Cherry G. Mathew is a short, balding man from Kerala, India. He is someone who can easily be lost in a crowd, but if you happen to meet him he is sure to leave you inspired. Cherry has been all over the world (including North Korea) and has some liberating ideas about technology and politics. He has an enviable lifestyle where he travels around the world at the same time working as a 'systems developer'. Our paths crossed at the Infinity Hackerspace near Dharamsala where we got talking about online privacy. I learnt how he has been taking small steps to slower the march of companies like Google towards world domination.
In this interview over e-mail, Cherry speaks about his work, his thoughts on online privacy and what you and I can do as individuals to stand up against giant corporations.
YourStory: Many of us seem to have accepted that there is no escaping the invasion of privacy; data will have to be given out to companies. Your thoughts?
Cherry Matthew: My rule of thumb about privacy is that if it leaves my fingertips, it's not private anymore. The game has moved from absolute privacy (impossible to guarantee) to relative privacy (a very subjective notion). I'm not so worried about my personal data being published in the public domain as much as how the technology alters my own behaviour and reshapes my relationship with society.
YS: Your email id ends with @zyx.in and your website is http://220.127.116.11/~cherry/. When did you get into maintaining your server and email and why?
CM: This was an incidental development. I bought a PC to do some heavy duty code compiling, and setup remote console access so I could use the PC from anywhere over the internet. After a while it became obvious to me that setting up email on it was very practical. Initially, the motivation was pure hack-porn -- the thrill of hacking together something useful. I was also careful to set it up initially as a backup MX server while I figured out the details such as a sensible backup strategy. But once I had it running, I realised that it gave me a sense of independence from cloud providers. If things went wrong, I didn't have to suck up to some invisible typist behind a Google support forum. All I had to do was to speak to my own friends -- since the box had to be moved around between friends' homes until it found a reasonably stable home. It's now snugly residing on the premises of admod as a favour from its founder, who is a close friend of mine. I'm actually typing this while remotely logged onto the said machine (smiles).
YS: How hard is it to stay clear of all things Google?
CM: It's quite possible to stay entirely clear of Google, but of course the larger question is whether one can stay off $Google (whoever is the current "google"). A good way to deal with this is by using the time-tested method of ‘divide and rule’. Use one service for search, another for cloud document storage, yet another one for chatting and so on. This way it's marginally difficult for providers to accumulate ‘all’ your information. Even better, use services under different legal jurisdictions in different countries, so that if someone really wants to know ‘everything’ from all providers, they have to justify it to several legal jurisdictions -- which would make their requests more transparent.
YS: Interesting. So, what do you do for a living?
CM: I am a systems developer. I write mostly OS kernel code in the C language and some assembler. I've mostly worked on the BSD operating systems and my favourite OS is NetBSD. I use my expertise in FOSS kernels to consult for their corporate users, and occasionally for the Systems Research Group at Cambridge University with whom I've had a long term professional connection via the Xen and now the FreeBSD projects.
YS: What would your advice be to people to become secure online?
CM: First off, this is not just about Google. It's important to understand what the problem is and why it's important. To someone who's new to computers, my advice is -- don't be intimidated by the technology – you were not invented for the technology, but the technology for you. Make it your slave, and make it do useful things for you, not the other way around. The rules of the game are exactly the same as for any other technology (cars, washing machines, telephones, television). If the technology is a scam, it will be secretive. If it's out in the open for public review, it's likely to be more trustworthy. For this reason alone, Free and Open Source Software is more trustworthy than software forged by cube rats in secretive corporations. So if you're inclined to get off cloud technology, make sure you invest the time for the right reasons. My reasons are purely political.
To techies, my advice is -- the technology itself is only a small part of the means to de-addict from the cloud. The real challenge is legal and political. So, heads up!
Here's a great example for alternative technical solutions to give you more control over your own data: Teapot