An inevitable question in these Snowden days

[koanhead]

Security is largely concerned with trust.
Trust is a complex issue in itself. It's very easy to get it wrong. The more fine-grained is your trust model, the harder it is to implement; the simpler it is, the more cases it will miss.

If, for example, you trust Apple Computer completely with all your data (as you should, if you are an iDevice user), then you should be confident that Apple will not do anything with their access to your data to which you'd object. I don't for one moment trust Apple, Microsoft, any government agency, or any individual human being to this extent. Thus, my trust model must include compartmentalization; I trust some parties with some information, and I try to manage how information spreads once it leaves my custody. All by itself, this is an extremely difficult problem.

If you don't fully understand all the aspects of every bit of source code (including that for firmare) that goes into building the computing systems you use, and then build all that code yourself and install it yourself, you don't have a basis for full trust of that computing system. You can still choose to trust it implicitly; in the real world it's relatively unlikely that a given binary chosen at random will be malicious, and your use of the computing system might not expose you to much risk- but it would be more sensible to limit your trust in that system.
I trust Debian more than I trust Android; I don't put sensitive information on my phone. My PC might have sensitive information (if I owned any), but I'd encrypt it. I don't trust Debian fully, because I'm aware of the (small) possibility of malicious code in the repos or an MITM between me and the mirror.
The world is not more dangerous nor less trustworthy now than it was before the Snowden revelations, nor was it any safer before the 9/11 attacks. Some people are untrustworthy; they will seek to harm you. There are technologies that exist in order to help them do so. There are technologies that exist in order to help you protect yourself.

I often act as a freelance security consultant (and I'm available for hire if anyone is looking). I tell my victims (um, I mean "clients") the same thing I will tell you:

"Don't trust me: let me show you how you won't have to."

[jlambrecht]

Security is largely concerned with trust.
Trust is a complex issue in itself. It's very easy to get it wrong. The more fine-grained is your trust model, the harder it is to implement; the simpler it is, the more cases it will miss.

As you point out in the paragraph about Apple, trust is also about the human-world concept of trust. As in not securing something or trusting in someone else to behave responsible and trustworthy in your place. It is most likely we both understand the concepts of trust and privacy are under fire these days.

If, for example, you trust Apple Computer ........ All by itself, this is an extremely difficult problem.

If you don't fully understand all the aspects of every bit of source code (including that for firmare) that goes into building the computing systems you use, and then build all that code yourself and install it yourself, you don't have a basis for full trust of that computing system. You can still choose to trust it implicitly; in the real world it's relatively unlikely that a given binary chosen at random will be malicious, and your use of the computing system might not expose you to much risk- but it would be more sensible to limit your trust in that system.

I don't think many people do fully understand, even those taking care of security. It is also not possible to review every bit of code you install, unless you're about to start giving Gnome or LibreOffice a one-man code review ;-D

I trust Debian more than I trust Android; I don't put sensitive information on my phone. My PC might have sensitive information (if I owned any), but I'd encrypt it. I don't trust Debian fully, because I'm aware of the (small) possibility of malicious code in the repos or an MITM between me and the mirror.

I kind of trust Debian but more than i do Ubuntu or Android. IMHO Debian has not put enough effort in securing host to mirror communications. Or did not explain well enough why the current measures are sufficiënt. Personally i have only moderate trust in the peer code-review model touted for decades in Open-Source as well as Free Software. Though i must admit it has proven flexible and responsive, at times even strong at delivering.

The world is not more dangerous nor less trustworthy now than it was before the Snowden revelations, nor was it any safer before the 9/11 attacks. Some people are untrustworthy; they will seek to harm you. There are technologies that exist in order to help them do so. There are technologies that exist in order to help you protect yourself.

Very True. It is horrific to think business's are actually exploiting this and cultivating a sense of insecurity. I think people themselves are sufficiently prudent or even suspicious to not need a brand new culure of insecurity and oversight ( thinking cities anyone ? ).

I often act as a freelance security consultant (and I'm available for hire if anyone is looking). I tell my victims (um, I mean "clients") the same thing I will tell you: "Don't trust me: let me show you how you won't have to."

I'm not really sure what you mean. I, eh, don't victimize my prospects That pitch-line is quite good, if not excellent.

[koanhead]

Security is largely concerned with trust.

I often act as a freelance security consultant (and I'm available for hire if anyone is looking). I tell my victims (um, I mean "clients") the same thing I will tell you: "Don't trust me: let me show you how you won't have to."

I'm not really sure what you mean. I, eh, don't victimize my prospects That pitch-line is quite good, if not excellent.

Thanks. By "victims" I mean the poor checkout-counter kid that I harangue about setting up a GPG key and using TOR. I frequently get into these kinds of conversations with folks I meet during the course of the day.

[jlambrecht]

Hmmm, that indeed could be considered harassment. GPG is excuseable, TOR on the other hand is imho bad advice.

[tomazzi]

(...) TOR on the other hand is imho bad advice.

... and why?

[jlambrecht]

Bare with me for a moment or two. I hope i can make my point in a non-offensive way.

I think using TOR is bad practice to start with, you're actually educating people no-one can be trusted. But hey, this stuff, this stuff you can trust. That doesn't make sense to me. The use of TOR in Europe to me seems like an exaggeration. In the USA one might consider but must realise this is a call for trouble, given the 'war on terror' is not over just yet.

It MUST be flawed for someone to exploit, the treasure is way to high for it NOT to be exploitable.

If one thinks deeply deeply about security it is obvious it has or had to be. People using TOR do not escape control, they escape because they did not do anything seriously illegal or did not pop up on the radar just yet. This is a stretch admittedly, as some of the 'news' related to TOR's interceptability might as well be one fine piece of F.U.D.

On the other hand I applaud TOR's existence for dissidents, journalists and such people alike. Everyone needs a chance to encounter and live without fear, to spread information without fear. I think stuff like TOR is making matters worse when in use by large numbers. The base for my initial remark.

I've met people who use tor, anonymous VPN service and whatever works. Just to remain 'anonymous' on the internet. Living with my own thoughts I wasn't sure they were. Ever since the recent proxy.sh confession i'm sure they most likely are not, this is exemplary for the line of thought i've noticed to grow.

Remember, the internet was and is in no way designed to deliver true anonymity so one should not expect such. In fact, it is a basis for trust and stability. We should value our relative freedom and show trust for others to be able to show trust as well. The more trust there is the more freedom there will be to gain. And freedom, i hope and believe, brings prosperity.

Now i'm going to sit on my sofa and watch the 'Drugs in America' journal which sheds light on the averse effect of yet another war. I'm sure te 'war on insecurity' and the 'war for privacy' are destroying more than we hope for. I'm open to proof of the contrary.

[DominiqueM]

THOR users bases is not only dissidents, journalists and such people, but also secret services like the CIA, NSA, and so on. In consequence, I would not trust THOR too much. It can be better than nothing, especially in countries where it is less cops by inhabitants than the US, but it will not provide a 100% security, especially in the US and other over-secured countries.

[DominiqueM]

1st:
As long as You write or compile an application which is not requiring special priviledges to work, You don't have to even know about the existence of *kits. And even if this is the case, then there are still many ways to go without *kit dependancy.

But the problem with *kit is it mess with existing good working applications. And its internal are so complicated it need a java script interpreter into the core of the system, which is insane.

Also, if you want gnome or pulseaudio, it is no way you can compile them without * kit support. In practice, to remove *kit is a good way to get ride of gnome and pulseaudio. For me, this is the only advantage of *kit, you remove them and apt-get (or portage) will remove gnome and pulseaudio for good.

2nd:
The idea behind solutions like polkit is to allow users to perform some actions without (even temporarily) giving root priviledges to them (unlike in case of sudo or in case of defining allowed cmds in sudoers file) - so theoretically this is more safe.
Additionally polkit is intended to provide standardised way for defining the rules and API.

I see the result with startx. X was not starting anymore. Sure, it is 100 % secure as X doesn't start. After modifying ~/.xinitrc, X was starting again. The only "advantage" is to have a dozen of additional processes.

The problem is, that implementation of polkit is currently broken - f.e. there are dangerous issues with race conditions, and the idea to use XML for critical system config files is simply ... not a good one.

regards.

For me, polkit is broken by design. Its javascript interpreter in the core of the system is a fantastic way to open the door to exploits that was unthinkable before. And also because it break good working systems, it should be an option, like in pulseaudio, to completely disable it and let the rest of the system do its job.

Best.

[tomazzi]

I think using TOR is bad practice to start with, you're actually educating people no-one can be trusted. But hey, this stuff, this stuff you can trust. That doesn't make sense to me. The use of TOR in Europe to me seems like an exaggeration. In the USA one might consider but must realise this is a call for trouble, given the 'war on terror' is not over just yet.

Most likely You can trust Your family, Your firiends and Yourself, but that's all basically.
Besides other things, TOR allows peoples to freely access internet pages, bypassing censorship and redirections in some countries - and they need TOR routers and exit nodes outside their countries.

People using TOR do not escape control, they escape because they did not do anything seriously illegal or did not pop up on the radar just yet. This is a stretch admittedly, as some of the 'news' related to TOR's interceptability might as well be one fine piece of F.U.D.

I think You're missing some basic knowledge about what is the Onion routing
Basicly, it's impossible to trace or decrypt the data, unless You will own most of the routers and exit nodes - what is practically impossible, because most of that 4225 routers (active at the moment) are owned by private persons spreaded around the world, and their authenticity is additionally verified by special means.

---------------------------

But the problem with *kit is it mess with existing good working applications. And its internal are so complicated it need a java script interpreter into the core of the system, which is insane.

Also, if you want gnome or pulseaudio, it is no way you can compile them without * kit support. In practice, to remove *kit is a good way to get ride of gnome and pulseaudio. For me, this is the only advantage of *kit, you remove them and apt-get (or portage) will remove gnome and pulseaudio for good.
(...)
For me, polkit is broken by design. Its javascript interpreter in the core of the system is a fantastic way to open the door to exploits that was unthinkable before. And also because it break good working systems, it should be an option, like in pulseaudio, to completely disable it and let the rest of the system do its job.

Best.

Polkit is using java script interpreter (and not JRE) - just like other software is using LUA or Python inerpreters to allow users to easily write their code. Security rules are nothing but code, and syntax is only matter of joice. Besides, the interpreter runs within polkitd process - it's completely separated from other parts of the system. So it's not a problem with security of java. It' also not a problem with complexity of polkit internals, but rather an effect of trying to get things done fast instead of getting them done well.

Btw, I don't understand what do You have against pulseaudio ??
By default it is running in per-user sessions, and this is very good idea: it separates user-space audio applications from hardware driver. In case when misbehaving application will mess up pulseaudio, You can simply restart it.

Regards.

[jlambrecht]

I think You're missing some basic knowledge about what is the Onion routing Basicly, it's impossible to trace or decrypt the data, unless You will own most of the routers and exit nodes - what is practically impossible, because most of that 4225 routers (active at the moment) are owned by private persons spreaded around the world, and their authenticity is additionally verified by special means.

http://en.wikipedia.org/wiki/Tor_(anonymity_network)

Originally sponsored by the U.S. Naval Research Laboratory,[9] which had been instrumental in the early development of onion routing under the aegis of DARPA, Tor was financially supported by the Electronic Frontier Foundation from 2004 to 2005.[11] Tor software is now developed by the Tor Project, which has been a 501(c)(3) research-education nonprofit organization [12] based in the United States of America [1] since December 2006. It has a diverse base of financial support;[11] the U.S. State Department, the Broadcasting Board of Governors, and the National Science Foundation are major contributors.[13] As of 2012, 80% of the Tor Project's $2M annual budget comes from the United States government, with the Swedish government and other organizations providing the rest,[14] including NGOs and thousands of individual sponsors.[15]

In March 2011 the Tor Project was awarded the Free Software Foundation's 2010 Award for Projects of Social Benefit on the following grounds: "Using free software, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity. Its network has proved pivotal in dissident movements in both Iran and more recently Egypt."[16]


Sorry but :p Your Call

I hereby refer to the " I applaud section" of my previous reply. Why use TOR if it's governement sponsored and you're actually living in a part of the world where bilateral agreements exist, freedom of speech etc. ?

Though after watching 'Drugs in America' on Belgian TV yesterday i can understand one living in the U.S.A. has serious an justified concerns about the course of justice in the U.S.A.

[DominiqueM]

But the problem with *kit is it mess with existing good working applications. And its internal are so complicated it need a java script interpreter into the core of the system, which is insane.

Also, if you want gnome or pulseaudio, it is no way you can compile them without * kit support. In practice, to remove *kit is a good way to get ride of gnome and pulseaudio. For me, this is the only advantage of *kit, you remove them and apt-get (or portage) will remove gnome and pulseaudio for good.
(...)
For me, polkit is broken by design. Its javascript interpreter in the core of the system is a fantastic way to open the door to exploits that was unthinkable before. And also because it break good working systems, it should be an option, like in pulseaudio, to completely disable it and let the rest of the system do its job.

Best.

Polkit is using java script interpreter (and not JRE) - just like other software is using LUA or Python inerpreters to allow users to easily write their code. Security rules are nothing but code, and syntax is only matter of joice. Besides, the interpreter runs within polkitd process - it's completely separated from other parts of the system. So it's not a problem with security of java. It' also not a problem with complexity of polkit internals, but rather an effect of trying to get things done fast instead of getting them done well.

A different point of view. That doesn't change it mess good working systems and I don't want it And it is a difference between a software using python rules into the user environment, and a polkit running a java interpreter, which also is a Turing complete language, into the core of the system. A side effect of using javascript is many system administrators know almost nothing about java script and just don't want, or don't have the time to learn it.

Btw, I don't understand what do You have against pulseaudio ??
By default it is running in per-user sessions, and this is very good idea: it separates user-space audio applications from hardware driver. In case when misbehaving application will mess up pulseaudio, You can simply restart it.

Regards.

I have nothing against pulseaudio and I understand the need for it. What I don't like with pa is its polkit dependency, but that's fine for me as I don't use it. So, that's not a problem if removing polkit removed pa. It was disabled from a long time ago anyway. But what I like in pa is it have an option to completely disable it. Such a configuration option should definitively exist in polkit. This would give the opportunity to do the things well.

I run jack all the time, which also is running in per-user sessions. I can interface the ALSA only applications and jack with the snd-aloop module and the zita-bridges, and get a constant sound latency which is a must for serious audio pro work and audio engineering, which pa is not able to provide. And it is so easy to use when you are used to.

[tomazzi]

http://en.wikipedia.org/wiki/Tor_(anonymity_network)

Originally sponsored by the U.S. Naval Research Laboratory,[9]
(...)
As of 2012, 80% of the Tor Project's $2M annual budget comes from the United States government, with the Swedish government and other organizations providing the rest,[14] including NGOs and thousands of individual sponsors.[15]

In March 2011 the Tor Project was awarded the Free Software Foundation's 2010 Award for Projects of Social Benefit on the following grounds: "Using free software, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity. Its network has proved pivotal in dissident movements in both Iran and more recently Egypt."[16]


Sorry but :p Your Call

I hereby refer to the " I applaud section" of my previous reply. Why use TOR if it's governement sponsored and you're actually living in a part of the world where bilateral agreements exist, freedom of speech etc. ?

So You think that every piece of software which is sponsored and not only voluntarily developed is suspicious?
Well, I would rather be cautious with using closed source software that is given for free... (like linux kernel binary blobs).
What should be said here: while it is possible to break Tor protective functionality, it's a hard task which is unlikely to be succefull - but without Tor tracing, decrypting, or even replacing original messages is trivially easy for professionals.
On the other hand, the fact that some security agencies are using Tor is only a good sign - they know it's working, so they're interested in further development of this solution.

I'm running 2 Tor routers and 1 Tor exit node (in separate locations) - and not just Tor client - so it's more participating in Tor project than using it. It costs me nothing and I'm doing this mainly to help others (even though my routers can be used also by some unknown government agencies to send encrypted orders to their spies somewhere in the world, or perhaps even by Dr Evil himself ).

----------------------------------------

A different point of view. That doesn't change it mess good working systems and I don't want it And it is a difference between a software using python rules into the user environment, and a polkit running a java interpreter, which also is a Turing complete language, into the core of the system. A side effect of using javascript is many system administrators know almost nothing about java script and just don't want, or don't have the time to learn it.

Well I can't fully agree - IMO the idea is good, only the implementation is a mess.
Regarding the admins and their knowledge of Java syntax: I don't see a problem here - polkit is using only small, relatively simple and clean fraction of the Java syntax - and to be honest, it's more clean than most of configuration syntaxes used by all the software in *nix world. Practicaly every existing low-level system application is using completely different syntax for configuration file - so polkit is just one more app on that stack.

I do agree however that Java shouldn't be even considered as suitable for such task, firstly because of its Turing completness (as You've already pointed), but also because using so complex language (and complex interpreter) just to enable structured syntax and actions definitions is simply like shooting to a fly with a cannon.

regards.

[jlambrecht]

You clearly have your point and chose what you endorse. I'm not blaming anyone with what i have to say, as stated clearly before.

I'm just pointing at the fact you're motivating people to use something they actually have little use for in civilian life. Or wait, no. You're absolutely right. Don't you remember the proposals allready made years ago to ban ALL encrypted traffic ?

This discussion is pointless as it's validity depends on it's use-case. I for one have not seen any reason to hide any of my activity. Which probably makes me the uncoolest guy on this forum.

[tomazzi]

I'm just pointing at the fact you're motivating people to use something they actually have little use for in civilian life.

Well, its not me who started to cry out loud "Oh no, the NSA is spying everyone on the internet".
I'm just saying, that one of best solutions is already available, and everyone who is interested can use it.

regards.

[DominiqueM]

I'm just pointing at the fact you're motivating people to use something they actually have little use for in civilian life.

Well, its not me who started to cry out loud "Oh no, the NSA is spying everyone on the internet".
I'm just saying, that one of best solutions is already available, and everyone who is interested can use it.

regards.

To say to use Thor is like if my neighbor is spying on me by a nice summer afternoon and I must close the window. No, I will say to my neighbor to stop it, and if he persist, I will call the cops. The problem with the NSA is they are the cops and at the same time, they are the rotten ones. That imply political actions are needed, but as the politician are as rotten than the cops, it is to the peoples to take them, and as the NSA, CIA and so on are US agencies, it is to the US peoples to take them.

In the rest of the world, the only thing we can do is like the BRICS countries, to do our own network. But as our own spy agencies are spying on us and collaborating with the US ones, it imply we also need to take political actions in our own respective countries, and obviously, this forum is not the good one to discuss such actions.

[jlambrecht]

Well, its not me who started to cry out loud "Oh no, the NSA is spying everyone on the internet".
I'm just saying, that one of best solutions is already available, and everyone who is interested can use it.

oooh ;D Well, i guess everyone knew.

To say to use Thor is like if my neighbor is spying on me by a nice summer afternoon and I must close the window. No, I will say to my neighbor to stop it, and if he persist, I will call the cops. The problem with the NSA is they are the cops and at the same time, they are the rotten ones. That imply political actions are needed, but as the politician are as rotten than the cops, it is to the peoples to take them, and as the NSA, CIA and so on are US agencies, it is to the US peoples to take them.

It is only until recently i'm becomming convinced something deeply rotten is going on. Personally i think most of exists in the collective imagination and is a matter of perception paired with convictions. But there is something rotten going on in our collective perception. How else can it be in the land of the free impovrishment has become a system. Being such a God driven nation it is a slap in the face of christianity.

In the rest of the world, the only thing we can do is like the BRICS countries, to do our own network. But as our own spy agencies are spying on us and collaborating with the US ones, it imply we also need to take political actions in our own respective countries, and obviously, this forum is not the good one to discuss such actions.

Something rotten is going, or appears to be going on. I fear it is the surfacing of the world-wide failure of democracy. Democracy is only as strong as the clearheadedness of it's enforcers. There, some things are in dire need of improvement. It is the first time in my life i'm seriously considering the fact Politics is dead and burried. Will we be living in a 'Starship Trooper' like society soon ?

But indeed, this forum is no such place for such a discussion.

[DominiqueM]

Democracy is a wonderful concept that evolved with time. In theory, it mean government by the people. In the Ancient time in Greece, it was the democracy for the citizens, which was 10% of the society, the 90 % was slaves without any political right. And God have all to do with that because the names of the ancient Gods was the names of the ancestors of the free citizens.

With the French revolution, and the other revolutions of that period, it become the democracy for the land owners, which also was a tiny fraction of the society. And with the industrial revolution, it become the democracy for the riches, because with a lot of money, you can buy more rights than poor peoples can do. Recently, women where admitted in that club.

So, democracy has never been the government by the people. It is just to look at who are the politicians, they are not poor peoples, when most of us are poor peoples. Even in Switzerland, my country, it is ten times more peoples with an university grade among the politicians than in the rest of the population. I am not saying all of them are rotten, this is the system that is rotten and must be changed. In other words, this is the one that will endure the consequences of the political decisions that must take them, and that imply to develop a grass-root democracy. This is what they call participative democracy in South America.

This will not be easy. This will not take one day, but a lot of time. But this is the way to go.

And it is another problem. At the same time democracy was introduced in the Ancient time, new religions was introduced, religions that introduce insane dogmas like the fight of the good and the evil, or the complementarity of the yin and the yang. These dogmas change our relationship with Nature by giving superstitious qualities to the things. Things become good or bad by nature, and it become possible to introduce a hierarchy between the Gods, the men and the rest of the creation, and from there, another one between men, some of them become closer to the Gods than the others.

The first hierarchy is the moral justification of the exploitation, pollution and destruction of Nature. After a few centuries of industrialization, we now know for sure this is a way of death. The second hierarchy is the moral justification of the institutional racism that is the ground of all civilizations, their only universality is their reject of anything else and every one else. It is why it was no durable civilization from the Ancient time, and ours will not be different.

That imply we have to change that too. We have to retrieve our real roots, which are with Nature and not against Nature. This is not the things which are good or bad or yin or yang, but us who have the choice to make good things or bad things. We have the choice to say nothing and let a very few of us to continue to lead us by the nose to the final catastrophe, which will not be like in the Apocalypse but 100% men made, or to say stop and try to improve our society for the better.

[jlambrecht]

Let me start by saying this is an awesome summary of democratic history.

Democracy is a wonderful concept that evolved with time. In theory, it mean government by the people. In the Ancient time in Greece, it was the democracy for the citizens, which was 10% of the society, the 90 % was slaves without any political right. And God have all to do with that because the names of the ancient Gods was the names of the ancestors of the free citizens. . . . . . This is what they call participative democracy in South America.

This will not be easy. This will not take one day, but a lot of time. But this is the way to go.

Personally i suspect the hierarchic models to poisson or perception of ourselves and thus others. Much like atheists lay the blame with religion. In fact the fact they blame religions is a strong indication of the hierarchic model's toxicity to the human mind ( or soul ) Unless our species produces hierarchy 'memes' to evolve and we're just gonna have to suffer our own existence.

We're an internetworked species if one model should be used as reference. Which is why at times i look at the 7-layer OSI model in blasphemous awe

.....

That imply we have to change that too. We have to retrieve our real roots, which are with Nature and not against Nature. This is not the things which are good or bad or yin or yang, but us who have the choice to make good things or bad things. We have the choice to say nothing and let a very few of us to continue to lead us by the nose to the final catastrophe, which will not be like in the Apocalypse but 100% men made, or to say stop and try to improve our society for the better.

This is where it stings. At this very moment there are really intelligent people stating they want to 'improve' nature and 'improve' humanity. I'm not sure why they want to do this, they are most likely unaware of the flaw within themselves This is actually what i believe to THE issue with humanity. Once one is endorsed by 'power' there comes to exist the impossibility to distinguish what is reasonable and what is not, as by default.

You know the saying "Born a slave one has not to die as a slave" ? These days i no longer believe so. If we truly are victim of our own limitations as a species there is no escape of this tragedy. If we are more than the sum of our parts we can and will.

Then i ask, where's the action ? No one believes in revolution anymore.

The true Elite thrives on cultural sophistications, which appear as rigidity, which i presume date back to ancient times. There is an abyss between us and them because the system forces us to keep taking care of them. Not the other way around.

We do have choices but peer-pressure, a fear-driven culture and personal-interest make us 'slaves'. Nothing's gonna change until a few people start making the right decisions and go forth with it. Not starting revolution but enabling change.

[Jimmyfd]

There is a saying that "in order for you to change anything around you, you first of all have to learn how to change yourself". And those words ring true where ever you live. If one isn't able to change oneself, and have the courage to do so then no changes will occur, anywhere.

In France the government is truly afraid of the people. The French people have the courage to fill the streets in protest, and you must admit that even you have had your laugh about their protesting actions. In the US people do not have the tradition of political mass protest in the streets. Nor have the people of my own country, Denmark, that tradition. We are SO afraid of the government that we simply kick our heels an say "Jawool" to ANY new rule they throw at us. Same behavior goes for the rest of the worlds populations. They are lead to believe that freedom is an illusion no single man, or woman, is able to administer.

In Denmark taxes are close to a 100%. And we keep up with it. Why? Because no one have the courage to pull the breaks. Believing that the "democracy" under which we live will protect us from any harm we silently float along.
You see it. I see it. And so does millions of other people - The world is on the brink of the 3rd world war - And why? Silence is not always golden. Corporate greed is driving the globe towards another gigantic war. That war is not to be feared. Why? Because when it comes it'll all be over. There's still time to avoid that war if we chose so.

Democracy hasn't failed in the western world. The peoples of the western world have failed to nurse the power they hold as individuals.

Mind you. I do NOT hate America, or any American. Likewise I do not hate any other human being, not even Muslims. In Denmark we pride ourselves on being the H. C. Andersen country. Believe me, there's absolutely no fairy tail in being a Dane. We have laws and regulations that would envy even Adolf Hitler in genetic sorting of humans. It's not written into any law, obviously, but the outcome of regulations paints a gruesome picture. In Denmark we sort peoples worth according to illnesses. If you're an alcoholic you're doomed. You're weak and worthless to society. If you got diabetes people can make money off of your illness and you become worth helping. Do not tell me that other countries tend to be much different from ours.

Debian has thrived for twenty years. Without any kind of leadership but a set of agreed upon rules. And it works.

I know of a society that have existed since 1935 without any kind of leadership what so ever. It has survived on a common conciseness for all those years. Maybe, just maybe that's the way we should choose.

Am I being to to political do delete this input.

/Jimmy

[jlambrecht]

Thanks for the input. It is always good to learn more on such subjects.

There are still native people0 who live the simplest, most natural, society. The work with trade ( hunter, gatherer, medicin, .... ) rather than leadership. As such interdependency is natural and reflects reality rather than a theory.

The structure/experience of interdependency is what makes peoples minds and perception.

Therefor hierarchy is most likely a toxic driver for the human mind. It blends all interdependencies into a single dot/leader ( or atom ) where all parts get so mangled they're unrecognisable and as such indigestible afterwards. If you get the figure of speech.