Commit Graph

411 Commits (8c92c57faac2be19b8c147a668e979f1e0fd9046)

Author SHA1 Message Date
Mike Gerwitz b182ea79b3
Majority of work on generation of new static site
I didn't originally intend for all of this to be in a single commit.  But
here we are.  I don't have the time to split these up more cleanly; this
project is taking more time than I originally hoped that it would.

This is a new static site generator.  More information to follow in the
near future (hopefully in the form of an article), but repo2html is now
removed.  See code comments for additional information; I tried to make it
suitable as a learning resource for others.  It is essentially a set of
shell scripts with a fairly robust build for incremental generation.

The site has changed drastically, reflecting that its purpose has changed
over the years: it is now intended for publishing quality works (or at least
I hope), not just a braindump.

This retains most of the text of the original pages verbatim, with the
exception of the About page.  Other pages may have their text modified in
commits that follow.

Enhancements to follow in future commits.
2019-01-11 23:46:13 -05:00
Mike Gerwitz 643a9858f1
Translate Git Horror Story from AsciiDoc to Markdown
This was a wholly manual effort since Pandoc does not have an AsciiDoc
reader (only writer).  Fortunately, Pandoc's Markdown features enabled me to
keep the style essentially the same.

I made no changes to the original text other than changes to markup, so this
remains faithful to the original.  Any changes to the text will be made in
future commits so that the diff can be clearly observed.

This could use more work (e.g. getting rid of inline links to make the
Markdown file more readable), but otherwise this is in a good enough state
for now.
2018-12-22 23:48:03 -05:00
Mike Gerwitz 64e1341075
Convert posts to markdown files
This was considerable effort, and took a bit more time than I had
hoped.  While newer posts were written with Markdown, previous ones were
writen with my own Markdown-like formatting, but they had enough differences
that it was quite an effort to get things updated.  I also checked the HTML
output of each, though I didn't read every article in detail.

Some of these were more substantial than others; National Uproar, for
example.

These conversions were markup translations: the actual text remains
unchanged, except in one minor instance to add text for the sake of
providing some text to hold a link to a quote.  Any changes to post text
will happen in future commits so that the diffs are clearly visible.
2018-12-22 23:45:26 -05:00
Mike Gerwitz 2a674052b0
:{eff,fsf}-42.png: White->Alpha 2018-12-15 22:23:34 -05:00
Mike Gerwitz 8dbde47b65
Webmasters: Please, Don't Block Tor
[Tor][] is a privacy and anonymity tool that [helps users to defend
  themselves][tor-about] against traffic analysis online.
Some people, like me, use it as an important tool to help defend against
  [various online threats to privacy][sapsf].
[Others use it][tor-users] to avoid censorship,
  perhaps by the country in which they live.
Others use it because their lives depend on it---they
  may live under an oppressive regime that forbids access to certain
  information or means of communication.

Unfortunately, some people also hide behind Tor to do bad things,
  like attack websites or commit fraud.
Because of this,
  many website owners and network administrators see Tor as a security threat,
    and choose to block Tor users from accessing their website.

But in doing so,
  you aren't just keeping out some of the malicious users:
    you're also keeping out those who [use Tor for important, legitimate
    reasons][tor-users].
Malicious users have other means to achieve anonymity and often have the
  skill and understanding to do so.
But average Tor users aren't necessarily technology experts,
  and certainly don't have the extra (often maliciously-acquired) resources
  that bad actors do,
    so they are disprortionally affected by blocks.

A particularly unsettling problem I often encounter is that a website will
  outright prohibit access by Tor users _even on read-only resources like
  articles or information_.
I've even seen this on informational resources on United States Government
  domains!
Blocking access to interactive website features---like
  posting comments or making purchases---can
  be understandable,
    or maybe even necessary sometimes.
For example,
  Wikipedia prohibits page edits over Tor.
But Wikipedia _does not block reading_ over Tor.

If you are considering threats that may mask themselves behind Tor and you
  are running a blog, news site, or other informational resource,
    please, consider how your actions [may affect innocent
    users][tor-users].
Allow users to read over Tor,
  even if you decide to prohibit them from interacting.

For users of Tor who do find themselves stuck from time to time:
  I will often prepend `https://web.achive.org/` to the URL of a page that
  is blocked,
    which allows me to view the page in the Internet Archive's [Wayback
    Machine][].
For example,
  to view my website in the Wayback Machine,
    you'd visit `https://web.archive.org/https://mikegerwitz.com/`.

[Tor]: https://www.torproject.org/
[tor-about]: https://www.torproject.org/about/overview.html.en#whyweneedtor
[tor-users]: https://www.torproject.org/about/torusers.html.en
[sapsf]: /talks/sapsf
[Wayback Machine]: https://web.archive.org/
2018-10-05 23:29:15 -04:00
Mike Gerwitz 5a62a98a78
:70ch for GHS article
Width was too little for all the nesting and snippets it had.
2018-09-30 19:41:30 -04:00
Mike Gerwitz e84acffddd
LibrePlanet 2019 will be March 23--24 in Boston, MA
It's already time to start thinking about LibrePlanet 2019, which will be
March 23--24 in the Greater Boston Area in MA:

[https://libreplanet.org/2019/]()

This is the one event that I must make it to each year, and I encourage
everyone to attend and see the faces of many that are at the heart of the
free software community.

Consider [submitting a session][submit]! Or, if you can't make it but plan
on watching online, maybe help someone else attend by [contributing to the
travel fund][travel-fund]. The call for sessions ends October 26th.

I'll be attending again this year, and I plan on submitting a session
proposal.  I won't have the time to do [my 100+hr research talks like the
past couple years][talks], so maybe I'll fall back on something more
technical that I won't have to research.

It's still a ways off, but if you do plan on attending, do let me know so I
can say hello!

[submit]: https://my.fsf.org/lp-call-for-sessions
[travel-fund]: https://my.fsf.org/civicrm/contribute/transact?reset=1&id=60
[talks]: /talks/
2018-09-06 23:40:50 -04:00
Mike Gerwitz e77ebfc973
:cptt: Add archive 2018-06-03 00:26:45 -04:00
Mike Gerwitz a4b96ad563
:Ignore previous version of mobile post; update THANKS 2018-05-05 21:57:18 -04:00
Mike Gerwitz c084a2222c
When Talking About Mobile Tracking, Don't Veil Bad Actors With Blanket Statements
It's difficult to have useful conversations about mobile tracking when
  someone says "your phone / mobile device tracks you";
  such statements don't often lead to constructive conversation because they
    are too vague and therefore easily dismissed as sensationalism or
    paranoia.
  And they are all too often without substance because,
    while users do have legitimate concerns,
    they aren't necessarily aware of the specific problems contributing to
      those concerns.

A mobile device is nothing more than a small computer that you carry around
  with you.
The networks that you connect to can spy on you---your
  cellular network, bluetooth, wifi, etc.
To help mitigate these threats,
  you can disable those communications until you are in a safe place that
  you don't mind others knowing about.
We can only have confidence that these connections have been disabled by
  physical means,
    like a hardware switch or a bag that acts like a Faraday cage.
[iOS deceives users][ios-deceive] when they ask to disable those communications
  for example.

The software running on your device often spies on you:
  the operating system itself often spies;
  the apps you install often spy.
This is the fault of the individual _authors_---_they_
  are the problem.
Consider using free/libre software that empowers you and serves _you_ rather
  than its creators;
    it's much harder to hide secrets in free software.
On Android,
  consider using only free software available in [F-Droid][].
We also need fully free mobile operating systems,
  like [Replicant][] and hopefully Purism's Librem 5 that is still under
  development.
Don't be fooled into thinking the Android on most phones is free
  software---only
    its core (AOSP) is.

Call out those that do harm---don't
  veil and protect them using statements like "your phone tracks you".
Talk about the specific issues.
Demand change and have the courage to reject them entirely.
This involves inconvenience and sacrifice.
But if we're strong now,
  then in the near future perhaps we won't have to make any sacrifices,
  much like the fully free GNU/Linux system desktops we have today.

Fore more information on tracking,
  see my [LibrePlanet 2017 and 2018 talks](/talks) "The Surreptitious Assault on Privacy,
  Security, and Freedom" and "The Ethics Void", respectively.

[F-Droid]: https://f-droid.org
[ios-deceive]: https://web.archive.org/web/20170922011748/https://support.apple.com/en-us/HT208086
[Replicant]: https://replicant.us
2018-05-05 21:43:10 -04:00
Mike Gerwitz 9cdc7b468c
:resume: Update language years
This also adds Lua.

This is merely annual housekeeping; it is not in preparation for
job hunting. ;)
2018-05-01 22:52:26 -04:00
Mike Gerwitz ec1c0c8d62
:resume: Add Guix 2018-05-01 22:52:20 -04:00
Mike Gerwitz f92d061bc0
:resume: Update wording
This is merely annual housekeeping; it is not in preparation for
job hunting. ;)
2018-05-01 22:37:51 -04:00
Mike Gerwitz ea177110c5
When Talking About Mobile Tracking, Don't Veil Bad Actors With Blanket Statements
It's difficult to have useful conversations about mobile tracking when
  someone says "your phone / mobile device tracks you";
  such statements don't often lead to constructive conversation because they
    are too vague and therefore easily dismissed as sensationalism or
    paranoia.
  And they are all too often without substance because,
    while users do have legitimate concerns,
    they aren't necessarily aware of the specific problems contributing to
      those concerns.

A mobile device is nothing more than a small computer that you carry around
  with you.
The networks that you connect to can spy on you---your
  cellular network, bluetooth, wifi, etc.
To help mitigate these threats,
  you can disable those communications until you are in a safe place that
  you don't mind others knowing about.
We can only have confidence that these connections have been disabled by
  physical means,
    like a hardware switch or a bag that acts like a Faraday cage.
[iOS deceives users][ios-deceive] when they ask to disable those communications
  for example.

The software running on your device often spies on you:
  the operating system itself often spies;
  the apps you install often spy.
This is the fault of the individual _authors_---_they_
  are the problem.
Consider using free/libre software that empowers you and serves _you_ rather
  than its creators;
    it's much harder to hide secrets in free software.
On Android,
  consider using only free software available in [F-Droid][].
We also need fully free mobile operating systems,
  like [Replicant][] and hopefully Purism's Librem 5 that is still under
  development.
Don't be fooled into thinking the Android on most phones is free
  software---only
    its core (AOSP) is.

Call out those that do harm---don't
  veil and protect them using statements like "your phone tracks you".
Talk about the specific issues.
Demand change and have the courage to reject them entirely.
This involves inconvenience and sacrifice.
But if we're strong now,
  then in the near future perhaps we won't have to make any sacrifices,
  much like the fully free GNU/Linux system desktops we have today.

Fore more information on tracking,
  see my [LibrePlanet 2018 and 2019 talks](/talks) "The Surreptitious Assault on Privacy,
  Security, and Freedom" and "The Ethics Void", respectively.

[F-Droid]: https://f-droid.org
[ios-deceive]: https://web.archive.org/web/20170922011748/https://support.apple.com/en-us/HT208086
[Replicant]: https://replicant.us
2018-04-24 23:18:27 -04:00
Mike Gerwitz b9d6fc0314
:style.css: Reduced line width, increased height
Improve readability.
2018-04-24 22:24:17 -04:00
Mike Gerwitz 5027e5b27c
:Resume: The Ethics Void 2018-04-14 00:51:11 -04:00
Mike Gerwitz cd53ff95ed
:Add ethics void links 2018-04-14 00:44:07 -04:00
Mike Gerwitz 4387bd420b
:doc/40-talks.md: Update LP2018 talk abstract 2018-03-17 15:29:38 -04:00
Mike Gerwitz a985435866
Meltdown/Spectre and the Web
The recently-released [Meltdown][] and [Spectre][] CPU timing attacks
  affect virtually every user in some way;
    the consequences are profound.
There are plenty of good write-ups on the topic,
  so I don't feel the need to re-iterate the technical details here.
(See an easily digestible one [from the Raspberry Pi][rpi] project, and an
  in-depth analysis [from Project Zero][zero].)

What I do want to draw attention to is that these attacks [are exploitable
  via web browsers][mozilla].

The reason for this is that your web browser,
  by default,
  automatically downloads and executes programs without your knowledge or
    consent.
Most commonly,
  web pages embed software in the form of JavaScript code.
Because of the features available in modern JavaScript environments,
  CPU cache timing attacks are possible.

[I spoke about the security issues][lp2016] of running these programs in your web
  browser back in 2016---it
    was a bad idea then,
      and it's still a bad idea now.
[I spoke further of privacy issues][lp2017] last year at LibrePlanet 2017.
I encourage you to use extensions like [NoScript][] to block the execution of
  JavaScript by default,
    and stop random people from treating your computer as a puppet to do
    their own bidding.

[Meltdown]: https://meltdownattack.com/
[Spectre]: https://spectreattack.com/
[rpi]: https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
[zero]: https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
[mozilla]: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
[lp2016]: https://media.libreplanet.org/u/libreplanet/collection/restore-online-freedom/
[lp2017]: https://media.libreplanet.org/u/libreplanet/m/the-surreptitious-assault-on-privacy-security-and-freedom/
[NoScript]: http://noscript.net/
2018-01-08 22:27:38 -05:00
Mike Gerwitz cc0c4fcb58
:Update repo URLs for footer commit links
* Makefile (url_root, repo_url): Update URLs.
2018-01-06 00:39:05 -05:00
Mike Gerwitz e6c03df640
:Correct LP2018 link on Talks page
* docs/40-talks.md: Correct LP2018 link.
2018-01-05 23:02:45 -05:00
Mike Gerwitz 34c3eedd45
:Remove #tags from new talk abstract (The Ethics Void)
Oops!  Copied from the GNU Social notice.

* docs/40-talks.md (The Ethics Void): Remove #tags.
2018-01-05 23:00:52 -05:00
Mike Gerwitz 09900b8dbf
:Correct LP2016 logo on Talks page
* docs/40-talks.md: Correct LP2016 logo.
2018-01-05 22:59:19 -05:00
Mike Gerwitz b4cceff3fc
The Ethics Void: Join Me at LibrePlanet 2018!
I got word today that I'll be speaking again at this year's [LibrePlanet][]!
I was going to attend even if I were not speaking,
  but I'm very excited to be able to continue to build off of last year's
  talk and further my activism on these topics.

The title of this year's talk is _The Ethics Void_.
Here's a rough abstract:

> Medicine, legal, finance, journalism, scientific research—each of these
> fields and many others have widely adopted codes of ethics governing the
> lives of their professionals. Some of these codes may even be enshrined in
> law. And this is for good reason: these are fields that have enormous
> consequences.

> Software and technology pervade not only through these fields, but through
> virtually every aspect of our lives. Yet, when compared to other fields, our
> community leaders and educators have produced an ethics void. Last year, I
> introduced numerous topics concerning #privacy, #security, and #freedom that
> raise serious ethical concerns. Join me this year as we consider some of
> those examples and others in an attempt to derive a code of ethics that
> compares to each of these other fields, and to consider how leaders and
> educators should approach ethics within education and guidance.

(My previous talks can be found on my ["Talks" page][talks].)

For this talk,
  I want to solicit the community at various points.
I know what _I_ want to talk about,
  but what are some of the most important ethical issues to _you_?
Unfortunately there's far too much to fit into a 40-minute talk!
Feel free to send me an e-mail or reply to the [thread on GNU Social][thread].

[LibrePlanet]: https://libreplanet.org/2018/
[talks]: /talks
[thread]: https://social.mikegerwitz.com/conversation/99140
2018-01-05 22:55:53 -05:00
Mike Gerwitz e521680ece
:Year-specific LP logos on Talks
* docs/40-talks.md: Consistent styling and year-specific logos.
* images/lp-2016.png: Add LP2016 logo.
* images/lp-2017.png: Add LP2016 logo.
* style.css: Whitespace above logos.
2018-01-05 22:48:09 -05:00
Mike Gerwitz 4f5a47a970
:Add The Ethics Void to Talks page
* docs/40-talks.md (The Ethics Void): Add section.
* images/lp-2018.png: Add LP2018 logo.
* style.css (.talk-logo): Add class.
2018-01-05 22:36:48 -05:00
Mike Gerwitz cd806b4a23
:Fix LP201{7=>6} title for 2016 talk LP image
* docs/40-talks.md: Correct lower image title.
2018-01-05 22:02:48 -05:00
Mike Gerwitz 781a073692
:Here's a hash
49142b66305e2ef67755c21bea80b13ec06ff025

Just in case you were looking for one.
2018-01-05 00:51:09 -05:00
Mike Gerwitz b61ced73b6
:Restrict index body width to 40em 2017-10-29 00:15:09 -04:00
Mike Gerwitz 5accbfbac4
:resume: Objective section update
Mention of educator/research role.  It is hard to articulate this cleanly;
it is better that someone just ask.
2017-09-23 23:03:40 -04:00
Mike Gerwitz ce5eda1527
:resume: Reduce length slightly
This removes some whitespace, extra sentences that aren't needed, and
entirely removes the education section that wasn't adding any value or
useful information; I'm self-educated.
2017-09-23 21:34:27 -04:00
Mike Gerwitz 8e39d0abde
:resume: FSF abbr whitespace fix
Newlines appear in rendered title.
2017-09-23 21:19:24 -04:00
Mike Gerwitz 686895429e
:resume: Add EFF affiliation 2017-09-23 21:18:40 -04:00
Mike Gerwitz c69a64d600
:about.md: Image license notice nbsp 2017-09-23 13:39:32 -04:00
Mike Gerwitz df0b0c38c1
:Desaturate icons on all resume layouts 2017-09-23 13:36:11 -04:00
Mike Gerwitz 64cbee0030
:Add EFF link 2017-09-22 03:07:18 -04:00
Mike Gerwitz a8a6dadd31
:Add images/tp build
This adapts the same methodology I used for my SAPSF LP2017 talk to keep
third-party resources out of the repository.  This is not only good from a
licensing perspective, but also good for the repo and programatically
defines how I derive the image displayed on my site from a source image (and
proves that it does not constitute a derivative work, as it is not
transformative).
2017-09-22 03:06:37 -04:00
Mike Gerwitz 8a36221301
:githubbub: minor wording update 2017-08-01 22:00:33 -04:00
Mike Gerwitz 82745bc857
:resume: Link to githubbub
Originally I wanted to keep the resume purely informational regarding my
skills.  This is more proper, for me.
2017-08-01 01:32:27 -04:00
Mike Gerwitz 311741bac4
:Octoright octoflop
It should be obvious, no?
2017-08-01 01:30:33 -04:00
Mike Gerwitz a816754a34
:Resume HN icon 2017-07-30 22:42:53 -04:00
Mike Gerwitz b26e73f278
:Fade resume icons in lower-res views 2017-07-30 22:17:23 -04:00
Mike Gerwitz 50a05be618
:Fix short GPG key on resume 2017-07-30 01:24:21 -04:00
Mike Gerwitz 7414318a8c
:Organize headline images vertically at smallest resolution
Was squishing text too much.
2017-07-30 01:16:45 -04:00
Mike Gerwitz b7eeecc280
:Responsive design for resume
Complete with snarky remarks.

I'm surprised this has gone this long without me realizing that I never
implemented lower-resolution views.
2017-07-30 01:00:42 -04:00
Mike Gerwitz 879db402d6
:Fix HN icon display on mobile 2017-07-29 08:47:41 -04:00
Mike Gerwitz be4fda5058
:Remove `Academic' languages in resume
Not necessary; so infreqently used that they're useless to list.

* docs/about/resume.html: Remove academic languages.
2017-07-24 21:29:01 -04:00
Mike Gerwitz 0633a1dd4d
:Move Education to bottom of resume
* docs/about/resume.html (Education): Move section to bottom.
2017-07-24 21:27:02 -04:00
Mike Gerwitz bd59be0d37
Don't force me to use your tools [on the Web]
There was an interesting discussion on [libreplanet-discuss][] recently
  regarding web interfaces.
Below is a rather informal off-the-cuff statement regarding the use of Web
  interfaces (specificlaly Discourse) over my own tools.

-----

I live a huge chunk of my life in my mail client
  (which happens to be my editor as well).
It's scripted,
  heavily customized,
  and integrated with other things.
I do task management with Org mode,
  which integrates simply but well enough with Gnus.
I can use my editor keybindings and such when composing messages.
The same goes with my IRC client.
I never have to leave home, if you will.

Contrast that with websites:
  if I have to write anything substantial,
    I often have to write it in my editor first and paste it in.

Many of us hackers don't care for flashy interfaces;
  we'd rather use the tools we've invested our lives into and know well.
  Tools that can compose and work well in pipelines.
Trying to use interfaces that reinvent the wheel poorly is painful.
And let's not be fooled---these are programs.
Especially when they're heavy on JavaScript.
There's no difference between this and someone asking me to download Foo and
  put my Emacs toy away, as cute as it is.

But I know that many people don't feel that way.
I have coworkers that think I'm crazy (respectfully so).
And I think they're crazy too. ;)
Admittedly, using your own tools is a large barrier to entry---my
  tools are useful because I've spent a great deal of time learning and
    researching and customizing.
And now I can reuse them for everything.
For your average user looking to get into activism,
  who may not even be a programmer,
  that's a bit different;
    it's easier to say "here's your single tool (Web)---go use it".

There are systems that allow for a level of integration
  (e.g. mailing lists and forums).
But they're often treated as fallbacks---as second-class citizens.
They might provide a subset of features;
  it leaves certain members of the community out---those
    who want to use their own tools.

I haven't used Discourse.
I do see "mailing list support";
  maybe that's a good sign.
But one of the phrases at the top of the features page is
  "[w]e're reimagining what a modern discussion platform should
  be".
Many of us don't want to see it reimagined.
That's the opposite of what many want.

Trying to strike a balance isn't a bad thing if that's the audience
  we're looking to attract.
But it's difficult,
  and something I struggle with a great deal.

-----

tl;dr:
  Asking someone to use an interface on the Web is asking them to use
    /your/ program instead of their own.
  Be respectful by using [Web standards for accessibility][accessibility];
    [progressive enhancement][];
    and make use of well-established standards with rich histories,
      especially if your audience makes use of them
      (e.g. mailing lists, RSS feeds, federation standards, etc).

Thank you.

[libreplanet-discuss]: https://lists.gnu.org/archive/html/libreplanet-discuss/2017-06/msg00032.html
[accessibility]: https://en.wikipedia.org/wiki/Web_accessibility
[progressive enhancement]: https://en.wikipedia.org/wiki/Progressive_enhancement
2017-06-27 01:33:03 -04:00
Mike Gerwitz d68fc4d991
Russia wants to review source code of Western security software
Reuters [released an article][0] entitled "Under pressure, Western tech
  firms bow to Russian demands to share cyber secrets".
Should Russia be permitted to do so?
Should companies "bow" to these demands?

I want to draw a parallel to another highly controversial case regarding
  access to source code:
    the [Apple v. FBI][2] case early last year.
For those who don't recall,
  one of the concerns was the government trying to compel Apple to make
  changes to iOS to permit brute forcing the San Bernardino attacker's
  PIN;
    this is a [violation of First Amendment rights][3] (compelled speech),
      and this afforded Apple strong support from even communities that
      otherwise oppose them on nearly all other issues.
The alternative was to have the FBI make changes to the software instead of
  compelling Apple to do so,
    which would require access to the source code of iOS.

Becuase of the hostility toward the FBI in this case,
  even many in the [free software community][4] took the stance that the FBI
  being able to modify the software would set terrible precedent.
But that's missing the point a bit.
Being able to modify software doesn't give you the right to install it on
  others' devices;
    the FBI would have had to compell Apple to release their signing keys
    as well---_that_ is a dangerous precedent.
If the government compelled Apple to made changes themselves,
  _that_ is dangerous precedent.

"Cyber secrets" in the above title refers to source code to software written
  by companies like Cisco, IBM, SAP, and others;
    secrets that can only exist in proprietary software that
      [denies users the right to inspect, modify, and share][1] the software
      that they are running.

For those who agree with the free software philosophy,
  it's important to remove consideration of _who_ is trying to exercise their
  [four freedoms][1].
In the case of the FBI,
  from a free software perspective,
  of course they should be able to modify the software---we
    believe that _all_ software should be free!
      (But that doesn't mean they should be able to install it on _someone
      else's_ device.)
In the context of this article by Reuters:
  Russia doesn't have to ask to examine software that is free/libre.
  And if they did, it shouldn't be a concern;
    restricting who can use and examine software is [a slippery slope][5].

Unfortunately, not all software is free/libre.
But if we extend the free software philsophy---there
  should be no _ethical_ concerns with a foreign power wanting to inspect
  proprietary source code.
But proprietary software might have something of concern to hide:
  it might be something malicious like a backdoor,
  or it might be something like a lack of security or poor development
  practices;
    [proprietary software exists only to keep secrets][6], after all.

If Russia has to ask to inspect source code for security software,
  you probably do too.
And if that's the case,
  the security being provided to you is merely a facade.
It's not Russia to be suspicious of for asking---it's
  the companies that keep secrets to begin with.

[0]: http://www.reuters.com/article/us-usa-russia-tech-insight-idUSKBN19E0XB
[1]: https://www.gnu.org/philosophy/free-software-even-more-important.html
[2]: https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_dispute
[3]: https://www.eff.org/deeplinks/2016/03/deep-dive-why-forcing-apple-write-and-sign-code-violates-first-amendment
[4]: https://www.gnu.org/philosophy/free-sw.en.html
[5]: https://www.gnu.org/philosophy/programs-must-not-limit-freedom.html
[6]: https://www.gnu.org/proprietary/proprietary.html
2017-06-24 00:37:15 -04:00