The Libre Lag: Open-Source Software Needs a Change

The first thing you’ll notice if you hang around the open-source software community for a moment is the prevalence of people to whom the description “conceited” doesn’t begin to scratch the surface of their ego. These people frequently out of the woodwork when the word “privacy” appears, and their motto seems to be: “It’s the user’s responsibility to do all the work.”

I disagree with this thesis completely. I believe it’s the responsibility of the community (and therefore the developers) to make it as easy as possible for the user to choose privacy and safety. Unfortunately, this perspective is one that rarely seems to be adopted, much to the detriment of possible competition to the big-tech scene.

Note: this topic is multifaceted in the extreme, and no 3-minute article can possibly begin to cover it all, even if it were just a list of bullet-pointed links to further reading.

Compassion in technology

The biggest issue isn’t that the design of so much of the software out there is less-than-sleek. That sort of polishing can take time. No, the biggest problem in the world of technology — and privacy specifically — is a lack of compassion and empathy.

Most users of the Internet have little to no formal training in its use, let alone its deeper function. Most people learn to use the Internet on their own, aided by the sleek and well-designed interfaces provided by big-tech. In contrast, much of the open-source/libre/gnu communities seem to consider it a moral failing if Internet users have not devoted a technical degree’s worth of time into understanding the basics behind the technology.

In an ideal world, everyone would be given a better grounding in the hardware and software of the technology we use, but we have to meet people where they currently are, not where we wish they were.

The average user not only deserves privacy and security protections, they need them the most, and making those protections available in as easy a form as possible is vital to the wellbeing of the whole Internet community.

Too often, when users make gains toward better protection (switching browsers, or following a guide to harden their current browser, or taking any of the dozens of basic steps to better safeguard their life), they are bombarded by negative comments. Rather than encouraging, uplifting, and supporting people who actually are trying to take good steps towards privacy and security the broader community often treats these people like naive idiots. Worse, many commentators will begin by pointing out that these measures don’t really do anything to keep you safe anyway (not true).

Discouraged, many who set off on the path of security and privacy rebound back to the comfort and simplicity of the big-tech offerings. And what’s terrible about this is not merely that it weakens privacy and security, but that it continues to enrich the corporate giants that feed off their userbases like horrible monstrous mosquitoes.

What this calls for is a general promotion of compassion and empathy in technology. Specifically, it requires that designers and promoters meet the broader audience where they live — by creating simple and functional methods of making access to these technologies safe and simple.

The problem of design

The best alternatives with privacy-centric features are often co-opted by the worst possible actors, or (like the terrible social network Minds) directly created by these actors. “Free speech” is the catchphrase of the alt- communities of the world. Some apps, like Signal, have broken through into the more mainstream, but their development lags far behind what most users have come to expect in terms of community engagement. Whatsapp, for instance, is pushing into new spheres of community spaces protected by encryption, while Signal still doesn’t have smooth .gif support.

One of the most interesting options around, Element, is based on something called “Matrix”, a decentralized network. Though it lags behind its closest big-tech competitor, Discord, Element does offer some of the polish users might expect. Unfortunately, it’s extremely difficult to set up and run on your own (the grand failure of all Federated systems to-date). The best feature of Element, its ability to bridge between other apps like Signal, Whatsapp, Telegram, and many others, is rendered nearly useless due to complexity or price. Yes, you can pay Element to do all the heavy tech lifting, but then you’re shelling out money to more securely use platforms that are otherwise free… that’s just not good marketing, or good human psychology.

Software that wants to compete with big tech needs to take lessons from big tech. Big tech calls the shots right now, and if groups of earnest designers want to really make a difference, they need to change their approach. Even if that change means cutting some of the security and privacy features down a notch (who needs to operate under that high a threat model, anyway?).

Federated networks make people generally feel less safe (who runs the node I’m trusting with my data?); blockchain is usually complex, scary, and trendy; and more centralized offerings from more traditional companies are too-frequently created by, or in the thrall of, extremist communities.

The good news? If we can recognize the need to meet the users where they already are, to start designing accessible and still safe systems, the alternatives to the big-tech systems might finally stand a fighting chance.