Commit Graph

172 Commits (377a13a2519deed528a322247847f705585b0191)

Author SHA1 Message Date
Mike Gerwitz 377a13a251
:Gitlab, Gitorious, and Free Software hightlight on papers page 2015-05-22 01:25:39 -04:00
Mike Gerwitz 1ec8b2071e
Gitlab, Gitorious, and Free Software
*This article originally appeared as a guest post on the [GitLab
blog][orig-post].*

In early March of this year, it was announced that
[GitLab would acquire Gitorious][0] and shut down `gitorious.org` by 1
June, 2015.  [Reactions from the community][1] were mixed, and
understandably so: while GitLab itself is a formidable alternative to wholly
proprietary services, its acquisition of Gitorious strikes a chord with the
free software community that gathered around Gitorious in the name of
[software freedom][2].

<!-- more -->

After hearing that announcement,
[as a free software hacker and activist myself][11], I was naturally
uneasy.  Discussions of alternatives to Gitorious and GitLab ensued on the
[`libreplanet-discuss`][12] mailing list.  Sytse Sijbrandij (GitLab
B.V. CEO) happened to be present on that list;
[I approached him very sternly][13] with a number of concerns, just as I
would with anyone that I feel does not understand certain aspects of the
[free software philosophy][2].  To my surprise, this was not the case at
all.

Sytse has spent a lot of time accepting and considering community input for
both the Gitorious acquisition and GitLab itself.  He has also worked with
me to address some of the issues that I had raised.  And while these issues
won't address everyone's concerns, they do strengthen GitLab's commitment to
[software freedom][2], and are commendable.

I wish to share some of these details here; but to do so, I first have to
provide some background to explain what the issues are, and why they are
important.


## Free Software Ideology
[Gitorious][3] was (and still is) one of the most popular Git repository
hosts, and largely dominated until the introduction of GitHub.  But even as
users flocked to [GitHub's proprietary services][28], users who value freedom
continued to support Gitorious, both on `gitorious.org` and by installing
their own instances on their own servers.  Since Gitorious is
[free software][2], users are free to study, modify, and share it with
others.  But [software freedom does not apply to Services as a
Software Substitute (SaaSS)][4] or remote services---you cannot apply the
[four freedoms][2] to something that you do not yourself possess---so why do
users still insist on using `gitorious.org` despite this?

The matter boils down to supporting a philosophy:  The
[GNU General Public License (GPL)][6] is a license that turns copyright on
its head: rather than using copyright to restrict what users can do with a
program, the GPL instead [ensures users' freedoms][8] to study, modify, and
share it.  But that isn't itself enough: to ensure that the software always
remains free (as in freedom), the GPL ensures that all *derivatives* are
*also* licensed under similar terms.  This is known as [copyleft][9], and it
is vital to the free software movement.

Gitorious is licensed under the
[GNU Affero General Public License Version 3 (AGPLv3)][5]---this takes the
[GPL][6] and adds an additional requirement: if a modified version of the
program is run on a sever, users communicating with the program on that
server must have access to the modified program's source code.  This ensures
that [modifications to the program are available to all users][7]; they
would otherwise be hidden in private behind the server, with others unable
to incorporate, study, or share them.  The AGPLv3 is an ideal license for
Gitorious, since most of its users will only ever interact with it over a
network.

GitLab is also free software: its [Expat license][10] (commonly referred to
ambiguously as the "MIT license") permits all of the same freedoms that
are granted under the the GNU GPL.  But it does so in a way that is highly
permissive: it permits relicensing under *any* terms, free or not.  In other
words, one can fork GitLab and derive a proprietary version from it, making
changes that deny users [their freedoms][2] and cannot be incorporated back
into the original work.

This is the issue that the free software community surrounding Gitorious has
a problem with: any changes contributed to GitLab could in turn benefit a
proprietary derivative.  This situation isn't unique to GitLab: it applies
to all non-copyleft ("permissive") [free software licenses][26].  And this
issue is realized by GitLab itself in the form of its GitLab Enterprise
Edition (GitLab EE): a proprietary derivative that adds additional
features atop of GitLab's free Community Edition (CE).  For this reason,
many free software advocates are uncomfortable contributing to GitLab, and
feel that they should instead support other projects; this, in turn, means
not supporting GitLab by using and drawing attention to their hosting
services.

The copyleft vs. permissive licensing debate is one of the free software
movement's most heated.  I do not wish to get into such a debate here.  One
thing is clear: GitLab Community Edition (GitLab CE) is free
software.  Richard Stallman (RMS) [responded directly to the thread on
`libreplanet-discuss`][20], stating plainly:

>  We have a simple way of looking at these two versions.  The free
>  version is free software, so it is ethical.  The nonfree version is
>  nonfree software, so it is not ethical.

Does GitLab CE deserve attention from the free software community?  I
believe so.  Importantly, there is another strong consideration: displacing
proprietary services like GitHub and Bitbucket, which host a large number of
projects and users.  GitLab has a strong foothold, which is an excellent
place for a free software project to be in.

If we are to work together as a community, we need to respect GitLab's
free licensing choices just as we expect GitLab to respect ours.  Providing
respect does not mean that you are conceding: I will never personally use a
non-copyleft license for my software; I'm firmly rooted in my dedication to
the [free software philosophy][2], and I'm sure that many other readers are
too.  But using a non-copyleft license, although many of us consider it to
be a weaker alternative, [is not wrong][23].


## Free JavaScript
As I mentioned above,
[software freedom and network services are separate issues][4]---the four
freedoms do not apply to interacting with `gitlab.com` purely over a network
connection, for example, because you are not running its software on your
computer.  However, there is an overlap: JavaScript code downloaded to be
executed in your web browser.

[Non-free JavaScript][15] is a particularly nasty concern: it is software
that is downloaded automatically from a server---often without prompting
you---and then immediately executed.  Software is now being executed on your
machine, and [your four freedoms][2] are once again at risk.  This, then,
[is the primary concern][16] for any users visiting `gitlab.com`: not only
would this affect users that use `gitlab.com` as a host, but it would also
affect *any user that visits* the website.  That would be a problem, since
hosting your project there would be inviting users to run proprietary
JavaScript.

As I was considering migrating my projects to GitLab, this was the
[first concern I brought up to Sytse][14].  This problem arises because
`gitlab.com` uses a GitLab EE instance: if it had used only its Community
Edition (GitLab CE)---which is free software---then all served JavaScript
would have been free.  But any scripts served by GitLab EE that are not
identical to those served by GitLab CE are proprietary, and therefore
unethical.  This same concern applies to GitHub, Bitbucket, and other
proprietary hosts that serve JavaScript.

Sytse surprised me by stating that he would be willing to
[freely license all JavaScript in GitLab EE][17], and by offering to give
anyone access to the GitLab EE source code who wants to help out.  I took
him up on that offer.  Initially, I had submitted a patch to merge all
GitLab EE JavaScript into GitLab CE, but Sytse came up with another,
superior suggestion, that ultimately provided even greater reach.

**I'm pleased to announce that Sytse and I were able to agree on a license
change (with absolutely no friction or hesitation on his part) that
liberates all JavaScript served to the client from GitLab EE instances.**
There are two concerns that I had wanted to address: JavaScript code
directly written for the client, and any code that produced JavaScript as
output.  In the former case, this includes JavaScript derived from other
sources: for example, GitLab uses CoffeeScript, which compiles *into*
JavaScript.  The latter case is important: if there is any code that
generates fragments of JavaScript---e.g. dynamically at runtime---then that
code must also be free, or users would not be able to modify and share the
resulting JavaScript that is actually being run on the client.  Sytse
accepted my change verbatim, while adding his own sentence after mine to
disambiguate.  At the time of writing this post, GitLab EE's source code
isn't yet publicly visible, so here is the relevant snippet from its
`LICENSE` file:

> The above copyright notices applies only to the part of this Software that
> is not distributed as part of GitLab Community Edition (CE), and that is
> not a file that produces client-side JavaScript, in whole or in part. Any
> part of this Software distributed as part of GitLab CE or that is a file
> that produces client-side JavaScript, in whole or in part, is copyrighted
> under the MIT Expat license.


## Further Discussion
My discussions with Sytse did not end there: there are other topics that
have not been able to be addressed before my writing of this post that would
do well to demonstrate commitment toward [software freedom][2].

The license change liberating client-side JavaScript was an excellent
move.  To expand upon it, I wish to submit a patch that would make GitLab
[LibreJS compliant][21]; this provides even greater guarantees, since it
would allow for users to continue to block other non-free JavaScript that
may be served by the GitLab instance, but not produced by it.  For example:
a website/host that uses GitLab may embed proprietary JavaScript, or modify
it without releasing the source code.  Another common issue is the user of
analytics software; `gitlab.com` uses Google Analytics.

If you would like to help with LibreJS compliance, please [contact me][11].

I was brought into another discussion between Sytse and RMS that is
unrelated to the GitLab software itself, but still a positive demonstration
of a commitment to [software freedom][2]---the replacement of Disqus on the
`gitlab.com` blog with a free alternative.  Sytse ended up making a
suggestion, saying he'd be "happy to switch to" [Juvia][22] if I'd help with
the migration.  I'm looking forward to this, as it is an important
discussion area (that I honestly didn't know existed until Sytse told me
about it, because I don't permit proprietary JavaScript!).  He was even kind
enough to compile a PDF of comments for one of our discussions, since he was
cognizant ahead of time that I would not want to use Disqus.  (Indeed, I
will be unable to read and participate in the comments to this guest post
unless I take the time to freely read and reply without running Disqus'
proprietary JavaScript.)

Considering the genuine interest and concern expressed by Sytse in working
with myself and the free software community, I can only expect that GitLab
will continue to accept and apply community input.

It is not possible to address the copyleft issue without a change in
license, which GitLab is not interested in doing.  So the best way to
re-assure the community is through action.  [To quote Sytse][18]:

> I think the only way to prove we're serious about open source is in our
> actions, licenses or statements don't help.

There are fundamental disagreements that will not be able to be
resolved between GitLab and the free software community---like their
["open core" business model][19].  But after working with Sytse and seeing
his interactions with myself, RMS, and many others in the free software
community, I find his actions to be very encouraging.

*Are you interested in helping other websites liberate their JavaScript?
 Consider [joining the FSF's campaign][27], and
 [please liberate your own][16]!*

*This post is licensed under the
 [Creative Commons Attribution-ShareAlike 3.0 Unported License][25].*

[0]: https://about.gitlab.com/2015/03/03/gitlab-acquires-gitorious/
[1]: https://news.ycombinator.com/item?id=9138419
[2]: https://www.gnu.org/philosophy/free-sw.html
[3]: https://gitorious.org/
[4]: https://www.gnu.org/philosophy/who-does-that-server-really-serve.html
[5]: https://www.gnu.org/licenses/agpl.html
[6]: https://www.gnu.org/licenses/gpl.html
[7]: https://www.gnu.org/licenses/why-affero-gpl.html
[8]: https://www.gnu.org/licenses/quick-guide-gplv3.html
[9]: https://www.gnu.org/philosophy/pragmatic.html
[10]: https://www.gnu.org/licenses/license-list.html#Expat
[11]: http://mikegerwitz.com/
[12]: https://lists.gnu.org/mailman/listinfo/libreplanet-discuss
[13]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-03/msg00075.html
[14]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-04/msg00019.html
[15]: https://www.gnu.org/philosophy/javascript-trap.html
[16]: https://www.gnu.org/software/easejs/whyfreejs.html
[17]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-04/msg00020.html
[18]: https://news.ycombinator.com/item?id=9141801
[19]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-03/msg00076.html
[20]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-03/msg00095.html
[21]: https://www.gnu.org/software/librejs/free-your-javascript.html
[22]: https://github.com/phusion/juvia
[23]: https://www.fsf.org/blogs/rms/selling-exceptions
[24]: https://gnu.org/software/easejs
[25]: http://creativecommons.org/licenses/by-sa/3.0/
[26]: https://www.gnu.org/licenses/license-list.html
[27]: https://fsf.org/campaigns/freejs
[28]: http://mikegerwitz.com/about/githubbub
[orig-post]: https://about.gitlab.com/2015/05/20/gitlab-gitorious-free-software/
2015-05-22 00:53:15 -04:00
Mike Gerwitz 4ca56c122f
:Savannah personal link and logo 2015-05-19 23:12:50 -04:00
Mike Gerwitz 1ead904c43
:Replace Gitorious link and logo with GitLab
Gitorious acquired.
2015-05-17 20:38:41 -04:00
Mike Gerwitz 895c2b2dd1
:mdfmt and thoughts-fmt support for plain output 2015-05-16 22:37:03 -04:00
Mike Gerwitz 683bb384fc
:Githubbub librejs reference fix 2015-05-16 22:36:37 -04:00
Mike Gerwitz c8d90f134a
:clean target include markdown pages 2015-05-16 22:36:11 -04:00
Mike Gerwitz 44ac79430e
:Spring cleaning and GH reference eradication 2015-05-16 02:19:10 -04:00
Mike Gerwitz 2acd75c8b6 markdown link syntax corrections 2015-05-16 02:18:54 -04:00
Mike Gerwitz a91c9e1027 md permitted in page header search 2015-05-16 02:16:32 -04:00
Mike Gerwitz 0665a3283e Remove GitHub references from project list 2015-05-16 02:11:09 -04:00
Mike Gerwitz 475f3123b0 20-projects markdown 2015-05-16 02:08:42 -04:00
Mike Gerwitz 82d88f7569 Mention of GNU ease.js on About page 2015-05-16 02:07:15 -04:00
Mike Gerwitz 9ab3c791a7 10-about markdown 2015-05-16 02:05:12 -04:00
Mike Gerwitz d8575eddbc Githubbub! 2015-05-16 02:01:09 -04:00
Mike Gerwitz 380893a559 GH e-mail correspondence 2015-05-16 02:00:44 -04:00
Mike Gerwitz 508981884a Markdown support for pages 2015-05-16 02:00:03 -04:00
Mike Gerwitz 6b42aef7a1 Copyright years 2012--2015 in footer 2015-05-15 22:04:33 -04:00
Mike Gerwitz a555ce703a Hollyweb link and image removal
That boat has unfortunately sailed.
2015-05-15 22:01:42 -04:00
Mike Gerwitz c13595c128
:Merge GHS patch for "begging the question" (GH PR#1)
Thanks!
2015-04-16 20:58:25 -04:00
Chris Wong 95cce0a0af Replace "begs" with "raises"
"Begging the question" and "raising the question" mean different things. This patch fixes an instance where it is misused.

See: http://begthequestion.info/
2015-04-16 22:42:36 +12:00
Mike Gerwitz 2f1a0d9bb8
:Style updates for Org mode output 2014-12-07 00:25:10 -05:00
Mike Gerwitz d0397cbe1b
:hk-tango CSS for source highlighting
https://github.com/jgm/highlighting-kate/blob/master/css/hk-tango.css
2014-11-30 21:07:27 -05:00
Mike Gerwitz ebef97a87c
:Misc. formatter changes for markdown transition 2014-11-30 21:07:24 -05:00
Mike Gerwitz 9ad73dc0de
:pandoc html5 output 2014-11-30 21:07:21 -05:00
Mike Gerwitz 7c8604f82e
:pandoc smart output 2014-11-30 21:07:18 -05:00
Mike Gerwitz dfca67abe8
:thoughts-fmt now forwarding options to old formatter 2014-11-30 21:07:14 -05:00
Mike Gerwitz cc0fe11084
Please stop using SlideShare
There are many great presentations out there---many that I enjoy
reading, or that I would enjoy to read.  Unfortunately, many of them
are hosted on SlideShare, which requires me to download proprietary
JavaScript.

[JavaScript programs require the same freedoms as any other
software][0].  While SlideShare does (sometimes/always?) provide a
transcript in plain text---which is viewable without JavaScript---this
is void of the important and sometimes semantic formatting/images that
presenters put much time into; you know: the actual presentation bits.
(I'm a fan of plain-text presentations, but they each have their own
design elements).

There are ways around this.  SlideShare's interactive UI appears to
simply be an image viewer, so it is possible to display all sides
using a fairly simple hack:

```javascript
Array.prototype.slice.call(
  document.getElementsByClassName( 'slide' ) )
    .forEach( function( slide ) {
      slide.classList.add( 'show' );

      var img = slide.getElementsByClassName( 'slide_image' )[0];
      img.src = img.dataset.full;
    } );
```

This will display all slides inline.  But there's a clear problem with
this: how is the non-JS-programmer supposed to know that?  Even
JavaScript programmers have to research the issue in order to come up
with a solution.

But ideally, I'd like to download the presentation PDF.  SlideShare
does offer a download link, but not only does it not work with
JavaScript disabled, but it requires that the user create an account.
This is no good, as it can be used to track users or discover
identities by analyzing viewing habits.  This would allow
de-anonymizing users, even if they have [taken measures to remain
anonymous][1].

(By the way: at the time that I wrote this post, the [EFF's
Surveillance Self-Defense Guide][1] is [LibreJS compatible][2] and the
JavaScript code that it runs is mostly free.)

I encourage presenters (and authors in general) to release the slides
in an [unencumbered document format][3], like PDF, HTML, OpenDocument,
or plain text.  Those formats should be hosted on their own website,
or websites that allow downloading those files without having to
execute proprietary JavaScript, and without having to log in.  If
those authors *must* use SlideShare for whatever reason, then they
should clearly provide a link to that free document format somewhere
that users can access without having to execute SlideShare's
proprietary JavaScript, such as on the first slide.  (The description
is iffy, since it is truncated and requires JavaScript to expand.)

[0]: https://www.gnu.org/software/easejs/whyfreejs.html
[1]: https://ssd.eff.org/
[2]: https://www.gnu.org/software/librejs/
[3]: http://www.fsf.org/campaigns/opendocument/reject
2014-11-30 21:06:07 -05:00
Mike Gerwitz 2999dbc06c
:thoughts-fmt script added for markdown cutoff 2014-11-30 17:18:38 -05:00
Mike Gerwitz 4ba32d1312
FSF Condemns Partnership Between Mozilla and Adobe to Support DRM
Two days ago, the Free Software Foundation published [an announcement
strongly condemning Mozilla's partnership with Adobe][0] to implement the
[controversial W3C Encrypted Media Extensions (EME) API][1]. EME has been
strongly criticized by a number of organizations, including the [EFF][2] and
the [FSF's DefectiveByDesign campaign team][3] (``Hollyweb'').

[Digital Restrictions Management][4] imposes artificial restrictions on
users, telling them what they can and cannot do; it is a system [that does
not make sense][5] and is harmful to society. Now, just about [a week after
the International Day Against DRM][6], Mozilla decides to [cave into the
pressure in an attempt to stay relevant][7] to modern web users, instead of
sticking to their [core philosophy about ``openness, innovation, and
opportunity''][8].

John Sullivan requested in the [FSF's announcement] that the community
contact Mozilla CTO Andreas Gal in opposition of the decision. This is my
message to him:

    Date: Wed, 14 May 2014 22:57:02 -0400
    From: Mike Gerwitz <mikegerwitz@gnu.org>
    To: agal@mozilla.com
    Subject: Firefox EME

    Andreas,

    I am writing to you as a free software hacker, activist, and user; notably,
    I have been using Firefox for over ten years. It has been pivotal, as I do
    not need to tell you, in creating a free (as in freedom), standard, and
    accessible internet for millions of users. Imagine my bewildered
    disappointment, then, to learn that Firefox has chosen to cave into the
    pressure to [support Digital Restrictions Management through the
    implementation of EME][0].

    Mitchell Baker made a feeble attempt at [rationalizing this decision][0] as
    follows:

      [...] Mozilla alone cannot change the industry on DRM at this point.  In
      the past Firefox has changed the industry, and we intend to do so again.
      Today, however, we cannot cause the change we want regarding DRM.  The
      other major browser vendors =E2=80=94 Google, Microsoft and Apple =E2=80=
    =94 have already
      implemented the new system.   In addition, the old system will be retired
      shortly.  As a result, the new implementation of DRM will soon become the
      only way browsers can provide access to DRM-controlled content.

    She goes on to explain how ``video is an important aspect of online life''
    and that Firefox would be ``deeply flawed as a consumer product'' if it did
    not implement Digital Restrictions Management. This is precisely the FUD
    that the ``content owners'' she describes, and corporations like Adobe, have
    been pushing: Mozilla understands that the solution is not to implement DRM,
    but to fight to encourage content to be published *without* being
    DRM-encumbered. Unfortunately, they will now have little motivation to do
    so, with every major browser endorsing EME.

    She defers to a post by Andreas Gal [for more implementation details][1], in
    which he mentions that the proprietary CDM virus (which will be happily
    provided by Adobe) will be protected by a sandbox to prevent certain spying
    activities like fingerprinting. While this is better than nothing, it's a
    clear attempt by Mozilla to help make a terrible situation a little bit
    better.

    He goes on to say:

      There is also a silver lining to the W3C EME specification becoming
      ubiquitous. With direct support for DRM we are eliminating a major use
      case of plugins on the Web, and in the near future this should allow us to
      retire plugins altogether.=20

    Let us not try to veil the problem and make things look more rosy than they
    actually are: this is not a silver lining; it is not appropriate to have a
    standardized way of manipulating and taking advantage of users.

    It is true that Firefox was in an unfortunate position: many users would
    indeed grow frustrated that they cannot watch their favorite TV shows and
    movies using Firefox. But Firefox could have served, when the EME API was
    used, static content that provided a brief explanation and a link for more
    information on the problem. They could have educated users and encourage an
    even stronger outcry.

    Instead, we are working with the corrupt W3C to implement a seamlessly
    shackled web. Mozilla wants to propose alternative solutions to DRM/EME, but
    by implementing it, their position is weakened.

      This is a difficult and uncomfortable step for us given our vision of a
      completely open Web, but it also gives us the opportunity to actually
      shape the DRM space and be an advocate for our users and their rights in
      this debate. [1]

    Such advocacy has been done and can continue to be done by Mozilla without
    the implementation of EME; once implemented, the standard will be virtually
    solidified---what is the incentive for W3C et. al. to find alternatives to a
    system that is already "better than" the existing Flash and Silverlight
    situation?

    On behalf of the free software community, I strongly encourage your
    reconsideration on the matter. Mozilla is valued by the free software
    community for its attention to freedoms. Stand with us and fight. You're in
    a powerful position to do so.

    [0]: https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challenge-of-serv=
    ing-users/
    [1]: https://hacks.mozilla.org/2014/05/reconciling-mozillas-mission-and-w3c=
    -eme/

The following day, I [submitted the FSF announcement to HackerNews][9]
(surprised that it was not there already) in an attempt to bring further
coverage to the matter and hopefully spur on some discussion. And discuss
they did: it was on the front page for the entire day and, at the time of
writing, boasts 261 comments, many of them confused and angry. I sent the HN
link to Andreas in a follow-up as well.

Mozilla has a vast userbase and is in the position to fight for a DRM-free
web. Please voice your opinion and hope that they reverse their decision.

[0] http://www.fsf.org/news/fsf-condemns-partnership-between-mozilla-and-adobe-to-support-digital-restrictions-management
[1] https://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html
[2] https://www.eff.org/deeplinks/2013/03/defend-open-web-keep-drm-out-w3c-standards
[3] [cref:576d89ab953535be8f9cb08aa02a2ad630957811]
[4] http://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
[5] https://plus.google.com/+IanHickson/posts/iPmatxBYuj2
[6] http://www.defectivebydesign.org/dayagainstdrm
[7] https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challenge-of-serving-users/
[8] http://www.mozilla.org/en-US/about/manifesto/
[9] https://news.ycombinator.com/item?id=7749108
2014-05-16 01:13:50 -04:00
Mike Gerwitz 8a373ca65e
:emdash spacing changes for git horror story 2014-05-16 01:13:33 -04:00
Mike Gerwitz bda7ad44e9
Re: FreeBSD, Clang and GCC: Copyleft vs. Community
I recently received a comment via e-mail from a fellow GNU hacker Antonio
Diaz, who is the author and maintainer of [GNU Ocrad][0], a [free (as in
freedom)][1] optical character recognition (OCR) program. His comment was in
response to my article entitled [FreeBSD, Clang and GCC: Copyleft vs.
Community][2], which details the fundamental difference in philosophy
between free software and ``open source''.

I found Antonio's perspective to be enlightening, so I asked for his
permission to share it here.

  I imagine a world where all the Free Software is GPLed. The amount and
  usefulness of Free Software grows incesantly because free projects can
  reuse the code of previous free projects. Proprietary software is
  expensive because every company has to write most of its "products" from
  scratch. Most people use Free Software, and proprietary software is mainly
  used for specialized tasks for which no free replacement exists yet.

  Now I imagine a world where all the Free Software is really "open source"
  (BSD license). Free Software is restricted to the operating system and
  basic aplications because the license does not guarantee reciprocity.
  Proprietary software is cheap to produce because it is built using the
  code of free projects, but it is expensive for the user (in money and
  freedom) because there is no real competition from Free Software. Most
  people use proprietary software, as Free Software is too basic for most
  tasks.

  I think "open source" organizations (specially BSD) are wilfully
  destroying the long-term benefits for society of the GPL, and they are
  doing it for short-term benefits like popularity and greed:

  "As these companies devise strategies for dealing with GPLv3, so must the
  FreeBSD community - strategies that capitalize on this opportunity to
  increase adoption of FreeBSD." "Fundraising Update [...] This has
  increased the number of people actively approaching companies to make
  large contributions."

  https://www.freebsdfoundation.org/press/2007Aug-newsletter.shtml

  Human beings have an innate sense of justice. In absence of reciprocity
  one wants to be paid, but I think that reciprocity is much better for
  society in the long term.[3]

Antonio compels us to think toward the future: while developers releasing
their code under permissive licenses like the [Modified BSD License][4] are
still making a generous contribution to the free software community today,
it may eventually lead to negative consequences by empowering non-free
software tomorrow.

[0] https://www.gnu.org/software/ocrad/ocrad.html
[1] https://www.gnu.org/philosophy/free-sw.html
[2] [cref:288c90df6209cb9a698099f5fa8c6aed393ef20e]
[3] Comment by Antonio Diaz; the only modifications made were for
formatting.
[4] https://www.gnu.org/licenses/license-list.html#ModifiedBSD
2014-03-20 21:20:22 -04:00
Mike Gerwitz ddeead88ae
:Added attribution for ``A Big GNU Head'' by Aurelio A. Heckert for ``GNU Inside!'' page fold
Well that is an embarassing oversight for someone keen on [software]
licensing. Thanks to Ineiev at the FSF for pointing this out.

Consequently, my graphic is now available under CC-BY-SA 2.0, not 3.0, since
it is a derivative work.
2014-01-11 12:23:16 -05:00
Mike Gerwitz 9f42c535d3
:Updated ease.js on project page to reflect that it is now GNU ease.js 2013-12-28 03:01:01 -05:00
Mike Gerwitz 4696494da4
:Added mention of work on GNU screen with amade on projects page 2013-12-18 19:09:51 -05:00
Mike Gerwitz fcd8eeea9a :Replaced now out-of-date Windows 7 Sins image with EFF NSA Spying logo 2013-08-18 12:47:33 -04:00
Mike Gerwitz a79b9ccf43 :Added Copyleft vs. Community article to papers 2013-08-15 21:43:56 -04:00
Mike Gerwitz 288c90df62
FreeBSD, Clang and GCC: Copyleft vs. Community
A useful perspective explaining why [FreeBSD is moving away from GCC in
favor of Clang][0]; indeed, they are moving away from GPL-licensed software
in general. While this is [not a perspective that I personally agree
with][1], it is one that I will respect for the project. It is worth
understanding the opinions of those who disagree with you to better
understand and formulate your own perspective.

But I am still a free software activist.

  The goal of the FreeBSD Project is to provide a stable and fast general
  purpose operating system that may be used for any purpose without strings
  attached.[2]

As is mentioned in the aforementioned article[0], the BSD community does not
hold the same opinions on what constitutes ``without strings
attached''---the BSD community [considers the restriction on the user's
right to make proprietary use of the software to be a ``string''][2],
whereas the free software community under [RMS][3] believes that [the
ability to make a free program proprietary is unjust][4]:

  Making a program proprietary is an exercise of power. Copyright law today
  grants software developers that power, so they and only they choose the
  rules to impose on everyone else—a relatively small number of people make
  the basic software decisions for all users, typically by denying their
  freedom. When users lack the freedoms that define free software, they
  can't tell what the software is doing, can't check for back doors, can't
  monitor possible viruses and worms, can't find out what personal
  information is being reported (or stop the reports, even if they do find
  out). If it breaks, they can't fix it; they have to wait for the developer
  to exercise its power to do so. If it simply isn't quite what they need,
  they are stuck with it. They can't help each other improve it.[4]

The [Modified BSD License][5] is a GPL-compatible Free Software
license---that is, software licensed under the Modified BSD license meets
the requirements of the [Free Software Definition][6]. The additional
``string'' that the BSD community is referring to is the concept of
[copyleft][7]---Richard Stallman's copyright hack and one of his most
substantial contributions to free software and free society. To put it into
the words of the FSF:

  Copyleft is a general method for making a program (or other work) free,
  and requiring all modified and extended versions of the program to be free
  as well.[7]

Critics often adopt the term [``viral'' in place of ``copyleft''][8] because
of the requirement that all derivatives must contain the same copyleft
terms---the derivative must itself be Free Software, perpetually (until, of
course, the copyright term expires and it becomes part of the public domain,
[if such a thing will ever happen at this rate][9]). In the case of the
Modified BSD license---being a more permissive license that is non-copyleft
and thus allows proprietary derivatives---derivative works that include both
BSD- and GPL-licensed code essentially consume the [Modified BSD license's
terms][10], which are a subset of the [GPL's][11]. Of course, this is not
pursuant to [FreeBSD's goals][2] and so they consider this to be a bad
thing: There are ``strings attached''.

This is more demonstrative of the [``open source'' philosophy than that of
``Free Software''][12] (yes, notice the bias in my capitalization of these
terms).

[Copyleft is important][7] because it ensures that all users will forever
have the [four fundamental freedoms associated with Free Software][6]. The
GPL incorporates copyleft; BSD licenses do not. Consider why this is a
problem: Imagine some software Foo licensed under the Modified BSD
license[10]. Foo is free software; it is licensed under a free software
license (Modified BSD).[5] Now consider that someone makes a fork---a
derivative---of Foo, which we will call ``Foobar''. Since the Modified BSD
license is not copyleft[10], the author of Foobar decides that he or she
does not wish to release its source code; this is perfectly compliant with
the Modified BSD license, as it does not require that source code be
distributed with a binary (it only requires---via its second
clause[10]---that the copyright notice, list of conditions and disclaimer be
provided).

The author has just taken Foo and made it proprietary.

The FreeBSD community is okay with this; [the free software community is
not][4]. There is a distinction between these two parties: When critics of
copyleft state that they believe the GPL is ``less free'' than more
permissive licenses such as the BSD licenses, they are taking into
consideration the freedoms of developers and distributors; the GPL, on the
other hand, explicirly *restricts* these parties' rights in order to protect
the *users* because those parties are precisely those that seek to *restrict
the users' freedoms*; we cannot provide such freedoms to developers and
distributors without sacrificing the rights of the vulnerable users who
generally do not have the skills to protect themselves from being taken
advantage of.[13] Free software advocates have exclusive, unwaivering
loyalty to users.

As an example of the friction between the two communities, consider a
concept that has been termed [``tivoization''][14]:

   Tivoization means certain “appliances” (which have computers inside)
   contain GPL-covered software that you can't effectively change, because
   the appliance shuts down if it detects modified software. The usual
   motive for tivoization is that the software has features the manufacturer
   knows people will want to change, and aims to stop people from changing
   them. The manufacturers of these computers take advantage of the freedom
   that free software provides, but they don't let you do likewise.[14]

This [anti-feature][15] is a type of [Digital Restrictions Management
(DRM)][16] that exposes a [loophole in the GPL that was closed in
Section 3 of the GPLv3][14], which requires that:

  When you convey a covered work, you waive any legal power to forbid
  circumvention of technological measures to the extent such circumvention
  is effected by exercising rights under this License with respect to the
  covered work, and you disclaim any intention to limit operation or
  modification of the work as a means of enforcing, against the work's
  users, your or third parties' legal rights to forbid circumvention of
  technological measures.[11]

Unfortunately, not everyone has agreed with this move. A number of
[developers of the kernel Linux expressed their opposition of GPLv3][17]. In
response to the aforementioned GPLv3 provision, they stated:

  While we find the use of DRM by media companies in their attempts to reach
  into user owned devices to control content deeply disturbing, our belief
  in the essential freedoms of section 3 forbids us from ever accepting any
  licence which contains end use restrictions. The existence of DRM abuse is
  no excuse for curtailing freedoms.[17]

Linus Torvalds---the original author of the kernel Linux---also [expressed
his distaste toward the GPLv3][18]; the kernel is today still licensed under
the GPLv2.

[The BSD camp has similar objections][19]:

  Appliance vendors in particular have the most to lose if the large body of
  software currently licensed under GPLv2 today migrates to the new license.
  They will no longer have the freedom to use GPLv3 software and restrict
  modification of the software installed on their hardware. High support
  costs ("I modified the web server on my Widget 2000 and it stopped
  running...") and being unable to guarantee adherence to specifications in
  order to gain licensing (e.g. FCC spectrum use, Cable TV and media DRM
  requirements) are only two of a growing list of issues for these
  users.[19] --Justin Gibbs, VP of The FreeBSD Foundation

My thoughts while reading the above where echoed by Gibbs further on in his
statement: ``[T]he stark difference between the BSD licensing philosophy and
that of the Free Software Foundation are only too clear.'' For the FreeBSD
community, this is a very serious issue and their argument is certainly a
legitimate concern on the surface. However, it is an argument that the Free
Software community would do well to reject: Why would we wish to sacrifice
users' freedoms for any reason, let alone these fairly absurd ones. In
particular, a support contract could dictate that only unmodified software
will be provided assistance and even mandate that the hardware indicate
changes in software: like breaking the ``void'' sticker when opening a
hardware component. Moreover, how frequently would such a situation
actually happen relative to their entire customer base? My guess is: fairly
infrequently. The second issue is a more complicated one, as I am not as
familiar on such topics, but a manufacturer can still assert that the
software that it provides with its devices is compliant. If the compliance
process forbids any possibility of brining the software into
non-compliance---that is, allowing the user to modify the software---then
the hardware manufacturer can choose to not use free software (and free
software advocates will subsequently reject it until standards bodies grow
up).

As I mentioned at the beginning of this article: this is a view that I will
respect for the project. I disagree with it, but FreeBSD is still free
software and we would do well not to discriminate against it simply because
someone else may decide to bastardize it and betray their users by making it
proprietary or providing shackles[16]. However, provided the licensing
option for your own software, you should choose the GPL.

**Colophon:** The title of this article is a play on [RMS' ``Copyright vs.
Communty''][20], which is a title to a speech he frequently provides
worldwide. His speech covers how copyright works against the interests of
the community; here, BSD advocates aruge that [copyleft][7] works against
the interests of *their* community and their users; I figured that I would
snag this title as a free software advocate before someone else opposing
copyleft did.)

[0] http://unix.stackexchange.com/a/49970
[1] [cref:3c37140146dac754ffd80ed8ab4aaa7c182c9c00]
[2] http://www.freebsd.org/doc/faq/introduction.html#FreeBSD-goals
[3] http://en.wikipedia.org/wiki/Richard_Stallman
[4] http://www.gnu.org/philosophy/freedom-or-power.html
[5] http://www.gnu.org/licenses/license-list.html#ModifiedBSD
[6] http://www.gnu.org/philosophy/free-sw.html
[7] http://www.gnu.org/copyleft/
[8] http://en.wikipedia.org/wiki/Copyleft#Viral_licensing
[9] http://www.gnu.org/philosophy/misinterpreting-copyright.html
[10] http://en.wikipedia.org/wiki/BSD_licenses
[11] http://www.gnu.org/licenses/gpl.html
[12] http://www.gnu.org/philosophy/open-source-misses-the-point.html
[13] Technically, the GPL exercises restrictions only on distributors; a
     developer can integrate GPL'd code into their proprietary software so
     long as they do not distribute it (as defined in the GPL).[11] However,
     developers often have to cater to distributors, since software will
     generally be distributed; if it is not, then it is not relevant to this
     discussion.
[14] http://www.gnu.org/licenses/rms-why-gplv3.html
[15] http://www.fsf.org/blogs/community/antifeatures
[16] http://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
[17] http://lwn.net/Articles/200422/
[18] http://en.wikipedia.org/wiki/Linux_kernel
[19] http://www.freebsdfoundation.org/press/2007Aug-newsletter.shtml
[20] http://www.gnu.org/philosophy/copyright-versus-community.html
2013-08-14 20:04:22 -04:00
Mike Gerwitz 315ca50e58
Measuring Air Temperature With Phone Batteries
OpenSignal---a company responsible for mapping wireless signal
strength by gathering data using mobile device software---noticed [an
interest correlation between battery temperature on devices and air
temperature][0].

  Aggregating daily battery temperature readings to city level revealed a
  strong correlation with historic outdoor air temperature. With a
  mathematical transformation, the average battery temperature across a
  group of phones gives the outdoor air temperature.[0]

**Note:** Graph renderings on their website require proprietary JavaScript, but
the article does describe it in detail, so it is not necessary. In
particular, note that, from their provided equation[0], their scaling factor
`m' implies that there is a smaller variance in battery temperature in the
graph than there is in the actual air temperature, but that there is still a
correlation.

This is an interesting find. The article further states that ``[...] we have
one data point where the Android data is actually more reliable than the
traditional source.''

Such data can be very useful in providing decentralized data, so long as
[issues of privacy][1] are addressed. Doing so is not terribly difficult,
but would have a number of factors. In particular, the user would need the
means to submit data anonymously, which could be done via software/networks
such as [Tor][2]. GPS location data is certainly a privacy issue when it is
tied to your mobile device, but fortunately, it's unneeded: you can trust
your users to let you know where they reside by either (a) opting into using
location services or (b) allowing them to specify a location or approximate
location of their choosing (approximations would be important since a user
may not wish to change their location manually while they travel, say, to
and from work). If enough devices submit data, then legitimate data would
drown out those who are trying to purposefully pollute the database. Such an
example can be seen with Bitcoin, in which networks will [reach a consensus
on correct blockchains][3] so long as ``a majority of computing power is
controlled by nodes that are not cooperating to attack the network''. Of
course, users would be able to pollute the network by sending false data as
it is, and the data is already tarnished from various factors such as body
heat.[0]

Of course, I do assume that mobile devices will contain temperature sensors
in the future; [some already do][4] (but I cannot encourage their use, as
they use [proprietary software][5]). However, this is still a clever hack (I
suppose that term is redundant). In my searching while writing this article,
I did notice [prior examples of ambient temperature readings using Android
software][6] ([proprietary][5]), but the software does not aggregate data
for purposes of determining weather patterns.

Finally, please do not download OpenSignal's app; it too is
[proprietary][5]; this discussion was purely from a conceptual standpoint
and does not endorse any software.

[0] http://opensignal.com/reports/battery-temperature-weather/
[1] [cref:c449ff03fbd10e2ad113a6b8cd95dacb8126efdf]
[2] https://www.torproject.org/
[3] http://en.wikipedia.org/wiki/Protocol_of_Bitcoin
[4] http://stackoverflow.com/a/11628921
[5] http://www.gnu.org/philosophy/free-sw.html
[6] https://play.google.com/store/apps/details?id=androidesko.android.electronicthermometer&hl=en
2013-08-13 19:50:04 -04:00
Mike Gerwitz 6733c6ecc8
Windows 8.1 to display targeted advertisements on local system searches
It is very disturbing that [Microsoft decided that it would be a good idea
to display targeted ads on local searches][0]---that is, if you search for a
file on your PC named ``finances'', you may get ads for finance software,
taxes, etc. If you search for ``porn'', well, you get the idea.

  Bing Ads will be an integral part of this new Windows 8.1 Smart Search
  experience. Now, with a single campaign setup, advertisers can connect
  with consumers across Bing, Yahoo! and the new Windows Search with highly
  relevant ads for their search queries. In addition, Bing Ads will include
  Web previews of websites and the latest features like site links, location
  and call extensions, making it easier for consumers to complete tasks and
  for advertisers to drive qualified leads.[1]

While that is certainly obnoxious, consider the larger issue of privacy
(which seems to be in the news a lot lately[2][3]): Late last year, there
was an uproar in the Free Software community when [Ubuntu decided to query
Amazon---enabled by default---on local searches][4] using their new Unity
interface. The problem is that your personal queries are being sent to a
third party---queries that you generally would expect to be private. If I
run a `find' or `grep' command on my system, I certainly do not expect it to
report to Amazon or Microsoft what I am searching for.

And to make matters even worse, Microsoft is exploiting this information to
allow advertisers to target you. [Ironic.][5]

[Do not use Windows 8][6] (or any other proprietary software, for that
matter).

[0] http://www.computerworld.com/s/article/9241524/Steven_J._Vaughan_Nichols_Microsoft_Bing_bang_bungles_local_search
[1] http://community.bingads.microsoft.com/ads/en/bingads/b/blog/archive/2013/07/02/new-search-ad-experiences-within-windows-8-1.aspx
[2] [cref:2d97ce3e654c74345794bedcbcca215cfaf75e20]
[3] [cref:c9a9837b4f23c1e350d270d9782544fdef705bc0]
[4] http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do
[5] http://www.scroogled.com/email/
[6] https://www.fsf.org/windows8
2013-08-12 23:01:01 -04:00
Mike Gerwitz 2d97ce3e65
Facebook knows about you even if you are not a member
An article about [the scope of Facebook's data collection][0] speaks for
itself; this really does not come as a surprise, but is nonetheless
unsettling.

Encourage your friends, colleagues and acquaintances to use services like
[Diaspora][1] that are respectful of your data instead. Better yet: explain
to those individuals the problems of social media services and ask that they
respectfully leave you out of it.

[0] http://www.groovypost.com/news/facebook-shadow-accounts-non-users/
[1] https://joindiaspora.com/
2013-08-12 20:19:02 -04:00
Mike Gerwitz ddec084bbb
:Oops; committed missing CC-BY-SA image 2013-08-11 12:39:46 -04:00
Mike Gerwitz c449ff03fb
London Trashcan Spies
We're not talking about kids hiding out in trashcans talking on
walkie-talkies and giggling to each other.

Ars has reported on [London trashcans][0] rigged to collect the [MAC
addresses][1] of mobile devices that pass by. Since we do not often see
mobile devices carrying themselves around, we may as well rephrase this as
``collect the MAC addresses of people that pass by''.

  During a one-week period in June, just 12 cans, or about 10 percent of the
  company's fleet, tracked more than 4 million devices and allowed company
  marketers to map the ``footfall'' of their owners within a 4-minute
  walking distance to various stores.[0]

Your device's---er, *your*---MAC address is a unique identifier that, in
the case of wireless networks, is used by the networks to state that a
message is intended specifically for you---something that is necessary since
wireless devices communicate through open air and, therefore, your device is
also able to pick up the communications of other devices.

  In IEEE 802 networks such as Ethernet, token ring, and IEEE 802.11, and in
  FDDI, each frame includes a destination Media Access Control address (MAC
  address). In non-promiscuous mode, when a NIC receives a frame, it
  normally drops it unless the frame is addressed to that NIC's MAC address
  or is a broadcast or multicast frame.[2]

Therefore, in such networks, a MAC address is required for communication. So
why does your device freely give away such a unique identifier that can be
used to track you? Consider that, when wireless is enabled (and, as the Ars
article[0] mentions, sometimes [even when it's not][3]), your device
generally scans your surroundings in order to provide you with a list of
networks to connect to. This list is generally populated when various access
points broadcast their own information to advertise themselves so that you
can select them to connect. However, some access points are hidden---they do
not broadcast their information, which helps to deter unwanted or malicious
users. To connect to these access points, you generally provide the name
that the access point administrator has given to it (e.g. ``mysecretap'').

Let's say you disconnect from mysecretap. Since the access point (AP) is not
broadcasting itself, how does your device know when it is available again?
It must attempt to ping it and see if it gets a response. With this ping is
your MAC address. Since many devices conveniently like to connect
automatically to known access points when they become available, it is
likely that your device is pinging rather frequently.

But what if you do not use hidden access points? Well, it is likely that the
same issue still stands---what if the access point that you connected to was
once listed but then becomes hidden? (Maybe the administrator of the access
point allowed broadcasts for a period of time to allow people to connect
easily, but then hid it at a later time.) Your device would need to account
for that, and therefore, to be helpful, likely broadcasts pings for any
access point you have connected to recently (where ``recently'' would depend
on your device).

Now, back to the [NSA][5]-wannabe-trashcans: At this point, all an observer
must do is lay in wait for those broadcasts and record the MAC addresses. By
placing these devices at various locations, you could easily track the
movements of individuals, including their speed, destinations, durations of
their visits, visit frequencies, favorite areas, dwellings, travel patterns,
etc. Since devices may broadcast a whole slew of recent access points that
it connected to, you could also see areas that the owner may have been to
(oh, I see that you connected to the free wifi in that strip joint). You
[could be evil][6].

Turn off wireless on your device when you are not using it---especially when
you are traveling. Ensure that your device [does not continue pinging access
points when wireless is disabled][3].

Better yet, fight back. Consider exploring how to spoof your MAC address,
perhaps randomly generating one every so often. Consider the possibilities
of activist groups that may pollute these spy databases by gathering a list
of unique MAC addresses of passerbys for the purpose of rebroadcasting them
at random intervals---which you could even do using long-range antennas
targeted at these devices.[7] If done properly to mimic models of common
travel patterns, the data that these spy devices gather would become
unreliable.[8]

Surveillance by any entity---be it [governments][5], corporations,
individuals or otherwise---is not acceptable.

[0] http://arstechnica.com/security/2013/08/no-this-isnt-a-scene-from-minority-report-this-trash-can-is-stalking-you/
[1] http://en.wikipedia.org/wiki/MAC_address
[2] http://en.wikipedia.org/wiki/Promiscuous_mode
[3] http://arstechnica.com/gadgets/2013/08/review-android-4-3-future-proofs-the-platform-with-multitude-of-minor-changes/3/#p15
[4] http://arstechnica.com/security/2013/08/diy-stalker-boxes-spy-on-wi-fi-users-cheaply-and-with-maximum-creep-value/
[5] [cref:c9a9837]
[6] http://renewlondon.com
[7] Disclaimer: Please research your local laws.
[8] Of course, it is important that such an activity in itself does not
violate a person's privacy, and so such collection must be done in a manner
that cannot in itself identify the person's travel patterns (e.g. by
not storing information on what access point the data was collected from).
2013-08-11 12:38:46 -04:00
Mike Gerwitz 3d2febc70d
Snowden Statement at Moscow Airport; Accepts Asylum Offers
**See Also:** [National Uproar: A Comprehensive Overview of the NSA Leaks and
Revelations][0]; I have not yet had the time to devote to writing a thorough
follow-up of recent events and will likely wait until further information and
leaks are presented.

[Edward Snowden][1]---the whistleblower responsible for [exposing various NSA
dragnet spying programs][0], among other documents---has been [stuck in the
Moscow airport][2] for quite some time while trying to figure out how he will
travel to countries offering him asylum, which may involve traveling through
territories that may cooperate with the United States' extradition requests.
Snowden [issued a statement today to Human Rights groups at Moscow's
Sheremetyevo airport][3], within which he mentioned:

  I announce today my formal acceptance of all offers of support or asylum I
  have been extended and all others that may be offered in the future. With, for
  example, the grant of asylum provided by Venezuela’s President Maduro, my
  asylee status is now formal, and no state has a basis by which to limit or
  interfere with my right to enjoy that asylum. [...] I ask for your assistance
  in requesting guarantees of safe passage from the relevant nations in securing
  my travel to Latin America, as well as requesting asylum in Russia until such
  time as these states accede to law and my legal travel is permitted. I will be
  submitting my request to Russia today, and hope it will be accepted
  favorably.[3]

Snowden had previously [withdrawn his request for political asylum in Russia][4]
after [Vladmir Putin stated that he could stay][5] only if he stopped ``bringing
harm to our American partners''---something which [Snowden does not believe that
he is doing][6]. Although Venezuela has offered Snowden asylum, as [explained by
the Guardian][6], ``he remains unable to travel there without travel
documents''. Even if he does obtain travel documents, there are still
worries---earlier this month, the [Bolivian president's plane was diverted with
suspicion that Snowden was on board][7], showing that certain countries may be
willing to aid the U.S. in his extradition or otherwise prevent him from
traveling.

My focus on these issues will seldom be on Snowden himself---I would prefer to
focus primarily on what he sacrificed his life to bring to light. But it is
precisely this sacrifice that makes it important to ensure that Snowden does not
fall out of the picture (though it does not appear that he will any time soon).
The Guardian also seems to have adopted the strategy of slowly providing more
information on the leaks over time---such as the recent revelation that
[Microsoft cooperated with the NSA's Prisim program to provide access to
unencrypted contents of Outlook.com, Hotmail, Skype and SkyDrive services][8]; I
will have more on that later.

I end this with a photograph taken yesterday of [Richard Stallman with Julian
Assange holding up a picture of Snowden][9] that brings a smile to my face.

[0] [cref:c9a9837b4f23c1e350d270d9782544fdef705bc0]
[1] https://en.wikipedia.org/wiki/Edward_Snowden (Now with his own Wikipedia page)
[2] http://www.guardian.co.uk/world/2013/jul/01/edward-snowden-escape-moscow-airport
[3] http://wikileaks.org/Statement-by-Edward-Snowden-to.html
[4] http://www.guardian.co.uk/world/2013/jul/02/edward-snowden-nsa-withdraws-asylum-russia-putin
[5] http://www.guardian.co.uk/world/2013/jul/01/putin-snowden-remain-russia-offer
[6] http://m.guardiannews.com/world/2013/jul/12/edward-snowden-accuses-us-illegal-campaign
[7] http://www.guardian.co.uk/world/2013/jul/05/european-states-snowden-morales-plane-nsa
[8] http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data
[9] http://twitpic.com/d279tx
2013-07-13 07:59:18 -04:00
Mike Gerwitz 27870ae35b
All ``Thoughts'' and Site Text Now Licensed Under CC BY-SA
All ``thoughts''---that is, my blog-like entries that are generated by the
repository commit messages---and site text are hereby retroactively relicensed
under the [Creative Commons Attribution-ShareAlike 3.0 Unported License][0].
This license shall not supersede any license that is explicitly put forth within
a work; see the COPYING file within the thoughts repository---available on the
``Projects'' page---for more information.

This is not a decision I take lightly; it has received much thought over the
course of recent years. For some time, I accepted [the view of Richard Stallman
and the Free Software Foundation][1] on opinion pieces in that, since they
express personal opinions, it is not unreasonable to require that they be
distributed verbatim. Indeed, it would seem wise not to allow someone to change
your words, especially on something that you are passionate about.

However, I have come to adopt another perspective. What is the motivation behind
releasing content under a license that permits modification (that is, the
creation of derivative works)? Often, the primary reason is to allow others to
improve upon the content or to modify it to suit their particular needs. To
prevent others from locking down those changes---preventing others from having
the same rights as they did---many will often release their works under licenses
that require that all derivatives be released under the same terms. In the case
of Creative Commons, this is called [``ShareAlike''][2], which is motivated by
GNU's copyright hack called [copyleft][3] (popularized by the [GNU General
Public License][4]).

For [free software][5] advocates, the question of whether or not to permit
modification is generally not even raised---it is a necessity. Software serves a
functional purpose: Prohibiting modification could prevent users from altering
the software in ways that they may find useful and could be used to exert
control over the users. Software does stuff. Software can control what the user
can and cannot do.

Creative works are often considered in a different light. Like software, they
are indeed useful---they can be tools to learn, to entertain, etc. However, does
prohibiting modification do any harm? In the case of [documentation for free
software][6], yes---documentation is very important and can make the difference
between highly useful software and impenetrable software. Free documentation
ensures that, as the software grows, the documentation can grow with it. Since
the documentation for many projects is often scarce or poorly written (great
computer hackers are not necessarily great language hackers), the freedom to
modify the documentation is a necessity.

Then what of texts that have nothing to do with a free software project? Texts
that serve as an educational resource of any kind would benefit from being free
just as a free software project would---experts could contribute, teachers could
alter it to suit their particular teaching style or their classroom setting,
etc. But what of texts that exist purely as opinion pieces?

I'm not sure there's such a thing as a ``pure'' opinion piece, unless it is
utter garbage.

An author would do well to substantiate their opinion with appropriate
references (though often times, this is not the case). With those
references (or lack thereof) comes the need to connect them to the content---the
author must explain his or her opinion. This explanation is educational, even if
the reader does not agree with the opinion. Perhaps the reader wishes to use the
opinion piece as a resource, but notices that it is lacking in some respect.
Should they not be able to improve it, perhaps to even further the author's
point? Or, perhaps the opinion piece could be extended to the contrary---to
prove additional references to either make it neutral or even work against the
author's original opinion.  Even though this may not be what the author wants,
this is still a useful derivation of the original work.

As an example, consider this very post. This is clearly an opinion piece---I
have made the choice to release my content under a Creative Commons license and
I am substantiating my opinion in the hope that others may gain insight and
possibly even choose the same path for their own creative works. What if someone
wished to present this article to a group of individuals---maybe in the
workplace---but found my ``garbage'' comment to be unnecessarily harsh? What
personal harm would I incur if they were to remove that statement? However, what
if they wished to go further by replacing all references to ``free software''
with references to ``open source''---a term which I [reject][7]? Well, this
could potentially affect my image, depending on the group's philosophy. What
now?

There are a few important points to note from this. Firstly, the license
mandates that:

  If You Distribute, or Publicly Perform the Work or any Adaptations or
  Collections, You must, unless a request has been made pursuant to Section
  4(a), keep intact all copyright notices for the Work and provide, reasonable
  to the medium or means You are utilizing: (i) the name of the Original Author
  (or pseudonym, if applicable) if supplied, and/or if the Original Author
  and/or Licensor designate another party or parties (e.g., a sponsor institute,
  publishing entity, journal) for attribution ("Attribution Parties") in
  Licensor's copyright notice, terms of service or by other reasonable means,
  the name of such party or parties; (ii) the title of the Work if supplied;
  (iii) to the extent reasonably practicable, the URI, if any, that Licensor
  specifies to be associated with the Work, unless such URI does not refer to
  the copyright notice or licensing information for the Work; and (iv) ,
  consistent with Ssection [sic] 3(b), in the case of an Adaptation, a credit
  identifying the use of the Work in the Adaptation (e.g., "French translation
  of the Work by Original Author," or "Screenplay based on original Work by
  Original Author").[8]

In plain English---you must provide attribution to the original author and
indicate that the work has been modified from the original. Furthermore:

  The credit required by this Section 4(c) may be implemented in any reasonable
  manner; provided, however, that in the case of a Adaptation or Collection, at
  a minimum such credit will appear, if a credit for all contributing authors of
  the Adaptation or Collection appears, then as part of these credits and in a
  manner at least as prominent as the credits for the other contributing
  authors.[8]

It would therefore be appropriate to assume that an author of a derivate work
will, in good faith, make clear attribution. Should this not be the case, then
what is to say that the author would not have simply modified a work which is
not licensed to permit modifications?

The next point is another simple one: Under United States copyright law, the
[fair use doctrine][9] permits limited use of a copyrighted work without prior
consent from the author; it is this doctrine that allows, for example, authors
and journalists to quote portions of other works to report on or back up their
arguments. This means that, even if the license did not permit, an author could
still incorporate *portions* of my work to support their own arguments or agenda,
regardless of whether or not I may agree with it. This segues into the final
point.

Who am I to [dictate others opinions][10]? It would not be right of me to limit
one's freedom simply because they violate my own personal opinions or beliefs.
Therefore, if this is one condition under which I would decide to restrict my
creative works, then that reason should be immediately dismissed. This means
that---within the context of my previous example---if someone wanted to alter
all the references to ``free software'' in my work to adapt it to their own
personal style, then they should be permitted to do so. Such a work is no longer
my own: They must clearly state that it has been altered from the original.
Hopefully readers take notice of that. My works are always published on my own
personal website where the originals can be found; with today's search engines,
such a task is trivial. If someone neglects to do so---and I do understand that
many will neglect to do so---then they have not made an informed opinion on the
material.

Another minor point would be that, for the majority of my works, it is unlikely
that anyone will be making any sort of alteration.

As such, I find that I have little ground to stand on should I attempt to
rationalize a more restrictive license. Any remaining arguments, such as ``what
if they sell your content or modify it only slightly and are given more credit
for the work than they deserve?'' are already covered by the free software
philosophy can may be easily adopted here.

[0] http://creativecommons.org/licenses/by-sa/3.0/
[1] http://www.gnu.org/licenses/license-list.html#OpinionLicenses
[2] http://creativecommons.org/licenses/
[3] https://www.gnu.org/copyleft/copyleft.html
[4] https://www.gnu.org/copyleft/gpl.html
[5] https://www.gnu.org/philosophy/free-sw.html
[6] https://www.gnu.org/philosophy/free-doc.html
[7] http://www.gnu.org/philosophy/open-source-misses-the-point.html
[8] http://creativecommons.org/licenses/by-sa/3.0/legalcode
[9] http://en.wikipedia.org/wiki/Fair_use
[10] http://www.gnu.org/philosophy/programs-must-not-limit-freedom.html
2013-06-18 23:15:23 -04:00
Mike Gerwitz 4b2c0b2d74 Added images/COPYING and license for GNU page fold image 2013-06-16 22:47:39 -04:00
Mike Gerwitz 7c72eecd3b Adjusted footer image and font size for smallest layout
With the CC BY-SA addition, the line of images would otherwise wrap. The font
size is adjusted slightly to be more proportional with the images.

The images dimensions are reduced by 20%.
2013-06-16 20:47:14 -04:00
Mike Gerwitz 6b6c5a1b51 All creative content (e.g. thoughts) now licensed under CC BY-SA
Added COPYING.{GPLv3,CCBYSA}, adjusted copyright for pages generated with
repo2html and added CC BY-SA image to footer.
2013-06-16 20:35:22 -04:00
Mike Gerwitz c336800ca4
:Corrected dest dir creation bug with doc-cp
The modification that created this bug was clearly not tested.
2013-06-16 13:23:39 -04:00
Mike Gerwitz 3ec175ef0c
:Added "viewport" meta tag to indicate to certain browsers that they can trust us with rendering
See the comment in this patch for more information.
2013-06-16 13:07:37 -04:00