08.20.19

Gemini version available ♊︎

Guarding and Rescuing the FSF Titanic: There is More Than One Iceberg Ahead

Posted in Free/Libre Software, FSF, GNU/Linux, GPL, IBM, Microsoft, Red Hat at 10:49 pm by Dr. Roy Schestowitz

A publication from the Free Media Alliance

Overview

Iceberg

Summary: “This strategy is not far from when Microsoft talked about “de-commoditizing protocols” in the late 90s, as part of their plans to control, dominate, and end Open Source and Free software.”

THE Free Software Foundation knows that a licence can have vulnerabilities, just like computer code. Tivo found such a vulnerability in GPL2, created an exploit, and the FSF patched it in GPLv3.

If a licence can have vulnerabilities, then any argument that relies on “it’s Free software, so…” is an oversimplification. Software is free because it gives you the four freedoms in the Free Software Definition, the definition is implemented via the GPL and similar licences, and a vulnerability works around (despite) that implementation. It may even work around the definition itself.

“Tivo found such a vulnerability in GPL2, created an exploit, and the FSF patched it in GPLv3.”The most tiring hubris from the FSF is that Free software is by nature, immune to the sort of attacks that Microsoft outlined years ago in the Halloween Documents. It is not immune, it is resistant. The Four Freedoms create substantial resistance to lock-in, bloat, bad security, and monopoly.

It shouldn’t take half a decade to explain to the FSF why a great strategy for reducing Software Freedom is to take a bunch of projects that are well-designed, stable, reliable and vital to Free software — glue them together into a single project from a single maintainer, and then make it more work to separate them again.

“It shouldn’t take half a decade to explain to the FSF why a great strategy for reducing Software Freedom is to take a bunch of projects that are well-designed, stable, reliable and vital to Free software — glue them together into a single project from a single maintainer, and then make it more work to separate them again.”This strategy is not far from when Microsoft talked about “de-commoditizing protocols” in the late 90s, as part of their plans to control, dominate, and end Open Source and Free software. When faced with this prospect and threat, the FSF and its fans tend to compartmentalise. To oversimplify, at great risk of a straw man:

Things are good or they’re bad,

Free software is good,

So everything under a Free software licence is good.

Of course the FSF knows better than that, they aren’t stupid. But when presented with arguments why systemd (as the primary example) are designed to reduce freedom and have reduced freedom, the FSF falls back on defensive apathy and indifference:

Using indifference towards a better viewpoint is a normal and common example of this. It can be caused by someone having used multiple compartment ideals and having been uncomfortable with modifying them, at risk of being found incorrect. This often causes double-standards, and bias.

Although it is not the inspiration for the title, given that the overarching metaphor chosen is the Titanic, it is hard not to compare the indifference and denial towards this threat to the insistence that the Titanic did not need lifeboats.

“Choice and freedom are certainly not the same thing — freedom is broader than choice, and while freedom seems to imply choice exists, choice can exist (as it does in most any proprietary software) without something that even resembles freedom.”Do we need to preserve choice for Free software? The FSF has always suggested otherwise, even if this seems (and ought to seem) very backwards from a perspective of freedom.

Choice and freedom are certainly not the same thing — freedom is broader than choice, and while freedom seems to imply choice exists, choice can exist (as it does in most any proprietary software) without something that even resembles freedom. Preserving choice — the modularity that made UNIX so easy to rebuild with Free software — is not and never was a priority for the FSF.

Trying to find a quote about Stallman saying that other desktops are fine, but not needed because the FSF already has GNOME, may turn this old quote instead:

Since we already have GTK support, there’s no reason we could not have equivalent Qt support, if it someone wants to maintain it.

However, GNOME is the main GNU desktop, and GNU packages are supposed to support each other. It would not be right for Emacs to have more support for KDE than for GNOME.

Giving priority to a GNU project makes plenty of sense for GNU, but this is just one more quote that suggests that the FSF has never considered choice to be important. This comes up again in a conversation with Alexandre Oliva of FSF-LA, who goes so far as to imply that preserving choice might go beyond the FSF’s mission and that perhaps another organisation could tackle something like that.

Is that really what it would take? Granted, that’s very nearly the premise of this writing — but can the FSF really not do anything in this regard? It seems bizarre, but either way we will attempt to help people understand why choice is vital to Software Freedom.

“Without the preservation of choice, both GNU and the FSF itself have a single point of failure.”We live in a society where monopolies are considered “too big to fail,” and the Titanic was also considered too big to fail — we also communicate with a global network, the concept of which was presented to then-monopoly AT&T as an alternative to their vulnerable, overly top-down system with a single point of failure.

Without the preservation of choice, both GNU and the FSF itself have a single point of failure. “Choice” does not mean, just to state the obvious, that “all combinations of anything are possible.” It means that freedom has redundancy (and better caters to diversity), and that things must fail multiple times on several levels before the failure is catastrophic.

Although the “lifeboats” metaphor is primarily intended to refer to a safe escape if the Free Software Foundation itself fails, (the global chapters do not really operate in practice like redundant or autonomous nodes, they are more like foreign bases of operation coordinated by a primary node and will likely fail if the main office does) if a large project like GNOME is no longer suitable, additional desktop environments (preferably smaller ones that are simpler and less likely to fail) could also act as lifeboats.

If this concept is too foreign (it shouldn’t be) for the FSF to acknowledge the obvious importance of, they can certainly recognise that users strongly feel a need to have alternatives for just this reason. The denial and rhetoric from Free software supporters (with some very notable exceptions) on this matter is pathological, but relentless.

The FSF has made its decision on the matter, and the 5 years of development time stolen, along with the power consolidation of too many projects by a single commercial monopoly — which was recently purchased by an even larger commercial monopoly — and is hosted on servers owned and controlled by their largest sworn enemy (of freedom itself) you might really ask yourself what the hell they’re thinking. We have an answer: they’re not, denial is something different.

So the FSF doesn’t need lifeboats, yadda yadda yadda. We’ve heard that one before. Even if the FSF doesn’t need them, We as “passengers” on this thing do, so we will provide them if we want to stay afloat. And as long as we are engineering safety where the FSF courts disaster for their mission, we might as well try to provide their safety along with our own. They may ignore our warnings, but we still care deeply about what they’re doing.

“The FSF has made its decision on the matter, and the 5 years of development time stolen, along with the power consolidation of too many projects by a single commercial monopoly — which was recently purchased by an even larger commercial monopoly — and is hosted on servers owned and controlled by their largest sworn enemy (of freedom itself) you might really ask yourself what the hell they’re thinking.”Lifeboats for us then, and lifeboats for them. And like the resistance of a licence to a monopoly dedicated to Free software’s destruction, this metaphor can only go so far, so to construct “lifeboats” it is really necessary to talk about what will “sink” without them — namely the threats and possible disasters that Free software may encounter or have already encountered, now, recently, and in the near future.

If we understand and don’t deny the threats, it should (with luck) help us work on ways to address them. With a visit to the Librethreat database.

We find a “malware-threat-like database of threats to libre software”. The first threat is “Tivoisation” and the field “Also recognised by FSF:” is filled out with “Yes“. The summary is: “GPL2 not strong enough to prevent DRM/TPM from allowing device owners to change operating system in devices” and the mitigation is: “Migrate to GPL3.”

Interestingly enough, that migration to GPL3 was supposed to include the Linux kernel. What went wrong there was a multipronged attack to a singleprong (licence-based) solution. The GPL3 is a good licence — in many ways it is a clear upgrade. But the attack was followed up by lobbying from the Association for Competitive Technology (covered in a story by Infoworld in 2007) which according to Techrights in 2019,
worked to get Linus Torvalds against it and prevent its adoption for Linux development.

GPL2: [ fail ]

GPL3: [ ok ]

ACT Lobbying: [ fail ] WARNING: This will cause Linux to remain GPL2

Both licences and organisations can fail to protect Free software from interference from monopolies like Microsoft. Just implying that Free software is immune to their tactics “because it’s Free software” is a falsehood and a way of pooh-poohing a threat.

“Regarding some of the things they have spent the past 5 years or more in denial about, systemd is the largest example.”Historically, the FSF has a very good track record (indeed, the best record) of recognising these threats and responding to them. The point is simply that they too can fail — the FSF is fallible, human, imperfect. Regarding some of the things they have spent the past 5 years or more in denial about, systemd is the largest example.

Security researchers, professional bloggers and journalists, higher-ups from other Free software organisations such as Dyne.org and users and administrators have all spoken out against systemd, and the FSF has done nothing to help them or give them a real voice. If the FSF has any members paying for the privilege of being ignored and dismissed with the rest of us, we don’t know much about them.

The FSF fails as a megaphone for Free software advocates, it does not always listen very well to advocates, but perhaps it should do more of that. As to what response its critics should have made, perhaps a formal petition to the FSF should have started to get them to drop their support of the systemd takeover, similar to the petitions the FSF made regarding DRM and UEFI.

“The FSF fails as a megaphone for Free software advocates, it does not always listen very well to advocates, but perhaps it should do more of that.”One of the undeniable failures of those against systemd is that no such petition was ever presented to the FSF — instead, our actions always fell short of one. (If you think it’s not too late, let us know or perhaps go ahead and start one.) In the future we would recommend formal petitions to make the FSF take threats like this more seriously. It’s one thing to say “we can’t do anything.” Saying there is nothing that needs to be done is probably false, and there’s no excuse.

We maintain that systemd could be a weapon against Software Freedom. We can’t say that on the Debian mailing-list, but we know that one or more companies remain out to do harm to Free software, we know their tactics have never changed with their marketing rhetoric, we know that systemd does things that are strikingly similar to the tactics outlined in corporate documents designed to wage war against Free software. So why wouldn’t it be a weapon against software freedom? It looks like, walks, and quacks like a duck. How is it actually different? Oh, the licence?

Even when the same people who talked about the problems systemd would cause, look back on 5 years of cleanup that could have really been better spent improving software rather than salvaging it from wreckage, the FSF remains silent. If it only hurt the FSF then perhaps we could let them live with it, but what about the rest of us? The FSF ignores and denies the problem, ignores what we say, and ignores the damage done to all of us. Thankfully, some of us have worked on alternatives. Unfortunately, there is a threat (or category of threat) similar to systemd that is even bigger:

Redix

Threat type: Broad category

Affects: Free software development, stability and reliability, autonomy, organisational structure

Summary: Disruption of POSIX, EEE of Free software projects, Infiltration of organisations that offer Free software

Recognised by: Free Media Alliance, some critics of Systemd

Also recognised by FSF: No

Mitigation: Avoid / fork / replace / document examples of Redix in software, use Systemd-free distros, assist Hyperbola developers

Examples: Pycon, Systemd

The FSF does not talk much about infiltration of FLOSS organisations by employees of monopolies like Microsoft, even when such monopolies and related lobbing organisations did so much to thwart GPL3, which patched critical vulnerabilities in their primary defensive weapon (the GPL.) Neglecting threats of this nature continues to weaken the FSF’s defenses in the 21st century, and the evidence is everywhere. Monopoly forces continue to move farther and farther into our territory. Why is the FSF so quiet?

“Neglecting threats of this nature continues to weaken the FSF’s defenses in the 21st century, and the evidence is everywhere.”Again, we recommend petitions. They may not be enough, but they are a good place to start. They can even be informal, provided that they are well-documented enough (we don’t need to use change.org, for example.) The point is fighting to be heard, something that shouldn’t be necessary but clearly is. (We have fought hard for a year, other organisations have fought for years longer, to no avail.)

If the FSF is not a megaphone for its members, we continue to build one that you can use for the purpose. We should build a network of megaphones, so that when Free software is headed for yet another iceberg, the FSF cannot dismiss the noise so easily.

But the larger threat is to POSIX itself. Stallman coined the term, and we insist it is the glue that holds Free software together. Perhaps you can destroy POSIX altogether, and systemd along with zircon (the kernel of Google’s Fuchsia operating system) are two projects that may aim to do just that. Microsoft themselves said decades ago:

Systematically attacking UNIX in general helps attack Linux in particular.

In modern terms, there is not a better description of “UNIX in general” than POSIX. At this point, it is far more relevant than UNIX.

Once again, if we move past systemd and look at the threats to POSIX, we do not come up wanting. We can show that POSIX itself is in the crosshairs, we can give this strategy a name: “Redix.” We can show that systemd is the Redix flagship, but someday it could be retired, and replaced with a new flagship. We would rather point out the trend, the strategy, than just a single example or implementation.

If the FSF has any contingencies against this, they are silent and are certainly fooling us. Do you have reasons to ignore this threat as well?

“In modern terms, there is not a better description of “UNIX in general” than POSIX. At this point, it is far more relevant than UNIX.”Is there something we left out? The Free Media Alliance talks about more details related to this all the time; you can ignore one example, how about five? Ten? How many examples would it take to make this credible in your opinion? As long as Free software is threatened, it the job of those who care to do something, to at least admit the threat exists. Why wouldn’t we?

Unfortunately, systemd proponents have spent the past 5 years beating us down and shutting us up. Even as new organisations form, the struggle to be taken seriously continues. The FSF went through that for many years (arguably they still do) and there’s no reason we won’t have to do the same. But it’s a terrible shame, when the same rhetorical tactics used to fight Free software itself, are used by Free software advocates to silence those sounding the alarm.

We recommend the Librethreat database as a primary radar for new threats to Free software, and no one can make you take each threat equally seriously (we don’t. Some of it is pure speculation.) It includes threats that even the FSF recognises, but why stop there? The FSF has proven itself unable to respond fully to Tivoisation. GPL3 was an effective licence measure against it, we can’t fault that. Only the sale to Torvalds failed, due to lobbyists that may claim to “♥ Linux.”

“Are we ready to acknowledge the severity of these threats yet, or will it take another 5 years?”Companies who wish to “Tivoise” can simply get the same GPL2 kernel as before, Tivoise it all they wish, and then — they can’t use newer GPL3 applications, can they? No, like Apple they will simply dump those and use non-GPL applications. Perhaps there are threats bigger than Tivoisation out there. And if there weren’t, perhaps the FSF’s plan to patch Free software against it would have worked.

Are we ready to acknowledge the severity of these threats yet, or will it take another 5 years?

Let us know.

Licence: Creative Commons CC0 1.0 (Public Domain)

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Gemini Gone Mainstream: German Media Now in Geminispace

    With the likes of TAZ embracing Geminispace/Gemini Protocol we seem to have reached some sort of inflection point; taz.de did in fact add official presence to Geminispace



  2. Links 28/1/2022: LSFMM 2022 and 2021 UI Study Results From Elementary's Distro

    Links for the day



  3. IRC Proceedings: Thursday, January 27, 2022

    IRC logs for Thursday, January 27, 2022



  4. Links 28/1/2022: GNU Poke 2.0 and OPNsense 22.1 Released

    Links for the day



  5. Links 27/1/2022: Archinstall 2.3.1 and Nix 2.6.0

    Links for the day



  6. On the Internet, Trust Should Not Become Centralised

    “Trust” is a word that lost its meaning in the era of “TPM” and fancier names for 'Palladium'; we need to reject this idea that computers need to check with Microsoft if the operating system is trusted (not just Windows!), check with Gulag/Chrome if a Web site is trusted, and whether it's OK to run some application/s on one's own computer (as if Jim Zemlin et al get to decide what is trusted)



  7. Microsoft-Connected Publishers Suffer and Perish With Microsoft (While Peddling 'Fake News' for Their Beloved Sponsor)

    IDG and other fake news outlets/networks/sites (selling to companies flattering articles about themselves or renting out 'news space' to them, not just ad space) want us to think Microsoft is doing very well, but it's just that same old Ponzi scheme



  8. Links 27/1/2022: Mabox Linux 21.11 Herbolth and PipeWire 0.3.44

    Links for the day



  9. IRC Proceedings: Wednesday, January 26, 2022

    IRC logs for Wednesday, January 26, 2022



  10. [Meme] EPO: Pursuing an Eastern and Western District of Europe (for Patent Trolls and Software Patents)

    With the EPO so flagrantly lying and paying for misinformation maybe we should expect Benoît Battistelli and António Campinos to have delusions of grandeur… such as presiding over the Eastern and Western District of Europe, just like Mr. Gilstrap and Mr. Albright (political appointment by Donald Trump, ushering in “the swamp”)



  11. Gemini at 2,000: 86% of Capsules Use Self-Signed Certificate, Just Like the Techrights Web Site (WWW)

    As shown in the charts above (updated an hour ago), the relative share of ‘Linux’ Foundation (LE/LF; same thing, same office) in the capsules’ certificates has decreased over time; more and more (in terms of proportion) capsules choose to sign their own certificate/s; the concept of ‘fake security’ (centralisation and consolidation) should be rejected universally because it leaves nobody safe except plutocrats



  12. [Meme] UPC: Many Lies as Headlines, Almost Exclusively in Publishers Sponsored by EPO and Team UPC to Produce Fake News (Lobbying Through Misinformation)

    Lest we forget that EPO dictators, like Pinky and the Brainless Benoît Battistelli and António Campinos, have long littered the EPO's official Web site as well as publishers not directly connected to the EPO (but funded by it) with disinformation about the UPC



  13. EPO as the 'Ministry of Truth' of Team UPC and Special Interests

    The 'Ministry of Truth' of the patent world is turning the EPO's Web site into a propaganda mill, a misinformation farm, and a laughing stock with stock photography



  14. Microsoft 'Delighted' by Windows 11 (Vista 11) Usage, Which is Only 1% Three Months After Official Launch and Six Months After Release Online

    Microsoft boosters such as Bogdan Popa and Mark Hachman work overtime on distraction from the failure Vista 11 has been (the share of Windows continues to fall relative to other platforms)



  15. Links 27/1/2022: Preinstalled GNU/Linux (Ubuntu) and Arch Linux-Powered Steam Deck 30 Days Away

    Links for the day



  16. Don't Fall for Microsoft's Spin That Says Everything is Not Secure and Cannot be Secured

    Microsoft keeps promoting the utterly false concept that everything is not secure and there's nothing that can be done about it (hence, might as well stay with Windows, whose insecurity is even intentional)



  17. At Long Last: 2,000 Known Gemini Capsules!

    The corporate media, looking to appease its major sponsors (such as Web/advertising giants), won't tell you that Gemini Protocol is rising very rapidly; its userbase and the tools available for users are rapidly improving while more and more groups, institutions and individuals set up their own capsule (equivalent of a Web site)



  18. Links 26/1/2022: Gamebuntu 1.0, PiGear Nano, and Much More

    Links for the day



  19. IRC Proceedings: Tuesday, January 25, 2022

    IRC logs for Tuesday, January 25, 2022



  20. Links 26/1/2022: No ARM for Nvidia, End of EasyArch, and WordPress 5.9 is Out

    Links for the day



  21. Why the Unified Patent Court (UPC) is Still Just a Fantasy and the UPC's Fake News Mill Merely Discredits the Whole Patent 'Profession'

    Patents and science used to be connected; but now that the patent litigation 'sector' is hijacking patent offices (and even courts in places like Texas) it's trying to shove a Unified Patent Court (UPC) down the EU's throat under the disingenuous cover of "community" or "unity"



  22. Links 25/1/2022: Vulkan 1.3 Released, Kiwi TCMS 11.0, and antiX 19.5

    Links for the day



  23. Gemini Milestones and Growth (Almost 2,000 Known Gemini Servers Now, 39,000 Pages in Ours)

    The diaspora to Gemini Protocol or the transition to alternative 'webs' is underway; a linearly growing curve suggests that inertia/momentum is still there and we reap the benefits of early adoption of Gemini



  24. [Meme] Get Ready for Unified Patent Court (UPC) to be Taken to Court

    The Unified Patent Court (UPC) and Unitary Patent system that’s crafted to empower EPO thugs isn’t legal and isn’t constitutional either; even a thousand fake news 'articles' (deliberate misinformation or disinformation) cannot change the simple facts because CJEU isn’t “trial by media”



  25. The EPO Needs High-Calibre Examiners, Not Politicians Who Pretend to Understand Patents and Science

    Examiners are meant to obstruct fake patents or reject meritless patent applications; why is it that working conditions deteriorate for those who are intellectually equipped to do the job?



  26. Free Software is Greener

    Software Freedom is the only way to properly tackle environmental perils through reuse and recycling; the mainstream media never talks about it because it wants people to "consume" more and more products



  27. Links 25/1/2022: Git 2.35 and New openSUSE Hardware

    Links for the day



  28. IRC Proceedings: Monday, January 24, 2022

    IRC logs for Monday, January 24, 2022



  29. Links 25/1/2022: GPL Settlement With Patrick McHardy, Godot 4.0 Alpha 1, and DXVK 1.9.4 Released

    Links for the day



  30. Proprietary Software is Pollution

    "My daughter asked me about why are we throwing away some bits of technology," Dr. Andy Farnell says. "This is my attempt to put into words for "ordinary" people what I tried to explain to a 6 year old."


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts