Bonum Certa Men Certa

Guarding and Rescuing the FSF Titanic: There is More Than One Iceberg Ahead

A publication from the Free Media Alliance

Overview



Iceberg

Summary: "This strategy is not far from when Microsoft talked about "de-commoditizing protocols" in the late 90s, as part of their plans to control, dominate, and end Open Source and Free software."

THE Free Software Foundation knows that a licence can have vulnerabilities, just like computer code. Tivo found such a vulnerability in GPL2, created an exploit, and the FSF patched it in GPLv3.



If a licence can have vulnerabilities, then any argument that relies on "it's Free software, so..." is an oversimplification. Software is free because it gives you the four freedoms in the Free Software Definition, the definition is implemented via the GPL and similar licences, and a vulnerability works around (despite) that implementation. It may even work around the definition itself.

"Tivo found such a vulnerability in GPL2, created an exploit, and the FSF patched it in GPLv3."The most tiring hubris from the FSF is that Free software is by nature, immune to the sort of attacks that Microsoft outlined years ago in the Halloween Documents. It is not immune, it is resistant. The Four Freedoms create substantial resistance to lock-in, bloat, bad security, and monopoly.

It shouldn't take half a decade to explain to the FSF why a great strategy for reducing Software Freedom is to take a bunch of projects that are well-designed, stable, reliable and vital to Free software -- glue them together into a single project from a single maintainer, and then make it more work to separate them again.

"It shouldn't take half a decade to explain to the FSF why a great strategy for reducing Software Freedom is to take a bunch of projects that are well-designed, stable, reliable and vital to Free software -- glue them together into a single project from a single maintainer, and then make it more work to separate them again."This strategy is not far from when Microsoft talked about "de-commoditizing protocols" in the late 90s, as part of their plans to control, dominate, and end Open Source and Free software. When faced with this prospect and threat, the FSF and its fans tend to compartmentalise. To oversimplify, at great risk of a straw man:

Things are good or they're bad,

Free software is good,

So everything under a Free software licence is good.

Of course the FSF knows better than that, they aren't stupid. But when presented with arguments why systemd (as the primary example) are designed to reduce freedom and have reduced freedom, the FSF falls back on defensive apathy and indifference:

Using indifference towards a better viewpoint is a normal and common example of this. It can be caused by someone having used multiple compartment ideals and having been uncomfortable with modifying them, at risk of being found incorrect. This often causes double-standards, and bias.


Although it is not the inspiration for the title, given that the overarching metaphor chosen is the Titanic, it is hard not to compare the indifference and denial towards this threat to the insistence that the Titanic did not need lifeboats.

"Choice and freedom are certainly not the same thing -- freedom is broader than choice, and while freedom seems to imply choice exists, choice can exist (as it does in most any proprietary software) without something that even resembles freedom."Do we need to preserve choice for Free software? The FSF has always suggested otherwise, even if this seems (and ought to seem) very backwards from a perspective of freedom.

Choice and freedom are certainly not the same thing -- freedom is broader than choice, and while freedom seems to imply choice exists, choice can exist (as it does in most any proprietary software) without something that even resembles freedom. Preserving choice -- the modularity that made UNIX so easy to rebuild with Free software -- is not and never was a priority for the FSF.

Trying to find a quote about Stallman saying that other desktops are fine, but not needed because the FSF already has GNOME, may turn this old quote instead:

Since we already have GTK support, there's no reason we could not have equivalent Qt support, if it someone wants to maintain it.

However, GNOME is the main GNU desktop, and GNU packages are supposed to support each other. It would not be right for Emacs to have more support for KDE than for GNOME.


Giving priority to a GNU project makes plenty of sense for GNU, but this is just one more quote that suggests that the FSF has never considered choice to be important. This comes up again in a conversation with Alexandre Oliva of FSF-LA, who goes so far as to imply that preserving choice might go beyond the FSF's mission and that perhaps another organisation could tackle something like that.

Is that really what it would take? Granted, that's very nearly the premise of this writing -- but can the FSF really not do anything in this regard? It seems bizarre, but either way we will attempt to help people understand why choice is vital to Software Freedom.

"Without the preservation of choice, both GNU and the FSF itself have a single point of failure."We live in a society where monopolies are considered "too big to fail," and the Titanic was also considered too big to fail -- we also communicate with a global network, the concept of which was presented to then-monopoly AT&T as an alternative to their vulnerable, overly top-down system with a single point of failure.

Without the preservation of choice, both GNU and the FSF itself have a single point of failure. "Choice" does not mean, just to state the obvious, that "all combinations of anything are possible." It means that freedom has redundancy (and better caters to diversity), and that things must fail multiple times on several levels before the failure is catastrophic.

Although the "lifeboats" metaphor is primarily intended to refer to a safe escape if the Free Software Foundation itself fails, (the global chapters do not really operate in practice like redundant or autonomous nodes, they are more like foreign bases of operation coordinated by a primary node and will likely fail if the main office does) if a large project like GNOME is no longer suitable, additional desktop environments (preferably smaller ones that are simpler and less likely to fail) could also act as lifeboats.

If this concept is too foreign (it shouldn't be) for the FSF to acknowledge the obvious importance of, they can certainly recognise that users strongly feel a need to have alternatives for just this reason. The denial and rhetoric from Free software supporters (with some very notable exceptions) on this matter is pathological, but relentless.

The FSF has made its decision on the matter, and the 5 years of development time stolen, along with the power consolidation of too many projects by a single commercial monopoly -- which was recently purchased by an even larger commercial monopoly -- and is hosted on servers owned and controlled by their largest sworn enemy (of freedom itself) you might really ask yourself what the hell they're thinking. We have an answer: they're not, denial is something different.

So the FSF doesn't need lifeboats, yadda yadda yadda. We've heard that one before. Even if the FSF doesn't need them, We as "passengers" on this thing do, so we will provide them if we want to stay afloat. And as long as we are engineering safety where the FSF courts disaster for their mission, we might as well try to provide their safety along with our own. They may ignore our warnings, but we still care deeply about what they're doing.

"The FSF has made its decision on the matter, and the 5 years of development time stolen, along with the power consolidation of too many projects by a single commercial monopoly -- which was recently purchased by an even larger commercial monopoly -- and is hosted on servers owned and controlled by their largest sworn enemy (of freedom itself) you might really ask yourself what the hell they're thinking."Lifeboats for us then, and lifeboats for them. And like the resistance of a licence to a monopoly dedicated to Free software's destruction, this metaphor can only go so far, so to construct "lifeboats" it is really necessary to talk about what will "sink" without them -- namely the threats and possible disasters that Free software may encounter or have already encountered, now, recently, and in the near future.

If we understand and don't deny the threats, it should (with luck) help us work on ways to address them. With a visit to the Librethreat database.

We find a "malware-threat-like database of threats to libre software". The first threat is "Tivoisation" and the field "Also recognised by FSF:" is filled out with "Yes". The summary is: "GPL2 not strong enough to prevent DRM/TPM from allowing device owners to change operating system in devices" and the mitigation is: "Migrate to GPL3."

Interestingly enough, that migration to GPL3 was supposed to include the Linux kernel. What went wrong there was a multipronged attack to a singleprong (licence-based) solution. The GPL3 is a good licence -- in many ways it is a clear upgrade. But the attack was followed up by lobbying from the Association for Competitive Technology (covered in a story by Infoworld in 2007) which according to Techrights in 2019, worked to get Linus Torvalds against it and prevent its adoption for Linux development.

GPL2: [ fail ]

GPL3: [ ok ]

ACT Lobbying: [ fail ] WARNING: This will cause Linux to remain GPL2

Both licences and organisations can fail to protect Free software from interference from monopolies like Microsoft. Just implying that Free software is immune to their tactics "because it's Free software" is a falsehood and a way of pooh-poohing a threat.

"Regarding some of the things they have spent the past 5 years or more in denial about, systemd is the largest example."Historically, the FSF has a very good track record (indeed, the best record) of recognising these threats and responding to them. The point is simply that they too can fail -- the FSF is fallible, human, imperfect. Regarding some of the things they have spent the past 5 years or more in denial about, systemd is the largest example.

Security researchers, professional bloggers and journalists, higher-ups from other Free software organisations such as Dyne.org and users and administrators have all spoken out against systemd, and the FSF has done nothing to help them or give them a real voice. If the FSF has any members paying for the privilege of being ignored and dismissed with the rest of us, we don't know much about them.

The FSF fails as a megaphone for Free software advocates, it does not always listen very well to advocates, but perhaps it should do more of that. As to what response its critics should have made, perhaps a formal petition to the FSF should have started to get them to drop their support of the systemd takeover, similar to the petitions the FSF made regarding DRM and UEFI.

"The FSF fails as a megaphone for Free software advocates, it does not always listen very well to advocates, but perhaps it should do more of that."One of the undeniable failures of those against systemd is that no such petition was ever presented to the FSF -- instead, our actions always fell short of one. (If you think it's not too late, let us know or perhaps go ahead and start one.) In the future we would recommend formal petitions to make the FSF take threats like this more seriously. It's one thing to say "we can't do anything." Saying there is nothing that needs to be done is probably false, and there's no excuse.

We maintain that systemd could be a weapon against Software Freedom. We can't say that on the Debian mailing-list, but we know that one or more companies remain out to do harm to Free software, we know their tactics have never changed with their marketing rhetoric, we know that systemd does things that are strikingly similar to the tactics outlined in corporate documents designed to wage war against Free software. So why wouldn't it be a weapon against software freedom? It looks like, walks, and quacks like a duck. How is it actually different? Oh, the licence?

Even when the same people who talked about the problems systemd would cause, look back on 5 years of cleanup that could have really been better spent improving software rather than salvaging it from wreckage, the FSF remains silent. If it only hurt the FSF then perhaps we could let them live with it, but what about the rest of us? The FSF ignores and denies the problem, ignores what we say, and ignores the damage done to all of us. Thankfully, some of us have worked on alternatives. Unfortunately, there is a threat (or category of threat) similar to systemd that is even bigger:

Redix

Threat type: Broad category

Affects: Free software development, stability and reliability, autonomy, organisational structure

Summary: Disruption of POSIX, EEE of Free software projects, Infiltration of organisations that offer Free software

Recognised by: Free Media Alliance, some critics of Systemd

Also recognised by FSF: No

Mitigation: Avoid / fork / replace / document examples of Redix in software, use Systemd-free distros, assist Hyperbola developers

Examples: Pycon, Systemd


The FSF does not talk much about infiltration of FLOSS organisations by employees of monopolies like Microsoft, even when such monopolies and related lobbing organisations did so much to thwart GPL3, which patched critical vulnerabilities in their primary defensive weapon (the GPL.) Neglecting threats of this nature continues to weaken the FSF's defenses in the 21st century, and the evidence is everywhere. Monopoly forces continue to move farther and farther into our territory. Why is the FSF so quiet?

"Neglecting threats of this nature continues to weaken the FSF's defenses in the 21st century, and the evidence is everywhere."Again, we recommend petitions. They may not be enough, but they are a good place to start. They can even be informal, provided that they are well-documented enough (we don't need to use change.org, for example.) The point is fighting to be heard, something that shouldn't be necessary but clearly is. (We have fought hard for a year, other organisations have fought for years longer, to no avail.)

If the FSF is not a megaphone for its members, we continue to build one that you can use for the purpose. We should build a network of megaphones, so that when Free software is headed for yet another iceberg, the FSF cannot dismiss the noise so easily.

But the larger threat is to POSIX itself. Stallman coined the term, and we insist it is the glue that holds Free software together. Perhaps you can destroy POSIX altogether, and systemd along with zircon (the kernel of Google's Fuchsia operating system) are two projects that may aim to do just that. Microsoft themselves said decades ago:

Systematically attacking UNIX in general helps attack Linux in particular.


In modern terms, there is not a better description of "UNIX in general" than POSIX. At this point, it is far more relevant than UNIX.

Once again, if we move past systemd and look at the threats to POSIX, we do not come up wanting. We can show that POSIX itself is in the crosshairs, we can give this strategy a name: "Redix." We can show that systemd is the Redix flagship, but someday it could be retired, and replaced with a new flagship. We would rather point out the trend, the strategy, than just a single example or implementation.

If the FSF has any contingencies against this, they are silent and are certainly fooling us. Do you have reasons to ignore this threat as well?

"In modern terms, there is not a better description of "UNIX in general" than POSIX. At this point, it is far more relevant than UNIX."Is there something we left out? The Free Media Alliance talks about more details related to this all the time; you can ignore one example, how about five? Ten? How many examples would it take to make this credible in your opinion? As long as Free software is threatened, it the job of those who care to do something, to at least admit the threat exists. Why wouldn't we?

Unfortunately, systemd proponents have spent the past 5 years beating us down and shutting us up. Even as new organisations form, the struggle to be taken seriously continues. The FSF went through that for many years (arguably they still do) and there's no reason we won't have to do the same. But it's a terrible shame, when the same rhetorical tactics used to fight Free software itself, are used by Free software advocates to silence those sounding the alarm.

We recommend the Librethreat database as a primary radar for new threats to Free software, and no one can make you take each threat equally seriously (we don't. Some of it is pure speculation.) It includes threats that even the FSF recognises, but why stop there? The FSF has proven itself unable to respond fully to Tivoisation. GPL3 was an effective licence measure against it, we can't fault that. Only the sale to Torvalds failed, due to lobbyists that may claim to "♥ Linux."

"Are we ready to acknowledge the severity of these threats yet, or will it take another 5 years?"Companies who wish to "Tivoise" can simply get the same GPL2 kernel as before, Tivoise it all they wish, and then -- they can't use newer GPL3 applications, can they? No, like Apple they will simply dump those and use non-GPL applications. Perhaps there are threats bigger than Tivoisation out there. And if there weren't, perhaps the FSF's plan to patch Free software against it would have worked.

Are we ready to acknowledge the severity of these threats yet, or will it take another 5 years?

Let us know.

Licence: Creative Commons CC0 1.0 (Public Domain)

Recent Techrights' Posts

The "Luddite" Complex
Sometimes simplest is best and sometimes "modern" is designed not with the buyers' interest in mind
SCO's Darl McBride Dead at Age 64
There's hardly any information about it, except we know he reached bankruptcy and 3 years later he died at a relatively young age
[Meme] Python Knows Its Bosses
Microsoft strings attached
[Meme] Debt of About $20 Per Active User
Facebook isn't laying off tens of thousands for "efficiency" but for survival
 
Links 02/11/2024: Many Fakes in Social Control Media
Links for the day
GNU/Linux Usage Surveys: Up to 6.8% (With ChromeOS, Based on StatCounter) in Desktops/Laptops and Above 2% in Steam
Today StatCounter starts releasing graphs based on data for November
Gemini Links 02/11/2024: Petscop, Jokes, and RetroChallenge
Links for the day
Links 02/11/2024: Temu EU Probe and Shorts Trademark
Links for the day
The 'Turning-Free-Code-Proprietary Foundation' (Linux/Microsoft Foundation)
LF will basically become just as sinister as its corporate sponsors
Python Software Foundation is 'Cancel Culture' Rehomed
Python isn't grassroots and it doesn't really tolerate grassroots
DeVault "Closes Down His Mailing Lists Every Time There's a Scandal" and Also Censors Messages
Censorious code hosting platform
What Social Control Media Really Is
Social Control Media, in a nutshell, isn't just bad if its controller is some foreign or hostile nation
Taking Ethics Lectures From Drew
Projection tactics
Links 02/11/2024: Facebook Stock Falls (Soaring Debt), Apple’s Quarterly Profit Down
Links for the day
Gemini Links 02/11/2024: Burnout, Emacs Bookmarks, and Smooth Migration
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 01, 2024
IRC logs for Friday, November 01, 2024
Facebook's Debt Has Soared to All-Time High of Nearly 50 Billion Dollars
But the corporate media pretends all is well (while mass layoffs continue and slop takes over the social control media)
Geminispace Makes It Past 4,200 Capsules on November 1st
At last!
Links 01/11/2024: Election Interferences by X/Twitter/Musk, Strava as Espionage Tool
Links for the day
The October 2024 Web Server Survey Shows a Further Collapse for Microsoft in the Servers Market
Microsoft experienced the next largest loss of 699,464 sites (-3.45%)
Gemini Links 01/11/2024: TLS Sucks, twytere.com Announced
Links for the day
Links 01/11/2024: Few Things Are Cheaper Than This Antenna and "Nothing Lasts Forever"
Links for the day
Technology: rights or responsibilities? - Part V
By Dr. Andy Farnell
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 31, 2024
IRC logs for Thursday, October 31, 2024
R.T.O. is Another Name (or Acronym) for Voluntary Layoffs
Amazon is trying to get many workers to leave on their own
Microsoft's Acquisition of Activision (to Fake Revenue Growth by Buying Revenue) Was a Failure
Of course the mass layoffs at Microsoft aren't just a Microsoft thing
Stagnant, Shrinking Businesses and "IBM's Corporate Culture Since the Late 1980s... Over 35 Years."
Recently, IBM was using share price as a talking point, insisting the company was doing OK while tens of thousands were being laid off
Links 01/11/2024: World News, Political Catchup
Links for the day
[Meme] Probably the Worst Possible Time to Get Information From Social Control Media
Musk does not want to prevent disinformation from spreading and the same is true for Facebook and TikTok; they have their own interests
Update on Litigation Against the European Patent Office (EPO) at the ILO Administrative Tribunal (ILOAT)
Rewards and compensation for staff have long fallen, resulting in many experienced colleagues leaving and causing further declines in quality and compliance
Gemini Links 31/10/2024: NNCP, Declutter the Web, Cost of Community
Links for the day
Links 31/10/2024: Supermicro Plummets 33%, Block and Dropbox Mass Layoffs
Links for the day
Links 31/10/2024: Environmental Anxiety, Profound Changes in Hardware Market
Links for the day
Links 30/10/2024: TSMC Concerns and North Koreans in Ukraine War
Links for the day
Facebook is for Zombies
Social control media is for fools
Microsoft Now Has $235,290,000,000 in Liabilities, They Grow Over Time in Spite of Mass Layoffs (So Expect More Layoffs)
expect more mass layoffs
Links 31/10/2024: DST Woes, War Updates, Amazon RTO Backlash
Links for the day
Gemini Links 31/10/2024: Attention Economy and Gemlogs
Links for the day
Happy Halloween
October is nearly over
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 30, 2024
IRC logs for Wednesday, October 30, 2024
For the Record: Linux is Controlled by the United States of America
"This is going to make many question the openness and inclusivity of the work done by Linux Foundation"
Microsoft: XBox Hardware Revenues Down About 30% (Ignore the Buzzwords and Activision Activity Dressed Up as "XBox")
For context, in a previous quarter XBox hardware sales were down by about 50%
Cooking the Books With "Cloud" And "AI" Was Not Enough to Fool Microsoft Investors
"Microsoft Shares Drop on Disappointing Azure Growth Forecast"