Is it time to reconsider Freedom 0, and clauses 5 and 6 of The Open Source Definition?

It's been a hard week for techies, as a variety of revelations make the projects we've all worked on look less appealing. Things that might have been triumphs at some point are suddenly darkened:

On a side note, geeks might be interested to know that Boundless Informant--yet another great NSA name, no?--is hosted on free and open-source software. Congrats, open source movement!

The relationship between the NSA and open source software isn't new - SELinux was a classic cooperation, eventually integrated into the Linux kernel. More recently, Steven J. Vaughan-Nichols wrote that "Open-source software and the National Security Agency go together like peanut-butter and jelly. No, they really do!"

It's not just the NSA that's discovered the value of open source for spycraft and data mining, but a wide variety of other organizations, national, commercial, and military. It's not just that they can borrow open source code - of course it's easy - but that the open source movement has gone out of its way to ensure that these organizations can use open source code with a clear licensing conscience.

The Open Source Definition bars any license which attempts to block these groups (or other groups) from using the code:

5. No Discrimination Against Persons or Groups

The license must not discriminate against any person or group of persons.

That means that you can't bar the NSA, the Chinese government, Microsoft, President Obama, Scientologists, or the Dalai Lama (among many others) from using your code.

6. No Discrimination Against Fields of Endeavor

The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.

That also means that you can't bar, for example, militaries, religious organizations, governments, or intelligence organizations from using your code.

The Free Software Foundation reaches the same place slightly differently by building "for any purpose" into their Freedom 0:

Freedom 0 is the freedom to run the program, as you wish, however you wish, for any purpose.

When you use open source licenses, you are accepting that folks you're really not fond of can use your code for potentially ugly purposes. This simplifies license checks, and keeps, say, companies that acquire other companies from finding they've been barred from using the acquired company's toolset.

The response I've had in the past when I've suggested this might be a problem for people less excited about supporting dubious projects along with the good ones was pretty simple: "so don't participate in open source software."

I doubt that the calculations of the Open Source Initiative on this are likely to change, though I suspect that github's lack of interest in requiring particular licenses may mean that there is an emerging opening for a different model.

Personally, I've taken a different route. I've been lucky, able to choose to work in fields that mostly aren't interesting to the kinds of people I don't want to encourage, and on projects that are way behind work they already have.

I've had a few moments of naivete - looking back, I really doubt the wisdom of writing a book on Cookies. Maybe there's something more dangerous lurking in XML than I've noticed. Lately, my interest in Erlang and Elixir makes me wonder if I'm getting too close to Building Skynet, but my only open source library in the field is simple and quiet.

Just working in Erlang, though, made me feel edgy enough to add this to the preface of Introducing Erlang and Introducing Elixir:

Please Use It For Good

I'll let you determine what "good" means, but think about it. Please try to use Erlang's power for projects that make the world a better place, or at least not a worse place.

Is that enough? It probably isn't. It's a bit too much like Google's "Don't be evil".

(And yes, I recognize that there are deep defense links in the background of the work I do, including Vannevar Bush's early work on hypertext in the OSRD, DARPA's role in building the Internet, and the US government's broad and early support of SGML.)

I hope I achieve a balance - contributing enough work with broad application, but not especially enabling work I'd rather not see happen. It's not a complete answer, and explaining it is unlikely to make anyone happy. Hopefully, though, you can look at your own work and decide what your priorities are, even if they're different than mine.

(Disclaimer: This is definitely only my opinion, not that of my employer!)

Update: Also worth noting, this almost-satire assault on the JSON license, and Douglas Crockford's friendly willingness to grant license exemptions for evildoers.

Also see Spies Like Us: How We All Helped Build Prism.

I threw these down to prep for a session I held at Foo Camp in June 2012. I didn't follow the notes that precisely, and I suspect the session wound up less Luddite than the notes, but these may be of interest to people with similar questions.


Often find those deeply involved in technology are its most coherent skeptics.

"All Hail King Ludd" - Ned Ludd destroyed a stocking (knitting) frame in 1779, and people said afterward of broken machines that "Ned Ludd did it". Led to 1811-12 refrain "All hail King Ludd" and rebellion. (Are programmers the weavers of today?) Also wove into Robin Hood legend.

19th century traditions including Thomas Carlyle, John Ruskin, William Morris.

Broad spectrum:

  • Programmer by day, Prepper by night

  • Peak Oil folks

  • Environmentalism

  • Food and health issues

  • Reviving lost and old technologies (Moxon vise)

  • Neanderthal hand-tool woodworkers often programmers

  • Aesthetics - Steampunk, Society for Creative Anachronism, Renaissance Fairs, power of retro generally.

  • Making

  • Singularity and transhumanism make some people vomit - explicit humanism response

  • Waldorf / Sloyd - programmers sending children to media-free Waldorf

  • Slow Food, Slow anything [see Slow Web, for tech-connected example]

  • Privacy

  • Letterpress business cards for tech companies

  • Bespoke creation in an age of cheap reproduction

Minority movement or growing trend?

Reading:

HttpRange-14, the endless nightmare conversation that has pretty much redefined "rathole", has opened its gates again as another brave explorer attempts to put it finally to rest. Everyone who's gone anywhere near it knows it isn't comfortably settled, and I suspect those of us who've gone close to it will never forget the sound of its rattling around and moaning.

How did we summon this demon, and why do we keep it around?

Its origins are deep and dark. I first encountered this original sin of the Web in the days of XML namespace controversies, around the time when XML namespace controversies blew the lid off W3C URI dysfunction, and the resulting xml-uri explosion. That was where I first discovered there were people - the Director of the W3C and his right hand man no less - who thought it perfectly fine to create URIs that did nothing but sit there looking pretty, with some theoretical "it means something else" hanging off the side. Worse, the Pope, his Bishop, and friends enjoyed abusing the fragment identifier portion of the URI to mean something other than fragment identifier, and in so doing popularized one of the nastier anti-patterns of modern web development.

So what's the basic problem?

Once upon time, probably in the simpler age of URLs - Uniform Resource Locators rather than the more recent URIs (Uniform Resource Identifiers) - if you saw something that started with http:// you knew it was a pointer to a web resource. To figure out what it wanted to share with you, you dropped it into a tool, typically a browser, that understood the HTTP protocol, and it would go retrieve something from that location.

URIs, in theory at least, combined URLs with the more opaque Uniform Resource Name, allowing both to be used in a variety of contexts. Unfortunately, in practice, the opacity of URNs and their lack of a clear path to particular resources somehow was confused with virtue. Worse, that opacity was applied to URIs that happened to take the http:// form, leading to bizarre trainwrecks like the recommendation that XML namespace URIs not point to anything even if they happened to use http:// (as was generally recommended...).

The good news about this particular form of sin is that so far it has been confined to a relatively small number of practitioners, perhaps best described as theologians of the Web. XML developers learned quickly that any conversation about universal handling of namespace URIs would land them in perdition, and despite the good work of RDDL, basically stopped talking about it except as a parlor game. Semantic Web practitioners are the most eager evangelists of this heresy, but while they are starting to achieve critical mass in solving problems, the community itself remains small and the collections of broken URIs they produce rarely find their way into daylight.

Unfortunately, it seems likely that as the Semantic Web finally achieves critical mass, the rumbling will get louder. Humans may be spending less and less time in direct contact with http:// URIs, but they (and HTTP itself) are at the foundation of REST-based systems. We'll just have to hope that none of the abused http:// URIs fall into the hands of REST-based systems that expect them to have a relationship to resources on the HTTP-based Web.

Update: Somehow I managed not to link the post that triggered this, and you can also find other comments on it.

Yes, yes, politics based on hating a group of people is a horrible thing. But what about a politics based on hating people generally?

There are curmudgeons, and then there's Paul Kingsnorth's clear but strange episode of human-loathing in Orion Magazine. After three stories that tell of his bonding to the non-human world, he treats readers to a blast against environmentalism that takes humans into account:

And now I know far more about what we are doing. We: the people. I know what we are doing, all over the world, to everything, all of the time. I know why the magic is dying. It's me. It's us....

[Sustainability] means sustaining human civilization at the comfort level that the world's rich people—us—feel is their right, without destroying the "natural capital" or the "resource base" that is needed to do so.

It is, in other words, an entirely human-centered piece of politicking, disguised as concern for "the planet." In a very short time—just over a decade—this worldview has become all-pervasive...

...This is business-as-usual: the expansive, colonizing, progressive human narrative, shorn only of the carbon. It is the latest phase of our careless, self-absorbed, ambition-addled destruction of the wild, the unpolluted, and the nonhuman. It is the mass destruction of the world's remaining wild places in order to feed the human economy.

This stuff was realistic, necessarily urgent. It went with the grain of human nature and the market, which as we now know are the same thing. We didn't have time to "romanticize" the woods and the hills. There were emissions to reduce, and the end justified the means.

...This desperate scrabble for "sustainable development" was in reality the same old same old. People I had thought were on my side were arguing aggressively for the industrializing of wild places in the name of human desire....

Now it seemed that environmentalism was not about wildness or ecocentrism or the other-than-human world and our relationship to it. Instead it was about (human) social justice and (human) equality and (human) progress and ensuring that all these things could be realized without degrading the (human) resource base that we used to call nature back when we were being naïve and problematic.

Suddenly, sustaining a global human population of 10 billion people was not a problem at all...

Ok, stop there. He hit the hard problem, the problem that's been driving a lot of the conversations he so plainly hates - and a problem he offers nothing to solve.

The huge challenge that everyone on earth faces right now is that there are so many of us, our population having grown dramatically while we were binging on resources we'd unlocked. Those resources no longer seem endless, and we're even realizing that there may be larger consquences to our burning resources than the toxic areas we've noticed.

Rolling back to the simpler life he dreams of is a radical idea, but one that likely requires radical steps. He casts Pol Pot and Stalin as fueled by "ideas of equality and justice" when fending off a "well, Hitler was a vegetarian" argument. Unfortunately, he doesn't seem to recognize - or perhaps care? - that the sudden shift he proposes would require humans to die on a scale that makes all three of them (and Mao) seem like amateurs.

Once people are urbanized (or work with industrial tools even outside an urban environment) for a generation or a few, inducted into the lifestyles Kingsnorth so plainly despises, it's not so easy to bring them back into an ecocentric world where they consider themselves responsible to the environment and not the other way around. "Go live in company with the earth" can be a vocation for some, but would be a death sentence for many.

I'm not sure that bothers Kingsnorth. The only people he seems to like in his piece are Wordsworth and his friends on Twyford Down in the 1990s, who were "genuinely ecocentric". The rest of us are compromised, political, even - gasp! - interested in the well-being of our fellow humans.

In a rare moment of thinking how the arguments inside the environmental movement might play with people outside of it, he gripes about:

something known as "eco-socialism": a conflation of concepts that pretty much guarantees the instant hostility of 95 percent of the population.

Is Kingsnorth's eco-nihilism any easier to sell? I doubt it.

Eco-socialism in the form Kingsnorth satirizes may well be nonsense, but his blasting on anything that smacks of human solidarity with other humans sounds like the path to a number of horrible fates.

I don't have much fondness for people so entranced by the world that they forget they're not alone. Whether that worldliness is financial or earth-centered, a lack of interest in the fate of your fellow humans seems like a large crack in the foundations.

Kingsnorth is "leaving on a pilgrimage to find what I left behind in the jungles and by the cold campfires", abandoning the project of people trying to save, well, anything, themselves or the planet. I'm not sure what he hopes for - perhaps a sudden collapse of human civilization that forces us to live the way he wants, with no time to cause more damage to the earth?

Perhaps he is an optimist in his own way, leaving to let the rest of us make all the nasty compromises that might possibly lead to a softer landing for his planet than the alternatives.

Update: Here's an interesting contrast, a piece that starts with similar questions and goes completely different places.

I just found the program from a summer I spent at SUNY Buffalo 25 years ago. I thought it was long gone, but no - and it has a list of all the students. I haven't found a similar list before, so thought I'd post the cover info and the student list, minus the contact information.

New York State Summer School of the Arts

School of Media Arts

June 22 - August 1, 1986

Center for Media Study
State University of New York at Buffalo

Dr. Gerald O'Grady, Artistic Director

Frightening transparency

|

I'm not very fond of people who claim that markets can solve all of our problems, but at the same time, I think markets can be very effective at one key economic task: setting prices.

Our current financial problems derive, at their foundation, from private transactions that weren't nearly careful enough about the prices of the goods underneath them. People mistook trends of the present - rising housing prices, the AAA ratings of investment houses, and so on - to be permanent fixtures of the economy. Then they built complex structures on top of opaque and not very stable pricing expectations, adding fuel to the fire by creating compensation structures that rewarded those most willing to misbehave.

There are a few ways to handle these kinds of problems, to ensure that they are at least less likely to occur in the future:

  1. Assume that business folks just needed a reminder about the risks they play with, and trust them to sort it out.

  2. Ban specific practices. No more credit default swaps, NINJA loans, or crazy levels of leverage. Maybe no more short-selling, either, or certain kinds of financial practices.

  3. Require that financial practices be done in the open. Everyone can see your positions and evaluate them, all of the time.

Option #1 would continue and extend the practices of the last thirty years, which I figure reflects the time we've had since the memory of the Great Depression wore off. Usually, once there's a market crisis, people suddenly remember that financiers and businesspeople aren't actually omniscient, or necessarily virtuous.

Option #2 is an obvious choice. If banging your head against a wall hurts, stop doing it. If credit default swaps have damaged companies, industries, and economies, stop doing that. If short selling has results that frighten people when fear is a problem, order it stopped. Unfortunately, this option has some problems of its own. First, there actually are benefits to many of these practices. They facilitate a lot of transactions, and provide critical pricing information. Second, there are many of these things already out there, and unwinding them is not a simple project. That comes with its own costs, which is part of why governments are looking into playing the role of 'patient capital.'

Option #3 is the terrifying choice. Transparency and privacy are more or less opposites, and it seems painfully clear that markets work most efficiently, setting the best prices, when maximum information is available. What's more, we even have the systems we need to manage all of that information today - so in some sense, we're ready to move into the panopticon.

Think, for example, about an investment vehicle composed of a collection of mortgages. No one wants to touch these right now because it's not clear which are suffering and how. (Not only that, but it seems like banks have even misplaced the documentation for them.) Imagine systems which let anyone inspect that collection of mortgages, to see the most recent appraisals on the properties, payment histories, updated credit ratings for the debtors, and information about nearby and comparable properties.

That's a lot of information, a lot of it information people consider to be their business and their business alone - but it would also allow buying and selling of these vehicles with a clear understanding of what's involved. Instead of mixing and matching mortgages to try to create an acceptable aggregate risk, the pieces would explain their own risk.

Scared yet? I'm not sure how comfortable I'd be with such systems, but at the same time that's the primary market-based approach that I can imagine actually fixing these problems. Worried about your bank? Check out its loans and assets. No, really - check out its loans and assets. They'd have to actually list such things. Short selling could still be out there, but there could actually be a market for borrowing the stocks, instead of the quiet arrangements we have today. Folks who want to buy or sell stocks without actually having the money would be noticeable. Crazier yet, contracts might even be public documents rather than secret agreements that only come out in case of a lawsuit. Want to find out what your insurance really covers, and what their payments look like? Want to invest in a company, but find today's SEC filings pretty weak?

I know - it's a lot to think about. It's pretty much an inversion of my expectations growing up. At the same time, though, if we're certain that we want free markets to operate smoothly, it's a terrifying prospect we need to consider.

Begging for corruption

|

I spent most of this week in New York City, marveling that everything seemed so normal while the financial markets crashed around us. I've been worried that the end of the party was going to come with an incredible hangover, and was glad to hear that the Treasury Department, after years of tying its hands further and further behind its back was finally doing something.

But now it seems - well, it seems like their big idea of doing something involves making sure it's done the worst way. Maybe not quite the worst way - it's not Mellon's "Liquidate labor, liquidate stocks, liquidate the farmers, liquidate real estate."

It seems to be the next worst way, however, judging from what I've seen of the proposed legislation. Lots of power, and $700 billion of borrowed cash, to the Treasury Secretary, with basically no oversight unless the President feels like firing him. There's vague mention of semi-annual reports to Congress, and then there's this barrier to anything effective:

Decisions by the Secretary pursuant to the authority of this Act are non-reviewable and committed to agency discretion, and may not be reviewed by any court of law or any administrative agency.

Oddly, for a proposed response to a disaster in which not knowing the value of securities is a key problem, there isn't even provision for publication of the terms on which securities are purchased.

The financial situation looks dire, but it's hard to imagine that this is an even vaguely respectable solution. It looks like a promise to reinflate collapsed bond markets, with no efforts whatsoever to correct the behavior that collapsed them in the first place. It's a $700 billion spending spree on assets whose value is opaque at best, worthless at worst. The companies that bought, sold, and created them can just go on their way - it's not clear what, if any, 'haircut' they'll be getting. The "Credit Reform" section points to law regarding HUD loans, and seems mostly about bookkeeping rather than reform.

It's also hard to imagine adding to the power of an already power-mad executive branch in an administration that seems not to understand boundaries. No review, no oversight, barely even a formula for acquiring these assets. How much money has to disappear in sweetheart deals before people finally get mad?

Big problems call for bold solutions - but this seems to be very bold, without much solution.

Who's got the power?

|

I've been thinking lately about the different styles of the Clinton and Obama campaigns. Doonesbury had some fun with the "poetry of Barack Obama" vs. the "prose of Hillary Clinton", but I think there's something more complicated underneath.

Both candidates promise change, but their rhetoric - or what I hear in it - offers a very different perspective on the power needed to make change happen.

To me, I hear Hillary Clinton asking voters for the power she needs to make the change that they want. I hear Barack Obama calling us all together to make change with the power that we have together.

I could be totally off-base, and this may be as simple as the number of times Barack Obama says "we" having some effect on my mind.

(And I hear John McCain mostly asking for power to do, well, whatever he and his friends want to do. I'm not sure why we're supposed to give it to him, but then I wasn't particularly sympathetic to him anyway.)

In business history, there are a few industries that especially stand out for their lack of interest in the welfare of their workers, the places where they work, or pretty much anything except the bottom line. Mining of all kinds is historically awful, as are oil and gas drilling. Related industries - refining, smelting, and electricity generation, aren't particularly beloved either. All of these can be called extractive industries, as they seek to get something out of one place and bring it to another place.

The basic problem with extractive industries is simple: they try to serve their customers, while making the most profit they can. Since the results of extractive industries are usually generic commodities, it's historically been hard to seek premium prices from customers for better quality or behavior. Profits need to come from reduced production costs. There's often a geographic separation between their customers and the place the goods come from. The more drastic the separation, the less likely it is that the customers will care about the consequences of the extraction, freeing companies to cut their costs of production.

I should pause to be clear that I don't mean to say that extractive industries are evil by their very nature. However, economics suggests and history by and large supports the idea that the internal forces that drive decisions for these business don't always feels so good to those on the outside.

Wind energy is often cast as a key technology that will rescue us from other, more polluting, extractive industries. This perspective makes a lot of people more willing to dismiss people who aren't thrilled by wind power as the occasional crank, while they'd happily support the same kinds of people if, say, mountaintop-removal was at issue.

Assuming that windmills are perfectly clean and that they have no side effects (uncertain), how could they possibly hurt the places in which they're installed? It's not a coal mine spewing tailings, right?

It's not. However, there are still a lot of factors worth contemplating. Wind farms tend to be out in the middle of nowhere, and generate power that needs to go to homes and businesses in denser areas. That means more transmission lines. Transmission lines, however ugly, have become a standard part of the landscape, though, so how can you complain about those?

Well, again, the investors developing these megaprojects want to get the maximum return on their investment. That means selling power where power is most expensive - typically not the places where the power is generated. In New York State, for example, electricity generally costs considerably more than it does in other states. Not only that, but power costs more Downstate - New York City and its suburbs - than it costs Upstate - where the wind farms are likely to go.

The answer, for smart investors? Build a huge powerline connecting the cheaper power to the more expensive power, and sell the same electricity at a significantly higher price. The side effect of that arbitrage will of course be higher prices in the area that used to have the cheaper prices - but that's not the investors' problem.

Sure, there might be local opposition, but that's what friends in Washington are for. Just like the other extractive industries, energy businesses of all kinds have some very nice support from a federal government that lately doesn't have much patience for federalism.

And hey, look at that - there's lots of money pouring into wind, lots of it coming from oilmen and power companies.

I don't mean to rain too hard on wind energy's parade. It's an important component of our future energy generation. At the same time, though, I think we need to give the promises of all kinds of energy investors the same kind of scrutiny we give the promises of oil companies. There's a lot more going on here than free energy.

Capitalism, finance, and trust

|

Making capitalism really work - not just supply and demand, but the rich level of investment that really powers the system forward - requires a sophisticated finance system.

The human fuel that drives capital, epitomized in Gordon Gekko's classic phrase "Greed is Good," is good at building up that financial system. People would generally prefer to have their money making money for them than to be laboring directly for a wage. It's easier.

Unfortunately, that same fuel that drives people to create such systems also erodes the systems they build.

Why?

Because sophisticated financial systems - even just a bank - require a massive amount of trust in their operation. Financial systems aren't perfectly transparent, and thrive in large part because people don't wonder why their deposits aren't sitting in the bank vault at all times.

In the very long term, of course it makes sense for a self-interested financial operator to build and maintain trust. The returns will be more reliable because the many systems connected by the operation will have a much smoother and more predictable set of opportunities.

However, humans don't tend to live in the very long run. That same greed that drives the creation of financial institutions can undermine them severely when short-term profits are readily available, and when ethical or outside regulatory frameworks aren't strong enough to keep operators focused on the very long term.

To make matters much much worse, human trust doesn't go up and down smoothly. Trust tends to accumulate slowly, but collapse suddenly. The discovery of one lapse leads to suspicions of other lapses, especially in a sphere where transparency isn't always possible.

Right now, it seems very clear that a large part of the recent American economy was driven by fraudulent operators seeking short-term profits. Those operations were then sold to a much larger group of investors thanks to creative repackaging that freed those operators from the risks they had incurred and paid them well. The hard question is just how poisonous that breakdown of trust will be to the larger system - not simply in the numbers on the balance sheets, but also in the trust that lubricates markets overall.