Linux for Everyone—All 7.5 Billion of Us

Linux has long since proven it's possible for one operating system to work for everyone—also that there's an approach to development that opens and frees code so everyone can use it, improve it and assure its freedoms spread to everyone doing the same.

This has been great for computing at all scales. But, it hasn't been great for everybody, yet, because not everybody has access to hardware or software, but we can still help them out, our way.

What I'm suggesting here is that we conceive and develop new approaches to bringing the benefits of free and open-source computing, software and methods to everybody.

Let's start with the hardest cases: refugees' need for identification methods that don't depend on some country's or government's central system that either doesn't exist or can be used to screw or kill them. What's the best approach to that?

As of this writing (late May 2017), the UN Refugee Agency (UNHCR) says there are now 65.3 million forcibly displaced people in the world. Among those are 21.3 million refugees, of which more than half are under the age of 18. (See the UNHCR's data portal for particulars.

According to Unicef, one in three children under five years old in the world "does not officially exist".

There are many digital identity needs among these populations—for example, the need to connect with displaced and separated others. The need to disclose—or not disclose—religion or country of origin. The need to declare professional credentials or proof of expertise (such as ones that say convincingly that "I am a nurse", or "I am a certified accountant"). The need to disclose helpful medical information selectively, such as blood type for transfusions. The need to open a bank account, or just to access funds. The list goes on, and it's a long one.

As human beings we are inherently distributed. All of us are single and separate entities with sovereign souls, by design, no matter what country we were born in or what tribe(s) we belong to. We look and sound different so we can tell each other apart, and so we know a few other humans deeply. Even identical twins, with identical DNA, have very different and distinctive souls and personalities, given to making very different choices in life—the transgender actress Laverne Cox, for example, has an identical twin brother who is still happily male.

It is impossible to respect anything in the last paragraph fully inside a centralized identity system. All centralized identity systems exist for the convenience of institutions first and individuals second, third, or even not at all. Often it can greatly benefit an individual to have access to institutional records when they are needed. In the developed world, this is a civic and commercial grace. For those outside that world, especially refugees, those same systems may not exist or can present a great danger if they do. It all depends. That's why control of dependencies should be in the hands of the individuals themselves or trusted others. How can we make that work?

It helps that the Internet's base protocol, TCP/IP, gives us a distributed digital world where every node is inherently independent and able to pass data back and forth with every other node. This gives every individual what Archimedes called "a place to stand" where he could move the world, provided he had a lever long enough. Linux is one of those levers. We can invent and deploy many others as well. There are no limit on this.

It hurts that we chose client-server (which might as well be called slave-master) as the defaulted way to deploy the World Wide Web in the first place, and still today. Brian Behlendorf of the Linux Foundation's Hyperledger project, called client-server "the original sin" of the web when he spoke to Quartz's The Next Billion conference last October. Hyperledger is a global "open-source collaborative effort created to advance cross-industry blockchain technologies". It also "incubates and promotes a range of business blockchain technologies, including distributed ledger frameworks, smart contract engines, client libraries, graphical interfaces, utility libraries and sample applications".

Among Hyperledger's projects and frameworks is one called Indy that uses what it calls a universal trust framework to provide "accessible provenance for trust transactions". More specifically, it supports "user-controlled exchange of verifiable claims about an identifier" and "has a rock-solid revocation model for cases where those claims are no longer true", adding "Verifiable claims are a key component of Indy's ability to serve as a universal platform for exchanging trustworthy claims about identifiers."

Boring stuff, I know. Less boring is this:

Indy is all about giving identity owners independent control of their personal data and relationships. Indy is built so that the owner of the identity is structurally part of transactions made about that identity. Pairwise identifiers not only prevent correlation, but they stop third parties from transacting without the identity owner taking part since the identity owner is the only place pairwise identifiers can be correlated.

Figure 1. Indy gives identity owners independent control of their personal data and relationships.

Indy is based on open standards so that it can interoperate with other distributed ledgers. These start, of course, with public-key cryptography standards. Other important standards cover things like the format of the identifiers, what they point to and how agents exchange verifiable claims.


Doc Searls is the Editor in Chief of Linux Journal