Posts tagged ·

GPL

·...

Freedom is not a matter of principle

Comments Off

In today’s news, the terms of the Android SDK has changed. However, it seems it was not open source in the first place. What’s always interesting though, is the discussion it spurs, with insightful comments on Slashdot.

Comment by “rtfa-troll”:

“Freedom is not (just) a matter of principle. The reason that people take your freedom away from you is because they want, later at their option, to be able to take other things from you that would naturally be yours. Microsoft locks people into proprietary licenses because they know that, after a few years of using the OS they buy from them you will need a new computer and a new system, either because your old one broke or because an associate wants to do the same things as you do already. Normally, if you were allowed your natural right to copy things you own, you would just be able to copy the old one and that would work fine. By taking away that freedom, Microsoft is able to take away your money from you again later for nothing more than you could easily have done yourself if they didn’t interfere with your copying.

Google’s aim here is to make life difficult for competitors such as Amazon and the Chinese Android clone makers (not that these will care). This allows them to interfere with the free market for their own benefit. For programmers reading Slashdot, that means that, instead of being four or more potential developers of mobile software you can work for, Amazon, Google, Apple and the Chinese, there may well only be two: Apple and Google. With the possible exception of Jolla and Ubuntu, there is almost nobody else in the market who could consider competing. For people buying mobile phones would mean that, instead of having widespread choice from different vendors, everything would go through Google or Apple.

This is one of the key reasons why licenses such as the AGPLv3 as well as free software foundations which can provide a neutral holder for coyprights are so important. Look at how FreeBSD development has been absorbed by Apple even though it was supposedly “Open Source”. Without strong copyleft licenses the only choice will be which set of chains you wear. Once you are wearing those chains the only choice will be to give the mobile vendors what they want to take.”

Comments Off

The Do-It-Yourself Cloud

1 comment

“In the cloud”

The buzzword “cloud” seems to be here to stay for quite a lot longer. The problem is that it is rather ill-defined, and sometimes it is used to mean “on the Internet”, regardless of how or where a particular service or content is hosted.

It is not before we pick up further buzzwords that we can add some meaning to the term: Although there are even more terms used, I would like to focus on two of them: Infrastructure as a Service (IaaS), or what traditionally has been called “hosting”; virtual or dedicated machines which you can install and operate on OS root level with little or no oversight. Examples include your local hosting provider, and global businesses like Amazon EC2 and Rackspace.

Secondly, Software as a Service (SaaS), where you don’t write the software or maintain the system yourself. All it takes is to sign up for a service, and start using it. Think Google Apps, which includes GMail, Docs, Calendar, Sites and much more; or Salesforce, Microsoft Office 365, etc. Often these services are billed as “free”, with no financial cost to private users, and the development and operating costs of the provider is financed through various advertisement programs.

Black Clouds

The problem with the later model, Software as a Service, is that it can put many constraints on the user, including what you are allowed to do, say, or even make it difficult for you to move to another provider. In his 2011 essay “It’s the end of the web as we know it”, Adrian Short likens the later model to tenants: If you merely rent your home, there are many things you will not be allowed to do, or which you do not have control over. Short focuses on web hosting where using a service like Blogger will not let you control how links are redirected, or were you to move in the future, take those page-clicks with you onto your new site. The same goes for e-mail: If AOL decides that their e-mail service is not worth-while tomorrow, many people will lose e-mails with no chance to redirect. Or look at all the storage services which collapsed in the wake of the raid on MegaUpload. A lot of users are still waiting for FBI to return their files.

More recently, the security expert Bruce Schneier wrote about the same problem, but from a security perspective. We are not only tenants he claims, but serfs in a feudal system, where the service providers take care of all the issues around security for us, but in return our eye-balls are sold to the highest bidder, and again it is difficult to move out. For example, once you’ve invested in music or movies from Apple iTunes, it is not trivial to move to Amazon’s MP3 store; and if you’ve put all your contacts into Facebook, it is almost impossible to move to MySpace.

In early December, Julian Assange surfaced to warn about complete surveillance, and governments fighting to curb free speech. His style of writing is not always as straight to the point as one could wish for, but in between there is a clear message: Encrypt everything! This has spurred interesting discussion all over the Internet, with a common refrain: Move away from centralized services, build your own.

Finally, Karsten Gerloff, president of the Free Software Foundation Europe (FSFE), touced on the same theme in is talk at the LinuxCon Europe in Barcelona, in November 2012. He highlighted the same problems with centralised control as discussed above, and also mentioned a few examples of free software alternatives which distributes various services. More about those below.

Free Software

The stage is set then, and DIY is ready to become in vogue again. But where do you start, what do you need? If not GMail or Hotmail, who will host your e-mail, chat, and other services you’ve come to depend on? Well, it is tempting to cut the answer short, and say: “You”. However, that does not mean that every man, woman and child has to build their own stack. It makes sense to share, but within smaller groups and communities. For example, it is useful to have a family domain, which every family member can hinge their e-mail address off. A community could share the rent of a virtual machine, and use it for multiple domains for each individual group; think the local youth club, etc. The French Data Network (FDN), has a similar business model for their ISP service, where each customer is an owner of a local branch.

For the software to provide the services we need in our own stack, we find ourselves in the very fortunate situation that it is already all available for free. And it is not only gratis, it is free from control of any authority or corporation, free to be be distributed, modified, and developed. I’m of course talking about Free and Open Source Software (FOSS), which has much to thank Richard Stallman for its core values, defined in the GPL. (“There isn’t a lawyer on earth who would have drafted the GPL the way it is,” says Eben Moglen. ["Continuing the Fight"]). We may take it for granted now, however, we could very easily have ended up in a shareware world, where utilities of all kinds would still be available, but every function would come with a price tag, and only the original developers would have access to the source code, and be able to make modification. Many Windows users will probably recognize this world.

Assuming one of the popular GNU/Linux distributions, most of the software below should already be available in the main repositories. Thus it is a matter of a one-line command, or a few clicks to install. Again a major advantage of free software. Not only is it gratis, it usually refreshingly simple to install. The typical procedure of most proprietary software would include surfing around on an unknown web site for a download link, downloading a binary, and trusting (gambling really) that it has not been tempered with. Next, an “Install Wizard” of dubious usefulness and quality gives you a spectacular progress bar, sometimes complete with ads.

The DIY Cloud

The following is a list of some of the most common and widely used free and open source solutions to typical Internet services, including e-mail, web sites and blogging, chat and voice and video calls, online calendar, file sharing and social networks. There are of course many other alternatives, any this is not meant to be an exhaustive list. It should be plenty to get a good personal or community services started, though.

  • The Apache HTTP web server is the most widely used web server on the Internet, powering shy of 60% of web sites (October 2012). It usually comes as a standard package in most distributions, and is easy to start up and configure. For the multi-host use-case, it is trivial to use the same server for multiple domains.
  • If you are publishing through a blog like this one, the open source WordPress project is natural companion to the Apache web server. It too is available through standard repositories, however, you might want to download the latest source and do a custom install, both for the security updates, and to do custom tweaks.
  • For e-mail, Postfix is typical choice, and offers easy setup, multi-user and multi-domain features, and integrates well with other must-have tools. That includes SpamAssassin (another Apache Foundation project) and Postgrey to handle unwanted mail, and Dovecot for IMAP and POP3 login. For a web-frontend, SquirrelMail offers a no-frills fully featured e-mail client. All of these are available through repository install.
  • Moving into slightly less used software, but still very common services, we find the XMPP (aka Jabber) servers ejabberd and Apache Vysper, with more to choose from. Here, a clear best-of-breed has yet to emerge, and furthermore, it will require a bit more effort on the admin and user side to configure and use. As an alternative, there is of course always IRC, with plenty of software in place.
  • Taking instant chat one step further, a Voice-over-IP server like Asterix is worth considering. However, here setup and install might be tricky, and again, signing up / switching over users might require more effort. Once installed, though, there are plenty of FOSS clients to choice from, both on the desktop and mobile.
  • Moving on to more business oriented software, online calendar through the Apache caldav module is worth exploring. As an alternative the Radicale server is reported to be easy to install and use.
  • A closely related standard protocol, WebDav, offers file sharing and versioning (if plain old FTP is not an option). Again, there is an Apache module, mod_dav, which is relatively easy to set up, and access in various ways, including from OSX and Windows.
  • DIY Internet

    That list should cover the basics, and a bit more. To round it off, there are a number of experimental or niche services which is worth considering to their propitiatory and closed alternatives. For search, the distributed YaCy project looks promising. GNU Social and Diaspora aim to taken on heavy weights in social networking. Finally, GNUNet and ownCloud are peer-to-peer file-sharing alternatives.

    The future lies in distributed services, with content at the end-nodes, rather than the hubs. In other words, a random network, rather than scale-free. Taking that characteristic back to the physical layer (which traditionally always has been scale-free), there are “dark nets” or mesh nets, which aim to build an alternative physical infrastructure based on off-the-shelf WiFi equipment. Currently, this at a very early experimental state, but the trend is clear: Local, distributed and controlled by individuals rather than large corporations.

Is Android really free software?

1 comment

In an article in the Guardian today, Richard Stallman asks “Is Android really free software?Slashdot sums it up nicely:

Google has complied with the requirements of the GNU General Public License for Linux, but the Apache license on the rest of Android does not require source release. Google has said it will never publish the source code of Android 3.0 (aside from Linux), even though executables have been released to the public. Android 3.1 source code is also being withheld. Thus, Android 3, apart from Linux, is non-free software, pure and simple. … Android is a major step towards an ethical, user-controlled, free-software portable phone, but there is a long way to go. Hackers are working on Replicant, but it’s a big job to support a new phone model, and there remains the problem of the firmware. Even though the Android phones of today are considerably less bad than Apple or Windows smartphones, they cannot be said to respect your freedom.

Further into the article, he also explains the difference between GNU/Linux and Android/Linux, in a I’ve-told-you-so-for-20-years manner he of course is completely entitled to:

Android is very different from the GNU/Linux operating system because it contains very little of GNU. Indeed, just about the only component in common between Android and GNU/Linux is Linux, the kernel. People who erroneously think “Linux” refers to the entire GNU/Linux combination get tied in knots by these facts, and make paradoxical statements such as “Android contains Linux, but it isn’t Linux”. If we avoid starting from the confusion, the situation is simple: Android contains Linux, but not GNU; thus, Android and GNU/Linux are mostly different.

Panorama

2 comments

Here is the first in a series of panorama pictures I’ve worked on over the past years. This is of Zurich, taken from Üetliberg. It is composed of 211 single 15 MP pixels, and the result is an image of 33585×6832 pixels or 230 MP.

It was stitched using the open source panorama tool Hugin, and split into tiles using ImageMagick. The panorama is rendered using a home made HTML 5 Canvas viewer. If you’re interested, the source is open source under GPL 3.

The ImageMagick commands are worth a closer look. As mentioned, the complete image is 230 MP, and to serve scaled tiles, it useful to work with something smaller. Five different scales were created from the original. Here is the basic resize command to 50%:

convert input.tif -resize 50% output_50.tif

Next, each of the resized images were tilled following the excellent instructions on the IM site. They were cropped to equal tiles, so there is only a +1 pixel difference between some of the tiles. For the current panorama, I’ve chosen to ignore that difference, and render based on the smallest.

The following gives 49 columns and 8 rows, with the first top left hand tile starting with filename tile_0.jpg. It is worth noting that not all tile sizes worked; in some cases only the first row would be produced, changing (often increasing) the tile count would work around that.

convert output_50.tif -verbose -crop 49x8@ +repage +adjoin tile_%d.jpg

Finally, I wanted to put a water mark on some of the images. Here, I also followed the IM instructions without problems. To create the “stamp”, the following did it:

convert -size 300x50 xc:grey30 -font FreeSans-Medium -pointsize 20 -gravity center -draw "fill grey70  text 0,0  'Copyright'" stamp_fgnd.png
convert -size 300x50 xc:black -font FreeSans-Medium -pointsize 20 -gravity center -draw "fill white  text  1,1  'hblok.net' text  0,0  'Copyright' fill black  text -1,-1 'Copyright'" +matte stamp_mask.png
composite -compose CopyOpacity  stamp_mask.png  stamp_fgnd.png  stamp.png
mogrify -trim +repage stamp.png

To apply the stamp to an image, e.g. tile_20.jpg

composite -gravity SouthEast -geometry +10+10 stamp.png tile_20.jpg watermarked.jpg

WordPress for Android – Privacy Edition

Comments Off

I like WordPress, and I like Android. However, I do not like the attitudes some of their developers have towards privacy. It seems to be “everything goes, as long as it benefits us”. In particular, the phone-home, and remote kill features, which many developers feel entitled to include, rub me the wrong way. Sorry, but it doesn’t fly on my device. I like your application, and want it to do its job well. Nothing more, nothing less.

Luckily, the WordPress for Android app is open sourced under GPL. It means I have right to access the source code, modify it, and distribute the modified version as long as I also reveal my code changes. So I did just that, fixing a few issues in the latest version (1.3.8) of WordPress for Android. The changes include:

  • Removing the location based permissions (fine and course grained).
  • Removing phone-home features to wordpress.com by which they collect a lot of identifying information, including the unique device ID.
  • Removing the EULA. The GPL is not an EULA! (More on that in a later post).

The patch is available here, and the APK installer binary built to the Android 2.2 platform (API level 8). However, I would encourage you to download and build the source code yourself. To do that, follow these steps:

  1. Download the source code for WordPress for Android:
    svn checkout http://android.svn.wordpress.org/trunk
  2. Download and apply the patch:
    cd trunk
    wget http://hblok.net/blog_resources/wordpress_android/wordpress_android_1_3_8_p_1_privacy.patch
    patch -p0 -i wordpress_android_1_3_8_p_1_privacy.patch
  3. Build the application in Eclipse. If you have not installed the Android SDK for Eclipse, here is the starting point of the download and install instructions.
  4. Search through the code and look for further privacy violations.
Comments Off