r҉ustic cy͠be̸rpu̵nk🤠🤖 is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

It’s a tad upsetting that the Chromebook, not dev mode hacked, is now the gold standard for secure computing

Just as the iPhone, not jail broken, is the gold standard for secure mobile

How did we end up here?

Apple and Google realized their walled gardens are used more and more by ordinary people who understood the privacy implications of their devices

While truly open source privacy tools retained the warmth of a dung-smeared cactus, these became the easy to use variants for the public

r҉ustic cy͠be̸rpu̵nk🤠🤖 @cypnk

Open source tools are by and large NOT user friendly in the name of remaining powerful and familiar to those who are already used to them

It’s a degree of tech elitism that’s locked out the public. The typical computer user is not going to familiarize themselves with the command line. Meanwhile, point and click tools got the upper hand in the market

@cypnk i agree with this, but it has nothing to do with "general users being aware of their privacy". open source developers are smug, technical and hold this air of elitism that you refer to. this means the average user isn't going to use them regardless of their privacy stance, leaving only walled gardens as options.

Users wanted more privacy
Looked at what was available and cringed

Apple and Google saw a market opportunity

They’re both related

@cypnk the thing is that free software devs make things for themselves, not for some hypothetical end user.

I don't think there's anything wrong with that, as long as we aren't criticizing people for using nonfree software.

@popefucker Definitely not a criticism of users. They use what they can get used to. I would do the same in their place

Most hackers do build tools for themselves, but some (not all) still insist that learning them is the path to privacy and security for the general public. That’s just not gonna happen

I think that’s also part of the driving force behind “everyone should code”. I’d love it personally, but most people just want to enjoy their devices safely, not code on them

@cypnk true! And there has been a push of late for user-friendly FOSS tools, like signal and Ubuntu and whatnot, but it will never ever be at the same level as proprietary software because proprietary is what the industry grew around. There's so much more time and energy being poured into google than searx, for example.

@cypnk however, one thing:

radicals *need* to learn to use free software, and to thwart the surveillance dragnet. That's not a question of morality like most free software stuff is, it's a question of necessity, and too much organizing is still over corporate channels well-monitored by three-letter-agencies.

@popefucker That group already self-selects for people more likely to learn them

To be a radical is to expect some degree of hardship. To be revolutionary needs thinking beyond what’s already available, in use, or what’s “comfortable” and easy. And so many will learn new tools even if they’re not familiar with them initially

@cypnk I wish this were true, but it's really not.

Except for the truly hardcore revolutionaries, most don't know or care about this kind of stuff.

@popefucker They’re not radicals ;)

We also have to consider how many things the average person has to keep in mind beyond their sociopolitical interests. Family, children, and other engagements eat into their available bandwidth and what’s left is “use an iPhone and Chromebook”

Maybe a helpful friend will add “use Signal, use Tor”

@cypnk @popefucker Only if they realize that it's valuable to their cause.

@popefucker And most FOSS hackers I know are broke too. Some barely get by via Patreon. That’s just no match to the amount of cash Google and Apple can pour into user friendly alternatives

@cypnk @popefucker Another aspect of this is that the yield which Google and Apple get in terms of how much money they put in and how much usable software they get out is very low compared to the broke Free Software hacker living mostly in a hackspace.

@bob @popefucker Much like in meatspace, the luxury of experimentation and room for mistakes are only affordable for the wealthy in hackerspace

@bob @popefucker @cypnk do you mean that with just a little more money, open source would blow Google and Apple out of the water in terms of usability?

Then it’s even more important to push for campaigns like public money, public code, because govt software budgets would make all the difference.

@Tryphon @cypnk @popefucker I think more effort is needed on the public money public code campaign. I noticed that when it started I was seeing some pushback from the proprietary contingency, which indicated to me that a nerve had been struck.

It's also always worth being wary about government money, because sometimes strings can be attached. Projects like Tor have been trying to move away from relying so heavily on government money.

@cypnk It is so strange to me how supposedly the public won’t use a command line but they will edit registry keys for hours. I think they would totally use the command line if Ubuntu or whatever just came installed on every and they had to use it. Then they’d like it.

This must be the hacker version of unrealistic beauty standards ;)

To be fair, people also write entire applications and databases in Excel and never call it “programming”. Perceptions do matter and most users will never make that leap

@cypnk Using Excel to do visual design is computer hacking.

@rotatingskull It is indeed, but I’ve yet to meet an office manager who would call it that

If you ask the person who did all that work in Excel, you’ll likely find a hacker who thinks they aren’t one due to a conspicuous absence of a balaclava

@cypnk @rotatingskull This suggests to me that the whole business about command lines and programmatic interfaces (and I don't even claim that command lines are the be all and end all of programmatic interfaces) being /user unfriendly/ is sort of a problem conjured from nowhere. Apple happens to be /familiar/ and /cool, but there's nothing about its paradigm that makes it particularly easy to use.

Free Software could use more /polish/. A LOT more polish.

@rotatingskull @cypnk But that's a much smaller ask than wishing programmers would spend their free time building tools they actively dislike using and limit their actions.

@Azure @rotatingskull FOSS devs in particular take on tasks as a labor of love and just adding polish to open source tools is dreary and soul-sucking in a lot of ways. I just don't see it happening that way

But what I do see is projects being sponsored for polish depending on who uses it and how badly it's needed. You see project adoptions all the time, so there's hope for a lot of these

I just hope none become proprietary all of a sudden

Speaking of gold standards, if you do take the Chromebook route and want it to remain secure (I.E. easy to wipe and restore easily while traveling And security token enabled), this is a handy guide that’s easy enough for most users


It goes into the details of setting up a dev computer with YubiKey and 2FA with your mobile which takes care of most threat models (except nation states. But if a nation state is after you, you’ve got bigger problems)

I see some folks took this thread about open source privacy tools and made entirely about FOSS tools. That may be a limitation in text based communication or maybe some folks are paying disproportionate attention to the second toot and not the first one

One dev took it so personally, he viewed it as a personal insult. That’s unfortunate. It also highlights the uphill battle. It’s hard to view your world objectively from the view of those who know nothing of it

There’s an “othering” of the user

@cypnk I am not sure I understand your point. The tools that secure the chromebook and iphone aren't tools any users have access to.

Securing a device is hard to do, but really easy if a pro from apple does it for you.

I don't think there is a good exemplar of an easy to secure system that is also easy to use.

@_tj Repost from another reply:
“Users wanted more privacy
Looked at what was available and cringed

Apple and Google saw a market opportunity”

My point is that secure devices came ready made because the tools to do it ourselves are complex and arcane by comparison

A non jailbroken iPhone is still secure
Likewise a non-rooted Chromebook
Both don’t need much further tweaking besides not installing more spyware

@cypnk I think that you need consider what it means for a tool to be "successful" in the first place. Being used by the most clueless people, like with commercial software, doesn't really fit.

@deshipu The only measure of success that’s relevant for widespread privacy and security is adoption. All other measures, while they may be philosophically and personally satisfying, don’t help the masses

Clueless people are not lesser than you because they’re clueless or because they use commercial software

@cypnk You are missing the point. I'm not trying to argue the moral superiority of one or the other, like you do. I'm simply pointing out a simple mechanism that is at work here.

Developers are getting punished for making accessible software, and rewarded for writing more obscure one. As long as that happens, there will be certain tendencies in the software that survives.

Lesser or no, non-contributing users are a burden on a project, and "popular" projects will always be at a disadvantage.

@deshipu You’re seeing it from your point of view as a developer who accepts bug reports and pull requests and I’m showing it from the user’s perspective

I’m not missing point
I’m simply saying end users don’t understand nor care about the intricacies or effort of software development

Not caring doesn’t mean they don’t deserve a better product

@cypnk How do you expect to change anything? By keeping not to care and loudly demanding what users deserve?

Or by trying to get to the center of the issue, analyze what is actually happening, what forces are in play, and coming up with changes that are going to push the whole mechanism in the right direction?

Shaming developers into trying harder and being more selfless is not going to help much. They are already doing what they can.

@deshipu I’ve never shamed developers for writing tools or demanded they try harder. But I’ve routinely poked fun at developers for suggesting users take to the command line as a first resort

Computers are not humane

Dev tools are specifically designed around architectures and not the humans who use them

In that environment, expecting users at large to contort themselves to our arcane tools is unrealistic and selfish

We need easier to use tools for the masses

@cypnk Excellent! How do you propose to achieve that? Who is going to write those tools?

The shape of software reflects the environment in which it was created and the development process that created it. Developers don't do that on purpose, it just happens.

To have humane software, you have to create the environments and processes that would lead to creating it.

Just saying that the masses deserve it will not make that happen.

@cypnk Consider how that works for commercial software: the more accessible it is and the better it solves the user's problems, the more popular it gets. The company that made it earns more money, hires more developers, raises salaries, creates more documentation and training materials, fixes bugs and adds more features. The software thrives. You have a positive feedback loop (at least until they realize that investing in marketing pays better than investing in usability).

@deshipu Hence my other reply. It’s already out of your hands

If you want to meaningfully affect change at this point, getting hired by Google or Apple is in the cards

@cypnk What if we found some way of developing open source software, that would have a similar positive feedback loop from its users, instead of a negative burden? So that development would be easier and more pleasant when the software is popular? Wouldn't it be awesome?

But I don't think we will get there by mimicking the commercial companies, only without profits. By making "products" for "consumers".

@deshipu Feedback loops work if developers and designers detach themselves from their own wants and consider the user perspective with each iteration. There’s a lot of objectivity at play

That’s fundamentally not how most open source hackers work. Most hackers take their work very personally and it’s a passion project. There’s a degree of ownership in the design choices that aren’t shared among users or are easy to explain

That has to change first

@deshipu Hackers need to consider first who is it they’re doing the work for

On the surface, it’s for the users
But is it really?

If you made a tool for yourself and release the source, you’re either expecting others to use it as-is or you expect to make improvements. If it’s the latter, then it’s a job

You may not feel like it is, if you enjoy it, and you’re not getting paid, but it is. And the users are your boss

What does your boss deserve?

Start from that perspective

@cypnk I mean, I already have a day job, I don't need another.

@cypnk Also, bosses generally tend to pay you for the work you do.

@deshipu Then you’re not developing for the users. This is a hobby and you’re doing it for you

Apple and Google stepped in and they’re doing it as a job. Who do you think the users will flock to?

And that’s how we ended up in this situation. Fundamentally different perspectives between what users and developers want out of the same software

Don’t blame users

@cypnk Well, of course I do it as a hobby. Since nobody wants to pay for it, it's impossible to do it as a job.

So unless we find some way of making it work as a hobby, without having to do it as a second, unpaid and unappreciated job, nothing is going to change.

Now, do you perhaps have any idea about what we could try doing?

@cypnk Even the developers who are lucky to be working on open source code as their job have their own bosses to answer to, frankly can't afford to also consider every human on the plant to be their boss.
So maybe you have any ideas about how to encourage the companies that sponsor open source development to care about the users more?

@deshipu Like I said, the time to build goodwill among users is long past

It’s the age of the Big Silos now and if you want to get either Google or Apple to sponsor your project (you’ll have a better chance with Google), you’ll be able to develop as a job and keep it sustainable

Or you could work for them as a proper job and get better tools to users. But if you go at it alone, think of it as an unpaid job and don’t expect anything from users. It’s not how people behave

@cypnk Now I am confused. What was the point of the initial toot then?

“How did we end up here” is what I wrote in the first toot

@cypnk Ah, now I actually scrolled and read it. Sorry, I only saw your second toot, as it was boosted by someone.

I can only say this: nobody will remember Apple and Google in a couple dozen years, and the open source will still be there.

@deshipu @cypnk Some tech CEOs might prefer you to believe that, but in reality "installed by default" gets the goods. Even if it's user-hostile, like Windows 10, if its installed by default it will be "popular".

@bob @cypnk That's what I broadly meant by "marketing". Also deals between companies, monopolies, etc.

@deshipu @cypnk I'd say it's a leadership problem.
Most of the software developers are working for companies right now. Most of them are not interested on the end user: they are interested on profit.
And the developers just do what the companies ask them to do.
It's sad but it's true.

Once there are resources and a strong leadership towards a more human-centered design it will happen. I have no doubt on that.

The key is that the devs have a lot of power but they (we) are wasting it in shit.

@ekaitz_zarraga @cypnk I'm not convinced. It's a bit like saying that a wise and benevolent dictator solves the problems of both capitalism and communism. It does, but it's very hard to ensure that you will always get one like that.

@deshipu @cypnk I'm not saying the leader has to be an individual.

There are many ways to get leadership. Users can demand human-centered technologies and that can change companies' target. Also, some developers could raise awareness and make others leave the companies to start other kind of projects and businesses. I can also happen that the govs decide to push technology and R&D in a social way...

In general what I see is the devs have bosses and make what they say. Bosses have bosses too.

@ekaitz_zarraga @cypnk I would be very interested in ideas about how we could change our communities to make it easier for open source developers to work in user-centered way.
One obvious thing is to make the users more involved — not necessarily as coders, but generally in the project and/or community. You will think twice before adding a feature to a project that a friend who you just spoke to would have trouble using. And you are more likely to fix it if a friend complains.

@deshipu @ekaitz_zarraga @cypnk that is one reason I talk about the projects And My Axe is doing on here.

@inmysocks @cypnk @deshipu And that's also why I try to talk about my decision to leave the standard way and try my own.