Freedom in computing - is (A)GPL enough?

Mon Jan 6 08:19:28 UTC 2014

I understand your concerns with your privacy. I too have definitelly 
moved away from proprietary software because of this.

It is indeed difficult to be sure that you're running only free 
software, but there are some people dedicated to assure that the free 
software packages are in fact free. In GNU's website [1] you can find a 
list of distributions composed solely of free software.

However, in my own journey I found out that in order to protect your 
privacy you need to go beyond the use of free software.
  - Assess if you can trust the binaries you're downloading, even if 
they are free software. The source code may be available, but was it 
changed before the binary was compiled? I myself have been compiling 
myself the software I use. Although I still don't have much experience 
with it, there is a distribution which is based on you compiling the 
packages, Gentoo [2].
  - Be carefull with cloud services, for obvious reasons. (I don't use 
them.)
  - It is known that the NSA monitors and stores all communication 
between servers located in the USA and the rest of the world. The web 
address you mention below points to a server located in New Jersey, 
therefore do not expect privacy in your communications with it.
  - Not only servers located in the USA, but also any american company 
and any foreign company doing business in the USA is subject to provide 
information on their users, without their authorisation or even 
knowledge, to american authorities. This can happen on request, but in 
some cases it is known that they have automatic access to those 
companies data.

It's a scary world the one we're moving to. That's why it is so 
important to support the Free Software Foundation and in particular for 
us Europeans the FSFEurope.

Fernando

[1] https://www.gnu.org/distros/free-distros.html
[2] https://www.gentoo.org/

Em 05/01/14, 04:24, ilias.k.cs at freemail.gr escreveu:
> Hello and thank you for your efforts,
>
> I'm a software developer from Greece. With the Snowden leaks, my worst suspicions seem to be true.Ever since then, I've been trying to replace all of "my" proprietary software with free software (and all of the services and formats I've been using with free equivalents).
>
> It was very easy to commit to this decision as I know that with free software I can do everything I did before and in many cases better.
> However, its realization can be a little tricky sometimes, as for every software package (and format or service) I'm interested in, I've got to make certain that it is actually free.
>
> Being open-sourced or licensed under a permissive license, even under GPL, is ofcourse a good pointer but does not seem enough, as for example Linux itself contains blobs.
> Checking at the fsf directory for the package is something I always do, but if is not there, this doesn't mean it's not free.
> And for formats, I mostly check FSF and Wikipedia.
> As you know, services make the situation much more complex. For example, I'm interested in distance learning and MOOC services like http://www.complexityexplorer.org/ are a gigantic temptation for me. But I want to know what systems are being communicated when I make a request to such a service.
> EdX is open sourced under AGPL, but is this enough for me to know?
>
> In short, how can I know what a system I am using actually does, in a legal way, besides sticking to the systems I know for certain that are free? How do we deal with uncertainty?
>
> Many thanks and sorry for the long post.
>
> Ilias K.
>
> _______________________________________________
> Discussion mailing list
> Discussion at fsfeurope.org
> https://mail.fsfeurope.org/mailman/listinfo/discussion