joins the network, it has to be part of cryptographic keypair and thus joins to the closest nodes to their address; the rest of the nodes then listen to them.  The MaidSafe network uses a consensus based mechanism noted above, chaining the consensus together (similar to a blockchain).  As a consequence, each group of nodes watches one another, observing their deterministic behavior.  In contrast to Tor or FreeNet, each node in MaidSafe is individually different, creating an autonomous network in which each node has an address, fulfilling certain tasks, such as storing, looking, validating and screening data down this immutable chain (called a Transaction Manager).[4]

Who knows if this will work. Freenet attempted to use an ant colony optimization algorithm and it never managed to solve the latency problem. It was fast enough (barely) for web browsing but not much else. MaidSafe seems to be one of those technologies that is too complicated to explain but easy to get excited about.

I have no clue if it will work so lets find out is my attitude.

THat is because your objective here is nothing but promotion, so what others say has little effect on your pages  and pages of ...... thoughts.

Thats what he does, hidden in huge arguments. He was arguing about the BTS XT initial price and when I argued against it with some points his answer was that I was doing that to decrease the price and collect them on the cheap. Thats when he I realised he was not arguing but just promoting and decided to ignore his posts.

There is also the possibility that I like the technology and really believe what I'm saying (and it's also possible that you really don't think Bitshares are worth as much as I do).

Why believe everything is about promotion? You never told me what exactly I'm trying to promote other than my own opinions and that is what everyone else here does. If you aren't as much of a fan of MaidSafe, Bitshares or any technology as I am it's not a big deal because we all have opinions.

[sumantso]

THat is because your objective here is nothing but promotion, so what others say has little effect on your pages  and pages of ...... thoughts.

Thats what he does, hidden in huge arguments. He was arguing about the BTS XT initial price and when I argued against it with some points his answer was that I was doing that to decrease the price and collect them on the cheap. Thats when he I realised he was not arguing but just promoting and decided to ignore his posts.

[luckybit]

It seems to me you really want to CENTRALIZE all these decentralized services.

That's not something I want. It might be the result but that is how nature is. Sometimes centralization emerges on it's own and it's not something we are consciously deciding to want.

What we want and need is a decentralized Internet because of issues like network neutrality and a few organizations trying to control everything. Of course when you decentralize something it can sometimes result in shifting the centralization somewhere else.
 

At least Bitshares/Invictus is laying ground work for integration of future yet to exist apps.

I don't think it should be seen as Invictus/Bitshares Vs. MaidSafe. I don't understand why people have to be for one technology or the other. To me they can greatly complement one another (Domainshares on top of MaidSafe?).

Multifactor auth is an interesting idea.  I thought about it.  Only way unhackable is either through some keyfob number generating thing or SMS.  Basically the message has to be out of band with the computer.  That pretty much requires centralization.  So there goes your innovation.

I would never say anything is unhackable. I would say you can raise the cost of conducting the hack so that it's prohibitively expensive to do it drag net style.

Look

If I go dig through maidensafe's code to find where they bind to an ip address to layer their protocol on top, what will you pay me ? 

I'm not going to pay you. If you want to review the code that is why it's there but I see no point in either of us being paid. If I had to actually debug the code it's another matter because that would take a lot more knowledge and effort but anyone can review it.

I'd still like to see the bug

.  Non-critical segfault or whatever you said.

Here is my prediction if bug is shown.

It will have been fixed in the current branch...

I showed the bug, it's unfixed. If you think it is fixed then they need to remove that comment saying it's a mysterious bug.

edit - One thing that is unfortunate about dropbox is that it could very well be some sort of backdoor.  In the end though I'm more worried about hackers/data theft than the NSA.  It atcually makes sense to attach a backdoor to dropbox, given the network/bandwidth usage it could be easy to hide traffic in there.  Ahh well.  If maidensafe replicates like dropbox and has matured for a few years I might very well migrate.  I have nothing against maidensafe, but I am just reserved and can't see being a hypeman.

Anyway.. I need to get to work for the day..  Jesus

I'm more worried about hackers too, but I don't think MaidSafe is filled with backdoors. The fact that it is open source means if I'm feeling paranoid I can grab a book on C++ and review the code. I can test it out, and look for bugs myself if I have nothing better to do.

Since there are lots of people probably doing that right now I think its easier to trust MaidSafe than Dropbox mainly because more eyes are looking at MaidSafe and will look at it. It's just a matter of how many lines of code, is it commented, is it using established algorithms and techniques, is it buggy?

If it's buggy then just don't use it for anything important for 6 months or so while they work to fix the bugs that are found. If the wrong algorithms are chosen then that would be a sign not to trust the sense of the developers. If it's using the right algorithms in strange ways then you have to be careful.

So for example self encryption and self authentication sounds really good but it's also really novel code. I don't know if I can trust that yet but I'm optimistic. I'm willing to test MaidSafe because if it does work then I have a free Dropbox with limitless storage space and maybe much more.

[luckybit]

It looks mostly good to me (there is one strange Segfault bug but it doesn't look critical).

Luckybit, show me I am wrong and point out specifically what you are referring to here.

If you can, I retract any questions about your expertise and will gladfully apologize.

It's in the comments of the code itself (which is a good sign because it helps people to debug and audit the code). The software is unstable and likely crashes when the developer attempts to clean it up.

https://github.com/maidsafe/MaidSafe-RUDP/blob/master/src/maidsafe/rudp/transport.cc

/* ned 2014-04-11: I'm not happy with the code below because I don't know why
                     removing the unnecessary mutex causes segfaults. Clearly
                     the mutex forces context back onto the strand so it can clean up,
                     but I've traced the code backwards through the strand and I can see
                     nowhere which ought to trip just because one is concurrently
                     swapping out on_connection_added_ and on_connection_lost_.
                     I don't like mysteries, and this is one of those.
  */

Don't ask me to debug the code though because that would take a much deeper understanding than just skimming through it. But for people who want to debug it having comments like this is essential.

Code which has no comments, which is structured weird, which uses algorithms I've never seen, or pieces of code I've never seen, that is what I mean by shady hard to read code.

https://github.com/maidsafe/MaidSafe-Encrypt/blob/master/src/maidsafe/encrypt/self_encryptor.cc

Like for instance they use AES-256 and SHA-512 which are the best algorithms they could have chosen for the encryption portion of the code. If they would have used some weird proprietary algorithms I've never heard of then I would be skeptical of the code because those are red flags.

Any deeper insight into the code would require that I dive too deep but if you really want to see how it works just compile it and see.

[JoeyD]

Ideologically I'm all for efforts like maidsafe, but after having been burned so many times (and especially lately by failed projects in the crypto world) I've become quite a bit more reserved in my enthusiasm.

The thing is I'm not that convinced about the masses being driven by ideology. For example I've been warning friends and family almost since the 90's to not use their real names or post personal information on the internet or in e-mails. And now just about all of them are on facebook, spewing out as much personal info as they are able, well so much for privacy and being concerned about principles. Bitcoin works because it runs on greed, same thing with most of the bitshares projects. With maidsafe I'm not immediately seeing the carrot appealing to one of the human-vices in order to lure in the masses. So if it is not faster or easier than the facebooks and googles, then I'm afraid that the masses won't care, they seem to not care about net neutrality, monopolies and privacy.

So while I applaud efforts like maidsafe, I'll see where this one goes first, I'm running out of funds to spend on gambles like these even if I'd want to. This might change if some of the bitshares projects offer a very short term and high reward, but I'm not counting on that.

[gamey]

THere are a few things I agree with.

If this is setup to be a pay 2 play piracy enabler then it could be a big deal.  However, we still have torrents and they don't seem to be going anywhere.

It seems to me you really want to CENTRALIZE all these decentralized services.

At least Bitshares/Invictus is laying ground work for integration of future yet to exist apps.

Multifactor auth is an interesting idea.  I thought about it.  Only way unhackable is either through some keyfob number generating thing or SMS.  Basically the message has to be out of band with the computer.  That pretty much requires centralization.  So there goes your innovation.

If I go dig through maidensafe's code to find where they bind to an ip address to layer their protocol on top, what will you pay me ? 

I'd still like to see the bug.  Non-critical segfault or whatever you said.

Here is my prediction if bug is shown.

It will have been fixed in the current branch...

edit - One thing that is unfortunate about dropbox is that it could very well be some sort of backdoor.  In the end though I'm more worried about hackers/data theft than the NSA.  It atcually makes sense to attach a backdoor to dropbox, given the network/bandwidth usage it could be easy to hide traffic in there.  Ahh well.  If maidensafe replicates like dropbox and has matured for a few years I might very well migrate.  I have nothing against maidensafe, but I am just reserved and can't see being a hypeman.

Anyway.. I need to get to work for the day..  Jesus

[luckybit]

For example -
Even protocols based on top of UDP use IP addresses.  You can not operate on the internet without IP addresses.  To say maidensafe doesn't use IP addresses shows you really don't understand what is going on, yet you want people to believe you read their code.

MaidSafe does not have IP addresses. So just saying that UDP uses IP addresses doesn't mean that the MaidSafe platform uses IP addresses. If you can find and show me otherwise I'm open to it.

From my review they are not using IP addresses at all (at least not in a way which can be tracked). It's just like I can say that Tor hidden services don't use URLs, or Freenet does not use URLs, they use some encrypted form of addressing.
 

You say a lot of little things like this that don't add up.

Responding in particular to the above quote, I have been saying repeatedly that I think maidensafe's bigger application is a better TOR.

It does more than TOR. TOR is at the application layer.

For example lets say you come up with a completely new public key encrypted addressing scheme at the layers below 4 which does not involve IP addresses at all but you can still find what you want to find? You cannot use new schemes if you're on the application layer because you have to depend on the transport and lower layers. If you can innovate at the transport layers and below then all of the stuff you typically associate with an IP address could be encrypted. You need an identifier and a locator but you do not necessarily need an IP address.

In any case, MaidSafe as I currently understand it doesn't allow you to have an IP address on the platform. Of course if you're connecting to MaidSafe from your ISP then you already have an IP address from your ISP but MaidSafe platform itself doesn't seem to use IP addresses.

I suppose what I should have said is that while you may have an IP address, it's impossible to track people by IP address on MaidSafe. MaidSafe as a platform does not allow IP address tracking. This means your ISP cannot see what you're doing and neither can anyone else.

TOR on the other hand, if you use that you can be tracked.

Yet you conflate that into something else to continue arguing.  THat is because your objective here is nothing but promotion, so what others say has little effect on your pages  and pages of ...... thoughts.

What am I promoting? The only thing you're trying to say is that I'm somehow wrong about something or have made some technical error. Point it out.

Again, you don't listen or read.   When I brought up dropbox, I explicitly mentioned truecrypt.  Truecrypt has recently had a serious 3rd party independent audit.  I use truecrypt to encrypt.  Dropbox keeps my files on their cloud service and replicates across any device I own.  Mac/Phone/Windows/Linux.  All of those.   Yes, this has the problem in that an error in dropbox service can propagate across all my devices, but this is the same level of issue you'll have with Maidensafe.

This is true. MaidSafe could have a bug in it and that is a risk. The same could be said about Bitcoin, Bitshares and many others. The risk is also in hardware as well, because your harddrive could be defective.

The code section I posted up was one of the most relevant parts of code for our discussion, the self encryption part, and the RUDP part. If there is a flaw in the self encryption part of the code then all your data could be compromised. From the looks if it they chose the best algorithms available for the self encryption and it's the fact that we can all review it leads me to have confidence that a bug isn't in that portion of the code.

I'm sure there are better C++ programmers than me but I definitely review these things. The RUDP section of the code may have minor bugs but its something which can be tested out and debugged if true. So the most important part I would think for reducing your risk would be to know that your information remains confidential, that data integrity is secure, and you can always back your data up at Dropbox in addition to MaidSafe while you test MaidSafe which spreads your risk.

You made another example about how one's computer can be hacked and they can lose their BTC.  Maidensafe doesn't stop this.  If you are hacked, a keyboard logger will open up the door to maidensafe unless maidensafe uses one of those visual keyboards that relies on mouse clicks.

You're not being innovative here. App developers can solve this problem. You don't really need to use the password at all. I actually agree this is the main risk with MaidSafe but since anyone can write apps it will be possible to solve this problem. Simply allow for multi factor authentication which specifically does not use "passwords" but instead use SQRL, biometrics, or some other combination such as a one time code sent to your cellphone combined.

Whether or not it's secure I don't know. It seems to look okay but this is one of the more important parts of the code to review along with this whitepaper

https://github.com/maidsafe/MaidSafe/wiki/unpublished_papers/SelfAuthentication.pdf

We demonstrated a working version of such a system for
the first time in April 2008 in our offices in Troon, Scotland,
and as far as we are aware this was the first time in history
a person created their own identity, stored it and managed all
their actions without any server requirement and without any
3rd party control

https://github.com/maidsafe/MaidSafe-Passport/blob/master/src/maidsafe/passport/detail/passport.cc

In the end I'm not really concerned about this problem because I see many ways to move beyond passwords and keyboard based authentication. I think the code is too complicated for anyone to understand what everything is doing so I'd hope we audit it. The design of it looks fantastic and the code isn't so ugly that it looks shady but you never know.

You make tons of assumptions how others use their computing devices to make your point, when you don't understand what the services that people use actually do.

Maidensafe is a great idea.  Neat.  I'll play with it.  I just lol at the thought of it being more disruptive than bitcoin.

Bitcoin is a lot of things but it's not capable of decentralizing the Internet. Consider the effect MaidSafe will have on net neutrality. Consider the effect it will have on the copyright industry and everything associated it. Consider the effect it could have on Silicon Valley.

I think Bitcoin is disruptive and a great innovation but MaidSafe is way more disruptive. Bitcoin allows you to transmit digital property, solves the Byzantine generals problem, is counterfeit proof. So I cannot take anything away from Bitcoin.

At the same time MaidSafe may potentially do something even greater than Bitcoin. If MaidSafe were to catch on then computing resources could be accessible to the whole world, and all the talk we have about building decentralized autonomous corporations, MaidSafe would do more to facilitate that than any technology so far.

If you're an app developer how would you like to not have to worry about computing resources such as storage space, processing power, bandwidth? All you would have to worry about is writing the code and marketing the app on a platform which would scale up with the popularity of the apps running on it.

MaidSafe is in my opinion more disruptive because so many corporations are set up to try and profit from collecting and selling our data. What are those businesses going to do when they face disintermediation?