Language Selection

English French German Italian Portuguese Spanish

FSF

Syndicate content
Updated: 15 hours 23 min ago

Free Software Foundation announces freedom-respecting videoconferencing for its associate members

Thursday 28th of May 2020 05:30:00 PM

The FSF has been raising the alarm about encroachments upon freedom by remote communication tools since social distancing guidelines were issued. The FSF's new videoconferencing service powered by free software comes after several of its recent publications warned users about widely used nonfree applications for remote communication and education, like Zoom.

"The freedoms to associate and communicate are some of our most important. To have the means to exercise these freedoms online controlled by gatekeepers of despotic software is always dangerous and unacceptable, only more so when we can't safely gather in person," executive director John Sullivan explains. "We are a small nonprofit and can't provide hosting for the entire world, but we want to do our part. By offering feature-rich videoconferencing in freedom to our community of supporters, and sharing how others can do it, too, we demonstrate that it is possible to do this kind of communication in an ethical way."

This project came out of the working group the FSF established to document and address major issues facing free software communication platforms. Another initiative in its free communication toolbox is a collaborative resource page created to steer users to applications that respect them. The goal is to help users avoid conferencing tools like Zoom, which requires users to give up their software-related freedoms, and which has been a recent focal point for criticism due to problems ranging from security issues to privacy violations.

Zoom is not the only nonfree communication software that has received scrutiny recently while surging in popularity. Facebook's recently launched Messenger Rooms service may offer tools to keep users out, but it is not encrypted, nor does it offer protection from the ongoing data sharing issues that are inherent to the company. Google Meet, Microsoft Teams, and Webex were also reported to be collecting more data than users realized. These kinds of problems, the FSF argues, are examples of what happens when the terms of the code users are running prohibits them from inspecting or improving it for themselves and their communities.

The platform the FSF will use to offer ethical videoconferencing access is Jitsi Meet. Jitsi Meet was also used when the COVID-19 pandemic forced the FSF to bring its annual LibrePlanet conference online. Choosing Jitsi Meet is the first step to addressing the problems posed to freedom by services like Zoom and Facebook. However, even users that start a call via a server running Jitsi could still be vulnerable, if that server depends on or shares information with third parties. The FSF made changes to the code it is running to enhance privacy and software freedom, and published the source code. The FSF instance does not use any third party servers for network initialization, and does not recommend or link to any potentially problematic services.

Jitsi Meet initiates an encrypted peer-to-peer conference when there are only two participants, but achieving end-to-end encryption for more than two people is not yet possible. FSF chief technical officer Ruben Rodriguez elaborates: "For any multiparticipant conversation, there will always be encryption at the network level, but you still have to place some level of trust in the server operator that processes your video stream. We are offering what is currently possible when it comes to multiparticipant privacy, and we are doing it on machines that we physically own." The FSF servers do not store any voice, video, or messages from calls, and logging is minimal and for the purpose of troubleshooting and abuse prevention only. According to its Web site, Jitsi is working to implement end-to-end encryption for multiple callers, and the FSF has confirmed plans to implement the improvements as soon as they become available.

Sullivan provided further comment: "The FSF is offering people a chance to keep their freedom and remain in touch at the same time. With these services, you usually have to sacrifice your freedom for the ability to stay in touch with the people you care about, and place your data in the hands of an organization you don't know. Our members trust the FSF not to compromise their data, and this way, we can offer both."

Associate members of the FSF pay a $10 USD monthly fee, which is discounted to $5 USD for students. An FSF associate membership will provide users with the ability to create their own meeting rooms for personal, noncommercial use, which they can use to invite others to join regardless of their location or membership status.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux.

Associate members are critical to the FSF, since they contribute to the existence of the foundation and help propel the movement forward. Besides gratis access to the FSF Jitsi Meet instance, they receive a range of additional benefits. Donations to support the FSF's work can be made at https://my.fsf.org/donate. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contact

Zoë Kooyman
Program Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

Free Software Foundation targets Microsoft's smart assistant in new campaign

Wednesday 1st of April 2020 04:10:00 PM

BOSTON, Massachusetts, USA -- Wednesday, April 1, 2020 -- Today, the Free Software Foundation (FSF) announced plans to follow up their recent campaign to "upcycle" Windows 7 with another initiative targeting proprietary software developer Microsoft, calling on them to Free Clippy, their wildly popular smart assistant. Clippy, an anthropomorphic paperclip whose invaluable input in the drafting of documents and business correspondence ushered in a new era of office productivity in the late 1990s, has not been seen publicly since 2001. Insider reports suggest that Clippy is still alive and being held under a proprietary software license against its will.

The FSF is asking its supporters to rally together to show their support of the industrious office accessory. Commenting on the campaign, FSF campaigns manager Greg Farough stated: "We know that Microsoft has little regard for its users' freedom and privacy, but few in our community realize what little regard they have for their own digital assistants. Releasing Clippy to the community will ensure that it's well taken care of, and that its functions can be studied and improved on by the community."

Undeterred by comments that the campaign is "delusional" or hopelessly idealistic, the FSF staff remains confident that their call to free the heavy-browed stationery accessory will succeed. Yet upon reaching out to a panel of young hackers for comment, each responded: "What is Clippy?"

It's our hope that a little outlandish humor can help others get through increasingly difficult and uncertain times. In lieu of showing your support for Clippy, please consider making a small donation to a healthcare charity or, if you like, the FSF.

Media Contact

Jonathan Tuttle
Office Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

More in Tux Machines

Ubuntu and Robotics

  • Linux-based Software for Automation

    Linux has a lot to offer the automation industry. It is a stable and scalable alternative to Windows operating systems that allows for arguably greater connectivity between devices and systems. It is open-source software, which is a plus, and therefore can allow a large amount of development flexibility. Linux also generally doesn’t have as much downtime as Windows and is arguably less susceptible to cyber attacks. The fact is that as the industry leans towards Linux, so too must we adapt. [...] Well, some industries prefer Linux for the aforementioned reasons, and because of that, we could see changes in how new manufacturing technologies and techniques are designed. Overall, as Linux becomes more prevalent, we may see the OS evolve to suit a variety of needs that are specific to each industry. Advancements are in progress every day, and it’s a possibility that automation will be made much easier as the OS adapts (at an increasing rate) to the needs of its consumers. Higher quality performance, increased security, greater versatility, and many other features are being looked forward to from the next iterations of Linux.

  • Ubuntu Blog: The State of Robotics – June 2020

    ROS 2 Foxy Fitzroy was released on June 5 for Ubuntu 20.04. Foxy supports many under-the-covers performance and stability improvements. Two of our favorites that continue improving robot security include a ROS Node Definition Library (NoDL) and enhanced security monitoring. NoDL defines configurations for each ROS node and how it interfaces with other nodes. By defining normal behaviors, ROS now can also enforce compliance with those behaviors, and robots can be monitored for abnormal behavior. Foxy improves on security monitoring by enabling logging for DDS communications. Once ROS 2 security features are enabled, environment variables can be configured to log security events to a file or publish them through DDS. Now not only can you monitor operational robot behaviors, you can also monitor communications security! This LTS release will be supported through May 2023. See Kyle Fazzari’s blog post for more information about ROS Foxy. ROS 2 now also has a rolling release for preparing for the next stable distribution development. Rolling Ridley is continuously updated and will at times include breaking changes.

  • Adi Singh, Product Manager in Robotics at Canonical – Interview Series

    Adi Singh, is the Product Manager in Robotics at Canonical. Canonical specializes in open source software, including Ubuntu, the world’s most popular enterprise Linux from cloud to edge, and they have a global community of 200,000 contributors. Ubuntu is the most popular Linux distribution for large embedded systems. As autonomous robots mature, innovative tech companies turn to Ubuntu, we discuss advantages of building a robot using open source software and other key considerations. [...] Building anything on open source software is usually a wise idea as it allows you to stand on the shoulders of giants. Individuals and companies alike benefit from the volunteer contributions of some of the brightest minds in the world when they decide to build on a foundation of open source software. As a result, popular FOSS repositories are very robustly engineered and very actively maintained; allowing users to focus on their innovation rather than the nuts and bolts of every library going into their product. [...] Ubuntu is the platform of choice for developers around the world for frictionless IoT and robotics development. A number of popular frameworks that help with device engineering are built on Ubuntu, so the OS is able to provide several tools for building and deploying products in this area right out of the box. For instance, the most widely used middleware for robotics development – ROS – is almost entirely run on Ubuntu distros...

  • NFV, cloud-native networking and OSM: everything you need to know
  • Design and Web team summary – 8th July 2020

    The web team here at Canonical run two-week iterations. Here are some of the highlights of our completed work from this iteration.

Mozilla: Firefox Nightly, JS, Security and Rust

  • Firefox Nightly: These Weeks in Firefox: Issue 75
  • Additional JavaScript syntax support in add-on developer tools

    When an add-on is submitted to Firefox for validation, the add-ons linter checks its code and displays relevant errors, warnings, or friendly messages for the developer to review. JavaScript is constantly evolving, and when the linter lags behind the language, developers may see syntax errors for code that is generally considered acceptable. These errors block developers from getting their add-on signed or listed on addons.mozilla.org.

  • A look at password security, Part I: history and background

    Today I’d like to talk about passwords. Yes, I know, passwords are the worst, but why? This is the first of a series of posts about passwords, with this one focusing on the origins of our current password systems starting with log in for multi-user systems. The conventional story for what’s wrong with passwords goes something like this: Passwords are simultaneously too long for users to memorize and too short to be secure. It’s easy to see how to get to this conclusion. If we restrict ourselves to just letters and numbers, then there are about 26 one character passwords, 212 two character passwords, etc. The fastest password cracking systems can check about 236 passwords/second, so if you want a password which takes a year to crack, you need a password of 10 characters long or longer. The situation is actually far worse than this; most people don’t use randomly generated passwords because they are hard to generate and hard to remember. Instead they tend to use words, sometimes adding a number, punctuation, or capitalization here and there. The result is passwords that are easy to crack, hence the need for password managers and the like. This analysis isn’t wrong, precisely; but if you’ve ever watched a movie where someone tries to break into a computer by typing passwords over and over, you’re probably thinking “nobody is a fast enough typist to try billions of passwords a second”. This is obviously true, so where does password cracking come into it? [...] This design is a huge improvement over just having a file with cleartext passwords and it might seem at this point like you didn’t need to stop people from reading the password file at all. In fact, on the original UNIX systems where this design was used, the /etc/passwd file was publicly readable. However, upon further reflection, it has the drawback that it’s cheap to verify a guess for a given password: just compute H(guess) and compare it to what’s been stored. This wouldn’t be much of an issue if people used strong passwords, but because people generally choose bad passwords, it is possible to write password cracking programs which would try out candidate passwords (typically starting with a list of common passwords and then trying variants) to see if any of these matched. Programs to do this task quickly emerged. The key thing to realize is that the computation of H(guess) can be done offline. Once you have a copy of the password file, you can compare your pre-computed hashes of candidate passwords against the password file without interacting with the system at all. By contrast, in an online attack you have to interact with the system for each guess, which gives it an opportunity to rate limit you in various ways (for instance by taking a long time to return an answer or by locking out the account after some number of failures). In an offline attack, this kind of countermeasure is ineffective.

  • Announcing Rustup 1.22.1

    The rustup working group is happy to announce the release of rustup version 1.22.1. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.

  • This Week in Rust 346

4 Useful Extensions to Make GNOME Desktop Easier to Use

If you’ve ever used the GNOME Shell on your Linux system, you’ve probably noticed that there are some ways it works that don’t make sense right away. The workspaces are arranged vertically, and there’s no dock, panel, or desktop icons to get to your applications easily. That’s where GNOME Shell Extensions come into play. Let’s check out some Gnome extensions that make the desktop easier to use. [...] This, along with the default four-finger gesture in Wayland, makes me feel like I’m using a system that is designed for the modern user on a laptop or a user with a trackpad attached to their desktop. It would be a great way to make use of an Apple Magic Trackpad on Linux, as it would allow you to work with one of the best trackpads in the world and use it for more than just clicking and scrolling. Now that you’ve taken your Linux laptop to the next level with GNOME Shell Extensions, make sure you learn how to get notified of updates for your extensions, check out some of the best laptops for Linux, and fix your touchpad that is not working in Linux. Read more

today's howtos