06 Jan 2019

2018 has gone and from my point of view, it has been a great year.

I’ve learned the hard way a lot of valuable lessons that broke some fundamental assumptions of mine, freeing me from several misconceptions and giving me a priviledged point of view upon important matters.

First I discovered, with much surprise after years of cynism, that Free Software and Open Source software are completely different things.

Everything started when I accidentally discovered that Harvey had completely removed my name from their codebase without removing my contributions.

This was a blatant violation of the GNU GPL (version 2) from a member of Software Freedom Conservancy.

And the commits that removed my name were all from a very experienced Google engineer.

Since I can’t sue both Google and SFC (they do no Evil, after all!), I had to surrender when they squashed some of my changes into large commits (that included work from several authors) during a huge git rebase that pretended to remove my work (but have left several of my contributions there).

The problem is very practical to me, since I reused my changes to the Harvey codebase in Jehanne, and I’m afraid that a Google’s lawyer could one day decide that I copied Harvey because of the changes I authored myself.

All this was a valuable revelation. It taught me that:

we can’t trust Google’s employees when they contribute to OSS. we can’t trust SFC either, as Karen Sandler explicitly excluded such kind of issues when Harvey joined SFC. we can’t trust GNU licenses, as it’s violated by SFC members without any issue. talking about FOSS or FLOSS ultimately marginalize hackers.

Beyond Jehanne

Reflecting on Google, I realized that

their lobbying against AI regulation (or for permissive regulations, which is the same) is one of the most dangerous attack to worldwide freedom right now

they own Mozilla that don’t give a shit about people privacy or security

In fact the Russian Government is exploiting one of the attacks that I described to Mozilla and Chromium but the bug report is still “RESOLVED INVALID” because “this is the Web functioning as designed”

I mean: the Russian Governement building a database of security researcher and privacy aware people that could detect a JavaScript attack… is how Google (and thus Mozilla) want the Web to work.

The worse vulnerability here is people’s trust in IT.

Current IT is broken beyond repair.

The only mitigation is Culture

In 2018 I’ve spent a lot of my free time informing people about the risks of these attacks. As a consequence, I was banned by a couple of online communities, Lobste.rs and Tildes.net.

Much better feedbacks came from my talks about AI.

But ultimately, I realized that our only hope are kids and I started an course of Informatics for the elementary school of my eldest daughter.

I suggest you do to the same: don’t let your children to be used through software.

We need a generation of hackers that can break the world that bad people have built.

Yes but… what about Jehanne?

All these facts made me realize that existing copylefts cannot serve neither hackers’ curiosity nor people’s Freedom, so I studied Copyright regulations to mitigate the issues I saw with them. The result is the Hacking License that is going to replace AGPLv3 as my copyleft of choice.

Writing the Hacking License took roughly 6 months.

It’s designed to protect users from SaaS’s abuses by granting them the ultimate right to self-host the application they use. This right will be a great incentive to fair playing for SaaS providers using my File Protocol. Also, the Hacking License is designed to turn users to hackers: IMO, this is the only way Free Software can win against big corporations.

This is very practical and very important.

The Web is a half done, badly broken and insecure distributed operating system.

Using services as a software substitute will be the normal working mode with Jehanne: if people cannot trust the provider as they cannot trust Web site now there’s no way to make my project a reality.

The File Protocol

My few remaining free hours were spent into the design of the File Protocol (aka FP) and the study of its integration in Jehanne as a replacement of 9P2000.

At a first glance all you need to change to introduce an alternative file protocol in a Plan 9 kernel is devmnt (in Jehanne it was already renamed as dev9p) but after a deeper analysis, it turns out that I have to modify the Dev structure because FP doesn’t have a Walk equivalent.

Changing Dev has a huge impact on the whole kernel, and it’s just a part of the issue because I also want to move to a new mount table.

So ultimately, the Jehanne kernel is badly broken right now.

As a consequence you didn’t saw much work ongoing on Jehanne, and to be honest… I wouldn’t hold my breath.

The File Protocol is the reason Jehanne exists: I want to build the infrastructure that will let people hack a free and safe distributed system, so I have to carefully address both the technical and the legal issues to ensure it won’t end in a user-hostile hell like HTTP and browsers.

Because Jehanne is Free Software, not Open Source.