GOODBYE OFFPUNK, WELCOME XKCDPUNK!
by Ploum on 2025-04-01
https://ploum.net/2025-04-01-xkcdpunk.html
For the last three years, I’ve been working on Offpunk, a command-line
gemini and web browser.
Offpunk.nethttps://offpunk.net
While my initial goal was to browse the Geminisphere offline, the
mission has slowly morphed into cleaning and unenshitiffying the modern
web, offering users a minimalistic way of browsing any website with
interesting content.
Rendering the Web with Pictures in Your Terminal (ploum.net)
https://ploum.net/2022-03-24-ansi_html.html
Focusing on essentials
======================
From the start, it was clear that Offpunk would focus on essentials. If
a website needs JavaScript to be read, it is considered as non-
essential.
It worked surprisingly well. In fact, in multiple occurrence, I’ve
discovered that some websites work better in Offpunk than in Firefox. I
can comfortably read their content in the former, not in the latter.
By default, Offpunk blocks domains deemed as nonessentials or too
enshitified like twitter, X, facebook, linkedin, tiktok. (those are
configurable, of course. Defaults are in offblocklist.py).
Cleaning websites, blocking worst offenders. That’s good. But it is only
a start.
It’s time to go further, to really cut out all the crap from the web.
And, honestly, besides XKCD comics, everything is crap on the modern
web.
> As an online technical discussion grows longer, the probability of a
comparison with an existing XKCD comic approaches 1.
> – XKCD’s law
XKCD’s law (ploum.net)
https://ploum.net/xkcds-law/index.html
If we know that we will end our discussion with an XKCD’s comic, why not
cut all the fluff? Why don’t we go straight to the conclusion in a true
minimalistic fashion?
Introducing XKCDpunk
====================
That’s why I’m proud to announce that, starting with today’s release,
Offpunk 2.7 will now be known as XKCDpunk 1.0.
Xkcdpunk.nethttps://xkcdpunk.net
XKCDpunk includes a new essential command "xkcd" which, as you guessed,
takes an integer as a parameter and display the relevant XKCD comic in
your terminal, while caching it to be able to browse it offline.
Screenshot of XKCDpunk showing comic 626
https://ploum.net/files/xkcdpunk1.png
Of course, this is only an early release. I need to clean a lot of code
to remove everything not related to accessing xkcd.com. Every non-xkcd
related domain will be added to offblocklist.py.
I also need to clean every occurrence of "Offpunk" to change the name.
All offpunk.net needs to be migrated to xkcd.net. Roma was not built in
one day.
Don’t hesitate to install an "offpunk" package, as it will still be
called in most distributions.
offpunk package versions - Repology (repology.org)
https://repology.org/project/offpunk/versions
And report bugs on the xkcdpunk’s mailinglist.
xkcdpunk-users on lists.sr.ht
https://lists.sr.ht/~lioploum/offpunk-users
Goodbye Offpunk, welcome XKCDpunk!
THE CANDID NAIVETY OF GEEKS
by Ploum on 2025-03-28
https://ploum.net/2025-03-28-geeks-naivety.html
I mean, come on!
================
Amazon recently announced that, from now on, everything you say to Alexa
will be sent to their server.
Pluralistic: Amazon annihilates Alexa privacy settings, turns on
continuous, nonconsensual audio uploading (15 Mar 2025)
(pluralistic.net)
https://pluralistic.net/2025/03/15/altering-the-deal/
What surprised me the most with this announcement is how it was met with
surprise and harsh reactions. People felt betrayed.
I mean, come on!
Did you really think that Amazon was not listening to you before that?
Did you really buy an Alexa trusting Amazon to "protect your privacy"?
Recently, I came across a comment on Hacker News where the poster
defended Apple as protecting privacy of its users because "They market
their product as protecting our privacy".
I mean, once again, come on!
Did you really think that "marketing" is telling the truth? Are you a
freshly debarked Thermian? (In case you missed it, this is a Galaxy
Quest reference.)
The whole point of marketing is to lie, lie and lie again.
What is the purpose of that gadget?
===================================
The whole point of the whole Amazon Alexa tech stack is to send
information to Amazon. That’s the main goal of the thing. The fact that
it is sometimes useful to you is a direct consequence of the thing
sending information to Amazon. Just like Facebook linking you with
friends is a consequence of you giving your information to Meta.
Usefulness is only a byproduct of privacy invasion.
Having a fine-grained setting enabling "do not send all information to
Amazon please" is, at best, wishful thinking. We had the same in the
browser ("do-not-track"). It didn’t work.
I’ve always been convinced that the tech geeks who bought an Amazon
Alexa perfectly knew what they were doing. One of my friends has a
Google Echo and justify it with "Google already knows everything about
our family through our phones, so I’m trading only a bit more of our
privacy for convenience". I don’t agree with him but, at the very least,
it’s a logical opinion.
We all know that what can be done with a tool will be done eventually.
And you should prepare for it. On a side note, I also postulate that the
reason Amazon removed that setting is because they were already
gathering too much data to justify its existence in case there’s a
complaint or an investigation in the future."How did you manage to get
those data while your product says it will not send data?".
But, once again, any tech person knows that pushing a button in an
interface is not a proof of anything in the underlying software.
Please stop being naive about Apple
===================================
That’s also the point with Apple: Apple is such a big company that the
right hand has no idea about what the left hand is doing. Some privacy
people are working at Apple and doing good job. But their work is
continuously diluted through the interests of quick and cheap
production, marketing, release, new features, gathering data for
advertising purpose. Apple is not a privacy company and has never been:
it is an opportunistic company which advertise privacy when it feels it
could help sell more iPhones. But deeply inside, they absolutely don’t
care and they will absolutely trade the (very little) privacy they have
if it means selling more.
Sometimes, geek naivety is embarrassingly stupid. Like "brand loyalty".
Marketing lies to you. As a rule of thumb, the bigger the company, the
bigger the lie. In tech, there’s no way for a big company to not lie
because marketers have no real understanding of they are selling. Do you
really think that people who chose to advertise "privacy" at Apple have
any strong knowledge about "privacy"? That they could simply give you a
definition of "privacy"?
I know that intelligent people go to great intellectual contortions to
justify buying the latest overpriced spying shiny coloured screen with
an apple logo. It looks like most humans actively look to see their
freedom restricted. Seirdy calls it "the domestication of users".
WhatsApp and the domestication of users (seirdy.one)
https://seirdy.one/posts/2021/01/27/whatsapp-and-the-domestication-of-users/
And that’s why I see Apple as a cult: most tech people cannot be
reasoned about it.
The Cost of Being Convinced (ploum.net)
https://ploum.net/the-cost-of-being-convinced/index.html
You can’t find a technical solution to a lie
============================================
Bill Cole, contributor to Spamassassin, recently posted on Mastodon that
the whole DNS stack to protect spammers was not working.
> spammers are more consistent at making SPF, DKIM, and DMARC correct
than are legitimate senders.
🆘Bill Cole 🇺🇦: "@jwz@mastodon.social The stats we collect for the…"
(toad.social)
https://toad.social/@grumpybozo/114213600922816869
It is, once again, a naive approach to spam. The whole stack was
designed with the mindset "bad spammers will try to hide themselves".
But was is happening in your inbox, really?
Most spam is not "black hat spam". It is what I call "white-collar
spam": perfectly legitimate company, sending you emails from legitimate
address. You slept in a hotel during a business trip? Now you will
receive weekly emails about our hotel for the rest of your life. And it
is the same for any shop, any outlet, anything you have done. Your inbox
is filled with "white-collar" junk. And they know this perfectly well.
In Europe, we have a rule, the RGPD, which forbid businesses to keep
your data without your express consent. I did the experiment for several
months to send a legal threat to every single white-collar spam I
received. Guess what: they always replied that it was a mistake, that I
was now removed, that it should not have happened, that I checked the
box (which was false but how could I prove it?) or even, on one
occasion, that they restored a backup containing my email before I
unsubscribed (I unsubscribed from that one 10 years before, which makes
it very unlikely).
In short, they lied. All of them. All of them are spammers and they lie
pretending that "they thought you were interested".
In one notable case, they told me that they had erased all my data
while, still having the cookie on my laptop, I could see and use my
account. Thirty days later, I was still connected and I figured that
they simply managed to change my user id from "ploum" to "deleted_ploum"
in the database. While answering me straight in the face that they had
no information about me in their database.
Corporations are lying. You must treat every corporate word as a
straight lie until proved otherwise.
But Ploum, if all marketing is a lie, why trusting Signal?
==========================================================
If you can’t trust marketing, why do I use Signal and Protonmail?
First of all, Signal is open source. And, yes, I’ve read some of the
source code for some feature I was interested in. I’ve also read through
some very deep audit of Signal source code.
Reviewing the Cryptography Used by Signal (soatok.blog)
https://soatok.blog/2025/02/18/reviewing-the-cryptography-used-by-signal/
I’m also trusting the people behind Signal. I’m trusting people who
recommend Signal. I’m trusting the way Signal is built.
But most importantly, Signal sole existence is to protect privacy of its
users. It’s not even a corporation and, yes, this is important.
Yes, they could lie in their marketing. Like Telegram did (and still
does AFAIK). But this would undermine their sole reason to exist.
I don’t say that Signal is perfect: I say I trust them to believe
themselves what they announce. For now.
What about Protonmail?
======================
For the same reasons, Protonmail can, to some extent, be trusted.
Technically, they can access most of the emails of their customers
(because those emails arrive unencrypted to PM’s servers). But I trust
Protonmail not to sell any data because if there’s any doubt that they
do it, the whole business will crumble. They have a strong commercial
incentive to do everything they can to protect my data. I pay them for
that. It’s not a "checkbox" they could remove, it’s their whole raison
d’être.
This is also why I pay for Kagi as my search engine: their business
incentive is to provide me the best search results with less slop, less
advertising. As soon as they start doing some kind of advertising, I
will stop paying them and they know it. Or if Kagi starts becoming to AI
centric for my taste, like they did for Lori:
Why I Lost Faith in Kagi (d-shoot.net)
https://d-shoot.net/kagi.html
I don’t blindly trust companies. Paying them is not a commitment to obey
them, au contraire. Every relation with a commercial entity is, by
essence, temporary. I pay for a service with strings attached. If the
service degrade, if my conditions are not respected, I stop paying. If
I’m not convinced they can be trusted, I stop paying them. I know I can
pay and still be the product. If I have any doubt, I don’t pay. I try to
find an alternative and migrate to it. Email being critical to me, I
always have two accounts on two different trustable providers with an
easy migrating path (which boils down to changing my DNS config).
Fighting the Androidification
=============================
Cory Doctorow speaks a lot about enshitification. Where users are more
and more exploited. But one key component of a good enshitification is
what I call "Androidification".
Androidification is not about degrading the user experience. It’s about
closing doors, removing special use cases, being less and less
transparent. It’s about taking open source software and frog boiling it
to a full closed proprietary state while killing all the competition in
the process.
Android was, at first, an Open Source project. With each release, it
became more closed, more proprietary. As I explain in my "20 years of
Linux on the Desktop" essay, I believe it has always been part of the
plan. Besides the Linux kernel, Google was always wary not to include
any GPL or LGPL licensed library in Android.
20 years of Linux on the Desktop (part 3) (ploum.net)
https://ploum.net/2025-03-08-linux_desktop3.html
It took them 15 years but they finally achieved killing the Android Open
Source Project:
Google will develop the Android OS fully in private, here's why
(www.androidauthority.com)
https://www.androidauthority.com/google-android-development-aosp-3538503/
This is why I’m deeply concerned by the motivation of Canonical to
switch Ubuntu’s coreutils to an MIT licensed version.
Ubuntu 25.10 plans to swap GNU coreutils for Rust (go.theregister.com)
https://go.theregister.com/feed/www.theregister.com/2025/03/19/ubuntu_2510_…
This is why I’m deeply concerned that Protonmail quietly removed the
issue tracker from its Protonmail Bridge Github page (making the
development completely opaque for what is an essential tool for
technical Protonmail users).
I mean, commons!
================
This whole naivety is also why I’m deeply concerned by very intelligent
and smart tech people not understanding what "copyleft" is, why it is
different from "open source" and why they should care.
We need more of Richard Stallman, not less (ploum.net)
https://ploum.net/2023-06-19-more-rms.html
Corporations are not your friend. They never were. They lie. The only
possible relationship with them is an opportunistic one. And if you one
to build commons that they cannot steal, you need strong copyleft.
On Open Source and the Sustainability of the Commons (ploum.net)
https://ploum.net/2024-07-01-opensource_sustainability.html
But firstly, my fellow geeks, you need to lose your candid naivety.
I mean, come on, let’s build the commons!
20 YEARS OF LINUX ON THE DESKTOP (PART 3)
by Ploum on 2025-03-08
https://ploum.net/2025-03-08-linux_desktop3.html
> Previously in "20 years of Linux on the Deskop": After contributing to
the launch of Ubuntu as the "perfect Linux desktop", Ploum realises that
Ubuntu is drifting away from both Debian and GNOME. But something else
is about to shake the world…
20 years of Linux on the Desktop (part 1)
https://ploum.net/2024-10-20-20years-linux-desktop-part1.html
20 years of Linux on the Desktop (part 2)
https://ploum.net/2024-12-16-linux_desktop2.html
The new mobile paradigm
=======================
While I was focused on Ubuntu as a desktop solution, another
GNOME+Debian product had appeared and was shaking the small free
software world: Maemo.
It will come as a shock for the youngest but this was a time without
smartphones (yes, we had electricity and, no, dinosaurs were already
extinct, please keep playing Pokémon instead of interrupting me). Mobile
phones were still quite new and doing exactly two things: calls and
SMSes. In fact, they were sold as calling machines and the SMS frenzy,
which was just a technical hack around the GSM protocol, took everybody
by surprise, including operators. Were people really using awkward
cramped keyboard to send themselves flood of small messages?
Small pocket computers with tiny keyboard started to appear. There were
using proprietary operating systems like WinCE or Symbian and browsing a
mobile version of the web, called "WAP", that required specific WAP
sites and that nobody used. The Blackberry was so proprietary that it
had its own proprietary network. It was particularly popular amongst
business people that wanted to look serious. Obama was famously addicted
to his Blackberry to the point that the firm had to create a secure
proprietary network only for him once he took office in the White House.
But like others, Blackberries were very limited, with very limited
software. Nothing like a laptop computer.
N770, the precursor
===================
In 2005, Nokia very quietly launched the N770 as an experiment. Unlike
its competitors, it has no keyboard but a wide screen that could be used
with a stylus. Inside was running a Debian system with an interface
based on GNOME: Maemo.
The N770, browsing Wikipedia
https://ploum.net/files/old/Nokia770-fi-wiki-600x450.jpg
Instead of doing all the development in-house, Nokia was toying with
free software. Most of the software work was done by small European
companies created by free software hackers between 2004 and 2005. Those
companies, often created specifically to work with Nokia, were only a
handful of people each and had very narrow expertise. Fluendo was
working on the media framework GStreamer. Immendio was working on the
GTK user interface layer. Collabora was focusing on messaging software.
Etc.
Far from the hegemony of American giant monopolists, the N770 was a
mostly European attempt at innovating through a collaborative network of
smaller and creative actors, everything led by the giant Nokia.
During FOSDEM 2005, GNOME developer Vincent Untz lent me a N770
prototype for two days. The first night was a dream come true: I was
laying in bed, chatting on IRC and reading forums. Once the N770 was
publicly released, I immediately bought my own. While standing in line
in the bakery one Sunday morning, I discovered that there was an
unprotected wifi. I used it to post a message on the Linuxfr website
telling my fellow geeks that I was waiting for my croissants and could
still chat with them thanks to free software.
Those days, chatting while waiting in a queue has been normalised to the
point you remark someone not doing it. But, in 2005, this was brand new.
So new that it started a running meme about "Ploum’s baker" on Linuxfr.
Twenty years later, some people that I meet for the first time still
greet me with "say hello to your baker" when they learn who I am. For
the record, the baker, an already-old woman at the time of the original
post, retired a couple years later and the whole building was demolished
to give place to a motorbike shop.
This anecdote highlights a huge flaw of the N770: without wifi, it was a
dead weight. When I showed it to people, they didn’t understand what it
was, they asked why I would carry it if I could not make calls with it.
Not being able to use the Internet without a wifi was a huge miss but,
to be fair, 3G didn’t exist yet. Another flaw was that installing new
software was far from being user-friendly. Being based on Debian, Maemo
was offering a Synaptic-like interface where you had to select your
software in a very long list of .deb packages, including the technical
libraries.
Also, it was slow and prone to crash but that could be solved.
Having played with the N770 in my bed and having seen the reactions of
people around me when I used it, I knew that the N770 could become a
worldwide hit. It was literally the future. There were only two things
that Nokia needed to solve: make it a phone and make it easy to install
new software. Also, if it could crash less, that would be perfect.
The Nokia (un)management guide to failure
=========================================
But development seemed to stall. It would take more than two years for
Nokia to successively release two successors to the N770: the N800 and
the N810. But, besides some better performance, none of the core issues
were addressed. None of those were phones. None of those offered easy
installation of software. None were widely released. In fact, it was so
confidential that you could only buy them through the Nokia website of
some specific countries. The items were not in traditional shops nor
catalogues. When I asked my employer to get a N810, the purchasing
department was unable to find a reference: it didn’t exist for them.
Tired by multiple days of discussion with the purchasing administration,
my boss gave me his own credit card, asked me to purchase it on the
Nokia website and made a "diverse material expense" to be reimbursed.
The thing was simply not available to businesses. It was like Nokia
wanted Maemo to fail at all cost.
While the N800 and N810 were released, a new device appeared on the
market: the Apple iPhone.
I said that the problem with the N770 is that you had to carry a phone
with it. Steve Jobs had come to the same conclusion with the iPod.
People had to carry an iPod and a phone. So he added the phone to the
iPod. It should be highlighted that the success of the iPhone took
everyone by surprise, including Steve Jobs himself. The original iPhone
was envisioned as an iPod and nothing else. There was no app, no app
store, no customisation (Steve Jobs was against it). It was nevertheless
a hit because you could make calls, listen to music and Apple spent a
fortune in marketing to advertise it worldwide. The marketing frenzy was
crazy. Multiple people that knew I was "good with computers" asked me if
I could unlock the iPhone they bought in the USA and which was not
working in Europe (I could not). They spent a fortune on a device that
was not working. Those having one were showing it to everyone.
With the iPhone, you had music listening and a phone on one single
device. In theory, you could also browse the web. Of course, there was
no 3G so browsing the web was mostly done through wifi, like the N770.
But, at the time, websites were done with wide screens in mind and Flash
was all the rage. The iPhone was not supporting Flash and the screen was
vertical, which made web browsing a lot worse than on the N770. And,
unlike the N770, you could not install any application.
The iPhone 1 was far from the revolution Apple want us to believe. It
was just very good marketing. In retrospective, the N770 could have been
a huge success had Nokia done some marketing at all. They did none.
Another Linux on your mobile
============================
In 2008, Google launched its first phone which still had a physical
keyboard. Instead of developing the software from scratch, Google used a
Linux system initially developed as an embedded solution for cameras:
Android. At the same time, Apple came to the realisation I had in 2005
that installing software was a key feature. The App Store was born.
Phone, web browsing and custom applications, all on one device. Since
2005, people who had tried the N770 knew this was the answer. They
simply did not expect it from Apple nor Google.
When Android was first released, I thought it was what Maemo should have
been. Because of the Linux kernel, I was thinking it would be a "free"
operating system. I made a deep comparison with Maemo, diving into some
part of the source code, and was surprised by some choices. Why Java?
And why would Android avoid GStreamer in its multimedia stack? Technical
explanations around that choice were not convincing. Years later, I
would understand that this was not a technical choice: besides the Linux
kernel itself, Google would explicitly avoid every GPL and LGPL licensed
code. Android was only "free software" by accident. Gradually, the
Android Open Source Project (AOSP) would be reduced to a mere skeleton
while Android itself became more and more restricted and proprietary.
In reaction to the iPhone and to Android, Nokia launched the N900 at the
end of 2009. Eventually, the N900 was a phone. It even included an app
store called, for unknown marketing reasons, "OVI store". The phone was
good. The software was good, with the exception of the infamous OVI
store (which was bad, had a bad name, a non-existent software offering
and, worse of all, was conflicting with deb packages).
The N900 would probably have taken the world by storm if released 3
years earlier. It would have been a success and a huge competitor to the
iPhone if released 18 months before. Is it too late? The world seems to
settle with an Apple/Google duopoly. A duopoly that could have been
slightly shacked by the N900 if Nokia had done at least some marketing.
It should be noted that the N900 had a physical keyboard. But, at that
point, nobody really cared.
When failing is not enough, dig deeper
======================================
At least, there was the Maemo platform. Four years of work. Something
could be done with that. That’s why, in 2010, Nokia decided to… launch
Meego, a new Linux platform which replaced the Debian infrastructure by
RPMs and the GNOME infrastructure by Qt.
No, really.
Even if it was theoretically, the continuation of Maemo (Maemo 6,
codenamed Harmattan, was released as Meego 1), it felt like starting
everything from scratch with a Fedora+KDE system. Instead of a strong
leadership, Meego was a medley of Linux Foundation, Intel, AMD and
Nokia. Design by committee with red tape everywhere. From the outside,
it looked like Nokia outsourced its own management incompetence and
administrative hubris. The N9 phone would be released in 2011 without
keyboard but with Meego.
History would repeat itself two years later when people working on Meego
(without Nokia) would replace it with Tizen. Yet another committee.
From being three years ahead of the competition in 2005 thanks to Free
Software, Nokia managed to become two years too late in 2010 thanks to
incredibly bad management and choosing to hide its products instead of
advertising them.
I’ve no inside knowledge of what Nokia was at this time but my
experience in the industry allows me to perfectly imagine the hundreds
of meetings that probably happened at that time.
When business decisions look like very bad management from the outside,
it is often because they are. In the whole Europe at the time, technical
expertise was seen as the realm of those who were not gifted enough to
become managers. As a young engineer, I thought that managers from
higher levels were pretentious and incompetent idiots. After climbing
the ladder and becoming a manager myself, years later, I got the
confirmation that I was even underestimating the sheer stupidity of
management. It is not that most managers were idiots, they were also
proud of their incompetence and, as this story would demonstrate, they
sometimes need to become deeply dishonest to succeed.
It looks like Nokia never really trusted its own Maemo initiative
because no manager really understood what it was. To add insult to
injury the company bought Symbian OS in 2008, an operating system which
was already historical and highly limited at that time. Nodoby could
figure out why they spent cash on that and why Symbian was suddenly an
internal competitor to Maemo (Symbian was running on way cheaper
devices).
The emotional roller coster
===========================
In 2006, I was certain that free software would take over the world. It
was just a matter of time. Debian and GNOME would soon be on most
desktop thanks to Ubuntu and on most mobile devices thanks to Maemo.
There was no way for Microsoft to compete against such power. My wildest
dreams were coming true.
Five years later, the outlooadministrative hubris. The N9 phone would be
released in 2011 without keyboard but with Meego.k was way darker. Apple
was taking the lead by being even more proprietary and closed than
Microsoft. Google seemed like good guys but could we trust them? Even
Ubuntu was drifting away from its own Debian and GNOME roots. The
communities I loved so much were now fragmented.
Where would I go next?
(to be continued)
> Subscribe by email or by rss to get the next episodes of "20 years of
Linux on the Desktop".
>
> I’m currently turning this story into a book. I’m looking for an agent
or a publisher interested to work with me on this book and on an English
translation of "Bikepunk", my new post-apocalyptic-cyclist typewritten
novel which sold out in three weeks in France and Belgium.
