Why American Corporate Software Can No Longer Be Trusted 240
jrepin writes "There is a problem with proprietary, closed software, which makes Rick Falkvinge, the founder of the first Pirate Party, a bit uneasy: 'We get a serious democratic deficit when the citizens are not able to inspect if the computers running the country's administrations are actually doing what they claim to be doing, doing all that and something else invisibly on top, doing the wrong thing in the wrong way at the wrong time, or doing nothing at all. ... In the debate around the American Stop Online Piracy Act, American legislators have demonstrated a clear capability and willingness to interfere with the technical operations of American products, when doing so furthers American political interests regardless of the policy situation in the customer’s country."
Re:The Era of Linux is at hand (Score:5, Informative)
you are left with not much but Linux as an alternative!
FreeBSD, (and other BSDs), FreeDOS, Darwin, Haiku, Plan 9, Solaris just to name a few. FreeBSD in particular is quite competitive with Linux, since many of the same GUI elements and applications will run on both.
Re:The Era of Linux is at hand (Score:5, Informative)
Re:The Era of Linux is at hand (Score:5, Informative)
Had The Oracle/Sun JVM been free-er, that move would have been unnecessary.
Android (Score:4, Informative)
If you use Android, you should check out the Guardian Project [guardianproject.info].
Re:The Era of Linux is at hand (Score:2, Informative)
It's kind of hard to "rule out" Google when both of their operating systems and their browser are open source.
(the OSs are both Linux-based, though, IIRC...)
Re:The Era of Linux is at hand (Score:4, Informative)
"If you can live without update,"
The wife is doing fine on a three year old installation. Updating Firefox broke Pogo - or updating Java broke Pogo. One or the other. So, she nagged at me for three days to DOWNGRADE Firefox and Java, and there have been no updates on her machine since. If it breaks Pogo, it's bad, bad, BAD!
Re:Patriot Act Backlash Mk2 (Score:5, Informative)
which is hilarious because our manufacturing base is gone.
Which is why we still have more manufacturing capability than any [wikipedia.org] other country in the world, including China? Granted those stats are a bit old, it's still true. The number of jobs is down (by a lot), because US manufacturing has grown more efficient, which creates the impression that we lack manufacturing capability. Well, that and all the "Made in China" crap you find at Walmart. The reality is the US makes ~18% of the worlds manufactured stuff. And that is considered a "small fraction" of the US's economy. In an international context, the US is massive. Still by far the biggest player.
Also, the US probably should ban Chinese electronics in defense applications, but they don't.
Closed source software can never be trusted (Score:5, Informative)
Security-critical environments are one of the few places where open source should be a must.
Linux won't save you (Score:5, Informative)
Those who will be affected most by SOPA are those who rely on American billing, search and advertising services.
It doesn't matter if you are running Linux, if you are hosting content that is flagged for violating copyright law, then you risks losing your advertising revenue.
The solution to the problem is to use services in other countries than the US. Whether you are running Linux or Windows is irrelevant.
Re:Trust? (Score:4, Informative)
The problem is not so much what is "phoning home" everyday but the carrieriq like layer between any shipped phone in parts of the world wrt https and all input.
From 2006 "FBI taps cell phone mic as eavesdropping tool" http://news.cnet.com/2100-1029-6140191.html [cnet.com]
Before that you had the fun of the safe 56 bits and the Data Encryption Standard.
More at http://cryptome.org/nsa-v-all.htm [cryptome.org]
Products have shipped for generations before smart people began to discover what they had really installed and recommended beyond the accepted public math and low price.
Re:Can Anyone figure out what he's arguing here? (Score:3, Informative)
Falkvinge here.
I am referring to the fact that the SOPA debate has shown that US legislators won't hesitate for a moment to mutilate global technical resources if they can be used as leverage to project US trade interests, intensely disregarding the fact that severeign nations elsewhere have other sets of laws.
Specifically, the seizure of Internet domains is a precursory example.
Since the legislators have shown both a willingness and a capacity to regard anything happening on US soil as something that can be legislated into political leverage, at the expense of the customers and the US supplier, we must assume that cloud services and closed software can and will also be thus regarded.
This, in turn, means that any nation serious about its sovereignty can't let its critical administrative processes be governed by such code.
Re:The Era of Linux is at hand (Score:5, Informative)
GPL is not slavery and saying it is means you have a poor grasp of it. GPL is set of copyright terms that are designed to avoid slavery/proprietary lock-in/corporate malfeasance to users. If you don't want to use/re-use GPL software then don't. The GPL creators owe you nothing so quit whinging. How about you *create* something yourself - then we'll see what the copyright infringers and software stealers (China is bad for this) make with your stuff.
Re:The Era of Linux is at hand (Score:5, Informative)
Re:The Era of Linux is at hand (Score:3, Informative)
No, he's absolutely right. The GPL restricts freedom, and that's bad. It's just like how all these stupid laws restrict my freedom to do what I want, such as to run around and rape and murder people. It's terrible that if I decide I want to murder someone, that agents of the state can arrest me and force me to stay in a concrete cell; this is a serious abridgment of my freedom! No one should be allowed to touch me if I decide I want to put a bullet in someone's head, or have my way with some woman. Similarly, the GPL abridges my freedom to take someone's code and do whatever the hell I want with it, and that's wrong.
Re:The Era of Linux is at hand (Score:4, Informative)
piracy, n., pl. piracies.
1. practice of a pirate; robbery or illegal violence at sea.
2. the unauthorized reproduction or use of a copyrighted book, recording, television program, patented invention, trademarked product, etc.: The record industry is beset with piracy.
3. Also called stream capture. Geol. diversion of the upper part of one stream by the headward growth of another.
You are incorrect.
Re:The Era of Linux is at hand (Score:5, Informative)
You must only use the GPL not the MIT, BSD, Apache, University of Illinois, etc... licenses.
You can choose whatever license you want if you write the software from scratch.
But if you decide to take GPL software to make your project, then you have release your project under the same license. Those were the conditions you accepted when you took SOMEONE ELSES CODE and used it in your project.
If you don't like those conditions, don't incorporate code that belongs to those people into your project.
Re:China does the same stuff (Score:5, Informative)
I have no such expectations of privacy at work. My duties are monitored and evaluated. If I make use of 'my' workstation for personal purposes, I am actually using the company's workstation.
I can't access web based or personal email at work - primarily to complicate transferring data to non-company storage. I can't access Facebook, Linkedin, and a host of other social systems. I can't access a multitude of sites that are either known to provide information about compromising systems, or are known to host malware of any sort. I cannot use several commenting and interaction systems such as Disqus.
Antivirus software is the least of the security measures on 'my' workstation. The corporate LAN, both wired and wireless, require certificates for me to connect. DLP processes on 'my' workstation track every read and write. Specific filters look for characteristic types of data, and prevent its transmission in emails and instant messages. Documents of al types, even text, are required to be categorized by the nature of their confidentiality, and are blocked from being stored on certain storage if they require more security than is afforded by that media.
Email can be encrypted by a method that requires the recipient to register at the corporate website to read and interact with it. Certain data cannot even be sent encrypted without specific certificates that are given only to employees for whom this is a required function.
Mind you, I have the privilege of using removable media. Not many employees do, or need to. I need to share data with non-corporate entities regularly. I assume my activities are scrutinized.
And yes, I post to Slashdot from work. Not now, but that's one reason why I share a little more info.
In the largest, most vulnerable corporations, the stakes are much higher than most people imagine. And the largest corporations are the most vulnerable.
And ultimately, everything here and in similar forums on the Internet is cataloged, analyzed, and processed. By several entities, here and abroad. It's not like Slashdot is a secret. Pretty much everything without an HTTPS in front of it is no secret, and some of the HTTPS stuff is also.
Privacy is what you do by yourself.