All posts by Bradley M. Kuhn

Thoughts on Microsoft Joining OIN’s Patent Non-Aggression Pact

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/10/10/microsoft-oin-exfat.html

[ A similar version
was crossposted
on Conservancy’s blog
. ]

Folks lauded today
that Microsoft
has joined the Open Invention Network (OIN)’s limited patent non-aggression
pact
, suggesting that perhaps it will bring peace in our time regarding
Microsoft’s historical patent aggression.
While today’s announcement is a step forward, we call on Microsoft to make
this just the beginning of their efforts to stop their patent aggression
efforts against the software freedom community.

The OIN patent non-aggression pact is governed by something
called the
Linux System Definition
. This is the most important component of the OIN
non-aggression pact, because it’s often surprising what is not
included in that Definition especially when compared with Microsoft’s patent
aggression activities. Most importantly, the non-aggression pact only
applies to the upstream versions of software, including Linux itself.

We know
that Microsoft has done patent troll shakedowns in the past on Linux products
related to the exfat filesystem.
While we
at Conservancy were successful in getting the code that implements exfat for
Linux released under GPL (by Samsung)
, that code has not been upstreamed
into Linux. So, Microsoft has not included any patents they
might hold on exfat into the patent non-aggression pact.

We now ask Microsoft, as a sign of good faith and to confirm its intention
to end all patent aggression against Linux and its users, to now submit to
upstream the exfat code themselves under GPLv2-or-later. This would
provide two important protections to Linux users regarding exfat: (a) it
would include any patents that read on exfat as part of OIN’s
non-aggression pact while Microsoft participates in OIN, and (b) it would
provide the various benefits that GPLv2-or-later provides regarding
patents,
including an
implied patent license
and those protections provided
by GPLv2§7
(and possibly other GPL protections and assurances as well)

Challenges in Maintaining A Big Tent for Software Freedom

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/08/30/on-social-justice-software-licensing.html

[ A similar version of this blog post
was cross-posted
on Software Freedom Conservancy’s blog

In recent weeks, I’ve been involved with a complex internal discussion by
a major software freedom project about a desire to take a stance on social
justice issues other than software freedom. In the discussion, many
different people came forward with various issues that matter to them,
including vegetarianism, diversity, and speech censorship, wondering how that
software freedom project should handle other social justices causes that are
not software freedom. This week, (separate and fully unrelated)
another project, called Lerna,
publicly had a similar
debate
. The issues involved are challenging, and it deserves careful
consideration regardless of how the issue is raised.

One of the first licensing discussions that I was ever involved in the mid
1990s was with a developer, who was a lifelong global peace activist, objecting
to the GPL because it allowed the USA Department of Defense and the wider
military industrial complex to incorporate software into their destructive
killing machines. As a lifelong pacifist myself, I sympathized with his
objection, and since then, I have regularly considered the question of
“do those who perpetrate other social injustices deserve software
freedom?”

I ultimately drew much of my conclusion about this from activists for free
speech, who have a longer history and have therefore had longer time to
consider the philosophical question. I remember in the late 1980s when I
first learned of the ACLU, and hearing that they assisted the Klu-Klux Klan
in their right to march. I was flabbergasted; the Klan is historically
well-documented as an organization that was party to horrific murder. Why
would the ACLU defend their free speech rights? Recently, many people had
a similar reaction when, in defense of the freedom of association and free
speech of the National Rifle Association
(NRA), the
ACLU filed an amicus brief in a case involving the NRA
, an organization
that I and many others oppose politically. Again, we’re left wondering:
why should we act to defend the free speech and association rights of
political causes we oppose — particularly for those like the NRA and
big software companies who have adequate resources to defend
themselves?

A few weeks ago, I heard a good explanation of this in an
interview with
ACLU’s Executive Director
, whom I’ll directly quote, as
he stated
succinctly the reason why ACLU has a long history of defending everyone’s
free speech and free association rights
:

[Our decision] to
give legal representation to Nazis [was controversial].… It is not for the
government’s role to decide who gets a permit to march based on the content
of their speech. We got lots of criticism, both
internally and externally. … We believe these rights are for
everyone, and we truly mean it — even for people we hate and whose
ideology is loathsome, disgusting, and hurtful. [The ACLU can’t be] just a
liberal/left advocacy group; no liberal/left advocacy group would take on
these kinds of cases. … It is important for us to forge a path that talks
about this being about the rights of everyone.

Ultimately, fighting for software freedom is a social justice cause
similar to that of fighting for free speech and other causes that require
equal rights for all. We will always find groups exploiting those freedoms
for ill rather than good. We, as software freedom activists, will have to
sometimes grit our teeth and defend the rights to modify and improve software for those we otherwise oppose.
Indeed, they may even utilize that software
for those objectionable activities. It’s particularly annoying to do that for
companies that otherwise produce proprietary software: after all, in another realm, they are
actively working against our cause. Nevertheless, either we believe the Four Software Freedoms are universal, or we don’t. If we do,
even our active political opponents deserve them, too.

I think we can take a good example from the ACLU on this matter. The
ACLU, by standing firm on its core principles, now has, after two
generations of work, developed the power to make impact on related causes. The
ACLU is the primary organization defending immigrants who have been
forcibly separated from their children by the USA government. I’d posit that only an
organization with a long history of principled activity can have both the
gravitas and adequate resources to take on that issue.

Fortunately, software freedom is already successful enough that we can do
at least a little bit of that now. For example,
Conservancy (where I work) already
took a public position, early, in opposition of Trump’s immigration
policy
because of its negative impact on software freedom, whose
advancement depends on the free flow of movement by technologists around
the world. Speaking out from our microphone built from our principled
stand on software freedom, we can make an impact that denying software
freedom to others never could. Specifically, rather than proprietarizing
the license of projects to fight USA’s Immigration and Customs Enforcement
(ICE) and its software providers, I’d encourage us to figure out a specific
FOSS package that we can prove is deployed for use at ICE, and use that
fact as a rhetorical lever to criticize their bad behavior. For example,
has anyone investigated if ICE uses Linux-based servers to host their
otherwise proprietary software systems? If so, the Linux community is
already large and powerful enough that if a group of Linux contributors
made a public statement in political opposition to the use of Linux in
ICE’s activities, it would get national news attention here in the USA. We
could even ally with the ACLU to assure the message is heard. No license
change is needed to do that, and it will surely be more effective.

Again, this is how software freedom is so much like free speech. We give
software freedom to all, which allows them to freely use and deploy the
software for any purpose, just like hate groups can use the free speech
microphone to share their ideas. However, like the ACLU, software
freedom activists, who simultaneously defend all users equal rights in
copying, sharing and modifying the software, can use their platform —
already standing on the moral high ground that was generated by
that long time principled support of equal rights — to speak out against
those who bring harm to society in other ways.

Finally, note that the
Four Software Freedoms obviously should never be the only laws and/or rules of conduct of our society. Just
like you should be prevented from (proverbially) yelling Fire! in a crowded movie theater,
you still should be stopped when you deploy Free Software in a manner that violates some other
law, or commits human rights violations. However, taking away software freedom from bad actors, while it seems like a
panacea to other societal ills, will simply backfire. The
simplicity and beauty of copyleft is that it takes away someone’s software
freedom only at the moment when they take away someone else’s
software freedom; copyleft ensures that is the only reason your
software freedom should be lost. Simple tools work best when your social
justice cause is an underdog, and we risk obscurity of our software if we
seek to change the fundamental simple design of copyleft licensing to include licensing
penalties for other social justice grievances (— even if we could agree on which other
non-FOSS causes warrant “copyleft protection”). It
means we have a big tent for software freedom, and we sometimes stand under it with
people whose behavior we despise. The value we have is our ability to
stand with them under the tent, and tell them: “while I respect your
right to share and improve that software, I find the task you’re doing with
the software deplorable.”. That’s the message I deliver to any ICE
agent who used Free Software while forcibly separating parents from their children.

Software Freedom Ensures the True Software Commons

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/08/22/commons-clause.html

[ A similar version
was crossposted
on Conservancy’s blog. ]

Proprietary software has always been about
a
power
relationship
. Copyright and other legal systems give authors the power
to decide what license to choose, and usually, they choose a license that
favors themselves and takes rights and permissions away from others.

The so-called “Commons Clause” purposely confuses and
conflates many issues. The initiative is backed by FOSSA, a company that
sells materiel in the proprietary compliance industrial complex. This clause
recently made news again since other parties have now adopted this same
license.

This proprietary software license, which is not Open Source and does not
respect the four freedoms of Free Software, seeks to hide a power imbalance
ironically behind the guise “Open Source sustainability”. Their
argument, once you look past their assertion that the only way to save Open
Source is to not do open source
, is quite plain: If we can’t make money as
quickly and as easily as we’d like with this software, then we have to make
sure no one else can as well
.

These observations are not new. Software freedom advocates have always
admitted that if your primary goal is to make money, proprietary software is
a better option. It’s not that you can’t earn a living writing only Free
Software; it’s that proprietary software makes it easier because you have
monopolistic power, granted to you by a legal system ill-equipped to deal
with modern technology. In my view, it’s a power which you don’t deserve — that allows you to
restrict others.

Of course, we all want software freedom to exist and survive sustainably.
But the environmental movement has already taught us that unbridled commerce
and conspicuous consumption is not sustainable. Yet,
companies still adopt strategies like this Commons Clause to prioritize rapid growth and
revenue that the proprietary software industry expects, claiming these strategies bolster
the Commons (even if it is a “partial commons in name only”).
The two goals are often just incompatible.

At Software Freedom Conservancy
(where I work), we ask our projects to be realistic about revenue. We
don’t typically see Conservancy projects grow at rapid rates. They grow at
slow and steady rates, but they grow better, stronger, and more diverse
because they take the time to invite everyone to get involved. The
software takes longer to mature, but when it does it’s more robust and
survives longer.

I’ll take a bet with anyone who’d like. Let’s pick five projects under the
Affero GPL and five projects under the Commons Clause, and then let’s see
which ones survive longer as vibrant communities with active codebases and
diverse contributors.

Finally, it’s not surprising that the authors chose the name
“Commons”. Sadly, “commons” has for many years been
a compromised term, often used by those who want to promote licenses or
organizational models that do not guarantee all four freedoms inherent in
software freedom. Proprietary software is the ultimate tragedy of the
software commons, and while it’s clever rhetoric for our opposition to claim
that they can make FLOSS sustainable by proprietarizing it, such an argument
is also sophistry.

In Memoriam: Gervase Markham

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/07/29/gerv.html

Yesterday, we lost an important member of the FLOSS
community. Gervase
Markham
finally succumbed to his battle with cancer (specifically,
metastatic adenoid cystic carcinoma).

I met Gerv in the early 2000s, after he’d already been diagnosed. He has
always been very public about his illness. He was frank with all who knew
him that his life expectancy was sadly well below average due to that
illness. So, this outcome isn’t a surprise nor a shock, but it is
nevertheless sad and unfortunate for all who knew him.

I really liked Gerv. I found him insightful and thoughtful. His
insatiable curiosity for my primary field — FLOSS licensing —
was a source of enjoyment for me in our many conversations on the subject.
Gerv was always Socratic in his approach: he asked questions, rather than
make statements, even when it was pretty obvious he had an answer of his
own; he liked to spark debate and seek conversation. He thoughtfully
considered the opinions of others and I many times saw his positions change
based on new information. I considered him open-minded and an important
contributor to FLOSS licensing thought.

I bring up Gerv’s open-mindedness because I know that many people didn’t
find him so, but, frankly, I think those folks were mistaken. It is well
documented publicly that Gerv held what most would consider particularly
“conservative values”. And, I’ll continue with more frankness:
I found a few of Gerv’s views offensive and morally wrong. But Gerv was
also someone who could respectfully communicate his views. I never felt
the need to avoid speaking with him or otherwise distance myself. Even if
a particular position offended me, it was nevertheless clear to me that
Gerv had come to his conclusions by starting from his (a priori) care and
concern for all of humanity. Also, I could simply say to Gerv: I really
disagree with that so much
, and if it became clear our views were just
too far apart to productively discuss the matter further, he’d happily and
collaboratively find another subject for us to discuss. Gerv was a
reasonable man. He could set aside fundamental disagreements and find
common ground to talk with, collaborate with, and befriend those who
disagreed with him. That level of kindness and openness is rarely seen in
our current times.

In fact, Gerv gave me a huge gift without even knowing it: he really
helped me understand myself better. Specifically, I have for decades
publicly stated my belief that the creation and promulgation of proprietary
software is an immoral and harmful act. I am aware that many people (e.g.,
proprietary software developers) consider that view offensive. I learned
much from Gerv about how to productively live in a world where the majority
are offended by my deeply held, morally-founded and well-considered
beliefs. Gerv taught me how to work positively, productively and in a
friendly way alongside others who are offended by my most deeply-held
convictions. While I mourn the loss of Gerv today, I am so glad that I had
that opportunity to learn from him. I am grateful for the life he had and
his work.

Gerv’s time with us was too short. In response, I suggest that we look at
his life and work and learn from his example. Gerv set aside his illness
for as long as possible to continue good work in FLOSS. If he can do that,
we can all be inspired by him to set aside virtually any problem to work
hard, together, for important outcomes that are bigger than us all.

[Finally, I should note that the text above was vetted and approved by
Gerv, a few months ago, before his death. I am also very impressed that he
planned so carefully for his own death that he contacted Conservancy to
seek to assign his copyrights for safe keeping and took the time to review
and comment on the text above. ]

When Meat Salespeople Call Vegans “fundamentalists”

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/07/23/butchers-and-vegans.html

Someone linked me to this
blog by a boutique proprietary software company complaining about porting
to GNU/Linux systems
, in which David Power, co-founder of Hiri, says:

Unfortunately, the fundamentalist FOSS mentality we encountered
on Reddit is still alive and well. Some Linux blogs and Podcasts
simply won’t give us the time of day.

I just want to quickly share a few analogous quotes that show why that
statement is an unwarranted and unfair statement about people’s reasonably
held beliefs. First, imagine if Hiri were not a proprietary software
company, but a butcher. Here’s how the quote would sound:

Unfortunately, the fundamentalist vegan mentality we
encountered on Reddit is still alive and well. Some vegetarian blogs
and Podcasts simply won’t give us the time of day.

Should a butcher really expect vegetarian blogs and podcasts to talk about
their great new cuts of meat available? Should a butcher be surprised that
vegans disagree with them?

How about if Hiri sold non-recycled card stock paper?:

Unfortunately, the fundamentalist recycling mentality we
encountered on Reddit is still alive and well. Some environmentalist
blogs and Podcasts simply won’t give us the time of
day.

If you make a product to which a large part of the potential customer
population has a moral objection, you should expect that objection, and
it’s reasonable for that to happen. To admonish those people because they
don’t want to promote your product really is akin to a butcher annoyed that
vegans won’t promote their prime cuts of meat.

On Avoiding Conflation of Political Speech and Hate Speech

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/07/12/oscon-no-politics-allowed.html

If you’re one of the people in the software freedom community who is
attending O’Reilly’s Open Source Software Convention (OSCON) next week here
in Portland, you may have seen debate about O’Reilly and Associates
(ORA)’s surreptitious Code of Conduct change (and quick revocation thereof)
to name “political affiliation” as a protected class. If
you’re going to OSCON or plan to go to an OSCON or ORA event in the future,
I suggest that you familiarize yourself with this issue and the political
historical context in which these events of the last few days take
place.

First, OSCON has always been political: software freedom is
inherently a political struggle for the rights of computer users, so any
conference including that topic is necessarily political. Additionally,
O’Reilly himself had stated his political positions many times at OSCON, so
it’s strange that, in
his response this morning, O’Reilly
admits that he and his staff tried to
require via agreements that speakers … refrain from all political
speech
. OSCON can’t possibly be a software freedom community event if
ORA’s intent … [is] to make sure that conferences put on for the
exchange of technical information aren’t politicized
(as O’Reilly stated
today). OTOH, I’m not surprised by this tack, because O’Reilly, in large
part via OSCON, often pushes forward political views that O’Reilly likes, and
marginalizes those he doesn’t.

Second, I must strongly disagree with ORA’s new (as of this morning)
position that Codes of Conduct should only include “protected
classes” that the laws of a particular country currently recognize.
Codes of Conduct exist in our community not only as mechanism to assure the
rights of protected classes, but also to assure that everyone feels safe
and free of harassment and hate speech. In fact, most Codes of Conduct in
our community have “including but not limited to” language
alongside any list of protected classes, and IMO all of them should.

More than that, ORA has missed a key opportunity to delineate hate
speech and political speech in a manner that is sorely needed here in the
USA and in the software freedom community. We live in a political climate
where our Politician-in-Chief governs via Twitter and smoothly co-mingles
political positioning with statements that would violate the Code of
Conduct at most conferences. In other words, in a political climate where
the party-ticket-headline candidate is exposed for celebrating his own
sexual harassing behavior and gets elected anyway, we are culturally going
to have trouble nationwide distinguishing between political speech and hate
speech. Furthermore, political manipulators now use that confusion to
their own ends, and we must be ever-vigilant in efforts to assure that
political speech is free, but that it is delineated from hate speech, and,
most importantly, that our policy on the latter is zero-tolerance.

In this climate, I’m disturbed to see that O’Reilly, who is certainly
politically savvy enough to fully understand these delineations, is
ignoring them completely. The rancor in our current politics — which
is not just at the national level but has also trickled down into the
software freedom community — is fueled by bad actors who will gladly
conflate their own hate speech and political speech, and (in the irony that
only post-fact politics can bring), those same people will also
accuse the other side of hate speech, primarily by accusing intolerance of
the original “political speech” (which is of course was, from
the start, a mix of hate speech and political speech). (Examples of this
abound, but one example that comes to mind is Donald Trump’s public
back-and-forth with San Juan Mayor Carmen Yulín Cruz.) None of ORA’s
policy proposals, nor O’Reilly’s public response, address this nuance.
ORA’s detractors are legitimately concerned, because blanketly adding
“political affiliation” to a protected class, married with a outright ban on
political speech, creates an environment where selective enforcement favors
the powerful, and furthermore allows the Code of Conduct to more easily
become a political weapon by those who engage in the conflation practice I
described.

However, it’s no surprise that O’Reilly is taking this tack, either.
OSCON (in particular) has a long history — on political issues of
software freedom — of promoting (and even facilitating) certain
political speech, even while squelching other political speech. Given that
history (examples of which I include below), O’Reilly shouldn’t be
surprised that many in our community are legitimately skeptical about why
ORA made these two changes without community discussion, only to quickly
backpedal when exposed. I too am left wondering what political game
O’Reilly is up to, since I recall well
that Morozov
documented O’Reilly’s track record of political manipulation in his
article, The Meme Hustler
. I thus encourage everyone who
attends ORA events to follow this political game with a careful eye and a
good sense of OSCON history to figure out what’s really going on. I’ve
been watching for years, and OSCON is often a master class in achieving
what Chomsky critically called “manufacturing consent” in
politics.

For example, back in 2001, when OSCON was already in its third year,
Microsoft executives went on the political attack against copyleft (calling
it unAmerican and a “cancer”). O’Reilly, long unfriendly to
copyleft himself, personally invited Craig Mundie of Microsoft to have a
“Great Debate” keynote at the next OSCON — where Mundie
would “debate” with “Open Source leaders” about the
value of Open Source. In reality, O’Reilly put on stage lots of Open
Source people with Mundie, but among them was no one who
supported the strategy of copyleft, the primary component of Microsoft’s
political attacks. The “debate” was artfully framed to have
only one “logical” conclusion: “we all love Open Source
— even Microsoft (!) — it’s just copyleft that can be
problematic and which we should avoid”. It was no debate at all;
only carefully crafted messaging that left out much of the picture.

That wasn’t an isolated incident; both subtle and overt examples of
crafted political messaging at OSCON became annual events after that. As
another example, ten years later, O’Reilly did almost the same playbook
again: he invited the GitHub CEO to give a very political
and completely anti-copyleft keynote
. After years of watching how
O’Reilly carefully framed the political issue of copyleft at OSCON, I am
definitely concerned about how other political issues might be framed.

And, not all political issues are equal. I follow copyleft politics
because it’s my been my day job for two decades. But, I admit there are
stakes even higher with other political topics, and having watched how ORA
has handled the politics of copyleft for decades, I’m fearful that ORA is (at
best) ill-equipped to handle political issues that can cause real harm
— such as the current political climate that permits hate speech, and
even racist speech (think of Trump calling Elizabeth Warren
“Pocahontas”), as standard political fare. The stakes of
contemporary politics now leave people feeling unsafe. Since
OSCON is a political event, ORA should face this directly
rather than pretending OSCON is merely a series of technical lectures.

The most insidious part of ORA’s response to this issue is that, until the
issue was called out, it seems that all political speech (particularly that
in opposition to the status quo) violated OSCON’s policies by default.
We’ve successfully gotten ORA to back down from that position, but not
without a fight. My biggest concern is that ORA nearly ran OSCON this year
with the problematic combination of banning political speech in the speaker
agreement, while treating “political affiliation” as a
protected class in the Code of Conduct. Regardless of intent, confusing
and unclear rules like that are gamed primarily by bad actors, and O’Reilly
knows that. Indeed, just days later, O’Reilly admits that both items were
serious errors. But how could it be that an organization that’s been
running the same event for two decades only just began to realize
that these are complex issues? Paradoxically, I’m both baffled and not
surprised that ORA has handled this issue so poorly. They still have no
improved solution for the original problem that O’Reilly states they wanted
to address (i.e., preventing hate speech). Meanwhile, they’ve cycled
through a series of failed (and alarming) solutions without community
input. Would it have really been
that hard for them to publicly ask first: “We want to
welcome all political views at OSCON, but we also detest hate speech that
is sometimes joined with political speech. Does anyone want to join a
committee to work on improvements to our policies to address this
issue?” I think if they’d handled this issue in that (Open Source)
way, the outcome would have not be the fiasco it’s become.

The Everyday Sexism That I See In My Work

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2018/06/21/everyday-sexism.html

My friend, colleague, and boss, Karen Sandler,
yesterday tweeted
about one of the unfortunately sexist incidents
that she’s faced in her
life. This incident is a culmination of sexist incidents that Karen and I
have seen since we started working together. I describe below how these
events entice me to be complicit in sexist incidents, which I do my best to
actively resist.

Ultimately, this isn’t about me, Karen, or about a single situation, but
this is a great example of how sexist behaviors manipulate a situation and
put successful women leaders in no-win situations. If you read this tweet
(and additionally already knew about Software Freedom Conservancy where I
work)…


“#EveryDaySexism I'm Exec Director of a charity.  A senior tech exec is making his company's annual donation conditional on his speaking privately to a man who reports to me. I hope shining light on these situations erodes their power to build no-win situations for women leaders.” — Karen Sandler

… you’ve already guessed that I’m the male employee that this
executive meant. When I examine the situation, I can’t think of a single
reason this donor could want to speak to me that would not be more productive
if he instead spoke with Karen. Yet, the executive, who was previously well
briefed on the role changes at Conservancy, repeatedly insisted that the
donation was gated on a conversation with me.

Those who follow my and Karen’s work know that I was Conservancy’s first Executive Director.
Now, I
have a lower-ranking role
since Karen came to Conservancy.

Back in 2014, Karen and I collaboratively talked about what role would
make sense for her and me — and we made a choice together. We briefly
considered a co-Executive Director situation, but that arrangement has been
tried elsewhere and is typically not successful in the long term. Karen is
much better than me at the key jobs of a successful Executive Director.
Karen and I agreed she was better for the job than me. We took it to
Conservancy’s Board of Directors, and they moved my leadership role at
Conservancy to be honorary, and we named Karen the sole Executive Director.
Yes, I’m still nebulously a leader in the Free Software community (which I’m
of course glad about). But for Conservancy matters, and specifically donor
relations and major decisions about the organization, Karen is in charge.

Karen is an impressive leader and there is no one else that I’d want to
follow in my software freedom activism work. She’s the best Executive
Director that Conservancy could possibly have — by far. Everyone in
the community who works with us regularly knows this. Yet ever since Karen
was named our Executive Director, she faces everyday sexist behavior,
including people who seek to conscript me into participation in institutional
sexism. As outlined above, I was initially Executive Director of Conservancy,
and I was treated very differently than she is treated in similar situations,
even though the organization has grown significantly under her
leadership. More on that below, but first a few of the other everyday
examples of sexism I’ve witnessed with Karen:

Many times when we’re at conferences together, men who meet us assume
that Karen works for me until we explain our roles. This happens almost
every time both Karen and I are at the same conference, which is at least a
few times each year.

Another time: a journalist wrote an article about some of “Bradley’s
work” at Conservancy. We privately pointed out to the journalist how
strange it was that Karen was not mentioned in the article, and that it made
it sound like I was the only person doing this work at our organization. He
responded that because I was the “primary spokesperson”, it was
natural to credit me and not her. Karen in fact had been more recently giving
multiple keynotes on the topic, and had more speaking engagements than I did
in that year. One of those keynotes was just weeks before the article, and
it had been months since I’d given a talk or made any public statements. The
journalist fortunately did agree it was a mistake, but neverthless couldn’t
rewrite the article.

Another time: we were leaked (reliable) information about a closed-door
meeting where some industry leaders were discussing Conservancy and its
work. The person who leaked us the information told us that multiple
participants kept talking only about me, not Karen’s work. When someone in
the meeting said wait, isn’t Karen Sandler the Executive Director?,
our source (who was giving us a real-time report over IRC) reported that
that the (male) meeting coordinator literally said: Oh sure, Karen
works there, but Bradley is their guiding light
. Karen had been
Executive Director for years at that point.

I consistently say in talks, and in public conversations, that Karen is my
boss. I literally use the word “boss”, so there is no
confusion nor ambiguity. I did it this week at a talk. But instead of
taking that as the fact that it is, many people make comments like well,
Karen’s not really your boss, right; that’s just a thing you say?
. So,
I’m saying unequivocally here (surely not for the last time): I report to
Karen at Conservancy. She is in charge of Conservancy. She has the
authority to fire me. (I hope she won’t, of course :). She takes views and
opinions of our entire staff seriously but she sets the agenda and makes
the decisions about what work we do and how we do it. (It shows how bad
sexism is in our culture that Karen and I often have to explain in
intricate detail what it means for someone to be an Executive Director of
an organization.)

Interestingly but disturbingly, these incidents teach how institutional
sexism operates in practice. Every time I’m approached (which is often)
with some subtle situation where it makes Karen look like she’s not really
in charge, I’m given the opportunity to pump myself up, make myself look
more important, and gain more credibility and power. It is clear to me that
this comes at the expense of subtly denigrating Karen and that the
enticement is part of an institutionally sexist zero-sum game.

These situations are no-win. I know that in the recent situation, the
donation would be assured if I’d just agreed to a call right away without
Karen’s involvement. I didn’t do it, because that approach would make me
inherently complicit in institutional sexism.

These situations are sadly very common, particularly for women who are
banging cracks into the glass ceiling. For my part, I’m glad to help where
I can tell my side the story, because I think it’s essential for men to
assist and corroborate the fight against sexism in our industry without
mansplaining or white-knighting. I hope other men in technology will join
me and refuse to participate and support behavior that seeks to erode
women’s well-earned power in our community. When you are told that a woman
is in charge of a free software project, that a woman is the executive
director of the organization, or that a woman is the chair of the board,
take the fact at face value, treat that person as the one who is in charge
of that endeavor, and don’t (inadvertantly nor explicitly) undermine her
authority.

Supporting Conservancy Makes a Difference

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2017/12/31/donate-conservancy.html

Earlier this year, in
February, I wrote a blog post encouraging people to donate
to where I
work, Software Freedom Conservancy. I’ve not otherwise blogged too much
this year. It’s been a rough year for many reasons, and while I
personally and Conservancy in general have accomplished some very
important work this year, I’m reminded as always that more resources do
make things easier.

I understand the urge, given how bad the larger political crises have
gotten, to want to give to charities other than those related to software
freedom. There are important causes out there that have become more urgent
this year. Here’s three issues which have become shockingly more acute
this year:

  • making sure the USA keeps it commitment
    to immigrants to allow them make a new life here just like my own ancestors
    did,
  • assuring that the great national nature reserves are maintained and
    left pristine for generations to come,
  • assuring that we have zero tolerance abusive behavior —
    particularly by those in power against people who come to them for help and
    job opportunities.

These are just three of the many issues this year that I’ve seen get worse,
not better. I am glad that I know and support people who work on these
issues, and I urge everyone to work on these issues, too.

Nevertheless, as I plan my primary donations this year, I’m again, as I
always do, giving to the FSF and my
own employer, Software
Freedom Conservancy
. The reason is simple: software freedom is still
an essential cause and it is frankly one that most people don’t understand
(yet). I wrote almost
two years ago about the phenomenon I dubbed Kuhn’s
Paradox
. Simply put: it keeps getting more and more difficult
to avoid proprietary software in a normal day’s tasks, even while the
number of lines of code licensed freely gets larger every day.

As long as that paradox remains true, I see software freedom as urgent. I
know that we’re losing ground on so many other causes, too. But those of
you who read my blog are some of the few people in the world that
understand that software freedom is under threat and needs the urgent work
that the very few software-freedom-related organizations,
like the FSF
and Software Freedom
Conservancy
are doing. I hope you’ll donate now to both of them. For
my part, I gave $120 myself to FSF as part of the monthly Associate
Membership program, and in a few minutes, I’m going to give $400 to
Conservancy. I’ll be frank: if you work in technology in an industrialized
country, I’m quite sure you can afford that level of money, and I suspect
those amounts are less than most of you spent on technology equipment
and/or network connectivity charges this year. Make a difference for us
and give to the cause of software freedom at least as much a you’re giving
to large technology companies.

Finally, a good reason to give to smaller charities like FSF and
Conservancy is that your donation makes a bigger difference. I do think
bigger organizations, such as (to pick an example of an organization I used
to give to) my local NPR station does important work. However, I was
listening this week to my local NPR station, and they said their goal
for that day was to raise $50,000. For Conservancy, that’s closer
to a goal we have for entire fundraising season, which for this year was
$75,000. The thing is: NPR is an important part of USA society, but it’s
one that nearly everyone understands. So few people understand the threats
looming from proprietary software, and they may not understand at all until
it’s too late — when all their devices are locked down, DRM is
fully ubiquitous, and no one is allowed to tinker with the software on
their devices and learn the wonderful art of computer programming. We are
at real risk of reaching that distopia before 90% of the world’s
population understands the threat!

Thus, giving to organizations in the area of software freedom is just
going to have a bigger and more immediate impact than more general causes
that more easily connect with people. You’re giving to prevent a future
that not everyone understands yet, and making an impact on our
work to help explain the dangers to the larger population.

Goodbye To Bob Chassell

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2017/07/03/Chassell.html

It’s fortunately more common now in Free Software communities today to
properly value contributions from non-developers. Historically, though,
contributions from developers were often overvalued and contributions from
others grossly undervalued. One person trailblazed as (likely) the
earliest non-developer contributor to software freedom. His name was
Robert J. Chassell — called Bob by his friends and colleagues. Over
the weekend, our community lost Bob after a long battle with a degenerative
illness.

I am one of the few of my generation in the Free Software community who
had the opportunity to know Bob. He was already semi-retired in the late
1990s when I first became involved with Free Software, but he enjoyed
giving talks about Free Software and occasionally worked the FSF booths at
events where I had begun to volunteer in 1997. He was the first person to
offer mentorship to me as I began the long road of becoming a professional
software freedom activist.

I regularly credit Bob as the first Executive Director of the FSF. While
he technically never held that title, he served as Treasurer for many years
and was the de-facto non-technical manager at the FSF for its first decade
of existence. One need only read
the earliest
issues of the GNU’s Bulletin
to see just a sampling of
the plethora of contributions that Bob made to the FSF and Free Software
generally.

Bob’s primary forte was as a writer and he came to Free Software as a
technical writer. Having focused his career on documenting software and how
it worked to help users make the most of it, software freedom — the
right to improve and modify not only the software, but its documentation as
well — was a moral belief that he held strongly. Bob was an early
member of the privileged group that now encompasses most people in
industrialized society: a non-developer who sees the value in computing and
the improvement it can bring to life. However, Bob’s realization that users
like him (and not just developers) faced detrimental impact from proprietary
software remains somewhat rare, even today. Thus, Bob died in a world where
he was still unique among non-developers: fighting for software freedom as an
essential right for all who use computers.

Bob coined a phrase that I still love to this day. He said once that the
job that we must do as activists was “preserve, protect and promote
software freedom”. Only a skilled writer such as he could come up
with such a perfectly concise alliteration that nevertheless rolls off the
tongue without stuttering. Today, I pulled up an email I sent to Bob in
November 2006 to tell him that (when Novell made their bizarre
software-freedom-unfriendly patent deal with Microsoft)
Novell
had coopted his language in their FAQ on the matter
. Bob wrote
back: I am not surprised. You can bet everything [we’ve ever come up
with] will be used against us.
Bob’s decade-old words are prolific
when I look at the cooption we now face daily in Free Software. I acutely
feel the loss of his insight and thoughtfulness.

One of the saddest facts about Bob’s illness is that his voice was quite
literally lost many years before we lost him entirely. His illness made it
nearly impossible for him to speak. In the late 1990s, I had the pleasure
of regularly hearing Bob’s voice, when I accompanied Bob to talks and
speeches at various conferences. That included the wonderful highlight of
his acceptance speech of GNU’s 2001 achievement award from the USENIX
Association. (I lament that no recordings of any of these talks seem to
be available anywhere.) Throughout the early 2000s, I
would speak to Bob on the telephone at least once a month; he would offer
his sage advice and mentorship in those early years of my professional
software freedom career. Losing his voice in our community has been a
slow-moving tragedy as his illness has progressed. This weekend, that
unique voice was lost to us forever.


I found out we lost Bob through the folks at the FSF, and I don’t at this
time have information about his family’s wishes regarding tributes to him.
I’ll update the post when/if I have them.

In the meantime, the best I can suggest is that anyone who would like to
posthumously get to know Bob please read (what I believe was) the favorite
book that he
wrote, An
Introduction to Programming in Emacs Lisp
. Bob was a huge
advocate of non-developers learning “a little bit” of
programming — just enough to make their lives easier when they used
computers. He used GNU Emacs from its earliest versions and I recall he
was absolutely giddy to discover new features, help document them, and
teach them to new users. I hope those of you that both already love and
use Emacs and those who don’t will take a moment to read what Bob had to
teach us about his favorite program.

Why GPL Compliance Education Materials Should Be Free as in Freedom

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2017/04/25/liberate-compliance-tutorials.html

[ This blog was crossposted
on Software Freedom Conservancy’s website
. ]

I am honored to be a co-author and editor-in-chief of the most
comprehensive, detailed, and complete guide on matters related to compliance
of copyleft software licenses such as the GPL.
This book, Copyleft and the GNU
General Public License: A Comprehensive Tutorial and Guide
(which we
often call the Copyleft Guide for short)
is 155 pages filled
with useful material to help everyone understand copyleft licenses for
software, how they work, and how to comply with them properly. It is the
only document to fully incorporate esoteric material such as the FSF’s famous
GPLv3 rationale documents directly alongside practical advice, such as
the pristine example,
which is the only freely published compliance analysis of a real product on
the market. The document explains in great detail how that product
manufacturer made good choices to comply with the GPL. The reader learns by
both real-world example as well as abstract explanation.

However, the most important fact about the Copyleft Guide is not its
useful and engaging content. More importantly, the license of this book
gives freedom to its readers in the same way the license of the copylefted
software does. Specifically, we chose
the Creative
Commons Attribution Share-Alike 4.0 license

(CC BY-SA)
for this work. We believe that not just software, but any generally useful
technical information that teaches people should be freely sharable and
modifiable by the general public.

The reasons these freedoms are necessary seem so obvious that I’m
surprised I need to state them. Companies who want to build internal
training courses on copyleft compliance for their employees need to modify
the materials for that purpose. They then need to be able to freely
distribute them to employees and contractors for maximum effect.
Furthermore, like all documents and software alike, there are always
“bugs”, which (in the case of written prose) usually means
there are sections that are fail to communicate to maximum effect. Those
who find better ways to express the ideas need the ability to propose
patches and write improvements. Perhaps most importantly, everyone who
teaches should avoid
NIH syndrome. Education and
science work best when we borrow and share (with proper license-compliant
attribution, of course!) the best material that others develop, and augment
our works by incorporating them.

These reasons are akin to those that led Richard M. Stallman to write his
seminal
essay, Why
Software Should Be Free
. Indeed, if you reread that essay now
— as I just did — you’ll see that much of damage and many of
the same problems to the advancement of software that RMS documents in that
essay also occur in the world of tutorial documentation about FLOSS
licensing. As too often happens in the Open Source community, though,
folks seek ways to proprietarize, for profit, any copyrighted work that
doesn’t already have a copyleft license attached. In the field of copyleft
compliance education, we see the same behavior: organizations who wish to
control the dialogue and profit from selling compliance education seek to
proprietarize the meta-material of compliance education, rather than
sharing freely like the software itself. This yields an ironic
exploitation, since the copyleft license documented therein exists as a
strategy to assure the freedom to share knowledge. These educators tell
their audiences with a straight face: Sure, the software is
free as in freedom, but if you want to learn how its license
works, you have to license our proprietary materials!
This behavior
uses legal controls to curtail the sharing of knowledge, limits the
advancement and improvement of those tutorials, and emboldens silos of
know-how that only wealthy corporations have the resources to access and
afford. The educational dystopia that these organizations create is
precisely what I sought to prevent by advocating for software freedom for
so long.

While Conservancy’s primary job
provides non-profit infrastructure for Free
Software projects
, we also do a bit
of license compliance work as well.
But we practice what we preach: we release all the educational materials
that we produce as part of
the Copyleft Guide project
under CC BY-SA. Other Open Source organizations are currently hypocrites
on this point; they tout the values of openness and sharing of knowledge
through software, but they take their tutorial materials and lock them up
under proprietary licenses. I hereby publicly call on such organizations
(including but not limited to the Linux Foundation) to license
materials such
as
those under CC BY-SA.

I did not make this public call for liberation of such materials without
first trying friendly diplomacy first. Conservancy has been in talks with
individuals and staff who produce these materials for some time. We urged
them to join the Free Software community and share their materials under
free licenses. We even offered volunteer time to help them improve those
materials if they would simply license them freely. After two years of
that effort, it’s now abundantly clear that public pressure is the only
force that might work0. Ultimately, like all
proprietary businesses, the training divisions of Linux Foundation and
other entities in the compliance industrial complex (such
as Black Duck)
realize they can make much more revenue by making materials proprietary and
choosing legal restrictions that forbid their students from sharing and
improving the materials after they complete the course. While the reality
of this impasse regarding freely licensing these materials is probably an
obvious outcome, multiple sources inside these organizations have also
confirmed for me that liberation of the materials for the good of general
public won’t happen without a major paradigm shift — specifically
because such educational freedom will reduce the revenue stream around
those materials.

Of course, I can attest first-hand that freely liberating tutorial
materials curtails revenue. Karen Sandler and I have regularly taught
courses on copyleft licensing based
on the freely available materials
for a few years — most
recently in
January 2017 at LinuxConf Australia
and at
at
OSCON in a few weeks
. These conferences do kindly cover our travel
expenses to attend and teach the tutorial, but compliance education is not
a revenue stream for Conservancy. While, in an ideal world, we’d get
revenue from education to fund our other important activities, we believe
that there is value in doing this education as currently funded by
our individual Supporters; these education
efforts fit withour charitable mission to promote the public good. We
furthermore don’t believe that locking up the materials and refusing to
share them with others fits a mission of software freedom, so we never
considered such as a viable option. Finally, given the
institutionally-backed
FUD that we’ve
continue to witness, we seek to draw specific attention to the fundamental
difference in approach that Conservancy (as a charity) take toward this
compliance education work. (My
my recent talk on compliance
covered on LWN
includes some points on that matter, if you’d like
further reading).


0One notable exception to
these efforts was the success of my colleague, Karen Sandler (and others)
in convincing the OpenChain
project
to choose CC-0 licensing. However, OpenChain is not officially
part of the LF training curriculum to my knowledge, and if it is, it can of
course be proprietarized therein, since CC-0 is not a copyleft license.

The Dystopia of Minority Report Needs Proprietary Software

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2017/02/13/Turow.html

I encourage all of you to either listen to or read the transcript of Terry
Gross’ Fresh Air interview with Joseph Turow about his discussion
of his book “The Aisles Have Eyes: How Retailers Track Your Shopping,
Strip Your Privacy, And Define Your Power”.

Now, most of you who read my blog know the difference between proprietary
and Free Software, and the difference between a network service and
software that runs on your own device. I want all of you have a good
understanding of that to do a simple thought experiment:

How many of the horrible things that Turow talks about can happen if there
is no proprietary software on your IoT or mobile devices?

AFAICT, other than the facial recognition in the store itself that he
talked about in Russia, everything he talks about would be mitigated or
eliminated completely as a thread if users could modify the software on
their devices.

Yes, universal software freedom will not solve all the worlds’ problems.
But it does solve a lot of them, at least with regard to the bad things the
powerful want to do to us via technology.

(BTW, the blog title is a reference
to Philip
K. Dick’s Minority Report
, which includes a scene about
systems reading people’s eyes to target-market to them. It’s not the main
theme of that particular book, though… Dick was always going off on
tangents in his books.)

Supporting Conservancy Makes a Difference

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2017/02/13/conservancy.html

There are a lot of problems in our society, and particularly in the USA,
right now, and plenty of charities who need our support. The reason I
continue to focus my work on software freedom is simply because there are
so few focused on the moral and ethical issues of computing. Open Source
has reached its pinnacle as an industry fad, and with it, a watered-down
message: “having some of the source code for some of your systems
some of the time is so great, why would you need anything more?”.
Universal software freedom is
however further
from reality
than it was even a few years ago. At least a few of us,
in my view, must focus on that cause.

I did not post many blog posts about this in 2016. There was a reason for
that — more than any other year, work demands at Conservancy have
been constant and unrelenting. I enjoy my work, so I don’t mind, but
blogging becomes low priority when there is a constant backlog of urgent
work to support Conservancy’s mission and our member projects. It’s not
just Conservancy’s mission, of course, it’s my personal one as well.

For our 2016 fundraiser,
I wrote last
year a blog post entitled “Do You Like What I Do For a
Living?”
. Last year, so many of you responded, that it not only
made it possible for me to continue that work for one more year, but we
were able to add our colleague Brett Smith to our staff, which brought
Conservancy to four full-time staff for the first time. We added a few
member projects (and are moving that queue to add more in 2017), and sure
enough — the new work plus the backlog of work waiting for another
staffer filled Brett’s queue just like my, Karen’s and Tony’s was already
filled.

The challenge now is sustaining this staffing level. Many of you came to
our aid last year because we were on the brink of needing to reduce our
efforts (and staffing) at Conservancy. Thanks to your overwhelming
response, we not only endured, but we were able to add one additional
person. As expected, though, needs of our projects increased throughout
the year, and we again — all four of us full-time staff — must
work to our limits to meet the needs of our projects.

Charitable donations are a voluntary activity, and as such they have a
special place in our society and culture. I’ve talked a lot about how
Conservancy’s Supporters give us a mandate to carry out our work. Those of
you that chose to renew your Supporter donations or become new Supporters
enable us to focus our full-time efforts on the work of Conservancy.

On the signup and renewal
page
, you can read about some of our accomplishments in the last year
(including my
recent keynote at FOSDEM
, an excerpt of which is included here). Our
work does not follow fads, and it’s not particularly glamorous, so only
dedicated Supporters like you understand its value. We don’t expect to
get large grants to meet the unique needs of each of our member projects,
and we certainly don’t expect large companies to provide very much
funding unless we cede control of the organization to their requests (as
trade associations do). Even our most popular program, Outreachy, is
attacked by a small group of people who don’t want to see the status quo
of privileged male domination of Open Source and Free Software
disrupted.

Supporter contributions are what make Conservancy possible. A year ago,
you helped us build Conservancy as a donor-funded organization and
stabilize our funding base. I now must ask that you make an annual
commitment to renewal — either
by renewing your contribution
now
or becoming
a monthly supporter
, or, if you’re just learning about my work at
Conservancy from this blog
post, reading up
on us
and becoming a new
Supporter
.

Years ago, when I was still only a part-time volunteer at Conservancy,
someone who disliked our work told me that I had “invented a job of
running Conservancy”. He meant it as an insult, but I take it as a
compliment with pride. In fact, between me and my colleague (and our
Executive Director) Karen Sandler, we’ve “invented” a total of
four full-time jobs and one part-time one to advance software freedom. You
helped us do that with your donations. If you donate again today, your
donation will be matched to make the funds go further.

Many have told me this year that they are driven to give to other
excellent charities that fight racism, work for civil and immigration
rights, and other causes that seem particularly urgent right now. As long
as there is racism, sexism, murder, starvation, and governmental oppression
in the world, I cannot argue that software freedom should be made a
priority above all of those issues. However, even if everyone in our
society focused on a single, solitary cause that we agreed was the top
priority, it’s unlikely we could make quicker progress. Meanwhile, if we
all single-mindedly ignore less urgent issues, they will, in time, become so
urgent they’ll be insurmountable by the time we focus on them.

Industrialized nations have moved almost fully to computer automation for
most every daily task. If you question this fact, try to do your job for a
day without using any software at all, or anyone using software on your
behalf, and you’ll probably find it impossible. Then, try to do your job
using only Free Software for a day, and you’ll find, as I have, that tasks
that should take only a few minutes take hours when you avoid proprietary
software, and some are just impossible. There are very few organizations
that are considering the long-term implications of this slowly growing
problem and making plans to build the foundations of a society that doesn’t
have that problem. Conservancy is one of those few, so I hope you’ll
realize that long-term value of our lifelong work to defend and expand
software freedom and donate.

Conservancy’s First GPL Enforcement Feedback Session

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/10/27/gpl-feedback.html

[ This blog
was crossposted
on Software Freedom Conservancy’s website
. ]

As I mentioned in an earlier blog post, I had the privilege
of attending Embedded Linux Conference Europe (ELC EU) and the OpenWrt Summit
in Berlin, Germany earlier this month. I gave a talk (for which the video is
available below) at the OpenWrt Summit. I also had the opportunity to host
the first of many conference sessions seeking feedback and input from the
Linux developer community about Conservancy’s
GPL Compliance Project for
Linux Developers
.

ELC EU has no “BoF Board” where you can post informal
sessions. So, we scheduled the session by word of mouth over a lunch hour.
We nevertheless got an good turnout (given that our session’s main
competition was eating food 🙂 of about 15 people.

Most notably and excitingly, Harald Welte, well-known Netfilter developer
and leader of gpl-violations.org,
was able to attend. Harald talked about his work with
gpl-violations.org enforcing his own copyrights in Linux, and
explained why this was important work for users of the violating devices.
He also pointed out that some of the companies that were sued during his
most active period of gpl-violations.org are now regular upstream
contributors.

Two people who work in the for-profit license compliance industry attended
as well. Some of the discussion focused on usual debates that charities
involved in compliance commonly have with the for-profit compliance
industry. Specifically, one of them asked how much compliance is
enough, by percentage?
I responded to his question on two axes.
First, I addressed the axis of how many enforcement matters does the GPL
Compliance Program for Linux Developers do, by percentage of products
violating the GPL
? There are, at any given time, hundreds of
documented GPL violating products, and our coalition works on only a tiny
percentage of those per year. It’s a sad fact that only that tiny
percentage of the products that violate Linux are actually pursued to
compliance.

On the other axis, I discussed the percentage on a per-product basis.
From that point of view, the question is really: Is there a ‘close
enough to compliance’ that we can as a community accept and forget
about the remainder?
From my point of view, we frequently compromise
anyway, since the GPL doesn’t require someone to prepare code properly for
upstream contribution. Thus, we all often accept compliance once someone
completes the bare minimum of obligations literally written in the GPL, but
give us a source release that cannot easily be converted to an upstream
contribution. So, from that point of view, we’re often accepting a
less-than-optimal outcome. The GPL by itself does not inspire upstreaming;
the other collaboration techniques that are enabled in our community
because of the GPL work to finish that job, and adherence to
the Principles assures
that process can work. Having many people who work with companies in
different ways assures that as a larger community, we try all the different
strategies to encourage participation, and inspire today’s violators to
become tomorrow upstream contributors — as Harald mention has already
often happened.

That same axis does include on rare but important compliance problem: when
a violator is particularly savvy, and refuses to release very specific
parts of their Linux code
(as VMware did),
even though the license requires it. In those cases, we certainly cannot
and should not accept anything less than required compliance — lest
companies begin holding back all the most interesting parts of the code
that GPL requires them to produce. If that happened, the GPL would cease
to function correctly for Linux.

After that part of the discussion, we turned to considerations of
corporate contributors, and how they responded to enforcement. Wolfram
Sang, one of the developers in Conservancy’s coalition, spoke up on this
point. He expressed that the focus on for-profit company contributions,
and the achievements of those companies, seemed unduly prioritized by some
in the community. As an independent contractor and individual developer,
Wolfram believes that contributions from people like him are essential to a
diverse developer base, that their opinions should be taken into account,
and their achievements respected.

I found Wolfram’s points particularly salient. My view is that Free
Software development, including for Linux, succeeds because both powerful
and wealthy entities and individuals contribute and collaborate
together on equal footing. While companies have typically only enforce the
GPL on their own copyrights for business reasons (e.g., there is at least
one example of a major Linux-contributing company using GPL enforcement
merely as a counter-punch in a patent lawsuit), individual developers who
join Conservancy’s coalition follow community principles and enforce to
defend the rights of their users.

At the end of the session, I asked two developers who hadn’t spoken during
the session, and who aren’t members of Conservancy’s coalition, their
opinion on how enforcement was historically carried out by
gpl-violations.org, and how it is currently carried out by Conservancy’s
GPL Compliance Program for Linux Developers. Both responded with a simple
response (paraphrased): it seems like a good thing to do; keep doing
it!

I finished up the session by inviting everyone to
the join
the principles-discuss
list, where public discussion about GPL
enforcement under the Principles has already begun. I also invited
everyone to attend my talk, that took place an hour later at the OpenWrt
Summit, which was co-located with ELC EU.

In that talk, I spoke about a specific example of community success in GPL
enforcement. As explained on the
OpenWrt history page,
OpenWrt was initially made possible thanks to GPL enforcement done by
BusyBox and Linux contributors in a coalition together. (Those who want to
hear more about the connection between GPL enforcement and OpenWrt can view
my talk.)

Since there weren’t opportunities to promote impromptu sessions on-site,
this event was a low-key (but still quite nice) start to Conservancy’s
planned year-long effort seeking feedback about GPL compliance and
enforcement. Our next
session is
an official BoF session at Linux Plumbers Conference
, scheduled for
next Thursday 3 November at 18:00. It will be led by my colleagues Karen
Sandler and Brett Smith.

Help Send Conservancy to Embedded Linux Conference Europe

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/09/21/lf-elc-eu.html

[ This blog
was crossposted
on Software Freedom Conservancy’s website
. ]

Last month, Conservancy made a public commitment to attend Linux-related
events to get feedback from developers about our work generally, and
Conservancy’s GPL Compliance Program for Linux Developers specifically. As
always, even before that, we were regularly submitting talks to nearly any
event with Linux in its name. As a small charity, we always request travel
funding from the organizers, who are often quite gracious. As I mentioned in
my blog posts about LCA 2016
and GUADEC 2016, the organizers
covered my travel funding there, and recently both Karen and I both received
travel funding to speak at LCA 2017
and DebConf 2016, as well as many
other events this year.

Recently, I submitted talks for the CFPs of Linux
Foundation’s Embedded
Linux Conference Europe (ELC EU)
and the Prpl
Foundation’s OpenWRT Summit. The
latter was accepted, and the folks at the Prpl Foundation graciously
offered to fund my flight costs to speak at the OpenWRT Summit! I’ve
never spoken at an OpenWRT event before and I’m looking forward to the
opportunity getting to know the OpenWRT and LEDE communities better by
speaking at that event, and am excited to discuss Conservancy’s work with
them.

OpenWRT Summit, while co-located, is a wholly separate event from LF’s ELC
EU. Unfortunately, I was not so lucky in my talk submissions there: my
talk proposal has been waitlisted since July. I was hopeful after a talk
cancellation in mid-August. (I know because the speaker who canceled
suggested that I request his slot for my waitlisted talk.)
Unfortunately, the LF staff informed me that they understandably filled
his open slot with a sponsored session that came in.

The good news is that my OpenWRT Summit flight is booked, and my friend
(and Conservancy Board Member Emeritus)
Loïc Dachary
(who lives in Berlin) has agreed to let me crash with
him for that week. So, I’ll be in town for the entirety of ELC EU with
almost no direct travel costs to Conservancy! The bad news is that it
seems my ELC EU talk remains waitlisted. Therefore, I don’t have a
confirmed registration for the rest of ELC EU (beyond OpenWRT Summit).

While it seems like a perfect and cost-effective opportunity to be able to
attend both events, that seems harder than I thought! Once I confirmed my
OpenWRT Summit travel arrangements, I asked for the hobbyist discount to
register for ELC EU, but LF staff informed me yesterday that the hobbyist
(as well as the other discounts) are sold out. The moral of the story is
that logistics are just plain tough and time-consuming when you work for a
charity with an extremely limited travel budget. ☻

Yet, it seems a shame to waste the opportunity of being in town with so
many Linux developers and not being able to see or talk to them, so
Conservancy is asking for some help from you to fund the $680 of my registration
costs for ELC EU. That’s just about
six new Conservancy supporter
signups
, so I hope we can get six new Supporters before Linux
Foundation’s ELC EU conference begins on October 10th. Either way, I look
forward to seeing those developers who attend the co-located OpenWRT
Summit! And, if the logistics work out — perhaps I’ll see you at ELC
EU as well!

Two Blog Posts Disguised as Mailing List Posts

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/09/02/ksummit-discuss.html

There are plenty of mailing list threads to read, and I don’t actually
recommend the one that I’m talking about. I think it went on too long, was
far too “ad hominem” rather than real policy. Somewhere
beneath the surface there was a policy discussion being shouted down; if
you look close, you can find find it underneath.

As he always does, Jon Corbet did an excellent
job finding
the real policy details in the “GPL defence” ksummit-discuss
thread
, and telling us all about it. I am very hard on tech
journalism, but when it comes to reporting on Linux specifically, Jon and
his colleagues at lwn.net have been, for nearly two decades, always been
real, detailed, and balanced (and not in the Fox News way)
tech journalism.

The main reason I made this blog post about it, though, is that I actually
spent as much time on a few of my posts on the list as I would on any blog
post, and I thought readers of my blog might want the content here. So I
link to
two
posts
in the thread that I encourage you to read. I also encourage you to read
these
two
posts
that my boss at my day job, Karen Sandler, made, which I think are very good
as well.

And, to quote the fictional Forrest Gump: That’s all I have to say
about that.

My Keynote at GUADEC 2016

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/08/16/guadec-2016.html

Last Friday, I gave the first keynote at GUADEC 2016. I was delighted for
the invitation from the GNOME Foundation to deliver this talk, which I
entitled Confessions of a command line geek: why I don’t use GNOME
but everyone else should
.

The Chaos Computer Club
assisted the GUADEC organizers in recording the talks
, so you can see
here a great recording of my talk here (and
also, the slides).
Whether the talk itself is great — that’s for you to
watch and judge, of course.

The focus of this talk is why the GNOME desktop is such a central
component for the future of software freedom. Too often, we assume that
the advent of tablets and other mobile computing platforms means the laptop
and desktop will disappear. And, maybe the desktop will disappear, but the
laptop is going nowhere. And we need a good interface that gives software
freedom to the people who use those laptops. GNOME is undoubtedly the best
system we have for that task.

There is competition. The competition is now, undeniably, Apple. Unlike
Microsoft, who hitherto dominated desktops, Apple truly wants to make
beautifully designed, and carefully crafted products that people will not
just live with, but actually love. It’s certainly possible to love
something that harms you, and Apple is so carefully adept creating products
that not only refuse to give you software freedom, but Apple goes a step
further to regularly invent new ways to gain lock-down control and
thwarting modification by their customers.

GUADEC 2016 trip sponsored by the GNOME Foundation!

We have a great challenge before us, and my goal in the keynote was to
express that the GNOME developers are best poised to fight that battle and
that they should continue in earnest in their efforts, and to offer my help
— in whatever way they need it — to make it happen. And, I
offer this help even though I readily admit that I don’t need
GNOME for myself, but we as a community need it to advance
software freedom.

I hope you all enjoy the talk, and also check
out Werner
Koch’s keynote, We want more centralization, do we?
, which
was also about a very important issue. (There was
also an
LWN article about Werner’s keynote if you prefer to read to watching
.)
And, finally, I thank the GNOME Foundation for covering my travel expenses
for this trip.

Software Freedom Doesn’t Kill People, Your Security Through Obscurity Kills People

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/08/13/does-not-kill.html

The time has come that I must speak out against the inappropriate rhetoric
used by those who (ostensibly) advocate for FLOSS usage in automotive applications.

There was a catalyst that convinced me to finally speak up. I heard a
talk today from a company representative of a software supplier for the
automotive industry. He said during his talk: putting GPLv3 software in
cars will kill people
and opening up the source code to cars will
cause more harm than good
. These statements are completely disingenuous.
Most importantly, it ignores the fact that proprietary software in cars is at
least equally, if not more, dangerous. At least one person has already been
killed in a crash
while using
a proprietary software auto-control
system
. Volkswagen decided to
take a different route
; they decided to kill us all slowly (rather than
quickly) by using proprietary software to lie about their emissions and
illegally polluting our air.

Meanwhile, there has been not a single example yet about use of GPLv3
software that has harmed anyone. If you have such an example, email it to
me and I promise to add it right here to this blog post.

So, to the auto industry folks and vendors who market to/for them: until
you can prove that proprietary software assures safety in a way that FLOSS
cannot, I will continue to tell you this: in the long and sad tradition of
the Therac
25
, your proprietary software has killed people, both
quickly and slowly, and your attacks on GPLv3 and software freedom are not
only unwarranted, they are clearly part of a political strategy to divert
attention from your own industry’s bad behavior and graft unfair blame onto
FLOSS.

As a side note, during the talk’s Q&A session, I asked this company’s
representatives how they assure compliance with the GPLv2 —
particularly their compliance with provision of scripts used to control
compilation and installation of the executable
, which are so often
missing for many products, including vehicles. The official answer
was: Oh, I don’t know. Not only does this company publicly claim
security through obscurity is a viable solution, and accuse copyleft advocates
of endangering the public safety, they also seem to have not fully learned
the lessons of making FLOSS license compliance a clear part of their
workflow.

This is, unfortunately, my general impression of the status of the
automotive industry.

Why You Should Speak At & Attend LinuxConf Australia

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/08/04/lca2016.html

[ This blog
was crossposted
on Software Freedom Conservancy’s website
. ]

Monday 1 February 2016 was the longest day of my life, but I don’t mean
that in the canonical, figurative, and usually negative sense of that
phrase. I mean it literally and in a positive way. I woke up that morning
Amsterdam in the Netherlands — having the previous night taken a
evening train from Brussels, Belgium with my friend and colleague Tom
Marble
. Tom and I had just spent the weekend
at FOSDEM 2016, where he and
I co-organize
the Legal
and Policy Issues DevRoom
(with our mutual friends and colleagues,
Richard Fontana and Karen M. Sandler).

Tom and I headed over to AMS airport around 07:00 local time, found some
breakfast and boarded our flights. Tom was homeward bound, but I was about
to do the crazy thing that he’d done in the reverse a few years before: I
was speaking at FOSDEM and LinuxConf Australia, back-to-back. In fact,
because the airline fares were substantially cheaper this way, I didn’t
book a “round the world” flight, but instead two back-to-back
round-trip tickets. I boarded the plane at AMS at 09:30 that morning
(local time), and landed in my (new-ish) hometown of Portland, OR as
afternoon there began. I went home, spent the afternoon with my wife,
sister-in-law, and dogs, washed my laundry, and repacked my bag. My flight
to LAX departed at 19:36 local time, a little after US/Pacific sunset.

I crossed the Pacific ocean, the international dateline, left a day on
deposit to pickup on the way back, after 24 hours of almost literally
chasing the sun, I arrived in Melbourne on the morning of Wednesday 3
February, road a shuttle bus, dumped my bags at my room, and arrived just
in time for
the Wednesday
afternoon tea break at LinuxConf Australia 2016 in Geelong
.

Nearly everyone who heard this story — or saw me while it was
happening — asked me the same question: Why are you doing
this?
. The five to six people packed in with me in my coach section on
the LAX→SYD leg are probably still asking this, because I had an
allergic attack of some sort most of the flight and couldn’t stop coughing,
even with two full bags of Fisherman’s Friends over those 15 hours.

But, nevertheless, I gave a simple answer to everyone who questioned my
crazy BRU→AMS→PDX→LAX→SYD→MEL itinerary: FOSDEM and LinuxConf AU are
two of the most important events on the Free Software annual calendar.
There’s just no question. I’ll write more about FOSDEM sometime soon, but
the rest of this post, I’ll dedicate to LinuxConf Australia (LCA).

One of my biggest regrets in Free Software is that I was once — and
you’ll be surprised by this given my story above — a bit squeamish
about the nearly 15 hour flight to get from the USA to Australia, and
therefore I didn’t attend LCA until 2015. LCA began way back in 1999.
Keep in mind that, other than FOSDEM, no major, community-organized events
have survived from that time. But LCA has the culture and mindset of the
kinds of conferences that our community made in 1999.

LCA is community organized and operated. Groups of volunteers
each year plan the event. In the tradition of science fiction conventions
and other hobbyist activities, groups bid for the conference and offer
their time and effort to make the conference a success. They have an
annual hand-off meeting to be sure the organization lessons are passed from
one committee to the next, and some volunteers even repeat their
involvement year after year. For organizational structure, they rely on a
non-profit organization, Linux
Australia
, to assist with handling the funds and providing
infrastructure (just like Conservancy does for our member projects and
their conferences!)

I believe fully that the success of software freedom and GNU/Linux in
particularly has not primarily been because companies allow developers to
spend some of their time coding on upstream. Sure, many Free Software
projects couldn’t survive without that component, but what really makes
GNU/Linux, or any Free Software project, truly special is that there’s a
community of users and developers who use, improve, and learn about the
software because it excites and interests them. LCA is one of the few
events specifically designed to invite that sort of person to attend, and
it has for almost an entire generation stood in stark contrast the highly
corporate, for-profits events that slowly took over our community in the
years that followed LCA’s founding. (Remember all those years of
LinuxWorld
Expo
? I wasn’t even sad when IDG stopped running it!)

Speaking particularly of earlier this year, LCA 2016 in Geelong, Australia
was a particular profound event for me. LCA is one of the few events that
accepts my rather political talks about what’s happening in Open Source and
Free Software, so I gave a talk
on Friday
5 February 2016
entitled Copyleft For the Next Decade: A
Comprehensive Plan
, which was recorded, so you can watch it. I do
warn everyone that the jokes did not go over well (mine never do), so after I
finished, I was feeling a bit down that I hadn’t made the talk entertaining
enough. But then, something amazing happened: people started walking up to
me and telling me how important my message was. One individual even came up
and told me that he was excited enough that he’d like
to match
any donation that Software Freedom Conservancy received during LCA 2016
.
Since it was the last day of the event, I quickly went to one of the
organizers, Kathy Reid, and asked
if they would announce this match during the closing ceremonies; she agreed.
In a matter of just an hour or two, I’d gone from believing my talk had
fallen flat to realizing that — regardless of whether I’d presented
well — the concepts I discussed had connected with people.

Then, I sat down in the closing session. I started to tear up slightly
when the
organizers announced the donation match
. Within 90 seconds, though,
that turned to full tears of joy when the incoming President of Linux
Australia, Hugh Blemings, came on
stage and
said
:

[I’ll start with] a Software Freedom Conservancy thing, as it turns out.
… I can tell that most of you weren’t at Bradley’s talk earlier on
today, but if there is one talk I’d encourage you to watch on the
playback later it would be that one. There’s a very very important
message in there and something to take away for all of us. On behalf of
the Council I’d like to announce … that we’re actually in the
process of making a significant donation from Linux Australia to Software
Freedom Conservancy as well. I urge all of you to consider contributing
individual as well, and there is much left for us to be done as a
community on that front.

I hope that this post helps organizers of events like LCA fully understand
how much something like this means to us who run a small charities —
and not just with regard to the financial contributions. Knowing that the
organizers of community events feel so strongly positive about our work
really keeps us going. We work hard and spend much time at Conservancy to
serve the Open Source and Free Software community, and knowing the work is
appreciated inspires us to keep working. Furthermore, we know that without
these events, it’s much tougher for us to reach others with our message of
software freedom. So, for us, the feeling is mutual: I’m delighted that
the Linux Australia and LCA folks feel so positively about Conservancy, and
I now look forward to another 15 hour flight for the next LCA.

And, on that note, I chose a strategic time to post this story. On Friday
5 August 2016, the CFP for LCA
2017 closes
. So, now is the time for all of you to submit a talk. If
you regularly speak at Open Source and Free Software events, or have been
considering it, this event really needs to be on your calendar. I look
forward to seeing all of you Hobart this January.

That “My Ears are Burning” Thing Is Definitely Apocryphal

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/05/13/classpath.html

I’ve posted in
the past
about the Oracle vs. Google case. I’m for the moment sticking to my habit
of only commenting when there is a clear court decision. Having been
through litigation as the 30(b)(6) witness for Conservancy, I’m used to
court testimony and why it often doesn’t really matter in the long run. So
much gets said by both parties in a court case that it’s somewhat pointless
to begin analyzing each individual move, unless it’s for entertainment
purposes only. (It’s certainly as entertaining as most TV dramas, really,
but I hope folks who are watching step-by-step admit to themselves that
they’re just engaged in entertainment, not actual work. 🙂

I saw a lot go by today with various people as witnesses in the case.
About the only part that caught my attention was that Classpath was
mentioned over and over again. But that’s not for any real salient reason,
only because I remember so distinctly, sitting in a little restaurant in
New Orleans with RMS and Paul Fisher, talking about how we should name this
yet-to-be-launched GNU project “$CLASSPATH”. My idea was that
was a shell variable that would expand to /usr/lib/java, so,
in my estimation, it was a way to name the project “User Libraries
for Java” without having to say the words. (For those of you that
were still children in the 1990s, trademark aggression by Sun at the time
on the their word mark for “Java” was fierce, it was worse than
the whole problem the Unix trademark, which led in turn to the GNU
name.)

But today, as I saw people all of the Internet quoting judges, lawyers and
witnesses saying the word “Classpath” over and over again, it
felt a bit weird to think that, almost 20 years ago sitting in that
restaurant, I could have said something other than Classpath and the key
word in Court today might well have been whatever I’d said. Court cases
are, as I said, dramatic, and as such, it felt a little like having my own
name mentioned over and over again on the TV news or something. Indeed, I
felt today like I had some really pointless, one-time-use superpower that I
didn’t know I had at the time. I now further have this feeling of:
“darn, if I knew that was the one thing I did that
would catch on this much, I’d have tried to do or say something more
interesting”.

Naming new things, particularly those that have to replace other things
that are non-Free, is really difficult, and, at least speaking for myself,
I definitely can’t tell when I suggest a name whether it is any good or
not. I actually named another project, years later, that could
theoretically get mentioned in this
case, Replicant. At that time, I thought
Replicant was a much more creative name than Classpath. When I named
Classpath, I felt it was somewhat obvious corollary to the “GNU’S Not
Unix” line of thinking. I also recall distinctly that I really
thought the name lost all its cleverness when the $ and the all-caps was
dropped, but RMS and others insisted on that :).

Anyway, my final message today is to the court transcribers. I know from
chatting with the court transcribers during my depositions in Conservancy’s
GPL enforcement cases that technical terminology is really a pain. I hope
that the term I coined that got bandied about so much in today’s testimony
was not annoying to you all. Really, no one thinks about the transcribers
in all this. If we’re going to have lawsuits about this stuff, we should
name stuff with the forethought of making their lives easier when the
litigation begins. 🙂

MythWeb Confusing Error Message

Post Syndicated from Bradley M. Kuhn original http://ebb.org/bkuhn/blog/2016/03/13/mythweb-database.html

I’m finally configuring Kodi properly to watch over-the-air channels using
this this
USB ATSC / DVB-T tuner card from Thinkpenguin
. I hate taking time
away, even on the weekends, from the urgent Conservancy matters but I’ve
been doing by-hand recordings using VLC for my wife when she’s at work,
and I just need to present a good solution to my home to showcase software
freedom here.

So, I installed Debian testing to get a newr Kodi, I did
discover this
bug after it had already been closed
but had to
pull util-linux out of unstable for the moment since it hadn’t
moved to testing.

Kodi works fine after installing it via apt, and since VDR is packaged for
Debian, I tried getting VDR working instead of MythTV at first. I almost
had it working but then I got this error:

VNSI-Error: cxSocket::read: read() error at 0/4

when trying to use kodi-pvr-vdr-vnsi (1.11.15-1) with vdr-plugin-vnsiserver
(1:1.3.1) combined with vdr (2.2.0-5) and kodi (16.0+dfsg1-1). I tried
briefly using the upstream plugins for both VDR and Kodi just to be sure
I’d produce the same error, and got the same so I started by reporting this
on the Kodi
VDR backend forum
. If I don’t get a response there in a few weeks,
I’ll file it as a bug against kodi-pvr-vdr-vnsi instead.

For now, I gave up on VDR (which I rather liked, very old-school
Unix-server module was to build a PVR), and tried MythTV instead since it’s
also GPL’d. Since there weren’t Debian packages,
I followed
this building from source tutorial on MythTV’s website
.

I didn’t think I’d actually
need to
install MythWeb
at first, because I am using Kodi primarily and am only
using MythTV backend to handle the tuner card. It was pretty odd that you
can only configure MythTV via a QT program
called mythtv-setup, but ok, I did that, and it was
relatiavely straight forward. Once I did, playback was working reasonable
using Kodi’s MythTV plugin. (BTW, if you end up doing this, it’s fine to
test Kodi as its own in a window with a desktop environment running, but I
had playback speed issues in that usage, but they went away fully when I
switched to a simple .xinitrc that just
called kodi-standalone.

The only problem left was that I noticed that I was not
getting Event Information Table
(EIT)
data from the card to add to
the Electronic
Program Guide (EPG)
. Then I discovered that
one must
install MythWeb for the EIT data to make it through via the plugin for EPG
in Kodi
. Seems weird to me, but ok, I went to install MythWeb.

Oddly, this is where I had the most trouble, constantly receiving this
error message:

PHP Fatal error: Call to a member function query_col() on null in /path/to/mythweb/modules/backend_log/init.php on line 15

The top net.search hit is likely to
be this bug ticket
which
out points out
that this is a horrible form of an error message to tell you the equivalent
of “something is strange about the database configuration, but I’m
not sure what”
.

Indeed, I tried a litany of items which i found through lots of
net.searching. Unfortunately I got a bit frantic, so I’m not sure which
one solved my problem (I think it was actually quite obviously multiple
ones :). I’m going to list them all here, in one place, so that future
searchers for this problem will find all of them together:

  • Make sure the PHP load_path is coming through properly and
    includes the MythTV backend directory, ala:

    setenv include_path “/path/to/mythtv/share/mythtv/bindings/php/”

  • Make sure the mythtv user has a password set properly and is
    authorized in the database users table to have access from localhost,
    ::1, and 127.*, as it’s sometimes unclear which way Apache might
    connect.
  • In Debian testing, make sure PHP 7 is definitely not in use by MythWeb
    (I am guessing it is incompatible), and make sure the right PHP5 MySql
    modules are installed.
    The MythWeb
    installation instructions do say
    :

    apache2-mpm-prefork php5 php5-mysql libhttp-date-perl

    And at one point, I somehow got php5-mysql installed and
    libapache2-mod-php5 without having php5 installed, which I think may have
    caused a problem.

  • Also, read

    this
    thread from the MythTV mailing list
    as it is the most comprehensive
    in discussing this error.

I did have
to update the
channel lineup
with mythfilldatabase --dd-grab-all