From: Christine Lemmer-Webber <cwebber@dustycloud.org>
To: Taylan Kammer <taylan.kammer@gmail.com>
Cc: guix-devel@gnu.org
Subject: Re: Excessively energy-consuming software considered malware?
Date: Sun, 20 Feb 2022 13:53:12 -0500 [thread overview]
Message-ID: <87r17xgxqg.fsf@dustycloud.org> (raw)
In-Reply-To: <ba8e1bd3-aa1b-2d29-7176-8b6d36a6467e@gmail.com>
Taylan Kammer <taylan.kammer@gmail.com> writes:
> On 20.02.2022 11:05, Maxime Devos wrote:
>>
>> Guix has a policy against including malware[citation needed 2], and
>> furthering global warming[3] (and energy prices[4], if [3] is not bad
>> enough for you) seems rather bad behaviour to me.
>>
>> Would these miners be considered malware in Guix?
>>
> I'm not a fan of cryptocurrencies at all, but I don't like the idea of
> excluding software from Guix on the grounds that it's harmful in some
> indirect way.
>
> Malware is software that harms/exploits the user without their knowledge.
> The inefficiency of cryptocurrencies was never a secret, though people
> didn't think much about it; recently it's become widespread knowledge, so
> I think considering crypto miners to be malware is somewhat unreasonable.
>
> An example of actual malware would be a *hidden* crypto miner that sends
> the mined coins to the author of the software.
I think that's a good analysis. Software which installs a crytpo-miner
*without a user's knowledge* is a serious problem.
> If we're going to exclude software on grounds of it being used in harmful
> ways, I can already see people arguing that one should exclude software
> such as aircrack-ng for aiding in breaching into networks, or anonymity
> software like Tor because it aids perverts in sharing you-know-what or
> aids terrorists in planning attacks. Slippery slopes and all.
I agree... I'm also conscious that it'll put Guix in a position where
this will be a large portion of the work that Guix is doing is screening
software on a very large number of grounds, whereas we already screen
software much more so than most places. It could absorb a lot of our
energy. It's easy to underestimate just how all-consuming this could
become.
I share criticisms of proof-of-work. Though some of the criticisms
being raised on this list are treating "blockchains" and
"cryptocurrencies" as if they even were one coherent thing. In reality
the variance space of this is huge:
https://dustycloud.org/blog/what-is-a-blockchain-really/
You'll see plenty of my own criticisms coming up in there. But part of
my issue is, it's worth being precise about what's being criticized.
For instance, "proof of stake" has other problems (arguably still has
plutocratic properties), but not the energy consumption issue. Most of
the discourse contemporarily is acting as if both are the same. But
even proof of stake based systems are often being built on top of
software that's being refactored from "proof of work".
I think this activism criticizing design choices along these lines *is*
worthwhile, but building alternatives and getting them adopted may be a
stronger choice. I'd like to replace proof-of-work based systems
largely; there are under-appreciated directions that even predate
Bitcoin dramatically that are worth exploring.
Relatedly, the title of this is: "Excessively energy-consuming software
considered malware?" That's broad enough that it could also put a lot
of emphasis on "don't use inefficient languages" (actually that's how I
misread what the subject of this thread originally before opening it).
That's worthwhile also, but similarly, is Guix's package repository
acceptance/rejection the right place?
> One might argue that those pieces of software also have good uses, but
> the same could be argued about a crypto miner: perhaps I want to install
> one simply to study its operation to aide in some sort of research, maybe
> even research about its inherent inefficiency. Or maybe I want to devise
> a small-scale blockchain-based network for a niche use-case where the
> blockchain won't reach an unwieldy size or will be limited in lifetime.
>
> All in all, I think the baseline is that if something is software, and it
> respects the user's freedoms, it belongs in Guix.
>
> What do you think? I'm happy to have my mind changed. I've never used a
> crypto miner and continue to be disinterested in them so don't care about
> this particular case all that much, but the principle behind the reasoning
> bothers me somewhat.
next prev parent reply other threads:[~2022-02-20 19:11 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-20 10:05 Excessively energy-consuming software considered malware? Maxime Devos
2022-02-20 10:48 ` Tobias Platen
2022-02-20 11:13 ` Martin Becze
2022-02-20 16:52 ` Maxime Devos
2022-02-20 20:39 ` Martin Becze
2022-02-24 9:23 ` Hartmut Goebel
2022-02-24 11:18 ` Martin Becze
2022-02-25 0:27 ` Christine Lemmer-Webber
2022-02-25 12:41 ` Bengt Richter
2022-02-25 13:04 ` Tobias Geerinckx-Rice
2022-02-25 16:14 ` Bengt Richter
2022-02-25 16:32 ` Ricardo Wurmus
2022-02-25 16:49 ` Paul Jewell
2022-02-25 17:05 ` Maxime Devos
2022-02-25 17:35 ` Taylan Kammer
2022-02-25 19:00 ` Leo Famulari
2022-04-04 8:00 ` Attila Lendvai
2022-04-04 9:43 ` Maxime Devos
2022-04-04 10:15 ` Maxime Devos
2022-04-04 12:49 ` Attila Lendvai
2022-04-04 10:16 ` Maxime Devos
2022-04-04 10:37 ` Maxime Devos
2022-04-04 11:22 ` indieterminacy
2022-04-04 18:39 ` Liliana Marie Prikler
2022-02-24 9:13 ` Hartmut Goebel
2022-02-24 9:36 ` Attila Lendvai
2022-02-20 11:08 ` Ekaitz Zarraga
2022-02-20 11:27 ` Compiling blender Ricardo Wurmus
2022-02-20 11:34 ` Ekaitz Zarraga
2022-02-20 12:19 ` Faster "guix pull" by incremental compilation and non-circular modules? Maxime Devos
2022-02-20 16:47 ` Philip McGrath
2022-02-20 17:47 ` Semantics of circular imports Maxime Devos
2022-03-27 14:12 ` Philip McGrath
2022-03-27 14:19 ` Maxime Devos
2022-03-27 14:24 ` Maxime Devos
2022-03-27 14:33 ` Maxime Devos
2022-03-27 14:55 ` Maxime Devos
2022-03-28 4:24 ` Zhu Zihao
2022-03-30 4:50 ` Maxim Cournoyer
2022-02-28 13:17 ` Faster "guix pull" by incremental compilation and non-circular modules? Ludovic Courtès
2022-02-28 18:50 ` Maxime Devos
2022-05-31 4:54 ` Gábor Boskovits
2022-05-31 8:49 ` Maxime Devos
2022-05-31 10:23 ` Ricardo Wurmus
2022-02-20 15:54 ` Compiling blender Ricardo Wurmus
2022-02-20 16:14 ` Ekaitz Zarraga
2022-02-20 12:20 ` Excessively energy-consuming software considered malware? Taylan Kammer
2022-02-20 12:37 ` Maxime Devos
2022-02-20 12:44 ` Taylan Kammer
2022-02-20 14:59 ` Philip McGrath
2022-02-20 18:53 ` Christine Lemmer-Webber [this message]
2022-02-20 20:34 ` Jonathan McHugh
2022-02-20 12:32 ` Paul Jewell
2022-02-20 18:26 ` Liliana Marie Prikler
2022-02-20 19:36 ` Ryan Sundberg
2022-02-21 9:29 ` Attila Lendvai
2022-02-21 13:06 ` Maxime Devos
2022-02-21 18:56 ` raingloom
2022-02-21 23:02 ` Attila Lendvai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r17xgxqg.fsf@dustycloud.org \
--to=cwebber@dustycloud.org \
--cc=guix-devel@gnu.org \
--cc=taylan.kammer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).