Hi!
First to present myself. I am a member of Free Software Association -- this is a Bulgarian based non-governmental organisation which promotes and advocates the free software. We intend to be an associated organisation of FSF Europe, but we haven't had enough man-power to apply for this and in fact the cause of this mail is different.
Next month we and the Bulgarian Center for the Study of Democracy (this is another non-governmental organisation) are going to organise a discussion about the free software and how it can be used in the public administration. Some members of the Parliament of Bulgaria as well as other officers of the administration will participate.
Now in Bulgaria an active campaign against the free software is going. There were books and TV-transmissions explaining that the free software is evil (unfortunately we heard that one of these books is being translated in English). "Independent" busyness committees decide that people involved in the free software talk much about its advantages but actually it is not applicable in most cases. As a side result of this campaign more people heard about the free software. :-)
Anyway, in the discussion next month we expect to be asked many inconvenient questions. We need concrete facts concerning applications of free software in the public administrations and organisations in other countries, mostly European. Can you help with URLs or other information? [1]
Undoubtedly such information will be very helpful not only to us. I think it is worth to have it somewhere on your www-site.
Anton Zinoviev
[1] Please note that it is possible that all you know some things that we don't.
Op vr 22-11-2002, om 19:52 schreef Anton Zinoviev:
Now in Bulgaria an active campaign against the free software is going. There were books and TV-transmissions explaining that the free software is evil (unfortunately we heard that one of these books is being translated in English). Can you give more details about these books and tv-transmissions?
The TV-thing, was it a conversation in a kind of talkshow, or a commercial? What exactly did/do they say/claim or insinuate? Can you make an english transcript of what is said? That make is easier to give comments and to dispell myths and FUD.
Who are the authors of the books? Did you do a Google Search on them? Are the books and the TV-transmission related?
Curious Flemish Greetings, Wouter Vanden Hove
On 23.XI.2002 at 04:45 Wouter Vanden Hove wrote:
Can you give more details about these books and tv-transmissions?
I don't watch TV and I know about this from mailing-lists. My impression is that the criticism against free software in TV is of very low quality and in low-rated transmitions.
The author of the most famous book is Dobri Bozhilov. There is some truth in this book but I think I am the second after the author who says this in Internet. But I haven't read the whole book yet.
The first chapter is: `Lessons of marketing'. The author begins that it is a very popular marketing trick to sell some well-known and needed good cheap. Then people come and buy and don't mention that they buy also other things that are not cheap. All we need operating system. But no one makes theirs job only by operating system, we need additional software as well. There is still no big loss because people see the fraud early enough and loose only their working time. In future this will be more difficult. People will tie themselves to Linux and crash their busyness. The author makes analogy with printers and consumatives -- the free software is like a printer at no cost but with very expensive consumatives.
Who is interested to promote free software? Those who sell services. The commersial software is more advanced and requires less and cheaper additional services. At the lowest level the IT specialists benefit from the free software. They make solution in their firms based on Linux and after that their boss is no more able to dismiss them. At middle level these are firms who offer free software together with their services. And at highest level those are great international corporations like IBM. Then the author analyses why IBM have interest to invest over 1 billion dollars in free software.
The next chapters are: `Who uses open source?', `Who must start to use open source?', `What make those who are powerful?', `The price of the information', `The parameters of the license', `Standards and compatibility', `The conclusions' and `Advises for adventurers'.
The author owns two web sites about news www.komentari.com and www.e-balkani.com (both in Bulgarian). A shortened translation of what you can read now on the second of these sites follows.
The book "The traps of Linux... and the open source" has been published in Internet without permission of the author. And the greatest show is that there is a laughing crown staying sidelong and enjoying what happens. It enjoys that he who doesn't think as the crown is punished.
It is interesting that the author was punished by someone who belongs to the same laphing crown. One very sly and smart IT specialist discovered a weakness in the authors site, entered it and published the password for access to the database. Then he congratulated himself to everybody how it is good to make harm.
The history shows that similar repressions against books and the free speech always end with vindication of their authors.
They reject the book but they haven't even read it. Then some revolutionary people break the site which is not connected to the problem. As a side effect they confirmed that the book says the truth because this site runs Linux.
A few months ago when Microsoft contracted a bargain with the state administration for using its software, the same crown made a fuss up to the heaven that this contract was not advantageous and there are many more cheap solutions that can save the money of the tax payers.
It was natural that then the administration didn't let it down despite that in that time there wasn't the book generalising and explaining why all such ideas are nonsense and there weren't all these examples that show the stupidity of these ideas.
Now the idea about open source and Linux in the state administration is forever in the tomb. You must be sure that now if you offer the open source to some offices you will find much more definitive refusal. This is because you showed how bad busyness partners you are.
If I am a officer in the administration and someone comes and offers me Linux I won't take him seriously knowing that among the greatest fans of Linux there are famous hackers and even more famous pirates. And what is more important -- knowing that the whole Linux community supports these pirates.
What makes the other side, the winning side?
It waits. It keeps its cause clear. When the potential client looks at the offerings he will see one neutral, peaceful and reasonable offer on the one side, and senseless battles of fools who try to let reason in others heads.
Anton Zinoviev
Hi.
impression is that the criticism against free software in TV is of very low quality and in low-rated transmitions.
Ok, then this is not a problem.
The first chapter is: [...] But no one makes theirs job only by operating system, we need additional software as well.
Yes. And proprietary applications running on the Linux kernel and GNU tools are as bad as proprietary apps on a proprietary OS. If we fail to say that, we just support our opponents.
A business depending on DB2 is tied, even if the underlying kernel is free.
The author makes analogy with printers and consumatives -- the free software is like a printer at no cost but with very expensive consumatives.
Again, this is known and true. *If* people is confused about what is Free Software and what is Linux.
Once again, this kind of attack shows how important it is to educate people about the basic concepts. They are free to fire themselves by depending on proprietary application, but it's extremely important that when they fail they don't say the the problem is Free Software.
Similarly, I tend to always stress that how we shouldn't care about technical excellence. We may be technically superior, or we may not, but this isn't really relevant.
Who is interested to promote free software? Those who sell services.
Yes, because software _is_ service.
The commersial software is more advanced and requires less and cheaper additional services.
Debatable. Still, additional services may well cost less, as licensing costs are so high that they can cover some support. This is commercially successful: people is convinced that the "copy tax" is needed to support the poor programmer, and then companies can keep licensing costs high and then competite on service, «oh so good and oh so cheap» because it is already paid by licensing costs.
Thanks for the quotation of the site. It's interesting. Once again, it shows the great mistake several supporters of ours (and most journalists and most of common people).
It is not a "linux against microsoft" battle. It is a matter of what rights are granted to the recipient. I think we should remind people that it is only a matter of license terms. All social and political arguments are very important, but they are just consequences of licensing policies. And such consequences are not bound to specific products or operating systems; each effects may occur or not occur according to several external factors but at the core we must care about license terms and explain what those are.
Community development is a side effect, it often does not exist at all. Technical excellence is a side effect, often missing as well. Cheap acquisition price is a side effect. Security is a side effect, to be verified case by case. The right to run, the right to adapt, the right to study, the right to distribute, the right to improve; those are the core, and they are only features that may or may not be implemented in a program's license terms.
A vendor should not enslave its users; users that are not enslaved will appreciate that and make their market choices, despite the handwaving of other vendors. If we tell people to choose on technical merits and prefer linux over windows, they'll choose doors over linux next year, and we'll have to start anew with a lunax against doors fight.
Thanks for your report, I think you need to have some good information sites out; if you are careful to avoid the typical errors and stick the basic concepts I think you'll make a great service to your country. In any case I wouldn't be that concerned about this guy or similar people. They are either exceedingly misguided (and in this case they may change their minds over time) or they are well paid from interested people (and this case the trick may be uncovered).
/alessandro, too verbose as usual :(
First I'd like to thank all who have given URLs. We will make use of them.
On 24.XI.2002 at 16:23 Alessandro Rubini wrote:
Similarly, I tend to always stress that how we shouldn't care about technical excellence. We may be technically superior, or we may not, but this isn't really relevant.
Busyness oriented people often say "I am not a developer and I don't care about sources. I am not going to develop new software, I am only using what is currently offered to me. And I am also interested if this software is well supported. How long will continue this development? It can stop, can't it? I also need to be compatible with the others." I am interested which is the best strategy to advocate the free software to such people.
I'd like to mention one argument against GPL which can be heard from time to time here. If the government decides to use the existing GPL software for security related works, then they will have to publish all algorithms which are state secrets now.
Anton Zinoviev
On Tue, Nov 26, 2002 at 03:50:59PM +0200, Anton Zinoviev wrote:
I'd like to mention one argument against GPL which can be heard from time to time here. If the government decides to use the existing GPL software for security related works, then they will have to publish all algorithms which are state secrets now.
The answer is simple: Any encryption algorithm that allows to crack the code from just knowing the algorithm is a bad algorithm.
There are already better algorithms published and widely used.
I'd like to mention one argument against GPL which can be heard from time to time here. If the government decides to use the existing GPL software for security related works, then they will have to publish all algorithms which are state secrets now.
The answer is simple: Any encryption algorithm that allows to crack the code from just knowing the algorithm is a bad algorithm.
I didn't read the original question (above) in this way. There is code that is "classified", whatever it is.
And the reply is: you can modify Free Software for your own use without being forced to redistribute. This applies to copyleft too. So an organization can take GPL code and add classifed material to build a new application, for classified use.
This cannot be redistributed at all, and that's fine. If they must distribute the executable, than it can't be classified, and the GPL can be applied (according to what Jan-Oliver says about security, the only thing that they can complain about in this case).
I'll reply to the other question later this night, unless someone else does it first.
/alessandro
On Tue, 2002-11-26 at 13:50, Anton Zinoviev wrote:
Busyness oriented people often say "I am not a developer and I don't care about sources. I am not going to develop new software, I am only using what is currently offered to me. And I am also interested if this software is well supported. How long will continue this development? It can stop, can't it? I also need to be compatible with the others." I am interested which is the best strategy to advocate the free software to such people.
Ability to change the source code means vendor independence. That means they can hire someone to correct or improve the software, even if your vendor isn't willing to do them. It alsos means there are always several companies that will be willing to compete for your business instead of a vendor monopoly like you have with proprietary software.
In the worst case scenario, Free Software means you can continue the development of the software your business runs on (either by doing it or by funding those who do it) if that makes business sense. But you have that choice. It's not unusual for a proprietary software vendor to make you upgrade all your infrastructure if, for instance, you want a feature that only exists in the latest version.
I'd like to mention one argument against GPL which can be heard from time to time here. If the government decides to use the existing GPL software for security related works, then they will have to publish all algorithms which are state secrets now.
That's a lie. Free Software gives you the freedom to publish the software. If you do it or not is up to the Free Software user. If they are good algorithms you don't have problems in publishing them and the community would gladly accept them. If they're not, you can keep them secret anyway, as they would be useless.
On 26.XI.2002 at 14:11 Joгo Miguel Neves wrote:
I'd like to mention one argument against GPL which can be heard from time to time here. If the government decides to use the existing GPL software for security related works, then they will have to publish all algorithms which are state secrets now.
That's a lie. Free Software gives you the freedom to publish the software. If you do it or not is up to the Free Software user.
The opponents of the free software say that the state security services want to distribute their algorithms but only in a binary and without permition for redistribution.
If they are good algorithms you don't have problems in publishing them and the community would gladly accept them. If they're not, you can keep them secret anyway, as they would be useless.
True, but anyway there are laws that make such algoriths secret. Nobody is allowed to publish them and nor even talk about them. The situation is similar to the problem with patents. GPL says that you are not allowed to distribute patented algorithm under GPL if you don't give the same rights to the whole community. And here the law says that you are not allowed to distribute the source of particular algorithm, hence it can not be implemented in GPL program.
Anton Zinoviev
On Tue, 2002-11-26 at 14:41, Anton Zinoviev wrote:
The opponents of the free software say that the state security services want to distribute their algorithms but only in a binary and without permition for redistribution.
What I would liek to know is what the state security services want and why they want it. I don't really about what FS opponents think that others want. If they really believe that obfuscation is security, they are already in trouble...
If they are good algorithms you don't have problems in publishing them and the community would gladly accept them. If they're not, you can keep them secret anyway, as they would be useless.
True, but anyway there are laws that make such algoriths secret. Nobody is allowed to publish them and nor even talk about them. The situation is similar to the problem with patents. GPL says that you are not allowed to distribute patented algorithm under GPL if you don't give the same rights to the whole community. And here the law says that you are not allowed to distribute the source of particular algorithm, hence it can not be implemented in GPL program.
So you've found a problem for advocacy that is mildly FS related. That is really a security problem where the law is (probably) protecting the incompetent while deceiving the population into making them feel safer.
True, but anyway there are laws that make such algoriths secret.
Ok (although not something I'd agree with). The what they can't do is linking such stuff to GPL stuff. Neither a GPL kernel nor LGPL libraries nor GPL tools are any problem here. What's the problem?
It doesn't look to me that they want to include other people's code in their own application. If this is true, they must get agreement (and probably pay for that). But it looks like they have their own applications, and they can remain as they are. It is not a valid excuse to refuse a GPL compiler or an LGPL standard library.
They are even allowed to popen() a gzip program from their application or find or grep or perl or whatever GPL code exists, _much_ more than any proprietary environment offers -- assuming the environment is completely proprietary, with no gzip nor perl, but since they are against Free Software they can't be already using such tools.
/alessandro
On Tue, 2002-11-26 at 15:41, Anton Zinoviev wrote:
The opponents of the free software say that the state security services want to distribute their algorithms but only in a binary and without permition for redistribution.
Why should they distribute this software? Is it need to be able to use a public service? A secret algorithm in the security field is useless by definition.
If they are good algorithms you don't have problems in publishing them and the community would gladly accept them. If they're not, you can keep them secret anyway, as they would be useless.
True, but anyway there are laws that make such algoriths secret.
That's a big problem, but the law cannot make algorithms that are yet public secret (generally).
Nobody is allowed to publish them and nor even talk about them. The situation is similar to the problem with patents. GPL says that you are not allowed to distribute patented algorithm under GPL if you don't give the same rights to the whole community. And here the law says that you are not allowed to distribute the source of particular algorithm, hence it can not be implemented in GPL program.
If the law is an obstacle you can try to live with LGPLed software that use closed modules if you find no other way. Tough as has yet been said, any algorithm that is secret is just a bad one, and make no sense. The power of an encryption system is in the fact that the algorithm is public, only the keys need to be secret.
Simo.
On 26.XI.2002 at 16:16 Simo Sorce wrote:
Why should they distribute this software? Is it need to be able to use a public service?
I don't know. Say they want to give it only to those they want to communicate with.
A secret algorithm in the security field is useless by definition.
As far as I know there is no known cryptography algorithm which is mathematically proven to be secure. We only expect them to be secure. If the algorithm is good, then it is difficult to crack it, but if it is also not known, then this is even more difficult. Secret algorithms also make the system a little bit more secure against human mistakes, say weak passwords.
If the law is an obstacle you can try to live with LGPLed software that use closed modules if you find no other way.
Sometimes I have proposed to make free programs that use plugins, distribute them together with several free plugins, but use them with a private plugin.
Anton Zinoviev
On Tue, 2002-11-26 at 17:08, Anton Zinoviev wrote:
As far as I know there is no known cryptography algorithm which is mathematically proven to be secure. We only expect them to be secure. If the algorithm is good, then it is difficult to crack it, but if it is also not known, then this is even more difficult. Secret algorithms also make the system a little bit more secure against human mistakes, say weak passwords.
Sorry, but this is a common mistaken position. A secret algorithm does not add anything to the security of the algorithm itself. The only thing you gain is a false sense of security and miss lot of eyes that look and try to break the algorithm for legit purposes and research (such activity has the side effect to make algorithms better and can be performed only with public algorithms). And about weak password it does not add anything at all, weak password will stay weak, any people that have access to the coding program (binary only or with source code available) can use it and abuse weak password. Also remember that a binary module does not mean secret code, it means only obfuscated code, it can be reverse engineered by evils and weakness found. No matter if the law prohibit reverse engineering of such modules, people that want to commit fraud does not stop because they break yet another law, instead honest people will be left without any means to check the effective security of what they are forced to use. (It the same thing of the DMCA/EUCD about prohibition to circumvent DRMs, it will never stop big volume "pirates", it will only harm users)
If the law is an obstacle you can try to live with LGPLed software that use closed modules if you find no other way.
Sometimes I have proposed to make free programs that use plugins, distribute them together with several free plugins, but use them with a private plugin.
LGPL license is an acceptable workaround in such situations.
Simo.
Il mar, 2002-11-26 alle 14:50, Anton Zinoviev ha scritto:
[...]
Busyness oriented people often say "I am not a developer and I don't care about sources.
You should always care about sources, are the best guarantee you can continue to use and (if needed) improve your software.
I am not going to develop new software, I am only using what is currently offered to me. And I am also interested if this software is well supported. How long will continue this development?
The development of a free software application will go on as far as there will be someone that will find it useful. If you find it useful, you can go on developing it, or founding it's development.
It can stop, can't it?
Yes, but it is more likely the case for proprietary software, not for free software. Vendors dies, free software can survive. There are plenty of examples of tecnically good proprietary software that dies with their vendors or simply dismissed by them.
I also need to be compatible with the others."
So let's start all using free software :-)... just a joke.
Maybe interoperability is better than "compatibility", anyway: have you ever heard of Pubblic Administrations that where unable to use *their* own data for other applications because the vendor refuses (or asks absurd fees) to show them the data structure? I heard. With free software it is simply impossible, or in other words interoperability is *always* possible.
[...]
Ciao. Giovanni.
On Fri, Nov 22, 2002 at 08:52:36PM +0200, Anton Zinoviev wrote:
Anyway, in the discussion next month we expect to be asked many inconvenient questions. We need concrete facts concerning applications of free software in the public administrations and organisations in other countries, mostly European. Can you help with URLs or other information? [1]
For the technical and price issues, look at: http://www.dwheeler.com/oss_fs_why.html
As for ethical advantages the GNU philosophy pages still are good.
We still need to gather information of the use of Free Software in government institutions. One of the problems is that information is hard to get and if you get it, it certainly is not in English.