October 22 2020 GM

Glitter Meetups What are Glitter Meetups Notes from Past Glitter Meetups Virtual Events Calendar Join the IFF Mattermost

Upcoming Events

@ November 3 | Civilsphere's Emergency VPN: Analyzing Mobile Network Traffic to Detect Digital Threats https://internetfreedomfestival.formstack.com/forms/cks26

@ November 9 | Telling Stories about Algorithms https://internetfreedomfestival.formstack.com/forms/cks30

@ November 10 | VPN & Policy https://internetfreedomfestival.formstack.com/forms/vpnvillage3

@ November 15 | Women & GNC Meetup https://internetfreedomfestival.org/wiki/index.php/Women_GNC_Meetup

@ November 19 | Latin American Monthly Meetup https://internetfreedomfestival.org/wiki/index.php/Latin_America_Monthly_Meetups

Community Updates

• The OTF Communty received a pioneer award from EFF and we made a video: https://www.youtube.com/watch?v=nw6EUQ-TAXg

Notes

This Glitter Meetup was featured by Hapee (find him on Mattermost as @hapee) from Greenhost, he is the invisible force that makes sure that so many of our projects stay secure and safe. He is with Greenhost, that literally were allies and supporters of our project before we even knew what we were.

The end of php/mysql stack

• The end of php/mysql stack will imply the end of most open source content management systems. but look at the influence of big tech in programming languages: C# is Microsoft, Go is Google and Swift is Apple. Upcoming modern javascript languages as React started at Facebook, node.js owned by OpenJS foundation with founding members included Google, Microsoft, IBM, PayPal, GoDaddy, and Joyent, Angular is a TypeScript-based open-source web application framework led by the Angular Team at Google and than again TypeScript is a programming language developed and maintained by Microsoft.

• You can see an example of a cooperative that uses jekyll: Hablan Los Pueblos. If you want to move smoothly to static pages (jekyll), this argentinian project focused on activists can be an option.

• The most popular code editor is Visual Studio Code developed by Microsoft, Eclipse is another well known, with contributions include Google, Netflix, Facebook, GE, and Walmart. Brackets.io by Adobe, Atom is one of the oldest open-source code editors developed by GitHub which is bought by Microsoft. Just to set the scene and add some numbers but than again PHP is not so popular anymore but the most popular Open Source Content Management systems are Wordpress, Drupal, Joomla and Typo3 and they are all php based CMS's and see here:

• With backdoors found on two-thirds of all hacked sites, SEO spam on half. That is something we notice at Greenhost as well, where next to those two the Bitcoin mining software is the third annoying thing. So time to move to the next level and move away from open source content management systems. We propose two way:
  • Static site generators: for example the greenhost website (very ugly of coarse) used to be a wordpress website but we now have the maintenance of the website on Gitlab where the text is stored and we push the html to our server but what you see is html only, no php and no databases so no access for backdoors, spamming or bitcoin miners. A few: Hugo, Jekyll and Gatsby.js
  • Isolated instances: Open App Stack is an example of this, it runs for example Rocket Chat, Wordpress and Nextcloud for you but based on technology called Kubernetes and it runs them all in Clusters that can still be compromised but only in its own cluster so is an isolated incident.
• php/mysql is ending just at Greenhost and generally. It is becoming less popular and almost impossible to maintain
• Proprietary languages are becoming more popular than open source languages. The open source languages are primarily dominated by big tech. Still open source but node.js with a foundation OpenJS with founding members included Google, Microsoft, IBM, PayPal, GoDaddy, and Joyent.
• The challenge is that we (the ngo community) will run on outdated software and is either spending a lot of money to prevent it from hacking or are hacked all the time.
• To recap: it may be better for security to have a static site than a dynamic site, like wordpress.

Fake News Echo Chamber

• Last week we had an interesting dutch comedian starting a flame against conspiracies like climate change deniers or corona deniers, he demonstrated how YouTube Algorithms. Forced him on a clean pc within 3 clicks into those complotters: he searched for pcr test trustable and ended after 3 clicks at 9/11 deniers. This created a big online fight with this famous rapper but believer of a shit load of stupid things. Google deleted his whole YouTube account. He was using a interesting word Fabelfuik which can be translated into Fake news echo chamber.

• Hapee is a true believer of Surveillance Capitalism as framed by Shoshana Zuboff (also mentioned in the social dilemma documentary) but he has seen a lot of NGOs and like minded organisations still considering to make the move to guess what Google Mail, drive, chrome, analytics and Android. And that at the same time where Zuboff is clearly pointing at Google as the inventor of the Surveillance Capitalism: "It was pioneered and elaborated through trial and error at Google in much the same way that the Ford Motor Company discovered the new economics of mass production or General Motors discovered the logic of managerial capitalism."

• While this happened at the same time there was an item about Reclaim your Data with a lot of usual suspects. There is a lot of discussion about decentralised solutions, federated solutions and building our own infrastructure and we can not accept that organisations are moving their data storage or email storage to a provider as Google.

• Hapee also adds Cloudflare here: last week digital security expert started to promote Warp VPN among Thai student because the tool is easy to install and works but we do not know what Cloudflare does with the Thai government and we do know that Cloudflare is quite unresponsive to Civil Society requests.

• In conclusion, Hapee is trying to make us as a community aware that we should prevent ourselves from moving to big tech out of convenience and support the big data collectors with our data: if we as this community keep moving our mail to gmail or office365, how are we going to change the settings?

• Talking about alternatives, a big challenge of open-source alternatives to Google and Microsoft365 services is they're not as integrated, usable, or stable. A big takeaway from the recent AXIS summit that Internews ran was that Riseuppad/Cryptpad/Sandstorm document collaboration tools just don't offer the same kind of integration and usability that say the Google Office suite does.

• There is a tension between usability, FLOSS, and security. Companies use user-friendliness to feed the algorithm, to control the advertisement industry and our data and our privacy, but alternatives are frustrating and difficult for almost everyone.

The Community

• Hapee sees a passion for using technology to look for solutions on different subjects whatever occurs in their own environment, ranging from climate change to corruption, elections etc.
• Hapee thinks that the biggest strength of the community is that is built by dedicated people that want to change the world and make it a better place, even if we disagree.