What I learned during my internship with the FSF tech team

Hello everyone, I am Hrishikesh, and this is my follow-up blog post concluding my experiences and the work I did during my 3.5 month remote internship with the FSF. During my internship, I worked with the tech team to research and propose replacements for their network monitoring infrastructure.

A few things did not go quite as planned, but a lot of good things that I did not plan happened along the way. For example, I planned to work on GNU LibreJS, but never could find enough time for it. On the other hand, I gained a lot of system administration experience by reading IRC conversations, and by working on my project. I even got to have a brief conversation with RMS!

My mentors, Ian, Andrew, and Ruben, were extremely helpful and understanding throughout my internship. As someone who previously had not worked with a team, I learned a lot about teamwork. Aside from IRC, we interacted weekly in a conference call via phone, and used the FSF's Etherpad instance for live collaborative editing, to take notes.

The first two months were mostly spent studying the FSF's existing Nagios- and Munin-based monitoring and alert system, to understand how it works. The tech team provided two VMs for experimenting with Prometheus and Nagios, which I used throughout the internship. During this time, I also spent a lot of time reading about licenses, and other posts about free software published by the FSF.

My primary tasks involved writing Ansible roles and small Python tools, as well as understanding how Prometheus and its ecosystem worked. I even picked up Golang and started contributing small PRs to the Prometheus project itself.

The final outcome was a documented repository along with all the Ansible roles that are capable of spinning up a fully functional Prometheus server with related tools and configurations specific to the FSF. It's not yet ready to be implemented, but is in a good position to be extended.

Even though this internship is unpaid, I would highly encourage anyone reading this blog post to apply for future internship positions with the FSF tech team because of the knowledge value it provides.

I would like to thank the FSF for providing me this internship, and hope that my work will extend their current network monitoring systems into the future.

Interested in interning for the Free Software Foundation? The application period for summer 2019 internships is open until March 31, 2019 -- see details here.

Dating is a free software issue

I've been making the argument that everything is a free software issue for a few months now. Back in November, I was lucky enough to speak at SeaGL and SFSCon, specifically on the issues proprietary technology poses in dating and maintaining romantic relationships.

I've been thinking about this since then -- the issues and infringements on user freedom we face when using technology to meet people, date, and fall in love. I think Valentine's Day is the perfect opportunity to share just some of these thoughts I've been having.

Meeting people

Many dating Web sites run proprietary JavaScript. JavaScript is code that Web sites run on your computer in order to make certain features on Web sites function. Proprietary JavaScript is a trap that impacts your ability to run a free system, and not only does it sneak proprietary software onto your machine, but it also poses a security risk. Any piece of software can be malicious, but proprietary JavaScript goes the extra mile. Much of the JavaScript you encounter runs automatically when you load a Web site, which enables it to attack you without you even noticing.

Proprietary JavaScript doesn't have to be the only way to use Web sites. LibreJS is an initiative which blocks "nonfree nontrivial" JavaScript while allowing JavaScript that is either free or trivial.

Many dating apps are also proprietary, available only at the Apple App and Google Play stores, both of which currently require the use of proprietary software.

Going out

When it's time to meet your online date in person, or spend time together with the person you're dating, more proprietary software is ready to crash the party, whether you're going out or staying in. Many restaurants run reservations entirely through Web sites, using software and JavaScript that is proprietary. Using ride sharing apps like Uber to get around puts users and drivers alike at all sorts of risks. Or, if you decide to have a romantic evening at home, you might find yourself tempted by freedom disrespecting, DRM-supporting streaming services like Hulu and Netflix.

DRM is an oppressive technology, prevalent among downloadable, online, and streaming media. It restricts your ability to use, reuse, modify, share, and really own the media you purchase. There are practical damages DRM causes: it prevents modifying media for accessibility needs; it keeps people from being able to access their media whenever they want or need to; and it stifles creativity through the prevention of re-use. However, most importantly, the type of control enabled by DRM infringes on your freedoms.

Luckily, there are DRM-free media options available to you. Whether you want to find movies, listen to music, or curl up and read together, there is the perfect DRM-free choice available now.

A few other points

There are lots of computing technologies people use to maintain our relationships, whether romantic, familial, or platonic. They share online calendars, they use Web sites like Amazon to purchase and send presents, and they use apps like Snapchat, WhatsApp, and Facebook Messenger to connect with one another every day. These are all proprietary tools, and the act of using them restricts our freedoms.

When the ways we connect with one another are proprietary, we're trusting our secrets, intimacies, and relationships to technology we cannot trust. Software freedom is a necessary step in building trust in our computing technologies. When code is visible, the people who create that code are accountable, but also we have the rights to use, share, study and modify, and share our modifications with one another.

Software freedom is important in all aspects of our life, and that includes romance. By valuing freedom in our relationships, we're not only respecting ourselves, but we're respecting the people with whom we have those relationships.

Join the I Love Free Software Day 2019

Join the I Love Free Software Day 2019

Today, as with every year on February 14th, people around the globe are celebrating "I love Free Software" Day by expressing their love and thanks to all the people working behind each Free Software project. Follow the love with the hashtag #IloveFS today and add your own love dedication to the stream!

Software is deeply involved in all aspects of our lives; and it is important that this technology empowers rather than restricts us. Free Software gives everybody the rights to use, understand, adapt and share software. These rights help support other fundamental freedoms like freedom of speech, press and privacy. And Free Software is also the result of people who work together collaboratively and dedicate their skills to a project. "I love Free Software" Day is a day to show our appreciation to all these people behind any Free Software project and our gratitude for their dedication:https://ilovefs.org

Becoming part of #ilovefs

Everyone can participate in "I love Free Software" Day and join the celebrations by sharing a message of love with the hashtag #ilovefs on any (social) media channel. Be it on a general note or directly dedicated to a particular Free and Open Source Software solution. The more people contribute their part, the more we will enjoy a beautiful "I love Free Software" Day together.

Or help by spreading the word in the offline world among your friends and colleagues and bring them together. We know about interesting offline events happening, for example in Barcelona, Berlin, Sofia, Stockholm, Tirana, Plovdiv and Zurich. Follow the stream and enjoy a lovely day packed with thankfulness and creativity!

Happy "I love Free Software" Day everyone!

Support FSFE, join the Fellowship
Make a one time donation

Show your love for free software this Valentine’s Day!

Free software is crucial for a free society, and we love being able to use technology that respects our rights. Spread the love this Valentine’s Day and spread the word about free software by sharing this graphic, which invites your friends and family to learn more about computer user freedom, with the hashtag #ilovefs:

free software valentine -- pic of computer with big smile and hearts for eyes, says i heart free software

Want to take your relationship with software freedom, security, and privacy to the next level? Ask a friend or loved one to be your cryptovalentine! It’s a great opportunity to teach the importance of encrypted communication AND to help someone you care about secure their communication from prying eyes.

FSFE Newsletter - February 2019

FSFE Newsletter February 2019

This month's Newsletter is introducing our new expert policy brochure "Public Money? Public Code" and reflecting the importance of source code availability for trust and security in critical IT-infrastructure. As always the Newsletter gives an overview about the talks given and the booths set-up by our community as well as a short summary of what we have done - this month including FOSDEM, 35C3, FOSS4SMEs and the Next Generation Internet. As a "get active" item, this month we encourage you to participate in our IloveFS-campaign.

FSFE publishes expert brochure about “Public Money? Public Code!"

Convincing decision-makers why more public code would benefit us all should be easy. There are so many good arguments for putting publicly funded code under a Free Software licence: Tax savings, transparency, and innovation – just to name a few. But, in practice, we experience that there are still a lot of basics that need to be explained. Starting with: What is Free Software? Why should governments develop Free Software? What are Free Software business models? To answer these questions and give practical guidelines to decision-makers, we have published a policy brochure that presents the most important facts and arguments about publicly funded code.

This publication answers decision-makers' most common questions and refutes widespread misunderstandings about Free Software. In several articles and contributions from experts, the brochure presents successful Free Software use-cases and inspiring legislation that show that change is already taking place. Overall, the brochure provides practical guidance for moving the modernisation of public infrastructure forward and hints at how procurement guidelines can be updated to include the strong points of Free Software. Downloads and prints are available under a Creative Commons license

Among the contributions included in the brochure, that feature experts from various fields, is an interview with Francesca Bria, Chief Technology and Digital Innovation Officer for the City of Barcelona, who drives the modernisation of Barcelona's public infrastructure. She says: "The Barcelona City Council supports the FSFE's campaign 'Public Money, Public Code', because we need alliances to make Free Software the default setting in the public sector. The digital public infrastructure that we use should be a public good, owned and controlled by the citizens."

Help us with a donation to print and distribute the new FSFE expert policy brochure

About publishing source code to establish trust in critical infrastructure

In many countries, the Chinese company Huawei is facing distrust after allegations of potential state espionage. The company is one of the largest manufacturers of 5G equipment, the upcoming generation of cellular mobile communications. To ensure that the products and the underlying infrastructure are safe, network providers and politicians proposed an inspection of the equipment's source code. The FSFE welcomes this move to recognize the importance of source code availability , but is afraid that the proposed solution falls too short. Allowing inspection of the secret code by selected authorities and telephone companies might help in this specific case, but will not solve the general problem. Instead, to establish trust in critical infrastructure like 5G, it is a crucial precondition that all software code powering those devices is published under a Free and Open Source Software licence. On this basis, everyone can inspect the code, not only for backdoors, but for all security risks. Only these freedoms allow for independent and continuous security audits which will lead citizens, the economy, and the public sector to trust their communication and data exchange. Furthermore, in order to verify code integrity – so that the provided source code corresponds to the executable code running on the equipment – it is either necessary that there are reproducible builds in case of binary distribution, or that providers are brought into the position to compile and deploy the code on their own.

"We should not only debate the Huawei case but extend the discussion to all critical infrastructure." says Max Mehl, FSFE Programme Manager. "Only with Free and Open Source Software can transparency and accountability be guaranteed. This is a long-known crucial precondition for security and trust. We expect state actors to immediately implement this solution not only for the Huawei case but for all comparable IT security issues."

Join our community of freedom fighters!

What else have we done? Inside and Outside the FSFE On January 14 and 15, our project manager Gabriel Ku Wei Bin attended a kickoff meeting in Amsterdam of the Next Generation Internet project, funded by the European Commission and administered by the NLNet Foundation in the Netherlands. The FSFE joins the project to provide guidance to applicant technologies involved in the project to ensure that their final products are compliant with Free Software licensing best practices. On January 16 and 17 the FSFE's project managers Galia Mancheva and Max Mehl joined the FOSS4SMEs meeting in Dublin and shot videos for the online lessons the e-learning platform of the project is launching later this year. Stay tuned for further updates on the project’s website. Björn Schießle, FSFE coordinator for Germany, gave a talk on using strong copyleft to build a sustainable business at the Copyleft Conference on February 4th in Brussels. On January 23 Alexander Sander, the FSFE's EU public policy programme manager, joined a panel at Eurocieties Society Forum in Barcelona. Sander talked about how cities and public administration can foster Free Software and involve the local ecosystem in developing digital services based on Free Software and open standards. Paul Boddie writes about "An Absence of Strategy?" in which he argues that "installing Free Software over it" is no longer enough in the world of mobile devices. He claims that instead we need a strategy and an organisation that brings together collective efforts and practical action to identify ongoing projects and propose actual solutions towards constructing sustainable, community-driven, and user-protecting devices. Frank Karlitschek predicts that 2019 will be a very good year for privacy, open source and decentralized "cloud" software. It could be the year where Free Software, federated and self-hosted technology hits the mainstream. Björn Schießle wrote about Free Software being a "new cultural technique", a collective achievement done in a socio-cultural context, requiring social interaction and participation. And as such, it requires special attention by policy makers and society. Marcus Moeller, Country Coordinator of the FSFE in Switzerland, set up a Swiss association Faircomputer for which he and his contributors are collecting used Laptops. These devices are then checked, repaired, cleaned and equipped with Free Software. The refurbished machines are given away for free to interested people around Germany, Austria and Switzerland, only charging a small amount for the warranty to ensure they can be used without any hassle for years. Between Christmas and New Year, the FSFE was organising a cluster "about:freedom" together with like-minded organisations at the Chaos Communication Congress, the biggest community driven hacker congress in Germany. Inside the cluster, the FSFE was present with an assembly, a booth, and running its own track. From the FSFE we had Susanne speaking about her self-made "smartphone" (video), Katharina Nocun about data collecting Amazon (video) and Erik Albers about the best of Fdroid (video)

FSFE booth during 35C3, the 35th Chaos Communication Congress

In the beginning of February, the FSFE was present at FOSDEM, the biggest community-driven Free Software event in Europe. We had formal and informal meetings and social evenings, and were running an information booth throughout the event. On January 19, FSFE joined the Dutch Linux user group NLLGG meeting in Utrecht to set up a booth and have a chat about Free Software and related topics. Local FSFE community meetings happened this month in Hamburg, Bonn, Frankfurt (Main), Madrid, Zurich and Berlin. If you would like to see your local FSFE meeting listed here, please announce it with our improved event announcement tool. The European Commission expands its bug bounty programme called EU-FOSSA2. Software developers who find security vulnerabilities in the selected Free Software will be awarded between EUR 3,000 and EUR 25,000 for critical bugs. Do not miss: upcoming events with the FSFE The FSFE will be present with a booth at Chemnitzer Linuxtage from March 16 to 17 in Chemnitz, Germany, and is looking forward to having a chat with you about Free Software or FSFE. Erik Albers, programme manager for the FSFE will give a workshop about how to make the best of your Android(-fork) by using FDroid. If you like to get in contact beforehand or join the booth team, have a look at the discussion in our Discourse installation. Get Active

On February 14, our community around the globe celebrates "I love Free Software" Day. We would like to encourage you to be part of our online campaign by creating, sharing or simply enjoying love messages all around the world dedicated to Free Software and the people behind it. Enjoy the day, share and refuel your energy!

As in previous editions, we are looking forward to seeing you spreading all kind of materials, be they texts, pictures, graphics, scripts or whatever comes to your mind, to show your love to Free Software. Throughout the day, we will share your contributions around the globe on our media channels and collect them for a nice write-up about the love you have for our communities. If you share something, remember to use the hashtag #ilovefs, or if you happen to use the IloveFS visuals on your web platform, website or a blog, please, let us know, so we can include it in our stream.

Contribute to our newsletter

If you would like to share any thoughts, pictures, or news, send them to us. As always, the address is newsletter@fsfe.org. We're looking forward to hearing from you!

Thanks to our community, all the volunteers, supporters and donors who make our work possible. And thanks to our translators, who enable you to read this newsletter in your mother tongue.

Your editor, Erik Albers

Join our community of freedom fighters!

Support FSFE, join the Fellowship
Make a one time donation

FSF Fiscal Year 2017 Annual Report now available

The report is viewable as a Web site or high resolution PDF.

The Annual Report reviews the FSF's activities, accomplishments, and financial picture from October 1, 2016 to September 30, 2017. It is the result of a full external financial audit, along with a focused study of program results. It examines the impact of the FSF's events, programs, and activities, including the annual LibrePlanet conference, the Respects Your Freedom (RYF) hardware certification program, and the fight against Digital Restrictions Management (DRM).

"Software filters the information we receive about the world, the messages we put out into the world, and even the way we physically move in the world," said FSF executive director John Sullivan in his introduction to the FY2017 report. "If the software is not free 'as in freedom'... the consequences for the rest of us will be loss of democracy, privacy, security, freedom of speech, freedom of movement -- and even loss of life."

The FSF publishes its financials and annual report as part of their commitment to transparency. Along with its strong financial health, accountability and transparency are the reasons the FSF is a Charity Navigator Four Star Charity.

As with all of the Foundation's activities, the Annual Report was made using free software, including Pelican, Scribus, GIMP, and Inkscape, along with freely licensed fonts and images. If you would like a printed copy of the Annual Report, or have any questions or comments, please email campaigns@fsf.org.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to run, change, share, and contribute to computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contact

Molly de Blanc
Campaigns Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

Vikings D8 Mainboard and D8 Workstation now FSF-certified to Respect Your Freedom

D8 workstation Image

These are the [fourth and fifth devices] from Vikings to receive RYF certification. The Vikings D8 Mainboard is an ASUS KCMA-D8 that comes with Trisquel GNU/Linux. Like the previously certified Vikings D16, it is a powerful mainboard suitable for use as a workstation or server. The Vikings D8 Workstation brings the D8 Mainboard together with a variety of options to provide a robust workstation for users. Both are available for purchase at https://store.vikings.net.

"The more options users have for RYF-certified mainboards, the easier it is for them to build a machine that is completely under their control. Having an already assembled workstation available as an option is also a great improvement to the program. This is an area in which we hope to see continued growth, so that every user can get what they want when it comes to a server or workstation," said the FSF's licensing and compliance manager, Donald Robertson, III.

Vikings received their first three certifications in spring of 2017, and has steadily worked to continue offering new RYF-certifiable devices.

"When we announced the first certifications for Vikings we knew they would be back soon with even more. Vikings is building an impressive lineup of freedom-respecting hardware and we're excited to see the D8 Mainboard and Workstation as their latest additions," said the FSF's executive director, John Sullivan.

"The Vikings Store is dedicated to helping users purchase ready to go, libre-friendly systems. Together with the Free Software Foundation, we have put a lot of effort into offering a high-performance, owner-controllable system at an affordable price. This machine is aimed at the security-conscious, as well as users who prefer a computer that runs free software from the ground up as an ethical choice. That is why we are pleased to see the Vikings D8 Workstation receive RYF certification. We would like to thank Timothy Pearson of Raptor Engineering, Inc. for their reverse engineering and porting work which laid the very foundation for making this possible," said Vikings CEO Thomas Umbach.

To learn more about the Respects Your Freedom certification program, including details on the certification of the Vikings D8 Workstation and Mainboard, please visit https://fsf.org/ryf.

Hardware sellers interested in applying for certification can consult https://www.fsf.org/resources/hw/endorsement/criteria.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About Vikings

Vikings ships libre-friendly hardware world-wide and has an ever-growing number of FSF RYF certfified devices that truly respects your freedom. Vikings is also the world's first libre-friendly hosting company running on fully libre hosting software and a libre-friendly and owner-controllable hardware platform. All services are based on 100% libre software and are powered by 100% certified green energy.

Media Contacts

Donald Robertson, III
Licensing and Compliance Manager
Free Software Foundation
+1 (617) 542 5942
licensing@fsf.org

Vikings GmbH
Thomas Umbach
+49 69 247 54 91 0
hello@vikings.net
https://www.vikings.net/
https://store.vikings.net/

Updated on February 11th, 2019, to correct some details.

Image by Vikings GmbH is licensed under a CC0 1.0 Universal (CC0 1.0) Public Domain Dedication license.

Huawei case demonstrates importance of Free Software for security

Huawei case demonstrates importance of Free Software for security

The discussion of the Huawei security concerns showcases a general trust issue when it comes to critical infrastructure. A first step to solve this problem is to publish the code under a Free and Open Source Software licence and take measures to facilitate its independently-verifiable distribution.

The ongoing debate about banning Huawei hardware for the rollout of 5G networks, following earlier state espionage allegations, falls too short. It is not just about the Chinese company but about a general lack of transparency within this sector. As past incidents proved, the problem of backdoors inside blackboxed hard- and software is widely spread, independently from the manufacturers' origins.

However, it is unprecedented that the demand to inspect the source code of a manufacturer's equipment has been discussed so broadly and intensely. The Free Software Foundation Europe (FSFE) welcomes that the importance of source code is recognised, but is afraid that the proposed solution falls too short. Allowing inspection of the secret code by selected authorities and telephone companies might help in this specific case, but will not solve the general problem.

To establish trust in critical infrastructure like 5G, it is a crucial precondition that all software code powering those devices is published under a Free and Open Source Software licence. Free and Open Source Software guarantees the four freedoms to use, study, share, and improve an application. On this basis, everyone can inspect the code, not only for backdoors, but for all security risks. Only these freedoms allow for independent and continuous security audits which will lead citizens, the economy, and the public sector to trust their communication and data exchange.

Furthermore, in order to verify code integrity – so that the provided source code corresponds to the executable code running on the equipment – it is either necessary that there are reproducible builds in case of binary distribution, or that providers are brought into the position to compile and deploy the code on their own.

"We should not only debate the Huawei case but extend the discussion to all critical infrastructure." says Max Mehl, FSFE Programme Manager. "Only with Free and Open Source Software, transparency and accountability can be guaranteed. This is a long-known crucial precondition for security and trust. We expect from state actors to immediately implement this solution not only for the Huawei case but for all comparable IT security issues."

Support FSFE, join the Fellowship
Make a one time donation

John Sullivan - " 'Just don't buy it': Consumer choices in free software activism" (Pasadena, CA)

FSF executive director John Sullivan will be giving his speech “ ‘Just don't buy it’: Consumer choices in free software activism” at SCALE (2019-03-07–10):

Movement activism often focuses on economic decisions. Buy this ethically made product; don't buy that one made by a company that funds terrible things. In free software, we encourage people to boycott (for example) Microsoft, and to instead support companies who sell machines with GNU/Linux.

It's an intuitive idea that, as individuals wanting to make the world better, we should use our willingness to spend or not spend money to reward those who do right and punish those who do wrong. Throughout history, this has sometimes been effective. But how effective? Can it be dangerous?

There is a danger of reducing activism and social change strategy to these decisions. We see this in the free software movement, when some activist campaigns aimed at persuading people to stop using proprietary software are met with responses like, “If you don't like Apple products, just don't buy them. Help make free products that are better than theirs. Why campaign against them?” or “How can you criticize proprietary software but still drive a car that has it?”

As an advocate, have you ever heard these responses, or felt like a hypocrite, or stumbled trying to explain to others why the situation is more complicated than “just don't buy it”?

How do we form a holistic movement strategy for advancing user freedom that takes consumer activism as far as possible, without overprioritizing it?

I hope those interested in effectively fighting for user freedom will join me as I share thoughts formed from 16 years of experience working on the Free Software Foundation's advocacy efforts, against the backdrop of some highlights from the history of other social movements.

Location: Ballroom H, Pasadena Convention Center, 300 E Green St Pasadena, CA 91101

We hope you can attend the speech, or meet John at the conference.

Please fill out our contact form, so that we can contact you about future events in and around Pasadena.

GNU Spotlight with Mike Gerwitz: 22 new GNU releases!

For announcements of most new GNU releases, subscribe to the info-gnu mailing list: https://lists.gnu.org/mailman/listinfo/info-gnu.

To download: nearly all GNU software is available from https://ftp.gnu.org/gnu/, or preferably one of its mirrors from https://www.gnu.org/prep/ftp.html. You can use the URL https://ftpmirror.gnu.org/ to be automatically redirected to a (hopefully) nearby and up-to-date mirror.

A number of GNU packages, as well as the GNU operating system as a whole, are looking for maintainers and other assistance: please see https://www.gnu.org/server/takeaction.html#unmaint if you'd like to help. The general page on how to help GNU is at https://www.gnu.org/help/help.html.

If you have a working or partly working program that you'd like to offer to the GNU project as a GNU package, see https://www.gnu.org/help/evaluation.html.

As always, please feel free to write to us at maintainers@gnu.org with any GNUish questions or suggestions for future installments.