Bonum Certa Men Certa

Guarding and Rescuing the FSF Titanic: There is More Than One Iceberg Ahead

A publication from the Free Media Alliance

Overview



Iceberg

Summary: "This strategy is not far from when Microsoft talked about "de-commoditizing protocols" in the late 90s, as part of their plans to control, dominate, and end Open Source and Free software."

THE Free Software Foundation knows that a licence can have vulnerabilities, just like computer code. Tivo found such a vulnerability in GPL2, created an exploit, and the FSF patched it in GPLv3.



If a licence can have vulnerabilities, then any argument that relies on "it's Free software, so..." is an oversimplification. Software is free because it gives you the four freedoms in the Free Software Definition, the definition is implemented via the GPL and similar licences, and a vulnerability works around (despite) that implementation. It may even work around the definition itself.

"Tivo found such a vulnerability in GPL2, created an exploit, and the FSF patched it in GPLv3."The most tiring hubris from the FSF is that Free software is by nature, immune to the sort of attacks that Microsoft outlined years ago in the Halloween Documents. It is not immune, it is resistant. The Four Freedoms create substantial resistance to lock-in, bloat, bad security, and monopoly.

It shouldn't take half a decade to explain to the FSF why a great strategy for reducing Software Freedom is to take a bunch of projects that are well-designed, stable, reliable and vital to Free software -- glue them together into a single project from a single maintainer, and then make it more work to separate them again.

"It shouldn't take half a decade to explain to the FSF why a great strategy for reducing Software Freedom is to take a bunch of projects that are well-designed, stable, reliable and vital to Free software -- glue them together into a single project from a single maintainer, and then make it more work to separate them again."This strategy is not far from when Microsoft talked about "de-commoditizing protocols" in the late 90s, as part of their plans to control, dominate, and end Open Source and Free software. When faced with this prospect and threat, the FSF and its fans tend to compartmentalise. To oversimplify, at great risk of a straw man:

Things are good or they're bad,

Free software is good,

So everything under a Free software licence is good.

Of course the FSF knows better than that, they aren't stupid. But when presented with arguments why systemd (as the primary example) are designed to reduce freedom and have reduced freedom, the FSF falls back on defensive apathy and indifference:

Using indifference towards a better viewpoint is a normal and common example of this. It can be caused by someone having used multiple compartment ideals and having been uncomfortable with modifying them, at risk of being found incorrect. This often causes double-standards, and bias.


Although it is not the inspiration for the title, given that the overarching metaphor chosen is the Titanic, it is hard not to compare the indifference and denial towards this threat to the insistence that the Titanic did not need lifeboats.

"Choice and freedom are certainly not the same thing -- freedom is broader than choice, and while freedom seems to imply choice exists, choice can exist (as it does in most any proprietary software) without something that even resembles freedom."Do we need to preserve choice for Free software? The FSF has always suggested otherwise, even if this seems (and ought to seem) very backwards from a perspective of freedom.

Choice and freedom are certainly not the same thing -- freedom is broader than choice, and while freedom seems to imply choice exists, choice can exist (as it does in most any proprietary software) without something that even resembles freedom. Preserving choice -- the modularity that made UNIX so easy to rebuild with Free software -- is not and never was a priority for the FSF.

Trying to find a quote about Stallman saying that other desktops are fine, but not needed because the FSF already has GNOME, may turn this old quote instead:

Since we already have GTK support, there's no reason we could not have equivalent Qt support, if it someone wants to maintain it.

However, GNOME is the main GNU desktop, and GNU packages are supposed to support each other. It would not be right for Emacs to have more support for KDE than for GNOME.


Giving priority to a GNU project makes plenty of sense for GNU, but this is just one more quote that suggests that the FSF has never considered choice to be important. This comes up again in a conversation with Alexandre Oliva of FSF-LA, who goes so far as to imply that preserving choice might go beyond the FSF's mission and that perhaps another organisation could tackle something like that.

Is that really what it would take? Granted, that's very nearly the premise of this writing -- but can the FSF really not do anything in this regard? It seems bizarre, but either way we will attempt to help people understand why choice is vital to Software Freedom.

"Without the preservation of choice, both GNU and the FSF itself have a single point of failure."We live in a society where monopolies are considered "too big to fail," and the Titanic was also considered too big to fail -- we also communicate with a global network, the concept of which was presented to then-monopoly AT&T as an alternative to their vulnerable, overly top-down system with a single point of failure.

Without the preservation of choice, both GNU and the FSF itself have a single point of failure. "Choice" does not mean, just to state the obvious, that "all combinations of anything are possible." It means that freedom has redundancy (and better caters to diversity), and that things must fail multiple times on several levels before the failure is catastrophic.

Although the "lifeboats" metaphor is primarily intended to refer to a safe escape if the Free Software Foundation itself fails, (the global chapters do not really operate in practice like redundant or autonomous nodes, they are more like foreign bases of operation coordinated by a primary node and will likely fail if the main office does) if a large project like GNOME is no longer suitable, additional desktop environments (preferably smaller ones that are simpler and less likely to fail) could also act as lifeboats.

If this concept is too foreign (it shouldn't be) for the FSF to acknowledge the obvious importance of, they can certainly recognise that users strongly feel a need to have alternatives for just this reason. The denial and rhetoric from Free software supporters (with some very notable exceptions) on this matter is pathological, but relentless.

The FSF has made its decision on the matter, and the 5 years of development time stolen, along with the power consolidation of too many projects by a single commercial monopoly -- which was recently purchased by an even larger commercial monopoly -- and is hosted on servers owned and controlled by their largest sworn enemy (of freedom itself) you might really ask yourself what the hell they're thinking. We have an answer: they're not, denial is something different.

So the FSF doesn't need lifeboats, yadda yadda yadda. We've heard that one before. Even if the FSF doesn't need them, We as "passengers" on this thing do, so we will provide them if we want to stay afloat. And as long as we are engineering safety where the FSF courts disaster for their mission, we might as well try to provide their safety along with our own. They may ignore our warnings, but we still care deeply about what they're doing.

"The FSF has made its decision on the matter, and the 5 years of development time stolen, along with the power consolidation of too many projects by a single commercial monopoly -- which was recently purchased by an even larger commercial monopoly -- and is hosted on servers owned and controlled by their largest sworn enemy (of freedom itself) you might really ask yourself what the hell they're thinking."Lifeboats for us then, and lifeboats for them. And like the resistance of a licence to a monopoly dedicated to Free software's destruction, this metaphor can only go so far, so to construct "lifeboats" it is really necessary to talk about what will "sink" without them -- namely the threats and possible disasters that Free software may encounter or have already encountered, now, recently, and in the near future.

If we understand and don't deny the threats, it should (with luck) help us work on ways to address them. With a visit to the Librethreat database.

We find a "malware-threat-like database of threats to libre software". The first threat is "Tivoisation" and the field "Also recognised by FSF:" is filled out with "Yes". The summary is: "GPL2 not strong enough to prevent DRM/TPM from allowing device owners to change operating system in devices" and the mitigation is: "Migrate to GPL3."

Interestingly enough, that migration to GPL3 was supposed to include the Linux kernel. What went wrong there was a multipronged attack to a singleprong (licence-based) solution. The GPL3 is a good licence -- in many ways it is a clear upgrade. But the attack was followed up by lobbying from the Association for Competitive Technology (covered in a story by Infoworld in 2007) which according to Techrights in 2019, worked to get Linus Torvalds against it and prevent its adoption for Linux development.

GPL2: [ fail ]

GPL3: [ ok ]

ACT Lobbying: [ fail ] WARNING: This will cause Linux to remain GPL2

Both licences and organisations can fail to protect Free software from interference from monopolies like Microsoft. Just implying that Free software is immune to their tactics "because it's Free software" is a falsehood and a way of pooh-poohing a threat.

"Regarding some of the things they have spent the past 5 years or more in denial about, systemd is the largest example."Historically, the FSF has a very good track record (indeed, the best record) of recognising these threats and responding to them. The point is simply that they too can fail -- the FSF is fallible, human, imperfect. Regarding some of the things they have spent the past 5 years or more in denial about, systemd is the largest example.

Security researchers, professional bloggers and journalists, higher-ups from other Free software organisations such as Dyne.org and users and administrators have all spoken out against systemd, and the FSF has done nothing to help them or give them a real voice. If the FSF has any members paying for the privilege of being ignored and dismissed with the rest of us, we don't know much about them.

The FSF fails as a megaphone for Free software advocates, it does not always listen very well to advocates, but perhaps it should do more of that. As to what response its critics should have made, perhaps a formal petition to the FSF should have started to get them to drop their support of the systemd takeover, similar to the petitions the FSF made regarding DRM and UEFI.

"The FSF fails as a megaphone for Free software advocates, it does not always listen very well to advocates, but perhaps it should do more of that."One of the undeniable failures of those against systemd is that no such petition was ever presented to the FSF -- instead, our actions always fell short of one. (If you think it's not too late, let us know or perhaps go ahead and start one.) In the future we would recommend formal petitions to make the FSF take threats like this more seriously. It's one thing to say "we can't do anything." Saying there is nothing that needs to be done is probably false, and there's no excuse.

We maintain that systemd could be a weapon against Software Freedom. We can't say that on the Debian mailing-list, but we know that one or more companies remain out to do harm to Free software, we know their tactics have never changed with their marketing rhetoric, we know that systemd does things that are strikingly similar to the tactics outlined in corporate documents designed to wage war against Free software. So why wouldn't it be a weapon against software freedom? It looks like, walks, and quacks like a duck. How is it actually different? Oh, the licence?

Even when the same people who talked about the problems systemd would cause, look back on 5 years of cleanup that could have really been better spent improving software rather than salvaging it from wreckage, the FSF remains silent. If it only hurt the FSF then perhaps we could let them live with it, but what about the rest of us? The FSF ignores and denies the problem, ignores what we say, and ignores the damage done to all of us. Thankfully, some of us have worked on alternatives. Unfortunately, there is a threat (or category of threat) similar to systemd that is even bigger:

Redix

Threat type: Broad category

Affects: Free software development, stability and reliability, autonomy, organisational structure

Summary: Disruption of POSIX, EEE of Free software projects, Infiltration of organisations that offer Free software

Recognised by: Free Media Alliance, some critics of Systemd

Also recognised by FSF: No

Mitigation: Avoid / fork / replace / document examples of Redix in software, use Systemd-free distros, assist Hyperbola developers

Examples: Pycon, Systemd


The FSF does not talk much about infiltration of FLOSS organisations by employees of monopolies like Microsoft, even when such monopolies and related lobbing organisations did so much to thwart GPL3, which patched critical vulnerabilities in their primary defensive weapon (the GPL.) Neglecting threats of this nature continues to weaken the FSF's defenses in the 21st century, and the evidence is everywhere. Monopoly forces continue to move farther and farther into our territory. Why is the FSF so quiet?

"Neglecting threats of this nature continues to weaken the FSF's defenses in the 21st century, and the evidence is everywhere."Again, we recommend petitions. They may not be enough, but they are a good place to start. They can even be informal, provided that they are well-documented enough (we don't need to use change.org, for example.) The point is fighting to be heard, something that shouldn't be necessary but clearly is. (We have fought hard for a year, other organisations have fought for years longer, to no avail.)

If the FSF is not a megaphone for its members, we continue to build one that you can use for the purpose. We should build a network of megaphones, so that when Free software is headed for yet another iceberg, the FSF cannot dismiss the noise so easily.

But the larger threat is to POSIX itself. Stallman coined the term, and we insist it is the glue that holds Free software together. Perhaps you can destroy POSIX altogether, and systemd along with zircon (the kernel of Google's Fuchsia operating system) are two projects that may aim to do just that. Microsoft themselves said decades ago:

Systematically attacking UNIX in general helps attack Linux in particular.


In modern terms, there is not a better description of "UNIX in general" than POSIX. At this point, it is far more relevant than UNIX.

Once again, if we move past systemd and look at the threats to POSIX, we do not come up wanting. We can show that POSIX itself is in the crosshairs, we can give this strategy a name: "Redix." We can show that systemd is the Redix flagship, but someday it could be retired, and replaced with a new flagship. We would rather point out the trend, the strategy, than just a single example or implementation.

If the FSF has any contingencies against this, they are silent and are certainly fooling us. Do you have reasons to ignore this threat as well?

"In modern terms, there is not a better description of "UNIX in general" than POSIX. At this point, it is far more relevant than UNIX."Is there something we left out? The Free Media Alliance talks about more details related to this all the time; you can ignore one example, how about five? Ten? How many examples would it take to make this credible in your opinion? As long as Free software is threatened, it the job of those who care to do something, to at least admit the threat exists. Why wouldn't we?

Unfortunately, systemd proponents have spent the past 5 years beating us down and shutting us up. Even as new organisations form, the struggle to be taken seriously continues. The FSF went through that for many years (arguably they still do) and there's no reason we won't have to do the same. But it's a terrible shame, when the same rhetorical tactics used to fight Free software itself, are used by Free software advocates to silence those sounding the alarm.

We recommend the Librethreat database as a primary radar for new threats to Free software, and no one can make you take each threat equally seriously (we don't. Some of it is pure speculation.) It includes threats that even the FSF recognises, but why stop there? The FSF has proven itself unable to respond fully to Tivoisation. GPL3 was an effective licence measure against it, we can't fault that. Only the sale to Torvalds failed, due to lobbyists that may claim to "♥ Linux."

"Are we ready to acknowledge the severity of these threats yet, or will it take another 5 years?"Companies who wish to "Tivoise" can simply get the same GPL2 kernel as before, Tivoise it all they wish, and then -- they can't use newer GPL3 applications, can they? No, like Apple they will simply dump those and use non-GPL applications. Perhaps there are threats bigger than Tivoisation out there. And if there weren't, perhaps the FSF's plan to patch Free software against it would have worked.

Are we ready to acknowledge the severity of these threats yet, or will it take another 5 years?

Let us know.

Licence: Creative Commons CC0 1.0 (Public Domain)

Recent Techrights' Posts

LLMs as Attack Method Against Free Software and Programming
DDoS in "hey hi" (slop) clothing
Google as a 'Bullshit Generator' Disguised as Intelligence
It'll probably cause Google to get sued a lot, both by individuals and companies
As Expected, Google in the UK Now Experiments With Slop Instead of Web Search
At this point more people ought to stop and think: Does Google's search engine deserve trust?
Sabotaging Linux on Behalf of Microsoft With UEFI 'Secure' Boot (De Facto Remote 'Kill Switch'), Then Defaming, Stalking and Harassing Critics of 'Secure' Boot for 12 Years, Then SLAPPing Their Spouses and Them
The sorts of stubborn lunatics we've been dealing with
 
Meeting (Webchat) With Maria Arranz Gomez, Florian Grundies, Jürgen Janda and Konstantinos Kortsaris Confronts EPO Management About Breaking Promises and Crushing Workers
The lack of consistent messages suggests plans other than what's advertised and the lack of consultation (secrecy) likewise
Links 01/08/2025: "The Great British Firewall" and U.S. Army Sponsors Palantir
Links for the day
For Second Day in a Row, Top Story in The Register MS is "Microsoft Says"
The editor in chief exercises control over everybody else
Stability and Reliability, Backward Compatibility
I don't fancy relying on social control media as "sources"
What "the News" Looks Like in 2025
The "says" (or "sez") phenomenon
History Will Be Distorted, Sometimes Intentionally, Under the Guise of Intelligence (Manipulated/Curated Slop)
Militarised misinformation or military-grade chaff is a national security threat, even domestically
Financial Engineering Companies: A Company Worth 4 Trillion Dollars Would Not Borrow 100+ Billion Dollars at Interest Rates Like Today's
Many headlines perpetuate the lie Microsoft had just 2 waves of layoffs
Microsoft is Googlebombing "Linux" While Paying Former News Sites to Publish SPAM
How much lower will IDG sink?
The Data You Don't Give Away is Your Advantage
stop sharing data that does not need to be shared
Being Obedient or Doing the Right Thing
The world always changes for the better because of people who think "Outside the Box", not the cogs
Gemini Links 01/08/2025: Happy Hacking Keyboards and New Gemini Arrivals
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 31, 2025
IRC logs for Thursday, July 31, 2025
Moving on in Techrights, Geeks Gonna Geek
In the coming weeks we plan to focus (as we explained last week) on patents, GNU/Linux issues, and the occasional philosophical essays
Slopwatch: Google News Has Lost the Plot
Almost the majority of articles returned for "Linux" are fakes
Links 31/07/2025: Australia Restricts YouTube Access, Personal Privacy at Risk
Links for the day
Links 31/07/2025: Spotify Collapses and Spotify Now Forcing Some Users to Undergo Face-Scanning
Links for the day
A Lot of Supposedly "Successful" Businesses Are Just Debt-Racking Vessels Without Any Prospects of Financial Sustainability
The probability of bankruptcy of any business is more than 0%
theregister.com: The Voice of Microsoft US?
It basically sold out
Yes, You Can Love and Adore Things Whilst Also Criticising Them
Is society being divided and groomed/primed to be resistant to constructive criticism?
Links 31/07/2025: War in Ukraine, Security News, and Cyberattacks Against Journalists on the Rise
Links for the day
Gemini Links 31/07/2025: Fake Money and Gemini Diaries
Links for the day
An Illusion and Cult Worship of Magnitude (Ubiquity as "Victory")
GNU has been around for over 40 years and it'll likely continue to exist for another 40 (in some form)
Google: From Pointing to Relevant Sites to Pointing to Social Control Media to Actually Parroting Social Control Media as "Facts"
Google has become a misinformation company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 30, 2025
IRC logs for Wednesday, July 30, 2025
How to Report Apple Layoffs Without Saying the "L" Word
don't look for the "L" word
Wall Street Does Not Care About Microsoft's Impending (August) Layoffs, It Believes Lies From Microsoft, Whose Debt Grows Rapidly
If Microsoft is doing so well and swimming in money, why so many cuts (about 29,000 layoffs so far this year)?
Wayland Considered Harmful (to GNU/Linux Adoption)
it's not limited to games
My Experience With Judges Has been Positive, But We Must Still Pursue SLAPP Reform in the United Kingdom
We believe it'll be a "feather in the cap" if we can help change laws in the UK to better protect investigative reporters
Slopwatch Makes the Web Better
Remember what happened to BetaNews?
Slopwatch: Google News is Pumping in Lots of Web Traffic Into Fake Sites That Say "Linux"
somewhere between 30% and 40% of today's "news" about "Linux", as seen by Google News, is LLM slop
Links 30/07/2025: Climate Calamities Highlighted, Kyrgyzstan Crackdown on Expression/Freedoms
Links for the day
Gemini Links 30/07/2025: Watson’s List of Limits, Lysenko 2000
Links for the day
Riot for peace & Love: Catholic Influencers and Digital Missionaries welcome Jubilee of Youth
Reprinted with permission from Daniel Pocock
Some People See What Others See... But Only 40 Years Later
When people deviate from "the norm" they typically get ridiculed and dismissed as "crazy"
Links 30/07/2025: Tea Class Action and Google Killing the Web With Slop
Links for the day
Last Month Our IRC Community Turned 17
Funnily enough we never missed a single day when it comes to logging
"The Unix Kernel"
Linux was inspired by MINIX
The Register Relays Microsoft Marketing, Dubs That Marketing "Research"
Hours ago they did a "Microsoft sez" piece
Dealing With Sociopaths, Liars, and Cranks
A dysfunctional society such as this would never develop
Not Owning Mobile Phones
It's not about resistance; it's common sense
Google 'Search' is Fast Becoming No Better Than Social Control Media Infested With Bots
Google emerged almost 30 years ago as a company looking to organise the Web and direct people towards informative pages. That Google is dead.
PCLinuxOS Had Functional Backups Before the House Fire, the Site Will be Restored in New Webhost
This is the direction we want for GNU/Linux, not some IBM sales strategy
Gemini Links 30/07/2025: Two Sides of Me and "Hooked on Cosmic Voyage"
Links for the day
Microsoft Will Continue Resorting to Crimes in Order to Keep GNU/Linux Usage Down
It is a real problem and we'll revisit it later this week
GAFAM 'Revolving Doors' at The Register and a "Bribe Price List"
"an analyst at Microsoft"
Microsoft Rapidly Shrinking (No, It's Not About Efficiency, It's About Unbearable Debt)
We'll soon see how much debt grew in the past quarter
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 29, 2025
IRC logs for Tuesday, July 29, 2025
Corruption is the Standard Operating Procedure at the European Patent Office (EPO)
The EPO is a dictatorship that stains Europe
Local Staff Committee Munich (LSCMN) at the European Patent Office (EPO) Requests an Urgent Meeting to Avoid Abolishing the Office
This is dictatorship led by the most corrupt
Slopwatch: Fake 'Linux' 'Articles' and Spamfarms/Slopfarms
at least 5 fake articles in one day