Christine Lemmer-Webber: CTO of Spritely Institute, ActivityPub Co-Editor, and User Freedom Activist
RadicalxChange(s) | 2022-07-21 | 1:40:19
In this exciting episode, Matt Prewitt speaks with the inquisitive and captivating Christine Lemmer-Webber, who is CTO of the Spritely Institute and whose lifelong work focuses on advocating user freedom. This philosophical and technical discussion focuses on the many ways to look at ethical methods of building technology without usurping the free agency of others; a pluralistic view of examining technical design with different lenses.
Top Keywords
- capability 0.007
- randy 0.007
- utilitarianism 0.007
- able 0.005
- context collapse 0.005
- spritely 0.005
- system 0.005
- agency 0.005
- well 0.005
- object 0.004
- object capability 0.004
- capability security 0.004
Transcript
Speaker 0
0:00 – 1:38
This is a RadicalxChange production. Hello, and welcome back to Radicalxchanges. In our episode today, we wanted to take a break from our series of talks from the twenty twenty one Radical Exchange Unconference to bring you this exciting conversation with Christine Lemmer Weber. In this conversation, Matt Pruitt talks to her about the vast importance of decentralized social networks. They cover a lot of ground in this conversation. They start with the philosophical underpinnings that guide Christine's work in the space, and then move into some of the more technical aspects on how to actually design a decentralized social network and keep it it secure. It's a fascinating look into the mind of one of the most exciting innovators in this space who is building the tools, protocols, and standards of the decentralized and open source web. Christine was coauthor of the activity pub web standard and worked at Creative Commons as a tech lead. Today, she is the CTO of the Spritley Institute, which is an institute that builds, researches, and standardizes network technology that puts people and communities first. She's also the host of the Foss and Crafts podcast along with her spouse, doctor Morgan Lemberweber. Foss and Crafts is a podcast about free software, free culture, and making things together, values that are definitely in line with radical exchange. We hope you enjoy this conversation with Christine Lemmer Weber. This is Radical Exchanges.
Speaker 1
1:43 – 1:44
Hello.
Speaker 2
1:44 – 2:07
Hello. Nice to nice to be with you. Thank you so much for, for having this conversation today. Really appreciate it. Yeah. Thank you for having me. So, yeah. Christine Lemmer Weber. I would love to hear a little bit about, what it is that you that you do and, for the benefit of listeners who are not aware.
Speaker 1
2:08 – 4:33
So I I guess my main thing is working on, decentralized social networks, although, really, it's more decentralized networking technology in the more general case, and also decentralized security. And in the much more general case in that, I'm generally a user freedom activist. So, I've been, for the last decade, working on decentralized, social networking technology and decentralized networking technology in general. The thing I'm probably most well known for is that I'm co author of the ActivityPub web standard, which, is used by Mastodon and Pleroma and PeerTube and a whole bunch of other things. So it's it's the currently most popular, decentralized social networking, system out there for the web. I mean, you could argue that maybe there's a more popular decentralized social networking system out there, which is email, but that's not specifically a web protocol. Right? And people don't generally think of that as a decentralized protocol. But, in ActivityPub works a lot like email in the sense of it's, you know, sending messages around to different actors, and it doesn't matter what server you're on. Right? But there's a lot more stuff in there that's for being able to add social networking technology. So aft you know, if you move back before that type of stuff, before I started working on decentralized, networks, I was working, at the, at Creative Commons as tech lead. And then I left to work on decentralized social networks, basically, because I was working on a project called Media Goblin, which was supposed to be a decentralized, you know, YouTube video like, you know, like, audio video everything type, platform. And when we realized that we needed a way for these different servers to talk to each other, we ended up, getting involved in the World Wide Web Consortium's, standardization effort around that, around this topic of federation. So that's how I got involved in ActivityPub. And then after that, I basically wanted to try to solve all the things that I thought ActivityPub couldn't do. So you asked me a short question. I gave you a rambly answer. Expect a lot more of that on this podcast and anywhere else that you may listen to me. So yeah.
Speaker 2
4:33 – 5:13
No. I appreciate it. Would love to know I mean, a bit maybe you can say a bit more about, what your sort of motivations and aims are with the work that you do because I I think there's there's clearly, like, a very deep philosophy behind your the, I don't know, the connection between society and technology that you are that that is, you know, motivating you and that you're and that you're advancing. I mean, is there could you say a little bit more about, about basically where you want the Internet to go and what kind of inspires you about the about the work that you're doing? Yes. So let me
Speaker 1
5:14 – 15:45
answer that first by rewinding and adding one more thing to my previous long rambly, comment, which is that I should have mentioned that I'm CTO of an organization we're launching right now, which is the Spritely Institute, which is a five zero one c three registered charity in The US. It's a nonprofit. We are working on the next generation of serving the needs of, Internet communities and, you know, decentralized networking and all that type of stuff, which I am cofounding with Randy Farmer, who has been working on this stuff all the way back since the mid eighties. Worked on the world's first ever, like, decent well, not It was decentralized in the later incarnations, but, Lucasfilm's Habitat was the first ever kind of large virtual world system that existed. And that was in the mid eighties. So we've connected, and and our work is kind of moving together. But I'd like to get back to the Spritely I'm sure we'll get back to the Spritely Institute in a bit. But you asked me a more direct question. I just felt the need to backfill information. And so I, about myself and my philosophy. So everything I do comes from activism around user freedom. The for me, The U term user freedom, I think as far as I know, I actually coined that term. It's being a bit more broadly used now. And the it was kind of riffing off of something that Bradley Coon came up with, which was softer freedom, which is riffing off of the work of free software, right, which is free as in freedom, not as in, you know, free price necessarily. So the reason for that term user freedom is trying to broaden the, scope of things that we might be concerned about with users. Right? So we're we might we're concerned about, the software, but we're also concerned about, you know, maybe hardware. Right? Like, what is can you modify and tinker with the hardware that's on your computer? Also, what about cultural works? You know, do we have a commons? Can you can you modify the the cultural works that you receive? Is that all locked down? Are we, you know, are we only able to access, you know, content that is produced officially only by Disney Incorporated and nobody else? Right? You know, and so I also am very, concerned just in terms of network architecture. So but the other the other kind of guiding philosophy that goes into everything I do is basically maximizing agency for everyone. So you asked about philosophy, so I'm gonna get literally philosophical for a second, and say that, well and when I was in college, I got very you know, philosophy wasn't officially a minor, but might as well have been in some of the studying I was doing. And I, my personal philosophy is, you know, in the world of philosophy, things tend to either move towards either between highly rule centric systems or highly kind of result oriented systems. And, I think that any one of those approaches, whether or not you take it, end up kind of meeting in the middle. Mhmm. And the approach that I take is kind of a modified version of rule utilitarianism. So if you're familiar with utilitarianism, that's basically the idea that, you know, you wanna do any action is evaluated based off of its result. And what's the result that, you know, ends up creating the greatest happiness? Right? Because you gotta measure it by something, and so utilitarians go by happiness. And that's great. That's interesting. But happiness is kind of a a weird metric for one thing. And the the second part is there's either act utilitarianism, where you're going action by action, and there's rule utilitarianism. And rule utilitarianism develops because you end up, deciding that, well, after doing enough analysis, just going case by case, you actually cause a lot of harm. Right? It's very easy to wiggle out of things and say, well, you know, it looks like if I do this thing this time, yeah, that's gonna result in the biggest benefit. It's also hard to know. Right? Because you you have to kind of develop patterns from which to analyze. So utilitarianism actually folds in something that resembles a deontological approach, which is, you know, a very rule centric approach by saying, yes, we need rules. But not because of the sake of the rules, but because of the world that it creates. However, I don't like utilitarianism in terms of it being based off of a metric of happiness. I think that's weird. There's a lot of times that there are things that don't make me happy that are, I think, in my best interest. What I instead think about is agency. Right? So what is the freedom to be able to express oneself, to be able to act as an agent in this universe? So this even actually comes into my technical designs. So, the type of technology that I'm really interested in are is technology that involves a distributed network of different agents. And how can we actually build technology that allows those agents to be able to act and express upon their desires without interfering with the agency of others? So if you go with individual agency, it kind of ends up as no good. Right? Because what people quickly move towards is being selfish, as in terms of I'm just gonna do whatever is best for me personally. But the if you take a maximizing agency approach, like an ethics of agency so that's a phrase I I I once went with agentarianism, and then I found that people assumed that that was a libertarian offshoot even though Arianism is a very broad thing. So now I go with, you know, ethics of agency. Right? So ethics of agency, in my case, means that you you want to try to create, you want to act and create the world structures such that it maximizes the agency of everyone. And it you're maximizing agency and decreasing subjection. So like utilitarianism, which, maximizes happiness and minimizes suffering, but actually puts a higher value on minimizing suffering. Because suffering, you know, what are the moments you think about in life? You know, you go give a talk and, like, you know, a 100 people come up to you and say, that was a great talk. It moved me and everything. And then one person comes up to you and was like, that talk effing sucked. Right? You know, you're terrible. You're blah blah blah. What things are you gonna remember? You know, out of you're gonna remember the terrible thing. Right? This is generally true that suffering weighs on us more so than happiness. Right? And the same thing with subjection versus agency. You know, so therefore, you can see the worst thing from a kind of ethics of agency perspective is slavery. Right? Where you're completely taking the, agency away from, a being some sort of being. So anything that I'm trying to do, I'm trying to look at you know, I don't wanna make the decisions of what individual agents want to prioritize in their life. But I wanna build the right kind of infrastructure that allow individual agents, you know, obviously, like in utilitarianism also, which puts a higher value on, certain kinds of happiness. Right? You know, so utilitarians put a higher value on, intellectual happiness in general over physical, like, happiness, which means, you know, like well, very controversial figure. But, interesting in many ways, and I think wrong in some others. But, you know, plus, I don't agree with his analysis of, happiness, even though he's explored other approaches. But, you know, Peter Singer pushed in a major way for for an increase of thinking about animal welfare. Right? And a and a common misconception is that this means that, you know, he's he's against, the you know, he you would you would treat human beings and, you know, other other animals at the same level. And that's not true. Right? You're because you're because the amount of suffering that's intellectual suffering and the amount of happiness that's intellectual happiness is much larger. That gets Peter Singer also into trouble at some points in ways that I'll completely acknowledge when it gets to really tricky issues like, ableism and stuff like that. And I think that's a giant thing to unpack, and I'm very sympathetic to the reasons why people feel very stressed out about hearing that type of thing. But what I will say is, I think that, I think that there's a large, if you take this from a perspective of agency, you could also say, well, there are certain types of agents that have much more capacity for us to wanna protect that agency. Right? And therefore, human beings are also in that category. It's also true that, you know, you don't wanna go and, you know, you know, remove the agency of nonhuman beings. Right? And there's there's one of the things I really don't like about deontological approaches is probably that I'm way too much of a sci fi nerd, but I end up thinking this is just gonna fall apart. Right? Like, the moment that, you know and maybe it'll never happen. That but at least as a thought experiment that we have humans interacting with nonhuman species. Right? You know, a lot of the rules that we would make from an absolute perspective, like a Kantian way of developing maxims, might fall apart when things are differently structured. So this is why I actually tend to think that a consequentialist approach that ends up, you know, kind of evolving towards a rule oriented perspective is the right approach. You know, you have these two things. They're both important. They're actually duals of each other, in, like, a mathematical duals perspective. And like a lot of things, you know, like how most programming language interpreters have eval which calls apply, which calls eval, which calls apply until it hits a fixed point. The rule based approach and a, a consequentialist approach both eventually actually arrive at very similar places. So I do think it's important to sit there and try to think, well, what's generally the right and wrong thing to do? While also being understanding that these are all developed in context. So this has been, again, a long ramble. But the other component of that naturally comes to is I'm a big believer in context. Right? And so, actually, this is you could say Randy and I forming the Spritely Institute is actually, in many ways, us saying the world is not paying enough attention to context in both the way that we treat human beings, but also in terms of the way that we design our systems. So, that is again, okay. So that's, I guess, giant ramble number two on the podcast so far.
Speaker 2
15:46 – 16:34
But I'll throw it back to you. No. Not at all. That was absolutely brilliant. So, I'll do I I wanna so I I wanna ask a couple questions about that, and then, and then I think it would be great to sort of get, you know, land the plane into this discussion of, like, network architecture and how it relates to this to this set of ideas. Sure. So one I guess one question is, so if I understand correctly, you're sort of saying that rural utilitarianism is this, like, attractive synthesis between, like, utilitarian consequentialism and and, you know, Kantian deontological, perspective. Is that is that fair?
Speaker 1
16:36 – 16:55
Between between act utilitarianism and, a Kantian deontological perspective. Yeah. So I'd say rule of utilitarianism, yeah, is that type of thing. But yeah. As as but also with the caveat that I think measuring happiness and unhappy suffering is kind of bullshit, and agency and subjection is much more interesting. But yes. Exactly.
Speaker 2
16:55 – 17:08
So is is age so there's kind of, like, thinking of you know, centering this perspective on the idea of of agency. That seems to me like a particular conception of rule utilitarianism. Like, there are other versions of rule utilitarianism.
Speaker 1
17:08 – 20:39
Exactly. Exactly. And actually, so the the version that sometimes when I bring this up so I haven't fleshed this out in super long detail, other than on a podcast episode from the podcast my wife and I host, where, but, you know, I've been kind of thinking around this idea of, ethics of agency for quite a while. So, I guess if anybody finds this form of, ethical reasoning interesting, this is only one of a couple places where I've really fleshed it out so far. But, the so so let let's actually take a different form other than happiness and subjection that sometimes people say, oh, well, this has been done. So act utilitarianism. And actually, Peter Singer's been said, you know, I think I might be an or not an act utilitarianism. Sorry. Preference utilitarianism. So there's a version of this where, where you could say, well, are somebody's preferences being upheld? Right? Not about the whether or not they're happy or unhappy. It's what whether or not their preferences are upheld. Well, this sounds like the same thing as agency. And, no, I don't think it's the same thing as agency. And the reason it actually can be seen by the traditional takedown of, preference utilitarianism, which is, you know I mean, philosophers love to come up with these weird thought experiments just like computer scientists do. Right? You know, no no surprise. We're working through abstract medium, so we're we're trying to come up with abstract ways of thinking through problems. And there's this one about the I forget what it's called. It's like the the something happened it's like something like the, the it it's some drug pusher, basically. I don't remember the name of the thought experiment. But the drug pusher basically is, you know, is acting in the best interest like, acting in the preferences of the people they're pushing drugs to. You know, they give the first hit for free, and then this version of things, they continue to give a hit every time for the rest of the person's life, even though it's harmful to this person who's taking it. But it does become their preference. Right? So you would think you know? But but if you look at this from a perspective of agency, the person has actually lost their agency from the very beginning. The person has put the person in a situation that has removed their agency knowingly at the very beginning by kind of creating this unhealthy relationship. So I don't think preference utilitarianism is the same thing, but it's another kind of lens. And, by the way, I don't actually think the ethical framework that I'm suggesting right here, you know, ethics of agency, is necessarily, even though it's the one I use to measure the things in my life, I'm not necessarily saying that it's, the absolute right way to do things. When I was in college, my ethics professor, doctor Edwards, who is also my adviser, who teaches at DePaul, he he, he he said something that had a big impact on me, which is he said, you know, well, we're looking at all these different ethical methods. And what you could really think of them as different lenses. Like, you can turn on this lens to kind of analyze a problem in this way, and then this lens to analyze a problem in another way. And there are all sorts of great ones. You know, you've got, you know, the kind of veil of ignorance from, you know, Rawls. You've got the you've got, all the work that's happened as in terms of ethics of care, which I think is awesome, you know, that we actually should value our caring relationships really strongly, and all sorts of other things. All these things are great. They're great lenses. It's useful to swap them out. I just think that this is the lens that seems to result in the greatest amount of clarity in terms of the kind of world I feel really strongly about building.
Speaker 2
20:40 – 21:14
Gotcha. So so when you talk about, so it seems to me that, like, in the in the example of, giving a drug to somebody, which then, like, modifies their their preference, there's a, there's a a little bit of a challenge, I guess, in sort of, coming up with some way of external, you know, externally eliciting, you know, preferences. So they so there's a conception of agency allows for a gap between people's expressed preferences and
Speaker 1
21:14 – 21:38
what their preferences would be if their agency were more fully expressed. Is that That's right. That's right. And so, you know, informed consent, right, is a big part piece missing from that story. Right? You know, did did that person didn't give informed consent? Even if in the end, they ended up continuing to fulfill that person's preferences, they withheld informed consent in a major way upfront. Right? So that that's no good.
Speaker 2
21:39 – 21:54
Gotcha. So you have, I, assume, well, sort of a set of heuristics for understanding when agency is is more or less fully respected or fully expressed, which are, you know okay.
Speaker 1
21:54 – 24:18
I mean so so one of the things I think it's kinda weird is that people have actually created, like, mathematical calculi of, like, of of utility in utilitarianism where they have, like, utiles to measure happiness. And, like, you can write out statistical formulas. This is a very statistical endeavor. Right? Like, I actually think that you enough most thinking doesn't require that. Right? Like, most thinking is kind of like you can actually kind of ask the question. Like, does it feel like this person's agency is being fulfilled? Or ask somebody whether or not they feel like their agency is being fulfilled and upheld. Right? Like, are they able are are they, you know, they do they have is there something that they wanna do, but they're just not even permitted to be able to try it or act or whatever? Yeah. So, like, I think that I don't give a very clear this is a very fuzzy system. Right? It's not a very crisp system. This is a fuzzy system. I I admire people who take crisp system approaches. So, you know, for dude's got a lot of problems. But Richard Stallman did something interesting when he was working on the, the initial set of rules for free software, you know, also known in some circles as open source. But he he's, you know, one of the things he did is he he stepped back and he took a Kantian perspective. Literally says, taking a Kantian perspective to build these things as kind of maxims. It's useful. I don't actually think it's the best way to do it. Part of the thing that I like is I, you know, I ask myself this the the question, am I being consistent? Right? You know, am I being consistent between this, that, and the other thing? And I try to think within contexts. And the the best thing that we can do in a certain sense of the kind of heuristic is just kind of ask, am I stepping on someone's agency? You know? Is there is there a point and you're going to have to I don't think that you actually can completely I don't think it's possible to build a system where you're completely free of stepping on someone's agency because, eventually, you have to prevent somebody from shooting somebody with a gun. Right? That's a that's a major way to take away somebody's agency is be dead. Right? Sure. You're taking away their agency to pull that trigger, but you're you're also taking away their the, the other issue of the other person being dead. Now by what mechanism you particularly select for that, I don't you know, like, they're that I don't care to get into that at the moment. But it's just that's a clear example where you you can't just think from an individualist perspective. You have to take a social level perspective.
Speaker 2
24:19 – 24:48
Yeah. Yeah. And just to as as a clarification, like, when I talk about heuristics, I don't necessarily mean, like, quantifiable heuristics. I just think it's interesting to sort of to to get to get a sense of of what you mean. Like, what sort of question might you ask? What sort of inquiry might you pursue, even a nonquantifiable one, to to get a sense of of whether agency is is, you know, whether we're doing better or worse. Right? It's a great question. Actually,
Speaker 1
24:48 – 25:18
it's a it's a great question that actually probably I should put more thought into. I actually think that's a that's a great idea to try to set up. What are the series of tests? I'd be interested if anybody thinks they have a good series of tests. Right? I mean, the best ones that I think about I think about very loosely as in terms of, okay, you know, just this agent wants to do some things within the realm of the things that it theoretically has capacity to do. Can it do them? Right? Can it try to work towards becoming the thing that it wants? Right? And, yeah.
Speaker 2
25:19 – 26:07
So this is yeah. This is I mean, this is thank first of all, amazing. This is super sophisticated, view that you're outlining, and I think it's amazing background for, for anyone who wants, like, a deep understanding of the work you're doing. And before we transition a little bit, into, like, the work of Spritely and other things that that you may be, that you may be pursuing, I think it might be useful just to ask, like, for anybody who's interested in scratching deeper into these questions like, can you say a little bit about maybe where this is coming from? Like who have you is this is this Christine Lermmer Webber mostly? Or are there any, like, authors you'd recommend who have portrayed this kind of agency focused version of real utilitarianism
Speaker 1
26:08 – 33:07
in an attractive way? So I have there is a blog post of the podcast I co host with my life, Fost and Crafts. And we have some show notes, actually, where I collect together a bunch of that stuff. So I can link that, and that may be, useful in some sort of way. Oh, I'm making the mistake of messing with my microphone live. I should never do that. The, so, yeah. So I can link that. But, I mean, the I don't know. Their philosophy is interesting. There's I don't know where I'm gonna ramble to from there, but I will say, actually, that here's the tie in with the technology side of things. Part of the conversation about, maximizing for agency came out of a conversation I had with one of my closest technical colleagues. So this is Mark Miller and, and actually, two of my technical colleagues. It was a dinner with Mark Miller and Kate Sills, who I actually disagree with on a lot of things because I, I I don't identify as being a libertarian in the way that those two do. And I, but I actually have a lot of interesting conversations with people who do identify as libertarians because there's, like, a a subset of things that we both agree on, and then there's a sub a subset of things that we don't agree on. And if people are nice to each other, I actually sometimes like kind of fleshing out and trying to find out where those things align and don't align, which I realize is not always popular, to but, I for me, it's very useful. Right? So when and and, actually, when it comes to Mark and Kate, I mostly just already agree with a whole lot of the things with them off the bat because they both come from the perspective of where they wanna go is exactly the same place of where they wanna go. Sometimes we just disagree on how we're gonna get there. Right? And so, when and and I did not ask Martin, Kate or Kate whether or not they they would be cool with me laying this up. But, actually, I think they would because I I think in the blog post and the and the episode that we did, I already checked with them. So the, and, and we both kind of collaborated on a number of documents before. But so let me try to represent what happened in that conversation, is we were we were actually sitting down to try to discuss whether or, like, whether or not there was a link between the technical systems that we were developing and the philosophical beliefs that we had. And it turned out that Mark was like, well, let me try to lay out what I think, and then started laying out as a first approximation, let's take rule utilitarianism. Like like like, hold up. This is pretty interesting. So we we ended up kinda drilling down and then also kinda asked, well, why is utilitarianism unsatisfactory? And I don't remember exactly what it was. But one of the things that ended up coming up was talking about so what Mark, Kate, and I all do is we work on a a form of security that's called object capability security. And what's interesting is that it it's basically a whole system where you're trying to design a way for agents to cooperate in a world that may be hostile. Right? You know, so networks are are hostile. Right? You and I are on the Internet. There's a lot of bad actors. Right? And the a lot of traditional, responses that people come up with that is, you know you know, like, don't, like, build, like, a system of, like, zero trust. Like, Matt, you know, like, don't trust anybody. And then, like, you know, like, that's this really kind of paranoid world. I'm not interested in that world at all. I'm I'm interested in high, you know, amounts of collaboration. And, so are Kate and Mark. And we and so the types of systems that we're building sit are assume a mutually suspicious system. You start off with the assumptions that the network is hostile, that the world can be hostile, and then you let people to build consent and trust. So there is a document that I was working on that was called, kind of a successor to some of the work I did on ActivityPub. And it it used this phrase networks of consent. Right? So consent is a big, you know, word there. But how do you have a system hold up consent as much as it can? Right? As much as a system can be designed to hold it up. And you can't do it all the way. Right? Because, like, there are portions of consent where it actually has to be between two human beings working out what they wanna do together or maybe two nonhuman beings. Right? But the but trust is something that's built. Right? And consent is something that's built. Right? And so the type of systems that we work on basically have distributed objects that have these things called capabilities, which you can think of as consent mechanisms. So and just like any reasonable system of consent, they are explicitly granted. You hand a capability to another entity in the system, and they have have access to that. But they're also revocable so that we have patterns by which you can end up, you know, you could end up be deciding, it's time for me to take away consent. You know, I I don't like where this has gone, etcetera, etcetera. Right? But it's also possible to have accountability. And it's also possible but it's also composable. Right? Like, so you one of the things that and it also has no assumption of a global entity at all, like, watching over this thing. And there's also no concept of global identity as in terms of, like, the identity of the person. There there are some identity like mechanisms in the system, but they aren't identity related to what you can do. We don't take it, say, and say, I like, there's not a default check-in the system that says, is it Matt doing this? Well, I trust Matt. Right? Because the kind of relationships that you and I have are going to be more fine grained than that. Right? And so that that's the mechanisms of consent type stuff partly is where this ends up coming out of. So, actually, in a very real sense, the tech the technology stuff that we're doing with object capability security, which, by the way, is is what Spritely is doing, is taking the lessons of object capability security and kind of this mountain of other computer science research that I read into, that it's been sitting there on the shelves. It's, like, all stuff that anybody could pick up and use. But it's been sitting there on the shelves. It's not the hot thing because everybody's trying to solve things from the big global players. Right? And even most of the decentralized players are still trying to copy the assumptions of the big global players and just say, let's just make a YouTube that's decentralized. Let's just make a Twitter that's decentralized and etcetera. So but that didn't really give me the powers to to be able to build the kinds of systems I wanted. So instead, I was searching for what can we do that throws all those assumptions away, that starts with kind of the vision that we had of the Internet where it's this completely decentralized thing from the beginning, and then start building up assumptions from there as opposed to trying to back port the bad assumptions that came in when we started with the assumption of centralized systems.
Speaker 2
33:08 – 34:05
So can I can I ask an I think I want to ask an abstract question first, and then and then, and then go into more specifics? Like, does that approach to me that approach sounds like kind of a tabula rasa reconstruction of sociality in a way. So in other words, we're sort of we're building up all of the trust relationships and the sort of grantings of capacity from from a blank slate. And if if I understand that correctly, then I I think my my question is, how do you how do you think about the relationship between that project and this preexisting social ties? Those sort of preexisting, structures of sociality that we may or may not want to influence the world we build. Does that make sense? Yeah. No. That makes perfect sense.
Speaker 1
34:05 – 39:28
So let me you know? Yeah. Like, it it sounds like building everything up. Right? Starting from scratch. Yeah. Right? Everything like that. It's the opposite. The the the reason why it looks like that is because we've had a decade and a half of these big players controlling our communication. Right? And they've been at the center of everything. But what happened before them? Right? Most communication that happened previously was not, like, it wasn't wasn't mediated through Google. It wasn't even mediated through the government in most circumstances. The government might step in if certain types of extreme things happen, But not in the general case. Right? In the general case, you would have, you know, some sort of, you know, people meeting up for they wanna play, you know, they wanna play a board game together. Right? You've got board game night. And one person there starts being a jerk. Right? You didn't need the government to step in or Google to step in to say that person's being a jerk. Get him out of here. Right? You you you actually instead were able to rely on the social structure between those human beings. And in our lives, what we really do is we're going for building up a sense of, you know, who do I trust in my life? Who do I trust in the world? Now there are you know, you end up and, like, previously, for a long time, there was, like, only a few select people that kind of end up in this super global context. Right? And even they would have private context. Right? Like, you know and basically, we call those people celebrities. Right? Quote, unquote. Right? And, now, we so there's this phrase that's called context collapse. And context collapse is a thing that happened when the centralized players came into control of our current networks. What they did was you may remember this, depending on how old you are, you may remember that there was this hot idea for a while that was human beings are gonna be way better behaved if we actually, like, privacy is actually kind of the past. Right? There was even an xkcd comic. Like, xkcd, generally a very thoughtful, technical thing, that, like, xkcd had a number of comics that were kind of, like, yeah, privacy is basically the past. Right? And, and and, like, it's weird and kind of disturbing. And and xkcd has now moved away from that stance, but it was a hot thing at that time. And, you know, Mark Zuckerberg made this push. Everyone made this push. Basically, this idea is, what if we get everyone and we put them all in the same place? This is gonna be awesome. Right? And what happened was, so I'm not the person who came up with the context collapse. Actually, there, there is a whole set of resources around context collapse that I I'm gonna give you for the show notes, especially because I am blanking on the name of the woman who popularized it in a way that's embarrassing me at the particular moment. The, but there's a and and even she, I think, said that it may have, predated that. But the the general idea of context collapse, yeah. Look, super great podcast host. But, or guest. Right? But the well, we can't all memorize everything all the time. The, but the context collapse thing, so the example that's really been given was, you know, when Facebook appeared and suddenly people could tag people in, you know, basically, tag people in photos. Right? Suddenly, people who would be were previously able to go to the bar and hang out with their friends and stuff like that, and suddenly started getting messages from their employers saying, hey. I saw you at this picture this picture of you at the bar, and it's making our company look bad. Right? Previously, those were separate contacts. And now they all got collapsed into one flat space. Right? And if you you know, nowadays, almost everybody I know hates Facebook. Right? And the reason they hate Facebook is partly because Facebook pushed so hardcore on this idea of context collapse and actually that you're gonna be a better person, particularly if you attach your real world name on it. You know. And we know you know, I'm so I'm a trans woman and the you know, I'm very conscious of all the problems they created about, you know, let's get the, quote, unquote, real name. But, so in a talk that, Randy and I give about this, we we give a a contrasting scenario. So we give this this person that we were calling Alicia. And Alicia, has these different contexts that she lives in. So she is a high school math teacher. She is a board game player with her friends, and she, also likes to author fan fiction. And in each one of those different spaces, she is subject to different rules that are contextual and important to a particular community that she's participating in. And she behaves differently. And she's you know, and, like, if you're if you're looking at this under the kind of, like, Facebook y, you know, like, the the like, kind of, like, Laidot's, Facebook y vision of things, you know. Oh, well then, you know, Alicia's really gotta get step up her game. Because, you know, obviously, she's not being her real true, you know, useful self. Right? And then that's that's, but but I don't think most of us believe that anymore, hopefully. And most people have kind of gotten a sense that, oh, this has really been screwing us. Right? So Yeah. So, anyway, so the it's important for Alicia to be able to have those different circumstances, Whether or not she uses the same name, she may or may not in those different circumstances. She at least needs to be able to act as the appropriate self in each one of those contexts.
Speaker 2
39:29 – 40:20
Yep. And if I can just sort of interject a a quick personal anecdote. I mean, I remember it was probably around 2008 or so. I, I had a moment when I I sort of turned on Facebook and realized that it was not something that was in my interests to be to be using because, for precisely this reason. Because I think around that time they introduced the, the wall, and I started to have friends posting things on my wall that were like, that would be okay if you just said that to me, but there are other people who might be reading my wall that I wouldn't want to be involved in that interaction. So context collapse. I mean, it's, maps perfectly on deny sort of experience of that.
Speaker 1
40:21 – 44:09
Very good. Yeah. So your your experience is basically the same kind of experience that lots of people have had. And it's it's it's easy to also start to assume, well, maybe that's because a person's being crappy. And maybe sometimes a person is being crappy. I've been crappy in plenty of private circumstances. Right? But it's not always. Right? Like, with the the story of Alicia, what I like about that story is that, you know, with Alicia playing board games with her friends, she, you know, maybe she curses occasionally. And, you know or maybe she, but she's seeming really energetic and embodying this kind of really, like, you know, like, you know, she's she's playing a minotaur in the game. Right? You know, and acting silly in a way that just wouldn't be appropriate for her in the classroom. Right? Like, it would be it would set the wrong frame for her students. Right? And it doesn't make her a bad person that she behaves differently in each one of those things. I don't think cursing is particularly wrong, but there's a good reason to not curse in front of your high school students. Right? And, or or at least good reason as in terms of their teachers their their parents will get mad at you whether or not you believe cursing's particularly bad. Right? The and so but it's also important, I think, to some degree, for people to be able to kind of try on different ideas and to evolve ideas. Right? I I hope. So there's a lot of things that I'm I have strong opinions of are just the wrong thing to advocate and believe in, society right now. But there are also plenty of things that, I wouldn't assume that I have right today. Right? You know, I'm going to assume that there are the needs of people that I actually don't know that will be better figured out in the future. Right? So me being a trans woman, you can say that it a a decade or two ago, my needs would not have been very well accepted. In fact, it you know, just common punchline. Right? And of Ace Ventura pet pet detective. Oh, guess what? The the real problem was is that the person was, you know, was either trans or cost dressing. Right? They're they're the real villain. Right? And this is, you know, just generally accepted. The movie was not challenged on that grounds. Right? So we don't know. We can't really and and the world shifts. Right? And so what we have to do is give some space for that. And sometimes that has to happen in private contexts. But but privacy isn't the only aspect here. It's also being able to develop relationships of cooperation. So the worst kinds of relationships of cooperation are the ones that assume a global context. Right? So credit scoring systems. Right? FICO. Horrible. I'm against it. Sorry. You know, I guess we'll never get funding from FICO now. But, you know, I'm against FICO. Right? You know, like, we're we're we're, you know, credit scoring systems are only useful to the most privileged members of society. And you play have to play this terrible game, and you really get punished for being anything but the most privileged person possible. And it it it's invasive of privacy, and it's everything. And more and more of our systems are starting to resemble, the credit system. Right? So, you're right now, we're starting to see more systems rolling out decontextualized AI. Well, we'll just train this AI system on the whole Internet, and then it'll be able to start figuring out when people are being jerks. Right? Well, not really. Right? Because people are jerks in different context in different ways. And, also, the whole Internet hasn't decided when something is or isn't a jerk. Right? You know, a lot of things that get flagged are people who are queer, right, talking about their experiences, and it gets mistaken for some sort of slur or something like that. Right? And you have to you have to evaluate things in their context. And so we have to be be able to create the possibility to have communities in which context can occur, and, to be able to have collaboration spaces in which the right types of things can occur. Do you think that the notion of context collapse
Speaker 2
44:10 – 44:27
is, like, a more sophisticated version of the worries about privacy that a lot of people have? Do you think it covers the ground of most people's worries about privacy, and sort of encompasses them, or do you think there are unique, issues that the privacy frame, brings to light?
Speaker 1
44:27 – 45:59
Oh, yes and. So the the the answer is that all privacy issues can be seen within a certain amount of context collapse. Right? Because if you all your information is thrown into a global context without it being encrypted or anything like that, then by default, it's context collapse. Right? That is what's happening right there. Right? But it's not just privacy. So that's the that's the other thing. It's not just that privacy is broader than context collapse. Maybe, but you could see all privacy problems within the frame of context collapse. But context collapse includes some things that are not privacy. So the ability to do things, not just to say things. Right? You know, I may choose to, allow you to, make a certain type of financial decision on my behalf. I might choose to allow you to come, you know, park your car in my garage without letting you into my house. Right? Or something like that. You know? And it that doesn't need to happen in a global context. That's the thing that you and I are deciding contextually. Right? So there, and there all of those interactions can happen. I can let you into my garage by handing you a physical key, right, without having to scan your face. Right? And if I, and you're now I could set up a thing that scans your face and compares it to a global database of identity that compares who you are. But the reality is that physical keys worked just fine before, you know, faces were attached to them. Right? So that's an example of a locally contextual, interaction. Right?
Speaker 2
46:00 – 46:07
So privacy is like like, if we're picturing a Venn diagram, privacy concerns are fully encompassed by context collapse concerns.
Speaker 1
46:08 – 47:10
So I haven't really I'm saying this out I'm working out this this out loud as I'm saying it. But I can't see how that's not the case. Right? Privacy can be seen as when certain interactions between certain agents, including the conveyance of information, are happening within a context, and that just doesn't need to leave the context. Right? So, well, there's another this is another fifteen minute rant. I should be careful about it. But the nature of time is actually very interesting for understanding why this stuff breaks down. So one of the things that's also different in Spritely is we're taking a very behavior oriented view of things, like, contextual behavior systems, rather than a data oriented view of things, which is what most systems, including systems that I've worked on in the past, take. Right? So the there's a reason for that, but it involves maybe a long winding description of how you're able to figure out how much gas is in your car that maybe I shouldn't jump into right now.
Speaker 2
47:10 – 47:29
Well, let's, maybe we can circle back on it. I mean, let let's, I would love to hear a bit more about, Sprytely. I mean, maybe you can give us the sort of 10,000 foot of, of Sprytely, and we can start to see some of these philosophical concerns manifested in that. Sure. So, concerns manifested in that. Sure. So,
Speaker 1
47:30 – 59:49
I think where I had left things off was I said that at the end of ActivityPub, I started doing research into how to be able to solve the problems that, I would like to see solved. Actually, I made it I made a quote unquote mistake that was a really good idea as in terms of figuring out whether or not the technology was right, but a bad idea as in terms of describing the technology. And and it was my cofounder, Randy Farmer, who helped me understand this because he's done exactly the same thing. But so I'm gonna show you this as a heuristic, not as a thing you wanna build. So this is before all the the metaverse stuff, you know, really kind of appeared in a a big spotlight recently. I was like, one of the things I thought was, well, I wanna be able to build something that's capable of building decentralized virtual worlds. And the reason for that so so imagine that you have, you know, Alice and Bob, and they're going to go they wanna meet up at this bar and this you know, and they wanna be able to meet up, they they need to coordinate on which bar they're meeting at. If they wanna be able to have a private conversation that, you know, maybe it's a game world, only the people who are dropping by the table or sitting at the table can hear it. And if you get up, that automatically revokes access to hear it. Or if you get up from the table, you, you know you know, Alice says, oh, gosh. I wanna be able to get a you know, I'd like to get a drink. Her friend goes up to the bartender, buys a drink from the bartender. The bartender she carries a drink back, and Alice drinks it and gets dizzy. And imagine if every single one of these things happened where every object in that system was fully decentralized. Right? You know, Alice and Bob are living on different servers. The, their the bar is living in a different place. The secure messaging thing. You've got commerce. You've got all these types of things. There's a and and how do you build that in a system that's fully decentralized with no global assumption on who's allowed to do what? And I realized I have no idea how to build this thing. Right? And if I can build this thing, it can solve all the other problems. So I think and now I'm doing exactly the problem that Randy taught me to not do when we started collaborating. Because he actually did it at his previous organization Electric Communities, in elect which basically also did a distributed online virtual world thing, but kinda died in the dot com crash at the late nineties. And that's actually what I started studying as I started studying all this technology. I'm like, that that you know, if I really wanna solve all the problems of, you know I I didn't know the term context collapse. Randy introduced that to me. But if I really wanna solve all these problems where everything can be super contextual, where I can solve every one of the problems that I wanna see solved, if I really wanna build healthy communities, which I knew came out of that, then, you know, I then this virtual world thing seems like a met a good metric. The problem is then people think you're trying to build video games. That's not actually what we're trying to build. Right? What we're actually trying to build is everything you could possibly want to be able to do socially, you know, within the context that makes sense. So what Spritely is really doing I've taken him a long way. So, I've mentioned that I'm co finding this with Randy Farmer. If you had Randy Farmer on this show, it would be a very different show. If Randy is listening right now, he would be, like, nodding his head and definitely agreeing. I like we'd like to say, I'm the expansion pass, and Randy's the compression pass of the Spritely Institute. So, like, you start talking to me, everything gets way out there, and Randy then tries to figure out how to turn it into, like, a really compressed gem. And he's very good at that. You didn't you're not getting that with me. So what is Spritley trying to do? The high level version of things, the short version of things. What we're trying to do is to take back the power of decentralized communities on the Internet. Give back the power of autonomy and agency to communities and individuals on the Internet. Right? Allow Alicia to be her best self in all the different ways. And don't assume any centralized gatekeepers at all. None. Assume a fully peer to peer network. Right? This isn't So I don't identify with the phrase Web three because it became very kind of cryptocurrency oriented, and that's not actually the focus of my work in the sense of a blockchain. Blockchains are actually decentralized centralization. That's my criticism of blockchains. They provide a very easy way to create a centralized version of a single machine of a or a decentralized version of a single cent abstract centralized machine. And, therefore, people think, well, if we just throw this thing on top of a blockchain, we solve the problem. And I don't believe that's true. There's actually a large number of technologies, that we're drawing on, that, don't don't actually take that approach. So, so the what we're really doing is something more akin to assume that you were building your social networks, but they were fully peer to peer. But how do you keep your users safe in that scenario? And that's both socially. Right? How do you protect them from harassment and abuse? How do you allow them to build the kind of communities they actually need to build? How do you allow them to be able to have the kind of financial interactions that they they wanna have? How do you allow them to be able to be a peer to peer node on the network even though their phone is gonna turn off and on every now and then, and yet still be able to get the messages and still also see them on their desktop? How are you going to allow them to be able to set up this board game room with their friends and play that online? How are you going to allow your friend to say, hey. I want you to play this game with you with me. You can install it on your computer, and yet it's not dangerous. So, you know, currently, if on my computer so I'm running a free and open source software system that's probably more secure than most people's computers, led to us having difficulty connecting this call, I realize, because I'm a a hardcore open source person, I guess you could say. But, but the, but it's probably more secure than average. And yet, if I if somebody says, hey. You know, they send me an attachment for an executable on in via email, and it's to they say, check out this version of Solitary I wrote. Well, if I run that, that could crypto locker my hard drive. Right? It could delete all my files. It could upload all my, private love letters. Right? It could do all those types of things. It's a very dangerous thing to do. It's solitaire. Why should it be dangerous? It shouldn't be dangerous at all. Right? So, this ties into object capability security. So the object capability security approach is, you only can do you if you don't here's here's a short version of cognitive capability security. If you don't have it, you can't use it. So we instead move towards these capabilities that are passed around. That's your mechanism of consent. And actually, it highly resembles the way that programmers program every day. So sprightly goblins, which is the first major piece that we're releasing of our infrastructure, is a distributed peer to peer programming environment. Assume a completely hostile network, and you can write distributed programs that can collaborate with each other. Even though you're collaborating with things, you don't even know who the person is on the other end. But your your system is able to only put at risk the things that it's actually willing to put at risk at a very fine grained level. And that's all happening due thanks to object capability security. So that's the kind of approach that we take. And you can it's not even that hard to imagine how to make solitaire safe. Imagine if you throw solitaire into a complete sandbox. And now the way to think about this is imagine if you built a language environment where you can't read or write from the disk. You it's completely sandboxed. You can't you can't do anything interesting. You can't even take information from the keyboard. You can't write to the screen, anything like that by default. Right? Any function you call is called within this blank environment. Only the stuff that it was given when it was initialized is it given access to. So a lot of capability security has a parallel for the programming language nerds who are listening to this, it has high parallels to lexical scope. So, basically but that's a very nerdy term. I'm gonna make this a little bit simpler. Basically, if with most programming, what people do, there's this revolution that happened in programming. At one point, everybody there was a global context of your computer. Right? You would just, you know, you would people would write assembly and they would just mutate this, you know, they would just write bits to this the memory and here or there and the other thing. And a a big revolution happened, you know. And the the revolution basically was called Go to considered harmful. Right? Famous famous paper by, by I'm gonna mispronounce it. Diedre. I'm definitely mispronouncing it. But the the paper basically meant, you know, let's do structured programming the way programmers do now, where you call a function and it returns the result. Right? And so imagine if solitaire is a procedure and it can't do anything interesting. But you can pass into it this canvas that you create that allows it to write to the screen. Okay. Well, now it can display some cards. Right? And it also, when this window is active on that canvas, it can read from the keyboard and the mouse, but not when it's not active. So it can't key logger your system. Right? It can't record all the things you're typing and stuff like that. It can only capture capture that stuff while the window is active. Okay. We've now made something sufficient for you to be able to play solitaire. Okay. But you want a high scores file. How do you deal with that? Well, imagine if as a second argument, we pass in a, a a object that represents the permission to read and write to one file on the disc. Just one. Right? And now Solitaire can read and it can it can do everything to display the game, and it can write whatever it wants to that file. But it can't do anything super dangerous. The worst thing it can do is display some, you know, some naughty images to the screen or write some naughty text in this file. Right? Which, if it's a fully capability secure system, you know, nobody else might even be seeing that anyway other than Solitaire. So, so so its its ability to do nasty things is extremely limited. It's also important, though, when building these types of systems to allow for passing in capabilities as the system runs. So a lot of people have this idea of sandboxing. We're gonna sandbox, and we're gonna lock everything down. The problem is just locking things down is not enough. You need the ability for the system for the kit for things to grow. And, you know, the mechanism of consent, you and I might not fully trust each other. I might not trust you to do everything. But as we spend time together, I might say, yeah. Okay, Matt. You know? Yeah. Sure. You can come you can come hang out at my house. Right? I now trust you to come hang out at my house. In fact, you can watch our cat. While we're gone, you can watch your cat. Right? In fact, please watch our cat. You know? And I you know, something like that. Right? So you need the ability to to have these systems actually grow in their capabilities as they run. Otherwise, else, keep users are gonna be like, it's so hard to get this thing I wanted to do. And they're just gonna throw every permission possible at the application when it demands it. Right? So what you can do is there's a very smart version of this that was done in I forget whether it was Capdesk or Polaris. It was one of the projects worked on by Mark Stiegler and Alan Karp and Mark Miller, I think, and Kapigni, who are, like, old school, old object capability people. And when they did an interesting thing, they what they would do is they would actually you could launch they showed off a word processor. So you could launch Microsoft Word, you know, and it would it would be in a capability secure sandbox. You could run any macros on there and it couldn't do anything dangerous because it couldn't read or write any files. Wait. It couldn't read or write any files? That doesn't sound very good. What if the user wants to suddenly save a file or open a file? So what it would do is when you would actually open when you would go to file open, the program was given access to this thing called a power box. So that open dialogue would allow you to select a particular file on disk, and that would hand it the capability to be able to read and write from that particular file. So the operating system would would basically manage this ability to kinda grow things over time. Similarly, you know, you and I talking with each other, I might have you know, I might be able to come trust you, and I may be able to send you access to be able to do other things. Here's a key to be able to open the front door of my house. Oh, I don't trust my dad anymore. I'm gonna switch all the locks out on the house. Right? And make it much easier than having to unscrew a bunch of things in our system. Right? But the same idea. Right? So so that's how we kinda get to a world where where people are able to start trusting each other, but also systems are able to start trusting to each other. Human beings shouldn't have to think through all these problems. These things should flow out of these decisions that human beings make. And then their applications, their their components that they have, should be cooperating with the decisions that the user made to be able to coordinate with other pieces, but not able to cooperate with more than it's been explicitly given access to.
Speaker 2
59:49 – 60:33
And so that that's basically object capability security in a nutshell. I I hope that makes some sense. It does. Yeah. Can we got one potentially naive question, which is it strikes me that there's some sort of, tension between, I wanna call it like positive versus negative enumeration. So in other words, you know, I could tell you here are the things that you can do. But in some contexts, I can imagine it might be more difficult for me to list the things that you can do, that I'm comfortable with, than for me to say, you can do this, but then you're prohibited from x, y, and z. So in other words, here's the key to my house, but don't go in the bedroom. Does that make sense?
Speaker 1
60:34 – 74:43
Yeah. So it would be possible to be able to to make it things more fine grained. Right? Maybe we made it so that every door to the house has a lock. Right? In this case Okay. I could give you a chain of things to be able to allow you. But also with capability security, they're not actually immersed in physical space. So the the reality is is that the key is the destination at the same time. So if you invoking the key would actually teleport you immediately to the direct room that that would have the thing. The fit the real world metaphor doesn't hold up entirely. But you could imagine something like it where I could give you a pass throughout the house that would allow you to get to the thing, but wouldn't allow you to open up the other part. Right? So it could allow you to open the door to the front door, but that puts you in a hallway where you can't open the other doors, which allows you to get to, you know and and so you're you're familiar with this. Right? If you if you go to a hotel, they give you a key card after you check-in that allows you to get, you know, into the building even after the doors lock at night and allows you to get up to your hotel room. Right? But it doesn't allow you to get into every other hotel room. I'm not saying that hotel security is great. I'm just saying that, you know, you're familiar. At least, you've had this type of thing. Right? But the question of what things can't something do, you can do this to a certain degree, but things do end up hitting limits. So there are limits as in terms of here here's a good example of what you can't prevent. So there is a there's a phrase on the object capability security that I've modified. Let's start with their phrase. Their phrase is, we, we don't prohibit what we can't prevent. And the reason for this phrase is that a common thing that people wanna add to these systems is a do not delegate flag. I'm gonna give this to Matt, but Matt is not able to give this to anyone else. Right? That's that's the thing that we would like to be able to do in some ways. Right? Problem is that there's no way to do that without a god level view. Even the counterexample to object capability security, a lot of people who worked on access control systems, they they thought that access control lists, which is like what UNIX and other things do. They thought, this is the thing that we can do that nobody else can do. We can, actually prevent you know, I I can give this to Matt, and I'm gonna check that it's Matt every time. Right? And if Matt hand tries handing this to somebody else, it's just not gonna go through. Well, guess what? You can spin up a daemon on your as a process on your computer. You can set up basically a proxy that will pass through all the things that act like you every time. It's not mathematically possible to prevent that. What can we do instead? So we can sometimes, you know, execute things within limited environments where we can actually watch what they're doing and prevent them. You know, basically, things execute in some sort of sandbox, and then they're confined. Right? So so confinement's possible. It's limited. It's more limited than people might think, but confinement is possible. The, but the other thing that we can but we can't really do that with human beings. You know? Like, I can I could lock you in a jail cell of your world and then actually be able to watch everything? But, hopefully I'm back. Let's talk about bad technical design for a moment. On the the the default binding on the side of my mouse, which has this, little button on the side is to hit the back button in the browser and therefore kick me out of a meeting. I've never rebound it. Right? You know? Because I'm I I hate it, and I'm too lazy. So, you know, even advanced users you gotta you gotta build systems that actually work and do the right thing for users by default. Even the advanced users won't actually, do anything better sometimes. So, anyway, so we're talking about what what can you can you prevent don't prohibit what you can't prevent. Well, I so, so the the phrase that I actually prefer is we only pretend that we can prohibit we no. No. We don't pretend we can prohibit what we cannot. Right? We don't pretend that we can prevent what we cannot. That's my modified version. Yeah. So be clear about what you can and can't do. Make clear to your users the limits of your system. Right? So the a well, here's something that we can do that the capability architecture does instead. So there's a wonderful paper about this called Horton. Mark Miller also gives a wonderful talk about it at an activity pub conference twenty nineteen. He gave a keynote. And, and Horton does something, really interesting. What it says is, okay. What if I hand an object to you? So, you know, imagine we talked about that example with Solitaire, and I can give you Solitaire access to, you know, read and write from this file. Well, if we're actually imagining me handing it this object reference, and we imagine it's like a kind of more object oriented programming style thing. Right? You could imagine if you it was a dynamic enough system, you could actually put an intermediate proxy object that passes forward the ability to read, but not to write. Right? So we could create a version where it could a read only version of an object by proxying. That's possible to do. We could also pro give you a version of things where I can take away the ability to do things, where that object I actually have a capability to something that flips a bit. Right? It, like, breaks this fuse, and then it refuses to pass forward messages anymore. So proxying is actually sufficiently powerful. That very thing that appeared that it was the, like, it's the undoing of the access control list thing, and it is the undoing of the access control list thing, is the, actually, it's a form of power if you embrace it. So what can we do instead? If we accept the limitations of our system and then think about how to build intelligently on what we are given as remaining, what we could say is, well, if Matt abuses the power within, you know, to go into my house, right, or something like that, you know, if Matt abuses the power ability to do something like that, I wanna hold Matt accountable for the thing that acted. So, for example, we could, let's say I was giving the the ability for somebody to drive my car, and it's a capability based system. Right? You know, I could give you the ability, and maybe I put a fuse in there that allows me to revoke it. Right? I press this button, and it revokes it. Now you can no longer turn on the car. But, and I and I can also restrict it. I could get, you know, some luxury cars have had I've never had a car like this. But, allegedly, some luxury cars have had, the ability what is it called? A valet key, which allows you to drive a car a limited number of miles, but not to open the glove compartment or something like that. Right? And, but what if I really wanted to hold you accountable? I'm handing something out to you, Matt, and I'm handing it out to, I'm handing it out to my cofounder, Randy. Right? And so I say, okay. Did Matt do this or did Randy do this? Well, imagine if every time you end up invoking the thing, it act every time you end up using that key to turn on the car, the car, actually logs that it's you doing the action. Well, now I can hold you accountable. Even if you hand this key to somebody else, I'll still hold you accountable for the decision. Right? You know, you could imagine if I, so a way that you could do this in actual programming, you said I could actually have it log an event every time you use this capability. And when I hand you the capability, I actually say, here's the capability to a logger I'm going to check. Right? And write down everything, all the arguments that Matt did when Matt invoked this. And so let's say you, I gave you access to sysadmin a server. And so, I say, okay. You know, Matt, you can sysadmin this server. You say, okay. And I, hand you this capability. Right? And then, you know, actually, let's let's talk about it from the entrance and the exit. I'm gonna get really nerdy from a programming perspective. So, I like to say that, the problem that capability people have, and have to deal with is the same problem in a certain way that functional programming people have to deal with, but in a different in a different direction. So, capability people, you know, so I can't a capability approach can't actually look at you and say, it's Matt, therefore, Matt can do it. That's not an object capability secure way of doing things. And we wanna get the power to confine solitaire and all those types of things. We also wanna prevent these other types of attacks called confused deputy attacks that we won't get into right here. So we want a capability approach. But we it seems like identity is actually, like, poisonous. How do we deal with that? Right? Well, functional programmers have the same problem. So functional programmers live in Mathlandia. Right? You with the same way that you have these functions in, like, algebra where you're like, oh, okay. I have this, you know, this function called square root, and I pass in the number four, and it gives me back 16. Cool. But it has to be deterministic. It always has to give you the same result every time. And then if you you violate that rule by introducing things like, oh, you you know, you can read or write from this file. Right? Every time I load solitaire and click the high scores thing, it it actually is going to be different depending on whether or not I've gotten a new high score. Right? So that that's not gonna work from a functional programming perspective. So what so, Haskell people, right, you know, are probably the most well known functional programming people. They're not the only ones, but they're the most well known. And so they, you know, if you've talked to anybody who uses Haskell, they'll probably talk your ear off about these things called monads. And what monads did is they they did a very clever thing. The the city they constructed this beautiful functional city that gives them some interesting powers. They have, like, interesting time lord powers over time, which we actually also have them within goblins, but users don't need to ever interact with the monad. But the they have these wonderful powerful, powers over time, that allow them to, you know, be free of many of the bugs that systems would normally have. But, they it's not very interesting, if you can't read or write stuff from the keyboard and from the into the screen. Right? Eventually, you have to ask the user for what they wanna do and and show them a result. Right? So what the the the functional programmers do is they have this thing that I call the the Monad Highway. You know, there's this truck that comes in from one from the the side effect y world of mutations on the outskirts of the city. Right? You know, this forbidden land according to functional programmers, which is what everything that users want. Right? And then there's this beautiful city of functional programming. And so the truck comes in carrying these inputs from this toxic wasteland outside of the city with, and it can drive along this monad highway, you know, and then it can drive out the other side with this output. Right? And the functional city is is pure. It's just turned its whole system itself into a function. Right, that just runs on this this in this pattern where it's grabbing stuff from the system. Right? And so, you know, the the functional programmers rejoice. Right? So they, what pro object capability people do is they do something very similar that but we we have the Horton Highway. So, the, and that's me joking because of this, this paper, describing the system that Mark and, Mark Miller and Alan Karp worked on called Horton, which has a lovely doctor Soyce style poem at the beginning of it. That that is how you pronounce it, by the way. Doctor Soyse, not doctor Seuss. But, weird factoids I'm dropping for no reason whatsoever in the middle of your episodes. But, the the but we do the same thing with identity. Right? So we can't identity is not the source of authority. But we want accountability. So let's say I am deciding whether or not I wanna hire Alice to be assistant man. I what would I do? Well, identity is gonna come into play. I'm gonna have to ask people, you know, well, yeah, I Alice, you told me you could do all these things. Could you I wanna check your references. Right? I check her references. She says she's got this degree. I check her this degree. Do I consider that a degree accredited? Right? So we've hit the world of identity at the entrance point. But then I choose to grant Alice a capability into the system to administrate my servers because I decided to hire her as a sysadmin. But I'm gonna hold her accountable for everything. Uh-oh. Alice installed a Bitcoin miner on my server. Right? Well, I can check the logs because I can see every action that Alice did, and I can hold Alice accountable. And I could say, whoop. You're revoked. Right? That's the exit point of the SISD. It's revocation. Right? So we've got the the Horton Highway going through the the city. From there, we could go into the a different metaphor involving automobiles involving the the nature of time, but that's maybe getting way too abstract. But, I I hope that explains some amount. So the let me really, really rewind. I just showed explained the mechanisms of this. What do we really wanna do? When we give the rights to do something to someone else, what we really wanna do is hold that person accountable. There will be limits to what our systems can do. Such as, you know, when I speak to a therapist. Right? I the the therapist and I have some sort of agreement, you know, typically encoded these days via the government, but it could be all sorts of things. Right? It could be some sort of other you know, even if the government did it, we could have a contractual agreement. They could be certified, and it could be part of their certification, right, that they're not allowed to do it, whether or not the government's involved. And I'm not advocating a position here. The but when the you know, if that if that if that therapist is certified that they will maintain client confidentiality, then if I find out that they've broken it, they are at risk of losing losing their certification, their license. Right? And, even though it is not possible to control the entire universe for me to find out whether or not they said something. Right? So even if we built a perfect technical system, there are going to be limits of what the system can observe and know is happening. So we need to build in accountability systems. And accountability systems are naturally judgment based. And judgment type things, we actually leave a space for in our capability systems, but we build our capability systems so that they, execute truthfully according to the the systems that we wanna build up. Anyway, I'll pause. I'm sure you've probably got some things you wanted to follow-up on, if we even have time. I don't know if we have time anymore. Well, I think I mean,
Speaker 2
74:44 – 75:39
I I do wanna sort of, got about fifteen more minutes. So I I would love to it's at some point in those fifteen minutes, I I think it would be good to give, give a little bit more of a tangible feeling of, like, what, what Spritely will be in, say, five years time or something like that. So that's, like, one goal I'd like to accomplish, but then but I I I am curious about what what you were just saying about, about judgment. I mean I I'm and the reason I'm curious is because I'm not quite sure how to phrase this but it does seem to me that like the that sort of relationship between a and I should say I'm a lawyer. Like, that's my background. And so I tend to see a lot of things through, the lens of this sort of process
Speaker 1
75:39 – 75:43
that You you got this giant word in the world of legalese called reasonable.
Speaker 2
75:43 – 75:58
Yeah. Exactly. Big word. But so for example, if it you know, if you have a dispute, right, between therapist and a a patient about whether the confidentiality was broken, right, don't you need a third party
Speaker 1
75:58 – 78:20
to Yeah. So Okay. Right. So in that particular scenario, we we already discussed the third party effectively, which was the, right, which was, you know, the the organization giving the the the license. Right? Like The certifier. Okay. Okay. The certifier. Right? So the certifier, could choose to revoke their certification. Right? So that's an example of a third party in that particular scenario. Now there are all other sorts of other things, right, where we might do that type of thing. By the way, I think right now, the the phrase smart contract is really hot, which by I hate that people associate with, being associated with code that runs on a blockchain. That's not what the original definition of smart contract is. It it greatly precedes blockchains. And most of the time, like, you sometimes you run into programmers who get really smug about things. Like, yeah, I can replace this law even with, like, five lines of Python. And it's like, no. You can't. You goof. Right? Did you did you learn about the word reasonable? Right? And, actually, the people who really came up with the original ideas of smart contracts, including Mark Miller, who is kind of my mentor on some of these things, was very heavily involved in that work, there was a notion of something called split contracts. And so split contracts are the thing that make smart contracts make sense at all. And the idea, the visual metaphor is that you have this contract on one side of the page that is the code that runs for free or or what at whatever cost is by default in the system. And, and but you leave a hook in that system of the code. So all parties run that code and it's upheld. Right? Or whatever responsible party is respond is holds that thing, it's upheld. Right? Whatever abstract machine. But there's a basically, an entry point left in the system, which is, given to some sort of arbitrator. And in Mark's vision of things, you would actually have, both parties would mutually, select the arbiter, together. And, the and and then, you know, that arbiter was able to flip a switch. Right? But the thing is is that arbitration is expensive. And the default is that it runs for free, which disincentivizes us. So, the the other well, there's more I can say on that because I I have spec I have speculations of what would happen in society if we let that system running, but that does not address the actual more serious question that you you were alluding to, which I should stay on topic with with about Sprightly.
Speaker 2
78:20 – 78:35
Well yeah. And so I I I would actually we should have another conversation sometime about arbitration because this is a this is a real pet area of interest of mine. It is basically arbitration layers in in a system. Because arbitration is often not in in in favorable to the
Speaker 1
78:36 – 78:39
the, you know, quote unquote consumer. Right? How do you make that better?
Speaker 2
78:40 – 78:45
Right. I mean, that's the case with sort of, you know, legal consumer arbitration. It's certainly not in consumers' favor. And,
Speaker 1
78:45 – 79:09
the I think there's an evolved structure that would end up happening. And Mark actually agreed with me after I laid it out. That will be what eventually happens when you have, the system run for long enough. But I'm not sure we should actually jump into that or not in the allocated time. Yeah. In the in the interest of time, I think it'd be great to, like We could do a revisit A revisit on on this very
Speaker 2
79:09 – 79:38
topic. Exactly. But for now okay. So, you know, you you're you're building, a really ambitious, set of infrastructure, what's the what's the roadmap? Where will we be in, in three years, five years, as the pieces come together? And what will it what will it sort of feel like to, to, you know what will it what will it change? What pieces of our digital lives will it, will it replace or transform?
Speaker 1
79:40 – 89:54
You're asking me, the expansion person, to give the roadmap of Spritly while my cofounder is not on the call. Randy would be much better for that type of thing. So I will give an attempt, but say that, it's it's not gonna be exacting. It's gonna be kind of a a let's say, a gut feel version of where things are gonna be going. Right? Sure. So the first essential piece is Goblins, which works and exists today, which is the decentralized, programming environment, which we're we have released, but there's actually about to be a bunch of new news about that, including, I'm guessing depending on when this comes out, there's probably a white paper launching right around the time that this this this podcast comes out that explains the core ideas of that. And that's the first layer of infrastructure. Because it turns out, in order to build the ambitious version of things, you can't build it on top of the system that's assuming the current client server architecture. No way you can build stuff that fulfills all of the needs that we're expressing users should have on top of Django or Ruby on Rails. It's just not possible. And so, so you need a good foundation that makes those to be the natural outputs of programming in the system. And that's what Spritely is. It's also designed to so that's what Spritely Goblins is. So Spritely Goblins, the the the name is a metaphor for, you know, goblins. There's lots of them. They're kinda hard to kill. They they live in packs. They're spread out all over the place and stuff like that. And they're cute. Right? So usually. So ours are. The so the, So that layer is a a programming language for our web application. It's not it's not hitting a layer that, you know it doesn't sound like, well, gee, if you get the programming language layer, that doesn't automatically solve the problem of, you know, living here on the Internet as an everyday user. Right? And that's that's the type of work that I have worked on, right, with Activity Pub and things like that. I'm very concerned with those types of things. It's just that in order to get there, we need this more important foundation. So we're also going to be working on standardizing the protocol that we have to build the distributed object thing so that multiple programming languages can talk to each other. You can select your programming language of choice, and then you still have this network of cooperating things. So there there's a project called oKAPN, which is the object capability network, where we're, collaborating with some folks at Agoric and, at MetaMask and, some other places. And we're we're hoping to standardize this. And, and so there there's incredible things that the it's built on the most important component of Vocapen is CapTP, which is the capability transport protocol, which actually came from so here's how Randy and I started talking. I was drawing from all this research that and I was giving talks, and Randy's face just appeared in it. Because I was showing off videos of Randy debuting the technology in 1997. And I'm like, they built distributed virtual worlds with distributed economies where you could run code that you didn't trust, where, you know, like, you like and they did all this and they had secure communication. They did all this stuff in 1997. You know, what were they doing? Right? And so Randy's face showed up in there. And so that's how Randy reached out to me and said, we should talk. Like, let's found this as an organization. And so that's how we started doing it. Right? So, the and and one of the technologies that came out of that tech company that ran that demo, Electric Communities, was e, the e programming language, which developed this amazing thing called CAPTP, which is part of oCAPPA. CAPTP is the way that you get distributed objects talking to each other on the Internet. It's been around for a while. It has amazing properties, like distributed garbage collection. Different runtimes can cooperate to say, hey. I don't need this object anymore. You can get rid of it. Or, actually, I'm still holding on to this. Don't get rid of it yet. Right? That's incredible. It has other other lots of interesting properties we don't have time to get into. And it makes doing distributed programming feel just as convenient if the programming language is set up right as doing local asynchronous programming. That's incredible. Doesn't matter what object you're where the object lives on the network. That's incredible. So with that level of convenience and with that network in place, right, which, again, both of those exist and do function today, but they are still being, you know, refined. We are, imagine you have this power. Then we actually have to start building the social systems that sit on top of that. Right? So we need to actually build the protocols for people to talk to each other, to have communications. But we also need to be able to build, so we need to build the things so that people can, you know, have, you know, a chat that's private, but also share money with each other. Right? You know, actually, there are technologies here where they can it doesn't they can scale from a single machine to a blockchain. A blockchain is just a generalization of a certain kind of machine. It doesn't matter. But, within just a few lines of code, within 25 lines of code, you can write a distributed a bank that allows for distributed accounts in goblins that, is fully transactional. And so you could you can have finance tools and stuff like that on top of there. That's not our main focus at Spritely. Agoric's doing the more of that type of stuff. And and it can scale from either one machine to a quorum of machines to a blockchain. Right? But we need to have the types of stuff that we have with ActivityPub, with know, social communication, right, and that we have on social networks right now. But we also need to make our sys and we also need to provide a user interface that allows people to be able to work with all this stuff that embodies the patterns so that the natural flow of people using this thing automatically preserves capability security and upholds the desires of the user without them having a prompt, hit a milling, okay, okay, okay, I give you permission type buttons. Right? And so that that requires a lot of research. A lot of the research that's going to be done is going to be on the user interface research. But the other thing that's going to, need to happen is, we need, basically, we're giving people access to remember I said, you know, well, you should be able to download and install Solitaire without it being of risk to your system. So what we're really doing is providing something called a trusted computing base. Now there are certain companies that have used the phrase cut trusted computing basically, in ways of, like, well, that we're the people who decide what we trust, and what we trust is whether or not you're violating our DRM. Right? That's not what we mean. What we mean is something that the user can trust. Can the user trust the thing that's running on their system? So that whole stack from top to bottom is their trust the user's trusted computing base. So we need to provide, basically, this app environment that allows people to be able to install things also that we never anticipated. We, the designers, never anticipated. There's no central Google Play Store or Apple iTunes Store that's vetting things. None of that type of thing. Right? And yet, the user is more secure than that type of thing. Wow. That sounds crazy ambitious. But if you let that's an ableist term. But that sounds super ambitious. You know, if you listen to, if you if you've listened to we've given part of the recipe, but not all the recipe, in this very episode. Right? But there's a lot more work to be done to be able to get there. So, yes, I do actually wanna be able to and then we can get into the the wackier world of things. Right now, right you know, so when I started Spritely, I started to I put virtual worlds right up on the thing and distributed virtual worlds. And I had to defend the heck out of it. I would say, no. No. No. No. This makes sense because this is how we can make sure everything else will be done. It's not the virtual worlds we're building. You know? You aim for the you aim to for the moon, but you get all these other technologies by trying to get to the moon, not just being on the moon. Right? You got all these cool technologies. So that's that's why we wanna do this type of thing. Right? So the but then people mistakenly have thought that the metaverse is the big thing that you wanna do, that virtual worlds and stuff like that. And and now I've had to back off from that and be like, woah. Woah. Woah. Facebook's meta thing. First of all, they don't know how to do it. They're doing everything wrong. Like, they have not learned a single thing. So actually, read read lessons of Lucasfilm's Habitat. It is a paper that has been out since the eighties. That is written by my co founder, Randy Farmer, who's been involved in this stuff since forever. Facebook obviously did not read that paper because they have done all of they didn't learn a single lesson from Lucasfilm's Habitat. And that is one of the most recent, like, cited papers in community architecture on the Internet. I don't know why they didn't do their research. Anyway, but we wanna be able to allow things that are as wild as that vision. Right? The reason for giving that vision of, like, we should be able to do distributed virtual worlds is that it's a shortcut for imagining when you think about quote unquote reality, people sometimes get, so Randy and his co his his old buddy, Chip Morningstar, who ran these things, they they like to make this joke called the tyranny of the chair. Right? The tyranny of the metaphor, but you can especially tell with chairs. If somebody's put chairs in an online conferencing application, you can tell they don't know what they're doing. Right? There's no reason why do you have chairs? It's because the human body's weird. Right? If you're doing Animal Crossing and the whole thing is about aesthetics, sure. But if you're actually trying to get people to work, there should be no chairs. You've wasted your people's time. There's unnecessary detail. You've misunderstood the metaphor. Right? But we should be able to build things that are so the the real but the real world, what it provides is a, it's very familiar. And b, in being so familiar, we can use it as in terms of, well, how would I do this, that, and the other thing? There's a wonderful essay that really, really, really influenced me. You know, there are these textual there are these text adventure games that did wild things in the nineties, you know, called MUDs and MOOs and stuff like that and multi user dungeons. And there's this wonderful essay that's called, it's called the Desiderata. It's design requirements for network spaces. It's awesome. And it's, like, from the nineties. And I read through that, towards the end of my time and activity pop up. I'm like, this is everything I wanna be able to do. Everything that's in here. But they're talking about making a text adventure video game that's multiplayer. This is the stuff I wanna do. You know? And so, and I don't know how to do this. So that metaphor of the familiar, because our world is so rich and it does involve all these interactions, that's what we wanna do. And the here's the other big thing. There are no gatekeepers involved in making these decisions. Yes. You can install filtration tools. Yes. You can even install ones that learn from global context. But those are installed as secondary measures. The default is not whether or not Google or FICO trusts you. It is whether or not your friends trust you. Right? That's the default.
Speaker 2
89:55 – 90:10
I'm wondering so it strikes me, and I'm you know, if you disagree with this premise, you know, please say so. I disagree already. No. I'm kidding. It strikes me that there's basically a lot of money to be made and a lot of power to be gained precisely from collapsing context.
Speaker 1
90:11 – 90:13
Uh-huh. That's exact yeah. That's exactly right.
Speaker 2
90:14 – 90:25
And so, I wonder if does that mean that the kind of system you're building is is in a sense sort of swimming upstream relative to the capital.
Speaker 1
90:26 – 98:04
And Absolutely. So this is why we are a five zero one c three nonprofit, actually. Yep. So and actually so I've been I'm a hippie. Like, I've been doing open source shit for years. And, and everything I do is, you know, it's it's to enable the comments. Right? And it's a a miserable way to be able to fund yourself in many ways. Right? And so, but and when I had been wanting to do this type of thing and didn't know how to do it, and when Randy Farmer approached me, the first things he said and, actually, I was expecting I'd have to convince him to do it. And he said, I'm not doing this unless it's a nonprofit and it's all open source. And I'm like, those were my requirements. Right? And, but why did Randy come to that conclusion? Because he did a bunch of proprietary companies. He did all proprietary companies up until they recently open sourced the nineteen eighties version of Lucasfilm's Habitat. So it's awesome to hack, by the way. Check it out. Neohabitat.org. You can run the original Commodore 64 in Habitat now, in your browser. But, anyway, the, the what is the yeah. So why would Randy come to that conclusion? It's because he kept seeing, you know, his work locked up over and over and over again. And companies said, we don't wanna fund something that tries to save the world. Right? All these Silicon Valley, like, venture capital type things very often, you know, front themselves by saying, we're here to save the world, change the world. Right? If you see the show Silicon Valley, that's the joke. It's a very opening of that show. But it's usually not true. Right? It's it's sometimes true. Right? But it's that's a side effect. Right? Our goal is actually to change the world because it's messed up. And Yeah. That is, so there are there is financial alignment with that at places. Some of the partners we are looking at working with, and we are looking for other funding partners. If you know people who wanna fund the Sprite Spritely Institute, by god, let us know. I think it's contact@Spritelyat.institute. If it's not, we're gonna have to set that up. The, so, yeah, contact@Spritely.institute, if you know of ways to fund. And, also, by the time that you hear this, it should be possible to donate to us. So we are doing a charity, which I have worked for plenty of nonprofits. It's possible to get money for nonprofits. Right? But it's harder. Right? And you are asking for something because what we're doing is we're building something for the commons. And we know the commons gets very tragic very often. Right? Right. So we are trying to untragedy the commons for the Internet. There's all sorts of money that can be made on top of this type of stuff once it exists. Right? And people profit off of the commons all the time once the commons is there. Right? So people often mistake the tragedy of the commons for what's actually the free free rider problem. Right? You know, once it's there, once one person pays for it, everybody gets to take advantage of it. Right? So it's both a tragedy of the commons problem and it's a free rider problem. And, yeah, we we it is running upstream to it, but there are companies who are also interested in this. Right? So there are other so Agoric and MetaMask are both interested in object capability security because they need it. Right? And, the and Agoric, it's most of the people who were working there, like, founded a bunch of the ideas in this area. So it is possible to to to work with partners who who do have this within their financial interests also. But it's a fundamentally commons problem. So, yes. And and I will add one tiny thing, and I know I I should stop because you have a follow-up and also we're way over time, which is that this is part of the reason things are so bad. You exactly highlighted that there's no incentive to fix it. Right? There's no incentive to fix context collapse because context collapse is the way you sell ads. Right? That's the number one way you sell ads. Right? And there's incentive to isn't there also an incentive to break it once it's been fixed? Yeah. Yeah. So the this is something we're gonna have to be build our systems to be very resilient to. Right? And, there are people who are gonna not like that. Right? So we're really fighting for the user. Right? I've talked about user freedom at the front. That's what we're doing. We're this is user freedom all the way. So the other thing is that what was the other thing? Maybe I shouldn't have other things because I, I keep going. Oh, no. There there is one other thing. This is actually right now, we're seeing amazing developments happening as in terms of this is a this is a side note thing. It's not my main thing, but it's just another example. It's a different example of context collapse. What's the most popular area of research in artificial intelligence right now? It's neural networks. Right? It's in machine learning, where you beat this model against a global network of things. Doing amazing things right now. It's not the most interesting version of artificial intelligence that I think is possible. There's a whole bunch of areas of artificial intelligence that are not getting funding right now. So I'm gonna do a shout out to my friend Leilani Gilpin's, dissertation. She shows how to build systems that add accountability layers using a different artificial intelligence system called propagators on top of, machine learning type systems that actually are able to analyze why did you do this thing and hold it accountable. That stuff's really hard to fund. Why is that hard to fund? Because who wants to fund it? Because the people who are making the most money are the people who are making it's not in their interest to fund a system that holds them accountable. Right? You know, it's in their interest for DALL E two to be only run by OpenAI, a company that took a complete one eighty on its name and is, you know, not open in the least anymore, and, for you to have to pay for their services, right, and for you to not have access to it. Same thing with GitHub's Copilot, right, and stuff like that. Not in their interest at all for user freedom. I'm interested in artificial intelligence, but I'm interested in the branches of artificial intelligence that can compose with machine learning, but also add aspects as in terms of how do we uphold the freedom and autonomy of the user. It's just not getting attention. Right? Even the open source work that's getting, paid attention to right now is mostly work that's people are just copying what the big players are getting a lot of results with right now. I think we need to think bigger than what the big players are currently doing and, sometimes actually scour the literature for what are the answers that other people have been working on that have been just sitting there on the shelves. Sometimes people ask, well, if Sprylate is such the right answer, why wasn't it done already? Why don't our alloy systems work like this? Well, it's because Web two point o, and even Web three point o in many ways, was the is the world of, trying to centralize things. Right? You know, Web three point o is centralization in in sheep's clothing. Right? So largely. So, we're looking at peer to peer two point o or three point o or whatever version that is. Right? And so the so so yeah. In whatever domain people are working in, I really encourage people to not just look at how do we make the open or decentralized version of whatever the big players are doing. That that type of work is important. But actually look at what are the incentives for the architecture that are being built? Because the architecture things are not just a technology problem or a social problem. They're a technology problem and a social problem. These are two things that feed into each other. You build one that feeds in the type of results you get from the other, which feeds into the type of results in the other. People think right now. One of the biggest questions we get about Spritely is, well, how do you prevent bad actors? But their current vision of preventing bad actors is only from the perspective of a big player sitting in the middle because they don't have any other perspective of how it could work. We need to think about how do you prevent bad actors when there are no gatekeepers in the system at all.
Speaker 2
98:05 – 98:14
Another huge question. But it's totally what an amazing conversation. Thank you so much for, giving us all of the
Speaker 1
98:15 – 98:43
thought that you just gave us. I really appreciate it. Thanks. Thanks for having me. There aren't many places where you start, you show up and you somebody asks you what's what's the the basis of your thinking. And you say, well, let me actually get into the philosophical underpinnings as in terms of literally the philosophical underpinnings of the work. And they say, yes. Please expand on that. So it's been delightful to be here. Yeah. I'd love to be on my end if you're willing to do it. We've it sounds like we've had other topics to cover. Yeah. Totally. There's a lot more to talk about, and I I would I would love to do that. So let's,
Speaker 2
98:44 – 98:55
let's do it. But any in any case, thank you, thank you so much. And, yeah, to anyone listening, donate to Spratly Institute. If this doesn't convince you to do that, then go back and listen to it again.
Speaker 1
98:55 – 98:58
Yeah. Help us make the comments not track it tragic. Bye.
Speaker 2
98:59 – 99:00
Thank you so much.
Speaker 0
99:02 – 100:12
Thanks again to Christine Lemmer Weber and Matt Pruitt for that exciting and enriching conversation. It's hard to overstate the impact that social networks have on our behavior these days, especially when these networks are run and mediated by centralized entities that might not have our best interests at heart when designing them. And it's great to hear that there are passionate creators building open source tools that can help us connect to each other in a more open and authentic way on the Internet. The Radical Exchanges podcast is executive produced by gee Angela Corpus, Matt Pruitt, and Jennifer Marrone, and is co produced and audio engineered by myself, Aaron Benavides. This episode was produced and recorded by gAngela Corpus. If you would like to learn more about Radical Exchange, please follow us on Twitter at RadExchange or check out our web site at radicalexchange.org. And if you'd like to join the conversation, we'd love to hear from you. So hop on our Discord where we have channels discussing topics like what you heard today as well as topics like plural voting, community currencies, soulbound tokens, and more. There will be links for all of these in the description. Have a great day and stay radical.