A fight against evil or a fight for attention?
Two hot issues are making the rounds. First, Debian and Firefox are having a spat, and the end result may be that Debian will distribute Firefox under a different name. Second, the war betwen Linus Torvalds and other Kernel developers and the Free Software Foundation over GPLv3 is continuing, with Torvalds saying he's fed up with the FSF. Here is my take on both, and related issues.
Defining our terms
First, let me tell you a little about evil. Lies are evil. Greed is evil. When the attempt to satisfy one's own desire for power and/or wealth prohibits others from engaging in perfectly ethical practices, that is evil.
Based on these descriptions of some evils, commercial software is not evil. Proprietary software is not evil. Open source is not evil. Not even DRM is evil. Evil people use some of these things for evil purposes.
Proprietary software, itself, isn't evil. We're used to thinking of proprietary software as evil because of the way it has been abused, mostly by companies like Microsoft, though Microsoft is certainly not the only offender. Granted, it is also a bad thing if you buy proprietary software and it is discontinued. This may leave you in a position where you have no way to support it. But this latter problem doesn't stem from evil intent. It's just a circumstantial inconvience that you could have avoided if you chose an open source product instead.
I hate DRM with a passion, but not even DRM is evil. What if you could take a DRM-protected song and do anything you want with it except sell copies of it or make it publicly available? You could make as many copies as you want, and store these copies on virtually any device or media. You could transcode it into any format you want. In other words, the DRM would not restrict your fair use in any way. It would only prevent you from doing something illegal or unethical.
I don't see how it would be possible to implement this kind of DRM from a technical perspective. My point is simply that the supposed intent of DRM, which is to prevent illegal or unethical use of copyrighted material, is not evil. At best, DRM is an inconvenience. At worst, the motives of those who are promoting DRM are evil. There are implementations of DRM I would consider evil because they are attempts to satisfy someone's desire for power and wealth while prohibiting users from engaging in perfectly ethical practices like fair use. But DRM itself is not evil.
Proprietary software, DRM, and other things I listed above are more or less easy to exploit for evil behavior. Don't think for a moment that open source is immune. The LGPL invites evil behavior. I can sell a proprietary application that links LGPL libraries. According to the LGPL, I can profit from the work of those who created and maintain the LGPL libraries I used, but I do not have to share my source code or my profits with them. In fact, I can choose not to compensate the community in any way. That's greed, and it's evil. But it is the greed and the abuse of the LGPL that is evil, not the LGPL itself.
In fact, the only thing that comes close to being immune to evil exploitation is software licensed under the GPL. It isn't totally immune, but it is better than anything else in my list. That doesn't make everything else evil, however. It just makes everything else easier to abuse by evil people.
Linux, Linus, and GPLv3
There are a number of reasons why Linus Torvalds and others do not like the GPLv3 drafts. Let's take the example of its attempt to prevent Tivoization. TiVo uses Linux for its digital video recorder products. TiVo makes its modifications to the source code publicly available, as required by GPLv2. The term "Tivoization" describes the fact that you can't further modify the TiVo source code and make it run on TiVo hardware. TiVo uses a digital signature to prevent you from doing so. The Free Software Foundation objects to this. Linus Torvalds does not.
I side with Torvalds. The question is, should the GPL be modified in such a way that it prevents people from doing this in the future? Should the new GPLv3 prohibit anyone from modifying GPLv3 software such that you cannot further modify the software and then run it with your modifications on their hardware? [edit: "their" as in "the hardware they designed", not as in ownership after you buy it]
I hope that question sounds as silly to you as it does to me. What does the GPL have to do with hardware? Hopefully, nothing.
In fact, I am suspicious of the motives of anyone who wants to modify the GPL such that it forces vendors to redesign their appliances to conform to the Free Software Foundation's ideas of how such appliances should work. That sounds an awful lot like "when the attempt to satisfy one's own desire for power prohibits others from engaging in perfectly ethical practices". The only way to exonerate the FSF from such a charge would be to demonstrate that TiVo did something illegal or unethical by preventing people from running a modified copy of Linux on their boxes. I think that would be quite a challenge.
I don't know what motivated the folks at TiVo to implement this limitation, so I can't say with confidence that what they did is evil or benign. However, I believe TiVo complied with the GPLv2 by releasing its modifications to the source code for the benefit of anyone who wants to study them or use them. Some argue that the digital signature should be considered part of the modifications that TiVo must release. If so, TiVo is guilty as charged. But I don't see how a digital signature qualifies as source code, so that's a techniality that I'd rather let lawyers decide, if it should come to that.
Debian and Firefox
Mozilla wants to protect its trademark, which reflects its reputation. It is trying to do so by prohibiting anyone from distributing its browser under the name Firefox with the Firefox logo if they apply patches to the software that haven't been approved by the Mozilla team. Debian believes this goes against the spirit of free software. So Debian may distribute Firefox under a different name, along with a different logo and icon.
I'm not going to take sides on this one. I can sympathize with both Mozilla and Debian. If a distribution includes a patched version of Firefox that doesn't work very well, I can see how that may reflect unfairly on Firefox. On the other hand, distributions employ versions of the Linux kernel with custom patches all the time, and they still get to call it Linux and use the Tux logo. On the third hand, there's no way to get those patches into the standard Linux kernel unless the appropriate Linux developer signs off on the patches.
I think both sides are overreacting. Some distributions won't install on my workstation because of the way the kernel is configured or patched. That doesn't reflect badly on Linux. It reflects badly on the distribution. So Mozilla is probably being overly cautious. On the other hand, I don't see why Debian maintainers can't try to get their patches approved by the Mozilla team before they deploy them.
Regardless, if Debian renames Firefox, I suggest they name it Hotbeaver. No, it is not my intent to proliferate a sexual innuendo. I just happen to like beavers (thanks to my favorite cartoon, Angry Beavers), and "hot" is a substitute for fire. But if Hotbeaver offends anyone, then perhaps BlazingAardvark would be a good alternative. Someone on VarLinux.org suggested Hotdog. That would be good, too.
The moral of the story
Forget TiVo for a moment and take DRM. As you can see from my example above, I don't think it's possible to create a DRM scheme that would both protect copyrights and support fair use properly. So, at best, DRM is goint to be inconvenient to the consumer. At worst, it's an abomination. So I'm all for protesting DRM into oblivion.
But is it the job of the FSF to do that? If so, what does that have to do with the GPL? Nothing as far as I can see. If the FSF is going to protest DRM, it should create an anti-DRM division and leave it to those people to do so. As it is, the FSF is trying to cram all its personal agendas into a single license.
Edit: I like the way it was stated in an anonymous post below. It states it more clearly than I did...
The cause of ending the DRM is one thing (And I support that cause); Trying to achieve that by a software license is something else.
And I also VERY MUCH would like to :
- End all wars
- Destroy all nuclear weapons
Both of these things are a good ideea taken (and fought for ) individually. But when you try to put these beliefs in software licenses (thou shall not use this software for war ), then this all becomes crap/bullshit.
You see, lot's of people dislike NOT the DRM bashing itself, but piggybacking these ideea on a *software* license.
Finally, here's why I started out this piece with a definition of some of the evils in the software world. Some of you may have noticed that I can't even mention a commercial or proprietary software product, let alone praise it, without a few people (posting as Anonymous) screaming about how Linux Journal has abandoned its roots and should be burned at the virtual stake.
Why is the FSF cramming issues into the GPL that are arguably unrelated to the original intent of the GPL? Why does the mere mention of a commercial product elicit such vitriolic responses?
I have a feeling that, now that we have finally reached a point in history where most people realize that open source is a Good Thing, the people who used to have to fight over this issue are feeling marginalized and ignored. Perhaps they are feeding their need for attention by finding new controversies to exploit, or by seeking out ways to rail against anything that rubs their open source idealism the wrong way.
I, for one, am glad that we've reached a point where we don't have to fight as hard to make people understand the benefits of open source. Not everyone is educated, and not everyone who is educated at all is fully educated, but I'm glad it's not as big a struggle as it used to be.
I can only hope that people will understand the difference between fighting for the GPL and fighting about DRM. I can only hope that people who understand the superiority of open source will learn to be confident enough about it that they don't have to feel threatened by praise for something that is not open source. We all need to be careful to discern the difference between software, hardware, policies, licenses, and how they are used, and whether or not there is evil intent involved.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- The US Government and Open-Source Software
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide