LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Richard Stallman - Why We Must Fight UCITA Print E-mail
User Rating:      How can I rate this item?
Source: Richard Stallman - Posted by LinuxSecurity.com Team   
Security UCITA is a proposed law, designed by the proprietary software developers, who are now asking all 50 states of the US to adopt it. If UCITA is adopted, it will threaten the free software community(1) with disaster. To understand why, . . . UCITA is a proposed law, designed by the proprietary software developers, who are now asking all 50 states of the US to adopt it. If UCITA is adopted, it will threaten the free software community(1) with disaster. To understand why, please read on.

We generally believe that big companies ought to be held to a strict standard of liability to their customers, because they can afford it and because it will keep them honest. On the other hand, individuals, amateurs, and good samaritans should be treated more favorably.

UCITA does exactly the opposite. It makes individuals, amateurs, and good samaritans liable, but not big companies.

You see, UCITA says that by default a software developer or distributor is completely liable for flaws in a program; but it also allows a shrink-wrap license to override the default. Sophisticated software companies that make proprietary software will use shrink-wrap licenses to avoid liability entirely. But amateurs, and self-employed contractors who develop software for others, will be often be shafted because they didn't know about this problem. And we free software developers won't have any reliable way to avoid the problem.

What could we do about this? We could try to change our licenses to avoid it. But since we don't use shrink-wrap licenses, we cannot override the UCITA default. Perhaps we can prohibit distribution in the states that adopt UCITA. That might solve the problem--for the software we release in the future. But we can't do this retroactively for software we have already released. Those versions are already available, people are already licensed to distribute them in these states--and when they do so, under UCITA, they would make us liable. We are powerless to change this situation be changing our licenses now; we will have to make complex legal arguments that may or may not work.

UCITA has another indirect consequence that would hamstring free software development in the long term -- it gives proprietary software developers the power to prohibit reverse engineering. This would make it easy for them to establish secret file formats and protocols, which there would be no lawful way for us to figure out.

That could be a disastrous obstacle for development of free software that can serve users' practical needs, because communicating with users of non-free software is one of those needs. Many users today feel that they must run Windows, simply so they can read and write files in Word format. Microsoft's "Halloween documents" announced a plan to use secret formats and protocols as a weapon to obstruct the development of the GNU/Linux system(2).

Precisely this kind of restriction is now being used in Norway to prosecute 16-year-old Jon Johansen, who figured out the format of DVDs to make it possible to write free software to play them on free operating systems. (The Electronic Frontier Foundation is helping with his defense; see http://www.eff.org/ for further information.)

Some friends of free software have argued that UCITA would benefit our community, by making non-free software intolerably restrictive, and thus driving users to us. Realistically speaking, this is unlikely, because it assumes that proprietary software developers will act against their own interests. They may be greedy and ruthless, but they are not stupid.

Proprietary software developers intend to use the additional power UCITA would give them to increase their profits. Rather than using this power at full throttle all the time, they will make an effort to find the most profitable way to use it. Those applications of UCITA power that make users stop buying will be abandoned; those that most users tolerate will become the norm. UCITA will not help us.

UCITA does not apply only to software. It applies to any sort of computer-readable information. Even if you use only free software, you are likely to read articles on your computer, and access data bases. UCITA will allow the publishers to impose the most outrageous restrictions on you. They could change the license retroactively at any time, and force you to delete the material if you don't accept the change. They could even prohibit you from describing what you see as flaws in the material.

This is too outrageous an injustice to wish on anyone, even if it would indirectly benefit a good cause. As ethical beings, we must not favor the infliction of hardship and injustice on others on the grounds that it will drive them to join our cause. We must not be Machiavellian. The point of free software is concern for each other.

Our only smart plan, our only ethical plan, is...to defeat UCITA!

If you want to help the fight against UCITA, by meeting with state legislators in your state, send mail to Skip Lockwood dfc@dfc.org. He can tell you how to contriute effectively.

Volunteers are needed most urgently in Virgina and Maryland, but California and Oklahoma are coming soon. There will probably be a battle in every state sooner or later.

For more information about UCITA, see www.4cite.org and www.badsoftware.com. InfoWorld magazine is also helping to fight against UCITA; see http://archive.infoworld.com/cgi-bin/displayStory.pl?/features/990531ucita_home.htm

Copyright 2000 Richard Stallman
Verbatim copying, distribution and display of this entire article are permitted in any medium provided this notice is preserved.







(1) Other people have been using the term "open source" to describe a similar category of software. I use the term "free software" to show that the Free Software Movement stll exists--that the Open Source Movement has not replaced or absorbed us.

If you value your freedom as well as your convenience, I suggest you use the term "free software", not "open source", to describe your own work, so as to stand up clearly for your values.

If you value accuracy, please use the term "free software", not "open source", to describe the work of the Free Software Movement. The GNU operating system, its GNU/Linux variant, the many GNU software packages, and the GNU GPL, are all primarily the work of the Free Software Movement. The supporters of the Open Source Movement have the right to promote their views, but they should not do so on the basis of our achievements.

See http://www.gnu.org/philosophy/free-software-for-freedom.html for more explanation.

(2) The system is often called "Linux", but properly speaking Linux is actually the kernel, one major component of the system (see http://www.gnu.org/gnu/linux-and-gnu.html).

(3) Mozilla is free software; Netscape Navigator is not. The source for Netscape Navigator 4.0 is not available.

(4) Sun's implementation of Java, and Blackdown which is a port of that, are not free software. Source code is unavailable for some parts; even where source has been released, the licenses are far too restrictive.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.