A Glimmer of Hope for a Decentralized Internet

If you don’t own your online services, you’re at the mercy of whoever does. This rule has always been true, but hasn’t been obvious until recently. Service providers have become increasingly tyrannical and arbitrary with the exercise of their control. More and more people are finding themselves banned from services like Facebook and YouTube. Compounding the issue is that the reasons given for the bans are often absurd and that’s assuming any any reasons is given at all.

This type of abusive relationship isn’t good for anybody, but is especially dangerous to individuals with money on the table. Imagine investing years of your life in building up a profitable business on a service like YouTube only to have Google take it away without providing so much as a reason. Some content creators on YouTube are beginning to acknowledge that risk and are taking actions to gain control over their fate:

Whether he’s showing off astronomically expensive computer gaming hardware or dumpster-diving for the cheapest PC builds possible, Linus Sebastian’s videos always strike a chord, and have made him one of the most popular tech personalities on YouTube.

But Google-owned YouTube gets most episodes of Linus Tech Tips a week late.

Now, they debut on his own site called Floatplane, which attracts a much smaller crowd.

A handful of content creators are mentioned in the article. Most of them are too nice or perhaps timid to state the real reasons they’re seeking alternatives to YouTube: YouTube has become a liability. Google; like Facebook, Amazon, Twitter, and other large online service providers; has been hard at work destroying all of the goodwill it built up over its lifetime. There’s no way to know whether a video you upload to YouTube today will be available tomorrow. There isn’t even a guarantee that your account will be around tomorrow. If you post something that irritates the wrong person, or more accurately the wrong machine learning algorithm, it will be removed and your account may be suspended for a few days if you’re lucky or deleted altogether if you’re unlucky. And when your content and account are removed, you have little recourse. There’s nobody you can call. The most you can do is send an e-mail and hope that either a person or machine learning algorithm sees it and have a bit of pity on you.

I’m ecstatic that this recent uptick in censorship is happening. In my opinion centralization of the Internet is dangerous. Large service providers like Google are proving my point. They are also forcing people to decentralize, which advances my goals. So less anybody think I’m ungrateful I want to close this post by giving a sincere thank you to companies like Google, Facebook, Twitter, and Amazon for being such complete bastards. Their actions are doing wonders for my cause of decentralizing the Internet.

Maybe Connecting Everything to the Internet Isn’t a Great Idea

I’ve made my feelings about the so-called Internet of things (IoT) abundantly clear over the years. While I won’t dismiss the advantages that come with making devices Internet accessible, I’m put off by industry’s general apathy towards security. This is especially true when critical infrastructure is connected to the Internet. Doing so can leads to stories like this:

Someone broke into the computer system of a water treatment plant in Florida and tried to poison drinking water for a Florida municipality’s roughly 15,000 residents, officials said on Monday.

The intrusion occurred on Friday evening, when an unknown person remotely accessed the computer interface used to adjust the chemicals that treat drinking water for Oldsmar, a small city that’s about 16 miles northwest of Tampa. The intruder changed the level of sodium hydroxide to 11,100 parts per million, a significant increase from the normal amount of 100 ppm, Pinellas County Sheriff Bob Gualtieri said in a Monday morning press conference.

The individuals involved with the water treatment plant have been surprisingly dismissive about this. They’ve pointed out that there was never any danger to the people of Oldsmar because treated water doesn’t hit the supply system for 24 to 36 hours and there procedures in place that would have caught the dangerous levels of sodium hydroxide in the water before it could be release. I believe both claims. I’m certain there are a number of water quality sensors involved in verifying that treated water is safe before it is released into the supply system. However, they’re not mentioning other dangers.

Poisoning isn’t the only danger of this kind of attack. What happens when treated water can’t be released into the supply system? If an attacker poisons some of the treated water, is there isolated surplus that can be released into the supply system instead? If not, this kind of attack is can work as a denial of service against the city’s water supply. What can be done with poisoned water? It can’t be released into the supply system and I doubt environmental regulations will allow it to be dumped into the ground. Even if it could be dumped into the ground, doing so would risk poisoning groundwater supplies. It’s possible that a percentage of the plant’s treatment capacity becomes unavailable for an extended period of time while the poisoned water is purified.

What’s even more concerning is that this attack wasn’t detected by an intrusion detection system. It was detected by dumb luck:

Then, around 1:30 that same day, the operator watched as someone remotely accessed the system again. The operator could see the mouse on his screen being moved to open various functions that controlled the treatment process. The unknown person then opened the function that controls the input of sodium hydroxide and increased it by 111-fold. The intrusion lasted from three to five minutes.

This indicates that the plant’s network security isn’t adequate for the task at hand. Had the operator not been at the console at the time, it’s quite possible that the attacker would have been able to poison the water. There is also a valid question about the user interface. Why does it apparently allow raising the levels of sodium hydroxide to a dangerous amount? If there are valid reasons for doing so (which there absolutely could be), why doesn’t doing so at least require some kind of supervisory approval?

It’s not uncommon for people involved in industries to cite the lack of budget necessary to address the issues I’ve raised. But if there isn’t a sufficient budget to address important security concerns when connecting critical infrastructure to the Internet, I will argue that it shouldn’t be done at all. The risks of introducing remote access to a system aren’t insignificant and the probability of an attack occurring are extremely high.

Whenever somebody discussing connecting a device to the Internet, I immediately ask what benefits doing so will provide. I then ask which of those benefits can be realized with a local automation system. For example, a Nest thermostat offers some convenient features, but many of those features can be realized with a local Home Assistant controller.

Google Suspends Element from Its Play Store

The developers of Element; a decentralized, federated, and secure messaging client; were just informed that their application has been suspended from the Google Play Store, which means Android users cannot currently install Element unless they do it through F-Droid or side loading. Why did Google suspend the app? At first Element’s developers weren’t given a reason but they were eventually informed the suspension was because of abusive content. Both the lack of transparency and citing abusive content have become staples of application store suspensions, which are two of many things that make centralized application stores like the Apple App Store and Google Play Store so frustrating for both users and developers.

The abusive content justification is bullshit because Element is no different than any other messaging application in that all content is user created. If Element is removed due to showing abusive content then by that very same justification Signal, Facebook Messenger, Instagram, and Google’s own Gmail should be removed. Furthermore, Element actually has a pretty complete set of moderation tools so Google can’t even argue that the lack of moderation is the culprit. But this doesn’t matter because there are no consequences for Google if it suspends an application for incorrect reasons. Agreements between developers and Google (and Apple for that matter) are one-sided. The only option for developers when their applications are suspended is to beg for clemency.

The suspension of Element is yet another example on the already extensive list that shows why centralized application stores and closed platforms are bad ideas. Without prior notice or (initially) any reason Google made it so Android users can no longer install Element unless they jump through some hoops (fortunately, unlike with iOS, Android generally gives you some options for installing applications that aren’t in the Play Store). Google might decide to be magnanimous and change its mind. Or it might not. In any case there’s very little that Element’s developers or Android users can do about it.

One-Sided Contracts

Yesterday I once again reiterated the fact that if you don’t own your infrastructure, you’re at the mercy of whoever does. Today I want to discuss why third-party providers can so easily pull the rug out from underneath you.

Businesses all over the world rely on third-party providers for any number of goods and services. They do so without too much concern that those third-parties are going to suddenly kneecap them. How do they accomplish such a feat? The answer is contracts. Large business deals aren’t made by one business clicking the accept button on a provider’s terms of service of end user license agreement. They’re made by lawyers on both sides negotiating terms. If one party only offers a deal where they can do whatever they want and the other party simply has to accept it, the other party will likely walk away. But such one-sided deals are common with online service providers.

If you sign up for an account on Amazon Web Services, Digital Ocean, GoDaddy, or any other hosting provider, you are presented with terms of service that you have to accept in order to use the service. There is no opportunity for you to negotiate. If you bother to read the terms of services, you’ll realize that they tend to put a lot of obligations on you as the paying customer but almost none of them as the provider. The terms of service usually allow the provider to cut you off for any reason without notice. But do you get any guarantees in return? Do they guarantee you uptime, reliability, or anything along those lines? If they do, do they agree to pay a financial penalty if they fail to provide what they guarantee? Do they offer a concise list of specific terms that are the only terms under which they are allowed to terminate the agreement without paying a financial penalty to you? They don’t.

I’ve been fortunate enough to observe contract negotiations between businesses. It’s both an interesting and painstaking process. They can take weeks, months, and even years. During that time both parties will strive to ensure every detail that could impact them is hammered out. Neither party wants to be in a position where the other can screw them.

Every end user license agreement and terms of service you’ve accepted over the years was likely entirely one-sided. The company you’re paying probably reserved all of the power for themselves. It’s likely that they dictated who will arbitrate any disagreement between them and you (if any disagreement is even allowed to you under the terms). This is one reason, perhaps the biggest reason, you can’t rely on a third-party service provider. If you decide to host your site on Amazon Web Services, Digital Ocean, GoDaddy, etc., they can remove your site for any reason without any advanced warning. In return you get to take it and ask for more.

No competent business would knowingly enter a one-sided contract. Take a page from their book. If you’re looking to purchase a good or service and the only offer is a one-sided agreement where the provider gets all of the power, walk away.

Silence!

The 2020 presidential election turned out exactly as I and anybody else who has witnessed two children fighting over a toy expected. The only thing missing was Biden giving Trump a wedgie and calling him a poophead after his victory was certified.

What has been far more interesting to me is the response by our technology overlords. It seems that online service providers are participating in a competition to see who can best signal their hatred of Trump and the Republican Party. MSN is acting as the high score record keeper and listing every online service that has banned Trump or anything related to the Republican Party. Some of the entries were predictable. For example, Facebook and Twitter both banned Trump and Reddit announce that it banned /r/DonaldTrump.

Some of the entries are a bit more interesting (although still not surprising). Apple and Google both banned Parler (basically a shittier Facebook marketed at Republicans) from their respective app stores. Then Amazon, not wanting to be shown up, announced it had banned Parler from using its AWS services (which Parler stupidly chose as its hosting provider). For over a decade I’ve been telling anybody who will listen about the dangers of relying on tightly controlled platforms and other people’s infrastructure (often referred to as “the cloud”). These announcements by Apple, Google, and Amazon are why.

If you use an iOS device, you are stuck playing by Apple’s rules. If Apple says you’re no longer allowed to install an app to access an online service, then you’re no longer allowed to install an app that accesses that online service. The same is true, although to a lesser extent (for now), with Android. Although Android is open source Google exercises control over the platform through access to its proprietary apps. If a device manufacturer wants to include Gmail, Google Maps, and other proprietary Google apps on their Android devices, they need to agree to Google’s terms of service. The saving grace with Android is that its open source nature allows unrestricted images such as LineageOS to be released, but they generally only work on a small list of available Android devices and installing them is sometimes challenging. I’ve specifically mentioned iOS and Android, but the same is true for any proprietary platform including Windows and macOS. If Microsoft and Apple want to prohibit an app from running on Windows and macOS, they have a number of options available to them including adding the app to their operating systems’ build-in anti-malware tools. The bottom line is if you’re running a proprietary platform, you don’t own your system.

Anybody who has been reading this blog for any length of time knows that I self-host my online services. This blog for instance is running on a computer in my basement. Self-hosting comes with a lot of downsides, but one significant upside is that the only person who can erase my online presence is me. If you’re relying on a third-party service provider such as Amazon, Digital Ocean, GoDaddy, etc., your online service is entirely at their mercy. Parler wasn’t the first service to learn this lesson the hard way and certainly won’t be the last.

I’ve had to think about these things for most of my life because my philosophical views have almost always been outside the list of acceptable ideas. I developed absolutist views on gun rights, free speech, and the concept of an accused individual being innocent until proven guilty beyond a reasonable doubt in school and continue to maintain those views today. Opposing all forms of gun and speech restrictions doesn’t make you popular in K-12 and especially doesn’t make you popular in college. Being the person who wants a thorough investigation to determine guilt during a witch hunt generally only results in you being called a witch too. However, that list of acceptable ideas has continuously shortened throughout my life. Absolutist or near absolutist views on free speech were common when I was young. They became less common when I was in college, but the general principle of free speech was still espoused by the majority. Today it seems more common to find people who actually believe words can be dangerous and demand rigid controls on speech. It also seems that any political views slightly right of Leninism have been removed from the list.

If you hold views that are outside of the list of acceptable ideas or are in danger of being removed from the list, you need to think about censorship avoidance. If you haven’t already started a plan to migrate away from proprietary platforms, now is a good time to start. Likewise, if you administer any online services and haven’t already developed a plan to migrate to self-hosted infrastructure, now is actually at least a year too late, but still a better time to start than tomorrow. Our technology overlords have made it abundantly clear that they will not allow wrongthink to be produced or hosted on their platforms.

The Continuing Deterioration of Duolingo

A few years ago I used Duolingo in combination with a number of other resources to learn Esperanto. I also used it to dabble in a number of other languages. My experience at the time lead me to recommend it to people who expressed an interest in learning another language with some caveats. A few months ago I decided to reassign most of the time I spent on social media to more productive activities. One of those activities was returning to language learning. As part of this endeavor I logged back into my Duolingo account. After a couple of years of almost complete absence (I did log in a couple of times, but never to do more than poke around) I discovered that my small list of caveats has grown.

My previous caveats were mostly related to the varying quality of Duolingo’s courses. Most, if not all (I’m not sure about the service’s flagship languages such as German and Spanish), of Duolingo’s course are created, maintained, and updated by volunteers. This results in courses with wildly differing levels of quality. A handful of courses such as the German and Spanish courses are very good. Another handful of courses such as the Swahili course are notoriously bad. But most of the courses lie somewhere in between.

To briefly illustrate the variety of middling quality, I’m going to highlight four courses: Esperanto (a language I know fairly well), Japanese (a language I took in college), Latin (a language I’m decent at reading and writing, but shit at speaking), and Hebrew (a language about which I know almost nothing).

The Esperanto course is quite good. This isn’t too surprising since there are a lot of passionate Esperantists willing to volunteer their time and energy to create educational material (Lernu.net is a great example of this). The Esperanto course includes extensive language notes, audio that is generally good, and enough content (65 skills) to keep learners engaged. But the course hasn’t received a lot of updates since I last used it. In fact the only content update appears to be the inclusion of skills in the main tree that were originally only available by paying lingots (Duolingo’s original in-app currency, which has been replaced by gems… except when it hasn’t). Popular features in the top tier courses, such as stories, are not available in the Esperanto course and I have my doubts they ever will be.

The Japanese course was awful when it was first released. Japanese uses three writing scripts: hiragana, katakana, and kanji. The initial release of the course taught hiragana and katakana, but taught little if any kanji. I also remember the original audio being variable in quality. However, unlike the Esperanto course, the Japanese course has been improved. Now it’s serviceable and there’s apparently a major update about to be released, which hopefully means the course will become decent or even good. But in its current state it still has some issues with kanji. Periodically the shown pronunciations for a kanji character is wrong in the context of a sentence and the pronunciations are written in romanji (showing the pronunciation using the Roman alphabet) instead of furigana (showing the pronunciation using hiragana). The reason this matters is because most elementary level written Japanese material use furigana and higher level material will still use it for lesser known kanji. It’s better the get learners acquainted with how a language is used in the real world. The current course also lacks stories, but it sounds like that’s part of the upcoming update.

I was excited when I heard that a Latin course was going to be released. Latin is one of my favorite languages and I’ve studied it for years. I wasn’t expecting a lot from the Latin course since Duolingo courses tend to be bare bones when they’re first released, but I was expecting more than what was released. The entire course only has 22 skills and only teaches the present indicative tense. There are useful notes and audio for many of the sentences. The pronunciations in the audio are obviously attempting to replicate Classical Latin. For the most part they do an OK job, but not a great job. Unless more skills are added the Latin course is useless for anything other than dipping toes into the Latin waters. With that said, the foundation is good enough that a better course could be built upon it someday.

So far I’ve covered courses for language with which I’m already familiar. Now I’m going to highlight a course from the perspective of a totally new learner. I decided to try the Hebrew course because I wanted to dabble in a Semitic language. The fact that Hebrew is a one of only a few examples of a successfully revived language also makes it a novelty to me. However, I immediately ran into a major roadblock. Hebrew, like Japanese, doesn’t use the Roman alphabet, but the Hebrew course, unlike the Japanese course, doesn’t teach you the alphabet. If you’re completely unfamiliar with Hebrew and want to use the Duolingo course, you need to first find another resource from which to learn the alphabet. Obviously I can’t comment any further on the Hebrew course because I couldn’t get anywhere in it (and as I said I wanted to dabble, I’m not interested enough to seek out other resources), which is what I wanted to highlight.

My first caveat when recommending Duolingo in the past was that some courses were good, some were OK, and some were terrible. If somebody expressed an interest in learning German, Spanish, or even Esperanto, I had no problem recommending Duolingo. If somebody expressed an interest in learning Japanese, I’d warn them away. My other major caveat was that Duolingo couldn’t be used by itself to become fluent in a language. Years ago Duolingo advertised itself as a tool that allowed users to achieve fluency (it would even rate how “fluent” you had become) in another language. The idea that one can achieve fluency in a language solely through translating sentences and typing out what was said in audio recordings is bullshit. Fortunately, Duolingo appears to have backed off from those historical claims and now prefers the much vaguer “learn a language” slogan.

Those two caveats remain, but now I have a number of new caveats when recommending Duolingo.

One of the biggest changes that was starting to roll out when I was first using Duolingo was hearts. Hearts are akin to hit points. Each mistake you make deducts one heart and if you make five mistakes, you’re kicked out the current lesson and blocked from doing anything other than practice. Duolingo claims that the heart system exists to discourage users from making mistakes, but this claim doesn’t hold up for two reasons.

First, what qualifies as a mistake is poorly defined and that definition changes. For example, missing punctuation normally wasn’t considered a mistake. Now it is (at least on some course). Sometimes a typo isn’t counted as a mistake (instead it’s highlighted as a typo, which doesn’t cost a heart), sometimes it is. Second, when you do something that is correct but the volunteers who created the course didn’t anticipate, it gets marked as a mistake and costs a heart. Consider the Latin course for a moment. Compared to English Latin has a very free word order. The standard word order in Latin is subject object verb (which is the same in Japanese, but the standard word order in English is subject verb object). When the Latin course was released on Duolingo a lot of my answers were marked as incorrect because the volunteers apparently assumed that everybody would use subject verb object word order whereas I normally use subject object verb word order for Latin. Likewise, Esperanto has a freer word order than English. Sometimes I’ll provide answers on the Esperanto course in subject object verb word order just to keep things interesting. The Esperanto course has existed long enough where most of those unanticipated answers have been discovered and are now accepted. However, when I first did the Esperanto course, that wasn’t the case. I’ve managed to block myself from progressing in both course by giving correct answers that the course creators didn’t anticipate.

If you run out of hearts, you have a handful of options. First, you can do a practice session, which gives you a single heart. Second, you can wait several hours. You get one heart back after five or six hours. So it takes almost a full day to get all of your hearts back. Third, the Duolingo app periodically provides you the opportunity to regain a heart by watching an ad. Fourth, you can pay gems (but not lingots for reasons I’ll get to in a bit) to get some hearts back. Finally, you can bypass the heart system entirely by signing up for Plus. The hearts feature brings one of the worst aspects of free-to-play games to the educational market: the choice between paying real money or grinding. But Duolingo manages to make this already annoying model worse by punishing you inconsistently and sometimes when you didn’t even make a mistake.

This leads me to one of my new caveats: if you plan to use Duolingo seriously, you should consider either paying for Plus or using the website. What do I mean by using the website? The hearts system only exists in the iOS and Android apps. If you log into the website to use Duolingo, you don’t have to deal with hearts (for now). This brings me to my second new caveat.

Your experience on Duolingo can be significantly different from other users. There are two major reasons for this. First, as I already mentioned, the website experience differs from the experience on the Android and iOS apps. The hearts system isn’t the only difference between the two. Notes that are available on the website can’t be accessed from the phone apps. Without notes you have to resort to a lot of trial and error, but the hearts system punishes you for using trial and error unless you subscribe to Plus. I also made a quip about gems replacing lingots except when they haven’t. If you use the website, you use lingots. If you use the phone apps, you use gems. There isn’t even a one-to-one ratio between lingots and gems. As I type this I have 3310 gems in my iOS app and 954 lingots on the website. When I earn lingots on the website, the number of gems that appear on my iOS app goes up and vice versa, so there is an exchange rate, just not an integer one.

The second reason your experience will vary from other users is A/B testing. Duolingo is infamous for it’s A/B testing. A/B testing is a method where a service provides one experience for one set of users and a different experience for another set of users. Because of Duolingo’s obsession with A/B testing, I have to warn anybody to whom I’m recommending the service that the experience I’m recommending may not be the experience they get. For example, a current A/B test on Duolingo is locking skill tests behind lingots (or gems). If you’re not part of this A/B test, you can test out of skills instead of drudge through multiple lessons. This is useful if, for example, you’re starting a course for a language with which you already have some familiarity. I tested out of the hiragana and katakana skills when I started the Japanese course because I learned those scripts in college (I didn’t test out of other early skills because I wanted a refresher). Since there is almost nothing to buy with lingots, this wouldn’t be a big deal. However, a new user won’t have any lingots so they will have to grind for some before they can skip a skill. If I had been a new user when I started the Japanese course, I would’ve had to do the hiragana and katakana skills, which would have been a waste of my time.

My third new caveat is related Duolingo’s gamification. Gamification is a two-edged sword for educational tools. On the plus side gamification encourages engagement. A user may continue using the app and therefore learning because of the game elements. On the con side gamification often encourages the game aspect of the service over the educational aspect. Duolingo has leagues and leader boards. When you complete a lesson, you get experience points. At the end of the week the top three user in the league win. Mind you the prize is just mostly useless lingots, but that’s enough for a competitive person. This has lead a lot of users to grind experience points in lessons that they can complete with confidence quickly in order to climb the leader board. Since you receive the same amount of experience points for doing a previously completed lesson as you do for a new lesson, there’s no motivation to push yourself in order to win your league. So my third caveat is that if you’re a competitive person, Duolingo may distract you from actually learning.

Rather than improving, Duolingo has gotten worse since I last used it. I used to enthusiastically recommend it for a lot of people. Now I’m hesitant. If somebody is willing to primarily use the website or pay for Plus, it can be a useful service… so long as the language course that interests you is decent and you don’t get trapped in a bad A/B test. What worries me the most is that I see no indication that Duolingo is going to turn itself around. How many headaches will users tolerate for a supplemental tool?

Fleeing Facebook

Another election is on the horizon, which can only mean Facebook is clamping down on wrongthink in the futile hope that doing so will appease Congress enough that it won’t say mean things about the company that might hurt its stock price. This week’s clamp down appears to be more severe than others. I have several friends who received temporary bans for making posts or comments that expressed apparently incorrect, albeit quite innocent, opinions. A lot of them also reported that some of their friends received permanent bans for posting similar content.

In the old days of the Internet when websites were dispersed you usually had friends from forums, game servers, and various instant messenger clients added on other services. Because of that, getting banned for any single account wasn’t usually a big deal. However, with the centralization that Facebook has brought, losing your Facebook account can mean losing access to a large number of your contacts.

If you are at risk of losing your Facebook account (and if you hold political views even slightly right of Karl Marx, you are), you need to start establishing your contacts on other services now. If you’re like me and have friends that predominantly lean more libertarian or anarchist, you’ve probably seen a number of services being recommended such as MeWe, Parler, and Gab. The problem with these services is that they, like Facebook, are centralized. That means one of two outcomes is likely. If they’re successful, they will likely decide to capitalize by going public. Once that happens, they will slowly devolve into what Facebook has become today because their stock holders will demand it in order to maximize share prices. If they’re not successful, they’ll likely disappear in the coming years, forcing you to reestablish all of your contacts on another service again.

I’m going to recommend two services that will allow you to nip this problem in the bud permanently. The first is a chat service called Element (which was formerly known as Riot). The second is a Twitter-esque service called Mastodon. The reason I’m recommending these two services is because they share features that are critical if you want to actually socialized freely.

The most important feature is that both services can be self-hosted. This means that in the worst case scenario, if no existing servers will accept you and your friends, you can setup your own server. If you’re running your own server, the only people you have to answer to are yourselves. However, you may want to socialize with people outside of your existing friend groups. That’s where another feature called federation comes in. Federation is a feature that allows services on one server to connect with services on another server. This allows the users on one Element or Mastodon instance to socialize with users on another instance. Federation means not having to put all of your eggs in one basket. If you and your friends sign up on different servers, no one admin can ban you all. Moreover, you can setup backup accounts that your friends can add so if you are banned on one server, your friends already have your alternate account added to their contact list.

The reason I’m recommending two services is because Element and Mastodon offer different features that are geared towards different use cases. Element offers a similar experience to Internet Rely Chat (IRC) and various instant messenger protocols (such as Facebook Messenger). It works well if you and your friends want to have private conversations (you can create public chat rooms as well, if you want anybody to be able to join in the conversation). It also offers end-to-end encrypted chat rooms. End-to-end encrypted rooms cannot be surveilled by outside parties meaning even the server administrators can’t spy on your conversation. It’s much harder for a server administrator to ban you and your friends if they’re entirely ignorant of your conversations.

Mastodon offers an experience similar to Twitter (although with more privacy oriented features). You can create public posts that can be viewed by anybody with a web browser and with which anybody with a Mastodon account can interact. This works great if you have a project that requires a public face. For example, you and your friends may work on an open source project about which you provide periodic public updates. Mastodon enables that. Users can also comment on posts, which allows your posts to act as a public forum. Since Mastodon can be self-hosted, you can also setup a private instance that isn’t federated. Thus you could create a private space for you and your friends.

It’s critical to establish your existing contacts on another service now so you don’t find yourself suddenly unable to communicate with them because you expressed the wrong opinion. Even if you don’t choose Element and/or Mastodon, pick a service that you and your friends can tolerate and at least sign up for accounts and add each other to your contact lists. That way if you disappear down Zuckerberg’s memory hole, you can still keep in contact with your friends.

The Exodus

When COVID-19 started making headlines, I didn’t think much of it. A new virus makes the headlines every few years. But when governments started using COVID-19 as a justification to implement severe restrictions, I started to wonder if we were on the cusp of a major shift in the status quo. Now that we’re several months into the restrictions put into place to “flatten the curve,” I’m all but certain that we’re in the midst of major changes.

One major shift that has come of government COVID-19 policies is the worker migration from offices to home. Before the lock downs were implemented a lot of companies were still skeptical of the work from home model. At the beginning of the lock downs those companies were forced to either shutdown or transition to a work from home model. Now that those businesses have been operating on a work from home model for several months many of them are starting to question the old model. Consider the cost of maintaining a large office in a central hub for your employees. There’s the cost of the building itself. It’s either owned; in which case the costs of the building, upkeep, and property taxes are incurred; or it’s rented; in which case the monthly rent is incurred. Then you have the cost of municipal services such as electrical power, water, and sewer. Most offices offer employees some amenities such as coffee, snacks, etc. Often forgotten are the costs of added risks such as employees being injured or killed during their commute, employees coming in late or being unable to come in at all due to weather, and business being disrupted by power outages, civil unrest, etc. And then there are future costs to consider such as likely tax hikes as various levels of government scramble to make up for lost revenue.

It should come as no surprise that businesses are looking at the current landscape and questioning whether they should flee their expensive central hubs now that many of their employees are working from home:

A new survey by the Downtown Council shows 45 business owners say they are considering leaving downtown – citing the lack of people working or socializing downtown – and the idea that the police department could be dismantled.

[…]

“We are seeing business owners wanting to eliminate the overhead, especially in a world where it looks like there’s going to be a more hybrid approach happening – and people are going to be working from home – business owners and companies are looking to downsize,” he said.

Keep in mind that these are 45 business owners that bothered to participate in a survey. The overall number is almost certainly higher.

This exodus would cause a domino effect. If major companies begin to flee a city, supporting companies usually follow. What’s the point of operating a restaurant or a bar in a city if nobody is eating or drinking there? Likewise, employees that moved to the city because they wanted a short commute may begin looking for a place that’s cheaper and/or nicer. Minnesota is already seeing this as people working from home ask themselves why they shouldn’t work from lakefront property (or in my case, why not work from the woods).

Besides work the other major attraction of large cities has traditionally been big events. Concerts, sports, festivals, etc. usually happen in large cities. But those also vanished when the lock downs were implemented. Downtown Minneapolis is currently a ghost town compared to a few months ago and the same is probably true of other major cities.

We may be witnesses the beginning of the end of a system that really took off with the Industrial Revolution: population centralization. The Industrial Revolution brought factories and factories needed a lot of manpower so they tended to be built in existing population centers. Those factory jobs tended to pay better than farm work so laborers started to migrate from rural areas to those population centers. There was a cycle where factories went to where laborers could be found en masse and laborers started migrating to where factories could be found en masse.

A lot of labor is no longer physical and the Internet provides a mechanism for nonphysical labor to be done remotely. Thus the groundwork exists for the Industrial Revolution cycle to be broken. Employees can live in the boonies and work for a company whose nearest office is several hundred miles away or even across the globe. Many other city attractions also disappeared or went remote.

I think we may be at the beginning of an exodus away from cities. If it occurs, this could end up being another epoch like the Industrial Revolution.

Error Indicators of Limited Value

When I moved into this house, I decided to use UniFi gear for my entire network because I wanted to centrally manage it (I, like most people who work in the technology field, am lazy by nature). This house doesn’t have Ethernet running through the walls so I (again, being lazy) opted to rely on a mesh network for most of my networking needs. My mesh network consists of three UAP-AC-M access points.

Like most other people working in the technology field, I’ve been working from home since COVID-19 started making headlines. This means my in-person meetings have mostly been done via remote video conferences. My setup ran smoothly until a few weeks ago when I started experiencing a strange issue where I’d periodically lose my video conference feeds for 10 to 30 seconds. Since I first setup my mesh network my UniFi Controller has reported a large number (as in several hundred per 24-hour period) of DHCP Timeout errors along with a handful of WPA Authentication Timeout errors. It also reported long access point association times for my two mesh nodes (the other node is wired to my switch). Searching Ubiquiti’s online support forum returned a lot of results for individuals experiencing these errors without any resolution. In fact several comments made by Ubiquiti employees stated that the DHCP Timeout errors can be ignored so long as the network is performing well. I ended up ignoring the errors because at the time my network was performing well and nobody seemed to have a resolution to the errors.

I began looking into the problem again when the video conferencing problems I mentioned started to manifest. To make a long story short, I finally figured out my problem. UAP-AC-M access points use the 5Ghz spectrum for mesh communications so they all operate on the same 5Ghz channel, but it’s expected that they utilize different 2.4Ghz channels. My mesh nodes were setup to automatically select their 2.4Ghz and 5Ghz channels during boot up. I assumed this was safe because I boot them up in stages one after the other. That should have caused them to see each other when they booted up and select a different 2.4Ghz channel. According to my UniFi controller, all three 2.4Ghz channels (one, six, and 11 are the only channels that don’t overlap with other channels) were being utilized so I assumed the access points were operating as I expected. After trying to few different settings I decided to manually select the 2.4Ghz channels for my access points. I put one access point on channel one, one on channel six, and one on channel 11.

Since doing that I haven’t experienced any video conferencing problems. Moreover, my DHCP Timeout errors have dropped to almost nothing (I now experience between two and four per 24-hour period), the WPA Authentication Timeout errors have remained at one or two per 24-hour period, and I no longer see any errors about access points taking longer than expected to associate.

If you’re one of the many people experiencing a massive number of DHCP Timeout errors with UniFi access points and you haven’t already manually selected non-overlapping 2.4Ghz channels for your access points, give it a try. I will note that since I live in the country and there are no other visible Wi-Fi networks anywhere on my property, your experience may differ if you’re in an environment with a lot of competing Wi-Fi networks.

Avoiding Censorship Online

Facebook, Twitter, Reddit, and most other mainstream social media platforms have pledged to increase the speech they censor. This has lead many people, especially those most likely to be censored, to seek greener pastures. They usually tell anybody who will listen to flock to alternate social media platforms such as MeWe, Minds, and Parler. Of course this is an exercise in trading one centrally controlled platform for another. This means users are still at the mercy of the individuals who control the services. Parler has already walked back its commitment to absolute free speech and other alternate platforms will likely do the same.

So is the concept of free speech online hopeless? Not at all. However, you have to take a page from radicals throughout history. If you look at a lot of radicals, they generally owned and operated their own newspapers, magazines, journals, and periodicals. Benjamin Franklin bought a newspaper, Benjamin Tucker printed his own periodical, egoists printed their own journal, and Peter Kropotkin published his own journal. By owning and operating their own print media they were able to say whatever they wanted whenever they wanted.

Today’s Internet has become centralized, corporatized, and sanitized, but that wasn’t always the case. It also doesn’t have to be the case. Anybody can run a server. This blog is hosted on a server sitting in my basement. In fact I self-host most of my online services. This gives me absolute control over my platforms. I can say whatever I want whenever I want.

If you want to express yourself freely, you need to take a page from radicals of yesteryear and own and operate your own platform. Fortunately, it’s easier today than ever before. There are a lot of self-hosted platforms available. For example, if you want something akin to Twitter, there’s Mastodon. If you want something akin to Facebook, there’s Freindica and diaspora*. If you want chatroom functionality, there’s Matrix (which also supports end-to-end encryption so you can speak freely on other people’s servers). In fact there are a ton of self-hosted platforms that cover almost anything you could need. What’s even better is that many of the self-hosted social media platforms can be federated, which means every person in a group could run their own instance and interconnect them.

To quote Max Stirner, “Whoever will be free must make himself free. Freedom is no fairy gift to fall into a man’s lap. What is freedom? To have the will to be responsible for one’s self.”