I'm working on a prototype. It's (obviously) hard. But there are a couple must haves:
1. No more "any device can talk to any device" it won't work. It leads to horrible hacks like half the internet relying on cloudflare and email centralizing in an oligopoly. We need a web-of-trust at the connection layer robust enough to be embeddable in our network gear.
2. No more "I'm a packet from xyz because I say so" and of course no more untrusted, unsigned, unencrypted streams (ie, no plain UDP).
3. No more third party connections. We don't really need them. Just put whatever data you want in the URL like we do with OAuth. Everything else is adware or malware or trackware. I'm not blaming people, I understand how incentives shape behaviour. They shape mine too. We exist in the paradigm that we find ourselves in. But I envision a better world.
4. Simplified character sets within contexts. No more zero-width characters where we don't expect them (see zachaysan.com/zero for more info) or any of that shit.
5. I don't know how to fix JavaScript, but it needs fixing. JSON is cool, but it needs a complete / strict formalization to stop some edgecases.
6. No stupidness with PDFs. It's not worth it. There will be 0days in PDFs for as long as we use them. They're too fucking complicated. Just use HTML, SVG, or images. CSS is smart enough to make print formats for A4 and Letter.
7. Ideally either make a new HTML that is JSON based instead of XML based and either way make the web-of-trust default to downgrading trust on entities that pass malformed documents. Parsing broken XML is bug prone.
8. DNS is so fucking dumb it's painful. Just use the WoT and fallback trust nodes for when calamity hits (someone steals your keys).
There is more to it, but I'm just getting back from a comedy show and I've had a couple and I already feel like I'm not being as coherent as this topic deserves so I'll end it there. If you're interested in being part of a beta group contact me.
In practice, this might mean the end of net neutrality, and could entrench the Googles of the world -- "shoot, I can't send a packet to them, but they trust Google, so I guess I will too."
> No stupidness with PDFs
I hold out hope for sandboxing. WASM could kill browser PDF plugins easily enough. Hell, JS probably could already...
Could you say a little more about "third party connections"? Do you mean no loading resources from other domains? No CORS? Or something else?
> No more third party connections. We don't really need them. Just put whatever data you want in the URL like we do with OAuth.
I'm a bit confused with this. Are you talking about deprecating CORS? How would putting information in a URL mean that you didn't need a third party request anymore?
> I don't know how to fix JavaScript, but it needs fixing. JSON is cool
I may also be misunderstanding here, but are you talking about getting rid of clientside scripting? Or moving all scripting serverside? If that's the case, do you have any plans on how to get businesses, devs, and users on board with that?
I understand that there's a sizable population on HN that would prefer if the web be a static document service and not an app platform, but even if they're right they have almost zero chance of getting anyone else to agree with them.
If that's not what you're talking about and you just hate JS, then you should look into web assembly as a compile target.
> We need a web-of-trust at the connection layer robust enough to be embeddable in our network gear.
This just screams vendor lock-in to me. It's very important that connection information and permissions be user-configurable.
It also seems at first glance like it might be problematic for security. Baking trust models into firmware means that it's a lot harder to patch them when the models need to be updated.
> no more untrusted, unsigned, unencrypted streams
I'm pretty sure Chrome is already heading in this direction. Archivists are mad about it, but I suspect HTTP will be deprecated sometime in the future.
> DNS is so f---- dumb it's painful.
Completely agreed. I would love to see DNS put out of its misery.
> I'm a bit confused with this. Are you talking about deprecating CORS? How would putting information in a URL mean that you didn't need a third party request anymore?
I'm saying there is no real need, technically, to have third party at _all_. If you want an image you can host an image or you can link to it. Same with fonts. I have yet to see a CORS request that couldn't have been done with a user clicking on a link and having a page load. All of this stuff is bleeding data to third parties. And again, I'm not blaming third parties making money within the system we have. If it's legal it's fine with me, but when we have governments around the world starting to figure out how bad it is they're going to try to legislate this problem away and it both wont work and it will also quadruple the costs of doing anything.
> This just screams vendor lock-in to me.
Don't worry, I'm designing it with this risk in mind.
> Baking trust models into firmware
As long as the firmware is capable of software update, it should be fine. ASIC-y type of gear may need to push the trust check to other sides of the pipe.
> I understand that there's a sizable population on HN that would prefer if the web be a static document service and not an app platform, but even if they're right they have almost zero chance of getting anyone else to agree with them.
I think it's tricky. We obviously need client side code in some contexts, but I think something could be designed such that things like Reddit wouldn't require arbitrary code execution. As for JS specifically, I don't love the syntax, but it isn't the worst in the world. But there is a long, long, long list of things that need to be removed from it to make it more secure.
I think web assembly is a mistake. If we turn our browsers into operating systems we're going to get all the problems OSes have. Side channel attacks are easier, protected data in JS enclosures is harder, etc.
That's all I'm going to say for now, I try not to talk about my projects before they're kinda functional because before you figure out all the finicky details you can come off sounding like an idiot to someone else that has a more closeup view to one part of it. Take WebAssembly, for example, I haven't closely poured over it and here I am saying that its a mistake. But everything is getting so complicated so quickly its impossible to keep up, so I have to cut things somewhere. This is another problem I have with the modern stack. We keep piling things onto it to support all these crazy use cases, but then we can't stay ahead of all the potential ways people can abuse it.
No, there would be no silly certifications or centralized point(s) of control. If you buy a new phone your trust starts at 0 your mobile provider (that you pay money to) could start you off with a little trust, but start spamming servers / phone numbers / emails and you get locked out. Because the WoT is at the networking layer if you start spamming signal to the tower you're connecting to you're effectively treated the way we treat people that operate jammers now: Jail time.
The WoT has a concept of "depth" or "importance" so even if all of your closest friends are angels that live in Toronto and follow the law, and even if you're an upstanding netzien, you can't just call Vladimir Putin's phone number.
That there is some measure of non-connectivity is a feature not a bug. We'll be able to start running our own email servers again! We won't have to worry about telephone calls from awful marketing companies! It won't be a utopia, computers will still get hacked and your keys will be misused until they're detected and replaced, but at least we won't have to worry about Grandma get swindled out of her inheritance.
1. No more "any device can talk to any device" it won't work. It leads to horrible hacks like half the internet relying on cloudflare and email centralizing in an oligopoly. We need a web-of-trust at the connection layer robust enough to be embeddable in our network gear.
2. No more "I'm a packet from xyz because I say so" and of course no more untrusted, unsigned, unencrypted streams (ie, no plain UDP).
3. No more third party connections. We don't really need them. Just put whatever data you want in the URL like we do with OAuth. Everything else is adware or malware or trackware. I'm not blaming people, I understand how incentives shape behaviour. They shape mine too. We exist in the paradigm that we find ourselves in. But I envision a better world.
4. Simplified character sets within contexts. No more zero-width characters where we don't expect them (see zachaysan.com/zero for more info) or any of that shit.
5. I don't know how to fix JavaScript, but it needs fixing. JSON is cool, but it needs a complete / strict formalization to stop some edgecases.
6. No stupidness with PDFs. It's not worth it. There will be 0days in PDFs for as long as we use them. They're too fucking complicated. Just use HTML, SVG, or images. CSS is smart enough to make print formats for A4 and Letter.
7. Ideally either make a new HTML that is JSON based instead of XML based and either way make the web-of-trust default to downgrading trust on entities that pass malformed documents. Parsing broken XML is bug prone.
8. DNS is so fucking dumb it's painful. Just use the WoT and fallback trust nodes for when calamity hits (someone steals your keys).
There is more to it, but I'm just getting back from a comedy show and I've had a couple and I already feel like I'm not being as coherent as this topic deserves so I'll end it there. If you're interested in being part of a beta group contact me.