Forgot your password?

Comment: Stallman's "blessings" are for software freedom (Score 1) 87

by jbn-o (#47436411) Attached to: First Release of LibreSSL Portable Is Available

[...] not everything has to be blessed by Stallmann to be acceptable

Regarding this point, Stallman certainly does endorse Free Software. And so much of what is in OpenBSD is Free Software—software that respects a user's software freedom—and the same goes for OpenSSL. Stallman (and his organization, the Free Software Foundation(FSF)) are known for standing up for a user's software freedom. Non-copylefted Free Software is Free Software. Furthermore, in 2004 the FSF gave Theo de Raadt an award for the Advancement of Free Software, "[f]or recognition as founder and project leader of the OpenBSD and OpenSSH projects, Theo de Raadt's work has also led to significant contributions to other BSD distributions and GNU/Linux. Of particular note is Theo's work on OpenSSH". A free system need not include GNU software or be licensed under a GNU license (such as the GPL) to respect a user's software freedom.

The FSF is quite clear why it doesn't list OpenBSD (or the other BSD distributions) in their list of Free system distributions:

FreeBSD, NetBSD, and OpenBSD all include instructions for obtaining nonfree programs in their ports system. In addition, their kernels include nonfree firmware blobs.

Nonfree firmware programs used with Linux, the kernel, are called "blobs", and that's how we use the term. In BSD parlance, the term "blob" means something else: a nonfree driver. OpenBSD and perhaps other BSD distributions (called "projects" by BSD developers) have the policy of not including those. That is the right policy, as regards drivers; but when the developers say these distributions âoecontain no blobsâ, it causes a misunderstanding. They are not talking about firmware blobs.

No BSD distribution has policies against proprietary binary-only firmware that might be loaded even by free drivers.

Including nonfree software and pointing users to nonfree software is quite common among those who endorse the open source philosophy, as the FSF has long pointed out (older essay, newer essay). The open source movement's philosophy is a development methodology built to toss aside software freedom for practical convenience in an attempt to be "more acceptable to business". So this philosophical difference sets up a radically different reaction in the face of reliable, powerful proprietary software. Quoting the newer essay:

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

Comment: Everyone needs software freedom. (Score 1) 307

by jbn-o (#47184551) Attached to: GM Names and Fires Engineers Involved In Faulty Ignition Switch

And why all computer users need free software in all of their computers. I don't want someone I don't trust vetting the software that has the ability to ruin my project or kill me. Those who get to audit code may be expert in someone else's opinion, but I would rather have software freedom.

Comment: Re:Fixing a social problem with technical means? (Score 1) 108

It's not enough, true, but we need to get Americans trained in the practice of being more politically active and to seriously consider the consequences of their consumerism. Today, encouraging people to think of encryption as required for increased secure communications is good. We can't fix anything "once and for all" because any change to anything can be reverted (hence Andrew Jackson's warning "...eternal vigilance by the people is the price of liberty, and that you must pay the price if you wish to secure the blessing" applies here too). Software proprietors and others who want to rob computer users of their freedom spend billions training people to think ephemerally (in fact, /.'s chosen "firehose" structure of fast and frequent updates usually from corporate repeaters exists to further that end). We need ordinary people to become more aware of the consequences of ignorance, make better choices, and train future generations that the acceptable social norm is lifelong political involvement. I think failing to meet this need is one of Snowden's fears ("The greatest fear that I have regarding the outcome for America of these disclosures is that nothing will change..."), and why Stallman says things like "I don't want any fans I want Freedom Fighters, who could actually help in his revolution". I have no doubt that whomever follows that murderous war criminal Obama in the US White House will follow the same behavior he both chose to follow from George W. Bush and ramp up. I'm not certain what will stop the horrors of "Terror Tuesday" killings, indiscriminate NSA spying, and more, but I won't object when groups want to raise awareness and help normalize objecting to the loss of our civil liberties.

Comment: More of Eben Moglen's ramifications on Snowden (Score 1) 348

by jbn-o (#47102299) Attached to: Why Snowden Did Right

In case you didn't get to the bottom of the Guardian essay, that essay comes from "Snowden and the Future", a 4-part talk series Eben Moglen gave on October 9, October 30, November 13 and December 4 2013. It is highly recommended reading, watching, and/or listening. Audio, video, and transcripts are available at his website.

Comment: Re:Not denying something is different from forcing (Score 4, Informative) 406

by jbn-o (#47033659) Attached to: Did Mozilla Have No Choice But To Add DRM To Firefox?

Let's not also forget two other particularly powerful points made in the Free Software Foundation's (FSF) essay:

  • "We understand that Mozilla is afraid of losing users. Cory Doctorow points out that they have produced no evidence to substantiate this fear or made any effort to study the situation."
  • "More importantly, popularity is not an end in itself. This is especially true for the Mozilla Foundation, a nonprofit with an ethical mission. In the past, Mozilla has distinguished itself and achieved success by protecting the freedom of its users and explaining the importance of that freedom: including publishing Firefox's source code, allowing others to make modifications to it, and sticking to Web standards in the face of attempts to impose proprietary extensions."

Brad Kuhn builds on these points in his essay discussing Mozilla's announcement: "Theoretically speaking, though, the Mozilla Foundation is supposed to be a 501(c)(3) non-profit charity which told the IRS its charitable purpose was: to "keep the Internet a universal platform that is accessible by anyone from anywhere, using any computer, and ... develop open-source Internet applications". Baker fails to explain how switching Firefox to include proprietary software fits that mission. In fact, with a bit of revisionist history, she says that open source was merely an "approach" that Mozilla Foundation was using, not their mission."

Speaking of how people criticize the FSF without reading what they say, the FSF is not an "open source advocate" despite /.'s insistence to the contrary such as is stated in this story's headline. The FSF and the free software movement predate the developmental methodology known as open source, and the FSF fights for values the open source movement sets out to deny, namely software freedom. The FSF has published more than one essay on this topic (1, 2) and RMS includes a clear and cogent explanation of this point in virtually every talk you'll hear him give. Archives of these talks are readily available online in formats that favor free software. Mozilla's choice here is another example of reaching radically different conclusions given different philosophies: Mozilla's open source choice versus a free software activist's choice to reject DRM for many valid reasons the FSF points out.

Comment: Re:Yawn. (Score 5, Insightful) 403

With the number of times /. posters point out how RMS arrived at some conclusion well before so many other people, and wrote something illustrating the point and his rationale, I would hope /. posters would recall that.

More DRM isn't going to play out well for the public as it has already failed for those who enjoy leveraging their fair-use rights, reading/viewing something in another way, and more. RMS's ethics-backed rationale against DRM and nonfree software (as opposed to a developmental methodology that accepts practical convenience at the cost of our civil liberties) is simply invaluable. Snowden's revelations bring RMS's long-held objections to nonfree software into sharp focus all the more.

Comment: Linux-libre is proof of the point, pre-Snowden (Score 3, Informative) 347

by jbn-o (#46985855) Attached to: Glenn Greenwald: How the NSA Tampers With US Made Internet Routers

Addressing both your comment and the grandparent comment: this distinction of allowing non-free software is part of what distinguishes the older free software movement from the younger open source movement. RMS has been talking and writing about this critical distinction for years.

Consider the following from "Why Open Source misses the point of Free Software":

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

In other words, open source won't endorse software freedom for its own sake. That movement was designed to never raise the issue of software freedom in order to promote a developmental methodology thought to lead to more reliable, more powerful programs. That methodology is fine as far as it goes (everyone likes powerful robust programs) but as we're seeing with the Snowden revelations, that methodology doesn't go far enough. RMS realized this very early on and has been providing ethical counterarguments since the open source movement began (older essay, newer essay).

This difference explains what we're seeing in the very different approaches taken in Linus Torvalds' fork of the Linux kernel versus the GNU Linux-libre fork of the Linux kernel. Linux-libre's distinction is that this fork removes the blobs that come with the Torvalds fork of the Linux kernel. Torvalds includes nonfree code meant to make the kernel run on more hardware which places a high value on convenience at the cost of software freedom. Linux-libre values software freedom instead. As a result, Linux-libre doesn't run on as much hardware and might not take advantage of everything modern hardware can do, but one gains a system they are allowed to fully inspect, share, and modify—software freedom. Linux-libre lets users make sure the software does only what that user wants that program to do. RMS, as recently as his recent responses to /. questions, encouraged readers to reverse engineer hardware in order to fully document hardware ("The parts of Linux we need to replace are the nonfree parts, the "binary blobs". [...] The main work necessary to replace the blobs is reverse engineering to determine the specs of the peripherals those blobs are used in. That's a tremendously important job -- please join in if you can."). This work leads to increased support for fully free operating systems, including fully free support in Linux-libre.

Increased security is one of the things you get with the pursuit of software freedom for its own sake. I think RMS very much recognizes the security enhancements that come along with Linux-libre and why his organization won't recommend a system with nonfree blobs in it. I'd expect that Stallman would say security isn't a goal unto itself, but a feature of a more important concern: software freedom.

Comment: Re:Your monologue is not interesting. (Score 1) 394

by jbn-o (#46954487) Attached to: Richard Stallman Answers Your Questions

The objection you seem to have missed is that proprietors treat users badly without the user's ability to effectively improve the program for their own needs (even by hiring someone to do this work on their behalf). So better to rejecting non-free software on ethical grounds. Whether spies have used the power of a proprietary Angry Birds is a weak response compared to asking whether anybody should have to choose a potential loss of privacy to play a videogame. Tracking users (no matter how) without their explicit knowledge is something people don't know about and, when they learn about it, don't like. It's a shame you have such personal anger toward Stallman that you refuse to convey understanding his points. Your namecalling ("bearded zealot", "mooching") and lame counterarguments like "There's more effective ways for snoops to get info than through angry birds" run the risk of reading as tacit acceptance of RMS's points without giving him due credit for bringing those points to the public.

We don't know who can get data from RMS's Loonsong MIPS machine but paying attention to these issues and using what's available to practical effect is leading by example; a far more respectful approach which complaining and namecalling just can't beat.

Comment: Your monologue is not interesting. (Score 1) 394

by jbn-o (#46935019) Attached to: Richard Stallman Answers Your Questions

It's so convenient to argue against yourself isn't it? No need to ask him what he actually thinks (his email address is readily available) or read any of his many essays. You might be particularly interested in a list of surveillance examples found in proprietary software including one pertinant description for a program you just mentioned—"Angry Birds spies for companies, and the NSA takes advantage to spy through it too.".

Comment: No, insightful and relevant. (Score 2) 394

by jbn-o (#46934941) Attached to: Richard Stallman Answers Your Questions

how absolutely boring it is to read essentially the same message ("all software should be free and you should refuse to use any software that isn't free") repeated about 15 times with 15 minor variations. Surely RMS isn't this one-dimensional. I wish there had been some more interesting questions that weren't just prompts to repeat the free software mantra over and over again.

It's not RMS's fault that he was asked similarly un"interesting" questions that each came with the repetitive prejudices (asking about the younger movement he didn't start instead of the older movement he did start, framing issues in terms of amorality and not questioning what non-free software entails). Looking at the questions, it's clear that they were asked by people who didn't bother to read the essays linked to in the original /. story soliciting questions for him. I remember when /. used to criticize behavior like that. A lot of what people bump into are issues where software freedom has a practical response that can liberate users from dependency on untrustworthy programmers, but thanks to an amoral stance on these issues the public is never taught to see how a technocratic/developmental stance (open source, focus on features and price, focus on slick interfaces) can run contrary to their interests (preserving their privacy, retaining and exercising their civil liberties, not being beaten or killed). It's convenient to see a movie when you wish, but certainly not as important as avoiding being spied upon everywhere you go.

Now 15 years later I read his responses to these questions and it all feels very much the same. He's apparently super paranoid (worried about the government eavesdropping on your cell phone calls and tracking you? Wishing for a pager so that you could perfectly control how much tracking information you give when you answer your phone? Jesus christ, get over yourself!) and thinks everyone else should be too.

That's probably because you haven't been paying much attention to what Edward Snowden has been telling us, nor have you been thinking deeply about the consequences of those revelations. I suggest watching Eben Moglen's insightful talks on this topic for some historical perspective on how "one-dimensional" your take is and how much under threat the entire world is these days. That is, if you're not too busy dismissing Moglen for being an FSF lawyer and former FSF board member who deeply appreciates software freedom for its own sake.

I never learned exactly his feelings on the matter because when I tried to ask for some clarification I was immediately shouted down by his cronies who thought I was trying to hassle him or something (I assure you, I wasn't; I just wanted to understand his position better since I had never heard of someone refusing to use passwords and didn't understand why).

I'd be more likely to believe you on this claim if the rest of your opinions were better defended. But it's awfully hard to take someone too seriously when they're so easily dissuaded by stylistic matters over substantive examination of pertinant issues.

Comment: Software freedom > "fast" and "not bloated" (Score 3, Interesting) 207

by jbn-o (#46499547) Attached to: Firefox Was the Most Attacked & Exploited Browser At Pwn2own 2014

At least Firefox can be altered to become what you want it to be because Firefox respect's a users software freedom. Far more important than vagaries like "fast" and "not bloated" is how a program treats its users. Proprietary browsers leave users no opportunity for improving the program. Thus security issues in proprietary programs go unfixed and are exploited for years. This, in turn, allows others to invade people's computers and leaves users helpless. This is exactly what happened with Apple's iTunes for over 3 years. I would not be surprised to learn that software proprietors including Microsoft, Google, and Apple are doing similar things with proprietary web browser programs as well.

So while I like trustworthy programs like other computer users, I know that I can't ascertain the trustworthiness of proprietary programs like Microsoft's Internet Explorer, Apple's Safari, and Google's Chrome. The extent to which any of them are built from software that respects my software freedom is irrelevant because proprietary programs and their updates are essentially black boxes. I can't possibly inspect or fix all of the software I use, but I can put myself in a position where I stand to benefit from the improvements a lot of programmers make by exclusively running software that respects my freedom to run, inspect, share, and modify—free software—freedoms I value in their own right.

+ - Replicant developers find and close Samsung Galaxy backdoor->

Submitted by jbn-o
jbn-o (555068) writes "The Free Software Foundation reports that developers of Replicant, a fully free/libre version of Android, "discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system".

Replicant developer Paul Kocialkowski explains further in the blog post: (emphasis mine)

Today's phones come with two separate processors: one is a general-purpose applications processor that runs the main operating system, e.g. Android; the other, known as the modem, baseband, or radio, is in charge of communications with the mobile telephony network. This processor always runs a proprietary operating system, and these systems are known to have backdoors that make it possible to remotely convert the modem into a remote spying device. The spying can involve activating the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone. Moreover, modems are connected most of the time to the operator's network, making the backdoors nearly always accessible.


Provided that the modem runs proprietary software and can be remotely controlled, that backdoor provides remote access to the phone's data, even in the case where the modem is isolated and cannot access the storage directly. This is yet another example of what unacceptable behavior proprietary software permits! Our free replacement for that non-free program does not implement this backdoor. If the modem asks to read or write files, Replicant does not cooperate with it.

The blog post contains pointers to more information including a technical description of the back-door found in Samsung Galaxy devices and a list of known affected Samsung Galaxy devices. The FSF lists more ways proprietary software is often malware."
Link to Original Source

Comment: Re:Freedom is better than dependency. (Score 1) 231

by jbn-o (#46414689) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

I'm sure many serious flaws in many free programs have been around for a long time, some flaws longer than this flaw. But free software advocates make no guarantees you'll get secure code. If you'd like that guarantee perhaps you can purchase a programmer's time to get that; perhaps you should have hired a programmer to inspect this code on your behalf, looking for security issues, raising them upstream, and fixing them for you (software freedom gives you these options as I mentioned before). Your objection really stems from your belief that open source and free software are discussing the issue starting from the same underlying philosophy.

The philosophies are not the same therefore the two movements arrive at different conclusions: Structurally speaking, programmers know that malware can be easily hidden in proprietary programs yet it's rare to find malware in free software for the same reason—those who forbid users from inspecting, sharing, and modifying source code can more easily sneak malware into the code. Focusing on price and technical issues (such as features, speed, and reliability) isn't bad but doesn't go nearly far enough. More and more users understand that society needs more than framing the debate around a developmental methodology as the open source movement does. So, the more one values catching bad code early (as we all, rightly, do) the more everyone should value software freedom for its own sake. Software freedom lets us increase the odds for using better code by treating computer users respectfully through granting and securing our permission to inspect, share, and modify that free code. All computer users deserve software freedom.

Comment: Re:Freedom is better than dependency. (Score 1) 231

by jbn-o (#46404671) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

Apple's code was based on something "open source" but that does Apple's users no good because of what I already said: Apple's distributed code to its users are proprietary. Better to have the alleged "mess" to track down than to know there's no point in tracking down anything because what you'll find is something you're not allowed to inspect, modify, or share. Here you're really highlighting the difference between free software and open source: open source advocates don't want to talk about how people ought to treat one another and are eager to distract discussion away from ethics by conflating freedom with hassle. Free software activists endorse freedom as a good unto itself because it lets us treat one another with decency and respect.

Comment: Re:Freedom is better than dependency. (Score 2) 231

by jbn-o (#46404665) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

Apple may have known about the issue for a while and not talked about it until it could release whatever proprietary blob alleges to be a fix. Apple's users might have known Apple's software was buggy too, but not been able to do anything about fixing Apple's code, since that's the nature of proprietary software. Apple has sat on exploitable security issues before; in that case, governments used that iTunes security hole to invade people's computers (as RMS points out). So in that case, apparently multiple people knew iTunes was a security problem.

Just because your six year old hasn't been taught the value of software freedom doesn't make software freedom worthless. I'm guessing there are a lot of things a six year old has not yet come to value which they will later learn they should have valued all along. Perhaps teaching your six year old to value substantive issues like ethical understanding of how people treat one another would be a good start. And while I certainly wish anyone with a fix would have shared that fix, they're under no obligation to share in the free software world and I doubt they'll be convinced to by your namecalling. But the situation is still better that anyone could have fixed this (and possibly some did) rather than having no option but hoping the proprietor takes an interest.

"More software projects have gone awry for lack of calendar time than for all other causes combined." -- Fred Brooks, Jr., _The Mythical Man Month_