Don't Say "Open Source". Open Source (or Openwashing) Helps Those Who Attack Software Freedom.
Reprinted with permission from Ryan Farmer.
Bruce Perens: “Open Source Has Failed Its Users.”
Bruce Perens has finally admitted that “Open Source has failed its users.” from the angle that users who expect to have Freedom from Open Source usually get no such thing at all.
Ever since the Open Source “movement” started, it has not been about the Freedom of the user at all.
The Free Software Movement is more than a decade and a half older, and Free Software is about protecting the Freedom of the user who gets a copy.
“Open Source” started out in the late 1990s to persuade businesses of a “superior method to develop software which works better, and you can even have free labor too”, and by the benchmarks that the movement itself set for itself, it has been a raging success.
Almost everyone on the planet today has some Open Source software, whether they realize it or not. It’s in Android, it’s in Mac OS, it’s in the iPhone, it’s in cars, it’s even in Windows, bits and pieces of this Open Source.
But these companies have packaged it, often, in ways where the user cannot run a different version of it, or at least not easily, and enjoy any sort of Freedom to improve on it, or to remove malicious features and replace it with a version of the program without the malicious feature.
What finally sent Bruce Perens off the edge?
IBM. IBM and Red Hat.
Today, Red Hat is owned by IBM and it is not at all like the Red Hat from 10 or 20 years ago. Today, we have a Red Hat that is a major parasite and a troll, and something that might as well be another Oracle, or another Google, or another Apple.
Whenever they “deal with” the GPL, they have lawyers on standby trying to figure out how to sabotage the GPL and make it effectively meaningless to the user.
The GNU General Public License was created as a Free Software License, to make sure that the user would always have the Freedom to use modified copies, to share the improvements in that copy, and to compile and run a different version of that copy.
Over the years, and especially culminating under IBM’s ownership and tenure of “Red Hat Enterprise Linux”, Red Hat has been doing increasingly nastier things with “their” Linux kernel.
They think that there’s some magic words that their lawyers can sprinkle into some other agreement that lets them retaliate against their customers for flexing their rights under the GPL, and most of their customers won’t dare to question this, much less sue Red Hat, which in my opinion, they definitely deserve for trying to pull this shit.
Over the years I’ve fought off some nasty companies who just figured they could throw a Linux kernel and some other stuff over the fence and walk off and refuse to hand over the source code. Probably the biggest one was Samsung, with a Blu Ray player, model BD-C5500, around 2009-2010.
I argued, as the Vizio lawsuit does now, that when they sold me one, they made a “contract” with me, that the GPL was a “contract” with the user, and that I wanted the source code or they’d better prepare to argue that it was not a contract.
No court has ruled on whether the GPL is or isn’t a contract. If the GPL is a contract, as they seem to be moving in the direction that it is, then every software license is a contract, and potentially any user can sue for the distributor’s failure to perform a thing under that contract.
This will not help “Open Source” users at all, because those licenses don’t involve the author or the distributor promising to do anything.
In the specific case of Samsung, I was able to get them to turn over the GPL/LGPL stuff in a ZIP file pretty quickly once I started down that road, but they should have just complied.
Thanks to “Open Source” software elsewhere that didn’t protect my Freedoms at all, there was still no way to study the code and run a different version on my player.
Companies hoard source code and violate licenses even when there is absolutely no practical benefit for them to do so. These companies, serial GPL violators, are usually just a “bag of dicks”. They’re usually not even trying to hide it because they can prevent you from doing something by hiding it.
Red Hat even falls into this category now, under IBM, as it pertains to trying to hide the kernel and call it “theirs” even though it is GPL-licensed. A “bag of dicks” that I believe are violating “the spirit of the license” even if what they are doing is legal.
The GNU GPL is Open Source, but it isn’t Open Source.
The goal of the GNU GPL is to give users the Freedom to do anything they want, as users. It meets the “Open Source Definition” by that measure, but it is a disservice to refer to it as an “Open Source license”. It is a “Free Software License”.
Open Source tends to degenerate into proprietary software that the user cannot actually do anything with except run, often almost immediately as soon as anyone else who finds it to be a handy program gets it and cobbles it into something else.
The GNU GPLv2 was released in 1991, when computer users faced different threats.
Most users of the PC were not faced with malicious software that controlled which operating system was allowed to boot. This malicious software that users face today is called “UEFI” and “Secure Boot”. On non-x86 systems, you frequently can’t turn it off at all and boot a different operating system, and on x86 systems, it’s only possible for legacy reasons which Microsoft is increasingly not supporting anymore at all.
It’s designed so that Microsoft can throw a switch later and force their partners to, and they can say “All ours now….All ours now.” about the PC and leave the user with no choices except whatever Microsoft allows.
And a lot of really terrible human beings have collaborated with Microsoft to “support” this system on the PC from the Linux side, and not only to support it, but to put a backdoor into the OS. This backdoor is even in Debian. The backdoor is called Linux Vendor Firmware Service.
LVFS “dials home” and uploads “blacklists” of things Microsoft doesn’t want you to have on your computer, and then sneaks these blacklists into your UEFI firmware, quietly.
In fact, you will only find out about LVFS doing this when it, like everything IBM and Microsoft have a hand in, breaks down and starts throwing weird indecipherable error messages.
I recommend purging LVFS out of the system and not giving the OS a network connection until it is gone.
The fact that this horseshit is even in Debian shows that Debian no longer meaningfully respects the user’s Freedom. It’s up to the user to know that Debian, even, is doing things behind their back and stop it.
Bruce Perens is right that Open Source has failed its users. Why has it failed? Money is a corrupting factor.
Microsoft and others have basically bought and bribed their way in. They pay generous salaries to people without any form of conscience to assist them in harming billions of computer users.
So what do we do about it?
Well, we will have to remain apprised of the situation. For now, do we have to panic and run for the fire escapes from the PC? No. There’s a very good chance that the computer you use right now will continue working for years, and all you should do to it is turn off “Secure Boot” and remove LVFS.
In the future, we’ll have to be much more careful to buy from PC vendors that include firmware that’s not a pile of garbage that hides bugs and locks you out calling itself “Security”. OEMs like System76 appear to be concerned about your Freedom as of the time of this writing, but as always, stay informed. Things can change.
The various “Pi” devices are cheap, and always getting faster. Each iteration gets multiples faster than the last one, and they can be built for between $100-150.
More work is being focused on emulating x86 for Wine, and at the rate the Pi systems are improving, they should be able to run the majority of Windows software, if not now, eventually. The faster the CPU, the less the dynamic binary translation even matters.
I personally, am going to use whatever keeps Microsoft’s operating system out of my life, even if it means not using the x86 PC anymore. The only thing Microsoft is bringing to computing anywhere they go is more viruses and data breaches.
Recently, the Lake County, Illinois Health Department had their second data breach this year, and third in the past two years. They implicated Microsoft in passing.
Microsoft is responsible for thousands of data breaches. Every scammer on the planet probably has your Social Security Number and other stuff because someone else paid Microsoft to do things for them.
Microsoft is an option for when you don’t give a damn about Security because it’s someone else who will suffer every time you get attacked.
And some of their victims, direct customers who do get attacked later and lose something keep going back, a lot of the time.
“Did Microsoft do this to you?”
“Yeah, but you gotta understand, deep down, they really love me!”
The kind of Nazis and morons that they hire to work at Azure, who brag about their drug binges and venereal disease and all the coworkers who should “be deported”, and how the Indian CEOs are ruining tech companies, who cap it off with a good stabbing on the Microsoft Campus, should have been your first clue.
We absolutely cannot depend upon proprietary software companies.
So instead of stewing on the fact that the “Open Source” people kind of suck because “Open Source” isn’t about Freedom, let’s move this in a more positive direction.
It’s unfortunate every time a software developer chooses to use an “Open Source” license instead of a “Free Software” one with copyleft features, because it means there’s another program out there where the freeloaders in the Fortune 500 can use gulag labor to build roads only they can benefit from, so to speak.
That library or that utility you release under the Open Source license instead of the Copyleft one, there might be an improved version floating around in Windows, Apple, or Android that only those companies can use.
They can quietly run off with it, not even tell you they used it at all, and then you find out that Intel has created an entire malware program designed to undermine the security of the user’s OS, out of your OS, like the MINIX incident.
Everyone with a post-2016 Intel computer is running an entire UNIX-like OS on the CPU, which is there to spy on them and act as a backdoor that is impossible for the user to remove and which the OS you see is unaware of, and cannot control.
MINIX is “Open Source”. Open Source means it’s only a matter of time before a program you release like this gets turned around and used to attack the user, or at the very least, by Tech Company jerks on the Left Coast, or maybe even a Communist regime, to harm people and benefit themselves at the expense of millions or billions.
Don’t be a promoter of “Open Source”. Be a promoter of “Free Software”. Make sure your users keep their rights no matter whose hands your program has passed through.
This is not to say that the GPLv2 is perfect. It is not. It is deprecated by the GPLv3, which was designed with more modern threats to the users in mind.
The only real opposition to GPLv3, are malicious entities that want to harm your users, and they have a lot of anti-GPL propaganda out there to try to discourage developers from choosing this license.
In the context of booting a computer, the whole “systemd-boot” setup is designed to replace GRUB2, in order to impose Microsoft’s “Secure Boot” malware on the user.
Microsoft refuses to directly sign anything under the GPLv3 because then they would have to tell you how to work around Secure Boot, so the current setup is using a program called “shim” to load GRUB.
Shim is a binary the user is not allowed to control, and it’s licensed under an “Open Source” license, which makes it easy to attack the user’s Freedom.
The problem with this setup is that it’s flakier. There’s no technical reason why GRUB2 can’t boot a PC directly. They’ve made the system crankier and more prone to weird failures purely to appease Microsoft and help them attack the user.
Open Source has “failed its users”. It was designed to, so it is doing what it was made to do. █