I mean, in the late 90s everyone was talking about how the Internet would "democratize information", because anyone could become a content publisher from their garage. The story then was about how "the power" was concentrated in huge media companies, and the Internet would change that.
But when the barrier to entry is tiny, and indeed the barrier to switching is so low, it means that any competitor that is even just a tad better than the other guys will vacuum up all the business. It's indeed actually this more open framework that leads to higher concentrations of wealth and power, not the other way around.
I'd submit that it's the closing that's the problem, not the openness. Openness tends to support a power law distribution of clients. One or two will dominate, but there will be a dozen that are significant.
Watching all the preparations for the Open Banking regulations here in Brazil (still not in place fully). The concept is sound, as the data belongs to the user, not the bank/platforms, so banks/platforms should enable this data to freely flow (on the user command) to other platforms.
I think forced interoperability might have a good effect on that world, and also it seems to foster innovation by lowering the barriers of entry but I don't really know the effects on investment and VC money when you eliminate an effective competitive barrier.
If our data became worthless, because of say, regulation on its use and a right to be forgotten, then we'd see more than just "one business model under different names".
and ¿por qué no los dos, interoperabilidad y antimonopolio?
Interoperability moves the world towards less concentration of wealth and power. So it's a step in the right direction.
So instead of accelerating progress we get one monopoly every 20 years (and some people splitting their attention, and friendship groups, and exposure to surveillance, between multiple incompatible sites).
That's not as reassuring as you might think it is.
Well, to be fair, this did happen. People today are better informed than ever. It worked so well, that classical media was (is?) dying. But what people forgot to mention was that money will still drive society, that people still cannot know everything and make failures, as people also will still manipulate others for whatever reason.
The world has become better, but it still remains flawed. After all, nothing will ever be perfect.
the cost of switching is not low though, exactly for lack of interoperability
if a user moves from a platform to another one, the user has to start from scratch because all of the contacts, social interactions and content are locked behind walled gardens
Well, it did democratize disinformation.
This is a step in the right direction but it certainly doesn't enable the anything that looks like the developments we have seen around the internet due to its open protocols. Health care will be "interoperable" without any of the compatibility or interfaces the TFA wants. We need regulators who understand the technology and have a much higher standard for interoperability if we are to demonopolize the internet.
Prior to this each vendor had a custom API, and getting integrations working was an enormous effort. There are a bunch of companies who offer a standardized API around various EHRs, such as Redox https://www.redoxengine.com/. Now most of them have started supporting FHIR, as a way to ingest and expose data. FHIR isn't comprehensive yet, but it'll get there at its own pace.
The idea that someone hosting a product on the internet should be able to control how I access my data or services is utter nonsense and it’s amazing that we’ve allowed it to become the norm.
This should include interoperability that allows “unbundling” such as using a site/app’s messaging feature alone with a different client or service and replacing the platform’s feed curation algorithms with your own or third party algos.
If they can’t make money under these conditions, tough. They either need to start charging for the core product instead of extracting value in hidden ways, improve their own money making services so people don’t go elsewhere, or die.
Agreed. It is possible to have FOSS software that is not gratis. Ever heard of a business model called: 'Making something of value and charging for it'?
It's also the only requirement that I disagree with
you're introducing some confusion here: first, OSI doesn't define FOSS, just their subset of OSS;
and someone can offer to sell you, and you can buy and then resell, FOSS code (both Free (GPL according to FSF et al) and Open Source (BSD, MIT, according to OSI et al)); you are simply not required to pay extra ex post for reselling.
from OSI webpage https://opensource.org/osd
"1. Free Redistribution
The license shall not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources. The license shall not require a royalty or other fee for such sale."
I don't know of any license that is widely accepted as FOSS which also requires that the developer get paid when the software is used.
By opening your source you’re already in the minority contributing to common good, openly sharing your understanding of how to solve problems with code (aka IP). Making IP free is a big deal — you’re making it free to learn, understand, and advance shared knowledge. You don’t owe anyone making it free to run a business on.
To head off an AWS vs. Elastic situation, where someone else offers your code as a paid service w/o compensating you and w/o releasing their in-house patches (https://www.theregister.com/2021/01/22/aws_elastic_fork/), consider AGPLv3: https://choosealicense.com/licenses/agpl-3.0/
See top comment on that here on HN about 8 months ago: https://news.ycombinator.com/item?id=25834523
TL;DR: “How to charge for OSS”: https://www.mikeperham.com/2015/11/23/how-to-charge-for-your...
The person who wants a change can pay you, or anyone else, to implement it. Then everyone gets it, but you still get paid for it.
Which is actually a sustainable business model. One corporation pays you $5000 for change A, another pays you $3500 for change B, an individual pays you $100 for small change C, you make $8600 this month and the whole world gets A, B and C.
In theory you might now have corporation A waiting for someone else to pay for the change instead of paying for it themselves, but if the change to them is worth $10,000/month and waiting for somebody else to do it causes them to have to wait five years, how does the math work out for them on that?
In this way, the older unauthenticated model of the internet was better: by not creating an illusion of privacy around your website (think c2.com or Wikipedia), it does not encourage you to rely on that illusion for safety.
I do think that making data into enough of a liability (as opposed to profitable) will eventually break apart data silos.
At what level of API with what level of SLA?
> and it should be illegal to prevent or frustrate access from other clients or services.
Many existing APIs that are intended to allow access are extremely frustrating and poorly designed and implemented. Obviously this is true for products and services as well.
It seems very hard to imagine how you could mandate good quality design and implementation of APIs.
All that's required is that breaking changes to the API the vendor's first party client uses to access the service be documented and announced e.g. two years in advance.
It doesn't matter how poor the vendor's documentation is. It doesn't even need to exist. As long as the first party client can be reverse engineered and the fruits of that work don't get wiped out every month by purposeful undocumented adversarial modifications.
And then a vendor has a simple way to avoid running afoul of the rule -- keep a stable API. You can still change it, if you have to, but then the documentation of the change has to satisfy the lawyers, and more importantly you only get to do it once every two years, because you have to provide that much advance notice.
And it doesn't apply to adding new features, only breaking existing ones.
You’re pretending this is simpler than it is.
> you only get to do it once every two years, because you have to provide that much advance notice.
> And it doesn't apply to adding new features, only breaking existing ones.
What about changing existing features, or removing them?
Can that only be done every two years?
If an API existed yesterday, and it does the same thing it did yesterday, you're fine. If you don't like how it works, add a new one and use that. You just can't take the old one out, or change how it works, without providing significant advance notice.
Are you changing your mind about it being 2 years?
What if you want to make a change to the system that isn’t compatible with maintaining the old api?
How about if the old api can’t scale as the user base grows?
This is a clearly unworkable proposal.
> How about if the old api can’t scale as the user base grows?
What if Amtrak wanted to make trains twice as wide?
What if EDF Energy would rather supply 160V AC power?
What if it'd be easier if there were a few orders of magnitude more IP addresses?
Once you build something, especially if it becomes part of the infrastructure, you have to support it, often for a longer time than you'd like. When you get to a certain scale and level of societal/economic importance, the support required of you as a company should be enforced by society.
Scale brings many benefits but also should come with certain expectations and commitments. We are very bad at making tech companies play their part in this.
> Tough luck?
Tough luck for whom? It seems like nobody wins in that scenario. What do you think would happen?
> Once you build something, especially if it becomes part of the infrastructure…
This is a circular argument. The proposal is that all services be forced to be treated as infrastructure, even if they aren’t. As I say, this is clearly unworkable.
No thanks. It’s fairly obvious that the current crop of giants will not retain their power forever.
I’d rather not have them declared infrastructure and become a permanent fixture.
AC voltage and Railway gauges were standardized in the 1880s.
The idea that Facebook should be established by law as infrastructure for the next 130 years is a level of dystopian thinking I hadn’t previously considered.
They would immediately announce that the old API is deprecated and will be removed in two years and then have high server bills for two years.
Also, you can provide the new API in parallel and publish good documentation for it so that other implementations use the new one immediately instead of waiting the two years and then only some small minority of clients will continue using the old one.
> I’d rather not have them declared infrastructure and become a permanent fixture.
Requiring Facebook et al to have a stable API would cause them to be less permanent, because it makes switching easier.
Right now you can create an alternative messaging app all you like but nobody will use it unless other people are using it. It has to be a lot better to dethrone Facebook.
If anyone could make one that could still be used to talk to people on Facebook, it would only have to be a little bit better for people to switch to it. And once you have a messaging app that can use twelve different services, the ones people were only using because of the network effect lose that advantage and die out.
Also, how are two years and "permanent" in any way equivalent? It's two years to give interoperable implementations enough time to be switched to the new API before the old one is discontinued, nothing more. The problem right now is that the first party service will discontinue the existing API and roll out a new client using the new API on the same day, intentionally breaking all alternative implementations until they scramble to reverse engineer and implement the new one, and then do that repeatedly on purpose until all other implementations are dead.
> They would immediately announce that the old API is deprecated and will be removed in two years and then have high server bills for two years.
What if they are a startup who can’t afford that?
More importantly, what if they can’t realistically operate both simultaneously because there is an impedance mismatch between the implementations?
> Also, you can provide the new API in parallel and publish good documentation for it so that other implementations use the new one immediately instead of waiting the two years and then only some small minority of clients will continue using the old one.
What if the service is operated by a startup, and the clients are the incumbents like Facebook, or competitors, who don’t have any incentive to switching to the new api immediately or even quickly?
> Also, how are two years and "permanent" in any way equivalent?
Because it’s far easier for a company with billions in revenue to afford the costs of keeping many parallel APIs running, and crippling for a startup which needs to iterate fast. Forcing this expense on services would be the best thing to happen to the incumbents.
> It's two years to give interoperable implementations enough time to be switched to the new API before the old one is discontinued, nothing more.
You might like it to be that, but that’s not what it is. You seem to think this would hurt Facebook, when really it just creates a giant impediment to newcomers that Facebook never had to deal with as it was growing.
> The problem right now is that the first party service will discontinue the existing API and roll out a new client using the new API on the same day
Yes, which is exactly how an evolving new service must operate in order to be competitive.
> Right now you can create an alternative messaging app all you like but nobody will use it unless other people are using it. It has to be a lot better to dethrone Facebook.
We deserve a lot better than Facebook. There is no point in dethroning it with something that is only slightly better.
Could be dependent on the size of the company/userbase. E.g. Facebook (>100M users) should implement full API, while a small company inventing new social software (<100k users) should only implement minimum API.
I think you've misunderstood what their core product is. They charge good money to their customers - companies placing ads.
* Sell you a physical product
* Sell you a service
* Sell information about you: your conversations, your clicks, your friends, etc
* Sell you ads
Smart TV's are an example of all four at once.
If the files are not protected by DRM, then there's no technical limitation on copying or redistributing the file, but according to your license agreement you're not permitted to do so.
In practice, no one is probably going to come after you for copying your music files or ebooks across your devices or sharing it with friends, but you don't own the file. Try mass distributing it or reselling it long enough and you'll attract someone's attention.
If it becomes possible for users to access the product without also driving ad revenue, they will soon discover that the service they offer to users is just as much a part of the core product you describe as the ad platform. Without eyeballs, ads are worthless.
Then there are two choices:
1. make people pay for that service directly (i.e. acknowledge as a product, separate from the ad business); or
2. make the part of the product with ads good enough and palatable enough thast users keep visiting.
It's not amazing that it's become the norm because, it's always been the norm that people control other people in ways that seem barbaric and counter-productive in hindsight.
There are a few creative spirits who think through what would be best for as many, as long as possible. Then there's everyone else that wants to play whatever the game already is and win.
You just can't explain to people who care only care about winning that logic, decency, solidarity, are fundamental pillars everything else they enjoy relies upon. They want what they want, their world is simple and cruel, like the animal kingdom.
Profit and wealth are important motivators, but democratic society should balance this by looking after the global optimisation problem, even when that sometimes constrains individual or corporate profit seeking.
Interoperability, right to repair, etc. are exactly the kinds of globally beneficial, [possibly] locally detrimental balance we should be pushing for.
the social arguments dont seem necessary.
Nobody can control your data unless you give it to them. What do you want to do that doesn’t have an open alternative?
I'd rather have good than perfect, I think the internet is pretty good at the moment.
The internets "landlords" didn't decide these comments have no monetary value, we did.
I disagree. The value of my "creative" (I'm using that in a very broad sense) output is real and belongs to me.
While that may not be translatable to a pay day, not everything is a commodity to be bought and sold.
There are a variety of issues which created the current (dysfunctional, IMHO) landscape, none of which have anything to do with monetization.
Firstly, there's the huge barrier to entry that comes with the prevalence of asymmetric internet links. If I have (multi)GB symmetric network links, I can host as well as consume.
Secondly, there's no broad-based mechanism for individual control of creative output. PGP or a similar mechanism would be great for that. But instead, we have centralized platforms (see my first point) that dictate how and to whom data is shared.
With symmetric network links and strong cryptographic access controls, barriers to an individual having control of their creative output are significantly reduced.
Some folks will want to monetize that, others will not, with a mix of both being the norm.
But claiming that there's no "value" in something because you can't assign it a monetary equivalent seems a pretty narrow view of value, especially WRT to social interactions with friends and family.
And then all the pop stars would move to that one because they're inherently the ones chasing the users, whereas dad doesn't want to install another app on his phone which means mom can't stop using that one and neither can you.
Yeah, with uBlock Origin installed it's actually bearable.
Still much better than, as Pink Floyd would put it, "thirteen channels of shit on the TV to choose from".
This would very quickly turn into a massive GDPR headache.
If by "requires information about" you mean "wishes to track/advertise to" then yes, that sounds like a headache. This is by design, and welcome.
Hardware and software is the game for "hobbyists" like Purism and Pine64 now.
On the other hand, I don't trust Facebook worth sh##. I would love to have an decentralized alternative (blog culture & the FOAF dream was nice while it lasted)
Dealing with mega-corps that treat you poorly always remind me of this exchange from hhgttg:
Builder: Do you have any idea how much damage this bulldozer would suffer if I just let it roll straight over you?
Arthur: No. How much?
Builder: None at all.
(Disclosure: I work for Google, speaking only for myself)
Yours? No. You can join the choir of people complaining that google has locked them out of their accounts.
I'm sure millions of others at least implicitly share my opinion. And, I'd argue, the more explicit this opinion becomes, the more real the value and the greater the risk to Google for being a poor data steward.
Why do you think that it would be different for Google?
They have already completely screwed people many times over. Deleting all of their drive data and locking them out of 10 year old accounts for false alarms on some “bad content” or something.
One does not simply sue a company like this. It is larger and more wealthy than a nation state and unaccountable to all.
The Butlerian Jihad seems more plausible every year.
Maybe just enforcing interoperability won't cut it.
The ultimate objective is to align the interests of users with the interest of service providers (abolish the user-as-a-product business model). Interoperability may be used as a fulcrum to force some price discovery about services, or allow building new business models that add value to the users, who knows... Anything but the current dystopia
And open source Chromium and Firefox are bulwark against that, with active fork ecosystems.
What if browsers start banning apps from their own app stores, though?
Having a globally available standardized decentralized and transparent way to pay for all APIs calls baked into a programming language is a pretty awesome feature.
There are projects attempting to fix that but so far nothing has materialized yet.
There aren't big European social networks, but that might be caused by the fact that Europe is linguistically and culturally very fragmented. Which does not matter as much if your product is an antivirus, but it does matter when you build a product whose value is in the sheer mass of mutually communicating users. The Anglosphere is HUGE.
Early Internet was interoperable because of low commercial interest. Now it's centralized because it's a big market. Interoperability got replaced by contracts.
What is broken about the internet is that we don't have our own addresses, like in real life. (Cue security red-scare and condescending technical types who think it's too complicated for the user.)
That’s basically a super-cookie.
Cookies are a good example. That browsers give up a cookie at all—who consented to this specification? GDPR could have changed browser specs so that cookies were truly opt-in; it regulates company behavior instead, which is weak.
Fundamentally, our choices are being made for us at the protocol level, and everything we have as a result is emergent, and so people argue about regulating the emergent properties.
Reality check: ISPs sell your information. They’re pretty much the last people you should trust.
> who consented to this specification?
Third party cookies (the “tracking” kind) were a bug. The original specification did not include them.
Exactly why we should regulate IP address and protocols, so that every company that handles them is beholden to the same conditions for preserving our privacy. Instead we play whack-a-mole regulating individual company behavior, while they continue to control the protocols and addresses and everything on top of those layers.
I'd say this only applies within a capitalist mode of production.
If, on the other hand, you're instead suggesting an alternative to the capitalist mode of production that doesn't involve state-run monopolies, then I think you need to draw the rest of the owl before we can judge whether your system will end up with authoritarianism or not.
It also requires open standards for defining those services and potentially open implementations. See github.com/micro/services as an example.
Ultimately it's going to take a long time and significant coordination between multiple players for it to happen. I do wish we just had an open set of services anyone could run and contribute to. Then we could either go through the pains of hosting ourselves or paying someone to do it for us.
Nope. All it requires is for each company to provide unrestricted access to the APIs of their services. Plenty of interested parties out there to complete the plumbing
Those aren't big tech abuses; they are two systemic side effects of the internet itself... Of a technology that disintermediates gatekeepers from peer to peer communication. If anything, big tech serves as a gatekeeper that has any chance at all of addressing those issues. Empowering communities and individuals to escape monopoly platforms decentralizes disinformation and copyright infringement and increases the severity of those problems.
I think there are good reasons to decentralize the current mega platforms we have, but addressing disinformation or copyright management aren't them.
The hope would be that the system splinters. Those that want more data oriented system can have it, those that don't can remain in the past.
Other than that, Herbert L Fred's "The Tyranny of Technology" and that of his term 'technological tenesmus' comes to mind; https://doi.org/10.1080/21548331.1997.11443437
Or, you just let each developer go as fast as they want to adding new features and/or selecting the ones they want (Apple putting adding in memoji that works by sending only the parameters, to very specific and copyright protected assets)
Yes, that is what I say.
> But then someone wants to add threading, suddenly the entire format needs to change
Does it? If older clients don't want to implement threading, they can just receive the message bodies in the order they were posted. The old API should continue to work regardless of the extra metadata which one provider might be storing about it.
Ideally, the host with the new feature would also add an "In response to #123456789:" line at the top of each message, so that users of the older clients can construct the threads in their mind (assuming that these older clients have been listing the IDs of the messages), but I don't think anyone's arguing that a service is breaking interoperability by failing to add such an affordance.
This post misses mentioning the incentives of incumbents who have seen the innovator risk filtering pipelines constricting. Inviting more people to play feeds their futures.
Well. One should be shocked: government and laws are exactly what should protect human well-being directly and decisively when other things fail (or in prevention), but now it turns out capitalism is too powerful so we can't do that? We have to ignore morality for a while, and start to leverage government and laws just to create a side pathway that might eventually lead to the possibility to compete against the big beasts of capitalism in their own (or slightly shifted) terrain? Hope we adapt better than they do?
I'm not even saying this is stupid. It might actually be the most pragmatic way forward. I tend to take a similar view when looking for solutions... but when we reached this point, we should realize that the problem is not the tech giants, interoperability, Java's error model, APIs, EFFs, js typecasting nor the internet. If having to resort to this kind of strategies doesn't make it clear to us that we are playing the wrong game, we are doomed at a more fundamental level: money sits at the top of the power pyramid, and we have no effective mechanism to balance human well-being against it (which doesn't make patches useless, but maybe we should start prefacing appropriately or writing angry ò.ó comments about it at some point).
That's a succinct analysis of the root cause of many problems today, and it helpfully points towards some patches that would address the problems directly. Firstly, the link between money and political power could be severed by having publicly funded elections and limits on political advertising (which might require a narrowly-targeted constitutional amendment in the US).
Secondly, the fact that money creates power is not a problem for human well-being if everyone has a similar amount of money (assuming that having power ensures well-being). Progressive taxation already exists in much of the world, but some countries go a step further with a wealth tax. I would advocate for a wealth tax which makes millionaires pay an amount in tax each year which is an equivalent percentage of their net worth as the amount paid by the median tax payer as a percentage of their net worth (to whom the wealth tax would not apply).
The obsession with HTTPS has to end. Not because of privacy, but because of interoperability.
DNS over HTTPS is not interoperable with the whole universe of existing DNS products. But what's worse, it's locking people into centralized platforms. With traditional DNS, you can move to any network at all, and automatically pick up a new local, fast, customized DNS catching resolver designed for the network you're on. If you're on DNS over HTTPS, you've always got the same provider, which does not scale to every network. The solution, people will tell you, is just to disable DoH. Until we no longer can, because everything expects to use it.
The obsession with HTTPS has also led to the apologists decrying any technical solution that doesn't use TLS 1.3 and HTTPS, because middleboxes!!!! And because literally everyone is reluctant to design new protocols that can be extended as successfully as HTTPS. If it doesn't work over HTTPS, it's not part of the modern internet. This not only severely restricts how you can design technical solutions today, it's stupid: we have this transport protocol with 65,000 port numbers, but we'll only ever use one of them (443), because a redesigned stack is just unfathomable.
Every modern network service today needs many things. Routing metadata, dynamic host/service lookup, federated authentication+authorization, encryption, geo-localized load balancing, error correction, session management, etc. If we build things like these into lower levels of the stack, and build primitives for them into the operating system, then all applications can gain their benefits, and we won't need to rely on convoluted hacks to provide it all.
We can't keep on for the next 100 years with the shitty protocols and shitty solutions we have today. We have to start thinking about brand new designs, and how we will upgrade systems to use them. Otherwise, every solution we come up with will just become more and more convoluted and ridiculous, as we build more and more on top of antiquated systems designs from 40 years ago.
Phone lines were pretty cool. We were able to extend them to transfer data, from 1400 baud to 1.5 megabits. We could technically do up to 50+ megabits, but it wouldn't scale. So we built new solutions. They were expensive, but we needed them in order to grow. Well, I think it's time for tcp/ip and its related protocols to be replaced as well. Not immediately, but it's time for us to start building the replacement.
That new replacement can take everything into account in a variety of new stacks. Federation of data, access, services; new kinds of encryption and privacy mechanisms, new trust models. New routing and service models to make the "last mile" less complicated and more flexible. And more responsive to network partition, including the ability to detect them early, to make applications more responsive.
We can do literally anything we want, people! We can start building the future today! But we have to choose to do it!
> The web, which is short for World Wide Web, is one of the ways information is shared on the internet (others include email, File Transfer Protocol (FTP), and instant messaging services). The web is composed of billions of connected digital documents that are viewed in a web browser, such as Chrome, Safari, Microsoft Edge, Firefox, and others.
The Web, or World Wide Web is an application of the Internet made by (Sir) Tim Berners-Lee about thirty years ago to deliver hypermedia over the Internet.
The Web is to the Internet as "premium rate" chat lines were to Signalling System Seven.