[personal profile] mjg59
I had dinner with a friend this evening and ended up discussing the FSF's four freedoms. The fundamental premise of the discussion was that the freedoms guaranteed by free software are largely academic unless you fall into one of two categories - someone who is sufficiently skilled in the arts of software development to examine and modify software to meet their own needs, or someone who is sufficiently privileged[1] to be able to encourage developers to modify the software to meet their needs.

The problem is that most people don't fall into either of these categories, and so the benefits of free software are often largely theoretical to them. Concentrating on philosophical freedoms without considering whether these freedoms provide meaningful benefits to most users risks these freedoms being perceived as abstract ideals, divorced from the real world - nice to have, but fundamentally not important. How can we tie these freedoms to issues that affect users on a daily basis?

In the past the answer would probably have been along the lines of "Free software inherently respects users", but reality has pretty clearly disproven that. Unity is free software that is fundamentally designed to tie the user into services that provide financial benefit to Canonical, with user privacy as a secondary concern. Despite Android largely being free software, many users are left with phones that no longer receive security updates[2]. Textsecure is free software but the author requests that builds not be uploaded to third party app stores because there's no meaningful way for users to verify that the code has not been modified - and there's a direct incentive for hostile actors to modify the software in order to circumvent the security of messages sent via it.

We're left in an awkward situation. Free software is fundamental to providing user privacy. The ability for third parties to continue providing security updates is vital for ensuring user safety. But in the real world, we are failing to make this argument - the freedoms we provide are largely theoretical for most users. The nominal security and privacy benefits we provide frequently don't make it to the real world. If users do wish to take advantage of the four freedoms, they frequently do so at a potential cost of security and privacy. Our focus on the four freedoms may be coming at a cost to the pragmatic freedoms that our users desire - the freedom to be free of surveillance (be that government or corporate), the freedom to receive security updates without having to purchase new hardware on a regular basis, the freedom to choose to run free software without having to give up basic safety features.

That's why projects like the GNOME safety and privacy team are so important. This is an example of tying the four freedoms to real-world user benefits, demonstrating that free software can be written and managed in such a way that it actually makes life better for the average user. Designing code so that users are fundamentally in control of any privacy tradeoffs they make is critical to empowering users to make informed decisions. Committing to meaningful audits of all network transmissions to ensure they don't leak personal data is vital in demonstrating that developers fundamentally respect the rights of those users. Working on designing security measures that make it difficult for a user to be tricked into handing over access to private data is going to be a necessary precaution against hostile actors, and getting it wrong is going to ruin lives.

The four freedoms are only meaningful if they result in real-world benefits to the entire population, not a privileged minority. If your approach to releasing free software is merely to ensure that it has an approved license and throw it over the wall, you're doing it wrong. We need to design software from the ground up in such a way that those freedoms provide immediate and real benefits to our users. Anything else is a failure.

(title courtesy of My Feminism will be Intersectional or it will be Bullshit by Flavia Dzodan. While I'm less angry, I'm solidly convinced that free software that does nothing to respect or empower users is an absolute waste of time)

[1] Either in the sense of having enough money that you can simply pay, having enough background in the field that you can file meaningful bug reports or having enough followers on Twitter that simply complaining about something results in people fixing it for you

[2] The free software nature of Android often makes it possible for users to receive security updates from a third party, but this is not always the case. Free software makes this kind of support more likely, but it is in no way guaranteed.

Date: 2014-09-24 08:44 am (UTC)
From: (Anonymous)
Nope. These things matter, even if you just want to hire a contractor to fix a bug in your business application, or your microwave. If all the technology is open and freely licensed, then anyone around the world can do the work for you, at the price point you're willing to pay. However, if the technology is locked down by one company, then you're screwed: either you pay THEM, or one of their APPROVED contractors, who may be more expensive because they pay that company a kind of tax in the form of training and certification, or you live with the problem.

Date: 2014-09-24 08:46 am (UTC)
From: (Anonymous)
One good point you (sort of) make that I agree with is that APIs, data formats, and server-side software ALSO need to be free. Giving you free CLIENT software is not giving you free software, any more than giving you a free Adobe Acrobat READER is giving you Adobe Acrobat.

Date: 2014-09-24 06:05 pm (UTC)
From: (Anonymous)
Bad analogy; you need to pick a different exaple. You don't need Adobe Acrobat to produce PDFs; I can make PDFs all day long with LibreOffice, or just with "print to file" from any application. Free Adobe Reader ("Acrobat" is no longer part of the name, and hasn't been for a very long time) may or may not be useful, as there's plenty of Free PDF viewers out there, but it's not like you still need other Adobe software to use Reader. PDF is an open specification and has been around for decades, so anyone is able to produce PDF readers or writers.

A better example would have been, perhaps, a free (but not open-source) application which works only with a proprietary web service. For instance, Facebook's Android/iOS app; it doesn't cost you anything, but it's only useful if you have a Facebook account, which of course is antithetical to privacy. Or, a Windows application for using Fedex shipping; it might be free of charge, but it's only useful for using Fedex's paid services.

Date: 2014-09-24 07:18 pm (UTC)
From: (Anonymous)

Date: 2014-09-24 07:19 pm (UTC)
From: (Anonymous)
PS: Freedom 0 means you aren't prevented in using the software for a particular purpose, not that it lets you do more things.
(screened comment)

Date: 2014-09-24 09:34 am (UTC)
From: (Anonymous)
One interesting point that comment was making was that free software gives you choices: if you don't like a certain DE, you can choose another one, if a certain base system doesn't have the feature you need, you can choose another one, etc...

But that's completely orthogonal to Free Software. Proprietary Software also gives you choice!

If you don't like the Windows UI, you can choose to use Mac OS X instead. If Yahoo mail doesn't provide SSL encryption in a meaningful way, you can choose to use GMail instead.

The freedom to choose your master is no freedom at all, and that goes both for proprietary and free software.

Kind of true but missing the bigger picture

Date: 2014-09-24 10:52 am (UTC)
From: (Anonymous)
Zygmunt Krynicki from https://launchpad.net/~zkrynicki here.

I agree that the world you want is better than the world we'd have if all software was FOSS, but not going the extra mile you've described. I strongly disagree with your conclusion.

Saying that not doing the absolute perfect thing imaginable is bad or "it is a failure" is disrespectful to all the effort of countless individuals that spent a good chunk of their life trying to get that much for you, me and everyone else.

If you want to see the big picture, why stop at software? Stop doing software! Ensure that all people are fed, live in non-polluted, overcrowded areas. Fight oppression from governments, business. Fight racial and sexual inequality. And save the planet too.

If you have any time left, maybe considering some free software. It's always better than proprietary software. And doing it is not a failure.

Re: Kind of true but missing the bigger picture

Date: 2014-09-24 07:21 pm (UTC)
From: (Anonymous)
In practice, this very rarely happens.

Anyway, it's a bad thing to point people to proprietary software, because it gives the developer even more potential control over its users.

Re: Kind of true but missing the bigger picture

Date: 2014-09-25 07:32 am (UTC)
marahmarie: my initials (MM) (Default)
From: [personal profile] marahmarie
I'm sorry, but how could you (and the average software user, especially, so I actually do not mean "you" as in, "You, mj59") know that proprietary software is "secure"? Is there such a thing as knowing that? Really? Think about Windows updates; constant, annoying, endless. You can get lists that explain what those updates are for. There are ways to see those updates have been added to your programs lists. There are articles that journalists and tech-enthusiast bloggers and MS devs write explaining what the updates do and maybe even some of how they did it. And you are doing exactly what at the end of the day?

Taking Redmond's word for it. For all you know every damn batch of updates is a joint MS/NSA plant designed to spy on you more efficiently than the last batch of updates did. Seriously? "Proprietary" automatically equals unsafe to me regardless of the name across the package, especially if you cannot examine the source code of every last trifling little bit of software that the name on the package puts on your computer either with or without your permission.

'Scuse me while I shake my head at you some.
Edited (typo) Date: 2014-09-25 07:33 am (UTC)

Open source is not a panacea

Date: 2014-09-25 09:54 am (UTC)
From: (Anonymous)
That you can “examine the source code of every last trifling little bit of software” doesn’t matter if, within reasonable time, no-one actually does. The Goto Fail bug was open source, but pervasive for more than a year. Heartbleed for more than two. Even if you see the code, you need to understand it. Even if you understand it, you need to trust the compiler, its operator, and the download site. And even if you trust them, they need to issue security updates promptly.

Proprietary software can do better at the last of those, and it can include security features that open-source software lacks for years. For example, it’s likely that the proportion of PC users with full-disk encryption is much greater on both Windows and OS X than on any Linux-based system — because on Windows and OS X it’s available from the system settings, and you can convert after installation, which you can’t with the Linux equivalent.

Yes, there may be an NSA backdoor in those systems. Intelligence agencies are a security threat — but they are not the only security threat. Software that protects many of its users from most attackers can do more good, overall, than software that protects hardly anyone from everyone.

Re: Open source is not a panacea

Date: 2014-09-25 09:11 pm (UTC)
marahmarie: my initials (MM) (Default)
From: [personal profile] marahmarie
For example, it’s likely that the proportion of PC users with full-disk encryption is much greater on both Windows and OS X than on any Linux-based system — because on Windows and OS X it’s available from the system settings, and you can convert after installation, which you can’t with the Linux equivalent.

I'm not going to get into a protracted argument with you about this because it's ridiculous. Just because encryption is more available to Windows and OSX users does not mean they're more likely to use encryption. I'd argue that Linux users are more likely to go out of their way, if they have to, to perform full-disk encryption simply because they're already more educated than the average OS user about software, hardware and security in general.

That you can “examine the source code of every last trifling little bit of software” doesn’t matter if, within reasonable time, no-one actually does.

I'd rather the source code be open with the ability for us to examine it than for it to be closed with no hope of that whatsoever from the day it's first published on. Apologia such as yours (and even Matthew's, which really surprises me considering the flavor of this blog over the years has been much more FOSS-friendly) in favor of closed-source software? Does not impress me.
Edited (typo) Date: 2014-09-25 09:22 pm (UTC)

Re: Open source is not a panacea

Date: 2014-09-28 06:56 pm (UTC)
From: (Anonymous)
I admire your chutzpah in posting that comment the day after the disclosure of Shellshock. A catastrophic security bug that existed, in massively popular code that was open for anyone to examine, for twenty-two years. It couldn’t have demonstrated my point any better.

I too would prefer that all source code was open for anyone to examine. It is not “apologia … in favor of closed-source software” to point out that being open source is only one factor in whether software protects its users’ security and privacy. And not even a major factor.


Re: Open source is not a panacea

Date: 2014-09-30 02:30 am (UTC)
marahmarie: my initials (MM) (Default)
From: [personal profile] marahmarie
I was not aware of the Shellshock bug when I posted that comment (in fact, I only learned about it a few hours after posting my reply). That bug couldn't illustrate my point any better that at least you can examine the damn code yourself to a) verify the bug exists, b) see that it does what the sec experts say it does on the tin, and c) to crowd-source as many possible answers to it as possible. Seriously? Pushing the merits of our arguments aside for a moment, you're being a bit myopic.

Re: Kind of true but missing the bigger picture

Date: 2014-09-25 07:38 am (UTC)
marahmarie: my initials (MM) (Default)
From: [personal profile] marahmarie
I would also add (and am making a separate comment to do so because this is really a separate thought, not even parenthetical to the one above) that all software is insecure, whether free or proprietary. So you're actually arguing in favor of something that (at least as of this writing and probably for the next 100 years or so) does not and will not exist.

Re: Kind of true but missing the bigger picture

Date: 2014-10-30 08:31 pm (UTC)
reddragdiva: (Default)
From: [personal profile] reddragdiva
In practice, nobody cares about any of the freedoms until the lack of one bites them in the backside.

So the problem is complacency.

Re: Kind of true but missing the bigger picture

Date: 2014-09-28 09:16 pm (UTC)
From: (Anonymous)
I also think this sort of misses the big picture.

What are the benefits we get from creating and using free software after all ?

How much commercial software is largely improved by the simple virtue of that commercial software using a lot of free software components ?

How many developpers have been attracted to contributing to free software, purely because of it's technical merit, encouraging their employers to "give a little back" to the community which provides a home for properly written middleware to evolve ?

The free software movement has given us a structure for individuals and companies from around the world to collaborate and create better software, for many of us, participation in FOSS is all about collaborating and creating something of higher quality as a result.

So yes, I think that we, as proponents of free software, should be pushing our own ideals, such as protecting important human rights like internet anonymity, these are battles that I would definitely like to see free software communities like GNOME participate in more actively.

However, I don't think that that is "the point" for most people involved, so I would also strognly disagree with saying that "Anything else is a failure".

From: (Anonymous)
Software does not have to be “the absolute perfect thing imaginable” to avoid sharing your search data, or to install its own security updates promptly. Many imperfect programs exist that manage both those feats.

“Disrespectful to all the effort of countless individuals” is a noble effort fallacy. History demonstrates that masses of people can put great effort into bad things.

Finally, referring to pollution, crowding, oppression, and inequality in this discussion is a fallacy of worse problems. The existence of those problems does not mean that fallow software freedom is a problem unworthy of improving. And comparative advantage means that software development may, in fact, be the best possible use of Matthew’s time.

—mpt (similarly finding that Dreamwidth doesn’t recognize Launchpad’s OpenID)

Re: Kind of true but missing the bigger picture

Date: 2014-09-24 07:00 pm (UTC)
From: (Anonymous)
"Fight oppression from governments, business."

This is literally what Matthew is advocating here, just the business happens to be Canonical.

If you're defending that - it *is* a failure. It's not just "not doing the absolute perfect thing", you're defending organizations actively making things worse. Stop it.

The broader social context

Date: 2014-09-24 10:53 am (UTC)
From: [personal profile] damonlynch
The issues you raise transcend computers and technology. They are new twists on an old problem faced even by those of us who are privileged enough to live in formal democracies. The reality that we have very limited say over vast domains of social and economic life -- how we collectively decide what is to be produced, how it is produced, and how it is distributed.

Great thinkers have had much to say about aspects of these questions. For instance, Marx identified four core dimensions of alienation as integral to the emergence and practice of capitalism. We still study these in sociology today because the concepts are so important. They affect all of us, regardless of whether we are producing or consuming.

I wish I'd had the chance to learn about some of these ideas earlier in life. My first job upon graduating from University was as a programmer with a large IT transnational corporation. I had to sign a job contract saying that whatever I thought of on the job belong to them -- for instance, I couldn't take an idea I figured out while on the job, and start my own company with it. Considering the principal product of my work was to be my ideas, expressed in the form of applied algorithms, that's a really big deal! For instance, if I were to develop a genuinely novel idea, it was theirs. It was to be appropriated as their property and turned into a commodity, with patent protection if required. From Marx's perspective, that's an example of the computer programmer being alienated from the product of their work.

Re: The broader social context

Date: 2014-09-25 07:48 am (UTC)
marahmarie: my initials (MM) (Default)
From: [personal profile] marahmarie
I had to sign a job contract saying that whatever I thought of on the job belong to them -- for instance, I couldn't take an idea I figured out while on the job, and start my own company with it.

I suppose if you didn't share with them whatever it was you thought of on the job and instead worked on it at home you could start whatever you wanted with the end result of that thought, including your own company (and that no one would be surprised if the end result was AlgorithmX, the algorithm to end all algorithms, since obviously that's what you spent 9/10s of your time thinking about and working on, anyway). I'm not sure what country supports "thoughts on the job are IP and belong to us" as a legally enforceable concept but that sounds pretty unusual and extreme to me.

Re: The broader social context

Date: 2014-09-30 09:33 am (UTC)
From: [personal profile] damonlynch
In practice, yes it would be very hard to enforce. But the point remains: the way capitalism works in it simplest sense is that what the programmer produces -- the transformation of his/her ideas into algorithms -- is the property of the company.

In reality it's always more complicated, e.g. programmers might part own the company, or they're working on free software code where copyright is not controlled by the company, etc.

The famed sociologist Max Weber used the term "ideal type" to refer to the idea that we can usefully talk about complicated stuff by using more simple models. (There is an article on wikipedia for anyone interested).

The job contract I encountered was an example of the ideal of capitalism meeting the messy reality of everyday practice. The company wanted to own what I made, including even ideas that were directly inspired by my work on the job.

Whereas using Marx's language the programmers are alienated from what they produce, Stallman was coming at the same thing from a different angle when he talked about proprietary software destroying his beloved programming community 30 or 40 years ago. That too is a form of alienation.

One day someone will write the definitive book on the relationship between contemporary capitalism and code.


Date: 2014-09-24 01:08 pm (UTC)
From: (Anonymous)
I think it comes down to software written by the author for the author's use versus software written for the use of others. The free software infrastructure leans heavily toward scratch-my-own-itch software, cleaned up for use by others who have a similar itch. This is a great approach that produces superior software, because it is tested by end users in real time, and the 4F make the collaboration among those with similar needs possible.

But we still have trouble taking that next step to producing software for users who aren't us. They don't think like a programmer. They don't even think that much about how the NSA got their contact list, which is also more of a tech culture concern. They accept that they have no control over their computers, so they don't look for infinite configurability, and their primary question about a program is whether it is annoying to use or extremely annoying to use.

We are convinced that the world would be a better place if only end-users cared about the things we care about, which is almost a definition of disrespect.

So I agree with you that respecting users beyond the 4F is a problem, and suspect that the only solution is for us to get away from the keyboard for a while and spend more time listening to a more diverse set of users.

Re: Yes.

Date: 2014-10-02 12:27 pm (UTC)
madgastronomer: (Default)
From: [personal profile] madgastronomer
"But we still have trouble taking that next step to producing software for users who aren't us. They don't think like a programmer."

Yes. Too many programmers have completely forgotten how to think like a user.

I've been a reasonably sophisticated user for a long time. Grew up with computers in the house long before they were common, learned to type in kindergarten in the early 80s. (I lived in a place with a very large science and engineering community, and my father was an astrophysicist.) I'm just now, in my mid-30s, studying Ruby, really just for fun, and because my wife, who thinks writing search engines is fun, has a bunch of books around I can read. I am learning to think like a programmer, a little. I begin to understand why certain choices I have previously find baffling are made. Some of them, in free software and commercial software alike, are made simply out of a lack of understanding of what the average user wants. The idea that there is a "right way" to use software. I've been told by a number of people that I keep too many tabs open in my browser, have too many icons in my OSX dock, or have too many applications running and windows open at once and it's cluttering up my screen. Never mind that this is how I optimize my workflow, in line with my needs and my ADD. No, it must be that I'm doing it wrong because I don't do it their way. (My wife does not do this. She tries to find ways to help me achieve the effects I want, finding me applications that will help organize things or streamline some process.)

Just. Not enough developers, and particularly open source private project developers who are just scratching their own itch, actually sit down with a non-programmer and ask them how they would use it, or if they would even be able to figure it out.

There's just this fundamental divide here, and it's hackers who need to breach it. But first they need to figure out that it's important to do so.

Re: Yes.

Date: 2014-10-03 04:33 am (UTC)
From: (Anonymous)
I know exactly how you feel, I much prefer to drive my car without any windows, I finally found a ( very expensive ) mechanic to remove my windscreen to let me drive exactly how I want. If only we could convince more programmers to write our software like this.

Re: Yes.

Date: 2014-10-03 05:20 am (UTC)
madgastronomer: (Default)
From: [personal profile] madgastronomer
Thank you for that excellent example of the problem we're talking about.

You do not respect users, and actively think that it is bad to do so. You place what you prefer above what the people who are actually going to use it prefer, and decide that their preferences are automatically actively dangerous.

You are, in short, demonstrating a pattern of behavior that is self-centered, pretentious, condescending, pathetic, and actually damaging the production of free software.
Edited Date: 2014-10-03 05:22 am (UTC)

Date: 2014-09-24 02:13 pm (UTC)
From: (Anonymous)
> I'm solidly convinced that free software that does nothing to respect or empower users is an absolute waste of time

Here here! Thank you, I'm glad someone realizes the problem and has the ability to actually do something about it.


Date: 2014-09-24 02:46 pm (UTC)
From: (Anonymous)
Hi! I'm a Tails contributor, and I'm really happy to see our concern for privacy/safety taken upstream, it will make our work easier, since we use GNOME :)

Don't hesitate to write on the tails-dev mailing-list (or even subscribe!), I think some interesting exchanges could happen.

Sandboxing is definitely interesting, as well as meta-data wipe before publishing - do you plan to make the MAT part of GNOME's default desktop? It's also great if you fix gweather, we have a ticket opened since a year about that (https://labs.riseup.net/code/issues/5306).

Thanks for caring about this!
From: (Anonymous)
Free software allows me to examine problems and find the root causes. And the freedom to study the source code does not only help me -- it also helps the many users on AskUbuntu and other support forums. Many times, when I give support, it's easy for me to look up an error message and find out what's going on without asking thousands of questions to the user.

Sure, that's not so simple in many other cases. However, every time I have to deal with non-free and closed-source software, finding solutions is really a pain. And with proprietary software, many, many, many problems arise! Sometimes, I fail at finding a solution.

Meta-system, extrospection

Date: 2014-09-24 05:49 pm (UTC)
From: [identity profile] https://www.google.com/accounts/o8/id?id=AItOawk6MAhldAdpxlIlQVZ68Z7_VpVuzAVCzQ4
The main punchlines of the article:
If your approach to releasing free software is merely to ensure that it has an approved license and throw it over the wall, you're doing it wrong. We need to design software from the ground up in such a way that those freedoms provide immediate and real benefits to our users. Anything else is a failure.

I see Sugar project as indicative of missing elements that keep free software from being able to properly empower. When we write software, it should expose pieces of itself. Part B, we should have systems for watching software run that everyday users can begin to get accustomed to.

I don't disagree with your statements, but I don't think the answer is to march lower and lower, to work purely to target further ends of end user and to help them. I am certain we can find meta-level approaches, find ways to make all software that is run easier to see, to make all software have common, high level touchpoints that users acclimate to and can use as a starting place for understanding. Telling each piece of software that it needs to fulfill these obligations of use for all users is hopeless, it's a waste of time and effort. We need high level systems for giving viewports to see software actually running at a high level.

In this regard, Sugar tried nobly. It used an interesting innovative IPC to orchestrate among the Activities, the runtime snooped on that IPC and could report back to users, giving them a journal of the things they were doing or show them how their system was interacting with itself. This was designed for the most vital audience in the world: preteens. There's no hope if you introduce the technical world latter, except for those who opt in. But if we can build, at a young age, the idea that these things are visible, if softwares have high level crosscutting means of interaction, then any software that we do write can help make us free.

I see this as a systems problem. This post seems to put end-developers, those building things that do stuff, into the crosshairs for not helping end-users. I'd turn that around and say that we just need better platform development efforts such that everyday product of end-developers is generally accessible to the public. We need to hack systems, not the wares on the system.

usability, and OpenITP proposal

Date: 2014-09-24 06:11 pm (UTC)
brainwane: My smiling face, including a small gold bindi (Default)
From: [personal profile] brainwane
Thank you for writing this. In a sort of "yes, and" move that I hope is not too derail-y, I'll add that I have many of the same concerns regarding FLOSS -- centering on usability. If we make software that theoretically gives users more freedom but they can't use it, that's a barrier in itself. (And you know this, of course.)

Textsecure is free software but the author requests that builds not be uploaded to third party app stores because there's no meaningful way for users to verify that the code has not been modified - and there's a direct incentive for hostile actors to modify the software in order to circumvent the security of messages sent via it.

Is Karl Fogel's proposal a step forward in this area?

Date: 2014-09-24 06:54 pm (UTC)
From: (Anonymous)
Why do you calling all those a *free* software? Unity, Android and others are *open source* software.

Date: 2014-09-24 07:23 pm (UTC)
From: (Anonymous)
No, they are free. We could say “libre” too (French and Spanish for “free as in freedom”). The license they are distributed under respects the FSF's four freedoms <http://www.gnu.org/philosophy/free-sw.html>.

Almost all “open source” software is free/libre, almost all free/libre software is “open source”.

Two thoughts

Date: 2014-09-24 07:53 pm (UTC)
From: (Anonymous)
I might donate for the cause of furthering privacy, but certainly not to GNOME. Anyone but GNOME! Unless, of course, the money is steered well clear of anything GNOME touches.

Also, the lack of updates to Android has nothing to do with free software. All it means is that there is no central update mechanism.

"The entire population"?

Date: 2014-09-24 11:16 pm (UTC)
From: (Anonymous)
I think you make an important observation that I agree with: the four freedoms can be worthless because free software can abuse users too! I find your examples convincing.

But I'm not sure that describing the issue in terms of "the entire population" and who is privileged works to capture this idea. The tension is here:
> The four freedoms are only meaningful if they result in real-world benefits to the entire population, not a privileged minority.
> We need to design software from the ground up in such a way that those freedoms provide immediate and real benefits to our users. Anything else is a failure.

Some free software that only serves a privileged minority seems very important to me.

If my users are operators of large networks, my software might be criticizable because it only benefits the small minority that operates such complex networks. On the other hand, many university network engineers have released free software to help one another operate complex networks without inflexible, proprietary tools. (Non-bullshit examples: tools like mrtg/cacti/etc, nfsen/flow-tools/softflowd/etc, zebra/quagga/bird/etc, kerberos/ldap/etc)

If my users are professional mathematicians, my software might be criticizable because it performs a function that most people don't even have the background to understand. On the other hand, it's clearly better for mathematicians to have free alternatives to work on their research. (Non-bullshit examples: octave, R, various logic programming systems, etc)

Other examples might include software tools useful in medicine, industrial design, or science. If software helps these users, it seems like non-bullshit to me even if it doesn't provide benefits for everyone.

Maybe one could say that helping these privileged folks with specialized real-world problems indirectly helps everyone, but I'm sceptical of that claim. It seems better to focus in on the relevant class of users and ask two questions:
1) Is the software free?
2) Does the software respect the user?

Re: "The entire population"?

Date: 2014-09-27 01:18 am (UTC)
From: (Anonymous)
One point too about "entire population" is that not everybody has access to electricity and computer. So while the point is fully valid and I think most people who will read it will get it, and I realize that I am nitpicking, I still think a better way to express should be found, since saying "free software should not benefit only to a minority" when software alone do benefit to a minority is a bit ironic. ( and I think that's in fact one of the point that started the 3rd wave feminism and the whole idea of intersectionality, the fact that feminist was at some moment mostly centered of the problem of white women ).

Again, the whole article is valid, but I think the minority part could surely be expressed in a better way ( I think speaking of technical elite would be less susceptible to irony, but maybe I cannot find if that's wrong because I proposed it )

Re: "The entire population"?

Date: 2014-10-03 05:30 am (UTC)
madgastronomer: (Default)
From: [personal profile] madgastronomer
There is a difference in software being of use to a small number of people because only a small number of people want something that does what the software does, and software that is only of use to a small number of people because only those people have the privilege (skill, ability, time, resources, etc) to make it work for them. I believe the latter is what MJG is talking about here.

I am currently writing a script that will do something only a handful of people have any use for a script to do: creating a geomantic chart. Not many people use geomancy, even fewer would ever want to use a computer to generate a chart. However, the audience for this particular thing I'm working on is further limited by the fact that very few people who would want to use a computer to generate a geomantic chart actually have any idea of how to run a Ruby script. If they ever saw it, they'd go "Hey, cool! I could use something like that! Oh, wait, I have no idea how to run that. It's useless to me." And there's the difference, in a nutshell, if I have understood the post properly.

Someone gets it

Date: 2014-09-25 04:29 pm (UTC)
From: (Anonymous)
Posted on foundation list during the last election something along the lines of what you are saying now. At the end of the day users do care about privacy and security but they aren't likely to compromise usability or functionality to achieve it nor should they have to.

When you look at the story with gnome right now and even other platforms(gnome is not the exception here) there tends to be a trend towards integrating online services.

This requires the user to sign up to a third party service in order to unlock the full potential(functionality) of open source applications. This also requires the user to sign up to third party privacy policies which are in no way in the spirit of the free software movement to enable them to collaborate and communicate with other users.

The solutions to this problem from the fsf side of things have been inadequate, abisource, sparkleshare, etc tackle the problem from an isolated perspective instead of trying to tackle it on the platform level.

The only real project I found which understood this was EtoileOS, coreobject is exactly the type of framework gnome needs, unfortunately I don't think it will ever get it.

The attitude I have encountered has been dismissive and condescending, along the lines of who are you to say that things are inadequate when you are using google services.

This was happening behind my back but you can find it posted online by core members of the gnome development community.

It's one of the things that turned me away from this community, what turned me from being a polite gnome supporter to saying f it, the projects as good as dead.

I use google services because things are inadequate, there is no technical reason why they need to be that way. Coreobject can work over xmpp but it can also work over telehash.
Open source applications can feel just as integrated and comprehensive when compared to web based client/server alternatives, they don't need to involve a steep learning curve.
People can have it all but they aren't likely to, not with how things are viewed today.

Communication and collaboration is something that should be built in to applications, it shouldn't be something you achieve by integrating third party services.

From a users perspective there really isn't any point from a privacy or security perspective to using gnome over something like chromeos, at least with chromeos they have the collaboration and communication built in and not tacked on.

At the end of the day as much as native developers like to laugh at web developers, they are increasingly just developing platform constrained frontends to closed web services.

There needs to be a little less laughing and a little more innovating. The work done on design was really important but it doesn't go far enough.

Effectively free software

Date: 2014-09-27 03:16 am (UTC)
From: (Anonymous)
This is a topic that has been troubling me as well. Especially how the current ways we develop and deliver free software make it incredibly hard for users to excersise their (near hypothetical) freedom. If the software is to be effectively free, we as developers need to drastically improve how accessible the 4 freedoms are. It is a the core feature of free software after all...
Braindump: https://github.com/jonnor/random/blob/master/random.md#effectively-free-software

But that's wrong.

Date: 2014-09-27 12:57 pm (UTC)
From: (Anonymous)
These are not faults of Free Software, but of its distribution. For example Debian GNU/Linux provides timely security updates for all CVEs for which there exists a patch, and often comes up with patches that aren't given out by upstream.

To contrast with proprietary software, for which there's either an upstream patch or everyone-- plebs and the capable alike-- is boned.

Furthermore, (say) an auto-update feature which fundamentally speaking downloads code from the Internet and executes it is far more disrespectful for the user's right to the integrity of his/her workstation. Since the alternatives, the practical mechanisms thereof, and their concrete upshots have gone entirely unexplored in mjg's blog post, I'm arguing that this has nothing to do with respect for the user-- for whom mjg is grandstanding-- and all to do with advocating the creation of new avenues of betrayal.

Date: 2014-09-28 04:06 am (UTC)
From: (Anonymous)
What is your plan to get Gnome up and running on common tablets and cell phones-- the devices which, as you say, are used by the entire population and not just a privileged minority? (The same devices which-- outside of maybe 3 obscure exceptions which the normal person would never use-- cannot even run exclusively on free software?)

I'll happily take advantage of privacy enhancements to Gnome which trickle into Debian, and I'm glad to read about this initiative. But I'm afraid you haven't quite escaped the whirlpool of free software insular thinking you criticize here. The average person is in desperate need of some semblance of privacy and security on their not-private and insecure devices-- if your work is tied to an environment that won't run there then you are guaranteeing it won't result in "real-world" benefits as you define them.

To avoid being a 100% crank in my reply, I'll end by saying I love the Tor Browser Bundle. I've installed it for friends on free and non-free OSes, I've explained how to use it to read web pages in private, and I've watched people come up with use cases for it which I wouldn't have thought of myself. Unfortunately, it lacks sufficient funding. So does the entire 4-freedom dev environment, and so will your Gnome privacy team. I don't have a solution to that. Neither does anyone else apparently, but that's where our collective frustration and reflection should be focused.

Date: 2014-09-30 06:34 pm (UTC)
From: [identity profile] franceshocutt.com
Also relevant: http://swiftonsecurity.tumblr.com/post/98675308034/a-story-about-jessica

Maybe computer security for the average person isn’t a series of easy steps and absolutes they discard from our golden mouths of wise truths to spite the nerd underclass.

Date: 2014-10-02 11:52 am (UTC)
madgastronomer: (Default)
From: [personal profile] madgastronomer
Here is what I understand this post to say:

Not everyone can access the things that make free software really awesome (due to time, resources, knowledge, whatever), and the fact that they can't access those things can actually make free software a liability for them. Those of us who value free software should, therefor, work to make the benefits of free software more widely available, and until they are, people should make the software choices that are best for them.

Here is what I understand a number of the commenters here to be saying:

How dare you criticize free software! My ethics say that free software is always a good thing, so it can't ever be a bad thing, and that software that isn't free is always a bad thing. It's axiomatic, and you can't challenge that.

How close am I?
Edited Date: 2014-10-02 12:47 pm (UTC)

Not very

Date: 2014-10-05 08:11 pm (UTC)
From: (Anonymous)
How close am I?

You're a stone's throw from a straw-man, matey mate.

Re: Not very

Date: 2014-10-05 11:54 pm (UTC)
madgastronomer: (Default)
From: [personal profile] madgastronomer
OK, then, YOU explain to me what's actually being said. Because I didn't see anything that was objecting to the post that actually addressed its points (admittedly, I haven't been back to read new comments), just things that said that The Principles of the Free Market, oh, sorry, The Principles of Free Software would fix it, or that users were wrong to want what they wanted.


Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Expand Cut Tags

No cut tags