The Linux Backdoor Attempt of 2003

Josh wrote recently about a serious security bug that appeared in Debian Linux back in 2006, and whether it was really a backdoor inserted by the NSA. (He concluded that it probably was not.)

Today I want to write about another incident, in 2003, in which someone tried to backdoor the Linux kernel. This one was definitely an attempt to insert a backdoor. But we don’t know who it was that made the attempt—and we probably never will.

Back in 2003 Linux used a system called BitKeeper to store the master copy of the Linux source code. If a developer wanted to propose a modification to the Linux code, they would submit their proposed change, and it would go through an organized approval process to decide whether the change would be accepted into the master code. Every change to the master code would come with a short explanation, which always included a pointer to the record of its approval.

— source freedom-to-tinker.com | Ed Felten | Oct 9, 2013

Nullius in verba


In Estonia state-owned software will be publicly available

The Estonian Parliament, the Riigikogu, approved the necessary changes to the Estonian State Property Act on 12 May 2021, with the new rules coming into force on 1 June 2021. Under the new rules, all software to which the state owns the property rights in whole or part should be made available publicly. If only parts are owned by the state, those parts owned by the state should be made available.

— source joinup.ec.europa.eu | 02/07/2021

Nullius in verba


Linus Torvalds says GPL was defining factor in Linux’s success

Linus Torvalds and Dirk Hohndel, vice president and chief of open source at VMware, discussed the role that GNU GPL played in the success of Linux during a keynote conversation this week at LinuxCon NA in Toronto. Here is an edited version of the conversation.

“FSF [Free Software Foundation] and I don’t have a loving relationship, but I love GPL v2,” said Torvalds. “I really think the license has been one of the defining factors in the success of Linux because it enforced that you have to give back, which meant that the fragmentation has never been something that has been viable from a technical standpoint.”

“The GPL ensures that nobody is ever going to take advantage of your code. It will remain free and nobody can take that away from you. I think that’s a big deal for community management.”

— source cio.com | 27 Aug 2016

Thank you GNU. Thank you Stallman.

Nullius in verba


Unrelated issues are not important

Not long ago, there were moves to exclude Stallman from the movement and from the organized efforts he started, and impose a political stand about issues unrelated to the software freedom issue. It’s not that people can’t or shouldn’t hold or express unrelated views; he and they should be just as welcome and free to do so. People are multidimensional: we care about multiple issues.

However, in the Free Software Movement, the focus has always been on a single issue: freedom for all software users, justified on ethics and grounded on solidarity and on human rights, particularly on free speech. Stallman remains committed to the ideas that define the movement: though he supports several unrelated causes, he has not attempted to impose them on the free software movement.

— source fsfla.org | 2020-12-19

Nullius in verba


Important Free Software projects should not use GitHub

It is no news that Microsoft purchased GitHub in 2018, everyone knows that. Yet despite that fact thousands of the worlds most important [Free Software] projects continue to host their code on GitHub. People seem to have forgotten just how rotten Microsoft really is and how dangerous that situation is.

It is not so much the fact that many projects host their projects on GitHub, it is the fact that many projects haven’t secured the code outside of GitHub! They rely fully on GitHub to maintain and protect the code.

Microsoft is very actively purchasing important projects related to Open Source.

Large projects should self-host their repositories in order to stay completely independent, but some alternative solutions to the more popular services such as GitHub, GitLab and BitBucket does exist (not an exhaustive list):

Codeberg, NotABug, sourcehut

A few good solutions for self-hosting (not an exhaustive list):

Gogs, Gitea, OneDev

— source unixsheikh.com | 2020-10-23

Nullius in verba


35 years ago Richard Stallman started Free Software Movement

Free Software Movement is political movement to free software users from corporate control. Officially it began on October 4th, 1985. It was two years after he publicly announced that his intention to create a free Unix-like operating system called GNU.

To give software users full rights and control Stallman created a license based on the idea of Copyleft. You can read more about it here. Based on that he created 4 laws for softwares. They are following:

1 The freedom to run the program as you wish, for any purpose (freedom 0).
2 The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
3 The freedom to redistribute copies so you can help others (freedom 2).
4 The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

These all together is called Gnu General Public License (GPL). If any software which is released under this is called Free Software.

Nullius in verba


GNU Taler operational at Bern University of Applied Sciences

The GNU Taler payment system was launched at the BFH in the presence of a representative of the Swiss National Bank. Students, staff, faculty and visitors can visit the cafeteria at Höheweg 80 to withdraw the electronic equivalent of Swiss Franks (CHF) onto Taler Wallet App running on their mobile phones and pay at a Taler-enabled snack machine. The system is expected to expand to allow payments at other places in the future. Various faculty members and students are involved various aspects of the project.

— source taler.net | 2020-09

Nullius in verba


GNU Linux-libre 5.8 Required A Lot Of Deblobbing

Linux 5.8 is one of the biggest releases in a while but that newly-stable kernel also means a lot of the new drivers need to be stripped out or otherwise modified over being reliant on binary-only firmware/microcode or contingent upon other dependencies deemed not free to the Free Software Foundation standards. GNU Linux-libre 5.8-gnu was released today by Alexandre Oliva of the FSF Latin America team. The deblobbed GNU-blessed Linux 5.8 kernel is available from fsfla.org.

— source phoronix.com | 3 Aug 2020

Nullius in verba