COVID19-Tracing/-Tracking App in Singapore under GPL-3.0
sebastian at fuentelibre.org
Sat Apr 11 03:09:06 UTC 2020
Thanks for sharing!
I just passed it on to a government mailing list in my country (Peru).
I did a quick search and found an article by the Singaporean government
explaining their logic, which I shared also.
Hope it helps!
El vie, 10 de abr de 2020 a las 15:52, Paul Boddie <paul at boddie.org.uk>
> On Friday 10. April 2020 12.00.34 Jan Wey. wrote:
>> I was made aware of this just 5 minutes ago. Sorry, if this was
>> mentioned on this ML in the past few days.
>> Singapore decided to release their Tracing-App under GPL-3.0 ,
>> obviously would establish better trust and would benefit other
>> and regions as well, as the software (or parts of it) could be
>> being in line with PMPC as well as the FSFE's call to release any
>> COVID19 Tracking App under a Free Software License.
>>  <https://github.com/opentrace-community>
>>  <https://publiccode.eu/>
>>  <https://fsfe.org/news/2020/news-20200402-02.html>
> This is interesting to hear about! Reading the Norwegian news
> recently, it
> would appear that the "app" being developed for this country's public
> agency will not be Free Software. Here's a reasonable Norwegian
> language entry
> point to the news coverage:
> The justification for this is fairly weak:
> One reason given is that making the source code available helps
> people with
> "hostile intent" to do bad things. Obviously, one can also argue that
> the code available allows people with helpful intent to remedy the
> bad things
> that may be in the software, these being there through accident,
> judgement or even malicious intent.
> To justify their position, the case of the Heartbleed vulnerability is
> mentioned, with it being stated that the bug that caused it lingered
> for two
> years in Free Software without the anticipated scrutiny being brought
> to bear.
> Certainly, those who pitch "open source" largely as an efficiency or
> tool (the ones who talk about bugs and eyeballs) don't do the Free
> movement many favours by reducing the spectrum of benefits down to a
> easy-to-sell metric of success.
> But as we know, the real reason for things like Heartbleed occurring
> is the
> chronic underinvestment in Free Software by companies making colossal
> of money using Free Software. These companies are happy to see "open
> in broad use, but they are not prepared to adequately invest in the
> maintenance and further development of the software. When the auditing
> audience is burned-out volunteers and bad guys, the situation is
> obviously not
> favourable to those wanting to see high reliability and security
> into the code.
> The fact is, however, that Free Software characteristics are largely
> orthogonal to how good any software might be. There is nothing to
> stop the
> best quality software being Free Software, and there is nothing to
> commercially "valuable" proprietary software being complete garbage.
> academic and research institutions are often bamboozled by predatory
> "innovation" advocacy that equates value with scarcity and secrecy,
> leading to
> the hoarding of research benefits for application within privileged
> instead of helping to strengthen society at large.
> With regard to the news article on the topic, there are various
> attempts at
> reassurance about how serious the developers are taking the work. For
> "Måten vi jobber på er nok veldig likt hvordan åpen
> kildekode-miljøet ville
> jobbet. Det er også den typen folk som sitter i gruppen, sier
> lederen av
> ("The way we work is probably rather like how the open source
> community would
> have worked. It is also this kind of people working in our group,
> says the
> leader of the expert group.")
> In other words, a form of imitation of how Free Software developers
> might work
> is occurring based on a perception of a particular "kind of person".
> how well the industry tends to imitate various recommended practices
> generally, typically failing in a burdensome way, I'm not sure how
> confidence I would have from such reassurances.
> Reassurances from the government also seem to be readily forthcoming:
> "Vi vil selvfølgelig ikke lansere en løsning hvis det skulle vise
> seg at den
> ikke er sikker. Ekspertgruppens uavhengige vurdering vil selvsagt
> være viktig
> for oss i den sammenhengen, sier helseminister Bent Høie til NRK."
> ("We would obviously not release a solution if there were indications
> that it
> wasn't secure. The expert group's independent assessment will, of
> course, be
> important for us in that regard, says health minister Bent Høie til
> I would take government reassurances more seriously if we hadn't
> heard lazy brushing aside of concerns about attacks on electoral
> processes and
> infrastructure by the prime minister. A while ago there were reports
> intrusions and data breaches at one of the regional health providers,
> but all
> that seemed to emerge from that episode were vague "nothing to see
> claims from these ministers.
> For more criticism, a Norwegian language article (and its comments)
> linked to
> from the above news article is somewhat worth reading:
> Here, the Singapore application is mentioned along with indications
> Germany may also take it into use. There also appear to be
> differences between the way these applications work: centralised
> decentralised communication, for instance.
> Fundamentally, Free Software means having control over the software
> we choose
> (or are asked to choose) to run on our devices. Denying us the
> ability to know
> what that software does is simply exploitative. It is rather telling
> Simula - the developers of the Norwegian application - don't even
> dignify this
> fundamental aspect of Free Software in their response to criticism.
> And it is
> interesting that a country renowed for its surveillance and social
> control is
> more open about the technology it uses than a country that actively
> an entirely different image of itself to the rest of the world.
> P.S. I find it also laughable that the following statement is paraded
> early on
> in the Simula article:
> "Åpenhet og kunnskapsdeling er en del av ryggmargen vår."
> ("Openness and knowledge sharing is an essential part of who we are.")
> As far as I know Simula is part of the software patenting
> "innovation" circus
> in this country, which is fundamentally incompatible with true
> openness and
> Discussion mailing list
> Discussion at lists.fsfe.org <mailto:Discussion at lists.fsfe.org>
> This mailing list is covered by the FSFE's Code of Conduct. All
> participants are kindly asked to be excellent to each other:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Discussion