For their fifteenth International Day Against DRM this Friday, the Free Software Foundation's "Defective by Design" campaign is "calling on you to help us send a message to purveyors of Digital Restrictions Management (DRM)".

And this year they're targeting Disney+ The ongoing pandemic has only tightened the stranglehold streaming services have as some of the most dominant forms of entertainment media, and Disney+ is among the worst of them. After years of aggressive lobbying to extend the length of copyright, based on their perceived need to keep a certain rat from entering the public domain, they've now set their sights on "protecting" their various franchises in a different way: by shackling them with digital restrictions. If Disney's stated mission is to keep "inspiring hope and sparking the curiosity of all ages", using DRM to limit that curiosity remains the wrong move.

This year, we'll be using one of Disney's own means of spreading their "service" and the DRM bundled with it: their mobile app. If you're an existing user of the Google Play (Android) or Apple App Stores, you can support the International Day Against DRM by voicing your objection to Disney's subjugation of their users. Streaming services like Netflix and Peacock have the same issues, but by targeting a newer one with such massive investment and capital behind it, we can make sure that we're heard. Disney+ is new: that gives it time to change.

Disney+ is placed near the top of the most frequently downloaded apps on both the Google Play and Apple App Stores. We invite you to write a well-thought objection to Disney's use of DRM, with a fitting review. It is the perfect way to let the corporation, and other users intending to use its services know Disney's grievous mistake in using DRM to restrict customers who already want to view their many films and television shows. It will give you a chance to give them the exact rating that any service that treats its users so poorly: a single star.

DRM isn't the only problem with the Disney+ app. It's also nonfree software. If you're not already an Android or iOS user, we don't recommend starting an account just to participate in this action. You can also choose to send an email to Disney executives following our template.
They're urging supporters to also share the actions they've taken on social media using the tag #DayAgainstDRM. (And there's also an IRC channel "to discuss and share strategies for anti-DRM activism," with more anti-DRM actions still to come.

"While some aspects of the struggle have changed, the core principles remain the same: users should not be forced to surrender their digital autonomy in exchange for media."

The north-German state of Schleswig-Holstein plans to switch to open source software..." reports Mike Saunders from LibreOffice.

"By the end of 2026, Microsoft Office is to be replaced by LibreOffice on all 25,000 computers used by civil servants and employees (including teachers), and the Windows operating system is to be replaced by GNU/Linux."

The tech site Foss Force writes: This seems to be a done deal, as the steps for the transition from proprietary to open have already been codified by the Schleswig-Holstein state parliament, and explained in plain language in an interview with Jan Philipp Albrecht, the state's digital minister, that was published in c't, a German language computer magazine (Google Translate version here). In the interview, Albrecht said that part of the transition to open source is already in the works, and pointed out that 90% of state administration conferencing is conducted using the open source video conferencing platform Jitsi.

"We have been testing LibreOffice in our IT department for two years, and our experience is clear: it works," he said. "This also applies, for example, when editing Microsoft Word documents with comments... No Linux distribution has been chosen yet to use as a standard, although Albrecht said they're currently looking at five distributions that suit their purposes.

Mastodon has sent former President Donald Trump's company a formal notification that it's breaking the rules by using Mastodon's open-source code to build its social network, named Truth. The Verge reports: This news comes from a blog post by Mastodon's founder Eugen Rochko, but others have previously pointed out that the organization behind Truth, the Trump Media and Technology Group (or TMTG), was violating Mastodon's software license by not providing the source code for the site built on top of it. Trump's group has 30 days from when the letter was sent to comply with the license or stop using the software, or it could lose the right to do so.

While Truth hasn't officially launched yet, internet users discovered that a test version basically had the same interface as Mastodon, and that some of the code for the site was unchanged from the other social network's code. By itself, that's actually the intended use of open-source software -- but as the Software Freedom Conservancy pointed out last week, apps or websites based on software that uses the AGPLv3 license have to in turn provide their own source code. According to the foundation that wrote AGPL, it's meant to make the community's software better: if you improve on something that someone else made, they should be able to benefit from your work like you did theirs.

As Mastodon and Rochko reiterated on Friday, though, TMTG hasn't done that -- it even went as far as to call its software "proprietary," and seemingly tried to hide the fact that it was based on Mastodon. Now that the Truth has been revealed, however, TMTG will either have to rebuild it without using Mastodon's code -- a tall order, as bootstrapping a social network site isn't particularly easy -- or release its source code and change the terms of service.

"October 5 marks the official release of Windows 11, a new version of the operating system that doesn't do anything at all to counteract Windows' long history of depriving users of freedom and digital autonomy," writes Free Software Foundation campaigns manager Greg Farough.

"While we might have been encouraged by Microsoft's vague, aspirational slogans about community and togetherness, Windows 11 takes important steps in the wrong direction when it comes to user freedom." Microsoft claims that "life's better together" in their advertising for this latest Windows version, but when it comes to technology, there is no surer way of keeping users divided and powerless than nonfree softwarechoosing to create an unjust power structure, in which a developer knowingly keeps users powerless and dependent by withholding information. Increasingly, this involves not only withholding the source code itself, but even basic information on how the software works: what it's really doing, what it's collecting, and how often it's snitching on users. "Snitching" may sound dramatic, but Windows 11 will now require a Microsoft account to be connected to every user account, granting them the ability to correlate user behavior with one's personal identity. Even those who think they have nothing to hide should be wary of sharing potentially all of their computing activity with any company, much less one with a track record of abuse like Microsoft...

We expect Microsoft to use its tighter control on cryptography that happens in Windows as a way to impose more severe Digital Restrictions Management (DRM) onto media and applications, and as a way to ensure that no application can run in Windows without Microsoft's approval. In cases like these, it's no longer appropriate to call a machine running Windows a "personal" computer, as it obeys Microsoft more than it does its user. Indeed, it's bitterly ironic that Microsoft is calling the program that verifies a system's compatibility with Windows 11 a "PC Health Check." We counter that a healthy PC is one that respects its user's wishes, runs free software, and doesn't purposefully restrict them through treacherous computing. It would also never send the user's encryption keys back to its corporate overlords. Intrepid users will likely find a way around this requirement, yet it doesn't change the fact that the majority of Windows users will be forced into a treacherous computing scheme...

Sometimes, Microsoft realizes that it can't be quite so overtly antisocial. We've commented many times before on the hypocrisy involved in saying that Microsoft "loves open source" and "loves Linux," two ways of mentioning free software without reference to freedom. At the same time, Microsoft employees do make contributions to free software, contributions which benefit many others. Yet they do not extend this philosophy to their operating system, and in the last few years, they've made an attempt to impair the ways free software makes "life better together" further by making critical functions of Microsoft GitHub rely on nonfree JavaScript and directing users toward Service as a Software Substitute (SaaSS) platforms. By attacking user freedom through Windows, and the free software community directly by means of nonfree JavaScript, Microsoft proves that it has no plans to loosen its grip on users.

No program that you're forbidden to copy, modify, or share can truly bring people "together" in the way that Microsoft claims.

Thankfully, and right outside the window, there's a true community of users you and your loved ones can join...

Let's stop falling for the trap of chasing short-term, superficial improvements in proprietary software that may seem to make life better, and instead opt for free software, the only software that can support the best versions of ourselves.
The post urges readers to sign (or renew!) their pledge not to use Windows and to help a friend install GNU/Linux, "sending Microsoft the strong message that software that subjugates its users has no place in Windows.... If you don't feel ready to take the plunge and switch entirely, you can use our resources like the Free Software Directory to find programs you can use as starting points for your free software journey."

The post also has harsh words for TPM, warning that "when it's deployed by a proprietary software company, its relationship to the user isn't one based on trust, but based on treachery. When fully controlled by the user, TPM can be a useful way to strengthen encryption and user privacy, but when it's in the hands of Microsoft, we're not optimistic."

And when it comes to Microsoft teams, "it seems that no Windows user can avoid it any longer.... we hope Teams' unpopularity and its newfound, unwanted place in Windows will encourage users to seek out conferencing programs that they themselves can control."

This week the Free Software Foundation (FSF) announced JShelter, "an anti-malware Web browser extension to mitigate potential threats from JavaScript, including fingerprinting, tracking, and data collection."

The browser add-on — supported by NLnet Foundation's Next Generation Internet (NGI) Zero Privacy & Trust Enhancing Technologies fund — is currently "in development and the first release is available." This browser add-on will limit the potential for JavaScript programs to do harmful actions by restricting default behavior and adding a layer of control... Accessing cookies, performing fingerprinting to track users across multiple sites, revealing the local network address, or capturing the user's input before they submit a form are some examples of JavaScript's capabilities that can be used in harmful ways. JShelter adds a safety layer that allows the user to choose if a certain action should be forbidden on a site, or if it should be allowed with restrictions, such as reducing the accuracy of geolocation to the city area. This layer can also aid as a countermeasure against attacks targeting the browser, operating system, or hardware levels... [The extension] will ask — globally or per site — if specific native functions provided by the JavaScript engine and the Document Object Model (DOM) are allowed by the user. It will also link to an explanatory page for each function, to raise awareness of related threats. Depending on the function being addressed, the user will have the option to allow it, block it, or have it return a custom value...

"Our browsers have become perhaps the most critical of tools we depend on, and yet the browser environment is far from healthy," says Michiel Leenaars, director of strategy at NLnet Foundation and coordinator of NGI Zero. "Dominant corporate behavior from a small amount of actors has been aggressively reshaping the evolution of the Web, and that is starting to wreak havoc. Despite an enormous systemic dependency, we as users have very little control over what browsers allow and share — leading to significant risk as the most powerful tools in the shed are essentially left unprotected for every casual Web site to abuse. JShelter is a great initiative to help empower us all, to help us gain better understanding and to better safeguard ourselves from obvious and otherwise unavoidable harm."

The effort is part of a larger, multi-year campaign from FSF on JavaScript on the Web started in 2013, which among others includes the development of GNU LibreJS and outreach to users and developers about nonfree software inside the browser. The GNU LibreJS extension detects JavaScript web labels and assists users with running only JavaScript distributed under a free software license, according to their ethical convictions and individual preferences.
"JShelter will help protect users from critical threats now, and contribute significantly to progress on the necessary longer-term cultural shift of moving away from nonfree JavaScript," said Ruben Rodriguez, former FSF chief technology officer.

"This is a project I've been looking forward to for years, tired of dealing with all kinds of potential antifeatures in the browsers I use and distribute, and having to figure out some countermeasure for them with configuration changes, patches or extensions. Being able to wrap the JavaScript engine in a layer of protection is a game changer."

"2021 Is the Year of Linux on the Desktop," writes PC Magazine. "No, really..." Walk into any school now, and you'll see millions of Linux machines. They're called Chromebooks. For a free project launched 30 years ago today by one man in his spare time, it's an amazing feat.... Linux found its real niche — not as a political statement about "free software," but as a practical way to enable capable, low-cost machines for millions...

Chrome OS and Android are both based on the Linux kernel. They don't have the extra GNU software that distributions like Ubuntu have, but they're descended from Linus Torvalds' original work. Chromebooks are the fastest growing segment of the traditional PC market, according to Canalys. IDC points out that Canalys' estimates of 12 million Chromebooks shipped in Q1 2021 are only a fraction of the 63 million notebooks sold that quarter, but once again, they're where the growth is. Much of that is driven by schools, where Chromebooks dominate now. Schoolkids don't generally need a million apps' worth of generic computing power. They need inexpensive, rugged ways to log into Google Classroom. Linux came to the rescue, enabling cheap, light, easy-to-manage PCs that don't have the Swiss Army Knife cruft of Windows or the premium price of Macs...

One great thing about open-source hacker projects is that they can be taken in unexpected directions. Linux isn't controlled, so it can adapt, Darwinian-style. It was a little scurrying mammal in the time of the dinosaurs, and then the mobile-computing asteroid hit. Linux could evolve. Windows couldn't. When you're building something that fits in your hand and has to sip battery, you can't just keep throwing processors and storage at it. Microsoft had a tough time adapting its monstrous megakernel OS to the new, tiny world. But *nix platforms thrive there: Android (based on Linux) and iOS.
"Android and Chrome water down the Linux philosophy," the article argues, "but they are Linux..."

Does this make any long-time geeks feel vindicated? In the original submission wiredog (Slashdot reader #43,288) looks back to 1995, remembering that "my first Linux was RedHat 2.0 in the beige box, running the 0.95(?) kernel and the F Virtual Window Manager...

"It came with 2 books, a CD, and a boot floppy disk."

destinyland writes: A newly-released video at GNU.org shows an hour-long talk given by free software advocate Richard Stallman for the BigBlueBotton open source conference (which was held online last July). After a 14-minute clip from an earlier speech, Stallman answers questions from the audience — and the first question asked Stallman for his opinion about the AI Copilot [automated pair programming tool] developed for Microsoft's GitHub in collaboration with AI research and deployment company OpenAI.

Stallman's response?

There are many legal questions about Copilot whose answers I don't know, and maybe nobody knows. And it's likely some of theo depend on the country you're in [because of the copyright laws in those countries.] In the U.S. we won't be able to have reliable answers until there are court cases about it, and who knows how many years it'll take for those court cases to arise and be finally decided. So basically what we have is a gigantic amount of uncertainty.

Now the next thing is, what about morally? What can I say morally about Copilot? Well the basic idea seems okay. Why shouldn't a program be able to give you hints like that?

But there is one pitfall, which is that if you follow those hints, you might end up putting a substantial block of code copied from a GPL-covered program, written by someone else, or one hint after another after another after another — it adds up to a substantial amount of code, perhaps, with very little change, perhaps. And then you've infringed the GPL by releasing that code, unless your program is covered by the same versions — plural — of the GPL, in which case it would be permitted. But you might not even know that. Copilot might not tell you — it doesn't endeavor to inform you. So you're likely not to know. Which means Copilot is leading users — some of its users — into a pitfall. Well, they should fix it so it doesn't do that.

But basically, what can you expect from GitHub? GitHub gives people inadequate advice about what it means to choose a license. They tell you you can choose GPL version 2 or GPL version 3. I think they don't tell you that really you could choose GPL version 2 only, or GPL version 2 or later, or GPL version 3 only, or GPL version 3 or later — and those are four different choices. They give users different permissions over the future. So it's important to make each program say clearly which choice covers it. And GitHub doesn't tell you how to do that.

It doesn't tell you that you need to do that. Because the way you do that is with a licensed notice that is supposed to be in every source file. It's unreliable to put just one statement in a free program and say "This program is covered by such-and-such license." What happens if somebody copies one of the files into some other program which says it's covered by a different license? Now that program has been inaccurately mis-licensed, which is illegal and is going to mislead users. So any self-respecting — any repository that wants to be honest has to explain these things, not just tell people to make the licensing of each piece of code clear, but help users do so — make it easy.

So GitHub has had this enormous problem for all of its existence, and Copilot has the similar — a basically, vaguely similar sort of problem, in the same area. It's not exactly the same problem. I don't think that copying a snippet of a few lines of code infringes any license. I think it's de minimus. But I'm not a lawyer.

The Open Source Initiative (OSI) has finally named its first Executive Director, Stefano Maffulli. ZDNet's Steven J. Vaughan-Nichols reports: Maffulli is a long-time developer community manager. He co-founded and led the Italian chapter of Free Software Foundation Europe (FSFE) from 2001 to 2007. He also worked for the FreedomBox Foundation. This organization, led by Columbia law professor Eben Moglen, created an inexpensive open-source server for those who wanted to avoid proprietary internet and cloud services. From there, Maffulli moved to OpenStack, the open-source Infrastructure-as-a-Service cloud, and other open-source projects.

He'll be taking over from Deb Nicholson, who served as the OSI's interim general manager. This key step in the move of the OSI OSI into a professionally managed organization. "Bringing Stefano Maffulli on board as OSI's first Executive Director is the culmination of a years-long march toward professionalization so that OSI can be a stronger and more responsive advocate for open source," says Joshua Simmons, the OSI board's chairperson. "We can now deprecate the role of President transitioning to Chair of the Board with confidence about OSI's future."

An enthusiastic open source user, Maffulli contributed documentation patches, translations and advocated for projects as diverse as GNU, QGIS, OpenStreetMap, and WordPress. He knows he'll face new, bigger challenges at the OSI. "Open source software is everywhere, but its definition is constantly being challenged," said Maffulli. "The zombies of shared source, limited-use, and proprietary software are emerging from the graves where we put them to rest in the 90s, threatening the whole ecosystem." The OSI has to keep up with these and many other changes. For example, there have been several failed efforts to force ethical rules into open-source licenses. To keep up with these whiplash fast advances, Maffulli said, "mobile devices, cloud, artificial intelligence/machine learning, and blockchain offer new opportunities for developers, entrepreneurs, and society as a whole who all deserve a strong OSI not only to maintain a definition of open source that works in modern settings but also forges a path for how to effectively produce modern open-source software."

Five years ago Linus Torvalds commemorated Linux's 25th anniversary in an interview with ZDNet's Steven J. Vaughan-Nichols. Now that Linux is celebrating its 30th birthday, Vaughan-Nichols interviewed Torvalds again, who makes an important philosophical point: Trying to look at the bigger picture, Torvalds now thinks the period in early 1992 — when Linux switched to using the Gnu Public License version 2 (GPLv2) — was especially important. He recalls, "It wasn't the original license, but I'm convinced it's a big part of why Linux became so widespread. Not everybody loves the GPL, and I've had my own issues with the FSF [Free Software Foundation], but I do think the GPLv2 has been a huge deal, and people shouldn't dismiss the licensing issues."

He adds:

"I think the companies getting involved has been hugely important — and that may sound so obvious as to be trite and stupid, but some corners of the open-source community have been fairly negative to any commercial involvement."
Torvalds points out that from its earliest days Linux has experienced "fairly continual" interest from major companies.

The interview also revisits Linux's version control systems and the name Torvalds had originally chosen for the operating system back in 1991. ("Freax," for "Free Unix.") But 10 years ago, the same reporter got a surprise when he'd asked Torvalds where he thought Linux would be on its 40th birthday. Torvalds' answer?

"Bah. I don't plan that far ahead. I can barely keep my calendar for the next week in mind. I really have no idea."

So this week Steven J. Vaughan-Nichols instead asked Torvalds how he's envisioning his own future: Looking ahead, Torvalds sees himself keeping on. "I'm 51 years young, I enjoy what I'm doing. What would I do if I didn't do Linux? Puttering around in the garden? Not bloody likely.
Slashdot reader juul_advocate shares some context. Torvalds was also contacted by IT Wire to get his thoughts on the 30th birthday of Linux. "There's literally a few people who are still active and around that got involved in '91..." Torvalds told them: "I like having been around for that long, and it's also nice how many other people have actually been around for almost that long...

"But I just don't have anything new to say about it, I'm afraid. And while today is an anniversary date, it's not even the only one. This was the anniversary of the first public announcement, but it wasn't actually the actual first code drop. That came later — 17 September.

"And even that second anniversary isn't the 'last' anniversary, because the Linux 0.01 code drop on 17 September was only privately announced to people who had shown some interest from the first announcement.

"So the first actually public and real *announced* code drop was 5 October 1991, which is when 0.02 was dropped. So I actually have three anniversaries, and they are all equally valid in my mind."

A fix that was made in early June to the GNU C Library (glibc) introduced a new and nastier problem. Steven J. Vaughan-Nichols writes via ZDNet: The first problem wasn't that bad. As Siddhesh Poyarekar, a Red Hat principal software engineer wrote, "In order to mount a minimal attack using this flaw, an attacker needs many pre-requisites to be able to even crash a program using this mq_notify bug." Still, it needed patching and so it was fixed. Alas, the fix contained an even nastier bug. While checking the patch, Nikita Popov, a member of the CloudLinux TuxCare Team, found the problem. It turns out that it is possible to cause a situation where a segmentation fault could be triggered within the library. This can lead to any application using the library crashing. This, of course, would cause a Denial-of-Service (DoS) issue. This problem, unlike the earlier one, would be much easier to trigger. Whoops.

Red Hat gives the problem in its Common Vulnerability Scoring System (CVSS) a score of 7.5, which is "high." An attack using it would be easy to build and requires no privileges to be made. In short, it's bad news. Popov himself thinks "every Linux application including interpreters of other languages (python, PHP) is linked with glibc. It's the second important thing after the kernel itself, so the impact is quite high." [...] The good news is both the vulnerability and code fix have been submitted to the glibc development team. It has already been incorporated into upstream glibc.

In addition, a new test has been submitted to glibc's automated test suite to pick up this situation and prevent it from happening in the future. The bottom line is sometimes changed in unrelated code paths can lead to behaviors changing elsewhere without the programmer realizing what's going on. This test will catch this situation. The Linux distributors are still working out the best way to deploy the fix. In the meantime, if you want to be extra careful -- and I think you should be -- you should upgrade to the newest stable version of glibc 2.34 or higher.

GitHub's new "Copilot" tool (created by Microsoft and OpenAI) shares the autocompletion suggestions of an AI trained on code repositories. But can that violate the original coder's license? Now the Free Software Foundation (FSF) is calling for a closer look at these and many other issues...

"We already know that Copilot as it stands is unacceptable and unjust, from our perspective," they wrote in a blog post this week, arguing that Copilot "requires running software that is not free/libre (Visual Studio, or parts of Visual Studio Code), and Copilot is Service as a Software Substitute. These are settled questions as far as we are concerned."

"However, Copilot raises many other questions which require deeper examination..." The Free Software Foundation has received numerous inquiries about our position on these questions. We can see that Copilot's use of freely licensed software has many implications for an incredibly large portion of the free software community. Developers want to know whether training a neural network on their software can really be considered fair use. Others who may be interested in using Copilot wonder if the code snippets and other elements copied from GitHub-hosted repositories could result in copyright infringement. And even if everything might be legally copacetic, activists wonder if there isn't something fundamentally unfair about a proprietary software company building a service off their work.

With all these questions, many of them with legal implications that at first glance may have not been previously tested in a court of law, there aren't many simple answers. To get the answers the community needs, and to identify the best opportunities for defending user freedom in this space, the FSF is announcing a funded call for white papers to address Copilot, copyright, machine learning, and free software.

We will read the submitted white papers, and we will publish ones that we think help elucidate the problem. We will provide a monetary reward of $500 for the papers we publish.
They add that the following questions are of particular interest:

• Is Copilot's training on public repositories infringing copyright? Is it fair use?
• How likely is the output of Copilot to generate actionable claims of violations on GPL-licensed works?
• How can developers ensure that any code to which they hold the copyright is protected against violations generated by Copilot?
• Is there a way for developers using Copilot to comply with free software licenses like the GPL?
• If Copilot learns from AGPL-covered code, is Copilot infringing the AGPL?
• If Copilot generates code which does give rise to a violation of a free software licensed work, how can this violation be discovered by the copyright holder on the underlying work?
• Is a trained artificial intelligence (AI) / machine learning (ML) model resulting from machine learning a compiled version of the training data, or is it something else, like source code that users can modify by doing further training?
• Is the Copilot trained AI/ML model copyrighted? If so, who holds that copyright?
• Should ethical advocacy organizations like the FSF argue for change in copyright law relevant to these questions?

Slashdot reader Hmmmmmm shares a blog post from Stockfish announcing a lawsuit against ChessBase: The Stockfish project strongly believes in free and open-source software and data. Collaboration is what made this engine the strongest chess engine in the world. We license our software using the GNU General Public License, Version 3 (GPL) with the intent to guarantee all chess enthusiasts the freedom to use, share and change all versions of the program. Unfortunately, not everybody shares this vision of openness. We have come to realize that ChessBase concealed from their customers Stockfish as the true origin of key parts of their products (see also earlier blog posts by us and the joint Lichess, Leela Chess Zero, and Stockfish teams). Indeed, few customers know they obtained a modified version of Stockfish when they paid for Fat Fritz 2 or Houdini 6 -- both Stockfish derivatives -- and they thus have good reason to be upset. [ChessBase released Fat Fritz 2, described on their website as the "new number 1" chess engine "with a massive new neural network, trained by Albert Silver with the original Fat Fritz." They advertise Fat Fritz 2 as using novel strong ideas compared to existing chess engines, but in reality Fat Fritz 2 is just Stockfish with a different neural network and minimal changes that are neither innovative nor appear to make the engine stronger.] ChessBase repeatedly violated central obligations of the GPL, which ensures that the user of the software is informed of their rights. These rights are explicit in the license and include access to the corresponding sources, and the right to reproduce, modify and distribute GPLed programs royalty-free.

In the past four months, we, supported by a certified copyright and media law attorney in Germany, went through a long process to enforce our license. Even though we had our first successes, leading to a recall of the Fat Fritz 2 DVD and the termination of the sales of Houdini 6, we were unable to finalize our dispute out of court. Due to Chessbase's repeated license violations, leading developers of Stockfish have terminated their GPL license with ChessBase permanently. However, ChessBase is ignoring the fact that they no longer have the right to distribute Stockfish, modified or unmodified, as part of their products. Thus, to enforce the consequences of the license termination, we have filed a lawsuit. This lawsuit is broadly supported by the team of maintainers and developers of Stockfish. We believe we have the evidence, the financial means and the determination to bring this lawsuit to a successful end. We will provide an update to this statement once significant progress has been made.

An anonymous reader quotes a report from ZDNet, written by Steven J. Vaughan-Nichols: Microsoft now has its very own, honest-to-goodness general-purpose Linux distribution: Common Base Linux, (CBL)-Mariner. And, just like any Linux distro, you can download it and run it yourself. Microsoft didn't make a big fuss about releasing CBL-Mariner. It quietly released the code on GitHub and anyone can use it. Indeed, Juan Manuel Rey, a Microsoft Senior Program Manager for Azure VMware, recently published a guide on how to build an ISO CBL-Mariner image. Before this, if you were a Linux expert, with a spot of work you could run it, but now, thanks to Rey, anyone with a bit of Linux skill can do it.

CBL-Mariner is not a Linux desktop. Like Azure Sphere, Microsoft's first specialized Linux distro, which is used for securing edge computing services, it's a server-side Linux. This Microsoft-branded Linux is an internal Linux distribution. It's meant for Microsoft's cloud infrastructure and edge products and services. Its main job is to provide a consistent Linux platform for these devices and services. Just like Fedora is to Red Hat, it keeps Microsoft on Linux's cutting edge. CBL-Mariner is built around the idea that you only need a small common core set of packages to address the needs of cloud and edge services. If you need more, CBL-Mariner also makes it easy to layer on additional packages on top of its common core. Once that's done, its simple build system easily enables you to create RPM packages from SPEC and source files. Or, you can also use it to create ISOs or Virtual hard disk (VHD) images.

As you'd expect the basic CBL-Mariner is a very lightweight Linux. You can use it as a container or a container host. With its limited size also comes a minimal attack surface. This also makes it easy to deploy security patches to it via RPM. Its designers make a particular point of delivering the latest security patches and fixes to its users. For more about its security features see CBL-Mariner's GitHub security features list. Like any other Linux distro, CBL-Mariner is built on the shoulders of giants. Microsoft credits VMware's Photon OS Project, a secure Linux, The Fedora Project, Linux from Scratch -- a guide to building Linux from source, the OpenMamba distro, and, yes, even GNU and the Free Software Foundation (FSF). To try it for yourself, you'll build it on Ubuntu 18.04. Frankly, I'd be surprised if you couldn't build it on any Ubuntu Linux distro from 18.04 on up. I did it on my Ubuntu 20.04.2 desktop. You'll also need the latest version of the Go language and Docker.

"The Rust for Linux project, sponsored by Google, has advanced..." reported the Register earlier this week: A new set of patches submitted to the Linux kernel mailing list summarizes the progress of the project to enable Rust to be used alongside C for implementing the Linux kernel. The progress is significant.

- ARM and RISC-V architectures are now supported, thanks to work on rustc_codgen_gcc, which is a GCC codegen for rustc. This means that rustc does the initial compilation of Rust code but GCC (the GNU Compiler Collection) does the backend compilation, enabling support for the architectures that GCC supports...

- Overall, "the Rust support is still to be considered experimental. However, as noted back in April, support is good enough that kernel developers can start working on the Rust abstractions for subsystems and write drivers and other modules," continued project leader Miguel Ojeda, a computer scientist at CERN in Geneva, Switzerland, now working full time on Rust for Linux...

There is substantial support for the project across the industry. Google said in April "we feel that Rust is now ready to join C as a practical language for implementing the kernel" and that it would reduce the number of potential bugs and security vulnerabilities. Google is sponsoring Ojeda to work full time on the project for a year, via the ISRG (Internet Security Research Group), which said last month that it is part of "efforts to move the internet's critical software infrastructure to memory safe code," under the project name Prossimo. The ISRG is also the nonprofit organisation behind Let's Encrypt free security certificates. Ojeda also mentioned that Microsoft's Linux Systems Group is contributing and hopes to submit "select Hyper-V drivers written in Rust." Arm is promising assistance with Rust for Linux on ARM-based systems. IBM has contributed Rust kernel support for its PowerPC processor.

More detail is promised at the forthcoming Linux Plumber's Conference in September. In the meantime, the project is on GitHub here.
"In addition, we would like to announce that we are organizing a new conference that focuses on Rust and the Linux kernel..." Ojeda posted. "Details will be announced soon." And for context, the Register adds: Linus Torvalds has said on several occasions that he welcomes the possibility of using Rust alongside C for kernel development, and told IT Wire in April that it is "getting to the point where maybe it might be mergeable for 5.14 or something like that."

The Free Software Foundation shared an update on its "series of actions to strengthen and modernize the foundation's governance structure and processes." After a series of interviews with various firms, the board has retained a professional consultant to help the FSF devise and execute the changes needed to optimize the impact of the board and the organization.

During an initial six-month engagement, the firm will work with board members and FSF stakeholders to devise a range of systems and infrastructure that lead to:

- A transparent community-supported process for identifying new board members and evaluating current board members;

- A board member agreement that clearly outlines the responsibilities of all board members;

- A code of ethics that articulates the values of the FSF and conveys a set of principles to guide its decision making and activities, as well as the behavior of its board members, officers, employees, and volunteers; and,

- More focused and streamlined board processes that encourage consistent attention on FSF's most pressing needs .In addition, FSF executive director John Sullivan has begun recruiting candidates to succeed him as the organization's chief employed officer...

The board is also evaluating the first proposed changes to its bylaws since 2002. The goals of these revisions are to ensure that user freedom cannot be compromised by changes in the board, members, or hostile courts, with particular focus on the future of the various GNU General Public Licenses (GPL); to codify the implementation of the staff seat created on March 25, 2021; and, to align the bylaws with the outcomes of the ongoing effort to modernize the foundation's governance structure and processes.

As FSF continues to pursue its mission, the board believes these collective efforts will strengthen the organization's governance, ensuring that it is transparent, accountable, and professional for current and future board members, associate members, staff, and the broader free software movement. These efforts also underscore the board's recognition of the need to attract a new generation of activists for software freedom and to grow the movement.

Since most ebook readers run some version of the kernel Linux (with some even run the GNU/Linux operating system), "This puts ebook readers a few steps closer to freedom than other devices," notes a recent call-to-action in the Free Software Foundation Bulletin.

But with e-ink screens and DRM-laden ebooks, "closing the gap will still require a significant amount of work." Accordingly, as we announced at the LibrePlanet 2021 conference, we've decided this year to prioritize facilitating the process for an ebook reader to reach the high standards of our Respects Your Freedom (RYF) hardware certification program, whether this means adapting an existing one from a manufacturer, or even contracting its production ourselves...

The free software community has made some good strides in the area of freeing ebooks. Denis "GNUToo" Carikli has composed a page on the LibrePlanet wiki documenting the components of ebook readers and other single-board computers; this has laid the groundwork for our investigation into releasing an ebook reader, and is one of the wiki's more active projects. Also, earlier in the year, a user on the libreplanet-discuss mailing list documented their project to port Parabola GNU/Linux to the reMarkable tablet, thereby creating a free ebook reader at the same time. It's steps like these that make us feel confident that we can bring an ebook reader that respects its user's freedom to the public, both in terms of hardware and the software that's shipped with the device...

If the FSF is successful in landing RYF certification on an ebook reader, which I fully believe we will be, we can ensure that users will have the ability to read digitally while retaining their freedom.

It's up to all of us to make sure we have the right to read, by avoiding ebook DRM in each and every case, and celebrating free (as in freedom) resources like Wikibooks and the Internet Archive, bridging the divide between the movement for free software and the movement for free culture, empowering both readers and computer users around the globe.
The article also warns that ebook DRM has gotten more restrictive over the years. "It's common for textbooks to now require a constant and uninterrupted Internet connection, and that they load only a discrete number of pages at a time... Even libraries fell victim to 'lending' services like Canopy, putting an artificial lock on digital copies of books, the last place it makes sense for them to be."

mrflash818 writes: The Internet Security Research Group (ISRG) -- parent organization of the better-known Let's Encrypt project -- has provided prominent developer Miguel Ojeda with a one-year contract to work on Rust in Linux and other security efforts on a full-time basis. Rust is a low-level programming language offering most of the flexibility and performance of C -- the language used for kernels in Unix and Unix-like operating systems since the 1970s -- in a safer way. Efforts to make Rust a viable language for Linux kernel development began at the 2020 Linux Plumbers conference, with acceptance for the idea coming from Linus Torvalds himself. Torvalds specifically requested Rust compiler availability in the default kernel build environment to support such efforts -- not to replace the entire source code of the Linux kernel with Rust-developed equivalents, but to make it possible for new development to work properly. Using Rust for new code in the kernel -- which might mean new hardware drivers or even replacement of GNU Coreutils -- potentially decreases the number of bugs lurking in the kernel. Rust simply won't allow a developer to leak memory or create the potential for buffer overflows -- significant sources of performance and security issues in complex C-language code.

Freenode's Linux support channel has an official web page at freenode.linux.community, which now bears this announcement:

22+ year old ##linux on freenode has been seized by freenode staff

The community's (multi-platform) site reminds visitors of the alternative channels #linux on Libera and Linux.Chat on Discord.

But they're not the only ones making changes. "[T]he FSF and GNU have decided to relocate our IRC channels to Libera.Chat," reads an official announcement on the FSF blog. "Effective immediately, Libera is the official home of our channels, which include but are not limited to all those in the #fsf, #gnu, and #libreplanet namespaces." As we have had nearly twenty years of positive experiences with the Freenode staff, most of whom now comprise the staff of the Libera network, we are confident in their technical and interpersonal expertise, as well as their ability to make the network as long-lasting and integral to the free software community as they made Freenode. We look forward to joining the large number of free software and free culture projects who have already made Libera.Chat their home, and hope to stay there for many years to come.
Also making a move: freenode's #Python channel. Software developer Ned Batchelder, one of the channel's operators (and also an architect at edX), shared a recent experience in a new blog post this morning. When they'd decided to move #python to the new Libera.chat network (run by former Freenode staffers), they also stayed in Freenode's channel "to let people know where everyone had gone." Yesterday, after a heated debate in the Freenode channel where I was accused of splitting the community, I got k-lined (banned entirely from Freenode). The reason given was "spamming", because of my recurring message about the move to Libera. Then the entire Freenode #python channel was closed... Was it malice or was it mistake? Does it matter? It's not a good way to run a network. After the channel was closed, people asking staff about what happened were banned from asking. That wasn't a mistake... [T]he new staff seems to be using force to silence people asking questions. It's clear that transparency is not a strong value for them.

Setting aside network drama, the big picture here is that the Freenode #python community isn't split: it's alive and well. It's just not on Freenode anymore, it's on Libera.

Freenode was a good thing. But the domain name of the server was the least important part of it, just a piece of technical trivia. There's no reason to stick with Freenode just because it is called Freenode. As with any way of bringing people together, the important part is the people. If all of the people go someplace else, follow them there, and continue.

See you on Libera.

Version 9.4 of the GNU Compiler Collection "encompasses more than 190 bug fixes for GCC 9.3, which has been available since March 2020," reports DevClass.

But they add that in addition, "Developers who want to contribute to the GNU Compiler Collection but don't feel like signing over copyright to the Free Software Foundation can get busy committing now." GCC Steering Committee member David Edelsohn informed contributors via the mailing list that the committee "decided to relax the requirement to assign copyright for all changes" to the FSF. Speaking for the committee, he wrote that the GCC project "will now accept contributions with or without an FSF copyright assignment", a practice thought of as consistent with that "of many other major Free Software projects, such as the Linux kernel". GCC "will continue to be developed, distributed and licensed" under the GPLv3, so nothing should change for those adding to the project under the old assumptions.

There are those who have had troubles with that arrangement before, with Apple often cited as a popular example. They are now free to contribute utilising the Developer Certificate of Origin instead of agreeing to an FSF Copyright Assignment.

A reason was not given, though the last sentence of the statement, which affirms the principles of Free Software, might give a clue. In March 2021, the committee commented on the removal of Richard Stallman from the project's steering committee website with a similar declaration... [T]hey felt like an association with Stallman was not serving the best interests of the GCC developers and user community, given that the "GCC Steering Committee is committed to providing a friendly, safe and welcoming environment for all."
The Register notes that Red Hat senior principal engineer Mark Wielaard asked why there was no public discussion before making the change.

John Sullivan became the Free Software Foundation's Executive Director back in 2010. But now after 11 years, "I've decided to resign my position..." he tweeted Friday, "effective at the end of a transition period."

"We'll be sharing further details, including information about that transition, and a few more words, in the coming days."

Meanwhile, the Free Software Foundation announced Thursday that it's seeking "a principled, compassionate, and capable leader" to be its new executive director, working remotely out of their Boston office with the Foundation's current staff and board of directors. "The executive director, working with the president, is the public face of the Foundation." The FSF faces many challenges as software becomes increasingly central in the exercise of all fundamental human freedoms, including speech, association, privacy, and movement, and as software owners seek to exploit their control over us to profit at the expense of those freedoms. The executive director has a vital role in enabling the FSF to continue meeting these challenges, starting from the strong base that has been built in the last thirty-five years. The Foundation has recently reached record-high membership numbers and was awarded a perfect score from Charity Navigator, as well as its eighth consecutive four-star rating. Efforts to improve the Foundation's governance are underway.

The executive director is the FSF's chief employed officer. The position reports to the president/CEO and the board of directors, and is responsible for management of all other staff, all day-to-day operations, and oversight of the Boston physical office. The successful candidate will have the opportunity to hire for additional key positions in the management team.
One interesting item on their list of job responsibilities:

• Mentor, inspire, coordinate, and manage all FSF staff, building a culture that upholds the FSF's ideological principles and includes accountability, empathy, efficiency, and excellence

A blog post on the FSF site also notes that the last month saw 11 new GNU releases. "A number of GNU packages, as well as the GNU operating system as a whole, are looking for maintainers and other assistance: please see https://www.gnu.org/server/takeaction.html#unmaint if you'd like to help."