Cory is a science fiction author, activist, journalist, co-editor of Boing Boing and the author of many books. We talked to Cory about open source, the open web, internet freedom, his involvement with the EFF, where he began his career, the details he’ll be covering in his keynote at OSCON, and his thoughts on open source today and where developers should be focusing their efforts.
Cory Doctorow: Sure. As I mentioned, I’ve got an eight-year-old and she was born in London in our flat in a pool in the living room. She likes to hear the story of her birth, right? So we would tell her the story of her birth… My wife told her she came and yanked on my arm and shouted, “Story arm”, that I would tell her a story. So she runs up whenever she is bored and she yanks at my arm and yells “Story arm!” And being a writer, I like to iterate when I tell stories, so I’d tell them a little differently every time. I’d start a little further back or go a little bit further forward.
What I realized was that the interesting part of her birth story was the stuff that led up to her birth, and not like the stork stuff, but the stuff about how my wife and I met and became best friends and lovers and a couple, and got married and decided to have a baby. You know, all of that stuff is unique; the stork stuff is the same for everybody. What your parents did to make you is almost certainly something I can guess at with a pretty high degree of accuracy, right? But how your parents came to make the decision to do that and make you - everyone has a different version of that.
[20:08] The open source version of how we got here, we talk about the licenses and we talk about the packages and milestones, but there’s like this really strong social component to how we got here, because around the same time that the open source movement was starting, it was also around the same time that the open web movement was starting, that we were sun setting these proprietary network architectures - whether those were the ones the phone companies ran… You know, AT&T circuit-switched services-centric network or the big commercial services like Compuserve in AOL… They both kick-off around the same time, and yet the open web has collapsed, the open web is almost dead.
We are in a desperate and dire moment for the open web, and the free and open source software movement has soared; everything, including the things that are closing down the open web is built on free and open source software. So that is an amazing thing, and the speech kind of interrogates what the difference is, and how one soared and the other sank, and what we can learn from the free and open source movement to keep the web open as we try to open it up again.
I think the thing that the free and open source software movement had going for it is this thing called the Ulysses Pact. The story of Ulysses goes that Ulysses was gonna sail into siren-infested waters and anyone who heard the song of the sirens would be tempted irresistibly to jump into the sea and the sirens would drown them. So normally, when sailors sailed into the siren sea, they would fill their ears with wax. But Ulysses was a hacker and he wanted to hear what the sirens’ song sounded like, so he had his men lash him to the mast so that he could hear it, but he couldn’t get loose. So what he used was his strong self, the moment at which he was strong, to predict that in a future moment he would be weak and to take countermeasures to prevent himself from giving into that weakness. We use Ulysses pacts all the time - if you go on a diet, you should throw away your Oreos away on night one; not because you’re like incapable of resisting temptation, but because everyone sometimes has moments of weakness, and the strongest thing you can do is to recognize that you will have a moment of weakness in the future and take a countermeasure against it.
In the free and open source world, our Ulysses pact is the irrevocable license, because the failure mode of free and open source software, having founded a free and open source software company, I can tell you is that there are moments in which it feels like your survival turns on being able to close the code that you had opened when you were idealistic. There are moments of desperation when that happens.
Of course, it’s ridiculous, because if you’re making anything substantial under free and open source software, you’re building it on other things that other people have opened and can’t close, and if they were to close off their code your project will collapse. So every one of us wants to be the only one who can revoke a free and open source software license, while all the plumbing that we built on top of stays open. Because the licenses are irrevocable, because you can’t close it once you opened it, you generally don’t even get the pressure from your investors or from potential acquisition suitors or from other parties who can otherwise lean on you and put a gun to your head - they don’t even bother, because there’s no point in shouting at you to close the code, if they know that it’s not course of action that’s even open to you.
[23:44] So even though the same desperation that led us to close the web is present for everyone who’s ever made an open source project that succeeded, that desperation can’t express itself in the same failure mode that the web has had. So my talk is about how we can build a Ulysses pact for a newly opened web around two principles that will keep the web open even in the desperation of its founders, even when the pirates who founded it become admirals.
The first principle is that any time a technology or computer gets an order from its owner that conflicts an order that’s been given to it by a remote party, the owner should 100% of the time without exception win. The owner always gets to overwrite remote policy.
The second one is that any true fact about the security of a system that you rely on should always be legal to disclose, under every circumstance. My pitch is that these two principles should the principles that we become zealots for; that if they’re not calling you an unrealistic idealist about your adherence to these principles, then you’re probably not trying hard enough. So my pitch is that the people who care about building an open web to be the nervous system of the 21st century, to have an Internet of Things that’s not an Internet of things on fire that spy on you and ruin your life, is that we need to like take these principles and cherish them as much as we cherish the core principles of free and open source software, and weave them into our licenses, into our professional codes of conduct, into our membership agreements, into every single piece of what we do, so that there’s never any question that this will come about.
There have been lots of times when the governments have tried to pass laws that say “In order to make software, it has to be closed” and the fact that there’s all of this critical, open software has meant that those laws died every time. Because you’re going back to them and saying, “Well okay, but what you’re talking about is throwing away all the infrastructure on which the digital world is built. What are you planning to replace it with when you pass your dumb law?” You know, reality asserts itself, and so if we can create a reality on the ground to assert itself when governments contemplate stupid laws that say that remote parties can override local parties, whether those are crypto backdoors, or DRM, or lawful interception overrides, or any of the other things that have been the parade of horribles of the 21st-century, then we can make a difference.