Archive for the ‘issues’ Category

why you'll never have security with Microsoft

May 6th, 2008

Here's the thing. I hate stating the obvious. It really annoys me. On the other hand, obvious things are sometimes things that most need to be repeated. So I wrestle with myself and I finally decide that I should, because there is a shockingly large number of people out there who don't realize how obvious this is. See if you can learn something from this mock dialog.

Vendor: Good morning, is this Harry, the CTO*, I'm speaking to?
Client: Yes, how may I help you?
Vendor: Hey Harry, this is Steve from Microsoft. I would like to talk to you about Windows Vista.
Client: What's that?
Vendor: Why, it's the brand new version of our Windows operating system.
Client: Oh, that.
Vendor: I was wondering if I could interest you in our product.
Client: You know what, I don't think so, we are a very security sensitive company, and..
Vendor: But that's precisely the reason I'm calling, I would like to tell you how you can enhance your security with Windows Vista. You see, we've built the operating system with security in mind and it's the state of the art in operating systems.
Client: Hey, that sounds pretty exciting. So how does this work now, you ship us the source code and...
Vendor: No no, we don't distribute the source code.
Client: You don't?!?
Vendor: No, you see it's a trade secret. (my precious etc)
Client: You're kidding, right?
Vendor: No, really.
Client: So how do we know that it's actually secure if we can't see for ourselves? How do we know there isn't anything malicious in it?
Vendor: Well you'll just have to trust us.
*Harry hangs up*
Vendor: Hello? Harry?
*CTO - the highest placed person who makes technical decisions in a company.

How did it go? Did you get it? It was kind of a long thing, huh? Ok, stop racking your brains, I'll give you the answer: no source code, no security.

Here's how that works. It's simple economics, so try to keep up. If they give you the source code, then they put their cards on the table. You can see what the code does, and if it's doing something stupid (security hole) or nasty (like sending your data to back to the vendor), then you'll be able to check for this. Now you may say "I don't know how to check", and that's okay. But just by giving you the source code the vendor knows that you can see everything the code is doing. And if you find something nasty in there, they know you'll never trust them again. So it doesn't really matter if *you* don't know how to check, because there are others who do, and sooner or later someone will find the nasty code if it's in there. Thus, if the vendor gives you the source code, then he'll be a lot more careful about what's in there, because he's risking losing your trust and your business forever. That will keep him honest.

Is there then anything surprising about finding out that Microsoft is putting in backdoors in Windows? No, because how would you know it's there? You don't have the source code! In case you were wondering, the words "security" and "backdoor" are mutually exclusive.

So what have we learned today? Is there somehow we could summarize all this in just one sentence? There is: If you want security, ask for the source code. If you can't get the source code, you know that the vendor isn't taking security seriously.

OLPC about to self destruct?

May 4th, 2008

I consider OLPC to be one of the most exciting initiatives of the last few years. When the idea was first circulated it was such an exciting call to arms to do something about the lack of education in poor regions of the world. And the project has produced what appears to be a pretty incredible product, the research of which is now recycled back into the general hardware industry, so it has brought advances that wouldn't otherwise have happened (now).

I recall pondering the real purpose of the project, asking what is going to be achieved with these laptops. The OLPC project had a very good answer to this. They said the laptops will promote learning in areas where school books are a luxury. Furthermore, the laptop itself is completely tweakable, you press a special key and the source code of the current program pops up. This will promote learning through tweaking and experimentation, so that eventually an industry can be built on these foundations, in regions where little industry exists today and where perhaps the potential for one (in terms of natural resources) is bleak. A beautiful dream, one that could change the world in big ways.

Now Negroponte has changed his tune. Visionary that he is, he failed to convince the clients of the value of free software. So now he's humming "forget open source, it's all about the kids!" while preparing to run Windows on the laptop. There is a new smoke screen being constructed:

Negroponte says that the organization is working to ensure that Sugar can run smoothly on Windows.

Riiiight, running Sugar on Windows. Tell me, what exactly is the value of running Windows with an all free software stack? It's completely useless, that's what. The whole value of Windows is as a platform, not merely as an operating system. People buy Windows to run Windows applications, not for Windows itself. Or are we actually buying that Egyptian officials are eager to purchase Windows licenses in order to run the free software suite?

Congratulations, Negroponte, you've just become a licensed Windows vendor. The kids will no doubt have fun clicking on the Start menu and playing Solitaire. There is a great deal to learn from that, just nothing about the operating system or the applications, you know, actual learning.

OLPC in its original form was about empowering the users, with Windows that capability is entirely destroyed. The fact you cannot mix learning with trade secrets should be blindly obvious to anyone. Open souce is important, but it's especially important when you want people to learn something.

Furthermore, learning doesn't happen in isolation. It's accelerated when it happens in a community of ideas and impulses that flow freely. Resigning OLPC president gets it when he says:

"What comes part and parcel with open source is a culture, and it's the culture that I'm interested in," he says. "It's a culture of expression and critique, sharing, collaboration, appropriation." And this culture can and should spill into classrooms, he says.

war is a racket

April 30th, 2008

For all the patriotic baloney nations are fed in pre-war time, with grandiose appeals to moral rightousness and complete confidence in their own success, it is little more than powerful, rich men sending clueless (or powerless) poor men to their death.

War is a racket. It always has been. It is possibly the oldest, easily the most profitable, surely the most vicious. It is international in scope. It is the only one in which the profits are reckoned in dollars and the losses in lives.

A racket is best described, I believe, as something that is not what it seems to the majority of the people. Only a small "inside" group knows what it is about. It is conducted for the benefit of the very few, at the expense of the very many. Out of war a few people make huge fortunes.

Who wrote this? Why, only the highly decorated general Smedley D. Butler, in 1935.

Yeap, that's right, folks. The plot in Inside Man wasn't made up. It was a real plot about a fictional person, crafted on the histories of real people.

Here's another truth ringer:

Like all the members of the military profession, I never had a thought of my own until I left the service.

But of course. Who in their right mind would go kill people at the risk of getting killed just so that a few rich men can get richer?

when faced with ethical ickiness

April 16th, 2008

And by ickiness I mean a question that you don't have the answer to, but you nevertheless have a gut feeling one way or the other. For instance: should gay couples be allowed to adopt? Another example would be: should it be permitted to clone humans? Or how about the old favorite: should sex play in kinder garden be encouraged (which I have absolutely no answer to)?

These are questions which have no prior answer, because we've only just been faced with them for the first time (or for that matter, only now been willing to consider them). There are many questions like this which have no answer (yet), but which nevertheless raise a certain instinctive feeling in us that makes us prone to lean to one side. This icky feeling is a fear within us that "something bad will happen" if this new thing is allowed to happen, without knowing what we really are scared of.

Many such questions have received answers in the past. For example the question of whether a brother and sister should be allowed to marry has been settled on the basis that children of such parents are born with serious deformities. Therefore we have a rational answer, not merely a fear.

What not to do: alternative A

Do not take your unarticulated fear to draw the conclusion that your instinct must be correct, and therefore suggest banning or condemning the practice. This is a purely emotional response with no rational justification.

Do not further aim to strengthen your argument by associating yourself with a large group of people who share your unarticulated fear and has decided to "do something about it". The ignorance of a thousand is no more equivalent to wisdom than the fact that the sun is the center of our solar system was discovered by popular opinion.

Those who would rather pretend that certain new possibilities were never discovered will desire to ban these, so that we can go back to believing these things are not possible. And if it is banned, no one will be doing it, so we can live in this illusion we've created for ourselves.

What to do: alternative B

Resign yourself to the fact that certain questions have no answer at the moment, and that at any given time there will always be such questions. Your pretty little head will resist this, because this makes certain things undecidable. But it is nevertheless the quickest path to happiness, as you will soon see.

What to do: alternative C

Pursue the answer intellectually, and aggressively. Read up on the science that is happening in this field and the discourse that is taking place between interested parties. Once you go in depth you will begin to understand not just the issue, but also your own fear and what it really is you're worried about. This will then prevent you from choosing the emotional answer of alternative A, because you will no longer be able to convince yourself that a rational answer is optional.

The final, undisputed answer to certain questions may not come for a long time, not even in the span of your lifetime. But with every step that you veer closer to the truth you will have a better idea of what it's likely to be. Until the truth is actually discovered, you will regularly find yourself faced with alternative B.

GPL vs BSD, a matter of sustainability

December 15th, 2007

If you haven't been living under a rock the past decade (I suppose Stonehenge qualifies) you may have walked in on some incarnation of the famous GPL vs BSD flamewar. It's up there with the most famous flamewars (now *there's* a research question for a brimming sociology student!) of our beloved Internet society.

Both licensing models have been around for a very long time. I don't know which predates which, but it really doesn't matter. The spirit behind both licenses is very similar: free software is good. But they realize this idea in different ways.

In the GPL license you have the four freedoms: to run the software, to have the source code, to distribute the software, to distribute your modifications to the software. What this implies is that when you obtain the software, you have the *obligation* to ensure that these four things hold true for the next person you give it to. After all, someone had to go to the trouble of preserving these rights for *you*, so you have to do the same for the next guy.

The BSD license is different, because it gives *you* the right to distribute the software, but it does not oblige you to make sure that the next guy has any such right. Well, that's not really a problem, the next guy can ignore you and get the software from the same source that you did (if that source is still available). But if you change it and you give it to him, you can forbid him from passing it on.

So who is right? Well, the BSD camp is. The BSD is no doubt a freer license, it gives you the right to decide what rights to bundle with the software. That is much closer to the absolute meaning of "freedom" than the GPL. Alas, it's not "completely" free, because you can't remove the name of the software's author and replace it with "Leonardo da Vinci".

What the GPL terms "freedom" is actually fairly subversive, because it *forces* you to do certain things. Most people who are forced to do something call that a "restriction" rather than a "freedom". It's true that you have certain freedoms when you get the software, but if you want to pass it on you have restrictions, so they could just as well call it the four freedoms and the four restrictions.

Therefore, if we take the philosophical ideal of freedom to heart, even though both of these licenses promote free software, none of them represent freedom, and the GPL is far less free than the BSD.

Harmless restrictions

Suppose you're a parent and you give your kid a candy bar and say this is for you and your brother, you can have half of it, and when he comes home give him the other half. Do you think that is going to happen just as you instructed? How confident are you?

Well, your intentions were good. You tried to ensure fairness. But we humans are scheming devils, aren't we? So our philosophy is a bit of an idealization, we just don't live up to it.

Is there some way we can find a measure of freedom that is good enough? The fact is that we live with a lot of implicit restrictions without worrying too much about them. If you tell your kid you're free to wear anything you want, eat anything you want, be anywhere you want, and do anything you want, except you can't burn the house down most kids would find that a very satisfying degree of freedom, despite the restriction. They would probably say well I wasn't going to do that anyway, all my toys would go up in smoke.

So what can we do about sustainability?

Freedom in its pure form is a wonderful thing, but it's not inherently sustainable. You can take something and compare it up against freedom and tell if it's free, but you can't use freedom to enforce freedom. That would be absurd.

The GPL model is sustainable. It offers freedom, but with the pragmatic twist that there needs to be some kind of force to keep the freedom in place. In that sense it could even be said to be more free, because the *accumulated* freedom over all people involved is higher than when one person has all the freedom and everyone else has none.

GPL freedom is isomorphic. If OpenOffice needs a way to open jpeg files, and the gimp already has code for this, OpenOffice can just take it. Then two years later if OpenOffice reads jpegs much faster, the gimp can take the modified code from OpenOffice and use it. Both parties have the same degree of freedom, and no freedom is lost along the way, the process is "lossless".

BSD freedom, on the other hand, is "lossy". If I get BSD code I have a lot of freedom, but the next guy doesn't. It's fairly well known that there is BSD code in Windows. And obviously, whatever Microsoft did with that code, they have no obligation to release their changes. So the code *was* free at one point, but it didn't *remain* free. Furthermore, even if they didn't change it one bit, if the original author is no longer around, Microsoft is still sitting on BSD code that is free for *them*, but it's no longer free for anyone else.

So what can we conclude from all this? Both license models make software free, but only GPL software is sustainably free. The BSD gives greater freedom, the GPL gives more freedom. Choose which one you value more.

For a more in-depth discussion see this essay, not only for itself, but also the many many references it contains to other relevant texts.

UPDATE: Alexandre Baron has written a French translation.