[pp.int.general] Pirate Party of Germany chooses proprietary software

Andrew Norton ktetch at gmail.com
Sat Jul 30 23:39:56 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/30/2011 5:27 PM, Felipe Sanches wrote:
> Not every person on planet earth has the hability to monitor the
> comunications that go out of its own computer in order to be sure it is
> not under surveilance. While the pirate parties may have enough
> resources to hire experts to take care of their servers, it doesnt mean
> we shouldnt be thinking about the avarage computer user. It is better to
> not invite the spy to your home at all.

Because there's been ABSOLUTELY NO history of 'hidden packages' inside
FOSS software at all (or that FOSS is not extremely buggy and slow to
patched). Of wait, there *is* such a history.

There is only one way to be certain, and that's for you, yourself, to go
through every line of code in every bit of  FOSS software, that's the
only way you can be sure. Else you're just relying on someone else
checking, just as you are with proprietary software.

That's even harder and more time consuming than monitoring the
communications .

It's the 'gatekeeper strategy'. The assumption that since you've passed
the gatekeeper to gain entry, you're 'accepted'. One of my favourite
examples of this in software was a firefox extention a few years back.
it was a vietnamese language pack, I believe, hosted by Mozilla, and it
had a trojan in it. It was months before it was discovered. Mozilla had
scanned it when it was sent in, but the trojan didn't show up on the
scans at that time. So they distributed it, and everyone assumed that
because Mozilla was hosting it, and it's open source, that it must be
ok, and no-one checked.
http://www.pcworld.com/businesscenter/article/145617/mozilla_firefox_plugin_shipped_with_malicious_code.html

Andrew

> 
> On Sat, Jul 30, 2011 at 6:20 PM, Boris Turovskiy <tourovski at gmail.com
> <mailto:tourovski at gmail.com>> wrote:
> 
>     Ahoi,
> 
>     > If pirate parties adopt proprietary software "in the name of pragmatic
>     > aspects regardless of ideology", then it sends a political message to
>     > the world regarding measures to guarantee users privacy and data
>     > integrity. And also regarding user autonomy, inovation, etc (you know
>     > the reasoning already).
>     The party monitors the outgoing signals and you can be sure that's done
>     by very competent people to protect the party members' privacy.
>     As to the "signal" that decision sends, this signal is "software is a
>     tool and we need an efficient tool", which I completely approve of.
> 
>     Best,
>     Boris
>     ____________________________________________________
>     Pirate Parties International - General Talk
>     pp.international.general at lists.pirateweb.net
>     <mailto:pp.international.general at lists.pirateweb.net>
>     http://lists.pirateweb.net/mailman/listinfo/pp.international.general
> 
> 
> 
> 
> ____________________________________________________
> Pirate Parties International - General Talk
> pp.international.general at lists.pirateweb.net
> http://lists.pirateweb.net/mailman/listinfo/pp.international.general


- -- 
Andrew Norton
http://ktetch.blogspot.com
Tel: +1(352)6-KTETCH [+1-352-658-3824]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJONHosAAoJECjjuYTW3X5HywYIAI/6yMdPcjt83VJOMRfpygCU
VNnI+NPW+XeDyrJ3yspXNM7rPtGDZjvbssUT3aDQdyfxJq5CvIbqCcJZmhZL3X/4
EIoQJ2XDrv7e3ZAdyesjOM96yHUHpS/xDfSPJS0+pWIHbwXBEoqdKIhZKgOuoNia
5hm258UbfCo6xX2bPFdjzRKq6dHQorkFzaWiqsxz7Zft4EmU09HXKg9caztZ+sYN
N+GkMIb9v5baz51amKbKkhR64pFl3GhLeLX6G4snllKMdeCQ2g/o7QaW/gsWF82u
iCBmrHR8yZIds0Y3bFpV3pdq/Pef3aa25sh+2TLHa7VAZB7XRx6ziyfyaF39W2k=
=v5f4
-----END PGP SIGNATURE-----


More information about the pp.international.general mailing list