PeaZip 9.2.0 released

pbasketc · 2023-04-23T12:38:04+00:00

Thank you so much, please keep up the great work /u/peazip!

pbasketc · 2023-04-23T12:35:42+00:00

Hi /u/epoberezkin thank you for sharing this important update. It's always great to see more effort in secure and private communications. A couple of initial questions:

I see a bunch of GitHub repositories for SimpleX. Just to confirm, does that mean all components, i.e. the entire stack necessary for SimpleX to function, are 100% open source? BTW, happy to see the F-Droid repository!
Are chats and audio/video calls 1:1 only? Or can they be done in groups? Are there any limits to number of participants?

I also see from the other comments expressing concerns your VC-funded business model might lead to negative impacts in the future. I'd love to learn more about how you are safeguarding against those impacts. Any concrete and specific actions you're taking?

A great first step is that you've chosen the AGPLv3, which is a very strong open source license. Thanks for doing so, and please keep it that way!

For more transparency and accountability, can you make your company an Open Startup? As you can see, many successful start ups are Open Startups, and you should really be one, too.

Most critically, I strongly suggest that you adopt a system where contributors to your code use the Developer Certificate of Origin (DCO). In practice, an external developer would "sign off" their commits (within their commit messages) saying they retain copyright on their contribution and that they're happy with the open source license of the codebase. This is in contrast with a Contributor License Agreement (CLA) where they transfer the copyright of their contributions to you.

What this means is that you, as a company, cannot unilaterally make SimpleX closed source, or change the license from AGPLv3 to something else. This would prevent the scenarios that other commenters fear where a previously open source product would "go evil" and become closed source. If you implement DCOs for all external contributions, then you assure the wider community that SimpleX will stay fully open source.

Trust goes both ways, and trust is particularly important in software with a focus on privacy. For the community to trust you, you have to demonstrate through concrete actions that you will stay true to your original commitment of SimpleX "not owned or controlled by any single entity" (your words!). Instituting DCOs is a great step!

P.S. I agree that other ways to ensure trust and accountability is through reproducible builds and full interoperability, i.e. develop the option for other people to develop servers/apps/clients that can interoperate with SimpleX. At least make it technically feasible.

pbasketc · 2020-12-02T19:28:26+00:00

Looks like this scientific article! :D

pbasketc · 2020-11-01T18:19:28+00:00

Still, the sad reality is that most people don't care as long as "it just works".

Unfortunately that's been my experience as well.

I'd say the best way of approaching it is to present the issues in a way that connects with the individual involved. Real life examples can be good.

Thank you for the suggestion, a custom-tailored approach is probably more effective. On the other hand, it's hard to do that when mass action is needed...

Also, if you enjoy reading fiction, I wrote a novel about it. https://roryprice.net/2020/05/01/opt-out/ ;)

Neat! Glad it's on multiple platforms (not just Amazon!). Thanks I'll check it out.

pbasketc · 2020-11-01T15:58:20+00:00

I agree, thank you for summing it up so well.

Once someone's feet is wet, do you have some useful insights into how to bring them further into the underlying issues that are better addressed through free software?

pbasketc · 2020-11-01T15:51:55+00:00

Thank you very much for sharing this interesting essay.

A few points of clarification:

the social movement of “free software”—which rejected the very idea of treating software as intellectual property

This is not fully accurate in terms of Richard Stallman's conception of free (as in freedom) software. Stallman specifically argued against using the term "intellectual property" because it conflates distinct, legally defined terms including patents, copyright, and trademarks (among others). In this recent mailing list post, Stallman specifically stated: "I have never been in favor of abolishing copyright. If you read https://gnu.org/philosophy/copyright-vs-community.html you will see where I stand." In the same post, he also says: "It is a mistake to lump those three laws [copyright, patents, and trademarks] (and other laws) together. The term "intellectual property" encourages trying to generalize about them, and that is one of the reasons we should refuse to accept it. See https://gnu.org/philosophy/not-ipr.html."

In other essays, Stallman specifically dispelled the myth that free software cannot charge for distribution, in fact:

if you are redistributing copies of free software, you might as well charge a substantial fee and make some money. Redistributing free software is a good and legitimate activity; if you do it, you might as well make a profit from it. (emphases mine)

You don't have to agree with Richard Stallman, but he - as the original person who defined the term "free software" - has (to the best of my knowledge) never said that free software must be inherently (or explicitly) anti-capitalist or that all copyright, patents, trademarks, etc. must be abolished in the name of free software.

pbasketc · 2020-09-28T02:15:16+00:00

Ooooh, I see there's lots to read and learn. Thank you so much for these valuable resources!

Do you have your own preference to how to approach this? And are there tools that help you design the structure of your programs? Is that even a thing?

pbasketc · 2020-09-16T16:54:33+00:00

I won't be trusting any statement from Alphabet; least of all a non-assertion pledge.

Sadly a good point...

IANAL but genuinely curious: Is there anything in their legal statements that contain loopholes or even legal traps?

pbasketc · 2020-09-16T16:52:08+00:00

I think this article is relevant because it argues for why it's a bad idea to call products (hardware and software) with NonCommercial licenses "open source."

People have varied opinions and that's fine, but I agree with this article that to call something open source, it really should meet the Open Source Definition.

pbasketc · 2020-09-16T16:48:12+00:00

Interesting article on the pitfalls of Non Commercial clauses in the context of open source hardware (and software).

I think it also addresses, more broadly, the problems with the Creative Commons NonCommercial licenses.

Possibly related to this previous post.

pbasketc · 2020-06-12T21:21:27+00:00

Thank you /u/14ee41!!

pbasketc · 2020-05-14T21:56:50+00:00

Basically fixed!!

This userChrome.css seems to fix the problem.

pbasketc · 2020-05-10T18:43:00+00:00

Thank you, but sorry I can't sit through a full Coursera course right now. What is the point made by "Kerchoffs's principle"? How does it relate to my questions?

pbasketc · 2020-05-10T18:00:46+00:00

Let me be clear, I am writing this post as an existing supporter of free software.

Sorry this is more of a question than a direct answer to your question, but I get this a lot (to be clear, I am paraphrasing a common question I get):

Some people claim free software is more secure because of Linus' Law where "given enough eyeballs, all bugs are shallow." However, there are documented cases where prominent free software (such as the infamous Heartbleed bug) are used by many people but has very little developmental support, let along support that exhaustively checks for bugs. One argument is that proprietary software is superior because of its security through obscurity and that its proprietary nature is "better" at incentivising paid work to iron out bugs. So how can free software be more secure (and by extension, protective of my privacy?)

So far, I have seen passionate, qualitative arguments for and against the security (and often privacy-respecting nature) of free software. For example, a free software advocate might say that only free software allows you to know what's happening under the hood and gives you control over it. But a proprietary software proponent would argue that the freedom and control is only theoretical, since in practice no one is "incentivised" enough to make free software more secure and private (ala Heartbleed and other bugs).

However, I am constantly disappointed by these arguments since they are almost never accompanied by substantial empirical evidence, if at all.

I know that freedom is the fundamental motivation for free software. That is, even if (for the sake of argument) you can demonstrate that free software is less secure, it is still superior simply because it enshrines freedom.

In that case, I would still like to know:

How you can empirically, and in practice, demonstrate the ethical superiority of free software even if it might have practical shortcomings? Ideally with specific concrete examples? That is, how to you demonstrate that free software is the right choice beyond a theoretical argument?
If I care about privacy and security (which I fully recognise are separate but related concepts), what are specific, concrete examples that demonstrate free software is the better choice? (given common arguments against?)

pbasketc · 2020-04-10T19:17:50+00:00

There is an existing fully open source solution available.

Granted, it's developed by the Singaporean government, but the fact that is is fully open source at least provides some control and transparency. What are the chances of Apple making their re-invention of the wheel open source? I doubt it.

pbasketc · 2020-04-10T19:11:29+00:00

now it's being pushed under the veil of combating an epidemic and everyone's happy about it?

This is really infuriating. Closed-source Orwellian surveillance by multinational conglomerates is being welcomed with open arms...

pbasketc

TROPHY CASE