May 3, 2019

Goals And Constraints

Filed under: digital,documentation,flickr,future,interfaces,linux,mozilla,work — mhoye @ 12:30 pm

This way to art.

I keep coming back to this:

“Open” in this context inextricably ties source control to individual agency. The checks and balances of openness in this context are about standards, data formats, and the ability to export or migrate your data away from sites or services that threaten to go bad or go dark. This view has very little to say about – and is often hostile to the idea of – granular access restrictions and the ability to impose them, those being the tools of this worldview’s bad actors.

The blind spots of this worldview are the products of a time where someone on the inside could comfortably pretend that all the other systems that had granted them the freedom to modify this software simply didn’t exist. Those access controls were handled, invisibly, elsewhere; university admission, corporate hiring practices or geography being just a few examples of the many, many barriers between the network and the average person.

And when we’re talking about blind spots and invisible social access controls, of course, what we’re really talking about is privilege.

How many people get to have this, I wonder: the sense that they can sit down in front of a computer and be empowered by it. The feeling of being able, the certainty that you are able to look at a hard problem, think about it, test and iterate; that easy rapid prototyping with familiar tools is right there in your hands, that a toolbox the size of the world is within reach. That this isn’t some child’s wind up toy I turn a crank on until the powerpoint clown pops up.

It’s not a universal or uniform experience, to be sure; they’re machines made of other people’s choices, and computers are gonna computer. But the only reason I get to have that feeling at all is that I got my start when the unix command line was the only decent option around, and I got to put the better part of a decade grooving in that muscle memory on machines and forums where it was safe – for me at least – to be there, fully present, make mistakes and learn from them.

(Big shoutout to everyone out there who found out how bash wildcards work by inadvertently typing mv * in a directory with only two files in it.)

That world doesn’t exist anymore; the internet that birthed it isn’t coming back. But I want everyone to have this feeling, that the machine is more than a glossy appliance. That it’s not a constraint. That with patience and tenacity it can work with you and for you, not just a tool for a task but an extension and expression of ourselves and our intent. That a computer can be a tool for expressing ourselves, for helping us be ourselves better.

Last week I laid out the broad strokes of Mozilla’s requirements for our next synchronous-text platform. They were pretty straightforward, but I want to thank a number of people from different projects who’ve gotten in touch on IRC or email to ask questions and offer their feedback.

Right now I’d like to lay out those requirements in more detail, and talk about some of the reasons behind them. Later I’m going to lay out the process and the options we’re looking at, and how we’re going to gather information, test those options and evaluate what we learn.

While the Rust community is making their own choices now about the best fit for their needs, the Rust community’s processes are going to strongly inform the steps for Mozilla. They’ve learned a lot the hard way about consensus-building and community decision-making, and it’s work that I have both a great deal of respect for and no intention of re-learning the hard way myself. I’ll have more about that shortly as well.

I mentioned our list of requirements last week but I want to drill into some of them here; in particular:

  • It needs to be accessible to the greater Mozilla community.

This one implies a lot more than it states, and it would be pretty easy to lay out something trite like “we think holistically about accessibility” the way some organizations say “a diversity of ideas”, as though that means anything at all. But that’s just not good enough.

Diversity, accessibility and community are all tightly interwoven ideas we prize, and how we approach, evaluate and deploy the technologies that connect us speaks deeply to our intentions and values as an organization. Mozilla values all the participants in the project, whether they rely on a screen reader, a slow network or older hardware; we won’t – we can’t – pick a stack that treats anyone like second-class citizens. That will not be allowed.

  • While we’re investigating options for semi-anonymous or pseudonymous connections, we will require authentication, because:
  • The Mozilla Community Participation Guidelines will apply, and they’ll be enforced.

Last week Dave Humphrey wrote up a reminiscence about his time on IRC soon after I made the announcement. Read the whole thing, for sure. Dave is wiser and kinder than I am, and has been for as long as we’ve known each other; his post spoke deeply to many of us who’ve been in and around Mozilla for a while, and two sentences near the end are particularly important:

“Having a way to get deeply engaged with a community is important, especially one as large as Mozilla. Whatever product or tool gets chosen, it needs to allow people to join without being invited.”

We’ve got a more detailed list of functional and organizational requirements for this project, and this is an important part of it: “New users must be able to join the service without manual intervention from a Mozilla employee.”

We’ve understood this as an accessibility issue for a long time as well, though I don’t think we’ve ever given it a name. “Involvement friction”, maybe – everything about becoming part of a project and community that’s hard not because it’s inherently difficult, but because nobody’s taken the time to make it easy.

I spend a lot of time thinking about something Sid Wolinsky said about the first elevators installed in the New York subway system: “This elevator is a gift from the disability community and the ADA to the nondisabled people of New York”. If you watch who’s using the elevators, ramps or automatic doors in any public building long enough, anything with wheelchair logo on it, you’ll notice a trend: it’s never somebody in a wheelchair. It’s somebody pushing a stroller or nursing a limp. It’s somebody carrying an awkward parcel, or a bag of groceries. Sometimes it’s somebody with a coffee in one hand and a phone in the other. Sometimes it’s somebody with no reason at all, at least not one you can see. It’s people who want whatever thing they’re doing, however difficult, to be a little bit easier. It’s everybody.

If you cost out accessible technology for the people who rely on it, it looks really expensive; if you cost it out for everyone who benefits from it, though, it’s basically free. And none of us in the “benefit” camp are ever further than a sprained ankle away from “rely”.

We’re getting better at this at Mozilla in hundreds of different ways, at recognizing how important it is that the experience of getting from “I want to help” to “I’m set up to help” to “I’m helping” be as simple and painless as possible. As one example, our bootstrap scripts and mach-build have reduced our once-brittle, failure-prone developer setup process down to “answer these questions and wait for the downloads to finish”, and in the process have done more to make the Firefox codebase accessible than I ever will. And everyone relies on them now, first-touch contributors and veteran devs alike.

Getting involved in the community, though, is still harder than it needs to be; try watching somebody new to open source development try to join an IRC channel sometime. Watch them go from “what’s IRC” to finding a client to learning how to use the client to joining the right server, then the right channel, only to find that the reward for all that effort is no backscroll, no context, and no idea who you’re talking to or if you’re in the right place or if you’re shouting into the void because the people you’re looking for aren’t logged in at the same time. It’s like asking somebody to learn to operate an airlock on their own so they can toss themselves out of it.

It’s more than obvious that you don’t build products like that anymore, but I think it’s underappreciated that it’s just as true of communities. I think it’s critical that we bring that same discipline of caring about the details of the experience to our communications channels and community forums, and the CPG is the cornerstone of that effort.

It was easy not to care about this when somebody who wanted to contribute to an open source project with global impact had maybe four choices, the Linux kernel, the Mozilla suite, the GNU tools and maybe Apache. But that world was pre-Github, pre-NPM. If you want to work on hard problems with global impact now you have a hundred thousand options, and that means the experience of joining and becoming a part of the Mozilla community matters.

In short, the amount of effort a project puts into making the path from “I want to help” to “I’m helping” easier is a reliable indicator of the value that project puts on community involvement. So if we say we value our community, we need to treat community involvement and contribution like a product, with all the usability and accessibility concerns that implies. To drive involvement friction as close to zero as possible.

One tool we’ll be relying on – and this one, we did build in-house – is called Mozilla-IAM, Mozilla’s Identity and Access Management tool. I’ll have more to say about this soon, but at its core it lets us proxy authentication from various sources and methods we trust, Github, Firefox Accounts, a link in your email, a few others. We think IAM will let us support pseudonymous participation and a low-cost first-contact experience, but also let us keep our house in order and uphold the CPG in the process.

Anyway, here’s a few more bullet points; what requirements doc isn’t full of them?

A synchronous messaging system that meets our needs:

  • Must work correctly in unmodified, release-channel Firefox.
  • Must offer a solid mobile experience.
  • Must support thousands of simultaneous users across the service.
  • Must support easy sharing of hyperlinks and graphics as well as text.
  • Must have persistent scrollback. Users reconnecting to a channel or joining the channel for the first time must be able to read up to acquire context of the current conversation in the backscroll.
  • Programmatic access is a hard requirement. The service must support a mature, reasonably stable and feature-rich API.
  • As mentioned, people participating via accessible technologies including screen readers or high-contrast display modes must be able to participate as first-class citizens of the service and the project.
  • New users must be able to join the service without manual intervention from a Mozilla employee.
  • Whether or not we are self-hosting, the service must allow Mozilla to specify a data retention and security policy that meets our institutional standards.
  • The service must have a customizable first-contact experience to inform new participants about Mozilla’s CPG and privacy notice.
  • The service must have effective administrative tooling including user and channel management, alerting and banning.
  • The service must support delegated authentication.
  • The service must pass an evaluation by our legal, trust and security teams. This is obviously also non-negotiable.

I doubt any of that will surprise anyone, but they might, and I’m keeping an eye out for questions. We’re still talking this out in #synchronicity on irc.m.o, and you’re welcome to jump in.

I suppose I should tip my hand at this point, and say that as much as I value the source part of open source, I also believe that people participating in open source communities deserve to be free not only to change the code and build the future, but to be free from the brand of arbitrary, mechanized harassment that thrives on unaccountable infrastructure, federated or not. We’d be deluding ourselves if we called systems that are just too dangerous for some people to participate in at all “open” just because you can clone the source and stand up your own copy. And I am absolutely certain that if this free software revolution of ours ends up in a place where asking somebody to participate in open development is indistinguishable from asking them to walk home at night alone, then we’re done. People cannot be equal participants in environments where they are subject to wildly unequal risk. People cannot be equal participants in environments where they are unequally threatened.

I think we can get there; I think we can meet our obligations to the Mission and the Manifesto as well as the needs of our community, and help the community grow and thrive in a way that grows and strengthens the web want and empowers everyone using and building it to be who we’re aspiring to be, better.

The next steps are going to be to lay out the evaluation process in more detail; then we can start pulling in information, stand up instances of the candidate stacks we’re looking at and trying them out.

January 8, 2019

Feature Request

Filed under: digital,documentation,fail,interfaces,linux,toys,vendetta,want — mhoye @ 9:50 am

If I’m already in a Linux, ideally a Debian-esque Linux, is there a way for me to say “turn this new external hard drive into a bootable Linux that’s functionally identical to this current machine”? One that doesn’t involve any of dd, downloading an ISO or rebooting? It’s hard to believe this is as difficult as it seems, or that this isn’t a standard tool yet, but if it is I sure can’t find it.

Every installer I’ve seen since the first time I tried the once-magical Knoppix has let you boot into a workable Linux on its own and install that Linux to the hard drive if you like, but I can’t a standalone tool that does the same from a running system.

What I’m after is a tool (I briefly wrote “ideally graphical”, but yeah. Let’s be real here.) that you point at a hard drive, that:

  • Formats this new hard drive in some rough approximation of what you’ve already got and making it bootable. (grub-whatever?)
  • Installs the same packages onto that drive as are on the host system, and
  • Optionally copies over account information required, /home/*, passwords, whatever else is in /etc or /opt; skip (or be smart about?) stuff like the hostname or iptables, maybe.

…and ends with a hard drive I can plug into another system, boot and log into as comfortably-preconfigured me.

debootstrap almost gets part of the way there, and you can sort of convince that or multistrap to do the job if you scrape out your current config, pour it into a config file and rsync over a bunch of other stuff. But then I’m back in roll-it-yourself-land where I started.

Ideally this apparently-hypothetical magic clone tool would be able to do this with minimal network traffic, too – it’s likely I’ve already got many or most of those packages cached, no? And alternatively, it’d also be nice to able to keep my setup largely intact while migrating across architectures.

I go looking for this every few years, even though it puts me briefly back on the “why would you ever do it like that? You should switch distros!” You Asked A Linux Question On The Internet Treadmill. But I haven’t found a decent answer yet beyond rolling my own.


(Comments are off permanently. You’re welcome to mail me, though?)

December 16, 2018

Control Keys

Filed under: a/b,digital,documentation,fail,future,hate,interfaces,linux — mhoye @ 10:36 pm

I spend a lot of time thinking about keyboards, and I wish more people did.

I’ve got more than my share of computational idiosyncrasies, but the first thing I do with any computer I’m going to be using for any length of time is remap the capslock key to control (or command, if I find myself in the increasingly “what if Tattoine, but Candy Crush” OSX-land). I’ve made a number of arguments about why I do this over the years, but I think they’re mostly post-facto justifications. The real reason, if there is such a thing, is likely that the first computer I ever put my hands on was an Apple ][c. On the ][c keyboard “control” is left of “A” and capslock is off in a corner. I suspect that whatever arguments I’ve made since, the fact of it is that my muscle memory has been comfortably stuck in that groove ever since.

It’s more than just bizarre how difficult it is to reassign any key to anything these days; it’s weird and saddening, especially given how awful the standard keyboard layout is in almost every respect. Particularly if you want to carry your idiosyncrasies across operating systems, and if I’m anything about anything these days, it’s particular.

I’m not even mad about the letter layout – you do you, Dvorak weirdos – but that we give precious keycap real estate to antiquated arcana and pedestrian novelty at the expense of dozens of everyday interactions, and as far as I can tell we mostly don’t even notice it.

  • This laptop has dedicated keys to let me select, from levels zero to three, how brightly my keyboard is backlit. If I haven’t remapped control to caps I need to twist my wrist awkwardly to cut, copy or paste anything.
  • I’ve got two alt keys, but undo and redo are chords each half a keyboard away from each other. Redo might not exist, or the key sequence could be just about anything depending on the program; sometimes all you can do is either undo, or undo the undo?
  • On typical PC keyboards Pause/Break and Scroll Lock, vestigial remnants a serial protocol of ages past, both have premium real estate all to themselves. “Find” is a chord. Search-backwards may or may not be a thing that exists depending on the program, but getting there is an exercise. Scroll lock even gets a capslock-like LED some of the time; it’s that important!
  • The PrtScn key that once upon a time would dump the contents of your terminal to a line printer – and who doesn’t want that? – is now given over to screencaps, which… I guess? I’m kind of sympathetic to this one, I have to admit. Social network interoperability is such a laughable catastrophe that sharing pictures of text is basically the only thing that works, which should be one of this industry’s most shameful embarrassments but here we are. I guess this can stay.
  • My preferred tenkeyless keyboards have thankfully shed the NumLock key I can’t remember ever hitting on purpose, but it’s still a stock feature of OEM keyboards, and it might be the most baffling of the bunch. If I toggle NumLock I can… have the keys immediately to the left of the number pad, again? Sure, why not.
  • “Ins” –  insert – is a dedicated key for the “what if delete, but backwards and slowly” option that only exists at all because mainframes are the worst. Are there people who toggle this on purpose? Has anyone asked them if they’re OK? I can’t select a word, sentence or paragraph with a keystroke; control-A lets me either select everything or nothing.
  • Finally, SysRq – short for “System Request” – gets its own button too, and it almost always does nothing because the one thing it does when it works – “press here to talk directly to the hardware” – is a security disaster only slightly obscured by a usability disaster.

It’s sad and embarrassing how awkwardly inconsiderate and anti-human these things are, and the fact that a proper fix – a human-hand-shaped keyboard whose outputs you get to choose for yourself – costs about as much as a passable computer is appalling.

Anyway, here’s a list of how you remaps capslock to control on various popular OSes, in a roughly increasing order of lunacy:

  • OSX: Open keyboard settings and click a menu.
  • Linux: setxkboptions, I think. Maybe xmodmap? Def. something in an .*rc file somewhere though. Or maybe .profile? Does gnome-tweak-tool still work, or is it called ubuntu-tweak-tool or just tweak-tool now? This seriously used to be a checkbox, not some 22nd-century CS-archaeology doctoral thesis. What an embarrassment.
  • Windows: Make a .reg file full of magic hexadecimal numbers. You’ll have to figure out how on your own, because exactly none of that documentation is trustworthy. Import it as admin with regedit. Reboot probably? This is ok. This is fine.
  • iOS: Ive says that’s where the keys go so that’s where the keys go. Think of it as minimalism except for the number of choices you’re allowed to make. Learn to like it or get bent, pleb.
  • Android: Buy an app. Give it permission to access all your keystrokes, your location, your camera and maybe your heart rate. The world’s most profitable advertising company says that’s fine.

November 9, 2018

The Evolution Of Open

Filed under: digital,future,interfaces,linux,losers,mozilla,science,toys,vendetta,work — mhoye @ 5:00 pm

This started its life as a pair of posts to the Mozilla governance forum, about the mismatch between private communication channels and our principles of open development. It’s a little long-winded, but I think it broadly applies not just to Mozilla but to open source in general. This version of it interleaves those two posts into something I hope is coherent, if kind of rambly. Ultimately the only point I want to make here is that the nature of openness has changed, and while it doesn’t mean we need to abandon the idea as a principle or as a practice, we can’t ignore how much has changed or stay mired in practices born of a world that no longer exists.

If you’re up for the longer argument, well, you can already see the wall of text under this line. Press on, I believe in you.

Even though open source software has essentially declared victory, I think that openness as a practice – not just code you can fork but the transparency and accessibility of the development process – matters more than ever, and is in a pretty precarious position. I worry that if we – the Royal We, I guess – aren’t willing to grow and change our understanding of openness and the practical realities of working in the open, and build tools to help people navigate those realities, that it won’t be long until we’re worse off than we were when this whole free-and-open-source-software idea got started.

To take that a step further: if some of the aspirational goals of openness and open development are the ideas of accessibility and empowerment – that reducing or removing barriers to participation in software development, and granting people more agency over their lives thereby, is self-evidently noble – then I think we need to pull apart the different meanings of the word “open” that we use as if the same word meant all the same things to all the same people. My sense is that a lot of our discussions about openness are anchored in the notion of code as speech, of people’s freedom to move bits around and about the limitations placed on those freedoms, and I don’t think that’s enough.

A lot of us got our start when an internet connection was a novelty, computation was scarce and state was fragile. If you – like me – are a product of this time, “open” as in “open source” is likely to be a core part of your sense of personal safety and agency; you got comfortable digging into code, standing up your own services and managing your own backups pretty early, because that was how you maintained some degree of control over your destiny, how you avoided the indignities of data loss, corporate exploitation and community collapse.

“Open” in this context inextricably ties source control to individual agency. The checks and balances of openness in this context are about standards, data formats, and the ability to export or migrate your data away from sites or services that threaten to go bad or go dark. This view has very little to say about – and is often hostile to the idea of – granular access restrictions and the ability to impose them, those being the tools of this worldview’s bad actors.

The blind spots of this worldview are the products of a time where someone on the inside could comfortably pretend that all the other systems that had granted them the freedom to modify this software simply didn’t exist. Those access controls were handled, invisibly, elsewhere; university admission, corporate hiring practices or geography being just a few examples of the many, many barriers between the network and the average person.

And when we’re talking about blind spots and invisible social access controls, of course, what we’re really talking about is privilege. “Working in the open”, in a world where computation was scarce and expensive, meant working in front of an audience that was lucky enough to go to university or college, whose parents could afford a computer at home, who lived somewhere with broadband or had one of the few jobs whose company opened low-numbered ports to the outside world; what it didn’t mean was doxxing, cyberstalking, botnets, gamergaters, weaponized social media tooling, carrier-grade targeted-harassment-as-a-service and state-actor psy-op/disinformation campaigns rolling by like bad weather. The relentless, grinding day-to-day malfeasance that’s the background noise of this grudgefuck of a zeitgeist we’re all stewing in just didn’t inform that worldview, because it didn’t exist.

In contrast, a more recent turn on the notion of openness is one of organizational or community openness; that is, openness viewed through the lens of the accessibility and the experience of participation in the organization itself, rather than unrestricted access to the underlying mechanisms. Put another way, it puts the safety and transparency of the organization and the people in it first, and considers the openness of work products and data retention as secondary; sometimes (though not always) the open-source nature of the products emerges as a consequence of the nature of the organization, but the details of how that happens are community-first, code-second (and sometimes code-sort-of, code-last or code-never). “Openness” in this context is about accessibility and physical and emotional safety, about the ability to participate without fear. The checks and balances are principally about inclusivity, accessibility and community norms; codes of conduct and their enforcement.

It won’t surprise you, I suspect, to learn that environments that champion this brand of openness are much more accessible to women, minorities and otherwise marginalized members of society that make up a vanishingly small fraction of old-school open source culture. The Rust and Python communities are doing good work here, and the team at Glitch have done amazing things by putting community and collaboration ahead of everything else. But a surprising number of tool-and-platform companies, often in “pink-collar” fields, have taken the practices of open community building and turned themselves into something that, code or no, looks an awful lot like the best of what modern open source has to offer. If you can bring yourself to look past the fact that you can’t fork their code, Salesforce – Salesforce, of all the damn things – has one of the friendliest, most vibrant and supportive communities in all of software right now.

These two views aren’t going to be easy to reconcile, because the ideas of what “accountability” looks like in both contexts – and more importantly, the mechanisms of accountability built in to the systems born from both contexts – are worse than just incompatible. They’re not even addressing something the other worldview is equipped to recognize as a problem. Both are in some sense of the word open, both are to a different view effectively closed and, critically, a lot of things that look like quotidian routine to one perspective look insanely, unacceptably dangerous to the other.

I think that’s the critical schism the dialogue, the wildly mismatched understandings of the nature of risk and freedom. Seen in that light the recent surge of attention being paid to federated systems feels like a weirdly reactionary appeal to how things were better in the old days.

I’ve mentioned before that I think it’s a mistake to think of federation as a feature of distributed systems, rather than as consequence of computational scarcity. But more importantly, I believe that federated infrastructure – that is, a focus on distributed and resilient services – is a poor substitute for an accountable infrastructure that prioritizes a distributed and healthy community.  The reason Twitter is a sewer isn’t that Twitter is centralized, it’s that Jack Dorsey doesn’t give a damn about policing his platform and Twitter’s board of directors doesn’t give a damn about changing his mind. Likewise, a big reason Mastodon is popular with the worst dregs of the otaku crowd is that if they’re on the right instance they’re free to recirculate shit that’s so reprehensible even Twitter’s boneless, soporific safety team can’t bring themselves to let it slide.

That’s the other part of federated systems we don’t talk about much – how much the burden of safety shifts to the individual. The cost of evolving federated systems that require consensus to interoperate is so high that structural flaws are likely to be there for a long time, maybe forever, and the burden of working around them falls on every endpoint to manage for themselves. IRC’s (Remember IRC?) ongoing borderline-unusability is a direct product of a notion of openness that leaves admins few better tools than endless spammer whack-a-mole. Email is (sort of…) decentralized, but can you imagine using it with your junkmail filters off?

I suppose I should tip my hand at this point, and say that as much as I value the source part of open source, I also believe that people participating in open source communities deserve to be free not only to change the code and build the future, but to be free from the brand of arbitrary, mechanized harassment that thrives on unaccountable infrastructure, federated or not. We’d be deluding ourselves if we called systems that are just too dangerous for some people to participate in at all “open” just because you can clone the source and stand up your own copy. And I am absolutely certain that if this free software revolution of ours ends up in a place where asking somebody to participate in open development is indistinguishable from asking them to walk home at night alone, then we’re done. People cannot be equal participants in environments where they are subject to wildly unequal risk. People cannot be equal participants in environments where they are unequally threatened. And I’d have a hard time asking a friend to participate in an exercise that had no way to ablate or even mitigate the worst actions of the internet’s worst people, and still think of myself as a friend.

I’ve written about this before:

I’d like you to consider the possibility that that’s not enough.

What if we agreed to expand what freedom could mean, and what it could be. Not just “freedom to” but a positive defense of opportunities to; not just “freedom from”, but freedom from the possibility of.

In the long term, I see that as the future of Mozilla’s responsibility to the Web; not here merely to protect the Web, not merely to defend your freedom to participate in the Web, but to mount a positive defense of people’s opportunities to participate. And on the other side of that coin, to build accountable tools, systems and communities that promise not only freedom from arbitrary harassment, but even freedom from the possibility of that harassment.

More generally, I still believe we should work in the open as much as we can – that “default to open”, as we say, is still the right thing – but I also think we and everyone else making software need to be really, really honest with ourselves about what open means, and what we’re asking of people when we use that word. We’re probably going to find that there’s not one right answer. We’re definitely going to have to build a bunch of new tools.  But we’re definitely not going to find any answers that matter to the present day, much less to the future, if the only place we’re looking is backwards.

[Feel free to email me, but I’m not doing comments anymore. Spammers, you know?]

October 15, 2018

Quality Speakings

Filed under: documentation,future,interfaces,linux,mozilla,work — mhoye @ 7:32 pm

Unfortunately my suite of annoying verbal tics – um right um right um, which I continue to treat like Victor Borge’s phonetic punctuation – are on full display here, but I guess we’ll have to live with that. Here’s a talk I gave at the GTA Linux User Group on “The State Of Mozilla”, split into the main talk and the Q&A sections. I could probably have cut a quarter of that talk out by just managing those twitches better, but I guess that’s a project for 2019. In the meantime:

The talk:

The Q&A afterwards:

The preview on that second one is certainly unflattering. It ends on a note I’m pretty proud of, though, around the 35 minute mark.

I should go back make a note of all the “ums” and “rights” in this video and graph them out. I bet it’s some sort of morse-coded left-brain cry for help.

August 13, 2018

Licensing Edgecases

Filed under: digital,documentation,interfaces,linux,mozilla,work — mhoye @ 4:37 pm

While I’m not a lawyer – and I’m definitely not your lawyer – licensing questions are on my plate these days. As I’ve been digging into one, I’ve come across what looks like a strange edge case in GPL licensing compliance that I’ve been trying to understand. Unfortunately it looks like it’s one of those Affero-style, unforeseen edge cases that (as far as I can find…) nobody’s tested legally yet.

I spent some time trying to understand how the definition of “linking” applies in projects where, say, different parts of the codebase use disparate, potentially conflicting open source licenses, but all the code is interpreted. I’m relatively new to this area, but generally speaking outside of copying and pasting, “linking” appears to be the critical threshold for whether or not the obligations imposed by the GPL kick in and I don’t understand what that means for, say, Javascript or Python.

I suppose I shouldn’t be surprised by this, but it’s strange to me how completely the GPL seems to be anchored in early Unix architectural conventions. Per the GPL FAQ, unless we’re talking about libraries “designed for the interpreter”, interpreted code is basically data. Using libraries counts as linking, but in the eyes of the GPL any amount of interpreted code is just a big, complicated config file that tells the interpreter how to run.

At a glance this seems reasonable but it seems like a pretty strange position for the FSF to take, particularly given how much code in the world is interpreted, at some level, by something. And honestly: what’s an interpreter?

The text of the license and the interpretation proposed in the FAQ both suggest that as long as all the information that a program relies on to run is contained in the input stream of an interpreter, the GPL – and if their argument sticks, other open source licenses – simply… doesn’t apply. And I can’t find any other major free or open-source licenses that address this question at all.

It just seems like such a weird place for an oversight. And given the often-adversarial nature of these discussions, given the stakes, there’s no way I’m the only person who’s ever noticed this. You have to suspect that somewhere in the world some jackass with a very expensive briefcase has an untested legal brief warmed up and ready to go arguing that a CPU’s microcode is an “interpreter” and therefore the GPL is functionally meaningless.

Whatever your preferred license of choice, that really doesn’t seem like a place we want to end up; while this interpretation may be technically correct it’s also very-obviously a bad-faith interpretation of both the intent of the GPL and that of the authors in choosing it.

The position I’ve taken at work is that “are we technically allowed to do this” is a much, much less important question than “are we acting, and seen to be acting, as good citizens of the larger Open Source community”. So while the strict legalities might be blurry, seeing the right thing to do is simple: we treat the integration of interpreted code and codebases the same way we’d treat C/C++ linking, respecting the author’s intent and the spirit of the license.

Still, it seems like something the next generation of free and open-source software licenses should explicitly address.

June 8, 2017

A Security Question

To my shame, I don’t have a certificate for my blog yet, but as I was flipping through some referer logs I realized that I don’t understand something about HTTPS.

I was looking into the fact that I sometimes – about 1% of the time – I see non-S HTTP referers from Twitter’s URL shortener, which I assume means that somebody’s getting man-in-the-middled somehow, and there’s not much I can do about it. But then I realized the implications of my not having a cert.

My understanding of how this works, per RFC7231 is that:

A user agent MUST NOT send a Referer header field in an unsecured HTTP request if the referring page was received with a secure protocol.

Per the W3C as well:

Requests from TLS-protected clients to non- potentially trustworthy URLs, on the other hand, will contain no referrer information. A Referer HTTP header will not be sent.

So, if that’s true and I have no certificate on my site, then in theory I should never see any HTTPS entries in my referer logs? Right?

Except: I do. All the time, from every browser vendor, feed reader or type of device, and if my logs are full of this then I bet yours are too.

What am I not understanding here? It’s not possible, there is just no way for me to believe that it’s two thousand and seventeen and I’m the only person who’s ever noticed this. I have to be missing something.

What is it?

FAST UPDATE: My colleagues refer me to this piece of the puzzle I hadn’t been aware of, and Francois Marier’s longer post on the subject. Thanks, everyone! That explains it.

SECOND UPDATE: Well, it turns out it doesn’t completely explain it. Digging into the data and filtering out anything referred via Twitter, Google or Facebook, I’m left with two broad buckets. The first is is almost entirely made of feed readers; it turns out that most and maybe almost all feed aggregators do the wrong thing here. I’m going to have to look into that, because it’s possible I can solve this problem at the root.

The second is one really persistent person using Firefox 15. Who are you, guy? Why don’t you upgrade? Can I help? Email me if I can help.

November 14, 2016

Switching Sides

Filed under: a/b,digital,documentation,interfaces,linux,mozilla,toys,work — mhoye @ 4:48 pm

Toronto Skyline

I’ve been holding off on a laptop refresh at work for a while, but it’s time. The recent Apple events have been less than compelling; I’ve been saying for a long time that Mozilla needs more people in-house living day to day on Windows machines and talk is cheaper than ever these days, so.

I’m taking notes here of my general impressions as I migrate from a Macbook Pro to a Surface Book and Windows 10.

I’ll add to them as things progress, but for now let’s get started.

  • I don’t think highly of unboxing fetishism, but it’s hard to argue against the basic idea that your very tactile first contact with a product should be a good one. The Surface Book unboxing is a bit rough, but not hugely so; there’s the rare odd mis-step like boxes that are harder than necessary to open or tape that tears the paper off the box.
  • I’ve got the Performance Base on the Surface Pro here; the very slight elevation of the keyboard makes a surprisingly  pleasant difference, and the first-run experience is pretty good too. You can tell Microsoft really, really wants you to accept the defaults, particularly around data being sent back to Microsoft, but you can reasonably navigate that to your comfort level it looks like. Hard to say, obvs.
  • I’m trying to figure out what is a fair assessment of this platform vs. what is me fighting muscle memory. Maybe there’s not a useful distinction to be made there but considering my notable idiosyncrasies I figure I should make the effort. If I’m going to pretend this is going to be useful for anyone but some alternate-universe me, I might as well. This came up in the context of multiple desktops – I use the hell out of OSX multiple desktops, and getting Windows set up to do something similar requires a bit of config twiddling and some relearning.The thing I can’t figure out here is the organizational metaphor. Apple has managed to make four-fingered swiping around multiple desktop feel like I’m pushing stuff around a physical space, but Windows feels like I’m using a set of memorized gestures to navigate a phone tree. This is a preliminary impression, but it feels like I’m going to need to just memorize this stuff.
  • In a multiple desktops setting, the taskbar will only show you the things running in your current desktop, not all of them? So crazymaking. [UPDATE: Josh Turnath in the comments turns out that you can set this right in the “multitasking” settings menu, where you can also turn off the “When I move one window, move other windows” settings which are also crazymaking. Thanks, Josh!]
  • If you’re coming off a Mac trackpad and used to tap-to-click, be sure to set the delay setting to “Short delay” or it feels weird and laggy. Long delay is tap, beat, beat, response; if you move the cursor the action vanishes. That, combined with the fact that it’s not super-great at rejecting unintentional input makes it mostly tolerable but occasionally infuriating, particularly if you’ve got significant muscle memory built up around “put cursor here then move it aside so you can see where you’re typing”, which makes it start selecting text seemingly at random. It’s way  better than any other trackpad I’ve ever used on a PC for sure, so I’ll take it, but still occasionally: aaaaaaargh. You’re probably better just turning tap-to-click off. UPDATE: I had to turn off tap to click, because omgwtf.
  • In this year of our lord two thousand and sixteen you still need to merge in quasi-magic registry keys to remap capslock . If you want mousewheel scrolling to work in the same directions as two-finger scrolling, you need to fire up RegEdit.exe and know the magic incantations. What the hell.
  • It’s surprising how seemingly shallow the Win10 redesign is. The moment you go into the “advanced options” you’re looking at the the same dialogs you’ve known and loved since WinXP. It’s weird how unfinished it feels in places. Taskbar icons fire off on a single click, but you need to flip a checkbox five layers deep in one of those antiquated menus to make desktop icons do the same.  The smorgasbords you get for right-clicking things look like a room full of mismanaged PMs screaming at each other.
  • You also have to do a bunch of antiquated checkbox clickery to install the Unix subsystem too, but complaining about a dated UI when you’re standing up an ersatz Linux box seems like the chocolate-and-peanut-butter of neckbearded hypocrisy, so let’s just agree to not go there. You can get a Linux subsystem on Windows now, which basically means you can have Linux and modern hardware with working power management and graphics drivers at the same time, which is pretty nice.
  • Pairing Apple’s multitouch trackpads with Windows only gets you one- and two-fingered gestures. C’mon. Really?
  • This is a common consensus here, after asking around a bit. Perplexity that Microsoft would put an enormous (and ultimately successful) effort into re-pinning and hardening the foundations underneath the house, recladding it and putting in an amazing kitchen, but on the 2nd floor the hinges are on the wrong side of the doors and there’s a stair missing on the way to the basement.
  • I’m not surprised the Windows Store isn’t the go-to installer mechanism yet – that’s true on Macs, too – but my goodness pickings there are pretty slim. Somehow I have to go visit all these dodgy-looking websites to get the basic-utilities stuff sorted out, and it feels like an outreach failure of some kind. This is vaguely related to my next point, that:
  • The selection of what does vs. doesn’t come preinstalled is… strange. I feel like Microsoft has space to do something really interesting here that they’re not capitalizing on for some reason. Antitrust fears? I dunno. I just feel like they could have shipped this with, say, Notepad++ and a few other common utilities preinstalled and made a lot of friends.
  • The breakaway power cables are fantastic. A power brick with fast-charge USB built in and freeing up slots on the machine proper is extremely civilized. You can be sitting with your legs crossed and have the power plugged in, which I sincerely miss being able to do with underpowered 1st-gen Macbook Air chargers back in the mists of prehistory.
  • The Surface Dock is basically perfect. Power, Ethernet, two DisplayPorts and four USB ports over that same breakaway cable is excellent. If you’ve ever used a vintage IBM Thinkpad docking station, this is something you’ve been wishing Apple would make for the better part of a decade.
  • I assumed “Skype Preview” was a preview version of Skype. I wanted (and pay for) the whole thing, so I immediately uninstalled that and installed normal Skype, which it turns out is really outdated-looking and ugly on Win10. I was bewildered about why a premiere Microsoft-owned thing like Skype would look ugly on their flagship OS, so I did some research and discovered that “Skype Preview” isn’t a preview version of Skype. It’s the prettified modern Win10 version. So I reinstalled it and uninstalled Skype. I’m sure this is somehow my fault for not understanding this but in my defense: words mean things.
  • This hardware is really nice. The hinge works great, eject to tablet is crisp and works well, reversing it to the easel setup is both surprisingly good and for-real useful.

Anyway, this is where I am so far. More notes as I think of them.


  • Definitely turn off the two-finger-tap-to-right-click option – if you don’t and you’ve got fat hands like mine, sometimes it will get into a state where everything is a right-click, which is inexplicable and upsetting.
  • I saw my first tripped-over USB-C cable send a Macbook crashing to the floor today. I suspect it will not be the last.

Further updates:

  • It turns out there’s a (baffling!) option to turn a click on the lower right corner of the trackpad into a right-click, which is just super-weird and infuriating if you don’t know it’s there and (apparently?) turned on by default.
  • The trick to reversing mousewheel scrolling only is here, and involves RegEdit, finding all the instances of FlipFlopWheel in the registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\HID\ and changing them from 0 to 1. Very user friendly.
  • A lot of network-related stuff in the Unix subsystem doesn’t work right or at all yet, but my understanding is that this is fixed in the Insider builds.
  • A nice as having the Unix subsystem is, the terminal thing you use to get to it is infuriating retro-bizarro DOS-window garbage.  [UPDATE: bwinton has introduced me to Cmder, a console emulator for Windows that is vastly better than the Ubuntu default in every observable respect. Use that instead.]
  • Unexpected but pleasant: CPU in the lid instead of the base means your lap doesn’t overheat.

Further-er updates:

  • A nice touch: searching for common OSX utility names with the taskbar brings you directly to their Windows counterparts, like “grab” brings you to the snippets tool.
  • It’s surprising how often the “how do I do [something]?” links in the Settings dialog box take you to the same undifferentiated and completely un-navigable Windows 10 support page. Really rookie stuff, like they fired the intern responsible three weeks into their placement and just forgot about it.
  • It’s really frustrating how both of those experiences coexist basically everywhere in this OS. Nice, elegantly-deployed and useful touches in some places, arbitrarily broken or ill-considered jank in others.

Further Updates 4: The Furthening;

  • There’s now a Surface Book User Guide, and it’s got some good information in it. For example, fn-del and fn-backspace adjust screen brightness, something I’ve missed from my Macbook. Also, fn-space for screenshots is nice enough, though the provided snipping tool is better (better than OSX Grab, too.)
  • You can use AutoHotKey scripts to remap what pen-clicking does, turning it into a passable presenter’s tool. Which is kind of neat.

Finally, one of the most upsetting things about Windows 10 is how power management just doesn’t reliably work at all. There’s no safe-sleep; running out of battery means state loss, potentially data loss, and a cold reboot. I’ve had to set it to hibernate on a lid closed because sometimes suspend just… doesn’t. Before I did that, I’d put it into my bag with the lid closed and it would mysteriously wake in my backpack, once hot enough that it was uncomfortable to touch. Despite the fact that my unmodified default settings say “critical power level is 6% and the action to take here is hibernate”, I routinely see 4%-power-remaining warnings and then hard shutdowns, and if I’m not careful hard reboots afterwards. Honestly, what the hell.

Last update: Well, this is unfortunate:


Postmortem: Still like Windows 10, but after putting up with that screen yellowing and an increasing number of baffling hangs (and the discovery that the backup software had been silently failing for weeks), this machine got RMA’ed. I’ll have another one soon; hopefully it was an isolated hardware problem, but I guess we’ll see.

August 29, 2016

Free As In Health Care

This is to some extent a thought experiment.

The video below shows what’s called a “frontal offset crash test” – your garden variety driver-side head-on collision – between a 2009 Chevrolet Malibu and a 1959 Chevrolet Bel Air. I’m about to use this video to make a protracted argument about software licenses, standards organizations, and the definition of freedom. It may not interest you all that much but if it’s ever crossed your mind that older cars are safer because they’re heavier or “solid” or had “real” bumpers or something you should watch this video. In particular, pay attention to what they consider a “fortunate outcome” for everyone involved. Lucky, for the driver in the Malibu, is avoiding a broken ankle. A Bel Air driver would be lucky if all the parts of him make it into the same casket.

 [ ]

Like most thought experiments this started with a question: what is freedom?

The author of the eighteenth-century tract “Cato’s Letters” expressed the point succinctly: “Liberty is to live upon one’s own Term; Slavery is to live at the mere Mercy of another.” The refrain was taken up with particular emphasis later in the eighteenth century, when it was echoed by the leaders and champions of the American Revolution.’ The antonym of liberty has ceased to be subjugation or domination – has ceased to be defenseless susceptibility to interference by another – and has come to be actual interference, instead. There is no loss of liberty without actual interference, according to most contemporary thought: no loss of liberty in just being susceptible to interference. And there is no actual interference – no interference, even, by a non-subjugating rule of law – without some loss of liberty; “All restraint, qua restraint, is evil,” as John Stuart Mill expressed the emerging orthodoxy.

– Philip Pettit, Freedom As Anti-Power, 1996

Most of our debates define freedom in terms of “freedom to” now, and the arguments are about the limitations placed on those freedoms. If you’re really lucky, like Malibu-driver lucky, the discussions you’re involved in are nuanced enough to involve “freedom from”, but even that’s pretty rare.

I’d like you to consider the possibility that that’s not enough.

What if we agreed to expand what freedom could mean, and what it could be. Not just “freedom to” but a positive defense of opportunities to; not just “freedom from”, but freedom from the possibility of.

Indulge me for a bit but keep that in mind while you exercise one of those freedoms, get in a car and go for a drive. Freedom of movement, right? Get in and go.

Before you can do that a few things have to happen first. For example: your car needs to have been manufactured.

Put aside everything that needs to have happened for the plant making your car to operate safely and correctly. That’s a lot, I know, but consider only the end product.

Here is a chart of the set of legislated standards that vehicle must meet in order to be considered roadworthy in Canada – the full text of CRC c.1038, the Motor Vehicle Safety Regulations section of the Consolidated Regulations of Canada runs a full megabyte, and contains passages such as:

H-point means the mechanically hinged hip point of a manikin that simulates the actual pivot centre of the human torso and thigh, described in SAE Standard J826, Devices for Use in Defining and Measuring Vehicle Seating Accommodation (July 1995); (point H)

H-V axis means the characteristic axis of the light pattern of a lamp, passing through the centre of the light source, used as the direction of reference (H = 0°, V = 0°) for photometric measurements and for the design of the installation of a lamp on a vehicle; (axe H-V)

… and

Windshield Wiping and Washing System

104 (1) In this section,

areas A, B and C means the areas referred to in Column I of Tables I, II, III and IV to this section when established as shown in Figures 1 and 2 of SAE Recommended Practice J903a Passenger Car Windshield Wiper Systems, (May 1966), using the angles specified in Columns III to VI of the above Tables; (zones A, B et C)

daylight opening means the maximum unobstructed opening through the glazing surface as defined in paragraph 2.3.12 of Section E, Ground Vehicle Practice, SAE Aerospace-Automotive Drawing Standards, (September 1963); (ouverture de jour)

glazing surface reference line means the intersection of the glazing surface and a horizontal plane 635 mm above the seating reference point, as shown in Figure 1 of SAE Recommended Practice J903a (May 1966); (ligne de référence de la surface vitrée)

… and that mind-numbing tedium you’re experiencing right now is just barely a taste; a different set of regulations exists for crash safety testing, another for emissions testing, the list goes very far on. This 23 page PDF of Canada’s Motor Vehicle Tire Safety Regulations – that’s just the tires, not the brakes or axles or rims, just the rubber that meets the road – should give you a sense of it.

That’s the car. Next you need roads.

The Ontario Provincial Standards for Roads & Public Works consists of eight volumes. The first of them, General And Construction Specifications, is 1358 pages long. Collectively they detail how roads you’ll be driving on must be built, illuminated, made safe and maintained.

You can read them over if you like, but you can see where I’m going with this. Cars and roads built to these standards don’t so much enable freedom of motion and freedom from harm as they delimit in excruciating detail the space – on what road, at what speeds, under what circumstances – where people must be free from the possibility of specific kinds of harm, where their motion must be free from the possibility of specific kinds of restriction or risk.

But suppose we move away from the opposition to bare interference in terms of which contemporary thinkers tend to understand freedom. Suppose we take up the older opposition to servitude, subjugation, or domination as the key to construing liberty. Suppose we understand liberty not as noninterference but as antipower. What happens then?

– Philip Pettit, ibid.

Let me give away the punchline here: if your definition of freedom includes not just freedom from harassment and subjugation but from the possibility of harassment and subjugation, then software licenses and cryptography have as much to do with real digital rights and freedoms as your driver’s license has to do with your freedom of mobility. Which is to say, almost nothing.

We should be well past talking about the minutia of licenses and the comparative strengths of cryptographic algorithms at this point. The fact that we’re not is a clear sign that privacy, safety and security on the internet are not “real rights” in any meaningful sense. Not only because the state does not meaningfully defend them but because it does not mandate in protracted detail how they should be secured, fund institutions to secure that mandate and give the force of law to the consequences of failure.

The conversation we should be having at this point is not about is not what a license permits, it’s about the set of standards and practices that constitutes a minimum bar to clear in not being professionally negligent.

The challenge here is that dollar sign. Right now the tech sector is roughly where the automotive sector was in the late fifties. You almost certainly know or know of somebody on Twitter having a very 1959 Bel-Air Frontal-Offset Collision experience right now, and the time for us to stop blaming the driver for that is long past. But if there’s a single grain of good news here’s it’s how far off your diminishing returns are. We don’t need detailed standards about the glazing surface reference line of automotive glass, we need standard seatbelts and gas tanks that reliably don’t explode.

But that dollars sign, and those standards, are why I think free software is facing an existential crisis right now.

[ ]

I think it’s fair to say that the only way that standards have teeth is if there’s liability associated with them. We know from the automotive industry that the invisible hand of the free market is no substitute for liability in driving improvement; when the costs of failure are externalized, diffuse or hidden, those costs can easily be ignored.

According to the FSF, the “Four Freedoms” that define what constitutes Free Software are:

  • The freedom to run the program as you wish, for any purpose (freedom 0).
  • The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
  • The freedom to redistribute copies so you can help your neighbor (freedom 2).
  • The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

The cannier among you will already have noted – and scarred Linux veterans can definitely attest to the fact – that there’s no mention at all of freedom-from in there. The FSF’s unstated position has always been that anyone who wants to be free from indignities like an opaque contraption of a user experience, buggy drivers and nonexistent vendor support in their software, not to mention the casual sexism and racism of the free software movement itself, well. Those people can go pound sand all the way to the Apple store. (Which is what everyone did, but let’s put that aside for the moment.)

Let’s go back to that car analogy for a moment:

Toyota Motor Corp has recalled 3.37 million cars worldwide over possible defects involving air bags and emissions control units.

The automaker on Wednesday said it was recalling 2.87 million cars over a possible fault in emissions control units. That followed an announcement late on Tuesday that 1.43 million cars needed repairs over a separate issue involving air bag inflators.

About 930,000 cars are affected by both potential defects, Toyota said. Because of that overlap, it said the total number of vehicles recalled was 3.37 million.

No injuries have been linked to either issue.

Potential defects.

I think the critical insight here is that Stallman’s vision of software freedom dates to a time when software was contained. You could walk away from that PDP-11 and the choices you made there didn’t follow you home in your pocket or give a world full of bored assholes an attack surface for your entire life. Software wasn’t everywhere, not just pushing text around a screen but everywhere and in everything from mediating our social lives and credit ratings to pumping our drinking water, insulin and anti-lock brakes.

Another way to say that is: software existed in a well-understood context. And it was that context that made it, for the most part, free from the possibility of causing real human damage, and consequently liability for that damage was a non-question. But that context matters: Toyota doesn’t issue that recall because the brakes failed on the chopped-up fifteen year old Corolla you’ve welded to a bathtub and used as rally car, it’s for the safety of day to day drivers doing day to day driving.

I should quit dancing around the point here and just lay it out:  If your definition of freedom includes freedom from the possibility of interference, it follows that “free as in beer” and “free as in freedom” can only coexist in the absence of liability.

This is only going to get more important as the Internet ends up in more and more Things, and your right – and totally reasonable expectation – to live a life free from arbitrary harassment enabled by the software around you becomes a life-or-death issue.

If we believe in an expansive definition of human freedom and agency in a world full of software making decisions then I think we have three problems, two practical and one fundamental.

The practical ones are straightforward. The first is that the underpinnings of the free-as-in-beer economic model that lets Google, Twitter and Facebook exist are fighting a two-ocean war against failing ad services and liability avoidance. The notion that a click-through non-contract can absolve any organization of their responsibility is not long for this world, and the nasty habit advertising and social networks have of periodically turning into semi-autonomous, weaponized misery-delivery platforms makes it harder to justify letting their outputs talk to your inputs every day.

The second one is the industry prisoner’s dilemma around, if not liability, then at a bare minimum responsibility. There’s a battery of high-caliber first-mover-disadvantages pointed at the first open source developer willing to say “if these tools are used under the following conditions, by users with the following user stories, then we can and should be held responsible for their failures”.

Neither of these problems are insoluble – alternative financial models exist, coalitions can be built, and so forth. It’ll be an upheaval, but not a catastrophic or even sudden one. But anyone whose business model relies on ads should be thinking about transitions five to ten years out, and your cannier nation-states are likely to start sneaking phrases like “auditable and replaceable firmware” in their trade agreements in the next three to five.

The fundamental problem is harder: we need a definition of freedom that encompasses the notion of software freedom and human agency, in which the software itself is just an implementation detail.

We don’t have a definition of freedom that’s both expansive in its understanding of what freedom and agency are, and that speaks to a world where the line between data security and bodily autonomy is very blurry, where people can delegate their agency to and gain agency from a construct that’s both an idea and a machine. A freedom for which a positive defense of the scope of the possible isn’t some weird semitangible idea, but a moral imperative and a hill worth dying on.

I don’t know what that looks like yet; I can see the rough outlines of the place it should be but isn’t. I can see the seeds of it in the quantified-self stuff, copyleft pushback and the idea that crypto is a munition. It’s crystal clear that a programmer clinging to the idea that algorithms are apolitical or that software is divorced from human bias or personal responsibility is a physicist holding to the aetheric model or phlogiston when other people are fuelling their rockets. The line between software freedom and personal freedom is meaningless now, and the way we’ve defined “software freedom” just about guarantees its irrelevancy. It’s just freedom now, and at the very least if our definition of what freedom is – and our debate about what freedom could be –  isn’t as vast and wide-ranging and weird and wonderful and diverse and inclusive and scary as it could possibly be, then the freedom we end up with won’t be either.

And I feel like a world full of the possible would be a hell of a thing to lose.

November 9, 2015

The Devil And Strong Crypto

Filed under: digital,documentation,doom,future,interfaces,linux,vendetta — mhoye @ 1:23 pm

Period scenery-chewing aside, this is largely how I feel about strong, backdoorless cryptography.

When the last wires were tapped, your last passwords broken and the State finally turns on you, how would you hide, with all your secrets exposed? The internet is a forest of crypto from coast to coast – the user’s crypto, not the State’s – and if you cut that down, and you’re just the man to do it, do you really think you could stand upright in the winds that would blow then? Yes, I’d give the internet’s worst users the benefit of strong crypto, for my own safety’s sake.

Older Posts »

Powered by WordPress