As usual, Stallman tends to be quite prescient:
https://www.gnu.org/philosophy/right-to-read.en.html (perhaps more like "right to watch" in this context.)
As a software author working at startups, am I part of the problem? I don’t understand how to make a good living without locking down the code to some extent, with few exceptions (it’s hard to found red hat)
As I cast my eye over the FSF's basic definition of free software  I can't spot much of a mystery.
If a user don't have those freedoms, then someone else is in control of their software. It is inevitable that sooner or later the situation will change and the person who does have control the software is going to do disagree with what the user wants to use the software for - and at that point the user is the one with the problem.
Stallman isn't using a genius level of insight, but he is avoiding some very common shortcuts people take where they assume that because people are on 'their side' today that they will remain on 'their side' even if the incentives change. They are then shocked to discover that when the incentives change that nobody was ever actually on 'their side', it was just that the shark swimming placidly alongside wasn't hungry before.
I'm usually with Stallman's theories, it amazes me people keep being surprised that liking someone doesn't mean that the person is immune to the incentive structures that surround them. People have a remarkable and underappreciated capacity to make decisions that are good for them rather than good in the abstract.
People commonly seem to express this idea. That's not actually true.
Plenty of people haven't believed the PR from day one. What you're seeing now, is the reason why.
In fact, PC magazines of the 80s and early 90s used to contain articles specifically about patching software to do interesting things, complete with instructions of the form "change byte at X to Y"; AFAIK they didn't violate any copyrights because they didn't distribute copyrighted material. Then there's the whole series of "undocumented DOS/Windows" books written by people like Matt Pietrek, Andrew Schulman, and Mark Russinovich; all of which required substantial amounts of reverse-engineering and analysis, but instead of them being persecuted, two of them now work at Microsoft.
"If you outlaw freedom, only outlaws will have freedom."
One interesting implication is that since people can view and modify the source code, patches and modifications to the software are shared.
This has always lead me to wonder if a diff file violates copyright as it includes some of the original source as context.
My understanding is that use a patch file as long as your patch doesn't include any copyrighted material it is fair to share.
A patch file does not necessarily have any of the original code, just the location info and the new value.
It's one of those problems that are solved only at the individual level but because of that are not going to be solved at all.
Copyright law can still apply. Just because I have your sources doesn't mean I can go and use them in my own software, or re-implement your patented algorithm.
"But how can I be sure that my customer isn't stealing my work?"
Well, ask someone to look at the source code they provide to their customers. Remember, we're in an imaginary world where source-included is the normal way to sell software, and anyone peddling binary blobs is seen as shady.
1. Obfuscated code. This is a classic, employed back in the day when raw machine code wasn’t quite as much of a barrier like it is nowadays. Less common now since its importance has lessened, but still ever-present, and could be re-employed instantly.
2. The very design of the software. For instance, the software might require a phone number for every user, and this is baked in at the very fundamental design level, making it impractical to change. Other design choices might encourage you to share your contact lists, for say, backups, and your data is now leaked.
3. The software is merely a collection stubs calling a cloud service. Very common now with so-called "apps" for phones. This design has come to its pinnacle with “web page apps”, where only the front-facing UI portion sits on the user‘s control, and the rest runs remotely.
This is why “shared source” and the like is not enough. The end user must have the practical ability to, reasonably easily change the software, either by themselves or by hiring anyone they like and/or trust to do it for them.
But, to your point -- yes, companies can do altruistic things. That doesn't mean they always do altruistic things, nor does it mean that they tend to do altruistic things. This should not be surprising -- companies are designed to maximise profit and altruism is rarely as profitable as other avenues. Companies which contribute to or sell free software are in the overwhelming minority today, let alone 30 years ago.
I didn't mention socialism, nor redistribution of assets. More importantly though, if you feel the need to protect the concept of capitalism whenever there is even the hint of criticism, then you should take a page out of Hamlet -- "the lady doth protest too much, methinks".
Also, free software isn't socialist. If you feel the need to tie to it a political ideology, it's much closer to anarchism.
It technically isn't, much like having an excavator isn't essential to digging up ground for a new mall, when you can technically do this with a shovel too.
I get your point, but right now, I'm sitting in front of a 22-years-old game I spent a great deal of time even trying to get to run. I want to restore it. There's no source leak of it that I know of, it has no clear relation to prior titles and there wasn't any reversing effort I could find either. Half of the formats used by it are obscure, and from causal inspection seem to be dumps of in-memory structures.
Having source code, my main problem would be to build it - but it's essentially a straightforward task of finding and patching or mocking various 1990s-era peculiarities, until the whole thing builds correctly with an reasonably current compiler. The source code would assist me with reversing the data formats too. However, I don't have the source code, just a barely-32bit application with a 16bit installer. The game plays really weird tricks with your screen, so attaching a debugger will be a PITA (unless I figure out how I can run a debugger on a different machine and remotely debug the game on the one computer that it manages to run in half-broken fullscreen mode). Best I can do now is poke it and see what changes.
> It could even be argued that the rise of open-source lead to a decrease in interest and skills of RE.
I think so too - simply because being able to ask decreases interest in and skills of figuring stuff out yourself. Has its good and bad sides.
Two suggestions for you: 1, VMs are your friend. 2, decompilation technology has gotten very good. I'd "statically analyse" the binary in a disassembler/decompiler for a while first and figure out what it's doing before actually trying to run it.
I don't think source is necessarily always making things easier either --- I've had a few times where, even with open-source software, it's easier to find the right bytes in the binary to patch than to figure out where in the (huge) source that would be, and then how to build the rest of it (along with all its hairy web of dependencies) completely unmodified from the original binary.
Especially if it's a fundamentally trivial change (like a string constant somewhere, whose desired value is the same or smaller in size), and I don't expect to make any more complex changes, I'll definitely choose opening the hex editor for a few minutes (at most) over spending perhaps hours downloading a few hundred MB of source and dependencies and figuring out how the original was built and how to reproduce that.
You're right that it's not essential -- and he does mention this in most of his talks. But reverse engineering is very time-consuming and difficult, especially if you need to do it for every program you use.
So his view that software freedom requires the source code to be available to users is much more of a practical requirement than a philosophical one. This is why the GPL requires the preferred form of modifying the program be provided -- to ensure it's just as easy for users to modify the program as it is for the developers.
Most EULA's prohibit Reverse Engineering and companies like Oracle have entire legal teams dedicated to prohibiting reverse engineering going as far as prohibiting people from reporting security vulnerabilities discovered using "reverse engineering techniques"
Further the wide interpretation the courts have allowed under CFAA can easily be applied to reverse engineering as well, i.e "Exceeding authorized use" making reverse engineering of software a felony under US Law
The alternative to working on favorably licensed OSS that you posit, is roundly illegal, unless you had no designs on modification and/or redistribution of a derivative work.
And of course this ends up being true almost every time.
And slowly, I noticed that he was still a pompous ass, but he was right. And longer I observe, I notice that he wasn't wrong, but ahead of the curve. And instead of being an ass, he was calling these issues out before they reared their ugly heads... but lo and behold they did eventually.
That's why I'm a proud member of the FSF.
You can not compromise on freedom, for once you allow a single exception that allows authoritarians to take your freedom in "limited" situations, they will quickly invent more and more situations to take more and more of your freedom until none remains
If you value liberty, uncompromising protection of that liberty is the only way to secure it
The question you should be asking yourself is “why do I have to take freedom away from others to earn a living?”
I do make a living, it's just a very poor and insecure living. I sleep a lot easier, though, and it's very unmistakably a 'First World' living even if it's sort of constrained. How small a living can you stand? How rich do you have to be to have 'enough', and do your 'quality of life' calculations include personal guilt over screwing people over, or not doing that? Software freedom matters to my day-to-day life, but so does the fact that my income's low enough that I qualify for Section 8 housing. Without that, I'd lose some things making it possible to be writing the free software.
Can you afford to be on the side of good, or do you have to play for team evil in order to keep the doors open? If it's the latter, can you plan for a heel/face turn and execute a dramatic betrayal of Team Evil? I did (sort of). I was selling the audio software for years and merely keeping all my code proprietary (and getting sucked into the hype mechanic, more and more) and when I made my exit and went full Patreon I executed a clear, very public transition from commercial to open source, even reserving that as a threshold for the Patreon to hit. Took a major loss in revenue right away, but made that threshold pretty soon, and now I don't have to go back. But I wouldn't have been able to do it without years of exposure as a commercial developer.
Just like doing an IPO or executing an acquisition strategy, you can execute a heel/face turn into Free Software if you handle it properly. You need to care about the values of it, that's part of the return for you, but I'm still seeing annual returns in excess of, say, index funds. I'm growing at about 34% a year (started out more, but that's over the last year and ignores launch) and I feel I can continue to expand at that rate through taking on more interesting (and costly) projects. Note that this is not passive, this is working capital and is continually funding new stuff I'm able to take on. Hey, if it works for Amazon… ;)
Frankly you're an inspiration, thanks for this post. Know that I hope your growth rate continues or even increases.
I’m afraid we are all part of the problem, but we can also be part of a solution, particularly if we work collectively.
And if you think Stallman was the tinfoil-hat prophet, you gotta hear about this guy Karl Marx. He predicted the economic turmoil of automation back when the US had a war over "States' Rights" to choose whether Slavery was Legal.
I predict that the US will slide further and Further into being a 3rd world nation, until suddenly, another collapse happens. US citizens wont break right away... No, they'll suffer it for a while. They'll even go hungry for a while - and I'm not talking about Detroit or Chi-raq. Im talking Seattle, Houston, NYC looking like the Rust belt, complete with bridge collapses and deaths-via-crumbling infrastructure.
China's upcoming divorce from the US markets will insulate them from the crash, but their involvement in our real estate market will only worsen the crisis for Americans. Russia, China, and the Eurozone will finally band together with their currency-basket idea upstaging the dollar. And Americans will still think we're special.
Then, when the Hoovervilles have swollen enough to be dangerous, someone will have the bright idea to mobilize and radicalize us. Still, we'll do nothing, even in the absence of Netflix and Cable TV. But that wont stop the government from trying to herd us into camps, just like the immigrants... And in those, with the forced absence of soap, sleep, food..., something will snap, and the guillotine will be reborn in fire and fury.
The Climate Change problem? Will get so bad it starts on Xenocide before anyone does anything effective - the sole exception being economic collapse. And we're going to have to shoot a few CEOs for the rest of them to take any of it seriously.
Everything from human trafficking to drug use is going to boom.
You know slavery - just barely behind propaganda, it was the second biggest influence on modern management practices. Psychology just taught us how to sugar coat it better.
Speaking of Propaganda, 1984 aint got shit on 2019. And 2030 is gonna make today look adorable.
Really? the feeling of being secure may come first. Think of how much modems/routers/phones or any other embedded device comes with obsolete software pieces with lots of security bugs. The non-free methodology of software development, I feel, is actually killing security, and making everybody more vulnerable.
Most firms don't like giving the source code of the devices away. I understand that they have their own reasons for that (whether it is right is another thing). But at least, there should be an official way to unlock those devices and run custom software pieces (which of course, voids warranty).
These days more people are moving to "Open Source," but not "Free Software." See how Linux & busybox essentially making any hardware non-free. Hope people understand the difference and help make the world better.
I ignore him.
You may think it's too idealistic or uncompromising, but his predictions have been proven repeatedly.
You should learn from him, not outright ignore him.
That system requires the power of a small European country to do 7 transactions a second generating a max of 1 mb of data volume every 10 minutes. That's like 1970s transaction speeds. Who the heck is ever going to use that?
I almost think the reaction to this is too pessimistic! "Oh YouTube is banning content the Internet is DOOMED". As long as we can freely connect to any service then there will always be an alternative.
I came to that conclusion trying to “fight” a (non-existant) virus that could infect any non-volatile memory onboard.
Since I didn’t actually control (really I mostly didn’t understand) my hardware it’s always seemed natural to me that, for example, the firmware of a hard drive of a networked computer could be compromised.
Since I didn’t control anything, I was at the mercy of those who did. Therefore I was always very hygienic on the internet, for example.
Stallman’s an arrogant self-righteous bastard. But he’s our bastard, damit! And I love him for it.
I wonder if we'll end up seeing state actors (or supranational entities like the EU) promoting state funded networks as a public alternative, as is sometimes the case in industries that tend to be monopolistic due to the cost of starting - transportation, telecommunications, etc.
You make a good point but I'd like to think of it this way: If the said service is made mandatory, then it has a chance of succeeding. Else, building that critical mass entails a lot of customer acquisition costs that a Govt may just not be in a state to justify. And therein lies the beauty and danger of network effects. Once a company has them, it is very very difficult to dislodge it. Look at Visa and Mastercard: V has been around since 1958 and MC from 1966. Both are valuable as they have network effects.
We need to stop feeding the beast.
I'm still convinced that Opera Unite, which fused distributed social + web client + web server, should have been the way forward to make the web truly owned by the people: if social sites were simply caches of content available p2p or through any social site of my choosing (that the content owner allowed) ...
"Well you can use it for defence ..."
White-hat hackers are a thing too.
What if I want to reverse engineer my toaster, and make a video about it?
Dan is going to get caught because the machine takes a picture of him when he logs in with a password instead of the fingerprint reader, cause you know can't have a PC without a camera pointed at the user..