Freedombone Blog

Freedom in the Cloud

Deciphering Microsoft

Microsoft isn't as big as it once was. In the last decade we would obsess over their desktop hegemony and underhanded dealings, but these days not so much. Microsoft missed the boat with regards to mobile. They never entirely grokked the internet and are only recently trying to make inroads into the cloud.

My tepid take on the state of Microsoft is that they're going to be all about the cloud in the next few years. I expect Windows to become freeware or adware and to be a thin client operating system with minimal onboard processing. Anything that matters will happen in an Azure cloud and Windows laptops will be remotely managed clients, reminiscent of the days of mainframe computing. Users will be able to change a few settings, but other than that all of the software maintenance will be handled centrally.

So why did they buy Github? Was it to finally assassinate open source, their hatred of which was famously outlined within the Halloween documents?

Actually, subsequent to the Ballmer period, which ended four years ago, I think they're following a different strategy. The Windows desktop operating system is now legacy, and not their main focus. The new business model is going to be about telemetry and pushing targeted ads from the cloud to the desktop. That means they won't open source Windows but they'll try to cut its maintenance costs to the bare minimum. If they open sourced it then they'd lose control of the telemetry and ad delivery pipeline. I think the way they're going to reduce maintenance costs is by using as much open source software as they can, where they're not paying the developers. Note that here I'm using the term "open source" deliberately and not "Free Software". Owning Github puts them in a good position to do that. They can nudge things towards Azure over time in a slowly-slowly frog-boiling type of strategy and generally "communitize the community" in a Windows direction.

In the coming years I expect that Microsoft will do with Windows what Canonical has done With GNOME after Unity. An increasing fraction of the desktop OS will be maintained by the open source developer community at large and not by Microsoft. Privatize the benefits, externalize the costs. So open source, or even Free Software, is not the same kind of threat to them that it was during the Gates/Ballmer era and it may even be considered a business-critical ally.

You could object that this strategy is all about centralized cloud systems and that it fails to take into account that there is an emerging decentralization trend.

I think the decentralization trend is not quite what it appears to be. In most cases you'll find that what is decentralized is the software only and that the physical computing remains centralized within giant data centers. So even if we are entering a federated era based on ActivityPub or some similar protocol the Azure strategy would still work for Microsoft and wouldn't change their profitability much. If their Windows desktop client becomes thin enough it may also be suitable for mobile.

Tidying up Tor

Something which I noticed recently is that on the rare occasions where the Debian tor package gets updated it's potentially possible to lose the hidden service settings within your torrc configuration file if you make the wrong choice and say yes to use the maintainer's version of that file. Especially if you were running the "onion only" version of Freedombone this could be pretty bad. You wouldn't lose the keys, but it would still be very inconvenient and stop you from accessing apps.

Fortunately, there's a solution to this. The torrc file can define an include path where secondary configurations can be loaded. So this is now what happens in the current version of Freedombone. The configuration automatically gets migrated to use an include path to the settings. So no matter what happens when the tor package gets updated you shouldn't lose your settings or access to your apps via onion addresses.

The Stallman Directive

In an episode of Linux Unplugged they talk about Richard Stallman's proposed solutions to the problem of companies spying on people and then using the data in dubious ways. After a lot of meandering the actual discussion is about an hour into the show.

So what's the solution to this? Cambridge Analytica isn't the first company to use data in sketchy ways and it won't be the last. I also don't really agree with Stallman that legislation is the answer, since here in the UK the data protection act has existed for decades and even though there are many violations of it it's largely ignored.

For example, the data protection act says that data collected about people is supposed to be used by the "data controller" for a specified purpose, not for purposes different from the one for which the data was originally supplied, and also that people should be able to obtain copies of their data without unreasonable delay. When you think of the world of advertising companies and data brokers and so on it's easy to see that these basic rules are being broken routinely. Data supplied for one reason ends up being used for entirely other purposes. Maybe somewhere in the terms of service there are buried descriptions of what happens to personal data, but realisticly nobody except lawyers reads those documents and the problem boils down to what constitutes meaningful education and consent.

Things that have been tried and which we know don't work are:

  • Legislation similar to the data protection act. It very rarely or never gets enforced.
  • Simplified terms of service documents with fancy coloured icons. Still nobody reads them. In an era of technology monopolies often users don't have a realistic choice about whether to sign up for a service or not.
  • Naming and shaming companies when they abuse personal data. They just carry on doing the same anyway.
  • Browser plugins which do client side encryption. Have existed for a long time but since they're not installed by default practically nobody uses them.

In the Linux Unplugged episode FreedomBox is mentioned as a possible solution to the data ownership and privacy problem. I like this idea, but I think there's also another possibility which is non-corporate community management of systems - especially social networks. That is, the kind of federated model which exists already on the Open Web. To some extent the work involved with storing and managing communications data can be collectivised within an affinity group so that each user of the system doesn't have to take on the whole responsibility by themselves.

A couple of years ago it would have been easy to dismiss the federated model as something old-fashioned, perhaps resembling the bulletin board era before the internet, but now there are thousands of Mastodon installs and what appears to be very active communities around them who are not just the previous demographic of hardcore Stallmanites. What exists today is a pretty substantial proof of concept for an exit strategy from the current data dilemmas. It's not that today's fediverse is ultra private - far from it - but it's conceivable that better privacy features could be added.

What I think organisations such as FSF, EFF and ORG need to be doing is getting behind projects like FreedomBox and promoting them and showing people how to install and maintain them. If data is increasingly managed in a non-corporate way and perhaps also at a more municipal level then at least when it comes to devising legislation the pro-privacy side of things will be in a much stronger bargaining position.

The Bosworth Memo

I notice some amount of scandal around an internal Facebook memo written by Andrew Bosworth in 2016. What he's basically saying is that Facebook's mission is to connect people regardless of the outcomes of those connections, and that connecting people is always good.

That's obviously not true, and Zuckerberg is right when he says in response:

We recognize that connecting people isn't enough by itself. We also need to work to bring people closer together.

Probably the more damning part of this memo is where Bosworth admits to Facebook's use of antipatterns to trick people into over-sharing.

That’s why all the work we do in growth is justified. All the questionable contact importing practices. All the subtle language that helps people stay searchable by friends. All of the work we do to bring more communication in.

The Facebook scandal of the last month or so is just one of many over the previous decade. It's always nice to see people leaving that site, so long as they end up going somewhere better and not just disconnecting themselves out of misplaced hubris. Despite what technology journalists may say, there are real alternatives to Facebook and have been for many years. Friendica is still quite good, as is Hubzilla. Diaspora still exists. Mastodon is currently by far most popular of the non-corporate social network systems. And there are others in ascendancy. I am quietly (ok, noisily) confident that the worm is beginning to turn on what has been the status quo in social networks for the last decade.

I don't know anything about Andrew Bosworth, and the current fashion is to attack the individual as being uniquely immoral. This trend seems to apply regardless of where you are in the political milieu. Left, right, whatever. But it's important to remember that especially for a company the size of Facebook it's not really about corrupt individuals. The behavior and attitudes of Facebook staffers is strongly determined by the logic of the business model, which is surveillance capital. Even if Bosworth were to resign in disgrace he would be replaced by someone whose standpoint towards users and shareholders would be extremely similar. People create organizations but also organizations and their situation within a market (admittedly limited in this case - Facebook is a near monopoly) create particular kinds of personality. As the anthropologyst Alan McFarlane once said, Capitalism contains many contraditions, and often these contradictions play out within individual personalities.