Talk about General Purpose Computing
First of all thank you very much for your invitation. My name is Matthias Kirschner, I work for the Free Software Foundation Europe, and here in my hand I have more computing power than the whole world together when humans landed on the moon. So this is an extremely powerful machine.
We can do things with that machine, which people at that time, would not have imagined.
Today computers are not just in space shuttles. You do not need a large room for a computer anymore. Today we have them at each office desk. We have them at home as TVs and wifi routers. We have lots of them in cars or planes. We carry them around in our pockets. Some of use even have them inside our bodies, like hearing aids, or as defibrillaters directly attached to our heart.
It is a single machine we can use for all different kind of tasks.
Millions of Possibilities
And even if today, we would sit together and brainstorm about the craziest ideas what we could do with this devices in future; all of that will just be a fraction of what will be possible in future.
Because it is a universal machine, which is not limited by the imagination of a few; but just by the imagination of all people around the world who have such a device.
But who will decide?
- Will we be able to use our own machines as we wish?
- Will someone else limit what we are able to do with our computers?
- And WHO will decide what the computers around us can do?
Nuclear Chain of Command 1
For example: Who will control computers which can be dangerous to us?
Will it be like this?
Nuclear Chain of Command 2
Or more like that? And would the president be able to ask another engineer to check what the red button does?
Unfortunately IT manufacturers have discovered that they may have an economic interest to arbitrarily limit what these machines can achieve. Slice by slice they destroy this powerful machine, and they limit what we can achieve with them. Often those slices are so thin we might not even realise at the moment that we lost something.
I want to give you some examples how general purpose computers are threatened. I want to share ideas what we can do to defend the computer as a general purpose machine. And I am very much looking forward to discuss this topic with you during the last part of my talk and later during the day.
The first cut is obvious for you. In old days, you were able to do everything you want with the software. But people found out that they can make more money if they restrict software.
- They restrict who is allowed to use the software.
- They restrict what you can do with the software.
- They decide who is allowed to understand its workings; and make it very hard for most people to understand it.
- They decide with whom we can share it, so they decide whom we can help to solve a problem.
- And they control who can change how it works. They force us to alter our behaviour or write programs from scratch instead of changing things in the existing software.
That slows us down. Imagine how fast we would be able to solve problems if all software would be Free Software.
They restrict us legally with their licenses, and also technically by not providing the source code. All of this restrictions make our computers less powerful than they could be.
Other restrictions are often summarised under the term “digital restriction management”. Companies invest resources to make devices worse than they have been before. They introduce functions the users do not want. Often they restrict our computers to preserve their business model.
A widely known one, is the SIM card lock in mobile phones. Most people heard about that. Companies invested lots of effort to make sure that SIM cards by other providers will not work with your device.
So those computers, most people call phones, were made worse on purpose. If you have the choice to get a phone for the same price, you would always choose the phone without the SIM card lock functionality. People really do not like this feature, especially when they are on vacation. It is making this device less useful, when you are in another country.
(TODO: But convinience isn't the big problem here. The problem is that by restricting one functionality, they restrict other things on those computers as well.)
Most of you are probably in the lucky situation that you do not know such signs. Because you use software which ignores it. But many people, when they want to play a DVD they see such notices, and they cannot fast forward them like you could with your computer. In those unskippable tracks the movie industry tells you what you are NOT allowed to do, e.g. copy the DVD. Every time people want to watch a DVD, they had to watch this.
What would have happened if nobody would have seen those notices? People might not know that they are not allowed to copy the DVD, and what the punishment would be. Some people *might* loose money because of that.
But how should something like that look like for other devices? How should it be for my car? When I drive my car, and I don't know the rules, I can do much more harm. I could kill people. How long does the notifications list has to be, before I am allowed to start my car?
First of all: drive on the right side of the street, in cities your are not allowed to drive as fast as on the highway, a red light does not mean drive as fast as you can, but “stop”, an all the sentences you could get, ... How long would we have to sit there every time before we would be able to drive to the supermarket.
But DVDs do not just force you to read legal information every time, they also introduced a restriction called the "region code". Companies divided the world in five parts, they added a code to the DVD, and depending on that code you can just watch it in the corresponding part of the world. So you buy a DVD during your vacation, and when you are back home you cannot watch it with your computer. Although without the modification your computer would be able to play it.
One thing the universal machine, the computer, can do very good is to copy. It is one command, and instead of one file, I have 10, 100, or 1000 of them. And with the internet I can with very little effort copy files from one computer to any another computer around the world. I do not have to press a CD, or sent them to shops. I can distribute music to many people around the world for almost no costs.
So you would think that the music industry was very happy when computers and cheap internet connections where widely available; tools which make it easy to distribute music.
But their thought was: how can we achieve it, that our customer's computers cannot copy music files anymore. How can we make sure the computer cannot do the thing it is very good at? First they introduces technical measures for CDs to prevent copying. So people were not able anymore to copy a music CD for their car, or to make a backup.
It was badly implemented at that time: the CDs often did not work, e.g. older players or car CD players. So the bought product was worse than if you illegaly downloaded music, and burned you own CD. That did not help to make those CDs popular.
The advantage for consumers was, that the music industry had to print a label on the disk to inform people that it is one of those CDs. That's why people who made bad experience with those CDs before, could decide not to buy such CDs in future.
But it did not stop there. Imagine you buy a CD, go home and put the CD in your CD drive, then without any notice a program is installed, and controls your computer: It checks if there are any running programs who could copy the CD, and if so, it kills those processes. Beside that it makes your computer slower, and it opens security holes---which could be used by others to attack your computer.
That is what you got from Sony for giving them around 20€.
They did that on more than 50 million music CDs. It did not only concern individuals, but in the end 200.000 governmental and military computers where effected by that rootkit. They attacked our computers to remove some of the functionality.
Who of you lent a book to a friend? Who of you sent a file by e-mail to friend? Was that difficult? I lent a lot of books, and I sent a lot of files to others. Then at one point, I read that Amazon now offers the possibility to lent ebooks. So I thought: wait this books are digital files, and it is easy to sent them around. Why was that not possible from the beginning?
Because Amazon and others first invested time to remove the feature on their readers to copy books from one location to another. Vendors of ebook readers designed those computers, to make sure you cannot copy certain files with them.
Imagine: you buy a book in a store, go home read a few pages, and put it in your bookshelf. During the night, the book seller sneaks into your room, and steals the book from you? Does that sound unrealistic?
Amazon did that with e-books, and as some of you might remember, the book 1984 by Georg Orwell was amongst them. It was removed from all computers of their customers. Without their consent.
That was possible because their customers were not in control of this computer. They could not decide what happens with their data on those machines. Not the owner of this computer, but the vendor controls this computer.
So with ebook readers the attack on general purpose computers was already deeper. Companies controlled large parts of your computer; not just the applications, but the whole software stack. They make it hard to install other software on this computer.
This is also the case with lots of gaming consoles, mobile phones, tablets, and it is coming to Laptops and Desktop computers as well.
Who of you has heard about UEFI Secure Boot? And who about the Trusted Platform Module (TPM)?
While in the old days it was difficult to install GNU/Linux, it got better and better.
I spent one day with the help of a friend until I had a command line, but no working X. After two weeks, telling it is ok, because the command line is cooler, I managed to set up X. A few weeks later you might have had a working sound system. The Free Software community heavily improved that, so that you could install a new distribution within 30 minutes, and you have a fully functional operating system.
But if we are not careful, it might again be very hard---or almost impossible---to install a Free Software operating system on our laptops or our desktops.
Chain of Trust
Back to the idea of Secure Boot and TPMs. The idea is to secure your computer against attacks with a chain of trust. In a nutshell: The hardware only starts a trusted operating system; so an operating system is signed with a key and this signature is checked before executing it. The operating system can then only allow trusted applications to start, and the applications can protect your data.
For example I could say I trust this key by my GNU/Linux distributor. So my computer will only start operating systems signed with this key, and I am better protected against people who want to manipulate my computer. With the operating system you can decide which programs can be installed. My operating system will protect me against rootkits, like the one from Sony. I could allow the application by Amazon to download ebooks, but I might forbid this application to delete them without my approval.
That is especially relevant when the user of a computer is different than the owner. If you would have to program the software for an ATM, what do you think the bank wants? That a user of this computer is able to change the software; that she can change the data on their computer?
Probably not. The bank wants to make sure that only trusted people are allowed to make modifications to software and the data on the computer.
With such a chain of trust, you can make it hard for unauthorised people to change the computers behaviour without you noticing it.
System against Owner
But the same system which could protect the owner against attackers, can also be used against her. Change one small thing, and you have a system which will work against the owner. If you as the owner of this device, are not the one who decides which keys you trust, and which of those key you do NOT trust; the chain of trust becomes a chain of control.
Chain of Control
Someone else will decide which operating systems you will be allowed to run on the hardware, someone else will decide which applications you can run on your operating system, and someone else will decide what will happen with your data.
So if the root is broken, it is not a function for your safety but a function to censor our behaviour.
Currently there are developments with UEFI Secure Boot, TPM 2.0 and Microsoft's Logo Hardware requirements to take away control from the owners towards the manufacturers of IT devices.
So people around the world might not be empowered, but restricted by their own computers.
How do we deal with it?
Companies decide more and more, what we are allowed to do with our computers. They turn general purpose computers into special purpose devices, so we can only do whatever is in their interest. So what will we do about it?
We have to resist those developments.
The most important part is: Do not accept that this is normal! It is not good for our society, so we should not accept it. Even if you don't do anything else about it, it is still important that you do not accept it in your mind. You should not accept it, that someone else technically restricts what YOU are allowed to do with YOUR computer. You should not accept this as a normal condition. Nobody should. "That is wrong!! That's not how our society should be."
But I think most of you want to do more than that. And you already do. All of you already use and contribute to Free Software; else you would not be here. You help others to use and share Free Software, and in your community you enable others to learn how software works and how to adapt it to their needs.
That's a crucial part to save the computer as a universal machine. You are a crucial part of a movement which enables others to control their own computers.
Right to tinker, labels, and good specifications
There are other very important things at the moment you can help with connected with Secure Boot, TPM, etc. You can:
1. Help to get rid of laws which forbid us to change software on OUR computers, or modify the hardware of our computers. We need a positive right to tinker.
2. Help, that devices which take away control from us have to be labelled, informing about the restrictions they contain.
3. Help to evaluate specifications. E.g. specifications like TPM and UEFI, should guarantee the control by the owner of the device, and not enable vendors to limit what we can do with our computers.
If anyone of you is interested to help with that, please let me know!
Small people alter the world
But we also need more people to join us in this fight. We should not just look for people who can contribute on the same level as we do. We need to find actions, with a low barrier to participate so our friends, parents, children can also take part.
I will mention a few random actions, and I hope it helps you to become creative and develop your own:
- (Send an auto reply whenever you receive a .doxc file, explaining you would like to get as an ODT or another open format. This works especially good if the other person wants something from you. (TODO: DFD picture?)
- Create demand. Sometimes we are too smart. We already know which computers run Free Software, and which do not. That's why some shops never hear what we would like to have. They don't hear the wishes from people who value software freedom. So sometimes we should also ask questions in shops for which we already know the answer. For example, whenever I am in an electronic shop and I can spare 3 minutes, I ask them if they have computers with GNU/Linux on them. When they say no---depending on my time I either explain them why I would like to have it---or just walk away sad-faced. You can ask similar questions about restrictions when you buy all kind of devices, from TVs, to cars, to hearing aids. It does not take much time, and it is easy to do.
- Pay for Free Software. When companies offer computers, pre-installed with Free Software, we should support them. If software freedom is important to us, we will have to give more money to people who value our freedom, and as little as possible to companies which do not respect us. Therefore we should also make it easier for users to pay for Free Software. Especially people who have enough money but two little time can help this way. (Or animate your friends to support Free Software, when you help them with your computer. Around two years ago I got a phone call by someone who wanted to know our bank details. A friend helped him to install GNU/Linux and asked him to donate to FSFE.)
- Ok, don't take that one too serious. Someone told me that his company changed their policy, and he had to write non-free software. All his complains did not help, and as you can imagine he was very frustrated. He did not want to help writing non-free software. So until he found a new job his protest was: every day in the office he spent 10 minutes more in the bathroom to silently protest against his companies policy. He explained me how much money the company is thereby loosing per year. But I was glad when he told me recently that he now works for a company where he can again work on Free Software.
- Talk with your politicians about Free Software and about who controls our computers. Believe me, other citizen talk with them about all kind of strange things. So don't by shy to talk with them about an important issue like software freedom. You don't have to be an expert. And you do not have to be the person who convinces a politician to start a huge migration project. But you can be the person who makes sure the politician already heard about the topic and associates it with something positive. There might be the time where he should vote yes to a proposal which is good for Free Software. So don't be shy, and tell your friends to also speak to a politician from time to time.
- Distribute information about how to control technology. Ask your library or a cafe if you can put some leaflets there. They are often happy about this information. You can also put it in your neighbours post boxes. They receive all kind of advertisement. So why not explain how to control our technology?
- Show others that you support the movement. Wear a Free Software t-shirt, pin, bag, put stickers on computers, plaster your office with Free Software posters--especially if they are also doing non-free software. We shouldn't underestimate this.
- I met other interesting people, because of their laptop stickers. When I walked through my neighbourhood and I saw someone---whom I did not know---with a "hacking for freedom" t-shirt; that motivated me a lot.
- Say thank you to others in the movement. In the Free Software community we often criticise each other. We write bug reports, feature requests, heated discussions. But often we forget to say thank you. Let's make sure we motivate each other more often. Or at least once a year. To remind you about that FSFE introduced the "I love Free Software" day on 14 February. So thank others, and tell others that this is a good way to support
- There are many more... and I am interested in what worked for you, or what ideas you have.
My point is; we constantly have to think about easy ways, so more people around us can join our movement. Every PERSON and every small action counts.
End: Free Software, Free Society
There are many people around the world who do not yet benefit from fundamental freedoms: like the freedom of the press, freedom of assembly, freedom of speech, privacy, or other freedoms some of us take as granted. They still have to fight for them every day. But once you have them, it does not stop there. As a society, we constantly have to defend those freedoms. Sometimes we have to add new freedoms in order to better protect the others. So as we live in a world in which computers play such an important role, we have to fight for---and constantly defend---software freedom, the right to control our universal computers.
Thank you! Thank you for listening, and thank you all for contributing to software freedom!