Some free software projects have moved their documentation and other essential resources into the centralized corporate walled-garden of CloudFlare. These projects masquerade as "open" and available to all, but they actually exclude human rights activists, whistle-blowers, freedom fighters, and all those using Tor to help provide cover traffic for those that need it.
These are the false-open projects:
- Anki
- CryFS
- Cyanogenmod
- fosshub
- freenode
- fteproxy.org
- GNU Radio
- libFTE
- outernet
- rtl-sdr
- TCL/TK (wiki pages, which are heavily relied on for documentation)
- wireshark
These projects take the benefits of posing as free and open contributors, but at the same time fail to reciprocate with an inclusive live-and-let-live philosophy. Let's be clear what CloudFlare is-
What CloudFlare is
This is a corporation that does copious harm to the Internet from the human rights, civil liberties, and infosec viewpoints. Specifically:
- CloudFlare has centralized over 10% of the surface web without much of the populations knowledge or consent.
- CloudFlare is a MitM (man-in-the-middle) that has visibility to all this traffic (yes, even HTTPS traffic). This means CloudFlare sees your username and password when you login to a site, and you won't even know it unless you know how to look for it specifically.
- CloudFlare blocks Tor users access to their sites by default. Making 10% of the web unusable to Tor users has compelled people to stop using Tor. This causes sweeping losses of a variety of protections and ultimately feeds bulk surveillance programs. This makes CloudFlare the biggest adversary of the Tor community.
Project positions and reactions
Anki This is a flashcards memorization tool. When a user clicks on Help>>Guide.. in the application, it launches a browser and directs it to a blocked webpage (if the user is using Tor). Anki believes solving a captcha every time a user needs to access the user guide is acceptable. Anki also believes collateral damage to all Tor users is an acceptable way to deal with a single potential attacker. Anki neglects to address the impact of their decision on children in developing countries. Full discussion
Freenode This is an IRC network that facilitates chatrooms for all free software projects. This one centralized network is what all free software users rely on for support. Freenode directly (and deliberately) blocks all Tor users. This means that freenode has made a effort to prevent anyone using or producing free software from securely discussing the software. More specifically, this means if a human rights activist or dissident needs support on a tool that protects their security (like GnuPG for example), they are excluded by freenode.
GNU Radio This project is very hostile toward Tor users. Often webadmins are naïve to the fact that their cloudflared website blocks legitimate Tor users. But GNU Radio admins are well aware and using cloudflare to block Tor users. When someone excluded from the project approached them in their IRC channel to explain the problem with cloudflare, GNU Radio moderator removed them without warning. It was a short and civil discussion that occurred while the moderators were away, and then one of the moderators returned after the discussion had ended. The Tor user was away from the keyboard at that moment, and the (uncivil) moderator then removed the user from the channel without warning or discussion.
Having neo-conservatives in control of the GNU Radio project limits the potential of the project. There are applications of software-defined radio ("SDR") that could contribute to important liberties that conservatives oppose. For example, creation of a radio pager transmitter would enable people to connect with someone who is not GSM-tracked. When the project oversight is managed by people who oppose these kinds of liberties, it impacts everyones resultant freedom. Sure the project could always be forked by progressives, but part of the problem is that gnuradio absorbs the talent of all contributors who aren't directly proactively interested in freedom-fighting causes.
FOSDEM has (probably unwittingly) invited this exclusive and privacy-hostile club to present both in the 2016 FOSDEM event and in the upcoming 2017 FOSDEM. It's unclear whether FOSDEM aware that they are facilitating the corporate walled-garden use of public school resources. Why not require CloudFlare, Inc. to furnish a room on private property for GNU Radio talks?
Action needed w.r.t gnuradio Please ask FOSDEM organizers (perhaps by emailing conduct@fosdem.org) to update or clarify in their code of conduct as to whether it is acceptable to discriminate against Tor users. Please ask that such projects not be invited to future FOSDEM events. That discrimination article was linked by RMS, who has various other ethical issues with CloudFlare. FSF has a problem with not having open documentation. FSF's annual report shows significant contributions go to the gnu radio project. Obviously it's a good idea not to contribute to corporate walled-garden projects like GNU Radio until they decide to fully participate in an open society.
Outernet This is actually a private company with the goal: to ease worldwide access to internet (despite using CloudFlare to block people). Their propaganda includes an "outernet for all" slogan. They need to change that. Some of their software is open source, and some is closed. See the reverse engineering outernet article for more details.
TCL/TK They are aware of the problem, but not interested in a solution because they believe the repressed group is small enough (measured by lack of complaints) that collateral damage is acceptable.
General action needed
- Help identify other false-open projects. For the moment, please reply to this article to mention others. Perhaps we'll start a wiki to track this.
- Don't contribute code or money to a false-open project. Find a truly free FLOSS project to feed.
iT'S very interesting post :)
Exchellent job dear @apertus-cogitari ...