systemcall dot org

False security is worse than no security. It’s that simple.

Bruce Schneier won’t stop saying how CCTV cameras are not only plain ineffective, but they bring the false sense of security even on police forces that won’t patrol the streets as good as they would without cameras. People won’t worry as much as they would without cameras and become easy baits for common robbers.

The same apply to computer security, of course. Building up a firewall in your computer, running an updated version of the latest anti-virus / anti-rootkit / anti-malware / anti-whatever won’t protect you from the most simple of the attacks: social engineering. One email or phone call done right to the right person is enough to render the whole network inoperative for hours or to pass sensible information to black hats do whatever they want or need in order to hack a system. Yours or any other.

As if it was not enough, as Bruce always point out, placing cameras will make robbers attack on places without cameras. In the same line, placing personal firewalls will make viruses mutate and attack on more subtle ways. Placing proxies and snooping hardware on your network will only make the real offenders care more when they’re accessing prohibited websites or protocols, for they will anyway.

The fact is simple: You can’t assure 100% of security.

Money is hardly the issue here. Think on the amount of money the US spend on securing their own classified data. Probably more than what they spend on wars around the world. But it wasn’t enough, Gary McKinnon could get into all of that to search for UFO information (yes, I do believe him). Apple spends a whole bunch on securing their devices and Brazilian hackers unlocked it only 3 days after the new iPhone 3G was released.

DRM is the other myth I can’t understand how people with a bit (not much) of clarity and intelligence can ever think it’s worth the shot. All major locks imposed to consumers were broken immediately after they were released. Hackers (good and bad ones) can easily break into any security scheme but the normal public will have to use the digital handcuffs. It’s not only unfair, it utterly stupid and pointless.

There is no sensible choice other than agree with Richard Stallman’s philosophy: ideas should be open and free. Competitive advantage must be on what you are doing rather than on what you’ve done. It’s impossible to secure the past, let it go, walk forward, invent!

What’s the value (worth of stealing) of your previous achievements if your future ones are much better? What could a hacker possibly want with old things? If they’re hacking, it means you’re not fast enough! Keep up!!

Popularity: 1% [?]

Share This

I’m a big advocate of free software, highly active on the Anti-DRM campaign and a big fan of Richard Stallman (as you can see by reading back lots of posts on this very blog). In his last text to the media about Bill Gates’ retirement, he says (as usual) some very strong arguments about fair societies, freedom of use and copy etc. We all know that, right?

Well, there is one thing I don’t particularly agree: proprietary software.

In a recent talk, he said there was a fair reason why there is copyright: Investment in technology. In the old days, it was the press. Today, we have software companies.

The beauty and the beast

Microsoft, as he said (and I reiterate), only abused of development made by other companies since their first product. Worse, since then, they’ve been buying one company after the other and scraping each one of them (pretty much like Yahoo! is doing recently, therefore the interest). But there are lots of others that are doing fine, and it’s not fair to put them all in the same box.

Adobe Photoshop is a great example. Gimp is fantastic, of course, but the investment in Photoshop is huge and there is a clear difference. The cost is high, but the quality is also high. Like Photoshop, many other specialist software in music, video, animation, scientific, electronic, games and so on have a specific market, to which they belong and are doing pretty well. I’m not saying Adobe (or any other specialist company) is fair, just that some are investing seriously in development, not only sucking their users money and freedom.

Windows is unfair, it locks the user, it treats them as liars, cheaters, yes. Worse still, you can’t use it with anything else because it’s forcefully incompatible with the rest of the world, yes! They’re cheating by making you buy their license even if you’re not using, to force you update Internet Explorer even if you use Firefox, to report all your actions to Microsoft and god know what more. YES!!

Apple with horrible DRM locks, pushing iPhone updates and all we already know they do, Warner, Sony and all the like. Yes! They are mean! But that doesn’t mean all companies are.

Research and Development

If you have a free software (open source) that is enough for your uses, or you can hire someone to increment or adapt it to your needs, fine! If you can write software to your needs and redistribute it to the rest of the world, perfect! But why negate the existence of fair research and development, I don’t know.

I’ve been on the academia side of development to know very well what happens here: some PhD writes a piece of software, without any care for quality or extensibility. Later on, someone (or themselves) make it open source and people start using it, extending it. But most of the time it’s not possible to carry on incrementing, its need a re-write. And people re-write software fortnightly on academia.

The investment is in giving PhDs a good time and not to produce good software. Free software is good not because of that investment, but because people that need it, do it. It’d be fantastic if academia could teach them about software quality, if there was a real control over what they produce (like acceptance by the open source community) as part of their grades.

Now, private companies (like many around Cambridge) invest a good bunch of money in research and development, hiring those same guys and giving them a proper training in software engineering and getting things done, very well indeed. That costs money, I can’t see how they could open the source, at least not in the first years of sale.

Extensibility

Some companies give it for free (as in beer) for academic institutes. But the most important (IMHO) is to be extensible and to have a clear interface. Good software, even if closed source, have a clear and easy-to-use interface. With that, you can extend it to suit your needs. It’s not as good as having the source, but it’s a start.

Enforcing DRM locks, spying on users, making impossible to connect to other software, being nasty is the problem, not being proprietary.

Popularity: 5% [?]

Share This

Recently I posted about Stallman and Copyright, and how his beautiful ideas about how artists could make a living. Not every one think the same way, though…

Terry McBride, a somewhat famous music manager is also spreading the world about the end of copyright, as reported by El Reg, but with a bit of a twisted view on how actually bands could get some money out when labels won’t exist anymore.

The idea is quite old and obvious, football teams and websites do it for years, and is simply ad-driven free content. It’s not exactly free as in freedom as Stallman would love, I’m sure, but it’s a closer reality and I’m afraid we’ll have to go through that to reach real freedom.

Google is probably already developing AdSense for young female singers to display “Ads by Google” on their forehead while playing in a concert, and Microsoft is already filling the patent on how to force Vista buyers click on their “Ads by Yahoo! (I mean, Microsoft)” links on bands’ websites with “free” download that can only be played on leap years.

All in all, GNU is doing well and Stallman should be proud of it. The French revolution was an intermediate stage to “free the people” which was kinda necessary, pity they never reached true freedom. We might need this intermediate state again now, I just hope we don’t do the same mistakes this time (whatever they were)…

Popularity: 13% [?]

Share This

Yesterday I went to Stallman’s talk at Cambridge University where he proposed a new copyright scheme. Here is the transcript of the same talk elsewhere, not the same text but the same ideas.

Below is a mix of what he said and my thoughts on the subject based on his thoughts (complex, I know) so don’t take this as his strict opinion, go to gnu.org to know his real opinions.

Copyright

Copyright was invented to protect evolution of ideas and development of new technologies, to protect those that invested so much to create a good product not being scavenged by the lazy competition, but the way it’s been implemented today it not only taking aways our most basic freedom of use and friendship (by means of lending to friends) via DRM, but it’s also mining development of new technologies (see the BluRay case) and the evolution of ideas (see software patents).

To address how to create a copyright law that would get us back on protecting evolution and development, he divided creation in three groups and proposed a scheme based on them:

• functional: Things you use at work or to perform work. Good examples are software, cooking recipes, tools, etc.
• testimony: For the lack of a better term, testimony is the category which works of report, history, opinions, achievements (like scientific papers) are part.
• art: Entertainment or artistic purposes only. Movies, music, paintings etc.

Reach everywhere

His copyright proposal says that every piece of work, no matter in which category it lies, should be allowed to be freely distributed (as in backing up your CDs as well as lending the backup to your friends indefinitely). This allows anyone to copy whatever they like, whenever they want, as many times as they think it’s good.

Some questions raised, and easily addressed:

1. How to control who is only copying and who is actually buying your work? Easy, you don’t. You don’t have this control today, and it’s a dream to think you will ever be able to do such thing.
2. So, how to authors make money? Lots of authors already make money out of donations, like a Canadian singer (I’m guessing this one) already makes a living out of donations and she’s not even locally famous. According to him, her wages were above what average bands get from “normal” recording companies.
3. But I’m a new band, no one is going to see my website. For that, he said, governments could have a tax (like one pound per month or so) and the money would be distributed directly to the authors and not their recording companies or publishers, based on popularity. The whole polling/popularity/tax thing was in the early stages of evolution in his mind but nevertheless, it was already practical for other famous bands like Radiohead.
4. Why should I have a website to make money? You don’t, and that’s a stupid question. This was one of the ways of getting money, you can ask for money on your shows too, be creative!

Some modifications allowed

The difference comes to modification. According to him, every commercial use of anything should be strictly bound to the copyright laws, which should block any unauthorized use of the material for around 10 years (some say 5 is better). After that, everything is on public domain.

Before that, though, for some types of work you cannot modify it without the author’s (or the bunch of lawyers from the recording company) consent. This is the price we pay for being in a capitalist society.

Indeed, this is a fair price to pay for art and testimony works, as we don’t need to modify Mona Lisa to be creative, we can create something new and, when the copyright expired, than we can modify it and be creative on top of it.

But not everything can wait. If a hammer is too long for your work you can saw it in half and be much more productive. You are allowed to say your friends to buy the hammer and saw it in half, to blog about it, write books and talk it on TV.

The same idea should be always true to software. If the program doesn’t work the way you want you should be able to modify it, post the patch, publish a book about it if you want. But the source code is hidden.

Hidden source code not only takes you the freedom of change to be more productive, but also takes aways the freedom of knowing what you’ve got in the first place. It’s very common to see big companies installing root kits, DRM kits, monitoring kits on your computer and you can’t detect it because the source is not available. Those kits takes away other freedoms as well. You can’t use the media as you like, share with friends and so on.

So this freedom is critical and for that, Stallman’s proposal is to make it compulsory to any functional work to be open to public scrutiny, allowing modifications and redistributions as many times as needed.

Some of the questions were:

• How do you discern between art and functional work? It’s not up to you to define that. When you go to a court, the judge and jury defines if you’re guilty, if it was homicide or just manslaughter, and what your penalty should be. For some things it’s so obvious that you don’t even go to the court, the policeman can arrest you straight away (of course you still have the right to a lawyer and a call) but for others you always have the public opinion a sa last resource.
• Hot to make money out of software, then? This is a very old question and Stallman himself answered it many many times, check the gnu.org link provided above.

Big deal

It seems impossible, though, to achieve such a radical change in every country’s laws all over the world. It’s a task that many would consider crazy, not to say useless. Others will say that there are many other quests that are much more important than that, so why bother?

Stallman’s answers (not literal, compiled and re-written by me with my own words) was quite clear, sober and simple (and this is why I admire him so much):

1. I’m only a man, I can’t fix all problems in the world. No one can in a life time, so we need to focus on one problem and go as far as we can. This is my focus.
2. It’s not only about software, it’s about freedom. Today’s society is heavily based on software so freedom of software is freedom of society. When you listen to a song in your iPod you’re listening to a stream of bits played by a software. Your freedom to listen to music, watch movies and work productively is at stake, we can’t afford to let it go.
3. Finally, I’m not saying you should do it, you do whatever you want, but who wants to join me in that quest is more than welcome.

So, freedom of software is, in fact, freedom of society. Each step towards digital restrictions is a step against freedom of society as a whole and every one can help with this quest by changing their ways just a bit here and there. It’s so easy, it costs so few and the result is so important that there is no excuse to avoid it.

Use open formats (for documents, videos, music), open source software (Ubuntu is easier to use than Windows IMHO), avoid buying DRM-ready media or giving money to companies that promote any kind of unlawful restrictions.

On the other hand, if you’re eager to help, join the DefectiveByDesign campaign of the Free-Software Foundation, or even FSF itself and make the world know that you DO care about your freedom.

PS: Stallman, let me know if you think you were misrepresented by this post in any way. Unfortunately this is not a wiki where you could change it yourself but I’d be glad to make any change.

Popularity: 14% [?]

Share This

If you, like me but unlike American legislation, think that software patents are just unthinkable, please join forces with End Software Patents. Spread the word, help your friends understand why it’s inconceivable to claim ownership upon ideas and mathematics, not to say both (as software).

Please note that this is not just a campaign or petition, they’re also offering legal help if you’re stuck with a patent claim or if you need better arguments on why software patents are bad to our business.

Thanks Josh for the link!

Popularity: 7% [?]

Share This

After EMI and Universal, Warner is also making music available without DRM protection at Amazon’s website.

It couldn’t be done without the efforts of us all, especially the guys at Defective by Design, a campaign of the Free Software Foundation.

I hope we don’t need to wait until next Christmas to see Sony do the same thing… sigh…

Popularity: 8% [?]

Share This

Western Digital thinks that bundling the external hard drive with a crappy software that won’t allow you to share your own videos, music and photos is security.

A friend of mine have this disk, he uses for everything, including legal music bought over the internet and other mp3 (like my band’s songs) without DRM. It works a charm on his Mac and on my Linux, I didn’t even know that drive had restrictions.

It’s quite easy for the newbie geek to avoid DRM (especially if he/she uses Linux or Mac which is common) but the non-geek consumer will probably give up the whole thing and by a new one. If only the hardware industry would just stop and think for a second…

I wonder if the same security consultant WD used is the one behind biometric passwords… or probably they just did the same security course at Microsoft…

UPDATE: a very good article by BBC.

Popularity: 9% [?]

Share This

In the country where the joke is always ready, here comes another one: Quantum Laws: In Brazil, there is no right OR wrong but right AND wrong.

According to the constitution, broadcasts must be free (as in beer AND freedom) but the minister of communications himself is trying to impose a major DRM system with national coverage that will force everyone to buy an official box where you can’t do what the constitution allows you to.

Because who is pushing this change is the government itself, they must be relying on some sort of quantum effect where you can superpose two states at the same time and still run things smoothly. Weird enough, Brazil is full of those little quirks and it’s still going… only they will find out to where a bit too late…

Sources:
icommons.org
Folha de S. Paulo (pt)
culturalivre.org.br (pt)
Andreum’s Blog

Popularity: 10% [?]

Share This

Following DeffectiveByDesign’s campaign to show the world what really is DRM when someone search it on google, I’m adding the link below to explain the world what really is DRM. Please, add the link below with DRM as description to any page you have the access to write (and won’t cost you your job):

http://www.defectivebydesign.org/what_is_drm like this: DRM

Read more about it here.

Popularity: 4% [?]

Share This

DRM screw up creative development, user rights, commercial rights, usability, quality and freedom. Let’s fight against it this Saturday!

http://defectivebydesign.org/en/actions/oct3/apple_store_regent_street_london

Popularity: 4% [?]

Share This

« Previous entries