Dear all,
In the spirit of full disclosure, let me start by pointing out that I am CEO
and - along with other employees, some of whom you will also know -
shareholder of Kolab Systems AG (https://kolabsystems.com) and that Kolab
Systems has been the driving force behind Roundcube for the past years.
Kolab Systems has also agreed to help the Roundcube Next team in its aim to
refactor and build the next technology generation.
So I am not neutral.
That said, I genuinely believe it is extremely important for the Free Software
community to get behind Roundcube Next and help us push it forward, as
well as bring others on board with it.
The longer story is here: http://blogs.fsfe.org/greve/?p=676
TL;DR, Part I: As a community we *require* technologies that compete with
Google Apps, Office 365 and the likes in features, convenience, UI/UX, yet
provide full control and freedom to users.
TL;DR, Part II: Application Service Providers should get on board with that
push *right now* because otherwise they will find themselves forced into
becoming re-sellers for Office 365 and Google Apps -- and increasingly
unable to compete with their features & networking effects.
Some already understood this, and have joined the Roundcube Next community,
such as cPanel (http://blog.cpanel.com/on-to-the-next/), Tucows, and now also
Fastmail (http://blog.fastmail.com/2015/06/05/fastmail-supports-roundcube-next-develo…).
But there are many more providers using Roundcube today who have not joined,
nor have they contributed in the past. For them it should be obvious to join.
And then there are those that have their own home-brew interfaces (such as
Fastmail) who get the unique opportunity to become part of a new, growing
community that will create a technology that will make them fully competitive
against the "big clouds" in 18 months from now.
Unfortunately, most of them have not realized this yet.
So unless your provider is cPanel, Tucows, Fastmail or Kolab Now, all of who
are part of this already, please encourage them to step up and join the
community to push for Roundcube Next.
Direct link for your convenience:
https://www.indiegogo.com/projects/roundcube-next--2/x/4658765#/story
Best regards,
Georg
--
Georg C. F. Greve <greve(a)fsfeurope.org>
Member of the General Assembly
http://fsfe.org/about/greve/http://blogs.fsfe.org/greve/http://identi.ca/greve
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All,
It has recently come to my attention that many in the free software
movement are unaware of a relatively new development on x86 platforms
that permanently removes the ability to use these platforms without also
continually executing signed, proprietary code at the highest possible
privilege level. All post-2013 (AMD) and virtually all post-2009
(Intel) systems contain this mandatory technology, and therefore, by
design, can never be converted to run using pure FOSS. Prior to these
changes projects such as coreboot could be used to replace the boot
firmware with a FOSS alternative.
The technologies in question are the Intel Management Engine (ME) and
the AMD Platform Security Processor (PSP). Both serve effectively the
same purpose; to ensure that the physical owner of the machine never has
full control of said machine. These technologies, in turn, are used to
implement various forms of remote control and Digital Rights Management
(DRM) technologies, including Secure Boot, which even now requires FOSS
users to purchase a license from Microsoft to boot FOSS on affected
machines that lack an appropriate Secure Boot override. This includes,
for example, many newer laptops. Major distributions have worked around
this issue by purchasing a signing key from Microsoft for their binary
packages, but the end user is unable to modify the signed software
without a license from Microsoft, even though they have the source code
available to them under the GPL.
Furthermore, these signed, proprietary, binary-only firmware blobs must
execute on the service processor(s) before the main x86 CPU cores are
even released from reset (AMD), or will hard reset the entire system
after around 30 minutes of non-operation (Intel). These blobs continue
to operate on the service processor(s) as long as the system is powered
on, and in the case of the Intel ME they also continue to operate while
the system is powered off but still has access to power (e.g. plugged in
or charged battery attached). These services processors have full
access to system memory and all system peripherals, effectively giving
the binary blobs executing on them a higher privilege level than even
the operating system kernel. Due to the ability to access system
peripherals, these proprietary blobs could easily contain code to
exfiltrate encryption keys, remotely activate microphones and cameras,
plant unwanted data, or simply remotely disable the ability of the
machine to boot FOSS operating systems entirely. Finally, the Intel ME
firmware can be forcibly updated by a remote entity; it is unknown
whether the AMD PSP contains similar functionality at this time.
So, what can an average user do? The obvious answer is to simply switch
away from using the x86 architecture entirely. As Intel owns all rights
to the x86 architecture, there will never be any new manufacturers
licensed to make x86 chips, and therefore there will never be any
competition to remove these DRM-laden antifeatures. There are numerous
alternative architectures available, especially for those already using
software with the source code available (i.e. FOSS), all of which can be
licensed by other manufacturers should the need arise.
************************************************************************
General Overview of Alternate Architectures
************************************************************************
=== ARM ===
While the ARM architecture may be more wildly known for locked-down
computing products, there are several ARM devices on the market that
allow full FOSS replacement of the boot firmware. Generally these are
laptops, tablets, and embedded systems, with one example laptop being
the ASUS C201 Chromebook:
https://libreboot.org/docs/install/c201.html
Using ARM in a mobile form factor also provides advantages of low cost
and long battery life, albeit at the expense of overall system performance.
=== POWER ===
IBM has recently released their high-performance POWER8 architecture for
third party licensing, and has also released a small treasure trove of
firmware and documentation for these devices. POWER is the only
architecture currently competitive with Intel in terms of raw
performance, and boots using a fully FOSS firmware with no DRM
antifeatures embedded. The primary disadvantage of power is cost, as it
is currently targeted at the server and datacenter markets. We are
attempting to bring POWER to the high-end workstation market in a
FOSS-friendly form via the Talos™ Secure Workstation, but need
additional interest to make this a reality:
https://raptorengineeringinc.com/TALOS/prerelease.php
=== MIPS ===
Less well known than ARM, and with less vendor choice, MIPS is often
overlooked. However, China has revived this architecture for general
purpose computing with the Loongson core, and several machines are
available using this processor. As a niche processor it has far worse
performance than even a low-end ARM processor, but marginally better
energy efficiency. Not recommended in light of ARM and POWER8:
http://www.lemote.com/html/product/atx/2015/1227/8.html
=== RISCV ===
While this architecture is extremely limited in performance, price, and
performance per watt compared to x86, ARM, or POWER, it is also one of
the only fully open source CPU architectures available outside of an
FPGA. and may eventually be competitive with MIPS in terms of raw
performance. Currently there are no RISCV SoCs in production, however
projects such as lowRISC aim to change that:
http://www.lowrisc.org/
************************************************************************
So, what are your thoughts on the current x86 proprietary software
situation? Are you willing to continue to use FOSS software inside the
ever-shrinking x86 "software jail", or are you possibly willing to give
up some cost or performance advantages in order to retain full control
of the software running on your hardware? This is a question that will
need to be answered soon; the long-term consequences of a fully
TiVo-ized computing world are not to be taken lightly, and thus far the
free software community has put up very little resistance to the
antifeatures being forced into modern x86 platforms. I hope to provoke
wider discussion on these topics via this message.
Thank you for your attention!
- --
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
http://www.raptorengineeringinc.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJXAoLsAAoJEK+E3vEXDOFbstsH/0BrB1VLKuSDDPdV4C7qJQOc
5euFCVc3cjZJhl+oGHQ2LuSuDM6J9DuYRxJQq53Xx9WYrNMSuqNjcnaagIhew+Ci
ocMEQNB3G7ob4+56kyYrOTL7YoqrFcqa9Y5rpBXBt5ufnYt/g3n1Zin7xQycJ/rP
ldLeADsaTJpsRgWLBTDnOAmMGBh1Xv4d4w1ZYAgoNfGJD6nc7NhihajIMZRIgHIn
/Uo2brToF6exizHFMGWLwYdEKLOkoau7Bmz5yaGKI0JJF7hzq/G9dpecKf42G1ra
Fr9q07JHCre7JJrq6SlbjapJyDB+OOK+YoFDjTsxaikV8E20AIQG4VkS3DsL7rU=
=47/v
-----END PGP SIGNATURE-----
Hello,
I produced a summary of a longer debate on the German discussion
list which addressed a lot of aspects that may be relevant to other
European countries. Please comment here on this list or per PM. The
text below is also available as a blog post [0].
The [1] trigger was a letter that a school kid brought home, informing
the parents that a Windows 10 device with MS Office 2013/2016 will be
made mandatory to participate in class.
As outrageous this sounds for Free Software supporters, I fear that
this is getting common practice throughout Europe and that most
parents accept it with a shrug. I’ll be happy for any feedback
dispelling or confirming this fear.
Is there a template letter to complain about it?
The original poster asked if there was template letter for such cases
that he could use to inform the school that this practice is not what
he expects from a public body.
Wouldn't it be nice to have such a template or maybe even a booklet of
templates? As English is most commonly understood in Europe, it would
be best to start with an English version and move on with
[2]translations into other languages. In fact, [3]creating a section
with sample letters has been on our wish list for years already! Feel
free to plunge in!
There are currently two versions of the draft: [4]one and [5]two, both
German. (By the way: the FSFE maintains a [6]public Etherpad you can
use for such cases.)
As the last post in the discussion so far, Max shared some brief
findings from the [7]European Free Software Policy Meeting in
Brussels, that it is difficult to “convince” in a letter. It is
important not to exaggerate and point out the benefits of the
recipient.
Advocating Free Software or demand our rights?
It was discussed whether the focus of the letter should be to convince
the school that Free Software is a great thing or rather that they are
obliged to leave the minority the right to keep using the systems of
their choice.
Some may argue that the majority is using Windows anyway and simply
won’t care. Does that entitle a public school to force those who do
care to give up their freedom and privacy?
Are we in such a weak position that we have to beg the institutions to
let us use Free Software or is there any legal ground where we can
claim the right to do so?
Use your right to participate!
Either way, we should make our voice heard more often. During the
course of the discussion, Michael encouraged parents to use their
right to participate in decision making processes in their kids’
schools. This process is highly regulated in Germany and what parents
can actually do is limited but still, they do have a say on school
matters. How is this done elsewhere in Europe?
Is this practice even legal?
Public schools force their students/pupils to use a certain operating
system with [8]known back doors, with a certain office suite using a
certain cloud software and various kinds of privacy issues, e.g.:
storing personal data in a different jurisdiction.
Is this practice legal? The answer seems to vary depending on which
federal state in Germany you look at. How is it in your area? Do you
know any rules or laws that would prohibit this kind of practice?
A while back in Switzerland, an [9]expert group recommended to use
Free Software after analysing Microsoft's offer called live@edu back
then due to privacy and lock-in concerns. Data protection law would
prohibit the data collection mentioned in the proposed contract.
Proposed analogies
To make the problem more transparent to the recipient of the letter,
it was proposed to ask: “What would you say if a teacher forced the
kids to come to the gym with a special model of sneakers?”
It was mentioned that a similar practice is accepted, and even the
default, when it comes to school books. The schools decide what books
will be used in class. Why should it be any different with Software?
“The Chains of Habit Are Too Light To Be Felt Until They Are Too
Heavy To Be Broken.”
[10]Source unknown, sometimes used by Warren
Buffet
I am grateful to Bernd who pointed out that these analogies are
missing a crucial aspect. What shoes I wear will not change the way I
run and I’ll be as fast with a similar pair of shoes as with the ones
I was asked to buy for class. A certain schoolbook will not change the
way I read nor change my ability to read or understand complex texts
in other books.
Software is fundamentally different. Using a certain software program
defines a certain work flow and way of thinking. Learning a certain
work flow and get effective with it takes time and effort (with any
software). Almost nobody has the motivation or resources to
constantly change the way to get a routine task done, especially not
if one is already comfortable with one. Just ask a vim user to use
emacs!
The program I use to do my homework will probably be the same I write
my first job applications with. And the file format will most likely
be the same as well as the place where I save them “in the cloud”.
Forcing pupils to use proprietary software, will push them into the
lock-in trap.
Equality of opportunity
or the widening “Rich-Poor Achievement Gap” may be another argument
against such practices. What burden may it be for a poor family to
purchase a computer that meets the requirements of Windows 10? They
have to buy that computer. There is no way around it. So, they will
have to relinquish something else like healthy food or family time as
they have to spend more time at work.
Bad publicity or positive campaigning
One thesis in the discussion was that only bad publicity will make the
school at hand reconsider their practice. FSFE usually tries to follow
a different approach. That doesn't mean we'd ignore bad news and don't
deal with them. The question is: [11]What will make people change
their view? I think it is much more sustainable if the people grasp
the idea and benefits of Free Software instead of just “being forced
to allow it”.
Point out the learning aspect of using Free Software
Geza suggested to mention the pedagogical angle as well. Free Software
offers diversity, allows to experiment and try out various
alternatives (different editors, programming languages, desktop
environments) and thus leads to a competent self determined and
responsible handling of the opportunities available.
Part of the problem is that teachers usually don't know anything else
than MS products themselves as they've been in the same
creature-of-habit cycle as they are about to push their students.
Sample lesson with OneNote
Bernd pointed us to a tutorial [12]video how OneNote can be used in
class and had to admit that it looks pretty impressive and that there
is probably no Free Software alternative which would allow a similar
work flow.
Bernd is missing an easy to use alternative. Without these
alternatives, it is difficult to object (object in the sense of
“successfully convince others”).
To create a [13]video that starts a thinking process has been on our
ToDo list for a while.
Wanted: Show case of Free Software solutions that are actually being
used
It was mentioned that with a list of programs, the same thing could be
achieved, but it is highly questionable if this zoo of different
applications will ever be used in class.
It is clear that a lot of good stuff can be done with Free Software,
but we need to show to the interested audience that it is practical as
well. We need you! Do you know somebody using Free Software in class
that is willing to create a presentation? Do you know presentations
that have been given before and were recorded (preferably under a free
licence)?
Are you aware of any educational institution that teaches on/about
Free Software?
Going-to-be teachers need to see what is possible with Free Software.
It needs to be proven that Free Software can deliver exactly what they
need.
Not necessarily what they think they need. It's not my goal to mimic
OneNote or other proprietary products. At the end, the work flow in
the tutorial wasn't that smooth either. DG said: “Pupils may not be
nerds but shouldn't be the school the place to learn how to use
digital tools creatively without having a company make a product out
of one particular use case? Until this isn't done in school – teaching
how to use digital tools meaningfully and creatively – the perception
that Free Software is only for nerds will stick.”
Looking forward to your contributions!
Guido
Visible links
0. http://blogs.fsfe.org/guido/2016/04/public-schools-making-ms-office-mandato…
1. http://mail.fsfeurope.org/pipermail/fsfe-de/2015-December/007492.html
2. https://fsfe.org/contribute/translators/translators
3. https://action.fsfe.org/ticket/16
4. https://piratenpad.de/p/IGS-Sassenbug_-_Mobiles_lernen
5. https://piratenpad.de/p/IGS-Sassenbug_-_Mobiles_lernen_2
6. https://public.pad.fsfe.org/
7. https://fsfe.org/news/2016/news-20160205-01.en.html
8. http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_secu…
9. https://joinup.ec.europa.eu/news/ch-school-it-agency-recommends-switching-o…
10. http://quoteinvestigator.com/2013/07/13/chains-of-habit/
11. https://blogs.fsfe.org/jelle/2010/10/31/advocacy-doesnt-work-if-you-tell-so…
12. https://www.youtube.com/watch?v=ECBOAOa7dxI
13. https://action.fsfe.org/ticket/19
--
Guido Arnold Free Software Foundation Europe
https://blogs.fsfe.org/guido [] Edu team & German team
OpenPGP Key-ID: 0x51628D75 [][][] Get active!
XMPP: guido(a)jabber.fsfe.org || https://fsfe.org
The FSFE wiki has details about manually configuring[1] the Fellowship
smartcards.
I've started a wiki[2] and discussion in debian-devel[3] about using a
Debian Live CD to run a clean-room environment (without network) with a
whiptail-based UI (similar to Debian installer, etc) for managing the
lifecycle of master keys and smartcards. This would eliminate the need
to remember or look up command line instructions.
One use for such a Live CD is that it could be posted out to new fellows
so they can get started more quickly.
It would be interesting to get any feedback people have about the
workflow in the wiki[2].
Regards,
Daniel
1. http://wiki.fsfe.org/TechDocs/CardHowtos/CardWithSubkeysUsingBackups
2. https://wiki.debian.org/OpenPGP/CleanRoomLiveEnvironment
3. https://lists.debian.org/msgid-search/571DD206.1070502@pocock.pro
Hello Timothy Pearson
wouldn't this way not be better:
https://diasp.eu/posts/4205465
(compy of the Text below)
with kind regards
Marc Jr Landolt
eidg. dipl. Informatiker HF
Rombachtäli 13
5022 Rombach
+41 79 291 07 87
2009(a)marclandolt.ch
----------------------SNIP----------------------
Wouldn’t it be more useful / **rational** / environment-saving to
legally gain access to the hidden (anti-)features of #Intel ME or the
AMDxyz?
Reasons:
-There are to much x86 Systems in use => d$/dt
-If these Systems eg have access to things like #US4877027
#WO2005055579A1 #US6169924B1 #US6506148 it does not really help to have
one single system, that is not infected
-I guess ARM also isn’t State-Less-Computing [1]
[me.TODO<learningList>.add(“Read ARM Specs”)]
[1]
https://media.ccc.de/v/32c3-7352-towards_reasonably_trustworthy_x86_laptops
-Worst case raptorengineeringinc.com would be a CIA/NSA #HoneyPot to
find gifted FOSS Users for “pinguen-hunt” ?
-it has the nasty eagle in the logo
-twice the link is shown, so people click on it in the end => one exit
point from this post (n!)
-d$/dt would end at raptorengineeringinc.com
-expensive 3700$, you can buy a Orange PI for 24$ inclusive shipment cost
“raptor and engineering” would attract ~20 Year old people, that just
woke up from the american dream
-raptor sounds cool
-engineering appeals to the low self-esteem from 20 Year old man (like
we all) that have not been cared of by their parents
-inc suggests company, group, low self-esteem
(Prerequisites: People that are alone += 🐧🐧🐧🐧)
word count of the post:
[ATTACHEMENT]
-“more POWER” ⇨ low self-esteem ⇦ Stupid Parents!!!
Things we already know:
http://marclandolt.ch/ml_buzzernet/2015/10/16/zusammenfassung-von-pinkibrai…
#Linux #Anon #Anonymous ?
Dear all,
as announced in our February newsletter [1] and as a recent news item [2], in
2016 the FSFE is going to organise its first ever summit that will happen from
September 2nd to 4th in the Berlin Congress Center [3]. We celebrate 15 years
of existence this year and dedicate our summit to you, our community all over
Europe. You are the ones who made us strong. The summit will be free of
admission and highly participatory to let Free Software enthusiasts across
Europe use, study, share and improve their skills and knowledge about Free
Software and beyond - together.
The summit will be full days the weekend of September 3 / 4. One day in
advance, on Friday, FSFE invites to a full day about "Running successful
business with Free Software". For both events we are looking for speakers,
input, volunteers and participants.
Please find all the details about the summit, about proposing talks and
volunteering on our wiki page:
https://wiki.fsfe.org/Events/Summit2016/CallForParticipation
Please share this call on your private and public channels and be aware that
the deadline to apply as a speaker is already May 17!
Thank you very much and looking forward to an interesting event,
Erik Albers
Your friendly event organiser (summit2016(a)fsfe.org)
[1] https://fsfe.org/news/nl/nl-201602
[2] https://fsfe.org/news/2016/news-20160428-01
[3] located in the center of Berlin, Germany: http://www.bcc-berlin.de/en
--
No one shall ever be forced to use non-free software
Erik Albers | FSFE | https://fsfe.org/about/albers
OpenPGP Key-ID: 0x8639DC81 on keys.gnupg.net
Hello!
Am Freitag, 8. April 2016 12:08:34 schrieb Matthias Kirschner:
> From all we heard it is very helpful if you spent a few
> minutes and submit your ideas.
>
http://k7r.eu/urgent-help-until-10-april-to-influence-how-750-millions-will…
I had about 45 Minutes to phrase my reply, I still hope it is useful.
Best,
Bernhard
ps.: resend because my first attempt did not seem to have made it.
== Details, of BER's submission to
https://ec.europa.eu/eusurvey/runner/nextgen-internet
== Your occupation and expertise
Entrepreneur, Company owner for Security and complex applications.
Academic grades: Dipl. Applied System Scientist (University of Osnabrück,
DE), MSc. Geographie (University of Milwaukee, US)
More Details: http://intevation.de/~bernhard/index.en.html
== Status of the Internet in 2016
The internet is an important backbone of society and overall humanity.
Net Neutrality is very important because only competition will enable
smaller companies to be innovative and this is what Net Neutrality is about.
There is a trend to more mobile devices and internet via mobile phone
networks. Open Standards, like the IETFs RFCs have enabled the success of the
internet, as have Free Software implementations like sendmail, the TCP/IP
stack that Microsoft integrated, the Apache Webserver and Web Browsers.
There is a tendency to analyse data traffic and offer advertisments and
content which shifts power to large software and "content" providers outside
of Europe.
== View towards 2025 and beyond
=== How do you think the internet will look like in 2025 and beyond?
It is still there with many more devices and it will be still decentral.
It is very hard to predict the development over a time frame of 10 years
as the last 10 years have shown that we will see disruptive changes
because of business models or policital events.
In a negative scenario corporations and autocratic countries
will have gained more influence.
In an optimistic scenario self-confident countries
like the EU will have grown technical, political and business power
to shape the future for their citizens via a democratic process,
protecting privacy and people's interest. Maybe even a charter
of human internet rights will be developed.
=== What will be the essential functional building blocks of the Internet
then?
Open access, open standards, regulation that aims for the balance
of power of smaller organisations and people versus larger organisations
and governments.
Free Software technology that offers software and hardware building
blocks so that run the basic infrastructure from the network to
the application layers.
=== Could you indicate where we should focus our activity research in the
next 5-10 years to achieve? Are there new field of research to
create/develop?
In order to enable privacy, research should look into a "proxy world",
where the use of proxy businesses and technology will enable business
models based on data without compromising individual privacy. This will
have to be supported by technology and regulations.
Consider a business practive in Germany where pharmacies cannot be
directly be coupled with medial doctors in order to support and offer an
infrastructure that maintains decentral distribution of medial drugs.
The same could be done for example with a video stream provider which
would be force to run their stream through a business proxy, where a
number of users for a city buys their stream and the data will be
anonymized. The video vendor gets (most of)) the wanted data (which TV-
show is watched how often), can even sell advertisment, but does not know
the single customer, whos privacy is protected.
Another area is trusted computing, where research is necessary how
regulation can force sure that each owner or intermediate can add their
own trust anchor certificates in the chain for their devices or
application. So that Google, Apple and Microsoft do not control the
certificates for what can run on a certain machine.
Example: If you want to run a webserver, you need a certificate that is
within the common browsers, Microsoft is the main gatekeeper for this.
Second example: With "secure boot" or "app stores" only binary can be run
that the providers of the software allow. Thus Apple controls the apps
that can run on Smartphones and the Google Play store is the only app
store on Android phones that can update applications all together
automatically, other stores are second class.
A third area is open standards that adhere to the minimalistic design
criteria
for data exchange formats, which is important for competition and
security.
See my article
https://fsfe.org/activities/os/minimalisticstandards.en.html .
A fourth area will be anonymous micropayment models, so that small
content providers would have the ability to create business models
without special right holding organisation like the German GEMA.
--
FSFE -- Founding Member of the GA blogs.fsfe.org/bernhard
Support our work for Free Software: https://fsfe.org/support/?ber