Yearly Archives: 2009

Free Software, Free Society: Of Democracy and Hacking

Posted on by

When explaining why Free Software is important, one question that often comes up is: “do I really need the software freedom?”

The utility of software freedom is indeed not obvious for all. Not everyone can understand the source code of a program, and less modify it. It appears that the capacity to enjoy the four freedoms is only valuable to hackers and programmers. It’s hard to convince people to give up on proprietary software only for freedom’s sake, as long as they don’t understand the utility of that freedom.

It’s important to think of this issue not only as a singular commitment to freedom, but more as an issue of systems.

First, the fact that one cannot enjoy the freedom of something does not mean he does not enjoy its effects. The most obvious analogy here, are political systems. The Constitution is to sovereignty what a Free Software licence is to copyright. The Constitution that defines our political system gives to every citizen freedoms and rights, such as the right to run for an election.

Anyone can run for an election, but it does not mean that everyone will. Because not everyone has the capacity or the will to become a politician. This being said, would you say that Democracy does not matter because you do not want to be in politics? I guess most people would not say that.

It’s the same thing with Free Software. Anyone can use, share, study and improve the program. But the fact that you will not do that, does not mean that it’s not important to you. It’s important for the whole system. And the more important the system becomes, the more valuable is that freedom.

So unless you assume that software is not important, Software freedom is not important. But then, I suggest you shut down your computer and stop reading, take a flight and spend the rest of your days on a desert island.

Now, let’s take a closer look at the utility of software freedom. As more and more software is used in our society for important matters, more and more people should be able to understand the software. Otherwise complete control is given to others over yourself. Others will shape the system for you in order to get more control and more weight in the system.

That is why we need democratization of hacking. This will come naturally if Free Software is broadly used, because when one has the capacity to explore something, one will explore it, by curiosity at least. Just as Printing gave people the will to be able to read and then to write, computing will give people the will to be able to read and then to write. This is a long process of course. But this can be a far longer process if we use proprietary software: software you can’t read, nor modify, nor share.

Do we want a society of digital illiterates or a Free Society?

Is Free Software more securing?

Posted on by

While Microsoft is going to launch in a flood of propaganda advertisement its new operating system – Windows 7, an important security hole seems to have been quietly ignored. Microsoft has to make itself a better image towards users, after the more than mixed success of Windows Vista, which still has difficulty to replace the old Windows XP. So it’s not difficult to understand that the monopolist takes more care of packaging than it takes care of security.

Free as in Freedom operating systems are not perfect, however I think we have the right to say Free Software is more securing. Here’s why. First, the source code is open, which allows any pertinent entity (be it a developer, an IT security agency, or a competing company…) to identify holes – and to fix them. Second, Free Software does not create monopolies, it participates on the contrary to a better repartition of tasks. i.e., there are several versions of Linux, several operating systems based on GNU and Linux, several vendors or communities and several shippers. And this collaborative development needs transparency. All these different actors ensure that every single level of development of the system is under control.

This is a major difference with development model typical for proprietary systems where the repartition of tasks is possible, but where there is no diffusion of responsibility or power. Every actor keeps the exclusive control over its software and thus over probable security holes. This results in really important issues, especially when one company holds a monopoly and abuses its position over such an important market as desktop software. Every single user of Microsoft products are strongly dependents on it. Resolving problems can only be done if Microsoft wants to. Unhappily, in such an overwhelming structure as Microsoft, if marketing is considered more important than security, it is the user who will pay.

So here are some incidents due to security issues with Microsoft softwares, that were mentioned since October 1.

It does not only concern operating systems and big infrastructure, but also basic software as web browser, which are used everyday by billions of people. Here again, Microsoft takes its time.

About the subject

I am not the first one to talk about this issue of course. If one wants deeper explanations, he should find details in this article: Why Free Software? Look at the numbers! or also, Computer viruses are caused by Proprietary Software.

Anyway, what’s important before security or technical issue, is trust and control.

It’s our duty to take care of our own security

Finally, I’ll say that Free Software is not more secured itself. But by giving the freedom to study the source code, to improve and to share modifications, Free Software gives its users the power to take care of their own security instead of giving it up to someone else.

It’s not a coincidence if Free operating systems have excellent tools to grant users privacy and intimacy, like GnuPG or OpenSSH.

OOXML, ODF, standards and innovation: Steve Ballmer

Posted on by

Here is an interesting video from a conference Steve Ballmer (Microsoft) gave at Sciences Po, my university, in October 2007. My friend Pierre Slamich, who is also responsible for our association “Digital Freedom” asked Steve Ballmer about the future of OOXML since its failure to be accepted as an international standard in the first place.

You can download the video in Ogg/Theora.

Pierre: “Microsoft-Office”Open”XML (MS-OOXML)* was recently dismissed as an international standard, so what will Microsoft do about this? Will you merge it with the OpenDocument Format(ODF) standard or maintain two standards on the market place?”

Steve Ballmer: “Well, MS-OOXML is an international standard, it is an European standard actually […] The truth is, We don’t control MS-OOXML anymore, it is now controlled by the European Computer Manufacturer Association (ECMA) so whether it gets merged will be largely in function of how the standardisation organizations want to move forward. […] [ODF and MS-OOXML] do interoperate at some level of fidelity. We are encouraging people to take a pluralistic view of this.

Otherwise what will happen is: we don’t want standards to be the enemy of innovation.”

* funny to see how Pierre has troubles to say Office “Open”…because MS-OOXML is all but an open standard! For some more information about how Microsoft standard is “open” you can see this comparison with ODF.

I always like it when Microsoft talks about “innovation.” See this article from Georg Greve, Microsoft, Antitrust and innovation on Groklaw.

Re: Paris Court of Appeals condemns Edu4 for violating the GNU General Public License

Posted on by

Tuesday, FSF France published an article which led to several enthusiastic reactions among specialized websites. And the news is indeed interesting since Paris Court of Appeals condemned Edu4 for violating the GNU General Public License, giving it therefore a legal value. Until then however, nothing new: Free Software most used licence has already been enforced in court in several countries such as,

  • The United States, in Jacobsen v. Katzer case which said GPL was enforceable as Copyright condition;
  • or in Wallace lawsuit which opposed him against FSF, IBM, Novell and Red Hat, during which the judge said regarding competition issues:

    The GPL encourages, rather than discourages, free competition and the distribution of computer operating systems, the benefits of which directly pass to consumers. These benefits include lower prices, better access and more innovation.

  • In Germany when Harald Welte won against Skype which used Linux without meeting GPL conditions (Harald Welte is also part of the French ISP Free case).
  • And also in France in 2002, during a case between University of Grenoble and company Educaffix about a software which was derivative from another licensed with GPL.

Well, everything becomes interesting in this new case comparing to those mentioned below, because AFPA and EDU4  are not arguing as copyright holders over a copyright or licence issue: it’s about an end user (AFPA) and a service company (EDU4).

But we better have to be careful and avoid hasty conclusions. Let’s go back to where it begins.

In 2004, AFPA was convicted to a €900,000 fee for EDU4, when the court considered that unilateral contract rupture from AFPA was not justified. The contract in question is a public tender from 2000, won by EDU4. But in 2001, AFPA discovers EDU4 used Free Software VNC in its product and therefore argues it is not conform to the contract, which AFPA breaks.

But EDU4 appealed and AFPA asks for an additional expert in 2006. This expert report includes overwhelming conclusions: EDU4 has hidden the usage of VNC by removing original copyrights and GPL text (thus disabling its mechanism). Besides, modifications made to VNC had disastrous consequences on IT security and personal data protection.

It is based on those reasons AFPA had the right to break the contract, since there was obviously counterfeiting, lack of sincerity from EDU4 and furthermore high risks for IT security (with a backdoor). This is why the Court of Appeals condemned EDU4.

As a matter of fact I see no reason to consider that it would have been different with any other software licence than the GPL. Which leads me to think that matters of source code distribution, and moreover copyleft protection, were not considered pertinent to the Court’s ruling.

It is true that the ruling mentions a few times the issue of source code distribution, but it was never directly taken into account, but only to show as an evidence EDU4 lack of sincerity in the procedure (copyrights removal and confusion about the software legal nature.)

Furthermore, I would even argue that EDU4 did not have the right to distribute the modified software source code, since they broke GPL when conveying a modified version of the Software without AT&T copyrights or the GPL text. By failing to respect GPL, they did not have the right to use, share, modify the Software anymore.

In short, EDU4 is accused of software counterfeiting by changing copyrights mentions to put their own, and having sold a product which was not compatible with the original mission given by the public tender, because of security issues for AFPA.

So it seems to me that there are little, if none, implications for us because copyleft mechanisms of the GPL were not analysed in the process of condemning EDU4, simply because those mechanisms did not involve AFPA. They only involved EDU4 and VNC authors.

Who has the power to enforce GPL? Since the GPL is a copyright license, the copyright holders of the software are the ones who have the power to enforce the GPL. If you see a violation of the GPL, you should inform the developers of the GPL-covered software involved. They either are the copyright holders, or are connected with the copyright holders.