×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Voting Machines Malfunction: 5,000 Votes Not Counted In Kansas County

jbn-o Voter-verified paper ballots trump "open source" (127 comments)

I concur. A development methodology ("open source") will not address any of the deficiencies (when viewed from the voter's perspective, the perspective that should matter most) of voting. No matter how much one trusts a voting program, there's no way to be sure that the computer used for voting is running only software one trusts. No electronic system can compete with the simplicity and recount-friendly approach of what is called for here: voter-verified paper ballots.

So address to the question in the /. summary: You never should have stopped using voter-verified paper ballots.

There are computers one can purchase that do as the parent post specified—the voter feeds in a blank ballot (one which they could have filled out manually if desired) and the computer (which has a scanner and printer attached) will scan the ballot, help the voter by showing the choices on a screen, reading the ballot aloud, or reading the ballot text to headphones, and then collect votes from the voter. Then the computer's printer will print the voter's votes on the paper ballot, and eject the printed paper ballot to let the user inspect that printed ballot. At this point the voter can choose to carry the voter-verified paper ballot to be counted or spoil that ballot and start again. The voter can also feed in a marked up ballot (marked by hand or by computer) and let the computer summarize the votes which that ballot specifies. These features let the blind and/or illiterate vote without losing their privacy by forcing them to find & bring in someone else to mark up their ballot for them. This is as close to computers used in voting as one should want to get.

about three weeks ago
top

Microsoft To Open Source .NET and Take It Cross-Platform

jbn-o A sort-of correction conducing to the same (525 comments)

A sort-of correction that reaches the same conclusion: End Software Patents (ESP) speculates that "the 2012 'in re Spansion' case in the USA and the judge ruled that a promise is the same as a licence". And since ESP mentions that Microsoft's Patent Promise has serious problems restricting its promise to those who don't add covered code to another project or those who produce something other than a "compliant implementation" of .NET, it seems that Microsoft patent promise has enough problems that it's still wise to not build dependencies on .NET (as the FSF warned).

about a month ago
top

Microsoft To Open Source .NET and Take It Cross-Platform

jbn-o Beware: MS no-sue promise can turn on you (525 comments)

Mono developer Miguel de Icaza has pledged to continue to add Microsoft's code to Mono saying "Like we did in the past with .NET code that Microsoft open sourced, and like we did with Roslyn, we are going to be integrating this code into Mono and Xamarin's products".

But is that wise? To your point, the Free Software Foundation's reaction to Microsoft's similar 2009 action point to exactly how changing ownership of patents render Microsoft's Patent Promise not to sue useless. This very promise could become the basis for a patent trap. In 2009 Microsoft's promise not to sue was called a "Community Promise" but today's .NET promise not to sue is risky in the same way—it's not (as the FSF rightly puts it) "an irrevocable patent license for all of its patents that Mono actually exercises" and neither is the MIT license Microsoft chose to release their code under.

Looking back at that essay from 2009, we see the FSF warn us (emphasis mine):

The Community Promise does not give you any rights to exercise the patented claims. It only says that Microsoft will not sue you over claims in patents that it owns or controls. If Microsoft sells one of those patents, there's nothing stopping the buyer from suing everyone who uses the software.

Falling into this trap will directly adversely affect your ability to run, share, and modify covered software. The FSF points to a practical way out as well:

The Solution: A Comprehensive Patent License

If Microsoft genuinely wants to reassure free software users that it does not intend to sue them for using Mono, it should grant the public an irrevocable patent license for all of its patents that Mono actually exercises. That would neatly avoid all of the existing problems with the Community Promise: it's broad enough in scope that we don't have to figure out what's covered by the specification or strictly necessary to implement it. And it would still be in force even if Microsoft sold the patents.

This isn't an unreasonable request, either. GPLv3 requires distributors to provide a similar license when they convey modified versions of covered software, and plenty of companies large and small have had no problem doing that. Certainly one with Microsoft's resources should be able to manage this, too. If they're unsure how to go about it, they should get in touch with us; we'd be happy to work with them to make sure it's satisfactory.

Until that happens, free software developers still should not write software that depends on Mono. C# implementations can still be attacked by Microsoft's patents: the Community Promise is designed to give the company several outs if it wants them. We don't want to see developers' hard work lost to the community if we lose the ability to use Mono, and until we eliminate software patents altogether, using another language is the best way to prevent that from happening.

I find it no accident that the built-to-be-business-friendly "open source" language is all over this announcement including the aforementioned blog post from a prominent endorser, while the wise warnings of falling into a patent trap come from the FSF who consistently looks out for all computer user's software freedoms—software freedom being the very thing that "open source" was designed never to bring to mind (see source 1, source 2 for the history and rationale on this point).

about a month ago
top

F-Secure: Xiaomi Smartphones Do Secretly Steal Your Data

jbn-o Never ethical, never private, never secure (164 comments)

Location data and contact/address data are sensitive yet inextricably linked to how people use trackers (also known as cell phones and other portable electronic devices). Whether the device conveys GPS coordinates, can be tracked to a remarkably small area via cell tower triangulation, or unknown (to the user) parties get the information from a proprietor (such as Apple), the privacy loss inherent in ordinary tracker operation makes it impossible to "avoid storing sensitive data on the phone".

This is no accident. When societies face the combination of nonfree software (both in OS and programs people are encouraged to install later), devices that are as close to always-on as is possible for mobile computing, and a userbase as persistently distracted away from focusing on their civil liberties as most tracker users are (no thanks to sites like /. which carry stories like these without any ethical critique to go alongside the corporate-written stockprice-sensitive spin) results like these are the outcome. Add to that the unethical ways in which trackers are made (such as Apple turning a blind eye to the environment in China or expoiting workers at Pegatron even worse than at Foxconn but Apple is certainly not alone in any of this) and you have an ugly recipe for abuse from end-to-end. Many thanks to people including Richard Stallman for compiling useful information about all of this and for his many years of warning people against nonfree software.

about 4 months ago
top

Skype Blocks Customers Using OS-X 10.5.x and Earlier

jbn-o Proprietary power is always anti-user. (267 comments)

It's news because so many people are never taught to think of software freedom. Instead sites like this one shill for Microsoft, Apple, and a weaker "open source" message that was designed to draw attention away from ethical examination of the issue. Cutting off service and not providing programs for various systems are just two of the things proprietors with the power they wield over users. Software freedom would mean letting users maintain older OSes as much as they want to, backport programs they found valuable, and run builds of modern programs as much as desired.

You're quite right to point out that Apple is no friend on these grounds. But this shouldn't be looked at in terms of business; the effect on the user is far more important. Proprietors are the same in how they treat people because the heart of any nonfree software is unethical power over someone else's use of a computer. Richard Stallman reminds us that Apple uses this same leverage to pressure users into malicious "upgrades":

Using the lever of "You have a choice, but unless you say yes, your old activities will stop working" is something that Apple has done before, with malicious "upgrades". Apple ostensibly doesn't force people to accept the new nasty thing; it just punishes them if they don't.

Nobody should be obliged to work on developing programs and nobody should have the power to prevent users from developing the software.

about 4 months ago
top

Ask Slashdot: Should I Fight Against Online Voting In Our Municipality?

jbn-o Yes, voters need voter-verified paper ballots (190 comments)

Yes, you should object.

Voters can't be sure that there's any evidence of their vote entering the system accurately reflecting their vote without a voter-verified paper ballot. Electronic ballots are easily lost, misrepresented, and useless in a recount. Electronic voting doesn't improve on the problems with voter-verified paper ballots and electronic ballots introduce problems all their own. So this is an area where traditional voter-verified paper ballots are better for the voter and well worth fighting for.

Braille printed ballots are extra nice to have (the braille can co-exist with the ink print on the same voter-verified paper ballot). But voters who can't read ink printed text without braille (illiterate and blind voters, to name a couple of examples) can get help from a computer to help them prepare a voter-verified paper ballot. These voters can feed in a voter-verified paper ballot into a machine that is essentially a scanner/printer combo that prints marks on a traditional voter-verified paper ballot filling in the blanks in accordance with user input to the computer. The user can get the voter-verified paper ballot out of the machine and check out its accuracy, either submit it to be counted or spoil it to get a new voter-verified paper ballot and mark it themselves, Such voters can also bring someone they trust to help them vote but this is obviously less preferred as this means divulging one's vote to someone else.

about 5 months ago
top

An Accidental Wikipedia Hoax

jbn-o Please explain your terms (189 comments)

I'm not convinced Wikipedia is somehow profoundly not an encylopedia. Part of the reason your post doesn't convince me is because you criticize Wikipedia for not being "on par with the Brittanica" without specifying what you think exactly that par is, or what exactly you think "the concept of an encyclopedia is". It's difficult to have a conversation about these things without understanding what you view those things to be.

I know that I don't get the same freedoms with Brittanica I get with Wikipedia: I'm not allowed to distribute verbatim or edited copies of Brittanica entries. These freedoms translate into practical outcomes for most people, most notably the main means of keeping Wikipedia viable and an (apparently) mainstream source of information. By contrast, if someone wants to build on what they view as Brittanica's articles they have to negotiate with Brittanica to do that (and I've never seen anyone do this) but I know of projects that build on Wikipedia. Many articles I find interesting and worth listing in an encyclopedia are simply missing from Brittanica but are present in Wikipedia, such as why Brittanica thinks "GNU/Linux" and "Linux" are the same (which is both inaccurate and unfair) while maintaining that the former is an operating system and the latter a kernel (which is accurate and fair).

I have no changelog for Brittanica, so I have nothing to point to there that compares with what I can get in Wikipedia's changelog. TFA implicitly shows the value of changelogs for identifying how long edits have remained and who edited what when.

As for editing by non-experts: I don't know who edits Brittanica's many editions (including the paper editions) nor do I know what their qualifications are. I find this to be roughly equivalent to Wikipedia because I don't know who edits Wikipedia either, nor do I know their qualifications.

I remember some years ago reading an article by a Brittanica affiliate who essentially proposed to weigh Brittanica and Wikipedia on an evaluation of one obscure point he knew something about. Not only is that bad surveying, but it invites critique that can be used against Brittanica just as easily. I recall being struck by how behind the times Brittanica was the last time I saw it, particularly on the free software movement, a topic I know something about. I found the lack of coverage in Brittanica telling. Where Brittanica had something to say on the matter, I found Brittanica made the usual errors and confusions people make when they've only been exposed to "open source" (such as attributing what Richard Stallman's actions with "open source" despite historical contradiction and Stallman's own words and deeds); open source movement's philosophy, practical outcomes, or history isn't the same as free software and it's a shame history and contemporary evidence weighs so lightly for Brittanica.

about 5 months ago
top

Which Is Better, Adblock Or Adblock Plus?

jbn-o Reject all proprietary software and "choice" too (436 comments)

You'd not only rightly reject Google Chrome you'd also reject choice as a reason to favor nonfree software. Chrome is a nonfree browser so that is right out. A choice of nonfree programs doesn't satisfy what computer users need—software freedom. Choice is easily satisfied in that there's more than one alternative but choice of software says nothing about how well the alternatives address important needs to control one's computer (rather than letting the software control the users). So choice of software is a weak substitute for the freedoms to run, inspect, share, and modify software.

about 5 months ago
top

Free Copy of the Sims 2 Contains SecuROM

jbn-o Software freedom is worth caring about (234 comments)

People who care about controlling their computers care, as should all computer users care. This is another instance in a long line of great learning opportunities to distinguish between 'free as in price' and 'free as in freedom'—software proprietors get away with malware because how the software works is kept secret from its users. TFA tells us that Electronic Arts didn't tell prospective users SecuROM was a part of the gratis Sims 2 install, probably because EA knew users wouldn't install Sims 2 if they knew it came with SecuROM. Proprietors abuse the trust users have placed in them and it's time to teach users how things actually work, not encourage dismissal that hands users over to the abusers ("who cares").

about 5 months ago
top

Intel Launches Self-Encrypting SSD

jbn-o Can it be updated and run Free Software? (91 comments)

If the drive's software were flashable (the device could be updated with different software) and the software were Free Software, there would be no reason to fear Intel's connection to the NSA. Users would have the freedoms they need to make sure the software does what they want it to do. Proprietary encryption, no matter who writes it or distributes it, is always untrustworthy for the same reason proprietary software is untrustworthy—you don't really know what it's doing and neither does anyone you can trust to help you understand what it's doing. Furthermore you can't make it do what you want and you can't help others by distributing improved versions that respect other user's freedoms.

about 5 months ago
top

Sony Forgets To Pay For Domain, Hilarity Ensues

jbn-o Yet another reason to insist on software freedom (277 comments)

Early Tuesday, gamers woke up to find out that they couldn't log in to any Sony Online Entertainment games--no Everquest, no Planetside 2, none of them.

Could the users have used another server to connect with each other? Or is this a case of DRM ("Digital Restrictions Management", when properly viewed from the perspective of its effect on the users) and, more generally, nonfree software restricting users from running the games with other people?

about 5 months ago
top

First Release of LibreSSL Portable Is Available

jbn-o Stallman's "blessings" are for software freedom (101 comments)

[...] not everything has to be blessed by Stallmann to be acceptable

Regarding this point, Stallman certainly does endorse Free Software. And so much of what is in OpenBSD is Free Software—software that respects a user's software freedom—and the same goes for OpenSSL. Stallman (and his organization, the Free Software Foundation(FSF)) are known for standing up for a user's software freedom. Non-copylefted Free Software is Free Software. Furthermore, in 2004 the FSF gave Theo de Raadt an award for the Advancement of Free Software, "[f]or recognition as founder and project leader of the OpenBSD and OpenSSH projects, Theo de Raadt's work has also led to significant contributions to other BSD distributions and GNU/Linux. Of particular note is Theo's work on OpenSSH". A free system need not include GNU software or be licensed under a GNU license (such as the GPL) to respect a user's software freedom.

The FSF is quite clear why it doesn't list OpenBSD (or the other BSD distributions) in their list of Free system distributions:

FreeBSD, NetBSD, and OpenBSD all include instructions for obtaining nonfree programs in their ports system. In addition, their kernels include nonfree firmware blobs.

Nonfree firmware programs used with Linux, the kernel, are called "blobs", and that's how we use the term. In BSD parlance, the term "blob" means something else: a nonfree driver. OpenBSD and perhaps other BSD distributions (called "projects" by BSD developers) have the policy of not including those. That is the right policy, as regards drivers; but when the developers say these distributions âoecontain no blobsâ, it causes a misunderstanding. They are not talking about firmware blobs.

No BSD distribution has policies against proprietary binary-only firmware that might be loaded even by free drivers.

Including nonfree software and pointing users to nonfree software is quite common among those who endorse the open source philosophy, as the FSF has long pointed out (older essay, newer essay). The open source movement's philosophy is a development methodology built to toss aside software freedom for practical convenience in an attempt to be "more acceptable to business". So this philosophical difference sets up a radically different reaction in the face of reliable, powerful proprietary software. Quoting the newer essay:

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

about 5 months ago
top

GM Names and Fires Engineers Involved In Faulty Ignition Switch

jbn-o Everyone needs software freedom. (307 comments)

And why all computer users need free software in all of their computers. I don't want someone I don't trust vetting the software that has the ability to ruin my project or kill me. Those who get to audit code may be expert in someone else's opinion, but I would rather have software freedom.

about 6 months ago
top

A Year After Snowden's Disclosures, EFF, FSF Want You To Fight Surveillance

jbn-o Re:Fixing a social problem with technical means? (108 comments)

It's not enough, true, but we need to get Americans trained in the practice of being more politically active and to seriously consider the consequences of their consumerism. Today, encouraging people to think of encryption as required for increased secure communications is good. We can't fix anything "once and for all" because any change to anything can be reverted (hence Andrew Jackson's warning "...eternal vigilance by the people is the price of liberty, and that you must pay the price if you wish to secure the blessing" applies here too). Software proprietors and others who want to rob computer users of their freedom spend billions training people to think ephemerally (in fact, /.'s chosen "firehose" structure of fast and frequent updates usually from corporate repeaters exists to further that end). We need ordinary people to become more aware of the consequences of ignorance, make better choices, and train future generations that the acceptable social norm is lifelong political involvement. I think failing to meet this need is one of Snowden's fears ("The greatest fear that I have regarding the outcome for America of these disclosures is that nothing will change..."), and why Stallman says things like "I don't want any fans I want Freedom Fighters, who could actually help in his revolution". I have no doubt that whomever follows that murderous war criminal Obama in the US White House will follow the same behavior he both chose to follow from George W. Bush and ramp up. I'm not certain what will stop the horrors of "Terror Tuesday" killings, indiscriminate NSA spying, and more, but I won't object when groups want to raise awareness and help normalize objecting to the loss of our civil liberties.

about 7 months ago
top

Why Snowden Did Right

jbn-o More of Eben Moglen's ramifications on Snowden (348 comments)

In case you didn't get to the bottom of the Guardian essay, that essay comes from "Snowden and the Future", a 4-part talk series Eben Moglen gave on October 9, October 30, November 13 and December 4 2013. It is highly recommended reading, watching, and/or listening. Audio, video, and transcripts are available at his website.

about 7 months ago
top

Did Mozilla Have No Choice But To Add DRM To Firefox?

jbn-o Re:Not denying something is different from forcing (406 comments)

Let's not also forget two other particularly powerful points made in the Free Software Foundation's (FSF) essay:

  • "We understand that Mozilla is afraid of losing users. Cory Doctorow points out that they have produced no evidence to substantiate this fear or made any effort to study the situation."
  • "More importantly, popularity is not an end in itself. This is especially true for the Mozilla Foundation, a nonprofit with an ethical mission. In the past, Mozilla has distinguished itself and achieved success by protecting the freedom of its users and explaining the importance of that freedom: including publishing Firefox's source code, allowing others to make modifications to it, and sticking to Web standards in the face of attempts to impose proprietary extensions."

Brad Kuhn builds on these points in his essay discussing Mozilla's announcement: "Theoretically speaking, though, the Mozilla Foundation is supposed to be a 501(c)(3) non-profit charity which told the IRS its charitable purpose was: to "keep the Internet a universal platform that is accessible by anyone from anywhere, using any computer, and ... develop open-source Internet applications". Baker fails to explain how switching Firefox to include proprietary software fits that mission. In fact, with a bit of revisionist history, she says that open source was merely an "approach" that Mozilla Foundation was using, not their mission."

Speaking of how people criticize the FSF without reading what they say, the FSF is not an "open source advocate" despite /.'s insistence to the contrary such as is stated in this story's headline. The FSF and the free software movement predate the developmental methodology known as open source, and the FSF fights for values the open source movement sets out to deny, namely software freedom. The FSF has published more than one essay on this topic (1, 2) and RMS includes a clear and cogent explanation of this point in virtually every talk you'll hear him give. Archives of these talks are readily available online in formats that favor free software. Mozilla's choice here is another example of reaching radically different conclusions given different philosophies: Mozilla's open source choice versus a free software activist's choice to reject DRM for many valid reasons the FSF points out.

about 7 months ago
top

Free Software Foundation Condemns Mozilla's Move To Support DRM In Firefox

jbn-o Re:Yawn. (403 comments)

With the number of times /. posters point out how RMS arrived at some conclusion well before so many other people, and wrote something illustrating the point and his rationale, I would hope /. posters would recall that.

More DRM isn't going to play out well for the public as it has already failed for those who enjoy leveraging their fair-use rights, reading/viewing something in another way, and more. RMS's ethics-backed rationale against DRM and nonfree software (as opposed to a developmental methodology that accepts practical convenience at the cost of our civil liberties) is simply invaluable. Snowden's revelations bring RMS's long-held objections to nonfree software into sharp focus all the more.

about 7 months ago
top

Glenn Greenwald: How the NSA Tampers With US Made Internet Routers

jbn-o Linux-libre is proof of the point, pre-Snowden (347 comments)

Addressing both your comment and the grandparent comment: this distinction of allowing non-free software is part of what distinguishes the older free software movement from the younger open source movement. RMS has been talking and writing about this critical distinction for years.

Consider the following from "Why Open Source misses the point of Free Software":

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

In other words, open source won't endorse software freedom for its own sake. That movement was designed to never raise the issue of software freedom in order to promote a developmental methodology thought to lead to more reliable, more powerful programs. That methodology is fine as far as it goes (everyone likes powerful robust programs) but as we're seeing with the Snowden revelations, that methodology doesn't go far enough. RMS realized this very early on and has been providing ethical counterarguments since the open source movement began (older essay, newer essay).

This difference explains what we're seeing in the very different approaches taken in Linus Torvalds' fork of the Linux kernel versus the GNU Linux-libre fork of the Linux kernel. Linux-libre's distinction is that this fork removes the blobs that come with the Torvalds fork of the Linux kernel. Torvalds includes nonfree code meant to make the kernel run on more hardware which places a high value on convenience at the cost of software freedom. Linux-libre values software freedom instead. As a result, Linux-libre doesn't run on as much hardware and might not take advantage of everything modern hardware can do, but one gains a system they are allowed to fully inspect, share, and modify—software freedom. Linux-libre lets users make sure the software does only what that user wants that program to do. RMS, as recently as his recent responses to /. questions, encouraged readers to reverse engineer hardware in order to fully document hardware ("The parts of Linux we need to replace are the nonfree parts, the "binary blobs". [...] The main work necessary to replace the blobs is reverse engineering to determine the specs of the peripherals those blobs are used in. That's a tremendously important job -- please join in if you can."). This work leads to increased support for fully free operating systems, including fully free support in Linux-libre.

Increased security is one of the things you get with the pursuit of software freedom for its own sake. I think RMS very much recognizes the security enhancements that come along with Linux-libre and why his organization won't recommend a system with nonfree blobs in it. I'd expect that Stallman would say security isn't a goal unto itself, but a feature of a more important concern: software freedom.

about 7 months ago
top

Richard Stallman Answers Your Questions

jbn-o Re:Your monologue is not interesting. (394 comments)

The objection you seem to have missed is that proprietors treat users badly without the user's ability to effectively improve the program for their own needs (even by hiring someone to do this work on their behalf). So better to rejecting non-free software on ethical grounds. Whether spies have used the power of a proprietary Angry Birds is a weak response compared to asking whether anybody should have to choose a potential loss of privacy to play a videogame. Tracking users (no matter how) without their explicit knowledge is something people don't know about and, when they learn about it, don't like. It's a shame you have such personal anger toward Stallman that you refuse to convey understanding his points. Your namecalling ("bearded zealot", "mooching") and lame counterarguments like "There's more effective ways for snoops to get info than through angry birds" run the risk of reading as tacit acceptance of RMS's points without giving him due credit for bringing those points to the public.

We don't know who can get data from RMS's Loonsong MIPS machine but paying attention to these issues and using what's available to practical effect is leading by example; a far more respectful approach which complaining and namecalling just can't beat.

about 7 months ago
top

Richard Stallman Answers Your Questions

jbn-o Your monologue is not interesting. (394 comments)

It's so convenient to argue against yourself isn't it? No need to ask him what he actually thinks (his email address is readily available) or read any of his many essays. You might be particularly interested in a list of surveillance examples found in proprietary software including one pertinant description for a program you just mentioned—"Angry Birds spies for companies, and the NSA takes advantage to spy through it too.".

about 7 months ago

Submissions

top

Replicant developers find and close Samsung Galaxy backdoor

jbn-o jbn-o writes  |  about 9 months ago

jbn-o (555068) writes "The Free Software Foundation reports that developers of Replicant, a fully free/libre version of Android, "discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system".

Replicant developer Paul Kocialkowski explains further in the blog post: (emphasis mine)

Today's phones come with two separate processors: one is a general-purpose applications processor that runs the main operating system, e.g. Android; the other, known as the modem, baseband, or radio, is in charge of communications with the mobile telephony network. This processor always runs a proprietary operating system, and these systems are known to have backdoors that make it possible to remotely convert the modem into a remote spying device. The spying can involve activating the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone. Moreover, modems are connected most of the time to the operator's network, making the backdoors nearly always accessible.

[...]

Provided that the modem runs proprietary software and can be remotely controlled, that backdoor provides remote access to the phone's data, even in the case where the modem is isolated and cannot access the storage directly. This is yet another example of what unacceptable behavior proprietary software permits! Our free replacement for that non-free program does not implement this backdoor. If the modem asks to read or write files, Replicant does not cooperate with it.

The blog post contains pointers to more information including a technical description of the back-door found in Samsung Galaxy devices and a list of known affected Samsung Galaxy devices. The FSF lists more ways proprietary software is often malware."
Link to Original Source

top

jbn-o jbn-o writes  |  more than 8 years ago

jbn-o writes "Prof. Eben Moglen, counsel for the Free Software Foundation, is working on the GNU General Public License version 3; an update of the most widely used free software license. He got a look at some of the details behind the Novell-Microsoft deal (in which Novell got $348m in return for a patent agreement covering SuSE GNU/Linux users) and spoke with Andrew Orlowski of the Register about how the GPLv3 will work against the Novell-Microsoft deal."

Journals

jbn-o has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?