Snowden: What Happened In 2013 Couldn't Have Happened Without Free Software

An anonymous reader writes from a NetworkWorld article: NSA whistleblower Edward Snowden spoke at Free Software Foundation's LibrePlanet 2016 on free software, privacy, and security. He credited free software for his ability to help disclose the U.S. government's far-reaching surveillance projects. "What happened in 2013 couldn't have happened without free software," he said, particularly citing projects like Tor, Tails (a highly secure Linux distribution) and Debian. "I didn't use Microsoft machines when I was in my operational phase, because I couldn't trust them," Snowden stated. "Not because I knew that there was a particular back door or anything like that, but because I couldn't be sure."

See Snowden's talk and understand nonfreedom

[jbn-o]

You can see Edward Snowden's talk for yourself.

There are no configuration changes you can make, programs you can install, or other changes you can make to make proprietary (user-subjugating, nonfree) software trustworthy. It won't matter what the "privacy" settings say you can do; the proprietor has the upper hand and can easily write software to rat you out. Software freedom is a prerequisite for computer privacy and security and all of the other things that go into treating computer users ethically. All computer users deserve software freedom.

Re: "Couldn't be sure"

[allo]

Think the other way round: try to sneak in a backdoor in opensource.

1) You're never sure, who reads the source and finds it. And when this will happen
2) It can probably be attributed to you in some way
3) The big security does not come from the source alone, but from the open development process. Go, read the Linux source and look for security holes. Much work? Indeed! But now go and look at the commits from today. Read the summary, read the code, check if it seems to match, watch out for possible security hole. This can be done and this is done by many people.

On the closed source side: You get from time to time one big update, no code at all. If you want to make yourself some work, you can try to disassamble the binary. People do so and people find security bugs and backdoors, but it's a lot more efford.

And the third thing: If you already suspect something, you can go and read the corresponding code of the misbehaving part, while you are still without source when using closed source.

So yeah, nobody has a guarantee for no backdoors, but it's harder to sneak one in.

Re: "Couldn't be sure"

[gweihir]

Which is a good example how and why OSS works: It was found, documented, traced back (no sign of foul play) and fixed. What do you think would have happened in a commercial, closed library?

Make A Bet

[JimSadler]

I would be shocked if the government did not have all kinds of stuff planted in Microsoft products. And that can lead to very dangerous actions. Suppose, as an example that the government becomes informed of a very dangerous criminal due to bugs planted in an OS or browser. But it is obvious that making an arrest would reveal the existence of that bug. People could be made to vanish and never be heard from again. The problem is it could be someone else that used your computer. With no open trials taht could be a very real problem.

Re: "Couldn't be sure"

Only if the company made it a priority and budgeted for it. Then it would be rolled into the next release, which may not come for months, or even years. Oh, and the next release will only be installed by users that can afford the upgrade fee.

Have you really got so little experience in this industry that you actually think that's how it works? This is the sort of idiotic FUD that makes open source evangelists just look like complete imbeciles that have absolutely no idea what they're on about and only serves to undermine the open source movement as a whole. You really don't get updates with proprietary software? You really think that everybody that does get updates has to pay for them? You really think these updates come only after months or years of fixing an issue?

Take your blatant stupidity elsewhere, the open source movement doesn't need your braindead bullshit. It can survive and thrive on its merit!