Titus Stahl

New Stanford Encyclopedia Article on Hope

Together with my colleague Claudia Blöser, I was asked to write an article about hope for the Stanford Encyclopedia of Philosophy as part of our hope research project that is funded by the Hope and Optimism project at Notre Dame University. The article covers both the philosophical history of hope in the Western tradition, current approaches in analytical philosophy and authors like Bloch and Rorty.

Discussions of hope can be found throughout the history of philosophy and across all Western philosophical traditions, even though philosophy has traditionally not paid the same attention to hope as it has to attitudes like belief and desire. However, even though hope has historically only rarely been discussed systematically — with important exceptions, such as Aquinas, Bloch and Marcel — almost all major philosophers acknowledge that hope plays an important role in regard to human motivation, religious belief or politics. Historically, discussions of the importance of hope were often embedded in particular philosophical projects. More recent discussions of hope provide independent accounts of its nature and its relation to other mental phenomena, such as desire, intention and optimism.

Continue reading (open access)

New publication: The Metaethics of Critical Theories

I have contributed a chapter to the Palgrave Handbook of Critical Theory that is edited by Michael Thompson, titled “The Metaethics of Critical Theories”.

Unfortunately, Palgrave’s intellectual property policies prevent me to put a copy online (even the author’s version is embargoed for three years). If you cannot access the article online, let me know and I am happy to share it via e-mail.

The abstract of the chapter is as follows:

Critical theories, from their beginning in Marx’s philosophy to the Frankfurt School with its different generations, have always been characterized by a certain ambivalence toward moral questions. They often conceive themselves as an alternative to traditional moral philosophy, which is criticized both for separating context-free normative justification and empirical descriptions too strictly and for its seeming commitment to moral and normative standards developed independently from historical and social contingency. The different generations of critical theory have all attempted to develop a theory of normative judgment which is appropriately critical but which nevertheless does not require any commitment to naive moral naturalism or context-free realism. In the chapter, the author traces this through the different stages of the development of critical theories, and argues that at least some of the answers we can find in this tradition do not fit into the usual division between realist and antirealist theories in contemporary metaethics.

Encrypted messengers: Why Riot (and not Signal) is the future

(Update: All of the following is based on my best understanding of the matter, but I am no technologist and this should not be treated as definitely reliable advice).

As a response to the Snowden revelations, the number of messaging apps that promise security against surveillance has rapidly multiplied. There seems to be an emerging consensus – ranging from Edward Snowden to the New York Times – that Signal is the best choice for those nervous about the privacy of their messages.

Indeed, Signal has a number of advantages that set it apart from many competitors: The encryption algorithm that it uses is well-reviewed and most experts in the field think that it can indeed protect against dragnet surveillance. It also allows experts to inspect the source code of the entire app for back doors which makes it more trustworthy than competitors such as WhatsApp. Finally, OpenWhisperSystems – the company that produces Signal – is known to log only minimal information about its users. As a result, when law enforcement agencies demand information about message “metadata” (who messages when with whom), they cannot supply them with much useful information.

However, the question what the best messaging app is for those who want to resist the surveillance state is not as clear-cut as it might seem. The answer to that question depends very much on why you think surveillance is bad.

One possible answer is that you just want to hide information about yourself (which is very often a completely legitimate wish). In that case, the only feature you will care about is whether the encryption can be cracked or whether the app that you use keeps you from accidentally revealing information.

Another reason to care about surveillance is that surveillance undermines collective, public freedom in a democracy by taking away control over the public sphere from citizens. If that is your main worry, then other criteria will become important as well. You will still care about the quality of encryption, but you will also care about whether the messaging app that you use actually allows ordinary people to take back control over their interactions with others.

It is this aspect where some features of Signal become problematic. The most important concern is that Signal is a silo. That means that, if you use Signal, you can only communicate with people who use Signal as well. This not only means that you also have to use the official Signal app and that alternative implementations of the app are discouraged by OpenWhisperSystems. It also means that you have to connect to OpenWhisperSystems servers to communicate with other users. In contrast to a system like e-mail, you cannot choose a provider out of many competing offers. This effectively creates a dependency on OpenWhisperSystems. As users can only communicate if they use OpenWhisperSystems servers, and can only do so using the OpenWhisperSystems version of Signal, it is not possible for users to change any aspect of Signal that they do not like by switching to a competing app or provider.

This is especially important because, while OpenWhisperSystems does not collect any metadata at the moment, they can start doing so at any time because all communications of Signal users go through their servers. If OpenWhisperSystems adopts any policy that goes against users’ interests in the future, users cannot switch providers without losing all their contacts. Perhaps this is unlikely, but it might be desirable to have a system where no single company has that much power.

An alternative to Signal is Riot. Riot is a messaging app that uses a form of encryption that is very similar to the one used by Signal and also allows anyone to inspect its source code. In these respects, Riot promises to be exactly as secure as Signal (but see below for a few issues that are being resolved at this moment; clarification update: Riot’s encryption is still in Beta. Do not use it for anything important until it is out of Beta and has been thoroughly reviewed).

But Riot has other advantages that make it, in some aspects, superior to Signal. Riot is based on the so-called Matrix protocol which is a federated protocol. That means that anyone who wants can run a Matrix server can do so and Riot users from all these servers can communicate with one another. There is no central instance that controls Matrix or Riot. In addition, people are writing alternative clients to access the Matrix/Riot network, implementing their favorite features and workflows. As users can vote with their feet for their own interests and choose providers and apps of their liking, this means that they really control their communication mode, adding an important element of freedom which distinguishes Matrix/Riot from Signal.

Apart from this fundamental difference, there is a number of further advantages of Riot/Matrix over Signal:

  • Signal can run only on one mobile device (your identity is tied to one device). Multiple devices have different identities. Riot allows you to use one single identity on all your devices.
  • Signal users are identified by their phone number. You cannot use Signal without transmitting your phone number to OpenWhisperSystems and you have to give your phone number to everyone you wish to communicate with using Signal. Riot users are identified by usernames. You do not need to give anyone your number to get in touch with them via Riot (which might be especially important for people who have reason to fear being stalked).
  • The dependence of Signal on phone numbers leads also to another problem: When you install Signal on a mobile device, OpenWhisperSystems verifies that you indeed own the phone number by sending you an authorization code via text message. Many authoritarian states are known to intercept such authorization codes and thereby impersonate users (Signal will send all your contacts a message whenever you change devices, but there is still a risk that they will not understand that your identity might have been stolen). Riot has a simple username/password system and does not rely on text messages (however, it also does not yet alert other contacts if you – or someone else – add another device to your account Update Jan 2017: this issue is fixed at least on the Riot desktop client now).
  • Signal only works on Android when your phone has the Google Play Framework installed. This is a piece of software that is installed on most Android devices by default and that gives Google virtually unlimited control over your device. As Android is an open-source system, one can run Android in principle without installing the Play Framework or any other Google apps and without giving Google any access to the phone, but Signal will not work on Google-free tablets or phones. Riot works without any problem on such devices. (Update Feb 2017: This is no longer true)
  • Riot has an open programming interface. Everyone can write software interacting with Riot, such as bots. Signal is a closed system that only allows the official client to interact with it.

These features – together with the fact that Riot has a much better desktop client than Signal and additional features such as video calls – make Riot a better, and more sustainable choice.

It must be mentioned, however, that Riot also has some downsides at the moment:

  • You can access your encrypted Riot messages via a web app. This is fundamentally insecure (as the web server can send you malicious code that steals your encryption keys) and poses a risk to users. As long as you exclusively use the client apps, you can avoid this problem, though.
  • Riot’s encryption is not yet fully stable and, more importantly, it is not yet enabled by default in chats (you have to enable it manually). This will be changed in the future, but makes it more likely for users to make mistakes until then.
  • Riot has no foolproof way yet to only communicate with those devices from others that you have verified as really belonging to them (until this Github issue is fixed). (Update Jan 2017: Riot has now an option to only send messages to devices you have verified.)

While these are important issues, it must be mentioned that they are only minor in the sense that they can be fixed by the Riot people (or anyone else) by improving the software underlying it. By contrast, the silo nature of Signal is a structural problem that cannot easily be solved.

If you have reason to suspect that you are personally targeted for surveillance, then the fact that Signal has been more extensively reviewed, is a good enough reason to play safe and use Signal. However, if you want to help test a free and sustainable ecosystem for encrypted communication (clarification update: and if you don’t have to rely on the encryption for anything important as it is still in Beta at the moment), then Riot / Matrix is the better alternative.

Comparing encrypted messengers November 2016 edition

Nowadays, there are lots of more or less popular encrypted communications apps that are promoted and advertised everywhere, making it hard to choose one that is both easy to use, secure and sufficiently sustainable to warrant long-term commitment. The Electronic Frontier Foundation used to have a quite nice instant messenger scorecard that compared messenger services regarding their privacy properties. As they did not include some interesting projects (but included lots of non-free-software apps that are not an option for me anyway), I made the table below that refers to selection of popular encrypted mobile messaging projects. (Update: This is based on my best understanding of the matter, but I am no technologist and this should not be treated as definitely reliable advice).

Some remarks about the list below that are only of interest to people that care about the technical details:

  • I included only projects which are usable on mobile devices which is the primary access to messaging for most people. For this reason, I did not include Ricochet which has only a desktop version. I also did not include XMPP with Omemo encryption which – although well implemented on Android in Conversations – does not have group chat working in a user-friendly way and, at the moment, seems to have no substantive advantages over Matrix. I also did not include Tox and Ring – two peer-to-peer messengers – because they are both very unfinished and the P2P architecture seems to rule out mobile use for the time being.
  • I treat end-to-end encryption with forward-secrecy as a solved problem. Thus, I do not include messengers like Hangouts or Facebook Chat that have only transport encryption.
  • As this problem is solved, the main issue in selecting a sustainable secure messaging solution is how much power users have versus the provider if that provider changes their mind about security properties. This involves two issues: First, whether client and server are Free Software, i.e. whether users are allowed to fork the code and restore desirable properties. Second, whether the protocol allows for federation, i.e. whether users can set up their own servers without losing their contacts in the network.

Based on these considerations, I recommend: (updated to clarify that Signal is as of yet to be preferred for important information and to emphasize Beta status of Riot and Briar):

  • if you have important information to protect now, experts seem to agree that Signal is the best option,
  • once their encryption is out of Beta and thoroughly reviewed, Riot for everyday mobile and desktop text messaging, as well as for phone and video calls. Riot is based on the Matrix protocol. This provides federation and end-to-end encryption in a completely Free Software ecosystem.
  • When Briar is released and throroughly reviewed, it will be a useful addition for people / situations with high security needs (activism, authoritarian countries, etc.). Briar goes one step further and even abolishes servers that could collect metadata and works over Tor, Direct Wi-Fi and Bluetooth. As this makes things slightly more complicated, it might not be the easiest option for everyday use.


WhatsApp

Threema

Telegram

Signal

Wire

Riot / Matrix

Briar2

Essential properties

Free Software / source code can be checked

No

No

Client only

Yes1

Client only

Yes

Yes

Solid end-to-end encryption protocol

Yes

Yes

Unclear3

Yes

Yes

Beta4

Beta2

Decentralized architecture / provider-independent

No

No

No

No

No

Yes

Yes

Desirable privacy properties

Works without knowing your phone number

No

Yes

Yes

No

Yes

Yes

Yes

You can verify that encryption keys really belong to remote account

Manually

Manually

Manually

Manually

Manually

Manually

Enforced

Metadata protected against government and provider surveillance

No

No

No

No

No

No

Yes

Works on Android devices without Google account?

No

No

Yes

No

Yes

Yes

Yes

Features

Desktop client

Yes

Yes

Yes

Yes

Yes

Yes

Planned

Encrypted phone calls

Yes

No

No

Yes

Yes

Yes

No

Works even when the Internet is shut off

No

No

No

No

No

No

Yes

Extra features

Groups

Groups, File Sharing, Polls

(Non-encrypted) groups, bots

Groups, File Sharing

Groups, Video Chat, File Sharing, Bots

Groups, Video Chat, File Sharing, Integrations with RSS, IRC, Slack, Bots

Decentralized forums, encrypted social networking


1 The Signal client on Android requires the non-free Google Play framework to be installed. The phone call feature also seems to rely on non-Free server components.

2 Briar has not seen a release yet, information is based on the source repository.

3 Telegram’s encryption only works if explicitly chosen and it is widely criticized for being not based on solid cryptography.

4 Riot’s encryption is in Beta and not automatically enabled for all chats (but can be manually enabled). However, it will be enforced in private chat once the Beta phase is concluded.

Critical Theory Reading Group in Groningen, starting October 3rd

This fall, I am making a new attempt to get a critical theory reading group for students going at our Groningen faculty. We will discuss literature ranging from Marx to the Frankfurt School, but also (depending on interest) include feminist or post-colonial literature. It’s open for everyone in the university (not just philosophers) and outside of academia, does not presuppose any prior knowledge and will be focused on reading original texts and having an open discussion. It will start October 3 and will take place 5-7 p.m. each week. People who are interested in joining or just want to know more should email me. Please also email me if you cannot make it on Monday evenings in case we decide to reschedule.

Edit your Zotero Notes with Vim (or any other Unix editor)

The program Zotero is, hands-down, the best Free Software academic reference management tool. As such, it is indispensable for academics who want to remain in control of their own means of production. It works together very well with LibreOffice and it’s quite doable to create any citation style that is not yet available in its big library.

Since recently, I have also begun to use its note-taking features, as it is quite convenient to have notes directly attached to references in its library; especially as you can then also share them in groups, etc. However, one downside is that the note-taking interface is slow – and by slow, I mean that it often takes up to 10 seconds for a key press to appear on the screen. In addition, the custom note-taking interface does not allow me to make use of the years of muscle memory for the vim commands that I have acquired.

As I found out now, there’s a wonderful tool called zotero-cli which lets you manage your notes from the command line.

Installation is easy (once you have pip installed):

1
2
sudo pip install zotero-cli
zotcli --configure

Once installed and provisioned with a Zotero API key, you can choose your favorite editor by setting the VISUAL environment variable (gvim -f in my case), and take advantage of all the advanced features that you are used to, like this:

zotcli add-note query-string.

Creating an Ubuntu package of Wire (an encrypted messenger)

Update: 21 November 2016 – I now recommend Riot (which is based on Matrix) as the best encrypted messenger, as it has similar security to Wire / Signal and it is decentralized, making users independent from any particular provider.

The encrypted messaging app Wire recently open-sourced its client code. Wire is a very well-made messenger with many more features than Signal; and it has end-to-end encrypted multi-party audio calls and video chats which makes it a useful addition to Signal and other encrypted messengers. While they offer desktop apps for Windows and OS X for download, no packaged apps exist for Linux. In this post, I will briefly explain how to create an installable Ubuntu package of the Wire desktop app.

It has to be said, first, that the Wire client code is no Free Software – it does not allow for all the rights that go with genuine open source licenses –, the server is still closed-source, and there is no decentralization. In these respects, I am still putting my hopes on Matrix, once they’ve implemented end-to-end encryption, to provide a more usable and more open form of messaging and group calls.

But until that happens, Wire might be the only usable Skype alternative for someone like me who has to participate regularly in group calls as part of my job. Signal does not have group call functionality and programs like Tox and Ring are not usable enough for recommending them to less technically inclined colleagues. They also don’t have mobile versions that are ready for everyday use.

Thus, for people who want to leave Skype for a more secure alternative, Wire is very attractive. However, for Linux users, the only option so far has been to login via the Wire web app (which defeats the point of end-to-end encryption to some extent).

As Wire has now published the source code for its desktop app, it is really easy to create a .deb package for Ubuntu.

Update Feb 2017: The instructions below are outdated. Wire now seemingly provides Linux packages on their download page.

~~You need to have Git, Node, Grunt and electron-installer-debian installed for this to work.

If you don’t you can install these packages as follows in Ubuntu:

1
2
sudo apt-get install nodejs git
sudo npm install -g grunt-cli electron-installer-debian

After having done this, you have to perform the following steps:

1
2
3
4
5
git clone https://github.com/wireapp/wire-desktop.git
cd wire-desktop
npm install
grunt linux
electron-installer-debian --src wrap/build/Wire-linux-x64 --dest wrap/installers/ --arch amd64

This will leave you (if everything works) with a .deb file in the wrap/installers directory that you then can install with sudo dpkg -i wrap/installers/*.deb. Afterwards, you will can start the desktop app with /usr/share/wireinternal/Wire. For some reason, it does not get added to the desktop menu, but under Unity you can pin it to your quick start panel once you have started it once manually.~~