[personal profile] mjg59
The Software Freedom Conservancy is currently running a fundraising program in an attempt to raise enough money to continue funding GPL compliance work. If they don't gain enough supporters, the majority of their compliance work will cease. And, since SFC are one of the only groups currently actively involved in performing GPL compliance work, that basically means that there will be nobody working to ensure that users have the rights that copyright holders chose to give them.

Why does this matter? More people are using GPLed software than at any point in history. Hundreds of millions of Android devices were sold this year, all including GPLed code. An unknowably vast number of IoT devices run Linux. Cameras, Blu Ray players, TVs, light switches, coffee machines. Software running in places that we would never have previously imagined. And much of it abandoned immediately after shipping, gently rotting, exposing an increasingly large number of widely known security vulnerabilities to an increasingly hostile internet. Devices that become useless because of protocol updates. Toys that have a "Guaranteed to work until" date, and then suddenly Barbie goes dead and you're forced to have an unexpected conversation about API mortality with your 5-year old child.

We can't fix all of these things. Many of these devices have important functionality locked inside proprietary components, released under licenses that grant no permission for people to examine or improve them. But there are many that we can. Millions of devices are running modern and secure versions of Android despite being abandoned by their manufacturers, purely because the vendor released appropriate source code and a community grew up to maintain it. But this can only happen when the vendor plays by the rules.

Vendors who don't release their code remove that freedom from their users, and the weapons users have to fight against that are limited. Most users hold no copyright over the software in the device and are unable to take direct action themselves. A vendor's failure to comply dooms them to having to choose between buying a new device in 12 months or no longer receiving security updates. When yet more examples of vendor-supplied malware are discovered, it's more difficult to produce new builds without them. The utility of the devices that the user purchased is curtailed significantly.

The Software Freedom Conservancy is one of the only organisations actively fighting against this, and if they're forced to give up their enforcement work the pressure on vendors to comply with the GPL will be reduced even further. If we want users to control their devices, to be able to obtain security updates even after the vendor has given up, we need to keep that pressure up. Supporting the SFC's work has a real impact on the security of the internet and people's lives. Please consider giving them money.

hi there. please support new memes

Date: 2015-12-22 06:35 am (UTC)
From: (Anonymous)
why do you have a pink flair next to your name that says SJW

Re: hi there. please support new memes

Date: 2015-12-30 11:15 pm (UTC)
reddragdiva: (party)
From: [personal profile] reddragdiva
To be fair, who doesn't like pink?

Date: 2015-12-22 07:59 am (UTC)
foxfirefey: A guy looking ridiculous by doing a fashionable posing with a mouse, slinging the cord over his shoulders. (geek)
From: [personal profile] foxfirefey
Thanks for posting about this, I didn't know and this is a good way to pay back some of what open source has given to me.

OK, you win.

Date: 2015-12-22 08:08 am (UTC)
From: (Anonymous)
I've been mulling about donating to Conservancy for long enough.

Finally, you pushed me over the edge. Thanks for that :-)

Date: 2015-12-22 10:05 am (UTC)
emperor: (Default)
From: [personal profile] emperor
I have now found the necessary tuit.

Date: 2015-12-22 04:48 pm (UTC)
From: [identity profile] trs80.ucc.asn.au

Slightly off-topic

Date: 2015-12-29 06:13 pm (UTC)
From: (Anonymous)
I'm welcoming the IoT with open arms, in the hope that consumer protection laws will actually force software vendors into "doing the right thing", especially when Internet connected Barbieā„¢ and self-driving vehicles are spying on children and killing people, respectively (although I could imagine, either of, doing both ... we can only hope (not, maybe))



Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Expand Cut Tags

No cut tags