Slashdot Mirror
Why American Corporate Software Can No Longer Be Trusted
jrepin writes "There is a problem with proprietary, closed software, which makes Rick Falkvinge, the founder of the first Pirate Party, a bit uneasy: 'We get a serious democratic deficit when the citizens are not able to inspect if the computers running the country's administrations are actually doing what they claim to be doing, doing all that and something else invisibly on top, doing the wrong thing in the wrong way at the wrong time, or doing nothing at all. ... In the debate around the American Stop Online Piracy Act, American legislators have demonstrated a clear capability and willingness to interfere with the technical operations of American products, when doing so furthers American political interests regardless of the policy situation in the customer’s country."
Well if you deal out Microsoft, Apple And Google, you are left with not much but Linux as an alternative! I for one would love to see this happen as resources and money would have to be poured in to make Linux distributions and applications that were world class!
How about instead of constantly changing usernames to escape your negative karma, you try learning how to form a coherent sentence?
And it was ever trustful, in the first place?
Lisias@Earth.SolarSystem.OrionArm.MilkyWay.Local.Virgo.Universe.org
Recent SOPA decisions highlight the lack of technical knowlege in the legislative body of congress, yes. Also, they show how powerful lobbying efforts can negatively impact the legislative process.
However, no evidence is offered in TFA that supports the major assumption that "American Corporate Software can no longer be trusted for anything".
For every benefit you receive a tax is levied. - Ralph Waldo Emerson
We can trust that it isn't sending stuff back home without telling us - we can discover that because software not by that vendor is on the router.
What else matters, really? If it's phoning home, we can detect it.
If you're worried about data logging locally, you can always use truecrypt or similar to protect that from falling in anyone else's hands.
This has very little to do with America. It has lot to do with the Homeland which is a new thing.
I assume that you are talking about conventional software you buy and install on your desktop/laptop/tablet/phone. But what about cloud-based services (Salesforce, Google, iTunes, etc.)? They are exposing an interface and set of functions but the rest of it is not transparent. This class of software is probably where we should focus anti-SOPA efforts...
Supreme Granter of Doctor of Obviology Letters ("A FIRM Command of the Obvious")
Not even commenting on the article's content, is it really better to trust a pirate?
Really? Do you have a reference for that? AFAIK the US Government does NOT ban the use of Chinese electronics in government or defense applications.
One of the major arguments for SOPA have been the trillions of dollars of theoretical losses of sales by the Media companies. As has been pointed out repeatedly ad nauseum, these losses are only theoretical.
But has someone on the senate actually done some estimation of possible loss of revenue, if the internet actually becomes splintered and USA loses its control? Or of even more foreign governments just turning to open source solutions, instead of to, say Microsoft? China, for example, is a big competitor already for the control of internet. They control a sizable part of it already. Let us say that they actually get it in their head to actually set up an alternate mechanism and act as the controlling authority? Even USA doesn't really dares to stand up to them... so all in all, we are talking of China ultimately controlling the distribution of said media/softwares, and who knows what terms they will set for the USA based companies?
I will admit that chances of above happening are remote at the moment. But what are these media folks, and their employees in the senate, smoking? Why even take the chance?
If you use Android, you should check out the Guardian Project.
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
The difference is the ideas. The idea of America is being lost. What is leftover when that is gone is just another place. May as well be called just Homeland. The ideas that are traditionally associated with America are not espoused by those that use the term Homeland.
which is hilarious because our manufacturing base is gone.
Which is why we still have more manufacturing capability than any other country in the world, including China? Granted those stats are a bit old, it's still true. The number of jobs is down (by a lot), because US manufacturing has grown more efficient, which creates the impression that we lack manufacturing capability. Well, that and all the "Made in China" crap you find at Walmart. The reality is the US makes ~18% of the worlds manufactured stuff. And that is considered a "small fraction" of the US's economy. In an international context, the US is massive. Still by far the biggest player.
Also, the US probably should ban Chinese electronics in defense applications, but they don't.
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
Security-critical environments are one of the few places where open source should be a must.
No it was not, but that's not the point. Congress can order technology to restrict freedoms outside America. That was only theoretically the case before SOPA and similar bills. Now, there is no reason to assume that the American government is not interfering with any technology you can't inspect yourself.
Or to remove the double negatives: Now there is reason to assume the American government is interfering with any technology you can't inspect yourself.
You need a new job. And your admins need to be fired.
Just saying. I'm keylogged here too, but the admins are watched as well.
deleting the extra space after periods so i can stay relevant, yeah.
We all know that SOPA is all about the money (I'll ignore the "everything is" argument, for now). Money the *IAAs feel they are losing, money the politicians have accepted in campaign contributions... Even the advertisements trying to drum up support for SOPA are about all the jobs (money) that will be lost if this doesn't become law...
Every argument I've heard has been about ideals and technology... We all know how politicians and corporations feel about ideals. Freedom of speech, Impossible to implement, Would break the very foundation of the web, etc... All meaningless to these people without a dollar sign attached to them.
This is the first argument I have heard that directly turns the tables. "Pass SOPA, and we will no longer trust any software produced by a US company." This would affect many more than just MS, Apple, and Google... How many PCs will Dell, (or HP, or Acer, or...) sell outside of the US if they are not allowed to sell them with (or without) Windows? If Dell et. al. are forced into producing computers with Windows installed for the US market, and %NotWindows% for the rest of the world, how long before they decide it isn't worth the effort, and just pick their favorite %NotWindows% for the entire line? How many jobs will be lost if no one in Europe is allowed to use Photoshop, MS Office, iTunes, AutoCAD,... The list goes on and on.
Do I think this is likely to happen? Not really.. But it makes for a good advertising campaign against SOPA.
In what way does SOPA order American-run corporations to sabotage their customers to further American policy? It sounds to me like he's arguing that the US government is forcing Microsoft and Google to harm their customers - perhaps through destroying foreign documents or secretly sending state-secrets to the United States government. Is this some part of SOPA that I'm not aware of?
Or this:
In what way does SOPA interfere with the technical operations of American products?
These quotes reflect pretty much the tone of the entire article, and I can't figure out what he's talking about. Earlier he talks about how everyone runs software from Microsoft or Apple. In what way does "taking websites off the internet" interfere with the "technical operations of American products [such as the construction of software by Microsoft and Apple]"?
Quite frankly, when I read the article, I'm completely confused by what he's alleging is going on. It's all very vague and conspiratorial. I can't figure out if Falkvinge wrote the article half asleep, whether he's going off the deep end and falling prey to strange conspiracy theories, or if there's some aspect of SOPA that nobody's talked about (which seems unlikely, given the amount of press I've seen about SOPA).
Those who will be affected most by SOPA are those who rely on American billing, search and advertising services.
It doesn't matter if you are running Linux, if you are hosting content that is flagged for violating copyright law, then you risks losing your advertising revenue.
The solution to the problem is to use services in other countries than the US. Whether you are running Linux or Windows is irrelevant.
I find this sort of thing rather amusing. You didn't trust closed source software...
So you download ten million or so lines of source code from some anonymous server, written by thousands of people you've never met and will never know. You then build it using even more software and libraries and tools running under yet another OS, and you then install it on hardware with its own BIOS and roms and controllers.
Hundreds of millions of lines of code you've never seen, and never will see...
And yet the end product of THAT result is somehow more trustworthy.
Right.
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
It's a Foster Motherland.
I have been pondering for a long while on whether America is a Fatherland or an Motherland...
You insensitive clod! America is and must be a Parent-Land, utterly free of sexist gender-laden stereotypes.
Oh, wait, that "Parent-Land" term might be construed as ageist or anti-youth. Uh, America is and must be an Infantile Parent-Land! Now that's more like it.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
"Why American Corporate Software Can No Longer Be Trusted"
This should read:
"Why Corporatations Cannot Be Trusted"
And I'm not sure TFA answers that very well.
Today's global economic situation is not much different than that of 1932. After years if not decades of reckless investment, currency and market manipulation, leveraged investment, and rapacious profit-making, US corporations and banks conspired in a way that ultimately led to a economic meltdown.
In 1929 they didn't need computers and software to do this. They needed a willing and complicit Legislature, courts, and government agencies. The results then are well known, as they are today.
We started back down this path in 1999 with the repeal of the Glass-Steagell Act. Couple that with the continuous pressure to expand home ownership, a Federal Reserve inappropriately tasked with controlling inflation and economic growth, and lack of oversight into multiple industries (Accounting firms audting a corporation while their banking divisions floated the IPO, for instance) and you had the makings of a perfect storm. It came.
Corporations, by design, cannot be 'trusted' to act in the 'public interest'. They need to be at least minimally regulated, if for no other reason than to prevent the most egregious abuses.
What this has to do with software is beyond me. It's more than that, a lot more.
deleting the extra space after periods so i can stay relevant, yeah.
We can't trust any American corporations? Not even FSF?
Ah, the title doesn't match the article.
The world is made by those who show up for the job.
What about single mothers, you insensitive clod???
If you really want to get paranoid, you won't be using computers at all. You can't trust the software, even open source unless you've personally reviewed it all including the compiler. Even then you can't trust it unless you've reviewed the OS, BIOS and verified the design of all hardware in your system (including input devices down to the chip level.) Even then, you'll need monitor every byte of traffic on your network link (since even open software has vulnerabilities you likely didn't find in your review.) Still safe? No, because there could be listening and/or other devices anywhere, even inside the concrete blocks that make up your house. (e.g. a filter outside the street that modifies your network traffic.) Heck, even if you are Microsoft you can't trust your OWN software because there are too many cooks in the kitchen, as it were. None of whom were fully vetted.
Basically, guaranteed trust is a myth. You have to trust some one and some things or you are basically useless to society and will die of starvation (trust your food and water?) This article is either the start of a scare tactic against US companies and/or a poor attempt at bringing some rational thought to congress. Even if the US isn't doing crazy things behind the scenes, I'm sure China and most other large countries are.
I don't know, but it works for me.
I have no such expectations of privacy at work. My duties are monitored and evaluated. If I make use of 'my' workstation for personal purposes, I am actually using the company's workstation.
I can't access web based or personal email at work - primarily to complicate transferring data to non-company storage. I can't access Facebook, Linkedin, and a host of other social systems. I can't access a multitude of sites that are either known to provide information about compromising systems, or are known to host malware of any sort. I cannot use several commenting and interaction systems such as Disqus.
Antivirus software is the least of the security measures on 'my' workstation. The corporate LAN, both wired and wireless, require certificates for me to connect. DLP processes on 'my' workstation track every read and write. Specific filters look for characteristic types of data, and prevent its transmission in emails and instant messages. Documents of al types, even text, are required to be categorized by the nature of their confidentiality, and are blocked from being stored on certain storage if they require more security than is afforded by that media.
Email can be encrypted by a method that requires the recipient to register at the corporate website to read and interact with it. Certain data cannot even be sent encrypted without specific certificates that are given only to employees for whom this is a required function.
Mind you, I have the privilege of using removable media. Not many employees do, or need to. I need to share data with non-corporate entities regularly. I assume my activities are scrutinized.
And yes, I post to Slashdot from work. Not now, but that's one reason why I share a little more info.
In the largest, most vulnerable corporations, the stakes are much higher than most people imagine. And the largest corporations are the most vulnerable.
And ultimately, everything here and in similar forums on the Internet is cataloged, analyzed, and processed. By several entities, here and abroad. It's not like Slashdot is a secret. Pretty much everything without an HTTPS in front of it is no secret, and some of the HTTPS stuff is also.
Privacy is what you do by yourself.
deleting the extra space after periods so i can stay relevant, yeah.
Makes you think of open source and how few abuses it has been applied to. Is it immune to abuse? Probably not but it seems that it's pretty hard to hide abuses in and generally does things that are good in the short term and great in the long term!
Is it underfunded? Of course, it challenges the power elite who are terrified of an efficient transparent economy more than any act of war or violence.
Is is tampered with? Surely. But on the whole it just keeps getting better and better!
Then explain the KDELook bug Pug, which was there for over a year unnoticed? or the Quake bug? your logic fails as you automatically assume that because someone CAN do something that means it DOES get done, which just the two above bugs proves is total horseshit. And reverse engineering for security research is quite legal friend, don't know where you got your info but all the major AV firms do that 5 days a week and nobody says squat. Hell it was Russinovich at MSFT Research that came up with the info on the Sony rootkits and published exactly how it worked by reverse engineering and i didn't see anybody knocking on his door.
But frankly all this flag waving and fangirl horseshit really doesn't surprise me anymore, mikey 400 accounts is right that /. = stagnated. Hell they might as well change the name to boycott Novell for all the FOSSie trollbait bullshit they post here now. Lets be honest a minute, okay? your OS has less users than JavaME, a shitty cell phone OS used by Fred's on $10 phones. No how many top shelf researchers and programmers are bothering to ON THEIR OWN TIME look through millions of lines of code for a hidden bug? Not to mention the "Whose watching the watchers" problem of hidden code in the compiler could make any inspection shit so you'll have to write your own compiler while you're at it. I stand by my statement as the above bugs and the hacks Linux has seen lately (which I'll be happy to link to BTW, I could wallpaper the page with them if you wish) shows that just because you have the code don't make it a damned bit safer or more secure than anything else.
ACs don't waste your time replying, your posts are never seen by me.