Convert posts to markdown files
This was considerable effort, and took a bit more time than I had hoped. While newer posts were written with Markdown, previous ones were writen with my own Markdown-like formatting, but they had enough differences that it was quite an effort to get things updated. I also checked the HTML output of each, though I didn't read every article in detail. Some of these were more substantial than others; National Uproar, for example. These conversions were markup translations: the actual text remains unchanged, except in one minor instance to add text for the sake of providing some text to hold a link to a quote. Any changes to post text will happen in future commits so that the diffs are clearly visible.master
parent
2a674052b0
commit
64e1341075
|
@ -0,0 +1,29 @@
|
|||
# Who needs "microblogging"?
|
||||
|
||||
I don't. This is just some place safe to store random thoughts that people
|
||||
probably don't care about (like most comments on most social networking
|
||||
services), with the added benefit of distributed backup, a simple system and no
|
||||
character limit.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
All the thoughts are commit messages; in particular, this means no versioning.
|
||||
That's okay, because I'm not going to go back and modify them, but I do want
|
||||
dates and I do want GPG signatures (to show that it's actually me thinking this
|
||||
crap).
|
||||
|
||||
This isn't a journal.
|
||||
|
||||
This will mostly be a hacker's thought cesspool.
|
||||
|
||||
This isn't a blog.
|
||||
|
||||
Though, considering how much I ramble (look at this message), certain thoughts
|
||||
could certainly seem like blog entries. Don't get the two confused---one
|
||||
requires only thought defecation and the other endures the disturbing task of
|
||||
arranging the thought matter into something coherent and useful to present to
|
||||
others.
|
||||
|
||||
Yeah. Enjoy. Or don't. You probably shouldn't, even if you do. If you don't,
|
||||
you probably should just to see that you shouldn't.
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
# Getting too tired to hack? At 23:00?
|
||||
|
||||
This has been normal since becoming a father. I can't complain---I love being a
|
||||
father. Of course, I also love hacking. I also love sleep. Knowing that my son
|
||||
is going to wake me up a 6:00 in the morning has a slight influence in a
|
||||
situation like this.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
I'd like to just suffer through it, but being a fiancé also has another
|
||||
obligation: going to bed when your significant other decides that it's bed time
|
||||
(and by "bed time" I mean sleep). I still manage to fit it in somehow.
|
|
@ -0,0 +1,32 @@
|
|||
# The use of trademarks in free software has always been a curious and unclear concept to me, primarily due to my ignorance on the topic
|
||||
|
||||
Trademarks, unless abused, are intended to protect consumers' interests---are
|
||||
they getting the brand that they think they're getting? If you download Firefox,
|
||||
are you getting Firefox, or a derivative?
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Firefox is precicely one of those things that has brought this issue to light
|
||||
for me personally: the name is trademarked and derivatives must use their own
|
||||
names, leading to IceCat, IceWeasel, Abrowser, etc. Even though FF is free
|
||||
software, the trademark imposes additional restrictions that seem contrary to
|
||||
the free software philosophy. As such, it was my opinion that trademarks should
|
||||
be avoided or, if they exist, should not be exercised. (GNU, for example, is
|
||||
trademarked[^0], but the FSF certainly [does not exercise it][1]; consider GNUplot,
|
||||
a highly popular graphing program, which is not even part of the GNU project.)
|
||||
|
||||
[This article][2] provides some perspective on the topic and arrives at much the
|
||||
same conclusions: trademark enforcement stifles adoption and hurts the project
|
||||
overall.
|
||||
|
||||
I recommend that trademarks not be used for free software projects, though I am
|
||||
not necessarily opposed to registering a trademark "just in case" (for example,
|
||||
to prevent others from maliciously attempting to register a trademark for your
|
||||
project).
|
||||
|
||||
[1]: http://www.gnu.org/prep/standards/html_node/Trademarks.html
|
||||
[2]: http://mako.cc/copyrighteous/20120902-00
|
||||
|
||||
[^0]: uspto.gov; serial number 85380218; reg. number 4125065.
|
||||
From what I could find from the USPTO website, it was submitted by
|
||||
Aaron Williamson of the SFLC (http://www.softwarefreedom.org/about/team/)
|
|
@ -0,0 +1,17 @@
|
|||
# All these election attack ads are utterly useless
|
||||
|
||||
There have been a lot of elections going on lately---local, state and national.
|
||||
The majority of those ads are attack ads: immature and disrespectful; if you
|
||||
want my vote, give me something positive to vote for instead of spending all of
|
||||
your time and money attacking your candidate. If my vote is to go to the "least
|
||||
horrible" candidate, then there is no point in voting at all.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Even more frustrating is the deceptiveness of the ads---intentional
|
||||
deceptiveness, nonetheless. And these are the ads that many in the United States
|
||||
will be basing the majority of, if not all, of their vote on come election time
|
||||
(how many will realistically research instead of sitting in front of the TV
|
||||
absorbing all of the useless bullshit that they are spoonfed?).
|
||||
|
||||
Frightening.
|
|
@ -0,0 +1,42 @@
|
|||
# Why no kid (or kid at heart) should write an iPhone game
|
||||
|
||||
I saw [this post][0] appear on HackerNews, talking about how building a game for
|
||||
iOS is "fun" and "cool". The poster lures the reader in with talk of making
|
||||
money and talks of a "unique sense of fulfillment" that comes with development
|
||||
of these games, and then goes on to invite kids to learn how to develop games
|
||||
for the iPhone (and presumably other iOS devices).
|
||||
|
||||
[0]: http://blog.makegameswith.us/post/33263097029/call-to-arms
|
||||
|
||||
This is a terrible idea.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Getting children involved with hacking is an excellent idea, but introducing
|
||||
them to the evils of Apple and associating that with a feeling of pleasure does
|
||||
a great disservice; all software developed for iOS must be "purchased" (even
|
||||
if it's of zero cost) through a walled garden called the "App Store". The
|
||||
problem with this is that [the App Store is hostile toward free
|
||||
software][1]---its overly restrictive terms are incompatible with free software
|
||||
licenses like the GPL. Teaching children to develop software for this crippled,
|
||||
DRM-laden system is teaching them that it is good to prevent sharing, stifle
|
||||
innovation and deny aid to your neighbor.
|
||||
|
||||
A better solution would be to suggest developing software for a completely free
|
||||
mobile operating system instead of iOS, such as [Replicant][2] (a fully free
|
||||
Android distribution). Even if Replicant itself were not used, Android itself,
|
||||
so long as proprietary implementations and "stores" are avoided[[3]], is much
|
||||
more [compatible with education][4] than iOS, since the children are then able
|
||||
to freely write and distribute the software without being controlled by
|
||||
malicious entities like Apple. Furthermore, they would then be able to use a
|
||||
fully free operating system such as GNU/Linux to *write* the software.
|
||||
|
||||
Do not let fun and wealth disguise this ugly issue. Even more importantly---do
|
||||
not pass this practice and woeful acceptance down to our children. I receive a
|
||||
"unique sense of fulfillment" each and every day hacking free software far
|
||||
away from Apple's grasp.
|
||||
|
||||
[1]: http://www.fsf.org/news/blogs/licensing/more-about-the-app-store-gpl-enforcement
|
||||
[2]: http://replicant.us/
|
||||
[3]: http://www.gnu.org/philosophy/android-and-users-freedom.html
|
||||
[4]: http://www.gnu.org/education/edu-schools.html
|
|
@ -0,0 +1,27 @@
|
|||
# Always use -t with ssh-add (and always set passwords on your ssh keys)
|
||||
|
||||
Many people use SSH keys for the sole purpose of avoiding password entry when
|
||||
logging into remote boxes. That is legtimate, especially if you frequently run
|
||||
remote commands or wish to take advantage of remote tab complation, but creating
|
||||
a key with an empty password is certainly the wrong approach---if an attacker
|
||||
gets a hold of the key, then they have access to all of your boxes before you
|
||||
have the chance to notice and revoke the key.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
ssh-agent exists for this purpose. The problem is---creating an agent only to
|
||||
place the key in memory indefinately is also a terrible idea. If your system
|
||||
does become compromised and the attacker is either root access or access as your
|
||||
user, then they can simply connect to the ssh-agent (unless it's password
|
||||
protected) and start using your key. Also consider that, should you leave your
|
||||
box unattended for even a moment without locking it (for whatever reason---shit
|
||||
happens), an attacker could gain physical access to your PC (and an attacker may
|
||||
just be a coworker looking to play a prank).
|
||||
|
||||
Every morning at work, I begin the day by typing ssh-add followed by an
|
||||
appropriate lifetime (be it the duration of the work day, or the duration that I
|
||||
think I will need the key). This way, your key is in memory when you are likely
|
||||
to be physically present at the box and it is automatically removed from memory
|
||||
after a given lifetime. Additionally, I like to add `ssh-add -D` to the script
|
||||
that locks my PC when I walk away from my desk: that will immediately clear all
|
||||
keys from memory, just in case.
|
|
@ -0,0 +1,21 @@
|
|||
# Texas middle and high schools tracking student locations with RFID tags
|
||||
|
||||
[An article][0] describes how a school district in Texas is attempting to force
|
||||
its students to wear RFID tags at all times in order to track their location to
|
||||
"stem the rampant truancy devastating the school's funding".
|
||||
|
||||
[0]: http://rt.com/usa/news/texas-school-id-hernandez-033/
|
||||
|
||||
What?
|
||||
|
||||
<!-- more -->
|
||||
|
||||
This is deeply concerning. Not only does this raise serious security and privacy
|
||||
concerns (as mentioned near the end of the article), but it also costed the
|
||||
schools over a half a million dollars to implement. In order words: Texas
|
||||
taxpayer money has been wasted in an effort to track our children.
|
||||
|
||||
Good thing they don't have anything [better to spend that money on.][1]
|
||||
|
||||
[1]: http://fedupwithlunch.com/
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# "Day changed to S"
|
||||
|
||||
Whatever "S" may be (in this case, "13 Oct 2012"), there is always a sense
|
||||
of peace and gratification that comes with witnessing that line appear in any
|
||||
type of log; it shows a dedication to an art, should your days contain daylight.
|
||||
|
||||
<!-- more -->
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# Branch Prediction
|
||||
|
||||
An enlightening discussion on branch prediction.[0]
|
||||
|
||||
[0]: http://stackoverflow.com/questions/11227809/why-is-processing-a-sorted-array-faster-than-an-unsorted-array
|
||||
|
||||
<!-- more -->
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
# Free Speech in the Western World
|
||||
|
||||
An interesting opinion piece on [free speech in the western world.][0]
|
||||
|
||||
[0]: http://www.washingtonpost.com/opinions/the-four-arguments-the-western-world-uses-to-limit-free-speech/2012/10/12/e0573bd4-116d-11e2-a16b-2c110031514a_print.html
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,24 @@
|
|||
# NYC Master Keys
|
||||
|
||||
[Bruce Schneier summarizes in a blog post][0] a disturbing topic regarding a New
|
||||
York City locksmith selling "master keys" on eBay, providing access to various
|
||||
services such as elevators and subway entrances.
|
||||
|
||||
[A discussion about this blog post on Hacker News][1] yielded some interesting
|
||||
conversation, including an [even more disturbing article describing how simple
|
||||
it may be to create master keys][2] for a set of locks given only the lock, its
|
||||
key and a number of attempts.
|
||||
|
||||
[0]: http://www.schneier.com/blog/archives/2012/10/master_keys.html
|
||||
[1]: http://news.ycombinator.com/item?id=4654777
|
||||
[2]: http://www.crypto.com/masterkey.html
|
||||
|
||||
<!-- more -->
|
||||
|
||||
I'll let you ponder the implications of both of these topics. Here's something
|
||||
to get you started: organized crime could use these keys to effectively evade
|
||||
law enforcement or break into millions of "locked" homes. Crackers could gain
|
||||
intimate access to various city systems whereby they may be able to further
|
||||
obstruct or infect systems. A security system is only as strong as its weakest
|
||||
link. Keeping citizens in the dark about these issues gives them a dangerous and
|
||||
false sense of security.
|
|
@ -0,0 +1,27 @@
|
|||
# Verizon router backdoors
|
||||
|
||||
A [very disturbing article][0] makes mention of a Verizon TOS update for its
|
||||
Internet service customers:
|
||||
|
||||
[0]: http://www.linuxbsdos.com/2012/10/04/is-that-a-backdoor-or-an-administrative-password-on-your-verizon-internet-router/
|
||||
|
||||
> Section 10.4 was updated to clarify that Verizon may in limited instances
|
||||
> modify administrative passwords for home routers in order to safeguard
|
||||
> Internet security and our network, the security and privacy of subscriber
|
||||
> information, to comply with the law, and/or to provide, upgrade and maintain
|
||||
> service.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
...what? This is deeply disturbing, deeply perverted idea of security. Not only
|
||||
is this a severe privacy concern (all internet traffic passes through your
|
||||
router), but it's a deep *security* concern---what if a cracker is able to
|
||||
figure out Verizon's password scheme, intercept the communication with your
|
||||
router or otherwise?
|
||||
|
||||
I recommend that you (a) use your own router, (b) change its default password if
|
||||
you have not yet done so and (c) disallow remote access. Furthermore, I
|
||||
recommend using a free (as in freedom) firmware such as [DD-WRT][1] if supported
|
||||
by your hardware.
|
||||
|
||||
[1]: http://dd-wrt.com/
|
|
@ -0,0 +1,34 @@
|
|||
# Crackers capable of causing pacemaker deaths
|
||||
|
||||
[This article][0] demonstrates why medical devices must contain free software:
|
||||
crackers are able to, with this particular type of pacemaker, exploit the device
|
||||
to trigger a fatal electric shock to its host from as far as 30 feet away (the
|
||||
article also mentions rewriting the firmware, which could of course be used to
|
||||
schedule a deadly shock at a predetermined time). These issues would not exist
|
||||
with free software, as the user and the community would be able to study the
|
||||
source code and fix any defects (or hire someone who can) before placing it in
|
||||
their bodies.
|
||||
|
||||
[0]: http://www.scmagazine.com.au/News/319508,hacked-terminals-capable-of-causing-pacemaker-mass-murder.aspx
|
||||
|
||||
<!-- more -->
|
||||
|
||||
(Note that this article mistakenly uses the term "hacker" when they really
|
||||
mean "cracker".)
|
||||
|
||||
The aforementioned article is an excellent supplement to [a discussion on free
|
||||
software in pacemakers][1]. In particular, I had pointed out within this
|
||||
discussion [a talk by Karen Sandler of the GNOME Foundation regarding this
|
||||
issue][2] at OSCON 2011, in which she mentions potential issues of proprietary
|
||||
software in pacemakers and the difficulty she faced in attempting to get the
|
||||
source code for one that she was considering for herself.
|
||||
|
||||
The discussion on HackerNews also yielded [an article by the SFLC][3] detailing
|
||||
this issue.
|
||||
|
||||
(Please do not use YouTube's proprietary video player to view the mentioned
|
||||
YouTube video.)
|
||||
|
||||
[1]: http://news.ycombinator.com/item?id=3959547
|
||||
[2]: https://www.youtube.com/watch?v=nFZGpES-St8
|
||||
[3]: https://www.softwarefreedom.org/news/2010/jul/21/software-defects-cardiac-medical-devices-are-life-/
|
|
@ -0,0 +1,12 @@
|
|||
# Federal Appeals Court Declares "Defense of Marriage Act" Unconstitutional
|
||||
|
||||
A step in the [right direction.][0]
|
||||
|
||||
It should also be noted that New York State had also [legalized same sex
|
||||
marriage back in July of 2011][1]---a move I was particularily proud of as a
|
||||
resident of NY state.
|
||||
|
||||
[0]: http://www.aclu.org/lgbt-rights/federal-appeals-court-declares-defense-marriage-act-unconstitutional
|
||||
[1]: http://en.wikipedia.org/wiki/Same-sex_marriage_in_New_York
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,34 @@
|
|||
# Another crack at medical device cracking
|
||||
|
||||
My previous post mentioned the dangers of running non-free software on implanted
|
||||
medical devices. While reading over RMS' policital notes[0], I came across [an
|
||||
article mentioning how viruses are rampant on medical equipment][1].
|
||||
|
||||
> "It's not unusual for those devices, for reasons we don't fully understand, to
|
||||
> become compromised to the point where they can't record and track the data,"
|
||||
> Olson said during the meeting, referring to high-risk pregnancy monitors.
|
||||
|
||||
The devices often run old, unpatches versions of Microsoft's Windoze operating
|
||||
system. The article also mentions how the maleware often attempts to include its
|
||||
host as part of a botnet.
|
||||
|
||||
[0]: http://stallman.org/archives/2012-jul-oct.html#18_October_2012_%28Computerized_medical_devices_vulnerable_to_viruses%29
|
||||
[1]: http://www.technologyreview.com/news/429616/computer-viruses-are-rampant-on-medical-devices/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
This is deeply concerning and incredibly dangerous. As non-free software is used
|
||||
more and more in equipement that is responsible for our health and safety, we
|
||||
are at increased risk for not only obvious software flaws, but also for crackers
|
||||
with malicious intent; harming someone will become as easy as instructing your
|
||||
botnet to locate and assassinate an individual while you go enjoy a warm (or
|
||||
cold) beverage.
|
||||
|
||||
These problems are *less likely* (not impossible) to occur in free software
|
||||
beacuse the users and community are able to inspect the source code and fix
|
||||
problems that arise (or hire someone that can)[2]. In particular, in the case of
|
||||
the hospitals mentioned in [the article][1], they would be free to hire someone
|
||||
to fix the problems themselves rather than falling at the mercy of the
|
||||
corporations who supplied the proprietary software.
|
||||
|
||||
[2]: http://www.gnu.org/philosophy/free-sw.html
|
|
@ -0,0 +1,8 @@
|
|||
# Digitizing Books Is Fair Use: Author's Guild v. HathiTrust
|
||||
|
||||
A New York court ruled that "digitizing" books for researched and disabled
|
||||
individuals is lawful.[[0]]
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/10/authors-guild-vhathitrustdecision
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,28 @@
|
|||
# Obama and Warrantless Wiretapping
|
||||
|
||||
The EFF has released an article with a [plethora of links describing warrantless
|
||||
wiretapping under the Obama administration][0], spurred by Obama's response to
|
||||
Jon Stewart's questioning on The Daily Show last Thursday. (Readers should also
|
||||
be aware of the [NSA spy center][1] discussed earlier in the year, as is
|
||||
mentioned in the EFF article.)
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/10/fact-check-obamas-misleading-answer-about-warrantless-wiretapping-daily-show
|
||||
[1]: http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
It is clear that the United States government has no intent on protecting the
|
||||
freedoms of individuals and instead is actively resisting attempts to correct
|
||||
the problems. While we can hope that this will change, and we can be confident
|
||||
that organizations like the EFF will continue to fight for our liberties, one
|
||||
immediate option is to limit as much as possible what the NSA and other agencies
|
||||
can discover about you. Consider using [Tor][2] for all of your network traffic
|
||||
(at the very least, use HTTPS connections to prevent agencies and ISPs from viewing
|
||||
specific web pages on a particular domain; HTTPS is unnecessary if using Tor.)
|
||||
PGP/GPG can be used to encrypt e-mail messages to the intended recipients. Etc.
|
||||
|
||||
It's unfortunate that such precautions are necessary. Privacy is important even
|
||||
if you have nothing to hide; any suggestion to the contrary is absolutely
|
||||
absurd.
|
||||
|
||||
[2]: http://torproject.org
|
|
@ -0,0 +1,15 @@
|
|||
# Stingrays: Cell Phone Privacy and Warrantless Surveillance
|
||||
|
||||
How would you feel if law enforcement showed up in your living room, demanded
|
||||
your cell phone, and started writing down your call history and text messages?
|
||||
How would you feel if you didn't even know that they were in your home to begin
|
||||
with, let alone stealing private data? [This is precisely what is happening when
|
||||
law enforcement uses "Stingrays" to locate individuals][0], collecting data of
|
||||
every other individual within range of the device in the process. Even *if* you
|
||||
are the subject of surveillance, this is still an astonishing violation of
|
||||
privacy. (Of course, law enforcement could always demand such records from your
|
||||
service provider, but such an act at the very least has a paper trail.)
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/10/stingrays-biggest-unknown-technological-threat-cell-phone-privacy
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,63 @@
|
|||
# GNU Trick-Or-Treat---FSF Crashes Windows 8 Launch
|
||||
|
||||
The FSF decided to [crash the Windows 8 launch even in New York City][0],
|
||||
complete with [Trisquel][1] DVDs, FSF stickers and information about their
|
||||
[pledge to upgrade to GNU/Linux instead of Windows 8][2].
|
||||
|
||||
I find this to be a fun, excellent alternative to blatant protesting that is
|
||||
likely to be better received by those who would otherwise be turned off to
|
||||
negativity. At the very least, the [walking gnu][3] would surely turn heads and
|
||||
demand curiosity.
|
||||
|
||||
[0]: http://www.fsf.org/news/activists-trick-or-treat-for-free-software-at-windows-8-launch-event-1
|
||||
[1]: http://trisquel.info/
|
||||
[2]: http://www.defectivebydesign.org/windows8
|
||||
[3]: http://www.fsf.org/blogs/community/gnus-trick-or-treat-at-windows-8-launch
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Here is the e-mail that was sent to the info at fsf.org mailing list:
|
||||
|
||||
> Happy (almost) Halloween, everybody,
|
||||
>
|
||||
> You've probably been noticing Microsoft's ads for their new operating
|
||||
> system -- after all, they've spent more money on them than any other
|
||||
> software launch campaign in history. In fact, everything about the
|
||||
> campaign has been meticulously planned and optimized, so you can
|
||||
> imagine journalists' surprise when an unexpected guest showed up at an
|
||||
> invite-only launch event on Thursday.
|
||||
>
|
||||
> Our volunteer, Tristan Chambers, was there and caught the whole thing
|
||||
> on camera! Pictures here:
|
||||
> <http://www.fsf.org/blogs/community/gnus-trick-or-treat-at-windows-8-launch>.
|
||||
>
|
||||
> Reporters and security guards at the event weren't sure how to react
|
||||
> when they were greeted by a real, live gnu. The gnu -- which, on
|
||||
> closer inspection, was an activist in a gnu suit -- had come for some
|
||||
> early trick-or-treating. But instead of candy, she had free software
|
||||
> for the eager journalists. The gnu and the FSF campaigns team handed
|
||||
> out dozens of copies of Trisquel, a fully free GNU/Linux distribution,
|
||||
> along with press releases and stickers. Once they got over their
|
||||
> confusion, the reporters were happy to see us and hear our message --
|
||||
> that Windows 8 is a downgrade, not an upgrade, because it steals
|
||||
> users' freedom, security and privacy.
|
||||
>
|
||||
> Free software operating systems are the real upgrade, and they don't
|
||||
> need a zillion-dollar launch event to prove it. To show Microsoft that
|
||||
> their ads won't change our minds, we're starting an upgrade pledge:
|
||||
> switch to a free OS, or if you're already using one, help a friend
|
||||
> switch. We can pay Microsoft a chunk of change for their new,
|
||||
> proprietary OS, or we can stand up for our freedom. The choice isn't
|
||||
> as hard as Microsoft wants you to think.
|
||||
>
|
||||
> Sign the pledge now! -- <http://www.fsf.org/windows8/pledge>.
|
||||
>
|
||||
> Thanks for making a commitment to free software.
|
||||
>
|
||||
> PS - If you'd like more details about the action, you can check out
|
||||
> our press release here:
|
||||
> <http://www.fsf.org/news/activists-trick-or-treat-for-free-software-at-windows-8-launch-event-1>.
|
||||
>
|
||||
> -Zak Rogoff
|
||||
> Campaigns Manager
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
# Abolishing Patents
|
||||
|
||||
My issue with patents exceeds the [obvious case against software patents][0];
|
||||
indeed, I have long pondered the problems with patents in other fields. When I
|
||||
hear the phrase "patent pending" or "patented technology" touted in ads, I
|
||||
have never thought positive thoughts; instead, I have thought "you are damning
|
||||
this otherwise excellent work to stagnation". What if someone has an excellent
|
||||
idea to improve upon that particular product? Well, they'd better be prepared to
|
||||
jump through some hoops or shell out some hefty licensing fees. Or maybe it's
|
||||
just easier to abandon the idea entirely and forget that it had never happened.
|
||||
|
||||
[0]: http://patentabsurdity.com/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
However, I thought, it's not a simple case of ridding the world of patents.
|
||||
How would that affect the incentive to innovate? How would people recoup
|
||||
expensive R&D costs, especially in industries like pharmacy (both my parents are
|
||||
pharmacists)? What about the incentive to describe your invention to the world?
|
||||
Then again, nobody *has* to get a patent for their invention. It may be worth
|
||||
keeping it secret if nobody can figure it out.
|
||||
|
||||
The answers to all of these questions appeared in one place: [The Case Against
|
||||
Patents][1], which I found referenced in an article regarding the [Swedish Pirate
|
||||
Party's opinions on patents, trademarks and copyright][2]. While it is still a
|
||||
draft at the time of this writing, I encourage you to give it a read, as it is
|
||||
very enlightening.
|
||||
|
||||
[1]: http://research.stlouisfed.org/wp/2012/2012-035.pdf
|
||||
[2]: http://falkvinge.net/2012/10/13/what-the-swedish-pirate-party-wants-with-patents-trademarks-and-copyright/
|
|
@ -0,0 +1,18 @@
|
|||
# Jailbreaking and DCMA---EFF Touts Victory, FSF Warns Of Failure
|
||||
|
||||
While the [EFF is pleased to announce][0] that the Copyright Office has [renewed
|
||||
DMCA exceptions upholding jailbreaking rights for cellphones][1], the FSF
|
||||
cautions that [this right has not been extended to tablets, game consoles or
|
||||
even PCs with restricted boot][2].
|
||||
|
||||
[0]: https://www.eff.org/press/releases/eff-wins-renewal-smartphone-jailbreaking-rights-plus-new-legal-protections-video
|
||||
[1]: http://www.copyright.gov/fedreg/2012/77fr65260.pdf
|
||||
[2]: http://www.fsf.org/blogs/licensing/copyright-office-fails-to-protect-users-from-dmca
|
||||
|
||||
<!-- more -->
|
||||
|
||||
It should be noted that the EFF also successfully gained protection for the use
|
||||
of short copyrighted clips in remixing,[0] and while this is a positive step
|
||||
forward in its own, the implications of the first paragraph should not be
|
||||
ignored.
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
# OpenWireless.org
|
||||
|
||||
The EFF [announces the launch of openwireless.org][0], which encourages users to
|
||||
[share their network connections][1] to create a global network of freely
|
||||
available wireless internet access.
|
||||
|
||||
This is a noble movement. This reminds me of a point in history when MIT began
|
||||
password protecting their accounts, which were previously open to anyone.
|
||||
Stallman, disagreeing with such a practice, [encouraged users to create empty
|
||||
passwords][2]. Stallman would even give out his account information so that
|
||||
remote users may log into MIT's systems, all with good intent.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/10/why-we-have-open-wireless-movement
|
||||
[1]: https://www.openwireless.org/
|
||||
[2]: http://shop.fsf.org/product/free-as-in-freedom-2/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Of course, with malice rampant in today's very different world, Stallman's
|
||||
actions, although noble, would be both naive and a huge security risk.
|
||||
Fortunately, [opening your wireless network isn't necessarily one of these
|
||||
risks][3] and, if done properly, does not equate to opening your private network
|
||||
to attack.
|
||||
|
||||
Consider using [DD-WRT][4] as your router's firmware, if supported by your
|
||||
device, as it is itself [free software][5].
|
||||
|
||||
[3]: https://openwireless.org/myths
|
||||
[4]: http://dd-wrt.com
|
||||
[5]: http://www.gnu.org/philosophy/free-sw.html
|
|
@ -0,0 +1,12 @@
|
|||
# "Trademark" Bullying
|
||||
|
||||
There's two problems with this post from the EFF describing [The Village Voice
|
||||
suing Yelp for "Best of" trademark infringement][0]: firstly, there's the
|
||||
obvious observation that such a trademark should not have been permitted by the
|
||||
USPTO to begin with. Secondly---why do entities insist on gaming the system in
|
||||
such a terribly unethical manner? It takes a special breed of people to do such
|
||||
a thing.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/10/stupid-lawyer-tricks-and-government-officials-who-are-helping-them
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,15 @@
|
|||
# Ubuntu 12.10 Privacy: Amazon Ads and Data Leaks
|
||||
|
||||
The EFF [cautions that Ubuntu 12.10 leaks user information to Amazon by
|
||||
default][0] rather than requiring the user to opt *into* the system.
|
||||
|
||||
Of course, I cannot recommend that you use Ubuntu, as it encourages the
|
||||
installation of non-free device drivers, readily enables non-free software
|
||||
repositories and contains non-free components in its kernel.[1] Instead,
|
||||
consider a [fully free GNU/Linux distribution like Trisquel][2].
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-and-data-leaks
|
||||
[1]: http://www.fsfla.org/svnwiki/selibre/linux-libre/
|
||||
[2]: https://trisquel.info
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,8 @@
|
|||
# Ban On Public Rallying and Demonstrations in Bahrain
|
||||
|
||||
The government of Bahrain found that the best solution to preventing violent
|
||||
protests was to [ban all public rallying and demonstrations][0].
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/11/bahrain-goes-bad-worse
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,8 @@
|
|||
# EFF Elaborates On DCMA Ruling
|
||||
|
||||
In addition to my aforementioned links, the EFF has provided [a more detailed
|
||||
analysis][0] of the decision.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/11/2012-dmca-rulemaking-what-we-got-what-we-didnt-and-how-to-improve
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,22 @@
|
|||
# California Proposition 35 Concerns
|
||||
|
||||
The EFF [points out problems with California's Proposition 35][0], which would,
|
||||
among other things, [require registered sex offenders to "disclose Internet
|
||||
activities and identities"][1]:
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/11/eff-urges-no-vote-california-proposition-35
|
||||
[1]: http://voterguide.sos.ca.gov/propositions/35/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
> [...] Proposition 35 would force individuals to provide law enforcement with
|
||||
> information about online accounts that are wholly unrelated to criminal
|
||||
> activity – such as political discussion groups, book review sites, or blogs.
|
||||
> In today’s online world, users may set up accounts on websites to communicate
|
||||
> with family members, discuss medical conditions, participate in political
|
||||
> advocacy, or even listen to Internet radio. An individual on the registered
|
||||
> sex offender list would be forced to report each of these accounts to law
|
||||
> enforcement within 24 hours of setting it up – or find themselves in jail.
|
||||
> This will have a powerful chilling effect on free speech rights of tens of
|
||||
> thousands of Californians.
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
# MediaGoblin $10k Matching Grant
|
||||
|
||||
Congratulations to MediaGoblin for not only [meeting the $10k matching grant
|
||||
from a generous anonymous donor][0], but also for raising $36k to date.
|
||||
|
||||
[MediaGoblin][1] is a "free software media publishing platform that anyone can
|
||||
run"; it is a distributed, free (as in freedom) alternative to services such as
|
||||
YouTube, Flickr and others, and is part of the [GNU project][2].
|
||||
|
||||
[0]: http://mediagoblin.org/news/we-made-10k-matching.html
|
||||
[1]: http://mediagoblin.org/
|
||||
[2]: http://gnu.org/
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,9 @@
|
|||
# Another Useless, False-Sense-Of-Security NSA Security Tactic
|
||||
|
||||
A police officer [recalls a time he went through airport security][0] and
|
||||
received a patdown from one of the security agents, which he found to be
|
||||
absolutely useless.
|
||||
|
||||
[0]: http://www.gizmodo.co.uk/2012/10/search-me/
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,11 @@
|
|||
# Video of 2012 Voting Machine Altering Votes
|
||||
|
||||
A Reddit user [posted video of a 2012 voting machine preventing him from
|
||||
selecting Barak Obama][0]. Malfunction or not, this is the type of thing that
|
||||
could have possibly been caught if the software were free. Furthermore, from
|
||||
reading the source code, one would be able to clearly tell whether or not it was
|
||||
a bug or an intentional "feature".
|
||||
|
||||
[0]: http://thenextweb.com/shareables/2012/11/06/reddit-user-captures-video-of-2012-voting-machines-altering-votes/
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,19 @@
|
|||
# OLPC Tablet in Ethiopia
|
||||
|
||||
A story mentions how [Ethiopian kids quickly learned to read and use tablet
|
||||
PCs][0] provided by the [One Laptop Per Child][1] project. This is not only a
|
||||
noble feat (as we would expect from OLPC), but also an impressive one,
|
||||
considering that (as the article mentions) the children did not know how to
|
||||
read, even in their own language.
|
||||
|
||||
[0]: http://dvice.com/archives/2012/10/ethiopian-kids.php
|
||||
[1]: http://one.laptop.org/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Now, while the OLPC does have [its own tablet][2], the article mentions that the
|
||||
[children were given Motorola Zoom tablets][0]; I would hope that they run free
|
||||
software to encourage freedom in these developing countries and to encourage the
|
||||
children to hack and explore their devices in even greater detail.
|
||||
|
||||
[2]: http://one.laptop.org/about/xo-3
|
|
@ -0,0 +1,10 @@
|
|||
# U.S. "Copyright Alert System"
|
||||
|
||||
[The EFF warns][0] of [the "Copyright Alert System"][1]---a government
|
||||
endorsed spy system---that will launched shortly to monitor peer-to-peer
|
||||
networks for so-called "infringing" activity.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/11/us-copyright-surveillance-machine-about-be-switched-on
|
||||
[1]: http://www.copyrightinformation.org/alerts
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,160 @@
|
|||
# VLC's Move to LGPL
|
||||
|
||||
Jean-Baptiste Kempf of the VLC project explains that "most of the code of VLC"
|
||||
has been [relicensed under the LGPL][0], moving *away from* the GPL. Some of the
|
||||
reasons for the move include "competition, necessity to have more professional
|
||||
developers around VLC and AppStores".[1] (With the "AppStore" comment,
|
||||
Jean-Baptiste is likely referring to issues regarding free software in Apple's
|
||||
App Store, which [the FSF has discussed on their website][2].)
|
||||
|
||||
This is unfortunate; using the LGPL in place of the GPL is [not encouraged for
|
||||
free software projects][3] because, while it ensures the freedom of the project
|
||||
itself, it does not encourage the development of free software that *uses* the
|
||||
project---the LGPL allows linking with proprietary software. Let's explore the
|
||||
aforementioned reasons in a bit more detail.
|
||||
|
||||
[0]: http://www.jbkempf.com/blog/post/2012/I-did-it
|
||||
[1]: http://www.jbkempf.com/blog/post/2012/How-to-properly-relicense-a-large-open-source-project
|
||||
[2]: http://www.fsf.org/news/blogs/licensing/more-about-the-app-store-gpl-enforcement
|
||||
[3]: http://www.gnu.org/licenses/why-not-lgpl.html
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Firstly, let us consider the issue of competition. In one of the [discussions on
|
||||
Hacker News][4], I pointed out the distinction between "open source" and Free
|
||||
Software:
|
||||
|
||||
[...]
|
||||
It is important to understand the distinction between "open source" and "free
|
||||
software". Open source focuses on the benefits of "open" code and development
|
||||
and how it can create superior software. Free Software focuses on the ethical
|
||||
issues---while free software developers certainly want contributors, the
|
||||
emphasis is on the fact that the software respects your freedom and, for that,
|
||||
it's far superior to any other proprietary alternative; free software users
|
||||
constantly make sacrifices in functionality and usability, and we're okay with
|
||||
that.
|
||||
|
||||
[http://www.gnu.org/philosophy/open-source-misses-the-point.html][5]
|
||||
[...]
|
||||
|
||||
In this sense, why should competition be considered for software freedom, unless
|
||||
it is between two free software projects, encouraging innovation in conjunction
|
||||
*with* freedom? In such a case, one wouldn't change the software license from
|
||||
the GPL to the LGPL, because the LGPL is less pursuant toward those freedoms.
|
||||
Therefore, VLC instead adopts the ["open source"][5] development model, as it
|
||||
cares more for competition.
|
||||
|
||||
The next concern was to "have more professional developers around VLC".[1] Is
|
||||
this to imply that free software hackers cannot be professional developers? I
|
||||
certainly am. Consider projects like the kernel Linux---many companies have
|
||||
contributed back to that project, which is licensed under the GPLv2. If the goal
|
||||
is to have more people contributing to your project, then a license like the GPL
|
||||
is certainly best, as it puts a legal obligation on the distributor to release
|
||||
the source code, which the parent project may then incorporate. Now, the LGPL
|
||||
also forces this (except for linked software); since the only [differences
|
||||
between the GPL and the LGPL][6] deal with the linking exception, this means
|
||||
that the author is either (a) mistaken in the concern or (b) wishes for more
|
||||
*proprietary* development around VLC. Alternatively, the author may be
|
||||
concerned that the GPL introduces compatibility issues between whatever other
|
||||
"open source" license developers wish to use when linking VLC code, but
|
||||
again---that means that VLC is devaluing freedom. Risky business, but this is
|
||||
the model that BSD follows (permitting proprietary derivatives of the entire
|
||||
software---not just linking---and receiving contributions back from proprietary
|
||||
software makers.)
|
||||
|
||||
Finally, let us consider the issue of Apple's App Store. This is issue is
|
||||
certainly of strong concern---Apple's products are very popular and yet they do
|
||||
not even make an attempt to respect the users' freedoms either with their
|
||||
software or with any of the software they allow on their "App Store".[2]
|
||||
However, Jean-Baptiste has made a fatal mistake---we should not be changing our
|
||||
licenses to suit Apple! In effect, that is giving Apple even more power over
|
||||
free software by allowing them to exert control not only over their users, but
|
||||
also over the developers of the users' favorite software! We should instead
|
||||
express our condolences with those users and suggest instead that they adopt a
|
||||
device or operating system that respects their freedom, or that they jailbreak
|
||||
their devices (which is [still legal][7]).
|
||||
|
||||
I'll end this commentary with an additional response of mine from the
|
||||
[aforementioned Hacker News thread][4]:
|
||||
|
||||
> The freedoms represent an ethical issue---that software developers have
|
||||
> unprecedented control over their users. Why should I, as a hacker, be able
|
||||
> to tell you what you can and cannot do with your device? Furthermore, it
|
||||
> raises deep privacy issues---what kind of data am I collecting and why
|
||||
> should I have that data?
|
||||
>
|
||||
> I entered the free software movement slowly (I began software development on
|
||||
> Windows as a young boy and was trained to think that bossing the user around
|
||||
> was a good thing; I thought it was fun to write DRM system and
|
||||
> anti-features). I began using GNU/Linux while still rationalizing my use of
|
||||
> proprietary software through Wine or by dual-booting into Windows. I then
|
||||
> saw the benefits of the "open source" development model. It wasn't until I
|
||||
> spent the time researching the reasons behind the free software movement
|
||||
> that things began to click. I was able to look back on everything I learned
|
||||
> as a developer for Windows and see that I enjoyed the thought of controlling
|
||||
> my users. I enjoyed the power I got from programming---programming was
|
||||
> empowerment, and the only way to squeeze the money out of those unsuspecting
|
||||
> users was to do it forcefully.
|
||||
>
|
||||
> People have fundamentally different philosophies when it comes to
|
||||
> programming. Do all proprietary software developers do so out of greed? On
|
||||
> some level, sure---they're not contributing that code so that others may
|
||||
> benefit from it. But are they doing it for the purpose of controlling their
|
||||
> users? Not necessarily, but they still are, even if they have the best of
|
||||
> intentions. Is someone who creates proprietary educational software for
|
||||
> children in third world companies "evil"? Certainly not. The problem is that
|
||||
> they're denying them an additional right---the right to modify that
|
||||
> software, learn from it and use their devices as they please.
|
||||
>
|
||||
> Of course, we often see proprietary software used unethically, often times
|
||||
> for vendor lock-in or greed; corporations are worried that if they lighten
|
||||
> their grip on their users, that the users may run, or worse, do something
|
||||
> [il]legal. I don't believe that is the place of software developers. I
|
||||
> remember, back when I used Windows, I was obsessed with magic/illusion. I
|
||||
> purchased a ton of videos online teaching me various magic tricks, but the
|
||||
> videos were laced with DRM (which, at the time, as a Windows developer, I
|
||||
> applauded). The problem was, that I then upgraded my hardware. My videos no
|
||||
> longer worked. I contacted them for a new key, and could view them again.
|
||||
> Then I got a new PC. And now I use GNU/Linux. I can no longer watch those
|
||||
> videos that I purchased because of this unnecessary, artificial restriction.
|
||||
> Was I going to distribute those videos? No. Did that prevent others from
|
||||
> stripping the restrictions and distributing it anyway? Certainly not. I was
|
||||
> being punished for others' actions and the others weren't any worse off from
|
||||
> the restrictions, because they understood how to defeat them.
|
||||
>
|
||||
> Of course, DRM's only one of the many issues (and DRM cannot exist in free
|
||||
> software, because the community would simply remove the anti-feature). What
|
||||
> if I were using some software---let's say Photoshop---and it crashed on me
|
||||
> in the middle of my work. Crap. Well, if I were using GIMP, I would run gdb
|
||||
> on the core dump (assuming a segfault) and inspect the problem. I would try
|
||||
> to repeat it. I could, if I wanted to, get my hands on the source code, fix
|
||||
> the problem and distribute that fix to others. If I didn't have the time or
|
||||
> ability, others could fix the problem for me, and we have the right to share
|
||||
> those changes. We have the right to benefit from those changes. With
|
||||
> Photoshop, we'd better start waiting. What if I was able to magically come
|
||||
> up with a fix, perhaps by modifying the machine code? Hold on---I'm not
|
||||
> allowed to do that! And I'm certainly not allowed to distribute that fix to
|
||||
> others. And I'm certainly not allowed to give my son a copy for his PC if he
|
||||
> wanted to do an art project for school.
|
||||
>
|
||||
> The FSF provides a great deal of information on their philosophy:
|
||||
> <http://www.gnu.org/philosophy/>. You could also gain a great deal of
|
||||
> insight by reading up on the history:
|
||||
> <http://shop.fsf.org/product/free-as-in-freedom-2/> or by reading RMS'
|
||||
> essays: <http://shop.fsf.org/product/signed-fsfs/>.
|
||||
>
|
||||
> And ultimately, you may find that you do not agree with our
|
||||
> philosophy---many don't. That's certainly your right, and I respect that.
|
||||
> What I cannot respect, and will not respect, is when that philosophy is used
|
||||
> to exert control over others.
|
||||
>
|
||||
> (As a final note: many say we control developers through our "viral"
|
||||
> licenses. But keep in mind that we're trying to protect the users *from*
|
||||
> developers. This means taking power away from developers. This is
|
||||
> intentional.)
|
||||
|
||||
[4]: http://news.ycombinator.com/item?id=4787965
|
||||
[5]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
|
||||
[6]: http://www.gnu.org/licenses/lgpl.html
|
||||
[7]: https://www.eff.org/press/releases/eff-wins-renewal-smartphone-jailbreaking-rights-plus-new-legal-protections-video
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
# Copyright Reform? You're silly.
|
||||
|
||||
Amazingly, the Republican Study Committee (RSC) had [released a report
|
||||
suggesting copyright reform][0]. Of course, that's a silly thing to do when
|
||||
you're in bed with organizations like the MPAA and RIAA; [the report was quickly
|
||||
retracted][1].
|
||||
|
||||
It would have been a surprising step forward; maybe there's hope yet, assuming
|
||||
the GOP can get a handle on itself.
|
||||
|
||||
(Disclaimer: I have no party affiliation.)
|
||||
|
||||
[0]: http://www.techdirt.com/articles/20121116/16481921080/house-republicans-copyright-law-destroys-markets-its-time-real-reform.shtml
|
||||
[1]: http://www.techdirt.com/articles/20121117/16492521084/hollywood-lobbyists-have-busy-saturday-convince-gop-to-retract-copyright-reform-brief.shtml
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,58 @@
|
|||
# Privacy In Light of the Petraeus Scandal
|
||||
|
||||
I'm not usually one for scandals (in fact, I couldn't care less who government
|
||||
employees are sleeping with). However, it did bring up deep privacy
|
||||
concerns---how exactly did the government get a hold of the e-mails?
|
||||
|
||||
The [EFF had released an article answering some questions][0] about the scandal,
|
||||
which is worth a read. In particular, you should take a look at the [EFF's
|
||||
Surveillance Self-Defense website][1] for an in-depth summary of the laws
|
||||
surrounding government surveillance and tips on how to protect against it.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/11/when-will-our-email-betray-us-email-privacy-primer-light-petraeus-saga
|
||||
[1]: https://ssd.eff.org
|
||||
|
||||
I'd like to touch upon a couple things. In particular, [the article mentions][0]:
|
||||
|
||||
<!-- more -->
|
||||
|
||||
> Broadwell apparently accessed the emails from hotels and other locations, not
|
||||
> her home. So the FBI cross-referenced the IP addresses of these Wi-Fi
|
||||
> hotspots "against guest lists from other cities and hotels, looking for common
|
||||
> names."
|
||||
|
||||
To stay anonymous in this situation, one should [consider using Tor][2] to mask
|
||||
his/her IP address. Additionally, remove all cookies (or use your browser's
|
||||
privacy mode if it will disable storing and sending of cookies for you) and
|
||||
consider that your User Agent may be used to identify you, especially if
|
||||
maleware has inserted its own unique identifiers.
|
||||
|
||||
Also according to [the EFF article][0]:
|
||||
|
||||
> According to reports, Patraeus and Broadwell adopted a technique of drafting
|
||||
> emails, and reading them in the draft folder rather than sending them.
|
||||
|
||||
That didn't work out so well. Consider [encrypting important communications][3]
|
||||
using GPG/PGP so that (a) the e-mail cannot be deciphered in transit and (b) the
|
||||
e-mail can only be read by the intended recipient. Of course, you are then at
|
||||
risk of being asked to divulge your password, so to avoid the situation
|
||||
entirely, it would be best to delete the e-mails after reading them.
|
||||
Additionally, if you host your own services, it may be wise to host your own
|
||||
e-mail (guides for doing this vary between operating system, but consider
|
||||
looking at software like [Postfix][4] for mail delivery and maybe [Dovecot][5]
|
||||
for retrieval).
|
||||
|
||||
Privacy isn't only for those individuals who are trying to be sneaky or cheat on
|
||||
their spouses. Feel free joining the EFF in trying to reform the ECPA to respect
|
||||
our privacy in this modern era; storing a document digitally shouldn't change
|
||||
its fundamental properties under the law.
|
||||
|
||||
I'd also encourage you to read [Schneier's post on this topic][6], which
|
||||
summarizes points from many articles that I did not cover here.
|
||||
|
||||
[2]: https://ssd.eff.org/tech/tor
|
||||
[3]: https://ssd.eff.org/tech/encryption
|
||||
[4]: http://www.postfix.org
|
||||
[5]: http://www.dovecot.org/
|
||||
[6]: http://www.schneier.com/blog/archives/2012/11/e-mail_security.html
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
# Tor exit node operator raided in Austria
|
||||
|
||||
[These things][0] mustn't be allowed to happen; they are an affront to privacy.
|
||||
Tor exit node operators should not have to fear conviction for activities they
|
||||
themselves did not perform.
|
||||
|
||||
[0]: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,10 @@
|
|||
# Warrants For E-mails in the United States
|
||||
|
||||
The [Senate Judiciary Committee passed an amendment][0] that requires that they
|
||||
receive a warrant before spying on our e-mails.
|
||||
|
||||
This is excellent; let us hope that it becomes law.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/12/deep-dive-updating-electronic-communications-privacy-act
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,53 @@
|
|||
# Copyright Assignment Of Free Software Projects
|
||||
|
||||
An [e-mail today from Paolo Bonzini][0], a maintainer of GNU sed, has prompted
|
||||
additional discussion regarding copyright assignment to corporate entities; in
|
||||
particular, the discussion focuses on copyright assignment to the FSF under the
|
||||
GNU project.
|
||||
|
||||
[0]: http://article.gmane.org/gmane.comp.lang.smalltalk.gnu.general/7873
|
||||
|
||||
<!-- more -->
|
||||
|
||||
An [article by Michael Kerrisk on LWN.net][1], posted a couple days earlier,
|
||||
touches on the [same issue brought up by GnuTLS earlier in the month][2]. The
|
||||
disagreements from the two aforementioned individuals of the GNU-maintained
|
||||
projects prompt a thoughtful analysis of whether copyright assignment is
|
||||
appropriate for your own free software project[1]. In contrast, consider the
|
||||
[developer certificate of origin][3] policy adopted by the Linux project, under
|
||||
which contributors maintain copyright for their contributions.
|
||||
|
||||
There are benefits and downsides to both models---if a project requires
|
||||
copyright assignment (such as the GNU projects), then enforcement and license
|
||||
modifications are simplified. As an example, if the Linux project wanted to move
|
||||
to the GPLv3, they would have to contact each contributor (a similar move was
|
||||
done recently [by the VLC project][4], except that they moved from the GPL to
|
||||
the LGPL). However, the Linux project has a much smaller barrier to entry---they
|
||||
need not [assign copyright of their contributions to the project (such as is the
|
||||
case with GNU)][5], meaning that individuals may be more likely to contribute.
|
||||
|
||||
One of the major benefits touted by the FSF for copyright assignments from
|
||||
contributors is [copyright enforcement][6]---another complication that would
|
||||
arise from enforcing the GPL in a project such as Linux. That said, as the LWN
|
||||
article mentions[2], what if [the FSF cannot find the time to enforce the
|
||||
copyright on a project violation][7]? Then again, what of the flipside---do you
|
||||
have the time or money to enforce violations on your own projects were they not
|
||||
assigned to a corporation like the FSF?
|
||||
|
||||
These are interesting discussions and certainly things that should be considered
|
||||
when determining how to handle both contributions and the copyright for your
|
||||
entire project. Ultimately, that decision falls on you, the author/maintainer,
|
||||
and your needs.
|
||||
|
||||
(Disclaimer: I am an associate member of the Free Software Foundation. This
|
||||
article does not reflect any of my personal opinions; whether or not I would
|
||||
assign copyright to the FSF for any of my projects would be determined based on
|
||||
the goals and plan of that particular project.)
|
||||
|
||||
[1]: http://lwn.net/SubscriberLink/529522/854aed3fb6398b79/
|
||||
[2]: http://lwn.net/Articles/529558/
|
||||
[3]: http://elinux.org/Developer_Certificate_Of_Origin
|
||||
[4]: http://mikegerwitz.com/thoughts/2012/11/VLC-s-Move-to-LGPL.html
|
||||
[5]: http://git.savannah.gnu.org/cgit/gnulib.git/tree/doc/Copyright/assign.changes.manual#n64
|
||||
[6]: http://www.gnu.org/licenses/why-assign.html
|
||||
[7]: http://lwn.net/Articles/529777/
|
|
@ -0,0 +1,46 @@
|
|||
# Congress Approves FISA For Another 5 Years
|
||||
|
||||
At a [vote of 73-23][0], Congress has voted to [extend FISA warentless spying
|
||||
bill by five more years[1], even shooting down [proposed amendments][2] to the
|
||||
bill.[3]
|
||||
|
||||
[0]: https://www.senate.gov/legislative/LIS/roll_call_lists/roll_call_vote_cfm.cfm?congress=112&session=2&vote=00236
|
||||
[1]: https://www.eff.org/deeplinks/2012/12/congress-disgracefully-approves-fisa-warrantless-eavesdropping-bill-five-more
|
||||
[2]: https://www.eff.org/deeplinks/2012/12/why-we-should-all-care-about-senates-vote-fisa-amendments-act-warrantless-domestic
|
||||
[3]: http://arstechnica.com/tech-policy/2012/12/as-senate-votes-on-warrantless-wiretapping-opponents-offer-fixes/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Thank you to those senators that [opposed the bill][0]:
|
||||
|
||||
> Akaka (D-HI);
|
||||
> Baucus (D-MT);
|
||||
> Begich (D-AK);
|
||||
> Bingaman (D-NM);
|
||||
> Brown (D-OH);
|
||||
> Cantwell (D-WA);
|
||||
> Coons (D-DE);
|
||||
> Durbin (D-IL);
|
||||
> Franken (D-MN);
|
||||
> Harkin (D-IA);
|
||||
> Leahy (D-VT);
|
||||
> Lee (R-UT);
|
||||
> Menendez (D-NJ);
|
||||
> Merkley (D-OR);
|
||||
> Murkowski (R-AK);
|
||||
> Murray (D-WA);
|
||||
> Paul (R-KY);
|
||||
> Sanders (I-VT);
|
||||
> Schatz (D-HI);
|
||||
> Tester (D-MT);
|
||||
> Udall (D-CO);
|
||||
> Udall (D-NM);
|
||||
> Wyden (D-OR).
|
||||
|
||||
Unfortunately, the two senators from my own state cannot join that list.
|
||||
|
||||
The [EFF has sumarized the surveillance issues of 2012][4] recently on their
|
||||
website.
|
||||
|
||||
[4]: https://www.eff.org/deeplinks/2012/12/2012-review-effs-fight-against-secret-surveillance-law
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
# Happy New Year
|
||||
|
||||
The greatest excitement in moving into a new year is the prospect of quantified
|
||||
growth.
|
||||
|
||||
Of course, it also means another year to look forward to the health of those you
|
||||
care for.
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,29 @@
|
|||
# DNA Collection
|
||||
|
||||
Consider a recent article from the EFF [regarding "Rapid DNA Analyzers"][0].
|
||||
The article poses the potetial issues involved, but also consider that any DNA
|
||||
collected (if not destroyed) would violate not just your privacy, but your
|
||||
entire blood line. What if DNA from immigrants were collected? Much of that
|
||||
information is inherited, so generations down the line, your privacy is still
|
||||
violated.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2012/12/rapid-dna-analysis
|
||||
|
||||
<!-- more -->
|
||||
|
||||
I cannot comment intelligently on the matter since I haven't read deeply enough
|
||||
into the proposed storage/hashing/etc policies, but those polices can be abused
|
||||
and such data can be leaked. I highly oppose any sort of DNA collection outside
|
||||
of personal at-home use (when the technology is available with free software)
|
||||
and use by medical professionals for personal medical reasons so long as the
|
||||
institution performing the test can provide stringent evidence of its
|
||||
destruction. But even then, if law enforcement somehow got a hold of the DNA
|
||||
before it were destroyed, then the problem still exists, so it would be best if
|
||||
you had your own personal tools to analyze your own DNA and distribute only the
|
||||
portions that were required (and encryption tools like [GPG][1] could be used
|
||||
for distribution).
|
||||
|
||||
One day, but not now. Let's make those scanners affordable and run free
|
||||
software.
|
||||
|
||||
[1]: http://www.gnupg.org/
|
|
@ -0,0 +1,15 @@
|
|||
# USPTO Wants To Hear From Software Community
|
||||
|
||||
The [USPTO wants to hear from the software community][0]. Interesting, but the
|
||||
problem is that the "software community" includes more than just those who
|
||||
find software patents to be an abomination.
|
||||
|
||||
I have [mentioned issues with software patents in a previous post][1], but one
|
||||
resource that may be worth looking at direclty is ["The Case Against
|
||||
Patents"][2] [pdf].
|
||||
|
||||
[0]: http://www.groklaw.net/article.php?story=20130104012214868
|
||||
[1]: http://mikegerwitz.com/thoughts/2012/10/Abolishing-Patents.html
|
||||
[2]: http://research.stlouisfed.org/wp/2012/2012-035.pdf
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,41 @@
|
|||
# LuLu Says Goodbye to DRM
|
||||
|
||||
On January 8th, [LuLu announced that they would be dropping DRM][0] for users
|
||||
who "[download] eBooks directly from Lulu.com to the device of their choice".
|
||||
This is a wise move (for [those of us who oppose DRM][1]), but unfortunately, as
|
||||
John Sullivan of the Free Software Foundation noted on the fsf-community-team
|
||||
mailing list, the [comments on LuLu's website][0] are not all positive:
|
||||
|
||||
[0]: http://www.lulu.com/blog/2013/01/drm-update/
|
||||
[1]: http://defectivebydesign.org/
|
||||
|
||||
> This is a positive development, but unfortunately there has been a lot
|
||||
> of negative reaction in the comments on their announcement.
|
||||
>
|
||||
> It'd be great if people could chime in and support them their move away
|
||||
> from DRM.
|
||||
|
||||
<!-- more -->
|
||||
|
||||
At first glance, certain authors seem to be concerned that the absense of DRM
|
||||
will lead to ["more illegal file sharing"][0]:
|
||||
|
||||
> [...] I’ve got copies of my non-DRM ebooks all over the torrent sites and
|
||||
> thousands of downloads registered, for which I haven’t received a cent. As
|
||||
> soon as you push for them to be taken down, they’re posted up again.
|
||||
|
||||
While it is unfortunate that those authors are not receiving compensation for
|
||||
their hard work, it should be noted that this problem exists even *with*
|
||||
DRM, so it is not a valid argument toward keeping it.
|
||||
|
||||
I applaud this move by LuLu, though I'm disappointed to see [this comment in the
|
||||
original post][0]:
|
||||
|
||||
> Companies like Amazon, Apple and Barnes & Noble integrate a reader’s
|
||||
> experience from purchasing to downloading and finally to reading. These
|
||||
> companies do a fantastic job in this area, and eBooks published through Lulu
|
||||
> and distributed through these retail sites will continue to have the same
|
||||
> rights management applied as they do today.
|
||||
|
||||
They do not do it well; no DRM is good DRM.
|
||||
|
|
@ -0,0 +1,171 @@
|
|||
# Re: FSF Wastes Away Another "High Priority" Project
|
||||
|
||||
A couple days ago, my attention was drawn to an article on Phoronix that
|
||||
[criticized the FSF for its decision to stick with GPLv3 over GPLv2 on
|
||||
LibreDWG][0] due to the number of projects that make use of it---licensed under
|
||||
the GPLv2---under [a now incompatible][1] license. This article is very negative
|
||||
and essentially boils down to this point (the last paragraph):
|
||||
|
||||
> Unless the Free Software Foundation becomes more accomodating [sic] of these
|
||||
> open-source developers -- who should all share a common goal of wanting to
|
||||
> expand free/open-source software -- LibreDWG is likely another project that
|
||||
> will ultimately waste away and go without seeing any major adoption due to
|
||||
> not working with the GPLv2.
|
||||
|
||||
It it worth mentioning why this view is misguided (though understandable for
|
||||
those who adopt the ["open source" philosophy over that of software
|
||||
freedom][2]).
|
||||
|
||||
[0]: http://www.phoronix.com/scan.php?page=news_item&px=MTI4Mjc
|
||||
[1]: http://www.gnu.org/licenses/gpl-faq.html#WhatDoesCompatMean
|
||||
[2]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
|
||||
|
||||
<!-- more -->
|
||||
|
||||
Let me start with [this paragraph from the Phoronix article][0]:
|
||||
|
||||
> The Free Software Foundation was contacted about making LibreDWG GPLv2+
|
||||
> instead (since the FSF is the copyright holder), but the FSF/Richard Stallman
|
||||
> doesn't the DWG library on the earlier version of their own open-source
|
||||
> license.
|
||||
|
||||
The FSF's founding principle is that of [software freedom][3] (beginning with the
|
||||
GNU project). Now, consider the reason for the creation of the GPLv3---the GPLv2
|
||||
[could not sufficiently protect against][4] software patents and newer threats such
|
||||
as "tivoization". These goals further the FSF's mission of ensuring---in
|
||||
this case---that free software *remains* free ([a concept that RMS coined
|
||||
"copyleft"][5]). It would make sense, then, that the FSF (and RMS') position is
|
||||
that [it is important that we adopt the GPLv3 for our software][6].
|
||||
|
||||
From this perspective, it does not make sense to "downgrade" LibreDWG's
|
||||
license to the GPLv2, which contains various bugs that have since been patched
|
||||
in GPLv3---it is not pursuant to the FSF's goals. (Of course, not all agree with
|
||||
the GPLv3; one such notable disagreement (as well as issues
|
||||
stemming from copyright assignment) leaves the kernel Linux [perpetually licensed
|
||||
under the GPLv2][7] since it does not contain the ["or later" clause][8]).
|
||||
|
||||
That is not to say that the author's concern is not legitimate---a number of
|
||||
projects are licensed under the GPLv2 and therefore cannot use the newer (and
|
||||
improved) versions of LibreDWG that are licensed under the GPLv3 (unless they
|
||||
were to upgrade to the GPLv3, of course). Whether or not upgrading is feasible
|
||||
(e.g., in the case of the kernel Linux, it is not) is irrelevant---let us
|
||||
instead focus on the issue of adoption under the assumption that the project is
|
||||
either unwilling or unable to make use of a library licensed under the GPLv3.
|
||||
|
||||
As aforementioned, [the author focuses on the issue of adoption][0]:
|
||||
|
||||
> LibreDWG is likely [...to] go without seeing any major adoption due to not
|
||||
> working with the GPLv2
|
||||
|
||||
A focus on adoption is a [focus of "open source", not free software][2], the
|
||||
latter of which the FSF represents. With a focus on software freedom, the goal
|
||||
is to create software that respects the [users' four essential freedoms][9]; if
|
||||
the software is adopted and used, great! However, freedom should never be
|
||||
sacrificed in order to encourage adoption. One may argue that "downgrading" to
|
||||
the GPLv2 is not sacrificing freedom because the software is still free (it is
|
||||
even the GPL)---but it is important to again realize that the GPLv3 is "more
|
||||
free" than the GPLv2 in the sense that it [*protects* additional freedoms][6];
|
||||
so, while the GPLv2 isn't necessarily sacrificing users' freedoms directly, it
|
||||
does have such an indirect effect through means of enforcement.
|
||||
|
||||
A reader familiar with GNU may then point out the LGPL---the Lesser General
|
||||
Public License---under which popular (and very important) [libraries such as
|
||||
glibc are licensed][10]. In fact, one could extend this argument to any
|
||||
library---why not have LibreDWG licensed under the LGPL to avoid this problem in
|
||||
its entirety, while still preserving the users' freedoms for that library in
|
||||
itself? This understanding requires a brief lesson in history---the rationale
|
||||
under which the LGPL was born. [To quote the GNU project][11]:
|
||||
|
||||
> Using the ordinary GPL is not advantageous for every library. There are
|
||||
> reasons that can make it better to use the Lesser GPL in certain cases. The
|
||||
> most common case is when a free library's features are readily available for
|
||||
> proprietary software through other alternative libraries. In that case, the
|
||||
> library cannot give free software any particular advantage, so it is better to
|
||||
> use the Lesser GPL for that library.
|
||||
|
||||
It was for this reason that glibc was released under the LGPL---because it was
|
||||
better to have the users adopt some sort of free software than none at all;
|
||||
there were other alternatives that existed that users may flock to if they were
|
||||
forced to liberate their own proprietary software (after all, the C API is also
|
||||
standardized, so such a feat would be trivial). Now that glibc has since matured
|
||||
greatly, it could be argued today that it has proved its usefulness and the LGPL
|
||||
may no longer be necessary, but such a discussion is not necessarily relevant
|
||||
for this conversation.
|
||||
|
||||
What is important is that [the FSF does not recommend the LGPL for most
|
||||
libraries][11] because that would encourage proprietary software developers to
|
||||
take advantage of both the hard work of the free software community and the
|
||||
users of the software. Now, I cannot speak toward the alternatives to
|
||||
LibreDWG---do there exist proprietary alternatives that are reasonable
|
||||
alternatives to non-commercial projects? I do not have experience with the
|
||||
library. However, I hope by this point the FSF's position has been rationalize
|
||||
(even if you---the reader---do not agree with it).
|
||||
|
||||
Of course, this rationalization will still leave a sour taste in the mouth of
|
||||
those "open source" developers (or perhaps even some free software developers)
|
||||
that think in terms of what is "lost": these projects---which are themselves
|
||||
free software and therefore beneficial to our community---cannot take advantage
|
||||
of *other free software* due to this licensing issue. Since these projects had
|
||||
already existed when LibreDWG was licensed under the GPLv2, the relicensing to
|
||||
GPLv3 may seem unfair and, therefore, a "loss". It is difficult to counter
|
||||
such an argument if the above rationale has not been sufficient; nor will I
|
||||
argue that the situation is not unfortunate, should the projects be unable to
|
||||
relicense. However, it must be understood that, to ensure the future of free
|
||||
software, the FSF must adopt to combat today's threats and so too must other
|
||||
free software projects.
|
||||
|
||||
The Phoronix article mentioned two projects in particular that suffer from
|
||||
LibreDWG's relicensing: [LibreCAD and FreeCAD][0]. LibreCAD omits the "or later"
|
||||
clause that was mentioned above, preventing them from easily migrating to the
|
||||
GPLv2 (which is [against the FSF's recommendation][12]). Unless the project
|
||||
requires that contributors assign copyright to the project owner, then they
|
||||
would have to get permission from each contributor (or rewrite the code) in
|
||||
order to change the license (which is not unheard of; [VLC had done so recently
|
||||
to migrate from the GPL to the LGPL][13]); this is a significant barrier for any
|
||||
project with multiple contributors, especially when your project is a derivative
|
||||
work (of QCad).
|
||||
|
||||
The other project mention was FreeCAD, and the author of the article mentions
|
||||
that the project depends on Coin3D and Open CASCADE, "both of which are
|
||||
GPLv2", so [the project cannot migrate to GPLv3][0]. A quick look at Coin3D's
|
||||
website shows that the software is actually licensed under the modified
|
||||
(3-clause) BSD license, and so [migrating to the GPLv3 is not an issue][15]. Open
|
||||
CASCADE has its own "public license" that I do not have the time to evaluate
|
||||
(nor am I lawyer, so I do not wish to give such advice), so I cannot speak to
|
||||
its compatibility with the GPLv3. That said, I'm unsure if it would be a barrier
|
||||
toward FreeCAD's adoption of the GPLv3.
|
||||
|
||||
Ultimately, the moral of the story is to plan for the *future*---if you use a
|
||||
project licensed under the GPL, ensure that it has the "or later" clause that
|
||||
allows it to be licensed under later version of the GPL, since you can be sure
|
||||
that the FSF and many other free software developers will be quick to adopt the
|
||||
license. Of course, many may not be comfortable with such a licensing decision:
|
||||
you effectively are giving the FSF permission to relicense you work by simply
|
||||
releasing a new version of the GPL. It is your decision whether you are willing
|
||||
to place this kind of trust in the organization responsible for starting the
|
||||
free software movement in the first place.
|
||||
|
||||
Readers may now assume that I am placing the entire blame and onus on the
|
||||
implementors of LibreDWG. The onus, perhaps, but not the blame---this truly is
|
||||
an unfortunate circumstance that takes away from hacking a free software
|
||||
project. Unfortunately, the projects are stuck in a bad place, but the FSF is
|
||||
not to blame for standing firm in their ideals. Instead, this can be thought of
|
||||
as a maintenance issue---rather than a source code refactoring resulting from a
|
||||
library API change, we instead require a "legal code" refactoring resulting
|
||||
from a "legal API" change.
|
||||
|
||||
[3]: http://www.fsf.org/about/
|
||||
[4]: http://www.gnu.org/licenses/quick-guide-gplv3.html
|
||||
[5]: http://www.gnu.org/copyleft/
|
||||
[6]: http://www.gnu.org/licenses/rms-why-gplv3.html
|
||||
[7]: http://lwn.net/Articles/200422/
|
||||
[8]: http://www.gnu.org/licenses/gpl-faq.html#v2v3Compatibility
|
||||
[9]: http://www.gnu.org/philosophy/free-sw.html
|
||||
[10]: http://www.gnu.org/licenses/lgpl.html
|
||||
[11]: http://www.gnu.org/licenses/why-not-lgpl.html
|
||||
[12]: http://www.gnu.org/licenses/gpl-howto.html
|
||||
[13]: http://mikegerwitz.com/thoughts/2012/11/VLC-s-Move-to-LGPL.html
|
||||
[14]: https://bitbucket.org/Coin3D/coin/wiki/Home
|
||||
[15]: http://www.gnu.org/licenses/license-list.html#ModifiedBSD
|
||||
[16]: http://www.opencascade.org/getocc/license/
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
# Phone "Unlocking" Once Again Illegal
|
||||
|
||||
[Ridiculous.][0] We should own the hardware that we purchase.
|
||||
|
||||
[0]: https://www.eff.org/is-it-illegal-to-unlock-a-phone
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,102 @@
|
|||
# Re: Who Does Skype Let Spy?
|
||||
|
||||
Today, [Bruce Schneier brought attention to privacy concerns surrounding
|
||||
Skype][0], a very popular ([over 600 million users][1]) VoIP service that has
|
||||
since been acquired by Microsoft. In particular, [users are concerned over what
|
||||
entities may be able to gain access to their "private" conversations][1]
|
||||
through the service---Microsoft has refused to answer those kinds of questions.
|
||||
While the specific example of Skype is indeed concerning, it raises a more
|
||||
general issue that I wish to discuss: The role of free software and SaaS
|
||||
(software as a service).
|
||||
|
||||
[0]: http://www.schneier.com/blog/archives/2013/01/who_does_skype.html
|
||||
[1]: http://www.skypeopenletter.com/
|
||||
|
||||
<!-- more -->
|
||||
|
||||
To [quote Schneier][0]:
|
||||
|
||||
> We have no choice but to trust Microsoft. Microsoft has reasons to be
|
||||
> trustworthy, but they also have reasons to betray our trust in favor of other
|
||||
> interests. And all we can do is ask them nicely to tell us first.
|
||||
|
||||
Schneier continues to admit, in similar words, that [we are but "vassals" to
|
||||
these entities and that they are our serfs][2]. His essays regarding the [power of
|
||||
corporations and governments over their users][3] echo the words of Lawrence
|
||||
Lessig in his [predictions of a "perfectly regulated" future made possible by
|
||||
the Internet][4]. While Lessig (despite what his critics have stated in the
|
||||
past) seems to have been correct in many regards, we need not jump into the
|
||||
perspective of an Orwellian dystopia where we are but "vassals" to the
|
||||
Party.[^5] Indeed, this is only the case---at least at present---if you choose to
|
||||
participate in the use of services such as Skype, as ubiquitous as they may be.
|
||||
|
||||
Skype is a useful demonstration of the unfortunate situation that many users
|
||||
place themselves in by trusting their private data to Microsoft. Skype itself is
|
||||
proprietary---we cannot inspect its source code (easily) in order to ensure that
|
||||
it is respecting our privacy. (Indeed, as a user on [the HackerNews
|
||||
discussion][6] pointed out, [Skype has installed undesirable software in the
|
||||
past][7].) If Skype were [free software][8], we would be able to inspect its
|
||||
source code and modify it to suit our needs, ensuring that the software did only
|
||||
what we wanted it to do---ensuring that Microsoft was not in control of us.
|
||||
|
||||
However, even if Skype were free software, there is another issue at work that
|
||||
is often overlooked by users: Software as a Service (SaaS). When you make use of
|
||||
services that are hosted on remote servers (often called "cloud"
|
||||
services)---such as with Skype, Facebook, Twitter, Flickr, Instagram, iTunes,
|
||||
iCloud and many other popular services---you are blindly entrusting your data to
|
||||
them. Even if the Skype software were free (as in freedom), for example, [we
|
||||
still cannot know what their servers are doing with the data we provide to
|
||||
them][9]. Even if Skype's source code was plainly visible, the servers act as a
|
||||
black box. Do they monitor your calls? [Does Facebook abuse your data?][10] How is
|
||||
that data stored---[what happens][1] in the event of a data breach, or in the event
|
||||
of a warrant/subpoena?
|
||||
|
||||
The only way to be safe from these providers is to [reject these services
|
||||
entirely and use your own software on your own PC][9], or use software that will
|
||||
connect directly to your intended recipient without going through a 3rd
|
||||
party. (Never mind your ISP; that is a separate issue entirely.) If you must
|
||||
use a 3rd party service, ensure that you can adequately encrypt your
|
||||
communications (e.g. using GPG to encrypt e-mail communications)---something
|
||||
that may not necessarily be easy/possible to do, especially if the software is
|
||||
proprietary and works against you.
|
||||
|
||||
The EFF has published [useful information on protecting yourself against
|
||||
surveillance][11], covering topics such as encryption and anonymization.
|
||||
|
||||
If we are to resist the worlds that [Lessig][4] and [Schneier][3] describe, then we
|
||||
must [stand up for our right to privacy and demand action][12]. [Who will have
|
||||
your back][13] when we're on the brink of ["perfect regulation"][4]; who will
|
||||
stand up for your rights and work *with* you---not against you---to preserve
|
||||
your liberties? Without this push, services like Skype empower governments and
|
||||
other entities to work toward perfect regulation---to continuously spy on
|
||||
everything that we do. With everyone putting their every thought and movement on
|
||||
services like Facebook, [Twitter][14] and Skype, the Orwellian Thought Police have
|
||||
the ability to manifest in a form that not even Orwell could have
|
||||
imagined---unless it is stopped.
|
||||
|
||||
To help [preserve your ever-dwindling rights online][15], consider becoming a
|
||||
member of or participating in the campaigns of the [Free Software
|
||||
Foundation][16], [Electronic Frontier Foundation][17], the [American Civil
|
||||
Liberties Union][18] or any other organizations dedicated toward free society.
|
||||
|
||||
(Disclaimer: I am a member of the Free Software Foundation.)
|
||||
|
||||
[2]: http://www.schneier.com/essay-406.html
|
||||
[3]: http://www.schneier.com/essay-409.html
|
||||
[4]: http://codev2.cc/
|
||||
[6]: http://news.ycombinator.com/item?id=5139801
|
||||
[7]: http://blogs.skype.com/garage/2011/05/easybits_update_disabled_for_s.html
|
||||
[8]: http://www.gnu.org/philosophy/free-sw.html
|
||||
[9]: http://www.gnu.org/philosophy/who-does-that-server-really-serve.html
|
||||
[10]: https://www.eff.org/deeplinks/2013/01/facebook-graph-search-privacy-control-you-still-dont-have
|
||||
[11]: https://ssd.eff.org
|
||||
[12]: https://www.eff.org/deeplinks/2013/01/its-time-transparency-reports-become-new-normal
|
||||
[13]: https://www.eff.org/pages/when-government-comes-knocking-who-has-your-back
|
||||
[14]: https://www.eff.org/deeplinks/2013/01/google-twitters-new-transparency-report-shows-increase-government-demands-sheds
|
||||
[15]: https://action.eff.org/o/9042/p/dia/action/public/?action_KEY=8750
|
||||
[16]: http://www.fsf.org/register_form?referrer=5804
|
||||
[17]: https://supporters.eff.org/donate
|
||||
[18]: https://www.aclu.org/donate/join-renew-give
|
||||
|
||||
[^5]: Orwell, George. Nineteen Eighty-Four. ISBN 978-0-452-28423-4.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# What is CISPA and Why is it Dangerous?
|
||||
|
||||
The EFF has put together an excellent [FAQ on CISPA][0], the "cybersecurity"
|
||||
bill that was reintroduced to congress earlier this month.
|
||||
|
||||
[0]: https://www.eff.org/deeplinks/2013/02/cispas-back-faq-what-it-and-why-its-still-dangerous
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,15 @@
|
|||
# DMR: "Very early C compilers and language"
|
||||
|
||||
An interesting article by Dennis Ritchie discussing [early C compilers][0]
|
||||
recovered from old DECtapes. The source code and history are fascinating reads.
|
||||
The quality of the code (the "kludgery"[1], as he puts it) to me just brings
|
||||
smiles---I appreciate seeing the code in its original glory.
|
||||
|
||||
It is also saddening reading the words of such a great man who is no longer with
|
||||
us; perhaps it helps to better appreciate his legacy.
|
||||
|
||||
[0]: http://cm.bell-labs.com/cm/cs/who/dmr/primevalC.html
|
||||
[1]: http://www.catb.org/~esr/jargon/html/K/kludge.html
|
||||
|
||||
<!-- more -->
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# Libreated Pixel Cup Winners Announced
|
||||
|
||||
[Congratulations][0] to the [winners of the Liberated Pixel Cup][1].
|
||||
|
||||
[0]: http://www.fsf.org/news/winners-announced-for-free-software-gamings-highest-honor-the-liberated-pixel-cup
|
||||
[1]: http://lpc.opengameart.org/content/code-judging-is-in
|
||||
|
||||
<!-- more -->
|
|
@ -0,0 +1,35 @@
|
|||
# Google Says the FBI Is Secretly Spying on Some of Its Customers
|
||||
|
||||
A Wired article mentions [figures released from Google][0] regarding National
|
||||
Security Letters issued by the NSA under the Patriot Act. It is too early to
|
||||
comment in much detail on this matter (I would like to wait for commentary from
|
||||
the EFF), but, as the article mentions:
|
||||
|
||||
[0]: http://www.wired.com/threatlevel/2013/03/google-nsl-range/?cid=co6199824
|
||||
|
||||
> Google said the number of accounts connected to National Security letters
|
||||
> ranged between “1000-1999″ for each of the reported years other than 2010. In
|
||||
> that year, the range was “2000-2999.”
|
||||
|
||||
<!-- more -->
|
||||
|
||||
The [EFF provides additional information, including recommendations on what to
|
||||
do about such requests][1] via their Surveillance Self-Defense website. As
|
||||
quoted from that website:
|
||||
|
||||
> And it's even worse for FISA subpoenas, which can be used to force anyone to
|
||||
> hand over anything in complete secrecy, and which were greatly strengthened
|
||||
> by Section 215 of the USA PATRIOT Act. The government doesn't have to show
|
||||
> probable cause that the target is a foreign power or agent — only that they
|
||||
> are seeking the requested records "for" an intelligence or terrorism
|
||||
> investigation. Once the government makes this assertion, the court must
|
||||
> issue the subpoena.
|
||||
|
||||
To add insult to injury:
|
||||
|
||||
> FISA orders and National Security Letters will also come with a gag order that
|
||||
> forbids you from discussing them. Do NOT violate the gag order. Only speak to
|
||||
> members of your organization whose participation is necessary to comply with
|
||||
> the order, and your lawyer.
|
||||
|
||||
[1]: https://ssd.eff.org/foreign/fisa
|
|
@ -0,0 +1,41 @@
|
|||
# Adding 1 and 1 in PHP
|
||||
|
||||
An amusing demonstration; it is my hope that [readers will not take this PHP
|
||||
library seriously][0]. This is likely a parody of the over-engineering that
|
||||
often takes foot in Object-Oriented development (a game of "how many GoF[^4]
|
||||
design patterns can we use in this project" anyone?).
|
||||
|
||||
[0]: https://github.com/Herzult/SimplePHPEasyPlus
|
||||
|
||||
<!-- more -->
|
||||
|
||||
That is not to say that "OOP is bad" (just as object-oriented developers often
|
||||
consider procedural code bad, when they may just be terrible at writing
|
||||
procedural code). Indeed, I wrote [an ECMAScript framework for Classical OOP
|
||||
(ease.js)][1]. The problem is that, with the excitement and misunderstandings
|
||||
that surround "good" object-oriented design, designers are eager to
|
||||
over-abstract their implementations (I have been guilty of the same thing).
|
||||
Object oriented programming is often taught to novice CS students (often with
|
||||
the reign of Java in schools)---teaching practices that can be good principles
|
||||
when properly applied and in moderation---which [I have also seen contribute to
|
||||
such madness][2].
|
||||
|
||||
Abstractions are highly important, but only when necessary and when they lead to
|
||||
more concise representations of the problem than would otherwise occur (note
|
||||
that some problems are inherently complicated and, as such, a concise
|
||||
representation may not seen concise). I'm a strong advocate of DSLs when
|
||||
abstractions begin to get in the way and increase the verbosity of the code
|
||||
(languages with strong macro systems like lisp help eliminate the need for
|
||||
DSLs written from scratch)---design patterns exist because of deficiencies in
|
||||
the language: They are "patterns" of code commonly used to achieve a certain |