Commit Graph

238 Commits (30dc33c97b8ec3f1358283a0e6690b5680ce1254)

Author SHA1 Message Date
Mike Gerwitz 66ecf830c6 Main content pages (now *.{txt=>pg}) will now be processed with repo2html
Provides for a cleaner integration which is difficult with asciidoc.
2013-05-26 21:01:07 -04:00
Mike Gerwitz e74b27e197 Footer will appear below floated headline regardless of content length 2013-05-26 20:57:14 -04:00
Mike Gerwitz 486dc7377e Improved styling of index 2013-05-25 22:15:16 -04:00
Mike Gerwitz cd93dcb796 Added headline (which just happens to be floated to the right) 2013-05-25 19:59:57 -04:00
Mike Gerwitz 3cb200878d Menu adjustment; reduced font size ever so slightly and adjusted margins/padding 2013-05-25 18:10:19 -04:00
Mike Gerwitz 1d31919320 Altered title and description to reflect a home page
This will no longer be used purely as a subdirectory of the root domain; it will replace the original site
2013-05-25 16:37:15 -04:00
Mike Gerwitz be68234098 Index margins increased to mirror old site 2013-05-25 16:36:24 -04:00
Mike Gerwitz 9875c165e6 Added *.html to .gitignore 2013-05-25 11:53:21 -04:00
Mike Gerwitz 7011f93b73 Index menu generation 2013-05-25 11:51:42 -04:00
Mike Gerwitz c4e460564b Added doc-cp script 2013-05-25 11:51:41 -04:00
Mike Gerwitz d74d93dab4 Added document placeholders 2013-05-25 11:51:41 -04:00
Mike Gerwitz 9f4997033b Custom commit template no longer needed 2013-05-25 11:51:41 -04:00
Mike Gerwitz 4beb332973 mg.css fully merged into core style; consistency between article and repo2html formats 2013-05-25 11:51:41 -04:00
Mike Gerwitz 8257096d84 Moved papers into docs subdir
This dir will store all documents to be copied into www-root
2013-05-25 11:51:34 -04:00
Mike Gerwitz af9661fcc2 repo2html will now output directly into www-root 2013-05-21 22:45:13 -04:00
Mike Gerwitz 05e85eb4dc Removed html extension from repo2html filenames 2013-05-21 17:23:10 -04:00
Mike Gerwitz 19624e59e7 Link color styling to be similar to (but less obnoxious than) old site 2013-05-21 17:23:10 -04:00
Mike Gerwitz 731a4d4a0c Added external "self" links to the index page 2013-05-21 17:23:10 -04:00
Mike Gerwitz 854cf280c2 A sans-serif font family for body font
This was a bit of a difficult decision. One one hand, I perferred for the user
to select his/her own font via their browser settings. That said, the user still
has the option to override the font and use his/her own defaults.

This font choice is nearly identical to the current site font choice.
2013-05-21 17:23:10 -04:00
Mike Gerwitz bbebbc088a Added fsf, esp and eliminate drm image buttons to footer (just as existing site) 2013-05-21 17:23:10 -04:00
Mike Gerwitz 85314b1bc2 Modified heading style for repo theme to more closely represent old site
Well, not quite yet old...but that's the idea. ;)
2013-05-21 17:23:10 -04:00
Mike Gerwitz b4244adfe1 Began adding a thoughts theme that more closely resembles the horror story article theme
This means that some article CSS is duplicated; this will be resolved in the future
2013-05-21 17:23:03 -04:00
Mike Gerwitz 2c4b4f368a Added index.html to www-root 2013-05-17 22:35:41 -04:00
Mike Gerwitz 31e2b198cd Moved git horror story into this repository as well as the necessary build process
This is the original article that became popular on sites like HackerNews
2013-05-17 22:34:32 -04:00
Mike Gerwitz f6f98d5ecd Added license to Makefile 2013-05-15 23:03:52 -04:00
Mike Gerwitz a251a66a69 Added COPYING 2013-05-15 23:02:28 -04:00
Mike Gerwitz 7da0710cad Added clean target and ignores for thoughts dirs 2013-05-15 22:59:51 -04:00
Mike Gerwitz c2588c5729
:Added Makefile
Simply contains thought generation for now; will eventually build entire site
2013-05-15 22:38:50 -04:00
Mike Gerwitz 2fb4887029
U.S. House Passes CISPA
Two days ago---on the 18th--[the U.S. House of Representatives decided to pass
CISPA 288-127][0].

  The legislation passed 288-127, despite a veto threat from Pres. Barack Obama,
  who expressed serious concerns about the danger CISPA poses to civil
  liberties.[0]

As the bill moves into the senate, [civil liberties groups will continue to
oppose it][1]; I personally hope that you will do the same.

Move [information on CISPA][2] is available on the EFF's website.

[0] https://www.eff.org/deeplinks/2013/04/us-house-representatives-shamefully-passes-cispa-internet-freedom-advocates
[1] https://www.eff.org/deeplinks/2012/04/voices-against-cispa
[2] https://www.eff.org/cybersecurity-bill-faq
2013-04-20 12:20:29 -04:00
Mike Gerwitz 20aa35cfa0
Congratulations to the 2012 Free Software Award Winners
Each year, the [Free Software Foundation][0] presents awards to individuals who
have made a strong contribution to free software:

  The Award for the Advancement of Free Software is given annually to an
  individual who has made a great contribution to the progress and development
  of free software, through activities that accord with the spirit of free
  software.[1]

This year, announced at the LibrePlanet 2013 conference, [the winner was Dr.
Fernando Perez][1]---creator of IPython. The winner of the Award for Projects of
Social Benefit was [OpenMRS][2], which is a free (as in freedom) medical records
system for developing countries.

[0] http://fsf.org
[1] https://www.fsf.org/news/2012-free-software-award-winners-announced-2
[2] http://openmrs.org/
2013-03-23 23:21:12 -04:00
Mike Gerwitz 576d89ab95
Defective By Design Campaign Against W3C DRM Standard
[As I had mentioned late last week][0], RMS had mentioned that Defective By
Design (DBD) would be campaigning against the [introduction of DRM into the W3C
HTML5 standards][1]. (Please see [my previous mention of this topic][0] for a
detailed explanation of the problem and a slew of references for additional
information.) Well, [this campaign is now live and looking for
signatures][2]---50,000 by May 3rd, which is the [International Day Against
DRM][3]:

  Hollywood is at it again. Its latest ploy to take over the Web? Use its
  influence at the World Wide Web Consortium (W3C) to weave [Digital
  Restrictions Management (DRM)][4] into HTML5 -- in other words, into the very
  fabric of the Web.

  [...]

  Help us reach 50,000 signers by May 3rd, 2013, the [International Day Against
  DRM][3]. We will deliver the signatures to the W3C (they are right down the
  street from us!) and make your voice heard.[1]

To summarize the issue as stated by the EFF:

  W3C is there to create comprehensible, publicly-implementable standards that
  will guarantee interoperability, not to facilitate an explosion of new
  mutually-incompatible software and of sites and services that can only be
  accessed by particular devices or applications. But EME is a proposal to bring
  exactly that dysfunctional dynamic into HTML5, even risking a return to the
  ["bad old days, before the Web"][5] of deliberately limited
  interoperability.

  it would be a terrible mistake for the Web community to leave the door open
  for Hollywood's gangrenous anti-technology culture to infect W3C standards.[1]

So please---[sign the petition now][2]!

[0] [cref:9d3c8c214425124acd4076750f963f538628e9e5]
[1] https://www.eff.org/deeplinks/2013/03/defend-open-web-keep-drm-out-w3c-standards
[2] http://www.defectivebydesign.org/no-drm-in-html5
[3] http://www.defectivebydesign.org/dayagainstdrm
[4] http://www.defectivebydesign.org/what_is_drm
[5] http://www.anybrowser.org/campaign/index.html
2013-03-23 12:09:36 -04:00
Mike Gerwitz bc03bd3bfe
Federal Judge Rules NSLs (National Security Letters) Unconstitutional
This news is huge and an incredible win for both the EFF and all U.S. citizens.
Today, [United States District Judge Susan Illston found the National Security
Letters' gag provisions unconstitutional][0] and---since the review procedures
violate the separation of powers and cannot be separated from the rest of the
statute---has consequently [ruled the NSLs themselves to be
unconstitutional][1]:

  In today's ruling, the court held that the gag order provisions of the statute
  violate the First Amendment and that the review procedures violate separation
  of powers. Because those provisions were not separable from the rest of the
  statute, the court declared the entire statute unconstitutional.[1]

This is an exciting decision; let's see where it takes us.

  U.S. District Judge Susan Illston ordered the government to stop issuing
  so-called NSLs across the board, in a stunning defeat for the Obama
  administration’s surveillance practices. She also ordered the government to
  cease enforcing the gag provision in any other cases. However, she stayed her
  order for 90 days to give the government a chance to appeal to the Ninth
  Circuit Court of Appeals.[0]

[The issues surrounding NSLs][2] were highlighted just last week when [Google
released numbers relating to the orders that it received][3].

[0] http://www.wired.com/threatlevel/2013/03/nsl-found-unconstitutional/
[1] https://www.eff.org/press/releases/national-security-letters-are-unconstitutional-federal-judge-rules
[2] https://www.eff.org/issues/national-security-letters
[3] [cref:a1f8634296246f2f771f99c04fb74af0a592481e]
2013-03-15 23:05:30 -04:00
Mike Gerwitz 9d3c8c2144
HTML5 DRM
Two acronyms that, until very recently, would seem entirely incompatible---HTML,
which is associated with an unencumbered, free (as in freedom) representation of
a document, and [DRM][0], which [exists for the sole purpose of restricting
freedom][1]. Unfortunately, Tim Berners-Lee---the man attributed to
``inventing'' the Internet[18]---mentioned in a keynote talk at SXSW that [he is
not opposed to introducing DRM into the HTML5 standard][4][15]:

  [Tim Berners-Lee] did not, however, present himself as an opponent of digital
  locks. During a post-talk Q&A, he defended proposals to add support for
  ``digital rights management'' usage restrictions to HTML5 as necessary to get
  more content on the open Web: "If we don't put the hooks for the use of DRM
  in, people will just go back to using Flash," he claimed.[4]

Many who oppose DRM refer to it as ``digital restrictions management''[0]---a
phrase that better describes how it affects the user. The ``rights'' that
``digital rights management'' describes are the ``rights'' (in terms of
copyright) of publishers and copyright holders: They wish to lock down their
content so that [you, the user, can only access it as *they* please][5]. Has
``your'' device[25][26] ever told you that [you cannot share a book with your
friends][6][17][24]?  Has your device ever [deleted your content without your
permission][7][8]?  Does your device grant you [less privileges if you decide to
liberate yourself from it][9] through ``jailbreaking''? Does the software you
run [potentially spy on you without telling you][11], without giving you the
option to correct it? Or perhaps the games you play [require you to be online,
even in single-player mode][12].

These are but a small handful of [examples of the many mistakes and injustices
of Digital Restrictions Management][5]. These restrictions take additional
effort---that is, development time, which also means more money---to build into
software; computers, by their very nature, do exactly as they are told, meaning
that they can only work against you if someone else tells it to (unless you tell
your computer to make your life miserable...if you're into that sort of thing).
As such, we refer to these restrictions as [``anti-features''][23].

  Corporations claim that DRM is necessary to fight copyright infringement
  online and keep consumers safe from viruses. But there's no evidence that DRM
  helps fight either of those. Instead DRM helps big business stifle innovation
  and competition by making it easy to quash ``unauthorized'' uses of media and
  technology.[5]

It is this logic that corporations[13] (and even some individuals, such as
authors[14]) use to influence entities such as the W3C---and Tim
Berners-Lee---into [thinking that DRM is necessary][15]. The [W3C describes a
``trust infastructure''][16] that could be standardized for bringing DRM to the
web:

  It is clear that user domains (eg eBook trading, sub-rights trading, streaming
  music, etc.) each require sets of Rights Primitives that those domains wish do
  useful things with.[16]

This is an unfortunate perspective, especially since those ``useful things'' are
exactly the opposite for users. The Internet strongly promotes the free,
(generally) unencumbered flow of information. To quote W3C:

  The social value of the Web is that it enables human communication, commerce,
  and opportunities to share knowledge. One of W3C's primary goals is to make
  these benefits available to all people, whatever their hardware, software,
  network infrastructure, native language, culture, geographical location, or
  physical or mental ability.[19]

A DRM implementation flies in the face of those goals, as it is, by definition,
restrictive---how can we be encouraged to share by using systems that aim to
[prevent that very thing][0]?

Richard Stallman has already announced that the [FSF will ``campaign against W3C
support for DRM''][20]; let's hope that many others will join in on this
campaign, hope that organizations like the EFF will continue to fight for our
rights, and further hope that users will [reject DRM-laden products][22]
outright. [DRM cannot exist in free software][25] and it cannot exist on a
network that facilitates free information.

[0] http://www.defectivebydesign.org/what_is_drm (Disclaimer: I am an associate
member of the [Free Software Foundation][2] and, as such, this reference is
intentionally bias; feel free to see the [Wikipedia article on DRM][3] for more
general information.)
[1] http://www.defectivebydesign.org/
[2] http://fsf.org
[3] https://en.wikipedia.org/wiki/Digital_rights_management
[4] http://boingboing.net/2013/03/10/tim-berners-lee-the-web-needs.html
[5] https://www.eff.org/issues/drm
[6] http://www.amazon.com/gp/help/customer/display.html?nodeId=200549320
[7] http://www.defectivebydesign.org/blog/1248
[8] http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html
[9] http://arstechnica.com/apple/2011/02/ibooks-to-jailbreakers-no-yuo/ (I go
into more detail on jailbreaking and its current legality as of the time of
writing [in a previous article of mine][10].)
[10] [cref:7631ac2857e8655c50da5653d49e3c6046ff8286]
[11] [cref:3fa69da6531cb2131a7f52d17eb77a75e01794ba]
[12] https://www.eff.org/deeplinks/2013/03/tale-simcity-users-struggle-against-onerous-drm
[13] http://venturebeat.com/2012/10/12/together-html5-and-drm-can-take-out-native-apps/
[14] [cref:1ac60452f78af07fbef4da288be1048ca37c34e2]
[15] http://www.guardian.co.uk/technology/blog/2013/mar/12/tim-berners-lee-drm-cory-doctorow
[16] http://www.w3.org/2000/12/drm-ws/
[17] https://www.fsf.org/bulletin/e-books-must-increase-our-freedom-not-decrease-it
[18] http://www.w3.org/People/Berners-Lee/
[19] http://www.w3.org/Consortium/mission#principles
[20] http://lists.libreplanet.org/archive/html/libreplanet-discuss/2013-03/msg00007.html
[21] https://www.eff.org/deeplinks/2012/11/2012-dmca-rulemaking-what-we-got-what-we-didnt-and-how-to-improve
[22] http://www.defectivebydesign.org/guide
[23] https://www.fsf.org/bulletin/2007/fall/antifeatures/
[24] https://www.gnu.org/philosophy/right-to-read.html
[25] https://www.gnu.org/philosophy/can-you-trust.html
[26] https://www.gnu.org/philosophy/who-does-that-server-really-serve.html
2013-03-15 16:20:26 -04:00
Mike Gerwitz 7631ac2857
White House Supports Cell Phone Unlocking
Earlier this week, the starter of the [White House petition to ``Make Unlocking
Cell Phones Legal''][0] posted a [thread on Hacker News][1] stating that the
White House had officially responded[0], stating:

  The White House agrees with the 114,000+ of you who believe that consumers
  should be able to unlock their cell phones without risking criminal or other
  penalties. In fact, we believe the same principle should also apply to
  tablets, which are increasingly similar to smart phones. And if you have paid
  for your mobile device, and aren't bound by a service agreement or other
  obligation, you should be able to use it on another network. It's common
  sense, crucial for protecting consumer choice, and important for ensuring we
  continue to have the vibrant, competitive wireless market that delivers
  innovative products and solid service to meet consumers' needs.[0]

The petition---as stated in the above response---garnered over 114,000
signatures. The response is exciting news because the Library of Congress had
[removed the phone unlocking exemption][2] at the beginning of this year. (As
the EFF points out, [this may not necessarily mean that unlocking your phone is
``illegal''][3]).

However, although this response is getting a lot of attention (I was surprised
to see my local news station report on it), this is not yet cause for
celebration; it is my hope that the White House will now follow through with
this statement and act upon it appropriately.

(The [EFF has also posted their own comments on the White House's response][4].)

This is just one issue in [a string of problems that is the DMCA][5].

[0] https://petitions.whitehouse.gov/petition/make-unlocking-cell-phones-legal/1g9KhZG7
[1] https://news.ycombinator.com/item?id=5319577
[2] [cref:9ceb4331746f11dcb21aa92e09184514a183e61b]
[3] https://www.eff.org/is-it-illegal-to-unlock-a-phone
[4] https://www.eff.org/deeplinks/2013/03/white-house-supports-unlocking-phones-real-problem-runs-deeper
[5] https://www.eff.org/wp/unintended-consequences-under-dmca
2013-03-09 16:37:42 -05:00
Mike Gerwitz 084d4d6e4c
Oxford University Blocks Google Docs
Oxford University decided to [block Google Docs][0] last month due to phishing
attacks against its users. To quote the blog post:

  Almost all the recent attacks have used Google Docs URLs, and in some cases
  the phishing emails have been sent from an already-compromised University
  account to large numbers of other Oxford users. Seeing multiple such incidents
  the other afternoon tipped things over the edge. We considered these to be
  exceptional circumstances and felt that the impact on legitimate University
  business by temporarily suspending access to Google Docs was outweighed by the
  risks to University business by not taking such action.[0]

This incident was brought to my attention by a blog post by Schneier,[1] in
which he referenced his [essay on ``feudal security''][2] (I commented in more
detail on this essay in [my response to a previous blog post of his][3]). In
this case, Oxford is trusting that it knows better than its users and has the
right to exercise this power over them in light of their inexperience with
handling these situations (or even recognizing them).[0]

This may very well be the case---the Oxford IT department probably does have a
better understanding of security than many of their users. However, by blocking
access to Google Docs, they are also blocking access to millions of legitimate
articles hosted there, which is far from acceptable. Oxford is more than just a
workplace---for which many would argue these actions are acceptable; it is a
university that should encourage freedom of expression. They simply must find a
better way of dealing with these problems. If a user falls victim to a phishing
attack within Oxford, they will likely fall victim outside of it.

Would Oxford consider blocking e-mail access too (where phishing attacks are
very cheap and common)?

  We appreciate and apologise for the disruption this caused for our users.
  Nevertheless, we must always think in terms of the overall risk to the
  University as a whole, and we certainly cannot rule out taking such action
  again in future [...][0]

N.B.: Google Docs is proprietary and I cannot recommend its use any more than I
can recommend use of Microsoft Office.

[0] http://blogs.oucs.ox.ac.uk/oxcert/2013/02/18/google-blocks/
[1] https://www.schneier.com/blog/archives/2013/03/oxford_universi.html
[2] https://www.schneier.com/essay-406.html
[3] [cref:3fa69da6531cb2131a7f52d17eb77a75e01794ba] (I posted a link to my
response on his blog, but he did not approve the comment.)
2013-03-09 15:59:35 -05:00
Mike Gerwitz 07e36d7fe4
Adding 1 and 1 in PHP
An amusing demonstration; it is my hope that [readers will not take this PHP
library seriously][0]. This is likely a parody of the over-engineering that
often takes foot in Object-Oriented development (a game of ``how many GoF[4]
design patterns can we use in this project'' anyone?).

That is not to say that ``OOP is bad'' (just as object-oriented developers often
consider procedural code bad, when they may just be terrible at writing
procedural code). Indeed, I wrote [an ECMAScript framework for Classical OOP
(ease.js)][1].  The problem is that, with the excitement and misunderstandings
that surround ``good'' object-oriented design, designers are eager to
over-abstract their implementations (I have been guilty of the same thing).
Object oriented programming is often taught to novice CS students (often with
the reign of Java in schools)---teaching practices that can be good principles
when properly applied and in moderation---which I have also seen contribute to
such madness.[2]

Abstractions are highly important, but only when necessary and when they lead to
more concise representations of the problem than would otherwise occur (note
that some problems are inherently complicated and, as such, a concise
representation may not seen concise). I'm a strong advocate of DSLs when
abstractions begin to get in the way and increase the verbosity of the code
(languages with strong macro systems like lisp help eliminate the need for
DSLs written from scratch)---design patterns exist because of deficiencies in
the language: They are ``patterns'' of code commonly used to achieve a certain
effect.

[Criticisms against OOP are abundant][3], just as every other paradigm.

[0] https://github.com/Herzult/SimplePHPEasyPlus
[1] http://easejs.org
[2] http://c2.com/cgi/wiki?TextbookOo
[3] http://c2.com/cgi/wiki?ArgumentsAgainstOop
[4] Design Patterns: Elements of Reusable Object-Oriented Software. ISBN
0-201-63361-2. Gamma, Helm, Johnson and Vlissides (the "Gang of Four").
2013-03-09 15:10:59 -05:00
Mike Gerwitz a1f8634296
Google Says the FBI Is Secretly Spying on Some of Its Customers
A Wired article mentions [figures released from Google][0] regarding National
Security Letters issued by the NSA under the Patriot Act. It is too early to
comment in much detail on this matter (I would like to wait for commentary from
the EFF), but, as the article mentions:

  Google said the number of accounts connected to National Security letters
  ranged between “1000-1999″ for each of the reported years other than 2010. In
  that year, the range was “2000-2999.”

The [EFF provides additional information, including recommendations on what to
do about such requests][1] via their Surveillance Self-Defense website. As
quoted from that website:

    And it's even worse for FISA subpoenas, which can be used to force anyone to
    hand over anything in complete secrecy, and which were greatly strengthened
    by Section 215 of the USA PATRIOT Act. The government doesn't have to show
    probable cause that the target is a foreign power or agent — only that they
    are seeking the requested records "for" an intelligence or terrorism
    investigation. Once the government makes this assertion, the court must
    issue the subpoena.[1]

To add insult to injury:

  FISA orders and National Security Letters will also come with a gag order that
  forbids you from discussing them. Do NOT violate the gag order. Only speak to
  members of your organization whose participation is necessary to comply with
  the order, and your lawyer.[1]

[0] http://www.wired.com/threatlevel/2013/03/google-nsl-range/?cid=co6199824
[1] https://ssd.eff.org/foreign/fisa
2013-03-06 00:44:56 -05:00
Mike Gerwitz 47023ce212
DMR: ``Very early C compilers and language''
An interesting article by Dennis Ritchie discussing [early C compilers][0]
recovered from old DECtapes. The source code and history are fascinating reads.
The quality of the code (the ``kludgery''[1], as he puts it) to me just brings
smiles---I appreciate seeing the code in its original glory.

It is also saddening reading the words of such a great man who is no longer with
us; perhaps it helps to better appreciate his legacy.

[0] http://cm.bell-labs.com/cm/cs/who/dmr/primevalC.html
[1] http://www.catb.org/~esr/jargon/html/K/kludge.html
2013-03-01 23:25:41 -05:00
Mike Gerwitz 7a265a6909
Libreated Pixel Cup Winners Announced
[Congratulations][0] to the [winners of the Liberated Pixel Cup][1].

[0] http://www.fsf.org/news/winners-announced-for-free-software-gamings-highest-honor-the-liberated-pixel-cup
[1] http://lpc.opengameart.org/content/code-judging-is-in
2013-03-01 22:35:29 -05:00
Mike Gerwitz 13081f14a7
What is CISPA and Why is it Dangerous?
The EFF has put together an excellent [FAQ on CISPA][0], the ``cybersecurity''
bill that was reintroduced to congress earlier this month.

[0] https://www.eff.org/deeplinks/2013/02/cispas-back-faq-what-it-and-why-its-still-dangerous
2013-02-26 20:13:12 -05:00
Mike Gerwitz 9ceb433174
Phone ``Unlocking'' Once Again Illegal
[Ridiculous.][0] We should own the hardware that we purchase.

[0] https://www.eff.org/is-it-illegal-to-unlock-a-phone
2013-01-30 23:05:01 -05:00
Mike Gerwitz 3fa69da653
Re: Who Does Skype Let Spy?
Today, [Bruce Schneier brought attention to privacy concerns surrounding
Skype][0], a very popular (over 600 million users[1]) VoIP service that has
since been acquired by Microsoft. In particular, [users are concerned over what
entities may be able to gain access to their ``private'' conversations][1]
through the service---Microsoft has refused to answer those kinds of questions.
While the specific example of Skype is indeed concerning, it raises a more
general issue that I wish to discuss: The role of free software and SaaS
(software as a service).

To quote Schneier:[0]

   We have no choice but to trust Microsoft. Microsoft has reasons to be
   trustworthy, but they also have reasons to betray our trust in favor of other
   interests. And all we can do is ask them nicely to tell us first.

Schneier continues to admit, in similar words, that we are but ``vassals'' to
these entities and that they are our serfs.[2] His essays regarding the power of
corporations and governments over their users[3] echo the words of Lawrence
Lessig in his [predictions of a ``perfectly regulated'' future made possible by
the Internet][4]. While Lessig (despite what his critics have stated in the
past) seems to have been correct in many regards, we need not jump into the
perspective of an Orwellian dystopia where we are but ``vassals'' to the
Party.[5] Indeed, this is only the case---at least at present---if you choose to
participate in the use of services such as Skype, as ubiquitous as they may be.

Skype is a useful demonstration of the unfortunate situation that many users
place themselves in by trusting their private data to Microsoft. Skype itself is
proprietary---we cannot inspect its source code (easily) in order to ensure that
it is respecting our privacy. (Indeed, as a user on [the HackerNews
discussion][6] pointed out, Skype has installed undesirable software in the
past.[7]) If Skype were [free software][8], we would be able to inspect its
source code and modify it to suit our needs, ensuring that the software did only
what we wanted it to do---ensuring that Microsoft was not in control of us.

However, even if Skype were free software, there is another issue at work that
is often overlooked by users: Software as a Service (SaaS). When you make use of
services that are hosted on remote servers (often called ``cloud''
services)---such as with Skype, Facebook, Twitter, Flickr, Instagram, iTunes,
iCloud and many other popular services---you are blindly entrusting your data to
them. Even if the Skype software were free (as in freedom), for example, [we
still cannot know what their servers are doing with the data we provide to
them][9]. Even if Skype's source code was plainly visible, the servers act as a
black box. Do they monitor your calls? Does Facebook abuse your data?[10] How is
that data stored---what happens in the event of a data breach, or in the event
of a warrant/subpoena?[1]

The only way to be safe from these providers is to reject these services
entirely and use your own software on your own PC, or use software that will
connect directly to your intended recipient without going through a 3rd
party.[9] (Never mind your ISP; that is a separate issue entirely.) If you must
use a 3rd party service, ensure that you can adequately encrypt your
communications (e.g. using GPG to encrypt e-mail communications)---something
that may not necessarily be easy/possible to do, especially if the software is
proprietary and works against you.

The EFF has published [useful information on protecting yourself against
surveillance][11], covering topics such as encryption and anonymization.

If we are to resist the worlds that Lessig[4] and Schneier[3] describe, then we
must [stand up for our right to privacy and demand action][12]. [Who will have
your back][13] when we're on the brink of ``perfect regulation''[4]; who will
stand up for your rights and work *with* you---not against you---to preserve
your liberties? Without this push, services like Skype empower governments and
other entities to work toward perfect regulation---to continuously spy on
everything that we do. With everyone putting their every thought and movement on
services like Facebook, Twitter[14] and Skype, the Orwellian Thought Police[5] have
the ability to manifest in a form that not even Orwell could have
imagined---unless it is stopped.

To help preserve your ever-dwindling rights online,[15] consider becoming a
member of or participating in the campaigns of the [Free Software
Foundation][16], [Electronic Frontier Foundation][17], the [American Civil
Liberties Union][18] or any other organizations dedicated toward free society.

(Disclaimer: I am a member of the Free Software Foundation.)

[0] http://www.schneier.com/blog/archives/2013/01/who_does_skype.html
[1] http://www.skypeopenletter.com/
[2] http://www.schneier.com/essay-406.html
[3] http://www.schneier.com/essay-409.html
[4] http://codev2.cc/
[5] Orwell, George. Nineteen Eighty-Four. ISBN 978-0-452-28423-4.
[6] http://news.ycombinator.com/item?id=5139801
[7] http://blogs.skype.com/garage/2011/05/easybits_update_disabled_for_s.html
[8] http://www.gnu.org/philosophy/free-sw.html
[9] http://www.gnu.org/philosophy/who-does-that-server-really-serve.html
[10] https://www.eff.org/deeplinks/2013/01/facebook-graph-search-privacy-control-you-still-dont-have
[11] https://ssd.eff.org
[12] https://www.eff.org/deeplinks/2013/01/its-time-transparency-reports-become-new-normal
[13] https://www.eff.org/pages/when-government-comes-knocking-who-has-your-back
[14] https://www.eff.org/deeplinks/2013/01/google-twitters-new-transparency-report-shows-increase-government-demands-sheds
[15] https://action.eff.org/o/9042/p/dia/action/public/?action_KEY=8750
[16] http://www.fsf.org/register_form?referrer=5804
[17] https://supporters.eff.org/donate
[18] https://www.aclu.org/donate/join-renew-give
2013-01-30 20:39:31 -05:00
Mike Gerwitz 2ae3e94d21
Re: FSF Wastes Away Another ``High Priority'' Project
A couple days ago, my attention was drawn to an article on Phoronix that
[criticized the FSF for its decision to stick with GPLv3 over GPLv2 on
LibreDWG][0] due to the number of projects that make use of it---licensed under
the GPLv2---under a now incompatible[1] license. This article is very negative
and essentially boils down to this point (the last paragraph):

    Unless the Free Software Foundation becomes more accomodating [sic] of these
    open-source developers -- who should all share a common goal of wanting to
    expand free/open-source software -- LibreDWG is likely another project that
    will ultimately waste away and go without seeing any major adoption due to
    not working with the GPLv2.

It it worth mentioning why this view is misguided (though understandable for
those who adopt the ``open source'' philosophy over that of software
freedom[2]). Let me start with this paragraph from the Phoronix article[0]:

  The Free Software Foundation was contacted about making LibreDWG GPLv2+
  instead (since the FSF is the copyright holder), but the FSF/Richard Stallman
  doesn't the DWG library on the earlier version of their own open-source
  license.

The FSF's founding principle is that of software freedom[3] (beginning with the
GNU project). Now, consider the reason for the creation of the GPLv3---the GPLv2
could not sufficiently protect against software patents and newer threats such
as ``tivoization''.[4] These goals further the FSF's mission of ensuring---in
this case---that free software *remains* free ([a concept that RMS coined
``copyleft''][5]). It would make sense, then, that the FSF (and RMS') position is
that [it is important that we adopt the GPLv3 for our software][6].

From this perspective, it does not make sense to ``downgrade'' LibreDWG's
license to the GPLv2, which contains various bugs that have since been patched
in GPLv3---it is not pursuant to the FSF's goals. (Of course, not all agree with
the GPLv3; one such notable disagreement (as well as issues
stemming from copyright assignment) leaves the kernel Linux perpetually licensed
under the GPLv2[7] since it does not contain the ``or later'' clause[8]).

That is not to say that the author's concern is not legitimate---a number of
projects are licensed under the GPLv2 and therefore cannot use the newer (and
improved) versions of LibreDWG that are licensed under the GPLv3 (unless they
were to upgrade to the GPLv3, of course). Whether or not upgrading is feasible
(e.g., in the case of the kernel Linux, it is not) is irrelevant---let us
instead focus on the issue of adoption under the assumption that the project is
either unwilling or unable to make use of a library licensed under the GPLv3.

As aforementioned, the author focuses on the issue of adoption[0]:

  LibreDWG is likely [...to] go without seeing any major adoption due to not
  working with the GPLv2

A focus on adoption is a focus of ``open source'', not free software,[2] the
latter of which the FSF represents. With a focus on software freedom, the goal
is to create software that respects the [users' four essential freedoms][9]; if
the software is adopted and used, great! However, freedom should never be
sacrificed in order to encourage adoption. One may argue that ``downgrading'' to
the GPLv2 is not sacrificing freedom because the software is still free (it is
even the GPL)---but it is important to again realize that the GPLv3 is ``more
free'' than the GPLv2 in the sense that it *protects* additional freedoms;[6]
so, while the GPLv2 isn't necessarily sacrificing users' freedoms directly, it
does have such an indirect effect through means of enforcement.

A reader familiar with GNU may then point out the LGPL---the Lesser General
Public License---under which popular (and very important) libraries such as
glibc are licensed.[10] In fact, one could extend this argument to any
library---why not have LibreDWG licensed under the LGPL to avoid this problem in
its entirety, while still preserving the users' freedoms for that library in
itself? This understanding requires a brief lesson in history---the rationale
under which the LGPL was born. To quote the GNU project:[11]

  Using the ordinary GPL is not advantageous for every library. There are
  reasons that can make it better to use the Lesser GPL in certain cases. The
  most common case is when a free library's features are readily available for
  proprietary software through other alternative libraries. In that case, the
  library cannot give free software any particular advantage, so it is better to
  use the Lesser GPL for that library.

It was for this reason that glibc was released under the LGPL---because it was
better to have the users adopt some sort of free software than none at all;
there were other alternatives that existed that users may flock to if they were
forced to liberate their own proprietary software (after all, the C API is also
standardized, so such a feat would be trivial). Now that glibc has since matured
greatly, it could be argued today that it has proved its usefulness and the LGPL
may no longer be necessary, but such a discussion is not necessarily relevant
for this conversation.

What is important is that [the FSF does not recommend the LGPL for most
libraries][11] because that would encourage proprietary software developers to
take advantage of both the hard work of the free software community and the
users of the software. Now, I cannot speak toward the alternatives to
LibreDWG---do there exist proprietary alternatives that are reasonable
alternatives to non-commercial projects? I do not have experience with the
library. However, I hope by this point the FSF's position has been rationalize
(even if you---the reader---do not agree with it).

Of course, this rationalization will still leave a sour taste in the mouth of
those ``open source'' developers (or perhaps even some free software developers)
that think in terms of what is ``lost'': these projects---which are themselves
free software and therefore beneficial to our community---cannot take advantage
of *other free software* due to this licensing issue. Since these projects had
already existed when LibreDWG was licensed under the GPLv2, the relicensing to
GPLv3 may seem unfair and, therefore, a ``loss''. It is difficult to counter
such an argument if the above rationale has not been sufficient; nor will I
argue that the situation is not unfortunate, should the projects be unable to
relicense. However, it must be understood that, to ensure the future of free
software, the FSF must adopt to combat today's threats and so too must other
free software projects.

The Phoronix article mentioned two projects in particular that suffer from
LibreDWG's relicensing: LibreCAD and FreeCAD.[0] LibreCAD omits the ``or later''
clause that was mentioned above, preventing them from easily migrating to the
GPLv2 (which is against the FSF's recommendation[12]). Unless the project
requires that contributors assign copyright to the project owner, then they
would have to get permission from each contributor (or rewrite the code) in
order to change the license (which is not unheard of; [VLC had done so recently
to migrate from the GPL to the LGPL][13]); this is a significant barrier for any
project with multiple contributors, especially when your project is a derivative
work (of QCad).

The other project mention was FreeCAD, and the author of the article mentions
that the project depends on Coin3D and Open CASCADE, ``both of which are
GPLv2'', so the project cannot migrate to GPLv3.[0] A quick look at Coin3D's
website shows that the software is actually licensed under the modified
(3-clause) BSD license, and so migrating to the GPLv3 is not an issue.[15] Open
CASCADE has its own ``public license'' that I do not have the time to evaluate
(nor am I lawyer, so I do not wish to give such advice), so I cannot speak to
its compatibility with the GPLv3. That said, I'm unsure if it would be a barrier
toward FreeCAD's adoption of the GPLv3.

Ultimately, the moral of the story is to plan for the *future*---if you use a
project licensed under the GPL, ensure that it has the ``or later'' clause that
allows it to be licensed under later version of the GPL, since you can be sure
that the FSF and many other free software developers will be quick to adopt the
license. Of course, many may not be comfortable with such a licensing decision:
you effectively are giving the FSF permission to relicense you work by simply
releasing a new version of the GPL. It is your decision whether you are willing
to place this kind of trust in the organization responsible for starting the
free software movement in the first place.

Readers may now assume that I am placing the entire blame and onus on the
implementors of LibreDWG. The onus, perhaps, but not the blame---this truly is
an unfortunate circumstance that takes away from hacking a free software
project. Unfortunately, the projects are stuck in a bad place, but the FSF is
not to blame for standing firm in their ideals. Instead, this can be thought of
as a maintenance issue---rather than a source code refactoring resulting from a
library API change, we instead require a ``legal code'' refactoring resulting
from a ``legal API'' change.

[0] http://www.phoronix.com/scan.php?page=news_item&px=MTI4Mjc
[1] http://www.gnu.org/licenses/gpl-faq.html#WhatDoesCompatMean
[2] http://www.gnu.org/philosophy/open-source-misses-the-point.html
[3] http://www.fsf.org/about/
[4] http://www.gnu.org/licenses/quick-guide-gplv3.html
[5] http://www.gnu.org/copyleft/
[6] http://www.gnu.org/licenses/rms-why-gplv3.html
[7] http://lwn.net/Articles/200422/
[8] http://www.gnu.org/licenses/gpl-faq.html#v2v3Compatibility
[9] http://www.gnu.org/philosophy/free-sw.html
[10] http://www.gnu.org/licenses/lgpl.html
[11] http://www.gnu.org/licenses/why-not-lgpl.html
[12] http://www.gnu.org/licenses/gpl-howto.html
[13] http://mikegerwitz.com/thoughts/2012/11/VLC-s-Move-to-LGPL.html
[14] https://bitbucket.org/Coin3D/coin/wiki/Home
[15] http://www.gnu.org/licenses/license-list.html#ModifiedBSD
[16] http://www.opencascade.org/getocc/license/
2013-01-27 09:34:56 -05:00
Mike Gerwitz 1ac60452f7
LuLu Says Goodbye to DRM
On January 8th, [LuLu announced that they would be dropping DRM][0] for users
who ``[download] eBooks directly from Lulu.com to the device of their choice''.
This is a wise move (for [those of us who oppose DRM][1]), but unfortunately, as
John Sullivan of the Free Software Foundation noted on the fsf-community-team
mailing list, the comments on LuLu's website[0] are not all positive:

    This is a positive development, but unfortunately there has been a lot
    of negative reaction in the comments on their announcement.

    It'd be great if people could chime in and support them their move away
    from DRM.

At first glance, certain authors seem to be concerned that the absense of DRM
will lead to ``more illegal file sharing''[0]:

  [...] I’ve got copies of my non-DRM ebooks all over the torrent sites and
  thousands of downloads registered, for which I haven’t received a cent. As
  soon as you push for them to be taken down, they’re posted up again.

While it is unfortunate that those authors are not receiving compensation for
their hard work, it should be noted that this problem exists even *with*
DRM, so it is not a valid argument toward keeping it.

I applaud this move by LuLu, though I'm disappointed to see this comment in the
original post[0]:

  Companies like Amazon, Apple and Barnes & Noble integrate a reader’s
  experience from purchasing to downloading and finally to reading. These
  companies do a fantastic job in this area, and eBooks published through Lulu
  and distributed through these retail sites will continue to have the same
  rights management applied as they do today.

They do not do it well; no DRM is good DRM.

[0] http://www.lulu.com/blog/2013/01/drm-update/
[1] http://defectivebydesign.org/
2013-01-14 20:34:30 -05:00
Mike Gerwitz d896ef5403
USPTO Wants To Hear From Software Community
The [USPTO wants to hear from the software community][0]. Interesting, but the
problem is that the ``software community'' includes more than just those who
find software patents to be an abomination.

I have [mentioned issues with software patents in a previous post][1], but one
resource that may be worth looking at direclty is [``The Case Against
Patents''][2] [pdf].

[0] http://www.groklaw.net/article.php?story=20130104012214868
[1] http://mikegerwitz.com/thoughts/2012/10/Abolishing-Patents.html
[2] http://research.stlouisfed.org/wp/2012/2012-035.pdf
2013-01-07 12:37:04 -05:00
Mike Gerwitz 1ca1153814
DNA Collection
Consider a recent article from the EFF [regarding ``Rapid DNA Analyzers''][0].
The article poses the potetial issues involved, but also consider that any DNA
collected (if not destroyed) would violate not just your privacy, but your
entire blood line. What if DNA from immigrants were collected? Much of that
information is inherited, so generations down the line, your privacy is still
violated.

I cannot comment intelligently on the matter since I haven't read deeply enough
into the proposed storage/hashing/etc policies, but those polices can be abused
and such data can be leaked. I highly oppose any sort of DNA collection outside
of personal at-home use (when the technology is available with free software)
and use by medical professionals for personal medical reasons so long as the
institution performing the test can provide stringent evidence of its
destruction. But even then, if law enforcement somehow got a hold of the DNA
before it were destroyed, then the problem still exists, so it would be best if
you had your own personal tools to analyze your own DNA and distribute only the
portions that were required (and encryption tools like [GPG][1] could be used
for distribution).

One day, but not now. Let's make those scanners affordable and run free
software.

[0] https://www.eff.org/deeplinks/2012/12/rapid-dna-analysis
[1] http://www.gnupg.org/
2013-01-07 12:24:08 -05:00
Mike Gerwitz a7a967d93a
Happy New Year
The greatest excitement in moving into a new year is the prospect of quantified
growth.

Of course, it also means another year to look forward to the health of those you
care for.
2013-01-01 00:24:30 -05:00
Mike Gerwitz b604fda5ee
Congress Approves FISA For Another 5 Years
At a [vote of 73-23][0], Congress has voted to [extend FISA warentless spying
bill by five more years[1], even shooting down [proposed amendments][2] to the
bill.[3]

Thank you to those senators that opposed the bill:[0]

  Akaka (D-HI)
  Baucus (D-MT)
  Begich (D-AK)
  Bingaman (D-NM)
  Brown (D-OH)
  Cantwell (D-WA)
  Coons (D-DE)
  Durbin (D-IL)
  Franken (D-MN)
  Harkin (D-IA)
  Leahy (D-VT)
  Lee (R-UT)
  Menendez (D-NJ)
  Merkley (D-OR)
  Murkowski (R-AK)
  Murray (D-WA)
  Paul (R-KY)
  Sanders (I-VT)
  Schatz (D-HI)
  Tester (D-MT)
  Udall (D-CO)
  Udall (D-NM)
  Wyden (D-OR)

Unfortunately, the two senators from my own state cannot join that list.

The [EFF has sumarized the surveillance issues of 2012][4] recently on their
website.

[0] https://www.senate.gov/legislative/LIS/roll_call_lists/roll_call_vote_cfm.cfm?congress=112&session=2&vote=00236
[1] https://www.eff.org/deeplinks/2012/12/congress-disgracefully-approves-fisa-warrantless-eavesdropping-bill-five-more
[2] https://www.eff.org/deeplinks/2012/12/why-we-should-all-care-about-senates-vote-fisa-amendments-act-warrantless-domestic
[3] http://arstechnica.com/tech-policy/2012/12/as-senate-votes-on-warrantless-wiretapping-opponents-offer-fixes/
[4] https://www.eff.org/deeplinks/2012/12/2012-review-effs-fight-against-secret-surveillance-law
2012-12-28 22:09:40 -05:00
Mike Gerwitz 1ec460ddeb
Copyright Assignment Of Free Software Projects
An [e-mail today from Paolo Bonzini][0], a maintainer of GNU sed, has prompted
additional discussion regarding copyright assignment to corporate entities; in
particular, the discussion focuses on copyright assignment to the FSF under the
GNU project.

An [article by Michael Kerrisk on LWN.net][1], posted a couple days earlier,
touches on the [same issue brought up by GnuTLS earlier in the month][2]. The
disagreements from the two aforementioned individuals of the GNU-maintained
projects prompt a thoughtful analysis of whether copyright assignment is
appropriate for your own free software project[1]. In contrast, consider the
[developer certificate of origin][3] policy adopted by the Linux project, under
which contributors maintain copyright for their contributions.

There are benefits and downsides to both models---if a project requires
copyright assignment (such as the GNU projects), then enforcement and license
modifications are simplified. As an example, if the Linux project wanted to move
to the GPLv3, they would have to contact each contributor (a similar move was
done recently [by the VLC project][4], except that they moved from the GPL to
the LGPL). However, the Linux project has a much smaller barrier to entry---they
need not [assign copyright of their contributions to the project (such as is the
case with GNU)][5], meaning that individuals may be more likely to contribute.

One of the major benefits touted by the FSF for copyright assignments from
contributors is [copyright enforcement][6]---another complication that would
arise from enforcing the GPL in a project such as Linux. That said, as the LWN
article mentions[2], what if [the FSF cannot find the time to enforce the
copyright on a project violation][7]? Then again, what of the flipside---do you
have the time or money to enforce violations on your own projects were they not
assigned to a corporation like the FSF?

These are interesting discussions and certainly things that should be considered
when determining how to handle both contributions and the copyright for your
entire project. Ultimately, that decision falls on you, the author/maintainer,
and your needs.

(Disclaimer: I am an associate member of the Free Software Foundation. This
article does not reflect any of my personal opinions; whether or not I would
assign copyright to the FSF for any of my projects would be determined based on
the goals and plan of that particular project.)

[0] http://article.gmane.org/gmane.comp.lang.smalltalk.gnu.general/7873
[1] http://lwn.net/SubscriberLink/529522/854aed3fb6398b79/
[2] http://lwn.net/Articles/529558/
[3] http://elinux.org/Developer_Certificate_Of_Origin
[4] http://mikegerwitz.com/thoughts/2012/11/VLC-s-Move-to-LGPL.html
[5] http://git.savannah.gnu.org/cgit/gnulib.git/tree/doc/Copyright/assign.changes.manual#n64
[6] http://www.gnu.org/licenses/why-assign.html
[7] http://lwn.net/Articles/529777/
2012-12-22 15:49:04 -05:00
Mike Gerwitz 7d734d9a80
Warrants For E-mails in the United States
The [Senate Judiciary Committee passed an amendment][0] that requires that they
receive a warrant before spying on our e-mails.

This is excellent; let us hope that it becomes law.

[0] https://www.eff.org/deeplinks/2012/12/deep-dive-updating-electronic-communications-privacy-act
2012-12-06 21:58:09 -05:00