Freedom minus one blogpostpatch-60

1 files changed, 79 insertions, 0 deletions

diff --git a/_posts/2020-09-00-freedom-minus-one.md b/_posts/2020-09-00-freedom-minus-one.md
new file mode 100644
index 0000000..493256e
--- /dev/null
+++ b/_posts/2020-09-00-freedom-minus-one.md
@@ -0,0 +1,79 @@
+---
+title: 
+author: Allan Nordhøy
+layout: single
+permalink: /freedom-minus-one/
+excerpt: Software freedom protections.
+categories:
+  - News
+tags:
+  - News
+  - Opinion
+---
+
+https://archive.org/details/copyleftconf2020-expansion?start=2467
+
+Under the assumption that software freedom is the freedom to use software in some level of freedom,
+would it be above board to add a clause to a future copyleft license to say you could only use it on
+architectures which are not known to have network level insecurities?
+
+(This is really an assertion)
+
+- Sadly I think that might mean that nobody can use it anywhere, because there is no way you can know for sure there isn't any insecurity. All you can know is that we haven't found anything yet.
+
+(Confuses the premise, thinks unknown insecurity equates to no safeguard from)
+
+That is what I am saying, so unless something is found. So if something is found, you are not allowed to compile it for that architecture lets say.
+
+(Re-asserts the premise)
+
+- Yeashe, the problem is then, like you know, if you immediately revoke the license as soon as a volunerability is found and then that just like, destroys the use of the software, and, I can understand wanting to explore it, but I actually work on hardware architectures, and security volunerabilities, that is like my main area of work right now and like, it is too,
+I can guarantee there are hardware volunerabilities in every system everywhere; That is the sad thing.
+You never eliminate, all you do is mitigate the risks, and that is all you can do.
+
+(There could be a cure clause as there is today in GPLv3. Still confuses the premise, and defends it with poor understanding of hardware.)
+
+Eh, that is untrue, and you are discarding the fact that you are adding some level of complexity and also hiding it, so let me change my question. Lets say that you, eh, you only allow it to be used on architectures where you can add some level of scrutiny. Let's say the schematics are open
+
+(The premise is changed to allow for the hyptotetical to be easier to grasp, albeit more far-fetched.)
+
+- I think it falls in the category of things that are outside of software freedom, um not the same as ethical licenses, but kinda that idea, which is to say it is not neccisiarily a bad thing to experiment, but it is a very different goal that you are acheiving there, um.
+
+(And this is what questions software freedom. What does it mean?)
+
+It is very funny we got to the end of the panel before someone asked, can you take the ethical issue that I am concerned about and bring it into copyleft. Um, I think that thats, we are going to have more talks on that later today, and I think it is an important issue to discuss, and I think the exchange here illustrates how complicated it is to discuss
+you need to make sure you get software freedom from a copyleft license. I.e. you get the source code from the software copyrighted work that the binary was a derivitive of. We have spent decades at this point figuring out how to do that right. If we start saying all this issues with software or tangential to software where that we want the license to uphold as a hook, I think we have decades in front of us to figure out if that makes sense.
+
+(I don't think freedom as it relates to people is tangential to software freedom. Getting the software is not enough by the standards of where we are, so that doesn't hold. The time is IMO now, and the future create by not getting it right is how it gets to be wrong.)
+
+- I would say there is an infinite number of ways to throw away freedom zero, and you know, what we are going to, if we do that, what we are going to end up with is, here is software you can only use in a perfect world, and (haha) I don't know that that really serves us. You know, don't be so quick to throw away freedom zero. If there are reasons to do it, maybe there are reasons to do it. You gotta be cognisent of what you are doing, every time, thats, thats a restriction.
+
+(Freedom zero is the freedom to use the software as one wishes. It seems clear to me the premise precludes nobody else being able to use the software as they wish. Hence the "Networked" software. That it is a restriction is neither here nor there. It is also a protection. It is increasingly not clear to the user when hardware is compromised, but the format didn't allow for further or detailed questioning, nor did anyone on stage take the time to think about it.)
+
+- And I think, security is the example of the unintended consequence of that kind of provision, because the definition of security is not objective, and people say the iPhone is the most secure phone out there. You know, from a lot of peoples perspective it's (pointing to himself) one of the most insecure phones out there because you can't audit the software yourself, and it is insecure against the owner of the software which gave you the phone which is Apple. So you, cant ever provision preventing a piece of software on an insecure network unless you also define what security means to begin with.
+
+(This was the FSF leader at the time. I did define what security means, as all of it void as subject to the whim of a third party. Apple quite closely follows this analogy to end up as subjectively worse. We arrive at what is an intended consequence in allowing everyone to play the same game. The idea that granting someone else the ability to defines one security is better, or at all secure, is respectively flawed, or trades possible chance for control. It is never knowingly better, which is why it falls to its own critique, "security is the example of the unitended consequence.")
+
+---
+
+The CLA
+The client license agreement, in its most popular form, undermines any copyleft software license by allowing for relicensing of future works. Where the default GPL option is hoping the FSF ratifies something good for GPLv4, this leaves things totally in the control of maintainers. None of these models are fair to the contributor or intent of the license in keeping with itself. It can only be optimal, but will always fail given enough time.
+
+Another fail is putting the onus upon providing services, but then allowing those services to undermine the protections of the licesne. To come up with such cynic views, is it cheating to read RedHat documents? Well yes. Whether these counts as additional terms to the license, as is not permitted, I don't know.
+
+https://www.redhat.com/cms/managed-files/EMEA_Partner_Agreement_Webversion_English_20150306_0.pdf
+
+>13.2   Termination by Red Hat or Partner. Red Hat may (without prejudice to any other right or remedy) terminate this Agreement in whole or in part (including any Program Appendix and Partner’s participation in any Program) for any reason at any time upon ninety (90) days prior written notice to Partner. If Partner or Red Hat breaches the terms of this Agreement, and the breach is not cured within thirty (30) days after  written  notice  of  the  breach  is  given  to  the breaching  party  (except  for  payment  obligations,  in  which  case  five  (5)  days),  then  the other party may, by giving written notice of termination to the breaching party, terminate this Agreement in whole or in part (including any Program Appendix and Partner’s participation in any Program) without prejudice to any other right or remedy; unless a shorter cure period is otherwise stated under this Agreement or in the applicable Program Appendix and provided that no cure period is required for a breach of Sections 8, 9.1, 12.2 or 14.3 hereof.
+
+>9.0 Additional Requirements 9.1     Red  Hat  reserves  all  rights  not  expressly  granted in  this Agreement  and  all  rights  not  expressly  granted  to  the  Red  Hat  Products  and Services (including rights under any trademarks, copyrights, patents or other intellectual property of Red Hat). Partner will not use Red Hat Products  or  Services  to  create  an  offering  competitive  with  Red  Hat,  directly  or  indirectly,  or,  unless  specifically  permitted  in  this Agreement, for the benefit of any other person or entity or permit any third party to make such use. If Red Hat determines that any of the Red Hat Products or Services is being used (in whole or in part) by Partner in any way to (a) avoid paying fees that would otherwise be due  hereunder,  (b)  provide Services to  third  parties  outside  of  the scope  of  a Program  or  (c) create  revenue  without  payment  of fees  to Red  Hat  for  Red  Hat  Products  or  Services,  Red  Hat  may  immediately  suspend  performance  and/or  terminate  this Agreement  and  any Program, and reserves its rights to exercise any and all legal and equitable remedies available to it.
+
+9.2     For each Red Hat Product (or Partner product that incorporates a Red Hat Product or Service, in whole or in part) that Partner sells to an End User under a Program Appendix, Partner shall purchase the equivalent Red Hat Product with respect to such conditions as the term (1 or 3 years) and support level. For example, if the End User purchases a one year 24x7 support level Red Hat Enterprise Linux product from Partner, Partner shall purchase a one year Premium (24x7) Red Hat Product from Red Hat. Similarly, Partner is only authorized to resell the complete Red Hat Product it purchased and is not permitted to decouple the Red Hat Product or sell it in parts. For example, Partner will not purchase a one year Red Hat Product from Red Hat and then break it into multiple shorter increments of time for resale. Partner  will  work  with  Red  Hat  to  ensure  that  its  resale  of  Red  Hat  Products  to  End  Users  is  consistent  with  the  terms  for  the  Red  Hat Products purchased.
+
+9.3     Without limiting the generality of Sections 9.1 or 9.2 above, Partner agrees: (i) not to modify the Red Hat Products in any manner unless agreed to by Red Hat in writing and (ii) not to use or resell the Red Hat Products in any manner or for any purpose not permitted by this Agreement,  including,  without  limitation,  for  Partner's  own  internal  or  production  use,  other  than  as may  be  expressly  permitted  in  the applicable Program Appendix or by any applicable mandatory rule of law. For certain Programs and only during the term of the Program, Red  Hat  may  provide  Partner  with  access  to  non-production,  evaluation,  development  kits  and/or  not  for  resale  (aka  “NFR”)  Red  Hat Products  for  the  sole  purpose  of  testing  and/or  supporting  its  partners  and/or  End  Users  on  issues  related  to  Partner’s  rights  and obligations hereunder.  Should Partner resell or use its access to such Red Hat Products for Partner’s own internal or production use other than  as  expressly  permitted in  the  applicable  Program Appendix,  Partner  agrees  to  purchase  the  appropriate  Red  Hat Product(s)  under Red Hat’s standard terms for such resale and/or use, and to pay the applicable fee for all periods. This Agreement establishes the rights and obligations associated with Red Hat’s Programs, Products and Services, and is not intended to limit Partner’s rights to software code under the terms of an open source license.
+
+---
+That document is written in Microsoft Word, and to drive the point home:
+
+https://access.redhat.com/help/terms
+
+>You may not engage in any activity on a Red Hat Portal that restricts or inhibits any other user from using or enjoying the Red Hat Portal or Red Hat Content, whether by "hacking," "cracking," "spoofing," or defacing any portions of a Red Hat Portal.
\ No newline at end of file