Blog - Unity Behind Diversity

Searching for beauty in the dissonance

Tagged: internet

Four Criteria for Free Network Services

I’m increasingly critical of network services — software that you use on someone else’s server to do your own computing. We rely on computers more and more for our work, social lives, civic engagement, health, education and leisure, and more and more that means relying on networking services rather than our own personal computers. There are serious trade-offs to living as a tenant online, rather than a property owner. I’ve been reconsidering the network services I use and rely on, especially in the shift to mobile computing.

The work of Autonomo.us has heavily influenced my thinking. Also of note is Stallman’s essay on software as a service (though he does more to identify the problems than recommend solutions). I essentially agree with the Franklin Street Statement from Autonomo.us. As a user of network services, I’ve narrowed it down to four major criteria to look for when deciding whether to trust a service on freedom and autonomy.

  1. Free (libre) software
  2. Control over data
  3. Privacy / Encryption
  4. Distributed Systems

Note: This is more of a working list than an attempt at a formal definition. For example, I’m not sure that #3 and #4 should be required, even though I believe they are important. Feedback is welcome.

1. Free (libre) software

Free (libre) or open source software licenses designed for network services, like the GNU AGPL, help guarantee the software will respect users’ freedoms. The arguments for software freedom have been addressed at length elsewhere, but the freedom to run the software yourself is particularly relevant here since, unlike desktop software, you often have the choice of letting someone else run the software for you. Even if you don’t run the software on your own server, having the freedom to do so ensures that you can still run the service in the event that the service provider shuts down — a frequent concern with proprietary web startups after acquisition or failure. And, even if you can’t run the software yourself, with all four freedoms, chances are someone else will. The broader case for software freedom is made at length elsewhere.

Network services should respect users’ freedoms. LibreProjects.net has a good list of free web services and alternatives.

2. Control over data

If users want to leave a service provider, can they take their data with them? Open standards are important. Open standards allow other software to read and understand your data. Open standards also allow you to mix the software you use on the client and server or across multiple devices more easily. Not only does this make migration more realistic, but it makes transitions smoother.

Google’s network services aren’t often free (libre) software, but Google does have a strong commitment to open standards and making your data easily available. I’ve used many Google services from non-Google clients: Gmail from Thunderbird, Evolution and Modest; Google Calendar from Lightning, Evolution, and my N900; Google Reader from Liferea and grr; Google Talk from Empathy, Pidgin, and my N900, etc. I’ve been able to switch my client-side software before changing the back-end. This makes it possible to transition to new services gradually, in smaller steps, with less disruption.

Facebook has a download feature, but it’s slow, and it just chucks all of your data into a giant zip file rather than putting it into formats that other software or services could understand. Facebook has also actively blocked services that export your data to other providers. Your data is available for download, but not in a very useful way.

Migrations are not always planned. On your own server, you have the master key. With a service provider, if you lose access to your account because it’s cracked or cancelled suddenly, will you also lose access to your data? Or will you have an up-to-date copy locally? Open standards often help make it possible to keep a local copy up-to-date, but this isn’t always the default way we use these services. A synchronization service will typically maintain a complete local copy of your data, but services intended to be accessed through the web often require additional client-side set up
on the user’s part to make this happen (e.g. using Thunderbird or OfflineIMAP to keep a local copy of your Gmail email, or using Google Sync to keep a local copy of your calendar and contacts). Or, the services may only offer data dumps as backup. Does a service let you keep a complete local copy of your data easily in your everyday usage? Even if you primarily use the web interface, setting up a desktop client for regular use can help maintain a local copy of your data without having to consciously download backups.

Lastly, public data that is intended to be shared should be available under a free and open licence. Identi.ca uses CC BY for public user data. Libre.fm focuses on freely licensed music. This gives control over public content to the community, rather than just the service provider.

Network services should let users control their data, using open standards to give users control of their personal data and free licences to give the community control over public data. Despite having a very mixed record on other criteria, Google is a good example of open standards done right. Free (libre) and open source tools are also usually good with open standards. Identi.ca is a good example of licensing public data freely.

3. Privacy / Encryption

My concern with privacy isn’t so much what a service provider’s policies are, but who has access to the data in the first place.

With the launch of Google+, I’ve been quite relieved that I’ve moved a lot of my important data out of Google over the past few years. It’s one thing for Google to have my email or my social graph or my documents, but the volume of data that would be in one place using all of Google’s services is astounding. Google is generally a well-meaning company, but I wouldn’t want any single organization to have everything that Google might have: my email (love letters, job applications…), address book (contacts and their private information), documents (budget, resume, business plans), calendar (activities, habits, regular whereabouts), RSS feeds (passions, interests, and political, intellectual, religious leanings), instant messaging (chat logs with friends, lovers, co-workers), my social graph (strong ties, relationships), my phone calls (the ability to recognize my voice from Google Talk or Google Voice), my photos (facial recognition and identification of my family, friends, colleagues) — nevermind all of the revealing personal information contained in web searches! There are lots of questions regarding each type of data and whether or not you’d want to trust it with someone else, but the aggregation of all of it into a single account is a more noticably bad idea. It’s a recipe for disaster in the event of a privacy leak or breach, oppressive government actions, a supeona, the loss or revocation of your account, etc.

Furthermore, some things I simply don’t want on someone else’s computer ever. I’ve felt comfortable trusting service providers like Google with my email in the past, but I’ve never been comfortable trusting them with my entire address book — that’s not just my data, but other people’s private information too. Similarly, I would never want my personal journal on someone else’s computer — that’s just too private.

However, Mozilla does a fantastic job of handling private data. With Mozilla Weave (i.e. Firefox Sync), not only is it free (libre) software that you can run on your own server, but your data is encrypted on the server. A user has two passwords — one to authenticate with the server, another to encrypt the data locally. Since encryption happens locally, the server only sees the encrypted data and never sees your second password. Mozilla doesn’t even ask for the information to decrypt your Firefox Sync data. You can use their server to sync your data across computers, but it’s only ever decrypted on your computers, not the server. If you use Mozilla’s server instead of your own, Mozilla still won’t have access to your data.

I wish more services providers would do this. I understand it doesn’t work for services that are meant to be accessed directly on the server through the web, but at least for synchronization services it seems like a privacy no-brainer. Funambol, for example, is a great libre software data synchronization server for mobile devices, but I don’t think their gratis service at my.funambol.com encrypts your data. I suppose they have a web interface on their server, but I’d rather run my own Funambol server in the absence of Weave-style encryption, whereas I don’t mind using Mozilla’s Firefox Sync service at all.

Encryption of data in transit is another concern. Does a network service or web application offer encrypted methods of communication? Or is your private data being transmitted out in the open? Gmail now offers HTTPS by default. Facebook and Twitter offer an “Always use HTTPS” setting. The EFF has developed a Firefox add-on that uses HTTPS wherever possible. I’ve started using basic StartSSL Class 1 certificates, which are available at no cost to individuals, in order to encrypt traffic on my home servers.

A good network service should take privacy seriously, and offer encryption wherever possible. I’m not sure that this should be a requirement for a free network service, but it’s an important consideration before using a service hosted by somebody else. However, a service that may fail to adequately protect your privacy as a hosted service could still provide an acceptable self-hosted solution.

4. Distributed Systems

Email is a common example of a distributed set of protocols. If Bob uses Hotmail and Sally uses Gmail, they can still communicate with each other. Telephony provides another example; Bell customers can phone Rogers customers, and vice versa. This is the ideal — choosing a service provider independently from the people with whom you want to communicate. Distributed systems strengthen the Internet, creating fewer points of failure or censorship, more opportunities for expression and innovation, more freedom and autonomy for users. This isn’t always relevant for network tools or synchronization services aimed at individuals or small groups compared to social network services and communications tools.

Most online social networking services are walled gardens. Facebook users can only talk to other Facebook users, MySpace users can only talk to other MySpace users, etc. In this environment, social pressure has negative effects on freedom and autonomy. You might not feel comfortable using Facebook, but if that’s where your social circles are active, you’re faced with the choice of being left out or using a service provider with which you’re uncomfortable.

Google Talk makes it clear that it doesn’t have to be this way. Rather than developing their own proprietary walled garden instant messaging service, Google used the open standard XMPP (aka Jabber) for its chat service. With XMPP, you can chat with people on other servers. I have a Jabber account on my own server (and there are dozens of public Jabber servers), and I can still talk with (or call) people on Gmail Chat. I’ve left Google Talk, but I’m not cut off from Google Talk users. Compare that to Skype, which has so far relied on a proprietary VoIP protocol that only lets Skype users call other Skype users (short of bridging to traditional telephony).

In the social networking space, there are efforts like GNU Social/StatusNet and Diaspora to develop distributed solutions. StatusNet has already had some success implementing an open standard for distributed status updates. I’m curious whether Google+ might advance the cause of distributed social networking services (even slightly), given Google’s commitment to distributed systems and open standards elsewhere, and their development of new standards like OpenSocial.

Social network services should be distributed, allowing users to communicate across service providers. Email, traditional telephony, XMPP/Google Talk and GNU Social/Diaspora are all good examples of this. I’m not sure that this should be a strict requirement for a free network service, but the freedom to run the software on your own server is pretty useless for some social applications if you can’t communicate with people on other servers.

Conclusion

Identi.ca, the flagship StatusNet site, is a perfect example of a free network service. It’s free software (AGPL), implements open standards and documented APIs for accessing your data, they’ve pioneered an open standard for distributed networking, and public updates are licensed freely. I’m happy to use Identi.ca.

Mozilla’s Firefox Sync is a good example of a free network synchronization service. Data is encrypted, it’s free software that can be run on another server, and bookmarks are stored locally in a format that other applications can read. I’m comfortable using Mozilla’s service for Firefox Sync.

AGPL network sync services like Funambol and Snowy are also libre services (free software, open standards or documented formats), but in the absence of Mozilla-style encryption, I’d prefer to run them on my own server. The FreedomBox Foundation has been working on an easy way to run libre services from a home server, and make them available to others. I currently use a combination of always-on GNU/Linux home computers available remotely and some dedicated servers that I manage. Even without your own server, you can use free (or more freedom-friendly) hosted services like riseup.net for email, jabber.org or others for instant messaging, my.funambol.com for mobile sync, Mozilla Firefox Sync for bookmarks and browser data, Identi.ca over Twitter, Voip.ms (SIP) over Skype, Libre.fm over Last.fm, etc. If you’re looking to try out some of the self-hosted services, I do have Snowy, Funambol, and Tiny Tiny RSS running on my home server — contact me if you’d like an account to try them out.

The process of disentangling from proprietary network services can take some time, but it’s well worth it for the sake of freedom and autonomy, even when it may be challenging in the short-run. If you can’t leave a proprietary service right away, recognizing where it fails to meet these criteria can help you take some important steps in the meantime.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (8)

WIND Mobile Launches Reasonable Data Plans In Canada

WIND Mobile’s pricing plans brought a breath of fresh air to the Canadian wireless landscape last December, but customers have been asking for less expensive data. WIND offered a great $35/month unlimited data add-on, but nothing below that for general purpose data.

Well, today, WIND announced new data add-ons. Just like their voice plans (and unlike what I was used to with Rogers), WIND’s data add-ons are brilliantly simple and easy to understand.

Here’s my take:

Add-On Social Charged Infinite
Cost $10/month (+ overage)
 
$20/month (+ overage)
 
$35/month. Period.
 
Data Included 50 MB/month
 
500 MB/month
 
unlimited
 
Overage rate 20¢/MB
$10 / 50 MB
 
4¢/MB
$20 / 500 MB
 
n / a
 
Monthly break-even 100 MB
x 20¢/MB = $20
 
875 MB
x 4¢/MB = $35
 
n / a
 
My Thoughts Makes sense if you only use mobile data occasionally, or for mostly text.

e.g. My mom, who uses mobile data mostly for email, and occasionally to browse the web
 

Makes sense if you browse the web regularly, and stream/download audio or video sometimes.

e.g. My fiancée, an average web user (email, social networking sites, chat, photos, maps, the occasional audio/video stream)
 

Makes sense if you stream/download audio or video a lot, or if you want to tether your mobile device with your laptop.

e.g. A geek like me, especially if I’m tethering, though I might even consider downgrading to Charged.
 

The monthly break-even point is not necessarily the long-term break-even point. Even if you go over the monthly break-even point occasionally, a smaller plan might be less expensive on average over time.

Pay Before to cap spending. If you’re concerned about overage charges, you can go Pay Before and only put in as much money as you’re willing to spend each month. Unlike other carriers, WIND offers Pay Before customers access to the same plans and add-ons.

Although these rates only apply in Home Zones, WIND is expanding it’s Home Zones daily, with the ambition of building a national 3G network. Right now, the Home Zones are Toronto, Calgary, Vancouver, Ottawa and Edmonton.

No More Getting Ripped Off

Coming from a family that’s been ripped off by Rogers for way too long, this is a breath of fresh air. Working through a Rogers bill involves a labyrinth of plans (fixed versus flex rate, Pay-As-You-Go versus regular wireless), vague details, ridiculous contracts, outrageous early cancellation fees, and sales reps who don’t understand half of it. The game is to do a detailed analysis of your usage and their offerings (including the fine print and hidden costs), and try to match them up as best you can. Otherwise, Rogers will happily take as much of your money as it can. Bell and Telus are hardly different.

I’m thankful for a wireless company that is trying to earn money by making things easy to understand, rather than profiting from confusion.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Comments (5)

How is a three strikes proposal supposed to work for mobile data?

Honestly, I still have trouble convincing myself that the push by the record industry to implement a three-strikes-and-you’re-out (that is, three-accusations-and-you’re-kicked-offline-for-a-year) system is actually happening, that grown men and women running companies claim—with a straight face—that this will save failing business models. It’s just so ridiculous. But the IFPI’s recent claims that it can surgically remove one person from the Internet without affecting the rest of a household have got me thinking about mobile data. Cellular providers are becoming Internet Service Providers. Would three accusations of unauthorized file sharing cut you off from mobile data too? What’s to stop someone from getting a 3G USB stick to connect to the Internet? Either the record industry is that much more ridiculous and they’re also taking on mobile carriers, or there’s another giant loophole in an already insane plan.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment

Information Serendipity In Different Mediums

I’ve been meaning to comment on Mathew Ingram’s defence of newspapers and serendipity. Clay Shirky has been talking about the bundling that occurs in newspapers as a mere accident of print, something that was only necessary given the constraints of paper, but doesn’t make sense otherwise. Mathew disagrees:

Is there a purpose in aggregating the horoscope and the weather and the news about the coup in Tegucigalpa? I think there is, and I think newspapers do a pretty good job of it.

It’s not just because they have to — although that’s part of it. Maybe I’ve just been trained as a newspaper reader for my whole life, but I like the serendipity of tripping over fascinating articles about things I would never have known even existed were it not for a newspaper. To take the Saturday Globe and Mail as an example, I read about an up-and-coming Muslim hockey player, a profile of Paul Shaffer, a review of the punk band Gossip, an article about contentious city council politics in Aurora and a great feature on retirees and their vanishing pensions.

Just two days before Mathew’s post, my friend Emilie and I were having the same conversation. She reads the newspaper daily and made the same defence. I used to read the paper regularly when I was commuting to school in Grade 9, but more recently, I’ve come to get my “news” through Gwibber and Google Reader. It’s not that Mathew or Emilie don’t use the web, but they both have found something valuable in newspapers that the web hasn’t been able to offer — information serendipity (by that, I mean serendipity with respect to encountering ideas). Mathew continues,

Could links to those stories show up in my RSS reader? Possibly – but I doubt it. The mix is just too eclectic. And I would never have sought out the article about the Muslim hockey player, because I don’t particularly care about hockey and therefore I would likely never have come across it. Would the retirement piece ever make it to Techmeme or some similar aggregator? I doubt it. But it was still worth reading. And so were the half-dozen or so articles I can’t recall right now, which I tripped across as I read the paper. I would never have deliberately sought them out either.

I think Mathew’s missing one of the most serendipitous aspects of the web — the social aspect. I wouldn’t likely stumble upon those sorts of articles through my RSS subscriptions (though I’m subscribed to some pretty eclectic stuff), but through Google Reader shared items (e.g. Turadg Aleahmad shares some really interesting things, like this Wikipedia article on Mamihlapinatapai). I stumbled across Valaam chant through a friend’s Facebook posted items the other day, a genre of music that’s entirely new to me and will likely influence my own music. I find interesting links through Twitter/Identi.ca every week that are outside my regular areas of interest (e.g. this video riding blog from Sunday). I may follow someone who shares some interests in common with me, but that doesn’t mean their other interests are my usual fare. Information serendipity here is social.

Then, beyond the social, Mike Masnick was writing about serendipity of search a few weeks before Mathew’s post:

There’s a separate side of having search so ingrained in our lives that isn’t often explored: the serendipity of search… I do a countless number of searches during the day — it’s ingrained to quickly and automatically jump to the search box all through the day — and usually two or three times per day, I end up going down a fascinating, if unexpected path to learning something new and interesting. Usually, it’s related to what I was originally searching for, but leads me on a trail of additional information, well beyond what I expected to learn. Other times, it may be a total tangent, but still one that ends up being useful and relevant in odd and unexpected ways.

A couple days after Mike’s post, I was watching Margaret Visser’s The Geometry of Love with the RCIA group at the Newman Centre. She makes a passing comment in the video about the serendipity of browsing through the stacks at Robarts Library — yet another type of information serendipity.

Beyond information serendipity, there’s a likelihood of social serendipity (in encountering people rather than ideas) that exists in a communications medium like the web that you wouldn’t find in a newspaper. On any medium, it’s not so much a question of whether there’s an element of serendipity as it’s a question of what that serendipity is like.

Information serendipity on the web is different than in newspapers. There’s information serendipity in bundling, in proximity, in linking, in social connections, and then there are other types of serendipity altogether, like social serendipity. I think it’d be really interesting to dig deeper and explore the differences…

Information Serendipity in Wikipedia

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment

Unlocking An iPhone Is Not Freedom; Zittrain Argues For Civic Technologies

Cato Unbound has an outstanding online debate going on right now about Lawrence Lessig’s book Code and Other Laws of Cyberspace as it hits 10 years. Declan McCullagh started things off with a post entitled, “What Larry Didn’t Get,” offering a libertarian critique of Lessig’s approach and accusing him of favouring “technocratic philosopher kings.” Jonathan Zittrain has the latest post, “How To Get What We All Want,” which focuses on the similarities between McCullagh and Lessig and takes a middle ground between libertarianism and government regulation, arguing for civic technologies. Adam Theier has a post going up on Friday, and Lessig himself will have the last word on Monday. I highly suggest you check it out, if you’re at all interested in these issues and haven’t seen it already.

Now, I haven’t yet read Zittrain’s book, The Future of the Internet — And How To Stop It, but from the sorts of things I’ve read about it, I don’t think I share his pessimism. However, one line in his contribution to the debate really resonated with me. After talking about the dangers and limitations of proprietary technologies controlled by vendors (e.g. iPhone, Kindle, Facebook), he remarks:

This is the future of the Internet that I want to stop, and it’s small solace that geeks can avoid it for themselves if they can’t easily bring everyone else with them. [emphasis mine]

I get so frustrated when people rationalize the locked down nature of the iPhone by saying that they can just unlock it. Unlocking an iPhone is not freedom. (1) It still rewards Apple, the maker of the chains, through the purchase; (2) it’s a disservice to the vast majority of people who don’t have the skills to unlock their devices.

I strongly believe that if geeks want to do something useful to solve the problems that Lessig and Zittrain identify, it has to involve supporting free (libre) technologies that don’t have any chains, instead of just buying into proprietary technologies and removing their own chains.

The counterargument to Zittrain’s thesis isn’t a jailbroken iPhone; it’s an OpenMoko Freerunner.

This is why Zittrain holds up Wikipedia as an example of a civic technology; he notes the fact that Wikipedia is licensed freely. Free culture and free software are what produce civic technologies.

I don’t share his pessimism, but I sympathize with his argument for civic technologies.

Civic technologies seek to integrate a respect for individual freedom and action with the power of cooperation. Too often libertarians focus solely on personal freedoms rather than the serious responsibilities we can undertake together to help retain them, while others turn too soon to government regulation to preserve our values. I don’t think .gov and .com never work. I just think we too easily underestimate the possibilities of .org – the roles we can play as netizens rather than merely as voters or consumers.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment

The Importance Of Realizing Your Content Is Probably Available Online For Free

This post originally appeared on Techdirt.

We talk a lot about how it makes sense for people to make their content available online for free and adopt business models that take advantage of that, rather than complain about “piracy.” While unauthorized file sharing is usually illegal, it’s pretty silly to pretend that it doesn’t happen or that you can stop people from sharing stuff they like with others. That said, artist Evan Roth has launched an “Available Online For Free” prank-style promo campaign for his new art exhibit (via Urban Prankster) by creating stickers that can be snuck onto products in a store to advertise the fact that… well, they’re probably available online for free. (“Available Online For Free” is the name of the art exhibit and the exhibition book is, not surprisingly, available as a free download.) While it’s probably not a good idea to go around putting these stickers onto products in a store (disclaimer: I wouldn’t recommend it — the pictures are kind of funny… but you likely won’t make friends with the store owner), the campaign is a pretty creative and humorous way of stating the obvious — anything that can be, will be available online for free, one way or another. Making your content freely available online doesn’t mean that you can’t still find ways to sell it, but you need to recognize that this is the lens through which a lot of people see products on a shelf. If you don’t realize that yet, you may be in for a lesson via sticker sometime soon…

Read the comments on Techdirt.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment

Surprise, Surprise: Canadians Aren’t Interested In ISP Levies

This post originally appeared on Techdirt

Michael Geist points to two new polls released by Angus Reid Strategies, which show that Canadians are overwhelmingly against the idea of ISP levies. It should come as no surprise that 79% of people surveyed about the possible Canadian content levy on new media said it would be an “unnecessary and/or inappropriate fee that would end up being passed along to consumers.” In another survey on file sharing, 45% of people said that downloading music free of charge was just “what people should be able to do on the Internet,” while only 3% believed that downloaders are “criminals who should be punished by law.” 27% said that it’s something people shouldn’t be doing, but that “it’s not a big deal.” 73% of people thought that a music tax was “unnecessary and/or inappropriate” (which ought to disappoint a few Canadian creator groups calling for this sort of thing…).

The survey also found that those who download music are “often the most voracious music enthusiasts,” more likely to buy a CD in the next month (41% vs. 34% of non-file sharers) and more likely to have attended a concert in the past year (65% vs. 52%), which should, again, not surprise many people around here. This is just another bit of evidence that “piracy” is not a problem and, instead of pushing for ISPs to collect levies or act as copyright cops, musicians should focus on connecting with fans and giving them a reason to buy. Though, somehow, I don’t expect the whining to stop anytime soon…

Read the comments on Techdirt.

Creative Commons Attribution-ShareAlike 4.0 International Permalink | Post a Comment