Swedish FOSS-magasin

foss-magasinClaes, our friend from foss-sthlm and several Open Source adventures, has just fired off a new initiative: FOSS-Magasin. The site launched for real on the evening November 19th.

Where there’s no real content on the site yet, Claes has set out a mission for himself and future contributors to create a site with technical content in Swedish that we geeks miss. This would be within areas such as FOSS, *nix, networking and more.

Tired of the poor state of technical and IT related media in Sweden that always seem to try to capture the really large audience and therefore always dumb down everything to a silly level, this is meant to be directed on more competent and interested readers.

The site is free and Claes is looking around for contributors to help hem get content to publish. I can only urge my Swedish friends to join up and help it get going, as I think it would be nice to get a proper Swedish tech site. For me, it will be especially interesting for things that actually happen in or otherwise is related to Sweden, as for all the rest I personally have no problems accessing English sites to get the info.

IDG prints lies about RMS

Joel Åsblom works as a “technical writer” at the Swedish “IT magazine” consortium IDG. He got assigned the job of interviewing Richard M Stallman when he was still in Stockholm after his talk at the foss-sthlm event. I had been mailing with another IDG guy (Sverker Brundin) on and off for weeks before this day to try to coordinate a time and place for this interview.

During this time, I forwarded the “usual” requests from RMS himself about how the writer should read up on the facts, the background and history behind Free Software, the GNU project and more. The recommended reading includes a lot of good info. My contact assured me that they knew this stuff and that they had interviewed mr Stallman before.

This November day after the talk done in Stockholm, Roger Sinel had volunteered to drive Richard around with his car to show him around the city and therefore he was also present in the IDG offices when Joel interviewed RMS. Roger recorded the entire interview on his phone. I’ve listened to the complete interview. You can do it as well: Part one as mp3 and ogg, and part 2 as mp3 and ogg. Roughly an hour playback time all together.

The day after the interview, Joel posted a blog entry on the computersweden.se blog (in Swedish) which not only showed disrespect towards his interviewee, but also proved that Joel has not understood very many words of Stallman’s view or perhaps he misread them on purpose. Joel’s blog post translated to English:

Yesterday I got an exclusive interview with legend Richard Stallman, who in the mid 80’s, published his GNU Manifesto on thoughts of a free operating system that would be compatible with Unix. Since then he has traveled the world with his insistent message that it is a crime against humanity to charge for the program.

As the choleric personality he is, I got the interview once I’ve made a sacred promise to never (at least in this interview) write only Linux but also add Gnu before each reference to this operating system. He thinks that his beloved GNU (a recursive acronym for GNU is Not Unix) is the basis of Linux in 1991 and thus should be mentioned in the same breath.

Another strange thing is that this man who KTH and a whole lot of other colleges have appointed an honorary doctorate has such a difficulty to understand the realities of the labor market. During the interview, I take notes on a computer running Windows, which makes him get really upset. He would certainly never condescend to work in an office where he could not run a computer that contains nothing but free software. I try to explain to him that the vast majority of office slaves depend on quite a few programs that are linked to mission-critical systems that are only available for Windows. No, Stallman insists that we must dare to stand up for our rights and not let ourselves be guided by others.

Again and again he returns to the subject that software licensing is a crime against humanity and completely ignores the argument that someone who has done a great job on designing programs also should be able to live from this.

The question then is whether the man is drugged. Yes, I actually asked if he (as suggested in some places) uses marijuana. This is because he has propagated for the drug to be allowed to get used in war veteran wellness programs. The answer is that he certainly think that cannabis should be legalized, but that he has stopped using the drug.

He confuses freedom with price – RMS never refuses anyone the right to charge for programs. Joel belittles the importance of GNU in a modern Linux system. He calls him “choleric”. He claims you cannot earn money on Free Software (maybe he needs to talk to some of the Linux kernel hackers) and he seems to think that Windows is crucial to office workers. Software licenses a crime against humanity? From the person who has authored several very widely used software licenses?

The final part about the drugs is just plain rude.

During the interview, Joel mentions several times that he is using Ubuntu at home (and Stallman explains that it is one of the non-free GNU/Linux systems). It is an excellent proof that just because someone is using a Linux-based OS, they don’t have to know one iota or care the slightest about some of the values and ethics that lie behind its creation.

In the end it leaves you wondering if Joel wrote this crap deliberately or just out of ignorance. It is hard to see that you actually can miss the point to this extent. It is just another proof what kind of business IDG is.

The reaction

Ok, so I felt betrayed and badly treated by IDG as I had helped them get this interview. I emailed Sverker and Joel with my complaints and I pointed out the range of errors and faults in this “blogpost”. I know others did too, and RMS himself of course wasn’t too thrilled with seeing yet another article with someone completely missing the point and putting words into his mouth that he never said and that he doesn’t stand for.

During the weekend I discussed this at FSCONS with friends and there were a lot of head-shakes, sighs and rolling eyes.

The two writers both responded to my harsh criticisms and brushed it off, claiming you can have different views on free vs gratis and so on, and both said something in the style “but wait for the real article”. Ok, so I held off this blog post until the “real article”.

The real article

Stallman – geni och kolerisk agitator, which then is supposedly the real article, was posted on November 15th. It basically changed nothing at all. The same flaws are there – none of the complaint mails and friendly efforts to help them straighten out the facts had any effect. I would say the most fundamental flaws ones are:

With opinions that it is a crime against humanity to charge for software Richard Stallman has made many enemies at home. In South America, he has more friends, some of which are presidents whom he persuaded to join the road to free source code.

Joel claims RMS says you can’t charge for software. The truth is that he repeatedly and with emphasis says that free software means free as in freedom, it does not necessarily means gratis. Listen to the interview, he said this clearly this time as well. And he says so every time he does a public talk.

Richard Stallman is also the founder of the Free Software Foundation, and his big show-piece is the fight against everything regarding software licenses.

Joel claims he has a “fight against everything regarding software licenses”. That’s so stupid I don’t know where to begin. The article itself even has a little box next to it describing how RMS wrote the GPL license etc. RMS is behind some of the most used software licenses in the world.

The fact that Joel tries to infer that Free Software is mostly a deal in South America is just a proof that this magazine (and writer) has no idea about for example the impact of Linux and GNU/Linux in just about all software areas except desktops.

My advice

All this serves just as a proof and a warning: please friends, approach this behemoth known as IDG with utmost care and be sure that they will not understand what you’re talking about if you’re not into their mainstream territory. They deliberately will write crap about you, even after having been told about errors and mistakes. Out of spite or just plain stupidity, I’m not sure.

[I deliberately chose not to include the full article translated to English here since it is mostly repetition.]

RMS in Sthlm

Claes and I started the foss-sthlm initiative a while ago, back in 2009. I’m sure I’ve mentioned that before. We’ve since then done a series of events where we’ve gathered foss hackers from the Stockholm region to speak about Free Software and Open Source for people interested in these issues. We’ve had 100+ persons attend to every event and I’ve considered them successful beyond our wildest expectations. Me and Claes originally expected to gather around 30 persons or so…

Interested?

So out of the blue I got a question from Giuseppe (who were talking to RMS at the time) if foss-sthlm/me would be interested in organizing an event in Stockholm with mr Stallman. It turned out mr Stallman was already considering coming to FSCONS in Gothenburg and when doing so he was looking around to see if he could do some more talks while in Sweden. Given this chance, I simply couldn’t turn it down!

We coordinated with our pals behind FSCONS (the lovely crew at FFKP) so that we would jointly fund the event. We would split the bill for getting mr Stallman here and onward again to his subsequent gig, and the cost for his travel between Stockholm and Gothenburg.

How many?

Ironically, we already before had talked about not getting one of these super celebs to foss-sthlm events simply because of their immense popularity and the problem to get facilities to host events with them. How many would come to an RMS talk? I guessed at least 300 since among our previous events the most popular one got around 150 visitors.

How to get a place?

Commercial rooms for at least 300 people are expensive and luckily we quite soon got in touch with friends at KTH in Sweden – The Royal Institute of Technology, and they graciously offered to sponsor a room for 500. Awesome, we were on our way!

Sponsors?

South Pole didn’t hesitate when I asked them (you rock, Jakob!), but immediately said they’d help us to sponsor the event. With them on board, we had all the financial stuff we needed covered and we could say “full steam ahead!” to everyone involved .

Fiddle like crazy

FSCONS had a fixed date for their conference already, but when would RMS come to Stockholm? After FSCONS or before? When would we be able to reserve the room and how would it all fit into RMS’s schedule of other things. Several times we thought we had nailed it when something changed and we had to redo it all again. It took a good amount of emails back and forth until we finally scheduled and decided that he’d be in Stockholm first and then go FSCONS.

Open for registrations!

We went public about RMS coming to Sweden coordinated with FSCONS so that none of us would take advantage of this on the others’ expense. On September 27th 13:22 we told everyone about it, and within less than eleven (11) hours all 500 seats in the room had been reserved!

Oops, full already

Wow. That was a bit overwhelming and not quite what I had expected. A bit tough, but well our room only fits 500 so…

Find a new place

Friendly people on the foss-sthlm list very soon mentioned a new, much larger, facility that perhaps could be possible to host Stallman’s talk. The huge Aula Magna room. I was a bit pessimistic about it, as I was just so happy already with having gotten a fine sponsorship for that first room.

New place, new sponsor

What are friends for? I can hardly describe it, but we have good friends in good places and wow, not many days passed until I got the excellent news that the Stockholm University‘s department for Computer and System’s Sciences would help us get the room and pay the bill for it. This massive room fits 1194 sitting visitors. (Thanks Beatrice, you’re awesome!)

More tickets

Amazingly enough, it was just a matter of time until we ran out of tickets again. Sure, this time there were tickets available for a longer time but well over a week before the RMS talk there were again no tickets available. The demand was still clearly very high. When the event was just a few days away, we sent out reminder emails and we got lots of ticket cancellations, perhaps 60-70 of them, and the tickets that were returned were immediately made available again on the ticket site and were soon signed up for again by other lucky souls.

When we closed the registration, there were just a few tickets still available. 1180 or so had been registered to listen to Richard M Stallman talk in Stockholm, a dull and grey November day 2011.

The speech

Richard is a charismatic person. He can speak to a huge audience for almost two hours, with no slides and no images and no script and still keep us all alert and interested. He mixes in dry humor and reflects back and recites episodes from previous speeches from time to time.

The topic was of course Free Software. About doing the right thing. About freedom and how you need to be prepared to sacrifice some things in order to gain and fight for freedom. For mr Stallman things are often black/white. It is either free and therefore right and fine, or it isn’t free and therefore morally wrong and a bad idea. He also spent quite a lot of time explaining why calling it GNU/Linux is the right thing and how mr Torvalds doesn’t care about the ethics and about doing the right thing for humanity.

I’ve been involved in Free Software (and in Open Source too, a term that RMS despises and encourages us all not to use) for many years but this was actually the first time I heard RMS talk live.

Thanks

This would not have been such a smooth ride with the efforts of Giuseppe, Claes and the eager help and assistance from all friends in #foss-sthlm. Thank you!

(The pictures in this blog entry are all CC-BY-SA licensed and are taken by Kjell Ericson)

Apple’s modified CA cert handling and curl

I tweeted about me finding a change in Apple’s version of curl that I haven’t seen any public patch for. Apple otherwise hosts a whole slew of curl patches which they never discuss with us about but still make public and we can see what they did.

I was trying to help out a fellow curl user on IRC (we’re in #curl on freenode, come see us) and he was trying to understand some funny effects of running curl against a HTTPS site and he showed me the output from a “curl -v” log. The verbose log curiously was different than mine (same curl version built by myself on Linux). My conclusion was that something was different in the Apple version.

The users log said:

* About to connect() to host.example.com port 443 (#0)
*   Trying 1.2.3.4... connected
* Connected to host.example.com (1.2.3.4) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):

… while my command against the same site said:

* About to connect() to host.example.com port 443 (#0)
*   Trying 1.2.3.4... connected
* Connected to host.example.com (1.2.3.4) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):

(I’ve bolded the part my output showed that wasn’t in the mac version, the real host name and IP have been changed.)

It seems I was wrong however.

The output above is only shown if libcurl sets the CA cert path to OpenSSL and it seems the Mac version doesn’t. Somehow they get the CA certs loaded to libcurl differently.

So ok, maybe they didn’t modify curl but they certainly changed how curl uses CA certs and they did this by modifying OpenSSL and clearly their version of OpenSSL now defaults to use their CA cert bundle. The end result for me is still the same though: I have no idea how CA certs work with curl on Mac so it leaves me with the unfortunate situation where I can’t help fellow curl users when they have CA cert problems on a Mac.

It also leaves me very curious on what –cacert does exactly on the mac version of curl.

OpenSSL is patched. Apparently it now works so that if the “normal” x509 validation fails, and TrustEvaluationAgent (TEA) is enabled, it will attempt to use the TEA to validate the certificate. The apple source code to read through for this is x509_vfy_apple.c in their patched OpenSSL tree. It is also possible to skip the TEA verification thing in OpenSSL by setting an environment variable, so that we can still have curl on mac act “as default” with a command line like:

$ env OPENSSL_X509_TEA_DISABLE=1 curl https://www.example.com/

Finally: yes, curl is released under an MIT license. They’re perfectly allowed to do whichever of these actions they want. I know this, and I chose the MIT license fully aware that any company can take the code, modify it and never return any changes. I’m not arguing against anyone’s rights to do this with curl.

Thank you, friendly anonymous helper for helping me straighten out my findings!