Telemetry Debate Rocks Audacity Community In Open Source Dustup

Starting an open source project is easy: write some code, pick a compatible license, and push it up to GitHub. Extra points awarded if you came up with a clever logo and remembered to actually document what the project is supposed to do. But maintaining a large open source project and keeping its community happy while continuing to evolve and stay on the cutting edge is another story entirely.

Just ask the maintainers of Audacity. The GPLv2 licensed multi-platform audio editor has been providing a powerful and easy to use set of tools for amateurs and professionals alike since 1999, and is used daily by…well, it’s hard to say. Millions, tens of millions? Nobody really knows how many people are using this particular tool and on what platforms, so it’s not hard to see why a pull request was recently proposed which would bake analytics into the software in an effort to start answering some of these core questions.

Now, the sort of folks who believe that software should be free as in speech tend to be a prickly bunch. They hold privacy in high regard, and any talk of monitoring their activity is always going to be met with strong resistance. Sure enough, the comments for this particular pull request went south quickly. The accusations started flying, and it didn’t take long before the F-word started getting bandied around: fork. If Audacity was going to start snooping on its users, they argued, then it was time to take the source and spin it off into a new project free of such monitoring.

The situation may sound dire, but truth be told, it’s a common enough occurrence in the world of free and open source software (FOSS) development. You’d be hard pressed to find any large FOSS project that hasn’t been threatened with a fork or two when a subset of its users didn’t like the direction they felt things were moving in, and arguably, that’s exactly how the system is supposed to work. Under normal circumstances, you could just chalk this one up to Raymond’s Bazaar at work.

But this time, things were a bit more complicated. Proposing such large and sweeping changes with no warning showed a troubling lack of transparency, and some of the decisions on how to implement this new telemetry system were downright concerning. Combined with the fact that the pull request was made just days after it was announced that Audacity was to be brought under new management, there was plenty of reason to sound the alarm.

Meet the New Boss

It’s impossible to talk about the proposed changes to Audacity without acknowledging the project’s new owner, Muse Group. The organization is dedicated to developing and supporting audio tools and music software for content creators from all walks of life, and in addition to the Muse-branded packages such as MuseScore and MuseClass, they’re also responsible for Ultimate Guitar and Tonebridge. Despite the impressive catalog of software and communities that fall under their umbrella, representing hundreds of millions of users before Audacity is even factored into the equation, the Muse Group as an entity has only officially existed since April 26th (yes, that’s just eight days prior to the telemetry pull request).

Muse Group’s acquisition of Audacity was first acknowledged just four days later, in a YouTube video posted by Martin Keary (known online as Tantacrul) entitled “I’m now in charge of Audacity. Seriously. On May 3rd, an official announcement was posted to the Audacity site confirming the news that they had joined the Muse Group and that Keary would take over as the new project leader.

The pace at which things were moving was alarming to say the least. But in his video, Keary made it clear that his intention wasn’t to strip the heart and soul out of Audacity. It would still remain free software under the GPLv2, and beyond some admittedly much needed user interface tweaks, would be the same program that millions of users had been enjoying for over 20 years.

Less than 24 hours after the official announcement of their acquisition had been posted to the Audacity site, the pull request to implement telemetry was opened.

Good Intentions, Terrible Optics

It should seem obvious that if you’re interested in a smooth transition of power and a happy community, the absolute last thing you should do is rush through massive changes that undermine a project’s core values within hours of taking ownership. Yet, that’s precisely what happened here. Not even a full day after users saw the first official word that the project had been absorbed by another group, unpopular changes were seemingly being rammed through the approval process without so much as a discussion period. For many, it was difficult to view this as anything but a hostile takeover of an established project by a group that didn’t even exist a week ago.

As you might expect, the reality isn’t nearly so racy. The Muse Group, looking to put development time and money into a revamp of Audacity’s antiquated UI and the squashing of some particularly tricky bugs, wanted the same insight into the software’s user base that they have with their existing projects. In fact Keary was instrumental in implementing a similar telemetry program for MuseScore back in 2019, specifically to determine which elements of the software were being used the most. With this data, the development team argued they could craft a more streamlined experience that better reflected the typical workflow.

The difference was, back then, it was announced with a well thought out and detailed blog post that articulated exactly what the development team was trying to achieve and how they hoped to do it. There were still some dissenting voices, but the explanation and clear goals helped to smooth things over. A similar post explaining the changes on the Audacity site could have helped avoid a lot of the confusion in those first few days, but unfortunately, somebody dropped the ball pretty badly this time around.

Eventually the pull request was amended with clarifying information, such as the fact that the telemetry would be opt-in and even then only applied to binary builds of Audacity released through GitHub and not distribution-specific packages. It even included a breakdown of what data would be collected, and how it would be used. The new information did quell some of the complaints, but others still took issue with the way the data was to be collected. For example, rather than handle it in-house, Muse Group was going to push all the telemetry through Google and Yandex. Collecting optional analytics for the sake of improving the Audacity user experience is one thing, but do we really need to funnel even more of our usage information through the search giants?

Message Received

When I started writing this, it really wasn’t clear how this situation was going to play out. Sure the community was mad, but as long as Muse Group kept to their word and made it so users had to opt-in before their data was collected, the reality is that most of them would cool off eventually. The chances of such a well established project actually getting forked over an optional feature that wasn’t even going to be included in distribution specific package repositories was slim to none. Would some users have jumped ship and found another audio editor for purely ideological reasons? Probably. But frankly, not enough of them to matter.

But before this article could go to print, the pull request in question was closed and Martin Keary himself dropped in to sort things out. He explained that the plan was to introduce the idea of telemetry to the Audacity community before actually proposing any changes, like they did with MuseScore, but that there was some internal miscommunication that caused things to happen out of order. Further, based on the response from the community, the decision was made to suspending any current plans to add telemetry to Audacity.

Looking ahead, Keary says the team is interested in getting community feedback on how they could implement some limited analytics for diagnostic purposes. They acknowledge that it needs to be handled in-house and not passed through a third party, but even still, there’s some debate about even adding tracking code to the project in the first place. Some members of the community have already suggested it be implemented as a plugin that’s maintained separately from the main Audacity source code, but it’s not immediately clear if that will be technically feasible.

At least for the time being, the Audacity community can rest easy. While there’s no question that Muse Group bungled things pretty badly here and got started on the wrong foot, it seems they’re looking to make it right and give the community the respect it deserves. We’ve often spoken of the incredible things that can be accomplished when a project embraces the creativity of its users and treats them as co-developers rather than as adversaries, and we’re hopeful Audacity’s new owners can harness that potential to guide the project through its second decade and beyond.

107 thoughts on “Telemetry Debate Rocks Audacity Community In Open Source Dustup

        1. @Ø said: “They could do the novel thing called asking, instead of performing the software equivalent of software endoscoping built into the program.”

          Precisely. Which is better, #1 or #2?

          1. Spy on your users without telling them and see what happens next.

          2. Open source is as much about Community as anything else. LISTEN to the Community to understand what they’re doing and what they want. Voluneer forum/list Moderators are the ears on the ground here. For those that don’t actively participate in the Community, on the project’s Blog periodically conduct surveys. Always maintain an EASY and direct way users can contact the project supporters. Direct Email is ideal, volunteers will field the responses. Finally, build rapid adoption by clearly stating “We NEVER spy or collect information on you, or how you use this program.” You will receive much Love in return.

        2. It seems like asking would have gone so far to smooth things over in this case.

          Debian, by way of approved-by-most-privacy-focused-FOSS-nerds example, has had “popularity contest” since forever. During install it asks nicely if you are OK with reporting of the packages you use so that the project has some extra information to base their decisions on what to support on. You are perfectly free to say yes or no; and can change your answer later if you want.

          Never heard any objections.

    1. Audacity taken over by few-day-old corporate entity with no prior announcement. 24 hours after said acquisition someone submits a PR to add tracking to Audacity that would ping both Google and Yandex, a Russian corporation.

      Google would get:

      Session start and end events;
      Errors for debugging;
      File formats used for import and export;
      OS and Audacity versions;
      Use of effects, generators, and analysis tools to prioritize future improvements

      Even just giving Google data like what OS you’re using makes fingerprinting you easier.

        1. Yes!
          (I miss the days when I could run netstat -an and know exactly what every single socket was there for because I had either manually configured the listener or launched the request myself. On balance I don’t think what the web has brought over gopher ftp, and telnet/ssh accessible BBSes, not to mention Usenet and email is worth what we’ve lost in terms of transparency and control).

          1. I forgot IRC, or rather some stupid client-side script kept me from inserting it in the list without backspacing ovee half my post to add it and retyping the rest. Bah humbug!

      1. Correction: Extremely well known company that has been in business for 23 years acquires Audacity immediately following corporate restructuring due to multiple acquisitions.

  1. just a week before all this, i decided to reimplement audacity (well, the tiny subset of it that interests me) because whenever it enters duplex mode it crashes the usb audio device i have plugged into my raspberry pi. i figure the real bug is in the pi kernel somewhere, perhaps even in the closed firmware. i’ve had it up to here with trying to debug the pi driver situation though, so i chose to blame audacity.

    i haven’t looked to see what exactly audacity is doing wrong, like i said, i don’t really *want* to travel that road. i just verified that if i used two regular ALSA PCM streams, the device behaved in a reliable and predictable fashion. something special about audacity is breaking it…in ignorance, i’m gonna guess that it uses mmaped I/O, which is somewhat more temperamental in the best of situations. anyways, it definitely tests the limits of ALSA in an attempt to provide lowest-latency real-time monitoring (with effects). which is a feature i don’t want.

    truthfully, i’ve been looking for an excuse to implement another DAW since my last DAW project went bust 20 years ago. i’m not making a product, just a ‘toy’ for my own use. and my timeline, man, it could take me years to get to even the tiny feature set i imagine.

    but the reason i bring this up is i’d hate to put myself in the shoes of someone in the future trying to debug why audacity is crashing or lagging, only to find out it’s because of this new gratuitous dependency on networking from integrated telemetry. i don’t even care about privacy, and i can totally see the reason this sort of feature might improve the product for everyone. i just hate to see bloat and complexity.

    to try to make their part simpler, they use libcurl, which itself uses a ton of libraries. there are so many ways for this to break things. for example, i see, to this day, ldd libcurl shows it is linked against libnettle.so.8 *and* libnettle.so.6 on my PC. i’m frankly astonished to see this is still the case because just a couple months ago i diagnosed a bizarre set of symptoms resulting from the fact that everything was pulling in two incompatible versions of libnettle, and i thought i’d fixed it. the problem is back, and is it even a problem today? are *these* two versions of libnettle actually compatible?? no idea but programs that aren’t linked against libcurl won’t find out.

        1. Linus explicitly addresses the niche and commercial apps in the video your cited. Core apps like audacity should fix their dependencies because once fixed they are likely to stay fixed.
          Over time, i am encouraged to see that distributions get better and better at integrating software correctly, thus preventing the dependency hell.

        2. And flatpak fails to do security updates for libraries. So if something is broken inside the container – you are at the mercy of the app maintainer to maintain security, not the OS maintainer. I kinda trust OS maintainer more for that.

    1. It’d be pretty easy on Arch’s AUR to make a package that builds the latest source, but applies a patch to throw out stupid things like telemetry. That’s more work to get going on debian/ubuntu but still feasible thanks to PPA.

      1. Ironically as I understand it, the plan was only to telemeter binary builds not distro builds, so hypothetically if the plan had not been scrapped, the distros would have had to do nothing.

        Of course it may have been expanded in the future or whatever.

  2. So, for once someone is trying to actually improve an open-source project that lives in relative obscurity due to its terrible UX, and the second people start trying to analyse the problem (by collecting metrics of course, unless you’re willing to donate thousands for comparable-scale user studies), neckbeards raise up in arms to defend their swamp.

    For all I care, the default response in these disputes should be to just let them run free and waste oxygen making their fork nobody is going to care about.

    1. One user’s “terrible UX” is another user’s workflow that they have already learned. I figure many users of Audacity find the UX perfectly adequate for their use, and have no need for designers to come through and put rounded corners on all the rectangles.

          1. Blender is now a lot easier to use than it ever was before. It went from “holy crap, I can’t even figure out how to delete this damn box without watching a YouTube video that reminds me of the weird mouse button behavior” to “wow, I can actually use this productively without googling something every ten minutes.”

            If you can’t see that, then I don’t really know what to tell you, but, well, you’re wrong :-)

          2. I don’t think he’s wrong. I used Blender back when it was horrible, and yes, it was HORRIBLE! Then they “fixed” it and my opinion was not fixed along with it. Blender is a powerful bit of software, but I don’t have the time to learn it when OpenSCAD is so much easier for me and far easier to precisely recreate things with exact sizes. I’ve watched YouTube videos for Blender’s newer UI, but I’ve never watched a video on OpenSCAD. I’m CERTAIN everyone crying about Audacity’s UI would shit themselves if they looked at OpenSCAD. lol

      1. If you genuinely think that a UX designer’s job is to “put rounded corners an all the rectangles”, your opinion is based on a misunderstanding of what the purpose of UX design is. Audacity has a whole host of UX issues which make it very difficult to learn for new users (things like unlabeled, non-self-explanatory icons, toggle buttons and regular buttons that have the exact same visual style, and hover effects that are inconsistent with actual click behavior). It also has a lot of useless clutter (why are there buttons for cut, copy, and paste that are shown by default?), and the visual design uses a “boxes inside boxes” approach that makes it hard to read understand the interaction hierarchy.

        Audacity is a great tool. It’s also generally an unpleasant tool to learn, and even as somebody who has used it on-and-off for almost two decades now, I find its UX design just barely adequate.

        This stuff matters. Tools like Audacity or Gimp are reasonably successful, but their terrible UX design holds them back from being true alternatives to proprietary tools to a lot more people. I’m glad that you find Audacity adequate for your needs, but I’m happy that they’re trying to improve the lives of many more people, who currently don’t find it adequate.

        1. adobe products all have awful UX. i’ve used a few alternatives to audacity and i’ve reliably had the feeling they all give awful UX as well. they’ve all made that core mistake of thinking you can optimize for transparent usage by new users at the same time as providing a powerful, efficient UI for experienced users. this is generally true of almost every WIMP program.

          the only DAW i’ve used with a good UX was traverso, but it was abandonware when i used it (years and years ago) and i don’t know what it’s become since. but traverso made an interesting choice where you couldn’t do anything intuitively if you’d never used it before, you had to read at least a few pages of documentation just to get started, it was completely non-optional. you couldn’t just wing it. but then once you did that, for that very small investment, you were suddenly a power user.

          most programs, even very polished ones, you can work with them immediately but it’s clunky, and then it takes hundreds of hours of experience before you become a power user. *shrug* it’s a very hard problem! it requires a lot of resources but resources alone are insufficient to make it happen…more than anything it requires a single clear vision from the start, and it’s hard to revise into a program.

          1. Haha, yes. seemingly the first thing Adobe did when they bought Syntrillium and Cool Edit Pro was slap on a thick Adobe UI, call it Adobe Audition, slow the whole thing down and add next to nothing.

            I wish Rezound wasn’t an abandoned labyrinth of C++. Its code rot is basically the only reason I’d ever somewhat recently needed to use Audacity. There’s also Wavosaur on WINE but that’s not so hot.

        2. Some know, but look and feel are a divisive topic in open-source. Even more than Vim vs Emacs. As witnessed by the KDE vs Gnome wars couple years back, over things like the spatial browser among other things.

        3. Not to defend the people complaining about the privacy-invading telemetry or anything (really, you’d ask the World’s Largest Advertiser to collect your metrics???) , but you just made a solid point in their favor: Everything about the UX in audacity could stand to be polished, and it won’t take a survey of the users to find enough problems to fix.

          The much harder path to follow will be to implement a new UX 2.0 that still provides a backward compatibile 1.0 experience for people who don’t want to learn a new GUI. This is a problem that needs to be 100% solved before they even need to capture the first byte of telemetry, and is really the core challenge to making improvements. Once a new UI blank slate exists, they can do usability testing however they want, including the old fashioned way: observe volunteers serving as test subjects.

          All that said, this sure seems like an awkward misstep by some enthusiastic people who were overly eager to start making improvements. I hope they don’t lose too much of their energy or momentum, and can still get some much needed work done on the product.

        4. I’m pretty sure “put rounded corners on all the rectangles” was an oversimplification that describes the fact that UX changes are not typically functional changes. They’re location of function changes.

          What you’re suggesting is that we currently have new users who don’t know how to use the program because there are small minor problems like tool-tips missing and a couple to bunch of things are not where you want them. Ok, so the POTENTIAL user base doesn’t know where anything is. New users only. So instead we should change the location of everything so that NO ONE knows where anything is? Instead of only new users having to learn a new program, you want everyone to learn the program as if it were a new program.

          You know instead of a pull request for telemetry, they could have added pull requests for missing tool-tips. That would have been a very inviting first step for the new masters of Audacity.

          I for one do not understand what’s wrong with Audacity. I don’t like the UX of MS Office 365 or whatever it is that put those horrible tabs that change the toolbar. Same goes for all of the Adobe suite. Audacity has everything I need right there in front of my as soon as I load my file. What do I need? I need my audio tracks. I need trimming tools. I need playback buttons. That’s a very large portion of what people use Audacity for.

          I know that Audacity is not too hard to use, because my elderly co-workers who can’t check email without being reminded they don’t have to click on the “internet button” can still use Audacity to trim and convert audio files.

          Just because you don’t like it doesn’t mean it’s wrong. If Audacity is wrong for you because of the way it looks, go use something more your style.

          At the very least, they need to maintain the original layout for the current userbase, or the current users will either stop upgrading or fork. I’m going to keep my already downloaded install files and possibly download the code as a back up just in case they try to pull a typical corporate trick and do whatever they want once the heat dies down.

          1. “Just because you don’t like it doesn’t mean it’s wrong. If Audacity is wrong for you because of the way it looks, go use something more your style.”

            Our style? Oh like say the proprietary software open-source advocates keep telling us to leave, because theirs is better?

          2. Can’t reply to Ostracus: That’s an argument I haven’t heard before. If I hear it again, I’m going to tell people to stop saying such stupid things. Once something goes mainstream, it gets ruined damned near 100% of the time.

        5. Nailed it. Audacity and GIMP are perfect examples of what should be great tools, but are brought down by hideous and defective UI. Every time I use GIMP and find the simplest operation to be a giant goddamned hassle, I can see the dweebs just waiting to lash out if anyone dares to file a bug report on it.

          Not that smug defenders of shitty design are exclusive to crufty open-source projects. Look at the Affinity products, gimped by bafflingly bad UI decisions and the omission of critical functions… and a huffy refusal to address them. And, as usual, their user forum is frequented by a core group of pompous apologists who insist that every glaring deficiency is the user’s fault.

          People put up with and defend shit, and that’s what they get. It’s “you’re holding it wrong,” over and over and over.

          1. In the examples you give, Audacity and GIMP, both ARE great tools. I use them exclusively because they’re great tools that don’t make me feel like I’m being cheated by a mega-corporation riding the train to money town on soft monopolies. There are no terms hidden in the EULA saying the company that made the software can do whatever they want with my creations. (that’s surprisingly common among non-FOSS free/cheap software) Using them is a choice. No one is forcing any of us to use them. Not me, not you.

            If you don’t like the way it looks, instead of complaining about how no one agrees with you, fork it and fix it. It’s FOSS!

            If you hear “you’re holding it wrong” so often… maybe you’re holding it wrong.

          2. Other than the batch processing scripting side, which being very much like real programming is very powerful but you need to really do your homework to understand how, GIMP is trivially easy to use. At least if you know anything about how to use such programs – it won’t take long to get up to speed, all the core concept and methods are there, and not even in particularly different ways.

            Its just a bit different to Photoshop in layout (which I assume being nearly the only other game in town is the one you like), it isn’t any harder to use. And if you didn’t come from Photoshop but MS paint or something no wonder you find it hard to use, its far too advanced for your toddler like existing comprehension of image creation and manipulation tools – if you are unwilling to learn how to use the grown up, powerful tools stick with finger paints…

            Same thing with Audacity, very different to the first Audio processing tool of similar potency I used, but for any of the basic functions its not hard to use at all.

            If you complained about FreeCAD, or openSCAD I could understand, even if I would disagree, both are great tool, but much more different from other CAD options in layout and even methodology. Just as capable, perhaps even more so, but a much much steeper learning curve coming into to it from other programs.

    2. Personally, I’ve never found the interface of Audacity to be terrible. I’d rather describe it as time-less. In fact, I’m glad it is the way it is.

      Does it really need the equivalent of a MS Ribbon-Interface? Or does it must, say, look like an Android app? That would be a punch in the face of the people who are fine with a logical (more-or-less) and modest appearance.

      This reminds me of an old saying, by the way.
      Not sure how it exactly gies, but it’s something like this:
      “The best tools are the ones that don’t attract your attention.”

      Which means that a tool of simple, clear appearance just lets you do your work. If it was constantly glowing, beeping and vibrating it would surely make up for an impressive view.
      But it would distract you from your work, too.

  3. Right, right, corporation first tries to ram their spyware in and backs off for while until the storm calms down. It wasn’t a mistake and they won’t quit, believe you me. They didn’t get it in on first try, but they’ll do it bit by bit then. “looking to make it right” HAH!

    Audacity is now tainted. Another one bites the dust.

        1. In June of 2001 I had Linux on my desktop, but a few years later I needed the space for a scanner, so the computer, and Linux, moved under the desk.

          When I got a refurbished i7 in 2016, the smaller case meant Linux was back on the desktop.

          A bit over two weeks and I’ve used Linux for twenty years. I’ve never dual booted with Windows. And it’s always been Slackware (and Slackware 15.0 is now beta).

      1. i think this is a good point that highlights the tension. obscurity is a fine place for a project. there are plenty of extremely popular projects out there, there is no reason for unpopular ones to be morphed to become them.

        you know, this is how i feel about ‘the linux desktop’ in general. if you want a good popular integrated linux desktop experience, i highly recommend android and chromeos to you. heck, i think you ought to check out os x too. there’s nothing wrong with wanting a popular OS with all the least common denominator features and thorough integration. it’s not the unix way, really, but it’s a perfectly valid user desire.

        but taking debian and trying (and failing, again and again, still to this day, failing) to turn it into a popular integrated desktop OS???? why???? gnome and qt/kde are not that great. if you want that level of integration, why would you side with a project that decided to herd cats when there are such excellent exemplars of projects that decided to invest the effort to develop a flock of sheep to herd? you’ll just spend all your time fighting the cats and that’s not fair to the cats or to you.

      2. I see 60 year old teachers using Audacity regularly. It doesn’t live in obscurity. People like you are the reason why programs become frustrating and impossible to use because they get dumbed down more and more every release. More clicks to accomplish anything because everything is nested further and further away from the eyes of ignorant noobs.

        Are people too stupid to use your software? Change the software! Spoon feed the users. Simplify everything and remove all the advanced settings because they might scare people away. Heaven forbid anyone learn a new skill or critical thinking.

      3. I second that. Diplomacy is the way to success. The best way to defeat your enemy is to make friends with her/him/they. I wished the open source community would train its social skills from time to time and would aim for working together. A few compliments and free hugs* here and there can make the world a much better place.

        By contrast, the immature, rebel-type nature of certain geeks is what turns off most people (rebelling is required sometimes, though, but not constantly). Especially the type of attitude that Mr Torvalds often showed off in the past. Would someone like to work with such people?

        *If Corona is not getting in the way

        1. Better to work with a rebel, than with a type doing scheming behind your back.
          “Rebel” will be at least upfront with you about the problems. With that criticism you can grow. With ‘eeeevery contribution is woorthy’ you can not.

  4. “The difference was, back then, it was announced with a well thought out and detailed blog post that articulated exactly what the development team was trying to achieve and how they hoped to do it.”

    Kind of like what is suppose to happen in corporations when they want to implement a sweeping change.

    1. Not disagreeing but I’d compare it more closely to something like Android Apps where the play store won’t accept an app submission without a link to a privacy policy.

      Of course 99.9999999% of users blindly ignore it or click past regardless what the policy says. But at least its a required document unlike traditional distributed FOSS.

      The idea of a linux distro requiring each package publish a privacy policy document for each package is interesting. I would imagine memtest86+ would be a rather short document whereas a distro chromium package (or audacity in the future?) could be interesting to read.

      1. I know I’d quite like it if packages came with proper privacy policies. Some data on where the code came from and what it will do when installed would make me trust repositories a lot more. I mean, there is no way in hell I am trusting a networking library that came out of google for anything privacy-sensitive, and stuff like that isn’t apparent in the package manager without downloading a bunch of source and going through its Authors file and parsing the list of functions it calls..

  5. I’d be ok with any telemetry if I had an option to review clear text data that is sent. And obviously it should be human readable text, no cryptic encoded things. If all they need is counters for features used, it should not be a big deal. If they also collect info on the hardware and OS versions, it is a much bigger deal. If they also collect info on other software installed, they can screw themselves right away.

    1. The Steam client does something similar, when Valve is running a usage survey, they’ll ask for you to participate, and then it presents you with a text of exactly they’ll send to the mother ship, giving you the option to decline at that point. And I think that is the right way to go.

      I absolutely hate seeing encrypted traffic being sent by applications without knowing anything about what is in it. Although I also hate plain-text traffic leaving my network too, I just wish that telemetry systems would play nice with my crypto-proxy by allowing me to switch out what CA the application trusts for my own CA so I can take a look at what it is sending.

      I’ve just been bit one too many times by malware making it into my network because it was sent through an encrypted pipe and my proxy-based antivirus couldn’t see it and the maker of the desktop’s AV hadn’t written a definition for it yet. Or how I missed a bot running on my mom’s computer (Not on my network, but it does pass its traffic through my equipment) because it used DNS-over-HTTP/S for Command+Control data and initial infection was from a contaminated flash device.

  6. The issue here is that reporting is not anonymous. They are sent to Google and Yandex from your IP. You need to be incredibly stupid to think that Google will not link that info to your other activity. It also reports at least the OS version.

    Also, is there any explanation what you would do with that information? “Grab it just in case, and we’ll see what happens” is not a good reason.

    You can just ask users what they don’t like about your UI and work on the most voted issues. This worked fine for Blender, for example. Their UI improvements seem to be going in the right direction.

    1. Your suggestion that “reporting is not anonymous” is ridiculous. Have you actually looked at the pull request? Is it sending the data to Google? Is it sending the data to Yandex? There’s nothing stopping anyone from reporting not just *anonymized* data to a server, but data that doesn’t even *contain* any identifying marks, if it’s being uploaded to a custom solution.

      There are innumerable ways in which usage data can be collected without using a major third party. Your argument amounts to “If you talk to Big Brother, then Big Brother will know what you’re doing.” Well no shit, Sherlock. Then just don’t talk to him.

      1. Did you bother to read the article?

        “For example, rather than handle it in-house, Muse Group was going to push all the telemetry through Google and Yandex.” – the article you’re commenting on

    2. Reporting is easy enough to do to a server entirely unrelated to Google or Yandex. The fact that you think it only involves one of those two services and is entirely impossible to do otherwise means that your tin-foil hat is showing. Go take your meds, you lunatic.

      1. I don’t think that. The patch that you offered to review does send this information to those two.

        Sure there are better ways to handle the situations. They chose to not to do that.

      2. Maybe it “could” be, but that wasn’t the plan.

        And i’m doubtful of the concept of “ux improvement” for practical reasons: most ux upgrades I’ve dealt with have dramatically *decreased* my productivity, even in the long term.

        Your mileage may vary, but my opinions are custom-fit to my needs, not some generic abstract user that may not exist, and whose usage doesn’t add progress to my own projects.

        Even good changes break things, and for any given change, some users will be impacted more by the breakage than by the benefits. This is a fact of life, and even non-luddites will be against changes that harm their own productivity.

        Making something sexy often doesn’t lead to better real productivity.

  7. So sad. Audacity has served me well for close to 20 years now.

    This fly-by-night operation called “Muse” just destroyed any and all trust I ever had for Audacity. I hope that they get sued out of existence by the rock band Muse for using their name (probably not legally possible, but a guy can hope).

    1. YOU say they’re making it better. I haven’t seen any proof of that. I’ve seen proof of spyware being attempted to be included. That’s not better. I’ve seen other projects get the “make X better” treatment and it got worse. Look at Adobe Creative Cloud and Microsoft Office 365 as examples. They think the cloud and software as a service is “better.” I disagree. I like the UI as it is. I know where everything is and it’s easy for me to access it all. Changing that doesn’t make it better for me. It might not make it worse, but it makes it different, not better.

      You’re like the crazy religious nuts who think everyone in the world has to follow their rules. If you like it, it must be right. If you don’t, it must be wrong.

      For a long time I thought I was the worst complainer on Hackaday. I’m not sure where you came from, but you’re definitely worse than me. Thanks for that.

  8. I think the only complaint I would have with this is funneling the data through a 3rd party that can easily de-anonymize the data, correlating it by IP, etc.
    Other than that, opt-in, anonymous data, with an explanation of what’s being sent, and an explanation of what it’s for is a good thing.
    Ideally, it should store the data locally first, and let you view it before sending, but either way, it certainly beats invisibly tracking anything they feel like, and sending it anywhere they want without informing you that it’s being done.
    And it’s way better than the typical “Click on this box to wave all your privacy rights, or click here to cancel” on commercial software/OS that you have likely paid money for.

    Microsoft’s “Send all the diagnostics data”/”Send most of the diagnostics data” choices during windows 10 install comes to mind. No option to opt out. Anytime an app crashes it sends a bunch of info to MS.

  9. As Alex says, with a little added side dose of the programmers that work on FOSS are generally users of the software they work on, so the program tends to be highly functional and usually quite logical – the UI is generally designed by programmers!. It just doesn’t necessarily match with anybodies preconceived notion coming in from other software. So for Open source to succeed you just have to be willing to learn, and play with it until you know how to use it, it doesn’t need user tracking at all.

    In the case of Audacity, never used it before jumped in to process out some vinyl clicks and the like, all the features I needed were both obvious and simple to use. Its nothing like the last Audio processing software I used, the interface is far from identical, but just some simple looking at it was enough. And for the few weirder features I then went on to play with the manual is pretty good, and a quick web search finds further useful details – no different to trying to figure out how to operate any other program you are not expert in.

    Look at even the biggest of the big in all software fields from the user interface point of view, all arguably poor in one way or other, often it is complete garbage, its just not noticed because for the users it has been a continued stream of similar garbage, so long long ago they learnt something similar to what is now the UI, and this pile of crud they are sitting in is still rather familiar…

  10. So what did they aquire? The trademarks and branding associated with Audacity? The maintainer(s)?

    By way of comparison CERN certainly maintains Kicad, but I don’t recall a press release that “Now we own Kicad, zing!”… which is the tone of that Audacity PR.

  11. I’d say the Dunning-Kruger is especially strong in this one. He’s so convinced that the UI is bad he cannot imagine that some people prefer Audacity BECAUSE of the UI. Then he thinks he understands people so well the he slanders a bunch of straw men AND FOSS. You’re in the wrong place buddy. We all opensource projects we spend a ton of time on. Half of us have probably spent more time on open source projects than you have anything ever. Where do you get the association of FOSS and burning down 5G towers? Those nuts don’t know anything about technology, certainly not enough to program or build hardware. You sound like you belong with them.

    1. They purchase the role as maintainer, project lead, and any rights to the name. They often end up making the programs closed source and then improve on it in closed source ways. At least that’s what has happened to a few projects I’ve seen in the past. In this case I wouldn’t be surprised if the old guys running Audacity just got tired and want to retire. Instead of giving it to the community to run, they sold it to that guy who has a following that seems eerily like a cult of personality.

    2. Purchase the trademark, work on the mill on new shiny UI interface but *don’t commit it yet* then commit it with a license change, drop the GPL which has no shiny UI that attracts lusers.

        1. Changing the license would require approval from everyone who has contributed, unless there’s some kind of separate contributor agreement that assigns that right to the maintainers. I’m not sure if that is actually allowed by GPL though. But if they really wanted to they might do something like turn the existing UI into a library and ship a closed source GUI or something. It would be very complicated. I’m not saying they would do something like that, there is nothing implying that is their goal at this point.

        2. It’s difficult but not impossible. You need all contributors approval, OR you can ask contributor to delegate their right to the copyright owner.
          Most FOSS project requires today to delegate/abandon your right as a contributor to the controlling entity to allow easy license change (ie GPLv2 to GPLv3).
          Dual licensed softwares use it extensively, that’s why they are not very successful and have a lower community than the one that are strictly FOSS.

  12. Has Audacity been fixed so that it can *monitor* an audio input *without recording*? I have an ion USB turntable but haven’t used it for a long time because I couldn’t listen to the records *without recording*. Thus I’d have to start well before a track started, start recording to hear the audio then clip off what had to be recorded before the track I wanted. Also useful would be playing the records through non-recodring monitoring just to enjoy listening to them.

    With proper monitoring one can just hover over the Record button and click at the right time – just as we did when dubbing tapes and recording records to tape on our boom boxes back in the 80’s.

    1. As far as I can tell (used it in a similar fashion a few weeks ago) that feature is still missing. Yet another change that would have been a good first move as the new Audacity overlords before starting in on spyware.

      1. What’d really be nice is for the USB audio input driver in Windows supporting using it as a normal playback device. Could be that’s what Audacity needs. Then it’d work with software like Windows Media Player, MPC-HC, VLC, PotPlayer etc.

  13. All sorts of shady stuff with this “Muse Group”! Even the company is a shell corporation called MuseCY Holdings Ltd (see WikiPedia). This is terrible and the author of Audacity informed me in a private email that he SUPPORTS telemetry which was also very terrible to hear :(

    1. Telemetry has lots of benefits for users and developers alike, it’s not inherently evil.

      (holding companies aren’t evil either, you only hear about them when somebody abuses them for criminal purposes.)

      1. Nothing is inherently evil. It’s only after greed sets in that things start to turn evil. Remember the Google motto being removed from their website?

        Telemetry for rockets? Not evil. Telemetry for marketing? Evil.

        Holding companies aren’t evil, but they’re notoriously bad at doing anything useful. They basically just buy stuff then try to sell it for a profit later. That’s probably not going to happen unless Audacity gets a move to closed source. Maybe that’s the long-term strategy at work here.

  14. I think the people saying “what’s the big deal” are missing the point. A lot of the people using FOS software do so because of the principal of it, not purely for practical reasons.

    These types of people, myself included, don’t like telemetry features. It’s as simple as that. And for a FOSS project “the community doesn’t want it” is a perfectly valid reason not to add a something to the code.

    Because of the actions of Microsoft and other big tech companies, the word “telemetry” leaves a bad taste in most techies mouths. That’s not Muses fault, but it’s the reality of the situation.

  15. Blender went from “Better learn this list of 100 undocumented hotkeys that have no menu equivalent, and have fun selecting with right click” usability nightmare, to “This baby packs five million features, hope you know what the one you need is called!” Of course, that second problem is common to all 3d software and most CAD, so it’s not exactly Blender’s fault. Beyond that, Blender now mostly reflects industry standard interfaces – if you know how to use most modeling software you’ll do okay in blender instead of fighting the goddamn mouse.

    Fixing the UX is good and important work. I don’t know why you’d need to add user tracking for that, though.

  16. After reading a bunch of the Github Q&A, I only see one way forward for Audacity. It’s going to get forked. Muse Group is being far too tight lipped on details. I think they pulled the plug on the telemetry to avoid answering questions about the future of Audacity and the role of Muse Group. I bet it goes closed source.

  17. GDPR non-compliant? Microsoft is going through a bit of a rough patch right now about their telemetry.

    First choice is the choice being taken — work with Muse to let them know that we’re concerned and that we’re watching. They will either fly straight or they won’t.

    If they don’t, we just fork it and let them go their own way.

  18. If the metrics are actually reaaly opt-in and anonymous then I got no problem with this PR but their priority should be to fix the UI first before thinking of anything else. I’m all in for KISS/oldschool interfaces but Audacity’s is *really* atrocious.

  19. Personally I thought this was a good step I agree maybe don’t set the telemetry through say google and yandex but I am not against the telemetry it’s opensource you can see what they send.
    And it will only beter Audacity.

    I have experience with muse-score and with keary doing an absolute great job at it.

    maybe mistakes have been made but I have so much good faith at this point in them that I am sure they will do fine and have the best interest at hart.

  20. “It should seem obvious that if you’re interested in a smooth transition of power and a happy community, the absolute last thing you should do is rush through massive changes that undermine a project’s core values within hours of taking ownership.”

    That’s what sank Cyanogen Inc – one of their first acts as a corporate entity (when they were still operating in “Stealth Mode”) was to try and abuse their CLA to force a contributor to relicense one of their contributions.

    The Focal relicensing fiasco led to the perception of the CyanogenMod project’s leadership team being forever tainted. Not surprisingly, three years later Cyngn folded for all practical purposes after developing a solid reputation as being an entity that no one could trust – not their customers, nor their vendors/contributors. (Generally it’s a bad sign when two of your first three customers are suing you in addition to suing each other…)

Leave a Reply to drenehtsralCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.