
Demon-Haunted World - drabiega
http://www.locusmag.com/Perspectives/2017/09/cory-doctorow-demon-haunted-world/
======
jordigh
There is so much "Stallman was right" in all of these examples... non-free
software always manages to eventually sneak in malicious anti-user features,
where the user has no recourse. At least with free software there's always the
fundamental freedom to fork. You think systemd is a Red Hat plot to destroy
Linux, then go use Devuan. You don't trust what Google could be doing with
Chrome, take your pick of alternatives:

[https://en.wikipedia.org/wiki/Chromium_(web_browser)#Communi...](https://en.wikipedia.org/wiki/Chromium_\(web_browser\)#Community_packages)

Plus, people tend to act more morally when they think they might be watched,
whether they actually are watched or not.

Whenever someone refuses to show source code I always think, "what are you
hiding in there?" There's usually something.

~~~
computator
> Whenever someone refuses to show source code I always think, "what are you
> hiding in there?" There's usually something.

There's a dilemma that developers face when deciding to release source code
that's bigger than fear of software theft or the desire to hide something evil
in the code. It's a fear of being scrutinized, ridiculed, or humiliated over
the quality of their code.

Imagine 2 programs that do something useful and are functionally equivalent.
Program A is closed source. Program B has source code available for
inspection. Suppose on inspection, program B's code turns out to be bloated,
ugly, poorly organized, and with many potential bugs or defects. B's
reputation is screwed. However, for all you know, A's code is just as bad or
worse. But you don't know for sure.

Bloggers and reviewers will write that no source is available for A.

Bloggers and reviewers will write that program B's code sucks.

The consumer reads that "program A doesn't give you source code" and that
"program B's code is garbage", but are otherwise functionally equivalent.
Which do you think will have greater influence on most consumers and their
purchasing decision?

That's one major reason why more developers don't release source code. I wish
I knew a way out of this dilemma.

~~~
jcbrand
I'm skeptical that this is actually as big a reason people don't want to open-
source their code as you assume.

In any case, there are good solutions for it.

Firstly, if you know from the start that you're going to open source the code,
then you'll make more of an effort than (perhaps) usual to ensure that the
code is well-organised, well-tested and elegant. At least within your current
level of competence, but that's all anyone can hope to do in any case.

Some humility is also required in my opinion. I know many people subscribe to
a fake-it-until-you-make-it philosophy, and there's some value in that, but
when it comes to open sourcing your code, it's good to check your ego and to
be open to suggestions and criticism. There will always be people who are more
knowledgeable and better than you at certain things. Best IMO is to accept
this (and their criticism if you're lucky enough to receive it) and to see you
how can learn from them and improve.

BTW, I speak from some experience. I have had some nominally embarrassing
experiences with OSS where other people highlighted relatively obvious
security issues with code that I wrote and which I thought was of high
quality. However, in turn I got free QA from knowledgeable people and in the
process the code improved further as I fixed the problems.

Also, as some people have mentioned already. OSS that is popular gets improved
all the time. I.e. if you're lucky, and your code doesn't languish in
obscurity, then you'll get patches and pull requests to improve your code.

So the way out of the dilemma... if you're really just being held back because
you fear criticism and ridicule, is to ignore the fear, be humble, and to
still open-source (perhaps after doing some cleanup, but not to the extent
that you use it as a crutch to avoid open-sourcing).

You'll probably realize that the fear was totally unfounded or in the least
exaggerated.

~~~
sbarre
> Firstly, if you know from the start that you're going to open source the
> code, then you'll make more of an effort than (perhaps) usual to ensure that
> the code is well-organised, well-tested and elegant.

This is assuming you even realize that your code is un-organized and
inelegant.

There is no doubt tons of software out there written by journeyman developers
who don't know best practices or good coding techniques, but just know how to
"ship it"..

And, honestly, there's nothing wrong with that..

------
Nomentatus
This isn't a new demon-haunted world, this is the old, demon-haunted world
before nineteenth-century progressive politics, back when "milk" that wasn't
half chalk still might have a fish in it (see famous Thoreau quote on
evidence.)

We aren't enforcing the laws we have and our grandfathers and mothers had.
(Three guesses why.) Not on monopolies, contracts, patent misuse... nothing.

Just this week I and Hearthstone came to a stop - Blizzard's new policy
insists on a credit card and that I owe them for purchases made if they leak
the card no! I can't sign in to play "my" cards 'till I agree this is totally
cool. Sure, the old policy said they could revise it as they liked, but the
law says otherwise and always has. They don't care - it'll be years before the
law is enforced against them, as it was with Steam and refunds.

No cops - so to speak - on the beat, and Trump vowing to fire more regulators,
that's what's changed. The number of potential demons is more of a constant.

~~~
hutzlibu
"on the beat, and Trump vowing to fire more regulators, that's what's changed.
"

I don't really like to defend trumps sayings, but in this case I don't think
there are government regulators needed. The company acted shitty and you took
the consequences and quit and avoid this company. That's how market works. No
need for regulation here.

The "only" problem with this in general today is, that most people do not
understand technology at all, that's why big corporation's can get away with
the shit they are doing, as there are still people using their consumer
unfriendly, but shiny new products.

I doubt more government regulation would help with that.

Smarter people are required. And I do believe this is happening, it just takes
some time.

~~~
andrewjl
Government regulations exist to fix market failure, usually due to information
asymmetry. In the old days it was milk in chalk, in the modern day it's closed
source code riddled with spyware and engine firmware that cheats emissions
tests. Market failure in my book.

We need more, smarter regulations, not less.

EDIT: I don't think it's reasonable to expect everyone to educate themselves
on every technical advance. That's not possible with the complexity of
technology people encounter in their everyday lives. And that's without even
talking about the invisible technology we never see directly, like the
software controlling our voting machines, hospital equipment, power plants,
etc.

~~~
hutzlibu
" in the modern day it's closed source code riddled with spyware and engine
firmware that cheats emissions tests."

Yeah well, so the problem to me is not really missing regulations, but missing
the will to use open-source.

And that is what I meant, that most people have no idea about technology.

To them it does not matter if something is open-source or not as they do not
know the difference - they understand neither, it is all dark magic to them.

And of course, not everybody needs to have studied IT like we did. But I also
do not understand the Linux kernel - yet I trust it. Because it is open-source
and I can get in touch with the people developing it and see how it is done.

So I trust them.

And ordinary people could at least understand the same: if something is
developed in the open, then other people have the chance to check it. If it is
closed - much harder. Very simple. And I have no doubt, that this knowledge
will get in the heads of the people. It just takes some time (and action of
course) - Computers for everyone is a quite new thing ...

------
walterbell
See efforts to pass Right-to-Repair laws in several U.S. states:
[https://repair.org](https://repair.org) &
[https://ifixit.org/right](https://ifixit.org/right)

From
[http://www.popularmechanics.com/technology/infrastructure/a2...](http://www.popularmechanics.com/technology/infrastructure/a25246/right-
to-repair-legislation-under-fire-in-nebraska/)

 _"... farmers have worked on their own equipment "for decades, generations
even." Brasch also pointed to the emerging DIY sources of information in the
world as a way that farmers and others who want to make repairs can learn
about their equipment: "You can go to a YouTube for something as simple as
baking a cake to repairing or operating an item. I think that's the way the
market is moving. We'd like this market to move with the rest of the world."_

This is one of the IP/copyright issues being negotiated in the new version of
NAFTA (US, Canada, Mexico), as many farmers are affected.

~~~
droopyEyelids
The sad part of the "right to repair" laws is that they're going to force
Apple to stop doing the "Activation Lock" feature that has been a real boon to
everyone who doesn't steal consumer electronic devices.

~~~
SolarNet
Why? Being able to repair a device doesn't mean being able to circumvent anti-
theft features; mechanics would be morally obligated to report a device
brought in for repairs with such a lock activated.

------
captaincrowbar
Doctorow mentions the cases where a printer company has made their software
lie about how much ink was left in a cartridge to make consumers replace them
more often. I always wondered why a manufacturer would want to do that. I
mean, I understand the motive of making consumers buy ink more often, but from
the manufacturer's point of view, why would they want to throw perfectly good
ink away? Colour ink isn't as expensive to manufacture as they like to claim
but it's still worth something. Why didn't they just put less ink in the
cartridge to begin with (and maybe lie about how much was in it), instead of
lying about how much was left toward the end of its life and throwing ink
away?

~~~
layble
I know of a large printer company who approached a large media company with a
deal that would have had the large media company change the color of the text
on their printer friendly pages to something near black but requiring the
color cartridge instead of true black. As I recall they were willing to pay
seven figures annually. The media company did not take them up on their offer.

The underhandedness/cleverness of the printer companies is not to be
underestimated.

~~~
Invictus0
Wow, that's incredible. Even more surprising is that the media company didn't
write a story about this.

~~~
spydum
Very likely wanted to keep that potential revenue stream in their back pocket
for when things got tight

------
SubiculumCode
This is what I think about at the pump.

More and more I see gas pumps ask if you want a receipt BEFORE the gas is
dispensed. This seems risky.

If you decline the receipt and then dispense gas, the pump could cheat on the
amount of gas dispensed with less risk, as a papered record of the purchase
amount and price is not produced.

If on the other hand, the pump waits to ask if you desire a receipt until
after the gasoline is dispensed, the dispenser will not know if a written
record will be requested, and cheating the customer is riskier.

Therefore, I always request a receipt if asked prior to dispensing my
gasoline.

~~~
rb666
What sort of weird gas station requires you to specify the amount of gas
before actually refueling your car? Is that a USA-only thing? Never seen that
in Europe.

~~~
ceejayoz
I don't think OP was saying that. The pump asks Y/N if you want a receipt
before you pump, but prints it after the pumping.

That said, you do specify the amount of gas if you're paying cash here in the
US. You go inside, say "here's $20", and the pump will dispense exactly that.

~~~
astura
If you're paying with cash you usually have to prepay. If you're paying with
card the station does a preauth on your card (and usually a temporary hold)
then does the final authorization after you finish pumping and it knows the
total. Sometimes you have to pump twice if you want to go over the preauth
hold amount, which is usually $50.

It's worth noting that it wasn't that way the entire time I was growing up.
You would pump first then pay the cashier. It wasn't until around 2005ish that
I noticed signs instructing cash customers to prepay.

------
zackmorris
Startup idea:

Form a company that explores new markets in legal liabilities. It could bring
lawsuits with little risk where the payoff could be billions of dollars. Off
the top of my head:

* Research whether channels were engineered into smartphones to allow water to leak in (since they have no moving parts and should self-evidently be watertight).

* Find the planned-obsolescence parts in things like car doors that were engineered too thin or out of plastic so that door and window handles fail after a certain number of uses.

* Find evidence that companies opted to use proprietary battery and charger form factors which drove up prices and prevented interoperability.

...the list is nearly endless. Most of these seem like they depend on research
or whistleblowers. If the free market and regulations won't prevent this kind
of widespread hacking then maybe lucrative opportunities could be found
working within the courts!

~~~
wyager
That's not remotely how waterproofing works. Getting any meaningful degree of
ingress protection is _hard_. It requires entirely different assembly
techniques and is generally contrary to user serviceability.

Proprietary batteries are the reason thin electronics exist. You can't use
18650s to make a MacBook.

I think the problem here is that you vastly underestimate how hard
manufacturing is. The things you're proposing are like me trying to sue
Facebook because it crashes all the time. Is it annoying? Yes. Is it because
they're actively trying to subvert me for nefarious reasons? No, it's just
because they don't know how to do it better in a reasonable price range.

~~~
tftjfjtft
No one thinks its free of any effort. But $10 wrist watches claim 100m
waterproof (whatever 100m means in watch land). All I want is my phone's
screen not to mess up when if my buddy pushes me into the pool. 2 ft of water
for 10 seconds. That's it.

~~~
pjc50
Behold the $75 claimed waterproof phone: [https://www.gearbest.com/cell-
phones/pp_602673.html](https://www.gearbest.com/cell-phones/pp_602673.html)

------
zaroth
Why do our phones, which certainly felt damn snappy the day we bought them,
inevitablely seem to slow down to the point of unusability after a couple
dozen months? Even after a factory reset and installing no apps at all... I
know it didn't take that long to open/close the built in apps when I bought
that iPhone 4, 5, 5s...

The only thing I can think of is the flash drive is slowing down as it wears.
Or, the CPU clock rate is programmed to progressively lower itself the longer
it runs.

Has anyone done the performance analysis on used phones to prove this isn't
just my brain moving the goalposts as hardware improves, or apps just slowing
down as they bloat, but that the old devices really and truly are running the
same software significantly slower than when they were new?

~~~
mikeash
Next time I get a new phone, I'm going to put together a performance testing
plan and record a video of it on the new phone. Then any time I wonder about
this, I can run through the plan again and compare with the recording. So, ask
me again in a few years.

~~~
kbenson
Please publish/open source the testing criteria, so others can do the test and
submit their own results. That would be awesome. I would probably run around
the house and test all the phones in my family.

Even something as simple as Github and using pull requests for those that know
how to do so (or manually just adding for those that email and don't) would
give a lot of introspection, and allow you to share commit bits so people
could help (as well as making it easy for people to clone to run analysis on
if they desire).

~~~
mikeash
Sounds good. I'll at least toss up the testing plan on GitHub, and maybe
compile results too.

I'll _probably_ be doing this for the next iPhone, so it'll be soon.

------
mirimir
> There must be anti-trust enforcement with the death penalty – corporate
> dissolution – for companies that are caught cheating.

This was the _norm_ in the US until the late 1800s. Indeed, corporations had
to act in the public interest. And if they didn't, they were dissolved.

But then, the railroad corporations got wealthy enough that they were able to
buy favorable Supreme Court rulings. Basically, they got human rights. After
former male slaves, but before women.

~~~
JumpCrisscross
> _This was the norm in the US until the late 1800_

Source? Let's say a company owning a factory was thusly dissolved. What would
you do? Parcel bricks out to shareholders?

We got rid of this for a good reason. It nukes long-term investment by laying
the road for expropriation.

~~~
mirimir
See [http://reclaimdemocracy.org/corporate-accountability-
history...](http://reclaimdemocracy.org/corporate-accountability-history-
corporations-us/)

The American Revolution was just as much against Crown Corporations as against
British rule.

~~~
JumpCrisscross
This _Harvard Business Review_ article [1] interviews a reputable professor on
the topic. America adopted English law corporations, replacing the Crown with
the states. Early corporations were limited compared to today's because early
enterprise was fairly limited--the American Revolution occurred on the cusp of
the Industrial Revolution.

You are correct in stating that it took political capital to form a
corporation in Revolutionary times. But that didn't mean they existed at the
pleasure of the state. Furthermore, the close nexus between corporate
chartering and political proximity showed its seams in the 19th century.
That's why states moved the chartering process to independent bureaucracies.

[1] [https://hbr.org/2010/04/what-the-founding-fathers-
real.html](https://hbr.org/2010/04/what-the-founding-fathers-real.html)

~~~
mirimir
I still think that corporations have too much power. They own the system.

------
adrianratnapala
Hmm, I suspect the article is not really news to the people who frequent sites
like this, and perhaps not even to the readership of a science-fiction mag
like locus.

But I would like a nice readable article like that to appear in more
mainstream publications. It should make a good story, being both true and
sensationalist and important at the same time.

~~~
AceJohnny2
> being both true and _sensationalist_ and important at the same time

Doctorow has been sensationalist for as long as I've been reading him (15
years?), I think even moreso as time goes on. Too often, it detracts from his
point, but sometimes he hits the nail on the head.

Also recommended by him, The Civil War over General Purpose Computing" (2012):
[https://boingboing.net/2012/08/23/civilwar.html](https://boingboing.net/2012/08/23/civilwar.html)

It's even truer in hindsight.

~~~
Bartweiss
I really enjoy Doctorow, but he's been getting into territory where the
hyperbole becomes factually inaccurate. His coverage of the Wells Fargo
debacle featured some headlines that simply weren't true, which really put me
on edge for reading his other stuff.

------
Opossum
I'm surprised no one has mentioned Tesla in this context. Not only do they
make it almost impossible to get a Tesla car repaired anywhere but their
service centers, but they also collect a ton of data [1].

[1] [https://www.tesla.com/about/legal](https://www.tesla.com/about/legal)

~~~
zeroxfe
Pretty much any new high-end vehicle is unserviceable outside of their service
centers due to requiring custom diagnostic and programming equipment.

However, body and other simpler mechanical work can be done outside service
centers (for Teslas too.)

------
shmerl
Yeah, repealing DMCA 1201 and CFAA would be very useful.

Also, conditional cheating reminded me The Story of Mel, a Real Programmer:
[http://www.catb.org/jargon/html/story-of-
mel.html](http://www.catb.org/jargon/html/story-of-mel.html)

------
letlambda
>instead, it tries to trick the reviewers, attempting to determine if it’s
landed on a Car and Driver test-lot, and then switching into a high-pollution,
high-fuel-efficiency mode.

This has actually been the case for some time. The car magazine wouldn't just
go borrow a car, they would get one directly from the manufacturer. And the
manufacturer would send a ringer, a vehicle with an EPA test-exemption that
doesn't have to comply with any emissions regulations.

I suppose the era of Youtube car review channels is bringing that method to a
close though.

------
ehsankia
I'm curious about the WannaCry situation. If the killswitch was truly to
detect being in a VM, could they still not have bought the domain and just
left unresponsive, or even better, just generate a random new domain every
single time.

I guess they just didn't foresee someone buying the domain.

~~~
luckyt
Yea, this part was confusing to me as well. How would a VM "simulate" the
internet? Does it return a dummy page? I don't understand what mental model of
VM behavior that the virus creators had in mind when they designed this
killswitch.

~~~
javajosh
The part about _how_ to simulate a site isn't confusing, the part about _why
you 'd want to do that_ is the confusing part. If I was researching malware in
a VM I'd want to take a very passive approach, and allow it to talk to the
real internet, and inspect the traffic.

~~~
LolWolf
It does do that, but in order for it to inspect what's going on, the VM has to
accept an outgoing connection as legitimate.

------
eridius
> _like the iTunes and Kindle ‘‘updates’’ that have removed features the
> products were sold with_

Anyone know what iTunes update he's talking about? I don't remember anything
that fits this description.

~~~
RachelF
I don't know about Apple, but Sony is an excellent example.

They removed the ability to use Linux on the PS3. This is probably one reason
they have been consistently targeted by hackers.

~~~
tftjfjtft
The reason hackers get Sony is because they installed rootkits in everyone of
their window's consumers. Then they apologized, released a "fix" that only hid
the rootkit.

Besides, it must be fun to keep hacking the same company and seeing that they
haven't changed anything in their IT.

~~~
Hasknewbie
And by "apologized", you mean "having a top Sony executive insult their
customers' intelligence":

> "Most people don't even know what a rootkit is, so why should they care
> about it?"

Source:
[https://www.schneier.com/blog/archives/2005/11/sonys_drm_roo...](https://www.schneier.com/blog/archives/2005/11/sonys_drm_rootk.html)

I'm pretty happy to have not bought a single Sony product since 2005. I think
that people should boycott brands that spit in their soup, but Doctorow makes
a better point: these companies should be killed.

------
Dove
I wonder if we can require software to be open source for the same reason that
food has to list its nutritional information and ingredients. Information
asymmetry makes a deal unfair.

------
mathattack
_HP is an egregious cheater, and this kind of cheating is in the DNA of any
company that makes its living selling consumables or service at extremely high
markups – they do their business at war with their customers._

This is a very strong statement. Asking for high margins puts you at war with
your customers?

~~~
pixl97
Yes. Normally in a functioning economy competition drives out high margins,
unless innovation is occurring. To protect against competition HP uses things
like DRM in printer cartridges. Anti-consumer behavior occurs when your ink
cartridges stop working because you didn't use them fast enough and are forced
to buy a new set.

~~~
mathattack
I was focused on the middle. "this kind of cheating is in the DNA of any
company that makes its living selling consumables or service at extremely high
markups"

------
titzer
This is an extremely important article.

In a world populated by IOT devices full of software (as discussed previously
[https://news.ycombinator.com/item?id=15034955](https://news.ycombinator.com/item?id=15034955)),
we'll end up in a post-scientific world where the underlying rules that govern
a device's behavior are so complex and arcane that we'll have little chance of
reverse engineering how basic devices work anymore.

I think in practice it will mean that devices become bricks relatively
quickly, and when people realize they have been cheated, there will be a
strong backlash: imagine "paleo diet" but for devices.

------
otakucode
History repeats itself. Car makers tried to lock out third party parts decades
ago. Claimed you only had a license to operate the vehicle, no ownership.
Music and movie companies argued against First Sale doctrine similarly.

Courts wouldn't have it. They will stop this too. Digital property will be
declared property, not licenses. No limits on resale transfer or rental and
the like. Companies will howl like stuck pigs. And it will benefit them, as
well as consumers, tremendously.

------
bluetwo
What I worry about is the regulations and certifications many other industries
have to curtail cheating may someday be needed in our domain. I do not look
forward to the day that happens.

------
donatj
> Dieselgate killed people

What? Is he being metaphorical or does he mean via the environmental impact?
That's a stretch IMHO. Or alternately am I simply missing something?

~~~
RachelF
Environmental impact.

However, thus far only the programmer at VW has been prosecuted and sentenced
to jail. His "following orders" defense did not work.

All the high-level executives will probably walk away with VW paying a fine.

~~~
kilotaras
If you're referring to this story[1] person sentenced was engineering
executive.

[1] [http://www.reuters.com/article/us-volkswagen-emissions-
sente...](http://www.reuters.com/article/us-volkswagen-emissions-
sentencing/vw-engineer-sentenced-to-40-month-prison-term-in-diesel-case-
idUSKCN1B51YP)

~~~
astrange
Literally every comment I’ve read about this article was by someone who didn’t
read far enough in to learn the person really was an executive ;(

------
sshanky
Can anyone elaborate on his comment on this sort of technology "proliferating
to smart thermostats (no apps that let you turn your AC cooler when the power
company dials it up a couple degrees)?

~~~
sshanky
I read about a program where owners of some Honeywell smart thermostats will
be able to authorize their utilities to turn their AC a few degrees warmer
during times of unusually high demand, in exchange for some sort of
compensation. But this would be voluntary.

------
carapace
Systems of elements that can trust each other are more efficient than systems
of elements that must expend energy to check each other.

------
calinet6
Hat tip to Carl Sagan reference in the title.

------
hutzlibu
The bigger issue with this, than beeing cheated in the casino, to me is, the
increasingly amount of technology around us, we depend on. In a few years
robots in the household will be common.

I really want to have my robot servant - but only if he really is MY servant
and controlled by ME and not someone else, I do not trust ...

~~~
mcguire
Anybody remember _Runaway_?

------
visvavasu
Very nice article, thank you for sharing.

------
MrZongle2
FTA: _" Dieselgate killed people"_

What's the source for this claim?

~~~
iak8god
Every year a shocking number of people die from illness caused by air
pollution [1]. While it might be difficult or impossible to put a head count
on "Dieselgate," the increased emissions certainly killed some.

[1] [http://news.mit.edu/2013/study-air-pollution-
causes-200000-e...](http://news.mit.edu/2013/study-air-pollution-
causes-200000-early-deaths-each-year-in-the-us-0829)

~~~
cr0sh
If you go down that route, you farting contributed methane to the atmosphere,
increasing global warming and thus contributed to killing someone somewhere.

So are we going to start banning the passing of gas at the dinner table?

~~~
gotbeans
Why are you totally obviating the ridiculously huge scale difference, and
therefore impact, of the two mesures in your comparison?

------
dclowd9901
Counterpoint: software such as thermostats that control our energy consumption
or phones that lock themselves while you're driving are better if people can't
consume in a responsible manner.

Is it nanny-state? Yes, but maybe some people need a nanny.

~~~
pdonis
_> if people can't consume in a responsible manner_

The problem is that in the nanny state regime, the state gets to define what
counts as "responsible". Which really means certain people (those with wealth
and power) get to impose their definition of "responsible" on everyone else.

~~~
npsimons
Case in point, does anyone _really_ believe seeing a nipple is more harmful
than seeing violence?

