FSFE Newsletter – May 2014
press at fsfeurope.org
press at fsfeurope.org
Mon May 5 16:21:42 CEST 2014
= FSFE Newsletter – May 2014 =
[ Read online: https://fsfe.org/news/nl/nl-201405.en.html ]
== Heartbleed and economic incentives ==
You probably heard about the bug in the Free Software OpenSSL nicknamed
"heartbleed". The FSFE already welcomed the industry initiative to fund
critical Free Software projects, and the topic was discussed in
several blog articles on the planet: Sam Tuke wrote about his
impression, Hugo Roy shared an XKCD comic explaining how heartbleed
works, and Martin Gollowitzer wrote about what the Heartbleed bug
revealed to him about StartSSL certificate authority.
But your editor is convinced that the main problem is not OpenSSL. It is
not Free Software. It is about companies not taking responsibilities and
about missing economic incentives to ensure security. Security expert
Bruce Schneier wrote in 2006:
"We generally think of computer security as a problem of technology,
but often systems fail because of misplaced economic incentives: The
people who could protect a system are not the ones who suffer the
costs of failure."
In a nutshell, if your private data is exposed because your health
insurance, where it is stored, did not take care to secure it, you
suffer to a much higher degree than the health insurance does! You are
in no position to preasure the health insurance to change its level of
security, and they have no economic incentive to do so. In the article
Schneier further explains that the liability for attacks is diffuse and
that "the economic considerations of security are more important than
the technical considerations".
Following the argument, the important question we face is, how can we
give the right economic incentives to ensure that: security relevant
software has the proper funding; third parties are auditing code; more
people are trained in computer security; programmers have time for
maintenance and are not forced to just develop new features; we have a
diversity of software for different special purposes and therefor
prevent software monocultures; companies run secure software instead
of just giving people a good feeling by performing a security theatre or
by delegating responsibility to others (for example the government), so
they can be blamed if there is a problem, and that also the security
interest of private users is fulfilled and not just those of big
In the FSFE we thought about how to give good economic incentives for
Free Software development from the beginning, and now we have to think
more about economic incentives to increase security. It is a difficult
area, so we are looking forward to your comments on this topic and
invite you to discuss it on our public mailing lists.
== Internet Censorship and Open Standards ==
Local elections scheduled across the country for the following day, the
government blocking both YouTube and Twitter, and the usage numbers of
the Free Software anonymity software Tor doubling during the week. Is
there a better time for the FSFE's President to go to this country? At
the annual conference of the Turkish GNU/Linux Users Association in
Istanbul Karsten Gerloff talked about the relationship between
technology and power, and made it to the front page of a national
newspaper by mentioning who sold the software to block the internet.
Karsten wrote a summary of his talk and his journey in his blog.
The talk would not have happened without our Turkish volunteer Nermin
Canik, who encouraged us to attend the conference. Nermin has been
working steadily and reliably as a volunteer for a couple of years now.
Together with other volunteers she organised Document Freedom Day
(DFD) events in Turkey. This year, although as mentioned above it was a
hard time for people in Turkey who care about freedom, they accomplished
7 events in Istanbul, Ankara, Çayırova, Denizli, and Adana.
Have a look at the Document Freedom Day 2014 Report to find out what
happened in Turkey and around the world during that day. The report
includes lots of pictures ranging from children celebrating DFD at
school, the new leaflets, comic, and t-shirts, as well as the very
delicious looking cakes. Thanks to our Turkish translator Tahir Emre
and our leaving intern Matti Lammi the report and the whole DFD website
are also available in Turkish and Finnish.
== Something completely different ==
- The German association Teckids e.V. offers workshops for 10 to 16
year olds to build robots with different sensors (light, sound, or
ultrasonic) and program them to do cool things by using Free Software.
Your editor was delighted to see that in those workshops teenagers
teach other teenagers how to tinker with Free Software. More news
about education are covered by Guido Arnold in the Free Software
- News from the public administration: The government of Galicia
recommends use of Open Document Format and a school in
Villmergen/Switzerland is satisfied with Free Software as they can
now invest more money in education.
- 143 of the politicians newly elected in France's municipal elections
have pledged their support for Free Software. They all signed the Free
Software Pact by the French Free Software organisation April. The
FSFE congratulates them for the good job. Please notice that this
month's "Get Active" item, always at the end of the newsletter, is
also about the Free Software Pact and how you can help us.
- From the planet aggregation:
- Ghostery is an browser extension supposed to help users against
tracking and surveillance on the web. But as Hugo Roy reports,
the problem is that Ghostery is not released as Free Software.
- Guido Günther reports from the 7th Debian groupware meeting at
the Linuxhotel including why the participants, of whom all but one
are FSFE Fellows, took the decision to remove iceowl (calendar) or
what they did with icedove (e-mail).
- Our Fellow Number 1, wrote about KDE e.V., families at Free
Software meetings, especially at the meetings in Randa
Switzerland, and he made some proposals for future KDE
- Karl Beecher explains why Programmers Start Counting at Zero.
- Carsten Agger gave a talk about Open Data and Hacktivism at the
hackerspace in Aarhus. He also participated at the first
International Festival for Technoshamanism. He explains what
Technoshamanism is, what it has to do with Free Software, and
reports from the first day.
"GNU GPL, JS and BS" and he wrote about Innovation policy and
Internet liability in courts–beyond advertising with the
conclusion that "we need to take back control of innovation and
technology policy to foster privacy and freedom; more than ever."
- Konstantinos Boukouvalas wrote about the OSCAL conference in
Albania (3-4 May) which is supported by Albania's Ministry of
Youth and Social Welfare. They keynote there was done by
FSFE's Erik Albers.
- On a technical side: Guido Arnold explains the advantages of using
caff for keysigning, which is part of the keysigning-party
package on Debian based systems.
- Kevin Keijzer's new bedroom is now equipped with a new Free
Software computer and he documented how to install Debian
GNU/Linux on the Acer C720 Chromebook.
- Jens Leuchtenbörger explains how to do Certificate Pinning for
GNU/Linux and Android.
- When Daniel Pocock upgraded an Android device he "found out that
Android betrays the tethering data", after he received a lot
of feedback he wrote a follow-up article because people justified
the way mobile networks try to discriminate against tethering
after his first blog entry. Also read Paul Boddie's comment about
the second article.
- Furthermore Daniel wrote about problems with SMS logins, how
his AirBNB hosts wanted to scan his identity documents and
passports, and the best real-time communication (RTC / VoIP)
softphone on the GNU/Linux desktop.
== Get active: Make the Free Software Pact a success! ==
As we wrote in March, candidates pledging for Free Software is a
good way to take them at their word after an election. In Future we can
contact them whenever there will be EU legislation to be passed that
might endanger the existence or growth of Free Software.
After FSFE's volunteers did a lot of translations for the pact, April
now published all necessary information on the Free Software pact
website so you can get active.
In Italy our new intern Michele Marrali already contacted 51 candidates.
He searched for the candidates, used Erik's template (also available
in German ) to contact them, and afterwards noted on our pad whom he
already contacted. His goal is to contact every Italian candidate
and get them to sign the pact. So how many can you contact?
In case you do not have time to participate in this "hobby lobby
competition", consider to make a donation so we can offer the most
active volunteers some rewards from our shop.
Thanks to all the volunteers, Fellows and corporate donors
who enable our work,
Matthias Kirschner - FSFE
Free Software Foundation Europe <https://fsfe.org>
FSFE News <https://fsfe.org/news/news.en.rss>
Upcoming FSFE Events <https://fsfe.org/events/events.en.rss>
Fellowship Blog Aggregation <https://planet.fsfe.org/en/rss20.xml>
Free Software Discussions <https://fsfe.org/contact/community.en.html>
More information about the Newsletter-en