Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



F-Secure: Xiaomi Smartphones Do Secretly Steal Your Data

jbn-o Never ethical, never private, never secure (164 comments)

Location data and contact/address data are sensitive yet inextricably linked to how people use trackers (also known as cell phones and other portable electronic devices). Whether the device conveys GPS coordinates, can be tracked to a remarkably small area via cell tower triangulation, or unknown (to the user) parties get the information from a proprietor (such as Apple), the privacy loss inherent in ordinary tracker operation makes it impossible to "avoid storing sensitive data on the phone".

This is no accident. When societies face the combination of nonfree software (both in OS and programs people are encouraged to install later), devices that are as close to always-on as is possible for mobile computing, and a userbase as persistently distracted away from focusing on their civil liberties as most tracker users are (no thanks to sites like /. which carry stories like these without any ethical critique to go alongside the corporate-written stockprice-sensitive spin) results like these are the outcome. Add to that the unethical ways in which trackers are made (such as Apple turning a blind eye to the environment in China or expoiting workers at Pegatron even worse than at Foxconn but Apple is certainly not alone in any of this) and you have an ugly recipe for abuse from end-to-end. Many thanks to people including Richard Stallman for compiling useful information about all of this and for his many years of warning people against nonfree software.

about two weeks ago

Skype Blocks Customers Using OS-X 10.5.x and Earlier

jbn-o Proprietary power is always anti-user. (267 comments)

It's news because so many people are never taught to think of software freedom. Instead sites like this one shill for Microsoft, Apple, and a weaker "open source" message that was designed to draw attention away from ethical examination of the issue. Cutting off service and not providing programs for various systems are just two of the things proprietors with the power they wield over users. Software freedom would mean letting users maintain older OSes as much as they want to, backport programs they found valuable, and run builds of modern programs as much as desired.

You're quite right to point out that Apple is no friend on these grounds. But this shouldn't be looked at in terms of business; the effect on the user is far more important. Proprietors are the same in how they treat people because the heart of any nonfree software is unethical power over someone else's use of a computer. Richard Stallman reminds us that Apple uses this same leverage to pressure users into malicious "upgrades":

Using the lever of "You have a choice, but unless you say yes, your old activities will stop working" is something that Apple has done before, with malicious "upgrades". Apple ostensibly doesn't force people to accept the new nasty thing; it just punishes them if they don't.

Nobody should be obliged to work on developing programs and nobody should have the power to prevent users from developing the software.

about two weeks ago

Ask Slashdot: Should I Fight Against Online Voting In Our Municipality?

jbn-o Yes, voters need voter-verified paper ballots (190 comments)

Yes, you should object.

Voters can't be sure that there's any evidence of their vote entering the system accurately reflecting their vote without a voter-verified paper ballot. Electronic ballots are easily lost, misrepresented, and useless in a recount. Electronic voting doesn't improve on the problems with voter-verified paper ballots and electronic ballots introduce problems all their own. So this is an area where traditional voter-verified paper ballots are better for the voter and well worth fighting for.

Braille printed ballots are extra nice to have (the braille can co-exist with the ink print on the same voter-verified paper ballot). But voters who can't read ink printed text without braille (illiterate and blind voters, to name a couple of examples) can get help from a computer to help them prepare a voter-verified paper ballot. These voters can feed in a voter-verified paper ballot into a machine that is essentially a scanner/printer combo that prints marks on a traditional voter-verified paper ballot filling in the blanks in accordance with user input to the computer. The user can get the voter-verified paper ballot out of the machine and check out its accuracy, either submit it to be counted or spoil it to get a new voter-verified paper ballot and mark it themselves, Such voters can also bring someone they trust to help them vote but this is obviously less preferred as this means divulging one's vote to someone else.

about three weeks ago

An Accidental Wikipedia Hoax

jbn-o Please explain your terms (189 comments)

I'm not convinced Wikipedia is somehow profoundly not an encylopedia. Part of the reason your post doesn't convince me is because you criticize Wikipedia for not being "on par with the Brittanica" without specifying what you think exactly that par is, or what exactly you think "the concept of an encyclopedia is". It's difficult to have a conversation about these things without understanding what you view those things to be.

I know that I don't get the same freedoms with Brittanica I get with Wikipedia: I'm not allowed to distribute verbatim or edited copies of Brittanica entries. These freedoms translate into practical outcomes for most people, most notably the main means of keeping Wikipedia viable and an (apparently) mainstream source of information. By contrast, if someone wants to build on what they view as Brittanica's articles they have to negotiate with Brittanica to do that (and I've never seen anyone do this) but I know of projects that build on Wikipedia. Many articles I find interesting and worth listing in an encyclopedia are simply missing from Brittanica but are present in Wikipedia, such as why Brittanica thinks "GNU/Linux" and "Linux" are the same (which is both inaccurate and unfair) while maintaining that the former is an operating system and the latter a kernel (which is accurate and fair).

I have no changelog for Brittanica, so I have nothing to point to there that compares with what I can get in Wikipedia's changelog. TFA implicitly shows the value of changelogs for identifying how long edits have remained and who edited what when.

As for editing by non-experts: I don't know who edits Brittanica's many editions (including the paper editions) nor do I know what their qualifications are. I find this to be roughly equivalent to Wikipedia because I don't know who edits Wikipedia either, nor do I know their qualifications.

I remember some years ago reading an article by a Brittanica affiliate who essentially proposed to weigh Brittanica and Wikipedia on an evaluation of one obscure point he knew something about. Not only is that bad surveying, but it invites critique that can be used against Brittanica just as easily. I recall being struck by how behind the times Brittanica was the last time I saw it, particularly on the free software movement, a topic I know something about. I found the lack of coverage in Brittanica telling. Where Brittanica had something to say on the matter, I found Brittanica made the usual errors and confusions people make when they've only been exposed to "open source" (such as attributing what Richard Stallman's actions with "open source" despite historical contradiction and Stallman's own words and deeds); open source movement's philosophy, practical outcomes, or history isn't the same as free software and it's a shame history and contemporary evidence weighs so lightly for Brittanica.

about three weeks ago

Which Is Better, Adblock Or Adblock Plus?

jbn-o Reject all proprietary software and "choice" too (436 comments)

You'd not only rightly reject Google Chrome you'd also reject choice as a reason to favor nonfree software. Chrome is a nonfree browser so that is right out. A choice of nonfree programs doesn't satisfy what computer users need—software freedom. Choice is easily satisfied in that there's more than one alternative but choice of software says nothing about how well the alternatives address important needs to control one's computer (rather than letting the software control the users). So choice of software is a weak substitute for the freedoms to run, inspect, share, and modify software.

about three weeks ago

Free Copy of the Sims 2 Contains SecuROM

jbn-o Software freedom is worth caring about (234 comments)

People who care about controlling their computers care, as should all computer users care. This is another instance in a long line of great learning opportunities to distinguish between 'free as in price' and 'free as in freedom'—software proprietors get away with malware because how the software works is kept secret from its users. TFA tells us that Electronic Arts didn't tell prospective users SecuROM was a part of the gratis Sims 2 install, probably because EA knew users wouldn't install Sims 2 if they knew it came with SecuROM. Proprietors abuse the trust users have placed in them and it's time to teach users how things actually work, not encourage dismissal that hands users over to the abusers ("who cares").

about three weeks ago

Intel Launches Self-Encrypting SSD

jbn-o Can it be updated and run Free Software? (91 comments)

If the drive's software were flashable (the device could be updated with different software) and the software were Free Software, there would be no reason to fear Intel's connection to the NSA. Users would have the freedoms they need to make sure the software does what they want it to do. Proprietary encryption, no matter who writes it or distributes it, is always untrustworthy for the same reason proprietary software is untrustworthy—you don't really know what it's doing and neither does anyone you can trust to help you understand what it's doing. Furthermore you can't make it do what you want and you can't help others by distributing improved versions that respect other user's freedoms.

about a month ago

Sony Forgets To Pay For Domain, Hilarity Ensues

jbn-o Yet another reason to insist on software freedom (277 comments)

Early Tuesday, gamers woke up to find out that they couldn't log in to any Sony Online Entertainment games--no Everquest, no Planetside 2, none of them.

Could the users have used another server to connect with each other? Or is this a case of DRM ("Digital Restrictions Management", when properly viewed from the perspective of its effect on the users) and, more generally, nonfree software restricting users from running the games with other people?

about a month ago

First Release of LibreSSL Portable Is Available

jbn-o Stallman's "blessings" are for software freedom (101 comments)

[...] not everything has to be blessed by Stallmann to be acceptable

Regarding this point, Stallman certainly does endorse Free Software. And so much of what is in OpenBSD is Free Software—software that respects a user's software freedom—and the same goes for OpenSSL. Stallman (and his organization, the Free Software Foundation(FSF)) are known for standing up for a user's software freedom. Non-copylefted Free Software is Free Software. Furthermore, in 2004 the FSF gave Theo de Raadt an award for the Advancement of Free Software, "[f]or recognition as founder and project leader of the OpenBSD and OpenSSH projects, Theo de Raadt's work has also led to significant contributions to other BSD distributions and GNU/Linux. Of particular note is Theo's work on OpenSSH". A free system need not include GNU software or be licensed under a GNU license (such as the GPL) to respect a user's software freedom.

The FSF is quite clear why it doesn't list OpenBSD (or the other BSD distributions) in their list of Free system distributions:

FreeBSD, NetBSD, and OpenBSD all include instructions for obtaining nonfree programs in their ports system. In addition, their kernels include nonfree firmware blobs.

Nonfree firmware programs used with Linux, the kernel, are called "blobs", and that's how we use the term. In BSD parlance, the term "blob" means something else: a nonfree driver. OpenBSD and perhaps other BSD distributions (called "projects" by BSD developers) have the policy of not including those. That is the right policy, as regards drivers; but when the developers say these distributions âoecontain no blobsâ, it causes a misunderstanding. They are not talking about firmware blobs.

No BSD distribution has policies against proprietary binary-only firmware that might be loaded even by free drivers.

Including nonfree software and pointing users to nonfree software is quite common among those who endorse the open source philosophy, as the FSF has long pointed out (older essay, newer essay). The open source movement's philosophy is a development methodology built to toss aside software freedom for practical convenience in an attempt to be "more acceptable to business". So this philosophical difference sets up a radically different reaction in the face of reliable, powerful proprietary software. Quoting the newer essay:

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

about a month ago

GM Names and Fires Engineers Involved In Faulty Ignition Switch

jbn-o Everyone needs software freedom. (307 comments)

And why all computer users need free software in all of their computers. I don't want someone I don't trust vetting the software that has the ability to ruin my project or kill me. Those who get to audit code may be expert in someone else's opinion, but I would rather have software freedom.

about 2 months ago

A Year After Snowden's Disclosures, EFF, FSF Want You To Fight Surveillance

jbn-o Re:Fixing a social problem with technical means? (108 comments)

It's not enough, true, but we need to get Americans trained in the practice of being more politically active and to seriously consider the consequences of their consumerism. Today, encouraging people to think of encryption as required for increased secure communications is good. We can't fix anything "once and for all" because any change to anything can be reverted (hence Andrew Jackson's warning "...eternal vigilance by the people is the price of liberty, and that you must pay the price if you wish to secure the blessing" applies here too). Software proprietors and others who want to rob computer users of their freedom spend billions training people to think ephemerally (in fact, /.'s chosen "firehose" structure of fast and frequent updates usually from corporate repeaters exists to further that end). We need ordinary people to become more aware of the consequences of ignorance, make better choices, and train future generations that the acceptable social norm is lifelong political involvement. I think failing to meet this need is one of Snowden's fears ("The greatest fear that I have regarding the outcome for America of these disclosures is that nothing will change..."), and why Stallman says things like "I don't want any fans I want Freedom Fighters, who could actually help in his revolution". I have no doubt that whomever follows that murderous war criminal Obama in the US White House will follow the same behavior he both chose to follow from George W. Bush and ramp up. I'm not certain what will stop the horrors of "Terror Tuesday" killings, indiscriminate NSA spying, and more, but I won't object when groups want to raise awareness and help normalize objecting to the loss of our civil liberties.

about 3 months ago

Why Snowden Did Right

jbn-o More of Eben Moglen's ramifications on Snowden (348 comments)

In case you didn't get to the bottom of the Guardian essay, that essay comes from "Snowden and the Future", a 4-part talk series Eben Moglen gave on October 9, October 30, November 13 and December 4 2013. It is highly recommended reading, watching, and/or listening. Audio, video, and transcripts are available at his website.

about 3 months ago

Did Mozilla Have No Choice But To Add DRM To Firefox?

jbn-o Re:Not denying something is different from forcing (406 comments)

Let's not also forget two other particularly powerful points made in the Free Software Foundation's (FSF) essay:

  • "We understand that Mozilla is afraid of losing users. Cory Doctorow points out that they have produced no evidence to substantiate this fear or made any effort to study the situation."
  • "More importantly, popularity is not an end in itself. This is especially true for the Mozilla Foundation, a nonprofit with an ethical mission. In the past, Mozilla has distinguished itself and achieved success by protecting the freedom of its users and explaining the importance of that freedom: including publishing Firefox's source code, allowing others to make modifications to it, and sticking to Web standards in the face of attempts to impose proprietary extensions."

Brad Kuhn builds on these points in his essay discussing Mozilla's announcement: "Theoretically speaking, though, the Mozilla Foundation is supposed to be a 501(c)(3) non-profit charity which told the IRS its charitable purpose was: to "keep the Internet a universal platform that is accessible by anyone from anywhere, using any computer, and ... develop open-source Internet applications". Baker fails to explain how switching Firefox to include proprietary software fits that mission. In fact, with a bit of revisionist history, she says that open source was merely an "approach" that Mozilla Foundation was using, not their mission."

Speaking of how people criticize the FSF without reading what they say, the FSF is not an "open source advocate" despite /.'s insistence to the contrary such as is stated in this story's headline. The FSF and the free software movement predate the developmental methodology known as open source, and the FSF fights for values the open source movement sets out to deny, namely software freedom. The FSF has published more than one essay on this topic (1, 2) and RMS includes a clear and cogent explanation of this point in virtually every talk you'll hear him give. Archives of these talks are readily available online in formats that favor free software. Mozilla's choice here is another example of reaching radically different conclusions given different philosophies: Mozilla's open source choice versus a free software activist's choice to reject DRM for many valid reasons the FSF points out.

about 3 months ago

Free Software Foundation Condemns Mozilla's Move To Support DRM In Firefox

jbn-o Re:Yawn. (403 comments)

With the number of times /. posters point out how RMS arrived at some conclusion well before so many other people, and wrote something illustrating the point and his rationale, I would hope /. posters would recall that.

More DRM isn't going to play out well for the public as it has already failed for those who enjoy leveraging their fair-use rights, reading/viewing something in another way, and more. RMS's ethics-backed rationale against DRM and nonfree software (as opposed to a developmental methodology that accepts practical convenience at the cost of our civil liberties) is simply invaluable. Snowden's revelations bring RMS's long-held objections to nonfree software into sharp focus all the more.

about 3 months ago

Glenn Greenwald: How the NSA Tampers With US Made Internet Routers

jbn-o Linux-libre is proof of the point, pre-Snowden (347 comments)

Addressing both your comment and the grandparent comment: this distinction of allowing non-free software is part of what distinguishes the older free software movement from the younger open source movement. RMS has been talking and writing about this critical distinction for years.

Consider the following from "Why Open Source misses the point of Free Software":

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

In other words, open source won't endorse software freedom for its own sake. That movement was designed to never raise the issue of software freedom in order to promote a developmental methodology thought to lead to more reliable, more powerful programs. That methodology is fine as far as it goes (everyone likes powerful robust programs) but as we're seeing with the Snowden revelations, that methodology doesn't go far enough. RMS realized this very early on and has been providing ethical counterarguments since the open source movement began (older essay, newer essay).

This difference explains what we're seeing in the very different approaches taken in Linus Torvalds' fork of the Linux kernel versus the GNU Linux-libre fork of the Linux kernel. Linux-libre's distinction is that this fork removes the blobs that come with the Torvalds fork of the Linux kernel. Torvalds includes nonfree code meant to make the kernel run on more hardware which places a high value on convenience at the cost of software freedom. Linux-libre values software freedom instead. As a result, Linux-libre doesn't run on as much hardware and might not take advantage of everything modern hardware can do, but one gains a system they are allowed to fully inspect, share, and modify—software freedom. Linux-libre lets users make sure the software does only what that user wants that program to do. RMS, as recently as his recent responses to /. questions, encouraged readers to reverse engineer hardware in order to fully document hardware ("The parts of Linux we need to replace are the nonfree parts, the "binary blobs". [...] The main work necessary to replace the blobs is reverse engineering to determine the specs of the peripherals those blobs are used in. That's a tremendously important job -- please join in if you can."). This work leads to increased support for fully free operating systems, including fully free support in Linux-libre.

Increased security is one of the things you get with the pursuit of software freedom for its own sake. I think RMS very much recognizes the security enhancements that come along with Linux-libre and why his organization won't recommend a system with nonfree blobs in it. I'd expect that Stallman would say security isn't a goal unto itself, but a feature of a more important concern: software freedom.

about 3 months ago

Richard Stallman Answers Your Questions

jbn-o Re:Your monologue is not interesting. (394 comments)

The objection you seem to have missed is that proprietors treat users badly without the user's ability to effectively improve the program for their own needs (even by hiring someone to do this work on their behalf). So better to rejecting non-free software on ethical grounds. Whether spies have used the power of a proprietary Angry Birds is a weak response compared to asking whether anybody should have to choose a potential loss of privacy to play a videogame. Tracking users (no matter how) without their explicit knowledge is something people don't know about and, when they learn about it, don't like. It's a shame you have such personal anger toward Stallman that you refuse to convey understanding his points. Your namecalling ("bearded zealot", "mooching") and lame counterarguments like "There's more effective ways for snoops to get info than through angry birds" run the risk of reading as tacit acceptance of RMS's points without giving him due credit for bringing those points to the public.

We don't know who can get data from RMS's Loonsong MIPS machine but paying attention to these issues and using what's available to practical effect is leading by example; a far more respectful approach which complaining and namecalling just can't beat.

about 3 months ago

Richard Stallman Answers Your Questions

jbn-o Your monologue is not interesting. (394 comments)

It's so convenient to argue against yourself isn't it? No need to ask him what he actually thinks (his email address is readily available) or read any of his many essays. You might be particularly interested in a list of surveillance examples found in proprietary software including one pertinant description for a program you just mentioned—"Angry Birds spies for companies, and the NSA takes advantage to spy through it too.".

about 4 months ago

Richard Stallman Answers Your Questions

jbn-o No, insightful and relevant. (394 comments)

how absolutely boring it is to read essentially the same message ("all software should be free and you should refuse to use any software that isn't free") repeated about 15 times with 15 minor variations. Surely RMS isn't this one-dimensional. I wish there had been some more interesting questions that weren't just prompts to repeat the free software mantra over and over again.

It's not RMS's fault that he was asked similarly un"interesting" questions that each came with the repetitive prejudices (asking about the younger movement he didn't start instead of the older movement he did start, framing issues in terms of amorality and not questioning what non-free software entails). Looking at the questions, it's clear that they were asked by people who didn't bother to read the essays linked to in the original /. story soliciting questions for him. I remember when /. used to criticize behavior like that. A lot of what people bump into are issues where software freedom has a practical response that can liberate users from dependency on untrustworthy programmers, but thanks to an amoral stance on these issues the public is never taught to see how a technocratic/developmental stance (open source, focus on features and price, focus on slick interfaces) can run contrary to their interests (preserving their privacy, retaining and exercising their civil liberties, not being beaten or killed). It's convenient to see a movie when you wish, but certainly not as important as avoiding being spied upon everywhere you go.

Now 15 years later I read his responses to these questions and it all feels very much the same. He's apparently super paranoid (worried about the government eavesdropping on your cell phone calls and tracking you? Wishing for a pager so that you could perfectly control how much tracking information you give when you answer your phone? Jesus christ, get over yourself!) and thinks everyone else should be too.

That's probably because you haven't been paying much attention to what Edward Snowden has been telling us, nor have you been thinking deeply about the consequences of those revelations. I suggest watching Eben Moglen's insightful talks on this topic for some historical perspective on how "one-dimensional" your take is and how much under threat the entire world is these days. That is, if you're not too busy dismissing Moglen for being an FSF lawyer and former FSF board member who deeply appreciates software freedom for its own sake.

I never learned exactly his feelings on the matter because when I tried to ask for some clarification I was immediately shouted down by his cronies who thought I was trying to hassle him or something (I assure you, I wasn't; I just wanted to understand his position better since I had never heard of someone refusing to use passwords and didn't understand why).

I'd be more likely to believe you on this claim if the rest of your opinions were better defended. But it's awfully hard to take someone too seriously when they're so easily dissuaded by stylistic matters over substantive examination of pertinant issues.

about 4 months ago

Firefox Was the Most Attacked & Exploited Browser At Pwn2own 2014

jbn-o Software freedom > "fast" and "not bloated" (207 comments)

At least Firefox can be altered to become what you want it to be because Firefox respect's a users software freedom. Far more important than vagaries like "fast" and "not bloated" is how a program treats its users. Proprietary browsers leave users no opportunity for improving the program. Thus security issues in proprietary programs go unfixed and are exploited for years. This, in turn, allows others to invade people's computers and leaves users helpless. This is exactly what happened with Apple's iTunes for over 3 years. I would not be surprised to learn that software proprietors including Microsoft, Google, and Apple are doing similar things with proprietary web browser programs as well.

So while I like trustworthy programs like other computer users, I know that I can't ascertain the trustworthiness of proprietary programs like Microsoft's Internet Explorer, Apple's Safari, and Google's Chrome. The extent to which any of them are built from software that respects my software freedom is irrelevant because proprietary programs and their updates are essentially black boxes. I can't possibly inspect or fix all of the software I use, but I can put myself in a position where I stand to benefit from the improvements a lot of programmers make by exclusively running software that respects my freedom to run, inspect, share, and modify—free software—freedoms I value in their own right.

about 5 months ago

Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

jbn-o Re:Freedom is better than dependency. (231 comments)

I'm sure many serious flaws in many free programs have been around for a long time, some flaws longer than this flaw. But free software advocates make no guarantees you'll get secure code. If you'd like that guarantee perhaps you can purchase a programmer's time to get that; perhaps you should have hired a programmer to inspect this code on your behalf, looking for security issues, raising them upstream, and fixing them for you (software freedom gives you these options as I mentioned before). Your objection really stems from your belief that open source and free software are discussing the issue starting from the same underlying philosophy.

The philosophies are not the same therefore the two movements arrive at different conclusions: Structurally speaking, programmers know that malware can be easily hidden in proprietary programs yet it's rare to find malware in free software for the same reason—those who forbid users from inspecting, sharing, and modifying source code can more easily sneak malware into the code. Focusing on price and technical issues (such as features, speed, and reliability) isn't bad but doesn't go nearly far enough. More and more users understand that society needs more than framing the debate around a developmental methodology as the open source movement does. So, the more one values catching bad code early (as we all, rightly, do) the more everyone should value software freedom for its own sake. Software freedom lets us increase the odds for using better code by treating computer users respectfully through granting and securing our permission to inspect, share, and modify that free code. All computer users deserve software freedom.

about 6 months ago



Replicant developers find and close Samsung Galaxy backdoor

jbn-o jbn-o writes  |  about 5 months ago

jbn-o (555068) writes "The Free Software Foundation reports that developers of Replicant, a fully free/libre version of Android, "discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system".

Replicant developer Paul Kocialkowski explains further in the blog post: (emphasis mine)

Today's phones come with two separate processors: one is a general-purpose applications processor that runs the main operating system, e.g. Android; the other, known as the modem, baseband, or radio, is in charge of communications with the mobile telephony network. This processor always runs a proprietary operating system, and these systems are known to have backdoors that make it possible to remotely convert the modem into a remote spying device. The spying can involve activating the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone. Moreover, modems are connected most of the time to the operator's network, making the backdoors nearly always accessible.


Provided that the modem runs proprietary software and can be remotely controlled, that backdoor provides remote access to the phone's data, even in the case where the modem is isolated and cannot access the storage directly. This is yet another example of what unacceptable behavior proprietary software permits! Our free replacement for that non-free program does not implement this backdoor. If the modem asks to read or write files, Replicant does not cooperate with it.

The blog post contains pointers to more information including a technical description of the back-door found in Samsung Galaxy devices and a list of known affected Samsung Galaxy devices. The FSF lists more ways proprietary software is often malware."
Link to Original Source


jbn-o jbn-o writes  |  more than 7 years ago

jbn-o writes "Prof. Eben Moglen, counsel for the Free Software Foundation, is working on the GNU General Public License version 3; an update of the most widely used free software license. He got a look at some of the details behind the Novell-Microsoft deal (in which Novell got $348m in return for a patent agreement covering SuSE GNU/Linux users) and spoke with Andrew Orlowski of the Register about how the GPLv3 will work against the Novell-Microsoft deal."


jbn-o has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>