└── README.rst


/README.rst:
--------------------------------------------------------------------------------
  1 | 
  2 | a political manifesto about distributed systems
  3 | ===============================================
  4 | 
  5 | 
  6 | Motivation
  7 | ----------
  8 | 
  9 | Even before the industrial revolution new leaps in technology have
 10 | slowly trickled into society such that the existing power structures
 11 | are reinforced instead of challenged. Here we examine why distributed
 12 | software systems that exist today also reinforce these older existing
 13 | power structures instead of dispersing the authority among many more
 14 | actors in the system. We discuss how future protocols and distributed
 15 | systems may be designed to challenge existing power structures with
 16 | anarchist software design principles that not only protect our human
 17 | rights but also make systems much more robust in the face of partial
 18 | system outages.
 19 | 
 20 | 
 21 | Scope
 22 | -----
 23 | 
 24 | We have several objectives:
 25 | 
 26 | * identify software design principles which support human rights
 27 |   (privacy and article 19 right to free assembly), robust security and
 28 |   correctness.
 29 | 
 30 | * examine how existing distributed systems do not adequately express
 31 |   our desired design principles
 32 | 
 33 | * Software development needs sustainable economic models: An analysis
 34 |   of existing economic models supporting the development of Internet
 35 |   protocols and distributed systems; showing how our current economic
 36 |   structures do not effectively support the development of much needed
 37 |   infrastructure we all rely on.
 38 | 
 39 | 
 40 | Glossary
 41 | ''''''''
 42 | 
 43 | ambient authority: an actor is said to have ambient authority if it
 44 | has the same authority as many other actors in the system
 45 | 
 46 | excess authority: an actor is said to have excess authority if it
 47 | posseses more authority than is necessary to perform it's task
 48 | 
 49 | least authority: an actor is said to have least authority if it only
 50 | posseses the minimum amount of authority to perform it's task. For a
 51 | thorough introduction to this software design principle please read
 52 | `The Structure of Authority`_
 53 | 
 54 | .. _`The Structure of Authority`: http://www.erights.org/talks/no-sep/secnotsep.pdf
 55 | 
 56 | 
 57 | 
 58 | Call for the abolishment of systems administrators
 59 | ''''''''''''''''''''''''''''''''''''''''''''''''''
 60 | 
 61 | An "administrator" actor in a software system has more authority than the
 62 | other actors. This violates the principle of least authority and
 63 | creates a deep pocket of excess authority. State actors such as the
 64 | NSA take advantage of these systemic flaws by targetting sys admin
 65 | (see "I hunt sysadmin" below). Once the attacker compromises the
 66 | admin's laptop they will then be able to access all of the
 67 | infrastructure that the sys admin was able to access. We should
 68 | therefore strive to create software systems without an "admin" role.
 69 | 
 70 | 
 71 | 
 72 | anarchism == principle of least authority
 73 | '''''''''''''''''''''''''''''''''''''''''
 74 | 
 75 | Noam Chomsky defines anarchism as: the extension of the idea that all
 76 | authority must be justified.
 77 | 
 78 | The principle of least authority is a software design principle that
 79 | is defined as: every module must be able to access only the
 80 | information and resources that are necessary for its legitimate
 81 | purpose.
 82 | 
 83 | That is, all software modules must only have authority they are
 84 | justified to have. This is anarchism applied to software design!
 85 | 
 86 | 
 87 | 
 88 | Evaluation of existing distributed system designs
 89 | -------------------------------------------------
 90 | 
 91 | Exemplary usage of anarchist design principles
 92 | ----------------------------------------------
 93 | 
 94 | Human rights considerations for distributed ciphertext storage systems
 95 | ----------------------------------------------------------------------
 96 | 
 97 | Problematic economic models for supporting software development
 98 | ---------------------------------------------------------------
 99 | 
100 | 
101 | 
102 | Bibliography
103 | ''''''''''''
104 | 
105 | #. wikipedia article about ambient authority
106 |    https://en.wikipedia.org/wiki/Ambient_authority
107 | 
108 | #. The Structure of Authority: Why security is not a separable concern
109 |    http://www.erights.org/talks/no-sep/
110 | 
111 | #. Robust Composition: Towards a Unified Approach to Access Control
112 |    and Concurrency Control
113 |    http://www.erights.org/talks/thesis/
114 | 
115 | #. IRTF HRPC's draft-doria-hrpc-report-01
116 |    https://www.ietf.org/id/draft-doria-hrpc-report-01.txt
117 | 
118 | #. IRTF HRPC's draft-tenoever-hrpc-research-05
119 |    https://www.ietf.org/id/draft-tenoever-hrpc-research-05.txt
120 | 
121 | #. leaked NSA document: I Hunt Sys Admins
122 |    https://search.edwardsnowden.com/docs/IHuntSysAdmins2014-03-20nsadocs
123 | 
124 | #. User Interaction Design for Secure Systems by Ka-Ping Yee
125 |    http://www.eecs.berkeley.edu/Pubs/TechRpts/2002/CSD-02-1184.pdf
126 | 


--------------------------------------------------------------------------------