Language Selection

English French German Italian Portuguese Spanish

Slack: It Used to Be a GNU/Linux Distro, Now It's Surveillance Capitalism

Filed under
Just talk

I like "Freedo" (a symbol for freedom) better

Freedo

THE meaning of words can change over time, along with connotations that accompany these words. A little cat, for example, we can no longer call "pussy" and the word "gay" rarely means happy (colloquially). What about "Slack"?

Once upon a time I knew Slack as a solid, freedom-respecting distribution (GNU/Linux distro), whereas nowadays it is something to be stubbornly avoided as it threatens my freedom. It's technically spyware. It is a threat to everybody's freedom because of the network effect. When we use it we participate in a viral campaign of unwanted societal dependency. We help it spread exponentially. Like disease amongst anti-vaxxers. Richard Stallman had spoken about it in the context of Skype long before Microsoft entered the fray/picture. That's just common sense. The requirement of opening a Slack account to interact with other people is like the equivalent of an employer demanding the applicant has a Facebook account (despite all that is known about Facebook's incredible abuses). It can harm our neighbours, colleagues, family and friends as much as it harms ourselves.

As a little bit of background/context/polite remarks on this, I had been writing about Slack (the spyware, not the distro) for several years -- years before the prospects of actually using it. I never ever used it, but I know about it technically, from various angles (not just the shallow, user-centric end). Slack is proprietary at the front end and the back end. Only Slack employees know for sure what it does (and may do in the foreseeable future, as per secret roadmaps). They cannot speak out about it, for fear of retribution (so they're inherently gagged by fear over mortgage etc. or self-restraint that defies logic/ethics). Stallman has long warned about the morality of such circumstances and the ideology they breed. It was recently discovered that Facebook had targeted its critics (a huge number of them), subjecting them to Stasi-like treatment not for any government but for a private corporation, namely Facebook. It had been 'hunting' people using dubious and shallow justifications/pretexts. Nobody has yet been held accountable. Negative press has been the only cost/toll, so they got away with it with barely even a slap on the wrist. Others may imitate them, seeing that there are no fines, no arrests, no sanctions.

A colleague told me several months ago that someone at our company wanted to experiment with Slack; there was no final decision about it, so I assumed it was like our RT/OTRS 'dance' (choice of ticketing system half a decade ago). Sometimes we explore FOSS options/alternatives, which is a good thing! He sent me an invite, but he wasn't assertive about me joining as it was still an experimental thing (as I understood it back then, based on what I was told; I'll come to that in a moment). I thought we would, if it got adopted, still have options (duality). One colleague (at least) wasn't even sent an invite, so I took that as a sign of the adoption's semi-hearted nature (at the time). My colleagues never mentioned it since, except one person (who apparently liked Slack). Another colleague wondered why nobody had told her about it; as if she was left out, but she's happily using Kopete on KDE, so on she went with Jabber.

I've long been writing about Slack, maybe about 15 years (even when the name referred to a Live GNU/Linux distro, well before the name got 'hijacked'; it's Debian-based, it still has regular releases a few months apart, not the same as Slackware despite the names' similarity; BoycottNovell made a Slack-based distro called SUEME Linux 12 years ago); Tux Machines publishes announcements of Slack releases several times a year, but it's always about the distro. It's a European distro with pedigree; but I digress..

Nowadays "Slack" means something different; in a technical context, people no longer recognise it as the distro's name; Slack is now the darling of corporate media; myself and others could never quite explain why (we were rather baffled as it did not seem particularly innovative and we thus attributed most/all the press coverage to good marketing/PR); the name collision also raised legal questions because Slack is a well-known distro and the name is strictly used in the domain of software; it has been used for decades. Now the distro's development team needs to explain to people what came first and how this confusion came about.

OK, so now Slack is enjoying a valuation at $billions (as per very recent news headlines), with IPO rumours floated as well (making it easier to buy/subvert). Slack is relatively new a player/contender; it goes about 3-4 years back (in the mainstream), around the time we were in Alton Towers. I still remember that based on other events. Privacy activists had been warning about it and recently I kept seeing (also publicly writing about) more red flags. Slack, the company, is getting more invasive over time. It's like Facebook. Facebook for business. LinkedIn got picked by Microsoft, along with all that data (NSA PRISM comes to mind). Personal messages, passwords, social graphs, employment records and so on. Even location (picked every 60 seconds or so from one's phone through the 'app'). Same for Skype, which Microsoft added to PRISM just months after buying it (Microsoft was first in PRISM, based on Snowden's leaks -- it was one among the first stories to come out/emanate). Far less opinionated people than myself have blasted Slack for a variety of reasons. Some tweets of mine about it go ~3 years back (warning for 'opinionatedness'... I don't mince words much).

I still remember having to install Skype on an old phone for one company meeting. Back then the mere installation (for one hour, then deleted) meant sending Microsoft entire address books, entire call history and more. This phone of my wife is 7+ years old, so that's a lot of data, going a long way back. That's their business model. I'm usually apprehensive because some of my sources, e.g. for exclusive articles in Techrights (I published my 25,000th article last week in Techrights!), are named in files on my system. I'm no Free software 'purist' per se (I use proprietary drivers sometimes), but "Slack would be the surveillance capitalism competitor to Jabber," to quote something I read yesterday. They digest information, including corporate communications. There's a certain risk associated with this, including competitive risk. As a Free software-based company I think it's important to demonstrate that every piece of proprietary framework can be swapped with FOSS. There are quite a few Slack equivalents that are FOSS; a colleague told me that another colleague had brought some of these up. We might examine these soon, maybe test and adopt these. Time will tell. Maybe I'll write about some of these.

I am also reading about bridges between protocols that enable access to Slack, but yesterday when researching it I found that Slack is gradually burning these bridges/gateways. Not entirely surprising, as once they get to a certain point/market share they up/boost the lockin. Naturally. More so if they have obligations to shareholders. Twitter did this last August, shutting out all third-party apps/APIs for the first time ever (in the company's entire existence). Many of us were devastated because we had built interaction tools, custom-made around these APIs). So, basically, whatever a centralised platform gets adopted, we can always lose control as they can change everything they want at any time. Even, at worst, some company can just buy them for the data; they can start charging a lot, they can shut down, change ToS etc.

The bottom line is, Slack ought to be avoided. It's worse than proprietary because it's all centralised, even the data. There's no concept such as "private" or "privacy". These are only illusions.

More in Tux Machines

Security: Patches, Whonix, IPFire and More

  • Security updates for Thursday

    Security updates have been issued by CentOS (kernel, ksh, python-pillow, and thunderbird), Debian (opensmtpd, proftpd-dfsg, and rake), Fedora (NetworkManager-ssh), openSUSE (chromium), and SUSE (libexif, mariadb, ovmf, python3, and squid). 

  • Whonix VirtualBox 15.0.0.8.9 - Point Release! - vanguards; TCP ISN Leak Protection; Extensive Hardening!

    This is a point release. Download Whonix for VirtualBox:

  • Build your career in Computer Forensics: List of Digital Forensic Tools - Part I

    Digital devices are present everywhere and considered to be the primary source of evidence in the case of cybercrime. Out of all the devices, phones and laptops are the top weapons used in cybercrimes. Regardless of who the device belonged to, either the victim or suspect, it offers an abundance of data to investigate the crime. But retrieving evidence from these devices in a secure environment can be very challenging. To overcome the time constraint and other complications, cyber forensic professionals use digital forensic tools.  

  • What are Open Source Security Approaches? With Examples

    Open source security approaches enable organizations to secure their applications and networks while avoiding expensive proprietary security offerings.  An open source approach allows organizations to secure their applications across cloud providers and other platforms using platform-agnostic APIs. These APIs are written by contributors to the open source software code while cloud providers may use open source code that allows the open APIs to connect to the cloud. Open source approaches, for security or not, also bring in collaboration across an industry. It isn’t just one organization that benefits from a program or technology, but everyone who contributes to and uses it. The open source projects and programs used as examples in this article come from two major open source entities: The Linux Foundation and the Cloud Native Computing Foundation (CNCF). The two also work closely together to further the projects under their purview.

  • Cloud Snooper: Hackers Using Linux Kernel Driver To Attack Cloud Server [Ed: So, if you install malicious software in Linux, due to recklessness or sabotage, it'll do malicious things. How is that a Linux weakness?]

    Whether you’re a Linux user or not, you must have heard the buzzword about the Linux — “Best OS for security.” Well, it is true, but being a computer program, Linux also has some downside that challenges its security. Talking about the security risks, recently, SophosLab published a report about a new malware dubbed Cloud Snooper, that can compromise the security of any Linux or other OS based servers by deploying a kernel driver.

  • IPFire on AWS: Update to IPFire 2.25 - Core Update 141

    Today, we have updated IPFire on AWS to IPFire 2.25 - Core Update 141 - the latest official release of IPFire. Since IPFire is available on AWS, we are gaining more and more users who are securing their cloud infrastructure behind an easy to configure, yet fast and secure firewall. This update adds the rewritten DNS stack and brings many bug fixes to the cloud.

Huawei’s plan to escape Google could fix Android for everyone

Huawei has stopped sidestepping the unavoidable question – no Google, what next? After suggesting it could (eventually) make its own smartphone operating system, built on Harmony OS in 2019, Huawei is now unequivocal – for the foreseeable future, it’s all in with its Google Mobile Services (GMS) free version of Android. The long term partnership with Google saw Huawei launch the jewel in its crown, the P30 Pro, which, a year on, is still an easy phone to recommend. But, there’s a big question mark over its more recent, arguably better-specced devices like the Mate 30 Pro and upcoming Huawei Mate Xs, given the fact they don’t support essential features like access to the Google Play Store. Rather than serve as an indictment on Huawei’s inability to step up and deliver an alternative within months, however, this is part of a much bigger question. Is Android really open source, or have developers, manufacturers and, ultimately, all of us as Android users been sleepwalking into a state of total dependence upon Google? It’s important to note that if Google had its way, we could say with some assurance, it would keep working with Huawei. After all, this political fallout highlights just how hoodwinked the world is into thinking the Android we’ve been using is an open-source alternative to iOS. Read more

GNU/Linux on Devices

  • VOIXATCH Smartwatch Comes with a Detachable Bluetooth Headset (Crowdfunding)

    VOIXATCH runs an Android-based OS, and an accompanying app is also provided.

  • AI comes to the Edge with SolidRun and Gyrfalcon's AI inference server

    What's an AI inference server you ask? Once you've trained a neural network with machine learning to recognize, say, cars and spaces, it's learned lessons can be built into an application. That program can then infer things about new data based on its training. So, for example, an AI-empowered traffic cop might infer when someone's speeding or has run a red light. Of course, if you're going to do anything about this in real-time, you need a computer on the edge rather than a second or two of latency away in a cloud datacenter. That's where the Janux GS31 comes in. The Janux GS31 comes as a rackmount 1U server. At its heart, it uses a CEx7 LX2160A 16-core Arm Cortex A72 CPU. For its real processing power, it can use up to 128 Gyrfalcon Lightspeeur SPR2803 AI acceleration chips and 32 i.MX8M System on Chips (SoC)s. For fast memory, it uses up to 64GB dual-channel SO-DIMM DDR4 RAM. This supports all major neural network frameworks. Specifically, it supports the open-source TensorFlow, Caffe, and PyTorch frameworks.

  • Arm, Aeler Select IoT Linux Platform FoundriesFactory

    FoundriesFactory is a secure, customizable embedded Linux platform that enables customers, regardless of size, to develop, deploy and maintain secure Internet of Things and Edge devices for life. It offers support for a range of SoCs, SoMs and single board computers as the starting point for customers to deliver, deploy and maintain software on their own hardware.

  • Play Pong with ultrasonic sensors and a Raspberry Pi | HackSpace magazine

    Day three of our Pong celebration leads us here, to HackSpace magazine’s ultrasonic hack of Eben’s Code the Classics Pong tribute, Boing!

  • OnLogic AMD Ryzen Embedded Mini PCs Launched for $565 and Up
  • Adafruit Industries Joins Zephyr Project

    The Zephyr Project, an open source project at the Linux Foundation, has added Adafruit Industries to its growing ecosystem. Adafruit makes open source hardware, tutorials and code for makers to create DIY electronic products. With this development, Adafruit now joins member companies including Antmicro, Eclipse Foundation, Foundries.io, Intel, Linaro, Nordic Semiconductor, NXP, Oticon, SiFive, Synopsys, Texas Instruments and more to create an open hardware and software ecosystem using the Zephyr OS.

Linux-driven net appliance has six GbE and a pair of 10GbE ports

The new Puzzle-IN003B offers standard SKUs that run Ubuntu 18.04 on the quad-core Atom C3358 and the similarly 2.2GHz, octa-core C3758. However, models up to the 16-core C3958 are also supported. IEI touts Denverton’s Intel QuickAssist technology for “providing up to 20 Gbps of crypto performance, ensuring secure data transfer while reserving valuable processor cycles for other tasks.” Read more