Inspirated

(Or: Things still make sense.)

Last week — just as Wayne Rosso stopped comparing RIAA to Stalin — M$ did its own volte-face and not only stopped calling GPL a “cancer” but decided to release some 20,000 lines of code carrying the plague itself. Pigs started flying. Some of the open-source evangelists started fantasizing about Microsoft as an ally suddenoutbreakofcommonsense and the cautious ones — who suspected some ulterior motive behind the move — were declared by them to be paranoid and rabid haters.

The storm didn’t last long though, as it was later reported that the change of heart was prompted by a GPL violation in Hyper-V. Some see this as a win for GPL. Some see this as a perfect backdrop for FUD against open-source (“it’s so goddamned viral it even infected us when we wanted interoperablity”) while some see this as a failure at M$’ part for not honestly explaining the reasons behind the code release. Whichever category you belong to, it’s nice to know that swine still have their feet firmly on ground.

After trying out TrueCrypt for a day, I decided to migrate all of my encrypted data from BestCrypt to its containers. A number of reasons compelled me to transfer 30 GB of data spread across various containers, some of which included:

• TrueCrypt doesn’t load a plethora of kernel modules whenever I load the main one in memory. I despise seeing about 10 modules, one for each supported algorithm, whenever I tried to load the basic one (bc).
• Similarly, TrueCrypt doesn’t bloat my bin directory with redundant bc* files.
• It also saves me the trouble of even (un)loading the modules as the application automatically takes care of it.
• TrueCrypt has nice wizards for its command-line application. Which spares me the trouble of remembering all those switches involved with the bctool command.
• It also provides some useful features which aren’t present in BestCrypt e.g. key-files and volume header backups.
• Unlike BestCrypt, TrueCrypt can be run without root privileges on Linux.
• One reason to rule them all: it’s free and released under GPL.

For those of your who’re wondering what exactly is TrueCrypt: it’s a disk encryption software which can create virtual password-protected ‘encrypted’ drives on your PC; it’s easy-to-learn and has excellent documentation for beginners. Just head over to the official website and download a version suited to your operating system (and have my sympathies if you’re using a Mac).

Nowadays, the general perception of media about open source is that of an efficient development model which is rapidly gaining user base. I also believed that open source has a bright future, but after I read Linux.com’s report on the rumor about Free Software Foundation trying to lock down Novell from selling its Linux based distribution, darker prospects started looming in my mind.

RMS and FSF care more about ideology than technicalities, and that’s what sets free software apart from open-source software. Now consider a situation where RMS tries to include clauses in GPLv3 which do prevent Novell from selling Linux. Things will continue to be fine for quite a while, as the kernel developers aren’t big fans of GPLv3 themselves. However, they will really escalate if FSF decides to release GNU’s toolchain and coreutils under GPLv3. Novell will be forced to fork the v2 versions, and we’ll be left with an open war declaration of open source enthusiasts against free software evangelists.

Of course, I may be just being paranoid about free software, but I just don’t see why people don’t like the new anti-DRM clauses that are being proposed for GPLv3. Here’s what v3 says about DRM:

The Corresponding Source also includes any encryption or authorization keys necessary to install and/or execute modified versions from source code in the recommended or principal context of use, such that they can implement all the same functionality in the same range of circumstances. (For instance, if the work is a DVD player and can play certain DVDs, it must be possible for modified versions to play those DVDs. If the work communicates with an online service, it must be possible for modified versions to communicate with the same online service in the same way such that the service cannot distinguish.) A key need not be included in cases where use of the work normally implies the user already has the key and can read and copy it, as in privacy applications where users generate their own keys. However, the fact that a key is generated based on the object code of the work or is present in hardware that limits its use does not alter the requirement to include it in the Corresponding Source.

The motivation of stopping your code from being used to restrict other people’s freedom was supposed to be the primary incentive for authors using GPL for their code and the clause mentioned above only tries to further restrict the restriction of consumers’ freedom. The anti-anti-DRM clause people point out that if you had a hardware like TiVo which runs only particular versions of Linux (using cryptographically signed keys), this clause will mean a clear violation for the hardware manufacturer. The problem here, again is that these people don’t share the ideology of free software, and consequentially don’t see any freedom-restriction issues with TiVo-like products. If I buy some hardware, the choice of code that would be running on it should be entirely mine — That’s freedom.

It’s a pity to finally see the dreaded clash of ideologies between the leading figures of free and open source software movements. If the conflict isn’t resolved in a healthy manner, both movements will be once again left behind the proprietary software within a few years as their respective successes owe themselves largely to their collaborative natures.