Mine or Die: Tech pessimism and a potential solution
Oh boy, I’m writing a lot now, aren’t I? For the last few days, I got myself thinking about tech, the sustainability and what I believe could be the future of tech.
The situation with instant messaging
Nowadays, if you talk about instant messaging applications, I usually get three or four answers that basically everyone around me uses: WhatsApp, Facebook Messenger, or Signal. Some of my acquaintances also use iMessage, but I’m on Android, so that will have to be out of my scope for this post. However, whatever thing you choose, there is one thing most of these have in common: They are owned by Faceboo– sorry, they are mining people’s data.
It is a very common business model to provide a “free” service and mine user data in the process. You get funding for your upkeep, some cash on the side, and you get to provide a service people will flock to because a) other people use it, and b) it’s free and easy to set up. This, however, hangs on one specific thing: People actually have to use it and be okay with you mining their data. Most people are cool with this or don’t realize it’s happening (ask your grandma if Whatsapp is watching her and see what she thinks). This is mostly because people are not paranoid enough or are willing to put up with it because of peer pressure (“Everyone is using it, how else would I get in touch with people?”)
The black sheep: Signal
Signal is an outlier in all of this. As far as we know, they do not mine any user data, as they don’t store any, and have a pedigree about not giving user information away in any circumstances. The Signal non-profit got $100M from a former member of Whatsapp who wanted to support an independent messaging platform.
The upkeep for Signal, last I checked, was around $14M per year. That includes sign-up text messaging (via Twilio, as far as I can tell), server management and making sure that messages arrive to whoever you send them to. This is not a small cost. Signal appears to now go the way of Wikipedia, asking for donations from people, but I believe that may not pay for yearly upkeep. It may supplement their outgoing cash, but it’s not sustainable if they don’t secure some backing. Another issue may be who this backing would be from? If you are a large company, it really shows your commitment to privacy and security if you support Signal or similar messaging apps (Briar, Cwtch). If you are a corporation that is driven by profit, what would investing here give you? Only brownie points.
Tech pessimism: Nothing will ever last, maybe
The problem with tech, all tech, is its potential to go away. I still fondly remember Google Hangouts, ICQ, and other similar programs that I communicated on. ChatSecure was another one, after which I landed on Signal for my main driver. These hops did not occur quickly, though, I spent a better part of a decade on ICQ. ICQ is dead now. Google Hangouts has been offed by Google themselves. ChatSecure now appears to be an iOS only app with a forked Android version of a different app. I used all of these happily, but I landed on Signal, as that is where many of my peers are. I even converted a couple people to Signal. My mum, my wife, and my colleague are all here now and we’re happily chatting away.
Now, we can lament the death of ICQ all we want, but for all you IT-enthusiasts, I know I failed to omit one particular service, and for good reason. IRC. I know tons of people still kicking around on that platform that was created however many decades ago, and people still defend it and use it for daily chat purposes.
Why is that? How has IRC survived when Hangouts and ICQ died a horrible death? The answer is simple: IRC is a protocol, where ICQ was a centralized program. There is only one ICQ (apparently it’s started again now as a chat app), but IRC is just a set of rules that you adhere to and can build an application for. It’s just a “how-to” of a chatroom and the protocol needed to run one. If you want, you can have a LAN-only IRC server, no one is stopping you!
A better example for my usecase are actually three. XMPP, e-mail, and ActivityPub. The second you are probably using or have used in the past day or two. Basically a protocol for sending and recieving any type of data from one server to another or on the same server. No one company has the exclusive rights to e-mail, you can spin one up. That is perhaps why e-mail held on for so long and continues to run strong in face of these encrypted messaging apps. It’s the ultimate tool. XMPP is similar, in that it is a messaging protocol that literally anyone can spin up and use. I have my own XMPP server, and I’m quite fond of it, although it gets very little usage (not many people around me use it). The last one, ActivityPub, you may have heard of. It’s the base for the “Fediverse,” Mastodon and Pleroma, and other social media networks that are based on federation. Again, same concept, you can create your own server and run it yourself, communicating with anyone else that wants to be in touch with you.
Ideas are bulletproof
These three will, in my opinion, outlive any centralized social media network or messaging app. Where Facebook, Instagram or Twitter are built with custom software developed by internal teams and operated only where they are allowed to run, anyone can send me an e-mail, be they on Gmail, Yahoo or any other server. XMPP is the same way, and ActivityPub is the same way. I think of these as a rulebook rather than a product. That is why they are so powerful. They form a basis for anyone with particular skill to implement them, create their own version and provide it for people in their surroundings. We see this now with Mastodon and “themes” of servers. You have a server for people with similar interests, perhaps of a similar location. The same could be applied to anything. A company-provided XMPP server can be a thing, just like a company e-mail address is a thing today.
Another great benefit of these federated technologies is that anyone (and I do mean anyone) can provide for the community. The service doesn’t fall with a single company, and if my favourite Mastodon server (infosec.exchange, thanks Jerry!) went away tomorrow because it can no longer pay for its costs, the community can be run by several different people on several similar servers. Instead of infosec.exchange, we’d have some-infosec-chat.com, infosec.exchange (if Jerry sells the domain), etc. Facebook cannot provide that level of resilience. If Zuck says Facebook is done, it’s done. It will be shut down and the server space repurposed for other projects, but it will never be Facebook again.
A company is fragile. Several bad quarters can put you out of business. If you base your expectations lower, however, on a protocol, you can always rely on someone to pick up the torch, or, you know, do it yourself! The reason I’m not running my own Mastodon/Pleroma server is that it’s too much of a hassle for me, but the longer I stay in that space, the more worth it the idea seems. If WhatsApp shuts down tomorrow, I can provide several dozen people with a place to chat. That is me, my small virtual private server, or just a Raspberry Pi. Any IT-savvy person can set up a server like this and chat with anyone else, and they are doing this! Just like setting up and managing an e-mail server, you can provide a place for your family and friends. You may never have to rely on these, but if the big ones go out of business, you want a backup. Mine is XMPP. What is yours?
Closing it off
This is just a thought I had for a while now, that someday, we may not have the big companies to rely on. People keep asking me why I trust $MESSAGING_APP, and truth be told, I don’t. It’s someone else’s infrastructure that I cannot copy and keep alive if they decide they’re done. Protocols are a different thing altogether. I can download the code, learn it, and develop something adhering to that protocol. It’s like speaking languages. The more you know (even passively), the better off you will be if you find yourself stranded. Don’t get stranded in chat apps, have a backup.