I love Free Software: Thanks to all the GnuPG contributors

Today is “I love Free Software”-Day. A day to thank all the hard working people behind Free Software. Beside initiating #ilovefs I also try to write a short thank you note to one project every year. After I thanked Coreboot in 2013, and mpd, ncmpcpp, and MPDroid in 2014 this year I want to thank all the people involved in GnuPG coding and promoting.

Unfortunately I do not remember when exactly I started using the GNU Privacy Guard (GnuPG). I just know that I started using a PGP implementation in 2001 on my GNU/Linux machine. First with some friends from our local Free Software group to encrypt and sign our data and communication, which was a very cool feeling. Later I tried to convince close friends and family with whom I had private conversations to set it up so “we can communicate like we do with letters instead of postcards”.

Person with a red ilovefs balloon and a speaking buble saying GnuPG
Someone expressing his love to GnuPG Matthias Kirschner CC BY-SA

(Just for clarifications: no it is not me on the picture, it is Maurice from our team in the Netherlands.)

In 2002 — at that time I was definitely using GnuPG — I had the pleasure to meet friendly Debian guys at the University of Konstanz, who were also quite active in keysigning. So from that time on, whenever I met someone using GnuPG we signed our keys to establish new trust paths.

When I joined FSFE in 2004 it gave me the chance to work with the main GnuPG author Werner Koch. As we decided in 2004 to use GnuPG smartcards as sustaining membership cards for FSFE, I also helped Rebecca + Thorsten Ehlers and Werner with some contributions to the GnuPG smartcard Howto.

This was also the time when I got my first business cards for FSFE, and they included my GnuPG fingerprint! At that time lots of people, especially outside the Free Software community, raised their eyebrows after I answered their question what those numbers are.

In the following years I had the pleasure to meet more and more GnuPG developers: NIIBE Yutaka, from the Free Software Initiative Japan, who thankfully explained me new cool stuff every time we met, and Marcus Brinkmann who was employed to work for GnuPG in the past.

For a long time I had the impression that GnuPG usage was decreasing, and it was not considered that cool anymore. But recently that changed after the Snowden leaks. Many new people wanted to learn how to secure their communications. Fortunately many people, including a lot of our FSFE’s volunteers, organised and helped at Cryptoparties, teaching e-mail encryption.

Recently I was very happy to see FSF’s Email Self-Defence Guide, which explains how and why you should use GnuPG for your electronic communication. Afterwards Erik Albers worked together with our volunteer Franz Gratzer to to create FSFE’s “E-Mail self-defence” leaflets. Thanks to our translators they are now layouted in simplified Chinese, German, English, Spanish, French, Italian, Dutch, and Albanian. The translations for Greek, Latvian, Serbian, and Turkish are in the proofreading process, and the Catalan as well as the Polish translations are almost ready for proofreading. So whenever you want to promote encryption, those leaflets can help you with that.

Many people contribute to GnuPG. I have more space than Laura Poitras in the credits of her film Citizenfour which mentions GnuPG as well, so I will thank some people directly. Beside them there are others who also did important work to enable me to have private communication and to keep my computer more secure. So to all of you whom I do not know (yet) or whom I forgot: Thank you! I love what you are doing!

Special thanks to the GnuPG hackers David Shaw, Marcus Brinkmann, NIIBE Yutaka, Jussi Kivilinna. Thanks to the people documenting GnuPG, e.g. Thorsten and Rebecca Ehlers. Thanks to Martin Gollowitzer for supporting FSFE’s sustaining members when they have questions about our smartcards. Thanks to Nicolai Josuttis (Enigmail), the kmail developers, the developers and maintainers of the signing-party tools. Thanks to Zak Rogoff and FSF’s campaign team for the E-Mail-Self-Defence guide and to Ana Isabel Carvalho and Ricardo Lafuente who designed those awesome infographic. Thanks to Erik Albers who convinced me that we need the GnuPG leaflets and who created them. Thanks to Franz Gratzer who did the layout for those leaflets. Thanks to FSFE’s volunteers for translating them in so many languages! Thanks to all the people around the globe who organise cryptoparties and help others to secure their communication, especially Hauke Laging, Felix Stegerman, and Guido Arnold.

But my biggest thank you of course go to Werner: thank you, Werner, for keeping up your good work during all those years!

New stickers and leaflets: No cloud and e-mail self-defense

This week we received new additions for our information materials in the Berlin office.

First of all, the English version of the “e-mail self-defense” leaflet. In September Erik layouted and printed a German version of that leaflet to distribute at the “freedom not fear demonstration“ in Berlin. We received a lot of positive feedback about the leaflet, and had to order the German version three times already. Now we also have the English version, and our translators are working on Dutch, Italian, French, Spanish, Greek, and Chinese.

gnupg-leaflet.en FSFE CC BY-SA

Beside that, yesterday our new “There is no cloud – just other people’s computers” stickers arrived. Our former intern Bela Seeger worked on them during his internship, and the first feedback is very positive.

there-is-no-cloud-pack Matthias Kirschner CC BY-SA

If you want some of the stickers and leaflets, we will from now on include them in FSFE’s promo packs.

An invisible part of the Free Software Foundation Europe

In all organisations you have people, who do crucial work which is invisible to the public. But without them, the organisation would not function. In the FSFE, one of this people who takes care of a lot of invisible tasks is Reinhard Müller. After maintaining FSFE’s website, coordinating FSFE’s translation team, and taking care of our Fellowship database for many years, in 2007 he volunteered to be FSFE’s Financial Officer. With this post I want to offer you an insight into the invisible tasks performed by Reinhard.

Karsten and Reinhard working together
Karsten, with FSCONS shirt, and Reinhard, with Mach Dich Frei shirt, working Matthias Kirschner CC BY-SA

From 20 to 22 June, Karsten and I myself met with Reinhard in Lustenau/Austria to go through his current tasks. The goal was to minimise a single point of failure in our organisation. We want to make sure that Reinhard’s tasks could also be performed by someone else in the case he decides to do a journey round the world. So beside impressing us with the wonderful landscape, Reinhard gave us a detailed summary. Here a short overview of tasks he performs in the FSFE’s “Lustenau Office”:

  • Payment of invoices and archiving them: yes unfortunately we do not just receive donations, but also invoices. Reinhard takes care of that.
  • Checking our bank statements: this includes contacting individual donors asking them to become Fellows instead to minimise our administrative overhead, add donors above 480€ to our donors page to as well as checking our liquidity.
  • Paper filing for the accounting: for the cash books, our bank accounts, check if something is missing.
  • The accounting: together with aqbanking-tools and some nice self-written bash scripts, Reinhard merges all payments from the bank, the manually added numbers from the cash box, the credit cards, and others accounts into CSV files. In this process all payments receive the correct account number. (For me this is one of most advanced tasks, which Reinhard already documented quite well. I also learned a lot about accounting.)
  • Reporting taxes to the financial authorities: We have to pay tax for the merchandise (19%), the legal conference tickets (7%), plus in very rare cases services we sell (which is especially complicated if it is outside Germany). Reinhard calculates our taxes and reports them to our tax consultant, who again after checking reports that to the authorities. He has to finish this 1 month, and 10 days after each quarter.

I learnt a lot during those days while documenting those tasks, and I am very thankful that Reinhard does all those things for the FSFE in his spare time. Furthermore it was great to enjoy the sunny weather and the beautiful mountains.

Below, you can see Reinhard with the FSFE’s first t-shirt, ever. It has the Latin quote by Saint Augustinus written on it: “Omnis enim res, quae dando non deficit, dum habetur et non datur, nondum habetur, quomodo habenda est.” which translates to “For if a thing is not diminished by being shared with others, it is not rightly owned if it is only owned and not shared.” (Meanwhile we switched to English as the main language for our t-shirts.)

Reinhard with the first FSFE t-shirt in the Austrian mountains
Reinhard with the first FSFE t-shirt in the Austrian mountains Matthias Kirschner CC BY-SA

FSFE’s German speaking team meeting 2014

From 13 – 15 June 2014 FSFE had its German speaking team meeting in the Linuxhotel in Essen. The participants had some problems to travel there because of the chaos resulting from a heavy thunderstorm in the region. A lot of train lines where not functional, and the situation on the streets was also chaotic. But just because no ICE trains stop in Essen does not mean we will not continue our work for Free Software. In the end we were able to bring all volunteers to the Linuxhotel.

The two buildings from Linuxhotel
linuxhotel_landschaft Linuxhotel CC BY-SA

On Friday after dinner we finalised the agenda, especially discussing the workshop topics and decided depending on popularity which ones we will have during the weekend. Furthermore we added a slot for lightning talks for Saturday morning. After dinner we met Michael and Mechthilde in the Linuxhotel, who reported from their work during the day at the GLS bank to promote FSFE (in German).

Saturday morning started with 30 minutes of lightning talks. Erik Albers talked about our work and the results of the Free Software pact and how we could use that for regional elections. Maurice gave an overview of our activities in the Netherlands, especially their work at cryptoparties and the privacy cafe, the Netherland team’s involvement in the Free Software pact, and reported that the NL team now consists of around 10 active people. Guido Arnold presented a bash script to make it easier to publish local FSFE meetings on different FSFE websites, and microblogs. He motivated others to look at the code and improve it. Torsten Grote talked about the status of Free Software microblogging software. As the last one, Erik Albers gave a short overview from our German speaking local groups. Afer that the first slot of two parallel workshops started:

After lunch Michael Stehmann held a session how to better integrate evaluation in our work. We will do more work on this topic in the comming months. Then it was time again for two parallel workshops slots:

In the evening local Free Software supporters joined us for a BBQ, like former HURD developer Neal Walfield, FSFE’s booth master Rainer Kersten, FSFE’s Fellowship representative Stefan “Penny” Harmuth, and GnuPG author Werner Koch.

Due to longer travel times caused by the storm, Sunday was quite short. In the morning we slightly modified the agenda, and again had two workshop sessions. On group continued with the WhatsApp workshop to do further testing, and in the other group Erik Albers talked with local team coordinators about their situation and what ideas they have for the future. After “destroying” the rest of Saturday evening BBQ, and cleaning up, 2 days of good work were over again.

Consumer protection for mobiles: Is it a torch light or a spy in your pocket?

On Friday 15 May, I was at an event in the German Parliament about the power of consumers in the digital world, organised by the Green party. I participated because part of the event was a workshop about consumer protection for mobile devices.

A lot of programs people install on their Android devices do not respect their rights. It is common that those programs ask users to accept non-readable terms and conditions, reveal where the device and therefor the user currently is, access personal data like user’s address books or text messages. Innocent looking apps like a torch light program are violating user’s privacy. This is not me explaining the problem, that was what Carola Elbrecht from the German consumer protection organisation (VZBV) and other participants explained.

320px-Leuchtende_Taschenlampe Public Domain CC BY-SA

I gave an overview what the FSFE in particilar and the Free Software community in general are doing, and what problems we have. I explained them how we help users to install Free Software versions of Android on their phones, so they can have up to date software, and do not have to buy a new phone just because they need new software. How vendors tell consumers that they loose warranty when they install another operating system, and that we inform users that this is wrong. How we help people to install their software from a Free Software app market like F-Droid, where all the software guarantees consumers that they can use it for any purpose, that people around the world can study the source code and understand what the program is doing, and that everybody is allowed to change the apps, for example remove malicious features which compromise user’s security. It is software which respects the user’s rights instead of violating them.

Member of Parliament Nicole Maisch, who was responsible for the workshop, already knew about our work and asked us what politicians could do to help us. I highlighted that it would help the Free Software community if it is legally guaranteed that users have the right to install another operating system on mobile devices. That vendors have no right to hinder users doing this by technical measures and that it is clear that you do not loose your warranty. Furthermore I explained why it is important that apps developed by the public administration are Free Software, and are also offered outside of Google Play and the iTunes Store.

After the workshop I had a lot of good talks with different people, mainly from consumer protection organisation or with journalists.

Now just assuming you also want to know what you can do to protect consumer rights on mobile devices, here some suggestions:

  • Promote Free Your Android (FYA) in your peer groups, and explain people how they can be in control of their own computing and why this is important. Nikos Roussos is currently doing a good job pushing Free Your Android in Greece. In his recent blog post Nikos wrote about his Free Software setup, how he removed Google Analytics from the CyanogenMod builds with freecyngn, and which apps he can recommend others. Torsten Grote, who started FYA, gave a talk at FISL (OGV video, 82M) with the latest developments of the campaign.
  • If you are an developer, join the F-Droid team! FSF published an interview with Ciaran Gultnieks, founder of F-Droid project, who explains the problems with Free Software in the Android app space like obsolete source code, proprietary code and libraries, and libraries which spy on their users. Help the F-Droid team to master those challenges.
  • Help with translations! FSFE’s volunteers wrote, translated, printed and distributed leaflets about the Free Software app store F-Droid. After Torsten Grote made a new version, this month we plan to print new languages versions. We still need people to proofread the German, Greek, Spanish, Finnish, and Netherlands versions. As well as help with the French and Italian translation. Please contact our translation team if you can help.
  • Join the FSFE team at RMLL! In July FSFE will be at RMLL in Montpelier/France, where former FSFE intern Daniel Marti will give talks and workshops about F-Droid, Erik Albers will talk about Free Your Android, and Paul Kocialkowski will present the Replicant project there. If you already know how more about F-Droid, flashing phones, or have experience with Replicant, please support us there to teach others about it.
  • For all of you who are not yet; become a supporting member of FSFE! In order for FSFE to send employees like me to events in the Parliament we need an appropriate budget. Then someone can follow-up with politicians for several years to achieve results, brief consumer protection organisations about user rights on mobile devices and support them in their work, or FSFE can pay travel expenses when it is done by our volunteers. Just with good financial support we will be able to achieve results against large organisations, which have other interests than user rights.

Support hardware computing platform for hackers and Free Software drivers NOW

Last week I gave a talk about threats for the universal computer (e.g. non-free software, Digital Restriction Management, and secure boot) at the Cyber Security Day. There are still a lot of people whom we have to convince about Free Software there. One of the participants there asked, why I focused on software, and if we don’t need the same control over our hardware.

Novena open hardware
novena-1114_project-body Novena Project CC BY-SA

It is true, in my talk I focused on how we lose control through software over our machines and how we can protect this freedom. I did that mainly because I work for the Free Software Foundation Europe, and I focus on software. But I agree that our society will be in a better position if we also control our hardware, which is the basis for our software. The right to learn how the hardware works, the right to modify and extend the hardware, will help us to understand our technology, this will help us to limit the concentration of power, and — for the topic of the event — it will enable us to secure our data.

I was very happy to learn from Bunnie that the Novena project, which looks really promising, already has enough funding to build an open-hardware computing platform, which should fit hacker’s needs, designed for use as a desktop, laptop, or standalone board. The project also reached their financial goal to contract Jon Nettleton to write Free Software drivers for Open 2D/3D Graphics on Novena. Those drivers will not only help future owners of the novena hardware, but also Free Software users who use i.MX6 CPUs, such as the cubox, pandaboard, or wandboard.

The Novena project is still looking for community members to support the project. For example, they are 35 devices short of hitting a goal of getting SDR boards to all the backers. So if you want to support open hardware and Free Software drivers, do so until tomorrow, May 18.

How to generate a new wifi password the mobile friendly way

After Torsten showed me how to generate a qrcode for a wifi password, I also wanted to do it. Today I finally had some time and finished it for my private home network.

First of all I generated a new password with the Automated Password Generator (e.g. type “apg -m 32” in the command line. Thanks to Paul for this.), afterwards I added some special characters to improve its security and ended up with: Ejyu?bdo!ts#okPac[{Eipidheckab_/*reppec. As it is ok to type this in on a laptop but it is a pain on mobile phones, tablets, or other computers without a proper keyboard, I then generated a qrcode.

To do so I installed the program “qrencode” and run qrencode -o JoinTheFellowshipOfFSFE.png 'WIFI:T:WPA;S:JoinTheFellowshipOfFSFE;P:Ejyu?bdo!ts#okPac[{Eipidheckab_/*reppec'. For details have a look at the barcode contents page. Afterwards I included JoinTheFellowshipOfFSFE.png in a small document together with the wifi name and the written password.

JoinTheFellowshipOfFSFE Matthias Kirschner CC BY-SA

On Android devices you and your guests can now scan this qrcode with the barcode scanner from F-Droid, and directly connect to the wireless network without any pain in your fingers.

If you want to do some promotion for F-Droid, you can order FSFE’s F-Droid leaflets and distribute them to people using your wifi.

Teenagers teach how to program robots with Free Software

Four years ago, I helped organising a FreeDroidz workshop with the goal to enable more people to held workshops, teaching children how to program with Free Software. Unfortunately due to several reasons, mainly connected with the fact that time is finite, we did not see a raise in workshops afterwards. Each time I thought about the project it made me a bit sad that the FSFE did not have more resources to work on it.

A lot of teenagers in front of the Chemnitzer Linuxtage building
froglabs_2014_clt_web_21 Teckids e.V. CC BY-SA

So I was very happy to learn at Chemnitzer Linuxtage that Teckids e.V. now included the FreeDroidz workshop into their program. Luckily Guido Arnold from FSFE’s education team was also there so he could directly talk with organisers. He will make sure that our people involved in this activity will know about the good news, and how they can participate.

Teckids e.V. offer workshops for 10 to 16 year olds to build robots with different sensors (light, sound, or ultrasonic) and program them to do cool things by using Free Software. It is important for our society that the next generations have a very good understanding how our computers work, so they can shape the society in which they want to live in. What I like most about the new concept is, that it is not adults teaching children how to do this, but former participants who act as tutors for others in their age.

Beside the FreeDroidz workshops they also offer to learn programming games with PyGame, creating movies with blender, or how to use GNU/Linux. All of that organised by tutors in the age from 10-16.

The next workshop will be from 22 to 24 August 2014 at FrOSCon in Sankt Augustin, and you can register for the event on the Teckids website (in German). For FrOSCon I already want to thank Sascha Goetzke (12), Nico Paas (11), Eike Tim Jesinghaus (13), Robin Seerig (12) and Simon Bruder (10). They will help other teenagers to understand how computers work and to experience that tinkering around with Free Software is a lot of fun.

Comic and quotes: why you should use Open Standards

In a few hours Document Freedom Day will start with the event in Tokyo organised by the Japanese LibreOffice team. During the whole day, people around the world will explain why Open Standards matters. This year we can provide you a comic to make the topic a bit more catchy:

Comic about why to use Open Standards
Next Time Choose Open Standards Jamie Casley CC BY-SA

Furthermore, during the last days I had a look at our testimonials page. I liked reading them again. Here is a small selection with highlighting by me, but have a look at the others, too.

Build so the whole world — and all of history to come — can build upon what you make. (Lawrence Lessig)

I know a smart business decision when I see one – choosing open standards is a very smart business decision indeed. (Neelie Kroes, Vice-President, European Commission)

People have grown used to the idea that files can only be opened with the same program that saved it, as if it were the natural state of affairs. And it was, long ago, in the dark ages of processor- and memory-starved eight-bit computers. Today, a program that doesn’t use open standards to exchange data with whichever other program you wish to use should be considered as defective as one that crashes on startup. (Federico Heinz, President, Fundación Vía Libre)

Distribute those quotes, use them in your presentations, e-mail signatures, whatever you think helps to distribute the message, and for tomorrow I wish you all a good Document Freedom Day!

Why Open Standards aren’t enough: the minimal principle

Although a good data-format can only be an Open Standard, FSFE’s Bernhard Reiter argues that this requirement alone is not enough. Originally written for last year’s Document Freedom Day in German, the article “The minimal principle: because being an open standard is not enough” is now available in English. In a nutshell Bernhard argues that the data-format needs to solve a problem adequately: It should be a good fit from a functional point of view, as well as on a technical level. In order to judge this, there are a number of things to consider: efficiency, maintainability, accessibility, extensibility, learnability, simplicity, longevity and a few more. Two central questions here are: How well does the data-format solve the problem and –more interesting– is there a simpler format that could solve the problem just as well?

Read the article, discuss it on our public mailing lists, and if you are a developer always ask yourself if it can be done simpler.

This does not mean that every time you stumble over an existing standards, you should develop your own, even smaller one.

xkcd-standards xkcd CC BY-NC