[tahoe-dev] barriers to using tahoe

Jody Harris imhavoc at gmail.com
Fri Feb 5 21:22:14 PST 2010 

On Fri, Feb 5, 2010 at 9:46 PM, Zooko O'Whielacronx <zookog at gmail.com>wrote:

> On Thu, Feb 4, 2010 at 8:28 AM, Jody Harris <imhavoc at gmail.com> wrote:
>
> > "Bookmarks? What the heck? You mean I have to bookmark my files to get
> back
> > to them?"
> > You use bookmarks because you understand that the system does not offer
> you
> > another way of keeping track of files created through the WUI. As a new
> > initiate to Tahoe, I am viewing Tahoe as a file repository. I put
> something
> > in. I come back later to get something out. When I make a deposit in a
> bank,
> > I don't have to keep the transaction number in order to withdraw that
> money
> > later.
>
> So, we could make it so that there is a single distinguished "root"
> directory in Tahoe-LAFS for a given user and all the user's operations
> normally start from that directory. For example, if we're talking
> about a filesystem interface, there could be a "virtual drive" which
> looks just like a special mount point e.g. "/tahoe-lafs", and which
> has the write-cap to this special root directory. (That's exactly how
> the allmydata.com product works on Windows, where it is named "Z:"
> unless something else has already made a "Z:" drive in which case it
> gets assigned a different drive letter.)
>
> But my next question is: how do you backup the cap to that root
> directory? If your hard drive crashes, you're going to want that stuff
> back, right? So we can't just let the Tahoe-LAFS install process
> create a directory, put its cap into the local system so that the
> "/tahoe-lafs" mountpoint will use that cap, and then call it good.
>

Yeah, that's a problem.

"You have two kinds of users." (Play /The Good, the Bad and the Ugly/
theme):
  - "Those who understand what Tahoe is" (understanders),
  - And "Those who don't care" (users).

The "understanders" should be free to use Tahoe as it was designed (create
arbitrary numbers of root capabilities, create capabilities through
interface of choice, be responsible for keeping track of their own
capabilities).

The "users" should have a default capability created for them. They should
be told exactly what file (~/.tahoe/private/aliases) to make a copy of on
their trusty-always-with-them thumbdrive. (And told repeatedly.) It may be
necessary to limit the "users" ability to share capabilities if a workaround
cannot be found.

Transitioning from "user" to "understander" should only be barriered by
knowledge.

>
> And then my next question is: how do you share some of your files and
> directories with some of your friends? But at the same time withhold
> others of your files and directories from those friends, as well as
> withholding the shared files and directories from other of your
> friends?
>

This should remain available to "understanders," and be unavailable from
"users" only if an elegant solution cannot be found.

>
> > "You mean I have to TYPE stuff in the DOS window? Oooooo! Yuck!"
>
> Oh I get it, you mean command-line interfaces by definition are
> mysterious and arcane. Fine -- I guess that's not a ticket against
> Tahoe-LAFS. ;-)
>

Yes. I prefer command line more than most people, but less than Zooko.

>
> > Users expect a / directory in a filesystem.
>
> I don't yet know how to reconcile this with their expectations of (a)
> recovering their files after a disaster and (b) sharing access to
> their files and directories with others.
>
> In terms of the allmydata.com Windows product, the answers were: (a)
> allmydata.com keeps a copy of your root cap for you (thus giving
> allmydata.com the ability to read and alter all of your files, and (b)
> you can't.
>
> Is the possibility of a capabilities escrow of some kind even an option? It
would be potentially very difficult to design one based on this kind of
community. I think that, perhaps, giving the user many prompts to copy the
aliases file to a trusted backup system might be the best/cleanest option.
Instructions for restoring the aliases file must be easy to follow, easy to
find, and linked to clearly in the setup and usage documentation.


> > I've discovered that I have an awful lot of time since I turned off the
> > television.
>
> Yay! I highly approve. If I had a television I would never have any
> time to hack on Tahoe-LAFS, read about dietary theories, etc..
> Unfortunately they seem to be intent on inventing
> television-in-the-web-browser. I need to figure out how to avoid that,
> too. I hope they'll thoughtfully use proprietary technologies for it
> so that their advertisements and television shows will just appear as
> "broken plugin goes here" symbols in my web browser.
>

"I love television. Every time someone turns it on, I leave the room and go
read a book." (My boss attributed it to Groucho Marx, but I'm not finding
that anywhere.)

jody
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://allmydata.org/pipermail/tahoe-dev/attachments/20100205/3f48cf5f/attachment-0001.htm

More information about the tahoe-dev mailing list