Trust in Software, an All Time Low

Underjord is a tiny, wholesome team doing Elixir consulting and contract work. If you like the writing you should really try the code. See our services for more information.

I don’t think I’ve ever had more distrust and as a consequence distate for software than in recent years. I don’t think its just me as a tech-nerd with artisanal tech-carpentry aspirations. I want people to build well, treat their users right and generally exercise some actual restraint. I see it very clearly and I react more viscerally than anyone non-technical in my surroundings. However, I see the frustrations and the consequences everywhere.

Windows is an Adversary of the Desktop User

Most computer users I know don’t particularly want a Microsoft Account. Microsoft wants them to have one though. None of the people I’ve set up with computers have asked for OneDrive, Microsoft really wants them to know about it though. No one I’ve ever heard of uses Cortana but you bet there’s stuff about it in your toolbars. The experience of installing, setting up and using the operating systems is an exercise in finding new novel ways to decline things or simply capitulating to see if it makes the nagging go away.

And then there’s the ads. I mean, personalized experiences. Smart Cloud Somethings. It is at a foundational level completely unacceptable to me that a commercial operating system that you’ve paid for, or that was included on the computer you paid for, will show you advertising in your primary modes of navigation. Read, the Start menu. It just looks like an app you might have that you never installed. But it’ll take you to the store. It’ll take my mom to the store. It’ll mean she thinks twice about everything her OS shows her, or capitulate entirely and just accept that her computer is not really hers and isn’t knowable to her.

I find it infuriating. I don’t hate Windows. I don’t love using it but I use it for gaming and I help friends and loved ones with it. I’m not precious about using it when it makes sense. There are things about Windows that are immensely impressive. My father-in-law’s old desktop invoicing program still runs, more than a decade later without updates. I respect that. That’s worthy of acknowledgment.

Windows 10, which I liked as much as Windows 7 at the start, has slowly rotted on me, or just ground me down to where I find it reprehensible. Where every new notification, interruption, thing changing under my feet or update that bricks my entire computer, just pokes straight at the raw exposed nerve ending that used to be a thick skin.

Beyond that they’ve not reconciled their old and new control panels which just makes the OS numerous layers of confusion, there are endless screens of paragraphs of text, toggle switches that only barely try to do what you want and any time you actually need something done you need to find a link to Advanced or whatever takes you to the old UI that actually does the damn thing. How does that belong here? Well it isn’t really learnable anymore. The paradigms and concepts are barely cohesive anymore.

And Microsoft has with help from the rest of the industry turned the word “telemetry” into something that makes entire sections of the tech world recoil and rev up the privacy monologue engines. I don’t want to care too much about that but when every goddamn app feels the need to get that sweet data it starts to get old. And that’s not even the tracking stuff, that’s later.

Windows is an amazing platform in many ways. It is commerically successful and viable. It doesn’t operate under Microsoft’s thumb in the way the Apple ecosystem does which there is currently war about. Windows could be the most reasonable operating system. They could just stop all the bullshit. They absolutely don’t need it. Telemetry, maybe they need some of that. But ads? Nah. Upsell? Nah. They could just choose to be better.

Also, people liked Skype once and hate Teams. So with Windows 11 and the pandemic we are building it into the OS. Skype? No. Of course not. Teams! More Teams!

I really hope Windows 11 manages to improve the UI cohesion. I have absolutely zero hopes that the rest will be less egregious. Also, they are partnering with trusted friends Amazon for bringing Android apps to the Microsoft Store. That just gives me all sorts of warm and fuzzy creeps. I like the feature of being able to run Android apps. Great! Cool! But Amazon?

The Smartphone Era

As the smartphone arrived everyone started building apps. Small plucky software packages that did things previously untenable on a phone. Pretty cool. And there was money to be made.

The friction to building, publishing and selling software went from significant to negligable and the potential audience went from large to pretty much every single person. With this came the easy-money-chasers, the scammers, the thieves, the corporate giants with the half-assed ideas. Pretty much everyone. Among them were the gems, the hard-fought stalwarts and a bunch of pretty decent software. But the deluge is more noticeable.

I’m pretty sure the “your device starts randomly asking for shit” thing wasn’t introduced with the smartphone. I feel like OEM bullshit driver software had that capability way back. It did however become ubiquitous. Now my mother has the pleasure of calling me because her phone asked her for something weird. Why? Samsung, maker of the phone, decided they should have access to her Google Drive or something. It’s probably harmless. But we can’t know that. And Samsung isn’t so good at bundled software that I’d necessarily trust them.

If you want to find any simple utility app you have no chance to find a reasonably priced, high quality one without tons of up front research. Because the roulette of an app store search will get you an undiscernable mess. And you know you have to be careful, mindful. Because most apps are traps, trackers or hustles.

Smartphone apps taught us about security in the least satisfying way. It showed us that you can’t trust the software and you need to very, very mindful to not get fucked.

So many I know stick with the big actors. They wouldn’t pick up small indie apps because it is hopeless to know a good small app from an evil small app up front. This is especially true on Android which doesn’t have a cultural ecosystem of app devs that are worth trusting (at least I don’t know of it). iOS in that sense has a bit of a reputation system and a large enthusiast sphere which helps with curation. The App Store is of course still a shitshow. I mean, carefully reviewed and curated.

Right, so the big actors. They have again and again been shown to be worthy of no real trust. Facebook standing head and shoulders above everyone else in being creepy and worthy of all skepticism and distrust. Google has a sort of elemental honesty in being unapologetic trackers. It was always their business and I don’t feel like they were every quite so psychotic as Facebook. That said, we know they are in everything and we absolutely are being tracked by them.

So while the big actors are slightly less likely to completely screw you on security, software quality or straight money. They are pretty much guaranteed to screw you on privacy. As an EU citizen the GDPR does make them disclose and ask me to opt in and limit how much they can require from me. It really does make it more noticeable. But with near-monopolies, network effects and plenty of money to throw at these problems they do what they can to entice, inconvenience and generally prod you towards surrender. You’ll get much better smart somethings.

Hostile Devices

I’ve mostly wrangled my devices into a semblance of being under control. But I don’t trust them, I only like some of them and I don’t trust any of them very far. The one I trust furthest is my Linux workstation. That one is finicky only in being a bit rough here and there, it isn’t hostile or under the control of some alien software. To my knowledge. Maybe System76 will brick Pop or unveil their new ads. I doubt it and if they did I’d fall back to Debian.

Everything else is asking for your permission to do the thing you don’t want them to do. Everything is asking for more than they need. There’s a very cool trick you can pull to avoid showing a cookie notice for your site, don’t use unnecessary cookies. Cookie for login? Pretty much fine with the law. GDPR? If you aren’t collecting personal data you don’t need to ask complicated questions.

Want to improve the UX of your application or SaaS? Don’t do things that require users to opt in to things they don’t want to do. Free UX!

But oh, the metrics and analytics, we so very need them. I don’t think we do. Sure, they can be useful but the most actionable and useful information is already very legal and available. Did people visit the thing? Did people buy the thing? Did they complain about it afterwards? I’m aware that there is signal that is hard to get. But I really don’t think grinding away at the foundations of human-computer interactions is a very good investment.

We are spending our time deciding whether to fight dark patterns or just give up. They are everywhere. Every convenience, every delightful offering comes with a side of “just consent to everything”.

Doing the opposite of this, respecting privacy, providing user control, minding the user’s agency, these are things that only small operations can do today. And it is the differentiator that we can offer. We can build things that don’t suck. Any sufficiently large company is required to start sucking at some point. It’s probably a law.

Each megacorp can grab a shred of something real and important and claim that they do that thing oh so well. Apple with privacy. Google with .. the heck kind of good thing should I be associating with Google these days? I don’t even know. They’ve been crap at marketing themselves for ages now. Facebook with .. political manipulation? Connecting people? Amazon with .. exploitation.. Microsoft with Open Source and bringing Linux to the desktop? Regardless, they can push a very limited set of virtues and we can just assume everything else is corporately mandated to be morally bankrupt.

In Conclusion

The background buzz of permission dialogues is deafening, deadening. Cookie notices, consent forms, allow/reject. Should I trust this? Can I install that? Do you want to try OneDrive? Dropbox needs to update again. You need to restart your browser. Are you sure you don’t want to try Edge? You really shouldn’t be installing untrusted dangerous software. This trusted approved software wants to know your location always. Allow/Decline?

Your privacy is very important to us. We would like to know what you are doing at all times. Accept / Ask me again later.

Yeah. I couldn’t give a good reason why anyone should trust, or like, software the way it typically works these days.

Ask me again later. Not right now. More information. Are you sure?

If you want more of my thoughts and writing I suggest the newsletter .

Underjord is a 4 people team doing Elixir consulting and contract work. If you like the writing you should really try the code. See our services for more information.

Note: Or try the videos on the YouTube channel.