Menu Close

Tag: Matthew Garrett

This website was archived on July 20, 2019. It is frozen in time on that date.
Exolymph creator Sonya Mann's active website is Sonya, Supposedly.

Indifference To Libre Software

Battle of Copyright! Illustration by Christopher Dombres.

Illustration by Christopher Dombres.

I want to quote some passages from an astute but idealistic essay that security developer Matthew Garrett wrote in 2014 about libre software. (If you’re not familiar with that term, go read this long explanation on GNU’s website. Then dive into Richard Stallman’s bonkers absolutist computer habits.) Garrett’s blog post is called “My free software will respect users or it will be bullshit”. He proposes that…

“the freedoms guaranteed by free software are largely academic unless you fall into one of two categories — someone who is sufficiently skilled in the arts of software development to examine and modify software to meet their own needs, or someone who is sufficiently privileged [read: has enough money or social capital] to be able to encourage developers to modify the software to meet their needs.”

He goes on to say:

“Concentrating on philosophical freedoms without considering whether these freedoms provide meaningful benefits to most users risks these freedoms being perceived as abstract ideals, divorced from the real world — nice to have, but fundamentally not important.”

My reaction to this was basically, “Well, yeah. That’s not a risk; that’s a reality. Zero normal people care about libre sofware.” Unless you want to study, change, or redistribute the source code, why even think about the license? The closest you’re going to get to a regular ol’ person who cares about libre software is someone like me, a tech commentator with an inferiority complex because she doesn’t know how to code. And I’m lukewarm on it. Sure, I’m glad that libre software exists, but I don’t think the movement’s priorities are moral imperatives.

By nature, libre software is a niche concern. The majority is never going to care. People vote with their eyeballs and their wallets, and by those measures they’ve overwhelmingly elected proprietary products like Facebook and Apple’s sprawling empire. That’s fine! An influential minority of hackers and their ilk will continue to love and make libre software. We’ll be okay.

Cybersecurity Tradeoffs & Risks

Kevin Roose hired a couple of high-end hackers to penetration-test his personal cybersecurity setup. It did not go well, unless you count “realizing that you’re incredibly vulnerable” as “well”. In his write-up of the exercise, Roose mused:

“The scariest thing about social engineering is that it can happen to literally anyone, no matter how cautious or secure they are. After all, I hadn’t messed up — my phone company had. But the interconnected nature of digital security means that all of us are vulnerable, if the companies that safeguard our data fall down on the job. It doesn’t matter how strong your passwords are if your cable provider or your utility company is willing to give your information out over the phone to a stranger.”

There is a genuine tradeoff between safety and convenience when it comes to customer service. Big companies typically err on the side of convenience. That’s why Amazon got in trouble back in January. Most support requests are legitimate, so companies practice lax security and let the malicious needles in the haystack slip through their fingers (to mix metaphors egregiously). If a business like Amazon enacts rigorous security protocols and makes employees stick to them, the average user with a real question is annoyed. Millions of average users’ mild discomfort outweighs a handful of catastrophes.

Artwork by Michael Mandiberg.

Artwork by Michael Mandiberg.

In semi-related commentary, Linux security developer Matthew Garrett said on Twitter (regarding the Apple-versus-FBI tussle):

“The assumption must always be that if it’s technically possible for a company to be compelled to betray you, it’ll happen. No matter how trustworthy the company [seems] at present. No matter how good their PR. If the law ever changes, they’ll leak your secrets. It’s important that we fight for laws that respect privacy, and it’s important that we design hardware on the assumption we won’t always win”

Although Garrett is commenting on a different issue within a different context, I think these two events are linked. The basic idea is that when you trust third parties to protect your privacy (including medical data and financial access), you should resign yourself to being pwned eventually. Perhaps with the sanction of your government.

© 2019 Exolymph. All rights reserved.

Theme by Anders Norén.