Eric S. Raymond on evaluating the harm from closed source
ESR has put up a brilliant (IMHO) blog post about the importance of essentially "picking your battles". He says: A common failure mode in human reasoning is to become too attached to
theory, to the point where we begin ignoring the reality it was intended to describe. The way this manifests in ethical and moral reasoning is that we tend to forget why we make rules – to avoid harmful consequences. Instead, we tend to become fixated on the rules and the language of the rules, and end up fulfilling Santayana’s definition of a fanatic: one who redoubles his efforts after he has forgotten his aim.
I think this is often quite true of open source -- that we really don't * need* open source everything. He defines a vague scale in various dimensions for cataloguing the harms of closed source software, and concludes that while some software types (desktop and smartphone operating systems, communications and productivity tools) really *must* be open source to protect our freedoms as computer users, it isn't quite so necessary for others (microwave firmware, games), and therefore, it is not so hypocritical for a free software supporter to play proprietary games.
On Fri, Jun 8, 2012 at 8:46 PM, Matt Giuca
ESR has put up a brilliant (IMHO) blog post about the importance of essentially "picking your battles". He says:
For the "less social" persons on the list (the ones who, like me, don't read/subscribe/follow all parts of/persons on the internet that they probably should... thanks Matt for pushing into my inbox)* here's the linkhttp://esr.ibiblio.org/?p=4371#more-4371 *. Regards, Adrian
The link! Of course! :) Would have been a great thing to remember to put in the original email.
On 06/08/2012 08:46 PM, Matt Giuca wrote:
ESR has put up a brilliant (IMHO) blog post about the importance of essentially "picking your battles". He says:
A common failure mode in human reasoning is to become too attached to
theory, to the point where we begin ignoring the reality it was intended to describe. The way this manifests in ethical and moral reasoning is that we tend to forget why we make rules – to avoid harmful consequences. Instead, we tend to become fixated on the rules and the language of the rules, and end up fulfilling Santayana’s definition of a fanatic: one who redoubles his efforts after he has forgotten his aim.
I think this is often quite true of open source -- that we really don't * need* open source everything. He defines a vague scale in various dimensions for cataloguing the harms of closed source software, and concludes that while some software types (desktop and smartphone operating systems, communications and productivity tools) really *must* be open source to protect our freedoms as computer users, it isn't quite so necessary for others (microwave firmware, games), and therefore, it is not so hypocritical for a free software supporter to play proprietary games. _______________________________________________ Free-software-melb mailing list Free-software-melb@lists.softwarefreedom.com.au http://lists.softwarefreedom.com.au/mailman/listinfo/free-software-melb
Closed source only serves one purpose, profit. That's fine, but if I'm not personally profiting, then why would I argue for that side? You could say that because of profit, people are able to develop software which they might not develop by any other means, again, true, but again, not my problem. Tools which people can modify, learn and adapt are tools which empower people. Tools which people cannot modify, and are controlled by others are tools which disempower people. Farcebook is a classic example of a tool which disempowers people. You lose the relative autonomy and freedom you had with e-mails/SMS and you sell your autonomy to Zuckerberg. If someone doesn't like your politics, they can get you kicked off Farcebook and you lose your social connections. Ivan Illich in "Tools of Conviviality" wrote.. "People need not only to obtain things, they need above all the freedom to make things among which they can live, to give shape to them according to their own tastes, and to put them to use in caring for and about others. Prisoners in rich countries often have access to more things and services than members of their families, but they have no say in how things are to be made and cannot decide what to do with them. Their punishment consists in being deprived of what I shall call “conviviality.” They are degraded to the status of mere consumers. " So I'm more a Stallmanite. The loss of freedom over ones own situation, the loss of power over the use of your own tools far outweighs in cost, the gains that flashier proprietary software gives.
Closed source only serves one purpose, profit. That's fine, but if I'm not personally profiting, then why would I argue for that side? You could say that because of profit, people are able to develop software which they might not develop by any other means, again, true, but again, not my problem.
Okay, but I think you missed the specific point of the argument, which was *pick your battles*. Your response here is a general argument about why free software is better than proprietary software, which I agree with. I was not (and ESR was not) making any kind of argument in favour of proprietary software. Rather, the argument is that we should not place all proprietary software on equal footing, because it is not. There is far more at stake when an operating system is proprietary than when a microwave or a browser game is proprietary. If given the choice between a free software thing and a proprietary thing of the same type, I'll choose the free software thing. But I like the idea of this "scale", so that I can make different choices in these scenarios: 1. I am offered proprietary encryption technology to send an important document, and no free software alternative is available. I choose not to send the document at all (or, if at all necessary, to build my own free software alternative), because it is very important that I can trust the encryption technology. 2. I am offered a proprietary microwave to heat my food, and no free software alternative is available. I choose to use the microwave, because why would I even want the source code to my microwave anyway? You might argue that I'm "disempowering" myself by choosing an unhackable microwave, but at this level of triviality on the scale, I honestly don't care. The point of the article is to view a spectrum in between these two scenarios, and to stop caring about those at the low end, so that we can focus our efforts on the high end (and not come off as unrealistic preachers who will eat cold meals because they are unable to customise their appliances).
A dishonest piece, promoting a self-defeating and impractical policy. Dishonest because RMS isn't against non-free elevator or microwave firmware, and he does prioritise projects based on harm. RMS campaigns for free smartphones and *wrote* a free operating system, and ESR has the gall to criticise him and then in the same breath say that we should be focussing more on operating systems and smartphones?! Self-defeating because by creating categories where freedom isn't important, we just incite Big Software to shift their nastyware into those categories. Like today's "games" which are just fig leaves for data mining software on smartphones and in social networking apps. It's not practical to categorise all software offered to you based on the functionality. If the users can't see the source code, you can't even know all the functionality. So ESR's categories are a blank cheque. It's short term thinking that allows companies with longer term plans to manoeuvre computer users into traps. Stallman's much more practical. If you demand that games are free, then Big Software won't bother merging their snooping software and their game software - they would know that one user would eventually separate them and everyone would then use just the game. So Stallman's approach, by ensuring that a solution would exist, makes it unlikely that the problem will be created in the first place. Stallman's approach to when software *can* be non-free is also more practical: "Is it upgradeable?" This policy is inherently tricky because perfection is impossible: some logic, circuits etc., will always be unmodifiable, so we're forced to draw a line between shades of grey. The "upgradeable" criterion is good because it exposes the manufacturer's own evaluation. If it is not upgradeable, then the manufacturer sees that piece of logic as basic and doesn't have plans to later add unannounced functionality or dependencies, so the capability for harm is limited. If the manufacturer sees value in being able to upgrade that software at a later date, then that logic is important enough for the user to demand to also have the ability to upgrade and replace it. The difference between these two is that RMS is working on all these issues. He's encountering the problems daily and having to develop and adapt his policies in reaction to their effectiveness and to the changes in society's use of computers from year to year. He has to publish policies that not only work for individuals, today, but would also work for society if they become generalised, and won't be made irrelevant by industry tomorrow. ESR's position is comfortable and simple because he doesn't have to prove whether his policies work. An RMS interview covering topics not in most interviews: http://blog.reddit.com/2010/07/rms-ama.html A free-your-android project from FSFE, advocated by RMS: http://fsfe.org/campaigns/android/android.html FSF's high priority projects: http://www.fsf.org/campaigns/priority-projects/ About when firmware has to be free: http://www.gnu.org/philosophy/android-and-users-freedom.en.html "[...] The phone network firmware comes preinstalled. If all it did was sit there and run, we could regard it as equivalent to a circuit. When we insist that the software in a computing device must be free, we can overlook preinstalled firmware that will never be upgraded, because it makes no difference to the user that it's a program rather than a circuit. Unfortunately, in this case it would be a malicious circuit. Malicious features are unacceptable no matter how they are implemented. On most Android phones, this firmware has so much control that it could turn the product into a listening device. On some, it controls the microphone. On some, it can take full control of the main computer, through shared memory, and can thus override or replace whatever free software you have installed. With some models it is possible to exercise remote control of this firmware, and thus of the phone's computer, through the phone radio network. The point of free software is that we have control of our computing, and this doesn't qualify. While any computing system might HAVE bugs, these devices might BE bugs. (Craig Murray, in Murder in Samarkand, relates his involvement in an intelligence operation that remotely converted an unsuspecting target's non-Android portable phone into a listening device.) In any case, the phone network firmware in an Android device is not equivalent to a circuit, because the hardware allows installation of new versions and this is actually done. Since it is proprietary firmware, in practice only the manufacturer can make new versions—users can't. [...]" -- Ciarán O'Riordan +32 (0) 485 118 029
Hi Matt,
thanks for forwarding, an interesting piece - though of course
provocative to the Stallman Free-Software "hard-liners". (Uh-oh,
probably further stoked the flames - no offense intended guys ;) ).
A la ESR's reasoning, in my research work I'm interested in the
problem of the use of proprietary software for scientific research and
public policy making, e.g. climate change research, transport planning
etc.
It looks like in ESR's framework this falls mainly under the topic of
"agency harm" - 'They can use this asymmetry to restrict your choices,
control your data, and extract rent from you. I’ll call this “agency
harm”'.
A good PPT talk about this particular problem of proprietary software
by a US researcher is at
http://www.slideshare.net/ianfoster/e-science-foster-december-2010
cheers, Pat.
On Sun, Jun 10, 2012 at 1:02 AM, Ciarán O'Riordan
A dishonest piece, promoting a self-defeating and impractical policy.
Dishonest because RMS isn't against non-free elevator or microwave firmware, and he does prioritise projects based on harm. RMS campaigns for free smartphones and *wrote* a free operating system, and ESR has the gall to criticise him and then in the same breath say that we should be focussing more on operating systems and smartphones?!
Self-defeating because by creating categories where freedom isn't important, we just incite Big Software to shift their nastyware into those categories. Like today's "games" which are just fig leaves for data mining software on smartphones and in social networking apps.
It's not practical to categorise all software offered to you based on the functionality. If the users can't see the source code, you can't even know all the functionality. So ESR's categories are a blank cheque. It's short term thinking that allows companies with longer term plans to manoeuvre computer users into traps.
Stallman's much more practical. If you demand that games are free, then Big Software won't bother merging their snooping software and their game software - they would know that one user would eventually separate them and everyone would then use just the game. So Stallman's approach, by ensuring that a solution would exist, makes it unlikely that the problem will be created in the first place.
Stallman's approach to when software *can* be non-free is also more practical: "Is it upgradeable?" This policy is inherently tricky because perfection is impossible: some logic, circuits etc., will always be unmodifiable, so we're forced to draw a line between shades of grey. The "upgradeable" criterion is good because it exposes the manufacturer's own evaluation. If it is not upgradeable, then the manufacturer sees that piece of logic as basic and doesn't have plans to later add unannounced functionality or dependencies, so the capability for harm is limited. If the manufacturer sees value in being able to upgrade that software at a later date, then that logic is important enough for the user to demand to also have the ability to upgrade and replace it.
The difference between these two is that RMS is working on all these issues. He's encountering the problems daily and having to develop and adapt his policies in reaction to their effectiveness and to the changes in society's use of computers from year to year. He has to publish policies that not only work for individuals, today, but would also work for society if they become generalised, and won't be made irrelevant by industry tomorrow.
ESR's position is comfortable and simple because he doesn't have to prove whether his policies work.
An RMS interview covering topics not in most interviews: http://blog.reddit.com/2010/07/rms-ama.html
A free-your-android project from FSFE, advocated by RMS: http://fsfe.org/campaigns/android/android.html
FSF's high priority projects: http://www.fsf.org/campaigns/priority-projects/
About when firmware has to be free: http://www.gnu.org/philosophy/android-and-users-freedom.en.html
"[...] The phone network firmware comes preinstalled. If all it did was sit there and run, we could regard it as equivalent to a circuit. When we insist that the software in a computing device must be free, we can overlook preinstalled firmware that will never be upgraded, because it makes no difference to the user that it's a program rather than a circuit.
Unfortunately, in this case it would be a malicious circuit. Malicious features are unacceptable no matter how they are implemented.
On most Android phones, this firmware has so much control that it could turn the product into a listening device. On some, it controls the microphone. On some, it can take full control of the main computer, through shared memory, and can thus override or replace whatever free software you have installed. With some models it is possible to exercise remote control of this firmware, and thus of the phone's computer, through the phone radio network. The point of free software is that we have control of our computing, and this doesn't qualify. While any computing system might HAVE bugs, these devices might BE bugs. (Craig Murray, in Murder in Samarkand, relates his involvement in an intelligence operation that remotely converted an unsuspecting target's non-Android portable phone into a listening device.)
In any case, the phone network firmware in an Android device is not equivalent to a circuit, because the hardware allows installation of new versions and this is actually done. Since it is proprietary firmware, in practice only the manufacturer can make new versions—users can't. [...]"
-- Ciarán O'Riordan +32 (0) 485 118 029 _______________________________________________ Free-software-melb mailing list Free-software-melb@lists.softwarefreedom.com.au http://lists.softwarefreedom.com.au/mailman/listinfo/free-software-melb
Please note: I'm not trying to denounce Stallman or anything like that. I believe he's made a huge contribution, philosophically, legally and technically, to the free software world. I typically err on the side of free software philosophy than open source practicality in these debates. I just wanted to share this because ESR's article made me think: am I being a zealot, pursuing ideals just for the sake of ideals, or am I pursuing them for a reason? I still think free software is hugely important. But what I took from ESR's piece, and what I think a lot of the criticism of RMS is based on, is that we don't want to let the good be the enemy of the perfect. A good example, for me, is the fairly recent "No DRM" movement in the games industry. Look at companies like GOG.com and Humble Bundle that are making a huge marketing fuss about "No DRM". In particular, Humble Bundle is regularly selling games from numerous developers with the following positive outcomes: - As a condition of entry, making all developers build a Linux version of their game (even if some of them seem rushed and in one case just a Wine wrapper, most of them have been ported properly, and specifically for the bundle), - No DRM, - Supporting independent game developers, - Giving money to charity, - Occasionally resulting in the open sourcing of the games. However, most of the Humble Bundle games are proprietary. In Stallman's hard-line view, these games are "evil" and should be avoided. But that's nonsense: I want to play games, I don't mind paying for them, and frankly I want to stick it to these big companies like Blizzard and Ubi Soft that require you to be constantly connected to the Internet and authenticated to their DRM servers just to play a single player game. So hell yes I am supporting the Humble Bundle. ESR's blog post tells me that I don't have to feel guilty for playing a proprietary game -- after all, what is the harm? I can't modify the games? I'm happy with that -- it's not like my personal documents are being held to ransom in a proprietary file format. And I'm sending a positive message in doing so -- not one about free software, but one about no-DRM and Linux, and that's still a positive message.
On 06/09/2012 07:42 PM, Matt Giuca wrote:
Closed source only serves one purpose, profit. That's fine, but if I'm not personally profiting, then why would I argue for that side? You could say that because of profit, people are able to develop software which they might not develop by any other means, again, true, but again, not my problem.
Okay, but I think you missed the specific point of the argument, which was *pick your battles*. Your response here is a general argument about why free software is better than proprietary software, which I agree with. I was not (and ESR was not) making any kind of argument in favour of proprietary software.
Rather, the argument is that we should not place all proprietary software on equal footing, because it is not. There is far more at stake when an operating system is proprietary than when a microwave or a browser game is proprietary. If given the choice between a free software thing and a proprietary thing of the same type, I'll choose the free software thing. But I like the idea of this "scale", so that I can make different choices in these scenarios:
1. I am offered proprietary encryption technology to send an important document, and no free software alternative is available. I choose not to send the document at all (or, if at all necessary, to build my own free software alternative), because it is very important that I can trust the encryption technology. 2. I am offered a proprietary microwave to heat my food, and no free software alternative is available. I choose to use the microwave, because why would I even want the source code to my microwave anyway? You might argue that I'm "disempowering" myself by choosing an unhackable microwave, but at this level of triviality on the scale, I honestly don't care.
The point of the article is to view a spectrum in between these two scenarios, and to stop caring about those at the low end, so that we can focus our efforts on the high end (and not come off as unrealistic preachers who will eat cold meals because they are unable to customise their appliances). _______________________________________________ Free-software-melb mailing list Free-software-melb@lists.softwarefreedom.com.au http://lists.softwarefreedom.com.au/mailman/listinfo/free-software-melb
I don't think its a matter of choosing battles. It's a matter of defining what you want. Or more accurately, what you are entitled to. If you buy a piece of hardware or software, you are, I believe, entitled to have freedom and control to use its base functionality any way that you see fit. For instance, a graphics cards base functionality is to allow a computer to display graphical images, and these days, process graphical data. So you as a customer are entitled to use the hardware, and have the knowledge and power, to use the graphics card in that matter. It should enable you to, by manipulating the computer at ITS base functional level, to make use of its hardware to do what its designed to do. If you think about it, when you buy a card, which is closed, and only operates through drivers, you are denied this. You are buying a graphics card where you cannot freely use its base functions. You are getting ripped off because you are denied its base functionality. If you bought a car, but you had to have a chauffeur drive you around, you would again, be ripped off. For a microwave, its base function would be to microwave food, to control time, wattage, etc. Being able to program it is not part of that, and therefore its not an issue. I'm not saying its a battle not worth fighting, I'm saying there is no battle there and microwaves are not sold as programmable units. Same for a pacemaker. Industry seems to thrive on customers not demanding their rights, or not knowing or believing they have such entitlements. This is a typical attitude of the day unfortunately. These companies take away our freedom because we don't think we deserve better and most people are shockingly docile and oversocialised. No one is demanding to be able to program their microwave, so I think Eric is attacking a straw man here. A lot of people don't like Stallmans hard line approach. I think a lot of people don't like Stallmans approach, because it appears boorish, simplistic, perhaps not intellectual and conciliatory enough. But this is exactly what you need to do to actually push your point.
participants (5)
-
Adrian Colomitchi -
ciaran@member.fsf.org -
Dennis K -
Matt Giuca -
Patrick Sunter