10.23.14

DebUtsav 14 at Amrita — a rewarding experience

Posted in Debian, Free Software, SMC at 4:51 pm by Pirate Praveen

I have been organizing and attending many Free Software events in various campuses across the country, what sets DebUtsav@Amrita apart from all of them is the passion and enthusiasm shown by the students. It is pleasure talking to students who are already contributing to Free Software. It is a delightful break from having to explain what Free Software is about and why students should contribute to Free Software. We could just share our expereinces and listen to what they have been doing. We could discuss the challenges and how to tackle them. It is a model we want to emulate in other campuses. I could feel the inspiration in the participants when they saw the girls at the registration desk talking about contributing to the linux kernel, git for humans and zsh. So many women participating in Free Software is a rare scene for any community.

We have been organizing MinDebConfs and DebUtsav(am)s for many years with the idea of introducing debian to students and guiding them to start contributing. This time we had some passionate debates over name and content of the event. Some members of the community insisted we focus on debian only if we call it a mini debconf, because all mini debconfs have been organized like that. But Amrita was different because they already had a big and passionate community of Free Software contributors and not giving them an opportunity to share their work was not an option for us. So we renamed the event to DebUtsav, since it is a new brand we are creating, we are not constrained by the content of the previous editions. DebUtsav is the meeting point of Debian and the wider Free Software community. It is a place to exchange experiences and collaborate.

The gang

We wanted to bring some debian contributers outside India but it did not work out. Hopefully in future events we will be able to do that. Harish (I have been interacting with him most of the time) and the entire FOSS team at Amrita gets the credit of organizing this event so nicely aganst all odds. Due to the unexpected closing down of the college there was a big drop in participants than we anticipated. The FOSS team refused to leave the college and made sure the event is organized as expected. Since we had a small crowd we could do it informally and give attention to everyone.

the crowd

I was taking ruby packaging sessions and hope to get a few more contributors to the ruby packaging team. I’m hoping to see more campuses becoming active in Free Software like Amrita and we’d like to organize more debutsavs and minidebconfs. We are hoping to bring main DebConf to India if we are successful in creating a strong community across India in the next two years. Contact me if you’d like to organize on event at your college or you want to help out in organizing more events.

We ran a hacknight to setup diaspora and hoping to see them join us in running more diaspora pods to strengthen the network. We also certified some laptops for h-node.org 100% Free Software compatible hardware database.

Read Balu’s blog at http://balasankarc.in/tech/celebrating-deepavali-differently-debutsav-14/

Photos of the event https://poddery.com/posts/1407655

 

09.22.14

ഇന്റര്‍നെറ്റില്‍ പങ്കുവയ്ക്കുന്ന വിവരങ്ങള്‍ സ്വകാര്യമാണോ?

Posted in Free Software, Privacy at 6:36 pm by Pirate Praveen

അമേരിക്കയടക്കമുള്ള പല ഭരണകൂടങ്ങളും ഗൂഗിള്‍,ഫേസ്‌ബുക്ക് തുടങ്ങിയ കുത്തക കമ്പനികളും ലോകത്തെ കിട്ടാവുന്ന എല്ലാവരുടേയും സ്വകാര്യ വിവരങ്ങള്‍ ശേഖരിക്കുന്നുവെന്നു് എഡ്വേര്‍ഡ് സ്നോഡന്റെ വെളിപ്പെടുത്തലുകളോടെ ഇന്നു് നമുക്കു്  ഉറപ്പിച്ചു് പറയാന്‍കഴിയും. തങ്ങള്‍ക്കെതിരായ നീക്കങ്ങളെ തടയാനും  ജനങ്ങളെ നിയന്ത്രിക്കാനും ബ്ലാക്ക്മെയില്‍ ചെയ്യാനുമാണു് ഈ വിവരങ്ങള്‍ ഭരണകൂടങ്ങള്‍ ശേഖരിക്കുന്നത്.

ങ്ങളെ വല്ലോരും ട്രാക്ക്ണ്

ങ്ങളെ വല്ലോരും ട്രാക്ക്ണ്

തീവ്രവാദ പ്രവര്‍ത്തനം അമര്‍ച്ച ചെയ്യുന്നതിനാണ്, രാഷ്ട്രസുരക്ഷയ്കാണ് ഈ നിരീക്ഷണം എന്നാണ് വാദം. ഇതിന്റെ മറ്റൊരു വശം നോക്കൂ. നെല്‍സണ്‍ മണ്ടേല, മാര്‍ട്ടിന്‍ ലൂഥര്‍ കിങ്, മഹാത്മാ ഗാന്ധി തുടങ്ങി ഇന്നു് നാം ബഹുമാനിക്കുന്ന പലരേയും അന്നത്തെ ഭരണകൂടങ്ങള്‍ അവരുടെ അധികാരത്തിനു് വെല്ലുവിളിയായി കാണുകയും അടിച്ചമര്‍ത്താന്‍ ശ്രമിക്കുകയും ചെയ്തു. നെല്‍സണ്‍ മണ്ടേലയെ അമേരിക്ക ഭീകരവാദികളുടെ പട്ടികയില്‍ നിന്നും നീക്കം ചെയ്തതു് ജോര്‍ജ്ജ് ബൂഷ് ഭരിക്കുന്ന സമയത്താണു്. ബ്രിട്ടീഷുകാര്‍ രാഷ്ടവിരുദ്ധ കുറ്റം ചുമത്തിയാണു് ഗാന്ധിജിയെ  ജയിലിലടച്ചതു്. മാര്‍ട്ടിന്‍ ലൂഥര്‍ കിങിനെ അമേരിക്കന്‍ ചാരസംഘടന തീവ്രവാദിയായി നിരീക്ഷിച്ചിരുന്നു. അടുത്ത കാലത്തു് ഇന്ത്യയില്‍ കാര്‍ട്ടൂണിസ്റ്റ് അസീം ത്രിവേദിയെ അഴിമതിക്കെതിരായ കാര്‍ട്ടൂണുകള്‍ വരച്ചതിനു് ജയിലടച്ചിരുന്നു. ചുരുക്കത്തില്‍, തീവ്രവാദികളെ പിടിക്കാനാണു്എല്ലാവരേയും നിരീക്ഷിക്കുന്നതു് എന്നു് നിങ്ങള്‍ ഇപ്പോഴും വിശ്വസിക്കുന്നതെങ്കില്‍ നിങ്ങളോടു്ചരിത്രം പഠിക്കാന്‍ മാത്രമാണു് എനിക്കോര്‍മ്മിപ്പിക്കാനുള്ളതു്.

ആടുജീവിതം

ആടുജീവിതം

ഭരണകൂടം അവരവകാശപ്പെടുന്ന ഈ തീവ്രവാദി വേട്ട സുഗമമായി നടത്തുന്നത് നിങ്ങളുടെ ഇന്റര്‍നെറ്റ് ഇടപാടുകള്‍ വഴിയാണെന്നത് ഇതുവരെ ബോദ്ധ്യപ്പെട്ടിട്ടുണ്ടോ? വാട്ട്സ്ആപ്പ്, ഫേസ്‌ബുക്ക് ചാറ്റ്, ഗൂഗിള്‍ ഹാങ്ഔട്ട്സ് തുടങ്ങിയവ വഴി നിങ്ങള്‍ പങ്കുവെയ്ക്കുന്ന വിവരങ്ങള്‍ അവരുടെ വലിയ കമ്പ്യൂട്ടര്‍ നിലവറകളില്‍ ശേഖരിച്ചു് വയ്ക്കുന്നതു് നിങ്ങള്‍ക്കറിയാമോ? ഇവരുടെയെല്ലാം നിലനില്‍പ്പ്, പ്രധാന വരുമാനം നിങ്ങള്‍ വിചാരിക്കുന്നതുപോലെ പരസ്യങ്ങളല്ല. നിങ്ങള്‍ പങ്കുവയ്ക്കുന്ന വിവരങ്ങള്‍ പണമാക്കി മാറ്റുന്നതു് വഴിയാണെന്നതാണ് ഇവ്ര‍ ഒളിച്ചുവെച്ചിരിക്കുന്ന രഹസ്യം. ഇത്തരമൊരു കച്ചവടത്തിലെ ഉത്പന്നമാകുന്നതിനൊപ്പം നിങ്ങളുടെ വിവരങ്ങള്‍ മറ്റുപല താല്‍പ്പര്യങ്ങളോടെ ആരെങ്കിലുമൊക്കെ അടിച്ചുമാറ്റിയെന്നുമിരിക്കാം.

അതുകൊണ്ടുതന്നെ ആശയവിനിമയത്തിന്റെ സ്വകാര്യത ഉറപ്പുവരുത്താന്‍  ഇന്നത്തെ സാഹചര്യത്തില്‍ ന്‍ക്രിപ്ഷന്‍ (ക്രിപ്റ്റോഗ്രഫി, ക്രിപ്റ്റോ) അത്യാവശ്യമായിവരുന്നു. അതായത് നിങ്ങള്‍ അടുത്തറിയുന്നവരുമായി സംസാരിക്കാന്‍ ഇന്റര്‍നെറ്റ് സേവന ദാതാക്കള്‍ക്ക് നിങ്ങളുടെ വിവരങ്ങള്‍ ഏതുവിധത്തിലും പരിശോധിക്കാനായുള്ള ഒരു അന്യായ കരാറിലേര്‍പ്പെടേണ്ട ആവശ്യമില്ല. നിങ്ങളുടെ ഫോട്ടോകള്‍, ഫയലുകള്‍, അല്ലെങ്കില്‍ സന്ദേശങ്ങള്‍ ഓഫ് ദ റെക്കോര്‍ഡ് സംവിധാനം വഴി സ്വകാര്യമായി പങ്കുവെയ്കാം.

എന്‍ക്രിപ്ഷന്‍ എന്നാല്‍ നമ്മളുദ്ദേശിക്കുന്ന ആളുകള്‍ക്കു് മാത്രം മനസ്സിലാകുന്ന തരത്തിലുള്ള കോഡ് ഭാഷ ഉപയോഗിക്കുക എന്നതാണു്. ചൊറിച്ചു് മല്ലു് പോലെ പ്രാദേശികമായി ഇതിന്റെ പല വകഭേദങ്ങളും നിങ്ങള്‍ക്കു് പരിചയമുണ്ടാകുമല്ലോ. എറ്റവും എളുപ്പത്തില്‍ ചെയ്യാവുന്ന എന്ക്രിപ്ഷന്‍ ഒരു രഹസ്യവാക്കുപയോഗിച്ച് (passphrase/password) വിവരത്തെ കോഡ് ഭാഷയിലേക്കു് മാറ്റുക എന്നതാണു്. ഇതിനു് പല അല്‍ഗോരിതങ്ങളും ഉപയോഗിക്കാം. ആ രഹസ്യവാക്ക് അറിയാവുന്ന ആര്‍ക്കും അതേ അല്‍ഗേരിതം ഉപയോഗിച്ചു് യഥാര്‍ത്ഥ സന്ദേശം വായിച്ചെടുക്കാം. ഇതിനുള്ള പ്രധാന പ്രശ്നം എങ്ങനെ രഹസ്യവാക്ക് കൈമാറും എന്നതാണു്. അതുകൊണ്ടു്തന്നെ അടയ്ക്കാനും തുറക്കാനും രണ്ടു് വ്യത്യസ്ത ചാവികളുപയോഗിക്കുന്ന (key pair) എന്ക്രിപ്ഷനാണു് (asymmetric cryptography) ഇന്നു് വ്യാപകമായി ഉപയോഗിക്കുന്നതു്. സ്വയം പൂട്ടുന്ന വാതിലുകള്‍ പല ഫ്ലാറ്റുകളിലും നിങ്ങള്‍ ശ്രദ്ധിച്ചുകാണും, പൂട്ടാനായി വാതില്‍ വലിച്ചടച്ചാല്‍ മതി, ആര്‍ക്കും ഇങ്ങനെ വാതില്‍ പൂട്ടാവുന്നതാണു് (public key എല്ലാവര്‍ക്കും ലഭ്യമാണെന്ന പോലെ). പക്ഷേ പൂട്ടിയ വാതില്‍ തുറക്കണമെങ്കില്‍ താക്കോല്‍ കയ്യിലുണ്ടെങ്കില്‍ മാത്രമേ നടക്കൂ (private key ആരുമായും പങ്കുവെയ്ക്കുന്നില്ല).

നിങ്ങള്‍ ഒരു ഇരട്ടച്ചാവി (key pair) ഉണ്ടാക്കുന്നു, അതിലെ ഒരു ചാവി നിങ്ങളുടെ കയ്യില്‍ വയ്ക്കുന്നു (private key), ഇണച്ചാവി ആര്‍ക്കും കൊടുക്കാം (public key). ഒരു ചാവി കൊണ്ടു് പൂട്ടുന്ന വിവരങ്ങള്‍ (encrypted) അതിന്റെ ഇണച്ചാവി കൊണ്ടു് മാത്രമേ തുറക്കാനാവൂ (decrypt). അതു് പോലെ തന്നെ ഒപ്പ് ശരിയാണോ എന്നു് പരിശോധിക്കാനും ഈ സംവിധാനം ഉറപ്പാക്കാം. നിങ്ങള്‍ കൈയില്‍ വച്ച ചാവി ഉപയോഗിച്ചു് ഒപ്പിടുന്ന (signed)വിവരങ്ങള്‍ നിങ്ങള്‍ തന്നെയാണയച്ചതെന്നു് ഏതൊരാള്‍ക്കും നിങ്ങള്‍ പങ്കു് വെച്ച ചാവി (public key) ഉപയോഗിച്ചു് ഒത്തു് നോക്കാവുന്നതാണു്. നിങ്ങളുടെ സ്വകാര്യസംഭാഷണങ്ങള്‍ ഇപ്രകാരം പൂട്ടി വേറാരും ചോര്‍ത്താതെ സംരക്ഷിക്കാനുള്ള  ഒരു സംവിധാനമാണു് ഓഫ് ദ റെക്കോര്‍ഡ് (ഓട്ടിആര്‍ എന്നു് ചുരുക്കം).

Public key cryptography

ഇണച്ചാവികളുപയോഗിച്ചു് വിവരങ്ങള്‍ സ്വകാര്യമാക്കാം

ഇവിടെ നിങ്ങള്‍ക്കു് വിവരങ്ങള്‍ അയയ്ക്കുന്നതു് നിങ്ങള്‍ക്കു് മാത്രം തുറക്കാവുന്നൊരു പൂട്ടിട്ടാണു്. നിങ്ങള്‍ കൊടുക്കുന്ന ചാവി ഉപയോഗിച്ച് ആര്‍ക്കും നിങ്ങളുമായി പങ്കിടുന്ന വിവരങ്ങള്‍ പൂട്ടാവുന്നതാണു്. അതിന്റെ ഇണച്ചാവി നിങ്ങളുടെ കമ്പ്യൂട്ടറിലോ മൊബൈല്‍ ഫോണിലോ മാത്രമുള്ളതിനാല്‍ വേറാര്‍ക്കും അതു് തുറക്കാനാവില്ല. ഈ പൂട്ട് പൊളിക്കണമെങ്കില്‍ ഇന്നുള്ള എല്ലാ കമ്പ്യൂട്ടറുകളും ഒരുമിച്ചുപയോഗിച്ചാലും വര്‍ഷങ്ങളെടുക്കും.  ഒളിഞ്ഞു് കേള്‍ക്കുന്നവരോ, സൂക്ഷിച്ച് വയ്ക്കുന്നവരോ, അടിച്ചുമാറ്റുന്നവരോ കാണുന്നതു് മുകളിലെ ചിത്രത്തില്‍ കാണുന്ന പോലെ പൂട്ടിയ പെട്ടി മാത്രമായിരിക്കും (അര്‍ത്ഥമില്ലാത്ത കൂറേ അക്ഷരങ്ങള്‍).

ഏതൊരാള്‍ക്കും ഇങ്ങനെ ഏതു് പേരിലും രണ്ടു് ചാവികളുണ്ടാക്കാം എന്നിരിക്കേ വേറൊരാള്‍ക്കു് നിങ്ങളുടെ പേരില്‍ ചാവികളുണ്ടാക്കിക്കൂടെ? ഇതിനെ മറികടക്കാനായി അന്യോന്യം ചാവികളില്‍തന്നെ ഒപ്പിടാവുന്നതാണു് (key signing). ഓരോ ഇണച്ചാവികള്‍ക്കും (key pair) അനന്യമായ ഒരുതിരിച്ചറിയല്‍ നമ്പര്‍ (unique key id) കാണും. ഉദാഹരണത്തിനു് എന്റെ ജിപിജി കീയുടെ (GNU Privacy Guard എന്ന സോഫ്റ്റ്‌വെയര്‍ ഉപയോഗിച്ച് Pretty Good Privacy എന്ന രീതിയിലുള്ള കീ ആണിതു്. SSH, SSL തുടങ്ങിയ രീതികള്‍ക്കും ഇതുപോലെ തന്നെ ചാവികളുണ്ടാക്കാം) pgp.mit.edu പോലുള്ള public key server കളില്‍ നമ്മുടെ പൊതുചാവി ചേര്‍ക്കാവുന്നതാണു്. നമ്മുടെ കീ ഐഡി കൊടുത്താല്‍ ആര്‍ക്കും നമ്മുടെ പൊതു കീ അവിടെനിന്നും എടുക്കാവുന്നതാണ്.   ഈ ലേഖകന്റെ പൊതുചാവി 0x4512c22a എന്നതാണു്. അത് http://pgp.mit.edu/pks/lookup?op=vindex&search=0xCE1F9C674512C22A എന്നവിലാസത്തില്‍ ലഭ്യമാണു്. ചാവികളുടെ ഉറവിടം ഉറപ്പാക്കാനുള്ള മറ്റൊരു വഴി സോഷ്യലിസ്റ്റ് കോടീശ്വരന്‍ പ്രോട്ടോകോളാണു് (https://en.wikipedia.org/wiki/Socialist_millionaire). നമ്മള്‍ സംസാരിക്കുന്നയാള്‍ക്കു് മാത്രം ഉത്തരം അറിയുന്ന ഒരു ചോദ്യം ചോദിക്കുക, നമ്മള്‍ പ്രതീക്ഷിക്കുന്ന ഉത്തരമാണു് കിട്ടുന്നതെങ്കില്‍ നമ്മള്‍ വിചാരിക്കുന്ന ആളുടെ ചാവി തന്നെയാണിതെന്നു് ഉറപ്പാക്കാം. മലയാള സിനിമയിലെ നിത്യഹരിത കഥാപാത്രങ്ങളായ സിഐഡി ദാസനും വിജയനും സാധനം കയ്യിലുണ്ടോ എന്നു് ചോദിക്കുന്നതും ഒരു നോട്ടിന്റെ കീറിയ പകുതി ഒത്തുനോക്കുന്നതു് നമുക്കു് പരിചിതമാണല്ലോ.  ജിപിജി കൂടുതലായും ഫയലുകളും ഈമെയിലുകളും സുരക്ഷിതമാക്കാനും ഒടിആര്‍ ഇന്‍സ്റ്റന്റ് മെസേജുകള്‍ സുരക്ഷിതമാക്കാനുമാണുപയോഗിക്കുന്നതു്. ജിപിജിയില്‍ കൂടുതലായും അന്യോന്യം ചാവികളുടെ ഉറവിടം ഉറപ്പുവരുത്തുന്ന രീതിയാണുപയോഗിക്കുന്നതെങ്കില്‍ ഒടിആറില്‍ സോഷ്യലിസ്റ്റ് കോടീശ്വവരന്‍ രീതിയാണു് കൂടുതല്‍ സൌകര്യം.

 

സാധനം കയ്യിലുണ്ടോ?

സാധനം കയ്യിലുണ്ടോ?

വാട്ട്സ്ആപ്പ്, ഗൂഗിള്‍ ഹാങ്ഔട്ട്സ്, ഫേസ്‌ബുക്ക് ചാറ്റ്, ജാബര്‍ തുടങ്ങിയ നിങ്ങളിപ്പോഴുപയോഗിക്കുന്ന സേവനങ്ങളിലെല്ലാം ഓട്ടിആര്‍ ഉപയോഗിക്കാവുന്നതാണു്. ഇതു് വേറൊരു സേവനമല്ല, നിലവിലെ സേവനങ്ങളെ സുരക്ഷിതമാക്കുന്നൊരു സംവിധാനം മാത്രമാണു്. ഈ സൌകര്യം ഉപയോഗിക്കാന്‍ ഓട്ടിആര്‍ പിന്തുണയുള്ള സോഫ്റ്റ്‌വെയര്‍ ഉപയോഗിച്ചാല്‍ മാത്രം മതി. ഉദാഹരണത്തിനു് ജിറ്റ്സി, പിഡ്ജിന്‍ അല്ലെങ്കില്‍ ഓട്ടിആര്‍ പിന്തുണയുള്ള മറ്റേതൊരു സോഫ്റ്റ്‌വെയറും ഉപയോഗിച്ച് ഫേസ്‌ബുക്ക് ചാറ്റില്‍ ചേര്‍ന്നാല്‍  ഓട്ടിആര്‍ പിന്തുണയുള്ള സോഫ്റ്റ്‌വെയര്‍ ഉപയോഗിക്കുന്ന സുഹൃത്തുക്കളുമായി സ്വകാര്യ സംഭാഷണം തുടങ്ങാം. ഫേസ്‌ബുക്കിനു് അര്‍ത്ഥമില്ലാത്ത അക്ഷരങ്ങള്‍ മാത്രമേ കാണാനാവൂ, നിങ്ങള്‍ എന്താണു് സംസാരിക്കുന്നതെന്നു് മനസ്സിലാക്കാനാവില്ല.‌

പ്രൈവസി എന്നാല്‍ പ്രധാനമായും നമ്മുടെ ആശയവിനിമയം നമ്മള്‍ ഉദ്ദേശിക്കുന്ന ആളുമായി മാത്രം  നടത്താന്‍ കഴിയുക എന്നതാണ്. ഞാന്‍ എന്റെ കൂട്ടകാരിയോടു് സംസാരിക്കുന്നതു്  അത് രാഷ്ടീയമായാലും സല്ലാപമായാലും സുക്കന്‍ബര്‍ഗോ, മോഡിയോ, ഒബാമയോ കേള്‍ക്കാന്നതില്‍ എനിയ്ക്കു് താത്പര്യമില്ല. നമ്മുടെ ഭരണഘടനയുടെ ശില്പികള്‍ നമുക്കു് ഉറപ്പു് തന്നിട്ടുള്ള അവകാശമാണതു്. എത്രയോ ആളുകള്‍ സ്വന്തം ജിവന്‍ കൊടുത്തും നമുക്കു് തന്ന സ്വാതന്ത്ര്യമാണതു്. നമ്മുടെ അടുത്ത തലമുറകള്‍ക്കും ഈ സ്വാതന്ത്ര്യങ്ങള്‍ പകര്‍ന്നു കൊടുക്കേണ്ടതു് നമ്മുടെ ഓരോരുത്തരുടേയും കടമയാണു്. സ്വകാര്യത നഷ്ടപ്പെടുക എന്നാല്‍ നിലവിലെ ചട്ടങ്ങള്‍ക്കെതിരായ ചിന്തകള്‍ പോലും ഇല്ലാതാക്കുക എന്നതാണു്. മെട്രിക്സ് സിനിമയില്‍ ന്യൂക്ലിയര്‍ മേഘങ്ങള്‍ സൂര്യനെ മറയ്ക്കുമ്പോള്‍ യന്ത്രങ്ങള്‍ മനുഷ്യരെ ഊര്‍ജ്ജസ്രോതസ്സായി ഉപയോഗിക്കുന്നതു് പോലെ, കോര്‍പ്പറേറ്റുകള്‍ ഉത്പന്നങ്ങള്‍ വില്‍ക്കാനുള്ള ചന്ത മാത്രമായി മനുഷ്യനെ മാറ്റുന്ന അവസ്ഥയും ദൂരെയാവില്ല.

മനുഷ്യോര്‍ജ്ജ ബാറ്ററി

മനുഷ്യോര്‍ജ്ജ ബാറ്ററി

സ്വകാര്യ സംഭാഷണങ്ങള്‍ ഇത്ര എളുപ്പമാണെന്നു് നിങ്ങള്‍ക്കറിയാമായിരുന്നോ? ഇന്നു തന്നെ ഇതു് പരീക്ഷിച്ചു് നോക്കാം, സ്വകാര്യത നിങ്ങളുടെ അവകാശമാണു്. നിങ്ങളുടെ അനുഭവങ്ങളും അഭിപ്രായങ്ങളും അറിയിക്കുമല്ലോ. എന്തെങ്കിലും പ്രയാസം നേരിടുന്നെങ്കില്‍ സഹായം ചോദിക്കാന്‍ മടിക്കേണ്ട. ഓട്ടിആറിനെപ്പറ്റി കൂടുതലറിയാനും നിങ്ങളുടെ ഉപകരണത്തിനു് അനുയോജ്യമായ സോഫ്റ്റ്‌വെയറുകളെക്കുറിച്ചറിയാനും http://otr.works എന്ന വെബ്‌സൈറ്റ് കാണുക (നിങ്ങള്‍ക്കും‌ അവിടെ കൂടുതല്‍ വിവരങ്ങള്‍ ചേര്‍ക്കാവുന്നതാണു്).

കുറിപ്പ്: നേരത്തെ സ്വതന്ത്രത്തിലും ലൂക്കയിലും പ്രസിദ്ധീകരിച്ച ലേഖനത്തില്‍ ചെറിയ മാറ്റങ്ങളോടെ…

 

08.08.14

What do you think about this ? (Google scanning your inbox)

Posted in Free Software, Society at 3:30 pm by Pirate Praveen

Aashik asked me this question today pointing me to this article on The Verge – Google scans everyone’s email for child porn, and it just got a man arreste

This was my response, (attachment mentioned in the mail is given below)

censorship and free speech

The attached drawing illustrates the situation well. There is always bad guys as a justification of taking away our rights. It changes depending on place and time. When you take examples of bad guys, people stop thinking and emotion takes its place, once you are controlled by emotion, usually fear, you would accept anything that comes in the name of protection. These are nothing new, it is successfully used over the years, only details vary. Old wine in new bottle.

It is only cultural who is bad. Once being a communist was enough to torture you. Another time it was just being a Jew. Now living in Gaza is enough to get you killed.

You’ll need to blindly trust google not to misuse their powers. I don’t think that is a good thing.

When US made a nuclear bomb, no one thought it would be dropped on humans.

Power corrupts and absolute power corrupts absolutely.

Now it is only child porn, when conditions are favourable, it can be terrorism, any crime, dissent… You cannot expect a profit making company to stand up for your rights. They may do it as long as it is profitable for them.

So in short, it does not make me satisfied it is just child porn.

06.24.14

Microsoft Tax Refund

Posted in Free Software, HP, Society at 1:52 pm by Pirate Praveen

Last Sunday evening marked starting of an important campaign when a casual search for a good laptop for a friend turned into tussle with HP for a refund of unused software bundled with their hardware.

Ishan about to make a phone call

Most laptop vendors ship their hardware with a version of Microsoft Windows preinstalled. Microsoft says we can get a refund for the windows version if we don’t want to use their software (we cannot use it unless we agree to their end user license agreement or eula and their eula denies many rights that we in the Free Software community hold dear).

So we sent this email to HP support asking for a refund.

Hi,

I just brought a new hp pavilion 15 Notebook PC (model number: 15-n259TX) with serial no: 5CDxxxxxx7 and product no: G2H01PA#ACJ. It came pre-loaded with Windows 8 but I don’t agree with the End User License Agreement. There was no option provided without any operating system or with a Free Software Operating System for this model at the HP world shop in Kandivali West (Amgee Computers PVT. LTD).

Microsoft EULA (http://download.microsoft.com/Documents/UseTerms/Windows_8_English_ca383862-45cf-467e-97d3-386e0e0260a6.pdf) states that I can get a refund for the unused license by contacting the manufacturer.

It states “If you do not accept and comply with these terms, you may not use
the software or features. Instead, you should return it to the retailer or other place where you purchased the software license, for a refund or credit.”

How do I collect the refund money?

Thanks

We immediately formatted the machine and installed Ubuntu 14.04 on the machine.
Format entire disk

We called them up the next day and registered an official complaint with HP but they refused to give a refund. When they said they offer other models with Free Dos installed Ishan gave a brilliant analogy. If you go to buy a shirt and you like a Yellow shirt, they tell you have to buy a pants along with it, but you can buy a black shirt without pants, would that be acceptable to you?

HP says they will offer only a refund of the entire product (hardware and software) and not a partial Windows only refund. In France and Italy there is already rulings that forced HP and Acer to refund the Windows license fee. Indian courts have ruled set-top boxes allowing only one particular service provider are illegal.

Prasanth Sugathan from Software Freedom Law Center India has promised to send a legal notice to HP within 2 days.

This is going to be a landmark struggle for Free Software in India.

If you have recently bought a laptop or planning to buy a new laptop, contact us and we can fight this together.

Update 1 (25/06/2014): HP has closed the case without a resolution. Prasanth needs a copy of the invoice to go ahead, we’ll send it by tonight.

Update 2 (25/06/2014): There is a good discussion about this issue on reddit.

The relevant law which HP violates is Competition Act 2002.

“Any agreement amongst enterprises or persons at different stages or levels of
the production chain in different markets, in respect of production, supply,
distribution, storage, sale or price of, or trade in goods or provision of services,
including—
(a) tie-in arrangement;

shall be an agreement in contravention of sub-section ( 1 ) if such agreement
causes or is likely to cause an appreciable adverse effect on competition in
India.
Explanation.—For the purposes of this sub-section,—
(a) “tie-in arrangement” includes any agreement requiring a purchaser of
goods, as a condition of such purchase, to purchase some other goods; ”

Update 3 (25/06/2014): There is precedent in Europe where companies are ordered a refund.

  1. HP must reimburse Italian PC buyer the amount paid for Microsoft software
  2. Lenovo ordered to pay €1920 for making French laptop buyer pay for Windows too

Update 4 (25/06/2014): Acer America has policy of giving refund on unused Windows license.

Update 5 (26/06/2014): Prasanth would need 2-3 days more to complete research on this topic.

Update 6 (11/09/2014): Prasanth has sent the legal notice to HP. This case is covered by Economic Times now. You can get a copy of the notice from mediacru.sh. (MediaCrush is Free Software media sharing platform). Mediacrush is shutdown, but archive.org has a copy.

Update 7 (13/09/2014): This is a fresh development, Italy: High Court shoots down Windows tax

03.05.14

Sharing files between gnu/linux and Windows using samba

Posted in Debian, Free Software at 11:31 am by Pirate Praveen

Install Samba package

# apt-get install samba

Samba configuration file is /etc/samba/smb.conf

You can add directories for sharing at the end like this

[debian]
comment = Debian Cache
read only = yes
locking = no
path = /mirrors/debian
guest ok = yes

If you want to be able to share directories from nautilus file manager install nautilus-share and add your user to sambashare group

# apt-get install nautilus-share
# gpasswd -a <user> sambashare

Log out and login back for group change to take effect.

For mounting a samba share you have to install cifs-utils

# apt-get install cifs-utils

To mount a samba share now run

# mount -t cifs -o guest //<server>/<share> /<mount point>
# mount -t cifs -o guest //192.168.1.3/debian /mnt

03.04.14

Setting up a local package repository with apt-move

Posted in Debian, Free Software at 12:38 pm by Pirate Praveen

apt-move can be used to create a repository layout from /var/cache/apt/archives (which contains all packages downloaded by apt).

1. Install apt-move:

# apt-get install apt-move

2. Setup apt-move:

# apt-move get

3. Create repository layout:

# apt-move move

4. Generate packages list:

# apt-move packages

5. Setup apache2:

apt-move will create repository in /mirrors/debian by default (this can be changed in /etc/apt-move.conf)

5.1 Install apache web server:

# apt-get install apache2

5.2 Create a virtual host:
copy ‘default” in /etc/apache2/sites-available to “repo”

# cd /etc/apache2/sites-available
# cp default repo

Edit repo and change DocumentRoot from /var/www to /mirrors/debian
Also change to

Enable the new site.

# a2ensite repo

# /etc/init.d/apache2 restart

This will give you a repository in your machine.

If you have more than one site in your server you can configure NameVirtualHost.

Add “NameVirtualHost *:80” in /etc/apache2/ports.conf

and add ServerName for each virtual hosts in sites-available/<site>

If you just want to test your setup without a proper dns server you can edit /etc/hosts file to point your desired domains to repository’s ip address.

If you want to sign your repository follow these steps

1. Create a gpg key:

# gpg --gen-key

(choose RSA RSA, no expiration) or follow these more detailed steps

2: Sign the Release file (apt-move has an option to sign automatically, but it seems to be broken)

# gpg -o /mirrors/debian/dists/stable/Release.gpg -a -b -s /mirrors/debian/dists/stable/Release

3. Export your public key

# gpg --export --armour <key id or pattern> > repo.key.sc
# cp repo.key.asc /mirrors/debian

In client systems download the key with wget and run

# apt-key add repo.key.asc

08.12.12

GNUs found grazing at Palakkad Fort

Posted in Free Software at 10:13 pm by Pirate Praveen

I was supposed to be taking shell scripting session yesterday, but we couldn’t get a hall arranged and we had to cancel it. So I tought of meeting some students if they were interested. Three students from NSS Palakkad – Ashik, Manoosh and Lal Krishna, turned up 4 O’clock as announced. I could reach only at 4.30. We sat down inside Fort above the temple. We started discussing about problems they faced with Free Software. Ashik mentioned about mp3 not working with totem player on Debian Squeeze and codec install option not popping up. I’m not sure what is missing here. As per my information mp3 coded should be installed by default and totem should ask for codec installation. I told him to try wheezy, anyway they are computer science students and they should be the ones fixing these issues.

Ashik asked the often asked question of being rewarded for one’s hard work and being able to support oneself by selling software. I compared it to knowledge and asked them if Newton was asking money for using his third law (every action has an equal and opposite reaction) when launching rockets? Another example I gave was example of custom software, where some one will have to maintain it (like software for a bank). Free Software would not take away jobs in service industry.

Then they said to contribute to Free Software one should have another job. I asked them why someone go to a lawyer when they can argue their case themselves? They said its for expertise. I told them its the same way Free Software service work. Another example was how teachers help when students can read the text book themselves.

Then I asked them what do they know about Free Software. They had some confusion about how Open Source is different from Free Software. I gave up insisting people use Free Software instead of Open Source sometime back itself. I tell them to understand the difference and choose what they feel comfortable associating themselves with. I also told them to look online for the difference and understand it. Let’s see if they come back with more questions.

At 6 they were closing the inside gate to the Fort. The security guy lost a bit of cool and asked us what did we think when he was visling whether he was calling us for food 🙂 We clearly were at fault as we knew they would close at 6, so I didn’t argue and smiled at his words.

Adhil joined us by then and we continued our discussion about difference between Open Source and Free Software. Some one told them Open Source means some part is hidden and Free Software means everything is free!

For explaining the difference I had to ask them about copyrights. We discussed origin of copyrights and how it is different from a patent. Copyright prohibits copying same code (it doesn’t apply when same thing is created independantly) where as patents prohibit implementing same ideas by different people without license from patent holder.

Then we discussed what licenses are and compared it with a driving license. There are certain conditions for a driving license like you have to follow traffic rules. I told them every license has conditions attached to it. Free Software Foundation and Open Source Initiative both maintain a list of licenses which match their definitions of Free Software and Open Source. Except for one rarely used license every other license on both lists match and practically all Open Source Software are also Free Software. The difference is in their philosohies. When people say Open Source they are interested in the practical aspects only and they don’t want to talk about Freedom.

We also discussed about a program on Septermber 29th in memory of first anniversery of losing our dear friend Jinesh to Lukemia. We will publish a book of his writings and also organize an SMC get together. I also told them we would like the new folks to take initiative and conduct this program. They have offered to take session on introducing Free Software and Malayalam computing. They have also offered to promote this event in their college. I have suggested them to use slidify and latex/beamer to make their presentations.

Ashik and Adhil opened their fast and we joined them for lime juice and samosa. We ended the meeting there. Hoping to see more involvement from them. I hope they will contact me when they get stuck somewhere.

Update 1: Added link to Lal Krishna’s blog.

Update 2: Lal Krishna’s post on the meeting

Update 3: Ashik’s post on the meeting

05.01.12

Debian Utsavam at MES Kuttippuram, Kerala

Posted in Debian, Free Software, SMC at 12:48 am by Pirate Praveen

Background

I was thinking about another Kerala trip as my friend and NIT Calicut classmate Pramod invited me for his marriage on 1st May. Since it is a long trip of more than 24 hours from Pune to Kerala by bus, I thought I should plan some Free Software talk so that I have more motivation for such a hard trip. I was very happy to see great enthusiasm for gnome release party on my last visit.

debian folks

Group Photo of Debian Utsavam participants

I asked a few people if it would be possible to organize something on such a short notice. I was happy to get a positive response and we fixed the event for 28th and 29th at MES college of Engineering, Kuttippuram. But I can reach there only on Sunday if I leave Pune on Friday and take one day transit in Bangalore (I take this option because I get to meet my friends during day and I have to travel only at night). I asked around if someone can volunteer to take some basics session on Saturday so that particiants will be ready for the packaging session on the next day.

Nakul readily volunteered to take command line and shell scripting sessions. Since Ershad was coming, he agreed to take Free Software introduction. I have to mention his great grassroots Free Software promotion work here. Though he doesn’t post much about it on smc or plus lists I came to know about it from people who attended the sessions. (A request to Ershad to blog and talk about it on mailing lists). Since Labeeb was also there in Kerala he agreed to introduce Debian.

Haris volunteered to take a session on building from source. He is very enthusiastic and he writes beautiful blogs. Read his account of the two days here.

Since I was not present on day 1 you can read about it from Haris’ blog. Raju sir told me I could stay with him and I went to his place directly on Sunday morning. I reached Mannuthi at 3.45 am and he picked me up. I slept a bit and after breakfast we came to MES. One thing I really liked there was the fluroscent moon and star (I guess there were planets too) stickers on the wall! You feel like you are watching the sky at night!

We reached MES by 10.20 and they had already started discussing about personal privacy and tracking on the internet. I started with reading a note I wrote the previous night in the bus.

Read the full note here.

I asked them about what they learned on the previous day and I asked them a few questions like why we need to package software, who creates packages etc. I started discussing basic ideas around a package’s lifecycle from upstream tarball to a stable release. A few points I covered include “how and when a package first enters debian. Concepts of RFP, package maintainer, team maintained packages etc were covered.”

Distributions

There are many Free Software projects out there and role of a distribution like Debian is to provide a collection of these software in an easy to distribute and manage format. Distributions like debian make sure the software is in good condition and pass it through thorough testing before it is given out as a supported software. Since there are many distributions out there with different policies and packaging formats (deb, rpm, ebuilds etc). Also each of this distributions may be including different versions of its dependencies. So people specialising in packaging makes the job of upstream developers easier by making an easy to install version of the software available. Distributions include many Free Software but every day more Free Software is released. So who creates these debian packages? How does a person ready to create a package know there is a new software? What do one do when a software they need is not available as a package? How can one install such a software if it is not packaged?

Package life cycle in Debian

Life cycle of a Software in Debian

Most Free Software projects release their work as a tarballs – a compressed file of all the source code with instructions to compile them. Many times people read about new software from news sites and some of them savvy enough start building it from source. If you are already familiar with development tools it may not be difficult to do. Some of those users may create a debian package. Sometimes people just request a software to be packaged. It is done by submitting a wishlist bug against ‘wnpp’ pseudo package. wnpp stands for Work Needing and Prosective Packages. Such requests for packages are commonly referred as RFPs. So there are two ways a package enters debian.

1. Some one who know about debian packaging creates a debian package from a source tarball provided by upstream developers.

2. Someone files an RFP in debian bug tracking system and people come to know about it via wnpp and then creates a package.

For small packages a single person may create a debian package alone and maintains it by providing newer packages when some bug is fixed or a new version is released. Sometimes there are many applications created by one project (eg GNOME, KDE) or packages are similar (for example packages written in one particular language like perl, python, ruby) or they are used in one particular area (for example software useful for medical doctors or useful in schools), in these situations a team maintains these packages.

I really like this team maintenance idea because you can help updating any package when you have time and other team members take care of it when you are busy. With teams distributed around the world most of the time there is someone available usually to take care of the packages. But more hands to help is always welcomed by the teams as it helps spread the load to more people and reduces work for each person.

“when does a package move to testing. Package priority and condition of release critical bugs were explained.”

All packages are normally uploaded to unstable branch. When a package is uploaded, their maintainer tells how important this upload is. For normal uploads a priority of ‘low’ is set and for critical fixes ‘medium’ and for security fixes ‘high’ priorities are used. Packages are kept for review in unstable branch for 10 days for low priority packages, 5 days for medium priority packages and 2 days for high priority packages.

Many people including this author use unstable distribution as their main operating system every day. When they encounter bugs they report them. I have to clarify what unstable means here, it means always changing and each software itself is stable (either the upstream developers or debian developers decide it is stable enough for every day use). For software which not stable for every day use experimental branch is used.

After 10, 5 or 2 days depending on package’s priority their status is checked (this is done by a software called britney) to see if they can be moved to testing branch. First condition it checks is if there is any release critical bug reported against this package. Second condition is its dependencies are already in testing. If both these conditions are met it will be moved to testing. So new packages keep coming to unstable and testing all the time except when testing is frozen for next release. So we can call both unstable and testing branches as rolling releases.

Every time a stable version is released goals for next stable release is set by the project after discussions with different teams. Each team may want a particular version of their software in the next release or project as a whole may decide on a new feature. These release goals are collected by release team and published early in the release cycle. When testing is very close to achieving these release goals release team declares testing is frozen.

At this point britney keeps all packages in unstable and only bug fixes are allowed into testing. Sometimes release team allows a few exceptions, but usually freeze time is spent on fixing bugs by all developers. When all release critical bugs are fixed in testing a copy of testing is released as stable. At this time normal movement of packages from unstable to testing is resumed and preparation for next stable release starts. Stable release is officially supported by the project and recieves security updates only, no new versions are uploaded into stable.

“when does it goes to stable. I told them about release goals and freeze. I told them we release when we are ready and that means zero release critical bugs.”

This time I did not take my favorite package lekhonee-gnome and instead I chose to introduce gem2deb tool. We took mixlib-log gem and easily created a deb file with just one command gem2deb mixlib-log. But there was a catch, they were running squeeze and gem2deb was not present in the normal repositories.

I just told them to install gem2deb, some people tried to install it from sid repo but failed matching correct dependencies (most of systems had a messed up sources.list file, presumably from yesterday’s apt session). Some figured they can install it from source and they downloaded gem2deb tarball from github and followed instructions in README file to build it. First application of what they learned yesterday. And dpkg-buildpackage -us -uc command given there came in very handy when they had to rebuild mixlib-log package.

Every one created a deb package with one easy command ‘gem2deb mixlib-log’. On some systems proxy was not set correctly so gem2deb could not download the gem file using ‘gem fetch mixlib-log’. So gem file was downloaded from rubygems.org and them gem2deb was run against this file.

Every one used lintian to check what is missing in packaging as per policy and they used help of New Maintainer’s Guide to fix those errors and warnings.

[TODO] chosing a new gem file to package or update to gem2deb based packaging.

(Posting it as incomplete, I may add more points and few more details later)

Links:

  1. Wiki page of the event
  2. Photos
  3. Debian Handbook – a complete book on Debian

Changelog:

30/04/2012: First draft, outline

01/05/2012: Expanded on debian development stages

02/05/2012: added link to Haris’ blog, editing changes, splitted big paragraphs to small paragraphs.

03/05/2012: Link to the note I wrote added.

10/05/2012: Diagram from Debian Handbook describing the release process added.

PS: I think, I better make a book out of it because its going to be a big post otherwise 🙂

Note: I was just trying to dump my thoughts as I wrote this and I was in a hurry on the way to a friend’s wedding, plus it was typed in my almost-dead ‘first android phone’ my phone. So excuse if you see anything not in place. Thanks to Shirish for some corrections.

10.31.11

Mini Debian Conference at Nitte, near Mangalore – Overview

Posted in Debian, Free Software at 10:19 am by Pirate Praveen

NMAMIT, Nitte

NMAMIT, Nitte

Just back in Pune after 4 days in Nitte in between Mangalore and Udupi in Karnataka state. The best part was the awesome food we had every single day! I never liked Sambar in my 3+ years in Bangalore, but it was so awesome here! (I don’t know how many times I can use the word ‘awesome’ in a blog!) I still think the “Mangalorean Pomfret Masala” was bliss!

Jonas Smedegaard

Of course meeting awesome people is given, for any Free Software conference, so I don’t have to highlight that 🙂 Chandan had interviewed Jonas Smedegaard and it was excellent – both questions and answers! The best question was “what is your message to Canonical/Ubuntu?” We had to cut the interview and let him think about an answer. He said “When a kid leaves their home, we just say best of luck with whatever you do. Ubuntu is like a kid leaving home to debian – so best of luck!” It was so thoughtful and graceful, at debian ubuntu has always been a strain – how do we deal with it? It looks like most people have swallowed the bitter pill and adjusted to Ubuntu being more popular. Jonas kept telling Ubuntu is also a debian user and we have made an oath “Our priorities are our users and free software“.

There is much more to write, hopefully I will find some time to write more later.

01.24.11

Copyleft and Free Software business models – a discussion on cofsug list

Posted in Free Software, Pune at 3:55 pm by Pirate Praveen

2011/1/21 Devwrat More :
> Really nice one lokesh…..:) 🙂
> @ Praveen:
> Please elaborate on how Copyright is used for CopyLeft and who OWNS
> copyleft… ( really smart thing!!! )

Copyright law says copyright holder (author of a creative work) has all rights to his or her work. Nobody else can use, distribute or remix the work without his permission.

Now with copyleft, the author gives such a permission (called a copyright license), it can be GPL, LGPL, AGPL etc (difference copyleft licenses with slightly different conditions, will explain the difference below). which says you have all the freedoms, but when you give the work to others they are also entitles to all the freedom you got in the first place.

GPL (General Public License) – strong copyright, any work that uses a GPL covered work (derivative work) should also be GPL. For example you use a shared library (.so file on unix systems and .dll on windows systems) in your code and if that library is released under GPL, then your code also should be GPL. quid-pro-quid. Take my code, but give back what you write. gnu readline is an example.

LGPL (lesser General Public License) – weak copyleft, any change to the code covered under the license need to be released, but if you are just linking to it, you decide license for your code. GNU C Library (glibc) is an example. You write C programs and it uses functions from GNU C Library like printf, scanf etc. You include these functions when you say #include . If glibc were under GPL, you would have to release any code that uses these libraries also under GPL.

Between GPL and LGPL, the decision is a strategic one. If the code we write is a new feature, our interest is to give advantage to Free Software developers, we may use GPL. But if what you write is already available and there is no advantage to Free Software developers, you may chose LGPL so that more people may use the work. Read more details about this case written by RMS

“Which license is best for a given library is a matter of strategy, and it depends on the details of the situation. At present, most GNU libraries are covered by the Lesser GPL, and that means we are using only one of these two strategies, neglecting the other. So we are now seeking more libraries to release under the ordinary GPL.

Proprietary software developers have the advantage of money; free software developers need to make advantages for each other. Using the ordinary GPL for a library gives free software developers an advantage over proprietary developers: a library that they can use, while proprietary developers cannot use it.

Using the ordinary GPL is not advantageous for every library. There are reasons that can make it better to use the Lesser GPL in certain cases. The most common case is when a free library’s features are readily available for proprietary software through other alternative libraries. In that case, the library cannot give free software any particular advantage, so it is better to use the Lesser GPL for that library.”

Complete article is http://www.gnu.org/philosophy/why-not-lgpl.html

AGPL (Affero General Public License) – stronger copyleft than GPL itself, if you use the code as a website, all of its users should have access to its code. Example statusnet, silpa, launchpad, diaspora etc. Designed for web-based applications. I heard this story from someone, about bc (binary calculator). It goes like this, there was a known bug in bc and some people were curious and tried the same operation on google search box (in addition to web search google search box works as calculator, currentcy convertor and many other things). They found the same bug in google as well. After some time, they tried the same thing again and found google has fixed its site, but bc was still buggy, meaning google did not give back to the community. Current GPL implementation does not cover this case because web services were not common when it was written and it would be considered as normal use of the program. Just to reiterate, you don’t have to accept GPL if you are just using the program or even making private modification. GPL starts only when you give the software to someone else.

So what happens when someone does not follow the conditions of GPL? That is very common case for many embedded hardware like routers. Authors of the software (most of the time it is linux kernel developers, note this point carefully, only the authors can file a case, not you, me or even FSF can file a case if we don’t have copyright. You or me can notify the authors, if we see violations. FSF sues companies which violates code that FSF has copyright on like binutils – basic commands like ls, cat etc are part of binutils).

When the violator says, I did not read GPL, court asks show me the license. They don’t have any other license than GPL itself so it is a clear violation of copyright law. Distributing copyrighted work without a license – pay fine, stop distributing etc. Now if we say they don’t agree with GPL or they don’t like GPL, they again don’t have any other license, which means clear copyright violation. So if you are distributing GPL covered software, you have only two options

1. Agree with GPL and follow all its conditions
2. Don’t agree and stop distributing.

So you can go to court and enforce one of these conditions. And it has been proved in court.

Ask if you are not clear, because it is a very important and commonly mistaken concept.

For more legal savvy folks, read the court judgement against D-Link http://www.jbb.de/judgment_dc_frankfurt_gpl.pdf

See http://gpl-violations.org/ for more details on how GPL is enforced.

> Also you did not answer about how one earns his living with Free softare. (I
> could not understand what Lokesh has written about earning and No warranty
> … does it mean programmer earns by MAINTAINING a software ????? )

Abhijit has explained one way of making money, provide services, charge for your expertise etc. This is used by many compnies including my employer Red Hat. The concept is similar to how we pay a plumber or a lawyer. We can fix our taps or we can pay someone to fix it. We can argue our case or pay a lawyer on behalf of us. Same way you can fix the code yourself or you pay someone for it. It might not be financially feasible to hire programmers to fix such large a codebase. So you opt for paying someone who has expertise on the entire code base and can help fix things when it breaks. Some big companies can afford to have their own programmers and they don’t buy these support. But then again that is another model, those compies are employing Free Software developers.

Another option is dual-licensing model. It is commonly used with GPL license. You take the code, it is GPL, but you have to make your code also GPL. If you don’t agree, pay us and you can keep your code proprietary. So the software itself will always be Free under GPL, and any other Free Software developers can use that code, but proprietary compies who want to use the code has to pay. So proprietary companies fund such Free Software projects! How brilliant! MySQL uses such a model, QT used follow this model, now after Nokia aquired TrollTech – the company which developed QT, they changed QT license from GPL to LGPL. Now Nokia wants everyone to use QT, they have lot of money and don’t have to depend on proprietary companies for funding. For mobile companies the choice may be between Android and QT. If they don’t have to pay for Android, and pay some money to Nokia for QT, they might not want to use QT.

For some hardware companies, all they care is about selling their hardware, so they employ developers to write drivers, test on Free Operating Systems etc. HP develops drivers for many of its printers and scanners this way. They employ developers to write drivers, it is released as Free Software. HP cares about selling more printers and not about drivers itself.

There are many other models we will discuss more on this as part of our foss elective, we will keep the session open for every one.

The basic idea is this, the old model of developing a software, marketing it, restricting it and charging huge moeny for each copy if obsolete now. It opens up new opportunities for everyone to make money. So a Free Software business model is only limited by every one’s imagination.

I am sure, if you see something is not working in Free Software and realise people are ready to pay to get it repaired, that is an opportunity for you. Its completely upto you how you want to make money with Free Software.

And remember this too, many developers have other day jobs and write Free Software because they like doing it. So there is absolutely no requirement for you to get a Free Software job to contribute to Free Software. If you like doing it, just do it. Look for a career else where.

Cheers
Praveen

See the whole thread of this discussion on cofsug list.

PS: College Of Engineering Pune has a vibrant Free Software community and it is rewarding experience to work with them. We are running a Free Software Development course as an elective for final year Information Technology and Computer Engineering students. The enthusiasm of the students is evident when I see some students who took it as an audit course – which means, they don’t get any credits for the course, but they come an sit for the course anyway! There are some second year students who also attend this course regularly! Not many teachers are this lucky to have such interested students, plus great flexibility to deliver it!

« Previous entries Next Page » Next Page »