Split Decision

November 7, 2018

I think Bill Kristol has the right of it:

One can argue Republicans didn’t really do that well given the strong economy. One can argue Trump is on net a burden to the party and that in the long term he’ll do great damage. But one must also admit the public did not rise up as one yesterday to repudiate Trump and Trumpism.

Of course it didn’t take long for Trump, emboldened by Republican gains in the Senate, to start the process of dismantling the Mueller investigation by firing* Sessions and replacing him with a loyalist. (* Sorry: I meant “accepting the resignation of”.)

WebAuthn and Biometrics

October 26, 2018

Chrome 70, just released, supports WebAuthn with biometrics. This includes Touch ID on macOS. I was playing with it this morning:

Chrome 70 on macOS with Touch ID via WebAuthn

I can’t wait for Apple to get in the game here: if Safari supports WebAuthn and biometrics in some future release of iOS and macOS, and ties it to iCloud Keychain, we might really see passwordless authentication take off on the web. Porting private keys outside of a single ecosystem might prove to be a stumbling block at first… but it’s still a step in the right direction.

Revisiting RSS

August 16, 2018 :: musings

“RSS is dead.” — The tech press, en masse, circa 2013

It’s time for an RSS revial.” — Wired, 2018

RSS, a feed format first introduced by Netscape in 1999, is today a piece of mostly forgotten plumbing behind the Web. The format had its moment in the sun in the mid-2000s when an ecosystem of reader applications and feed-rich websites flourished. Early reader apps made it easy to consume content sourced from countless websites and to see new content nearly as soon as it was published.

RSS’s “mainstream” popularity peaked with the advent of Google Reader, the first non-beta version of which shipped in 2007. Reader was unceremoniously axed in mid-2013, a casualty of changing consumption habits and of Google’s strategic disinterest. Growing social networks, including Facebook but most especially including Twitter, stole much of RSS’s thunder. Personalities and publications became co-equal voices. Flowing rivers of news, not inboxes with unread counts, became the dominant UX metaphor.

In a twist of fate, in the half a decade since Reader’s demise, RSS has both exited the public consciousness and exploded in daily use. This is entirely due to the growth of the podcast ecosystem: every podcatcher app is secretly an RSS app; every podcast is secretly an RSS feed. NPR is perhaps the world’s largest purveyor of RSS feeds, with nearly 17M monthly unique listeners.

Beyond podcasting, a community of healthy lifestyle businesses has emerged to replace what was lost with Google Reader. Feedly is perhaps the largest player in the space, providing an excellent sync platform and web reading UI along with power features targeted at high-volume consumption of content by researchers, analysts, and teams.

I suspect that opportunities exist both to improve the reading experience and to provide new vectors for content discovery.

The fundamental limitation on consumption is time; as metaphors, inboxes and rivers both dance around this limitation. Inboxes invite consumers to “capture it all” but immediately frustrate them with unread counts that make plain their inability to do so. Rivers remove “total capture” as an expectation but force consumers to tread water as the volume increases. Shallow engagement with content, and (perhaps) increased media polarization, are the results. A consumption service that takes limited time as a fundamental premise would offer an intriguing counterpoint to these metaphors.

Discovery is a tricky beast. Few consumers today would claim that they lack new content to consume! At the same time, humans are foragers. We value new content not only as a function of its quality and utility, but also as a function of how we find it. Ask any music lover about their favorite albums and you’ll quickly discover that the circumstances of and path to discovery are just as important as the music itself. As a result, services that provide additive and unique new vectors for content discovery may prove successful. On the other hand, solo services claiming to “solve” the discovery problem are probably missing the point.

The broader RSS ecosystem is about much more than consumption. Today, RSS is as much a format as it is a signifier of a better, more open, and decentralized1 future for the web. The self-styled Indie Web community is its standard bearer. Along with newer (sometimes informal) standards like Microformats, Micropub, Webmention, and ActivityPub, RSS represents a potential counterpoint to the closed and centralized social networks of today.

In the past several years, a number of early federated social networks have emerged. A few, including Mastodon, PeerTube, Pixelfed, and micro.blog, have shown modest but intriguing traction. Mastodon, for instance, has 1.4M registered accounts across its network and sees over 100k actives weekly. During its two year lifespan there have been 154 million “toots”. The network continues to grow, albeit at a modest pace, and demonstrates unexpected use cases. For example, shortly after the passage of the FOSTA/SESTA bills, a major new Mastodon instance emerged to serve the needs of sex workers in the United States.

I believe there is sizable untapped potential in federated social networks, although it is difficult to predict future scale and probable economic winners. To date, the Fediverse has contented itself with replicating the features of its centralized counterparts. This is uninspiring and unlikely to attract an audience. “Own your own content” is not a mainstream value proposition; neither is “Delete your Facebook”. An opportunity exists to provide users with new social capabilities that the centralized social networks are unlikely to ship on their own. These capabilities don’t need to be radical departures from the past: if the Internet has taught us anything, it’s that even small deviations from currently mainstream modes of expression can quickly attract large audiences.

As a final note, it is worth mentioning the world of cryptocurrency as it relates to the future of decentralization. Some prominent figures, like Chris Dixon of a16z, believe that cryptocurrencies — or, at least, blockchains — have a foundational role to play in a future “re-balancing of power” away from centralized services like Facebook and towards the open web. While provocative, my perspective is that this confuses the issue: there are plenty of federated systems — like email! — operating at scale today that have no dependency on crypto tech. At the same time, it’s difficult to imagine a future ecosystem of any kind where the distribution of influence is flat or nearly so: power laws are the norm, not the exception. We should acknowledge that unequal outcomes in networks are the result of many factors, perhaps primarily including nontechnical factors.

[1] I typically avoid the word “decentralized” but acknowledge it is the common term, at least today. I prefer “federated” since it has less baggage: many people think “decentralized” implies an equal balance of power among participants. In practice, meaningful networked ecosystems almost never converge to uniform distribution. Email is federated; Gmail is its behemoth… and that’s okay.

Dependencies Run Deep

July 26, 2018

From the “get off my lawn” department.

I start a new Python web project using a popular “modern” template.

Immediately after creating the project, the top-level directory includes .babelrc, .bandit, .bootstraprc, .coveragerc, .editorconfig, .env, .eslint.ignore, .eslintrc.js, .isort.cfg, .pre-commit-config.yaml, .prospector.yaml, Makefile, Pipfile, Procfile, app.json, package.json, postcss.config.js, runtime.txt, and three different webpack.*.config.js files.

There are 47 direct Javascript front-end dependencies and 28 direct Python back-end dependencies. The out-of-box Webpack configurations run to hundreds of lines long and utilize half a dozen plugins. I shudder to consider how many transitive dependencies there are.

This feels broken in a way I can’t quite put my finger on. I accept that we’re long past the day when, to start a new project, we needed precisely two dependencies: the Commodore 64 Programmer’s Reference Guide and the Merlin Assembler. But I don’t accept that this complexity and layering, especially with its typical paltry documentation, is at all manageable for the average developer. I’m not convinced that it’s manageable for any developer, including the developers who created the template itself!

Yes, the substance of programming has changed radically since the days of the 6502. Then, the art was to understand the machine and coax it to do useful things despite its limitations. Today, the art appears to involve stringing together black boxes in endless new combinations, hoping to arrive at utility that outweighs the mental and operational overhead imposed by those boxes.

If that is indeed today’s art then I believe we’re far from finding an aesthetic that makes it meaningful.

Mastodon Stats

May 3, 2018

I’ve been taking a closer look at the world of ActivityPub and related federated social networking standards.

Mastodon is probably the most widely used implementation of ActivityPub today1. Here are some random stats I gathered, current as of yesterday:

  • I was able to identify 2,621 public Mastodon instances.
  • Across these, there appear to be 1.23M registered accounts.
  • In the last week, there were 111k accounts that actively published content.
  • The largest single instance is pawoo.net, run by the Pixiv Japanese artist community, which appears to account for a quarter of both registered and recently active users (at 368k and 33k, respectively).
  • Three of the top five largest instances, which in sum account for almost 50% of the entire network’s accounts and activity, are based in Japan.
  • One of the largest instances is switter.at, an “open and free community for sex workers” that appears to have been created in light of the FOSTA and SESTA bills.

The entire network reports slightly over 121 million “toots” across Mastodon’s entire history; for comparison, it’s estimated that there are 500 million tweets every day — that means a new Mastodon is created on Twitter roughly every six hours.

[1] Okay, it’s not strictly an ActivityPub implementation; there’s a more involved history that’s not relevant here but is worth reading.