Support the Software Freedom Conservancy

The Software Freedom Conservancy is the premier organization working for the public’s interest in defending against copyright infringement of free and open source software licenses. These licenses grant us the freedom to run, share, and modify the software they cover and that’s worth protecting.

Please become a Software Freedom Conservancy Supporter by committing to regular monthly payments. You can become a supporter for as little as $10/month, or pay annually instead (monthly support automatically renews, so I imagine it’s more helpful to the SFLC). You can donate in a number of ways including wire transfer, credit card, or paper check.

The SFLC’s work is critical to let everyone know that free and open source licenses need to be taken seriously so they can be viewed with respect.

Apple/FBI debate is false dichotomy

Here’s a comment I tried to add to The Intercept’s article on John Oliver’s Apple ad about protecting data:

The worst part of the debate is the unchallenged and not-widely-examined false dichotomy here: Apple (who is said to care greatly about security yet sells proprietary software users aren’t allowed to inspect, share, or modify; who once let an iTunes bug with security ramifications go unfixed for over 3 years; who hands over data stored on its server to the government (per the piece) versus the US Government (who wants easier access than tapping chokepoints on the Internet).

Neither side is interested in what’s in the user’s best interests: software freedom (meaning users are free to run, inspect, share, and modify the software at any time for any reason), paying for ongoing service such as post-sale service for hardware and help, and buying hardware the users can fully and completely own.

Apple, like all other proprietors, loves monopoly. Proprietary security software (regardless of proprietor or purpose) is untrustworthy by default. Apple iThing users have no friends in this debate.

Vulgarities are no match for state-sponsored ruining aquifers, delaying universal single-payer healthcare, supporting dictators, and murder

In what has become an ugly pattern (1, 2) John Oliver’s show frets over vulgar language and remains silent about others who commit substantive crimes.

As recently as last week, Oliver decried Donald Trump endorsing war crimes—”When you get these terrorists, you have to take out their families.”. Two Republicans (one elected, one running for office) recently said vulgar and ignorant things:

I am the face of the Re-Pube-Licking Party.

I like boobies.
—two posts from Robert Morrow, Chairman-elect, Travis County, on his Twitter feed posted 48 hours after being elected.

The dinosaurs on [Noah’s] ark may have been babies and not able to reproduce. It might make sense to take the small dinosaurs onto the ark instead of the ones bigger than a bus.
—Mary Lou Bruner, Texas State Board of Education candidate speaking for herself on her Facebook page.

This week Oliver credited the national Republican party which distanced themselves from these two Republicans saying they would be insignificant (“[Bruner would be] a human rain delay”) and “Robert Morrow in no way speaks for the Republican Party of its values.” and then Oliver asked:

But doesn’t he though? Because in this election cycle it would be a lot easier to argue that your party shouldn’t be judged by people who spread weird Obama conspiracy theories and brag about their dicks if that didn’t also describe your presumptive nominee for the Presidency.

Which means we should feel free to evaluate the Democratic Party and its presumptive nominees for the Presidency (whose actions are rarely scrutinized on the show) by their choices. It’s not hard to do so as there isn’t that much to choose from.

The Democratic party isn’t opposed to tactless quips: Clinton’s response (a response CODEPINK describes as “sociopathic“) to the extrajudicial murder of Muammar Gaddafi, “We came, we saw, he died.” draws little examination then or now even though she was in power and on-duty when she said it in a televised interview. The Democratic Party apparently likes war (Sen. Clinton voted for the 2003 Iraq war), trashing water supplies in the name of big business commerce (Clinton doesn’t mind fracking), doing whatever they can to appease the HMOs and prevent universalizing the US’ extant single-payer healthcare delivery system (Clinton is a long-time backer of this in various guises dating back to her days as First Lady through her interviews where she insists universalizing Medicare is not possible), propping up dictators (Democrats and Republicans have done this for decades), and killing people (including Americans) in drone attacks justified with mere suspicion of wrongdoing (no published evidence, no public trial) as well as members of their families who are suspected of doing nothing wrong (Secretary of State Clinton participated in this).

The US government (led by the Democratic Party nominee) only now might release data on the death toll and this won’t include details on innocents killed:

“The Administration plans not to say how many innocents it thinks it killed in any strike—it will only offer a bland ‘aggregate assessment’ of innocent dead,” said Cori Crider, Reprieve attorney for drone strike victims. “Contrast this to last April, when the President named—and apologized—for the deaths of two innocent Westerners, Warren Weinstein and Giovanni Lo Porto. To Yemenis and Pakistanis who live under US drones every day, the contrast could not be clearer.”

When matters are put this way these two parties look similarly horrific, neither uniquely worthy of scorn more than the other, neither deserving a lack of criticism.

FSF: EPA opposed DMCA exemptions that could have revealed Volkswagen Fraud

The Free Software Foundation tells us the scoop on this broadening scandal (emphasis mine):

Of course, just a few months after telling the Copyright Office that users couldn’t be trusted with access to their devices, the EPA revealed a major scandal involving Volkswagen. It turns out that Volkswagen had for many years cheated the emissions test performed by the EPA. Volkswagen had surreptitiously included some code in their diesel vehicles that would detect the EPA’s tests and have the car change its performance in order to meet EPA mandates. Once the test was over, the code would revert the vehicle to its normal, high-polluting functioning. This scam apparently went on for years before it was detected by researchers.

Of course the irony is that if users and researchers had the right to access the software on their cars, they might have discovered this fraud years ago. As Eben Moglen, founder of the Software Freedom Law Center noted “If Volkswagen knew that every customer who buys a vehicle would have a right to read the source code of all the software in the vehicle, they would never even consider the cheat, because the certainty of getting caught would terrify them.” Volkswagen is already a contributor on the kernel Linux, and as Bradley M. Kuhn, President and Distinguished Technologist of the Software Freedom Conservancy pointed out it is likely that Volkswagen vehicles already contain some free software. But some is not all, and clearly they kept much of their software secret in order to hide their scam. If all the software on the vehicles was free software they never could have perpetrated this scheme.

Related links

VW’s fraudulent software points to need for copylefted free software

Recently it was announced that Volkswagen had since at least 2009 “cheated to make nearly half a million diesel cars appear cleaner-burning than they are” (source, local copy of original article text, article as originally seen).

The US government has it in their power to negotiate terms here. They could choose to negotiate that VW release its car software under the GNU GPL version 3 or later and give VW owners a chance to inspect and improve the software themselves, rather than leave the tools for more fraud in the hands of known fraudsters. VW could also choose to release the software under the same terms without being pressured into doing this; this will help them rehabilitate the “broken trust of [their] customers and the public” VW CEO Martin Winterkorn referred to. In fact this will help give them a leg up above their competition in the short and long-term.

In normal use, the VW diesel cars burned fuel in a way that allowed far more pollutants to enter the air. When tested, the same car would burn fuel far more cleanly in order to pass environmental tests:

During normal driving situations, the controls are turned off, allowing the cars to spew as much as 40 times as much pollution as allowed under the Clean Air Act, the EPA said. Such pollutants are linked to a range of health problems, including asthma attacks, other respiratory diseases, and premature death.

This is obviously fraudulent but how many people were adversely affected or killed by VW’s choice?

“I don’t suppose we’ll never know how many people died—asthmatics, for example—because Volkswagen designed its ‘clean diesel’ vehicles—all 482,000 of them sold in the U.S. since 2009—to burn dirty except when they were being tested,” wrote UCLA public policy professor Mark Kleiman at The Reality-Based Community blog on Friday.

Situations like these point to the need for strongly copylefted free software—software users have permission to run, inspect, share, and modify—in all the computers they own, such as software licensed under the GNU General Public License. VW being caught is the exception and this is hardly surprising; proprietary software is often malware. This would naturally include software in their vehicles. It’s critical that derivative programs must convey the same freedoms to its users so the consumer protection of software freedom is carried on.

Copyleft—a means of protecting the freedoms of free software for derivative works—is why mere “open source” is inadequate to the task. Any call for “open source” would purposefully fail to distinguish between copyleft and non-copyleft licenses. The open source movement was built to be silent on software freedom. A non-copyleft license would allow proprietary derivatives. If VW owners get more proprietary software as a result of this, they might get more fraudulence when they’re in a bargaining position to demand and expect justice and fairness. All computer owners deserve software freedom to help them avoid fraud and make their software run safely all the time, not just when being inspected. And don’t buy into any proprietor-friendly excuses of VW’s hands being tied by upstream program providers or regulatory restrictions—people’s lives are at stake and it’s important to prioritize what people need to live safely, ethically, and not pollute their environment unnecessarily.

Update (2015-09-25): reports that more information is coming to light which brings suspicion on more automakers—Audi, Porsche, BMW. It seems that comparable fraud and environmental damage are coming from BMW vehicles (“the BMW X3 2.0-liter diesel model spitting out 11 times more nitrogen oxide than the current level set by the European Union”). Basically, if your car has a computer in it, that computer probably runs on nonfree software. You, the car’s owner, deserve the right to run, inspect, share, and modify the software at any time for any reason. But only the proprietor does, hence the name “proprietary software”.

Related articles:

  • Wired magazine on a remotely-exploitable Jeep Cherokee as well as mention of exploits for Ford Escape and a Toyota Prius dating back to 2013, and word of a recall for the same Chrysler exploit and a lengthy list of vehicles with vulnerable software.
  • Tesla’s Model S software apparently allowed “shut[ting] the car down when it was driving“. Tesla claims to have fixed this in an “over-the-air update to Model S owners”, but without the ability to inspect the software only the untrustworthy proprietor can say what else the software allows (either pre- or post-“update”).
  • Electronic Frontier Foundation (EFF): Researchers Could Have Uncovered Volkswagen’s Emissions Cheat If Not Hindered by the DMCA. Fleeting exemptions to the DMCA are mostly a waste of time[1, 2] since they quickly render whatever is done under them unreproducible using the same methods the original researchers used under the exemption. One could even convincingly argue such exemptions were designed to discourage filing for exemptions, possibly with a long-term goal of changing the DMCA to remove exemptions if exemption applications prove sufficiently unpopular. But one exemption the EFF filed for was recently objected to by the EPA—an exemption that would let people tinker with their car’s software. It’s worth noting that “the EPA is asking the Copyright Office to leave copyright law in place as a barrier to a wide range of activities that are perfectly legal under environmental regulations: ecomodding that actually improves emissions and fuel economy, modification of vehicles for off-road racing, or activities that have nothing to do with pollution” and cars that predate computerization could be modded to not obey ecological regulation, but the US has a long history of being reacting to this by inspections and fines. So there’s no reason to stop computerized car owners from fully modifying the cars they own. And the EFF is right when it concludes, “When you entrust your health, safety, or privacy to a device, the law shouldn’t punish you for trying to understand how that device works and whether it is trustworthy.”.

Happy Software Freedom Day!

I support free softwareSoftware freedom—the freedom to run, share, and modify the software on computers you own—is critical for an ethical way to operate a computer and retain control over that computer. Today is Software Freedom Day, a day for celebrating software freedom and spreading the message that software freedom is a value for its own sake. We should value these freedoms and insist that all of our computers run exclusively free software. Most computers come preloaded with nonfree software, software that lets someone else control our computing. This directly enables spying and remote control over our computer. Three cheers for Edward Snowden, and all of the government and business leakers who bravely gave us the evidence that non-freedom is used against us all in mass surveillance!

Here’s Richard Stallman, founder of the free software movement, with a clear definition of free software and why it matters:

So run free software on a fully-free operating system (such as any of these GNU/Linux systems) and have a happy Software Freedom Day!

More about Software Freedom Day

Don’t let the US Congress “fast-track” the Trans-Pacific Partnership

As the EFF writes: (link added)

Leaked texts of the Trans-Pacific Partnership agreement’s “Intellectual Property” chapter confirm our worst fears: Big Content companies are pushing extreme copyright provisions in a secret trade deal that would put restrictive controls on the Internet.

If you’re in the US, contact your legislators and let them know you oppose the TPP!

LibrePlanet 2015 speaker on “Document Freedom Day” equivocates on software freedom?

LibrePlanet is an annual free software conference held in Boston, Massachusetts near the home of the Free Software Foundation. I watched a recording of the LibrePlanet 2015 talk on Document Freedom Day by Robinson Tryon and heard him present a false dichotomy about software freedom as well as non-critically endorsing the use of proprietary software during his response to someone asking about music score software (such as GNU LilyPond):

I think it would be great for students to be exposed to all kinds of software that are out there on the market today. Whether that’s going to be some proprietary alternatives or some free software. I think that if you give people a solid education, if you give them a solid grounding in a lot of different tools, I think predominately they’re gonna make decisions that we are happy with, that we’re excited about because they’re gonna express the same views we do. That, you know, why would we choose this thing that has reduced functionality, I can’t use it after I graduate, and they’ll say ‘This is ridiculous!’ and we wouldn’t have to make that point for them. But I think that at this time, we aren’t coupling our education, and our use of free or proprietary software, with that lesson.

Some of the teachers that I liked the most, that I enjoyed the most when I was in high school and college were the ones that taught life lessons about their time in the military or in political situations where their higher-up told them to do something that was totally ridiculous, or told them to do something that they couldn’t possibly accomplish. But the sort of lesson was: well, if you can get it done, you know, however you can get it done. Then everything will be okay; we don’t need to know how the sausage is made.

So I think it’s really important for us to actually be honest with students, to give them a full picture. I think it’s just as irresponsible for us to tell students ‘You should only use free software’ and that’s the whole message we give, as to say ‘You should just use Microsoft products’. If we want someone to use free software we need to talk to them about everything that’s out there and why we think free software is a good choice. And then let them make their own decision. Because that’s the whole point; it’s about freedom. And so I really hope that with music and with other tools, that if we provide an ecosystem, and if we get enough people interested, that yeah, we’re gonna see some adoption of notation software.

That’s not what the free software movement, Richard Stallman, or any Free Software Foundation article argues. Stallman is on record explaining at length exactly why non-free software is unethical. And when describing how education should be set up, he says (as recently as his 2015-03-21 keynote at the LibrePlanet 2015 conference) that students should only be allowed to bring free software to class because he doesn’t want children to learn not to share. “Moral education, education in citizenship” is critical, Stallman writes, “It’s not enough for a school to teach facts and skills, it has to teach the spirit of goodwill, the habit of helping others. Therefore, every class should have this rule: “Students, if you bring software to class, you may not keep it for yourself, you must share copies with the rest of the class, including the source code in case anyone here wants to learn. Because this class is a place where we share our knowledge. Therefore, bringing a proprietary program to class is not permitted.” The school must follow its own rule to set a good example. Therefore, the school must bring only free software to class, and share copies, including the source code, with anyone in the class that wants copies.”.

What we see in American schools is the opposite—proprietary software is unquestioningly installed and used without anyone teaching about software freedom, using free software (except maybe for a cost savings), or valuing software freedom for its own sake. Using free software to save on software licensing cost seems like a good goal if you measure success in terms of popularity. But popularity fades and is easily reversed by wealthy proprietors eager to use schools to introduce their proprietary software to students. This is what should get LibrePlanet speakers riled.

So where would anyone get the idea that the difficult choice we face is whether to teach exclusively free software without informing students of the unethical nature of non-free software, versus using only non-free software? I suspect this false dichotomy is the result of the philosophy of the open source movement. That movement doesn’t say non-free software is wrong. The open source movement was developed to placate businesses by pitching a developmental methodology which stresses convenience. Sometimes this means endorsing proprietary software. The FSF has written about the beginnings of the open source movement in a couple of essays (an older essay, a newer essay).

Software freedom is not about maximizing the number of software choices. Proponents of non-free software conflate choice with freedom because it gives them another opportunity to promote their non-free software even if they have to do that right along side free software, talking about the two together as if the two are ethically equivalent. This helps take ethics off the table for discussion and grants proprietors a chance to reframe any debate around technical convenience. The problem for users remains: One cannot gain or keep software freedom by using non-free software.

We shouldn’t look for ways out of teaching students what ills proprietary software brings society. We should not present all options as if they’re equally ethical and hope that people figure this out on their own (“let [students] make their own decision”, as Tryon put it). Moral education is critical and schools must do this. If we don’t teach people to value their freedom and fight for it we will lose our freedom. We know this is true from history with proprietary derivatives of non-copylefted free software, and we heard from Karen Sandler’s LibrePlanet 2015 conference closing speech that she was unsuccessful in trying to get VMWare to comply with the GNU General Public License (a license that grants software freedom to all users so long as they pass on that same freedom if they distribute the software further). As she said in her talk, one way you can help is by endorsing free software licenses that defend software freedom for derivative works (known as “copylefted” free software licenses like the GNU GPL):

We not only need financial help, we need your help as advocates. We need you to be going out and supporting enforcement. We need you to explain why copyleft is important, and why it matters. And we won’t be able to do it alone.

And most importantly, I think, seeing a public swell of support for the GPL and for copyleft, could even influence the lawsuit itself. You don’t know; by showing that the public cares about it, it escalates this issue to one of public importance.

Helping people understand the value of keeping their software freedom via copyleft requires teaching people to value software freedom for its own sake.

But just as free software lawyer Eben Moglen often points out in his talks, “Stallman was right”, Stallman had already written about so much of what came up:

FSF to Lenovo: Users need laptops certified to respect user freedom

In February 2015 the public discovered that Lenovo released new Lenovo laptops with Microsoft Windows came preinstalled with “Superfish” which allowed, among other things, spying on user’s web connections even if those connections were encrypted. The software responsible for this is “Superfish”. You can read more about Lenovo/Superfish on Ars Technica and Wikipedia. Lenovo claims laptops shipped between October and December 2014 have Superfish preinstalled and Lenovo claims they won’t resume shipping Superfish. But why trust them?

The Free Software Foundation (FSF) calls on Lenovo “to create and sell laptops that are certified to respect user freedom and come with a preinstalled free operating system“. The FSF also points out the difference between proprietary security exploitation (such as what was done with Superfish) and free software privacy mistakes (such as what happened with Heartbleed and POODLE):

Recent high-profile security vulnerabilities in free software, like Heartbleed and POODLE, were created when well-intentioned developers made mistakes that were difficult to detect. But this is different — Lenovo and Superfish caused a massive security breach for the sake of expedience in generating ad revenue.

Digital Citizen agrees with this call. Lenovo can set a trend for respecting user freedom by working with the FSF and the FSF’s Respects Your Freedom campaign to produce laptops that users can buy which respect the user’s freedom right out of the box.

Update (2015-02-22): Ars Technica publishes an article saying that there are now 14 known programs using the same code that renders users helpless against secure website spying. And the article also reminds us that “Superfish CEO Adi Pinhas issued a statement on Friday saying Superfish software posed no security risk“. It’s worth keeping this in mind the next time you hear any proprietor tell you their software is secure. Free software offers no guarantee of security but software freedom lets you inspect the program to make sure it does only what you want it to do, alter the program until it meets your needs, and distribute the program to help others. Proprietary programs are an unknown quantity—you can’t tell all of what they do because you have no complete corresponding source code, you have no distribution rights so you can’t help others or get much help from them, and some proprietary programs even restrict when they may be run.