Issue 37 Bulletin Fall 2020

Contents I've had the good fortune of being at the FSF for over seventeen years – page 1: FSF at 35: Why nearly half of the thirty-five years matters more than ever we’re celebrating today. I'm so page 3: Celebrating the FSF's tireless thankful for all of you – the members, commitment volunteers, and supporters – who page 4: How Tor improves usability have stuck with us through the ups without compromising user privacy and downs. page 7: Free software payment I miss seeing so many of you in system launches at Swiss university person, hearing your stories, and page 9: Why providing source code getting updates on your projects and organizing efforts. This work that we for unmodified works is important do together, standing up to some of page 10: Updates from the FSF Tech the most powerful and wealthy Team corporations and governments on the FSF at 35: Why free software matters more than ever By John Sullivan Executive Director

These are excerpts from John’s talk at the FSF35 anniversary celebration, edited for length and clarity. You can watch the full event videos at u.fsf.org/35vid.

hope you have been enjoying our I small celebration of the thirty- five years that the FSF and our supporters have been hacking, The FSF thirty-fifth anniversary artwork campaigning, organizing, and was inspired by the interdependence of educating for user freedom. organisms in a coral reef. 1 planet, can be exhausting. This problem as companies having grown pandemic has been hell on people in too large, rather than companies so many ways, and I've wondered at being based on fundamentally unjust several points whether we should power. even be talking about free software We can't have massive companies with so many kinds of suffering leveraging their completely artificial happening around the world. and arbitrary control over the Then, I see the headlines. Public software and platforms through schooling conducted over Zoom, which billions of people experience which requires nonfree software; bulk their daily lives to subvert our surveillance of protesters at Black democracies. Lives Matter events, including We can't have cultural gatekeepers exploitation of proprietary software with the ability to determine what we backdoors; the massive cultural land watch and listen to – both by deciding grab by music and video streaming what gets made and what gets deleted, services that use Digital Restrictions sometimes silently – who also claim Management (DRM) to tightly the right to stop you from recording the control and surveil what we watch things they show, while they freely and listen to, and even what gets record you. created; and, of course, all of the We can't have our political speech headlines about science and our or willingness to join important desperate need for major peaceful demonstrations chilled by breakthroughs. bulk surveillance facilitated by the Our new “Rewind” animated proprietary software devices in so short focuses on the necessity of free many people's pockets, and the software and free software principles proprietary software entangling our to scientific advancement – if you governments. haven’t seen it yet, please watch and We can't have our schooling share u.fsf.org/rewind. We dependent on proprietary software, can't have our doctors and which represents the very antithesis of researchers unable to collaborate learning: you may not study it to learn with each other or check each other's how it works, you may not share it to math because of the proprietary help someone else, and you may not terms of some company's stupid apply what you've learned to make license agreement. improvements to it or just experiment. We also saw the antitrust So yes, free software is important hearings in the US that focused on right now. It isn't a magic wand, and Big Tech, but mistakenly viewed the it won't, by itself, solve all of these

2 issues. But it is a precondition, a Celebrating the FSF's necessary foundation on which to tireless commitment build the solutions we need. And the By Greg Farough FSF is likewise a foundation upon Campaigns Manager which the free software movement has been built, and upon which it can I t’s an honor to be the campaigns continue to grow. We are not manager of an organization that has developing all of the free software maintained a tireless commitment to ourselves, but we are fighting for the user freedom for thirty-five years. ideals, the awareness, and the sharing. Getting an accurate handle on decades We are providing legal and technical of historical, philosophical, and infrastructure, which creates and technical development hasn’t been holds the space for other people to do easy, but it never ceases to be inspiring. amazing things with free software. The free software movement is a When you support the FSF, testament to how enduring a simple that's what you're supporting. It isn’t set of principles can be. Not only has just the development of particular the Free Software Definition been programs, or the propagation and influential in other fields of endeavor defense of the GNU General Public like cultural works, but it's served as License and copyleft, though we a foundational tool for evaluating absolutely do that. You are whether the digital tools we use have supporting the idea that all software our best interests in mind. If they do, must be free as in freedom, and that that gives us cause to celebrate. But without free software, we cannot and if they don't, the definition also will not have free societies. points the way to practical steps that With your support, we can win. we need to take to achieve freedom. “Big Tech,” the term used to describe These sound principles and the corporate behemoths, is a misnomer, dedicated activists behind them are because there is no bigger tech than rare in any community, but when the free software. By definition, software organization was founded in 1985, that you distribute under terms that they were visionary. allow anyone on the planet to use, The stakes for our work are share, and improve – that is the higher today than most people would biggest possible tech. Let's make that have anticipated back then, unless a reality. Let's make sure all software they had read and understood their is free software before another thirty- Philip K. Dick. However, the FSF has five years pass. Thank you for your been discussing the potential for support. software to lead to a dystopia since

3 its inception. In a world in which your make limited recommendations on doorbell spies on you and Digital mobile phone freedom. We need to Restrictions Management (DRM) harness the energy and enthusiasm has penetrated to the deepest levels of a new generation of hackers from of computer hardware, subverting around the world to remedy this. It’s the user’s interests for those of our job to ensure that freedom is surveillance capitalism, these brought to all software users, even if principles are as vital and necessary their computer is pocket-sized, and as when they were conceived. this is particularly of concern to our The campaigns team, whose role is younger audience. to address issues threatening software Thirty-five years in, our freedom and to expand the free movement is just as relevant and software movement, was not present important as ever, and if its goals are at the beginning of the FSF’s history. going to succeed, we need more Instead, the early FSF focused on supporters than ever. Although our being the legal steward of the GNU community has built enough software General Public License (GPL) and the for the average person to do all of their technical development of the GNU daily computing in full freedom, we operating system. But as we saw are up against an incredible amount threats arise, and knowing that only of adversity. Companies like Apple, we would stand up in defense of the Google, Facebook, and Amazon have founding principles, the organization billions of dollars to pour into funding decided to combat them holistically. proprietary software. When the FSF Today, we have messaging on nearly was founded, computing freedom was every topic affecting the freedom of a niche concern, but today, the digital computer users, and our team is freedom of everyone you know is at constantly addressing new issues, such stake. We hope you’ll continue your as the need for ethical hosting services, support for many anniversaries to the continual threat of nonfree come. JavaScript, Service as a Software Substitute, institutional pressure to How Tor improves usability use nonfree communication tools, and the ubiquitous presence of DRM. without compromising user We’re now grappling with the privacy By Isabela Bagueros fact that a significant chunk of computing is done exclusively on Executive Director, Tor Project mobile phones, but due to technical he Tor Project is a nonprofit limitations, the community can only T whose mission is to advance 4 Isabela and a colleague at the Tor Project table at LibrePlanet 2019. human rights and freedoms by venting censorship, protecting creating and deploying free software democracy, and even protection from anonymity and privacy technologies, violence. It’s extremely important supporting their unrestricted that our tools are easy to use. availability and use, and furthering However, because our design their scientific and popular prioritizes privacy, our tools gather understanding. very little information about our We are the developers of the Tor users, which makes it difficult for us network and Tor Browser. The Tor to communicate with users and network protects the privacy of 2.5 determine what their needs are. Our million users every day via “onion metrics portal has some usage data routing,” which directs Internet about which countries users connect traffic – email, instant messages, from, and if the user connected online posts, Web form visits, and directly to the network or had to use more – through a multilayered any circumvention tool. We also network that obfuscates who the user meet users at conferences and is, concealing their identity and training sessions. And we utilize location. It can be accessed through research published by the academic Tor Browser or integrated into third- and research communities, which party applications and Web sites, to have always collaborated with Tor. protect users against network traffic So until recently, we did not have analysis, government censors, and a systematic and proactive way to network attacks. involve users and integrate their use Users depend on Tor for matters cases and feedback into development of huge importance like circum- cycles. This is why, early in 2018, we 5 began our User Research Program, ∙ Jelani, the human rights defender: where our team meets users face-to- Jelani lives in Uganda, and is a face. This meant building a digital human rights defender who security training program for publishes information related to the LGBTQ+ community. He wants to partners in the Global South who are minimize risk of arrest for doing working on human rights struggles this in a country where LGBTQ+ within minority communities in the people are criminalized. region. We incorporated user research as part of our trainings by ∙ Aleisha, the privacy­seeker: Aleisha doing interviews and collecting user is facing domestic violence from her husband and is looking for a safe feedback on the tools we taught way to seek help. participants. During every training, we carry ∙ Fernanda, the feminist activist: out a threat model exercise that will Fernanda is another activist, a influence the content of the training. feminist who also wants to publish We created courses with different information online without fear of modules that can be put together surveillance and arrest. according to the needs of the ∙ Fatima, the censored user: Fatima participants. Along with Tor is looking for a way to circumvent Browser, we teach about other tools censorship safely, so she can do that improve security: for instance, research online. in trainings customized for journalists, we talk about ways to ∙ Alex, the fearless journalist: Alex wants to chat and receive securely share sensitive information information securely without using OnionShare. compromising his sources. So far, this program has reached an audience of over 800 people in This user research and usability countries like Brazil, Colombia, feedback has affected every stable Mexico, India, Indonesia, Kenya, and Tor Browser release since 7.5 (and Uganda. We collected and mapped we’re up to 10.0.2!). Users have real user stories, identified the helped us make huge improvements, patterns across them, and created including the improvement of Tor five “personas,” to help our teams Launcher (a window that helps you understand who is using their tools to configure Tor Browser when it first and what their needs are. These are launches), the introduction of new just a small reflection of user needs, user onboarding, the elimination of and are not real individuals. The Torbutton, and simplification of personas are: bridge requests for censored users. To 6 find out more about these changes, On September 16th, 2020, the see u.fsf.org/tor2020 to read GNU Taler payment system went the rest of this article in the Free operational for the first time in the Software Foundation Bulletin online. cafeteria of the department of Are you a Tor user? Your computer science at the Bern experiences count, and letting us University of Applied Sciences know how you use Tor will help us (BFH) (bfh. ch/) in Biel, make it even better. You can become Switzerland. a tester by joining our tor-qa mailing Students, staff, faculty, and list. visitors can transform francs, the And if you’re not a Tor user, we Swiss currency, into “e-Franken,” encourage you to start today: you stored in a GNU Taler wallet, at the will gain protection from trackers cashier in the cafeteria using a and surveillance, increase your online smartphone and the free software security with strong encryption, and GNU Taler app available on F-Droid be able to access Web sites freely. (f-droid. org), using a Quick And by becoming a Tor user, you will Response code or Near Field also be helping other Tor users: as we Communication (NFC). e-Franken say, anonymity loves company! The can currently only be spent at one more people use Tor, the more secure snack machine in the cafeteria, which and anonymous all users can be. is made compatible with the app using a special taler-mdb component that runs on a Raspberry Pi. In the future, some coffee machines and other Free software payment systems at the university will be able system launches at Swiss to accept GNU Taler payments, and university an online payment system is in the By Christian Grothoff works; you can see a demonstration Professor, Bern University of using the test currency “KUDOS” at Applied Sciences demo.taler.net. Customers paying with GNU NU Taler (taler. net) is a free Taler can do so with full privacy due G software payment system (not a to GNU Taler's use of blind signatures ), which has been in (see: u.fsf.org/36i). In contrast, development through the GNU merchants receiving payments are Project since 2014. All components always identified as the recipients, and complete documentation are allowing the state to impose taxation, released under free licenses. and effectively restricting payment

7 processing to legal businesses. these systems widely available: a Because GNU Taler uses a central payment system requires complex entity that issues electronic coins, secure interactions between many processing payments with GNU Taler parties, such as customers, only requires a few cheap merchants, payment system cryptographic operations and a providers, banks, and regulators. database transaction. Payment systems additionally must Expensive consensus mechanisms, support many application scenarios such as proof-of-work computations, and platforms, and work for people which are needed with systems using from different cultures. , are thus avoided. As all Currently, work is ongoing to GNU Taler coins are backed by funds integrate GNU Taler with various held by the issuer in an escrow fund, free software e-commerce solutions. GNU Taler does not create a new Volunteers, especially for integration currency, but merely a different and translation, can join the mailing representation of an existing list at u.fsf.org/36tx. currency, thus eliminating the risks The next step for GNU Taler will and costs of currency conversion. be to allow payments in euro, in GNU Taler is an important cooperation with a commercial bank. advancement because most people This will require going though the interact with payment systems every regulatory approval process for the day, so having a free software payment system. Afterwards, all payment system that respects citizens of the eurozone should in human rights, and especially our principle be able to pay with GNU right to privacy, is critical. However, Taler. In the long run, the team hopes it will be a complex process to make that a central bank will use GNU Taler as the basis for a centrally Get 10% off! banked . For now, GNU Taler was unveiled at BFH with a ceremony in the Support the Free Software presence of Dr. Thomas Moser, a Foundation by purchasing GNU member of the extended directorate Press merchandise! of the Swiss National Bank (SNB). Dr. Moser used GNU Taler to buy an Visit and shop.fsf.org award-winning, best-selling book by enter discount code FALL2020, Sybille Berg (see: u.fsf.org/36j ). 11/15/20 - 12/31/20 He remarked that “The SNB does not plan to issue an e-Franken.

8 Nevertheless, the system based on First, the responsibility shouldn't the technology of Taler is entirely be placed on the user to track down convincing.” Or, as Richard the source code they need. When Stallman, Chief GNUisance, said: developers place their work under the “GNU Taler isn’t something that GPL, they do so in order to ensure [everyone] can use (today), however that all users can enjoy the software it probably will be, and that shall be in freedom. Finding the proper source actually thrilling.” code and dependencies isn't always the easiest of tasks, especially for Why providing source code users new to free software. The GPL for unmodified works is promises users that they can get the important source, but this promise is impaired By Donald Robertson, III when they don't know where to find Licensing and Compliance the version of the source code that Manager matches the copy of the package they own. O ne common misconception we If finding the source is a simple run into in our compliance work enough task, then surely it isn't too here at the FSF is the idea that if you much of an issue for the distributor distribute an unmodified GNU to find it and provide directly to the General Public License (GPL)- user. And making the source easy to licensed binary, you don't have to find is also important because when provide the source. All versions of the it's not, in many compliance cases, GPL actually require you to provide the violator will suddenly find that source code in some manner they themselves do not know how to whenever you propagate the work. get the source that matches their When explaining this requirement, version. we often get asked why this is so. The responsibility also can't be Sure, thirty-five years ago when placed on upstream to provide source the FSF was founded, if you didn't code. For projects that self-host, they provide the source code, then it was shouldn't have to offer the unlikely that the user could ever find bandwidth up to satisfy third party it. But in 2020, with most free users. This is particularly important software packages widely available when volunteer efforts, with little in on the Internet, why do users need terms of resources, are being asked to get the unmodified source from the to provide bandwidth for large distributor? Can't they just get it companies or organizations with from upstream? more than enough resources to

9 handle their own source obligations. Updates from the FSF Plus, not everything on the Internet Tech Team is forever. Projects can choose to By Ian Kelling remove or stop offering downloads of Senior Systems Administrator their source, meaning that users (as well as well as the distributor!) could ince the last issue of the FSF be left without any access to the S Bulletin, the tech team has made source code for the version of the steady progress on key projects, work provided. while still working almost entirely Finally, no one else can handle remotely due to COVID-19. the responsibility of providing For starters, the FSF Web site, accurate installation information. fsf. org, now has a new skin that The vast majority of our compliance is easier to read on small screens. This cases involve devices that run free is just a prelude to even bigger software. For these devices, users improvements: we are working on might be able to find the upstream migrating the Web site backend from source and build it, but be left with Plone to Drupal, and then making no way to actually install the work many more visible changes. on the device it is meant to run upon. We have also been improving our Instructions are critical for allowing videoconferencing and livestreaming users to get their own modified code capabilities. We set up some machines on the device, and in the correct to run BigBlueButton (BBB), which place. Without these critical parts of can be used for both videoconferencing the complete and corresponding and online classrooms. With our source code, the upstream source is assistance, FSF board member and of diminished value to users of these Massachusetts Institute of Technology devices. (MIT) Professor Gerald Sussman was Taken together, it is clear that using our BBB instance to teach his providing source code, even when it classes; he has since established and is is unmodified, is just as critical today using his own instance. as it was decades ago before the rise We also used BBB for the one- of the Internet. So if you're reading day online celebration of the FSF's this now and haven't been properly thirty-fifth anniversary, as well as providing source, now is the time to Gstreamer and Icecast, which we fix that. If you need help or have used for LibrePlanet 2020 (see: questions, you can always write to us u.fsf.org/31j ). The event at [email protected]. We're included talks from FSF leadership more than happy to help. past and present, short videos from

10 community members, a panel summer intern Amin Bandali discussion, and an IRC chat that deployed a testing instance of enabled over 200 viewers to SourceHut, one of many possible participate. You can see the videos programs for the forge. at u. fsf.org/35vid. We also still We also updated the FSF run a Jitsi Meet server for FSF associate member USB cards (see: associate members (see: u. fsf. org/369) to Trisquel 9, and u. fsf. org/33s), and are updated the included audio, video, exploring other videoconferencing and articles to more recent resources. options, including some that we To fit the operating system, source haven't evaluated yet on our remote code, and advocacy materials, we communication LibrePlanet wiki increased the USB disk size to 16 GB. page (see: u.fsf.org/368). The FSF member forum, We continue to modernize many forum. members. fsf. org, which older systems. Summer intern Eostre launched about a year ago, has Emily Danne has been a huge help, become a thriving community, upgrading the shop.fsf.org and averaging 409 posts per month over defectivebydesign. org Web the summer. If you're an FSF servers to Trisquel 9. We also associate member, you can interact upgraded to the latest version of there with dozens of others, and tech MediaGoblin, and updated email team members Ian and Michael are servers and several other systems. We regular posters. are close to finally getting ahead of One more big change in an the upgrade curve, a process that has unusual year: chief technology officer been going on at least since I started Ruben Rodriguez has returned to at the FSF in 2017. Spain. Before his departure, the tech One difficult issue we faced this team and a few other staff members spring was that Yahoo started met for a farewell picnic in a park, rejecting the monthly Free Software hanging out at a safe distance. Supporter newsletter email. With Otherwise, our main communication much trial and error, we wrote a mediums have been Mumble, IRC, script to speed up, slow down, or and email. The pandemic has shown pause sending, based on Yahoo's us that providing free software SMTP status codes, and Yahoo is communications programs that once again accepting all our emails. enable computer user freedom is more The FSF forge (see: important than ever, and I have high u.fsf.org/33p) is still a work in hopes for what we can accomplish in progress. Since our last update, the next year with your support.

11 How to Contribute

Associate Membership: Become an associate member of the FSF. Members will receive a bootable 16GB USB card, email forwarding, and an account on Donate to the FSF with the FSF's Jabber/XMPP server. 1Ea8hBwx8jve9bXwf Plus: participate in our members fRdiARyK7baYXThxs forum at forum.members.fsf.org! To Copyright ©2020 sign up or get more information, , Inc. visit member.fsf.org or write The articles in this Bulletin are to membership@fsf. org. individually licensed under the Creative Commons Attribution- Online: Make a donation at ShareAlike 4.0 International donate.fsf.org, or contact license. [email protected] for more https://creativecommons.or information on supporting the g/licenses/by-sa/4.0/ FSF.

Published twice yearly by the Free Jobs: List your job offers on our Software Foundation, 51 Franklin jobs page: fsf.org/jobs. Street, 5th Floor, Boston, MA 02110-1335, (617) 542-5942 - Free Software Directory: [email protected] Browse and download from thousands of different free This Bulletin was produced using software projects: all free software, including Scribus directory.fsf.org. and GIMP. Volunteer: To learn more, visit fsf. org/volunteer IMAGECREDITS . LibrePlanet: Find local groups in Page 1: Illustration by David Revoy. your area or start your own at Page 5: Photo by Madi Mühlberg. libreplanet.org! And join Both images Copyright ©2020 Free us online for the yearly Software Foundation, Inc., licensed LibrePlanet conference next under a Creative Commons spring. Attribution ShareAlike 4.0 Free Software Supporter: Receive International license. our monthly email newsletter: fsf.org/fss.