GNU30/RMS 30th anniversary address

First, my usual two requests. If you take photos please do not put them in Facebook nor Instagram. Those are monsterous surveillance engines. If you put the photo of someone of those sites, you help them make surveillance on that person, which is a bad way to treat someone. And please don't treat me that way.

Second, if you make a recording and you want to distribute copies, please do so only in the ways that favorable to free software. First of all that means in a format that is well-chosen, which means either OGG format or WebM; not in MP-anything, because those are patented, and not in Flash because we don't have free support for the latest version of Flash, and not in Windows Media Player or Quicktime. So this means don't put it in Youtube because Youtube would distribute it using Flash wrapped around MPEG4. And second make sure that the file can be downloaded without running any non-free Javascript code. And that also leaves out Youtube. So two reasons not to put it in Youtube. I hope they'll fix those things. And please put on these recordings the Creative Commons No-Derivatives license because this is a presentation of a point of view.

So, it's been 30 years of the Free Software Movement. Where do we stand? Well, at the beginning there were a few free programs but you couldn't do your computing with them. You couldn't buy a computer and run it in freedom and do anything at all. We've come a long way. Now that we have the GNU+Linux system and some other more or less free operating systems, you can buy a computer and run it with nearly entirely free software. And you can do a lot of things with that.

So, what do we need to do?

Well, as you can see most people are using proprietary systems. So we have a lot more people to liberate. There are some jobs that can't be done with free software: noone made free software for those, or worse, they're patented or they're secret and we don't even know what the job is. There are a lot of peripherals that we can't run with free software because the manufacturers won't tell us how to run them. Now, this is shocking. It should be shocking that someone offers to sell people a device and refuse to tell them how to use it. Maybe it should be illegal.

In any case it's quite common and where we can't convince those manufacturers to change what they're doing, the only way we can fix it is through reverse engineering. So for most of you here, whenever I give a speech at a university I say "please teach your class in reverse engineering. A class might do projects in groups of 4 or 5 students to reverse-engineer some peripheral for a year. And I think this way they make progress and they also train people in a very useful skill that not many people have that's in high demand." So that's one of the big options for our success. That's why it's easy to get computers to run with mostly free software, but getting one that you can run entirely with free software is difficult. In fact I don't know any computer being made now where you can do that, and that's really bad. Now we have to stack up on these^[1] for spare parts if we don't know when there will be anything else made that is acceptable.

Now I may have found a way to get computers manufactured that we can use. It's not certain, I shouldn't say anything more about it until somebody's get it ready to go. But... And then, interestingly, if that plan goes ahead, it won't be a computer that the FSF can certify to respect your freedom because there will be one piece of hardware in this system on a chip that we can't run. So yeah! You'll get to use the machine, you just won't be able to get that piece of hardware [running] which is the video decoder. So we need people to work on reverse engineering the video decoder in this IMX6 SoC, is that it? Maybe someone remembers if that's the correct name. So I'll be glad to say "a graphics computer that people reverse engineered." But there's also a video decoder and as far as I know there's no project working on that, and we need one.

But there are other things that are attacking users' freedom to run their computers. Nowadays, lots of people are using platforms that don't allow any free software. They literally forbid the installation of free software. For instance the iThings, those digusting monsters that are the evil legacy of Steve Jobs. They are platforms for censorship. They do not allow users to freely install whatever programs they wish. They will only allow the user to install the programs that are approved by Apple. Now this definitely should be illegal. We should ban the sale of general-purpose computers which are platforms for one company to censor the user. Or for a group of companies to censor the user. They should not be allowed and I would encourage people to campaign for their States to ban this practice. We should require Apple to let people install whatever they wish so they can install free software on these machines.

But as things stand, they only way that can be done is by jailbreaking and I've seen bad news that fewer of the users of the iThings are jailbreaking. Partly perharps because Apple was working hard to make it impossible. So, Apple is a monstrous enemy of our freedom. I would like to see people protesting outside Apple Stores, and especially when fools are waiting on line to buy the latest Apple prison. We should have people going there giving them handouts saying why the things they hope to buy is unethical. And call the news media too.

But you'll notice that many developers of free software are desperate to have it used by people using iThings. Now this is an aspect of a mistaken idea that many developers have. They think it that they need to have lots of people use the program. They think it's somehow doing them good if lots of people are running that program. But that's backwards. If people are running their code, they are doing those other people good. Those other people's users are not doing them good. So it's a mistake to think that you should make your decision so that lots of people will use your code. Of course you should make the code better and maybe more people will use it if you do a better job. But that doesn't mean that anything that makes more people use it is a good thing.

And the mistake of believing that leads to bad decisions, because there are a lot of companies that will come to the developers and say: "if you use a weaker license we will use your code, and isn't that great that we will be benefitting from you! Don't you feel great? Of course we will do that by making it into a proprietary program." A proprietary program doesn't make the world a better place, it's harm. So if someone says "adopt a lax license" and then we will distribute proprietary programs with your code and then that means more people will use your code", you should say "I don't want people to use my code if they don't get freedom. What good is that? It makes things worse, not better. I want my software to give people freedom and anything that causes it not to give people freedom will mean perverting it into an instrument of subjection. So, no, I won't switch to a lax license to get you to make proprietary versions of my code. I'll defend users' freedom because I'd rather do a good thing to this many people, rather than a bad thing to that many people."

Now, this has been going on since the 1980s. But now we see it especially strongly because there are people who think that they just have to have users on the iThings. And rather that tell users "jailbreak your machines so you could install my code" they think that they gotta get their program into the crapstore and that requires making their programs proprietary. So don't fall into that mistake. It's better not to have people using your code rather than using it as proprietary software.

Now, free software, if all the software in your machine is free, then all of it is under the control of the users and thus we have a defense against attempts to use that software to hurt us. With proprietary software the users are defenseless against the owner, and the owners of proprietary software commonly put in malicious functionality: this is not a rare case anymore. If you look at http://gnu.org/philosophy/proprietary.html you'll see a list of many specific, established, demonstrated cases of proprietary malware.

But, even if all the software in the machine is free and the users have made sure it's not malware, the hardware might be malicious. Today I saw an article saying that the latest Intel chip has a modem connection built into them as a backdoor. Now, I'm not absolutely sure. I didn't see it checked. I hope it will be checked soon, and then we'll make a posting about it when we know. But of course this is always possible. You know, a chip manufacturer could put a backdoor into a chip. So, what can we do about it? At present there's not much we can easily do about it except choose a different chip and hope there's a choice available to make.

We already know that recent generations of Intel CPUs are unacceptable whether or not they have or not a wireless modem in them, we know that they have software that can be backdoored if somebody can contact the machine. And this is inside a special processor running into the Northbridge. The Northbridge chip contains another computer that can be used to invade the machine, or can have malware stuck into it. So there's no way you can ever trust those chips. So at present, all we can do is hope to find a chip that we're pretty confident doesn't do that.

Someday, we'll need to make our own chips from designs that are free. At present this is not a real solution because we can't make our own chips: we're dependent on mass-production of chips. Someday I suppose there will be fabricators we can use to convert a chip design into hardware. And thus developing to free chip designs is a good thing to do. So it's important to encourage the beginnings of the free/libre hardware movement so that we'll be ready; we'll have the designs to use when it becomes possible for us to use them, although today it isn't possible.

Today perharps the best thing to do is to get a computer with chips made by companies in a country that isn't in a position to make you personally much harm. So if you don't live in China, you probably don't care too much if the government of China has a backdoor into your machine, whereas you might care a lot whether the U.S. government has a backdoor into your machine. Well, if you're a freedom activist in China, it's the opposite way around. Because the Chinese government is the one that would look for ways to hurt you and the U.S. government probably wouldn't hurt you, even if it can. So it depends where you are, it depends what you're doing. Which risks you might choose. It is clearly a bad situation. It's not good that our hardware has become so complicated and full of processors at different levels that may be running non-free microcode that we can't trust. But that is something we can only address in the long term.

Meanwhile, being free inside your own computer is not enough anymore. Because a lot of what we do is communicating with other computers. We need freedom beyond our own head extensions you might say. But that's hard to do because communicating between my and your machine involves communicating through a lot of other machines that belong to lots of companies and who knows what they'll do? And many of them may be in the United States, where we know what they'll do: they'll spy on us. Thank you Snowden for proving how bad things are. But what can we do about it? To some extent we can produce software to protect our privacy and our anonymity in communicating on the network. It's not easy and it may not be able to fully do the job, but it can do part of the job.

So, we've chosen a further direction for the GNU project, which is to develop software that enables people to use their computers to communicate and collaborate in privacy, minimizing the harm that could be done to them by abuses on anyone else's computers, such as the various gateways and networks you have to go through, and that talk to transatlantic cables and so on. Now I say minimizing here, because I think it's probably impossible to completely prevent such harm. But it may be possible to set limits on how much such harm can be. So the idea is to aim to minimize what harm can be done to us through the abuses of snooping in our ISPs and in any servers that we talk to.

We must recognize that a government we can't control is more dangerous than anything else in the world. Governments we can't control can destroy civilization: all they have to do is keep on pumping out and burning fossil fuels the way they currently plan to do, and insist on doing. And the reason they currently plan to do it and insist on doing this is that we don't have control over them. In that particular domain it's the fossil fuel companies that control government policies and those companies are each thinking "we want to sell as much fossil fuel as possible before the collapse happens. If the collapse is going to happen, let's make it faster by getting a jump on the other competing fossil fuel companies."

So, we must maintain control of our governments but it's hard to do that if they spy on dissidence and sabotage dissidence in cooperation with the businesses that are doing harm. And we know that the U.S. government, and governments in the U.S. at various levels do this. So, protecting our privacy from government snooping is desperately necessary. It's necessary for the sake of dissidence. It's necessary for the sake of whistle-blowers who will tell us what's going on as governments try to ban telling us what's going on. In many states, if you take a job in the agro-business and you can take photos of, for instance, inhumane treatment of animals and then send them to a newspaper, you'll get arrested. So if you're gonna do that you need to maintain your anonymity. So, this goal is necessary. I'm happy to say that there are GNU packages already working towards these goals. The ones I remember are GNUnet and also GNU/consensus which is aiming to unify various distributed social networks systems. And I think there may be more, but they escape my memory. Also there are also software projects outside the GNU project that aim for things like this, such as Tor. And we need to cooperate with them as much as possible.

Now I want to mention a couple of infortunate things. People who are well-meaning in the free software movement often end up promoting some non-free software because they didn't know, or they didn't put two and two together at the time it was necessary. Until this morning, on one of the GNU30 pages we had links to Google maps. Google maps won't function without running a non-free Javascript program. So we should never recommend the use of Google maps and yet we had three links to it. Well, they're gone now, because I noticed. Well, this is just something we have to remember. Never recommend the use of Google Maps.

But there's an interesting point to be made about navigation systems. Another navigation system might work without requiring the user to run any non-free software, which means this fixes this one problem, but there's another problem it might have, and that is sending addresses that the user is interested in to some server. And once that data is on the server under the U SAP AT RIOT Act, the FBI can collect all that data without going to court. So the point is that this data shouldn't go to the server. A free program running in the user's machine should download whatever map is relevant that is cached already, and then it should figure out the route. That way only the user's own machine ever knows what addresses the user is already interested in. We need to design systems to resist surveillance and to reduce surveillance by reducing, and preferrably avoiding data that get sent to a server. If a server doesn't get anything about what you're doing, and your software's all free and users are making sure it isn't surveilling you, then you have some privacy finally. We're being surveilled more than people living behind the Iron Curtain were surveilled. We must reduce reduce the level of surveillance so that it's once again much less that what took place behind the Iron Curtain if we want a free country.

Another sad thing that people don't notice is they get enthusiastic about some hardware product and they don't realize it's running non-free software, such as the Rasberry Pi which won't even start without a non-free program. We have it listed in our list of single board computers which you can find in http://fsf.org/resources/hw and there's a link to it, I think it's called "Single Board Computers". Anyway, it's listed as "fatally flawed" because of the fact it can't run at all without a non-free program. There are other options which are considerably better because they're only "seriously flawed". There's some hardware that won't work without a non-free program but at least they can run without any non-free software. So, take a look at that list and inform other people. If you see somebody mentioning the Rasberry Pi, if you see someone who's gonna give a talk about the Raspberry Pi, well, tell people about this problem and this page; go to the talk and mention it.

This is what we need to do: we need to raise awareness. We need to inform people about these problems. You know, people ask me to talk to them using Skype. Sometimes if I see a Skype address listed in somebody's signature, I say "using a Skype address is inviting people to use proprietary software, you shouldn't do that." Using proprietary software is bad for you, but encouraging other people to use proprietary software is doing harm to them. So at least don't suggest that somebody else does it: don't list a Skype address. And by the way, Google's hangouts are just as bad. So we need to become aware of common computing practices that promote and impose non-free software so that we can refuse to participate in them and refuse spreading them.

Wired magazine this morning published an article I've written which explains the basic ideas of free software. The ideas of the Free Software Movement, why we need to demand free software. It's the first article I've written about this since the 1980s. And it expresses the better ways that I've found to express those points. With software either the user controls the program, or the program controls the users. Free software is when the users control the program. Proprietary software is when the program controls the users, and the owner controls the program, so that the program is an instrument giving the owner power over the users. So, take a look at the article and spread the word. I've also written an article about what we need to do to regain privacy. What level of surveillance is too much. How much surveillance can a free country tolerate, and that hasn't been published yet but I intend to have it published soon. I wanted to have it published before today but things got delayed.

So now it's time for the auction... [rms goes on with the auction of a signed cup with a gnu on it, and an adorable gnu (if you have a penguin at home, you need a gnu for your penguin, as we all know a penguin can hardly function without a gnu.]