Matt Hill of Start9 Labs rejoins me on the show to talk about where the world is at, and a surprising argument that might actually be true. Sovereign Tech may be adopted, not merely because of privacy, but because of being lower cost. 
We chat:

• Canada Truckers and the broader fight for freedom
• Is it a question of tools or winning hearts and minds? 
• What’s new and coming in EmbassyOS v0.3.0? 
• Why cost will be the driver
• Making it easy to use and saying goodbye to command line
• Community driven growth
• Bitcoin and other 

Links:

• Start9.com
• @_MattHill_
• @start9labs

Previous episode:

• SLP225 Embassy: Sovereign Personal Computing, Privacy, Bitcoin & Lightning with Matt Hill & Aiden McClelland

Sponsors: 

• Swan Bitcoin
• Hodl Hodl Lend
• Compass Mining
• Braiins.com
• Unchained Capital (code LIVERA)
• CoinKite.com(code LIVERA)

Stephan Livera links:

• Show notes and website
• Follow me on Twitter @stephanlivera
• Subscribe to the podcast
• Patreon @stephanlivera

Podcast Transcript:

Stephen Livera:

Matt, welcome back to the show.

Matt Hill:

Thanks for having me back.

Stephen Livera:

So, Matt, there’s lots going on in the world, whether it’s this whole Russia-Ukraine thing or the Canadian trucker thing, or what’s going on in Bitcoin-land with hacks and privacy and sovereignty all being at stake. So do you want to just give us a little bit of your view on what’s happening, potentially even if you wanted to touch on your views on the whole Canadian trucker protests?

Matt Hill:

Yeah. So broadly speaking, you hit on it—there’s a lot happening right now. There’s been a lot happening over the past couple decades, I would argue—or more—but recently there’s been an acceleration of movements. I don’t think it’s a novel thing to say that we are at war. It’s a new kind of war. There’s an information war taking place on Earth right now. Luckily it hasn’t spilled over to be an open, no holds barred, total war scenario. And maybe it never will—hopefully it never will. The weapons available to mankind today are far beyond anything that we had in prior wars, so let’s hope that it doesn’t come to violence. But it is an information war, and the future is at stake. And of late, there have been some increasingly drastic—you might even call them desperate—movements on behalf of who I would consider to be the enemy. The statists and central planners of the world have stepped up efforts towards their agenda. And as such, the opposition has also stepped up. We in the Bitcoin and individual sovereignty space have accelerated our efforts at constructing a parallel system that enables people to jump ship, so to speak—opt out—and that’s going well. We’ve made a lot of progress. Bitcoin has made a lot of progress. But we’ve also witnessed some setbacks recently, because I think there’s some surprise throughout the greater freedom communities at the extent to which the authoritarians are willing to go. Now, it shouldn’t come as a surprise if you look at history, yet it’s all fun and games and talk until actual people get hurt—and that’s beginning to happen. So you bring up a few examples: Russia-Ukraine incident, I would argue that that’s nothing new in terms of one nation state and another nation state having tension—that’s an age-old story. But we have seen some innovative tactics with regard to creative forms of protest. There were protests in 2019 and 2020 that took on a certain flavor. There are protests now with the Canadian truckers, for example, that are taking on a totally different flavor. And ultimately there’s a lot of chaos, a lot of confusion about what is appropriate, what is not appropriate, what is effective, what is useful, what is a distraction? And so it’s really hard to pin down. Now, personally, I don’t follow a ton of detailed news around different battles, we’ll call them, taking place all over the world. I am very focused on our angle—what we are trying to do. And we are thoroughly convinced that what we are doing will be a highly effective tool in the fight for freedom into the future. And so I can weigh in on some of these things, but I also don’t presume to understand exactly what’s happening on all fronts at all times. So yeah, if you want to talk about the truckers specifically, I look at it like this: you do what you can do, okay? If you feel disempowered, attacked, if you feel threatened, and you have the ability to strike back, then you are welcome to. There are actually no rules here. People might disagree with what you’re doing—they might agree with what you’re doing, they might support what you’re doing. They might even try to fund it or assist in any way that they can. But ultimately, whether it’s right or wrong is a luxury of the philosophers, right? Ultimately, power is power, might is might, and these Canadian truckers that chose to blockade city streets as a form of protest against vaccination mandates, mask mandates, lockdowns, did so—in my opinion—with the full moral authority of doing what they can do to fight for what they think is right. Now, the fact that the Canadian government then pushed back and used their might backed by their understanding of what is right is also just like—I don’t want to argue about the morality of it. It’s: who’s got more power. When push comes to shove, who has the power? And that’s where I tend to focus on, is: we need to create tools that empower individuals and groups of individuals who are fighting for freedom, so that when a government comes along and tries to exert itself in this arbitrary manner according to some arbitrary code, that we can just say, No, and there’s nothing they can do about it. That’s the day I look forward to.

Stephen Livera:

And on that theme, I think the important question also is, What have people been taking for granted? They’ve often been taking for granted that their bank accounts would be available to them when they wanted it. And as we’ve obviously seen with the GoFundMe and other instances, that’s not actually true. And of course, a listener or somebody could be thinking, Oh, fine, I didn’t like what the Canadian truckers were doing. But of course—that’s this time. What happens another time when it’s a government who is opposed to what you want, doing something to people on the other side? And so I think that’s an important point for people to think about. What are some of the things that people should be doing to take that power back, or to assert their own power?

Matt Hill:

First and foremost, we have to come to terms with the fact that evil exists. We are quite naive. Since the end of World War II, everything has been smoke and mirrors, right? There has been conflict. People have suffered. But there hasn’t been a real re-emergence of pure evil. We’ve gotten complacent as a society, as a culture. We tend to think that, Well, they wouldn’t do that. Slavery is over. Mass murder is over—that was in humanity’s past. We just look at history and think it’s in the history books and that we’ve moved on and learned from it as a species. And we haven’t. The tactics have changed. The landscape has changed. The technology has changed. But to think that people will not resort to barbarism in order to obtain control or get what they want is naive. And so first and foremost, it’s recognizing the real possibilities of disaster, and only then can you properly take any reasonable measures to prepare. There are some people who believe disaster is imminent and inevitable at all moments of all times, even in the most peaceful times, and they take extreme measures to prepare for these things—and we call them preppers, right? And then when things do turn poor, they turn out like, Ah, see, I told you, I told you. But here’s the thing: by and large, they’ve wasted their resources, they’ve wasted their time, because most places in the world at most times are pretty safe, secure, and free. Now we have, again, seen an acceleration, so you need to prepare in accordance with the threat model. If you’re making threats up in order to be contrarian and preparing for it and spending your resources on it, you’re losing. You’re missing out on life. Those things could have been better put to use. But when the threat is real, ignoring it is equally a bad decision. So what’s happening now is: there is a real threat. I don’t know how imminent or how extreme it is. It’s actually really hard to assess that on a day-to-day basis to see who’s doing what, what the movements are, what the intentions are. But I think it is undeniable at this point to look out at the world and say that there is a real existential-caliber threat brewing against freedom on Earth, and so it’s time to take equal and opposite measures towards protecting that freedom and fighting back. And so as individuals, had these truckers maybe been a little less naive—like, did they do what they thought was right and use the power that they had effectively? Yeah, but ultimately they got beat because they underestimated the tools that were available to their opponents. They thought that they could park a huge truck in the middle of the road and say, I’m not moving—until someone showed up and said, Your bank account’s frozen. Your family can’t eat. Well, maybe I’ll move now, right? So they didn’t do it comprehensively. If you’re going to make a move against the state, you better watch your flank. And they didn’t, and it’s a lesson learned, right? It’s not like a failure. It’s that—that’s the point of these battles. You learn the tactics of your enemy and you adapt, so that the next battle, the next encounter, you are more prepared. So what would that mean to be more prepared here? It would mean that, if you’re going to go park a bunch of trucks in the middle of the street and essentially obstruct the right of passage for citizens and you are expecting the government to move against you, well, you better secure some food and supply chains and protect your money beforehand. As in: get it out of the bank, put it into cash, put it into Bitcoin, put it into gold—I don’t care. Just get it out of the hands of a third-party custodian before you make a move.

Stephen Livera:

Now, they could potentially say, Look, I didn’t think it was going to get that bad. But I think part of that also comes to maybe beliefs, right? Not just their beliefs, but the beliefs of other people in the country. So I’m curious your view, Matt, how much of it is around trying to build tools and use specific tools, and how much of it is actually trying to, as the saying goes, winning hearts and minds?

Matt Hill:

Yeah. I think the hearts and minds—so look, there’s a lot of fronts. You’re talking about propaganda. When it comes to war, propaganda is essential for both the good side and the bad side, if you want to think about it as good and bad—your side and their side. You have to win the hearts and minds of the people who you are expecting to back you. And we’re pretty bad at it. They’re pretty good at it. They’ve been practicing for decades and they have all the outlets, all the channels—I shouldn’t say all, we have some channels and they are effective. But maybe I’ll backtrack here: I think we’re doing pretty good. We, as in the individual liberty camp, the Bitcoin, Libertarian, even anarchist camps, are actually doing pretty good. We’re pretty good at memeing. The meme wars are real. It is how you win hearts and minds to a degree. I think that where we’re really losing is that we don’t really understand yet the, Any PR is good PR mantra—we don’t really understand this yet. We don’t understand that by giving something attention, you give it life. You fuel it. We are too quick to take these ridiculous statements and claims that are made by these horrible people and amplify them on social media. Now, we are criticizing them, right? We are saying, Look at this crazy person, what they just said. This is horrible. I can’t believe they’re trying to do this. But in doing that, we are amplifying their message. We are rallying their side against us. We’re giving them energy, awareness. What matters on social media is visibility, right? Trump really proved this in his first campaign, that you can just do horrible things, say horrible things for the sole purpose of getting the amplification against you, which then rallies the people who are for you. Triggering your opponent, effectively using viral marketing, is a highly effective way to rally your own base. And so I think we feed them far more than we should. I would like to see—a more effective tactic, in my mind—is more of the clown world meme approach to dealing with the things that they say, which is to dismiss and not take seriously, and quite frankly, to laugh at them for the ridiculous people and stances that they are and take. It is deserving of laughter, and that’s pretty much what we should do. Every time they say something crazy and we take it seriously, it becomes possible—just laugh at it and go back to building things that make what they’re saying objectively ridiculous. Like, impractical.

Stephen Livera:

Yeah. I think you’re right. It’s mockery and this kind of derision are legitimate tools in that sense, that basically not taking them too seriously, or at least trying to help show them as being fools. Now it’s not the perfect strategy, but it’s probably the best thing you can do when you’re already in that underdog position, as, broadly considered, the freedom camp is. And so I think that’s the challenge that we all face, is that we’re operating on these online platforms, but there’s a risk that we can get shut down and cancelled at any time. People are still operating with fiat bank accounts and they can get shut down at any time. There’s just this difficulty of operating in that environment. That’s just a real difficulty. And so, probably a good spot now to switch and chat a little bit about what’s happening with Start9. I want to get some updates for listeners in terms of what’s happened since the last time we spoke?

Matt Hill:

Quite a bit. Aiden and I were on together last time, and I think we had just released 0.2.0, version 2 of our platform. So we are now entering the third major iteration of our product, which is EmbassyOS. It’s not Embassy. Embassy is a hardware device made from commodity hardware off-the-shelf—it’s nothing special. It’s nothing innovative. Our primary value-add to the world is an operating system. A previously non-existent type of operating system, which is to enable a totally non-technical person to operate a personal server, all the way from discovering, downloading, installing, configuring, and managing, in perpetuity, open source self-hosted software services. And that’s a bunch of word gibberish to a lot of people, maybe, but ultimately what it means is the elimination of trusted third parties from your digital life, which is an insane thing to say, given the fact that pretty much everything you do on your computer or phone involves a trusted third party. It is almost impossible to use a computer in the modern world without raising your hand and asking for permission every time you open the app, without entrusting the data and lines of communication to third parties, and without sacrificing your own privacy in the process. And possibly money, too. A lot of these things are paid for—you’re actually paying for the right to have your privacy invaded and to ask for permission to use your computer. So EmbassyOS we think was the missing link between two things that had already existed for many, many years. One was reasonably performant commodity hardware, things like a Raspberry Pi, or RockPro64, or even an Intel NUC, and open source software services, which have been numerous and quality for many decades, and are getting better by the year. You’ve had great software, and you’ve had commodity, performant hardware. What has been missing is the middle of those two things. The liaison between software and hardware, which is: operating system. There has not been a user-friendly, graphical, comprehensive, useful operating system for a personal server, ever. Things like, you could say, Linux, Ubuntu—well, those are operating systems for personal servers. They are not mass market. They are not easy to use. They involve command line. They involve technical expertise. What has been missing is the personal server equivalent of Windows. And that’s what we have done. We have invented the Windows-equivalent of operating a personal server. Anyone can do it, and there’s no compromise involved. We are not involved—nothing. It is a pure software property. You buy the software or you build the software yourself from source and it is yours through and through, and then you just use it to run a personal server. So what has changed—to get back to your original question—since the last time we talked, is we have grown up. Our initial V1 version was very prototype. It was something we threw together and was capable of quickly installing a Bitcoin node, a self-hosted password manager, Vaultwarden, or even a cloud file storage system, very quickly. And it was naive. It was like, Hey, this thing works. We put it out the door, and it was cool. V2 was a massive improvement on that system. It involved a comprehensive, generalized dependency management system that allowed us to add services that depended on other services in a modular way, such as LND and C-lightning were launched alongside our V2 operating system, because now we have the ability to compose services that depend on one another in a very sophisticated way that also did not detract from user experience. We built an advanced configuration system such that instead of editing .com files and all the dragons that go along with that, you could just go into a settings menu and change some settings and not have to worry about screwing anything up. We revamped the user interface, we pivoted entirely to a web model in order to exclude Apple and Google as dependencies from the system. So V2 is a huge improvement over V1. It took a big step in the direction of sovereignty and usability for a personal server. V3 is a rewrite. We took V2, which has been in the wild for a year and four months, give or take, and we threw it in the trash. It was a great product and people have enjoyed it and it has worked really well. And we threw it in the trash because we’re not here to deliver a usable operating system for a personal server that allows a few Bitcoin and freedom hobbyists to get on board. We are here to reinvent personal computing for the sovereign era. And to do that, we needed something that could scale. Something that could scale, not just in terms of like the way people normally think about scaling, which is accommodating more users on a network, like Bitcoin scaling. Or if you talk about SaaS scaling, like Twitter scaling means bigger servers, more efficient databases—that’s not the kind of scaling I’m talking about, because we don’t have a network that needs to scale, and we don’t have a database or central server that needs to scale. What we need to scale is understanding, usability, user experience, and support. When you invent a new computing paradigm, your biggest challenge, aside from the tech itself—which is enormously challenging, by the way—is the support network. It’s, Can Grandma understand what you are trying to do here? Can she get it? Just because it’s usable doesn’t mean people will use it. They have to be aware of it, they have to feel like their hand is being held, the user experience needs to be flawless. You can never say the word command line. You can never say the word SSH. We’re going for mass market here. We’re trying to get everyone on board. We’re trying to put a server in every home on this planet and in every business on this planet—at least one. We’re going to replace routers. We want to replace routers wholesale—there will not be routers in the future. There will be servers that have the functionality of a router. So we’re going after a massive, massive market. And in order to do that, you have to speak the massive language, which is quite frankly: push, click and swipe—nothing else. And so that’s what V3 does, is it takes a massive step in the direction of usability for non-technical people by eliminating all of the technical pitfalls and system nuances and command line stuff. It really just becomes like using a website. We’ve made it really, really simple.

Stephen Livera:

That’s great to hear. And of course, I’m all for it. I’m excited for what you guys are building. I think at the time, last time we spoke, V2, I was just playing around with it and I think at that time you were just bringing Lightning in. As you said, you had C-lightning and LND. And so I think the question probably from most people, they might be thinking, What’s going to really take this to that next level beyond let’s say the Bitcoin and freedom enthusiast hobbyist crowd? What’s gonna draw them in?

Matt Hill:

Sure. So the world is doing our marketing for us to an extent. The more hacks there are, the more privacy invasions there are, the more extortionary behavior there is—and we should dig into that, because we actually think that’s going to be the primary driving force for mass adoption—is cost. Centralized models, right? These companies that have been two decades now of building these SaaS models, where they are giving away products for free in order to establish themselves between you and the things that you need from your computer, to firmly position themselves as a middleman. And they largely succeeded. Like I said, it is hard to use your computer or phone in any meaningful way without there being a middleman between you and the thing that you’re trying to do. And we are just about to start seeing the rampant increase in cost. That’s what middlemen do: you establish yourself as an indispensable liaison between two parties that need each other—in this case, the computer and the human—and then you just squeeze. You just squeeze and squeeze until all the money is gone from the user. And that’s what we’re about to start seeing. They were able to get away with it without squeezing for a long time, because they were monetizing the data. You were the product. They were actually mining your data and selling it. However, more and more people are saying no to that. And ironically, the companies themselves like Apple, for instance, are advocating for the ability to retain your privacy if you’d like, because then they are forcing these SaaS providers—software as a service apps on your phone—to ask you, Is it okay if we collect your data? Now you point to the person who says, Yes—I don’t know a single person who clicks, Yes, when presented with the prompt of, Can we spy on you? They’re all pressing, No, which means these SaaS companies are no longer going to be able to mine and monetize your data in the same way that they always have. So how are they going to pay their bills? There really is only one other option, which is subscriptions. Subscriptions, subscriptions, subscriptions—everything on your phone, every app on your phone, is going to cost X amount of dollars per month to use. And you are going to get nickel and dimed out of your ability to pay your rent. And so as this phenomenon kicks up, which it’s going to take years for this to fully become a mass problem, but it is happening already. The free tiers are getting smaller and the paid tiers are getting more expensive. And as that happens, more and more people will reach for alternatives in the free and open source software ecosystem. They’ll say, Wow, you’re telling me I don’t have to pay $1,000 a month for my small business to use Slack? I can go get an Embassy, install Matrix, hook it up to my domain name, and now me and my company are messaging for free—for life. And it works just as well. Who wouldn’t do that? So part of Start9’s go-to-market strategy, if you want to think of it that way, the way that we are going to actually expand and make money in the early days, especially, is small businesses. It’s not just individuals, right? We started with a product for the individual, because that was quite frankly one of the hardest things to do. It’s much easier to adapt a product that you built for an individual and apply it to a business, than it is to build a product for a business and then apply it to an individual. And long term, it was an investment as well, because we need this to work for individuals. We need individuals running servers out of their own home to accomplish our longer term goals of mesh networking and automated IOT in a sovereign way. However, business is going to pay the bills. I can go into a small business and say, How much are you spending per month on all of your SaaS subscriptions? Slack is costing you $1,000. Google Drive is costing you $300, blah, blah, blah, blah, blah—it all adds up. I can go in there and say, Buy this device one time for $2,000 and never pay a subscription fee again. It will literally pay itself off in 5 months, and then it’s free for life for your business, and this is how much you’ll save on a monthly basis. That is our value proposition, is that this isn’t just about privacy and censorship resistance, sovereignty—it is about those things, but it’s also about just a more efficient way to build a computing network on Earth. It’s just cheaper.

Stephen Livera:

That’s really fascinating. And I think it’s cutting against the grain a little bit, because historically people maybe have made the argument that if you wanted to be private, for example, you might be making a trade-off there or paying more in some way. Maybe you’re paying with your time or you’re paying with your money in some way. And so I think people might be thinking—and I’m with you, right?—but people might be thinking, How is it that you’re able to do this? How can you do this by actually making it cheaper for them to be self-sovereign?

Matt Hill:

Because in the past, you could always do this. We did not invent personal servers and open source software services, or the ability to use those software services on a personal server over a private network. We didn’t invent any of that. We’re making it accessible to everyone else. The only companies who had done that in the past were the big ones. Well-financed big companies with lots of tech talent. As in, in order to opt out of Slack and Google Drive and LastPass and Dropbox—whatever you name it, all these softwares and service things that businesses need—in order to opt out of that, you had to hire a DevOps engineer. At minimum, $150,000 a year. So you just do the cost. You go, Okay, this is how much it’s going to cost me to self-host it, and it’s a ton. Plus I have to make sure that I’m keeping backups, I need to make sure that my network is functioning. I need to make sure that I have 99% uptime on my Internet, blah, blah, blah. So AWS actually stepped in and filled that gap. It was like, Oh, for you businesses that don’t just want to do SaaS across the board, allow us to provide the hosting infrastructure for you to actually host your own stuff. And it’s way cheaper. Instead of having your bare metal where you are installing everything, the full stack, and monitoring it and making sure that your Internet is connected, and then going basically the full free route minus the labor that it costs to do that, AWS took a middle-ground and they were like, Let us take care of all of the hardware, the networking, the spinning up of these virtual private servers, et. cetera, and then you can have your DevOps engineer, your AWS-certified employee, run all your personal servers on our metal. And that was a huge deal. And look how much money they make. AWS pays the bills for Amazon. We are now coming in and going all the way back in time and saying, You don’t need any of it. You do not need to pay for SaaS subscriptions. You do not need to pay for AWS infrastructure to run your own self-hosted software. You can go all the way back to metal. And you do not need a DevOps engineer anymore. Your college intern can manage your server infrastructure now with EmbassyOS. That is the value that we have created, is we are eliminating the need for DevOps engineers in small businesses’ self-hosting scenarios—and individual self-hosting scenarios, by the way. So as an individual, I want to self-host all sorts of things. Well in the past, I either needed to have a ton of money to hire somebody to do this for me, a ton of experience to be able to do it myself, and in either case I needed to be very patient. It takes time. Even if I know how to do it, I’m still going to be burning days and weeks making sure that these things are set up and configured and networked and blah, blah, blah. EmbassyOS just does this. So it’s actually difficult to overestimate here how valuable this is. We are going after, first and foremost, the SaaS companies of the world. And they have been driving the venture capital investments for two decades, right? Most VC firms, Silicon Valley, especially, they’re investing in SaaS. They’re like, Oh, what’s your software product? What’s your free tier? What’s your subscription model? How do you get the recurring revenue? It’s all SaaS. And what we’re saying is that we can wipe them all out—all of them. That every single service that is centralized, custodial, paid for, middleman SaaS company that exists, can be replaced by an open source, self-hosted software service that’s running on your own metal in your own home. And the only thing that has prevented that from being a reality until now is an operating system that enabled a non-technical individual to just do it. And that’s what we have invented here. So first we’re going after the SaaS companies, then it’s AWS. And we do that by enabling small businesses to run self-hosted services on their own physical servers, as opposed to virtual private servers, which is what AWS offers. And then there’s a third phase, which is way out there, where we’re actually competing with the likes of Apple and the ISPs by doing mesh networking and circumventing the ISPs. Now again, this isn’t just Start9. When I say we, I’m not talking about Start9 and Start9 alone. I’m talking about the entire self-hosting sovereign computing movement—of which Bitcoin is at the center—ultimately involves the elimination of hopefully all, but at least most, trusted third parties from the digital realm. If you take that sentence seriously, and you take it to its logical conclusion, it means that every company that we think of as like an Earth superpower becomes anachronistic—they’re no longer necessary. So we’re talking about potentially one of the largest, most disruptive moments in technological history here. If we—not Start9—us, plus others, can win the day. It’s a big battle. It’s going to take many, many years. But that’s what we’re talking about.

Stephen Livera:

That sounds great. I’d love to see more of that. And so some listeners might be thinking about things like feature parity as an example. They might say, Well, X, Y, and Z service offers this feature, but the open source equivalent might not offer that. So, I mean, quick example, if they’re using some cloud storage, Google drive or Dropbox versus Nextcloud, or if they’re talking about some of the documents-type features versus what some of the open source alternatives are. Do you have any comment to offer around feature parity or disparity?

Matt Hill:

Yes. And you nailed it. That is the other angle, the other challenge. So the first is the ability to do it—the ability to run self-hosted opensource services in a convenient manner—that is challenge one. And that’s a huge challenge. Challenge two is having that experience be on par with the experience that people have become accustomed to. And to be fair, it is not on par. The open source self-hosted equivalents of these centralized SaaS products tend to be inferior in functionality, reliability, security, maybe—well maybe not security because open source projects tend to be quite secure, at least if they have a lot of attention. If they’re popular ones. But we have a long way to go on the user experience side of these services. Here’s why I’m optimistic though: never before have these open source services had an audience, a mass market audience. Most people who build free and open source software to, say, compete with Google Drive, like building a self-hosted Google Drive equivalent, they are doing it out of pure passion and for reputational purposes. They’re like, This is cool. This is fun. This is going to make me really popular and cool amongst my group. I’m building this thing so that I can build my own brand, reputation, that I can hone and practice my skills. And hey, some people will use it. And I think it’s good for Earth. As in, they’re building it out of ideology, passion, and reputation. Now there’s a new reason—well, I shouldn’t say new. All of those reasons are amplified when your audience, when your potential user base, goes from a few hobbyists who like to read GitHub readmes and self-host on the weekends, goes to mass market. Now, all of a sudden, you’re not just earning some reputation points in your little circle, you are a celebrity of sorts. Like if you build some self-hosted—look at the Bitcoin devs, for instance, to get a flavor of the kind of clout and celebrity that is going to come along with being the core contributors of these powerful, meaningful, widely used open source services. It’s going to be people’s life endeavors. And the ones that really matter will actually be fairly well funded. Not just through donations, but also we have stumbled upon, in the last few years, a new way of monetizing decentralized systems, which is huge. You can make money now, and not just by doing it in the old fashioned like, I’m going to build free and open source software and then have an enterprise tier where I host it for people as opposed to themselves hosting it—which is a little bit of betrayal of the software in the first place. But it’s how most of these things monetize. And two, through support. I’m going to do white-glove support and that’s how we’re going to make money. There is this new way now, and it involves Lightning. It involves this idea of building money into the system. And we’ve seen some really horrible takes at this over the last 5 years with the utility tokens and the staking. But we are experimenting, and the future may hold some very interesting solutions around the way that open source developers can build these self-hosted things and, at the same time, integrate into those software systems a way to make money. Now, I don’t have the solution yet, but I sense that there is something there, that there is a way to do this that does not betray the soundness and the principles of good business. Most of the attempts at this right now have been basically scams. But it doesn’t mean it can’t be done in a clever way. And so I’m interested to see these layer 3 Lightning apps where I’ve built some system that I’m not necessary in, but I’m a participant in it, and because I’m an early participant and a trusted participant, I have this special place and can make routing fees type of arrangements, where you can build a bounty for yourself into the software itself where you don’t have to rely on the goodwill of people to donate. But like, If you use my software, by default you are going to be paying me. Now you can opt out, but I need to get paid for my work. It’ll be interesting to see how that evolves. So I think the quality of the open source self-hosted software services is going to skyrocket, because for the first time in history, people will use them, provide the necessary feedback, contribute to them, and they will be better funded, especially now that Bitcoiners are emerging as a class to be reckoned with, from a financial power standpoint. I think you’re going to see quality projects get funded even by donations.

Stephen Livera:

Interesting. So I might summarize that then. As you’re saying, it’s almost like what people in the Bitcoin world might know today as Podcasting 2.0, where they are streaming some sats to the creators that they like, and also a fraction goes to the platform that is helping, or other people. So in a similar way, maybe the creators of some open source software might receive an ongoing stream of sats in that way, that the user could opt out of that as an example. And like you’re saying, there might be these wealthy Bitcoin patricians who decide that this particular piece of technology, or this particular security or privacy technique needs to be more available—I’m just going to fund it. So we might see that, too. So that’s really interesting to see. I think the other question probably people are thinking about is: most people are not used to running their own infrastructure. So as you said, rightly, having to have a DevOps person or having some kind of person or a way of dealing with backups with redundancy, or availability of the system—how confident are you that these kinds of concerns—that were typically done by a professional—how confident are you that this can be automated and done within EmbassyOS and other freedom technology?

Matt Hill:

Extremely. If I wasn’t confident that we could pull this off at scale, we wouldn’t be doing it. That doesn’t mean we have the solution to every possible technical challenge we’re going to face yet, but we are confident that those solutions exist and that we have the talent, both at Start9 and in the broader community, to discover those solutions. Now, some of them, we actually do have working models for of how we will solve—take redundancy, for instance, which is perhaps amongst the most important. There’s a danger to running your own personal server in your own home, on your own metal, which is: what happens if a hammer gets taken to it? What happens if there’s a fire or a flood? Does your entire digital life evaporate? The answer is, Yes, unless you have redundant geographically dispersed backups. And so the way that we solve this problem is the way that you solve any massive problem that you don’t fully understand the endgame to, which is iteratively. You solve it in the cleanest, simplest possible way, and then you find people who are willing to put up with the inconvenience of that naive, simple solution, and then you use their feedback and input to iterate it and make it more and more available and easier for larger numbers of people. And so that’s also why it’s important, as an early company solving hard problems, to not go mass market overnight. You have to iterate towards the masses. It’s why we don’t put a lot of effort into marketing. We are very early here. We are still trying to solve a lot of these. So redundancy: here’s how we did it. As of today, you can make a backup of your Embassy and all of its services by either plugging a drive into the device itself and clicking backup—and you get a full backup of absolutely everything on the device—or with the release of 0.3.0, which is coming now, it’s done, happy now to leak that here: EmbassyOS will be released publicly out of beta. It’s in beta right now. It’s been in beta for a while. It will be released publicly out of beta within the next 2 weeks. We are not sharing the exact release date, but it is done. That is a done deal—it’s being released. And it’s awesome. So with 0.3.0, not only can you make a physical backup on the device, but you can also make backups to any other device on your local area network. This is using the same protocols, Samba and CIFs that say your MacBook would use when sharing a file to another MacBook nearby. So you can very easily now go into your Embassy, click backup, and that backup will be created, encrypted, over the local area network to your desktop or your laptop or to a drive that’s plugged into your desktop or laptop. You could take a 2 terabyte drive, plug it into your MacBook, hit backup on the Embassy, which is located in another part of the house, and the backup would land on the 2 terabyte drive that’s plugged into your MacBook, fully encrypted over the air—also encrypted over HTTPS on the LAN in case anyone happens to be snooping, which nobody is. But if they were, it’s still safe. So that was an iterative step towards the next phase of backups. So you see here, we started with a physical backup that you yourself had to plug in and make. Now we’ve moved towards a backup where you can back it up to something else on the local area network. After that, the next logical step will be that you can click backup and it will back it up to a remote device, potentially another Embassy of yours, in another geographic location. And these two things can create encrypted backups of each other, so that if one goes down, the other can replace it pretty seamlessly. Then we move towards an automation of this feature, where now you are no longer even clicking backup. Your device is just constantly creating encrypted backups of itself on one or more devices, which, by the way, don’t even need to be yours. So you could create a buddy system with other people who have Embassies, and you share a couple pieces of credentials—like I give you some credentials, you give me some credentials—and now we are storing encrypted backups on each other’s device without any effort whatsoever. And if my device ever goes down, I just call you up. And I’m like, Hey, I need that backup. You click a button. And my Embassy now can be fully restored. And say, I don’t fully trust just you—I could actually cut this deal with five different people. The next logical step after that is to actually monetize that entire process. So instead of you and me actually getting together personally and being like, I’ll store yours if you store mine and we’re doing this for free, I can actually just hit, Create a backup of my embassy, and it will back itself up to people’s devices who I don’t even know all over the world, creating 10 redundant backups all over planet Earth, and pay for it with sats over the Lightning Network. I can then ping these people all day every day saying, Prove to me that you still have my backup, prove to me that you still have my backup. And every time they prove it to me, I pay them another 10 sats. And they prove it to me again, I pay them another 10 sats. And if they ever stop proving to me that they have my backup, I stop paying them, and I start storing it on somebody else’s device. So now you can monetize excess storage space. So I can actually go out and buy a bunch of terabytes of hard drives and be like, I’m a huge player in this network. I store everybody’s encrypted backups. I don’t even know who these people are. It’s fully encrypted, so I can’t read their stuff. And it’s all on a decentralized network. Now, what I just described, a lot of people have talked about and thought about—we know how to build it. We also can’t build it ourselves. I don’t have the resources internally to build out that entire system, but we will absolutely be patrons of it. We will absolutely contribute to it. And it’ll just plop right into EmbassyOS because that’s what we built it for. So the redundancy problem not only will be solved, but we already know how to solve it, and it will be solved in a relatively short period of time. The vision I just painted you is not a 2022 vision, but it’s also not a 2030 vision. It’s a 2024 vision, probably, where that comes to full fruition.

Stephen Livera:

And what about security? So, and in fairness, this is an issue that applies all over the world to everything, that there are zero-day exploits or vulnerabilities found. And so what’s the approach going to be with Embassy in terms of keeping things up to date such that users are patched against these vulnerabilities?

Matt Hill:

Yeah. So you’re talking about dependency vulnerabilities. Most software operates up here, right? It’s just layers and layers and layers of software. And if the Linux kernel gets a bug in it, a security vulnerability all the way down at the base, then basically everything on Earth is now potentially compromised. So there is no simple solution to this other than open source diligence, having audits and being on top of it, so that if there is an exploit, your ability to patch it very quickly exists. And we have designed EmbassyOS for very, very easy updates. So for example, if there’s ever a security issue with any part of the dependent stack, or if there’s a security issue with any given service, our ability to deploy a fix very quickly and securely is there. That was a big thought process of ours that quite frankly is not shared by a lot of the other options for self-hosting in the world, because they’re so bundled and fragile. So take for instance—I don’t want to mention names—but take, for instance, another plug-and-play node solution. If there’s a vulnerability with Bitcoin, okay, there’s some sort of security vulnerability discovered in Bitcoin Core, in order to patch that security vulnerability, you, the user, would have to update your entire system. There is no way to just patch Bitcoin. You have to update the entire operating system, including every single service on that operating system that has an update available. So there’s no way to just patch Bitcoin. Which means you could end up in a scenario where you have purposefully not updated to the latest version of LND because it’s experimental and you think there’s a bug with it or whatever, but you have to patch Bitcoin. Well, now you’re stuck between the rock and a hard place, because if you don’t upgrade your system, you’re stuck with a Bitcoin that’s vulnerable. And if you do upgrade your system, you’re stuck with a version of LND that’s potentially vulnerable. So it’s very fragile. It’s very bundled and fragile. It’s an all-or-nothing approach. EmbassyOS is not like that. EmbassyOS is extremely modular—nothing is bundled. It’s totally à la carte. So if there’s a bug discovered in Bitcoin, we can deploy a fix for Bitcoin in a matter of minutes. And then you just click update Bitcoin and it updates and you’re patched. So that’s part of it. Security broadly speaking—so that security question was very much around vulns discovered in dependent software and in services themselves. And again, those are hard, but doable—it just requires diligence and speed. And when it comes to security broadly speaking as a principle, EmbassyOS and self-hosting on a personal server is night and day, because here’s the problem with Earth digital infrastructure right now: there’s just a ton of honeypots. When you have central service providers who are providing communication data services for a billion people, you’re talking about a goldmine of data. And you know what’s protecting that goldmine of data is a few people with the right keys. Everyone thinks about hacking as like fighting with the computer. When someone hears the word hacking, what they picture is somebody with a cloak on in the middle of the night typing really fast and jousting with the computer on the other side—that is not a valid image at all. Cryptography works. You want to brute-force SHA256, go fuck off—you can’t type fast enough. It’s impossible. The way that hacking works is social engineering. People get hacked—not computers. Yes, every once in a while, a computer has some exploit that can be taken advantage of, but the vast majority of hacks are people getting hacked. So it doesn’t matter how good your security systems are. The bottom line is, is that Facebook must on a moment-to-moment basis be able to access highly sensitive information, because they have to deliver that highly sensitive information to their users. When I want to see my private profile—I’m not on Facebook, well maybe I am, but I haven’t logged in in 10 years—but if I want to see my private profile, there is some mechanism in the Facebook software stack that is enabling me access to that, which means the access exists and it’s highly available. That fact alone dictates that it will eventually get hacked. There is no way around it, because all it takes is the right or wrong—depending on how you want to think about it—person with the right access, because people can be bought, bribed, blackmailed, threatened, coerced—you name it. People can be had, in one way or another. And so long as that’s true—and it will always be true—everything that can be hacked will be hacked. Here’s why Embassy bypasses this entire paradigm: because when somebody is hacking Facebook, they’re not hacking Stephan Livera. They’re not hacking Matt Hill. They don’t even know we exist. They’re hacking Facebook, because they want the honey pot of all of our data. We’re just a number in the database. If someone wants to hack you when you are running a personal server, they have to hack you. There is no third party to go after—they have to hack you specifically, right? It’s the same reason why most people feel safe in a neighborhood, in a home. It’s because your house is 1 of 500 in that neighborhood. You’re just playing probabilities. Like, What is the probability that I’m going to be targeted for robbery? Assuming that you’re a nobody, which most people are. Now if you’re a high-profile individual and you have a ton of net worth and you’re out there in the public eye, you should probably take additional precautions to protect your security. And you should have your security team and you should invest in technology that is above and beyond what anyone else needs. Big walls instead of 4-foot fences. But most people do not have to worry about getting hacked. They’re nobody—nobody even knows who they are, let alone that they have an Embassy. How would your neighbors even know that you have an Embassy that has Lightning funds on it? They wouldn’t even know. So our security model is protection through obscurity. It is the basic fact that when everyone is custodying their own data and their own money, nobody gets robbed, nobody gets hacked, because the value proposition is not there for the robber/hacker. It’s just not there. Like if I want to get 10,000 people’s data, I have to go personally hack 10,000 people. The chances of me pulling that off are zero—I’m going to get caught. I’m not going to make any money, I’m wasting my time. So we think that simply by moving towards a self-custodied sovereign computing model, security will actually become somewhat of an afterthought. You don’t even have to worry.

Stephen Livera:

There’s a lot of points I agree with you, but I’m just curious, because as an example, like let’s say you’re running a Lighting node and it’s not TOR-only. Can people just figure out, like, if they were to be able to tie things from your real-world behavior, purchases to the Lightning node that received from this or paid from this? I think that there are other ways, although like you said, the payoff is a lot less because you’d have to go after individuals as opposed to trying to go for the lowest hanging fruit, these big honeypots that have a billion, billion-plus users. Also, I wanted to get your thoughts on where you’re at with what hardware should people be using to run EmbassyOS? Should they be using Raspberry Pi or RockPro64 or should they be purchasing the device? What are some of the different options and devices people should be thinking about

Matt Hill:

Today, the only option that is tested, tried and true for running EmbassyOS is a Raspberry Pi 4. It’s the only option right now. That was a good starting point for us. The Raspberry Pi is—or at least was—a highly available piece of commodity hardware. There have recently been some shortages which have accelerated our own plans to make new platforms available. But we don’t expect those supply chain issues to persist forever. The Raspberry Pi will be widely available and supported for many years to come. And so it is an option and it’s a good option and it’s cheap and it works. So today that is your option. In order to make EmbassyOS available on other hardware platforms—[it] is totally doable and will be near-term actually viable on multiple different platforms. But it’s also not trivial, because what we’re talking about here is low-level computing operations. We’re not talking about an app that can just run on a variety of OSs. We’re talking about OSs that can run on a variety of hardware. And it’s tricky. You start dealing with like computer science. You’re not dealing with just whittling a couch together—you’re dealing with the nature of wood. You start to get into the nittier grittier aspects of what it means to run a computer. And so we want it to work really well. We could definitely take shortcuts to like, Oh yeah, you can fire this up on a RockPro64 no big deal right now, but that doesn’t mean that everything is just going to work to the same degree that it needs to for us to build the kind of confidence in usability that we need. So we are being very careful about not expanding or recommending alternative hardware platforms until they’re properly engineered, tested, and vetted. And it is a priority of ours for a variety of reasons. One, because the more hardware platforms there are, the less you are dependent on any given supply chain. The more hardware platforms there are, the easier it is for people around the world to acquire that hardware without having to buy it from us. It’s just optionality. And three, is because the Raspberry Pi just isn’t going to cut it. It just doesn’t have the juice to support the kind of use that we’re going to need long-term. So we have to work towards more powerful alternative hardware platforms. And it’s a pretty front-and center-endeavor for us, so expect near-term results on that front. I don’t want to say anything yet because it’s not important. It’s Raspberry Pi today, it’ll be something else tomorrow. But the Raspberry Pi will always work. You need a low powered commodity solution that can be got at the hardware store? The Raspberry Pi’s for you. You want the big beefy thing that’s going to be able to do everything and then some? You might need to look into more powerful solutions.

Stephen Livera:

And for people who are wondering how much of the focus will be generally freedom aspects? And how much of it will be keeping up with the latest and greatest in the Bitcoin world from an EmbassyOS point of view?

Matt Hill:

That’s a good question. We are very much, actively as a company, trying to get out of that game. We don’t want to be making those decisions. We are building operating system technology. Just like Apple would not tell you what apps they’re funding or supporting or whatever. The idea is that whatever the market deems to be in demand, there will be people who step up and provide the supply. We’re going to let supply and demand work. Now what was on our plate was to make it as easy as possible. So with 0.3.0, we have a whole new service packaging SDK that make it easier than ever for even moderately technical people. You don’t need to be off the charts here. You don’t need to be a DevOps engineer. It does require some technical expertise though, but it’s fairly approachable, that many moderately technical people will be able to package up services for EmbassyOS. We also will provide support in that front. As in you have questions, there’s a channel for you to come ask those questions. We will continually improve the SDK, such that eventually it will really be like filling out forms and then boom, some new Lightning service that you are dying to try is now available as a one-click install in Embassy with all the bells and whistles. GUI configuration, health check monitoring, dependency management, and everything else is just done for you. That’s the vision here. And we’re like this close to it. It’s there today, we just need to make it better and better and better. And we have multiple people now in the community who are not Start9 employees or contractors who are packaging services. And we are using those experiences and their feedback to make the process even easier. So when you ask me, What is the priority for functionality of Embassy? What services are the priority? Yeah, I have some ideas and we will continue to do some things, but by and large, it’s going to be community-driven. And I predict that people will be almost overwhelmed with the amount of things that can be done on this in short order. In other words, we are going to have to strive to minimize what we do, as in curate our marketplace experience so that it doesn’t overwhelm people. Because if you log in to your Embassy and visit the marketplace and there’s like 15 different options for running a self-hosted P2P messenger, you’re not really going to know what to do. You’re already overwhelmed by the idea of a personal server and self-hosting, and now there’s 15 options for doing messaging. You’re going to feel paralysis. And so we also can’t tell people, No, right? So if 15 different people package up 15 different messaging services, they all will be available, but Start9 can take measures to highlight, promote, recommend certain things over other things, which puts us in a potentially we’ll call it dangerous position, where we can start to emerge as an authority of what people should be running on their servers. And so we are going to actively, actively fight against that while also trying to provide a good user experience. It’s going to be a very delicate balancing act. And the way that we avoid the pitfalls of centralization of authoritarianism, the way that we avoid becoming like a, Do this, do this, do this with your computer, and people just listen, is by creating an open marketplace. So for example, Start9 by default will be the marketplace that you are connected to. So when you turn on your Embassy and you go to the marketplace to shop for services, you are browsing a repository that is hosted on our servers, where you hit download and you are downloading Bitcoin from Start9. And we can curate that marketplace in any way that we want. We can say, Here’s the different categories of services, here’s the ones that we recommend. And you know what? We can even tell people, No. Somebody tries to put a service on our marketplace that we think is spam or malware? We can just be like, We don’t think anyone should be running your service, so you’re not going to get onto our marketplace. The way that we combat that potentially dangerous situation is that the user, as of 0.3.0, as of the release that’s coming in a few days, you can switch to someone else’s marketplace—and anyone can run a marketplace. So instead of shopping at the Start9 service marketplace, you can shop at the Stephan Livera service marketplace and you could host not only Bitcoin, as a redundant place to obtain Bitcoin in case we ever go down—people can still go to your marketplace and get it—but you could also host services that we don’t want to put on our marketplace. And any user can just be like, Oh, I’ll go shop there instead of shopping at Start9 and download things there. So we predict that in the near-term, the service availability and marketplace ecosystem is going to get pretty cool, and there will be tons of options.

Stephen Livera:

So it reminds me of how if you’re using Linux and you’ve got different repos—repositories that you can connect to and download from there. So it’s like putting that, but in a nice obviously user interface, for the user who doesn’t want to go doing command line things. So that’s really cool. I think it’s really interesting. We’ve spoken about a bunch of things. So we spoke about the broader world, what’s going on in terms of the battle for hearts and minds and also the tools to enable ourselves getting some more freedom. And as you mentioned, the big new release 0.3.0. And also just some of the real-world difficulties as well. But I think the important—I guess probably for me, the highlight or the interesting point is the point around cost. Because for most people they would think of it like, Okay, being private or being secure, you’re generally paying more of a cost, whether it’s money or some kind of effort. And you are actually coming at it from a different point of view. You’re saying, Actually, we’re going to win by being lower cost than some of the alternatives. So that’s been interesting for me. Any final or closing thoughts for listeners out there? And of course, where can people find you online?

Matt Hill:

Yeah. So lower cost and better security, just according to the threat model. That average person, you are going to be better off having your data and finances on a device in your home than you are on a third party cloud—and it’s free. So, final thoughts—no, not really. We are working our asses off here. We are building as fast as we possibly can. We are doing it in an uncompromising way with high integrity. We’re doing it in broad daylight. We’re not hiding what we’re doing. Everything that we’re doing is transparent and visible. And we expect to be held accountable by everyone and anyone. Doesn’t mean that everyone’s opinion will be adhered to because lots of people disagree with what we’re trying to do, but we are a very open project. Now we are a company, we are selling things—which is great. It’s what you should in this world, or at least can do. But I welcome everyone who’s listening to this to come hang out. We are present. You join our chat channel and you’re not getting some automated message that says, Come back later, or, We value our customers, please hold for 6 hours. We are here, we are present, it is a front-and-center principle of ours to remain available. Because we know that what we’re doing is scary for people to take this step, to take action. It’s one thing to sit back in an armchair and complain about privacy rights and data monitoring surveillance and costs of subscriptions. And it’s another thing to actually wake up one weekend and say, I’m going to take back control of my digital life. And so it’s not just about the availability of the technology. It’s about the community. It’s about, Do you have people who have your back who are going to answer your questions? Who you can lean on for support. And it’s not just us at Start9. We have an incredible community of people who have just found us, fallen in love, gotten involved and are there 24/7 in our chat channel, welcoming people, helping people. And so I invite people to do that, because this isn’t some niche project. We are trying to overturn some of the largest, most powerful institutions on this planet for the better—for the individual. And yeah, come hang out.

Stephen Livera:

Fantastic. Well, I’m excited to see what you guys are building. I think it’s a really cool thing that you’re doing. So thanks for joining me, Matt.

Matt Hill:

Thanks for having me. I appreciate it.