Pages

26 December 2022

Billionaires Are A Security Threat


ELON MUSK’S ACQUISITION of Twitter is particularly hard to swallow because every report of internal chaos reminds us that we may have sacrificed the most promising mode of online communication invented in decades by failing to identify it for what it was back when we had the chance. Musk’s purchase should never have been possible in the first place because Twitter should never have been an asset. It is “the public conversation layer of the internet,” as founder Jack Dorsey once put it, and consequently has functioned as the de facto center of our global alert system through the pandemic. It is astonishing that it is even still possible for one person to own this. It’s like owning email.

In the field of information security, there’s a kind of vulnerability known as the evil maid attack whereby an untrusted party gains physical access to important hardware, such as the housekeeping staff coming into your hotel room when you’ve left your laptop unattended, thereby compromising it. We have here a new analog, just as capable of wrecking systems and leaking data. Call it the “evil billionaire attack” if you’d like. The weapon is money, and more specifically, the likelihood that when the moment arrives you won’t have enough of it to make a difference. The call is coming from inside the house.

The reason this strategy works is that most ideas of any consequence are owned by people with more money than you, and then whenever possible they string them together into a network with the specific intent of making the gravity inescapable. Founders and investors and excitable technology writers like myself frequently use the term “platform” to describe technical systems with granular components that can be used to compose new functionality, and the power sources propelling the technology industry find platforms particularly appealing when the bits can be monetized each time they are used.

A platform is better than an app, or so the theory goes, because you can use a platform to build multiple apps, or enable other developers and companies to build apps from which you might take a 30 percent cut. Whatever its advantages, the Twitter debacle should spell the end of the proprietary platform as a serious technical undertaking, a high profile illustration that they are too risky to trust no matter how strong the code might be. The overly conservative approach to intellectual property that makes things proprietary in the first place is also a liability that compromises everything a company might create because it empowers billionaires to kill them. Whether or not he actually destroys it, Musk’s takeover of Twitter is a case study in how to destroy something, a model for the next billionaire who fancies a social media empire. Our communication channel for the next vaccine we might need is now at risk.

It doesn’t have to be this way, because there is already another platform out there. You just have to know where to look.

Blockchains fight this problem on the deepest level possible. It would be vastly more difficult, or perhaps impossible, for Musk to kill off a blockchain so long as a handful of users objected enough to continue operating independent nodes. Duplicating across many computers means the risk of losing access is infinitesimal; the blockchain is its own API. This comes with different complications, of course, but losing information outright due to a hostile party is not one of them. For example, when the Hic et Nunc marketplace for NFTs went under in late 2021, another version relaunched, putting a new wrapper around the same content. The blockchain acts as a shared resource that forces interoperability, almost like organic self-defense.

Or consider the case of WordPress, the early blogging engine that has since grown into increasingly elaborate general-purpose content management software. It now powers about 40 percent of the open web, with which it is loosely synonymous. A huge economy has sprung up around it: companies that develop websites, developers who work for those companies, indie developers who work for themselves, many of them writing plugins which can be unlocked or extended with licensing fees. This is all possible because the core is open source and encourages the same of its ecosystem. WordPress has been around for a long time and its straightforward RSS feeds decisively lost out to Twitter’s social features, so in 2022 there is a reasonable argument that it is a bit long in the tooth. But we must now understand it to be a bigger technical success than Twitter, simply because it is not at risk.

The rest of the web is even more bulletproof than WordPress because it is a suite of robust open protocols that can never be owned. Computers could not communicate at all without shared models, such as HTTP, FTP, and TCP/IP. The internet was built out of interoperability—even the parts we now think of as closed. There was a time not long ago when that was the whole point of building these things.

Interoperability can be immediately rendered useless if half of the handshake is disappeared, so the next requirement is that you have to keep it all online. The brief chaotic saga of “left-pad” turned this into a high-profile lesson for developers. Most JavaScript code of any particular consequence makes its way to a code hosting service called npm, which makes it available for other developers to import and reuse. In 2016, an engineer who grew angry at the company behind the npm service protested by removing one of his projects, a simple function for manipulating text, which had a ripple effect across the software engineering industry as all the code that depended on it failed, and then the code that depended on that code failed, and so on. It was a hilarious mess, enough to prompt npm to change its policies. Now a software package published on npm can never be removed.

Perhaps npm itself could go away entirely, though. By about 2019, this began to seem increasingly plausible as the company struggled to secure funding. We were teetering on the edge of a catastrophe there—the entire web development industry, from small WordPress shops to large multinational firms, had come to treat as fundamental infrastructure a startup that was not yet on stable financial footing. Companies with the resources to do so began archiving a backup copy of every package that was installed, as a hedge against the uncertain future facing npm. Even though the code was free and open source, access to it through the company running the hosting service was not assured.

And then in early 2020, just as the pandemic was emerging, npm was suddenly acquired by Microsoft, and to all outward appearances has run smoothly ever since. (Somewhere out there an overworked npm employee just screamed into a pillow; my apologies.) This was a natural fit given that about two years earlier Microsoft had also purchased GitHub.

Within about five years of its launch, GitHub had become the single most important website in the history of software development. It is essentially a web-based interface wrapped around Git, a standalone tool for managing codebases that was first released in 2005 as a means to work on the Linux operating system, and has since grown to become the standard for nearly all modern software development. GitHub quite clearly loves open source code— it’s the bread and butter, the primary content displayed on the site, the most important thing it does for most everyone except its occasional enterprise customers—but Git itself, the beating heart, takes this dedication to the next level.

One of the most revolutionary design decisions in Git is the concept of the “remote,” which refers to any copy of the code that exists elsewhere—in another folder on your computer, on a server, perhaps on GitHub. Or on a GitHub competitor, for that matter—GitLab is the most prominent alternative, and Keybase provides remotes to all its users; you can also tediously set up your own privately on most servers and computers. Among other things, Git mediates the interactions with remotes, and no remote is ever intrinsically privileged. As a result, a codebase stored in Git has no canonical location, so it can relocate freely in response to threats.

I’ve been developing software with Git for many years, and it has shaped my thinking so deeply that at this point I could not live without it. Yet it still feels magical to send your code off to a new remote for the first time. With one command, you can copy years of work and gigabytes of code over to a new host, keeping nearly all the context, notes, information, mistakes, and jokes intact. It feels like you’ve hired professional movers to take all your stuff to your new home, which is a sensation I’ve rarely encountered in other technology products. Quite the opposite—the creator of WordPress recently reported that Twitter responded to user defections by explicitly switching off the ability to export user data via API on request. Thanks to the efforts of the insufferable free software nerds who build Linux, in the Git ecosystem the cost of switching is so low that it makes the success of GitHub even more remarkable. GitHub is best in class because it has to be. Its product is built atop a tech stack that dictates another company must be able to come along and eat its lunch. One might even argue that in the absence of this mechanic, the market can never really be free.

Even after buying Twitter and dropping down the list of the wealthiest people in the world, Musk still has enough money to cover the valuations of npm, GitHub, GitLab, and Keybase combined, and could buy them and kill them off. He could not kill off the codebases they contain, though, since every project could just migrate to a new remote. Git was explicitly engineered to remain outside the reach of bad actors no matter how much money they have, and to propagate that powerful property into all the code it touches. It’s not just that Git is free and open. It was designed in a way that means it can never be anything else. At this point the only way to stop it would be to build an even better replacement. Good luck!

If you were to build your replacement using Git as a starting point, you’d still have a problem. That’s because Git is licensed under the GNU General Public License, a particularly aggressive license used by open source software projects, which dictates that all downstream work must be shared openly under the same license. Since the source code for Git is itself open source, anyone can extend it and create derivatives, but it’s illegal for that work to be treated as proprietary intellectual property. This property has a ripple effect: Free open source software released under this license tends to create more free open source software released under this license.

These success stories are wonderful, but they all pale in comparison to Wikipedia, the greatest work of human knowledge of all time and the single most important thing ever created on the web. It was routinely mocked as absurd in its earliest days, but it is by now deeply woven into our lives—it lives in your pocket all the time, and you can pull it out at a bar and talk about an article with your friend or date. We take it for granted. Its value cannot be quantified. Somehow, it is also free.

So in medicine, finance, and art, we should be trying to create a spiritual equivalent of Wikipedia that does whatever the discipline requires. Math, cooking, memories of dead loved ones. Computers too, possibly? GitHub doesn’t count, but Git might. The “sharing economy,” now an entire layer of professional existence across every conceivable dimension, emerged from a glut of startups emulating rideshare companies: Uber for this, Uber for that. It became a punchline. Enough. Grow up. Nobody cares. Go make a Wikipedia for something instead.

Open source software has always been propelled by the vague notion that it will improve the commons, that the implicit or higher-order collaboration resulting from showing and sharing your work leads to better projects, successful companies, more ambitious ideas, greater futures. If we all stand on the shoulders of giants, then some of us will find things up there. And sure, fine – that’s a utopian vision we could all use a bit more of, especially after recent events. Dorsey’s reflections on Twitter’s turmoil last week concluded, “We did the right thing for the public company business at the time, but the wrong thing for the internet and society.” There’s a tension to resolve there, sure. But I am also going to take it a step further: In a world peppered with bored billionaires, lack of open access becomes an existential risk that could suddenly wipe it all out.

For decades now, technology has measured achievement in things like funding rounds, company valuations, potential market, active users, downloads, and yes, stock prices. But these are all units of capitalism. One level deeper, should you choose to further interrogate it, the platform for the platform is just money. Who cares? We already know how this one goes.

Capital can kill code. Capital can kill anything. So if what you have created is important, then so long as billionaires still exist, you are going to need to turn it into something that can’t be bought. An idea that can’t be killed is more valuable than an idea that can be killed, and the only thing that billions of dollars cannot kill is something that cannot have a price tag to begin with, because it exists in abundance, endlessly replicating as it spreads across the world.

The good news is that the better, stronger, more resilient world we need is inevitable given enough time, because the foundation has been laid. Twitter may not ultimately crumble, and even if it does, ActivityPub, Bluesky, Mastodon, and good old RSS feeds are all waiting to pick up the slack. Brilliant people will create amazing things in JavaScript, save them to GitLab remotes, and publish them on npm. Some of them have already started. These are the reasons why even the worst case scenario for Twitter under Musk would not be a complete disaster for the world’s communication. We will be okay because all these pieces are already out there. We will be okay because the mistakes we made in treating Twitter as a platform were not made the last time around with an earlier generation of technologies, the ones with which Twitter was built, the ones we should strive to emulate again. We will be okay specifically because we still have the web.

No comments:

Post a Comment