All posts by axel

Les premiers responsables

Commençons par rappeler quelques points.

La ou le prochan·e président·e de la République française accédera à cette fonction avec une adhésion de – au mieux – 18,19 % ou 16,14 % des inscrit·es¹. Nous sommes donc dans un système (électoral) qui permet à quelqu’un qui remporte l’adhésion d’une personne sur 5 ou même sur 6 d’accéder à une fonction où elle représente le pays et par extension l’ensemble de la population. C’est abscons, et c’est le génie du scrutin uninominal à deux tours, aka : first pass the post, dont les défauts sont très bien expliqués par CGP Grey dans cette vidéo :

Continue reading Les premiers responsables

La technologie, c’est ce qui ne marche pas.

Il y a quelque chose qui m’interpelle régulièrement dans la communication de diverses entreprises (et au-delà), c’est leur façon de représenter la technologie.
Je ne parle pas de la technologie de tous les jours, le smartphone, Google et Facebook, l’ordinateur embarqué dans les voitures… non cette technologie là est priée d’être discrète, de se faire oublier surtout, qu’on ne pense pas trop à elle et surtout à ce qu’elle implique.
Ici je veux parler plutôt de la technologie en tant que concept, ou plus exactement comme fantasme. Celle qu’on ne comprend pas (voire qu’on ne doit pas comprendre).

Très souvent, la représentation de ce fantasme technologique passe par la dépiction de versions bancales voire franchement buguées ou datées.

Des hackers et des robots

C’est souvent le cas pour les logos sensés représenter les « hackers », source de fantasmes s’il en est.
Bon exemple, le logo de la série de jeux Watch Dogs, qui est stylisé avec un underscore (ça, admettons) mais surtout, par des lettres affichant de sacrés artefacts de rendu.

Watch_Dogs logo
Image promotionnelle du jeu Watch Dogs, avec logo stylisé

C’est classique, mais c’est aussi assez stupide. Des hackers qui n’arriveraient pas à correctement transmettre et afficher des données (des images ou du texte) n’iraient pas très loin. Il y a une raison pour laquelle une grosse partie des protocoles de transmission intègrent systématiquement des protocoles de correction d’erreur : c’est pour éviter de se retrouver justement avec des données corrompues.
Représenter les hackers avec des données qui sont très clairement corrompues a donc quelque chose de naïf (et assez insultant finalement pour les gens qui passent leur vie à améliorer les méthodes d’encodage et de correction d’erreur, mais on n’est pas à ça près).

Capture d’écran du logo de Big Browser, blog du Monde

 

Autre exemple, la voix robotique. La représentation cliché de la voix d’un ordinateur est celle d’une voix robotique¹, à la prononciation hachée et monotone. Cela fait pourtant des années (des décennies même) que nous savons programmer des interfaces utilisant la voix humaine qui sonnent nettement plus naturelles que ces caricatures robotiques, jusqu’à sonner quasiment naturelles. Ça n’a pas empêché Bouygues Télécom d’utiliser une voix robotique et monotone dans son spot radio pour les fêtes de Noël (l’insupportable « technoël »), narguant 30 ans d’avancées en synthèse vocale. N’importe quel smartphone avec Android prononce des phrases plus agréables et plus naturelles que cette caricature, mais peu importe, l’important n’est pas la réalité mais sa représentation fantasmée.

Pourquoi cette représentation

Deux pistes de réflexions me viennent pour expliquer cette représentation et ce qu’elle traduit.

Premièrement, cette idée que l’on ne peut pas vraiment faire confiance à la technologie, ce dieu moderne capricieux et incompréhensible, et dont il convient donc de se méfier (certain·es lectrices·teurs sagaces repéreront un « amusant » parallèle avec le discours patriarcal au sujet de « La Femme » d’ailleurs, mais c’est un autre sujet).

Preuve en est, on ne sait jamais quand ce dieu inconstant va nous punir, ici en corrompant les données qu’on lui avait confiées, là en refusant de fonctionner quand on en avait le plus besoin. Cela rejoint cette quasi-superstition ambiante qui voudrait que la technologie est, finalement, douée de sa volonté propre, remplaçant celle de celles et ceux qui l’utilisent (ou de celles et ceux qui la créent, qui ne sont que rarement les mêmes).

Cette pseudo superstition (je ne crois pas avoir rencontré de réels animistes du smartphone ou du GPS) est surtout un vrai dédouanement : si la technologie a sa volonté propre, que puis-je moi, simple mortel·le, pour la comprendre ? Qui plus est pour être responsable de sa maîtrise ?
Dans ce contexte, autant abandonner (et se réfugier dans les bras protecteurs de grandes entreprises qui se feront un plaisir de conforter notre sentiment de « de toute façon, j’y connais rien » et évidemment nous apporter la solution²).

Mais cette idée se heurte malheureusement à la maxime selon laquelle « Le problème avec les ordinateurs, ce n’est pas qu’ils ne font pas ce qu’on leur demande. Le problème c’est qu’il font exactement ce qu’on leur demande. ». Auquel on est tenté d’ajouter : qui est ce « on », désormais ?

La deuxième piste, c’est cette idée rassurante qu’« on est quand même plus malin que ces cons d’ordinateurs ». La preuve, on peut les repérer à cent mètres quand ils parlent, ou essayent de se faire passer d’une manière ou d’une autre pour humain.

TSF Jazz, 2017-04, "It's a human thing"
TSF Jazz, 2017-04: “It’s a human thing”

Il y a quelque chose de rassurant à imaginer la supériorité de l’humain sur la machine, notre capacité à immédiatement détecter les golems. Mais c’est aussi se leurrer quand à notre capacité de le faire, qui plus est quand l’humain est fait associé à la machine et la contrôle.

Si pour l’heure, l’ordinateur qui passera le test de Turing n’est pas encore arrivé, la majorité d’entre nous est incapable de détecter une image retouchée, un son modifié, ou une séquence vidéo falsifiée. Et ces capacités de modification de représentation du réel ne font que progresser. Nous sommes sur le point d’être capables de falsifier les conversations à la volée avec la synthèse vocale. Les réseaux neuronaux battent les humains dans leur reconnaissance de visages ou aux échecs. On peut augmenter la réalité avec des images, de plus en plus réalistes (terme qui finira par être vidé de son sens). Mais cette réalité technologique est encore dure à avaler. Et une machine qui sonne comme une machine, c’est rassurant, ça nie le fait que la technologie nous dépasse (ou nous a dépassé) et qu’on vit donc désormais dans un monde où il faut prêter une attention constante à la véracité de ce qui nous entoure (phrase amusante à écrire, considérant tout ce qu’on a pu dire récemment sur les fausses nouvelles (« fake news ») suite à l’élection présidentielle états-unienne).

Ces représentations se concentrent aussi sur des exemples de technologies visibles ou audibles, plus faciles à concevoir, plutôt que celles plus immatérielles comme l’intelligence artificielle, qui progresse à grand pas et dans une certaine indifférence en dehors des milieux intéressés.

Il est donc possible que cette représentation désuète et caricaturale de la technologie utilisée pour représenter La Technologie trahisse ce qu’on pourrait appeler une dissonance cognitive entre d’une part l’état du monde et des avancées technologiques telles quelles sont et d’autre part, telles que nombre d’entre nous aimeraient quelles soient, par ignorance, idéologie ou par intérêt. Sans chercher à y voir nécessairement une forme de luddisme, difficile de ne pas y voir une certaine négation de l’état d’avancement de nombreuses technologies.

Pourtant, plus que jamais, il nous faut comprendre la technologie pour pouvoir la contrôler, au risque sinon de se laisser contrôler par elle.

 

1. Contre-exemple, le film Her de Spike Jonze.
2. Spoiler : qui consiste généralement à « tout changer, tout racheter ».

Exporting text messages on Sailfish

I had to export text messages (SMS) from a Jolla phone running Sailfish (not sure the version is relevant, SailfishOS 1.1.6.27 (Aaslakkajärvi) (armv7hl)).

Here is the best solution I found, using a groovy script (the bash scripts all had issues).

All scripts tested came from this question on together.jolla.com.

Here are the steps:

  • activate dev mode on the Jolla phone (I’ll let you follow guides for this)
    • you’ll be asked to create a user, it’s actually not the user you’ll use to connect over SSH, it seems to be a local user. For simplicity and consistency’s sake, I suggest you name it nemo.
  • create a working directory on your computer and enter it:
    • mkdir -P ~/Jolla/workdir & cd ~/Jolla/workdir/
  • extract the communications database, over SSH
    • scp nemo@192.168.0.xxx:/home/nemo/Documents/sms_export_multiline.xml ~/Jolla/workdir/
      The username is nemo (no matter what you picked in the previous step), the password is whatever you picked in the previous step.
  • Install groovy on your computer:
    • dnf install groovy or apt install groovy
  • create the script, using your favourite text editor. We’ll use gedit here, for simplicity:
    • gedit ~/Jolla/workdir/sms-export-groovy
      and paste the following:

      #!/usr/bin/env groovy@GrabConfig(systemClassLoader=true)
      @Grab('org.xerial:sqlite-jdbc:3.8.11.2')
      import groovy.sql.Sqlimport groovy.xml.MarkupBuilderif (args.size() != 1) {
      println "Usage: dump.groovy "
      return
      }
      def (dbFile) = args

      def sql = Sql.newInstance(“jdbc:sqlite:$dbFile”)
      def messages = sql.rows(‘SELECT remoteUid, direction, startTime, isRead, freeText FROM Events WHERE type = 2’)

      System.out.withWriter(‘UTF-8’) {w ->
      def xml = new MarkupBuilder(w)

      xml.mkp.xmlDeclaration(version: ‘1.0’, encoding: ‘UTF-8’)
      xml.mkp.yieldUnescaped(“\n”)
      xml.smses(count: messages.size()) {
      messages.each {
      sms(
      protocol: 0,
      address: it.remoteUid,
      date: “${it.startTime}000”,
      type: it.direction,
      subject: ‘null’,
      body: it.freeText,
      toa: ‘null’,
      sc_toa: ‘null’,
      service_center: ‘null’,
      read: it.isRead,
      status: -1,
      locked: 0,
      )
      }
      }
      }

      (Thanks Sami Bourkott for the script)

    • make the script executable:
      • chmod +x ~/Jolla/workdir/sms-export-groovy
    • run the script on the SMS database and tell the shell to output the results in a given file, which we’ll call sms_export_$DATE.xml:
      • ./sms_export_multiline.groovy commhistory.db > sms_export-`date -I`.xml

That’s it, you now have an xml file with all your text messages, in a format compatible with Android’s SMS Backup & Restore.

If you want to restore the text messages, you’d want to send the commhistory.db file back to the phone. I suggest you copy the commhistory.db file to include the date, so you can have several in parallel and still have a clue which one contains what: cp -a commhistory.db commhistory.db.`date -I`

A modern & private chat system (XMPP with Prosody and Conversations)

Here is a(n unfinished) recipe for a modern chat server using XMPP (which you may recall I like). It needs polishing but I’m publishing it right now to make sure it can start being useful to anyone who needs it.  I hope there are no glaring security mistakes, please let me know if you see any.

What do we get?

The users will use Conversations while on the server-side we use prosody.

We will be able to get our messages on all connected devices at the same time, share pictures, audio clips and files simply and instantly, retrieve more chat history from the server and, once we go down in the metro and lose connectivity, get our messages when we regain access to the Internet.

Continue reading A modern & private chat system (XMPP with Prosody and Conversations)

Back on track

It’s 2016 and I realised I hadn’t updated this site in a long time.

So it’s back up and running, with a fresh coat of paint and an updated backend. I finally moved away from lighttpd and to nginx (after all the cool kids did, 4 years ago) and the site is now secured thanks to a Letsencrypt certificate.

It might not seem like much, but it’s nice to feel like things are moving forward.

Google Hangouts and the all but likely death of Jabber

I like Jabber¹. It’s simple. It works.
I can use to chat from my home computer, from my office computer, from my phone. Or all three at once.
I can use to chat privately by adding some end-to-end encryption (such as OTR).
I’ve used to call a friend when he was in Africa.
I use it to chat with my mum. Privately too.
I use it to chat with my friends.

Correction, I used to be able to use it to chat with my friends.
Lately, I don’t see some of them online anymore. Including some long distance friends with whom it has become an important way of staying in contact.

See, it may come as a surprise to you, but most of my friends aren’t übergeeks. In fact, most of them aren’t geeks at all.
They just use what everyone uses. And what everyone uses these days is Google, and thus Gmail.
So they have a Jabber account, which they call a Gtalk account.
I’ve tried telling them their Gtalk account is really a Jabber account, in the same way their their Gmail account is really an email account. Most of the time it didn’t stick but hey, what the hell, at least we could chat.

Now Google has decided to move all their users away from Jabber and towards Hangouts, their new instant messaging platform.

Now before we go any further, of course I understand the need for Google to clean up their multiple instant messaging apps. Of course I understand that most Gtalk users only have Gtalk users in their contact lists. And from what I understand, you can still log in to your Gtalk account, as the Gtalk service is being maintained for the foreseeable future, whatever that means.

But while, Google is selling this a an upgrade they are passing over the fact that Hangouts is really only compatible with Hangouts, and nothing else.
As if users’ Gmail accounts could only send email to other Gmail accounts.

So now, more and more of friends aren’t showing up online anymore because they’ve been switched to Hangouts, usually without realising so. And most of them will probably wonder why am never online anymore, not realising they have moved to a different network.
After all, everything looks the same right? Just a little shinier and more “modern”.

Of course, a perfect solution would be to explain the situation to them.
Create an account for them on my jabber server (or on another server or even help them set up their own, it’s really not that hard), even enable them to point their own domain name at my server, and let them have a cool jane@doe.net address.
It’s simple, all they’d have to do on their end is download Xabber on Android or ChatSecure if –heavens forbid– they’re on iOS², enter their login and password and be on their merry way.
But the truth of the matter is: that would already be too much of an inconvenience.

Most people agree on an intellectual level that independence is important. But once you hit the practicalities, a surprising (and disappointing) amount of people will throw their arms in the air and explain how all they want is to chat, not go into all this complex stuff.
Most people would also agree, especially in these post-PRISM-revelations days, that protecting your privacy is important.
But how many are willing to actually take a look at their online habits and change them?

I may sound bitter, and that’s because I am in part, but I am really more disappointed than anything else I guess.

You know what really grinds my gears?
You know what really grinds my gears?

At the end of the day, I wish I could just create an account for all my friends, have them realise the danger of putting all your eggs in the same basket and all your online life with the same provider and keep chatting as we do now, but to get the same usefulness out of that Jabber account they’d still have to convince all their friends to do the same, who’d have to convince all their friends to do the same, etc.

All of this compared to “but it already just works”.
Sure, it’s possible, but it’s an uphill battle.

And the best part (or the worse) is that it has already happened.

Remember 10-15 years ago. IM was ruled by ICQ, AIM, Yahoo! messenger, MSN messenger.
None of which could talk to any of the others.
Users were siloed.

But users were not (and are not) stupid, so they created accounts on each service. Then they started using clients that could run all services at once.
Ahh, those were the good old days of Trillian and then Miranda and gAIM.
In the end, a better service, or in fact a better protocol emerged: Jabber.
Legacy services even ended up trying to run on Jabber at one point or another and finally huge players based their entire instant messaging offering on Jabber: Google with Gtalk, Facebook with Facebook chat.
This made this services technically compatible with any other server running Jabber (in the same way alice@france.fr can send and receive mail to and from bob@italy.it). And most of the time it made the services actually interoperable (if the service did it right and didn’t close off connections to the rest of the Jaber network in order to be an island on their own… looking at you Facebook chat).

In plain words : I can run my server and chat with anyone connected to a Jabber server as long as I’m on their contact list.

Fast forward to now, and having been through a period of interoperability, we are back to silos: Skype, Facebook Chat, iMessage, WhatsApp and… Hangouts.
None of which can talk to each other.

And this is what really annoys me. We were pretty much done with this silly issue and now we’re back to the same problem.

That and the fact I simply won’t be able to chat my friends, unless they decide to switch back to Jabber (hard), to run a Jabber account on the side just for me (some might be nice enough to indulge me, but for how long?) or I accept to open a Hangouts account.

Some are calling this the year of tactically burned bridges.

Welcome to the future, it will not be interoperable.

 

 

1. For the purpose of this post I’ll just call it Jabber, and keep XMPP for the protocol underlying the instant messaging network.

2. Or whatever other app floats their boat, it’s not like there is a lack of choice.

How email is still failing, a good read on security

Why are we still blindly (for most of us, to say the least) trusting a messaging protocol that lacks so many basic security protections?

The fact is that if someone owns our email account, they own us. To make things worse, so many of us hand the keys to our lives over to the custody of third parties such as Google, Microsoft, and Yahoo!

I think Mark Burnett is spot on.

http://xato.net/cryptography/email-security-industrys-biggest-failure/

A year with La Quadrature du Net

It’s hard to believe I joined la Quadrature a little over a year ago.

The lack of updates on this website is a clear testament of the fact, though.

It feels as if it has been a lot longer, and some of my friends have also told me so. As one can imagine, it has been an intense ride, with many dossiers unfolding at the same time: the Net Neutrality debate, the French HADOPI law and similarly-named administration clinging on to dear life, the revision of the European IPRED directive, the dangerous and infamous ACTA agreement, and the many and ongoing attempts to control and censor the Internet.

But many positive things have also happened: positive proposals for the future of creation funding were synthesised, wonderful projects such as RespectMyNet, a citizen Net Neutrality monitoring and reporting platform, the Political Memory, or the Pi Phone came to fruition. Furthermore, many, many citizens learned of what is looming over the Internet as we know it and our freedoms in this space, and decided not only to keep track of these issues but also to act on them.

To imagine over 2.5 million people have watched a two-minute video trying to synthesise the dangers about ACTA is quite incredible, and to see how in a post-SOPA setting this translated into literally thousands of phone calls to European elected representatives  makes one realise that citizen involvement, beyond being heart-warming, is also vastly efficient.

I can hardly sum up everything I’ve learned, the insight I’ve gained into politics and policy-making at the European level, the understanding of organisations and volunteer communities, the wonderful people I’ve met and the knowledge and expertise they’ve shared with me.

But I will attempt to do so in a few posts in the near future.

Joining la Quadrature!

I’ve recently joined la Quadrature du Net as a full time campaigner.

My role will be to coordinate the community, help build citizen campaigns directing grassroots energy towards existing institutions (both French and European) and assist with fundraising and support.

It’s quite an honour to join one of the most dedicated group of people in Europe fighting for a free Internet and for the protection of civil and fundamental rights online, and I expect to learn many things and gain insight as much as I hope to be efficient in defending our freedoms.

Le Web 2010: day 2

Here is a quick summary of what happened at day 2 of Le Web 10.

A fascinating presentation by Salim Ismail of the Singularity University about the brain, how it controls stuff, what we know and especially don’t know about it.

Before that, Ariel Garten from Interaxon talked about thought controlled computing, using the brainwaves.
The presentation was insightful but felt a little too prepared and unnatural. The opposite from Dennis Crowley of Foursquare.

Talking of which, he came back for an extra Q&A and answered candidly questions from the audience.

Later during the day, it was good to see Mitchell Baker from Mozilla and Matt Mullenweg from WordPress talk and remind the participants of the importance of Free Open Source Software on the web.
I sometimes wonder if they realise most of their infrastructure runs in no small way thanks to FOSS. It seems most of the start-ups are very happy to take advantage of the Free Software offerings, but most don’t practice that approach themselves.
Save for WordPress, whose Matt had this good wording of the situation:

We are one of the only companies here today that makes a living by giving away our intellectual property.

Given the success of WordPress (it powers 10% of all websites according to them), it may have given a bit of food for thought to a few participants.

Matt Mullenweg also called people to pay more attention to the hidden social network, the vast network of loosely federated blogs that still contain more people on or around them than Facebook. If they were to actually federate, one can only imagine the result. But I’m sure some smart people are already thinking about that and working on it.

As for Mozilla, they did a very cool demonstration of an real-time animated city with video rendered on the skyscrapers, all in HTML5. And Mitchell Baker talked about how they plan to make one’s identity a bigger part of the browser. The future sure looks interesting for the web.

The day ended with possibly the best talk (and did he talk) by Kurt Vaynerchuk.

Unrelenting, unabashed, whole, he spoke before a delighted and fascinated audience about the importance of finding what really motivates you in life and follow that as a professional path. His message is a really positive one and his delivery makes it even more honest and interesting to listen to.

All in all an interesting 2 days, some interesting people, some not-so-interesting food (but maybe it’s just France that spoils us) and lots of interesting insight, be it on the web/tech start-up scene or more general perpectives.

Well worth it.