Bradley M. Kuhn

originally from Baltimore, MD, USA.

President and Distinguished Technologist at Software Freedom Conservancy. On the Board of Directors of the Free Software Foundation. Generally, a Software Freedom advocate, GPL Enforcer, and Occasional developer..

  • Supporting Conservancy Makes a Difference

    2017-02-13T15:36:22Z via Dianara To: Public CC: Followers


    There are a lot of problems in our society, and particularly in the USA, right now, and plenty of charities who need our support. The reason I continue to focus my work on software freedom is simply because there are so few focused on the moral and ethical issues of computing. Open Source has reached its pinnacle as an industry fad, and with it, a watered-down message: “having some of the source code for some of your systems some of the time is so great, why would you need anything more?”. Universal software freedom is however further from reality than it was even a few years ago. At least a few of us, in my view, must focus on that cause.

    I did not post many blog posts about this in 2016. There was a reason for that — more than any other year, work demands at Conservancy have been constant and unrelenting. I enjoy my work, so I don't mind, but blogging becomes low priority when there is a constant backlog of urgent work to support Conservancy's mission and our member projects. It's not just Conservancy's mission, of course, it's my personal one as well.

    For our 2016 fundraiser, I wrote last year a blog post entitled “Do You Like What I Do For a Living?”. Last year, so many of you responded, that it not only made it possible for me to continue that work for one more year, but we were able to add our colleague Brett C. Smith to our staff, which brought Conservancy to four full-time staff for the first time. We added a few member projects (and are moving that queue to add more in 2017), and sure enough — the new work plus the backlog of work waiting for another staffer filled Brett's queue just like my, Karen's and Tony's was already filled.

    The challenge now is sustaining this staffing level. Many of you came to our aid last year because we were on the brink of needing to reduce our efforts (and staffing) at Conservancy. Thanks to your overwhelming response, we not only endured, but we were able to add one additional person. As expected, though, needs of our projects increased throughout the year, and we again — all four of us full-time staff — must work to our limits to meet the needs of our projects.

    Charitable donations are a voluntary activity, and as such they have a special place in our society and culture. I've talked a lot about how Conservancy's Supporters give us a mandate to carry out our work. Those of you that chose to renew your Supporter donations or become new Supporters enable us to focus our full-time efforts on the work of Conservancy.

    On the signup and renewal page, you can read about some of our accomplishments in the last year (including my recent keynote at FOSDEM, an excerpt of which is included here). Our work does not follow fads, and it's not particularly glamorous, so only dedicated Supporters like you understand its value. We don't expect to get large grants to meet the unique needs of each of our member projects, and we certainly don't expect large companies to provide very much funding unless we cede control of the organization to their requests (as trade associations do). Even our most popular program, Outreachy, is attacked by a small group of people who don't want to see the status quo of privileged male domination of Open Source and Free Software disrupted.

    Supporter contributions are what make Conservancy possible. A year ago, you helped us build Conservancy as a donor-funded organization and stabilize our funding base. I now must ask that you make an annual commitment to renewal — either by renewing your contribution now or becoming a monthly supporter, or, if you're just learning about my work at Conservancy from this blog post, reading up on us and becoming a new Supporter.

    Years ago, when I was still only a part-time volunteer at Conservancy, someone who disliked our work told me that I had “invented a job of running Conservancy”. He meant it as an insult, but I take it as a compliment with pride. In fact, between me and my colleague (and our Executive Director) Karen Sandler, we've “invented” a total of four full-time jobs and one part-time one to advance software freedom. You helped us do that with your donations. If you donate again today, your donation will be matched to make the funds go further.

    Many have told me this year that they are driven to give to other excellent charities that fight racism, work for civil and immigration rights, and other causes that seem particularly urgent right now. As long as there is racism, sexism, murder, starvation, and governmental oppression in the world, I cannot argue that software freedom should be made a priority above all of those issues. However, even if everyone in our society focused on a single, solitary cause that we agreed was the top priority, it's unlikely we could make quicker progress. Meanwhile, if we all single-mindedly ignore less urgent issues, they will, in time, become so urgent they'll be insurmountable by the time we focus on them.

    Industrialized nations have moved almost fully to computer automation for most every daily task. If you question this fact, try to do your job for a day without using any software at all, or anyone using software on your behalf, and you'll probably find it impossible. Then, try to do your job using only Free Software for a day, and you'll find, as I have, that tasks that should take only a few minutes take hours when you avoid proprietary software, and some are just impossible. There are very few organizations that are considering the long-term implications of this slowly growing problem and making plans to build the foundations of a society that doesn't have that problem. Conservancy is one of those few, so I hope you'll realize that long-term value of our lifelong work to defend and expand software freedom and donate.

    der.hans, James Dearing 🐲, sazius likes this.

    der.hans, Dr. Roy Schestowitz shared this.

  • Microsoft's Committment to Open Source: Lock up LibreOffice for you.

    2017-01-11T00:29:02Z via Dianara To: Public CC: Followers

    Bad SNAFU when facing a major deadline for Conservancy's FY 2015 audit: a rather simple, one-page xlsx spreadsheet, which I desperately need to edit and round-trip back to our auditors, that reproducibly locks up LibreOffice.

    It does so *even if* you just open the xlsx file and attempt to resave it as ODS.

    Linux Foundation told me last year that Microsoft had fortified its commitment to Open Source:

    I'll believe that's actually true when they liberate the Microsoft Office code, not before.

    (I was finally able to work around the problem by cut-and-paste from the opened XLSX file into a new ODS file, and most of the formulas came through with that paste ok, but there's yet another hour of my life lost because Microsoft opposes software freedom and has convinced so many people in the professional world to follow their lead.)

    But hey, if they write big checks to the right organizations, we should just ignore that they're bent on making the world more difficult for LibreOffice?

    (BTW, to show I'm equal opportunity on this point: trying to share data with people who use Google's proprietary Android apps have caused me trouble lately too, but not in a professional capacity I had trouble coordinating appointments with a dog walker).)

    Lars Wirzenius, Jason Self likes this.

    Lars Wirzenius shared this.

    Well, MS is clearly horrible, their closed/patented/secret proprietary formats are pure unadulterated crap, and their "we love open source" and "we love Linux" lines are just ridiculous.

    That being said, I don't think it's fair or reasonable to blame $ENTITY when a program made by $NOT-ENTITY crashes or freezes when trying to load a file in that crappy format by $ENTITY.

    Said program should handle exceptions properly, and if it can't load the crappy file correctly (to be expected, being a secret/obfuscated/overall crappy format), it should handle that and show a "I can't display this piece of **** of a format" message, but not crash or freeze. Exception handling is a thing for a reason, just like sanitizing inputs is.

    Is that file (the clean version of course), something that can be shared? It'd be probably good if the LO developers could test against it, if you haven't already sent it to them =)

    JanKusanagi @i at 2017-01-11T01:06:13Z

    Elena ``of Valhalla'', James Dearing 🐲 likes this.

    And true when they'll refund all the patent racket money for the Linux kernel. Also exFAT. And there is a long list.

    Hubert Figuière at 2017-01-11T02:10:33Z

    Nathan Willis, James Dearing 🐲 likes this.

    Out of curiosity, how well do other free software spreadsheet programs handle this xlsx file?

    James Dearing 🐲 at 2017-01-11T04:51:17Z

  • Unicode "dirt speck" character set?

    2017-01-04T01:12:57Z via Dianara To: Public CC: Followers

    With the advent of and Emacs' full support for Unicode, now, more than ever I must keep my LCD displays very clean.

    I just hit CTRL-D four times on the same spot on my screen attempting to delete something that looked like this:◦ or some other tiny mark.

    In the old days of 7 bit ASCII, a dirt spot had to be as noticable as a '.' to cause this problem. I look now carefully and I literally have at least two ◦-looking dirt specks on my main LCD, and looking carefully I found one that looks like


    What a strange world we live in thanks to Unicode. And I say that having never even used an emoji.

    (BTW, I will watch: just so I can understand what the kids are talking about. Which I learned about from here:

    Dan Scott, Alex Jordan likes this.

    As long as you don't have U+1F4A9 on your monior, it can't be that bad.

    Christopher Allan Webber at 2017-01-05T02:07:52Z

  • Song for mundane tasks

    2016-12-18T02:05:42Z via Dianara To: Public CC: Followers

    Am I the only person who, when doing mundane tasks like bookkeeping, who thinks of Data's Life Forms song:

  • Where can I get a $3 website?

    2016-11-24T01:22:03Z via Dianara To: Public CC: Followers

    Trump says that it only costs $3 to build a website:

    I'd definitely get redesigned for me if it would only cost $3. I'd send Trump an email to ask him where to get these $3 websites if I didn't know for sure he's lying.

    Even if you outsource to the developing world, I don't think you can get a website for $3. The bandwidth costs more than that per month if you even get a few hits.

    Douglas Perkins likes this.

    Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠) shared this.

    Your embedded video has injected itself into every post below it on my feed.  Weird bug.

    Benjamin Cook at 2016-11-24T12:34:59Z

    Ooops. Yep, I also see the bug.

    Claes Wallin (韋嘉誠) at 2016-11-24T16:52:44Z

    At least it didn't continue further down the forever page.

    Claes Wallin (韋嘉誠) at 2016-11-24T16:53:29Z If you auto build thousands with the same misinformation that might be all it costs per site

    der.hans at 2016-11-25T16:27:20Z

    Claes Wallin (韋嘉誠) likes this.

  • Form 990 in the news

    2016-11-22T23:20:04Z via Dianara To: Public CC: Followers

    Every once in a while, a Form 990 is in the news.

    Today, they're talking about FY 2015 Donald J Trump Foundation one. Yet, I can't find an actual copy of it.

    BTW, I am not sure where the phrase 'self-dealing' comes from. The IRS forms talk about payments to disqualified person.

    (And, if you were wondering, I'm a disqualified person for Conservancy, usually any director or officer is).

    I noticed the phrase self-dealing is used more often for private foundations, like Trump's, which file a 990-PF rather than a usual 990.

    Stephen Michael Kellat likes this.

    Stephen Michael Kellat, Stephen Michael Kellat shared this.

    Did you apply at to head up an agency? It doesn't matter if you're not a Republican as a certain number of slots must be held by people outside the President's party. Heck, apply for a slot at the FCC. Be advised that as I hold a career slot I'm stuck where I am for the moment.

    As to grabbing the 990, it can sometimes be dislodged by sending a Form 4506-A to the IRS who can turn over a "Modernized e-File" print:

    Stephen Michael Kellat at 2016-11-23T00:33:40Z

    Nathan Willis likes this.

  • Prop betting on the election

    2016-11-02T16:21:56Z via Dianara To: Public CC: Followers

    I'm now offering 9-to-1 to take the field of presidential candidates against Trump. 538 has him only as a about a 4-to-1 dog. I get the field (yes, the tiny edge of third party candidates make a difference ;) against Trump.

    Of course, I'm a bit of a fish when it comes to betting on elections. I did take Kerry at 1.2-to-1.

    Stephen Michael Kellat likes this.

    Stephen Michael Kellat, Stephen Michael Kellat shared this.

    I suppose I should stop prop betting on elections. I really am a election-prop-bet-fish.

    Bradley M. Kuhn at 2016-11-09T17:13:23Z

    I don't think anybody saw this coming in quite this fashion.

    Stephen Michael Kellat at 2016-11-09T17:30:43Z

  • Conservancy's First GPL Enforcement Feedback Session

    2016-10-27T21:32:09Z via Dianara To: Public CC: Followers


    [ This blog was crossposted on Software Freedom Conservancy's website. ]

    As I mentioned in an earlier blog post, I had the privilege of attending Embedded Linux Conference Europe (ELC EU) and the OpenWrt Summit in Berlin, Germany earlier this month. I gave a talk (for which the video is available below) at the OpenWrt Summit. I also had the opportunity to host the first of many conference sessions seeking feedback and input from the Linux developer community about Conservancy's GPL Compliance Project for Linux Developers.

    ELC EU has no “BoF Board” where you can post informal sessions. So, we scheduled the session by word of mouth over a lunch hour. We nevertheless got an good turnout (given that our session's main competition was eating food :) of about 15 people.

    Most notably and excitingly, Harald Welte, well-known Netfilter developer and leader of, was able to attend. Harald talked about his work with enforcing his own copyrights in Linux, and explained why this was important work for users of the violating devices. He also pointed out that some of the companies that were sued during his most active period of are now regular upstream contributors.

    Two people who work in the for-profit license compliance industry attended as well. Some of the discussion focused on usual debates that charities involved in compliance commonly have with the for-profit compliance industry. Specifically, one of them asked how much compliance is enough, by percentage? I responded to his question on two axes. First, I addressed the axis of how many enforcement matters does the GPL Compliance Program for Linux Developers do, by percentage of products violating the GPL? There are, at any given time, hundreds of documented GPL violating products, and our coalition works on only a tiny percentage of those per year. It's a sad fact that only that tiny percentage of the products that violate Linux are actually pursued to compliance.

    On the other axis, I discussed the percentage on a per-product basis. From that point of view, the question is really: Is there a ‘close enough to compliance’ that we can as a community accept and forget about the remainder? From my point of view, we frequently compromise anyway, since the GPL doesn't require someone to prepare code properly for upstream contribution. Thus, we all often accept compliance once someone completes the bare minimum of obligations literally written in the GPL, but give us a source release that cannot easily be converted to an upstream contribution. So, from that point of view, we're often accepting a less-than-optimal outcome. The GPL by itself does not inspire upstreaming; the other collaboration techniques that are enabled in our community because of the GPL work to finish that job, and adherence to the Principles assures that process can work. Having many people who work with companies in different ways assures that as a larger community, we try all the different strategies to encourage participation, and inspire today's violators to become tomorrow upstream contributors — as Harald mention has already often happened.

    That same axis does include on rare but important compliance problem: when a violator is particularly savvy, and refuses to release very specific parts of their Linux code (as VMware did), even though the license requires it. In those cases, we certainly cannot and should not accept anything less than required compliance — lest companies begin holding back all the most interesting parts of the code that GPL requires them to produce. If that happened, the GPL would cease to function correctly for Linux.

    After that part of the discussion, we turned to considerations of corporate contributors, and how they responded to enforcement. Wolfram Sang, one of the developers in Conservancy's coalition, spoke up on this point. He expressed that the focus on for-profit company contributions, and the achievements of those companies, seemed unduly prioritized by some in the community. As an independent contractor and individual developer, Wolfram believes that contributions from people like him are essential to a diverse developer base, that their opinions should be taken into account, and their achievements respected.

    I found Wolfram's points particularly salient. My view is that Free Software development, including for Linux, succeeds because both powerful and wealthy entities and individuals contribute and collaborate together on equal footing. While companies have typically only enforce the GPL on their own copyrights for business reasons (e.g., there is at least one example of a major Linux-contributing company using GPL enforcement merely as a counter-punch in a patent lawsuit), individual developers who join Conservancy's coalition follow community principles and enforce to defend the rights of their users.

    At the end of the session, I asked two developers who hadn't spoken during the session, and who aren't members of Conservancy's coalition their opinion on how enforcement was historically carried out by, and how it is currently carried out by Conservancy's GPL Compliance Program for Linux Developers. Both responded with a simple response (paraphrased): it seems like a good thing to do; keep doing it!

    I finished up the session by inviting everyone to the join the principles-discuss list, where public discussion about GPL enforcement under the Principles has already begun. I also invited everyone to attend my talk, that took place an hour later at the OpenWrt Summit, which was co-located with ELC EU. Your browser does not support the element. Perhaps you can or .

    In that talk, I spoke about a specific example of community success in GPL enforcement. As explained on the OpenWrt history page, OpenWrt was initially made possible thanks to GPL enforcement done by BusyBox and Linux contributors in a coalition together. (Those who want to hear more about the connection between GPL enforcement and OpenWrt can view my talk at .)

    Since there weren't opportunities to promote impromptu sessions on-site, this event was a low-key (but still quite nice) start to Conservancy's planned year-long effort seeking feedback about GPL compliance and enforcement. Our next session is an official BoF session at Linux Plumbers Conference, scheduled for next Thursday 3 November at 18:00. It will be led by my colleagues Karen Sandler and Brett Smith.

    Hubert Figuière, James Dearing 🐲, Charles ☕ Stanhope, Christopher Allan Webber likes this.

    >> Bradley M. Kuhn:

    “[...] I also invited everyone to attend my talk, that took place an hour later at the OpenWrt Summit, which was co-located with ELC EU. Your browser does not support the element. Perhaps you can or . [...] [...]

    I don't think it's possible to embed videos in posts. Thanks for adding the URL.

    James Dearing 🐲 at 2016-10-28T01:00:55Z will you or someone else from conservancy be at SCaLE at the beginning of March?

    der.hans at 2016-10-29T20:33:32Z

  • Help Send Conservancy to Embedded Linux Conference Europe

    2016-09-21T21:43:34Z via Dianara To: Public CC: Followers


    This blog was crossposted on Software Freedom Conservancy's website. ]

    Last month, Conservancy made a public commitment to attend Linux-related events to get feedback from developers about our work generally, and Conservancy's GPL Compliance Program for Linux Developers specifically. As always, even before that, we were regularly submitting talks to nearly any event with Linux in its name. As a small charity, we always request travel funding from the organizers, who are often quite gracious. As I mentioned in my blog posts about LCA 2016 and GUADEC 2016, the organizers covered my travel funding there, and recently both Karen and I both received travel funding to speak at LCA 2017 and DebConf 2016, as well as many other events this year.

    Recently, I submitted talks for the CFPs of Linux Foundation's Embedded Linux Conference Europe (ELC EU) and the Prpl Foundation's OpenWRT Summit. The latter was accepted, and the folks at the Prpl Foundation graciously offered to fund my flight costs to speak at the OpenWRT Summit! I've never spoken at an OpenWRT event before and I'm looking forward to the opportunity getting to know the OpenWRT and LEDE communities better by speaking at that event, and am excited to discuss Conservancy's work with them.

    OpenWRT Summit, while co-located, is a wholly separate event from LF's ELC EU. Unfortunately, I was not so lucky in my talk submissions there: my talk proposal has been waitlisted since July. I was hopeful after a talk cancellation in mid-August. (I know because the speaker who canceled suggested that I request his slot for my waitlisted talk.) Unfortunately, the LF staff informed me that they understandably filled his open slot with a sponsored session that came in.

    The good news is that my OpenWRT Summit flight is booked, and my friend (and Conservancy Board Member Emeritus) Loïc Dachary (who lives in Berlin) has agreed to let me crash with him for that week. So, I'll be in town for the entirety of ELC EU with almost no direct travel costs to Conservancy! The bad news is that it seems my ELC EU talk remains waitlisted. Therefore, I don't have a confirmed registration for the rest of ELC EU (beyond OpenWRT Summit).

    While it seems like a perfect and cost-effective opportunity to be able to attend both events, that seems harder than I thought! Once I confirmed my OpenWRT Summit travel arrangements, I asked for the hobbyist discount to register for ELC EU, but LF staff informed me yesterday that the hobbyist (as well as the other discounts) are sold out. The moral of the story is that logistics are just plain tough and time-consuming when you work for a charity with an extremely limited travel budget. ☻

    Yet, it seems a shame to waste the opportunity of being in town with so many Linux developers and not being able to see or talk to them, so Conservancy is asking for some help from you to fund the $680 of my registration costs for ELC EU. That's just about six new Conservancy supporter signups, so I hope we can get six new Supporters before Linux Foundation's ELC EU conference begins on October 10th. Either way, I look forward to seeing those developers who attend the co-located OpenWRT Summit! And, if the logistics work out — perhaps I'll see you at ELC EU as well!

    Scorpio20 likes this.

    illyria, Scorpio20, Scorpio20, Scorpio20 and 3 others shared this.

    I know they're not much but those special checks from the treasury could be put to this if not already utilized. Granted, they're going to be stopping after the September one goes out until an undetermined point later but at least they're a pittance that was directed SFC's way.

    Stephen Michael Kellat at 2016-09-22T00:57:07Z

  • Two Blog Posts Disguised as Mailing List Posts

    2016-09-02T16:32:55Z via Dianara To: Public CC: Followers

    There are plenty of mailing list threads to read, and I don't actually recommend the one that I'm talking about. I think it went on too long, was far too “ad hominem” rather than real policy. Somewhere beneath the surface there was a policy discussion being shouted down; if you look close, you can find find it underneath.

    As he always does, Jon Corbet did an excellent job finding the real policy details in the “GPL defence” ksummit-discuss thread, and telling us all about it. I am very hard on tech journalism, but when it comes to reporting on Linux specifically, Jon and his colleagues at have been, for nearly two decades, always been real, detailed, and balanced (and not in the Fox News way) tech journalism.

    The main reason I made this blog post about it, though, is that I actually spent as much time on a few of my posts on the list as I would on any blog post, and I thought readers of my blog might want the content here. So I link to two posts in the thread that I encourage you to read. I also encourage you to read these two posts that my boss at my day job, Karen Sandler, made, which I think are very good as well.

    And, to quote the fictional Forrest Gump: "That's all I have to say about that."

    der.hans, Jason Self, Charles ☕ Stanhope, Claes Wallin (韋嘉誠) and 3 others likes this.

    der.hans, Sarah Elkins, Stephen Michael Kellat, Claes Wallin (韋嘉誠) and 4 others shared this.

    Goodness is that a messed up flame war. Nobody hear of estoppel much?

    Stephen Michael Kellat at 2016-09-02T23:10:41Z

    Claes Wallin (韋嘉誠) likes this.

    ... or basic incentive structures.

    Claes Wallin (韋嘉誠) at 2016-09-03T09:48:19Z

    I really think the biggest impact of the GPL have been almost entirely outside any legal issues, and that it's a great document not because it's a great legal piece of writing, but because of much bigger issues. That may be why I reacted so negatively to seeing it argued that it's pointless without enforcement. Almost none of the successes of the GPL have ever been about the legal side.
    -- Linus,

    So basically: "[The release of the hostages was all our doing as brilliant negotiators, and not in any way related to the fact that the perpetrators  knew there were snipers outside the building, watching their every move.]"
    Let's talk about the lies spread by Bradley Kuhn, and about the projects where the SFLC and SFC killed them and salted the earth with their "help".
    -- Linus,

    Assuming this assessment of the Busybox outcome is correct (a big assumption), "salting the earth" is not necessarily a bad thing. It makes me think of the recent Bayesian Conspiracy episode on game theory.

    In the Hawk-Dove game*, in a field of Hawks, Dove is the winning strategy, because Hawks are likely to fight other Hawks and get nothing. We don't want a field where all the Hawks are GPL violators and none of the Hawks are GPL enforcers. We want potential violators to see Dove as the winning strategy. All Doves would be nice, but we know from Brad's and Harald's enforcement backlogs that's not where we are.

    Evolved cooperative species spend enormous amounts of effort punishing bad behavior, even when the outcome for the enforcing individual is a net negative. @evan and/or @mlinksva have also talked about how social movements need the full "radical fringe" to "pragmatic moderate" spectrum to win.**


     * Hawks vs Doves:
    H vs D, H gets +5, D gets +1
    H vs H both get 0
    D vs D both get +3

    The Violator/Cooperator-Enforcer/Cooperator game is different of course, because two Violators or two Enforcers never fight (real-life Violators may fight of course, but that's outside the boundaries of this game, and maybe Cooperator vs Enforcer doesn't happen, but let's include it as Enforcers may make mistakes, and proto-Doves may look like Hawks). Also Violator vs Enforcer action has externalities on Cooperators etc. But I think people can still follow the analogy. :-D

    ** Of course, the list thread may be the display of a theory that "pragmatic moderates" need to publicly denounce the "radical fringe" in order for the dynamic to be maximally effective.

    Claes Wallin (韋嘉誠) at 2016-09-04T07:15:00Z

    Alex Jordan, likes this.

    I haven't read everything, but now I got to this part. I think this is the killer argument:
    One reason (among many) we should bring lawsuits in those rare cases is to show everyone the 99.43% that they are much better off working with the community. We have plenty of evidence from company representatives who say clearly: "I can't get my company to comply unless the threat of lawsuit is realistic; we agree it's totally reasonable to sue the very few bad actors". Greg, representatives of some the same companies that I know you've worked with to improve compliance have told me and Karen that directly.
    -- @bkuhn,

    Everyone in the discussion seem to agree that there needs to be a last resort, and the disagreement is when it should come, but less than a handful of "last resort" instances in the 25 years of Linux history really isn't in any way a disproportional response, given the endless stream of violations.

    I guess the difference is whether we trust you when you say that you tried really hard over the course of years to be the "good cop". I don't know if it's possible to convince Linus and Greg that you did. On the other hand, I'm not sure it matters.

    I guess that means after a long flamewar, status quo reigns. Some people think this was a "last resort" moment, some people don't, almost every think they know one when they see one, but most people weren't even there.

    Still, I'm glad you see it as your responsibility to be Kibo when the community talks about your actions. Otherwise, who would?

    Claes Wallin (韋嘉誠) at 2016-09-04T11:03:32Z

  • Software Freedom Doesn't Kill People, Your Security Through Obscurity Kills People

    2016-08-13T13:55:18Z via Dianara To: Public CC: Followers


    The time has come that I must speak out against the inappropriate rhetoric used by those who (ostensibly) advocate for FLOSS usage in automotive applications.

    There was a catalyst that convinced me to finally speak up. I heard a talk today from a company representative of a software supplier for the automotive industry. He said during his talk: "putting GPLv3 software in cars will kill people" and "opening up the source code to cars will cause more harm than good". These statements are completely disingenuous. Most importantly, it ignores the fact that proprietary software in cars is at least equally, if not more, dangerous. At least one person has already been killed in a crash while using a proprietary software auto-control system. Volkswagen decided to take a different route; they decided to kill us all slowly (rather than quickly) by using proprietary software to lie about their emissions and illegally polluting our air.

    Meanwhile, there has been not a single example yet about use of GPLv3 software that has harmed anyone. If you have such an example, email it to me and I promise to add it right here to this blog post.

    So, to the auto industry folks and vendors who market to/for them: until you can prove that proprietary software assures safety in a way that FLOSS cannot, I will continue to tell you this: in the long and sad tradition of the Therac 25, your proprietary software has killed people, both quickly and slowly, and your attacks on GPLv3 and software freedom are not only unwarranted, they are clearly part of a political strategy to divert attention from your own industry's bad behavior and graft unfair blame onto FLOSS.

    As a side note, during the talk's Q&A session, I asked this company's representatives how they assure compliance with the GPLv2 — particularly their compliance with provision of scripts used to control compilation and installation of the executable, which are so often missing for many products, including vehicles. The official answer was: Oh, I don't know. Not only does this company publicly claim security through obscurity is a viable solution, accuse copyleft advocates of endangering the public safety, they also seem to have not fully learned the lessons of making FLOSS license compliance a clear part of their workflow.

    This is, unfortunately, my general impression of the status of the automotive industry.

    gnubrunswick, Claes Wallin (韋嘉誠), roy, Dan Scott and 14 others likes this.

    der.hans, Benjamin Cook, Benjamin Cook, Douglas Perkins and 13 others shared this.

    Show all 13 replies

    @MikeLinksvayer, I do think license politics matter. I can't get past the fact that the bifrication of "non-copyleft good", 'copyleft bad" has won and been a great part of the cooption by Open Source of software freedom. But you and I should talk more about how I can modify advocacy to avoid it better so as to succeed in reaching those who are annoyed by such -- I suspect there is a way that I just don't see yet. I've been meaning to call anyway so I will after my current trip. :)

    @Richard Fontana, I decided not to call out the specific name of the person who gave the talk. The statements were typical of those made by many different automotive industry representatives and their providers over a period of years. The fact that this particular individual wasn't any better or worse than others I've heard, so there was no reason to single him out. The problem is the general auto-industry rhetoric and talking points, not one person's version of it.

    Bradley M. Kuhn at 2016-08-16T10:32:10Z

    @bkuhn While I agree with most of your post, I don't know if it's fair to say that the Tesla crash was due to proprietary software.

    The Tesla self-driving system, I'm almost certain, relies on machine learning and a neural network. I suspect that even if their algorithms were free software, accidents would occur at the same rate, at least in the short term. The way I understand it, the source code isn't all that important, it's the training data gathered during all the millions of miles driven on the road. Without the data, you're not able to run the program yourself in any useful way other than what you already do by just driving the car. Even if you had access to the data, the volume is so gigantic that you probably wouldn't be able to train the program without expensive infrastructure. Neither would you be able to study the program in a meaningful way, since the neural network isn't "source code" comprehensible to a human.

    I do think self-driving cars would eventually be safer if their training data were open; the more training data, the better, and self-driving car manufacturers would be able to make self-driving cars safer for everyone if they would make their accumulated training data interoperable, so we would benefit in the long term. But for this particular accident I don't believe the blame rests with proprietary software.

    I'm curious what you think. I tend to think that many machine learning applications don't fit within the traditional separation between free versus proprietary software, because even if they are open, they don't afford a user the four freedoms. This is something I've been musing about recently, which is why I reacted to that particular portion of your post, but I don't know the answer.

    Philip Chimento at 2016-09-02T03:49:32Z

    Sarah Elkins, Bd Sn, Claes Wallin (韋嘉誠) likes this.

    The Tesla system would make the world even better if it were Free Software, but according to the data that Tesla themselves have gathered (duly noted), their system has killed fewer people, proportionally, than humans driving cars have.

    Claes Wallin (韋嘉誠) at 2016-09-06T17:49:27Z

    @bkuhn the key word in my comment is 'retreat'. Apparently this person said "putting GPLv3 software in cars will kill people". Instead of extracting the substance from the license politics and making the case that safety is compatible with (or even requires) that car owners be able to install modified versions of software running on computers in cars, you took the license politics hook line and sinker, making facile claims about GPLv3 software never harming people (for what definition of harm? but nevermind, uninteresting) worthy of a TV soundbite but unworthy of any other form of discourse.

    Mike Linksvayer at 2016-09-07T01:43:44Z

  • They just don't make reliable things.

    2016-08-10T02:29:27Z via Dianara To: Public CC: Followers

    The ziploc freezer bag in which I kept all my small travel maps, left over currency, public transit cards for travel, which I've used since I returned from my student exchange to Munich in 1991 just ripped completely along the bottom.

    I mean, plastic doesn't degrade easily. Shouldn't a freezer bag last longer than a quarter century?

    BTW, if you're curious, the bag's writing is particularly proud of the fact it has a "color loc zipper". I think that was a new thing in those days.

    Claes Wallin (韋嘉誠), Douglas Perkins, Lars Wirzenius, Christopher Allan Webber likes this.

    I remember when color-loc was new in Zip-loc ads

    EricxDu at 2016-08-11T04:14:28Z

  • Why You Should Speak At & Attend LinuxConf Australia

    2016-08-05T00:33:08Z via Dianara To: Public CC: Followers


    [ This blog was crossposted on Software Freedom Conservancy's website. ]

    Monday 1 February 2016 was the longest day of my life, but I don't mean that in the canonical, figurative, and usually negative sense of that phrase. I mean it literally and in a positive way. I woke up that morning Amsterdam in the Netherlands — having the previous night taken a evening train from Brussels, Belgium with my friend and colleague Tom Marble. Tom and I had just spent the weekend at FOSDEM 2016, where he and I co-organize the Legal and Policy Issues DevRoom (with our mutual friends and colleagues, Richard Fontana and Karen M. Sandler).

    Tom and I headed over to AMS airport around 07:00 local time, found some breakfast and boarded our flights. Tom was homeward bound, but I was about to do the crazy thing that he'd done in the reverse a few years before: I was speaking at FOSDEM and LinuxConf Australia, back-to-back. In fact, because the airline fares were substantially cheaper this way, I didn't book a “round the world” flight, but instead two back-to-back round-trip tickets. I boarded the plane at AMS at 09:30 that morning (local time), and landed in my (new-ish) hometown of Portland, OR as afternoon there began. I went home, spent the afternoon with my wife, sister-in-law, and dogs, washed my laundry, and repacked my bag. My flight to LAX departed at 19:36 local time, a little after US/Pacific sunset.

    I crossed the Pacific ocean, the international dateline, left a day on deposit to pickup on the way back, after 24 hours of almost literally chasing the sun, I arrived in Melbourne on the morning of Wednesday 3 February, road a shuttle bus, dumped my bags at my room, and arrived just in time for the Wednesday afternoon tea break at LinuxConf Australia 2016 in Geelong.

    Nearly everyone who heard this story — or saw me while it was happening — asked me the same question: Why are you doing this?. The five to six people packed in with me in my coach section on the LAX->SYD leg are probably still asking this, because I had an allergic attack of some sort most of the flight and couldn't stop coughing, even with two full bags of Fisherman's Friends over those 15 hours.

    But, nevertheless, I gave a simple answer to everyone who questioned my crazy BRU->AMS->PDX->LAX->SYD->MEL itinerary: FOSDEM and LinuxConf AU are two of the most important events on the Free Software annual calendar. There's just no question. I'll write more about FOSDEM sometime soon, but the rest of this post, I'll dedicate to LinuxConf Australia (LCA).

    One of my biggest regrets in Free Software is that I was once — and you'll be surprised by this given my story above — a bit squeamish about the nearly 15 hour flight to get from the USA to Australia, and therefore I didn't attend LCA until 2015. LCA began way back in 1999. Keep in mind that, other than FOSDEM, no major, community-organized events have survived from that time. But LCA has the culture and mindset of the kinds of conferences that our community made in 1999.

    LCA is community organized and operated. Groups of volunteers each year plan the event. In the tradition of science fiction conventions and other hobbyist activities, groups bid for the conference and offer their time and effort to make the conference a success. They have an annual hand-off meeting to be sure the organization lessons are passed from one committee to the next, and some volunteers even repeat their involvement year after year. For organizational structure, they rely on a non-profit organization, Linux Australia, to assist with handling the funds and providing infrastructure (just like Conservancy does for our member projects and their conferences!)

    I believe fully that the success of software freedom and GNU/Linux in particularly has not primarily been because companies allow developers to spend some of their time coding on upstream. Sure, many Free Software projects couldn't survive without that component, but what really makes GNU/Linux, or any Free Software project, truly special is that there's a community of users and developers who use, improve, and learn about the software because it excites and interests them. LCA is one of the few events specifically designed to invite that sort of person to attend, and it has for almost an entire generation stood in stark contrast the highly corporate, for-profits events that slowly took over our community in the years that followed LCA's founding. (Remember all those years of LinuxWorld Expo? I wasn't even sad when IDG stopped running it!) Your browser does not support the element. Perhaps you can or .

    Speaking particularly of earlier this year, LCA 2016 in Geelong, Australia was a particular profound event for me. LCA is one of the few events that accepts my rather political talks about what's happening in Open Source and Free Software, so I gave a talk on Friday 5 February 2016 entitled Copyleft For the Next Decade: A Comprehensive Plan, which was recorded, so you can watch it. I do warn everyone that the jokes did not go over well (mine never do), so after I finished, I was feeling a bit down that I hadn't made the talk entertaining enough. But then, something amazing happened: people started walking up to me and telling me how important my message was. One individual even came up and told me that he was excited enough that he'd like to match any donation that Software Freedom Conservancy received during LCA 2016. Since it was the last day of the event, I quickly went to one of the organizers, Kathy Reid, and asked if they would announce this match during the closing ceremonies; she agreed. In a matter of just an hour or two, I'd gone from believing my talk had fallen flat to realizing that — regardless of whether I'd presented well — the concepts I discussed had connected with people.

    Then, I sat down in the closing session. I started to tear up slightly when the organizers announced the donation match. Within 90 seconds, though, that turned to full tears of joy when the incoming President of Linux Australia, Hugh Blemings, came on stage and said:

    [I'll start with] a Software Freedom Conservancy thing, as it turns out. … I can tell that most of you weren't at Bradley's talk earlier on today, but if there is one talk I'd encourage you to watch on the playback later it would be that one. There's a very very important message in there and something to take away for all of us. On behalf of the Council I'd like to announce … that we're actually in the process of making a significant donation from Linux Australia to Software Freedom Conservancy as well. I urge all of you to consider contributing individual as well, and there is much left for us to be done as a community on that front.

    I hope that this post helps organizers of events like LCA fully understand how much something like this means to us who run a small charities — and not just with regard to the financial contributions. Knowing that the organizers of community events feel so strongly positive about our work really keeps us going. We work hard and spend much time at Conservancy to serve the Open Source and Free Software community, and knowing the work is appreciated inspires us to keep working. Furthermore, we know that without these events, it's much tougher for us to reach others with our message of software freedom. So, for us, the feeling is mutual: I'm delighted that the Linux Australia and LCA folks feel so positively about Conservancy, and I now look forward to another 15 hour flight for the next LCA.

    And, on that note, I chose a strategic time to post this story. On Friday 5 August 2016, the CFP for LCA 2017 closes. So, now is the time for all of you to submit a talk. If you regularly speak at Open Source and Free Software events, or have been considering it, this event really needs to be on your calendar. I look forward to seeing all of you Hobart this January.

    Elena ``of Valhalla'', Ben Sturmfels, sazius, Jason Self and 3 others likes this.

    Iñaki Arenaza, der.hans, Stephen Michael Kellat shared this.

    I submitted a talk on Propellor and a followup tutorial for LCA. On the off chance they can fly me down there I want to provide maximum value. The one time I attended, in 2013 was really great experience. The travel time to SYD from here is nearly a full 24 hours, so I wouldn't want to do it every year though.

    BTW, my sister told me there's a train from SYD up to an overnight ferry to Hobart. Seems like a great way to make the last leg of the trip.

    joeyh at 2016-08-05T01:19:19Z

    I'm surprised to hear you thought your talk didn't go over very well. I was in the audience and really enjoyed it. I'd also like to echo the sentiments of those who were telling you how important your message was. Unfortunately I wasn't able to make it to the Conservancy lunch to say this in person.

    Hopefully you will be able to make it to LCA 2017, which just happens to be in my home town, to present another great talk.

    John Kristensen at 2016-08-05T01:29:29Z

    Agency security rules have me stuck within CONUS at the moment. There's some nastiness coming up for staff that I'm still pondering the potential outcomes of.

    Stephen Michael Kellat at 2016-08-05T01:42:28Z

    @joeyh the ferry from Melbourne is to Devonport on the north-west coast of Tasmania. Hobart is in the south and public transport between the cities isn't great (there is a bus). Overall it would be cheaper/easier to fly from Sydney to Hobart.

    John Kristensen at 2016-08-05T01:50:39Z

  • EFF Website Privacy

    2016-08-03T18:04:12Z via Dianara To: Public CC: Followers

    If you want to unsubscribe from the EFF's mailing list, managed by their CiviCRM instance, you can't use private browsing mode. Specifically, they require that you accept a cookie just to unsubscribe.

    I accepted the cookie temporarily -- and I'm extra-glad I unsubscribed given this fact. :)

    Is this a bug in CiviCRM, or is it specific to how they have it configured?  It seems unnecessary to set a cookie to submit an unsubscribe request.

    Benjamin Cook at 2016-08-04T04:06:58Z

  • Historic Party Conventions

    2016-07-29T00:56:10Z via Dianara To: Public CC: Followers

    I've had the radio on every night while doing Conservancy work to listen to both the RNC and DNC coverage the last two weeks.

    I'm voting for Jill Stein (of course what did you all expect). But, I know she won't win; I'm voting as I always do to seek a 5% on the Green Party so they get federal matching funds in the next cycle. I hope you'll do the same. (If you are one of the many libertarian-leaning folks in the FLOSS community, there's a Libertarian candidate running, which is probably a better choice than the major parites, too).

    But, I follow politics closely enough to know that this is an historic election, just like Obama's first term was. Either we're going to have the first black president followed by the first female president in USA history, which I'm sure I'll get asked about in my old age by young people, or, we'll have the first black president followed by a backlash where a sexist and (seemingly) racist candidate was elected.

    As always, I'm betting on the the election. A few of you won from me because I took the field against {Trump, Cruz} for the Republician nomination. Well, if you all want action again, I'm offering to bet Clinton against Trump at even money.

    Update: I'm willing to offer better odds: I'll take either side of 1.5-to-1 for Trump-to-Clinton (i.e., Trump side of bet pays $1.50 to every $1 the Clinton side of the bet pays)

    I'm still making up for the huge loss I took offering 1.1-to-1 for Kerry against Bush, so I'm skiddish about offering better odds than even money, but email me if you wanna make offers.

    I also am not making the odds I want to offer to take Trump against Clinton, so email me if you want to bet Clinton against me.

    Alex Jordan, Mike Linksvayer likes this.

    Stephen Michael Kellat shared this.

    I may have previously lived in Las Vegas. With as screwy as this election has been so bet.

    Stephen Michael Kellat at 2016-07-29T02:04:25Z

    Alex Jordan likes this.

  • Impossible problems

    2016-07-20T02:34:38Z via Dianara To: Public CC: Followers

    Donald Trump Jr just said that his father can solve impossible problems that no one else can.

    Has anyone present P =? NP to Donald Trump?

    Heck, why not have him solve the Halting Problem too?

    Christopher Allan Webber, warp, Erez Schatz, Gerard Ryan and 4 others likes this.

    Christopher Allan Webber shared this.

    It needn't be a totally impossible problem we assign him. I'd be happy if his dad could remove the Python global interpreter lock or reverse some cell-phone wifi chipsets.

    Ben Sturmfels at 2016-07-20T04:46:03Z

    ximoberna, Christopher Allan Webber, Matt Molyneaux, warp and 2 others likes this.

  • Publisher's Clearinghouse selects your elected representatives?

    2016-07-16T18:09:06Z via Dianara To: Public CC: Followers

    I hate this phrase VEEPstakes. I guess I should be glad in this cycle, we're basically admitting that this is a "Who Will look coolest in office?" superlative.

  • British vote mixtape

    2016-06-27T00:36:41Z via Dianara To: Followers, Public

    So, a few things here: most of the songs are those popular when I was a teenager or in my 20s.

    And, does anyone even say "mixtape" anymore?

    I am pretty sure NPR demographics are skewing toward 35-50 age group

    Michael Downey, Douglas Perkins likes this.

    I'm pretty sure mix CD has come and find too. And now thanks to DRM, there is no next thing.

    David "Judah's Shadow" Blue at 2016-06-27T03:15:02Z

    You can call something "a mix" or "a playlist".

    Douglas Perkins at 2016-06-27T04:06:48Z

    As a relatively young person, who was nevertheless old enough to make actual "mixtapes," I think it's an excellent term.  The medium doesn't matter as much as the intention behind a personally curated playlist.  People recognize that intention when you say "mixtape," so I say mix those tapes!

    Benjamin Cook at 2016-06-27T15:26:33Z

    I believe the term Mixtape is still in circulation, despite the almost extinction of tape media 

    Erez Schatz at 2016-07-17T11:09:29Z

  • Don't hear this every day

    2016-05-16T11:47:48Z via Dianara To: Public CC: Followers

    At PDX, they just called "Passenger Aquaponic Man, please return to security for an important left behind item.". Realizing it must have sounded strange, the next announcement was "Passenger with the screenname of Aquaponic Man...".

    This makes me want to make a screen saver on all my devices that says: "TSA is security theater", just in case I leave one behind. I guess that's a certain way to never get it back. :)

    Claes Wallin (韋嘉誠), jrobb, der.hans, Stephen Michael Kellat and 4 others likes this.

    Claes Wallin (韋嘉誠) shared this.

    >> Bradley M. Kuhn:

    “[...] I guess that's a certain way to never get it back. :) [...]”

    Most probably xD

    JanKusanagi @i at 2016-05-16T21:54:26Z

  • That “My Ears are Burning” Thing Is Definitely Apocryphal

    2016-05-14T00:51:27Z via Dianara To: Public CC: Followers


    I've posted in the past about the Oracle vs. Google case. I'm for the moment sticking to my habit of only commenting when there is a clear court decision. Having been through litigation as the 30(b)(6) witness for Conservancy, I'm used to court testimony and why it often doesn't really matter in the long run. So much gets said by both parties in a court case that it's somewhat pointless to begin analyzing each individual move, unless it's for entertainment purposes only. (It's certainly as entertaining as most TV dramas, really, but I hope folks who are watching step-by-step admit to themselves that they're just engaged in entertainment, not actual work. :)

    I saw a lot go by today with various people as witnesses in the case. About the only part that caught my attention was that Classpath was mentioned over and over again. But that's not for any real salient reason, only because I remember so distinctly, sitting in a little restaurant in New Orleans with RMS and Paul Fisher, talking about how we should name this yet-to-be-launched GNU project “$CLASSPATH”. My idea was that was a shell variable that would expand to /usr/lib/java, so, in my estimation, it was a way to name the project “User Libraries for Java” without having to say the words. (For those of you that were still children in the 1990s, trademark aggression by Sun at the time on the their word mark for “Java” was fierce, it was worse than the whole problem the Unix trademark, which led in turn to the GNU name.)

    But today, as I saw people all of the Internet quoting judges, lawyers and witnesses saying the word “Classpath” over and over again, it felt a bit weird to think that, almost 20 years ago sitting in that restaurant, I could have said something other than Classpath and the key word in Court today might well have been whatever I'd said. Court cases are, as I said, dramatic, and as such, it felt a little like having my own name mentioned over and over again on the TV news or something. Indeed, I felt today like I had some really pointless, one-time-use superpower that I didn't know I had at the time. I now further have this feeling of: “darn, if I knew that was the one thing I did that would catch on this much, I'd have tried to do or say something more interesting”.

    Naming new things, particularly those that have to replace other things that are non-Free, is really difficult, and, at least speaking for myself, I definitely can't tell when I suggest a name whether it is any good or not. I actually named another project, years later, that could theoretically get mentioned in this case, Replicant. At that time, I thought Replicant was a much more creative name than Classpath. When I named Classpath, I felt it was somewhat obvious corollary to the “GNU'S Not Unix” line of thinking. I also recall distinctly that I really thought the name lost all its cleverness when the $ and the all-caps was dropped, but RMS and others insisted on that :).

    Anyway, my final message today is to the court transcribers. I know from chatting with the court transcribers during my depositions in Conservancy's GPL enforcement cases that technical terminology is really a pain. I hope that the term I coined that got bandied about so much in today's testimony was not annoying to you all. Really, no one thinks about the transcribers in all this. If we're going to have lawsuits about this stuff, we should name stuff with the forethought of making their lives easier when the litigation begins. :)

    Arne Babenhauserheide, Claes Wallin (韋嘉誠), Sean Tilley, sazius and 2 others likes this.

    Arne Babenhauserheide, Arne Babenhauserheide, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠) shared this.

    And here I thought the twist ending was going to be that you told the court transcribers "it's really spelled $CLASSPATH, make sure you get that in there".

    Claes Wallin (韋嘉誠) at 2016-05-18T04:39:41Z

    Arne Babenhauserheide likes this.