Sjoerd de Valk

Clear, Swift, Analytical, Pragmatic and Safe, Can-Do - preferably Automated.

Role

Freelance Cloud SaaS & iPaas Solution Consultant and FOSS aficionado

Responsibilities

Giving it all to improve continuously.

Likes to do...

Migrations! Moving away from proprietary (cloud) platforms to Free and Open Source Software

39 minute read

While I have to start this post with some alarming observations about the state of our world, I also aim to provide some ideas to try and tackle the very big challenges of our time. These musings may sound radical and are indeed Utopian in nature and might not even be ‘novel’ when regarded separately. But hey, mainly I just need to write something down, for Pete’s sake.

You must know beforehand, I am in general not in favor of ‘revolution’ and ‘war’ as means to solutions of our problems, I have to believe we can fix things, when necessity demands, usually in the nick of time without resorting to destructive and radical methods.

Ultimately this post comes to a singular recommendation about ditching WhatsApp as a messenger for something that better ‘fits’ the times we are currently living in and represents my ideas for the future a lot better.

If you have an opinion about this subject or have musings of your own you want to share, please leave a comment.

Present-day: “Oh, what a tangled web we weave…”

In a time where Big Tech, Big Finance and Big Pharma (let’s call them ‘the Bigots’ from now on1) are redefining our collective human consciousness, bypassing any single country’s laws and regulations by pumping around money on a global scale and clearly insisting it is better to pay the sporadic fine than actually paying taxes.

In a time where governments are trying desperately to control the masses by having them registering for any public outing (i.e. CoronaPass: brought to you by the Bigots) and leaking all that Personal Identifiable Information (PII) in unparalleled quantities through, preferably centralized, government institutions which as we all know condone and even promote, at the very least, subpar IT security practices. Those institutions are also relying on a select few of actually knowledgeable IT personnel, usually outsourced. A pure heaven for bad actors and intelligence operators of dictatorial states to snoop around.

In a time where the general public is more divided than ever and one person’s truth is diametrically opposed to another person’s truth. An excellent article I can recommend explains this in detail. Truly Noah Harari-style, Saturday morning reading material!

The path to my new messaging app - A Utopian tale The trinity of the B’s: Big Brother, Bigots and Bullies

In a time where Google is re-engineering the internet by concocting their own protocols like DoH and QUIC2, making an effort to having every single data packet routed through their own proprietary infrastructure.
In addition to having the largest ‘browser’ and ‘OS’-base (Chrome, Chromium-based browsers, Android and ChromeOS) with the sole purpose of gathering an insane amount of data on everybody and using this data to be able to profile people and as a result make their ad revenues go through the roof. It all boils down to money and power and this alone should make one sad, because where do ‘responsibility’ and ‘accountability’ for all this come in? Please don’t say ‘the board’ or ‘shareholders’, because those entities are also only interested in the bottom line: money and power. The ‘common good’ never even comes in to this.

In a time where influence peddling and nepotism (or just plain corruption) in politics results in massive public funds leakage channeled through cunning CARE/CURE, Education and Real Estate entrepreneurs. Mind you, all these fields of ‘business’ correspond to basic necessities, which are guaranteed by any western democratic constitution and made possible by us all by paying our taxes.
We are being sucked dry like a fatigued dwarf in the presence of an unscrupulous, dehydrated Urist McBloodSucker in Dwarf Fortress who will most likely get away with it and do it all over again.

In a time where Meta (in this case: Facebook) presents an almost 40 billion yearly (2021) net income by scavenging consumer data and profiteering from consumers on a massive scale while at the same time actively dividing the general populous into ‘diabolical bubbles’. All in the name of ‘Everybody is entitled to their own truth and who are we to say otherwise’. I ask my self: “Is this the ‘service’ we need or deserve?”

Dilbert 2000/11/13 - Same thing as Spam Dilbert 2000/11/13 - © Scott Adams

In a time where the sheer volume and complexity of legislation constituting ‘the rule of law’, mandated and enforced by any country’s institutions can only lead to the vilifying and criminalizing of said country’s own citizens. This is also inevitable when countries are governed as a corporation, with inspiration-less managers (i.e. technocratic politicians) focusing only on day-to-day affairs and waiting for the next ‘crisis’ to pop up. Such a country inevitably will see any broad support of its institutions wane for a long time to come. The IRS debacle on childcare benefits in The Netherlands is a great example with only one sad bottom line: Your government and its institutions obviously do not trust its citizens, so why should we (the people) trust these institutions?

In a time where human kind is led to believe, by unelected and unreprimandable rich folk like Elon Musk and the ‘Big Zuck’ himself, that wasting enormous amounts of energy on cryptocurrencies and walking around in 4D metaverses is a good thing. Let alone the level of insanity, profanity, intolerance and utter trash we as society seemingly want to condone inside the last mentioned ‘verse’.

In a time where people are actually paying for their own surveillance by three/four letter agencies and Bigots alike through the acts of buying smart doorbells, home assistants and even smartphones with more and more advanced biometric sensors, cameras and microphone arrays. These consumers are (unknowingly?) dragging themselves and everybody around them further into an already huge cesspool of distrust and surveillance. This means that even people who do care about civil liberties, privacy and democracy can not escape the excessive monitoring and surveillance that is taking place. I invit you to watch the ‘Techlore’ channel on the tube or Odysee to learn more.

I ask myself these things:

  • What will this all lead to? When reading up on our recent human history (and we all went through this numerous times, by the way. Every time with the same inevitable outcome…) the answer most likely is something like this:
    1. the concatenate causes and triggers: →
      (a) a deep distrust of the general public (by governments and that same public of itself) AND
      (b) a deep desire to prey on peoples naivety for vast amounts of money and power (by the Bigots and every modern capitalist enterprise, most prominently the ‘platform’ and/or ‘gig’-economy’) AND
      (c) an ever growing list of scarce products and services
    2. mass surveillance →
    3. manipulation/censorship of content, press and individuals →
    4. ‘strong man’ politics →
    5. oppression of minorities at first, but the general public later on through marginalization of The Trias Politica and prosecution of the press →
    6. (corporate?) dictatorship →

    7. (perpetual?) war!

      In my opinion we are already seeing stage 4 and 5 happening before our eyes and stages 6 and 7 are just around the corner, considering the actions of mr. Putin in Ukraine and growing agressiveness of China concerning Taiwan, the borderless lawlessness of the Bigots and the rise of individual corporate megalomaniacs like Musk and Zuck.
      In such conditions people will only be able to ‘survive’ and certainly not ‘build’ a glorious, sustainable and peaceful future.

  • What can ‘I’ do about it? The answer not surprisingly would be something like:
    • Nothing much really, the issues we are seeing are systemic and are not solvable by any ‘one’ individual. The global ‘system’ has to be willing to see these paramount issues, acknowledging that there can only be a future for mankind if the earth and the fantastic biodiversity it contains is cared for and by doing so force itself to change. This is not something systems are good at…
      • A lot of (willfully?) uncaring/indifferent/ignorant people are not helping: glued to screens, busy competing in the ‘infinite scrolling’-race and appeasing their managers in their workplaces while doing so in ‘our great inclusive corporate culture’, instead of thinking to themselves “What am I actually doing? What purpose am I fulfilling?”
      • a sizable force of IT professionals are making it happen (without questioning their overlords and without asking themselves “Who has the most to gain from my ingenious IT system?”) and finally
      • a handful of powerful/rich people with their political lackeys (lobbyists and politicians alike) have a clear interest in making it happen. Money and power as their main motivators.

So why bother? The situation has, as stated, progressed to being ‘systemic’ and it seems that humans are hard-wired to destroy themselves in various political, commercial and lately also technological exploits, over and over again. Just like the late Roman empires collapsed under progressively worse food/grain shortages (which Putin is causing right now) triggering a long 900 year period known as the Dark Ages. Furthermore opportunistic divisive populists are trying to enrich and/or empower themselves and divide the general public in the process (which has been going on for decades)… Nothing is new, really. History just repeats and we don’t seem to want to learn. Or do we?

Utopia: Musings on “We can do better”

Well OK, after this feeling of ‘real’ dystopia creeping up on me (and maybe the reader as well - my sincere apologies, by the way), I can not let go just yet. I have to try and hope that we as a species are capable of turning these tendencies to degenerate, wither and decay around. The key thing being: ‘as a species’ and not as ‘nation states’ per se. While nations serve a very good purpose in the organization of it all, we have to take the planet as a whole into account. If the planet fails, all nation states will also fail. If anything we should look at the big multi-national corporations which already have this head start.

:heavy_check_mark: So, what might we do?

I would like to present the following paramount aspects of society, which I think are in need of drastic reform in an effort to confront the issues of our time head on:

  • Ecology and science
  • Government and politics
  • Law and jurisprudence
  • Economy
  • Technology

I have to reiterate the introduction of this article by stating again that these thoughts are highly Utopian, idealistic and somewhat radical in nature, but I just like to think everything is possible.

Ecology and science

Hydrogen production Hydrogen - The way forward

First off, we really need to tax the crap out of all the insanely rich folks (the easiest thing we can do by the way), so they just stop ‘buying Twitter for 44 billion dollars’ (Musk) or ‘fly to the moon or Mars with their well-off friends’ (Musk, Branson), ‘buy remote islands, to get away from the ordinary folk’ (Zuckerberg) or whatever silly and/or wasteful thing they might think is a good idea (it usually isn’t!). The same tax regime should be implemented for multi-nationals profiting from extreme scarcity in undesirable products and services (like crude oil or natural gas companies). That way we can collectively use those funds to do some overdue maintenance on public utility services (roads, water, power, etc.) and truly make efforts on the sustainability front. Some tangible examples of the latter would be:

  1. Building massive solar wind parks in places where there actually is a) vast amounts of space available b) have favorable weather conditions most part of the year and c) have a reasonable amount of political stability like the desert planes of Argentina and Namibia.
  2. Building desalination plants with complementary solar/wind parks in northern Africa that both provide fresh water and employment while at the same time generate hydrogen fuel. This makes up the equation quite nicely: Free energy of the elements + salt water + human engineering skills = fresh water + employment + clean energy. WIN + WIN + WIN. Efficient storage and transportation of hydrogen is still a bit sketchy3, so this will need more research and funding. While promising new research is ongoing that tells of vastly more scalable forms of hydrogen production than desalination plants can offer still need some funding, as well.
    The following innovations offer seemingly less costly building and maintenance funding to get started:
  3. Building geothermal plants in any seismic region to harness the free and powerful energy of the earth’s core and again produce hydrogen fuel at some scale and in the process forge some metals as well. Look at Iceland and their efficient metallurgy for instance. While not being the perfect solution, the energy produced is still as green as it gets. Important to understand, in my opinion, is that we don’t need very efficient conversion rates if the ‘base’ energy is free, green and we can produce a vast amount at any location.
  4. Incorporating updraft tower designs in the previous examples would potentially result in a huge increase in energy yield. so ‘combining the tech’ is key here, we need to find energy creation synergies!
  5. Building massive nature friendly hydro power installations in naturally converging waterways like in the English Channel or run-of-the-river installations in fast flowing currents like the Rhine or Danube rivers can also benefit from an omnipresent natural energy.

With all my heart, I truly believe that if energy is cheap, abundant, portable, available to everyone and produced, stored and transported in a 100% sustainable manner, that a new era of prosperity, peace and advancement of the entire human race can begin. If only we could set our petty differences aside and jointly build towards this shared future. Such a world could potentially begin to contemplate having a permanent human presence somewhere else than on Earth, but not before we have saved our own planet.

Having the science bit covered for at least a tiny bit, we also have to reorganize ourselves and think of some very new forms of government. Otherwise, will we always be stuck with the described forms of government as written down in archaic texts like Plato’s ‘The Republic’ or Aristotle’s ‘Politics’? Will we finally have some evolution of these works? Government/Society 6.0 perhaps (Yes, I just found out Society 5.0 is actually ‘a thing’ already, clearly not enough though…)?

Government and politics

Forms of Government Old school - Forms of government

In any case we need to do away with tedious layers of middle management everywhere and declaring self-organizing autonomous teams with full operational and financial mandate the de facto standard for our future society.

Why should we first invest a small fortune in our citizen’s educations and then treat them as idiots and little children when it comes to governing? Only having both the capabilities and the mandate to make something happen is fulfilling in any case. Make it so!

We need to make the switch to these kinds of teams happen in any branch of the working classes, in both public and private sectors. “The (educated!) workers, know best. Let them handle it!”. We have to face the fact that in our current societies loads of people are doing jobs that no one needs doing (“Those who can’t do, teach.” How many ‘work coaches’ do you know? Insane, right?) and a lot of hands-on technical and socially focused jobs remain unfulfilled, effectively crippling society.

That does not mean the people don’t need true leadership or a nudge in the right direction every now and then, which entails:

  • the creation of a shared vision,
  • the forming of a strategy to achieve and protect/defend that vision,
  • the inspiring of the masses to align themselves with that vision,
  • employing some high-level organizing talent,
  • dispersing funds in a ‘hedged’ manner, never betting on one horse and finally,
  • adding some clear and simple high-level law and justice.

But we need only very few of these ‘leadership’ kind of individuals and they should be ‘the best of us’. ‘Nestors of the polity’ if you will and certainly not the endless batteries of mediocre middle management hierarchical types that (we?) think are still calling the shots. Most probably a hierarchy of teams will still form and leaders within the autonomous teams will emerge, but it will be far more lean and direct than is the case in our current corporate hierarchies where the left hand doesn’t know the right foot even exists.
I can envision a future where we transcend representative democracy, minimize bureaucracy, restrain the Bigots and organize ourselves on all scales (from global to very local) where and when needed and this time we don’t forget to dissolve these temporary alliances when they are no longer needed and thus the system will remain ‘lean’, flexible and on a human scale.

I think the Swiss model of a direct democracy is ultimately necessary to have these previously mentioned ‘autonomous teams’ flourish, but first we need to have the populous ‘get used’ to their direct involvement, as a member of the legislative part of the Trias Politica.
We need to start simple because the basic skill of ‘self-determination’ and thinking beyond ones own selfish needs has been eroded away through years of neglect, de-education, fostering of opportunism and pragmatism and finally: oppression by current so called democratic administrations (also known as our elective aristocracies).
The art of ‘Citizenship’ where respect of the minority vote and moderation is a natural thing, has to be re-learned. So why not first introduce the ‘minority direct democracy’, which is relatively easy to integrate in our current representative democracies.
The main idea of this form of democracy is that the political opposition and the general public always have the ‘right of referendum’ on any decision postulated by government.
As governments over the years have consistently shown not to act primarily in the best interest of the general public and democratic forces in the world continue to decline year-over-year, it is high time the people directly interfere occasionally and have real public debates restored as ‘the norm’ of political discourse.
Of course this right of referendum should be very carefully wielded to prevent an immediate collapse of involvement of the general public. All parties involved in the creation of legislation have equal responsibility in keeping the number of referendums in check, that includes the Government itself. A government should really start thinking: “Does this proposal serve the common good?” and “Doesn’t this proposal obviously violate our constitution?”, before even proposing it.
If it wasn’t clear by now: we as a society desperately need active involvement of ordinary citizens in the decision making process, because the alternative is bringing forth the next large body of people used to saying the phrases ‘Wir haben es nicht gewüst.’ and ‘Befehl ist befehl.’. And we all know what comes after…

Law and jurisprudence

Try cutting through the red tape Try cutting through the red tape

Thirdly we also need to completely reset our convoluted, bloated western Books of Law and institutionalized rules and regulations. This is because we simply haven’t got the manpower to support this top-heavy apparatus any more. Less people that can do the work should mean less rules and bureaucracy, not more. So think of a more ‘lean’ system that knows how much load it can handle. We can achieve such a thing by prioritizing the ‘human’ dimension/scale, relying on the fact that the educated workforce will make their own optimal decisions and that they will recognize and act on opportunities when these smaller communities need to trust each other, work together to achieve something great and take care of their weaker members. This new set of rules and regulations should be much simpler than what we have now and only allow for a very small bureaucracy overhead to exist at any level of government. Introducing a ‘universal basic income’ policy would drastically reduce bureaucratic overhead and at the same time reduce complexity in a very efficient manner. Additional implicit benefits to the care/cure sector would also make this a very economic action to undertake.

Amending the constitution to also include the ‘right on a healthy living environment and biodiversity’, together with the ‘right of secure and private communications’ would be good candidates to begin with, followed closely by reforming tax law to its very essentials. We need to embrace the fact that taxing ‘capital’ a large chunk more than we do now and ‘labor’ a lot less, will result in a more sustainable, a fairer and ultimately a more livable world. Furthermore the previously declared ‘autonomous teams’ should be in charge of promoting the practical rules that work for them to laws through their ‘direct democracy’ powers and direct influence on city/municipal officials, while still being able to lean on a general charter and high level constitution.

In general: keep it simple, stupid! It should not be needed to hire an expert just to import a car from another country or buy a house even. While notaries and appraisers will still be necessary of course, but real estate agents? Do we need people in that profession? Really? Sounds like ‘the middle man’, or middle management to me. I say, away with you rules and unnecessary jobs, away!
I can also imagine that the amount of civil cases where a plaintiff is suing a defendant for a sum of money drastically reduces, because capitalist motivations are not the norm anymore. The same goes for small-time money motivated criminal offenses. My hope would be that this will reduce the amount of layers needed as well.

Economy

Money, money, money Money, money, money

The fourth area under scrutiny is ‘Economics’.
While capitalism might have suited the world perfectly since the Renaissance era it is now clear that lots of people/companies have explored the very edges and cracks of this system for just too long and have finally corrupted it to a point that there is no saving it: global accumulated wealth has flowed down into the wallets of a very small minority of people and the ecology of our planet has taken a nosedive due to over-exploitation to keep up with consumerism (Read all about #EarthOvershootDay to know more). Both observations can be categorized as ‘unsustainable’.
With regard to the global financial stability in this age of capitalism we have already seen the emergence of several major ‘artificial growth’ rackets from the year 2000 and further (i.e. creating money out of nothing). The situation has not really improved after the financial crisis of 2008 since the total size of the global ‘derivatives-based’ economy is estimated to be at least 5 times larger (USD1000 trillion) than the actual value of the assets covered by these derivatives (USD200 trillion, with high fluctuations due to unstable global interest rates). So even as it may seem to most that we have recovered from the financial crisis of 2008, the financial world still has this major ‘bubble’ present to deal with. When interest rates will rise (as they are doing right now) capitalism will again shake on its foundations.
So, the ‘real’ economy has absolutely nothing to do with the massive ‘artificial’ markets that now exist and holding us all hostage. We are also slaves to concepts as ‘inflation’ and ‘interest rates’, which are in fact strings on a puppet of our own creation. It’s about time to cut those strings.

An alternate economic system (or in fact two systems) where one fulfills community basic needs and another the individual, personal ‘consumer’ needs (by implementing a voucher system) was already thought out in 1997 by Takis Fotopoulos4. It is called the Inclusive Democracy economy. While such a system, after initial review looks suspiciously like communism, it actually is very democratic and utterly gratifying when seen in conjunction with its proposed social, political and ecological concepts.
It all boils down to a system that does not focus purely on work and economic output (like pure socialism, communism and capitalism do), having a job is merely “one part of a meaningful life”. Ultimately the concept of ‘shareholders’ is replaced by ‘stakeholders’, who should be the same people who are running the company (or are present in the direct vicinity of said company). This is something we could adopt as one of the first things while transitioning to the Inclusive Democracy by the way, just to have us all practice with the greater political, sociological and environmental responsibilities looming around the corner.
This system does rely on the premises that the great majority of citizens share a common understanding of society (i.e. education and character development), that the greater majority of people share a comparable level of wealth and possessions (i.e. purchasing power and owned property) and that both the individual and the community can exercise their autonomy (i.e. freedom).
Predatory and abusive people and behavior, both of which are very prominent in the current capitalist system, would of course still occur (people will be people) but they can be corrected quite easily because of the ‘local’ character of such a system.
Furthermore, the autonomous teams in such a confederal society will direct themselves towards doing exactly that what is asked by others in their direct vicinity, they can play the ‘supply and demand’-game far more directly than would be the case if a large corporate or government bureaucracy were in play. A great example of a company that works exactly that way and is very successful at it is called W.L. Gore and Associates. This is the company that brought the world Gore-Tex™ by the way.
The two economic systems in play with the Inclusive Democracy have strong similarities to the ‘welfare states’ of many Western European countries in the 70’s and 80’s of the previous century. In those times a clear divide between public/state-run shared ‘utility services’ and the private sector (aka global market economy) was present. We could actually ‘vote out’ certain parties and ministers if they were messing up our shared water/energy supply or basic health insurance. In this system accountability for our community shared services was entrenched in the democratic process and we have sadly lost this power after the 90’s, due to the idea that ‘the market’ could do a better job (more efficiently and cheaper). Well they certainly have proven to be a ‘cheap’ bunch, but also an unaccountable one as shareholder in the current sense only value profits and have no regard for issues that may arise or are a direct consequence of earning those profits. ‘Progress’ since the 90’s was hardly synonym to ‘improvement’. In the Netherlands 40 years of doing it ‘the capitalist way’ has polluted the air, water and earth to the extend we need to take drastic measures to correct this mess and make the environment livable again. We can however still correct the policy that brought us here, but we’ll have to do it with a twist: according to Inclusive Democracy standards.

Other economic systems might appeal to the reader though, but might not fit the other aspects of society that well.
I must admit that the economic side of an Inclusive Democracy feels a bit underwhelming, but that is to be expected as the the whole point of such a transition would be to prevent the excesses of the current system and focus on sustainability and inclusiveness, like pursuing the global goal of having a cheap, abundant, portable and available energy supply for everyone.
So as an example we might say that ‘personal goals’ in such a society would transition from something like ‘I’d like to make 20K more this year than last year, so I can afford a plane trip to Japan’ to ‘I’d like to make our community energy storage capacity 20% bigger, so I can make that trip to Japan I always wanted, with a zero carbon footprint and without impacting the community’s resources’.

It’s mind-boggling if you start to think about it! Small steps though, small steps.

Technology

Low level security and privacy by design Low level security and privacy by design

Finally, a total reset of the field of Information Technology is needed as well. Where everything from hardware to protocols and finally the apps and (God forbid: metaverses) are all re-engineered with a ‘privacy and security first’-mindset off the bat.
If you just look at the Bluetooth-stack (introduced in 1998): everything is just wrong. That’s because nothing and no one in the process of developing the hardware, software, protocols and apps for Bluetooth in that time had any incentive of looking very deliberately at security or privacy concerns on a holistic level. It basically just ‘had to work’ and the quicker the better. Now, we find out, it is the very insecurity of the stack that makes it an ideal ‘base’ for a grotesque global tracking apparatus we know as the CoronaApp. Turning off Bluetooth on your devices seems like a very wise decision, although some of the Bigots makes this very hard to do anymore…

Even more fundamental: the whole principle of how network routers/switches/adapters and other hardware were designed in the 1960-70’s and how they are still being built and used today, with their semi-unique and easily spoof-able or otherwise easily to track MAC addresses embedded in their ROM makes it evident we need to start from scratch. Building a house on top of unstable foundations will inevitably lead to a premature collapse of the entire structure.
One idea would be using a public/private key system with a hardware accelerated secure enclave on each and every networked device involved in digital communications, like routers and switches but also laptops/desktops and IoT devices would be a great start.
It would and should take an extreme amount of energy trying to track someone in this ecosystem because of all the device, data and transport encryption and vast amounts of data packets being sent and received at any one point in time. So getting the ‘OK’ from the District Attorney’s office to put a tap on someone is going to involve a business case: do the potential benefits outweigh the costs? This will keep governments and their agencies in check, is my thought, because funding has its limits. It will certainly make it impossible to track ‘everyone in one go’, thus preventing the feared ‘police/surveillance state’.

The interlude: Will there be a technical bit in this article, or just a pile of Miss Universe-style ‘Peace for all’ dreamy nonsense?

Privacy and Security Measures Privacy and Security Measures

OK, back to the practical ‘small scale’ present, focusing on small scale networks and workstations. Just suppose that, at the very least, I want to make the short term effort into making it a little harder for some of those ‘too big to regulate’ companies plus their subsidiaries and overly data hungry government agencies to track my every move?

Some while back I drafted a series on how to make a small effort in that direction, ultimately obfuscating your network’s DNS traffic through Tor. Furthermore I am truly inspired by articles that advocate the idea that more privacy means more democracy.

Even more recently I also switched my ‘daily driver’ machine (both for personal and work related activities) from Windows to Linux (might be worth a separate blog…).
It actually took about a month switching over all my personal and work related ‘workflows’ to a Linux equivalent, swapping out proprietary software for excellent FOSS alternatives where possible. I can just say: it is do-able, if (a) you know some scripting language (I use PowerShell (which works cross-platform and is licensed under a MIT license nowadays) and some Bash) and (b) are not afraid to research technicalities and alternative applications (I use Startpage.com, Brave Search and DuckDuckGo in favor of all other Bigots’ services for searching). Obviously I also use a hardened Firefox as a browser (Although Mozilla’s allegiances are not that transparent lately, I just know I want to get away from anything Chromium-based, just for the sake of balance).
Overall I am totally happy with the result and I feel like loads of ‘telemetry collecting instruments’ have suddenly stopped rattling. The silence is deafening, my Pi-hole is pleased as well. It’s incredible to see that my old MacBook Pro from 2013 is actually running faster on Linux right now, than my Dell XPS 15 from 2020 did running Windows. Go figure.

The dilemma: What about Messaging? That was the title of this article right?

With this article I try to show what kinds of musings I had to answer the ultimate question:

“How do I get rid of the biggest ‘information hording’ scheme in the world: WhatsApp?”.

So long WhatsApp So long WhatsApp

Why?

For some time now the Meta (Facebook) PR department has presumably been working under quite some strain because of predominantly bad (and well deserved!) media coverage. Privacy scandals, whistle blowers and service outages have been running rampant at 1 Hacker Way, lately.

So I just presume everyone had at least already contemplated ditching Facebook, Instagram and all other Meta services. For me it’s a no-brainer, really. WhatsApp however is a different beast entirely as it suddenly replaced the old Text Message (SMS) service, which was a very useful service back in the day and because it was ‘the first’, literally everybody, especially in Europe and India, is using this App. WhatsApp also used to be an independent company before being incorporated into the Facebook company, so there was that ‘siding with the little guy’-vibe as well. If governments had a decent and effective competition policy (i.e. not corrupted by lobbyists) this might have been prevented.

Now it’s obvious that it was a big mistake on our (the consumer) part to trust a singular commercial organization with the vast amounts of personal data that can be gathered by controlling a very dominant messaging platform that WhatsApp is. The insight that comes from knowing exactly who is connected to whom for practically everybody on the planet is just too great a power for any one private party to wield.

What?

Welcome to another part of my musings where I propose the introduction of a global private and secure communications system. As I was already hinting: We need to take this communicative power (now in the hands of a single corporate entity with a dubious reputation) back and put it under the accountability of a political institution with great enough global reach and trustworthiness like the United Nations, but at the same time we need to keep the (meta)data such a system holds as decentralized or preferably non-existent as possible. Because this particular institution *the UN) itself suffers from terrible flaws like ‘having permanent security council members’ with ‘veto powers’, we do have to make sure that the executing body concerned with Global Private and Secure Communication Services (let us call it the GPSCS for short) is managed like the International Space station. This means that even when member states are at war with each other or simple can’t stand each other, the mutual benefit for all countries involved to keep these communication services online, outweighs the interest of a single (powerful) country to do the opposite. At the same time a dissident country would need to have the possibility to disconnect itself from the global network, without impacting the network as a whole and without hindering domestic services.
Furthermore to make this system more robust, ‘privacy by design’ and ‘data minimization’ as general principles with the GPSCS as its more specific implementation, should be guaranteed as a fundamental human right by both local constitutions (preferably) and global charters and treaties (mandatory). Finally the chairman of this agency should be elected directly by the world’s people.

As long as countries have their own legal process and jurisdiction (which should be fully supported by this messaging system), each country wishing to participate in this global initiative should have their own local data centers, ‘zip code’ system and ‘edge’ facilities set up. This would allow for secure and private communications with senders and recipients within one country, to stay within that country’s boundaries, while at the same time allow for seamless secure international communication between countries as well, with an additional layer of country-to-country specific encryption.

The security and privacy of this global system, its local subsidiaries and related physical infrastructure should be audited regularly with reports published as a whole for the entire world to see. An institution resembling the International Atomic Energy Agency (IAEA) would be in charge of executing these audits and composing the resulting audit reports.
With regard to law enforcement: messages can only be temporarily monitored (at the cost of a large amount of energy spent, as explained earlier) by an explicit country specific court order with strong suspicions declared. Remember: a business case has to be made! While communications spanning multiple countries need to be policed by an institution like InterPol which has the same operational limitation, but with an extra layer of encryption to be broken (i.e. extra costs).

Maybe direct involvement of the UN and InterPol brings too much politics and indecisiveness to the mix, so possibly it would be more prudent to have a totally separate global governing and policing body (which would act like an autonomous team) financed by the World Bank to administer this system. Independent regular audits would still be required though.

The point here is that an initiative such as the one stated above is why we should pay taxes, to make sure this kind of global secure and private communications is seen as a human right and a basic necessity laid down in local constitutions, just like the postal services once were. And Meta? They can still be a contractor for this project, possibly in multiple countries even, but they should not be allowed to dictate the rules or have the ‘insights’ they have now. The ‘Ad model’ is now replaced by a ‘Tax model’ and the service of Communication is seen as a common good (aka ‘utility’ service) governed by a fully accountable elected representative.

How?

On the technical side of things, while the hardware schematics and the entire protocol of GPSCS should be free and open source, the apps utilizing both hardware and protocols can be provided by private parties (like Meta, although I would probably still prefer an FOSS app any day). Furthermore the data and connections should be constructed in such a way that senders and recipients can always detect if monitoring and tampering with their communications has/had taken place (maybe with some delay to facilitate law enforcement, but in the end the outcome is always ‘undeniable transparency’ up to a level that an individual who was being tapped can trace back who (or which agency) set up the tap in the first place and how long the tap was in place).

Continuously rolling over user, group and country certificates is a must in this kind of system, we have to make the whole system a ‘moving target’ to prevent sustained monitoring and tampering by third parties and at least make sure it will costs a lot of money and manpower to maintain a tap by parties with a legitimate interest.

The criteria: What does a great messaging App look like anyway?

All my musings put aside, one thing that is clear: WhatsApp has got to go. Now! I put together a list of all my ‘standards’, ‘requirements’ and ‘wishes’ I would like to see a messaging app to adhere to, only to come to the conclusion that… there are no Apps at this moment (August 2022, according to my own research) that check every box. Maybe 2023 will be the year for that, but I really have some urgency so I’ll have to make some compromises…

These are my ‘standards’:

  • ==GENERAL==
    • It’s FOSS, will always be FOSS!
    • It’s simple to use, I should be able to teach my mother
  • ==JUDICIARY==
    • The company offering the app (or support services) should be located in a country with great privacy laws, respecting the consumer’s interests above anything else.
  • ==ON-BOARDING==
    • Sign-up for the service does not require a phone number
    • sSign-up requires at most only a username and method to provide a secret
  • ==FUNCTIONALITY==
    • Has ‘1:1 message’ functionality
    • Has ‘Group message’ functionality
    • Has ‘Send image’ functionality
    • Has stable ‘Push notification’ functionality (no missed or delayed messages!)
    • Optional: Has ‘Audio call’ functionality
    • Optional: Has ‘Video call’ functionality
  • ==ARCHITECTURE==
    • Incorporates a distributed design, without single or discernible authoritative servers
    • Infrastructure that is hosted, uses a multi-cloud strategy (should not be the case for a distributed design)
    • Use In-App ‘Tor over VPN’ (or something Tor-like)
      • VPN should be built-in or user configurable
      • Chats should never leave the Tor Network, so no Exit nodes are needed
      • Chats use Tor Hidden Service functionality for routing and temporary storing encrypted communication packets
    • Server side or ‘Node’ software (if any) is independently audited and/or certified
  • ==APPS==
    • Apps are available on all platforms (Windows, MacOS, Linux, Android, iOS)
    • Apps are independently audited and/or certified
    • Apps gather no logs or send telemetry
  • ==ENCRYPTION==
    • Incorporates End-to-end encryption (E2EE), #PrivacyByDesign
      • Sender metadata is encrypted or shielded from all parties except Receiver
      • Message data is always encrypted during transit
      • Message data is always encrypted during rest (might be optional for trusted message stores)
    • Has option to have user managed encryption keys that never leave the device
    • Has option to revoke certificates when they become compromised
    • Incorporates a Web of Trust like PGP Public Global Directory possibly using @.onion identifiers within the own service ecosystem
    • Incorporates a continuously rolling-over encryption key method to make any device, user and data a moving target.
    • Encryption system is independently audited and/or certified
  • ==OTHER SERVICES==
    • Absolutely NO bitcoin and NFTs anywhere!
    • Optional: Secure offline back-up and migration scenarios should be possible
  • ==OFF-BOARDING==
    • Right to be forgotten is respected and ALL user data (shouldn’t have any!) is deleted in an unrecoverable way

That looks like a decent enough list, you say? Apps with these requirements have been popping up like crazy lately, just pick one and switch? Well OK, which one? Is it possible to combine the mentioned functionalities in a simple and coherent way in as few apps as possible? Will I have to keep switching apps and in doing so keep proliferating my valuable user data indefinitely to various app providers?

I researched the following Apps (hardly a conclusive list, but it has some diversity in offering) and have checked those to my list of ‘standards’, to potentially replace WhatsApp:

  • Signal
  • Cyphr
  • ChatSecure
  • Wickr
  • FireChat
  • Telegram
  • Confide
  • Briar
  • Tox Chat
  • Jami
  • Element (Matrix)
  • Session
  • Utopia
  • pEp
  • XMPP

The choice: Wait for it or settle for ‘Good Enough™’?

In my quest to search for a WhatsApp alternative, I have to repeat that at the moment (August 2022) nothing checks all ‘my’ boxes… A lot of Apps in my list even have some serious issues. for instance the main developer (Moxie) of the recently hyped app ‘Signal’ clearly has wrong initial intentions as does Telegram, which was surely never built with a privacy-by-design mindset. I purposely referenced some older articles to make clear that Privacy and Security were nothing more than an afterthought at the very birth of these alternative messaging Apps.

It’s not that I don’t know that creating a secure and privacy respecting messaging app that is also simple to use is an easy task. Far from it, it is very difficult.

To underline this, I’d like to point out this interesting Q and A from Phillip Remaker on Quora to understand the difficulties in securing email, let alone a more complicated system as an instant message/chat/audio call/video call service.

Q: Why isn’t email encrypted?

A: Because encryption is a pain in the ass. State of the art public-key encryption requires a few things that users will not tolerate.

Getting and managing a public-private keypair. This costs money if you hire a reputable CA to manage the key. You also have to periodically re-issue that key and manage revocation if it is compromised.

Publication of your public key. There is no standard way to do this. Keybase has a proposed way of publishing to websites and social networks, but it hasn’t really caught on.

Finding the right public key to encrypt your mail to specific people. This means you need to manage a collection of public keys on a “keyring” and keep that keyring up to date.

Eschewing the use of mailing lists. Since encrypted e-mail, by design, is exclusively for point to point communication, you cannot encrypt mail to mailing lists, only to an exploded list of individuals.

No searching. Since encrypted mail is encrypted at rest, you cannot search the cipher text. You either need to decrypt the mail when stored so it is searchable or give up search.

Again: none of the Apps tick all boxes and it might take a while considering all the complexities involved. So why bother switching and proliferating my personal data to more companies/services than the one I currently have? This only leads to a bigger footprint and attack surface for my data.

The verdict: Making the change

Knowing now that building a ‘Secure Messaging App’ with its encompassing service infrastructure is truly very difficult, surely more difficult than building a secure email system we may have to conclude that our current technology stack is not suited to build a service that checks all my boxes. Or maybe we just need a different vocabulary when talking to users. ‘public-private keypair’ and ‘keyring’ can easily be translated to layman’s terms like ‘your identity’ and ‘your contacts’. Then ‘Updating your identity’ and ‘Refreshing your contacts list’ should be actions that do some complicated ‘certificate’ stuff, but should be totally abstracted when seen from a user perspective, or should be completely handled within an App using some very resilient back-end infrastructure.

That being said and without further ado, the App that I will settle for, at least for now, is Session. The fact that it has some shady crypto crap built in, makes me feel a bit uneasy. Also the App company is from Australia which is a Five Eyes country. The App creators do have a very compelling argument that data they do not have can not be shared anyway (nonetheless I would have preferred the company to be locate outside of Five, Nine and Fourteen eyes territory, to be on the safe side). Finally, the app lacks a back-up function, but I personally don’t mind that to much as I rarely look back at personal messages anyhow and sharing one’s Session ID face to face is a good moment of drinking some beers with friends as well.
All in all, I think it does have some great things going for it: it’s FOSS, it is decentralized, it has been audited, uses Tor, logs no data and leaks very little metadata, is very easy to use (I can teach my mother) and finally no personal information is needed when signing up.

All in all it comes very close to my Utopian sketch of a secure and private global communication system, except we have no guarantees…

Now comes the hardest part: trying to convince my frequent connections of jumping on board as well and most importantly having them ditch WhatsApp all together, so I can too. That’s something for the long term, I will just relish this first step that has been made for now.

Hello Session! Hello Session!

So… ‘Session’ it is! A great video comparing different messaging Apps that certainly made an impact on me was made by Techlore.

  1. Simply because they are conglomerates of egotistical, money and power driven people, reinforcing each other in their beliefs and actions (aka ‘their bubble’) while on the other hand have absolutely no regard for any other individual’s feelings and needs. These groups have perfected their endeavors of driving out, marginalize, ridicule and attack anyone not part of their sect. 

  2. Read more about QUIC on Wikipedia

  3. Elberry, Ahmed M and Thakur, Jagruti and Santasalo-Aarnio, Annukka and Larmi, Martti. (2021). “Large-scale compressed hydrogen storage as part of renewable electricity storage systems”

  4. Fotopoulos, Takis. (1997). “Towards an inclusive democracy: The crisis of the growth economy and the need for a new liberatory project”

You May Also Enjoy

My Wish List for Microsoft Teams in 2023


12 minute read

With this post I will propose some ideas on ‘making Teams better’ in 2023. The paragraphs below are ‘prioritized’, so first things first. I know most of this...