Blog - Unity Behind Diversity

Searching for beauty in the dissonance

Tagged: Google

Degooglifying (Part IV): Calendar

This post is part of a series in which I am detailing my move away from centralized, proprietary network services. Previous posts in this series: email, feed reader, search.

Finding a replacement for Google Calendar has been one of the most difficult steps so far in my degooglification process, but in the end I’ve found a bunch of great, libre alternatives.

Beyond the basic criteria for free network services, I was looking for:

  • desktop, web and mobile clients
  • offline access, especially for mobile
  • multiple calendars
  • access controls for sharing calendars
  • ability to subscribe and share calendars with other servers
  • applicable for business and personal use

First Attempt: SyncML using SyncEvolution and Funambol

I started with SyncML, an open standard for syncing calendar and contact data. SyncEvolution is a great SyncML client, with both GUI and command line tools available for GNOME and Maemo GNU/Linux, and Funambol is an AGPL SyncML server, with an Android client.

I setup Funambol and migrated from Google Calendar in July 2011, using SyncEvolution on my N900 and my laptop, but there were a bunch of problems. It was unstable around the edges, not handling deletes very well, and sometimes choking and failing with certain characters ( ” maybe?) in event titles. When I tried to switch my parents over in Android, it was a nightmare trying to figure out where the sync was failing, and they eventually moved to Google Calendar instead. SyncEvolution only syncs with Evolution on the desktop; there’s no mature SyncML solution for Lightning. The Funambol free software edition felt like a bit of an afterthought as well, with poor or outdated documentation, and a crippled, totally useless “demo” web UI. There was no calendar sharing or access controls either. Plus, Funambol is a pretty heavy application, targeted at mobile carriers, not someone who wants to run it from their living room.

SyncML with Funambol and SyncEvolution allowed me to leave Google Calendar behind, but I ended up living off my mobile calendar, using Funambol essentially as a backup service. I had no web client, no shared calendars, and eventually stopped syncing to Evolution on my laptop. Part of the problem was Funambol, but part of the problem was also SyncML, which seems to be a clunky standard, designed for an older paradigm of syncing with offline mobile clients.

I quickly realized that CalDAV was the better open standard.

The Solution: CalDAV

CalDAV is an extension of WebDAV, an internet standard for remote access to calendar data. It’s a more modern standard that SyncML — though SyncML does have better support on older mobile devices. (There’s also CardDAV for contacts, but I’ll leave that for a future post.)

Servers: SOGo, ownCloud or Radicale

However, there are a ton of CalDAV servers.

Here are my favourites so far:

Application Pros Cons
SOGo
[demo]
Works with anything via connectors; well-integrated with Thunderbird/Lightning, and web UI modelled after Lightning; Ubuntu/Debian repos UI isn’t super pretty; comes with a webmail client I don’t want; heavy, took some effort to install (e.g. made a custom MySQL user auth table, in the absence of an LDAP server)
ownCloud
[demo]
Very alive; support for contacts, photos, music, etc.; Ubuntu/Debian repos Newer (immature when I first tried in 2011); seemed more of a personal than business tool, but that may have changed.This has changed. As of 2015, ownCloud is strong, mature and thriving.
Radicale Simple, elegant, light-weight For sysadmins: no UI

I tried a few others, but I wouldn’t recommend them:

  • Funambol CalDAV connector: In theory, best of both worlds with SyncML and CalDAV support, but I couldn’t figure out if there was an updated stable version, how to get it working with Funambol, etc., and this would still carry the Funambol issues and lack a web client or CardDAV support
  • DAViCal: seemed robust, but also onerous to configure and administer, and the web UI is only for administration (no web calendar client). This could work, but it just felt a bit onerous to use.
  • Update: lnxwalt mentions PHP Web Calendar, which I’d missed. I tried the online demo, but it looks/feels pretty ~2005: awkward and not fully-featured UI, focus on old standares like iCal (rather than true CalDAV?), with a CVS wishlist that includes SyncML support and a Java servlet, and import/export from Palm as a key feature, etc.

Others I didn’t bother to try:

  • Zimbra: Seemed like heavy-duty Groupware with a bunch of things I didn’t need or want — though could make sense if that’s what you’re looking for.
  • Horde (Kronolith): I did try Horde, but using the old interface a few years back. That UI felt 10+ years old, but it’s since undergone a complete overhaul and I haven’t looked at it since. Also, a groupware suite, which may be a plus or a minus. However, I don’t think it uses real CalDAV
  • Bedework: Java, seems heavy, without any obvious benefits or easy packaging
  • Apple Calendar and Contacts Server: while Apache licensed, it really doesn’t seem to be designed to enable other people to run the software — I didn’t get very far looking into this
  • Update: Jean Baptiste Favre has a great tutorial on implementing SabreDAV, a PHP library which implements WebDAV and its CalDAV and CardDAV extensions, if you want to build your own solution.

I’m using SOGo. Though, that’s partially because it was the most comprehensive solution that I had working at the time when my wife went back to work after maternity leave and we needed sharable calendars again to coordinate scheduling for childcare. But SOGo also has some nice, more advanced features, like the ability to subscribe to remote CalDAV feeds on other servers through the web UI.

I’m pretty happy with SOGo, though I’ll certainly be revisiting ownCloud and Radicale at some point. When I first tried ownCloud, it was immature, but it’s since grown a lot. And when I first tried Radicale, it was using a “strange” ACL model, but that’s been overhauled in 0.8. DAViCal was working, though it wasn’t a pleasure to configure, and I’m sure there are a few other workable servers I passed over.

I highly recommend ownCloud. At the end of 2014, I switched from SOGo to ownCloud, and have not looked back. ownCloud has a better web UI, has a much stronger and vibrant community, is alive and growing, is much easier to host (e.g. repos for popular GNU/Linux distributions, and GLAMP stack), and is useful for more than just CalDAV (I’m already using it for file syncronization and CardDAV as well).

Desktop Client: Lightning

Since I’m a Thunderbird/IceDove user, Lightning is the obvious choice for a desktop client. We also use Thunderbird at the office and in my family. Lightning also supports Google Calendar, so just like with degooglifying email, you can switch your frontend and backend in separate steps.

The Evolution calendar is pretty awkward. I tried it when I was using SyncML, but it didn’t last long. There are other options too.

Web Client: SOGo, ownCloud or CalDavZap

I’d prefer a server with a web client, like SOGo or ownCloud, but for a standalone CalDAV web client (e.g. to pair with Radicale or DAViCal), CalDavZap [demo] seems pretty cool.

Mobile Client: SyncEvolution or aCal

Maemo: The reason I spent so much time on SyncML was that there was no CalDAV client for Maemo, but now SyncEvolution supports CalDAV/CardDAV sync!

Android: Use Davdroid. It syncs CalDAV and CardDAV to native AOSP storage.

aCal is an Android CalDAV client, and a replacement for the proprietary Google calendar application. It works really well, but the UI feels really awkward and non-native. [Update: There’s also CalDAV-Sync, which I’d skipped over because it’s proprietary, but maiki pointed out that the developer at least intends to open source it eventually. I’m not sure if the Android Calendar is free software or one of the proprietary “Google experience” apps?] Both sync to local storage for offline support.

Conclusion

It took me a long time to figure this out, especially since I was focused on SyncML at first, but I’ve finally fully replaced Google Calendar with CalDAV solutions. SOGo, ownCloud and Radicale are all great CalDAV servers. SOGo and ownCloud have built-in web clients, but there’s also CalDavZap as a standalone web client. Lightning is the obvious cross-platform desktop CalDAV client of choice, and SyncEvolution and aCalDavdroid provide mobile clients for Maemo and Android.

The good news is there are plenty of options. As a bonus, most of these come with CardDAV support (which will be the focus of a future post), and ownCloud handles photos, music, and other files as well, so you may get more than just a calendar. Or, if it’s just a calendar you want, light-weight solutions like Radicale and CalDavZap give you just that.

I’m just thrilled to have finally figured this out.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (20)

Degooglifying (Part III): Web Search

This post is part of a series in which I am detailing my move away from centralized, proprietary network services. Previous posts in this series: email, feed reader.

Of all Google services, you’d think the hardest to replace would be search. Yet, although search is critical for navigating the web, the switching costs are low — no data portability issues, easy to use more than one search engine, etc. Unfortunately, there isn’t a straightforward libre web search solution ready yet, but switching away from Google to something that’s at least more privacy-friendly is easy to do now.

Quick Alternative: DuckDuckGo

In on sense, degooglifying search is easy: use DuckDuckGo. DuckDuckGo has a strong no-tracking aproach to privacy. The !bang syntax is awesome (hello !wikipedia), the search results are decent (though I still often !g for more technical, targeted or convoluted searches), it doesn’t have any search-plus-your-world nonsense or whatever walled garden stuff Google has been experimenting with lately, and it’s pretty solid on the privacy side. After just a few days, DuckDuckGo replaced Google as my default search engine, and my wife has since switched over as well.

The switch from Google Search to DuckDuckGo is incredibly easy and well worth it. If you’re still using Google Search, give DuckDuckGo a try — you’ve got nothing to lose.

But… DuckDuckGo isn’t a final destination. Remember: the point of this exercise isn’t for me to “leave Google,” but to leave Google’s proprietary, centralized, walled gardens for free and autonomous alternatives. DuckDuckGo is a step towards autonomy, as web search sans tracking, but it is still centralized and proprietary.

Web Search Freedom

A libre search solution calls for a much bigger change — from proprietary to free, from centralized to distributed, from a giant database to a peer-to-peer network — not just a change in search engines, but a revolution in web search.

YaCy

Last summer, I ran a search engine out of my living room for a few months: YaCy — a cross-platform, free software, decentralized, peer-to-peer search engine. Rather than relying on a single centralized search provider, YaCy users can install the software on their own computers and connect to a network of other YaCy users to perform web searches. It’s a libre, non-tracking, censorship-resistant web search network. The problem was that it wasn’t stable or mature enough last summer to power my daily web searches. I intend to install it again soon, because as a peer-to-peer effort it needs users and usage in order to improve, but an intermediate step like DuckDuckGo is necessary in the meantime.

Although YaCy is designed to be installed on your own computer, there is a public web search portal available as a demo.

Seeks

Seeks is another interesting project that takes a different approach to web search freedom. Seeks is “an open, decentralized platform for collaborative search, filtering and content curation.” As far as I understand, Seeks doesn’t replace existing search engines, but it adds a distributed network layer on top of them, giving users more control over search queries and results. That is, Seeks is a P2P collaborative filter for web search rather than a P2P indexer like YaCy. Rather than replacing web indexing, Seeks is focused on the privacy, control, and trust surrounding search queries and results, even if it sits on top of proprietary search engines.

Seeks also has a public web search portal (and DuckDuckGo supports !seeks). As you can tell, its results are much better than YaCy’s, but Seeks is tackling a smaller problem and still relying on existing search engines to index the web.

Conclusion

DuckDuckGo, though proprietary and centralized, provides some major privacy advantages over Google and is ready to be used today — especially with Google just a !g away.

But web search freedom requires a revolution like that envisioned by YaCy or Seeks. Seeks seems like more of a practical, incremental and realistic solution, but it still depends on proprietary search. YaCy is more of a complete solution, but it’s not clear whether its vision is technically feasible.

I intend to experiment with both of these projects — p2p services need users to improve — and continue to watch this space for new developments.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment

Degooglifying (Part II): Feed Reader

This post is part of a series in which I am detailing my move away from centralized, proprietary network services. Previous posts in this series: email.

Next to email, replacing Google Reader as my feed reader was relatively easy, though I’ve chosen to use the move as an opportunity to clean out my feed subscriptions, rather than doing a straight export/import. I’ve replaced Google Reader with two free software feed readers: Liferea (desktop) and Tiny Tiny RSS (web).

A reading list can be very personal, and it can also be very misleading out of context. For example, my reading list suggests all sorts of things about my religious and political views, about the communities to which I may be connected, etc. Though, it would take some analysis to try and figure out why I subscribe to any particular feed. Is the author’s view one I espouse and whole-heartedly hold as my own? One I find interesting, challenging, or thought-provoking? Or one I utterly disagree with yet want to learn more about?

There is something private about a complete reading list, much like the books you might check out from the library or the videos you might rent from a store. As we get more of this content through the internet, it’s easy for these lists (and even more behavioural data about how we interact with them) to be compiled in large, centralized, proprietary databases, alongside all sorts of other personal information that would not be available to a traditional Blockbuster or public library. Besides the software fredom issues, this is another revealing personal dataset that I can claim more control over by exercising software freedom, rather than dumping it into a big centralized, proprietary database. Both software freedom and privacy issues are at play here.

Desktop Client: Liferea

Liferea is a desktop feed reader for GNU/Linux. Google Reader was my first feed reader, so a desktop feed reader was a bit of an adjustment, but there are a few things I really like about it:

  • Native application: It integrates well with my desktop, with something like Ubuntu’s Messaging Menu, and it’s a client that feels somewhat familiar in GNOME.
  • Control over update frequency: One of the things that bugged me about Google Reader is it constantly checks for new content, whether or not you want it to. Sometimes, I don’t want to see anything new until tomorrow. It’s nice to be able to click update, read, and then let it be until I choose to update again. (Though, the downside is missing material if you don’t update often enough.)
  • Integration with Google Reader / Tiny Tiny RSS: This is a killer feature. You can use Liferea to read feeds through the Google Reader API, and recent versions have added support for a tt-rss backend as well. This helped with my transition because I could use Liferea as a front-end for Google Reader before I was prepared to migrate my feeds, to test it out, to ease the transition, etc. And, I will be able to use Liferea and tt-rss together to have both desktop and web-based clients.
  • Embedded Web Browser: This is also a killer feature. Websites that don’t have full-text feeds and only offer a content snippet are annoying in Google Reader, because you have to leave Reader to see the full content. But, in Liferea, you can tell it to automatically load content for a feed using the embedded web browser instead of just viewing the snippet, or hit enter on any feed entry to load the URL using the embedded browser. It even has basic tabbed browsing support, so you don’t have to flip back and forth between your web browser and your feed reader. This makes reading content from non-full-text feeds easy without leaving Liferea.
  • Integrated Comments: Liferea can detect comment feeds on many blogs, and it shows a handful of comments underneath entries. Combine this with a quick enter key to visit the web page with the embedded browser, and you no longer have to leave the feed reader to participate in the comments. This is a nice step up from the usual isolation of a feed reader from comment threads.
  • Authentication support for protected feeds: This is a useful feature for subscribing to protected content, such as an updates feed on an internal wiki.

I tested Liferea as a Google Reader front end, then migrated subscriptions group by group (giving me a chance to re-organize, though I could have just used an OPML export/import), and once I upgrade to Liferea 1.8, I’ll connect it to tt-rss.

Other Desktop Clients: RSSOwl is a free software, cross-platform (Windows, Mac OS X, GNU/Linux) feed reader, which also has Google Reader integration. I have only tried this briefly, so that I could recommend it to Windows users.

Web Client: Tiny Tiny RSS

Tiny Tiny RSS is a web-based feed reader, similar to Google Reader, but free software that you can run on your own web server. There are some feeds I read all the time, and others I’ll skim or catch up on when I have a chance. For the must-read feeds, it makes a huge difference to be able to read them from my mobile computer. With Google Reader, I used grr, and there is a mobile web interface. I migrated my must-read feeds to tt-rss instead of Liferea so that I’d have easy access to them while away from my laptop, while still having the ability to use Liferea when on my laptop with it’s tt-rss integration. I’m moving more and more feeds into tt-rss, though I plan to leave some less frequently updated, less important feeds or feeds that are difficult to read from my mobile in Liferea only.

Some cool features:

  • Publish articles to shared feed: Google Reader had a shared articles RSS feed, and I’d piped that into blaise.ca. tt-rss has a similar RSS feed, which I’ve also been able to include on my website
  • Mobile web interface: tt-rss has a mobile web interface for webkit browsers powered by iUI. With Macuco on my N900 or the Android web browser, it works quite well — though, only for full-text feeds.
  • Filters: With tt-rss, you can create filters on feeds. So, for example, I am automatically publishing articles from the Techdirt feed that I’ve written, or I can auto-delete posts for a particular series or author that I’m not interested in to custom tailor a feed to my interests. It’s very useful for automating certain actions or reducing noise on a high-traffic feed.
  • Custom CSS: I suppose you could customize Google Reader’s styles with a GreaseMonkey script or something, but tt-rss offers custom CSS overrides and multiple themes out of the box, which is great for setting some more readable default colours.
  • API: tt-rss has an API, which allows for Liferea integration, an Android client, etc.
  • Authentication support for protected feeds: Like Liferea, tt-rss provides support for feeds requiring authentication.

As with Liferea, tt-rss gives me control over how frequently updates run, since I schedule the update job. But that control also comes without the downside of missing content if I’m away from my feed reader for a while; unlike a desktop client that needs to be open to retrieve new content, tt-rss does so in the background from the server, so it can still track new entries while I’m away. It has the benefits of Google Reader’s persistent background updates, while still giving me control over frequency and scheduling. I have the update job set to run a few specific times through the day, and tt-rss gives you the option to set an even longer update interval for any given feed.

While I was initially migrating from Google Reader to Liferea, Tiny Tiny RSS is quickly becoming my primary feed reader, while Liferea will become my primary desktop client for tt-rss and home for less frequent/important/non-full-text feeds.

Other Web Clients: NewsBlur is another web-based, free software feed reader, which is based on a more modern web stack and seems to have some neat features. I have yet to try it, and I’m not sure of the state of its mobile or API/desktop integration, which are two things I really like in tt-rss. It’s worth taking a look at though for sure. NewsBlur.com has a hosted service, if you aren’t able to run your own web server or don’t have a friend who’s running one.

Conclusion

My migration away from Google Reader is essentially complete. I have less than a dozen feeds remaining there, but mostly old or broken feeds. I no longer log into Google Reader to read anything, though I’ve got one more round of cleaning to do to empty my account. I’m currently split between Liferea and tt-rss, but with Liferea 1.8, I’ll be able to integrate the two. I also have other libre options to explore with NewsBlur and RSSOwl.

There is nothing that I miss about Google Reader, and if anything, with an embedded browser, native desktop options, integrated comments, control over update scheduling, feed filters, and authentication support for protected feeds, I have a lot of useful features now that I didn’t have with Google’s proprietary service — nevermind more software freedom and less surveillance.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (5)

Degooglifying (Part I): Email

I’ve begun to write about free (libre) network services, and the hazards of being a tenant on the web instead of a property owner. I began slowly moving away from Google in 2009, but I’ve accelerated that process since the launch of Google+. I thought I’d begin to share my process of degooglification.

To be clear, I still generally trust and respect Google, and I do believe they’re generally less evil than most, but…

  1. Despite great support for open source software, they remain a proprietary software company at their core. Google is a friend to open source infrastructure, but not to free (libre) network services. Specifically, it’s the proprietary network services I’m degoogling from.
  2. The sheer amount of data — email, contacts, documents, calendar, RSS feeds, social graph, phone calls, photos, GPS location, nevermind web searches… — aggregated into a one single account with a proprietary service provider is an obviously bad idea. Even if Google never intends to do anything bad with it, they can make mistakes. Even if Google never does anything bad itself, it’s a single vector for attack from an outsider. And it’s not your account.

Email is one of the easiest services from which to degooglify. It’s also a good example of a multi-step transition.

Changing the front-end

The first thing I did was to stop using the Gmail web interface. I configured my Gmail account in Thunderbird, which I was already using for other email accounts. Google’s commitment to data portability often makes it easy to switch your front-end software before switching the back-end, which can make a transition much smoother. Rather than cutting over cold turkey, you can ease into a new interface. My Gmail account is still active, but it rarely sees any important email anymore. I’ve transitioned 99% of my email to other accounts on domains I control (like this one).

Changing the Backend

Gradually, I started using my blaise.ca email addresses instead of my Gmail account, until eventually I wasn’t getting much email through Gmail anymore. With my Gmail account configured in Thunderbird, it was easy to archive the contents on my computer. You can access Gmail labels as IMAP folders and just copy email from one account to another, and Thunderbird will even offer to synchronize a local copy of your Gmail account. I never used Gmail contacts, but an export and import to Thunderbird would get your data out (more on contacts another time). Lastly, I’m still monitoring my Gmail account via Thunderbird, but I could set an auto-reply and/or forwarder if I really wanted to force that last 1% over. I will probably do that eventually.

Other Considerations

There are a few other perks of a Gmail account that are pretty easy to get from libre alternatives:

  • Hosted: Not everyone is going to run their own mail server, or have a friend or family member who does. But there are hosted, libre services, like riseup.net
  • Storage space: in 2004, 1 GB of email was a huge game changer. Today, it’s not very hard to get that kind of storage space on a server for cheap.
  • Chat: Google uses the open standard XMPP for its chat service. I run my own XMPP server, and there are public Jabber services like jabber.org. I’ve simply added my Gmail contacts to my blaise@blaise.ca XMPP account. More on chat another time.
  • Conversations: The Conversations add-on provides Gmail-style conversations inside Thunderbird.
  • Spam filtering: Gmail has a good track record on spam filtering, but SpamAssassin, ClamAV and a greylisting policy can produce great results on your own server nowadays. I don’t get any more spam to my blaise.ca inbox than I do to my Gmail inbox.
  • Webmail: I love Thunderbird, but not everyone wants to use a desktop client, and you’re not always on your own computer. Roundcube is already a great free software webmail client, and it hasn’t even hit 1.0 yet. Many hosting providers already offer Roundcube to their customers.
  • Mobile: With IMAP, my email is easily accessible from and synchronized between Thunderbird, Roundcube, and my mobile computer’s IMAP client.

Email is probably the easiest thing to degooglify. It can be a smooth, gradual transition, and there are lots of good alternatives, as well as benefits from leaving Gmail. Over the next while, I’ll share my ongoing efforts to degooglify other aspects of my online life.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (8)

Thumbs Down for “Like” Culture

When the “Like” button was first introduced on Facebook, it was a useful alternative to leaving a comment, another way to show you were paying attention, but it crept from posts to comments and pages, and it now permeates every aspect of the Facebook experience and defines the entire ethos of the site. What was at first a secondary option to conversation has been enshrined as the primary and defining characteristic of Facebook. Not only is it often a superficial way to interact with someone else, by just hitting “like,” but it also influences and shapes what people post and share.

Just as stand-up comedians are trained to be funny by observing which of their lines and expressions are greeted with laughter, so too are our thoughts online molded to conform to popular opinion by these buttons. A status update that is met with no likes (or a clever tweet that isn’t retweeted) becomes the equivalent of a joke met with silence. It must be rethought and rewritten. And so we don’t show our true selves online, but a mask designed to conform to the opinions of those around us.

Now, we rarely “show our true selves” offline either, but it’s not self-presentation that impairs authentic social interaction. It’s when automated, superficial interaction becomes the dominant mode of communication. A “Like” or +1 may be better for Facebook or Google than a comment — a simple binary value is easier for their algorithms to tally — but that’s not the kind of human interaction that drew me to social media.

There is so much more value in online social networking than the popularity contest, than merely pressing digital levers, like lab rats looking for pellets of social affirmation. Social technology can enable intimate and in-depth conversations where time, space and fate might otherwise not allow. Ambient awareness can maintain ties that distance and a loss of common circumstances might otherwise break. The ease of organizing can enable groups and communities to thrive where, offline, they might be dispersed. Yet, I’ve seen less of this in the evolution of Facebook and other social media, and more encouragement of the lab rat lever-pushing type interaction. Deep, rich, intimate and profound interactions — expressions of love, nostalgia, unity, shared memories, the meeting of minds, bonds of friendship or common experience — these are much harder for an algorithm to make use of than a binary +1 or “Like.”

Don’t let thumbs and plus ones be substituted for authentic social interaction online.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (1)

Google+ exists to organize people, but I don’t want to be “organized”

There are many things I like about Google+, but, beyond being yet another proprietary social networking service, something just doesn’t sit well with me about Google’s primary purpose. Comments by Brad Horowitz that Google+ will be connected to everything Google are a good example of what concerns me:

Google+ is Google itself. We’re extending it across all that we do — search, ads, Chrome, Android, Maps, YouTube — so that each of those services contributes to our understanding of who you are [emphasis added]

Maybe I’m naive or wrong, but it never seemed like the primary motivation behind Gmail was to sell more ads. It felt like an innovative email service that Google was able to monetize with relevant, contextual ads, not merely a means to improve Google’s ad business. But Google+ feels different. Google’s primary interest is to get access to more social information, not to create a better social networking service. Buzz or Google+ are just the means for Google to gather social data.

As Fred Wilson said with respect to Google+ as an identity service:

It begs the question of whom Google built this service for? You or them. And the answer to why you need to use your real name in the service is because they need you to.

Google is often pretty good at aligning its interests with that of its users. For example, the more useful their ads are to users, the better Google does. Or, the better your web browser is, the more you use the Internet, the more Google thrives. But with Google+, it feels like the desire for an identity data mining tool well precedes their desire to provide a useful social networking platform.

Google+ is not first and foremost “a place for friends” or a way for student life to find expression online. From Google’s hyper-engineer perspective, we are just things to be organized in the process of organization the world’s information. They’ve organized web sites, photos, maps, calendars, videos, books — now, they’re just organizing people.

Maybe Google+ is really no different from other Google services. Maybe I’m just different. I don’t want my relationships with other people, my identity, to be treated as ultimately just data to harvest, information to organize, inputs to a proprietary Google algorithm, a way to teach Google about me as some sort of data structure. Google+ seems to exist more for Google than it does for me.

I don’t want to be treated as just a thing to be organized.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (1)

Four Criteria for Free Network Services

I’m increasingly critical of network services — software that you use on someone else’s server to do your own computing. We rely on computers more and more for our work, social lives, civic engagement, health, education and leisure, and more and more that means relying on networking services rather than our own personal computers. There are serious trade-offs to living as a tenant online, rather than a property owner. I’ve been reconsidering the network services I use and rely on, especially in the shift to mobile computing.

The work of Autonomo.us has heavily influenced my thinking. Also of note is Stallman’s essay on software as a service (though he does more to identify the problems than recommend solutions). I essentially agree with the Franklin Street Statement from Autonomo.us. As a user of network services, I’ve narrowed it down to four major criteria to look for when deciding whether to trust a service on freedom and autonomy.

  1. Free (libre) software
  2. Control over data
  3. Privacy / Encryption
  4. Distributed Systems

Note: This is more of a working list than an attempt at a formal definition. For example, I’m not sure that #3 and #4 should be required, even though I believe they are important. Feedback is welcome.

1. Free (libre) software

Free (libre) or open source software licenses designed for network services, like the GNU AGPL, help guarantee the software will respect users’ freedoms. The arguments for software freedom have been addressed at length elsewhere, but the freedom to run the software yourself is particularly relevant here since, unlike desktop software, you often have the choice of letting someone else run the software for you. Even if you don’t run the software on your own server, having the freedom to do so ensures that you can still run the service in the event that the service provider shuts down — a frequent concern with proprietary web startups after acquisition or failure. And, even if you can’t run the software yourself, with all four freedoms, chances are someone else will. The broader case for software freedom is made at length elsewhere.

Network services should respect users’ freedoms. LibreProjects.net has a good list of free web services and alternatives.

2. Control over data

If users want to leave a service provider, can they take their data with them? Open standards are important. Open standards allow other software to read and understand your data. Open standards also allow you to mix the software you use on the client and server or across multiple devices more easily. Not only does this make migration more realistic, but it makes transitions smoother.

Google’s network services aren’t often free (libre) software, but Google does have a strong commitment to open standards and making your data easily available. I’ve used many Google services from non-Google clients: Gmail from Thunderbird, Evolution and Modest; Google Calendar from Lightning, Evolution, and my N900; Google Reader from Liferea and grr; Google Talk from Empathy, Pidgin, and my N900, etc. I’ve been able to switch my client-side software before changing the back-end. This makes it possible to transition to new services gradually, in smaller steps, with less disruption.

Facebook has a download feature, but it’s slow, and it just chucks all of your data into a giant zip file rather than putting it into formats that other software or services could understand. Facebook has also actively blocked services that export your data to other providers. Your data is available for download, but not in a very useful way.

Migrations are not always planned. On your own server, you have the master key. With a service provider, if you lose access to your account because it’s cracked or cancelled suddenly, will you also lose access to your data? Or will you have an up-to-date copy locally? Open standards often help make it possible to keep a local copy up-to-date, but this isn’t always the default way we use these services. A synchronization service will typically maintain a complete local copy of your data, but services intended to be accessed through the web often require additional client-side set up
on the user’s part to make this happen (e.g. using Thunderbird or OfflineIMAP to keep a local copy of your Gmail email, or using Google Sync to keep a local copy of your calendar and contacts). Or, the services may only offer data dumps as backup. Does a service let you keep a complete local copy of your data easily in your everyday usage? Even if you primarily use the web interface, setting up a desktop client for regular use can help maintain a local copy of your data without having to consciously download backups.

Lastly, public data that is intended to be shared should be available under a free and open licence. Identi.ca uses CC BY for public user data. Libre.fm focuses on freely licensed music. This gives control over public content to the community, rather than just the service provider.

Network services should let users control their data, using open standards to give users control of their personal data and free licences to give the community control over public data. Despite having a very mixed record on other criteria, Google is a good example of open standards done right. Free (libre) and open source tools are also usually good with open standards. Identi.ca is a good example of licensing public data freely.

3. Privacy / Encryption

My concern with privacy isn’t so much what a service provider’s policies are, but who has access to the data in the first place.

With the launch of Google+, I’ve been quite relieved that I’ve moved a lot of my important data out of Google over the past few years. It’s one thing for Google to have my email or my social graph or my documents, but the volume of data that would be in one place using all of Google’s services is astounding. Google is generally a well-meaning company, but I wouldn’t want any single organization to have everything that Google might have: my email (love letters, job applications…), address book (contacts and their private information), documents (budget, resume, business plans), calendar (activities, habits, regular whereabouts), RSS feeds (passions, interests, and political, intellectual, religious leanings), instant messaging (chat logs with friends, lovers, co-workers), my social graph (strong ties, relationships), my phone calls (the ability to recognize my voice from Google Talk or Google Voice), my photos (facial recognition and identification of my family, friends, colleagues) — nevermind all of the revealing personal information contained in web searches! There are lots of questions regarding each type of data and whether or not you’d want to trust it with someone else, but the aggregation of all of it into a single account is a more noticably bad idea. It’s a recipe for disaster in the event of a privacy leak or breach, oppressive government actions, a supeona, the loss or revocation of your account, etc.

Furthermore, some things I simply don’t want on someone else’s computer ever. I’ve felt comfortable trusting service providers like Google with my email in the past, but I’ve never been comfortable trusting them with my entire address book — that’s not just my data, but other people’s private information too. Similarly, I would never want my personal journal on someone else’s computer — that’s just too private.

However, Mozilla does a fantastic job of handling private data. With Mozilla Weave (i.e. Firefox Sync), not only is it free (libre) software that you can run on your own server, but your data is encrypted on the server. A user has two passwords — one to authenticate with the server, another to encrypt the data locally. Since encryption happens locally, the server only sees the encrypted data and never sees your second password. Mozilla doesn’t even ask for the information to decrypt your Firefox Sync data. You can use their server to sync your data across computers, but it’s only ever decrypted on your computers, not the server. If you use Mozilla’s server instead of your own, Mozilla still won’t have access to your data.

I wish more services providers would do this. I understand it doesn’t work for services that are meant to be accessed directly on the server through the web, but at least for synchronization services it seems like a privacy no-brainer. Funambol, for example, is a great libre software data synchronization server for mobile devices, but I don’t think their gratis service at my.funambol.com encrypts your data. I suppose they have a web interface on their server, but I’d rather run my own Funambol server in the absence of Weave-style encryption, whereas I don’t mind using Mozilla’s Firefox Sync service at all.

Encryption of data in transit is another concern. Does a network service or web application offer encrypted methods of communication? Or is your private data being transmitted out in the open? Gmail now offers HTTPS by default. Facebook and Twitter offer an “Always use HTTPS” setting. The EFF has developed a Firefox add-on that uses HTTPS wherever possible. I’ve started using basic StartSSL Class 1 certificates, which are available at no cost to individuals, in order to encrypt traffic on my home servers.

A good network service should take privacy seriously, and offer encryption wherever possible. I’m not sure that this should be a requirement for a free network service, but it’s an important consideration before using a service hosted by somebody else. However, a service that may fail to adequately protect your privacy as a hosted service could still provide an acceptable self-hosted solution.

4. Distributed Systems

Email is a common example of a distributed set of protocols. If Bob uses Hotmail and Sally uses Gmail, they can still communicate with each other. Telephony provides another example; Bell customers can phone Rogers customers, and vice versa. This is the ideal — choosing a service provider independently from the people with whom you want to communicate. Distributed systems strengthen the Internet, creating fewer points of failure or censorship, more opportunities for expression and innovation, more freedom and autonomy for users. This isn’t always relevant for network tools or synchronization services aimed at individuals or small groups compared to social network services and communications tools.

Most online social networking services are walled gardens. Facebook users can only talk to other Facebook users, MySpace users can only talk to other MySpace users, etc. In this environment, social pressure has negative effects on freedom and autonomy. You might not feel comfortable using Facebook, but if that’s where your social circles are active, you’re faced with the choice of being left out or using a service provider with which you’re uncomfortable.

Google Talk makes it clear that it doesn’t have to be this way. Rather than developing their own proprietary walled garden instant messaging service, Google used the open standard XMPP (aka Jabber) for its chat service. With XMPP, you can chat with people on other servers. I have a Jabber account on my own server (and there are dozens of public Jabber servers), and I can still talk with (or call) people on Gmail Chat. I’ve left Google Talk, but I’m not cut off from Google Talk users. Compare that to Skype, which has so far relied on a proprietary VoIP protocol that only lets Skype users call other Skype users (short of bridging to traditional telephony).

In the social networking space, there are efforts like GNU Social/StatusNet and Diaspora to develop distributed solutions. StatusNet has already had some success implementing an open standard for distributed status updates. I’m curious whether Google+ might advance the cause of distributed social networking services (even slightly), given Google’s commitment to distributed systems and open standards elsewhere, and their development of new standards like OpenSocial.

Social network services should be distributed, allowing users to communicate across service providers. Email, traditional telephony, XMPP/Google Talk and GNU Social/Diaspora are all good examples of this. I’m not sure that this should be a strict requirement for a free network service, but the freedom to run the software on your own server is pretty useless for some social applications if you can’t communicate with people on other servers.

Conclusion

Identi.ca, the flagship StatusNet site, is a perfect example of a free network service. It’s free software (AGPL), implements open standards and documented APIs for accessing your data, they’ve pioneered an open standard for distributed networking, and public updates are licensed freely. I’m happy to use Identi.ca.

Mozilla’s Firefox Sync is a good example of a free network synchronization service. Data is encrypted, it’s free software that can be run on another server, and bookmarks are stored locally in a format that other applications can read. I’m comfortable using Mozilla’s service for Firefox Sync.

AGPL network sync services like Funambol and Snowy are also libre services (free software, open standards or documented formats), but in the absence of Mozilla-style encryption, I’d prefer to run them on my own server. The FreedomBox Foundation has been working on an easy way to run libre services from a home server, and make them available to others. I currently use a combination of always-on GNU/Linux home computers available remotely and some dedicated servers that I manage. Even without your own server, you can use free (or more freedom-friendly) hosted services like riseup.net for email, jabber.org or others for instant messaging, my.funambol.com for mobile sync, Mozilla Firefox Sync for bookmarks and browser data, Identi.ca over Twitter, Voip.ms (SIP) over Skype, Libre.fm over Last.fm, etc. If you’re looking to try out some of the self-hosted services, I do have Snowy, Funambol, and Tiny Tiny RSS running on my home server — contact me if you’d like an account to try them out.

The process of disentangling from proprietary network services can take some time, but it’s well worth it for the sake of freedom and autonomy, even when it may be challenging in the short-run. If you can’t leave a proprietary service right away, recognizing where it fails to meet these criteria can help you take some important steps in the meantime.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (8)

Is Firefox missing the point in its response to Google Chrome?

[This post originally appeared on Techdirt.]

Seth Godin thinks Firefox is missing the point by launching new features in response to Google Chrome. He says the problem now is that “when your friends switch to Firefox, your life doesn’t get better.” Firefox needs to provide people with an incentive to spread it, so that the more people use it, the better it gets for users (think of a social networking site — you have a better experience if more of your friends join). He suggests new communication and collaboration features that only work if you have Firefox.

I think he’s missing the point.

He ignores the Firefox community. The life of a Firefox user does improve as the user base grows. A more vibrant community means better add-ons, bug fixes, security patches, phishing reports, translations/dictionaries, etc. — all members benefit. Mozilla is already providing the sort of incentive he describes. Sure, there may be ways to improve, but I don’t think they’re missing the point.

Plus, “only for Firefox users” isn’t the Mozilla approach. Mozilla wants to improve the web for everyone — not just Firefox users. Mozilla thinks your browser should be like your phone or your car; it shouldn’t matter if your friends or co-workers are using the same product. You don’t need to consider which phone carrier your friend uses before making a call, or which car your co-worker has before providing directions; you shouldn’t have to think about what browser someone uses before communicating with them online. People don’t need special browser-specific features in order to communicate browser-to-browser, that’s what web services (or add-ons) are for. Those kinds of features would make life on the web more difficult for everyone if they were Firefox specific, and if they weren’t, Google could just implement them in Chrome.

The community is one thing Firefox has that Chrome can’t copy overnight.

If you read some responses to Chrome from people at Mozilla, it doesn’t seem like they’re missing the point. Competition in the browser market is validation of Mozilla’s mission for Firefox, and Mozilla plans to compete by continuing to innovate and to involve the community. Seth Godin makes a great observation about giving people an incentive to spread your product — “people will recommend something if adoption improves their lives” — but he doesn’t mention the ways in which Mozilla has already taken that to heart. How do you think Firefox became popular in the first place?

[Read the comments on Techdirt.]

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment

Australia: From Toronto to Sydney

We’ve arrived.

After parting with family in Toronto, we barely made it past airport security. That is, as Heather picked up her bags to walk away after being cleared and she dropped her boarding pass and stepped on it. She was ready to keep walking too, if I hadn’t spotted it. Close call!

On the flight to Vancouver, Air Canada gave me a whole can of ginger ale rather than just filling the tiny plastic cup. You come to appreciate these things very much when it’s $10 for a freaking sandwich on a 5 hour flight. (They were much more generous on the 15 hour flight to Sydney, but I don’t suppose that was by choice.)

I still don’t understand many airplane rules around electronics. I did a bluetooth sync between my Palm Pilot and my laptop over the Pacific and the plane didn’t crash. Why can I read a book on descent, but not read from the screen on my laptop or Palm?

Being without an Internet connection for so long has got me thinking about better ways to work offline. In Vancouver, I found some WiFi to quickly download new items from Google Reader using Google Gears. That got me thinking about where else could I use Gears (which is released under a free software license, by the way). Could my company use Google Gears for NateOffice for offline access to the CRM, calendar, etc as opposed to developing tools to sync with specific desktop clients? Could Gears being used in WordPress (plug-in possibly?) to make it easier to write offline? I don’t know much about Google Gears, but now I’ve got some motivation to start doing some research and play around with it.

Also, reading offline has been a welcome experience, but it’s also got me wondering why it has to be that way (offline, that is). More to come on that soon, after I do a bit more reading…

Upon arrival in Sydney, we spent the day running a few errands and scoping out the city for our return in a few weeks. I tried to sign up with 3 mobile, but it turns out they only have a 3G network (go figure). I ended up going with Optus across the street and getting a decent deal, which works out to ~10 cents per international text (as opposed to Rogers’ 60+) with a $30 AUD prepaid plan (which included the SIM card). I don’t plan to make any calls, though it’ll be nice to have the option in case we need to make last minute reservations or cancellations on the go. For phoning home, I’ve got WengoPhone working in Ubuntu. It’s less than 2 euro cents a minute for a call to a phone in Canada from my computer, which crushes anything Optus (nevermind Rogers) can offer, even considering the cost of WiFi around here (~$2-3/hour —> ~3-5 cents/minute).

We had a chance to visit Darling Harbour briefly and scope out the hotel we’re staying at during World Youth Day. We swung by the World Youth Day office to ask a few questions and pick up some information too. The excitement was contagious!

We still have no idea what we’re doing after check out in about 12 hours, but I guess that’s half the fun! Canberra is next on the itinerary… after we get some rest.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (2)

Google is making Nick Carr and Matt Asay stupid

(Note: A revised version of this article has been posted on Techdirt.)

Matt Asay writes about Nick Carr’s article in the July issue of The Atlantic, “Is Google making us stupid?” I’m not so sure that you can make such a generalization, but the Internet certainly seems to be making Nick Carr and Matt Asay stupid.

There are some valid concerns nested in there, but the tone is attention seeking and hyperbolic. More importantly, Carr seems (note: haven’t been able to read the full article) to be jumping to the wrong conclusions, as appears to be typical. What really irks me is how people make the wrong distinctions with respect to digital technology. People tend to liken it to analog technologies when it’s dissimilar (e.g. people who believe DRM is possible), and treat it like something entirely different when it is similar (e.g. now).

How is Google’s or Wikipedia’s role of “brain extension” all that different from something like paper? Sure, it’s much more powerful and works on a completely different scale, but if the fear is that we aren’t exercising our brains enough because we rely on Google, how does the same concern not apply to paper? Paper plays a role of brain extension, whether it’s through notes we write for ourselves or books we reference from a library.

According to the Radar Online, Carr writes in the article:

[S]cholars examined computer logs documenting the behavior of visitors to two popular research sites, one operated by the British Library and one by a U.K. educational consortium, that provide access to journal articles, e-books, and other sources of written information. They found that people using the sites exhibited “a form of skimming activity,” hopping from one source to another and rarely returning to any source they’d already visited. They typically read no more than two pages of an article or book before they would “bounce” out to another site. Sometimes they’d save a long article, but there’s no evidence that they ever went back and actually read it.

I’m sorry, but how is this “chilling” (as the Radar comments)? I don’t understand why this is a problem. I skim a ton of stuff online and often make quick judgments as to whether or not its worth my time. There’s a lot of crap in the long tail. But there are also a lot of worthwhile things. Skimming is human filtering, it’s a necessary and useful part of processing the vast amount of information available online. I’m not going to read everything I find on the web. Most articles I will scan quickly, but there are many other things that I read in detail and at length.

What’s wrong with skimming?

And then there’s Matt’s attack on Twitter…

Speaking of Twitter, am I the only one who views it as further evidence of a soundbite culture that struggles even to think beyond 140-character blips?

Come on! It’s a medium! What about the famous quote? “I’ve written you a long letter because I haven’t had time to write a short one.” (paraphrased – usually attribute to Mark Twain, but it appears it may be Blaise Pascal). It’s harder to be concise. Regardless, Twitter is a medium, it’s micro-blogging. Just because you make use of a different medium doesn’t mean that it controls your thinking or prevents you from using other mediums. Did telegrams make people stupid? I use the Internet to update my Facebook status and to write 2500 word emails to stay in touch with close friends.

Twitter doesn’t make people stupid.

Nor does Google or Wikipedia or anything else. People are just stupid irrespective of technology. Myself included. I don’t do stupid things because of technology, I do stupid things because sometimes I do stupid things. We may see stupidity manifested in different ways on different mediums, but I have a hard time believing that the medium is to blame.

I’ll be watching for the article in its entirety when it comes online…

Update: The article is online. I was expecting a little more evidence, less storytelling and speculation. To Carr’s credit, he does acknowledge the counterexample of paper. Though, he doesn’t explain why skimming is problematic, aside from worrying that we’re becoming “mere decoders of information,” like computers. Did paper cause people to become mere transmitters of information? We aren’t deprived of our ability to reflect or think deeply by using Google’s search engine or by skimming through blog posts.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (1)