This is correct and accurate in this proposal and today. If anyone ever had access to data then they always have access. But not to changes after the key changes. An import point, if you see data you cannot unsee it.
Goes for this as well. When you tell somebody something it stays told to them, if you exclude them from more convo’s then they cannot hear the new stuff. We cannot make them forget the things we did tell them if that makes sense.
So, the problem when we have lots of data, is that giving someone a key, doesn’t mean they have read it all. Even if they have read it all, doesn’t mean they remember it all.
So, this puts a limit on things that don’t exist today. How is an organisation supposed to give access to data to employees, that they are only supposed to have access to while employed?
Sure, they could many times have copied it. But that is quite different still, to have possibly been able to copy it during a few months of hire, or have guaranteed access to it forever.
That is just one such situation, there can probably be more examples.
I think deeply about this and cannot see how this is different though. It is insecure to imagine they did not copy it all. In any case I think it makes sense, take the employee who is prevented access to stuff so he does not expose it or use it in court to defend themselves and so on.
An example, I did a FOI request to our Scottish Enterprise (read thieving bar stewards, corrupt and complicit in fraud at huge scale). I know folk that work there. Anyway I was told the managers went around telling folk to delete anything with my name on it. The stuff I got back had email responses, but not the original questions (so rumbled). think
I only say this to show both sides, one where we think stuff is not copied and another where we know stuff is not withheld. The price of the latter perhaps begin worth the possible cost of the former.
It is interesting. This freedom brings responsibility and maybe it has to be forced? [
I said to remove people from a group, meaning they can see no new stuff added to that group. Obviously, people will be able to still see stuff they could see before.
A lot of this and more is why I say replacing the existing internet with the same features is boring and wrong. A new fairer and more honest world has to happen.
Well, that example you had was one side and probably not uncommon, but there can be plenty of ways that the perpetrator is the one who got access in the first place. Like you got hacked, you want to quick as hell change all keys. I mean just because you get hacked doesn’t mean the hacker was 100% successful or competent, and you might still have time to save some things, by changing passwords etc. Also, how can we think that we can imagine all the possible relationships and intricate ways we need to share, but only with a few not the whole world, and how those groups would change, and need to manage access. How can we judge that those situations must always be non legit? I can not dream of having such a good fantasy about human interactions.
I think it is a very blunt way to steer things, to limit ability to delete your own private data, as a way to reach more fairness and honesty. Well, I don’t know about that connection, how well that will play out.
But, it can be argued of course that we want to try it out and see if it works that way. It could.
Replacing existing internet with same features, well many of the same features will be there, it’s just a matter of knowing which to throw out and which to keep. Not everything is so easily discernible. So, not everything is going to be scrapped, and we don’t say it is boring and wrong in those cases when something is kept.
I agree, but think we need to push our boundaries and as you say, try different ways. We are not tied here at all, but an interesting path for sure. It is deep and does need huge debates. This forum is great for this.
We of course will allow delete of private data, it is private after all so this is to be expected, for us it means kill the data map.
Nice read.
Especially check out the part about LSM-trees: https://queue.acm.org/detail.cfm?id=3220266
And a paper on it: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.44.2782&rep=rep1&type=pdf
(This thing is about immutable storage. It’s immutable up till the point where the SST tables are merged, at which point they are scrapped. But not using the reference to them any longer, would equate to “scrapping” them, in an immutable SAFENetwork.)
It’s just that, “private” is not exactly always only me, could be me and someone else, and then I can’t delete it by not having the map anymore. But the distinction is muddy.
I see the two ways currently,
Glad to hear as this was my main concern.
If an account is compromised will we be able to transfer ownership of and access to our data to another account. Any emergency migration system in the works?
Not sure what I am missing, but I don’t think this is any change.
Say you have your private stuff as data maps. Where are you going to keep these datamaps so that they can be “killed”?
You need to keep them in the network, or outside the network and bring them in from unsecured storage. If you have them in the network, you might have them encrypted. But shall you encrypt everything with one key each, because when you want to “delete” one thing, maybe you don’t want to delete the other. So, 1 encryption key per datamaps. And where are you keeping these keys? It just goes round and round.
Or you can have it all under your login, so when you want to delete, you need to forget the login, as well as copying all that you want to keep to a new login.
Or am I missing something?
David answered that before when I asked him. They are in yet another data type (blobs) in your account data, which can be deleted. They also could be in ADs if you put the datamaps there, now sure how or what circumstances yet.
I am guessing that each file has it’s own datamap, so when a user ‘deletes’ a private file, then the datamap is deleted locally.
As a hobby gardener I see the importance of removing weeds as my garden has limited space and the weeds utilize nutrients that my plants need … translating that into data terms with my private storage, I think old unneeded files distract attention and focus (brain nutrients!), so IMO deleting is important for me anyway.
Is there any way that the network itself could be made aware of the removal of a users local data map and then use that ‘event’ to actually delete the data? I wonder if this could be used to create a further ‘refund event’ where the network pays the user some small amount in exchange for the freed-up space … sort of an additional means of farming, but in this case, farming space instead of data or put another way, ‘directed pruning’.
Any thoughts on this idea?
I’m of course just talking about private data here.
Not really as the network has no idea about how to link chunks to actual files. You would need to present it with the data map and that would be a security issue as we do not know who is running the vaults, they may just copy the stuff.
Right. I think I finally get it now. Thanks for your patience.
So to sum up, in effect, there would need to be something akin to a whole new meta layer added to the network which would have extra overheads in processing and security … so the trade-off for those overheads is no deletion and an ever-growing amount of data … which we hope will be dealt with through technological innovation.
As for user temp data, in the future, some sort of un-mapped non-network data could be added to the user account ‘zone’ later if such were to appear useful.
I use encfs on my local machine to securely store passwords, ssh keys, etc. Perhaps something like that could be thrown into the safe-network code for local temp data - just use existing libraries so not much code to be written? While space may be an issue on some devices, it would still give an easy option for local secure storage for those not savvy enough to install encfs (or similar) themselves and could help to shore up the whole of the Safe Network offering.
@TylerAbeoJordan
And how would the network know if you’ve sneakernet the datamap to another and received payment to “transfer” the file. Thus everything the network knows is that you “may” be the only one with the datmap but in fact there are at least two with the data map and both have legitimate rights to the file
I would think that having MDs with true delete is easy enough. Delete could be simply zeroing the data and can be rewritten over rather than an append done. Sounds easier than the other. If you encrypt the data in the MD then noone can read it anyhow.
Maybe temp files could simply be files that you delete the data map to. And if you don’t share the file (datamap) then it is an effective true delete.
Remember that storage is still got plenty of future physics & biological paths to follow so it is unlikely to slow down. Phones with 1TB storage, imagine putting those chips (+controller) into a 3.5 inch form factor device. You could have nigh on 50TB in a 3,5 inch form factor. The reason they don’t do it is mostly the cost is too much compared to spinning media (14TB in 3,5 inch form factor at this stage)
So not deleting chunks is unlikely to be an issue really.
This is all super interesting - and difficult to grasp.
I think the discussion would benefit from some kind of “Alice, Bob, close friends, public…” kind of presentation peppered with accounts, keys, ID’s etc.
With my current knowledge, I see SAFE as a very good platform for at least:
My fears revolve around the management of personal publicity. Now only the global top elite (in regards of data-ownership) is able to run analysis on individual people and it is in their interest to create such a social media that produces the data for them. With SAFE everybody is guaranteed to have equal access to all public data. But what you can do with that data is still very unequal, and will reflect the power dynamics of the World. Those that have the best analysis tools will benefit most from the public data and they have incentive to create the kind of social media environment that produces that data to them (while producing it to everyone at the same go). The idea that people would become more cautious in their behaviour - I don’t see that happening as long as the functionality and fun of the social media is at the same level it is nowadays.