We need to have a clearer, more grounded conversation about “security” and what it actually means in the context of the #openweb. There is a long history of thinking in #FOSS spaces that security is something we can solve purely technically: better encryption, better protocols, better architectures. But in everyday life and practice, people need to work from a much simpler starting point – We do not trust client–server security. We only meaningfully trust what can be verified through the #4opens. And even with #p2p, we keep our trust closed limited.
Why? Because the underlying systems people actually use are insecure by design: old phones, opaque operating systems, proprietary blobs built and controlled by #dotcons. You can build the most secure system in the world, but if the people you are communicating with are using compromised devices, then your security collapses to their level.
That’s the bit people who fixate on closed don’t like to face. So a #KISS approach helps cut through the illusion – At normal use, there is very little real security. At paranoid levels, security breaks down socially, because you still need to interact with people operating at the normal level. That doesn’t mean security doesn’t matter. It means we need to stop pretending it technically works in isolation from social reality.
Why closed paths, spaces and projects fail socially, is a harder point. Closed systems are often justified in the name of security, privacy, or control, but socially, they create a very different dynamic in that they remove visibility. And without visibility, you cannot form shared judgment, without shared judgment, you cannot have social truth. In closed environments, bad actors – call them “monsters” if you like – can manipulate, divide, coordinate in the dark to avoid accountability, because there is no wider context to test what is happening.
In open systems, the same actors exist, but they are much easier to see, challenge, and trip up, because conversations are visible, processes are transparent and history is accessible. Closed breeds monsters, open pushes them out of the light and into the shadows. This is why, for the #openweb, “closed” should be deliberately limited and clearly bounded, not expanded as a default.
There is a very real social problem on this with #Encryptionism, as a social project as it is where meany parts of the #FOSS world go wrong. There is a strong tendency – what we call the #encryptionists – to treat encryption as a kind of universal solution, were in reality, this to often becomes: a focus on abstract technical purity, a dismissal of messy social reality to retreat into systems that don’t scale socially. And too often, aligns – ironically – with the same #deathcult logic it claims to resist: control, fear, and abstraction over lived practice. Encryption is a tool, not a culture.
This brings up the #Geekproblem – put simply – The people building the tools often cannot see the social problems those tools create. Even when those problems are pointed out repeatedly, over years, with real-world examples, the response is often negative and #blocking – to retreat into technical framing, to rephrase the issue in jargon, to build another “better” tool that misses the point.
A useful way to explain this to the #FOSS crew is yes, jargon can be messy, but this is not just about language. The deeper issue is cultural blindness, lets look at a concrete example that might help in bridging: #Indymedia was a ten-year working global experiment in open publishing and #4opens practice. And, yes, it ran into exactly these tensions, in the UK, the project fractured along three lines:
- #Encryptionists – blocking aggregation due to abstract security concerns
- #Fashernistas – pushing shiny but incompatible “better” solutions
Instead of adopting existing standards like RSS, parts of the project built new, incompatible formats, “better” on paper, but useless in practice. The result? Fragmentation, internal conflict, loss of interoperability, eventual collapse. All three sides lost. This pattern should feel familiar, you can still see it today in parts of the Fediverse.
The practical path forward, starts with taking this history seriously, then a few things become clear, that closed should be minimal and purposeful, not the default. Open processes (#4opens) are the only scalable form of trust, interoperability beats cleverness, social reality matters more than technical purity. And most importantly we need to design for the world as it is, not the world we only wish existed.
One Foot In, One Foot Out. Right now, most people are still inside the #dotcons. So the path forward isn’t purity, it’s transition. The approach we are taking with #OMN, it is simple, install and configure usable #openweb tools, make them accessible, let people use them alongside existing platforms to support a gradual #walkaway culture. One foot in. One foot out. If enough people take that step, the balance shifts.
But to take this step we need to compost the closed, we don’t need to destroy everything that exists, we need to compost it. Take what works, turn over what doesn’t, to grow something better from the remains. That means being honest about the limits of security, about the dangers of closed systems and about the cultural blind spots in #FOSS. If we can do that, we have a chance to build an #openweb that actually works.
If we can’t, we will keep repeating the same failures – just with better code.
