Summary: Ubuntu’s founder, who calls critical Ubuntu users “trolls”, closes down some of the development process and suppresses voices which helped defend Ubuntu from bad policy like Mono inclusion by default
Techrights’ iophk has noticed that “there are still people trying to infect mono into Gnome and everything else,” to use his own words. Here is the evidence, which reminds of events from half a decade ago. We also learn about Mono infections in KeePass. To quote this one person, “I’ve been using KeePass as my password manager for some time now. It works on Windows and the Android, but on OS X it runs under Mono” (negative mention).
Not too long ago Canonical removed Mono under pressure from users of Ubuntu. The company is now closing down development, right after getting flak for not respecting privacy (by default) and many criticise the move. Mark Shutteworth is in ‘damage control’ mode right about now (see our Daily Links). Without public scrutiny or at better actual involvement Ubuntu might become more users’ rights-hostile. It is thanks to community involvement that antifeatures are kept out. This includes Mono. Watch Jan from Fedora as he spots the latest spin:
Reality Distortion, much? The future of .NET is Open Source! Whowuddathunk! http://haacked.com/archive/2012/10/21/monkeyspace-dotnet-oss.aspx
Microsoft drone Miguel de Icaza has been indirectly behind it:
MonkeySpace is a rebranded and refocused Monospace conference. While MonoSpace dealt mostly with Mono, the goal of Monkeyspace is to put the spotlight on .NET open source everywhere, not just on Mono. Obviously Mono is a big part of that. But so is Microsoft. But most of all, the many small “labor of love” projects from those in the .NET OSS community are a big part of this.
Canonical used to defend its Mono policy by saying it was Open Source, even though de Icaza admits an Open Core business model. █
Send this to a friend
Source: “Mono, the Trojan” (reused with permission)
Summary: Canonical decides to keep GRUB and stand up closer to the FSF
anonical had a bout of arrogance recently. Its founder Mark Shuttleworth labelled people who disagree on a technical and ethical matter “trolls”. This is not a new tactic from Ubuntu’s corporate backer; Mono and UEFI — not just Amazon — led to it. The so-called ‘peanut gallery’ just happens to be people capable of thought and not an Apple-esque herd mentality. So when we criticised Ubuntu’s approach to UEFI we were just not blindly accepting what Ubuntu eventually came to reject because “Ubuntu to Use Signed GRUB2 Bootloader for Secure Boot”, says the Ubuntu herd (OMGUbuntu folks).
Here are some related reports:
Microsoft’s “Secure Boot” plans for Windows 8 have already caused no end of controversy in the Linux community, and certainly one of the more divisive announcements in recent months was Canonical’s decision to drop the GRUB 2 bootloader as part of its solution for Ubuntu Linux.
Going back to Ubuntu 9.10, GRUB2 was used as the default boot-loader, albeit a pre-release of the long-awaited GRUB update. In late June of this year, GRUB 2.00 was officially released after many years in development. Meanwhile, in the Ubuntu 12.10 “Quantal” repository up to now is GRUB2 v1.99-22ubuntu2 — one of the earlier development snapshots.
UEFI is being tackled in multiple ways now, depending on who takes action. Red Hat’s staff sites mention this too. MJG speaks of bootkits and concludes: “So this isn’t really a story about a surprising vulnerability. It’s a story about someone taking the logical step of implementing a bootkit on top of UEFI, which is what everyone should have been expecting all along. Computers that are configured to run arbitrary code will run arbitrary code, and if that arbitrary code happens to modify your kernel so your credit card details are automatically posted to pastebin, well, that’s a plausible outcome.”
Vista 8 already causes issues for GNU/Linux users. Here is a new example: “Yesterday, Megatotoro and I helped a colleague who wanted to dual boot her recently bought desktop PC. She wanted us to install Mageia 2 and we were confident because it is a process that we have done several times already.
“However, when we hit the key to get into the BIOS… Surprise! We were greeted by UEFI instead.”
UEFI further complicated dual-booting, yet nobody filed an antitrust complaint. Steven J. Vaughan-Nichols writes to explain the role the FSF is playing: “Windows 8 PCs will come with Microsoft’s UEFI (Unified Extensible Firmware Interface) Secure Boot. This “feature” will make it much harder to boot Linux or other operating systems. Canonical, Ubuntu Linux’s parent company, is going to take a new approach to address this problem.
“Canonical and the FSF have talked their disagreement out and, continues Melamut, “the FSF has stated clearly that Grub 2 with Secure Boot does not pose a risk of key disclosure in such circumstances. We have also confirmed that view with our OEM partners, and have introduced variations to the Ubuntu Certification program and QA scripts for pre-installs to ensure that security and user choice are maintained on Ubuntu machines. Therefore, we have decided that Grub 2 is the best choice for a bootloader, and will use only Grub m,2 in Ubuntu 12.10 and 12.04.2 by default.”
“In a statement, John Sullivan, Executive Director of the FSF, added, “We are pleased with Canonical’s decision to stick with Grub 2. We know that the challenges raised when trying to support true user security without harming user freedom—Secure Boot vs. Restricted Boot—are new for everyone distributing free software. This is the situation for which GPLv3 was written, and after helpful conversations with Canonical, we are confident the license does its job well, ensuring users can modify their systems without putting distributors in untenable positions.””
Debian followed the FSF’s footsteps right from the start. Canonical needed some pressure. It’s not “trolling” against Canonical. The FSF believes that UEFI should be illegal. █
Send this to a friend
Summary: Analysis of two popular and closely related distributions of GNU and Linux
DEBIAN made headlines for several reasons lately. We covered these in our daily links and didn’t make a big fuss over any of that. It’s just not our point of focus, e.g. Xfce in Debian.
One of our contributors, one who uses a great deal of Debian in the front and back end (as do I), noticed a change in the Debian branding. “Scroll down to ‘Index of Releases’” he writes, “and notice that GNU/Linux is now gone [from] http://www.debian.org/releases/”
So they also support BSD, but that is not entirely new. Our contributor explains that “that’s why there’s no Linux mentioned, but aren’t the FreeBSD and Hurd kernels using the GNU userspace?
“Debian is currently working with the FSF to get the FSF’s endorsement.”“I took a quick look and put Debian Linux and FreeBSD  6.0 onto a pair of VMs and then ran a script  to look for mention of GNU in the manual pages. Both versions were installed with only the standard system utilities and nothing else. Hurd is not available for Debian 6.
“Debian GNU/Linux 6.0 had 347 out of 674 manual pages (51%) mention GNU.
“Debian GNU/FreeBSD 6.0 had 292 out of 535 (54%) mention GNU.
“Ubuntu Server 12.04 had 492 out of 1032 (48%) mention GNU.
“Computing,” he explains, “like society at large, risks heading into a post-freedom era. The GNU base is something that Debian could be advertising both from a technical perspective and a freedom perspective.”
We recently saw that in action when Debian sidled with the FSF on UEFI.
“The amount of GNU GPL tools,” he adds, ” is actually higher since some are under the license but do not mention it or GNU in the manual page. One example is flock which is under the GPL  but the man page says nothing.
“I’m not sure how to count whether they tools are part of the actual GNU project without a manual count, which it not interesting due to the effort needed.
Later he added: “Turns out that flock is not GPL even though the parent directory implies so. It has its own license. hwclock is a better example because it actually is GPL, though the manual page does not mention it.
One other contributor writes: “Now that they also distribute gnu/hurd and gnu/kfreebsd, gnu/knetbsd, it might make sense for them to drop the Linux moniker. Perhaps they they should call it, "Debian GNU OS and free software distribution" or just "Debian GNU and free software distribution" because the common, binding software is GNU.”
The Debian brand is generally quite strong and it represents freedom to a certain degree. Debian is currently working with the FSF to get the FSF’s endorsement. It’s an easy distribution to provide endorsement to and in due time the FSF too might give it some blessings. █
for j in $(for i in $(echo $PATH | tr ":" "\n" );do ls $i;done);do
echo $j;done|wc -l
for j in $(for i in $(echo $PATH | tr ":" "\n" );do ls $i;done);do
(man -R ascii $j|grep -il gnu && echo OK || echo NO);done 2>/dev/null
| grep OK | wc -l
Send this to a friend
Summary: Canonical calls Skype a “favourite app” and adds it to the Ubuntu software center
THE FRONT PAGE of
ubuntu.com is still offering an endorsement for Skype, despite all the controversy and recent onfirmation that Skype is a spy. Canonical even puts it in the software center as though it is Free software, according to this new report. First there was the UEFI scandal and now this?
The Washington Post confirmed that Skype is spying, so it is no longer an unknown as some publications put it. To quote:
Over the past few weeks, the technical blogosphere, and most recently, the mainstread media have tried to answer the question: What kind of assistance can Skype provide to law enforcement agencies?
Most of the stories have been filled with speculation, sometimes informed, but mostly not. In an attempt to paint as clear a picture as possible, I want to explain what we do and don’t know about Skype and surveillance.
However, a quick Google search for “Skype law enforcement handbook” quickly turns up an official looking document on the whistleblower website cryptome.org, dated October 2007, which makes it clear that Skype has long been providing the assistance that the Post claims is new.
From Skype’s 2007 law enforcement handbook:
In response to a subpoena or other court order, Skype will provide:
• Registration information provided at time of account registration
• E-mail address
• IP address at the time of registration
• Financial transactions conducted with Skype in the past year, although details of the credit cards used are stored only by the billing provider used (for instance, Bibit, RBS or PayPal)
• Destination telephone numbers for any calls placed to the public switched telephone network (PSTN)
• All service and account information, including any billing address(es) provided, IP address (at each transaction), and complete transactional information
Knowing that Skype is spyware, will Canonical remove it from the software center and its main homepage? Those who really want it installed will find a way; it’s opportunistic for Canonical to use proprietary software to lure in users. This is becoming a bit of a farce and a PR disaster for Ubuntu. █
Send this to a friend
Summary: How and why Microsoft has turned to increased disruption of the competition rather than any technical merit
MICROSOFT recently announced a loss [1, 2, 3], even though there was spin from Microsoft (trying to claim record profit while in fact reporting a loss). Katherine Noyes calls it “Microsoft’s bad quarter” as though it’s the exception; in reality, after pressure from the SEC [1, 2] Microsoft was probably just forced to tell the public some truth, not hiding the sources of losses. Noyes quotes a lawyer: ‘”A near monopoly is like a dictator,” said Roberto Lim, a lawyer and blogger on Mobile Raptor. “Even a benign dictator runs the risk of failing to respond to the needs of the people, and how many people would called Microsoft benign? “What Microsoft forgot is that sooner or later, the masses do rebel.”‘ Just like in most empires, Microsoft relies on occupied countries mobilising their own people for the benefit of the dictator (e.g. the Germans using the Poles for production, the British using India for spice, Rome using warriors/police abroad). Right now we see Microsoft doing this inside the Linux and FOSS world, fracturing it.
Microsoft recently resorted to anti-competitive methods (e.g. UEFI), motivating this reminder that merely because Canonical and Red Hat found some way to play with Microsoft (just as Novell had done in 2006) doesn’t mean we’re safe:
“First they came for Gentoo.
And I did not speak up because I don’t use Gentoo.
Then they came for Arch Linux
and I said nothing because I don’t use Arch Linux.
And on it goes. Divisive and exclusionary arrangements for UEFI are not solutions, they are impediments. The point is, Microsoft is trying a divide-and-conquer approach and we must resist it. Using the Novell tie Microsoft continues to pollute Linux, the kernel, with proprietary addons and obscenities [1, 2]. Microsoft is rightly shamed for it in news sites and IDG spins it as an apology:
We hate the term “brogrammer,” and so should you. However, a recent gaffe by some Microsoft coder somewhere gives a bit more evidence to the idea that a wee bit of immaturity might be lurking in the company’s coding rank and file.
According to a message posted by Paolo Bonzini to the (unofficial) Linux Kernel Mailing List, a small snippet of code found in Microsoft’s Hyper-V – a virtualization server – was used every time a user loaded Linux within the virtual environment.
The joke? The code itself, written in hexadecimal, was the string, “0xB16B00B5.” Get it? “Big Boobs.”
“At the most basic level it’s just straightforward childish humour, and the use of vaguely-English strings in magic hex constants is hardly uncommon. But it’s also specifically male childish humour. Puerile sniggering at breasts contributes to the continuing impression that software development is a boys club where girls aren’t welcome. It’s especially irritating in this case because Azure may depend on this constant, so changing it will break things,” wrote Linux developer and Red Hat employee Dr. Matthew Garrett in a blog post.
Microsoft was not even original, based on this writeup:
While the prank is certainly very funny, it is not original. 0xB16B00B5 is a common L337 expression, or ‘Hexpression’, in the technical community. It is also noted on Wikipedia‘s wiki entry as a “Notable Magic Number”, required of Linux guests running in Microsoft’s Hyper-V Hypervisor Virtualizer. That said, the discovery of these Big Boobs should not come as a surprise as it has been hiding in plain sight, awaiting public scrutiny since 2011.
For all we know, they did not sack the person who did this. At Microsoft, sexism is fine [1, 2, 3, 4], suggest past stories.
If it wasn’t for Novell, Microsoft would not have had access to Linux source code in the first place. Microsoft wants this whole affair to be marketed as “peace”; to those who are realists, “peace” with a sociopath is merely seen as a trap. █
Send this to a friend
Summary: Ubuntu — unlike Debian — trusts not the FSF and instead plays along with the UEFI plot, gets chastised for it
THE FSF has spoken out against UEFI right from the start (when Microsoft had made it public information); it ran a petition that got signed by over 30,000 people and organisations.
“Restricted boots” is the cartoon above, which came out through competing against other artists. It is something that Debian really seems to ‘get’ because it signed the FSF’s petition and its leader is working with the FSF to earn endorsement. Here is the message and a report from The H. It says: “Debian Project Leader Stefano Zacchiroli has announced a plan that aims to get the project included in the FSF’s list of free software distributions. To that end, Zacchiroli wants to set up a team within Debian that is actively working to resolve the remaining issues which prevent Debian’s inclusion in the list.”
Debian signed the petition as part of its strategy or philosophy which seeks to distinguish the project based on values. The FSF says: “With over 30,000 signatures to our statement and over a dozen high-quality submissions to our contest, I’m confident our message that Restricted Boot is a mistake has the attention of Microsoft and computer-makers alike. Now we need take the next step of turning this support into tangible results.”
“Debian signed the petition as part of its strategy or philosophy which seeks to distinguish the project based on values.”UEFI is not inevitable because Microsoft is falling (it will soon report losses), so it is very disappointing to see Canonical, which forked or branched off Debian, choosing to lean on Microsoft’s scheme. One columnist wonders if OEM pressure had something to do with it. He writes: “As the Linux community continues to debate the best way to deal with Microsoft Windows 8-certified machines that will have Secure Boot on UEFI, some nagging questions still remain as to why Canonical opted to take the solution it did.
“Both the Fedora Project and Canonical has publicly announced their proposed solutions to how users will be able to boot Secure Boot-enabled machines to Linux. Secure Boot requires that “all firmware and software in the boot process must be signed by a trusted Certificate Authority.” Microsoft is requiring that hardware makers of all Windows 8-certified machines be configured to meet these strict requirements.”
A Microsoft booster spoke to Canonical’s founder about it. Shuttleworth replied: “The SFLC advice to us was that the FSF could require key disclosure if some OEM screwed up. As nice as it is that someone at the FSF says they would not, we have to plan for a world where leaders change and institutional priorities change. The FSF wrote a licence that would give them the rights to take specific actions, and it’s hard for them to argue they never would!”
Swapnil Bhartiya, who runs a Ubuntu site, chastised Shuttleworth for it in his article “Is Microsoft More Trusted Than FSF: Ubuntu Chief Defends Grub 2 Drop”. To quote: “Free Software Foundation, FSF, recently published a white paper criticizing Ubuntu’s move to drop Grub 2 in order to support Microsoft’s UEFI Secure Boot. FSF also recommend that Ubuntu should reconsider their decision. Ubuntu’s charismatic chief, Mark Shuttleworth, has finally responded stating the reason why they won’t change their stand on dropping Grub 2 from Ubuntu.”
“The bottom line is, FSF and FSFE refuse to accept Microsoft’s UEFI plans and Debian does the right thing.”This is debated in Slashdot, which summarises as follows: “The Free Software Foundation recently published a whitepaper criticizing Ubuntu’s move to drop Grub 2 in order to support Microsoft’s UEFI Secure Boot. The FSF also recommended that Ubuntu should reconsider their decision. Ubuntu’s charismatic chief, Mark Shuttleworth, has responded to the situation during an interview, and explained the reason they won’t change their stand on dropping Grub 2 from Ubuntu. Shuttleworth said, ‘The SFLC advice to us was that the FSF could require key disclosure if some OEM screwed up. As nice as it is that someone at the FSF says they would not, we have to plan for a world where leaders change and institutional priorities change.”
To quote the top comment: “So in other words they’re anticipating not only that OEMs are going to accidentally or intentionally ship machines running Ubuntu that are locked down so that you cannot boot your own kernels on them but also that they won’t be able to convince the OEMs to fix their broken BIOSes to allow users to run their own code. By not using GRUB2 they ensure that said OEMs would have no legal obligations to allow you to run the code you wanted on the PC you’d just bought.”
It is worth adding that the FSFE made its opinion known by writing: “We demand that before purchasing a device, buyers must be informed concisely about the technical measures implemented in this device, as well as the specific usage restrictions and their consequences for the owner.”
The bottom line is, FSF and FSFE refuse to accept Microsoft’s UEFI plans and Debian does the right thing. My most recently installed distro is Debian and I have no regrets. █
Send this to a friend
Summary: Following the FSF’s paper, criticism of Canonical and Red Hat becomes more commonplace
TECHRIGHTS spent a lot of time covering UEFI because it relates closely to technology rights, or lack thereof. Microsoft essentially gives the finger to Linux users, as one publication put it. The spin from Microsoft boosters [1, 2] sought to portray it as Linux-friendly even though it clearly is the opposite. This led to a blow against the GPLv3-licensed GRUB 2, which Canonical’s reaction in no way a solution but a compromise.
Here is a a good article about what Microsoft has done. It’s from a site about encryption:
A second Linux Distro has joined the Microsoft Secure Booth party. You see Microsoft has come up with what they are calling the UEFI Secure Boot. 61285 Secure boot is somewhat controversial in that once set up it will only allow signed versions of an OS to be installed. This means that if a computer is shipped from an OEM with Windows 8 and UEFI Secure Boot on you could not install a generic version of Linux or indeed any other OS including Windows 7 etc. This would effectively lock someone into using Windows 8 only on these devices. This block would include even downgrading your new system to Windows 7.
Now Microsoft is claiming that there might be a way to turn this off for x86 systems (ARM based systems will be locked to Windows RT), but it has prompted both Red Hat and Canonical to find a way to work within the UEFI Secure boot structure just in case. To do this they are getting a digital signature (from Verisign apparently) which will allow them to work with the UEFI Secure boot.
The FSF has already criticised Canonical, as we pointed out before. “Both the Linux Foundation and the Free Software Foundation voiced their own perspectives last fall when the issue first came up, but over the weekend the Free Software Foundation felt the need to speak out again in response to the approaches being taken by these two popular distributions,” notes the article. “In a nutshell, the advocacy group isn’t thrilled with what either distro has proposed, but it prefers the Fedora approach over Canonical’s solution. It also has a number of suggestions of its own.”
Pogson covered this too, as did some news sites and Groklaw. Here is a snippet from Pamela Jones’ words:
With regard to Fedora’s approach, Sullivan writes that while it’s a thoughful effort that results in GPL compatibility, trusting Microsoft is not an option: “Encouraging free software distributors and users to trust Microsoft or any other proprietary software company as a precondition to exercising their freedoms is simply not an acceptable solution.”
FSF has a number of suggestions going forward, including helping users to learn how to do what they can do to protect themselves, and it is also working with companies like Lemote, Freedom Included, ZaReason, ThinkPenguin, Los Alamos Computers, Garlach44, and InaTux to make computers available that are preinstalled with fully free GNU/Linux distributions.
The bottom line is, UEFI is an attack on computing freedom and it’s therefore unsurprising that it is not compatible with GRUB’s licence. The FSF writes the GPL to help defend against the empire of proprietary software companies. Playing nice with those companies is giving up, it’s defeatism. █
“He [Bill Gates] is divisive. He is manipulative. He is a user. He has taken much from me and the industry.”
Send this to a friend
Summary: Microsoft’s attack on booting freedom/openness has drawn different workarounds from different players; Microsoft continues bombarding the press with propaganda
THE UEFI debate has quieted down somewhat since the news from GNU/Linux distributors. The resultant controversy was enough for Microsoft to gain from, putting aside the effect on antitrust and GPLv3 (with software patents provisions), as we outlined quite recently. As The H put it, Canonical and Red Hat [1, 2, 3, 4] announced their plans and The Inquirer wrote:
Following Red Hat’s Fedora project announcing its plans to ensure that its Linux distribution will not fall afoul of Microsoft’s UEFI Secure Boot mechanism, Canonical has detailed how it plans on working with Microsoft’s ‘security feature’. The company will dispense with Grub 2, a Linux bootloader that it put significant work into, and modify Intel’s efilinux bootloader to add a menu interface.
Microsoft has managed to marginalise the GPLv3 using this devious scheme that helps security in no apparent way. As IDG noted, OpenSUSE, which is struggling internally, has not done anything yet:
Now that the Fedora Project and Canonical have proposed their own plans for their respective Fedora and Ubuntu distributions to work with the upcoming Secure Boot provisions in Windows 8-certified machines, it’s natural to wonder what openSUSE will be doing about the issue.
The answer for now seems to be unclear, and the reason may be one of openSUSE’s greatest strengths may be working against it.
Debian sidles with the FSF on UEFI protest and other distributions have said almost nothing on the subject. It was just the Linux Foundation, Canonical and Red Hat which said they would respond to it a few months ago.
Speaking of OpenSUSE, there are more delays as attendance or submissions might be slow to arrive:
New Deadline for openSUSE Summit papers to coincide with SUSECon’s Call for Papers, and more information about the Summit has been released
OpenSUSE is no longer a leading distribution, so we expect not so many people to get involved. SUSE and Microsoft are competing against free Linux and Red Hat, using Microsoft Linux (aka SUSE) as bait, taxing the competition as a whole and standardising this outrageous practice. Watch what Microsoft says about SUSE in the following new piece:
When we speak about partnering with the open source ecosystem, we mean to work a way forward. When we come to competing, we continue to compete with our open source competitors, says Mandar Naik, director, platform strategy, Microsoft India.
The piece if titled “Here Is Why Microsoft Is Warming Up To Open Source!” but it’s really about the Microsoft-funded SUSE and Microsoft Ganging Up Against (Gratis) Open Source. This fluff/puff piece is hard to read with a straight face, but the target audience is probably gullible people who could not care less about FOSS. It’s just a propaganda placement, portraying an abuser as a friend just like Bill Gates has been doing with a lot of puff pieces. As we shall show in the next post, Microsoft’s abuses are clear for some regulators to see. █
Send this to a friend
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »