I’m going to be taking the rest of the month off, and since Disintermedia remains a one-man-band, that means it will be dormant until then. When I return, I need to give some serious thought to the future of the project.

When I originally registered the domain name, I was intending to build an organization of kiwis interested in tech politics. That didn’t work out, so it’s ended up being a tech politics blog and research wiki written and curated by lonely old me. The team behind CoActivate have been fantastic hosts for more than a decade, but mucking about with my used Androids has revealed just how far behind the times the platform is falling. CoActivate projects are hard to read on a mobile device, and pretty much impossible to edit or interact with, so unless and until we can bring the platform up to date, continuing to host Disintermedia means being unavailable to the majority of potential readers.

The other major change that’s happened over the last few years is that I’ve got more and more involved in the development of the fediverse, The growing federated social media network that includes projects like Mastodon and PeerTube. The fediverse also includes a number of federated blogging tools like Plume, write.as, and WriteFreely, which allow people to follow blogs and comment on them from within their preferred social media app. A good example is We Distribute, a blog about federated networks, which uses the Pterotype plug-in for Wordpress, Without an update to the software under the hood of CoActivate, the only way I can make Disintermedia blog posts available on the fediverse is posting links using my Mastodon account, hosted by the NZOSS.

I’ve thought a lot about moving to self-hosting a blog, wiki, and other services for Disintermedia (perhaps email and Jabber too). Maybe using a self-hosting tools like YUNOhost or FreedomBone. I know it would involve some serious upskilling, and probably some headaches and unexpected outages, “best laid plans of mice and men” and all that. On the other hand, it would also give me a lot more practical knowledge about the software I research and blog about and allow me to make more informed suggestions about what software to use for the needs to different communities.

Another thing I’ve seriously considered is just closing the doors. Maybe merging the work I do with Disintermedia into a larger organisation, like the Free Software Foundation, or the Peer-to-Peer Foundation. Or even completely rethinking how I’m using all the unpaid time I put into Disintermedia and the movements I research and write about under this umbrella. If anyone has any feedback or suggestions on these possibilities, and I’d really appreciate you sharing them

Filed August 8th, 2019 under open social networks, News

Here’s the testing report for VOICE testing session #2. TL;DR we tested with three people and had a pretty good voice chat, although figuring out how to get group chat going took a bit of experimentation. Thanks to Naughtylus (@Naughtylus@fosstodon.org) for the write-up.

As I mentioned in the report on the first testing session, VOICE (VOICE Organized Investigation of Chat Engines) is an informal app testing group, trialing free code apps to see how well they handle voice chat, especially with groups. We aim to have a group chat testing session at least once a month, on a Sunday, starting at 8:00 UTC, with the first Sunday of the month as the default. We are currently using a Matrix chat room to confirm the timing of testing sessions, as well as for discussion about available apps and related topics: #voicechat:matrix.org

VOICE Scheduled Testing Session #2

Sunday 21 July, 8:00 UTC

Candidate: Jami (previously known as GNU Ring)

Previous Session: Test Session #1

Comments by: @Naughtylus@fosstodon.org

VOICE (VOICE Organized Investigation of Chat Engines) is an informal app testing group, trialing free code apps to see how well they handle voice chat, especially with groups. We aim to have a group chat testing session at least once a month, on a Sunday, starting at 8:00 UTC, with the first Sunday of the month as the default. We are currently using a Matrix room to confirm the timing of testing sessions, as well as for discussion about available apps and related topics: #voicechat:matrix.org

For this second instance of our scheduled test sessions, we tried the distributed text, voice, and video chat app Jami. Jami is part of the GNU project, was previously known as Ring, and used SIP technology for voice and video calls. As of late, though, Savoir-faire Linux has begun shifting the technology stack of the app from centralised (using servers) to distributed (using peer-to-peer technologies), and rebranding it as Jami. The app currently features one-to-one text, video, and audio chat, as well as audio and video conferencing (but not text as of yet). Everything is encrypted by default (there’s not even an option to turn it off) and the only servers used are the bootstrap nodes for the DHT and those used to lookup users from their username, but both are configurable.

So we set out to test the audio conference feature, we would have liked to try the video as well, but one of us was staying at a hotel and didn’t have the bandwidth for it. While an audio call is simple enough to place in Jami (there are big buttons where you’d expect them), an audio conference (with more than two participants) is an other beast entirely. If @AmarOk@mastodon.social (one of the Jami devs) hadn’t asserted the feature was implemented I’m not sure we would have found it.

To set up a conference in Jami, first call one of the intended participants, then once the call is established, call a second one. That will put the first call on hold. At this point you have two ongoing calls, if you resume the first one, you’ll be able to hear and speak to the two other participants, but they won’t hear each other. That’s not what we want, so what you actually have to do, is drag and drop the first call onto the second one (or the other way around, we still haven’t figured that one yet). Now your UI should show two ongoing calls, but everyone is able to hear each other. On their end, though, their UI should display only an ongoing call with you, which prompts me to think your node is actually acting as relay and there is no direct connection between the other two participants.

In this experiment the longest conversation we’ve sustained was 22min long, with a 5min monologue with no noticeable delay and very few skips in audio, so an overall quality on par with what we previously tested with Jitsi in Riot. It should also be noted that some of us were 22 000 km apart from each other and that the major source of instability in the audio was the poor hotel wifi.

We also tried to mess around with the UI to see if and how we could break it, and it really wasn’t that difficult. First, if you’re hosting the call (that is if you’re the one that did the drag and drop voodoo), you can’t mute your audio, clicking mute on any of the two ongoing calls updates the UI but doesn’t do anything. (I’m not sure if that’s intentional, but I suspect it has to do with the host acting as a relay and piping the audio of the other participants. So muting would in effect mute them as well.) Second, putting any of the calls on hold when you’re hosting flat out breaks the whole conference, you can’t resume anything after that. Just don’t do it.

There was only three of us, so this is about the extent of what we were able to test, and I’m curious to see how it plays out with more participants.

So overall, impressive quality for a peer-to-peer solution, but the UI/UX could use some improvement.

Filed August 2nd, 2019 under Uncategorized

A lot of people in privacy advocacy circles have been tut-tutting about the trackers that were identified in Purism’s Librem Chat software, a distribution (modified version) of the source code developed by New Vector for the Riot chat app. According to the Purism folks, they inherited these trackers from the Riot source code and while they failed to completely remove them from that version, newer versions have succeeded and are tracker free.

Some folks seem to think that this situation looks bad for Purism. Initially, there was the claim that they’d been caught not really caring about privacy, despite their marketing to the contrary. Then, when it was revealed that Purism hadn’t added the trackers themselves, they were accused of failing in their duty of care, by putting their brand name on a piece of software without noticing the trackers in it. No doubt, as the news filters out that they did notice them, but failed to remove every trace of them completely, the claim will change to one of incompetence.

But is that really fair? Another way of telling the story is that Purism put in significant effort to clean up free code produced by another company, resulting in a more privacy respecting chat app for users. One they don’t even charge for, because they make their money from selling hardware and running online services that they charge a subscription for (including the Librem Chat service that their distribution of Riot connects to by default). OK, they didn’t get it right the first time, nobody is perfect, but they were upfront about the problem and got it fixed.

Even if they hadn’t thoroughly audited the code, that’s not always considered necessary. Does every GNU/Linux distribution check every line of the Linux kernel before releasing it with their name on it? Some of them might (eg the ones that use the deblobbed Linux-libre fork of the kernel), but mostly the Linux kernel team are trusted to know what they’re doing. The same goes for a lot of other core components of GNU/Linux.

There was a time when the amount of source code being released under free licenses was so small, and the people using it so geeky, that a lot of it did get checked quite thoroughly before being used, let alone reused in other software. Generally, it felt safe to trust that the potential for dodgy stuff in free code to be discovered, and its creators publicly shamed, was enough to discourage anyone from putting it in there. With so much free code now being released by random people on the net, this is no longer a safe assumption, even when it comes to established open source communities and companies. But still, we generally give well established open source communities, like the Riot team, the same benefit of the doubt. As a user called Shilu put it in a discussion on the PrivacyTools.io forum:

“[It] seems bizarre that Riot would include these trackers by default.”

The other problem is the massive pressure on people developing software to ship it yesterday. One of the many consequences of this, as software gets more complicated and more modular, is more reuse of code by importing modules or plug-ins, and especially updates to them, without checking anything but their license and maybe who maintains them. So as with the trackers from Riot, stuff slips though, and sometimes with much more serious consequences.

Source code being available makes this less likely, and easier to identify and fix, but it can’t and doesn’t stop it completely. As with the Amazon Lens debacle, we also need to make sure that someone other than the author and their collaborators reads the code, carefully examining what the software does, and talks publicly about any problems they see with it (after a responsible delay to give the authors a chance to fix the problem). This is precisely why the four freedoms laid out in the Free Software Definition are important, and why laws that make some aspects of studying technology illegal, like the “anti-circumvention” provisions of the US DMCA (Digital Millennium Copyright Act), are so backwards and need to be thrown out.

Filed July 10th, 2019 under free software, open source

Back in 2016, I wrote a blog piece about modular mobile devices. Sadly, pretty much all of the projects I mentioned at the time got canned. Those that survive tend to be the least modular, like the Fairphone, which is repairable, but but not modular in the sense that Project ARA was intended to be. When I attended the 2018 Platform Cooperative conference in Hong Kong, there was a lot of talk about ways of making computer hardware more available to smaller companies, allowing them to develop their own devices. I still like the idea of allowing the end user to pop components in and out of their devides like lego blocks, for all the reasons I mentioned in that 2016 piece. Maybe cooperatively owned device makers could be the way to make it happen?

In the meantime, if there’s anyone out there looking for an open hardware project, here’s a mobile device design you’d have at least one customer for. The basic idea is a tablet mainly used for offline media consumption - reading books, listening to podcasts - but can also be used for casual communication, when there is a WiFi connection available. All components would ideally use chipsets that can run with only free code software.

Hardware:

  • E-Ink touchscreen, the size of a small-to-medium tablet
  • replaceable SDcard for the OS
  • separate SDcard expansion slot for added storage
  • full size USB port (or smaller port with dongle) for connecting USB sticks/drives
  • WiFi (with hardware switch)
  • Bluetooth for wireless headphones, keyboards etc and for file transfer (with hardware switch)
  • standard headphone jack
  • camera and microphone for communications (with hardware switches)

Software

  • Free code touchscreen OS that is compatible with the e-ink screen and can run F-Droid and Android apps (Replicant OS?)
Filed June 29th, 2019 under open hardware, Makers

It seems I have a ghost profile on FarceBook. I didn’t set this up and I don’t control it. I finally got into my old account a few days ago and realized I’d set it up using another pseudonym, so it wasn’t the one that kept coming up in web searches, with a picture of me as the profile picture. Someone must have scraped a picture of me from the web (maybe from the Disintermedia wiki?) and set this up for spam purposes. I wonder if I can prove I’m me and get it shut down?

I first tried to delete my account as part of an organized Quit FaceBook Day back back in 2010. I put quite a bit of effort into researching how to do it and, as far as I knew, it was gone for good. However, I started to read rumours that even “deleted” accounts could be reactivated if you just logged into them, so I tested the theory. Sure enough, my account was back. I couldn’t see the point in going through all the deletion theatre again, so having already emptied it of all the personal information I could, I just abandoned it.

Recently, I had thought about turning it into a portal that gave some information about why I don’t and won’t use FB, with links to the federated social media services I am currently using. But since the account attached to my Disintermedia email address is under another name, it’s not really much use for that. I can’t change the display name without giving FB my cell phone number and a bunch of other personal information, which I have no intention of doing. So I’ve deleted it again and I’m hoping, given the new requirements about the “rightsto be forgotten” in the European Union’s GDPR (General Data Protection Regulations), that this time, it’s for good. Watch this space …

Filed June 12th, 2019 under open social networks

Sunday 09 June, 8:00 UTC

Candidate: Riot.im (Matrix client)

VOICE (VOICE Organized Investigation of Chat Engines) is an informal app testing group, trialing free code apps to see how well they handle voice chat, especially with groups. We aim to have a group chat testing session at least once a month, on a Sunday, starting at 8:00 UTC, with the first Sunday of the month as the default. We are currently using a Matrix room to confirm the timing of testing sessions, as well as for discussion about available apps and related topics: #voicechat:matrix.org

For our first scheduled testing session, we tried the voice/ video chat integrated with Riot, a client for the federated chat protocol Matrix. Riot can do voice/video group chat, using a “widget” (add-on) that connects a Matrix chat room to a hosted instance of Jitsi Meet (see also the demo at meet.jit.si). All three participants were using Riot, so no idea if this works for Matrix clients other than Riot.

I initially tried to join in using the Android version of Riot. After a bit of trouble connecting to the chat, I was able to connect and talk to the other two participants for a while. The sound quality was good and there was very little delay. The other two participants carried on a discussion for a couple of hours, with no problems. I however, got booted from the chat after a few minutes and wasn’t able to reconnect. I tried again with the web version of Riot on my laptop, and with the Electron version, but wasn’t able to connect to the voice chat with either.

My mobile device is running Android 4.4.4 and I’m behind the Great Firewall of China. So any problems I have are not necessarily a reflection on the app being tested. In this case, I suspect jitsi.riot.im – the URL for Riot’s instance of Jitsi – is being blocked by the GFC. Although that doesn’t explain why I was able to connect with the Android app for a while. Maybe it has a different way of connecting to the Jitsi chat than the web app? But if so, it’s still odd that it worked and then stopped.

The Riot client warns users that the chat feature is experimental. As long as you’re using an up-to-date OS and not in China, it seems like a good option for an informal group chat. In future, if they can get it really stable, it could be a great supplement to the team chat features of Matrix.

Originally published using write.as

Filed June 10th, 2019 under free software

FarceBook have been getting a lot of heat since the mosque shootings were livestreamed on their platform. But the software freedom movement seem to be able the only people talking about the ambitious solution that’s really required; replacing FB with ethical services controlled by the people who use them, not a tech corporation and its data buyers and advertisers. There are a people saying that we need a federated replacement for FB, using free code software. But is that really a viable solution? Here’s what I think would be required to create one.

First, we’d need a large-scale, crowdsourced UX (User eXperience ) design project. This would involve current FB users explaining exactly what features they use and how they use them, and a group of designers gradually building up mockups of a replacement UX. The designers would go through a number of iterations of presenting their mockups to the users for feedback and tweaking their designs in response. The outcome of this project would be a coherent UX design for both a website and native apps for desktop and mobile platforms.

During the course of the UX design project, a list of required features/ functions would need to be compiled. Decisions would need to be made about which of these could be implemented on the client-side (as many as possible, particularly data storage) and which would need remote servers. The second part of the project would involve identifying which of the features required by the UX could be implemented using existing free code components, which ones would need new code, and how the whole service could fit together efficiently. This would be a complicated set of decisions, because although building completely from scratch would be reinventing the wheel, the alternative requires evaluating hundreds or thousands of potential dependencies for code quality, and how likely it is to be maintained effectively in the long term.

The third part of the project, once the choices about initial design and back-end component re-use/ development had been made, would be to put the whole thing together as a proof-of-concept service. At this point, people who participated in the original crowdsourced UX design project could be contacted to see if they would like to be beta testers. Again, there would need to be a number of iterations where the service and UI was tweaked in response to tester feedback.

Unless there is some way to make our FB replacement an entirely serverless system like Jami or Briar, the long-term organizational and financial durability of instances (servers running the federated server software) is a problem that needs to be solved before federated social networks are ready for mainstream use. During the prototyping phase some serious thought would need to be given to how to provision the servers the production services will rely on. Our experiences with the fediverse so far have shown that we can’t just rely on random people setting up instances, which may vanish without a trace at any time. If our FB replacement ties users to a domain name, as the ActivityPub fediverse does, there will need to reliable organizations running instances (like cooperative businesses, associations with paid membership, or well-funded charities). It would be better if it used Zot (like Hubzilla and Zap), configured in such a way that every user’s account exists on at least two instances at any given time, so if one goes down, the account is automatically copied from the surviving one to another one.

Once the alpha and beta phase of prototyping was finished, and a stable 1.0 release of both the client-side apps and server-side software was available that included tools for importing users’ data from their FB account (a tasks that I imagine FB do everything in their power to make as difficult as possible), there would need to be a massive organizational and promotional effort to get reliable instances set up, and convince groups of users to set up accounts and start using them.

Some might say I’m making this seem way more complicated than it needs to be. After all, we’ve already created a federated replacement for Titter. But my whole point is that FB is a much more complicated system to replace and people are much more dependent on it. Titter has only two features, a public micro-blog (short text messages published on the web), and private text messages, and the fediverse as a whole has only implemented the first one. Some fediverse apps have “private” messages, but they don’t yet federate reliably across all apps and most (eg the Mastodon/ Pleroma DMs or “Direct Messages”) are private only in the sense they are not displayed publicly on those platforms. DMs sent to servers running other fediverse apps are liable to just treat them like any other public post. Only servers running Zot apps have any kind of encryption or proper controls over private messages and media.

FB consists of a wide range of features; not just posts, but an event system, encrypted realtime chat (including voice/ video), photo-sharing and galleries, web video and video livestreaming, pages, groups, and more. Many of these features have both public and private versions. While FB’s privacy protection is far from exemplary, a system being promoted as an ethical replacement would need to take this seriously. Many existing free code projects offer some of the elements needed to create a FB replacement, but none of them are anywhere near incorporating them all, and the problem of hosting remains unsolved.

In summary, I’m sceptical about trying to replace FB with a single service. I think we’re more likely to succeed by disaggregating its many features, replacing them with apps that do one thing well; chat clients, media-hosting services, events systems etc, and finding ways to bundle them together into community-hosted services that can each inter-operate with each other.

It’s a great relief to see long serving political satire website The Civilian back online, after an unexplained outage last week. Along with the web videos of White Man Behind A Desk, The Civilian, which bills itself as “all the news that’s fit on a page”, is one of the few exponents of political satire left in Aotearoa. In tribute to both of them, here is a piece inspired by the ill-informed sabre-rattling about regulating social media companies, by officials in NZ. In case anyone is in any doubt, this is satire!

 <satire>

Global government network Facebook has put social platform NewZealand on notice that stricter regulation may be on the way. “NewZealand may have more than four million users”, said Facebook Local Government Minister Nick Clegg, “but that doesn’t mean it can expect to operate as a law unto itself”. In a public statement on the tragic deaths of more than fifty users using the Mosque feature of Christchurch, a branded subsidiary of NewZealand and part of the SouthIsland suite of services, Clegg accused NewZealand of allowing serious “hate speech” on its platform. “The management of NewZealand are responsible for everything that happens on its platform”, he said, “they can’t hide behind claims of being service providers allowing people to interact freely with each other. They are the publisher, not the postman”, he said, adding “their NZPost service is the postman, not them.”

Clegg also hit out at NewZealand for failing to pay all its advertising taxes, claiming that the platform only gives Facebook a few million dollars a year, despite having millions of Facebook citizens using its services. He also pointed out that Facebook citizens upload large volumes of free lifestyle and business content to NewZealand each year, allowing its executives to bring in millions of dollars in campaign contributions.

As a former executive of rival platform UnitedKingdom, Clegg is intimately familiar with the responsibilities and challenges involved in managing a large social platform. UnitedKingdom was formed as a merger between three older social platforms, England, Scotland, and TheOtherOne. They also acquired Ireland, but later spun it off as a separate entity, keeping only the marketing and communications wing, Northern. When asked about the reasons for the split with Ireland, UnitedKingdom pointed to poor quarterly returns to the parent company, and alleged harassment against the staff of the other platforms.

Clegg was also involved in the launch of Brexit, a massively popular user polling app that led to UnitedKingdom trying to split away from the federated platform EU, which has become popular in Europe. EU allows users to move back and forth between member platforms, using the same address and password, as if they all had a user account on each one. While some UnitedKingdom executives continue to claim that their users gain far more from the services of other European platforms than they provide to their users, others claim that membership of the EU constrains the ability of UnitedKingdom to set their own Terms of Service and Privacy Policy, or that their servers and bandwidth have been overwhelmed by the numbers of users coming in from other platforms.

While Facebook has yet to announce any policy on the Brexit app, they have made public statements echoing those directed at NewZealand, pointing out that UnitedKingdom has to take responsibility for the effects of the Brexit app on users. If the UnitedKingdom Board of Directors is unable to come to a decision about the future of their server-sharing arrangements with the EU, Facebook may be forced to use anti-trust rules in its Terms of Service to split up UnitedKingdom, allowing some of its apps to continue inter-operating with the EU, while others become stand-alone services.

</satire>

Filed April 19th, 2019 under Uncategorized

Update 2019-05-17Adrian Cochrane, the developer of the Odysseus web browser, has also been working on a proposal for a post-Javascript web.

—————————

“If you’re seeing this message, that means JavaScript has been disabled on your browser. Please enable JavaScript to make this website work.”

- TechAsia.com

I use a browser add-on called NoScript, to choose if and when a website can run Javascript on my computer, and I’m getting pretty sick of websites refusing to even display text and images if I don’t agree to run their (often proprietary) Javascript. Let’s start telling both website developers and web browser engineers, loud and clear, that it’s time to #MakeJavascriptOptional!

Javascript is unique among programming languages, because the programs written in it are routinely downloaded and run on a person’s computer (in their web browser) without their knowledge or consent. It has been the subject of criticism by everyone from experienced software engineers and computer security researchers, to privacy campaigners and software freedom activists. Bad Actors can use Javascript to abuse people while they use the web, by tracking them (and there have been designs for tracking users with Javascript since 2006, if not longer), by spying on them (and this sort of spying has been going on since 2010 if not longer), by hijacking their computers, and so on.

Almost every time you open a browser tab and go to a website, another batch of invisible programs starts running on your computer, every one of them using up a bit more of your computer’s processing power and system memory. As each one starts running, it makes your computer a bit more sluggish and less responsive to you, like a kind of digital alcohol. Obviously, this degrades the user experience of the web, but most people don’t even realize it’s happening. They blame their internet connection, or assume their computer is just getting too old and they need a newer one, not realizing their computer could run much faster if it wasn’t carrying so much unnecessary Javascript. As well as using up system resources on the computers of web users when they run, the same Javascript programs are sent to millions of computers, over and over again, every time the websites that use them are visited, which is a wasteful use of both server resources and internet bandwidth.

So what can be done? Some people just disable Javascript in their web browsers, but that has the major downside of breaking the vast majority of the web, even a lot of ethical services running free code software (like CoActivate). Others use NoScript to tell us when a page wants to run scripts in our browser, and which web domain they are being served from, and allows us to choose if and when to let them run. Other add-ons focus on blocking specific kinds of threats that exploit Javascript, including anti-tracking tools like the EFF’s Privacy Badger (or the Privacy Possum fork) and adblocking tools like uBlockOrigin.

These kinds of tools are like wearing a suit of armour to protect against shark attacks while surfing, they can work, but they come with a fair bit of inconvenience. The long-term solution is to evolve the web so that we can eventually do without Javascript, just as the upgrade to HTML5 means we can add multimedia like audio, video, animations, and games, to the web, without proprietary plug-ins like Java, Flash, or Silverlight.

One recent trend in website design is to use a static website generator to create sites that display text, media, and links, with a sane page layout, using only basic web languages like HTML and CSS. This works fine for simple personal homepages, or  “brochureware” sites for community groups, public services, and businesses. But some web developers argue that the features Javascript can add to make web pages into “web apps” are arguably worth the costs. The federated photo-sharing app PixelFed recently modified its landing page to remove all the Javascript, which is a welcome move. But once you log in, you still need to allow the site to run some Javascript if you want to share photos and use the rest of the app’s features.

Other web developers have been coming up with proposals for replacing Javascript with other technologies that could provide the same benefits, the extra-for-experts features you can’t code in pure HTML/CSS, without its the downsides. New standards like WebAssembly have already been created to allow other, more robust languages to be used instead of, or alongside Javascript. Other developers argue that Javascript is fine for prototyping new kinds of web services, but before they’re rolled out for mainstream use, these features ought to be standardized, and build into the browser itself, or native apps. Like static sites, this would mean these chunks of code wouldn’t need to be sent over the net millions of times a day, every time users visit the same website.

One thing the developers of web browsers could do very easily to improve the situation, at least in the short term, is the same things they’ve done with cameras and microphones; ask the user’s permission. When a website wants to run Javascript, ask the user if they consent to that, and ask them if they want the browser to remember that decision next time it’s asked to run scripts from that source. In other words, build the functions of NoScript into every web browser.

It could also help to build a wiki to crowdsource information about what kinds of scripts websites are trying to fetch from this or that domain name, and what they do. Some scripts, like those from FontAwesome, just provide freely licensed fonts and icons, while others, like any associated with major web advertising companies, are almost always trackers of some kind, spying on website users. Making this kind of information available from a trusted source would help users that currently use NoScript to decide whether to allow them or not, and if opt-in Javascript does become a standard feature of web browsers, it would benefit everyone who uses the web.

Filed April 3rd, 2019 under free software, security

Firstly, my heartfelt condolences must go out to everyone affected by the tragic events in Ōtautahi (Christchurch) last Friday. Secondly, I’d like to express my admiration for all the young people who took part in the School Strike for Climate activities that same day. Even while we express our sadness at being in the shadow of a dark cloud, we must remember that there is so much more power in the sunshine than in the darkest cloud.

Laura O’Connell Rapira, Director of ActionStation.org.nz, sent out a wonderful email about how we can support the survivors of Friday’s tragedy, which I totally endorse, with one very important exception. Here’s my reply:

 

Kia ora Laura,

Thanks for your compassionate and helpful email at this difficult time. I have signed the petition on banning public ownership of semi-automatic weapons in Aotearoa. I note that having Police roaming the streets with guns in their cars did nothing to prevent this tragedy, while that policy has led to a number of tragedies of its own making. I hope to see ActionStation campaigning to end the policy of providing beat cops with firearms, and redirect resources into making sure our appropriately trained Armed Offenders Squads have everything they need to respond quickly and effectively when things like Friday’s tragedy happen.

Moving on to the rest of your email, I agree with most of what you say, but as I’ve expressed in previous emails, I have some serious concerns about this part:

“TAKE ACTION TO END HATE SPEECH 

For the last few months, our team has been researching the links between online hate, online misinformation and the rise in hate crimes

One thing is abundantly clear: Extreme words lead to extreme actions. We need to do all we can to stop both.

Sign this petition that we’re delivering in a couple of weeks if you want our government to crackdown on online hate and misinformation

I support an end to hate speech and misinformation online.”

I certainly share this goal, as an activist who has been involved in running internet forums since the 1990s, including about 7 years in the editorial collective of Aotearoa Indymedia. But with all due respect, I have to say I think you are going about it exactly the wrong way.

I strongly believe that venues where people can express ignorant opinions and have them firmly but respectfully challenged are - aside from being essential to a functioning democracy - also an essential safety valve that can help to prevent more tragedies like what happened on Friday. What better venue could there be for this than the internet? On the net, arguments can’t escalate to physical violence between participants, as they can in person. Online, we can all make informed decisions about whether or not to engage in the spaces where these kinds of discussions take place, and if we do, use the opinions expressed as a guide to who we might want to connect with, ignore, mute, or even block from seeing or contacting us. Online discussion platforms need to be engineered to put that power in the hands of us, the end users, not corporations or governments. For example, the open source community designing software using the SSB (Secure Scuttlebutt) protocol have a set of principles for how they are going about that.

I think the censorship strategy ActionStation is arguing for is not only ineffective in achieving our shared goal, but counterproductive to it. Why?

For a start, I don’t accept your generalization that “extreme words lead to extreme actions”. I think it’s just as arguable that extreme actions can result from an inability to blow off steam through words, or from feelings of frustration, alienation, and injustice, that can arise in people unable to openly express their honest opinions.

It’s also important to consider the psychological principle of “negative reinforcement”, which states that whenever any behaviour earns someone attention or reactions it is encouraged, even when that attention is negative. Positive Parenting courses integrate this principle by encouraging parents to give their children lots of attention for behaviour they like (”caught being good”), and minimal attention to behaviour they don’t like, ignoring it completely if possible. On the net, this principle is known as the “Streisand effect”, and it’s long been recognized that trying to suppress anything online only increases interest in it, multiplying the problem like the Sorcerer’s Apprentice chopping up his broom.

So not only is trying to suppress racist speech online likely to have exactly the opposite effect, it may also have a more dangerous one. As Three Arrows pointed out in his web video debunking Jordan Peterson, Nazism - like all forms of xenophobic ethno-nationalism - thrived by cultivating a sense of collective victimhood. Excluding people expressing white nationalist ideas from the normal protections of our democratic rights to speak our minds, assemble, and organize, only serves to reinforce that sense of victimhood. So it’s likely it actually helps groups planning racist violence with their recruitment, rather than hindering them.

I strongly suggest you watch the documentary ‘Taking Liberties’, which explains how the governments of the Allied countries - including New Zealand - carefully studied how the Nazis came to power, and why the majority of Germans who didn’t support the Nazis were unable to effectively resist them. As a result of this study, many of the civil rights we now consider essential to democracy were strengthened or even created after World War II, specifically to prevent a resurgence of fascism. Arguably, it is as a consequence of the erosion of civil liberties in democratic countries since 9/11 that we have seen the rise of toxic enthno-nationalism and its associated violence, not as a result of too much of the wrong kinds of speech.

I also don’t accept that the ends justify the means. Even if it was true that giving the state absolute power to stop people openly saying racist things would fix racism, that wouldn’t mean it was the right thing to do. Killing the entire human population might fix climate change and prevent the extinction of many other species, but that doesn’t mean it’s the right thing to do. In this (admittedly extreme) example, the negative consequences are obvious, but in designing policy, we also need to be very mindful of the risks of unintended consequences.

There’s a parallel here with the well-meaning attempts by US legislators to suppress sex trafficking - another goal we all support - with FOSTA/SESTA. As Norman Shamas of Open Privacy explained in an interview with Final Straw Radio, not only do these laws make life harder for a lot of innocent people, they also make the jobs of the people who investigate sex traffickers harder too. When sex traffickers can’t hide their communications in plain sight among legitimate ads put up by sex workers, it doesn’t stop them communicating. It just pushes them deeper into the darknet where it takes a lot more resources to find and investigate them. Exactly the same is true for communications among white supremacists.

It’s much safer for everyone if people with racist views discuss them on mainstream platforms, where they can be monitored by both law enforcement and civil society watchdog groups like ours. This is such an important discussion that I’m going to post the text of this email on the Disintermedia blog, and submit it to TheDailyBlog.co.nz as a possible guest blog. I welcome you to engage with me by private email, or on either of those platforms.

Kia manawanui,

Danyl Strype

Next Page »
  • Annual Events

  • Digital Freedom Foundation
  • LibrePlanet
  • Aotearoa

  • Aotearoa Indymedia
  • BallaNZ
  • Creative Commons Aotearoa/ NZ
  • Creative Freedom Foundation
  • DigitalNZ
  • Enspiral
  • Fair Deal Coalition
  • GreenStage
  • InternetNZ
  • Island Bay World Service
  • Living Economies
  • Localise
  • Loomio
  • Matrix FM
  • Nicky Hagar
  • No Right Turn
  • NZ Council for Civil Liberties
  • NZ Makers
  • NZ Makers Map
  • NZ Māori Internet Society
  • NZ Open Source Awards
  • NZCommons
  • OASIS
  • Open Government Ninjas of NZ
  • Open Source Society of NZ
  • Open Standards NZ
  • Open Ur Eyes
  • Pacific Media Centre
  • Permaculture in NZ
  • PledgeMe
  • Radio Chomsky
  • Regulation
  • Scoop
  • Tech Liberty
  • Timebank Aotearoa
  • Transition Towns Aotearoa/ NZ
  • Uncensored Magazine
  • Waatea News
  • Waikato Linux Users Group
  • What If
  • Wiki NZ
  • Zenbu
  • archives

  • ArchiveTeam
  • Critical Commons
  • Ibiblio
  • Internet Archive Community Software Collection
  • Open Archives Initiative
  • Blogroll

  • Abject
  • Access Now
  • Ars Technica
  • BadScience
  • Banjo - RoboBlog
  • Boing Boing
  • Born out of Binary
  • Centre for Media and Democracy
  • Choke Point Project
  • Copyrighteous
  • Create Digital Music
  • Creative Commons International
  • Cryptogon
  • Digital Standards Organisations
  • Disinfo
  • E-Democracy
  • Electronic Privacy Information Center
  • Ever Vigilant
  • Freedom Box Foundation
  • Freedom of the Press Foundation
  • Gaming On Linux
  • Global Indymedia
  • Gondwanaland (Mike Linksvayer)
  • Institute for the Future of the Book
  • Institute of Network Cultures
  • Internet Governance Project
  • InternetNZ
  • Island Bay World Service
  • Iterating Towards Openness
  • Knowledge Ecology International
  • LinkedListCorruption
  • Linuxed - Exploring Linux Distros
  • Localise
  • Moved by Freedom - Powered By Standards
  • Nanowares
  • New Zealand Māori Internet Society
  • Nicky Hagar
  • No Right Turn
  • NZ Council for Civil Liberties
  • NZCommons
  • O'Reilly Radar
  • OASIS
  • OERu Technology Blog
  • Open Educational Resources Foundation
  • Open Knowledge Foundation
  • Open Rights Group
  • Open Social Web
  • Open Source Conscious Intelligence Network
  • Open Source Food
  • Open Stand
  • Open Ur Eyes
  • OpenCollective
  • OpenDotDotDot
  • OpenSource.com
  • Permaculture in NZ
  • Plumi
  • Public Interest Journalism Foundation
  • Punk Rock Permaculture
  • Question Copyright
  • Replicant (OS)
  • Rob Meyers
  • Schneier on Security
  • Scoop
  • Shareable
  • Slashdot
  • Software Freedom Law Centre
  • Software in the Public Interest
  • SourceMap
  • Sustento Institute
  • Tech Liberty
  • TechRights
  • The Tin Hat
  • Tinkering Down Under
  • TorrentFreak
  • TransitionMovement
  • Translation Project
  • Trisquel GNU/ Linux
  • United Diversity
  • Waatea News
  • We Speak for Freedom
  • Why Your Boss is Programmed To Be a Dictator
  • code bank

  • Allura
  • BitBucket
  • FusionForge
  • GITHub
  • GITLab
  • Gogs
  • Internet Archive Community Software Collection
  • LaunchPad
  • NotABug
  • Savannah
  • Software Freedom Conservancy
  • Software Heritage
  • Sourceforge
  • community economics

  • Commons Transition
  • Fruit Tree Planting Foundation
  • In Our Back Yards
  • Institute for Local Self-Reliance
  • Libre-Living
  • Living Economies
  • Sensorica
  • Sustainable Economy Law Centre
  • Timebank Aotearoa
  • TransitionMovement
  • cooperative

  • Loomio
  • Snowdrift Coop
  • crowdfunding

  • ArtistShare
  • BountySource
  • Causes
  • CauseVox
  • Crowdfunder
  • Crowdjustice
  • Crowdrise
  • Crowdsupply
  • Flattr
  • Fundit.buzz
  • GiveaLittle
  • Goteo
  • In Our Back Yards
  • KickStarter
  • KissKissBankBank
  • Liberapay
  • Mighty Cause
  • OpenGift
  • Patreon
  • PledgeMe
  • PledgeMusic
  • Pozible
  • Snowdrift Coop
  • StartSomeGood
  • Taproot Foundation
  • The Working World
  • Tidelift
  • Events

  • IndieWebCamp
  • free code

  • April
  • Black Duck Open Hub
  • DistroWatch
  • Ever Vigilant
  • F-Droid
  • Free Software Directory (GNU FDL 1.3 or later)
  • Free Software Support Network
  • Free Software Support Network
  • Free Your Android
  • FreshCode
  • Gogs
  • Gun.io
  • Internet Archive Community Software Collection
  • LILA
  • LinuxTracker
  • NotABug
  • OERu Technology Blog
  • Peers Community
  • Plumi
  • PublicLab
  • Replicant (OS)
  • Software Heritage
  • Urchn Studios
  • Free Media

  • Communes Collective
  • Copyrighteous
  • Create Digital Music
  • Definition of Free Cultural Works
  • Dyne Foundation
  • FLOSSManuals
  • Free Culture Foundation
  • Ibiblio
  • Librivox
  • LILA
  • Open Video Conference
  • Show Me Do
  • Translation Project
  • Urchn Studios
  • WikiLeaks
  • freelancing

  • BountySource
  • Gun.io
  • independent media

  • Aotearoa Indymedia
  • BallaNZ
  • EngageMedia
  • Freedom of the Press Foundation
  • LILA
  • Matrix FM
  • Pacific Media Centre
  • Public Interest Journalism Foundation
  • Radio Chomsky
  • Radio Heritage Foundation
  • Uncensored Magazine
  • Waatea News
  • libre gaming

  • Gaming On Linux
  • Makers

  • GreenStage
  • Libre-Living
  • Mediamatic
  • NZ Makers
  • NZ Makers Map
  • Open ROV
  • Renewable PCs
  • Rob Meyers
  • Sensorica
  • maps

  • GeoForAll
  • GeoNames
  • Green Map System
  • Map Tools
  • Open Geospatial Foundation
  • Open Street Map
  • open governance

  • Crowdfunding
  • D-Cent
  • Deep Democracy Institute International
  • E-Democracy
  • Fight for the Future
  • Holacracy
  • Internet Governance Project
  • Kettering Foundation
  • Knowledge Sharing Toolkit (CC-BY-SA 3.0)
  • Open Government Ninjas of NZ
  • Open Policy Network
  • Open Space World (CC-BY-SA 2.5)
  • Open Stand
  • Open Standards NZ
  • Participedia
  • Sunlight Foundation
  • Transition Towns Aotearoa/ NZ
  • What If
  • WikiLeaks
  • open hardware

  • H-Node
  • Makey Makey
  • Meeblip Open Source Bass Synth
  • Open Hardware Summit
  • Open ROV
  • Open Source Hardware Association
  • Orgs

  • Access Now
  • Apache Foundation
  • April
  • Autistici/Inventati
  • Collaborative Knowledge Foundation
  • Commons Transition
  • Communes Collective
  • Computer Professionals for Social Responsibility
  • Creative Commons Aotearoa/ NZ
  • Creative Freedom Foundation
  • Critical Commons
  • D-Cent
  • Deep Democracy Institute International
  • Digital Due Process coalition
  • Digital Freedom Foundation
  • Digital Standards Organisations
  • DigitalNZ
  • Dyne Foundation
  • E-Democracy
  • Electronic Frontiers Foundation
  • Electronic Privacy Information Center
  • Fair Tracing Project
  • Fight for the Future
  • Foundation for Peer-to-Peer Alternatives
  • Free Culture Foundation
  • Free Network Foundation
  • Free Software Foundation
  • Free Software Support Network
  • Free Software Support Network
  • Freedom of the Press Foundation
  • Guifi
  • Ibiblio
  • Identity Commons
  • Institute for Local Self-Reliance
  • Internet Engineering Taskforce
  • Internet Governance Project
  • ISA Commons
  • Kettering Foundation
  • LEAP Encryption Access Project
  • LILA
  • Living Economies
  • Loomio
  • May First/ People Link
  • Mediamatic
  • NZ Māori Internet Society
  • NZ Open Source Awards
  • Open Architecture Network
  • Open Archives Initiative
  • Open Geospatial Foundation
  • Open Policy Network
  • Open Source Hardware Association
  • Open Source Society of NZ
  • Open Web Foundation
  • OpenADR Alliance
  • OpenCorporates
  • Outreachy
  • Participatory Culture Foundation
  • Peers Community
  • Permaculture in NZ
  • Privacy International
  • Public Citizen
  • Public Interest Journalism Foundation
  • Public Knowledge
  • Public Patent Foundation
  • Question Copyright
  • Radio Heritage Foundation
  • ReDecentralize
  • Reform Government Surveillance
  • Regulation
  • Rhizome
  • RiseUp
  • Science Commons
  • Software Carpentry Foundation
  • Software Freedom Conservancy
  • Sunlight Foundation
  • Sustainable Economy Law Centre
  • Taproot Foundation
  • Transition Towns Aotearoa/ NZ
  • Waikato Linux Users Group
  • Wiki NZ
  • World Wide Web Consortium (WC3)
  • Xiph.org
  • XMPP Standards Foundation
  • Peer2Peer

  • BitCoin
  • FreeCoin
  • Permaculture

  • Appropedia (CC-BY-SA 3.0)
  • Fruit Tree Planting Foundation
  • Future Scenarios
  • OrganicDesign
  • Permaculture in NZ
  • TransitionMovement
  • We Speak for Freedom
  • Privacy

  • Access Now
  • Digital Due Process coalition
  • Ever Vigilant
  • Fight for the Future
  • International Principles on the Application of Human Rights to Communications Surveillance
  • LEAP Encryption Access Project
  • OASIS
  • Privacy International
  • Reform Government Surveillance
  • What If
  • protocols and licensing

  • Definition of Free Cultural Works
  • Digital Standards Organisations
  • Greenlots
  • ISA Commons
  • Open Archives Initiative
  • Open Stand
  • Open Standards NZ
  • Open Web Foundation
  • OpenADR Alliance
  • Regular Events

  • Libre Graphics Meeting
  • Open Hardware Summit
  • science and datasets

  • AllTrials
  • Collaborative Knowledge Foundation
  • DigitalNZ
  • Fair Tracing Project
  • ISA Commons
  • Open Geospatial Foundation
  • Open Hand Project
  • SourceMap
  • Wiki NZ
  • Zooniverse
  • Tools

  • Autistici/Inventati
  • BitCoin
  • Black Duck Open Hub
  • CoActivate
  • Crowdfunding
  • DistroWatch
  • Dyne Foundation
  • F-Droid
  • FLOSSManuals
  • Fork the Cookbook
  • FreeCoin
  • GITHub
  • GNU Operating System
  • GreenStage
  • H-Node
  • How To Escape the GoogleMax Panopticon
  • Knowledge Sharing Toolkit (CC-BY-SA 3.0)
  • LEAP Encryption Access Project
  • LinuxTracker
  • Loomio
  • Map Tools
  • May First/ People Link
  • Meeblip Open Source Bass Synth
  • Monolith
  • Open Hand Project
  • Open Source Ecology
  • Open Space World (CC-BY-SA 2.5)
  • Open Street Map
  • OpenCorporates
  • OpenMailBox
  • Participatory Culture Foundation
  • Plumi
  • Renewable PCs
  • Replicant (OS)
  • RiseUp
  • Savannah
  • Show Me Do
  • Sourceforge
  • SourceMap
  • TransforMap
  • Translation Project
  • Web Platform
  • Zenbu
  • Transition

  • Green Map System
  • Health After Oil
  • Localise
  • OrganicDesign
  • Wiki

  • Appropedia (CC-BY-SA 3.0)
  • Foundation for Peer-to-Peer Alternatives
  • Instructables
  • LibrePlanet
  • Open (Government) NZ
  • Participedia
  • SourceWatch
  • WikiEducator
  • wireless mesh

  • Guifi
  • workplace democracy

  • Enspiral
  • The Working World