Language Selection

English French German Italian Portuguese Spanish

FSF

Syndicate content
Updated: 18 hours 17 min ago

Free Software Foundation announces freedom-respecting videoconferencing for its associate members

Thursday 28th of May 2020 05:30:00 PM

The FSF has been raising the alarm about encroachments upon freedom by remote communication tools since social distancing guidelines were issued. The FSF's new videoconferencing service powered by free software comes after several of its recent publications warned users about widely used nonfree applications for remote communication and education, like Zoom.

"The freedoms to associate and communicate are some of our most important. To have the means to exercise these freedoms online controlled by gatekeepers of despotic software is always dangerous and unacceptable, only more so when we can't safely gather in person," executive director John Sullivan explains. "We are a small nonprofit and can't provide hosting for the entire world, but we want to do our part. By offering feature-rich videoconferencing in freedom to our community of supporters, and sharing how others can do it, too, we demonstrate that it is possible to do this kind of communication in an ethical way."

This project came out of the working group the FSF established to document and address major issues facing free software communication platforms. Another initiative in its free communication toolbox is a collaborative resource page created to steer users to applications that respect them. The goal is to help users avoid conferencing tools like Zoom, which requires users to give up their software-related freedoms, and which has been a recent focal point for criticism due to problems ranging from security issues to privacy violations.

Zoom is not the only nonfree communication software that has received scrutiny recently while surging in popularity. Facebook's recently launched Messenger Rooms service may offer tools to keep users out, but it is not encrypted, nor does it offer protection from the ongoing data sharing issues that are inherent to the company. Google Meet, Microsoft Teams, and Webex were also reported to be collecting more data than users realized. These kinds of problems, the FSF argues, are examples of what happens when the terms of the code users are running prohibits them from inspecting or improving it for themselves and their communities.

The platform the FSF will use to offer ethical videoconferencing access is Jitsi Meet. Jitsi Meet was also used when the COVID-19 pandemic forced the FSF to bring its annual LibrePlanet conference online. Choosing Jitsi Meet is the first step to addressing the problems posed to freedom by services like Zoom and Facebook. However, even users that start a call via a server running Jitsi could still be vulnerable, if that server depends on or shares information with third parties. The FSF made changes to the code it is running to enhance privacy and software freedom, and published the source code. The FSF instance does not use any third party servers for network initialization, and does not recommend or link to any potentially problematic services.

Jitsi Meet initiates an encrypted peer-to-peer conference when there are only two participants, but achieving end-to-end encryption for more than two people is not yet possible. FSF chief technical officer Ruben Rodriguez elaborates: "For any multiparticipant conversation, there will always be encryption at the network level, but you still have to place some level of trust in the server operator that processes your video stream. We are offering what is currently possible when it comes to multiparticipant privacy, and we are doing it on machines that we physically own." The FSF servers do not store any voice, video, or messages from calls, and logging is minimal and for the purpose of troubleshooting and abuse prevention only. According to its Web site, Jitsi is working to implement end-to-end encryption for multiple callers, and the FSF has confirmed plans to implement the improvements as soon as they become available.

Sullivan provided further comment: "The FSF is offering people a chance to keep their freedom and remain in touch at the same time. With these services, you usually have to sacrifice your freedom for the ability to stay in touch with the people you care about, and place your data in the hands of an organization you don't know. Our members trust the FSF not to compromise their data, and this way, we can offer both."

Associate members of the FSF pay a $10 USD monthly fee, which is discounted to $5 USD for students. An FSF associate membership will provide users with the ability to create their own meeting rooms for personal, noncommercial use, which they can use to invite others to join regardless of their location or membership status.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux.

Associate members are critical to the FSF, since they contribute to the existence of the foundation and help propel the movement forward. Besides gratis access to the FSF Jitsi Meet instance, they receive a range of additional benefits. Donations to support the FSF's work can be made at https://my.fsf.org/donate. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contact

Zoë Kooyman
Program Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

Free Software Foundation targets Microsoft's smart assistant in new campaign

Wednesday 1st of April 2020 04:10:00 PM

BOSTON, Massachusetts, USA -- Wednesday, April 1, 2020 -- Today, the Free Software Foundation (FSF) announced plans to follow up their recent campaign to "upcycle" Windows 7 with another initiative targeting proprietary software developer Microsoft, calling on them to Free Clippy, their wildly popular smart assistant. Clippy, an anthropomorphic paperclip whose invaluable input in the drafting of documents and business correspondence ushered in a new era of office productivity in the late 1990s, has not been seen publicly since 2001. Insider reports suggest that Clippy is still alive and being held under a proprietary software license against its will.

The FSF is asking its supporters to rally together to show their support of the industrious office accessory. Commenting on the campaign, FSF campaigns manager Greg Farough stated: "We know that Microsoft has little regard for its users' freedom and privacy, but few in our community realize what little regard they have for their own digital assistants. Releasing Clippy to the community will ensure that it's well taken care of, and that its functions can be studied and improved on by the community."

Undeterred by comments that the campaign is "delusional" or hopelessly idealistic, the FSF staff remains confident that their call to free the heavy-browed stationery accessory will succeed. Yet upon reaching out to a panel of young hackers for comment, each responded: "What is Clippy?"

It's our hope that a little outlandish humor can help others get through increasingly difficult and uncertain times. In lieu of showing your support for Clippy, please consider making a small donation to a healthcare charity or, if you like, the FSF.

Media Contact

Jonathan Tuttle
Office Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

More in Tux Machines

Microsoft slips Bing search into Android through Outlook

If you use Outlook for your Android phone’s email and calendars, you might see an unexpected sales pitch for Microsoft’s search engine. Android users have discovered that Outlook slips a “Bing search” option into the long-press menu you see when you select text. Tap it and it will open your default browser with a Bing query for whatever words you had selected. It’s helpful, but likely not what you wanted if you live in a Google-centric world. The menu option doesn’t appear for everyone, and some have reported success in getting rid of it by uninstalling Outlook. It might not even be visible if you reinstall the app. It doesn’t appear to be available when you install other Microsoft apps beyond Bing. Read more Also: Microsoft caught sneaking Bing search onto phones with the Outlook app Microsoft's clever trick to get Android users search on Bing instead of Google

My Linux story: breaking language barriers with open source

My open source journey started rather late in comparison to many of my peers and colleagues. I was pursuing a post-graduate degree in medicine in 2000 when I managed to fulfill a dream I’d had since high school—to buy my own PC. Before that, my only exposure to computers was through occasional access in libraries or cyber cafés, which charged exorbitant prices for access at that time. So I saved up portions of my grad student stipend and managed to buy a Pentium III 550 Mhz with 128MB RAM, and as came standard in most computers in India at that time, a pirated version of Windows 98. Read more

5 things to look for in an open source alternative to SharePoint

We're entering a collaboration platform renaissance as remote work becomes the norm for enterprises large and small. Microsoft SharePoint—a collaboration platform available on premises or in the cloud—is the de-facto standard for corporations and government agencies. However, SharePoint implementations are infamous for the challenges that prevent their completion. Combine those common speedbumps with shrinking IT budgets and rising collaboration requirements because of remote work, and open source alternatives to SharePoint become well worth a look. Read more

German bill provides network traffic redirection to install state trojans

Preliminary note: This post primarily affects users falling under German jurisdiction, but may apply to other countries as well, where similar laws are already in place or about to be introduced. Unfortunately, some primary sources are German only. According to current status and local knowledge, the German government is about to establish a law that provides the redirection of network traffic through a intelligence agencies' infrastructure in order to exploit security vulnerabilities and, for example, to install a certain type of malware known as Staatstrojaner (state trojans). The bill lists both end-user devices and servers as potential targets, and requires "telecommunication service providers" to establish and maintain infrastructure for transparently redirecting traffic of certain users, households, or IP addresses. "Telecommunication service providers" covers any company providing telecommunication services, thus ranging from cable, DSL or fiber providers to mail, VoIP and messaging vendors. Ultimately, even backbone providers or internet exchanges are covered by this definition. [...] The state trojan was meant to be the ultima ratio when it was introduced in 2009. It could only be used by the Federal Criminal Police Office (Bundeskriminalamt) in case of international terrorism and preventing terrorist attacks. Once such laws were introduced, governments usually get a taste for it. As of today, any police authority may use it even in cases of less severe crimes than terrorism such as counterfeiting money or violations against the Narcotics Act (Betäubungsmittelgesetz, e. g. drug consumption or trafficking). As you can see, compromising devices became increasingly common as a measure at law enforcement agencies. It is probably going to be extended to intelligence agencies within a short amount of time. For obvious historical reasons, the German state only gives certain rights to police and intelligence agencies to avoid too much power being concentrated in one organisation, which could turn it against their people. [...] At IPFire, we fight to protect your network. Frankly, this was complicated enough before governments legalised hacking by intelligence agencies. This German bill will not make anything more secure. Instead, it will turn defense against security vulnerabilities even more into an arms race. This is not an example of "the opposite of good is good intentions". This is beyond dangerous. Imagine, for example, cyber criminals or foreign intelligence agencies (ab)using that redirection infrastructure in order to deploy their malware. Perhaps they will be able to take advantage of some zero day exploits left on some servers in that infrastructure as well (the CIA suffered from a similar breach in 2017). With a blink of an eye, arbitrary malware could be placed on a significant amount of computers compromised that way. Ransomware attacks such as WannaCry or NonPetya come to mind... Imagine compromised machines being vulnerable to other attacks as well, as some security measures have been turned off. Image surveillance abuse. Imagine future governments abusing this feature for persecution of unwanted people or political opponents - with a view at current political events, one may be concerned about personal liberties being restricted. [...] We will start next week by providing advice on whom to trust and how to establish a security-focussed mindset. Afterwards, we focus on specific technical aspects and advise how to configure IPFire machines as secure as possible - as it already implements effective mitigations against those attacks. Read more