Wednesday, July 31, 2013

Transparency is a feature, not a bug

There is an escalating struggle between governments around the world and the people they serve. It is a struggle over the right to privacy online. It's important to note from the git-go that there is no such thing as privacy online. Everything we do that is public is permanent until that resource is shut down. Once knowledge is made public, it propagates quickly as far as people are willing to share it.

Governments have been happy to collect this information, you know, in case one of the people they serve turns out to be a terrorist or a political opponent. But governments have not been happy, much less enthusiastic to share with us how the information they collect is shared and interpreted. Our executive branch has made wild interpretations of the laws they are supposed to carry out that have run far afield of the intent of Congress.

To counter this intrusion on privacy, businesses and their customers are becoming familiar with encryption. It is not what we want to do, but if we want privacy, encryption is the way to go. But encryption is not enough.

What code are you running on your computer? Do you know what it does? If you're not a programmer, that's OK. The programmers know what it does. Some programmers will tell you, and others will not. I'm going to make a very clear distinction here to help you understand this better. Most people use Windows. It is well documented that Microsoft has built back-doors in Windows for governments so that they can access a computer remotely. This is not so well known for Apple products, but it wouldn't surprise me if they did that, too.

They can do this because the products they sell are closed source products. If you want privacy, you might consider using open source products. This is a very important distinction, but it may require some explaining so that you can understand it.

All software is written by humans. Software is complicated and cumbersome to write, so humans have devised tools to make it easier to write software. The humans who created computers know that computers understand machine language, you know, 1s and 0s. This is a language that humans can understand, but it's not very easy to read. Humans started programming computers with 1s and 0s.

So humans came up with assembly language. Less complicated, easier to read than 1s and 0s, but still very difficult to use. Assembly is specific to one processor, too. To make things easier for themselves and, it turns out, for others, programmers created programming languages that can be compiled into machine code that machines understand. The most famous example is that of the work of a group of programmers at ATT in 1969 to create UNIX.

All programs are written in human readable code. The human readable code is not understood by machines, so we use another program called a compiler to convert the human readable code to machine code. When humans write code, they include comments in their code to remind them of what the code does.  Good programmers document their code so that others can support and maintain the same code. This makes it easy to share the code. When the code is compiled, the comments are stripped out by the compiler so that only executing code remains.

Once the code is compiled into machine code, humans cannot read it. It is possible to decompile the code, but the comments cannot be recovered because they were stripped out during compilation.

So here is the difference that I'm driving at: Windows is closed source. You don't get access to the source code. Even if you could decompile the source code, you don't get the comments, making the code very hard to read, and you violate the terms of the license for Windows. Yes, the license prohibits you from decompiling Windows to source code.

With Linux and open source software, you get access to the source code. Most of us are not programmers so we can't read the code. But someone out there can. And they are checking it to make sure there are no back doors. Even if someone tried to sneak a back door in, it's hard to get it passed the group of humans who maintain free and open source software.

If you really want privacy, you're not going to get it with an operating system built by Apple or Microsoft. Android is open source. Android runs on Linux and Linux is open source, too. Anyone can look at the code to see what it's doing. Granted, Google and others (such as Samsung, Motorola, LG, etc.) who use Android in phones add a lot of stuff that we can't see, but it's a lot better than Windows or Mac in terms of privacy.

If you wanted to, you can use something like Cyanogen Mod, a free version of Android to run on your phone. Then you'd have a much better idea of how much of your data is private.

At home, if you wanted more privacy on your computer, you could use Linux. I happen to like Ubuntu Gnome and suggest it to anyone who wants to try it. There are many flavors of Linux available called "distributions" or "distros", so you can always find a version that suits you best.

Notice that I use the phrase, "more privacy" in the last paragraph. That is because many of us use Gmail, Facebook, Twitter and so on. For complete privacy, don't use those services.

But we need community and we need to share information to be a part of a community. For now, take note that governments around the world are nervous. They are reading what we're writing and sharing. They don't want *us* banding together to form a new government that makes more sense, is nicer to the people they serve, and gets things done. They have been so busy serving the 1%, that they forgot about the rest of us.

In open source software, transparency is a feature, not a bug. Governments would do well to follow the example of open source software. While open source software projects never forget that they are there to serve others, using open source software for the freedom it provides is a way to remind governments that they serve others, too.
Post a Comment