Mike Gerwitz

Activist for User Freedom

path: root/post
diff options
authorMike Gerwitz <mtg@gnu.org>2018-12-17 23:31:08 -0500
committerMike Gerwitz <mtg@gnu.org>2018-12-22 23:45:26 -0500
commit64e1341075cfebcf3567a4a66d74409b0403e200 (patch)
treec6cd148c0a992c433aa0c731b98d3e84afdd7ebf /post
parent2a674052b07cadf352181c0599ac990fdff7ddcf (diff)
Convert posts to markdown files
This was considerable effort, and took a bit more time than I had hoped. While newer posts were written with Markdown, previous ones were writen with my own Markdown-like formatting, but they had enough differences that it was quite an effort to get things updated. I also checked the HTML output of each, though I didn't read every article in detail. Some of these were more substantial than others; National Uproar, for example. These conversions were markup translations: the actual text remains unchanged, except in one minor instance to add text for the sake of providing some text to hold a link to a quote. Any changes to post text will happen in future commits so that the diffs are clearly visible.
Diffstat (limited to 'post')
91 files changed, 4875 insertions, 0 deletions
diff --git a/post/2012-10-05-microblogging.md b/post/2012-10-05-microblogging.md
new file mode 100644
index 0000000..0cc5f58
--- /dev/null
+++ b/post/2012-10-05-microblogging.md
@@ -0,0 +1,29 @@
+# Who needs "microblogging"?
+I don't. This is just some place safe to store random thoughts that people
+probably don't care about (like most comments on most social networking
+services), with the added benefit of distributed backup, a simple system and no
+character limit.
+<!-- more -->
+All the thoughts are commit messages; in particular, this means no versioning.
+That's okay, because I'm not going to go back and modify them, but I do want
+dates and I do want GPG signatures (to show that it's actually me thinking this
+This isn't a journal.
+This will mostly be a hacker's thought cesspool.
+This isn't a blog.
+Though, considering how much I ramble (look at this message), certain thoughts
+could certainly seem like blog entries. Don't get the two confused---one
+requires only thought defecation and the other endures the disturbing task of
+arranging the thought matter into something coherent and useful to present to
+Yeah. Enjoy. Or don't. You probably shouldn't, even if you do. If you don't,
+you probably should just to see that you shouldn't.
diff --git a/post/2012-10-05-tired.md b/post/2012-10-05-tired.md
new file mode 100644
index 0000000..08dbbd3
--- /dev/null
+++ b/post/2012-10-05-tired.md
@@ -0,0 +1,12 @@
+# Getting too tired to hack? At 23:00?
+This has been normal since becoming a father. I can't complain---I love being a
+father. Of course, I also love hacking. I also love sleep. Knowing that my son
+is going to wake me up a 6:00 in the morning has a slight influence in a
+situation like this.
+<!-- more -->
+I'd like to just suffer through it, but being a fiancé also has another
+obligation: going to bed when your significant other decides that it's bed time
+(and by "bed time" I mean sleep). I still manage to fit it in somehow.
diff --git a/post/2012-10-06-trademarks.md b/post/2012-10-06-trademarks.md
new file mode 100644
index 0000000..f827316
--- /dev/null
+++ b/post/2012-10-06-trademarks.md
@@ -0,0 +1,32 @@
+# The use of trademarks in free software has always been a curious and unclear concept to me, primarily due to my ignorance on the topic
+Trademarks, unless abused, are intended to protect consumers' interests---are
+they getting the brand that they think they're getting? If you download Firefox,
+are you getting Firefox, or a derivative?
+<!-- more -->
+Firefox is precicely one of those things that has brought this issue to light
+for me personally: the name is trademarked and derivatives must use their own
+names, leading to IceCat, IceWeasel, Abrowser, etc. Even though FF is free
+software, the trademark imposes additional restrictions that seem contrary to
+the free software philosophy. As such, it was my opinion that trademarks should
+be avoided or, if they exist, should not be exercised. (GNU, for example, is
+trademarked[^0], but the FSF certainly [does not exercise it][1]; consider GNUplot,
+a highly popular graphing program, which is not even part of the GNU project.)
+[This article][2] provides some perspective on the topic and arrives at much the
+same conclusions: trademark enforcement stifles adoption and hurts the project
+I recommend that trademarks not be used for free software projects, though I am
+not necessarily opposed to registering a trademark "just in case" (for example,
+to prevent others from maliciously attempting to register a trademark for your
+[1]: http://www.gnu.org/prep/standards/html_node/Trademarks.html
+[2]: http://mako.cc/copyrighteous/20120902-00
+[^0]: uspto.gov; serial number 85380218; reg. number 4125065.
+ From what I could find from the USPTO website, it was submitted by
+ Aaron Williamson of the SFLC (http://www.softwarefreedom.org/about/team/)
diff --git a/post/2012-10-09-election-attack-ads.md b/post/2012-10-09-election-attack-ads.md
new file mode 100644
index 0000000..d61a73f
--- /dev/null
+++ b/post/2012-10-09-election-attack-ads.md
@@ -0,0 +1,17 @@
+# All these election attack ads are utterly useless
+There have been a lot of elections going on lately---local, state and national.
+The majority of those ads are attack ads: immature and disrespectful; if you
+want my vote, give me something positive to vote for instead of spending all of
+your time and money attacking your candidate. If my vote is to go to the "least
+horrible" candidate, then there is no point in voting at all.
+<!-- more -->
+Even more frustrating is the deceptiveness of the ads---intentional
+deceptiveness, nonetheless. And these are the ads that many in the United States
+will be basing the majority of, if not all, of their vote on come election time
+(how many will realistically research instead of sitting in front of the TV
+absorbing all of the useless bullshit that they are spoonfed?).
diff --git a/post/2012-10-09-kid-iphone-game.md b/post/2012-10-09-kid-iphone-game.md
new file mode 100644
index 0000000..cd5d27b
--- /dev/null
+++ b/post/2012-10-09-kid-iphone-game.md
@@ -0,0 +1,42 @@
+# Why no kid (or kid at heart) should write an iPhone game
+I saw [this post][0] appear on HackerNews, talking about how building a game for
+iOS is "fun" and "cool". The poster lures the reader in with talk of making
+money and talks of a "unique sense of fulfillment" that comes with development
+of these games, and then goes on to invite kids to learn how to develop games
+for the iPhone (and presumably other iOS devices).
+[0]: http://blog.makegameswith.us/post/33263097029/call-to-arms
+This is a terrible idea.
+<!-- more -->
+Getting children involved with hacking is an excellent idea, but introducing
+them to the evils of Apple and associating that with a feeling of pleasure does
+a great disservice; all software developed for iOS must be "purchased" (even
+if it's of zero cost) through a walled garden called the "App Store". The
+problem with this is that [the App Store is hostile toward free
+software][1]---its overly restrictive terms are incompatible with free software
+licenses like the GPL. Teaching children to develop software for this crippled,
+DRM-laden system is teaching them that it is good to prevent sharing, stifle
+innovation and deny aid to your neighbor.
+A better solution would be to suggest developing software for a completely free
+mobile operating system instead of iOS, such as [Replicant][2] (a fully free
+Android distribution). Even if Replicant itself were not used, Android itself,
+so long as proprietary implementations and "stores" are avoided[[3]], is much
+more [compatible with education][4] than iOS, since the children are then able
+to freely write and distribute the software without being controlled by
+malicious entities like Apple. Furthermore, they would then be able to use a
+fully free operating system such as GNU/Linux to *write* the software.
+Do not let fun and wealth disguise this ugly issue. Even more importantly---do
+not pass this practice and woeful acceptance down to our children. I receive a
+"unique sense of fulfillment" each and every day hacking free software far
+away from Apple's grasp.
+[1]: http://www.fsf.org/news/blogs/licensing/more-about-the-app-store-gpl-enforcement
+[2]: http://replicant.us/
+[3]: http://www.gnu.org/philosophy/android-and-users-freedom.html
+[4]: http://www.gnu.org/education/edu-schools.html
diff --git a/post/2012-10-09-ssh-t.md b/post/2012-10-09-ssh-t.md
new file mode 100644
index 0000000..416c1e6
--- /dev/null
+++ b/post/2012-10-09-ssh-t.md
@@ -0,0 +1,27 @@
+# Always use -t with ssh-add (and always set passwords on your ssh keys)
+Many people use SSH keys for the sole purpose of avoiding password entry when
+logging into remote boxes. That is legtimate, especially if you frequently run
+remote commands or wish to take advantage of remote tab complation, but creating
+a key with an empty password is certainly the wrong approach---if an attacker
+gets a hold of the key, then they have access to all of your boxes before you
+have the chance to notice and revoke the key.
+<!-- more -->
+ssh-agent exists for this purpose. The problem is---creating an agent only to
+place the key in memory indefinately is also a terrible idea. If your system
+does become compromised and the attacker is either root access or access as your
+user, then they can simply connect to the ssh-agent (unless it's password
+protected) and start using your key. Also consider that, should you leave your
+box unattended for even a moment without locking it (for whatever reason---shit
+happens), an attacker could gain physical access to your PC (and an attacker may
+just be a coworker looking to play a prank).
+Every morning at work, I begin the day by typing ssh-add followed by an
+appropriate lifetime (be it the duration of the work day, or the duration that I
+think I will need the key). This way, your key is in memory when you are likely
+to be physically present at the box and it is automatically removed from memory
+after a given lifetime. Additionally, I like to add `ssh-add -D` to the script
+that locks my PC when I walk away from my desk: that will immediately clear all
+keys from memory, just in case.
diff --git a/post/2012-10-10-school-rfid.md b/post/2012-10-10-school-rfid.md
new file mode 100644
index 0000000..0440dcb
--- /dev/null
+++ b/post/2012-10-10-school-rfid.md
@@ -0,0 +1,21 @@
+# Texas middle and high schools tracking student locations with RFID tags
+[An article][0] describes how a school district in Texas is attempting to force
+its students to wear RFID tags at all times in order to track their location to
+"stem the rampant truancy devastating the school's funding".
+[0]: http://rt.com/usa/news/texas-school-id-hernandez-033/
+<!-- more -->
+This is deeply concerning. Not only does this raise serious security and privacy
+concerns (as mentioned near the end of the article), but it also costed the
+schools over a half a million dollars to implement. In order words: Texas
+taxpayer money has been wasted in an effort to track our children.
+Good thing they don't have anything [better to spend that money on.][1]
+[1]: http://fedupwithlunch.com/
diff --git a/post/2012-10-13-day-changed.md b/post/2012-10-13-day-changed.md
new file mode 100644
index 0000000..f85d6df
--- /dev/null
+++ b/post/2012-10-13-day-changed.md
@@ -0,0 +1,8 @@
+# "Day changed to S"
+Whatever "S" may be (in this case, "13 Oct 2012"), there is always a sense
+of peace and gratification that comes with witnessing that line appear in any
+type of log; it shows a dedication to an art, should your days contain daylight.
+<!-- more -->
diff --git a/post/2012-10-16-branch-pred.md b/post/2012-10-16-branch-pred.md
new file mode 100644
index 0000000..cab6b61
--- /dev/null
+++ b/post/2012-10-16-branch-pred.md
@@ -0,0 +1,8 @@
+# Branch Prediction
+An enlightening discussion on branch prediction.[0]
+[0]: http://stackoverflow.com/questions/11227809/why-is-processing-a-sorted-array-faster-than-an-unsorted-array
+<!-- more -->
diff --git a/post/2012-10-16-free-speech-western.md b/post/2012-10-16-free-speech-western.md
new file mode 100644
index 0000000..27a738b
--- /dev/null
+++ b/post/2012-10-16-free-speech-western.md
@@ -0,0 +1,7 @@
+# Free Speech in the Western World
+An interesting opinion piece on [free speech in the western world.][0]
+[0]: http://www.washingtonpost.com/opinions/the-four-arguments-the-western-world-uses-to-limit-free-speech/2012/10/12/e0573bd4-116d-11e2-a16b-2c110031514a_print.html
+<!-- more -->
diff --git a/post/2012-10-16-nyc-master-keys.md b/post/2012-10-16-nyc-master-keys.md
new file mode 100644
index 0000000..9420b9b
--- /dev/null
+++ b/post/2012-10-16-nyc-master-keys.md
@@ -0,0 +1,24 @@
+# NYC Master Keys
+[Bruce Schneier summarizes in a blog post][0] a disturbing topic regarding a New
+York City locksmith selling "master keys" on eBay, providing access to various
+services such as elevators and subway entrances.
+[A discussion about this blog post on Hacker News][1] yielded some interesting
+conversation, including an [even more disturbing article describing how simple
+it may be to create master keys][2] for a set of locks given only the lock, its
+key and a number of attempts.
+[0]: http://www.schneier.com/blog/archives/2012/10/master_keys.html
+[1]: http://news.ycombinator.com/item?id=4654777
+[2]: http://www.crypto.com/masterkey.html
+<!-- more -->
+I'll let you ponder the implications of both of these topics. Here's something
+to get you started: organized crime could use these keys to effectively evade
+law enforcement or break into millions of "locked" homes. Crackers could gain
+intimate access to various city systems whereby they may be able to further
+obstruct or infect systems. A security system is only as strong as its weakest
+link. Keeping citizens in the dark about these issues gives them a dangerous and
+false sense of security.
diff --git a/post/2012-10-16-verizon-router-backdoors.md b/post/2012-10-16-verizon-router-backdoors.md
new file mode 100644
index 0000000..f4119d4
--- /dev/null
+++ b/post/2012-10-16-verizon-router-backdoors.md
@@ -0,0 +1,27 @@
+# Verizon router backdoors
+A [very disturbing article][0] makes mention of a Verizon TOS update for its
+Internet service customers:
+[0]: http://www.linuxbsdos.com/2012/10/04/is-that-a-backdoor-or-an-administrative-password-on-your-verizon-internet-router/
+> Section 10.4 was updated to clarify that Verizon may in limited instances
+> modify administrative passwords for home routers in order to safeguard
+> Internet security and our network, the security and privacy of subscriber
+> information, to comply with the law, and/or to provide, upgrade and maintain
+> service.
+<!-- more -->
+...what? This is deeply disturbing, deeply perverted idea of security. Not only
+is this a severe privacy concern (all internet traffic passes through your
+router), but it's a deep *security* concern---what if a cracker is able to
+figure out Verizon's password scheme, intercept the communication with your
+router or otherwise?
+I recommend that you (a) use your own router, (b) change its default password if
+you have not yet done so and (c) disallow remote access. Furthermore, I
+recommend using a free (as in freedom) firmware such as [DD-WRT][1] if supported
+by your hardware.
+[1]: http://dd-wrt.com/
diff --git a/post/2012-10-17-pacemaker-cracking.md b/post/2012-10-17-pacemaker-cracking.md
new file mode 100644
index 0000000..8891f5a
--- /dev/null
+++ b/post/2012-10-17-pacemaker-cracking.md
@@ -0,0 +1,34 @@
+# Crackers capable of causing pacemaker deaths
+[This article][0] demonstrates why medical devices must contain free software:
+crackers are able to, with this particular type of pacemaker, exploit the device
+to trigger a fatal electric shock to its host from as far as 30 feet away (the
+article also mentions rewriting the firmware, which could of course be used to
+schedule a deadly shock at a predetermined time). These issues would not exist
+with free software, as the user and the community would be able to study the
+source code and fix any defects (or hire someone who can) before placing it in
+their bodies.
+[0]: http://www.scmagazine.com.au/News/319508,hacked-terminals-capable-of-causing-pacemaker-mass-murder.aspx
+<!-- more -->
+(Note that this article mistakenly uses the term "hacker" when they really
+mean "cracker".)
+The aforementioned article is an excellent supplement to [a discussion on free
+software in pacemakers][1]. In particular, I had pointed out within this
+discussion [a talk by Karen Sandler of the GNOME Foundation regarding this
+issue][2] at OSCON 2011, in which she mentions potential issues of proprietary
+software in pacemakers and the difficulty she faced in attempting to get the
+source code for one that she was considering for herself.
+The discussion on HackerNews also yielded [an article by the SFLC][3] detailing
+this issue.
+(Please do not use YouTube's proprietary video player to view the mentioned
+YouTube video.)
+[1]: http://news.ycombinator.com/item?id=3959547
+[2]: https://www.youtube.com/watch?v=nFZGpES-St8
+[3]: https://www.softwarefreedom.org/news/2010/jul/21/software-defects-cardiac-medical-devices-are-life-/
diff --git a/post/2012-10-18-defense-of-marriage-act.md b/post/2012-10-18-defense-of-marriage-act.md
new file mode 100644
index 0000000..76f7062
--- /dev/null
+++ b/post/2012-10-18-defense-of-marriage-act.md
@@ -0,0 +1,12 @@
+# Federal Appeals Court Declares "Defense of Marriage Act" Unconstitutional
+A step in the [right direction.][0]
+It should also be noted that New York State had also [legalized same sex
+marriage back in July of 2011][1]---a move I was particularily proud of as a
+resident of NY state.
+[0]: http://www.aclu.org/lgbt-rights/federal-appeals-court-declares-defense-marriage-act-unconstitutional
+[1]: http://en.wikipedia.org/wiki/Same-sex_marriage_in_New_York
+<!-- more -->
diff --git a/post/2012-10-18-med-device-cracking.md b/post/2012-10-18-med-device-cracking.md
new file mode 100644
index 0000000..06a4e75
--- /dev/null
+++ b/post/2012-10-18-med-device-cracking.md
@@ -0,0 +1,34 @@
+# Another crack at medical device cracking
+My previous post mentioned the dangers of running non-free software on implanted
+medical devices. While reading over RMS' policital notes[0], I came across [an
+article mentioning how viruses are rampant on medical equipment][1].
+> "It's not unusual for those devices, for reasons we don't fully understand, to
+> become compromised to the point where they can't record and track the data,"
+> Olson said during the meeting, referring to high-risk pregnancy monitors.
+The devices often run old, unpatches versions of Microsoft's Windoze operating
+system. The article also mentions how the maleware often attempts to include its
+host as part of a botnet.
+[0]: http://stallman.org/archives/2012-jul-oct.html#18_October_2012_%28Computerized_medical_devices_vulnerable_to_viruses%29
+[1]: http://www.technologyreview.com/news/429616/computer-viruses-are-rampant-on-medical-devices/
+<!-- more -->
+This is deeply concerning and incredibly dangerous. As non-free software is used
+more and more in equipement that is responsible for our health and safety, we
+are at increased risk for not only obvious software flaws, but also for crackers
+with malicious intent; harming someone will become as easy as instructing your
+botnet to locate and assassinate an individual while you go enjoy a warm (or
+cold) beverage.
+These problems are *less likely* (not impossible) to occur in free software
+beacuse the users and community are able to inspect the source code and fix
+problems that arise (or hire someone that can)[2]. In particular, in the case of
+the hospitals mentioned in [the article][1], they would be free to hire someone
+to fix the problems themselves rather than falling at the mercy of the
+corporations who supplied the proprietary software.
+[2]: http://www.gnu.org/philosophy/free-sw.html
diff --git a/post/2012-10-19-aguild-v-hathitrust.md b/post/2012-10-19-aguild-v-hathitrust.md
new file mode 100644
index 0000000..e9be502
--- /dev/null
+++ b/post/2012-10-19-aguild-v-hathitrust.md
@@ -0,0 +1,8 @@
+# Digitizing Books Is Fair Use: Author's Guild v. HathiTrust
+A New York court ruled that "digitizing" books for researched and disabled
+individuals is lawful.[[0]]
+[0]: https://www.eff.org/deeplinks/2012/10/authors-guild-vhathitrustdecision
+<!-- more -->
diff --git a/post/2012-10-24-obama-wiretapping.md b/post/2012-10-24-obama-wiretapping.md
new file mode 100644
index 0000000..0ad5970
--- /dev/null
+++ b/post/2012-10-24-obama-wiretapping.md
@@ -0,0 +1,28 @@
+# Obama and Warrantless Wiretapping
+The EFF has released an article with a [plethora of links describing warrantless
+wiretapping under the Obama administration][0], spurred by Obama's response to
+Jon Stewart's questioning on The Daily Show last Thursday. (Readers should also
+be aware of the [NSA spy center][1] discussed earlier in the year, as is
+mentioned in the EFF article.)
+[0]: https://www.eff.org/deeplinks/2012/10/fact-check-obamas-misleading-answer-about-warrantless-wiretapping-daily-show
+[1]: http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/
+<!-- more -->
+It is clear that the United States government has no intent on protecting the
+freedoms of individuals and instead is actively resisting attempts to correct
+the problems. While we can hope that this will change, and we can be confident
+that organizations like the EFF will continue to fight for our liberties, one
+immediate option is to limit as much as possible what the NSA and other agencies
+can discover about you. Consider using [Tor][2] for all of your network traffic
+(at the very least, use HTTPS connections to prevent agencies and ISPs from viewing
+specific web pages on a particular domain; HTTPS is unnecessary if using Tor.)
+PGP/GPG can be used to encrypt e-mail messages to the intended recipients. Etc.
+It's unfortunate that such precautions are necessary. Privacy is important even
+if you have nothing to hide; any suggestion to the contrary is absolutely
+[2]: http://torproject.org
diff --git a/post/2012-10-24-stingrays.md b/post/2012-10-24-stingrays.md
new file mode 100644
index 0000000..0b76f0f
--- /dev/null
+++ b/post/2012-10-24-stingrays.md
@@ -0,0 +1,15 @@
+# Stingrays: Cell Phone Privacy and Warrantless Surveillance
+How would you feel if law enforcement showed up in your living room, demanded
+your cell phone, and started writing down your call history and text messages?
+How would you feel if you didn't even know that they were in your home to begin
+with, let alone stealing private data? [This is precisely what is happening when
+law enforcement uses "Stingrays" to locate individuals][0], collecting data of
+every other individual within range of the device in the process. Even *if* you
+are the subject of surveillance, this is still an astonishing violation of
+privacy. (Of course, law enforcement could always demand such records from your
+service provider, but such an act at the very least has a paper trail.)
+[0]: https://www.eff.org/deeplinks/2012/10/stingrays-biggest-unknown-technological-threat-cell-phone-privacy
+<!-- more -->
diff --git a/post/2012-10-27-gnu-win8-launch.md b/post/2012-10-27-gnu-win8-launch.md
new file mode 100644
index 0000000..b4dd3fc
--- /dev/null
+++ b/post/2012-10-27-gnu-win8-launch.md
@@ -0,0 +1,63 @@
+# GNU Trick-Or-Treat---FSF Crashes Windows 8 Launch
+The FSF decided to [crash the Windows 8 launch even in New York City][0],
+complete with [Trisquel][1] DVDs, FSF stickers and information about their
+[pledge to upgrade to GNU/Linux instead of Windows 8][2].
+I find this to be a fun, excellent alternative to blatant protesting that is
+likely to be better received by those who would otherwise be turned off to
+negativity. At the very least, the [walking gnu][3] would surely turn heads and
+demand curiosity.
+[0]: http://www.fsf.org/news/activists-trick-or-treat-for-free-software-at-windows-8-launch-event-1
+[1]: http://trisquel.info/
+[2]: http://www.defectivebydesign.org/windows8
+[3]: http://www.fsf.org/blogs/community/gnus-trick-or-treat-at-windows-8-launch
+<!-- more -->
+Here is the e-mail that was sent to the info at fsf.org mailing list:
+> Happy (almost) Halloween, everybody,
+> You've probably been noticing Microsoft's ads for their new operating
+> system -- after all, they've spent more money on them than any other
+> software launch campaign in history. In fact, everything about the
+> campaign has been meticulously planned and optimized, so you can
+> imagine journalists' surprise when an unexpected guest showed up at an
+> invite-only launch event on Thursday.
+> Our volunteer, Tristan Chambers, was there and caught the whole thing
+> on camera! Pictures here:
+> <http://www.fsf.org/blogs/community/gnus-trick-or-treat-at-windows-8-launch>.
+> Reporters and security guards at the event weren't sure how to react
+> when they were greeted by a real, live gnu. The gnu -- which, on
+> closer inspection, was an activist in a gnu suit -- had come for some
+> early trick-or-treating. But instead of candy, she had free software
+> for the eager journalists. The gnu and the FSF campaigns team handed
+> out dozens of copies of Trisquel, a fully free GNU/Linux distribution,
+> along with press releases and stickers. Once they got over their
+> confusion, the reporters were happy to see us and hear our message --
+> that Windows 8 is a downgrade, not an upgrade, because it steals
+> users' freedom, security and privacy.
+> Free software operating systems are the real upgrade, and they don't
+> need a zillion-dollar launch event to prove it. To show Microsoft that
+> their ads won't change our minds, we're starting an upgrade pledge:
+> switch to a free OS, or if you're already using one, help a friend
+> switch. We can pay Microsoft a chunk of change for their new,
+> proprietary OS, or we can stand up for our freedom. The choice isn't
+> as hard as Microsoft wants you to think.
+> Sign the pledge now! -- <http://www.fsf.org/windows8/pledge>.
+> Thanks for making a commitment to free software.
+> PS - If you'd like more details about the action, you can check out
+> our press release here:
+> <http://www.fsf.org/news/activists-trick-or-treat-for-free-software-at-windows-8-launch-event-1>.
+> -Zak Rogoff
+> Campaigns Manager
diff --git a/post/2012-10-30-abolishing-patents.md b/post/2012-10-30-abolishing-patents.md
new file mode 100644
index 0000000..6b2c2e1
--- /dev/null
+++ b/post/2012-10-30-abolishing-patents.md
@@ -0,0 +1,30 @@
+# Abolishing Patents
+My issue with patents exceeds the [obvious case against software patents][0];
+indeed, I have long pondered the problems with patents in other fields. When I
+hear the phrase "patent pending" or "patented technology" touted in ads, I
+have never thought positive thoughts; instead, I have thought "you are damning
+this otherwise excellent work to stagnation". What if someone has an excellent
+idea to improve upon that particular product? Well, they'd better be prepared to
+jump through some hoops or shell out some hefty licensing fees. Or maybe it's
+just easier to abandon the idea entirely and forget that it had never happened.
+[0]: http://patentabsurdity.com/
+<!-- more -->
+However, I thought, it's not a simple case of ridding the world of patents.
+How would that affect the incentive to innovate? How would people recoup
+expensive R&D costs, especially in industries like pharmacy (both my parents are
+pharmacists)? What about the incentive to describe your invention to the world?
+Then again, nobody *has* to get a patent for their invention. It may be worth
+keeping it secret if nobody can figure it out.
+The answers to all of these questions appeared in one place: [The Case Against
+Patents][1], which I found referenced in an article regarding the [Swedish Pirate
+Party's opinions on patents, trademarks and copyright][2]. While it is still a
+draft at the time of this writing, I encourage you to give it a read, as it is
+very enlightening.
+[1]: http://research.stlouisfed.org/wp/2012/2012-035.pdf
+[2]: http://falkvinge.net/2012/10/13/what-the-swedish-pirate-party-wants-with-patents-trademarks-and-copyright/
diff --git a/post/2012-10-30-dcma-jailbreaking.md b/post/2012-10-30-dcma-jailbreaking.md
new file mode 100644
index 0000000..05595c3
--- /dev/null
+++ b/post/2012-10-30-dcma-jailbreaking.md
@@ -0,0 +1,18 @@
+# Jailbreaking and DCMA---EFF Touts Victory, FSF Warns Of Failure
+While the [EFF is pleased to announce][0] that the Copyright Office has [renewed
+DMCA exceptions upholding jailbreaking rights for cellphones][1], the FSF
+cautions that [this right has not been extended to tablets, game consoles or
+even PCs with restricted boot][2].
+[0]: https://www.eff.org/press/releases/eff-wins-renewal-smartphone-jailbreaking-rights-plus-new-legal-protections-video
+[1]: http://www.copyright.gov/fedreg/2012/77fr65260.pdf
+[2]: http://www.fsf.org/blogs/licensing/copyright-office-fails-to-protect-users-from-dmca
+<!-- more -->
+It should be noted that the EFF also successfully gained protection for the use
+of short copyrighted clips in remixing,[0] and while this is a positive step
+forward in its own, the implications of the first paragraph should not be
diff --git a/post/2012-10-30-openwireless.md b/post/2012-10-30-openwireless.md
new file mode 100644
index 0000000..7dda51e
--- /dev/null
+++ b/post/2012-10-30-openwireless.md
@@ -0,0 +1,30 @@
+# OpenWireless.org
+The EFF [announces the launch of openwireless.org][0], which encourages users to
+[share their network connections][1] to create a global network of freely
+available wireless internet access.
+This is a noble movement. This reminds me of a point in history when MIT began
+password protecting their accounts, which were previously open to anyone.
+Stallman, disagreeing with such a practice, [encouraged users to create empty
+passwords][2]. Stallman would even give out his account information so that
+remote users may log into MIT's systems, all with good intent.
+[0]: https://www.eff.org/deeplinks/2012/10/why-we-have-open-wireless-movement
+[1]: https://www.openwireless.org/
+[2]: http://shop.fsf.org/product/free-as-in-freedom-2/
+<!-- more -->
+Of course, with malice rampant in today's very different world, Stallman's
+actions, although noble, would be both naive and a huge security risk.
+Fortunately, [opening your wireless network isn't necessarily one of these
+risks][3] and, if done properly, does not equate to opening your private network
+to attack.
+Consider using [DD-WRT][4] as your router's firmware, if supported by your
+device, as it is itself [free software][5].
+[3]: https://openwireless.org/myths
+[4]: http://dd-wrt.com
+[5]: http://www.gnu.org/philosophy/free-sw.html
diff --git a/post/2012-10-30-trademark-bullying.md b/post/2012-10-30-trademark-bullying.md
new file mode 100644
index 0000000..78cb284
--- /dev/null
+++ b/post/2012-10-30-trademark-bullying.md
@@ -0,0 +1,12 @@
+# "Trademark" Bullying
+There's two problems with this post from the EFF describing [The Village Voice
+suing Yelp for "Best of" trademark infringement][0]: firstly, there's the
+obvious observation that such a trademark should not have been permitted by the
+USPTO to begin with. Secondly---why do entities insist on gaming the system in
+such a terribly unethical manner? It takes a special breed of people to do such
+a thing.
+[0]: https://www.eff.org/deeplinks/2012/10/stupid-lawyer-tricks-and-government-officials-who-are-helping-them
+<!-- more -->
diff --git a/post/2012-10-30-ubuntu-amazon-ads.md b/post/2012-10-30-ubuntu-amazon-ads.md
new file mode 100644
index 0000000..57f2eae
--- /dev/null
+++ b/post/2012-10-30-ubuntu-amazon-ads.md
@@ -0,0 +1,15 @@
+# Ubuntu 12.10 Privacy: Amazon Ads and Data Leaks
+The EFF [cautions that Ubuntu 12.10 leaks user information to Amazon by
+default][0] rather than requiring the user to opt *into* the system.
+Of course, I cannot recommend that you use Ubuntu, as it encourages the
+installation of non-free device drivers, readily enables non-free software
+repositories and contains non-free components in its kernel.[1] Instead,
+consider a [fully free GNU/Linux distribution like Trisquel][2].
+[0]: https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-and-data-leaks
+[1]: http://www.fsfla.org/svnwiki/selibre/linux-libre/
+[2]: https://trisquel.info
+<!-- more -->
diff --git a/post/2012-11-03-bahrain-rallying.md b/post/2012-11-03-bahrain-rallying.md
new file mode 100644
index 0000000..02c377e
--- /dev/null
+++ b/post/2012-11-03-bahrain-rallying.md
@@ -0,0 +1,8 @@
+# Ban On Public Rallying and Demonstrations in Bahrain
+The government of Bahrain found that the best solution to preventing violent
+protests was to [ban all public rallying and demonstrations][0].
+[0]: https://www.eff.org/deeplinks/2012/11/bahrain-goes-bad-worse
+<!-- more -->
diff --git a/post/2012-11-03-eff-dmca.md b/post/2012-11-03-eff-dmca.md
new file mode 100644
index 0000000..6d28d89
--- /dev/null
+++ b/post/2012-11-03-eff-dmca.md
@@ -0,0 +1,8 @@
+# EFF Elaborates On DCMA Ruling
+In addition to my aforementioned links, the EFF has provided [a more detailed
+analysis][0] of the decision.
+[0]: https://www.eff.org/deeplinks/2012/11/2012-dmca-rulemaking-what-we-got-what-we-didnt-and-how-to-improve
+<!-- more -->
diff --git a/post/2012-11-05-cali-prop-35.md b/post/2012-11-05-cali-prop-35.md
new file mode 100644
index 0000000..22f5a9f
--- /dev/null
+++ b/post/2012-11-05-cali-prop-35.md
@@ -0,0 +1,22 @@
+# California Proposition 35 Concerns
+The EFF [points out problems with California's Proposition 35][0], which would,
+among other things, [require registered sex offenders to "disclose Internet
+activities and identities"][1]:
+[0]: https://www.eff.org/deeplinks/2012/11/eff-urges-no-vote-california-proposition-35
+[1]: http://voterguide.sos.ca.gov/propositions/35/
+<!-- more -->
+> [...] Proposition 35 would force individuals to provide law enforcement with
+> information about online accounts that are wholly unrelated to criminal
+> activity – such as political discussion groups, book review sites, or blogs.
+> In today’s online world, users may set up accounts on websites to communicate
+> with family members, discuss medical conditions, participate in political
+> advocacy, or even listen to Internet radio. An individual on the registered
+> sex offender list would be forced to report each of these accounts to law
+> enforcement within 24 hours of setting it up – or find themselves in jail.
+> This will have a powerful chilling effect on free speech rights of tens of
+> thousands of Californians.
diff --git a/post/2012-11-05-mediagoblin-grant.md b/post/2012-11-05-mediagoblin-grant.md
new file mode 100644
index 0000000..72e8320
--- /dev/null
+++ b/post/2012-11-05-mediagoblin-grant.md
@@ -0,0 +1,14 @@
+# MediaGoblin $10k Matching Grant
+Congratulations to MediaGoblin for not only [meeting the $10k matching grant
+from a generous anonymous donor][0], but also for raising $36k to date.
+[MediaGoblin][1] is a "free software media publishing platform that anyone can
+run"; it is a distributed, free (as in freedom) alternative to services such as
+YouTube, Flickr and others, and is part of the [GNU project][2].
+[0]: http://mediagoblin.org/news/we-made-10k-matching.html
+[1]: http://mediagoblin.org/
+[2]: http://gnu.org/
+<!-- more -->
diff --git a/post/2012-11-05-nsa-useless.md b/post/2012-11-05-nsa-useless.md
new file mode 100644
index 0000000..5848581
--- /dev/null
+++ b/post/2012-11-05-nsa-useless.md
@@ -0,0 +1,9 @@
+# Another Useless, False-Sense-Of-Security NSA Security Tactic
+A police officer [recalls a time he went through airport security][0] and
+received a patdown from one of the security agents, which he found to be
+absolutely useless.
+[0]: http://www.gizmodo.co.uk/2012/10/search-me/
+<!-- more -->
diff --git a/post/2012-11-06-voting-machine-alter.md b/post/2012-11-06-voting-machine-alter.md
new file mode 100644
index 0000000..0e9e914
--- /dev/null
+++ b/post/2012-11-06-voting-machine-alter.md
@@ -0,0 +1,11 @@
+# Video of 2012 Voting Machine Altering Votes
+A Reddit user [posted video of a 2012 voting machine preventing him from
+selecting Barak Obama][0]. Malfunction or not, this is the type of thing that
+could have possibly been caught if the software were free. Furthermore, from
+reading the source code, one would be able to clearly tell whether or not it was
+a bug or an intentional "feature".
+[0]: http://thenextweb.com/shareables/2012/11/06/reddit-user-captures-video-of-2012-voting-machines-altering-votes/
+<!-- more -->
diff --git a/post/2012-11-14-olpc-ethiopia.md b/post/2012-11-14-olpc-ethiopia.md
new file mode 100644
index 0000000..e56599f
--- /dev/null
+++ b/post/2012-11-14-olpc-ethiopia.md
@@ -0,0 +1,19 @@
+# OLPC Tablet in Ethiopia
+A story mentions how [Ethiopian kids quickly learned to read and use tablet
+PCs][0] provided by the [One Laptop Per Child][1] project. This is not only a
+noble feat (as we would expect from OLPC), but also an impressive one,
+considering that (as the article mentions) the children did not know how to
+read, even in their own language.
+[0]: http://dvice.com/archives/2012/10/ethiopian-kids.php
+[1]: http://one.laptop.org/
+<!-- more -->
+Now, while the OLPC does have [its own tablet][2], the article mentions that the
+[children were given Motorola Zoom tablets][0]; I would hope that they run free
+software to encourage freedom in these developing countries and to encourage the
+children to hack and explore their devices in even greater detail.
+[2]: http://one.laptop.org/about/xo-3
diff --git a/post/2012-11-17-us-copyright-alert-system.md b/post/2012-11-17-us-copyright-alert-system.md
new file mode 100644
index 0000000..d745dc9
--- /dev/null
+++ b/post/2012-11-17-us-copyright-alert-system.md
@@ -0,0 +1,10 @@
+# U.S. "Copyright Alert System"
+[The EFF warns][0] of [the "Copyright Alert System"][1]---a government
+endorsed spy system---that will launched shortly to monitor peer-to-peer
+networks for so-called "infringing" activity.
+[0]: https://www.eff.org/deeplinks/2012/11/us-copyright-surveillance-machine-about-be-switched-on
+[1]: http://www.copyrightinformation.org/alerts
+<!-- more -->
diff --git a/post/2012-11-17-vlc-lgpl.md b/post/2012-11-17-vlc-lgpl.md
new file mode 100644
index 0000000..0c125dc
--- /dev/null
+++ b/post/2012-11-17-vlc-lgpl.md
@@ -0,0 +1,160 @@
+# VLC's Move to LGPL
+Jean-Baptiste Kempf of the VLC project explains that "most of the code of VLC"
+has been [relicensed under the LGPL][0], moving *away from* the GPL. Some of the
+reasons for the move include "competition, necessity to have more professional
+developers around VLC and AppStores".[1] (With the "AppStore" comment,
+Jean-Baptiste is likely referring to issues regarding free software in Apple's
+App Store, which [the FSF has discussed on their website][2].)
+This is unfortunate; using the LGPL in place of the GPL is [not encouraged for
+free software projects][3] because, while it ensures the freedom of the project
+itself, it does not encourage the development of free software that *uses* the
+project---the LGPL allows linking with proprietary software. Let's explore the
+aforementioned reasons in a bit more detail.
+[0]: http://www.jbkempf.com/blog/post/2012/I-did-it
+[1]: http://www.jbkempf.com/blog/post/2012/How-to-properly-relicense-a-large-open-source-project
+[2]: http://www.fsf.org/news/blogs/licensing/more-about-the-app-store-gpl-enforcement
+[3]: http://www.gnu.org/licenses/why-not-lgpl.html
+<!-- more -->
+Firstly, let us consider the issue of competition. In one of the [discussions on
+Hacker News][4], I pointed out the distinction between "open source" and Free
+ [...]
+ It is important to understand the distinction between "open source" and "free
+ software". Open source focuses on the benefits of "open" code and development
+ and how it can create superior software. Free Software focuses on the ethical
+ issues---while free software developers certainly want contributors, the
+ emphasis is on the fact that the software respects your freedom and, for that,
+ it's far superior to any other proprietary alternative; free software users
+ constantly make sacrifices in functionality and usability, and we're okay with
+ that.
+ [http://www.gnu.org/philosophy/open-source-misses-the-point.html][5]
+ [...]
+In this sense, why should competition be considered for software freedom, unless
+it is between two free software projects, encouraging innovation in conjunction
+*with* freedom? In such a case, one wouldn't change the software license from
+the GPL to the LGPL, because the LGPL is less pursuant toward those freedoms.
+Therefore, VLC instead adopts the ["open source"][5] development model, as it
+cares more for competition.
+The next concern was to "have more professional developers around VLC".[1] Is
+this to imply that free software hackers cannot be professional developers? I
+certainly am. Consider projects like the kernel Linux---many companies have
+contributed back to that project, which is licensed under the GPLv2. If the goal
+is to have more people contributing to your project, then a license like the GPL
+is certainly best, as it puts a legal obligation on the distributor to release
+the source code, which the parent project may then incorporate. Now, the LGPL
+also forces this (except for linked software); since the only [differences
+between the GPL and the LGPL][6] deal with the linking exception, this means
+that the author is either (a) mistaken in the concern or (b) wishes for more
+*proprietary* development around VLC. Alternatively, the author may be
+concerned that the GPL introduces compatibility issues between whatever other
+"open source" license developers wish to use when linking VLC code, but
+again---that means that VLC is devaluing freedom. Risky business, but this is
+the model that BSD follows (permitting proprietary derivatives of the entire
+software---not just linking---and receiving contributions back from proprietary
+software makers.)
+Finally, let us consider the issue of Apple's App Store. This is issue is
+certainly of strong concern---Apple's products are very popular and yet they do
+not even make an attempt to respect the users' freedoms either with their
+software or with any of the software they allow on their "App Store".[2]
+However, Jean-Baptiste has made a fatal mistake---we should not be changing our
+licenses to suit Apple! In effect, that is giving Apple even more power over
+free software by allowing them to exert control not only over their users, but
+also over the developers of the users' favorite software! We should instead
+express our condolences with those users and suggest instead that they adopt a
+device or operating system that respects their freedom, or that they jailbreak
+their devices (which is [still legal][7]).
+I'll end this commentary with an additional response of mine from the
+[aforementioned Hacker News thread][4]:
+> The freedoms represent an ethical issue---that software developers have
+> unprecedented control over their users. Why should I, as a hacker, be able
+> to tell you what you can and cannot do with your device? Furthermore, it
+> raises deep privacy issues---what kind of data am I collecting and why
+> should I have that data?
+> I entered the free software movement slowly (I began software development on
+> Windows as a young boy and was trained to think that bossing the user around
+> was a good thing; I thought it was fun to write DRM system and
+> anti-features). I began using GNU/Linux while still rationalizing my use of
+> proprietary software through Wine or by dual-booting into Windows. I then
+> saw the benefits of the "open source" development model. It wasn't until I
+> spent the time researching the reasons behind the free software movement
+> that things began to click. I was able to look back on everything I learned
+> as a developer for Windows and see that I enjoyed the thought of controlling
+> my users. I enjoyed the power I got from programming---programming was
+> empowerment, and the only way to squeeze the money out of those unsuspecting
+> users was to do it forcefully.
+> People have fundamentally different philosophies when it comes to
+> programming. Do all proprietary software developers do so out of greed? On
+> some level, sure---they're not contributing that code so that others may
+> benefit from it. But are they doing it for the purpose of controlling their
+> users? Not necessarily, but they still are, even if they have the best of
+> intentions. Is someone who creates proprietary educational software for
+> children in third world companies "evil"? Certainly not. The problem is that
+> they're denying them an additional right---the right to modify that
+> software, learn from it and use their devices as they please.
+> Of course, we often see proprietary software used unethically, often times
+> for vendor lock-in or greed; corporations are worried that if they lighten
+> their grip on their users, that the users may run, or worse, do something
+> [il]legal. I don't believe that is the place of software developers. I
+> remember, back when I used Windows, I was obsessed with magic/illusion. I
+> purchased a ton of videos online teaching me various magic tricks, but the
+> videos were laced with DRM (which, at the time, as a Windows developer, I
+> applauded). The problem was, that I then upgraded my hardware. My videos no
+> longer worked. I contacted them for a new key, and could view them again.
+> Then I got a new PC. And now I use GNU/Linux. I can no longer watch those
+> videos that I purchased because of this unnecessary, artificial restriction.
+> Was I going to distribute those videos? No. Did that prevent others from
+> stripping the restrictions and distributing it anyway? Certainly not. I was
+> being punished for others' actions and the others weren't any worse off from
+> the restrictions, because they understood how to defeat them.
+> Of course, DRM's only one of the many issues (and DRM cannot exist in free
+> software, because the community would simply remove the anti-feature). What
+> if I were using some software---let's say Photoshop---and it crashed on me
+> in the middle of my work. Crap. Well, if I were using GIMP, I would run gdb
+> on the core dump (assuming a segfault) and inspect the problem. I would try
+> to repeat it. I could, if I wanted to, get my hands on the source code, fix
+> the problem and distribute that fix to others. If I didn't have the time or
+> ability, others could fix the problem for me, and we have the right to share
+> those changes. We have the right to benefit from those changes. With
+> Photoshop, we'd better start waiting. What if I was able to magically come
+> up with a fix, perhaps by modifying the machine code? Hold on---I'm not
+> allowed to do that! And I'm certainly not allowed to distribute that fix to
+> others. And I'm certainly not allowed to give my son a copy for his PC if he
+> wanted to do an art project for school.
+> The FSF provides a great deal of information on their philosophy:
+> <http://www.gnu.org/philosophy/>. You could also gain a great deal of
+> insight by reading up on the history:
+> <http://shop.fsf.org/product/free-as-in-freedom-2/> or by reading RMS'
+> essays: <http://shop.fsf.org/product/signed-fsfs/>.
+> And ultimately, you may find that you do not agree with our
+> philosophy---many don't. That's certainly your right, and I respect that.
+> What I cannot respect, and will not respect, is when that philosophy is used
+> to exert control over others.
+> (As a final note: many say we control developers through our "viral"
+> licenses. But keep in mind that we're trying to protect the users *from*
+> developers. This means taking power away from developers. This is
+> intentional.)
+[4]: http://news.ycombinator.com/item?id=4787965
+[5]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
+[6]: http://www.gnu.org/licenses/lgpl.html
+[7]: https://www.eff.org/press/releases/eff-wins-renewal-smartphone-jailbreaking-rights-plus-new-legal-protections-video
diff --git a/post/2012-11-19-copyright-reform.md b/post/2012-11-19-copyright-reform.md
new file mode 100644
index 0000000..c67c814
--- /dev/null
+++ b/post/2012-11-19-copyright-reform.md
@@ -0,0 +1,16 @@
+# Copyright Reform? You're silly.
+Amazingly, the Republican Study Committee (RSC) had [released a report
+suggesting copyright reform][0]. Of course, that's a silly thing to do when
+you're in bed with organizations like the MPAA and RIAA; [the report was quickly
+It would have been a surprising step forward; maybe there's hope yet, assuming
+the GOP can get a handle on itself.
+(Disclaimer: I have no party affiliation.)
+[0]: http://www.techdirt.com/articles/20121116/16481921080/house-republicans-copyright-law-destroys-markets-its-time-real-reform.shtml
+[1]: http://www.techdirt.com/articles/20121117/16492521084/hollywood-lobbyists-have-busy-saturday-convince-gop-to-retract-copyright-reform-brief.shtml
+<!-- more -->
diff --git a/post/2012-11-19-privacy-petraeus.md b/post/2012-11-19-privacy-petraeus.md
new file mode 100644
index 0000000..8f82b5c
--- /dev/null
+++ b/post/2012-11-19-privacy-petraeus.md
@@ -0,0 +1,58 @@
+# Privacy In Light of the Petraeus Scandal
+I'm not usually one for scandals (in fact, I couldn't care less who government
+employees are sleeping with). However, it did bring up deep privacy
+concerns---how exactly did the government get a hold of the e-mails?
+The [EFF had released an article answering some questions][0] about the scandal,
+which is worth a read. In particular, you should take a look at the [EFF's
+Surveillance Self-Defense website][1] for an in-depth summary of the laws
+surrounding government surveillance and tips on how to protect against it.
+[0]: https://www.eff.org/deeplinks/2012/11/when-will-our-email-betray-us-email-privacy-primer-light-petraeus-saga
+[1]: https://ssd.eff.org
+I'd like to touch upon a couple things. In particular, [the article mentions][0]:
+<!-- more -->
+> Broadwell apparently accessed the emails from hotels and other locations, not
+> her home. So the FBI cross-referenced the IP addresses of these Wi-Fi
+> hotspots "against guest lists from other cities and hotels, looking for common
+> names."
+To stay anonymous in this situation, one should [consider using Tor][2] to mask
+his/her IP address. Additionally, remove all cookies (or use your browser's
+privacy mode if it will disable storing and sending of cookies for you) and
+consider that your User Agent may be used to identify you, especially if
+maleware has inserted its own unique identifiers.
+Also according to [the EFF article][0]:
+> According to reports, Patraeus and Broadwell adopted a technique of drafting
+> emails, and reading them in the draft folder rather than sending them.
+That didn't work out so well. Consider [encrypting important communications][3]
+using GPG/PGP so that (a) the e-mail cannot be deciphered in transit and (b) the
+e-mail can only be read by the intended recipient. Of course, you are then at
+risk of being asked to divulge your password, so to avoid the situation
+entirely, it would be best to delete the e-mails after reading them.
+Additionally, if you host your own services, it may be wise to host your own
+e-mail (guides for doing this vary between operating system, but consider
+looking at software like [Postfix][4] for mail delivery and maybe [Dovecot][5]
+for retrieval).
+Privacy isn't only for those individuals who are trying to be sneaky or cheat on
+their spouses. Feel free joining the EFF in trying to reform the ECPA to respect
+our privacy in this modern era; storing a document digitally shouldn't change
+its fundamental properties under the law.
+I'd also encourage you to read [Schneier's post on this topic][6], which
+summarizes points from many articles that I did not cover here.
+[2]: https://ssd.eff.org/tech/tor
+[3]: https://ssd.eff.org/tech/encryption
+[4]: http://www.postfix.org
+[5]: http://www.dovecot.org/
+[6]: http://www.schneier.com/blog/archives/2012/11/e-mail_security.html
diff --git a/post/2012-12-01-tor-node-raid.md b/post/2012-12-01-tor-node-raid.md
new file mode 100644
index 0000000..d6868b1
--- /dev/null
+++ b/post/2012-12-01-tor-node-raid.md
@@ -0,0 +1,9 @@
+# Tor exit node operator raided in Austria
+[These things][0] mustn't be allowed to happen; they are an affront to privacy.
+Tor exit node operators should not have to fear conviction for activities they
+themselves did not perform.
+[0]: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses
+<!-- more -->
diff --git a/post/2012-12-06-email-warrant-us.md b/post/2012-12-06-email-warrant-us.md
new file mode 100644
index 0000000..e924afc
--- /dev/null
+++ b/post/2012-12-06-email-warrant-us.md
@@ -0,0 +1,10 @@
+# Warrants For E-mails in the United States
+The [Senate Judiciary Committee passed an amendment][0] that requires that they
+receive a warrant before spying on our e-mails.
+This is excellent; let us hope that it becomes law.
+[0]: https://www.eff.org/deeplinks/2012/12/deep-dive-updating-electronic-communications-privacy-act
+<!-- more -->
diff --git a/post/2012-12-22-free-copyright-assign.md b/post/2012-12-22-free-copyright-assign.md
new file mode 100644
index 0000000..7b6ea75
--- /dev/null
+++ b/post/2012-12-22-free-copyright-assign.md
@@ -0,0 +1,53 @@
+# Copyright Assignment Of Free Software Projects
+An [e-mail today from Paolo Bonzini][0], a maintainer of GNU sed, has prompted
+additional discussion regarding copyright assignment to corporate entities; in
+particular, the discussion focuses on copyright assignment to the FSF under the
+GNU project.
+[0]: http://article.gmane.org/gmane.comp.lang.smalltalk.gnu.general/7873
+<!-- more -->
+An [article by Michael Kerrisk on LWN.net][1], posted a couple days earlier,
+touches on the [same issue brought up by GnuTLS earlier in the month][2]. The
+disagreements from the two aforementioned individuals of the GNU-maintained
+projects prompt a thoughtful analysis of whether copyright assignment is
+appropriate for your own free software project[1]. In contrast, consider the
+[developer certificate of origin][3] policy adopted by the Linux project, under
+which contributors maintain copyright for their contributions.
+There are benefits and downsides to both models---if a project requires
+copyright assignment (such as the GNU projects), then enforcement and license
+modifications are simplified. As an example, if the Linux project wanted to move
+to the GPLv3, they would have to contact each contributor (a similar move was
+done recently [by the VLC project][4], except that they moved from the GPL to
+the LGPL). However, the Linux project has a much smaller barrier to entry---they
+need not [assign copyright of their contributions to the project (such as is the
+case with GNU)][5], meaning that individuals may be more likely to contribute.
+One of the major benefits touted by the FSF for copyright assignments from
+contributors is [copyright enforcement][6]---another complication that would
+arise from enforcing the GPL in a project such as Linux. That said, as the LWN
+article mentions[2], what if [the FSF cannot find the time to enforce the
+copyright on a project violation][7]? Then again, what of the flipside---do you
+have the time or money to enforce violations on your own projects were they not
+assigned to a corporation like the FSF?
+These are interesting discussions and certainly things that should be considered
+when determining how to handle both contributions and the copyright for your
+entire project. Ultimately, that decision falls on you, the author/maintainer,
+and your needs.
+(Disclaimer: I am an associate member of the Free Software Foundation. This
+article does not reflect any of my personal opinions; whether or not I would
+assign copyright to the FSF for any of my projects would be determined based on
+the goals and plan of that particular project.)
+[1]: http://lwn.net/SubscriberLink/529522/854aed3fb6398b79/
+[2]: http://lwn.net/Articles/529558/
+[3]: http://elinux.org/Developer_Certificate_Of_Origin
+[4]: http://mikegerwitz.com/thoughts/2012/11/VLC-s-Move-to-LGPL.html
+[5]: http://git.savannah.gnu.org/cgit/gnulib.git/tree/doc/Copyright/assign.changes.manual#n64
+[6]: http://www.gnu.org/licenses/why-assign.html
+[7]: http://lwn.net/Articles/529777/
diff --git a/post/2012-12-28-fisa-5yr.md b/post/2012-12-28-fisa-5yr.md
new file mode 100644
index 0000000..0c7b9ff
--- /dev/null
+++ b/post/2012-12-28-fisa-5yr.md
@@ -0,0 +1,46 @@
+# Congress Approves FISA For Another 5 Years
+At a [vote of 73-23][0], Congress has voted to [extend FISA warentless spying
+bill by five more years[1], even shooting down [proposed amendments][2] to the
+[0]: https://www.senate.gov/legislative/LIS/roll_call_lists/roll_call_vote_cfm.cfm?congress=112&session=2&vote=00236
+[1]: https://www.eff.org/deeplinks/2012/12/congress-disgracefully-approves-fisa-warrantless-eavesdropping-bill-five-more
+[2]: https://www.eff.org/deeplinks/2012/12/why-we-should-all-care-about-senates-vote-fisa-amendments-act-warrantless-domestic
+[3]: http://arstechnica.com/tech-policy/2012/12/as-senate-votes-on-warrantless-wiretapping-opponents-offer-fixes/
+<!-- more -->
+Thank you to those senators that [opposed the bill][0]:
+> Akaka (D-HI);
+> Baucus (D-MT);
+> Begich (D-AK);
+> Bingaman (D-NM);
+> Brown (D-OH);
+> Cantwell (D-WA);
+> Coons (D-DE);
+> Durbin (D-IL);
+> Franken (D-MN);
+> Harkin (D-IA);
+> Leahy (D-VT);
+> Lee (R-UT);
+> Menendez (D-NJ);
+> Merkley (D-OR);
+> Murkowski (R-AK);
+> Murray (D-WA);
+> Paul (R-KY);
+> Sanders (I-VT);
+> Schatz (D-HI);
+> Tester (D-MT);
+> Udall (D-CO);
+> Udall (D-NM);
+> Wyden (D-OR).
+Unfortunately, the two senators from my own state cannot join that list.
+The [EFF has sumarized the surveillance issues of 2012][4] recently on their
+[4]: https://www.eff.org/deeplinks/2012/12/2012-review-effs-fight-against-secret-surveillance-law
diff --git a/post/2013-01-01-new-year.md b/post/2013-01-01-new-year.md
new file mode 100644
index 0000000..2716378
--- /dev/null
+++ b/post/2013-01-01-new-year.md
@@ -0,0 +1,9 @@
+# Happy New Year
+The greatest excitement in moving into a new year is the prospect of quantified
+Of course, it also means another year to look forward to the health of those you
+care for.
+<!-- more -->
diff --git a/post/2013-01-07-dna-collection.md b/post/2013-01-07-dna-collection.md
new file mode 100644
index 0000000..e0fea7d
--- /dev/null
+++ b/post/2013-01-07-dna-collection.md
@@ -0,0 +1,29 @@
+# DNA Collection
+Consider a recent article from the EFF [regarding "Rapid DNA Analyzers"][0].
+The article poses the potetial issues involved, but also consider that any DNA
+collected (if not destroyed) would violate not just your privacy, but your
+entire blood line. What if DNA from immigrants were collected? Much of that
+information is inherited, so generations down the line, your privacy is still
+[0]: https://www.eff.org/deeplinks/2012/12/rapid-dna-analysis
+<!-- more -->
+I cannot comment intelligently on the matter since I haven't read deeply enough
+into the proposed storage/hashing/etc policies, but those polices can be abused
+and such data can be leaked. I highly oppose any sort of DNA collection outside
+of personal at-home use (when the technology is available with free software)
+and use by medical professionals for personal medical reasons so long as the
+institution performing the test can provide stringent evidence of its
+destruction. But even then, if law enforcement somehow got a hold of the DNA
+before it were destroyed, then the problem still exists, so it would be best if
+you had your own personal tools to analyze your own DNA and distribute only the
+portions that were required (and encryption tools like [GPG][1] could be used
+for distribution).
+One day, but not now. Let's make those scanners affordable and run free
+[1]: http://www.gnupg.org/
diff --git a/post/2013-01-07-uspto-freefw-community.md b/post/2013-01-07-uspto-freefw-community.md
new file mode 100644
index 0000000..1d36e3f
--- /dev/null
+++ b/post/2013-01-07-uspto-freefw-community.md
@@ -0,0 +1,15 @@
+# USPTO Wants To Hear From Software Community
+The [USPTO wants to hear from the software community][0]. Interesting, but the
+problem is that the "software community" includes more than just those who
+find software patents to be an abomination.
+I have [mentioned issues with software patents in a previous post][1], but one
+resource that may be worth looking at direclty is ["The Case Against
+Patents"][2] [pdf].
+[0]: http://www.groklaw.net/article.php?story=20130104012214868
+[1]: http://mikegerwitz.com/thoughts/2012/10/Abolishing-Patents.html
+[2]: http://research.stlouisfed.org/wp/2012/2012-035.pdf
+<!-- more -->
diff --git a/post/2013-01-14-lulu-bye-drm.md b/post/2013-01-14-lulu-bye-drm.md
new file mode 100644
index 0000000..53f4d38
--- /dev/null
+++ b/post/2013-01-14-lulu-bye-drm.md
@@ -0,0 +1,41 @@
+# LuLu Says Goodbye to DRM
+On January 8th, [LuLu announced that they would be dropping DRM][0] for users
+who "[download] eBooks directly from Lulu.com to the device of their choice".
+This is a wise move (for [those of us who oppose DRM][1]), but unfortunately, as
+John Sullivan of the Free Software Foundation noted on the fsf-community-team
+mailing list, the [comments on LuLu's website][0] are not all positive:
+[0]: http://www.lulu.com/blog/2013/01/drm-update/
+[1]: http://defectivebydesign.org/
+> This is a positive development, but unfortunately there has been a lot
+> of negative reaction in the comments on their announcement.
+> It'd be great if people could chime in and support them their move away
+> from DRM.
+<!-- more -->
+At first glance, certain authors seem to be concerned that the absense of DRM
+will lead to ["more illegal file sharing"][0]:
+> [...] I’ve got copies of my non-DRM ebooks all over the torrent sites and
+> thousands of downloads registered, for which I haven’t received a cent. As
+> soon as you push for them to be taken down, they’re posted up again.
+While it is unfortunate that those authors are not receiving compensation for
+their hard work, it should be noted that this problem exists even *with*
+DRM, so it is not a valid argument toward keeping it.
+I applaud this move by LuLu, though I'm disappointed to see [this comment in the
+original post][0]:
+> Companies like Amazon, Apple and Barnes & Noble integrate a reader’s
+> experience from purchasing to downloading and finally to reading. These
+> companies do a fantastic job in this area, and eBooks published through Lulu
+> and distributed through these retail sites will continue to have the same
+> rights management applied as they do today.
+They do not do it well; no DRM is good DRM.
diff --git a/post/2013-01-26-re-fsf-waste-high-priority.md b/post/2013-01-26-re-fsf-waste-high-priority.md
new file mode 100644
index 0000000..8725de1
--- /dev/null
+++ b/post/2013-01-26-re-fsf-waste-high-priority.md
@@ -0,0 +1,171 @@
+# Re: FSF Wastes Away Another "High Priority" Project
+A couple days ago, my attention was drawn to an article on Phoronix that
+[criticized the FSF for its decision to stick with GPLv3 over GPLv2 on
+LibreDWG][0] due to the number of projects that make use of it---licensed under
+the GPLv2---under [a now incompatible][1] license. This article is very negative
+and essentially boils down to this point (the last paragraph):
+> Unless the Free Software Foundation becomes more accomodating [sic] of these
+> open-source developers -- who should all share a common goal of wanting to
+> expand free/open-source software -- LibreDWG is likely another project that
+> will ultimately waste away and go without seeing any major adoption due to
+> not working with the GPLv2.
+It it worth mentioning why this view is misguided (though understandable for
+those who adopt the ["open source" philosophy over that of software
+[0]: http://www.phoronix.com/scan.php?page=news_item&px=MTI4Mjc
+[1]: http://www.gnu.org/licenses/gpl-faq.html#WhatDoesCompatMean
+[2]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
+<!-- more -->
+Let me start with [this paragraph from the Phoronix article][0]:
+> The Free Software Foundation was contacted about making LibreDWG GPLv2+
+> instead (since the FSF is the copyright holder), but the FSF/Richard Stallman
+> doesn't the DWG library on the earlier version of their own open-source
+> license.
+The FSF's founding principle is that of [software freedom][3] (beginning with the
+GNU project). Now, consider the reason for the creation of the GPLv3---the GPLv2
+[could not sufficiently protect against][4] software patents and newer threats such
+as "tivoization". These goals further the FSF's mission of ensuring---in
+this case---that free software *remains* free ([a concept that RMS coined
+"copyleft"][5]). It would make sense, then, that the FSF (and RMS') position is
+that [it is important that we adopt the GPLv3 for our software][6].
+From this perspective, it does not make sense to "downgrade" LibreDWG's
+license to the GPLv2, which contains various bugs that have since been patched
+in GPLv3---it is not pursuant to the FSF's goals. (Of course, not all agree with
+the GPLv3; one such notable disagreement (as well as issues
+stemming from copyright assignment) leaves the kernel Linux [perpetually licensed
+under the GPLv2][7] since it does not contain the ["or later" clause][8]).
+That is not to say that the author's concern is not legitimate---a number of
+projects are licensed under the GPLv2 and therefore cannot use the newer (and
+improved) versions of LibreDWG that are licensed under the GPLv3 (unless they
+were to upgrade to the GPLv3, of course). Whether or not upgrading is feasible
+(e.g., in the case of the kernel Linux, it is not) is irrelevant---let us
+instead focus on the issue of adoption under the assumption that the project is
+either unwilling or unable to make use of a library licensed under the GPLv3.
+As aforementioned, [the author focuses on the issue of adoption][0]:
+> LibreDWG is likely [...to] go without seeing any major adoption due to not
+> working with the GPLv2
+A focus on adoption is a [focus of "open source", not free software][2], the
+latter of which the FSF represents. With a focus on software freedom, the goal
+is to create software that respects the [users' four essential freedoms][9]; if
+the software is adopted and used, great! However, freedom should never be
+sacrificed in order to encourage adoption. One may argue that "downgrading" to
+the GPLv2 is not sacrificing freedom because the software is still free (it is
+even the GPL)---but it is important to again realize that the GPLv3 is "more
+free" than the GPLv2 in the sense that it [*protects* additional freedoms][6];
+so, while the GPLv2 isn't necessarily sacrificing users' freedoms directly, it
+does have such an indirect effect through means of enforcement.
+A reader familiar with GNU may then point out the LGPL---the Lesser General
+Public License---under which popular (and very important) [libraries such as
+glibc are licensed][10]. In fact, one could extend this argument to any
+library---why not have LibreDWG licensed under the LGPL to avoid this problem in
+its entirety, while still preserving the users' freedoms for that library in
+itself? This understanding requires a brief lesson in history---the rationale
+under which the LGPL was born. [To quote the GNU project][11]:
+> Using the ordinary GPL is not advantageous for every library. There are
+> reasons that can make it better to use the Lesser GPL in certain cases. The
+> most common case is when a free library's features are readily available for
+> proprietary software through other alternative libraries. In that case, the
+> library cannot give free software any particular advantage, so it is better to
+> use the Lesser GPL for that library.
+It was for this reason that glibc was released under the LGPL---because it was
+better to have the users adopt some sort of free software than none at all;
+there were other alternatives that existed that users may flock to if they were
+forced to liberate their own proprietary software (after all, the C API is also
+standardized, so such a feat would be trivial). Now that glibc has since matured
+greatly, it could be argued today that it has proved its usefulness and the LGPL
+may no longer be necessary, but such a discussion is not necessarily relevant
+for this conversation.
+What is important is that [the FSF does not recommend the LGPL for most
+libraries][11] because that would encourage proprietary software developers to
+take advantage of both the hard work of the free software community and the
+users of the software. Now, I cannot speak toward the alternatives to
+LibreDWG---do there exist proprietary alternatives that are reasonable
+alternatives to non-commercial projects? I do not have experience with the
+library. However, I hope by this point the FSF's position has been rationalize
+(even if you---the reader---do not agree with it).
+Of course, this rationalization will still leave a sour taste in the mouth of
+those "open source" developers (or perhaps even some free software developers)
+that think in terms of what is "lost": these projects---which are themselves
+free software and therefore beneficial to our community---cannot take advantage
+of *other free software* due to this licensing issue. Since these projects had
+already existed when LibreDWG was licensed under the GPLv2, the relicensing to
+GPLv3 may seem unfair and, therefore, a "loss". It is difficult to counter
+such an argument if the above rationale has not been sufficient; nor will I
+argue that the situation is not unfortunate, should the projects be unable to
+relicense. However, it must be understood that, to ensure the future of free
+software, the FSF must adopt to combat today's threats and so too must other
+free software projects.
+The Phoronix article mentioned two projects in particular that suffer from
+LibreDWG's relicensing: [LibreCAD and FreeCAD][0]. LibreCAD omits the "or later"
+clause that was mentioned above, preventing them from easily migrating to the
+GPLv2 (which is [against the FSF's recommendation][12]). Unless the project
+requires that contributors assign copyright to the project owner, then they
+would have to get permission from each contributor (or rewrite the code) in
+order to change the license (which is not unheard of; [VLC had done so recently
+to migrate from the GPL to the LGPL][13]); this is a significant barrier for any
+project with multiple contributors, especially when your project is a derivative
+work (of QCad).
+The other project mention was FreeCAD, and the author of the article mentions
+that the project depends on Coin3D and Open CASCADE, "both of which are
+GPLv2", so [the project cannot migrate to GPLv3][0]. A quick look at Coin3D's
+website shows that the software is actually licensed under the modified
+(3-clause) BSD license, and so [migrating to the GPLv3 is not an issue][15]. Open
+CASCADE has its own "public license" that I do not have the time to evaluate
+(nor am I lawyer, so I do not wish to give such advice), so I cannot speak to
+its compatibility with the GPLv3. That said, I'm unsure if it would be a barrier
+toward FreeCAD's adoption of the GPLv3.
+Ultimately, the moral of the story is to plan for the *future*---if you use a
+project licensed under the GPL, ensure that it has the "or later" clause that
+allows it to be licensed under later version of the GPL, since you can be sure
+that the FSF and many other free software developers will be quick to adopt the
+license. Of course, many may not be comfortable with such a licensing decision:
+you effectively are giving the FSF permission to relicense you work by simply
+releasing a new version of the GPL. It is your decision whether you are willing
+to place this kind of trust in the organization responsible for starting the
+free software movement in the first place.
+Readers may now assume that I am placing the entire blame and onus on the
+implementors of LibreDWG. The onus, perhaps, but not the blame---this truly is
+an unfortunate circumstance that takes away from hacking a free software
+project. Unfortunately, the projects are stuck in a bad place, but the FSF is
+not to blame for standing firm in their ideals. Instead, this can be thought of
+as a maintenance issue---rather than a source code refactoring resulting from a
+library API change, we instead require a "legal code" refactoring resulting
+from a "legal API" change.
+[3]: http://www.fsf.org/about/
+[4]: http://www.gnu.org/licenses/quick-guide-gplv3.html
+[5]: http://www.gnu.org/copyleft/
+[6]: http://www.gnu.org/licenses/rms-why-gplv3.html
+[7]: http://lwn.net/Articles/200422/
+[8]: http://www.gnu.org/licenses/gpl-faq.html#v2v3Compatibility
+[9]: http://www.gnu.org/philosophy/free-sw.html
+[10]: http://www.gnu.org/licenses/lgpl.html
+[11]: http://www.gnu.org/licenses/why-not-lgpl.html
+[12]: http://www.gnu.org/licenses/gpl-howto.html
+[13]: http://mikegerwitz.com/thoughts/2012/11/VLC-s-Move-to-LGPL.html
+[14]: https://bitbucket.org/Coin3D/coin/wiki/Home
+[15]: http://www.gnu.org/licenses/license-list.html#ModifiedBSD
+[16]: http://www.opencascade.org/getocc/license/
diff --git a/post/2013-01-30-phone-unlocking-illegal.md b/post/2013-01-30-phone-unlocking-illegal.md
new file mode 100644
index 0000000..5e775d6
--- /dev/null
+++ b/post/2013-01-30-phone-unlocking-illegal.md
@@ -0,0 +1,7 @@
+# Phone "Unlocking" Once Again Illegal
+[Ridiculous.][0] We should own the hardware that we purchase.
+[0]: https://www.eff.org/is-it-illegal-to-unlock-a-phone
+<!-- more -->
diff --git a/post/2013-01-30-re-skype-let-spy.md b/post/2013-01-30-re-skype-let-spy.md
new file mode 100644
index 0000000..c75d056
--- /dev/null
+++ b/post/2013-01-30-re-skype-let-spy.md
@@ -0,0 +1,102 @@
+# Re: Who Does Skype Let Spy?
+Today, [Bruce Schneier brought attention to privacy concerns surrounding
+Skype][0], a very popular ([over 600 million users][1]) VoIP service that has
+since been acquired by Microsoft. In particular, [users are concerned over what
+entities may be able to gain access to their "private" conversations][1]
+through the service---Microsoft has refused to answer those kinds of questions.
+While the specific example of Skype is indeed concerning, it raises a more
+general issue that I wish to discuss: The role of free software and SaaS
+(software as a service).
+[0]: http://www.schneier.com/blog/archives/2013/01/who_does_skype.html
+[1]: http://www.skypeopenletter.com/
+<!-- more -->
+To [quote Schneier][0]:
+> We have no choice but to trust Microsoft. Microsoft has reasons to be
+> trustworthy, but they also have reasons to betray our trust in favor of other
+> interests. And all we can do is ask them nicely to tell us first.
+Schneier continues to admit, in similar words, that [we are but "vassals" to
+these entities and that they are our serfs][2]. His essays regarding the [power of
+corporations and governments over their users][3] echo the words of Lawrence
+Lessig in his [predictions of a "perfectly regulated" future made possible by
+the Internet][4]. While Lessig (despite what his critics have stated in the
+past) seems to have been correct in many regards, we need not jump into the
+perspective of an Orwellian dystopia where we are but "vassals" to the
+Party.[^5] Indeed, this is only the case---at least at present---if you choose to
+participate in the use of services such as Skype, as ubiquitous as they may be.
+Skype is a useful demonstration of the unfortunate situation that many users
+place themselves in by trusting their private data to Microsoft. Skype itself is
+proprietary---we cannot inspect its source code (easily) in order to ensure that
+it is respecting our privacy. (Indeed, as a user on [the HackerNews
+discussion][6] pointed out, [Skype has installed undesirable software in the
+past][7].) If Skype were [free software][8], we would be able to inspect its
+source code and modify it to suit our needs, ensuring that the software did only
+what we wanted it to do---ensuring that Microsoft was not in control of us.
+However, even if Skype were free software, there is another issue at work that
+is often overlooked by users: Software as a Service (SaaS). When you make use of
+services that are hosted on remote servers (often called "cloud"
+services)---such as with Skype, Facebook, Twitter, Flickr, Instagram, iTunes,
+iCloud and many other popular services---you are blindly entrusting your data to
+them. Even if the Skype software were free (as in freedom), for example, [we
+still cannot know what their servers are doing with the data we provide to
+them][9]. Even if Skype's source code was plainly visible, the servers act as a
+black box. Do they monitor your calls? [Does Facebook abuse your data?][10] How is
+that data stored---[what happens][1] in the event of a data breach, or in the event
+of a warrant/subpoena?
+The only way to be safe from these providers is to [reject these services
+entirely and use your own software on your own PC][9], or use software that will
+connect directly to your intended recipient without going through a 3rd
+party. (Never mind your ISP; that is a separate issue entirely.) If you must
+use a 3rd party service, ensure that you can adequately encrypt your
+communications (e.g. using GPG to encrypt e-mail communications)---something
+that may not necessarily be easy/possible to do, especially if the software is
+proprietary and works against you.
+The EFF has published [useful information on protecting yourself against
+surveillance][11], covering topics such as encryption and anonymization.
+If we are to resist the worlds that [Lessig][4] and [Schneier][3] describe, then we
+must [stand up for our right to privacy and demand action][12]. [Who will have
+your back][13] when we're on the brink of ["perfect regulation"][4]; who will
+stand up for your rights and work *with* you---not against you---to preserve
+your liberties? Without this push, services like Skype empower governments and
+other entities to work toward perfect regulation---to continuously spy on
+everything that we do. With everyone putting their every thought and movement on
+services like Facebook, [Twitter][14] and Skype, the Orwellian Thought Police have
+the ability to manifest in a form that not even Orwell could have
+imagined---unless it is stopped.
+To help [preserve your ever-dwindling rights online][15], consider becoming a
+member of or participating in the campaigns of the [Free Software
+Foundation][16], [Electronic Frontier Foundation][17], the [American Civil
+Liberties Union][18] or any other organizations dedicated toward free society.
+(Disclaimer: I am a member of the Free Software Foundation.)
+[2]: http://www.schneier.com/essay-406.html
+[3]: http://www.schneier.com/essay-409.html
+[4]: http://codev2.cc/
+[6]: http://news.ycombinator.com/item?id=5139801
+[7]: http://blogs.skype.com/garage/2011/05/easybits_update_disabled_for_s.html
+[8]: http://www.gnu.org/philosophy/free-sw.html
+[9]: http://www.gnu.org/philosophy/who-does-that-server-really-serve.html
+[10]: https://www.eff.org/deeplinks/2013/01/facebook-graph-search-privacy-control-you-still-dont-have
+[11]: https://ssd.eff.org
+[12]: https://www.eff.org/deeplinks/2013/01/its-time-transparency-reports-become-new-normal
+[13]: https://www.eff.org/pages/when-government-comes-knocking-who-has-your-back
+[14]: https://www.eff.org/deeplinks/2013/01/google-twitters-new-transparency-report-shows-increase-government-demands-sheds
+[15]: https://action.eff.org/o/9042/p/dia/action/public/?action_KEY=8750
+[16]: http://www.fsf.org/register_form?referrer=5804
+[17]: https://supporters.eff.org/donate
+[18]: https://www.aclu.org/donate/join-renew-give
+[^5]: Orwell, George. Nineteen Eighty-Four. ISBN 978-0-452-28423-4.
diff --git a/post/2013-02-26-cispa.md b/post/2013-02-26-cispa.md
new file mode 100644
index 0000000..94e3dd6
--- /dev/null
+++ b/post/2013-02-26-cispa.md
@@ -0,0 +1,8 @@
+# What is CISPA and Why is it Dangerous?
+The EFF has put together an excellent [FAQ on CISPA][0], the "cybersecurity"
+bill that was reintroduced to congress earlier this month.
+[0]: https://www.eff.org/deeplinks/2013/02/cispas-back-faq-what-it-and-why-its-still-dangerous
+<!-- more -->
diff --git a/post/2013-03-01-dmr-very-early-c.md b/post/2013-03-01-dmr-very-early-c.md
new file mode 100644
index 0000000..9dfe0bd
--- /dev/null
+++ b/post/2013-03-01-dmr-very-early-c.md
@@ -0,0 +1,15 @@
+# DMR: "Very early C compilers and language"
+An interesting article by Dennis Ritchie discussing [early C compilers][0]
+recovered from old DECtapes. The source code and history are fascinating reads.
+The quality of the code (the "kludgery"[1], as he puts it) to me just brings
+smiles---I appreciate seeing the code in its original glory.
+It is also saddening reading the words of such a great man who is no longer with
+us; perhaps it helps to better appreciate his legacy.
+[0]: http://cm.bell-labs.com/cm/cs/who/dmr/primevalC.html
+[1]: http://www.catb.org/~esr/jargon/html/K/kludge.html
+<!-- more -->
diff --git a/post/2013-03-01-lpc-winners.md b/post/2013-03-01-lpc-winners.md
new file mode 100644
index 0000000..c5f6723
--- /dev/null
+++ b/post/2013-03-01-lpc-winners.md
@@ -0,0 +1,8 @@
+# Libreated Pixel Cup Winners Announced
+[Congratulations][0] to the [winners of the Liberated Pixel Cup][1].
+[0]: http://www.fsf.org/news/winners-announced-for-free-software-gamings-highest-honor-the-liberated-pixel-cup
+[1]: http://lpc.opengameart.org/content/code-judging-is-in
+<!-- more -->
diff --git a/post/2013-03-06-google-fbi-spying.md b/post/2013-03-06-google-fbi-spying.md
new file mode 100644
index 0000000..32a06f6
--- /dev/null
+++ b/post/2013-03-06-google-fbi-spying.md
@@ -0,0 +1,35 @@
+# Google Says the FBI Is Secretly Spying on Some of Its Customers
+A Wired article mentions [figures released from Google][0] regarding National
+Security Letters issued by the NSA under the Patriot Act. It is too early to
+comment in much detail on this matter (I would like to wait for commentary from
+the EFF), but, as the article mentions:
+[0]: http://www.wired.com/threatlevel/2013/03/google-nsl-range/?cid=co6199824
+> Google said the number of accounts connected to National Security letters
+> ranged between “1000-1999″ for each of the reported years other than 2010. In
+> that year, the range was “2000-2999.”
+<!-- more -->
+The [EFF provides additional information, including recommendations on what to
+do about such requests][1] via their Surveillance Self-Defense website. As
+quoted from that website:
+> And it's even worse for FISA subpoenas, which can be used to force anyone to
+> hand over anything in complete secrecy, and which were greatly strengthened
+> by Section 215 of the USA PATRIOT Act. The government doesn't have to show
+> probable cause that the target is a foreign power or agent — only that they
+> are seeking the requested records "for" an intelligence or terrorism
+> investigation. Once the government makes this assertion, the court must
+> issue the subpoena.
+To add insult to injury:
+> FISA orders and National Security Letters will also come with a gag order that
+> forbids you from discussing them. Do NOT violate the gag order. Only speak to
+> members of your organization whose participation is necessary to comply with
+> the order, and your lawyer.
+[1]: https://ssd.eff.org/foreign/fisa
diff --git a/post/2013-03-09-1-1-php.md b/post/2013-03-09-1-1-php.md
new file mode 100644
index 0000000..237cbf7
--- /dev/null
+++ b/post/2013-03-09-1-1-php.md
@@ -0,0 +1,41 @@
+# Adding 1 and 1 in PHP
+An amusing demonstration; it is my hope that [readers will not take this PHP
+library seriously][0]. This is likely a parody of the over-engineering that
+often takes foot in Object-Oriented development (a game of "how many GoF[^4]
+design patterns can we use in this project" anyone?).
+[0]: https://github.com/Herzult/SimplePHPEasyPlus
+<!-- more -->
+That is not to say that "OOP is bad" (just as object-oriented developers often
+consider procedural code bad, when they may just be terrible at writing
+procedural code). Indeed, I wrote [an ECMAScript framework for Classical OOP
+(ease.js)][1]. The problem is that, with the excitement and misunderstandings
+that surround "good" object-oriented design, designers are eager to
+over-abstract their implementations (I have been guilty of the same thing).
+Object oriented programming is often taught to novice CS students (often with
+the reign of Java in schools)---teaching practices that can be good principles
+when properly applied and in moderation---which [I have also seen contribute to
+such madness][2].
+Abstractions are highly important, but only when necessary and when they lead to
+more concise representations of the problem than would otherwise occur (note
+that some problems are inherently complicated and, as such, a concise
+representation may not seen concise). I'm a strong advocate of DSLs when
+abstractions begin to get in the way and increase the verbosity of the code
+(languages with strong macro systems like lisp help eliminate the need for
+DSLs written from scratch)---design patterns exist because of deficiencies in
+the language: They are "patterns" of code commonly used to achieve a certain
+[Criticisms against OOP are abundant][3], just as every other paradigm.
+[1]: http://easejs.org
+[2]: http://c2.com/cgi/wiki?TextbookOo
+[3]: http://c2.com/cgi/wiki?ArgumentsAgainstOop
+[^4]: Design Patterns: Elements of Reusable Object-Oriented Software. ISBN
+ 0-201-63361-2. Gamma, Helm, Johnson and Vlissides (the "Gang of Four").
diff --git a/post/2013-03-09-oxford-uni-block-gdocs.md b/post/2013-03-09-oxford-uni-block-gdocs.md
new file mode 100644
index 0000000..2954ad7
--- /dev/null
+++ b/post/2013-03-09-oxford-uni-block-gdocs.md
@@ -0,0 +1,50 @@
+# Oxford University Blocks Google Docs
+Oxford University decided to [block Google Docs][0] last month due to phishing
+attacks against its users. To quote the blog post:
+[0]: http://blogs.oucs.ox.ac.uk/oxcert/2013/02/18/google-blocks/
+> Almost all the recent attacks have used Google Docs URLs, and in some cases
+> the phishing emails have been sent from an already-compromised University
+> account to large numbers of other Oxford users. Seeing multiple such incidents
+> the other afternoon tipped things over the edge. We considered these to be
+> exceptional circumstances and felt that the impact on legitimate University
+> business by temporarily suspending access to Google Docs was outweighed by the
+> risks to University business by not taking such action.
+<!-- more -->
+This incident was brought to my attention by [a blog post by Schneier][1], in
+which he referenced his [essay on "feudal security"][2] (I commented in more
+detail on this essay in [my response to a previous blog post of
+his][3].[^blog]) In this case, Oxford is trusting that it knows better than its
+users and has the right to exercise this power over them in light of their
+inexperience with handling these situations (or even recognizing them).
+This may very well be the case---the Oxford IT department probably does have a
+better understanding of security than many of their users. However, by blocking
+access to Google Docs, they are also blocking access to millions of legitimate
+articles hosted there, which is far from acceptable. Oxford is more than just a
+workplace---for which many would argue these actions are acceptable; it is a
+university that should encourage freedom of expression. They simply must find a
+better way of dealing with these problems. If a user falls victim to a phishing
+attack within Oxford, they will likely fall victim outside of it.
+Would Oxford consider blocking e-mail access too (where phishing attacks are
+very cheap and common)?
+> We appreciate and apologise for the disruption this caused for our users.
+> Nevertheless, we must always think in terms of the overall risk to the
+> University as a whole, and we certainly cannot rule out taking such action
+> again in future [...]
+N.B.: Google Docs is proprietary and I cannot recommend its use any more than I
+can recommend use of Microsoft Office.
+[1]: https://www.schneier.com/blog/archives/2013/03/oxford_universi.html
+[2]: https://www.schneier.com/essay-406.html
+[3]: /2013/01/re-who-does-skype-let-spy
+[^blog]: (I posted a link to my response on his blog, but he did not approve the comment.)
diff --git a/post/2013-03-09-white-house-phone-unlocking.md b/post/2013-03-09-white-house-phone-unlocking.md
new file mode 100644
index 0000000..827a660
--- /dev/null
+++ b/post/2013-03-09-white-house-phone-unlocking.md
@@ -0,0 +1,40 @@
+# White House Supports Cell Phone Unlocking
+Earlier this week, the starter of the [White House petition to "Make Unlocking
+Cell Phones Legal"][0] posted a [thread on Hacker News][1] stating that the
+White House had officially responded, stating:
+> The White House agrees with the 114,000+ of you who believe that consumers
+> should be able to unlock their cell phones without risking criminal or other
+> penalties. In fact, we believe the same principle should also apply to
+> tablets, which are increasingly similar to smart phones. And if you have paid
+> for your mobile device, and aren't bound by a service agreement or other
+> obligation, you should be able to use it on another network. It's common
+> sense, crucial for protecting consumer choice, and important for ensuring we
+> continue to have the vibrant, competitive wireless market that delivers
+> innovative products and solid service to meet consumers' needs.
+<!-- more -->
+The petition---as stated in the above response---garnered over 114,000
+signatures. The response is exciting news because the Library of Congress had
+[removed the phone unlocking exemption][2] at the beginning of this year. (As
+the EFF points out, [this may not necessarily mean that unlocking your phone is
+However, although this response is getting a lot of attention (I was surprised
+to see my local news station report on it), this is not yet cause for
+celebration; it is my hope that the White House will now follow through with
+this statement and act upon it appropriately.
+(The [EFF has also posted their own comments on the White House's response][4].)
+This is just one issue in [a string of problems that is the DMCA][5].
+[0]: https://petitions.whitehouse.gov/petition/make-unlocking-cell-phones-legal/1g9KhZG7
+[1]: https://news.ycombinator.com/item?id=5319577
+[2]: /2013/01/phone-unlocking-once-again-illegal
+[3]: https://www.eff.org/is-it-illegal-to-unlock-a-phone
+[4]: https://www.eff.org/deeplinks/2013/03/white-house-supports-unlocking-phones-real-problem-runs-deeper
+[5]: https://www.eff.org/wp/unintended-consequences-under-dmca
diff --git a/post/2013-03-15-html5-drm.md b/post/2013-03-15-html5-drm.md
new file mode 100644
index 0000000..1725614
--- /dev/null
+++ b/post/2013-03-15-html5-drm.md
@@ -0,0 +1,109 @@
+Two acronyms that, until very recently, would seem entirely incompatible---HTML,
+which is associated with an unencumbered, free (as in freedom) representation of
+a document, and [DRM][0], which [exists for the sole purpose of restricting
+freedom][1].[^bias] Unfortunately, Tim Berners-Lee---the man attributed to
+["inventing" the Internet][18]---mentioned in a [keynote talk at SXSW][15] that [he is
+not opposed to introducing DRM into the HTML5 standard][4]:
+[^bias]: (Disclaimer: I am an associate member of the [Free Software
+Foundation][2] and, as such, this reference is intentionally bias; feel free
+to see the [Wikipedia article on DRM][3] for more general information.)
+> [Tim Berners-Lee] did not, however, present himself as an opponent of digital
+> locks. During a post-talk Q&A, he defended proposals to add support for
+> "digital rights management" usage restrictions to HTML5 as necessary to get
+> more content on the open Web: "If we don't put the hooks for the use of DRM
+> in, people will just go back to using Flash," he claimed.
+<!-- more -->
+Many who oppose DRM refer to it as ["digital restrictions management"][0]---a
+phrase that better describes how it affects the user. The "rights" that
+"digital rights management" describes are the "rights" (in terms of
+copyright) of publishers and copyright holders: They wish to lock down their
+content so that [you, the user, can only access it as *they* please][5]. Has
+["your" device][25] ever told you that [you cannot share a book with your
+friends][6][17][24]? Has your device ever [deleted your content without your
+permission][7][8]? Does your device grant you [less privileges if you decide to
+liberate yourself from it][9] through "jailbreaking"?[^jb] Does the software you
+run [potentially spy on you without telling you][11], without giving you the
+option to correct it? Or perhaps the games you play [require you to be online,
+even in single-player mode][12].
+[^jb]: I go into more detail on jailbreaking and its current legality as of
+the time of writing [in a previous article of mine][10].
+These are but a small handful of [examples of the many mistakes and injustices
+of Digital Restrictions Management][5]. These restrictions take additional
+effort---that is, development time, which also means more money---to build into
+software; computers, by their very nature, do exactly as they are told, meaning
+that they can only work against you if someone else tells it to (unless you tell
+your computer to make your life miserable...if you're into that sort of thing).
+As such, we refer to these restrictions as ["anti-features"][23].
+> Corporations claim that DRM is necessary to fight copyright infringement
+> online and keep consumers safe from viruses. But there's no evidence that DRM
+> helps fight either of those. Instead DRM helps big business stifle innovation
+> and competition by making it easy to quash "unauthorized" uses of media and
+> technology.
+It is this logic that [corporations][13] (and even some individuals, such as
+[authors][14]) use to influence entities such as the W3C---and Tim
+Berners-Lee---into [thinking that DRM is necessary][15]. The [W3C describes a
+"trust infastructure"][16] that could be standardized for bringing DRM to the
+> It is clear that user domains (eg eBook trading, sub-rights trading, streaming
+> music, etc.) each require sets of Rights Primitives that those domains wish do
+> useful things with.
+This is an unfortunate perspective, especially since those "useful things" are
+exactly the opposite for users. The Internet strongly promotes the free,
+(generally) unencumbered flow of information. To [quote W3C][19]:
+> The social value of the Web is that it enables human communication, commerce,
+> and opportunities to share knowledge. One of W3C's primary goals is to make
+> these benefits available to all people, whatever their hardware, software,
+> network infrastructure, native language, culture, geographical location, or
+> physical or mental ability.
+A DRM implementation flies in the face of those goals, as it is, by definition,
+restrictive---how can we be encouraged to share by using systems that aim to
+[prevent that very thing][0]?
+Richard Stallman has already announced that the [FSF will "campaign against W3C
+support for DRM"][20]; let's hope that many others will join in on this
+campaign, hope that organizations like the EFF will continue to fight for our
+rights, and further hope that users will [reject DRM-laden products][22]
+outright. [DRM cannot exist in free software][25] and it cannot exist on a
+network that facilitates free information.
+[0]: http://www.defectivebydesign.org/what_is_drm
+[1]: http://www.defectivebydesign.org/
+[2]: http://fsf.org
+[3]: https://en.wikipedia.org/wiki/Digital_rights_management
+[4]: http://boingboing.net/2013/03/10/tim-berners-lee-the-web-needs.html
+[5]: https://www.eff.org/issues/drm
+[6]: http://www.amazon.com/gp/help/customer/display.html?nodeId=200549320
+[7]: http://www.defectivebydesign.org/blog/1248
+[8]: http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html
+[9]: http://arstechnica.com/apple/2011/02/ibooks-to-jailbreakers-no-yuo/
+[10]: /2013/03/white-house-supports-cell-phone-unlocking
+[11]: /2013/01/re-who-does-skype-let-spy
+[12]: https://www.eff.org/deeplinks/2013/03/tale-simcity-users-struggle-against-onerous-drm
+[13]: http://venturebeat.com/2012/10/12/together-html5-and-drm-can-take-out-native-apps/
+[14]: /2013/01/lulu-says-goodbye-to-drm
+[15]: http://www.guardian.co.uk/technology/blog/2013/mar/12/tim-berners-lee-drm-cory-doctorow
+[16]: http://www.w3.org/2000/12/drm-ws/
+[17]: https://www.fsf.org/bulletin/e-books-must-increase-our-freedom-not-decrease-it
+[18]: http://www.w3.org/People/Berners-Lee/
+[19]: http://www.w3.org/Consortium/mission#principles
+[20]: http://lists.libreplanet.org/archive/html/libreplanet-discuss/2013-03/msg00007.html
+[21]: https://www.eff.org/deeplinks/2012/11/2012-dmca-rulemaking-what-we-got-what-we-didnt-and-how-to-improve
+[22]: http://www.defectivebydesign.org/guide
+[23]: https://www.fsf.org/bulletin/2007/fall/antifeatures/
+[24]: https://www.gnu.org/philosophy/right-to-read.html
+[25]: https://www.gnu.org/philosophy/can-you-trust.html
diff --git a/post/2013-03-15-nsl-unconstitutional.md b/post/2013-03-15-nsl-unconstitutional.md
new file mode 100644
index 0000000..5d62ab7
--- /dev/null
+++ b/post/2013-03-15-nsl-unconstitutional.md
@@ -0,0 +1,33 @@
+# Federal Judge Rules NSLs (National Security Letters) Unconstitutional
+This news is huge and an incredible win for both the EFF and all U.S. citizens.
+Today, [United States District Judge Susan Illston found the National Security
+Letters' gag provisions unconstitutional][0] and---since the review procedures
+violate the separation of powers and cannot be separated from the rest of the
+statute---has consequently [ruled the NSLs themselves to be
+[0]: http://www.wired.com/threatlevel/2013/03/nsl-found-unconstitutional/
+[1]: https://www.eff.org/press/releases/national-security-letters-are-unconstitutional-federal-judge-rules
+> In today's ruling, the court held that the gag order provisions of the statute
+> violate the First Amendment and that the review procedures violate separation
+> of powers. Because those provisions were not separable from the rest of the
+> statute, the court declared the entire statute unconstitutional
+<!-- more -->
+This is an exciting decision; let's see where it takes us.
+> U.S. District Judge Susan Illston ordered the government to stop issuing
+> so-called NSLs across the board, in a stunning defeat for the Obama
+> administration’s surveillance practices. She also ordered the government to
+> cease enforcing the gag provision in any other cases. However, she stayed her
+> order for 90 days to give the government a chance to appeal to the Ninth
+> Circuit Court of Appeals.[[0]]
+[The issues surrounding NSLs][2] were highlighted just last week when [Google
+released numbers relating to the orders that it received][3].
+[2]: https://www.eff.org/issues/national-security-letters
+[3]: /2013/03/google-says-the-fbi-is-secretly-spying-on-some-of-its-customers
diff --git a/post/2013-03-23-dbd-w3c-drm.md b/post/2013-03-23-dbd-w3c-drm.md
new file mode 100644
index 0000000..738fa56
--- /dev/null
+++ b/post/2013-03-23-dbd-w3c-drm.md
@@ -0,0 +1,46 @@
+# Defective By Design Campaign Against W3C DRM Standard
+[As I had mentioned late last week][0], RMS had mentioned that Defective By
+Design (DBD) would be campaigning against the [introduction of DRM into the W3C
+HTML5 standards][1]. (Please see [my previous mention of this topic][0] for a
+detailed explanation of the problem and a slew of references for additional
+information.) Well, [this campaign is now live and looking for
+signatures][2]---50,000 by May 3rd, which is the [International Day Against
+> Hollywood is at it again. Its latest ploy to take over the Web? Use its
+> influence at the World Wide Web Consortium (W3C) to weave [Digital
+> Restrictions Management (DRM)][4] into HTML5 -- in other words, into the very
+> fabric of the Web.
+> [...]
+> Help us reach 50,000 signers by May 3rd, 2013, the [International Day Against
+> DRM][3]. We will deliver the signatures to the W3C (they are right down the
+> street from us!) and [make your voice heard[[1].
+[0]: /2013/03/html5-drm
+[1]: https://www.eff.org/deeplinks/2013/03/defend-open-web-keep-drm-out-w3c-standards
+[2]: http://www.defectivebydesign.org/no-drm-in-html5
+[3]: http://www.defectivebydesign.org/dayagainstdrm
+[4]: http://www.defectivebydesign.org/what_is_drm
+<!-- more -->
+To summarize the issue as [stated by the EFF][5]:
+> W3C is there to create comprehensible, publicly-implementable standards that
+> will guarantee interoperability, not to facilitate an explosion of new
+> mutually-incompatible software and of sites and services that can only be
+> accessed by particular devices or applications. But EME is a proposal to bring
+> exactly that dysfunctional dynamic into HTML5, even risking a return to the
+> ["bad old days, before the Web"][5] of deliberately limited
+> interoperability.
+> it would be a terrible mistake for the Web community to leave the door open
+> for Hollywood's gangrenous anti-technology culture to infect W3C standards.
+So please---[sign the petition now][2]!
+[5]: http://www.anybrowser.org/campaign/index.html
diff --git a/post/2013-03-23-freesw-award-winners.md b/post/2013-03-23-freesw-award-winners.md
new file mode 100644
index 0000000..74c309d
--- /dev/null
+++ b/post/2013-03-23-freesw-award-winners.md
@@ -0,0 +1,22 @@
+# Congratulations to the 2012 Free Software Award Winners
+Each year, the [Free Software Foundation][0] presents awards to individuals who
+have made a [strong contribution to free software][1]:
+[0]: http://fsf.org
+> The Award for the Advancement of Free Software is given annually to an
+> individual who has made a great contribution to the progress and development
+> of free software, through activities that accord with the spirit of free
+> software.
+[1]: https://www.fsf.org/news/2012-free-software-award-winners-announced-2
+<!-- more -->
+This year, announced at the LibrePlanet 2013 conference, [the winner was Dr.
+Fernando Perez][1]---creator of IPython. The winner of the Award for Projects of
+Social Benefit was [OpenMRS][2], which is a free (as in freedom) medical records
+system for developing countries.
+[2]: http://openmrs.org/
diff --git a/post/2013-04-20-cispa-passes.md b/post/2013-04-20-cispa-passes.md
new file mode 100644
index 0000000..1bf8b46
--- /dev/null
+++ b/post/2013-04-20-cispa-passes.md
@@ -0,0 +1,20 @@
+# U.S. House Passes CISPA
+Two days ago---on the 18th--[the U.S. House of Representatives decided to pass
+CISPA 288-127][0].
+> The legislation passed 288-127, despite a veto threat from Pres. Barack Obama,
+> who expressed serious concerns about the danger CISPA poses to civil
+> liberties.
+[0]: https://www.eff.org/deeplinks/2013/04/us-house-representatives-shamefully-passes-cispa-internet-freedom-advocates
+<!-- more -->
+As the bill moves into the senate, [civil liberties groups will continue to
+oppose it][1]; I personally hope that you will do the same.
+Move [information on CISPA][2] is available on the EFF's website.
+[1]: https://www.eff.org/deeplinks/2012/04/voices-against-cispa
+[2]: https://www.eff.org/cybersecurity-bill-faq
diff --git a/post/2013-06-06-improved-website.md b/post/2013-06-06-improved-website.md
new file mode 100644
index 0000000..614f0a0
--- /dev/null
+++ b/post/2013-06-06-improved-website.md
@@ -0,0 +1,14 @@
+# Improved Website
+The old WordPress website has been replaced entirely by the "thoughts" site
+(which was previously located at /thoughts). This website is generated from its
+git repository---available on the Projects page---which is freely licensed.
+There is some content that existed on the old site that is still useful; should
+that content be transferred to this site, a redirect will be set up (assuming
+that it hadn't already been lost to the search engines).
+Since all this content is static, there is no discussion system. I am still
+debating whether or not I will add this in the future. Until that time, feel
+free to contact me via e-mail.
+<!-- more -->
diff --git a/post/2013-06-10-national-uproar.md b/post/2013-06-10-national-uproar.md
new file mode 100644
index 0000000..cba4005
--- /dev/null
+++ b/post/2013-06-10-national-uproar.md
@@ -0,0 +1,631 @@
+# National Uproar: A Comprehensive Overview of the NSA Leaks and Revelations
+I am finding it difficult to keep up with the flood of reports in my little free
+time, while still finding the time to brush up on relevant history. My hope is
+to provide a summary of recent events and additional background---along with a
+plethora of references---that will allow the reader to perform further research
+and to formulate educated, personal opinions on the topics. If you do not care
+for my commentary, simply scroll to the list of references at the bottom of this
+Many [individuals and organizations][0] have long warned of [digital privacy
+issues][1], but there has been one agency in particular that has been the
+subject of much scrutiny---the [National Security Agency (NSA)][2], which is a
+[United States government agency][3] that has a [long history of controversial
+spying tactics][4] on its country's own citizens. It is a chilling topic---one
+that can easily make any person sound like they've latched onto an Orwellian
+[0]: /2013/01/re-who-does-skype-let-spy
+[1]: https://www.schneier.com/essay-418.html "The Internet Is a Surveillance State"
+[2]: https://www.eff.org/nsa-spying "The EFF on NSA Spying"
+[3]: https://www.eff.org/agency/national-security-agency "The National Security Agency"
+[4]: https://www.eff.org/nsa-spying/timeline "Timeline of NSA Spying"
+<!-- more -->
+**Wednesday, June 5th, 2013**---[the Guardian newspaper publishes a leaked
+document][5][6][7] ordering Verizon to
+> [...] produce to the National Security Agency (NSA) upon service of this
+> Order, and continue production on an ongoing daily basis thereafter for the
+> duration of this Order, [...] an *electronic copy of* the following tangible
+> things: *all call detail records or "telephony metadata"* created by Verizon
+> for communications (i) between the United States and abroad; or (ii) wholly
+> within the United States, *including local telephone calls*.[[6]] [emphasis
+> added]
+The order goes on to describe "telephony metadata" to include routing
+information, source and destination telephone numbers, IMSI and IMEI numbers,
+and time and duration of the call; it "does not include the substantive content
+of any communication"---the communication content itself.[[6]] This order was
+[issued by the Foreign Intelligence Surveillance Court (FISC)][8] under [section 215
+of the Patriot Act][9]. (This news comes [less than three months after United
+States District Judge Susal Illston ruled NSA Letters' gag provisions
+This report caused a massive uproar, but [came as no surprise][11] to many
+security researchers and privacy advocates. Early last year, Wired released an
+article stating that [the NSA "Is Building the Country's Biggest Spy
+Center"][14]. Privacy concerns were raised in November of last year by [the
+Petraeus scandal][14]. In March of this year, Google released figures showing
+that [the NSA is secretly spying on some of its customers][15]. Two months later,
+[outrage][17] after the Associated Press discovers that [the Justice Department
+collected the calling records of many of its reporters and editors][18].
+Additionally, [the EFF already had cases against the NSA's actions][2]---[Jewel
+v. NSA][12] and [Hepting v. AT&T][13] both focus on unconstitutional dragnet
+surveillance of innocent citizens' data and communications. These cases will be
+explored in further detail throughout this article.
+But the chaos didn't end there.
+**Thursday, June 6th, 2013**---just one day after the Guardian reported on the
+leaked Verizon order, the newspaper reports on [a leaked slideshow describing
+PRISM][19], a top-secret program that "claims direct access to servers of firms
+including Google, Apple and Facebook. According to the leaked document, the NSA
+supposedly has the ability to collect material including e-mail, chat, video and
+voice communications, photos, stored data and more.[[19]]. Responses from most
+companies was immediate. In a [blog post entitled "What that...?"][20], Larry
+Page---Google's CEO---put very plainly that Google does not participate in such
+a program and denied any knowledge of PRISM:
+> First, we have not joined any program that would give the U.S. government—or
+> any other government—direct access to our servers. Indeed, the U.S. government
+> does not have direct access or a "back door" to the information stored in
+> our data centers. We had not heard of a program called PRISM until yesterday.
+> Second, we provide user data to governments only in accordance with the
+> law.[[20]] --Larry Page, Google CEO
+[Mark Zuckerberg of Facebook also denied involvement][21], calling such claims
+"outrageous" and encouraging governments to be "much more transparent about
+all programs aimed at keep the public safe":
+> I want to respond personally to the outrageous press reports about PRISM:
+> Facebook is not and has never been part of any program to give the US or any
+> other government direct access to our servers. We have never received a
+> blanket request or court order from any government agency asking for
+> information or metadata in bulk, like the one Verizon reportedly received. And
+> if we did, we would fight it aggressively. We hadn't even heard of PRISM
+> before yesterday. [...] We strongly encourage all governments to be much more
+> transparent about all programs aimed at keeping the public safe. It's the only
+> way to protect everyone's civil liberties and create the safe and free society
+> we all want over the long term.[[21]] --Mark Zuckerberg, Facebook CEO
+Indeed, [all companies eventually denied involvement with PRISM][22].
+**Friday, June 7th, 2013**---Two days after the [initial Verizon report][5] and one day
+after the publishing of [portions of the PRISM documents][19], the White House
+responded to the Guardian reports with President Obama [defending his
+administration][16]. Unfortunately, given the [history of the NSA surveillance
+programs][4]---especially since the Bush administration after the 9/11
+attacks---it may be difficult to believe that his words are the whole truth. As
+such, we will use [portions of his transcript][16] to guide the remainder of this
+> **Jackie Calmes:** Mr. President, could you please react to the reports of
+> secret government surveillance of phones and Internet? And can you also assure
+> Americans that the government — your government doesn’t have some massive
+> secret database of all their personal online information and activity?
+> **Obama:** [...] Now, the programs that have been discussed over the last
+> couple days in the press are secret in the sense that they’re classified, but
+> they’re not secret in the sense that when it comes to telephone calls, every
+> member of Congress has been briefed on this program.
+> With respect to all these programs, the relevant intelligence committees are
+> fully briefed on these programs. These are programs that have been authorized
+> by broad, bipartisan majorities repeatedly since 2006. And so I think at the
+> outset, it's important to understand that your duly elected representatives
+> have been consistently informed on exactly what we’re doing.[[16]]
+There are some important notes regarding the phrasing of the President's
+statement. Firstly, it is important to note that the President is *confirming the
+existence of* the programs that "have been discussed over the last couple days
+in the press"---that is, the [Verizon FISA Court order][5] and the [PRISM][19]
+leak. However, it is also important to take a step back and note that the
+President did *not* state outright that the reports tell the whole---or even the
+correct---story. So what do we know?
+On June 6th---a day before the White House responded to the leaks---the Director
+of National Intelligence James Clapper [declassified certain information pertaining
+to the "business records" provision of FISA][23], stating, "I believe it is
+important for the American people to understand the limits of this targeted
+counterterrorism program and the principles that govern its use". This statement
+mentions that:
+> Although this program has been properly classified, the leak of one order,
+> without any context, has created a misleading impression of how it operates.
+> [...] The program does not allow the Government to listen in on anyone's phone
+> calls. The information acquired does not include the content of any
+> communications or the identity of any subscriber. The only type of information
+> acquired under the Court's order is telephony metadata, such as telephone
+> numbers dialed and length of calls.[[23]]
+The term "telephony metadata" could mean anything; the "numbers dialed" and
+"length of calls" are part of it, but what does [the Court order][6]
+specifically request?
+> IT IS HEREBY ORDERED that [Verizon] shall produce to the [NSA] [...], and
+> continue production on an ongoing daily basis [...] for the duration of this
+> Order, [...] all call detail records or "telephony metadata" [...].
+> Telephony metadata includes comprehensive communications routing information,
+> including but not limited to [...] originating and terminating telephone
+> number, [...] International Mobile Subscriber Identity (IMSI) number,
+> International Mobile station Equipment Identity (IMEI) number, [...] trunk
+> identifier, telephone calling card numbers, and time and duration of call.
+> Telephony metadata does not include the substantive content of any
+> communication [...], or the name, address, or financial information of a
+> subscriber or customer.[[6]] --FISA Court order
+The President made this point very clear:
+> **Obama:** When it comes to telephone calls, nobody is listening to your
+> telephone calls. That’s not what this program’s about. As was indicated, what
+> the intelligence community is doing is looking at phone numbers and durations
+> of calls. They are not looking at people’s names, and they’re not looking at
+> content. But by sifting through this so-called metadata, they may identify
+> potential leads with respect to folks who might engage in terrorism. If these
+> folks — if the intelligence community then actually wants to listen to a phone
+> call, they’ve got to go back to a federal judge, just like they would in a
+> criminal investigation. So I want to be very clear. Some of the hype that
+> we’ve been hearing over the last day or so — nobody’s listening to the content
+> of people’s phone calls.[[16]]
+The EFF provides compelling arguments as to why [metadata is important to our
+privacy][24]. One such example: "They know you spoke with an HIV testing
+service, then your doctor, then your health insurance company in the same hour.
+But they don't know what was discussed." The EFF further states, "the
+government has given no assurances that this data will never be correlated with
+other easily obtained data". So, while the President may try reassuring us by
+stating that "they've got to go back to a federal judge", he certainly does
+not make it clear that they may already have enough information *without* having
+to do so---from this supposedly non-content metadata. They do not need to
+subpoena the phone company for the name or address of the individual in most
+cases, as reverse telephone directories are readily available. With that, they
+then have the names of yourself, everyone you have called and GPS data.
+Another argument worthy of strong consideration is posed by Daniel J.
+Solove---[what if the government is wrong about your intentions][25]? How can
+you go about correcting incorrect data if its very existence is hidden from the
+> What if the government leaks the information to the public? What if the
+> government mistakenly determines that based on your pattern of activities,
+> you're likely to engage in a criminal act? What if it denies you the right to
+> fly? What if the government thinks your financial transactions look odd—even
+> if you've done nothing wrong—and freezes your accounts? What if the government
+> doesn't protect your information with adequate security, and an identity thief
+> obtains it and uses it to defraud you?[[25]]
+These are serious questions. Even if you---the reader---are of the type that sates
+"I don't care; I have nothing to hide", then consider that, despite the government's
+best efforts to secure and protect the data, [it could possibly fall prey to
+enemies of the United States][25]. Consider that the [Chinese cracked into
+Pentagon systems][26], taking "designs for more than two dozen major weapon systems
+used by the United States military".
+Of course, we are now assuming that that the NSA is (a) operating in accordance with the
+Court order with respect to the privacy of communications content and (b) that
+the President's statement is not intentionally omitting projects that *do*
+warrantlessly wiretap innocent Americans' communications. Historically, the NSA has not
+given us reason to entertain either of these thoughts.
+**January 31, 2006**---[Hepting v. AT&T][13]; the EFF files a case suing AT&T on
+behalf of its customers for "violating privacy law by collaborating with the
+NSA in the massive, illegal program to wiretap and data-min Americans'
+communications". This case included "undisputed evidence" from former AT&T technician
+Mark Klein showing that [AT&T routed a copy of all Internet traffic to an NSA-controlled
+room in San Francisco][27]:
+> Through the "splitter cabinet," the content of all of the electronic voice
+> and data communications going across the Peering Links [...] was transferred
+> from the WorldNet Internet room's fiber optical circuits into the
+> [NSA-controlled] SG3 Secure Room [...] including such equipment as Sun servers
+> and Juniper (M40e and M160) "backbone" routers. The list also included a
+> Narus STA 6400, which is a "Semantic Traffic Analyzer."[[27]]
+That is---allegedly, AT&T indiscriminately passed *all* of the traffic passing
+through its San Francisco facility into the NSA-controlled "SG3 Secure Room"
+where the NSA performed their *own* filtering, storage and analysis however they
+pleased. This is an astounding accusation. Additionally, Klein further states
+that "other such `splitter cabinets' were being installed in other cities,
+including Seattle, San Jose, Los Angeles and San Diego".[[27]]
+Unfortunately, Hepting was dealt a fatal blow in July 2008 when both the
+government and AT&T were [awarded retroactive immunity][28] by the [FISA
+Amendments Act (FAA)][29]. This startling turn was signed by President Bush in
+response to the EFF's court victories in the case and "allows the Attourney
+General to require the dismissal of the lawsuits over the telecoms'
+participation in the warrantless surveillance program".[[13]] The case was
+dismissed in June 2009 and dozens of other lawsuits.
+Fortunately, the battle is not over. The EFF then filed [Jewel v. NSA][12] which
+directly targets the "NSA and other government agencies on behalf of AT&T
+customers to stop the illegal unconstitutional and ongoing dragnet surveillance
+of their communications and communications records". This case was too based
+on [the testimony of Klein][27]. Additionally, the EFF had declarations of William
+Binney, Thomas Drake and Kirk Wiebe---[three NSA whistleblowers][30]. Most
+interesting (and damning) for the purposes of our discussion is the [Summary of
+Voluminous Evidence][31].
+> I have served on the Intelligence Committee for over a decade and I wish to
+> deliver a warning this afternoon. When the American people find out how their
+> government has secretly interpreted [the business records provision of
+> FISA], they are going to be stunned and they are going to be angry.[^32]
+> --Senator Ron Wyden
+Note that the Senator is referring to precisely the same provision---business
+records---that was partly declassified by James Clapper on Thursday.[[23]] Of
+course, we are assuming that the NSA decides to go to the FISA Court for
+permission; this apparently has not always been the case.
+According to [the summary of evidence][31], the NSA stated:
+> To perform both its offensive and defensive mission, NSA must "live on the
+> network." [The program would be] a powerful and permanent presence on a
+> global telecommunications infrastructure where protected American
+> communications and targeted adversary communications will coexist.
+This certainly shares some similarities with the Verizon case. But FISA stood
+in the way of this goal; John Yoo explains why FISA was insufficient for such
+a dragnet operation:
+> [U]nder existing laws like FISA, you have to have the name of somebody, have
+> to already suspect that someone's a terrorist before you can get a warrant.
+> [...] it doesn't allow you as a government to use judgment based on
+> probability to say: "[...] there's a high probability that some of those
+> calls are terrorist communications. But we don't know the names of the people
+> making those calls." You want to get at those phone calls, those e-mails, but
+> under FISA you can't do that.[^33] --Jon Yoo
+After the September 11th attacks, "FISA ceased to be an operative
+concern".[[31]] If that statement sounds unsettling, that is because it is;
+President Bush subsequently authorized the NSA to "conduct electronic
+surveillance within the United States" without an order from the FISA Court
+(FISC). General Hayden phrased it as such: the program "is a more [...]
+`aggressive' program than would be traditionally available under FISA".[^34]
+What---if anything---does this mean about any current NSA operations (including
+the Verizon order)? If Bush is able to authorize such actions, what is to say
+that Obama will not (and has not)?
+Let us return to the statements from both Clapper[[23]] and Obama stating that
+"nobody is listening to the content of your phone calls".[[16]] We can certainly
+hope that this is the case, but we shall continue to draw from evidence in the
+[Jewel v. NSA case][12] to see what the NSA has done in the past.
+> It was the biggest legal mess I've ever encountered.[^35] --Jack Goldsmith, Justice
+> Department's Office of Legal Consel
+The program operated "in lieu of" court orders.[^36] Even more alarming (if such a
+thing is possible), "neither the President nor Attorney General approved the specific
+interceptions; rather, the decision to listen or read particular communications was
+made by intelligence analysts"; the only authorization needed was by an NSA
+"shift supervisor".[^37] So, let's reiterate:
+> **Obama:** If these folks — if the intelligence community then actually wants to listen
+> to a phone call, they've got to go back to a federal judge, just like they
+> would in a criminal investigation.[[16]]
+It may very well be that Obama is being truthful within context of the Verizon
+order; perhaps they have learned from their mistakes with the AT&T dragnet.
+Unfortunately, their secrecy is making it very difficult for the public to make
+an informed analysis of the matter.
+Ultimately, it is believed that Attorney General Comey's initial certifications of
+the program were "based on a misimpression of those activities" due to a botched
+legal analysis by Jon Yoo that was described as "at a minimum [...] factually
+flawed". Yoo was the only OLC official to read into the program since its
+inception in October 2001 until his leaving in May 2003.[[31]] When Comey refused
+to reauthorize the program, Bush did so himself, resulting in threats of resignation
+from Comey and "about two dozen Bush appointees". However, "[d]espite the illegality
+of the Program, no officials resigned."[[31]].
+In 2009, the New York Times published a series of articles regarding the
+program, exposing a ["serious issue involving the NSA" concerning
+"significant misconduct"][38]. This included a "`flagrant' overcollection
+of domestic email".[[31]]
+> Because each court order could single out hundreds or even thousands of phone
+> numbers or e-mail addresses, the number of individual communications that
+> were improperly collected could number in the millions, officials said.[[31]]
+That was then; this is now, right? How can we be sure of any connection between
+the NSA of a decade ago vs. the NSA of today? Well, as an average citizen with
+no security clearance, I can't. However, there are some important connections that
+can be made. Firstly, recall Ron Wyden's quote above stating that the public
+will be "stunned" and "angry".[^32] On Thursday, June 6th, he [released this
+statement on his Senate website][39]:
+> The program Senators Feinstein and Chambliss publicly referred to today is one
+> that I have been concerned about for years. I am barred by Senate rules from
+> commenting on some of the details at this time. However, I believe that when
+> law-abiding Americans call their friends, who they call, when they call, and
+> where they call from is private information. Collecting this data about every
+> single phone call that every American makes every day would be a massive
+> invasion of Americans’ privacy.[[39]] --Senator Ron Wyden
+Perhaps the most obvious and direct connection is that the [government asked for
+more time in Jewel v. NSA (and Shubert v. Obama) in light of the NSA
+> The revelations not only confirmed what EFF has long alleged, they went even
+> further and honestly, we’re still reeling. EFF will, of course, be continuing
+> its efforts to get this egregious situation addressed by the courts.
+> [...] EFF and others had long alleged that, despite the rhetoric surrounding
+> the Patriot Act and the FISA Amendments Act, the government was still
+> vacuuming up the records of the purely domestic communications of millions of
+> Americans. And yesterday, of course, with the Verizon order, we got solid
+> proof.. And it appears that the reach of this vacuum goes much further, into
+> the records of our Internet service providers as well.[[41]] --Electronic
+> Frontier Foundation
+This brings us back to [PRISM][19]. Numerous sources reported that [the White
+House confirmed][42] its existence. Indeed, if you consider the President's
+original words--- "the programs that have been discussed over the last couple
+days in the press are secret in the sense that they’re classified"[[16]]---this
+does seem to be a verification of the project's existence. However, confusion ensued
+when [companies like Google and Facebook denied involvement][43], despite what
+the [leaked information seems to state][19]. Yonatan Zunger---chief architect at
+Google---[reiterated the words of Larry Page][44]:
+> I can also tell you that the suggestion that PRISM involved anything happening
+> directly inside our datacenters surprised me a great deal; owing to the nature
+> of my work at Google over the past decade, it would have been challenging --
+> not impossible, but definitely a major surprise -- if something like this
+> could have been done without my ever hearing of it. And I can categorically
+> state that *nothing* resembling the mass surveillance of individuals by
+> governments within our systems has ever crossed my plate.[[44]] --Yonatan
+> Zunger, Chief Architect, Google
+Questions then arose as to what exactly "PRISM" is. Marc Ambinder with The Week
+reported that [PRISM is nothing more than one of many different "data collection
+tools"][45] that may be used by the NSA. One day later, Marc posted another article
+entitled ["Solving the mystery of PRISM"][46]
+> Each data processing tool, collection platform, mission and source for raw
+> intelligence is given a specific numeric signals activity/address designator,
+> or a SIGAD. [...] PRISM is US-984XN. Each SIGAD is basically a collection
+> site, physical or virtual; [...] PRISM is a kick-ass GUI that allows an
+> analyst to look at, collate, monitor, and cross-check different data types
+> provided to the NSA from internet companies located inside the United States.[[46]]
+Others hypothesized that, due to the denial of involvement from various
+companies[[44]], PRISM may operate by intercepting communications. The Guardian
+[countered by releasing another slide from the leaked presentation][47], stating
+outright that "[b]oth of these theories appear to be contradicted by internal
+NSA documents".
+> It clearly distinguishes Prism, which involves data collection from servers,
+> as distinct from four different programs involving data collection from "fiber
+> cables and infrastructure as data flows past".[[47]]
+This sounds a great deal like Klein's description of the SG3 Secure Room at
+AT&T[[27]] (though I do not intend to imply that they are the same thing---that is
+not clear, nor does Klien state that he ever noted the word "PRISM" on any
+documents). The Guardian goes on to state that "[a] far fuller picture of the exact
+operation of Prism [...] is expected to emerge in the coming weeks and months".
+(Is that foreshadowing or an educated guess?)
+There is, of course, the other obvious hypothesis---that organizations including
+Google, Facebook and Microsoft are being [deceptive or not telling the whole
+truth][48]. Alternatively, maybe such operations were being done under the noses
+of executives. On Friday, the New York Times published an article stating that
+the technology companies ["cooperated at least a bit"][49].
+> [Google, Micorsoft, Yahoo, Facebook, AOL, Apple and Paltalk] were legally
+> required to share the data under the Foreign Intelligence Surveillance Act.
+> [...] But instead of adding a back door to their servers, the companies were
+> essentially asked to erect a locked mailbox and give the government the key,
+> people briefed on the negotiations said. Facebook, for instance, built such a
+> system for requesting and sharing the information, they said.[[49]]
+This does not necessarily mean that these companies had any knowledge,
+specifically, of "PRISM". As the Guardian said, I will be curious to see what
+information surfaces in the coming months; the gag provisions of the orders make
+for an unfortunate situation for everyone involved.
+Let us return to the President's statements.
+> **Obama:** And I welcome this debate. And I think it's healthy for our
+> democracy. I think it's a sign of maturity, because probably five years ago,
+> six years ago, we might not have been having this debate.[[16]]
+This is a difficult debate to have, Mr. President, when the public does not know
+of the existence of these programs; we only have knowledge of these programs due
+to the aforementioned leaks---courageous individuals who feel that their
+government is not representative of the democracy and freedom that it supposedly
+represents. This segues into another statement from the President:
+> **Jackie Calmes:** Do you welcome the leak, sir? Do you welcome the leak if
+> you welcome the debate?
+> **Obama:** I don't---I don't welcome leaks, because there's a reason why these
+> programs are classified. [...] But that's also why we've set up congressional
+> oversight. These are the folks you all vote for as your representative in
+> Congress, and they’re being fully briefed on these programs.
+Unfortunately, Obama seems to have missed another critical fact. We---the
+people---vote for representatives that, well, "represent" *the issues that we
+care about*. Those who are strongly opposed to gun legislation will vote for
+those representatives that share those feelings and will fight to oppose such
+legislation. Similarly, a pro-life supporter will probably not vote for a
+candidate in favor of abortion. But what if there is a candidate that shares one
+opinion but not another---say, opposes gun regulation but supports abortion,
+when you as a voter are a pro-life gun-owner against gun legislation? Then you
+will likely vote for the issues that you feel most strongly about (or what you
+feel is a fair balance between all the other issues you follow). The problem
+here, Mr. President, is that we---the people---are not made aware of these
+issues because they are *classified*. How many people may not have voted for
+you, Mr. President, had they known that you would support dragnet surveillance
+of innocent Americans?
+**Sunday, June 9th, 2013**---The Guardian continues to surprise the world by
+[releasing the name of the NSA whistleblower at his request][50]. Edward
+Snowden, a 29-year-old former CIA technical assistant and current defense
+contractor employee is responsible for what The Guardian is calling "the
+biggest intelligence leak in the NSA's history". Reporting from Hong
+Kong---where Snowden fled to on May 20th in the hope of resisting the
+U.S. government---Glenn Greenwald, Ewen MacAskill and Laura Poitras report
+on his motives.
+> Three weeks ago, Snowden made final preparations [...] [a]t the NSA office in
+> Hawaii where he was working, [copying] the last set of documents he intended
+> to disclose.[[50]]
+Snowden describes situations where he began to begin questioning his government,
+such as a case where a CIA operative purposely encouraged a Swiss banker to get
+intoxicated and drive drunk so that he would be arrested. "Much of what I saw
+in Geneva really disillusioned me about how my government functions and what its
+impact is in the world." He mentioned that the election of Obama in 2008 gave
+him hope for reform, but watched in 2009 as "Obama advanced the very policies
+that I thought would be reined in. [...] I got hardened."[[50]]
+It is this statement from Snowden that, if accurate, suggests that Obama not
+only supports Bush's initial dragnet operation[[31]], but has further expanded it.
+At this point, since the news is still quite young at the time that this article
+was written, the world must wait to see what action the government will attempt
+to take against Snowden. Reuters had already reported the previous day that
+[the government is likely to open a criminal probe into the NSA leaks][51].
+> James Clapper, the director of U.S. national intelligence, condemned the leaks
+> and asserted that the news articles about PRISM contained "numerous
+> inaccuracies."[[51]]
+Snowden is not the first to come forward as a whistleblower from the NSA---as we
+discussed previously, three NSA whistleblowers came fourth previously to back the
+EFF in Jewel v. NSA;[[30]] they each had the charges either cleared or dropped. That
+said, [Obama has been aggressively pursuing whistleblowers][59]. Snowden
+mentioned that he views his best hope of freedom as the possibility of asylum
+with Iceland.[[50]] It appears that such may already be working in his favor, with
+[Iclandic Legislator Birgitta Jonsdottir already starting the process to apply
+for asylum][52], although it is not clear if Snowden has already applied.
+There is a great deal to think about. Even though the [evidence against the NSA
+dates far back][4], the recent revelations invoke emotions that are difficult to
+describe. With countless individuals working to sift through the information,
+the Obama administration under attack and nobody knowing if the Guardian is
+sitting on even more information, the entire world will continue to watch
+impatiently...and act.
+While all this is going on, it would be useful to reiterate certain privacy and
+security topics that have already been covered at large. Firstly, consider
+checking out the EFF's [Surveillance Self-Defense][53] website, which contains
+information on a number of topics including anonymity and how to respond to
+court orders. Consider using [Tor for anonymity][54] online (but recognize that
+it is not a full solution in itself). Consider [keeping your data to
+yourself][55] rather than storing it on "cloud" services---[Richard Stallman
+explains how Software as a Service (SaaS) differs in dangers from proprietary
+software][56]. Consider using only [free software][57] to limit further
+sacrifices in personal freedom and to limit the information that corporations
+and third parties collect from you while using your computer and other devices.
+Finally, if you have information that you want to leak to the press (whether or
+not you are an [NSA employee][58]), you may be able to consider tools such as
+[The New Yorker's Strongbox][60]; it uses [software created by Aaron Swartz][61]
+shortly before his untimely death early this year.
+Finally, aid senators like Rand Paul in developing [legislation to curb the powers
+of the government][62]. We must also do our best to fight for the rights of
+brave whistleblowers like Snowden. To end with the words of the EFF, ["we need
+a new church committee and we need it now"][41].
+[5]: http://www.guardian.co.uk/world/2013/jun/06/nsa-phone-records-verizon-court-order
+ "NSA collecting phone records of millions of Verizon customers daily"
+[6]: http://s3.documentcloud.org/documents/709012/verizon.pdf "PDF of the FISA Court order to Verizon."
+[7]: http://s3.documentcloud.org/documents/709012/verizon.txt "Ibid; plain text version."
+[8]: https://www.eff.org/deeplinks/2013/06/confirmed-nsa-spying-millions-americans
+ "Confirmed: NSA Spying on Millions of Americans"
+[9]: https://www.eff.org/deeplinks/2011/10/ten-years-later-look-three-scariest-provisions-usa-patriot-act
+ "Three Scariest Provisions of thet USA Patriot Act"
+[10]: /2013/03/federal-judge-rules-nsls-national-security-letters-unconstitutional
+ "Federal Judge Declares National Security Letters Unconstitutional"
+[11]: http://www.theatlantic.com/politics/archive/2013/06/what-we-dont-know-about-spying-on-citizens-scarier-than-what-we-know/276607/
+ "Bruce Schneier comments on NSA leak"
+[12]: https://www.eff.org/cases/jewel "Jewel v. NSA"
+[13]: https://www.eff.org/cases/hepting "Hepting v. AT&T"
+[14]: /2012/11/privacy-in-light-of-the-petraeus-scandal
+ "Privacy In Light of the Petraeus Scandal"
+[15]: /2013/03/google-says-the-fbi-is-secretly-spying-on-some-of-its-customers
+ "Google Says the FBI Is Secretly Spying on Some of Its Customers"
+[16]: http://blogs.wsj.com/washwire/2013/06/07/transcript-what-obama-said-on-nsa-controversy/
+ "Obama on the NSA controversy"
+[17]: https://www.eff.org/deeplinks/2013/05/congressional-outrage-over-ap-phone-records
+ "Congressional outrate of AP phone records"
+[18]: https://www.eff.org/deeplinks/2013/05/doj-subpoena-ap-journalists-shows-need-protect-calling-records
+[19]: http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data
+[20]: http://googleblog.blogspot.com/2013/06/what.html "Larry Page denies PRISM involvement"
+[21]: https://www.facebook.com/zuck/posts/10100828955847631 "Mark Zuckerberg denies PRISM involvement"
+[22]: http://www.guardian.co.uk/world/2013/jun/07/google-facebook-prism-surveillance-program
+[23]: http://www.dni.gov/index.php/newsroom/press-releases/191-press-releases-2013/868-dni-statement-on-recent-unauthorized-disclosures-of-classified-information
+ "James Clapper---Directory of National Intelligence---declassifies
+ information pertaining to the "business records" provision of FISA"
+[24]: https://www.eff.org/deeplinks/2013/06/why-metadata-matters
+ "The EFF describes why telephony metadata can have a significant impact on our privacy."
+[25]: http://mashable.com/2013/06/08/china-hack-nsa/ "What if crackers get a hold of the NSA's databases?"
+[26]: http://rt.com/usa/us-chinese-report-defense-888/ "The Chinese crack into Pentagon systems."
+[27]: https://www.eff.org/file/28823 "Public unredacted Mark Klein declaration"
+[28]: https://www.eff.org/pages/case-against-retroactive-amnesty-telecoms "The Case Against Retroactive Amnesty for Telecoms."
+[29]: http://www.govtrack.us/congress/bills/110/hr6304/text "FISA Amendments Act (FAA)."
+[30]: https://www.eff.org/press/releases/three-nsa-whistleblowers-back-effs-lawsuit-over-governments-massive-spying-program
+ "Three NSA whistleblowers back the EFF in Jewel v. NSA"
+[31]: https://www.eff.org/node/72021 "Summary of Voluminous Evidence, Jewel v. NSA"
+[38]: http://www.nytimes.com/2009/04/16/us/16nsa.html?pagewanted=all "Officials Say U.S. Wiretaps Exceeded Law"
+[39]: http://www.wyden.senate.gov/news/press-releases/wyden-statement-on-alleged-large-scale-collection-of-phone-records
+ "Ron Wyden comments on the collection of Verizon phone records"
+[40]: https://www.eff.org/deeplinks/2013/06/government-asks-more-time-eff-surveillance-cases
+ "In Light of NSA Revelations, Government Asks for More Time in EFF Surveillance Cases"
+[41]: https://www.eff.org/deeplinks/2013/06/response-nsa-we-need-new-church-commission-and-we-need-it-now
+ "In Response to the NSA, We Need A New Church Committee and We Need It Now"
+[42]: http://www.theweek.co.uk/us/53475/white-house-admits-it-has-access-facebook-google
+ "White House admits it has "access" to Facebook, Google"
+[43]: http://www.guardian.co.uk/world/2013/jun/07/google-facebook-prism-surveillance-program
+ "Facebook and Google insist they did not know of Prism surveillance program"
+[44]: https://plus.google.com/+YonatanZunger/posts/huwQsphBron
+ "Yonatan Zunger---Chief Architect at Google---expresses his distaste of PRISM"
+[45]: http://theweek.com/article/index/245311/sources-nsa-sucks-in-data-from-50-companies
+ "Sources: NSA sucks in data from 50 companies"
+[46]: http://theweek.com/article/index/245360/solving-the-mystery-of-prism
+ "Solving the mystery of PRISM"
+[47]: http://www.guardian.co.uk/world/2013/jun/08/nsa-prism-server-collection-facebook-google
+ "NSA's Prism surveillance program: how it works and what it can do."
+[48]: http://www.guardian.co.uk/world/2013/jun/08/obama-response-nsa-surveillance-democrats
+ "Obama deflects criticism over NSA surveillance as Democrats sound alarm."
+[49]: http://www.nytimes.com/2013/06/08/technology/tech-companies-bristling-concede-to-government-surveillance-efforts.html?ref=global-home&_r=2&pagewanted=all&
+ "Tech Companies Concede to Surveillance Program"
+[50]: http://www.guardian.co.uk/world/2013/jun/09/edward-snowden-nsa-whistleblower-surveillance
+ "Edward Snowden: the whistleblower behind the NSA surveillance revelations."
+[51]: http://www.reuters.com/article/2013/06/08/us-usa-security-leaks-idUSBRE95700C20130608
+ "Government likely to open criminal probe into NSA leaks: officials."
+[52]: http://www.forbes.com/sites/andygreenberg/2013/06/09/icelandic-legislator-im-ready-to-help-nsa-whistleblower-seek-asylum/
+ "Icelandic Legislator: I'm Ready To Help NSA Whistleblower Edward Snowden Seek Asylum"
+[53]: https://ssd.eff.org/ "EFF Surveillance Self-Defense."
+[54]: https://www.torproject.org/ "The Tor project offers anonymity online."
+[55]: http://www.guardian.co.uk/technology/2008/sep/29/cloud.computing.richard.stallman
+ "Cloud computing is a trap, warns GNU founder Richard Stallman"
+[56]: http://www.gnu.org/philosophy/who-does-that-server-really-serve.html
+ "Who does that server really serve?"
+[57]: http://www.gnu.org/philosophy/free-sw.html "What is free software?"
+[58]: http://www.whistleblowers.org/index.php?option=com_content&task=view&id=984&Itemid=173
+ "National Security Employees Know Your Rights"
+[59]: http://www.theatlanticwire.com/politics/2011/05/obamas-war-whistle-blowers/38106/
+ "Obama's War on Whistle-Blowers"
+[60]: http://www.newyorker.com/strongbox/ "The New Yorker Strongbox"
+[61]: http://www.newyorker.com/online/blogs/newsdesk/2013/05/strongbox-and-aaron-swartz.html
+ "Strongbox and Aaron Swartz"
+[62]: http://abcnews.go.com/blogs/politics/2013/06/rand-paul-bill-would-curb-nsa-on-phone-records/
+ "Rand Paul Bill Would Curb NSA on Phone Records"
+[^32]: Ibid.[[31]] 157 Cong. Rec. S3372--3402, S3386 (May 26, 2011) [Vol. VI, Ex. 111, p. 4286]
+ (Statement of Sen. Ron Wyden, On Patriot Act Reauthorization)
+[^33]: Ibid.[[31]] PBS Frontline, Spying on the Homefront, Interview with John C. Yoo at 4
+ (Jan. 10, 2007) [Vol. I, Ex. 10, p. 394]
+[^34]: Ibid.[[31]] Press Briefing by Att’y Gen. Alberto Gonzalez and Gen. Michael Hayden,
+ Principal Dep. Dir. for Nat’l Intelligence (Dec. 19, 2005)
+[^35]: Ibid.[[31]] Preserving the Rule of Law in the Fight Against Terror:
+ Hearing before the S. Comm. on the Judiciary, 110th Cong. 7 (Oct. 2, 2007)
+ [Vol. III, Ex. 42, p. 1307] (testimony of Jack Goldsmith)
+[^36]: Ibid.[[31]] Press Briefing by Att’y Gen. Alberto Gonzalez and Gen. Michael Hayden, Principal Dep. Dir.
+ for Nat’l Intelligence (Dec. 19, 2005)
+[^37]: Ibid.[[31]] Remarks by Gen. Michael Hayden, Address to the National Press Club, Washington, D.C. (Jan. 23, 2006)
+ [Vol. IV, Ex. 73, p. 1809]
diff --git a/post/2013-06-16-thoughts-cc-by-sa.md b/post/2013-06-16-thoughts-cc-by-sa.md
new file mode 100644
index 0000000..73bb706
--- /dev/null
+++ b/post/2013-06-16-thoughts-cc-by-sa.md
@@ -0,0 +1,159 @@
+# All "Thoughts" and Site Text Now Licensed Under CC BY-SA
+All "thoughts"---that is, my blog-like entries that are generated by the
+repository commit messages---and site text are hereby retroactively relicensed
+under the [Creative Commons Attribution-ShareAlike 3.0 Unported License][0].
+This license shall not supersede any license that is explicitly put forth within
+a work; see the COPYING file within the thoughts repository---available on the
+"Projects" page---for more information.
+[0]: http://creativecommons.org/licenses/by-sa/3.0/
+<!-- more -->
+This is not a decision I take lightly; it has received much thought over the
+course of recent years. For some time, I accepted [the view of Richard Stallman
+and the Free Software Foundation][1] on opinion pieces in that, since they
+express personal opinions, it is not unreasonable to require that they be
+distributed verbatim. Indeed, it would seem wise not to allow someone to change
+your words, especially on something that you are passionate about.
+However, I have come to adopt another perspective. What is the motivation behind
+releasing content under a license that permits modification (that is, the
+creation of derivative works)? Often, the primary reason is to allow others to
+improve upon the content or to modify it to suit their particular needs. To
+prevent others from locking down those changes---preventing others from having
+the same rights as they did---many will often release their works under licenses
+that require that all derivatives be released under the same terms. In the case
+of Creative Commons, this is called ["ShareAlike"][2], which is motivated by
+GNU's copyright hack called [copyleft][3] (popularized by the [GNU General
+Public License][4]).
+For [free software][5] advocates, the question of whether or not to permit
+modification is generally not even raised---it is a necessity. Software serves a
+functional purpose: Prohibiting modification could prevent users from altering
+the software in ways that they may find useful and could be used to exert
+control over the users. Software does stuff. Software can control what the user
+can and cannot do.
+Creative works are often considered in a different light. Like software, they
+are indeed useful---they can be tools to learn, to entertain, etc. However, does
+prohibiting modification do any harm? In the case of [documentation for free
+software][6], yes---documentation is very important and can make the difference
+between highly useful software and impenetrable software. Free documentation
+ensures that, as the software grows, the documentation can grow with it. Since
+the documentation for many projects is often scarce or poorly written (great
+computer hackers are not necessarily great language hackers), the freedom to
+modify the documentation is a necessity.
+Then what of texts that have nothing to do with a free software project? Texts
+that serve as an educational resource of any kind would benefit from being free
+just as a free software project would---experts could contribute, teachers could
+alter it to suit their particular teaching style or their classroom setting,
+etc. But what of texts that exist purely as opinion pieces?
+I'm not sure there's such a thing as a "pure" opinion piece, unless it is
+utter garbage.
+An author would do well to substantiate their opinion with appropriate
+references (though often times, this is not the case). With those
+references (or lack thereof) comes the need to connect them to the content---the
+author must explain his or her opinion. This explanation is educational, even if
+the reader does not agree with the opinion. Perhaps the reader wishes to use the
+opinion piece as a resource, but notices that it is lacking in some respect.
+Should they not be able to improve it, perhaps to even further the author's
+point? Or, perhaps the opinion piece could be extended to the contrary---to
+prove additional references to either make it neutral or even work against the
+author's original opinion. Even though this may not be what the author wants,
+this is still a useful derivation of the original work.
+As an example, consider this very post. This is clearly an opinion piece---I
+have made the choice to release my content under a Creative Commons license and
+I am substantiating my opinion in the hope that others may gain insight and
+possibly even choose the same path for their own creative works. What if someone
+wished to present this article to a group of individuals---maybe in the
+workplace---but found my "garbage" comment to be unnecessarily harsh? What
+personal harm would I incur if they were to remove that statement? However, what
+if they wished to go further by replacing all references to "free software"
+with references to "open source"---a term which I [reject][7]? Well, this
+could potentially affect my image, depending on the group's philosophy. What
+There are a few important points to note from this. Firstly, the license
+mandates that:
+> If You Distribute, or Publicly Perform the Work or any Adaptations or
+> Collections, You must, unless a request has been made pursuant to Section
+> 4(a), keep intact all copyright notices for the Work and provide, reasonable
+> to the medium or means You are utilizing: (i) the name of the Original Author
+> (or pseudonym, if applicable) if supplied, and/or if the Original Author
+> and/or Licensor designate another party or parties (e.g., a sponsor institute,
+> publishing entity, journal) for attribution ("Attribution Parties") in
+> Licensor's copyright notice, terms of service or by other reasonable means,
+> the name of such party or parties; (ii) the title of the Work if supplied;
+> (iii) to the extent reasonably practicable, the URI, if any, that Licensor
+> specifies to be associated with the Work, unless such URI does not refer to
+> the copyright notice or licensing information for the Work; and (iv) ,
+> consistent with Ssection [sic] 3(b), in the case of an Adaptation, a credit
+> identifying the use of the Work in the Adaptation (e.g., "French translation
+> of the Work by Original Author," or "Screenplay based on original Work by
+> Original Author").[8]
+In plain English---you must provide attribution to the original author and
+indicate that the work has been modified from the original. Furthermore:
+> The credit required by this Section 4(c) may be implemented in any reasonable
+> manner; provided, however, that in the case of a Adaptation or Collection, at
+> a minimum such credit will appear, if a credit for all contributing authors of
+> the Adaptation or Collection appears, then as part of these credits and in a
+> manner at least as prominent as the credits for the other contributing
+> authors.[8]
+It would therefore be appropriate to assume that an author of a derivate work
+will, in good faith, make clear attribution. Should this not be the case, then
+what is to say that the author would not have simply modified a work which is
+not licensed to permit modifications?
+The next point is another simple one: Under United States copyright law, the
+[fair use doctrine][9] permits limited use of a copyrighted work without prior
+consent from the author; it is this doctrine that allows, for example, authors
+and journalists to quote portions of other works to report on or back up their
+arguments. This means that, even if the license did not permit, an author could
+still incorporate *portions* of my work to support their own arguments or agenda,
+regardless of whether or not I may agree with it. This segues into the final
+Who am I to [dictate others opinions][10]? It would not be right of me to limit
+one's freedom simply because they violate my own personal opinions or beliefs.
+Therefore, if this is one condition under which I would decide to restrict my
+creative works, then that reason should be immediately dismissed. This means
+that---within the context of my previous example---if someone wanted to alter
+all the references to "free software" in my work to adapt it to their own
+personal style, then they should be permitted to do so. Such a work is no longer
+my own: They must clearly state that it has been altered from the original.
+Hopefully readers take notice of that. My works are always published on my own
+personal website where the originals can be found; with today's search engines,
+such a task is trivial. If someone neglects to do so---and I do understand that
+many will neglect to do so---then they have not made an informed opinion on the
+Another minor point would be that, for the majority of my works, it is unlikely
+that anyone will be making any sort of alteration.
+As such, I find that I have little ground to stand on should I attempt to
+rationalize a more restrictive license. Any remaining arguments, such as "what
+if they sell your content or modify it only slightly and are given more credit
+for the work than they deserve?" are already covered by the free software
+philosophy can may be easily adopted here.
+[1]: http://www.gnu.org/licenses/license-list.html#OpinionLicenses
+[2]: http://creativecommons.org/licenses/
+[3]: https://www.gnu.org/copyleft/copyleft.html
+[4]: https://www.gnu.org/copyleft/gpl.html
+[5]: https://www.gnu.org/philosophy/free-sw.html
+[6]: https://www.gnu.org/philosophy/free-doc.html
+[7]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
+[8]: http://creativecommons.org/licenses/by-sa/3.0/legalcode
+[9]: http://en.wikipedia.org/wiki/Fair_use
+[10]: http://www.gnu.org/philosophy/programs-must-not-limit-freedom.html
diff --git a/post/2013-07-12-snowden-asylum.md b/post/2013-07-12-snowden-asylum.md
new file mode 100644
index 0000000..3c0b66d
--- /dev/null
+++ b/post/2013-07-12-snowden-asylum.md
@@ -0,0 +1,64 @@
+# Snowden Statement at Moscow Airport; Accepts Asylum Offers
+**See Also:** [National Uproar: A Comprehensive Overview of the NSA Leaks and
+Revelations][0]; I have not yet had the time to devote to writing a thorough
+follow-up of recent events and will likely wait until further information and
+leaks are presented.
+[Edward Snowden][1]---the whistleblower responsible for [exposing various NSA
+dragnet spying programs][0], among other documents---has been [stuck in the
+Moscow airport][2] for quite some time while trying to figure out how he will
+travel to countries offering him asylum, which may involve traveling through
+territories that may cooperate with the United States' extradition requests.
+[0]: /2013/06/national-uproar-a-comprehensive-overview-of-the-nsa-leaks-and-revelations
+[1]: https://en.wikipedia.org/wiki/Edward_Snowden (Now with his own Wikipedia page)
+[2]: http://www.guardian.co.uk/world/2013/jul/01/edward-snowden-escape-moscow-airport
+<!-- more -->
+Snowden [issued a statement today to Human Rights groups at Moscow's
+Sheremetyevo airport][3], within which he mentioned:
+> I announce today my formal acceptance of all offers of support or asylum I
+> have been extended and all others that may be offered in the future. With, for
+> example, the grant of asylum provided by Venezuela’s President Maduro, my
+> asylee status is now formal, and no state has a basis by which to limit or
+> interfere with my right to enjoy that asylum. [...] I ask for your assistance
+> in requesting guarantees of safe passage from the relevant nations in securing
+> my travel to Latin America, as well as requesting asylum in Russia until such
+> time as these states accede to law and my legal travel is permitted. I will be
+> submitting my request to Russia today, and hope it will be accepted
+> favorably.[3]
+Snowden had previously [withdrawn his request for political asylum in Russia][4]
+after [Vladmir Putin stated that he could stay][5] only if he stopped "bringing
+harm to our American partners"---something which [Snowden does not believe that
+he is doing][6]. Although Venezuela has offered Snowden asylum, as [explained by
+the Guardian][6], "he remains unable to travel there without travel
+documents". Even if he does obtain travel documents, there are still
+worries---earlier this month, the [Bolivian president's plane was diverted with
+suspicion that Snowden was on board][7], showing that certain countries may be
+willing to aid the U.S. in his extradition or otherwise prevent him from
+My focus on these issues will seldom be on Snowden himself---I would prefer to
+focus primarily on what he sacrificed his life to bring to light. But it is
+precisely this sacrifice that makes it important to ensure that Snowden does not
+fall out of the picture (though it does not appear that he will any time soon).
+The Guardian also seems to have adopted the strategy of slowly providing more
+information on the leaks over time---such as the recent revelation that
+[Microsoft cooperated with the NSA's Prisim program to provide access to
+unencrypted contents of Outlook.com, Hotmail, Skype and SkyDrive services][8]; I
+will have more on that later.
+I end this with a photograph taken yesterday of [Richard Stallman with Julian
+Assange holding up a picture of Snowden][9] that brings a smile to my face.
+[3]: http://wikileaks.org/Statement-by-Edward-Snowden-to.html
+[4]: http://www.guardian.co.uk/world/2013/jul/02/edward-snowden-nsa-withdraws-asylum-russia-putin
+[5]: http://www.guardian.co.uk/world/2013/jul/01/putin-snowden-remain-russia-offer
+[6]: http://m.guardiannews.com/world/2013/jul/12/edward-snowden-accuses-us-illegal-campaign
+[7]: http://www.guardian.co.uk/world/2013/jul/05/european-states-snowden-morales-plane-nsa
+[8]: http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data
+[9]: http://twitpic.com/d279tx
diff --git a/post/2013-08-11-london-trash-spies.md b/post/2013-08-11-london-trash-spies.md
new file mode 100644
index 0000000..b8c520d
--- /dev/null
+++ b/post/2013-08-11-london-trash-spies.md
@@ -0,0 +1,99 @@
+# London Trashcan Spies
+We're not talking about kids hiding out in trashcans talking on
+walkie-talkies and giggling to each other.
+[Ars has reported on London trashcans][0] rigged to collect the [MAC
+addresses][1] of mobile devices that pass by. Since we do not often see
+mobile devices carrying themselves around, we may as well rephrase this as
+"collect the MAC addresses of people that pass by":
+> During a one-week period in June, just 12 cans, or about 10 percent of the
+> company's fleet, tracked more than 4 million devices and allowed company
+> marketers to map the "footfall" of their owners within a 4-minute
+> walking distance to various stores.
+[0]: http://arstechnica.com/security/2013/08/no-this-isnt-a-scene-from-minority-report-this-trash-can-is-stalking-you/
+[1]: http://en.wikipedia.org/wiki/MAC_address
+<!-- more -->
+Your device's---er, *your*---MAC address is a unique identifier that, in
+the case of wireless networks, is used by the networks to state that a
+message is intended specifically for you---something that is necessary since
+wireless devices communicate through open air and, therefore, your device is
+[also able to pick up the communications of other devices][2]:
+> In IEEE 802 networks such as Ethernet, token ring, and IEEE 802.11, and in
+> FDDI, each frame includes a destination Media Access Control address (MAC
+> address). In non-promiscuous mode, when a NIC receives a frame, it
+> normally drops it unless the frame is addressed to that NIC's MAC address
+> or is a broadcast or multicast frame.
+Therefore, in such networks, a MAC address is required for communication. So
+why does your device freely give away such a unique identifier that can be
+used to track you? Consider that, when wireless is enabled (and, as [the Ars
+article][0] mentions, sometimes [even when it's not][3]), your device
+generally scans your surroundings in order to provide you with a list of
+networks to connect to. This list is generally populated when various access
+points broadcast their own information to advertise themselves so that you
+can select them to connect. However, some access points are hidden---they do
+not broadcast their information, which helps to deter unwanted or malicious
+users. To connect to these access points, you generally provide the name
+that the access point administrator has given to it (e.g. "mysecretap").
+Let's say you disconnect from mysecretap. Since the access point (AP) is not
+broadcasting itself, how does your device know when it is available again?
+It must attempt to ping it and see if it gets a response. With this ping is
+your MAC address. Since many devices conveniently like to connect
+automatically to known access points when they become available, it is
+likely that your device is pinging rather frequently.
+But what if you do not use hidden access points? Well, it is likely that the
+same issue still stands---what if the access point that you connected to was
+once listed but then becomes hidden? (Maybe the administrator of the access
+point allowed broadcasts for a period of time to allow people to connect
+easily, but then hid it at a later time.) Your device would need to account
+for that, and therefore, to be helpful, likely broadcasts pings for any
+access point you have connected to recently (where "recently" would depend
+on your device).
+Now, back to the [NSA][5]-wannabe-trashcans: At this point, all an observer
+must do is lay in wait for those broadcasts and record the MAC addresses. By
+placing these devices at various locations, you could easily track the
+movements of individuals, including their speed, destinations, durations of
+their visits, visit frequencies, favorite areas, dwellings, travel patterns,
+etc. Since devices may broadcast a whole slew of recent access points that
+it connected to, you could also see areas that the owner may have been to
+(oh, I see that you connected to the free wifi in that strip joint). You
+[could be evil][6].
+Turn off wireless on your device when you are not using it---especially when
+you are traveling. Ensure that your device [does not continue pinging access
+points when wireless is disabled][3].
+Better yet, fight back. Consider exploring how to spoof your MAC address,
+perhaps randomly generating one every so often. Consider the possibilities
+of activist groups that may pollute these spy databases by gathering a list
+of unique MAC addresses of passerbys for the purpose of rebroadcasting them
+at random intervals---which you could even do using long-range antennas
+targeted at these devices.[^7] If done properly to mimic models of common
+travel patterns, the data that these spy devices gather would become
+Surveillance by any entity---be it [governments][5], corporations,
+individuals or otherwise---is not acceptable.
+[2]: http://en.wikipedia.org/wiki/Promiscuous_mode
+[3]: http://arstechnica.com/gadgets/2013/08/review-android-4-3-future-proofs-the-platform-with-multitude-of-minor-changes/3/#p15
+[4]: http://arstechnica.com/security/2013/08/diy-stalker-boxes-spy-on-wi-fi-users-cheaply-and-with-maximum-creep-value/
+[5]: /2013/06/national-uproar-a-comprehensive-overview-of-the-nsa-leaks-and-revelations
+[6]: http://renewlondon.com
+[^7]: Disclaimer: Please research your local laws.
+[^8]: Of course, it is important that such an activity in itself does not
+violate a person's privacy, and so such collection must be done in a manner
+that cannot in itself identify the person's travel patterns (e.g. by
+not storing information on what access point the data was collected from).
diff --git a/post/2013-08-12-facebook-spying.md b/post/2013-08-12-facebook-spying.md
new file mode 100644
index 0000000..d07d2a7
--- /dev/null
+++ b/post/2013-08-12-facebook-spying.md
@@ -0,0 +1,17 @@
+# Facebook knows about you even if you are not a member
+An article about [the scope of Facebook's data collection][0] speaks for
+itself; this really does not come as a surprise, but is nonetheless
+[0]: http://www.groovypost.com/news/facebook-shadow-accounts-non-users/
+<!-- more -->
+Encourage your friends, colleagues and acquaintances to use services like
+[Diaspora][1] that are respectful of your data instead. Better yet: explain
+to those individuals the problems of social media services and ask that they
+respectfully leave you out of it.
+[1]: https://joindiaspora.com/
diff --git a/post/2013-08-12-win8-ads.md b/post/2013-08-12-win8-ads.md
new file mode 100644
index 0000000..82febd1
--- /dev/null
+++ b/post/2013-08-12-win8-ads.md
@@ -0,0 +1,40 @@
+# Windows 8.1 to display targeted advertisements on local system searches
+It is very disturbing that [Microsoft decided that it would be a good idea
+to display targeted ads on local searches][0]---that is, if you search for a
+file on your PC named "finances", you may get ads for finance software,
+taxes, etc. If you search for "porn", well, you get the idea.
+> Bing Ads will be an integral part of this new Windows 8.1 Smart Search
+> experience. Now, with a single campaign setup, advertisers can connect
+> with consumers across Bing, Yahoo! and the new Windows Search with highly
+> relevant ads for their search queries. In addition, Bing Ads will include
+> Web previews of websites and the latest features like site links, location
+> and call extensions, making it easier for consumers to complete tasks and
+> for advertisers to drive qualified leads.[[1]]
+[0]: http://www.computerworld.com/s/article/9241524/Steven_J._Vaughan_Nichols_Microsoft_Bing_bang_bungles_local_search
+[1]: http://community.bingads.microsoft.com/ads/en/bingads/b/blog/archive/2013/07/02/new-search-ad-experiences-within-windows-8-1.aspx
+<!-- more -->
+While that is certainly obnoxious, consider the larger issue of privacy
+(which seems to be in the news a lot lately[[2]][[3]]): Late last year, there
+was an uproar in the Free Software community when [Ubuntu decided to query
+Amazon---enabled by default---on local searches][4] using their new Unity
+interface. The problem is that your personal queries are being sent to a
+third party---queries that you generally would expect to be private. If I
+run a `find' or `grep' command on my system, I certainly do not expect it to
+report to Amazon or Microsoft what I am searching for.
+And to make matters even worse, Microsoft is exploiting this information to
+allow advertisers to target you. [Ironic.][5]
+[Do not use Windows 8][6] (or any other proprietary software, for that
+[2]: /2013/08/facebook-knows-about-you-even-if-you-are-not-a-member
+[3]: /2013/06/national-uproar-a-comprehensive-overview-of-the-nsa-leaks-and-revelations
+[4]: http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do
+[5]: http://www.scroogled.com/email/
+[6]: https://www.fsf.org/windows8
diff --git a/post/2013-08-13-air-temp-phone-battery.md b/post/2013-08-13-air-temp-phone-battery.md
new file mode 100644
index 0000000..c2f419b
--- /dev/null
+++ b/post/2013-08-13-air-temp-phone-battery.md
@@ -0,0 +1,64 @@
+# Measuring Air Temperature With Phone Batteries
+OpenSignal---a company responsible for mapping wireless signal
+strength by gathering data using mobile device software---noticed [an
+interest correlation between battery temperature on devices and air
+> Aggregating daily battery temperature readings to city level revealed a
+> strong correlation with historic outdoor air temperature. With a
+> mathematical transformation, the average battery temperature across a
+> group of phones gives the outdoor air temperature.
+[0]: http://opensignal.com/reports/battery-temperature-weather/
+<!-- more -->
+**Note:** Graph renderings on their website require proprietary JavaScript, but
+the article does describe it in detail, so it is not necessary. In
+particular, note that, from [their provided equation][0], their scaling factor
+`m' implies that there is a smaller variance in battery temperature in the
+graph than there is in the actual air temperature, but that there is still a
+This is an interesting find. The article further states that "[...] we have
+one data point where the Android data is actually more reliable than the
+traditional source."
+Such data can be very useful in providing decentralized data, so long as
+[issues of privacy][1] are addressed. Doing so is not terribly difficult,
+but would have a number of factors. In particular, the user would need the
+means to submit data anonymously, which could be done via software/networks
+such as [Tor][2]. GPS location data is certainly a privacy issue when it is
+tied to your mobile device, but fortunately, it's unneeded: you can trust
+your users to let you know where they reside by either (a) opting into using
+location services or (b) allowing them to specify a location or approximate
+location of their choosing (approximations would be important since a user
+may not wish to change their location manually while they travel, say, to
+and from work). If enough devices submit data, then legitimate data would
+drown out those who are trying to purposefully pollute the database. Such an
+example can be seen with Bitcoin, in which networks will [reach a consensus
+on correct blockchains][3] so long as "a majority of computing power is
+controlled by nodes that are not cooperating to attack the network". Of
+course, users would be able to pollute the network by sending false data as
+it is, and the [data is already tarnished from various factors such as body
+Of course, I do assume that mobile devices will contain temperature sensors
+in the future; [some already do][4] (but I cannot encourage their use, as
+they use [proprietary software][5]). However, this is still a clever hack (I
+suppose that term is redundant). In my searching while writing this article,
+I did notice [prior examples of ambient temperature readings using Android
+software][6] ([proprietary][5]), but the software does not aggregate data
+for purposes of determining weather patterns.
+Finally, please do not download OpenSignal's app; it too is
+[proprietary][5]; this discussion was purely from a conceptual standpoint
+and does not endorse any software.
+[1]: /2013/08/london-trashcan-spies
+[2]: https://www.torproject.org/
+[3]: http://en.wikipedia.org/wiki/Protocol_of_Bitcoin
+[4]: http://stackoverflow.com/a/11628921
+[5]: http://www.gnu.org/philosophy/free-sw.html
+[6]: https://play.google.com/store/apps/details?id=androidesko.android.electronicthermometer&hl=en
diff --git a/post/2013-08-13-copyleft-vs-community.md b/post/2013-08-13-copyleft-vs-community.md
new file mode 100644
index 0000000..5c7a226
--- /dev/null
+++ b/post/2013-08-13-copyleft-vs-community.md
@@ -0,0 +1,209 @@
+# FreeBSD, Clang and GCC: Copyleft vs. Community
+A useful perspective explaining why [FreeBSD is moving away from GCC in
+favor of Clang][0]; indeed, they are moving away from GPL-licensed software
+in general. While this is [not a perspective that I personally agree
+with][1], it is one that I will respect for the project. It is worth
+understanding the opinions of those who disagree with you to better
+understand and formulate your own perspective.
+[0]: http://unix.stackexchange.com/a/49970
+[1]: /2012/11/vlcs-move-to-lgpl
+But I am still a free software activist.
+<!-- more -->
+According to the [FreeBSD FAQ][2]:
+> The goal of the FreeBSD Project is to provide a stable and fast general
+> purpose operating system that may be used for any purpose without strings
+> attached.
+As is mentioned in [the aforementioned article][0], the BSD community does not
+hold the same opinions on what constitutes "without strings
+attached"---the BSD community [considers the restriction on the user's
+right to make proprietary use of the software to be a "string"][2],
+whereas the free software community under [RMS][3] believes that [the
+ability to make a free program proprietary is unjust][4]:
+> Making a program proprietary is an exercise of power. Copyright law today
+> grants software developers that power, so they and only they choose the
+> rules to impose on everyone else—a relatively small number of people make
+> the basic software decisions for all users, typically by denying their
+> freedom. When users lack the freedoms that define free software, they
+> can't tell what the software is doing, can't check for back doors, can't
+> monitor possible viruses and worms, can't find out what personal
+> information is being reported (or stop the reports, even if they do find
+> out). If it breaks, they can't fix it; they have to wait for the developer
+> to exercise its power to do so. If it simply isn't quite what they need,
+> they are stuck with it. They can't help each other improve it.
+The [Modified BSD License][5] is a GPL-compatible Free Software
+license---that is, software licensed under the Modified BSD license meets
+the requirements of the [Free Software Definition][6]. The additional
+"string" that the BSD community is referring to is the concept of
+[copyleft][7]---Richard Stallman's copyright hack and one of his most
+substantial contributions to free software and free society. To put it into
+the [words of the FSF][7]:
+> Copyleft is a general method for making a program (or other work) free,
+> and requiring all modified and extended versions of the program to be free
+> as well.
+Critics often adopt the term ["viral" in place of "copyleft"][8] because
+of the requirement that all derivatives must contain the same copyleft
+terms---the derivative must itself be Free Software, perpetually (until, of
+course, the copyright term expires and it becomes part of the public domain,
+[if such a thing will ever happen at this rate][9]). In the case of the
+Modified BSD license---being a more permissive license that is non-copyleft
+and thus allows proprietary derivatives---derivative works that include both
+BSD- and GPL-licensed code essentially consume the [Modified BSD license's
+terms][10], which are a subset of the [GPL's][11]. Of course, this is not
+pursuant to [FreeBSD's goals][2] and so they consider this to be a bad
+thing: There are "strings attached".
+This is more demonstrative of the ["open source" philosophy than that of
+"Free Software"][12] (yes, notice the bias in my capitalization of these
+[Copyleft is important][7] because it ensures that all users will forever
+have the [four fundamental freedoms associated with Free Software][6]. The
+GPL incorporates copyleft; BSD licenses do not. Consider why this is a
+problem: Imagine some software Foo licensed under [the Modified BSD
+license][10]. Foo is free software; it is licensed under a [free software
+license (Modified BSD)][5]. Now consider that someone makes a fork---a
+derivative---of Foo, which we will call "Foobar". Since [the Modified BSD
+license is not copyleft][10], the author of Foobar decides that he or she
+does not wish to release its source code; this is perfectly compliant with
+the Modified BSD license, as it does not require that source code be
+distributed with a binary (it only requires---via its [second
+clause][10]---that the copyright notice, list of conditions and disclaimer be
+The author has just taken Foo and made it proprietary.
+The FreeBSD community is okay with this; [the free software community is
+not][4]. There is a distinction between these two parties: When critics of
+copyleft state that they believe the GPL is "less free" than more
+permissive licenses such as the BSD licenses, they are taking into
+consideration the freedoms of developers and distributors; the GPL, on the
+other hand, explicirly *restricts* these parties' rights in order to protect
+the *users* because those parties are precisely those that seek to *restrict
+the users' freedoms*; we cannot provide such freedoms to developers and
+distributors without sacrificing the rights of the vulnerable users who
+generally do not have the skills to protect themselves from being taken
+advantage of.[^13] Free software advocates have exclusive, unwaivering
+loyalty to users.
+As an example of the friction between the two communities, consider a
+concept that has been termed ["tivoization"][14]:
+> Tivoization means certain “appliances” (which have computers inside)
+> contain GPL-covered software that you can't effectively change, because
+> the appliance shuts down if it detects modified software. The usual
+> motive for tivoization is that the software has features the manufacturer
+> knows people will want to change, and aims to stop people from changing
+> them. The manufacturers of these computers take advantage of the freedom
+> that free software provides, but they don't let you do likewise.
+This [anti-feature][15] is a type of [Digital Restrictions Management
+(DRM)][16] that exposes a [loophole in the GPL that was closed in
+Section 3 of the GPLv3][14], which [requires that][11]:
+> When you convey a covered work, you waive any legal power to forbid
+> circumvention of technological measures to the extent such circumvention
+> is effected by exercising rights under this License with respect to the
+> covered work, and you disclaim any intention to limit operation or
+> modification of the work as a means of enforcing, against the work's
+> users, your or third parties' legal rights to forbid circumvention of
+> technological measures.
+Unfortunately, not everyone has agreed with this move. A number of
+[developers of the kernel Linux expressed their opposition of GPLv3][17]. In
+response to the aforementioned GPLv3 provision, they stated:
+> While we find the use of DRM by media companies in their attempts to reach
+> into user owned devices to control content deeply disturbing, our belief
+> in the essential freedoms of section 3 forbids us from ever accepting any
+> licence which contains end use restrictions. The existence of DRM abuse is
+> no excuse for curtailing freedoms.
+Linus Torvalds---the original author of the kernel Linux---also [expressed
+his distaste toward the GPLv3][18]; the kernel is today still licensed under
+the GPLv2.
+[The BSD camp has similar objections][19]:
+> Appliance vendors in particular have the most to lose if the large body of
+> software currently licensed under GPLv2 today migrates to the new license.
+> They will no longer have the freedom to use GPLv3 software and restrict
+> modification of the software installed on their hardware. High support
+> costs ("I modified the web server on my Widget 2000 and it stopped
+> running...") and being unable to guarantee adherence to specifications in
+> order to gain licensing (e.g. FCC spectrum use, Cable TV and media DRM
+> requirements) are only two of a growing list of issues for these
+> users. --Justin Gibbs, VP of The FreeBSD Foundation
+My thoughts while reading the above where echoed by Gibbs further on in his
+statement: "[T]he stark difference between the BSD licensing philosophy and
+that of the Free Software Foundation are only too clear." For the FreeBSD
+community, this is a very serious issue and their argument is certainly a
+legitimate concern on the surface. However, it is an argument that the Free
+Software community would do well to reject: Why would we wish to sacrifice
+users' freedoms for any reason, let alone these fairly absurd ones. In
+particular, a support contract could dictate that only unmodified software
+will be provided assistance and even mandate that the hardware indicate
+changes in software: like breaking the "void" sticker when opening a
+hardware component. Moreover, how frequently would such a situation
+actually happen relative to their entire customer base? My guess is: fairly
+infrequently. The second issue is a more complicated one, as I am not as
+familiar on such topics, but a manufacturer can still assert that the
+software that it provides with its devices is compliant. If the compliance
+process forbids any possibility of brining the software into
+non-compliance---that is, allowing the user to modify the software---then
+the hardware manufacturer can choose to not use free software (and free
+software advocates will subsequently reject it until standards bodies grow
+As I mentioned at the beginning of this article: this is a view that I will
+respect for the project. I disagree with it, but FreeBSD is still free
+software and we would do well not to discriminate against it simply because
+someone else may decide to bastardize it and betray their users by making it
+proprietary or providing [shackles][16]. However, provided the licensing;
+option for your own software, you should choose the GPL.
+**Colophon:** The title of this article is a play on [RMS' "Copyright vs.
+Communty"][20], which is a title to a speech he frequently provides
+worldwide. His speech covers how copyright works against the interests of
+the community; here, BSD advocates aruge that [copyleft][7] works against
+the interests of *their* community and their users; I figured that I would
+snag this title as a free software advocate before someone else opposing
+copyleft did.
+[2]: http://www.freebsd.org/doc/faq/introduction.html#FreeBSD-goals
+[3]: http://en.wikipedia.org/wiki/Richard_Stallman
+[4]: http://www.gnu.org/philosophy/freedom-or-power.html
+[5]: http://www.gnu.org/licenses/license-list.html#ModifiedBSD
+[6]: http://www.gnu.org/philosophy/free-sw.html
+[7]: http://www.gnu.org/copyleft/
+[8]: http://en.wikipedia.org/wiki/Copyleft#Viral_licensing
+[9]: http://www.gnu.org/philosophy/misinterpreting-copyright.html
+[10]: http://en.wikipedia.org/wiki/BSD_licenses
+[11]: http://www.gnu.org/licenses/gpl.html
+[12]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
+[^13]: Technically, the GPL exercises restrictions only on distributors; a
+ developer can integrate GPL'd code into their proprietary software so
+ long as they do not distribute it [(as defined in the GPL)][11]. However,
+ developers often have to cater to distributors, since software will
+ generally be distributed; if it is not, then it is not relevant to this
+ discussion.
+[14]: http://www.gnu.org/licenses/rms-why-gplv3.html
+[15]: http://www.fsf.org/blogs/community/antifeatures
+[16]: http://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
+[17]: http://lwn.net/Articles/200422/
+[18]: http://en.wikipedia.org/wiki/Linux_kernel
+[19]: http://www.freebsdfoundation.org/press/2007Aug-newsletter.shtml
+[20]: http://www.gnu.org/philosophy/copyright-versus-community.html
diff --git a/post/2014-03-20-re-copyleft-vs-community.md b/post/2014-03-20-re-copyleft-vs-community.md
new file mode 100644
index 0000000..30fd0d8
--- /dev/null
+++ b/post/2014-03-20-re-copyleft-vs-community.md
@@ -0,0 +1,60 @@
+# Re: FreeBSD, Clang and GCC: Copyleft vs. Community
+I recently received a comment via e-mail from a fellow GNU hacker Antonio
+Diaz, who is the author and maintainer of [GNU Ocrad][0], a [free (as in
+freedom)][1] optical character recognition (OCR) program. His comment was in
+response to my article entitled [FreeBSD, Clang and GCC: Copyleft vs.
+Community][2], which details the fundamental difference in philosophy
+between free software and "open source".
+[0]: https://www.gnu.org/software/ocrad/ocrad.html
+[1]: https://www.gnu.org/philosophy/free-sw.html
+[2]: /2013/08/freebsd-clang-and-gcc-copyleft-vs.community
+I found Antonio's perspective to be enlightening, so I asked for his
+permission to share it here.
+<!-- more -->
+> I imagine a world where all the Free Software is GPLed. The amount and
+> usefulness of Free Software grows incesantly because free projects can
+> reuse the code of previous free projects. Proprietary software is
+> expensive because every company has to write most of its "products" from
+> scratch. Most people use Free Software, and proprietary software is mainly
+> used for specialized tasks for which no free replacement exists yet.
+> Now I imagine a world where all the Free Software is really "open source"
+> (BSD license). Free Software is restricted to the operating system and
+> basic aplications because the license does not guarantee reciprocity.
+> Proprietary software is cheap to produce because it is built using the
+> code of free projects, but it is expensive for the user (in money and
+> freedom) because there is no real competition from Free Software. Most
+> people use proprietary software, as Free Software is too basic for most
+> tasks.
+> I think "open source" organizations (specially BSD) are wilfully
+> destroying the long-term benefits for society of the GPL, and they are
+> doing it for short-term benefits like popularity and greed:
+> "As these companies devise strategies for dealing with GPLv3, so must the
+> FreeBSD community - strategies that capitalize on this opportunity to
+> increase adoption of FreeBSD." "Fundraising Update [...] This has
+> increased the number of people actively approaching companies to make
+> large contributions."
+> https://www.freebsdfoundation.org/press/2007Aug-newsletter.shtml
+> Human beings have an innate sense of justice. In absence of reciprocity
+> one wants to be paid, but I think that reciprocity is much better for
+> society in the long term.[^3]
+Antonio compels us to think toward the future: while developers releasing
+their code under permissive licenses like the [Modified BSD License][4] are
+still making a generous contribution to the free software community today,
+it may eventually lead to negative consequences by empowering non-free
+software tomorrow.
+[^3]: Comment by Antonio Diaz; the only modifications made were for
+[4]: https://www.gnu.org/licenses/license-list.html#ModifiedBSD
diff --git a/post/2014-05-16-fsf-mozilla-adobe-drm.md b/post/2014-05-16-fsf-mozilla-adobe-drm.md
new file mode 100644
index 0000000..3c939f7
--- /dev/null
+++ b/post/2014-05-16-fsf-mozilla-adobe-drm.md
@@ -0,0 +1,128 @@
+# FSF Condemns Partnership Between Mozilla and Adobe to Support DRM
+Two days ago, the Free Software Foundation published [an announcement
+strongly condemning Mozilla's partnership with Adobe][0] to implement the
+[controversial W3C Encrypted Media Extensions (EME) API][1]. EME has been
+strongly criticized by a number of organizations, including the [EFF][2] and
+the [FSF's DefectiveByDesign campaign team][3] ("Hollyweb").
+[Digital Restrictions Management][4] imposes artificial restrictions on
+users, telling them what they can and cannot do; it is a system [that does
+not make sense][5] and is harmful to society. Now, just about [a week after
+the International Day Against DRM][6], Mozilla decides to [cave into the
+pressure in an attempt to stay relevant][7] to modern web users, instead of
+sticking to their [core philosophy about "openness, innovation, and
+[0]: http://www.fsf.org/news/fsf-condemns-partnership-between-mozilla-and-adobe-to-support-digital-restrictions-management
+[1]: https://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html
+[2]: https://www.eff.org/deeplinks/2013/03/defend-open-web-keep-drm-out-w3c-standards
+[3]: /2013/03/defective-by-design-campaign-against-w3c-drm-standard
+[4]: http://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
+[5]: https://plus.google.com/+IanHickson/posts/iPmatxBYuj2
+[6]: http://www.defectivebydesign.org/dayagainstdrm
+[7]: https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challenge-of-serving-users/
+[8]: http://www.mozilla.org/en-US/about/manifesto/
+John Sullivan requested in the [FSF's announcement] that the community
+contact Mozilla CTO Andreas Gal in opposition of the decision. This is my
+message to him:
+<!-- more -->
+Date: Wed, 14 May 2014 22:57:02 -0400
+From: Mike Gerwitz <mikegerwitz@gnu.org>
+To: agal@mozilla.com
+Subject: Firefox EME
+I am writing to you as a free software hacker, activist, and user; notably,
+I have been using Firefox for over ten years. It has been pivotal, as I do
+not need to tell you, in creating a free (as in freedom), standard, and
+accessible internet for millions of users. Imagine my bewildered
+disappointment, then, to learn that Firefox has chosen to cave into the
+pressure to [support Digital Restrictions Management through the
+implementation of EME][0].
+Mitchell Baker made a feeble attempt at [rationalizing this decision][0] as
+ [...] Mozilla alone cannot change the industry on DRM at this point. In
+ the past Firefox has changed the industry, and we intend to do so again.
+ Today, however, we cannot cause the change we want regarding DRM. The
+ other major browser vendors =E2=80=94 Google, Microsoft and Apple have already
+ implemented the new system. In addition, the old system will be retired
+ shortly. As a result, the new implementation of DRM will soon become the
+ only way browsers can provide access to DRM-controlled content.
+She goes on to explain how "video is an important aspect of online life"
+and that Firefox would be "deeply flawed as a consumer product" if it did
+not implement Digital Restrictions Management. This is precisely the FUD
+that the "content owners" she describes, and corporations like Adobe, have
+been pushing: Mozilla understands that the solution is not to implement DRM,
+but to fight to encourage content to be published *without* being
+DRM-encumbered. Unfortunately, they will now have little motivation to do
+so, with every major browser endorsing EME.
+She defers to a post by Andreas Gal [for more implementation details][1], in
+which he mentions that the proprietary CDM virus (which will be happily
+provided by Adobe) will be protected by a sandbox to prevent certain spying
+activities like fingerprinting. While this is better than nothing, it's a
+clear attempt by Mozilla to help make a terrible situation a little bit
+He goes on to say:
+ There is also a silver lining to the W3C EME specification becoming
+ ubiquitous. With direct support for DRM we are eliminating a major use
+ case of plugins on the Web, and in the near future this should allow us to
+ retire plugins altogether.=20
+Let us not try to veil the problem and make things look more rosy than they
+actually are: this is not a silver lining; it is not appropriate to have a
+standardized way of manipulating and taking advantage of users.
+It is true that Firefox was in an unfortunate position: many users would
+indeed grow frustrated that they cannot watch their favorite TV shows and
+movies using Firefox. But Firefox could have served, when the EME API was
+used, static content that provided a brief explanation and a link for more
+information on the problem. They could have educated users and encourage an
+even stronger outcry.
+Instead, we are working with the corrupt W3C to implement a seamlessly
+shackled web. Mozilla wants to propose alternative solutions to DRM/EME, but
+by implementing it, their position is weakened.
+ This is a difficult and uncomfortable step for us given our vision of a
+ completely open Web, but it also gives us the opportunity to actually
+ shape the DRM space and be an advocate for our users and their rights in
+ this debate. [1]
+Such advocacy has been done and can continue to be done by Mozilla without
+the implementation of EME; once implemented, the standard will be virtually
+solidified---what is the incentive for W3C et. al. to find alternatives to a
+system that is already "better than" the existing Flash and Silverlight
+On behalf of the free software community, I strongly encourage your
+reconsideration on the matter. Mozilla is valued by the free software
+community for its attention to freedoms. Stand with us and fight. You're in
+a powerful position to do so.
+[0]: https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challenge-of-serving-users/
+[1]: https://hacks.mozilla.org/2014/05/reconciling-mozillas-mission-and-w3c-eme/
+The following day, I [submitted the FSF announcement to HackerNews][9]
+(surprised that it was not there already) in an attempt to bring further
+coverage to the matter and hopefully spur on some discussion. And discuss
+they did: it was on the front page for the entire day and, at the time of
+writing, boasts 261 comments, many of them confused and angry. I sent the HN
+link to Andreas in a follow-up as well.
+Mozilla has a vast userbase and is in the position to fight for a DRM-free
+web. Please voice your opinion and hope that they reverse their decision.
+[9]: https://news.ycombinator.com/item?id=7749108
diff --git a/post/2014-11-30-stop-using-slideshare.md b/post/2014-11-30-stop-using-slideshare.md
new file mode 100644
index 0000000..144839c
--- /dev/null
+++ b/post/2014-11-30-stop-using-slideshare.md
@@ -0,0 +1,65 @@
+# Please stop using SlideShare
+There are many great presentations out there---many that I enjoy
+reading, or that I would enjoy to read. Unfortunately, many of them
+are hosted on SlideShare, which requires me to download proprietary
+[JavaScript programs require the same freedoms as any other
+software][0]. While SlideShare does (sometimes/always?) provide a
+transcript in plain text---which is viewable without JavaScript---this
+is void of the important and sometimes semantic formatting/images that
+presenters put much time into; you know: the actual presentation bits.
+(I'm a fan of plain-text presentations, but they each have their own
+design elements).
+[0]: https://www.gnu.org/software/easejs/whyfreejs.html
+There are ways around this. SlideShare's interactive UI appears to
+simply be an image viewer, so it is possible to display all sides
+using a fairly simple hack:
+<!-- more -->
+ document.getElementsByClassName( 'slide' ) )
+ .forEach( function( slide ) {
+ slide.classList.add( 'show' );
+ var img = slide.getElementsByClassName( 'slide_image' )[0];
+ img.src = img.dataset.full;
+ } );
+This will display all slides inline. But there's a clear problem with
+this: how is the non-JS-programmer supposed to know that? Even
+JavaScript programmers have to research the issue in order to come up
+with a solution.
+But ideally, I'd like to download the presentation PDF. SlideShare
+does offer a download link, but not only does it not work with
+JavaScript disabled, but it requires that the user create an account.
+This is no good, as it can be used to track users or discover
+identities by analyzing viewing habits. This would allow
+de-anonymizing users, even if they have [taken measures to remain
+(By the way: at the time that I wrote this post, the [EFF's
+Surveillance Self-Defense Guide][1] is [LibreJS compatible][2] and the
+JavaScript code that it runs is mostly free.)
+I encourage presenters (and authors in general) to release the slides
+in an [unencumbered document format][3], like PDF, HTML, OpenDocument,
+or plain text. Those formats should be hosted on their own website,
+or websites that allow downloading those files without having to
+execute proprietary JavaScript, and without having to log in. If
+those authors *must* use SlideShare for whatever reason, then they
+should clearly provide a link to that free document format somewhere
+that users can access without having to execute SlideShare's
+proprietary JavaScript, such as on the first slide. (The description
+is iffy, since it is truncated and requires JavaScript to expand.)
+[1]: https://ssd.eff.org/
+[2]: https://www.gnu.org/software/librejs/
+[3]: http://www.fsf.org/campaigns/opendocument/reject
diff --git a/post/2015-05-20-gitlab-gitorious-freesw.md b/post/2015-05-20-gitlab-gitorious-freesw.md
new file mode 100644
index 0000000..916d4d3
--- /dev/null
+++ b/post/2015-05-20-gitlab-gitorious-freesw.md
@@ -0,0 +1,257 @@
+# Gitlab, Gitorious, and Free Software
+*This article originally appeared as a guest post on the [GitLab
+In early March of this year, it was announced that
+[GitLab would acquire Gitorious][0] and shut down `gitorious.org` by 1
+June, 2015. [Reactions from the community][1] were mixed, and
+understandably so: while GitLab itself is a formidable alternative to wholly
+proprietary services, its acquisition of Gitorious strikes a chord with the
+free software community that gathered around Gitorious in the name of
+[software freedom][2].
+[0]: https://about.gitlab.com/2015/03/03/gitlab-acquires-gitorious/
+[1]: https://news.ycombinator.com/item?id=9138419
+[2]: https://www.gnu.org/philosophy/free-sw.html
+<!-- more -->
+After hearing that announcement,
+[as a free software hacker and activist myself][11], I was naturally
+uneasy. Discussions of alternatives to Gitorious and GitLab ensued on the
+[`libreplanet-discuss`][12] mailing list. Sytse Sijbrandij (GitLab
+B.V. CEO) happened to be present on that list;
+[I approached him very sternly][13] with a number of concerns, just as I
+would with anyone that I feel does not understand certain aspects of the
+[free software philosophy][2]. To my surprise, this was not the case at
+Sytse has spent a lot of time accepting and considering community input for
+both the Gitorious acquisition and GitLab itself. He has also worked with
+me to address some of the issues that I had raised. And while these issues
+won't address everyone's concerns, they do strengthen GitLab's commitment to
+[software freedom][2], and are commendable.
+I wish to share some of these details here; but to do so, I first have to
+provide some background to explain what the issues are, and why they are
+## Free Software Ideology
+[Gitorious][3] was (and still is) one of the most popular Git repository
+hosts, and largely dominated until the introduction of GitHub. But even as
+users flocked to [GitHub's proprietary services][28], users who value freedom
+continued to support Gitorious, both on `gitorious.org` and by installing
+their own instances on their own servers. Since Gitorious is
+[free software][2], users are free to study, modify, and share it with
+others. But [software freedom does not apply to Services as a
+Software Substitute (SaaSS)][4] or remote services---you cannot apply the
+[four freedoms][2] to something that you do not yourself possess---so why do
+users still insist on using `gitorious.org` despite this?
+The matter boils down to supporting a philosophy: The
+[GNU General Public License (GPL)][6] is a license that turns copyright on
+its head: rather than using copyright to restrict what users can do with a
+program, the GPL instead [ensures users' freedoms][8] to study, modify, and
+share it. But that isn't itself enough: to ensure that the software always
+remains free (as in freedom), the GPL ensures that all *derivatives* are
+*also* licensed under similar terms. This is known as [copyleft][9], and it
+is vital to the free software movement.
+Gitorious is licensed under the
+[GNU Affero General Public License Version 3 (AGPLv3)][5]---this takes the
+[GPL][6] and adds an additional requirement: if a modified version of the
+program is run on a sever, users communicating with the program on that
+server must have access to the modified program's source code. This ensures
+that [modifications to the program are available to all users][7]; they
+would otherwise be hidden in private behind the server, with others unable
+to incorporate, study, or share them. The AGPLv3 is an ideal license for
+Gitorious, since most of its users will only ever interact with it over a
+GitLab is also free software: its [Expat license][10] (commonly referred to
+ambiguously as the "MIT license") permits all of the same freedoms that
+are granted under the the GNU GPL. But it does so in a way that is highly
+permissive: it permits relicensing under *any* terms, free or not. In other
+words, one can fork GitLab and derive a proprietary version from it, making
+changes that deny users [their freedoms][2] and cannot be incorporated back
+into the original work.
+This is the issue that the free software community surrounding Gitorious has
+a problem with: any changes contributed to GitLab could in turn benefit a
+proprietary derivative. This situation isn't unique to GitLab: it applies
+to all non-copyleft ("permissive") [free software licenses][26]. And this
+issue is realized by GitLab itself in the form of its GitLab Enterprise
+Edition (GitLab EE): a proprietary derivative that adds additional
+features atop of GitLab's free Community Edition (CE). For this reason,
+many free software advocates are uncomfortable contributing to GitLab, and
+feel that they should instead support other projects; this, in turn, means
+not supporting GitLab by using and drawing attention to their hosting
+The copyleft vs. permissive licensing debate is one of the free software
+movement's most heated. I do not wish to get into such a debate here. One
+thing is clear: GitLab Community Edition (GitLab CE) is free
+software. Richard Stallman (RMS) [responded directly to the thread on
+`libreplanet-discuss`][20], stating plainly:
+> We have a simple way of looking at these two versions. The free
+> version is free software, so it is ethical. The nonfree version is
+> nonfree software, so it is not ethical.
+Does GitLab CE deserve attention from the free software community? I
+believe so. Importantly, there is another strong consideration: displacing
+proprietary services like GitHub and Bitbucket, which host a large number of
+projects and users. GitLab has a strong foothold, which is an excellent
+place for a free software project to be in.
+If we are to work together as a community, we need to respect GitLab's
+free licensing choices just as we expect GitLab to respect ours. Providing
+respect does not mean that you are conceding: I will never personally use a
+non-copyleft license for my software; I'm firmly rooted in my dedication to
+the [free software philosophy][2], and I'm sure that many other readers are
+too. But using a non-copyleft license, although many of us consider it to
+be a weaker alternative, [is not wrong][23].
+## Free JavaScript
+As I mentioned above,
+[software freedom and network services are separate issues][4]---the four
+freedoms do not apply to interacting with `gitlab.com` purely over a network
+connection, for example, because you are not running its software on your
+computer. However, there is an overlap: JavaScript code downloaded to be
+executed in your web browser.
+[Non-free JavaScript][15] is a particularly nasty concern: it is software
+that is downloaded automatically from a server---often without prompting
+you---and then immediately executed. Software is now being executed on your
+machine, and [your four freedoms][2] are once again at risk. This, then,
+[is the primary concern][16] for any users visiting `gitlab.com`: not only
+would this affect users that use `gitlab.com` as a host, but it would also
+affect *any user that visits* the website. That would be a problem, since
+hosting your project there would be inviting users to run proprietary
+As I was considering migrating my projects to GitLab, this was the
+[first concern I brought up to Sytse][14]. This problem arises because
+`gitlab.com` uses a GitLab EE instance: if it had used only its Community
+Edition (GitLab CE)---which is free software---then all served JavaScript
+would have been free. But any scripts served by GitLab EE that are not
+identical to those served by GitLab CE are proprietary, and therefore
+unethical. This same concern applies to GitHub, Bitbucket, and other
+proprietary hosts that serve JavaScript.
+Sytse surprised me by stating that he would be willing to
+[freely license all JavaScript in GitLab EE][17], and by offering to give
+anyone access to the GitLab EE source code who wants to help out. I took
+him up on that offer. Initially, I had submitted a patch to merge all
+GitLab EE JavaScript into GitLab CE, but Sytse came up with another,
+superior suggestion, that ultimately provided even greater reach.
+**I'm pleased to announce that Sytse and I were able to agree on a license
+change (with absolutely no friction or hesitation on his part) that
+liberates all JavaScript served to the client from GitLab EE instances.**
+There are two concerns that I had wanted to address: JavaScript code
+directly written for the client, and any code that produced JavaScript as
+output. In the former case, this includes JavaScript derived from other
+sources: for example, GitLab uses CoffeeScript, which compiles *into*
+JavaScript. The latter case is important: if there is any code that
+generates fragments of JavaScript---e.g. dynamically at runtime---then that
+code must also be free, or users would not be able to modify and share the
+resulting JavaScript that is actually being run on the client. Sytse
+accepted my change verbatim, while adding his own sentence after mine to
+disambiguate. At the time of writing this post, GitLab EE's source code
+isn't yet publicly visible, so here is the relevant snippet from its
+`LICENSE` file:
+> The above copyright notices applies only to the part of this Software that
+> is not distributed as part of GitLab Community Edition (CE), and that is
+> not a file that produces client-side JavaScript, in whole or in part. Any
+> part of this Software distributed as part of GitLab CE or that is a file
+> that produces client-side JavaScript, in whole or in part, is copyrighted
+> under the MIT Expat license.
+## Further Discussion
+My discussions with Sytse did not end there: there are other topics that
+have not been able to be addressed before my writing of this post that would
+do well to demonstrate commitment toward [software freedom][2].
+The license change liberating client-side JavaScript was an excellent
+move. To expand upon it, I wish to submit a patch that would make GitLab
+[LibreJS compliant][21]; this provides even greater guarantees, since it
+would allow for users to continue to block other non-free JavaScript that
+may be served by the GitLab instance, but not produced by it. For example:
+a website/host that uses GitLab may embed proprietary JavaScript, or modify
+it without releasing the source code. Another common issue is the user of
+analytics software; `gitlab.com` uses Google Analytics.
+If you would like to help with LibreJS compliance, please [contact me][11].
+I was brought into another discussion between Sytse and RMS that is
+unrelated to the GitLab software itself, but still a positive demonstration
+of a commitment to [software freedom][2]---the replacement of Disqus on the
+`gitlab.com` blog with a free alternative. Sytse ended up making a
+suggestion, saying he'd be "happy to switch to" [Juvia][22] if I'd help with
+the migration. I'm looking forward to this, as it is an important
+discussion area (that I honestly didn't know existed until Sytse told me
+about it, because I don't permit proprietary JavaScript!). He was even kind
+enough to compile a PDF of comments for one of our discussions, since he was
+cognizant ahead of time that I would not want to use Disqus. (Indeed, I
+will be unable to read and participate in the comments to this guest post
+unless I take the time to freely read and reply without running Disqus'
+proprietary JavaScript.)
+Considering the genuine interest and concern expressed by Sytse in working
+with myself and the free software community, I can only expect that GitLab
+will continue to accept and apply community input.
+It is not possible to address the copyleft issue without a change in
+license, which GitLab is not interested in doing. So the best way to
+re-assure the community is through action. [To quote Sytse][18]:
+> I think the only way to prove we're serious about open source is in our
+> actions, licenses or statements don't help.
+There are fundamental disagreements that will not be able to be
+resolved between GitLab and the free software community---like their
+["open core" business model][19]. But after working with Sytse and seeing
+his interactions with myself, RMS, and many others in the free software
+community, I find his actions to be very encouraging.
+*Are you interested in helping other websites liberate their JavaScript?
+ Consider [joining the FSF's campaign][27], and
+ [please liberate your own][16]!*
+*This post is licensed under the
+ [Creative Commons Attribution-ShareAlike 3.0 Unported License][25].*
+[3]: https://gitorious.org/
+[4]: https://www.gnu.org/philosophy/who-does-that-server-really-serve.html
+[5]: https://www.gnu.org/licenses/agpl.html
+[6]: https://www.gnu.org/licenses/gpl.html
+[7]: https://www.gnu.org/licenses/why-affero-gpl.html
+[8]: https://www.gnu.org/licenses/quick-guide-gplv3.html
+[9]: https://www.gnu.org/philosophy/pragmatic.html
+[10]: https://www.gnu.org/licenses/license-list.html#Expat
+[11]: http://mikegerwitz.com/
+[12]: https://lists.gnu.org/mailman/listinfo/libreplanet-discuss
+[13]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-03/msg00075.html
+[14]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-04/msg00019.html
+[15]: https://www.gnu.org/philosophy/javascript-trap.html
+[16]: https://www.gnu.org/software/easejs/whyfreejs.html
+[17]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-04/msg00020.html
+[18]: https://news.ycombinator.com/item?id=9141801
+[19]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-03/msg00076.html
+[20]: https://lists.gnu.org/archive/html/libreplanet-discuss/2015-03/msg00095.html
+[21]: https://www.gnu.org/software/librejs/free-your-javascript.html
+[22]: https://github.com/phusion/juvia
+[23]: https://www.fsf.org/blogs/rms/selling-exceptions
+[24]: https://gnu.org/software/easejs
+[25]: http://creativecommons.org/licenses/by-sa/3.0/
+[26]: https://www.gnu.org/licenses/license-list.html
+[27]: https://fsf.org/campaigns/freejs
+[28]: http://mikegerwitz.com/about/githubbub
+[orig-post]: https://about.gitlab.com/2015/05/20/gitlab-gitorious-free-software/
diff --git a/post/2015-11-20-comcast-inject-js.md b/post/2015-11-20-comcast-inject-js.md
new file mode 100644
index 0000000..2677b13
--- /dev/null
+++ b/post/2015-11-20-comcast-inject-js.md
@@ -0,0 +1,60 @@
+# Comcast injects JavaScript into web pages
+It seems that Comcast has decided that it is a good idea to [inject
+JavaScript into web pages][js] visited by its customers in order to inform
+them of Copyright violations.
+[js]: https://gist.github.com/Jarred-Sumner/90362639f96807b8315b
+This is a huge violation of user privacy and trust. Further, it shows that
+an ISP (and probably others) feel that they have the authority to dictate
+what is served to the user on a free (as in speech) Internet. Why should we
+believe that they won't start injecting other types of scripts that spy on
+the user or introduce advertising? What if a malicious actor compromises
+Comcast's servers and serves exploits to users?
+It is no surprise that Comcast is capable of doing this---they know the IP
+address of the customer, so they are able to intercept traffic and alter it
+in transit. But the fact that they _can_ do this demonstrates something far
+more important: _that they have spent the money on the infrastructure to do
+<!-- more -->
+Comcast isn't the only ISP to have betrayed users by injecting data. One
+year ago, it was discovered that [Verizon was injecting "perma-cookies" into
+requests to track users][verizon]. This is only one example of the
+insidious abuses that unchecked ISPs can take.
+So what can you do to protect yourself?
+What Comcast is doing is called a [man-in-the-middle (MITM) attack][mitm]:
+Comcast sits in the middle of you and your connection to the website that
+you are visiting, proxying your request. Before relaying the website's
+response to you, it modifies it.
+In order to do this, Comcast needs to be able to read your communications,
+and must be able to modify them: the request must be read in order to
+determine how the JavaScript should be injected and what request it should
+be injected into; and it must be modified to perform the injection. It
+cannot (given a properly configured web server) do so if your connection is
+encrypted. In the case of web traffic, `https` URLs with the little lock
+icon in your web browser generally indicates that your communications are
+encrypted, making MITM attacks
+(We're assuming that Comcast won't ask you to install a root CA so that they
+can decrypt your traffic! But that would certainly be noticed, if they did
+so on a large enough scale.)
+Not all websites use SSL. Another method is to use encrypted proxies, VPNs,
+or services like like [Tor][tor]. This way, Comcast will not be able to
+read or modify the communications.
+See also: [HackerNews discussion][hn]; [original Reddit discussion][reddit].
+[verizon]: https://www.eff.org/deeplinks/2014/11/verizon-x-uidh
+[mitm]: https://en.wikipedia.org/wiki/Man-in-the-middle_attack
+[hn]: https://news.ycombinator.com/item?id=10592775
+[reddit]: https://www.reddit.com/r/HuntsvilleAlabama/comments/35v4sn/comcast_is_injecting_bad_javascript_to_your/
+[tor]: https://tor.org/
diff --git a/post/2015-12-09-gnu-social-instance.md b/post/2015-12-09-gnu-social-instance.md
new file mode 100644
index 0000000..918f95f
--- /dev/null
+++ b/post/2015-12-09-gnu-social-instance.md
@@ -0,0 +1,14 @@
+# Now Hosting Personal GNU Social Instance
+When I started writing this blog, my intent was to post notices more
+frequently and treat it more like a microblogging platform; but that's not
+how it ended up. Instead, I use this site to write more detailed posts with
+solid references to back up my statements.
+[GNU Social](https://gnu.org/software/social/) is a federated social
+network---you can host your own instances and they all communicate with
+one-another. You can find mine at the top of this page under "Notices", or
+at [https://social.mikegerwitz.com/](https://social.mikegerwitz.com/). I
+will be using this site to post much more frequent miscellaneous notices.
+<!-- more -->
diff --git a/post/2016-01-24-more-than-freedom.md b/post/2016-01-24-more-than-freedom.md
new file mode 100644
index 0000000..ccc3cd6
--- /dev/null
+++ b/post/2016-01-24-more-than-freedom.md
@@ -0,0 +1,92 @@
+# Google Analytics Removed from GitLab.com Instance
+*This was originally written as a guest post for GitLab in November of 2015,
+but they [decided not to publish it][gitlab-merge].*
+[gitlab-merge]: https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/1094
+Back in May of of 2015, I [announced GitLab's liberation of their Enterprise
+Edition JavaScript][ggfs] and made some comments about GitLab's course and
+approach to software freedom. In liberating GitLab EE's JavaScript, all
+code served to the browser by GitLab.com's GitLab instance was [Free (as in
+freedom)][free-sw], except for one major offender: Google Analytics.
+[ggfs]: https://about.gitlab.com/2015/05/20/gitlab-gitorious-free-software/
+[free-sw]: https://www.gnu.org/philosophy/free-sw.html
+Since Google Analytics was not necessary for the site to function, users
+could simply block the script and continue to use GitLab.com
+[ethically][free-sw]. However, encouraging users to visit a project on
+GitLab.com while knowing that it loads Google Analytics is a problem both
+for users' freedoms, and for their privacy.
+<!-- more -->
+GitLab is more than service and front-end to host Git repositories; it has a
+number of other useful features as well. Using those features, however,
+would mean that GitLab.com is no longer just a mirror for a project---it
+would be endorsed by the project's author, requiring that users visit the
+project on GitLab.com in order to collaborate. For example, if an author
+were to use the GitLab issue tracker on GitLab.com, then she would be
+actively inviting users to the website by telling them to report issues and
+feature requests there.
+We cannot realistically expect that anything more than a minority of
+visitors will know how to block Google Analytics (or even understand that it
+is a problem). Therefore, if concerned authors wanted to use those features
+of GitLab, they had to use another hosted instance of GitLab, or host their
+own. But the better option was to encourage GitLab.com to remove Google
+Analytics entirely, so that _all_ JavaScript code served to the users is
+GitLab has chosen to actively
+[work with the Free Software movement][ggfs]---enough so that they are now
+considered an [acceptable host for GNU projects][gitlab-gnu-criteria]
+according to [GNU's ethical repository criteria][gnu-repo-criteria]. And
+they have chosen to do so again---headed by Sytse Sijbrandij (GitLab
+Inc. CEO), Google Analytics has been removed from the GitLab.com instance
+and replaced with [Piwik][piwik].
+## More Than Just Freedom
+This change is more than a commitment to users' freedoms---it's also a
+commitment to users' privacy that cannot be understated. By downloading and
+running Google Analytics, users are being infected with some of the most
+[sophisticated examples of modern spyware][ga-wikipedia]: vast amounts of
+[personal and behavioral data][ga-google] are sent to Google for them to use
+and share as they wish. Google Analytics also tracks users across [many
+different websites][ga-popularity], allowing them to discover your interests
+and behaviors in ways that users themselves may not even know.
+GitLab.com has committed to using [Piwik][piwik] on their GitLab instance,
+which [protects users' privacy][piwik-privacy] in a number of very important
+ways: it allows users to opt out of tracking, anonymizes IP addresses,
+retains logs for limited time periods, respects [DoNotTrack][eff-dnt], and
+more. Further, all logs _will be kept on GitLab.com's own servers_, and is
+therefore governed solely by
+[GitLab.com's Privacy Policy][gitlab-privacy]; this means that other
+services will not be able to use these data to analyze users' behavior on
+other websites, and advertisers and others will know less about them.
+Users should not have to try to [anonymize themselves][eff-ssd] in
+order to maintain their privacy---privacy should be a default, and a
+respected one at that. GitLab has taken a strong step in the right
+direction; I hope that others will take notice and do the same.
+*Are you interested in helping other websites liberate their JavaScript?
+ Consider [joining the FSF's campaign][freejs], and
+ [please liberate your own][whyfreejs]!*
+[eff-dnt]: https://www.eff.org/dnt-policy
+[eff-ssd]: http://ssd.eff.org/
+[freejs]: https://fsf.org/campaigns/freejs
+[ga-google]: https://www.google.com/analytics/standard/features/
+[ga-popularity]: http://w3techs.com/technologies/overview/traffic_analysis/all
+[ga-wikipedia]: https://en.wikipedia.org/wiki/Google_Analytics
+[gitlab-featurse]: https://about.gitlab.com/features/
+[gitlab-gnu-criteria]: https://lists.gnu.org/archive/html/repo-criteria-discuss/2015-11/msg00012.html
+[gitlab-privacy]: https://about.gitlab.com/privacy/
+[gnu-repo-criteria]: https://www.gnu.org/software/repo-criteria.html
+[mtg]: http://mikegerwitz.com/
+[piwik]: https://piwik.org/
+[piwik-privacy]: https://piwik.org/privacy/
+[whyfreejs]: https://www.gnu.org/software/easejs/whyfreejs.html
diff --git a/post/2016-02-28-lp2016-rof.md b/post/2016-02-28-lp2016-rof.md
new file mode 100644
index 0000000..c39ad6d
--- /dev/null
+++ b/post/2016-02-28-lp2016-rof.md
@@ -0,0 +1,45 @@
+# Join me at LibrePlanet 2016 for my talk "Restore Online Freedom!"
+I will be [speaking at LibrePlanet this year][lp2016] (2016) about freedom
+on the Web. Here's the session description:
+[lp2016]: https://www.libreplanet.org/2016/program/
+> Imagine a world where surveillance is the default and users must opt-in to
+> privacy. Imagine that your every action is logged and analyzed to learn
+> how you behave, what your interests are, and what you might do next.
+> Imagine that, even on your fully free operating system, proprietary
+> software is automatically downloaded and run not only without your
+> consent, but often without your knowledge. In this world, even free
+> software cannot be easily modified, shared, or replaced. In many cases,
+> you might not even be in control of your own computing -- your actions and
+> your data might be in control by a remote entity, and only they decide
+> what you are and are not allowed to do.
+> This may sound dystopian, but this is the world you're living in right
+> now. The Web today is an increasingly hostile, freedom-denying place that
+> propagates to nearly every aspect of the average users' lives -- from
+> their PCs to their phones, to their TVs and beyond. But before we can
+> stand up and demand back our freedoms, we must understand what we're being
+> robbed of, how it's being done, and what can (or can't) be done to stop
+> it.
+<!-- more -->
+There are a number of other [great sessions][lp2016] this year from a
+[number of speakers][lp2016s], many well-known. We also have an opening
+keynote from Edward Snowden!
+All [FSF associate members get free entry][fsfmember]. If you can't join
+us, the conference will be streamed live. You can also see [videos of past
+talks][lpvideos] on the FSF's self-hosted [GNU MediaGoblin][goblin]
+Special thanks to the FSF for covering a large portion of my travel
+expenses; I otherwise might not have been able to attend. Thank you to all
+who donated to the conference scholarship fund.
+[lp2016s]: https://www.libreplanet.org/2016/program/speakers.html
+[fsfmember]: https://crm.fsf.org/join
+[lpvideos]: https://media.libreplanet.org/
+[goblin]: http://mediagoblin.org/
diff --git a/post/2016-04-02-reddit-nsl.md b/post/2016-04-02-reddit-nsl.md
new file mode 100644
index 0000000..6887312
--- /dev/null
+++ b/post/2016-04-02-reddit-nsl.md
@@ -0,0 +1,37 @@
+# Reddit suspected to have been served with an NSL
+It is suspected that Reddit has been [served with an NSL][schneier].
+[National Security Letters (NSLs)][nsl] are subpoena served by the United
+States federal government and often come with a gag order that prevents the
+recipient from even stating that they received the letter.
+[schneier]: https://www.schneier.com/blog/archives/2016/04/reddits_warrant.html
+[nsl]: https://en.wikipedia.org/wiki/National_Security_Letter
+<!-- more -->
+[Warrant canaries][canary] are used to circumvent gag orders by stating
+that requests have *not* been received, under the [legal theory][court]
+that, while courts can compel persons not to speak, they can't compel them
+to lie. [Reddit's canary has died][reddit-report]---the canary is absent
+from their most recent 2015 transparency report, where it was [present in
+the 2014 report][reddit-report-2014].
+Does this mean that you should stop using Reddit? No; canaries are an
+important transparency method. If you are worried about your privacy, you
+shouldn't disclose the information to a third party to begin with. Note
+that this includes metadata that are gathered about you when you, for
+example, browse subreddits while logged in. You can help mitigate that by
+[browsing anonymously using Tor][donot], being sure never to log in during
+the same session.
+The website [Canary Watch][cw] is a website that tracks warrant canaries.
+I'm awaiting further analysis after the weekend.
+[canary]: https://en.wikipedia.org/wiki/Warrant_canary
+[cw]: https://www.canarywatch.org/
+[court]: https://gigaom.com/2014/10/10/are-warrant-canaries-legal-twitter-wants-to-save-techs-warning-signal-of-government-spying/
+[reddit-report]: https://web.archive.org/web/20160331210850/https://www.reddit.com/wiki/transparency/2015
+[reddit-report-2014]: https://web.archive.org/web/20160331204815/https://www.reddit.com/wiki/transparency/2014
+[donot]: https://www.whonix.org/wiki/DoNot
diff --git a/post/2016-04-03-fb-vr-spy.md b/post/2016-04-03-fb-vr-spy.md
new file mode 100644
index 0000000..7f8fe4b
--- /dev/null
+++ b/post/2016-04-03-fb-vr-spy.md
@@ -0,0 +1,27 @@
+# Facebook will use software for the VR headset Occulus Rift to spy on you
+Anything coming out of Facebook should be [cause for concern][rms-fb]. So,
+naturally, one might be concerned when they decide to get into the virtual
+reality (VR) scene by [purchasing the startup Occulus VR][fb-vr], makers of
+the Occulus Rift VR headset. One can only imagine all the fun ways Facebook
+will be able to track, manipulate, spy on, and otherwise screw over users
+while they are immersed in a virtual reality.
+[rms-fb]: https://stallman.org/facebook.html#privacy
+[fb-vr]: http://www.theguardian.com/technology/2014/jul/22/facebook-oculus-rift-acquisition-virtual-reality
+Sure enough, we have our first peak: [the software that Facebook has you
+install for the Occulus Rift is spyware][fb-spy], reporting on what
+*unrelated* software you use on your system, your location (including GPS
+data and nearby Wifi networks), the type of device you're using, unique
+device identifiers, your movements while using the VR headset, and more.
+[fb-spy]: http://uploadvr.com/facebook-oculus-privacy/
+<!-- more -->
+This is absurd. Do not play into Facebook's games through temptation of
+cool new technology; reject their terms and see if there's other ways you
+can use the headset without their proprietary spyware. If not, perhaps you
+should ask for a refund, and tell them why.
diff --git a/post/2016-04-06-gnu-kwindows.md b/post/2016-04-06-gnu-kwindows.md
new file mode 100644
index 0000000..bd613f2
--- /dev/null
+++ b/post/2016-04-06-gnu-kwindows.md
@@ -0,0 +1,183 @@
+# GNU/kWindows
+There has been a lot of talk lately about a most unique combination:
+ [GNU][gnu]---the [fully free/libre][free-sw] operating system---and
+ Microsoft Windows---the [freedom-denying, user-controlling,
+ surveillance system][woe].
+There has also been a great deal of misinformation.
+I'd like to share my thoughts.
+[gnu]: https://gnu.org/gnu/gnu.html
+[free-sw]: https://gnu.org/philosophy/free-sw.html
+[woe]: https://www.gnu.org/proprietary/malware-microsoft.en.html
+<!-- more -->
+Before we can discuss this subject,
+ we need to clarify some terminology:
+We have a [free/libre][free-sw] operating system called [GNU][gnu].
+Usually, it's used with the kernel Linux, and is together called the
+ [GNU/Linux (or GNU+Linux) operating system][gnulinux].
+But that's not always the case.
+For example, GNU can be run with its own kernel, [The GNU Hurd][hurd]
+ (GNU/Hurd).
+It might be run on a system with a BSD kernel (e.g. GNU/kFreeBSD).
+But now, we have a situation where we're taking GNU/Linux, removing Linux,
+ and adding in its place a Windows kernel.
+This combination is referred to as GNU/kWindows (GNU with the Windows kernel
+ added).[^kwindows]
+GNU values users' freedoms.
+Windows [does exactly the opposite][woe].
+When users talk about the operating system "Linux", what they are referring
+ to is the [GNU operating system][gnu] with the kernel Linux added.
+If you are using the GNU operating system in some form, then many of the
+ programs you are familiar with on the command line are GNU programs:
+ `bash`, `(g)awk`, `grep`, `ls`, `cat`, `bc`, `tr`, `gcc`, `emacs`, and
+ so on.
+But GNU is a fully free/libre Unix replacement, [not just a collection of GNU
+ programs][gnu].
+Linux is the kernel that supports what the operating system is trying to do;
+ it provides what are called system calls to direct the kernel to perform
+ certain actions, like fork new processes or allocate memory.
+This is an important distinction---not only is calling all of this software
+ "Linux" incorrect, but it discredits the project that created a fully
+ free/libre Unix replacement---[GNU][gnu].
+This naming issue is so widespread that
+ [most users would not recognize what GNU is][gnu-noheard], even if they
+ are _using_ a [GNU/Linux][gnulinux] operating system.
+I recently read an article that referred to GNU Bash as "Linux's Bash";
+ this is simply a slap in the face to all the hackers that have for the
+ past 26 years been writing what is one of today's most widely used
+ shells on Unix-like systems (including on [Apple's][apple] proprietary
+ Mac OSX), and all the other GNU hackers.
+Microsoft and Canonical have apparently been working together to write a
+ subsystem that translates Linux system calls into something Windows will
+ understand---a compatibility layer.
+So, software compiled to run on a system with the kernel Linux will work on
+ Windows through system call translation.
+Many articles are calling this "Linux on Windows".
+This is a fallacy: the kernel Linux is not at all involved!
+What we are witnessing is the [_GNU_ operating system][gnu] running with
+ a Windows kernel _instead_ of Linux.
+This is undoubtedly a technical advantage for Microsoft---Windows users want
+ to do their computing in a superior environment that they might be
+ familiar with on [GNU/Linux][gnulinux] or other Unix-like operating
+ systems, like [Apple's][apple] freedom-denying Mac OSX.
+But thinking about it like this is missing an essential concept:
+When users talk about "Linux" as the name of the operating system, they
+ avoid talking about [GNU][gnu].
+And by avoiding mention of GNU,
+ they are also avoiding discussion of the core principles upon which GNU is
+ founded---the belief that all users deserve
+ [software granting _four essential freedoms_][free-sw]:
+ the freedom to use the program for any purpose;
+ the freedom to study the program and modify it to suit your needs (or
+ have someone do it on your behalf);
+ the freedom to share the program with others;
+ and the freedom to share your changes with others.
+We call software that respects these four freedoms
+ [_free/libre software_][free-sw].
+Free software is absolutely essential:
+ it ensures that _users_,
+ who are the most vulnerable,
+ are in control of their computing---not software developers or
+ corporations.
+Any program that denies users any one of their [four freedoms][free-sw] is
+ _non-free_ (or _proprietary_)---that is, freedom-denying software.
+This means that any non-free software, no matter its features or
+ performance, will [_always_ be inferior to free software][oss] that
+ performs a similar task.
+Not everyone likes talking about freedom or the
+ [free software philosophy][free-sw].
+This disagreement resulted in the
+ ["open source" development methodology][oss],
+ which exists to sell the benefits of free software to businesses *without*
+ discussing the essential ideological considerations.
+Under the "open source" philosophy,
+ if a non-free program provides better features or performance,
+ then surely it must be "better",
+ because they have outperformed the "open source" development methodology;
+ non-free software isn't always considered to be a bad thing.
+So why would users want to use GNU/kWindows?
+Well, probably for the same reason that they want GNU tools on Mac OSX:
+ they want to use software they want to use, but they also want the
+ technical benefits of GNU that they like.
+What we have here is the ["open source" philosophy][oss]---because if the
+ user truly valued her freedom, she would use a
+ [fully free operating system like GNU/Linux][gnulinux-distros].
+If a user is _already_ using Windows (that is, before considering
+ GNU/kWindows), then she does gain some freedom by installing GNU:
+ she has more software on her system that respects her freedoms,
+ and she is better off because of that.
+But what if you're using GNU/Linux today?
+In that case,
+ it is a major downgrade to switch to a GNU/kWindows system;
+ by doing so, you are [surrendering your freedom to Microsoft][woe].
+It does not matter how many shiny features Microsoft might introduce into
+ its [freedom-denying surveillance system][woe];
+ an [operating system that respects your freedoms][gnulinux-distros] will
+ _always_ be a superior choice.
+We would do our best to dissuade users from switching to a GNU/kWindows
+ system for the technical benefits that GNU provides.
+So we have a couple different issues---some factual, some philosophical:
+ please don't refer to GNU/kWindows as "Linux on Windows", or any variant
+ thereof;
+ doing so simply propagates misinformation that not only confounds the
+ situation, but discredits the thousands of hackers working on the
+ [GNU operating system][gnu].
+It would also be best if you avoid calling it "Ubuntu on Windows";
+ it isn't a factually incorrect statement---you are running Ubuntu's
+ distribution of GNU---but it still avoids mentioning the
+ [GNU Project][gnu]. If you want to give Ubuntu credit for working with
+ Microsoft, please call it "Ubuntu GNU/kWindows" instead of "Ubuntu".
+By mentioning GNU,
+ users will ask questions about the project,
+ and might look it up on their own.
+They will read about [the free software philosophy][free-sw],
+ and will hopefully begin to understand these issues---issues that they
+ might not have even been aware of to begin with.
+ when you see someone using a GNU/kWindows system,
+ politely ask them why.
+Tell them that there is a _better_ operating system out there---the
+ [GNU/Linux operating system][gnu]---that not only provides those technical
+ features,
+ but also provides the feature of _freedom_!
+Tell them what [free software][free-sw] is,
+ and try to relate it to them so that they understand why it is important,
+ and even practical.
+It's good to see more people benefiting from GNU;
+ but we can't be happy when it is being sold as a means to draw users into
+ an otherwise [proprietary surveillance system][woe],
+ without so much as a mention of our name,
+ or [what it is that we stand for][gnu].
+[^kwindows]: This name comes from [Richard Stallman][rms], founder of the
+ [GNU Project][gnu].
+[hurd]: https://gnu.org/software/hurd/
+[oss]: http://www.gnu.org/philosophy/open-source-misses-the-point.html
+[gnulinux]: https://www.gnu.org/gnu/linux-and-gnu.html
+[gnulinux-distros]: https://www.gnu.org/distros/free-distros.html
+[apple]: https://stallman.org/apple.html
+[rms]: https://www.fsf.org/about/staff-and-board
+[gnu-noheard]: https://gnu.org/gnu/gnu-users-never-heard-of-gnu.html
+featured: true
diff --git a/post/2016-05-03-idad.md b/post/2016-05-03-idad.md
new file mode 100644
index 0000000..22f9518
--- /dev/null
+++ b/post/2016-05-03-idad.md
@@ -0,0 +1,88 @@
+# International Day Against DRM 2016
+Today is the [10th annual International Day Against DRM][day-drm]---a day
+ where activists from around the world organize events in protest against
+ [Digital Restrictions Management][drm].
+[day-drm]: https://www.defectivebydesign.org/dayagainstdrm
+[drm]: https://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
+<!-- more -->
+DRM is a scheme by which tyrants use [antifeatures][] to lock down what
+ users are able to do with their systems, often cryptographically.
+For example,
+ your media player might tell you how many times you can listen to a song,
+ or watch a video, or read a book;
+ it might [delete books][1984] that you thought you owned;
+ it might require that you are [always online][always-on] when playing a
+ game, and then stop working when you disconnect, or when they decide to
+ stop supporting the game.
+If you try to circumvent these locks,
+ then you might be [called a pirate][pirate] and be thrown in prision under
+ the ["anti-circumvention" privisons of the Digital Millenium Copyright Act
+ (DMCA)][dmca].
+These are all things [that have been long predicated][right-to-read], and
+ are only expected to get worse with time.
+That is, unless we take a stand and fight back.
+I had the pleasure of participating in
+ the [largest ever protest against the W3C][w3c-protest] and their attempts
+ to introduce DRM as a _web standard_ via the [Encrypted Media Extensions
+ (EME)][eme] proposal.[^photos]
+This event was organized beautifully by Zak Rogoff of the [Free Software
+ Foundation][fsf] and began just outside the Strata Center doors where the
+ W3C was _actively meeting_,
+ and then continued to stop outside the Google and Microsoft offices,
+ both just blocks away.
+We were [joined outside Microsoft][eff-protest] by Danny O'Brien,
+ the EFF's International Director,
+ who stepped out of the W3C meeting to address the protesters.
+Afterward, most of us [traveled to the MIT Media Lab][media-lab] where
+ Richard Stallman---who joined us in the protest---sat on a panel along
+ with Danny O'Brien, Joi Ito of the MIT Media Lab, and Harry Halpin of the
+ W3C.
+The W3C was invited to participate in a discussion on EME, but they never
+ showed.
+As a demonstration of the severity of these issues,
+ [Harry Halpin vowed to resign from the W3C][hh-resign] if the EME proposal
+ ever became a W3C Recommendation.
+I can say without hesitation that the protest and following discussion were
+ some of the most powerful and memorable events of my life---there is no
+ feeling like being a part of a group that shares such a fundamental
+ passion (and distaste!) for something important.
+And it _is_ very important.
+[DRM is pervasive][dbd]---the Web is just one corner where it rears its ugly
+ head.
+The [International Day Against DRM][day-drm] gives you and others an
+ excellent opportunity to hold your own protests, demonstrations, and events
+ to raise these issues to others---and to do so as part of an
+ _international group_;
+ to send a strong, world-wide message:
+ a message that it is _not_ acceptable to act as tyrants and treat users as
+ slaves and puppets through use of digital handcuffs and [draconian
+ punishments for circumventing them][dmca].
+[^photos]: The EFF has some [great photots][eff-protest]; I'm the one in the
+ hoodie between the giant GNU head and Zak Rogoff.
+[antifeatures]: https://www.fsf.org/bulletin/2007/fall/antifeatures/
+[lp2016]: https://libreplanet.org/2016/
+[w3c-protest]: https://www.defectivebydesign.org/from-the-web-to-the-streets-protesting-drm
+[eme]: https://w3c.github.io/encrypted-media/
+[eff-protest]: https://w3c.github.io/encrypted-media/
+[w3c]: https://www.w3.org/
+[fsf]: https://fsf.org/
+[media-lab]: https://motherboard.vice.com/read/we-marched-with-richard-stallman-at-a-drm-protest-last-night-w3-consortium-MIT-joi-ito
+[hh-resign]: https://www.defectivebydesign.org/blog/w3c_staff_member_pledges_resignation_if_drm_added_web_standards
+[dmca]: https://www.eff.org/issues/dmca
+[dbd]: https://www.defectivebydesign.org/
+[1984]: https://www.defectivebydesign.org/amazon-kindle-swindle
+[always-on]: https://en.wikipedia.org/wiki/Always-on_DRM
+[right-to-read]: https://www.gnu.org/philosophy/right-to-read.en.html
+[pirate]: https://www.eff.org/deeplinks/2015/02/go-prison-sharing-files-thats-what-hollywood-wants-secret-tpp-deal
diff --git a/post/2016-07-16-cfaa.md b/post/2016-07-16-cfaa.md
new file mode 100644
index 0000000..ccfab06
--- /dev/null
+++ b/post/2016-07-16-cfaa.md
@@ -0,0 +1,55 @@
+# CFAA, "Authorized" Access, and Common Sense
+There is little common sense to be had with the [Computer Fraud and Abuse
+ Act][cfaa] (CFAA) to begin with.
+To add to the confusion,
+ the Ninth Circuit Court of Appeals last week held 2-1 in [United States
+ v. Nosal][uvn] that accessing a service using someone else's
+ password---even if that person gave you permission to do so---[violates
+ the CFAA][cfaa-passwd],
+ stating that only the _owner_ of a computer can give such authorization.
+This is absurd even with complete lack of understanding of what the law is:
+ should your spouse be held criminally liable for paying your bills online
+ using your account?
+[cfaa]: https://www.eff.org/issues/cfaa
+[uvn]: https://www.eff.org/cases/u-s-v-nosal
+[cfaa-passwd]: https://www.eff.org/deeplinks/2016/07/ever-use-someone-elses-password-go-jail-says-ninth-circuit
+Common sense says no.
+<!-- more -->
+In another case this week---[Facebook v. Power Ventures][fvp]---the same
+ court (though a different panel of judges) stepped back from the original
+ decision and stated that computer _users_ can indeed provide
+ authorization.
+This authorization holds even if the service's Terms of Service say
+ otherwise.
+Yet: the computer owner (in this case, Facebook) can revoke authorization,
+ which takes precedence over any authorization provided by a user of that
+ system.
+So with a seemingly magical incantation,
+ a benign situation can be made into a federal crime,
+ just like that.
+These situations highlight dangerous confusion over the interpretation of an
+ already dangerously vague law.
+The CFAA is the law that was used to prosecute Aaron Swartz for federal
+ "crimes"---with a punishment of up to thirty-five years in prison---for
+ liberating documents hosted on JSTOR.
+Because of this [draconian threat][eff-punish],
+ [Aaron committed suicide][aaron] on January 11th, 2013.
+The CFAA already has blood on its hands;
+ it needs to be reined _in_,
+ not be given further broad powers.
+So don't take news of the decisions in US v. Nosal and Facebook v. Power
+ Ventures as canceling one-another out;
+ things may appear the same for now,
+ but serious problems still need to be resolved.
+[cfaa-back]: https://www.eff.org/deeplinks/2016/07/ninth-circuit-panel-backs-away-dangerous-password-sharing-decision-creates-even
+[fvp]: https://www.eff.org/cases/facebook-v-power-ventures
+[eff-punish]: https://www.eff.org/deeplinks/2013/02/rebooting-computer-crime-part-3-punishment-should-fit-crime
+[aaron]: https://www.eff.org/deeplinks/2013/01/farewell-aaron-swartz
diff --git a/post/2016-07-29-election.md b/post/2016-07-29-election.md
new file mode 100644
index 0000000..17a0bde
--- /dev/null
+++ b/post/2016-07-29-election.md
@@ -0,0 +1,41 @@
+# "Election"
+The past few days of the DNC have demanded pause. I am an Independent. I
+do not like Hillary Clinton. I am a Bernie supporter, and I was upset by his
+endorsement of Hillary. I had vowed not to vote for Hillary; I would
+instead vote for Jill Stein. The DNC, while very well done with a deeply
+compelling facade, has not changed my perspective on Clinton.
+It is perhaps said best by Bernie himself: "It's easy to boo, but it's
+harder to look your kids in the face who would be living under a Donald
+Trump presidency". The conflict here is between my deep ideologies and
+reality. It's often said that a vote for Hillary is a vote against Trump;
+such a perspective would shallow and purposeless. But this isn't an
+election for president---this is the most threatening assault on everything
+I stand for that I hope I will ever witness in my lifetime. To stand for
+ideological purity would be to stand atop a mountain while the world around
+me burns. This is why Bernie chose to unite.
+Should Trump win, my ideals that seem within reach could be blown back
+decades. As a matter of strategy, I cannot justify _not_ swallowing every
+ounce of my pride. Hillary's presidency is an unfortunate but necessary
+consequence of the only permissible outcome. I am not electing a president
+of the United States. I am electing _a United States_.
+<!-- more -->
+So I am doing what I never thought I would do: proposing that others too
+factor this obscene equation and recognize how the very few remaining
+variables affect the result. My ideals continue to exist in part and in
+spirit with Hillary as president. With Trump, they are all but
+vanquished. Donald Trump must not be elected president of the United
+States. When (and if) you vote, think of it as a shot fired, not as a vote
+More information about my opinions on this topic can be found
+[here][social-1] and [here][social-2].
+[social-1]: https://social.mikegerwitz.com/conversation/21864
+[social-2]: https://social.mikegerwitz.com/conversation/22026
diff --git a/post/2016-08-25-nso-group-target-activist.md b/post/2016-08-25-nso-group-target-activist.md
new file mode 100644
index 0000000..37125c4
--- /dev/null
+++ b/post/2016-08-25-nso-group-target-activist.md
@@ -0,0 +1,103 @@
+# NSO Group, Pegasus, Trident---iOS Exploits Targeting Human Rights Activist
+[Citizen Lab released a report][cl] describing the attempted use of iOS
+ 0-days on human rights activist [Ahmed Mansoor][] by the United Arab
+ Emirates.
+They named this chain of exploits _Trident_,
+ and with the help of [Lookout Security][paper],
+ were able to analyze them.
+It begins with [arbitrary code execution (CVE-2016-4655)][4655] by
+ exploiting a memory corruption vulnerability in WebKit,
+ which downloads a payload unknown to the user.
+That payload is able to bypass KASLR and [determine the kernel memory
+ location (CVE-2016-4656)][4656],
+ then allowing it to exploit a [memory corruption vulnerability in the
+ kernel itself (CVE-2016-4657)][4657];
+ this "jailbreaks" the device and is a complete compromise of the system.
+[cl]: https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
+[Ahmed Mansoor]: https://en.wikipedia.org/wiki/Ahmed_Mansoor
+[paper]: https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf
+[4655]: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4655
+[4656]: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4656
+[4657]: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4657
+<!-- more -->
+This payload is [Pegasus][paper],
+ a complex surveillance tool sold to governments,
+ often used for espionage.
+In this case,
+ Monsoor received a suspicious text message and wisely [tipped off Citizen
+ Lab][cl] rather than opening the presented link.
+Had he done so,
+ he would have unknowingly downloaded this spyware that could very well
+ have put his life in extreme danger:
+ it has the capability to track his location;
+ record his calls and texts;
+ record communications through software like WhatsApp and Skype;
+ download his contact information;
+ grab passwords and encryption keys from his keyring;
+ and much more.
+This malware was written by [NSO Group][],
+ which is so poorly known that their [Wikipedia page didn't even exist
+ until today][nso-wikipedia].
+The software company is based in Israel,
+ founded in 2010 by Niv Carmi, Omri Lavie, and Shalev Hulio.
+They were purchased in 2014 by [Francisco Partners][],
+ a private equity firm in the United States,
+ for $110 million.
+They exist to sell exploits to governments.
+Anyone familiar with security research is aware of [responsible
+ disclosure][]:
+ it is a model whereby researchers who discover a vulnerability
+ release their research publicly only _after_ they notify the authors
+ of the software,
+ and a patch mitigating the vulnerability has been released.
+This is what Citizen Lab did---Apple [fixed the vulnerability][apple] in
+ iOS 9.3.5.[^rms-apple]
+This is not what NSO Group does:
+ Instead, they horde their exploits[^0day] and sell them to governments as
+ weapons for surveillance or espionage.
+In this case,
+ the United Arab Emirates (or so it seems).
+This is not only unethical,
+ but to sell to a government that is known for this type of abuse is
+ inexcusable and negligent---the people behind NSO Group are absolute
+ scum.[^scum]
+They are empowering a foreign government known for their civil and human
+ rights abuses.
+I have trouble finding words.
+There is much more that can be said on this topic with respect to security,
+ civil and human rights,
+ and various other topics.
+But I don't want to distract from the topic at hand.
+Let this sink in.
+Read the [Citizen Lab][cl] report and the [paper by Lookout Security][paper].
+Today I leave my soapbox be.
+[NSO Group]: https://en.wikipedia.org/wiki/NSO_Group
+[nso-wikipedia]: https://en.wikipedia.org/w/index.php?title=NSO_Group&action=history
+[Francisco Partners]: https://en.wikipedia.org/wiki/Francisco_Partners
+[responsible disclosure]: https://en.wikipedia.org/wiki/Responsible_disclosure
+[apple]: https://support.apple.com/en-us/HT207107
+[^rms-apple]: I [can't recommend that you use Apple
+ devices](https://stallman.org/apple.html), but if you do, you
+ should upgrade immediately;
+ you are vulnerable to exploitation by simply visiting a
+ malicious webpage.
+[^0day]: Called 0-days,
+ because they haven't been disclosed and there has been no time to
+ prepare or release a fix.
+[^scum]: For other scum, see the organization behind [FinFisher][]; and the
+ group [Hacking Team][].
+[FinFisher]: https://en.wikipedia.org/wiki/FinFisher
+[Hacking Team]: https://en.wikipedia.org/wiki/Hacking_Team
diff --git a/post/2017-05-16-self-discovery-pre-internet.md b/post/2017-05-16-self-discovery-pre-internet.md
new file mode 100644
index 0000000..3e66a1f
--- /dev/null
+++ b/post/2017-05-16-self-discovery-pre-internet.md
@@ -0,0 +1,79 @@
+# Self-Discovery Before the Internet
+This is an autobiographical opinion piece prompted by [a HackerNews
+post][hn] discussing what it was like to learn programming before Stack
+Overflow (and other parts of the Internet).
+[hn]: https://news.ycombinator.com/item?id=14339293
+<!-- more -->
+I'm not old. I was born in 1989. I started programming around 1999. The
+Internet sure did exist back then, but I was 10, and my parents weren't keen
+on having me just go exploring. Besides, it was dial-up---you couldn't go
+search real quick; especially if someone was on the phone. Using the
+Internet was an _event_, and an exciting one at that, listening to those
+dial tones, logging in using that old Prodigy dialog. Back then you had
+Dogpile and Ask Jeeves. Most sites I'd visit by name; usually that was
+GameFAQs or CNET download.com, because those are the sites my friend told me
+about when he introduced me to the Internet.
+I'm entirely self-taught. I didn't know any programmers. I didn't have
+contact with any. I told my parents that I wanted to learn how to program
+and they skeptically brought me to Barnes and Noble where we picked out
+Learn to Program with Visual Basic 6 by John Smiley (*gasp* yes I started as
+a Windows programmer). It came with a VB6 CD that for a while I was
+convinced could only run the book examples, because I had no idea what I was
+doing. I struggled. I tinkered. Hacker culture was on the complete
+opposite end of where I was, but by the time I discovered it years later, I
+felt like I finally found myself---I finally discovered who I was. The
+struggle made me a hacker.
+It's easy to half-ass it today. It's easy to simply say "eh I can Google
+it" and forego committing knowledge. But it also makes it easy to gain
+knowledge, for those who do care to do so. It makes trivia easy. It makes
+discovery easy. It also exposes people to subcultures quickly and
+demands conformance to stereotypes and norms before one can discover
+_themselves_. Who would I be today without having to struggle for myself
+rather than someone else _telling_ me who I am, and what I do?
+This is more than just technical knowledge. This is the difference between
+dropping a child off in the wild or dropping them off at the local
+scouts. And at least scouts will discover themselves together. With the
+Internet, you absorb a body of existing knowledge; you _rediscover others_,
+not yourself. You often read blogs containing opinions of others, not books
+or manuals.
+That's not to say that you can't learn on your own. Many still do. Many
+focus on manuals and books and source code rather than social media. It's
+sure hard, though, when everything is integrated as such. Social media
+can be beneficial---you do want communication and collaboration. I sure as
+hell want to communicate with others. Opinions of others are deeply
+important too. Some of the best things I've read are on blogs, not in
+books. But I've already found my niche. I've found myself. I wasn't
+tainted or manipulated---I learned in a world of proprietary software where
+developing license systems was fun and emerged a free software
+activist. Because I was forced to look inward, not post on Stack Overflow
+or HN or Reddit expecting a hand-guided tour or `dd` of thoughts (okay,
+you're not getting that on HN).
+Not everyone needs to be a passionate hacker or developer. Really, the
+world needs both. And based on what I've seen being pumped out of schools
+and universities, the self-taught are generally better off either way. The
+vast resources available to modern programmers make many tasks easier and
+cheaper, though it also increases maintenance costs if all the programmer is
+doing is using code snippets or concepts without actually grokking
+them. But this is what most of the world runs off of.
+Let yourself struggle. Go offline. Sit down with a print book and get out
+a pen and take notes in the margin, write out your ideas. Getting syntax
+errors in your editor or REPL? Figure it out! Or maybe consult the manual,
+or the book you're reading. Don't search for the solution. When I learned
+Algebra in middle school, I had little interest, and forgot all of
+it. Years later, I needed it as a foundation for other things. I
+discovered the rules for myself on pen and paper. Not only do I remember it
+now (or can rediscover on a whim), but I understand _why_ it works the way
+it does. I've had those epiphanies. It's easy to miss the forest for the
+trees when you don't gain that essential intuition to help yourself
+out. And the forest is vast and beautiful.
diff --git a/post/2017-06-03-gnu-more-software.md b/post/2017-06-03-gnu-more-software.md
new file mode 100644
index 0000000..89b76e2
--- /dev/null
+++ b/post/2017-06-03-gnu-more-software.md
@@ -0,0 +1,35 @@
+# GNU is more than a collection of software
+GNU is more than just a collection of software; it is an operating system:
+ [https://www.gnu.org/gnu/thegnuproject.html]()
+Many hackers and activists within the free software community don't
+understand this well, and it's a shame to see attacks on GNU's relevance (as
+measured by programs written by GNU on a given system) going
+unchallenged. Software for GNU was written by the GNU Project when a
+suitable free program was not available. It wouldn't have made sense to
+write everything from scratch if free programs already solved the problem.
+<!-- more -->
+When we say GNU/Linux, we really are referring to the GNU operating system
+that just happens to be using Linux. It could be using the FreeBSD kernel
+([GNU/kFreeBSD][]). It could be using a Windows kernel with a Linux API
+([GNU/kWindows][]). It could be using the [Hurd][] ([GNU/Hurd][]). The
+disambiguation is important, but the end result is pretty much the same.
+There are many systems that use Linux that are not GNU. Android is not GNU,
+for example. We shouldn't attempt to call those systems "GNU/Linux"
+blindly. (Also note how it's called "Android", not "Android/Linux", or just
+"Linux". Somehow GNU is controversial, though.)
+So if you see someone challenging GNU's relevance because GNU/Linux contains
+so much software that isn't part of a GNU package, then please provide the
+above link, and kindly explain to them that their observation is correct,
+because GNU is an operating system, not a collection of programs.
+[GNU/kFreeBSD]: https://en.wikipedia.org/wiki/Debian_GNU/kFreeBSD
+[GNU/kWindows]: https://mikegerwitz.com/2016/04/GNU-kWindows
+[Hurd]: https://www.gnu.org/software/hurd/
+[GNU/Hurd]: https://www.debian.org/ports/hurd/
diff --git a/post/2017-06-24-russia-review-source.md b/post/2017-06-24-russia-review-source.md
new file mode 100644
index 0000000..b54c6e1
--- /dev/null
+++ b/post/2017-06-24-russia-review-source.md
@@ -0,0 +1,79 @@
+# Russia wants to review source code of Western security software
+Reuters [released an article][0] entitled "Under pressure, Western tech
+ firms bow to Russian demands to share cyber secrets".
+Should Russia be permitted to do so?
+Should companies "bow" to these demands?
+I want to draw a parallel to another highly controversial case regarding
+ access to source code:
+ the [Apple v. FBI][2] case early last year.
+For those who don't recall,
+ one of the concerns was the government trying to compel Apple to make
+ changes to iOS to permit brute forcing the San Bernardino attacker's
+ PIN;
+ this is a [violation of First Amendment rights][3] (compelled speech),
+ and this afforded Apple strong support from even communities that
+ otherwise oppose them on nearly all other issues.
+The alternative was to have the FBI make changes to the software instead of
+ compelling Apple to do so,
+ which would require access to the source code of iOS.
+[0]: http://www.reuters.com/article/us-usa-russia-tech-insight-idUSKBN19E0XB
+[2]: https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_dispute
+<!-- more -->
+Becuase of the hostility toward the FBI in this case,
+ even many in the [free software community][4] took the stance that the FBI
+ being able to modify the software would set terrible precedent.
+But that's missing the point a bit.
+Being able to modify software doesn't give you the right to install it on
+ others' devices;
+ the FBI would have had to compell Apple to release their signing keys
+ as well---_that_ is a dangerous precedent.
+If the government compelled Apple to made changes themselves,
+ _that_ is dangerous precedent.
+"Cyber secrets" in the above title refers to source code to software written
+ by companies like Cisco, IBM, SAP, and others;
+ secrets that can only exist in proprietary software that
+ [denies users the right to inspect, modify, and share][1] the software
+ that they are running.
+For those who agree with the free software philosophy,
+ it's important to remove consideration of _who_ is trying to exercise their
+ [four freedoms][1].
+In the case of the FBI,
+ from a free software perspective,
+ of course they should be able to modify the software---we
+ believe that _all_ software should be free!
+ (But that doesn't mean they should be able to install it on _someone
+ else's_ device.)
+In the context of this article by Reuters:
+ Russia doesn't have to ask to examine software that is free/libre.
+ And if they did, it shouldn't be a concern;
+ restricting who can use and examine software is [a slippery slope][5].
+Unfortunately, not all software is free/libre.
+But if we extend the free software philsophy---there
+ should be no _ethical_ concerns with a foreign power wanting to inspect
+ proprietary source code.
+But proprietary software might have something of concern to hide:
+ it might be something malicious like a backdoor,
+ or it might be something like a lack of security or poor development
+ practices;
+ [proprietary software exists only to keep secrets][6], after all.
+If Russia has to ask to inspect source code for security software,
+ you probably do too.
+And if that's the case,
+ the security being provided to you is merely a facade.
+It's not Russia to be suspicious of for asking---it's
+ the companies that keep secrets to begin with.
+[1]: https://www.gnu.org/philosophy/free-software-even-more-important.html
+[3]: https://www.eff.org/deeplinks/2016/03/deep-dive-why-forcing-apple-write-and-sign-code-violates-first-amendment
+[4]: https://www.gnu.org/philosophy/free-sw.en.html
+[5]: https://www.gnu.org/philosophy/programs-must-not-limit-freedom.html
+[6]: https://www.gnu.org/proprietary/proprietary.html
diff --git a/post/2017-06-27-no-force-use-tools.md b/post/2017-06-27-no-force-use-tools.md
new file mode 100644
index 0000000..5cfdbf7
--- /dev/null
+++ b/post/2017-06-27-no-force-use-tools.md
@@ -0,0 +1,85 @@
+# Don't force me to use your tools [on the Web]
+There was an interesting discussion on [libreplanet-discuss][] recently
+ regarding web interfaces.
+Below is a rather informal off-the-cuff statement regarding the use of Web
+ interfaces (specificlaly Discourse) over my own tools.
+[libreplanet-discuss]: https://lists.gnu.org/archive/html/libreplanet-discuss/2017-06/msg00032.html
+<!-- more -->
+I live a huge chunk of my life in my mail client
+ (which happens to be my editor as well).
+It's scripted,
+ heavily customized,
+ and integrated with other things.
+I do task management with Org mode,
+ which integrates simply but well enough with Gnus.
+I can use my editor keybindings and such when composing messages.
+The same goes with my IRC client.
+I never have to leave home, if you will.
+Contrast that with websites:
+ if I have to write anything substantial,
+ I often have to write it in my editor first and paste it in.
+Many of us hackers don't care for flashy interfaces;
+ we'd rather use the tools we've invested our lives into and know well.
+ Tools that can compose and work well in pipelines.
+Trying to use interfaces that reinvent the wheel poorly is painful.
+And let's not be fooled---these are programs.
+Especially when they're heavy on JavaScript.
+There's no difference between this and someone asking me to download Foo and
+ put my Emacs toy away, as cute as it is.
+But I know that many people don't feel that way.
+I have coworkers that think I'm crazy (respectfully so).
+And I think they're crazy too. ;)
+Admittedly, using your own tools is a large barrier to entry---my
+ tools are useful because I've spent a great deal of time learning and
+ researching and customizing.
+And now I can reuse them for everything.
+For your average user looking to get into activism,
+ who may not even be a programmer,
+ that's a bit different;
+ it's easier to say "here's your single tool (Web)---go use it".
+There are systems that allow for a level of integration
+ (e.g. mailing lists and forums).
+But they're often treated as fallbacks---as second-class citizens.
+They might provide a subset of features;
+ it leaves certain members of the community out---those
+ who want to use their own tools.
+I haven't used Discourse.
+I do see "mailing list support";
+ maybe that's a good sign.
+But one of the phrases at the top of the features page is
+ "[w]e're reimagining what a modern discussion platform should
+ be".
+Many of us don't want to see it reimagined.
+That's the opposite of what many want.
+Trying to strike a balance isn't a bad thing if that's the audience
+ we're looking to attract.
+But it's difficult,
+ and something I struggle with a great deal.
+ Asking someone to use an interface on the Web is asking them to use
+ /your/ program instead of their own.
+ Be respectful by using [Web standards for accessibility][accessibility];
+ [progressive enhancement][];
+ and make use of well-established standards with rich histories,
+ especially if your audience makes use of them
+ (e.g. mailing lists, RSS feeds, federation standards, etc).
+Thank you.
+[accessibility]: https://en.wikipedia.org/wiki/Web_accessibility
+[progressive enhancement]: https://en.wikipedia.org/wiki/Progressive_enhancement
diff --git a/post/2018-01-05-lp2018-ev.md b/post/2018-01-05-lp2018-ev.md
new file mode 100644
index 0000000..96fc0bd
--- /dev/null
+++ b/post/2018-01-05-lp2018-ev.md
@@ -0,0 +1,40 @@
+# The Ethics Void: Join Me at LibrePlanet 2018!
+I got word today that I'll be speaking again at this year's [LibrePlanet][]!
+I was going to attend even if I were not speaking,
+ but I'm very excited to be able to continue to build off of last year's
+ talk and further my activism on these topics.
+[LibrePlanet]: https://libreplanet.org/2018/
+The title of this year's talk is _The Ethics Void_.
+Here's a rough abstract:
+<!-- more -->
+> Medicine, legal, finance, journalism, scientific research—each of these
+> fields and many others have widely adopted codes of ethics governing the
+> lives of their professionals. Some of these codes may even be enshrined in
+> law. And this is for good reason: these are fields that have enormous
+> consequences.
+> Software and technology pervade not only through these fields, but through
+> virtually every aspect of our lives. Yet, when compared to other fields, our
+> community leaders and educators have produced an ethics void. Last year, I
+> introduced numerous topics concerning #privacy, #security, and #freedom that
+> raise serious ethical concerns. Join me this year as we consider some of
+> those examples and others in an attempt to derive a code of ethics that
+> compares to each of these other fields, and to consider how leaders and
+> educators should approach ethics within education and guidance.
+(My previous talks can be found on my ["Talks" page][talks].)
+For this talk,
+ I want to solicit the community at various points.
+I know what _I_ want to talk about,
+ but what are some of the most important ethical issues to _you_?
+Unfortunately there's far too much to fit into a 40-minute talk!
+Feel free to send me an e-mail or reply to the [thread on GNU Social][thread].
+[talks]: /talks
+[thread]: https://social.mikegerwitz.com/conversation/99140
diff --git a/post/2018-01-08-meltdown-spectre-web.md b/post/2018-01-08-meltdown-spectre-web.md
new file mode 100644
index 0000000..9e4f73f
--- /dev/null
+++ b/post/2018-01-08-meltdown-spectre-web.md
@@ -0,0 +1,44 @@
+# Meltdown/Spectre and the Web
+The recently-released [Meltdown][] and [Spectre][] CPU timing attacks
+ affect virtually every user in some way;
+ the consequences are profound.
+There are plenty of good write-ups on the topic,
+ so I don't feel the need to re-iterate the technical details here.
+(See an easily digestible one [from the Raspberry Pi][rpi] project, and an
+ in-depth analysis [from Project Zero][zero].)
+[Meltdown]: https://meltdownattack.com/
+[Spectre]: https://spectreattack.com/
+[rpi]: https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
+[zero]: https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
+What I do want to draw attention to is that these attacks [are exploitable
+ via web browsers][mozilla].
+[mozilla]: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
+<!-- more -->
+The reason for this is that your web browser,
+ by default,
+ automatically downloads and executes programs without your knowledge or
+ consent.
+Most commonly,
+ web pages embed software in the form of JavaScript code.
+Because of the features available in modern JavaScript environments,
+ CPU cache timing attacks are possible.
+[I spoke about the security issues][lp2016] of running these programs in your web
+ browser back in 2016---it
+ was a bad idea then,
+ and it's still a bad idea now.
+[I spoke further of privacy issues][lp2017] last year at LibrePlanet 2017.
+I encourage you to use extensions like [NoScript][] to block the execution of
+ JavaScript by default,
+ and stop random people from treating your computer as a puppet to do
+ their own bidding.
+[lp2016]: https://media.libreplanet.org/u/libreplanet/collection/restore-online-freedom/
+[lp2017]: https://media.libreplanet.org/u/libreplanet/m/the-surreptitious-assault-on-privacy-security-and-freedom/
+[NoScript]: http://noscript.net/
diff --git a/post/2018-04-15-mobile-tracking-veil.md b/post/2018-04-15-mobile-tracking-veil.md
new file mode 100644
index 0000000..c926bce
--- /dev/null
+++ b/post/2018-04-15-mobile-tracking-veil.md
@@ -0,0 +1,60 @@
+# When Talking About Mobile Tracking, Don't Veil Bad Actors With Blanket Statements
+It's difficult to have useful conversations about mobile tracking when
+ someone says "your phone / mobile device tracks you";
+ such statements don't often lead to constructive conversation because they
+ are too vague and therefore easily dismissed as sensationalism or
+ paranoia.
+ And they are all too often without substance because,
+ while users do have legitimate concerns,
+ they aren't necessarily aware of the specific problems contributing to
+ those concerns.
+<!-- more -->
+A mobile device is nothing more than a small computer that you carry around
+ with you.
+The networks that you connect to can spy on you---your
+ cellular network, bluetooth, wifi, etc.
+To help mitigate these threats,
+ you can disable those communications until you are in a safe place that
+ you don't mind others knowing about.
+We can only have confidence that these connections have been disabled by
+ physical means,
+ like a hardware switch or a bag that acts like a Faraday cage.
+[iOS deceives users][ios-deceive] when they ask to disable those communications
+ for example.
+The software running on your device often spies on you:
+ the operating system itself often spies;
+ the apps you install often spy.
+This is the fault of the individual _authors_---_they_
+ are the problem.
+Consider using free/libre software that empowers you and serves _you_ rather
+ than its creators;
+ it's much harder to hide secrets in free software.
+On Android,
+ consider using only free software available in [F-Droid][].
+We also need fully free mobile operating systems,
+ like [Replicant][] and hopefully Purism's Librem 5 that is still under
+ development.
+Don't be fooled into thinking the Android on most phones is free
+ software---only
+ its core (AOSP) is.
+Call out those that do harm---don't
+ veil and protect them using statements like "your phone tracks you".
+Talk about the specific issues.
+Demand change and have the courage to reject them entirely.
+This involves inconvenience and sacrifice.
+But if we're strong now,
+ then in the near future perhaps we won't have to make any sacrifices,
+ much like the fully free GNU/Linux system desktops we have today.
+Fore more information on tracking,
+ see my [LibrePlanet 2017 and 2018 talks](/talks) "The Surreptitious Assault on Privacy,
+ Security, and Freedom" and "The Ethics Void", respectively.
+[F-Droid]: https://f-droid.org
+[ios-deceive]: https://web.archive.org/web/20170922011748/https://support.apple.com/en-us/HT208086
+[Replicant]: https://replicant.us
diff --git a/post/2018-09-06-lp2019-announce.md b/post/2018-09-06-lp2019-announce.md
new file mode 100644
index 0000000..5775e2a
--- /dev/null
+++ b/post/2018-09-06-lp2019-announce.md
@@ -0,0 +1,28 @@
+# LibrePlanet 2019 will be March 23--24 in Boston, MA
+It's already time to start thinking about LibrePlanet 2019, which will be
+March 23--24 in the Greater Boston Area in MA:
+This is the one event that I must make it to each year, and I encourage
+everyone to attend and see the faces of many that are at the heart of the
+free software community.
+<!-- more -->
+Consider [submitting a session][submit]! Or, if you can't make it but plan
+on watching online, maybe help someone else attend by [contributing to the
+travel fund][travel-fund]. The call for sessions ends October 26th.
+I'll be attending again this year, and I plan on submitting a session
+proposal. I won't have the time to do [my 100+hr research talks like the
+past couple years][talks], so maybe I'll fall back on something more
+technical that I won't have to research.
+It's still a ways off, but if you do plan on attending, do let me know so I
+can say hello!
+[submit]: https://my.fsf.org/lp-call-for-sessions
+[travel-fund]: https://my.fsf.org/civicrm/contribute/transact?reset=1&id=60
+[talks]: /talks/
diff --git a/post/2018-10-05-webmaster-no-block-tor.md b/post/2018-10-05-webmaster-no-block-tor.md
new file mode 100644
index 0000000..ee78c3a
--- /dev/null
+++ b/post/2018-10-05-webmaster-no-block-tor.md
@@ -0,0 +1,66 @@
+# Webmasters: Please, Don't Block Tor
+[Tor][] is a privacy and anonymity tool that [helps users to defend
+ themselves][tor-about] against traffic analysis online.
+Some people, like me, use it as an important tool to help defend against
+ [various online threats to privacy][sapsf].
+[Others use it][tor-users] to avoid censorship,
+ perhaps by the country in which they live.
+Others use it because their lives depend on it---they
+ may live under an oppressive regime that forbids access to certain
+ information or means of communication.
+[Tor]: https://www.torproject.org/
+[tor-about]: https://www.torproject.org/about/overview.html.en#whyweneedtor
+[tor-users]: https://www.torproject.org/about/torusers.html.en
+[sapsf]: /talks/sapsf
+Unfortunately, some people also hide behind Tor to do bad things,
+ like attack websites or commit fraud.
+Because of this,
+ many website owners and network administrators see Tor as a security threat,
+ and choose to block Tor users from accessing their website.
+<!-- more -->
+But in doing so,
+ you aren't just keeping out some of the malicious users:
+ you're also keeping out those who [use Tor for important, legitimate
+ reasons][tor-users].
+Malicious users have other means to achieve anonymity and often have the
+ skill and understanding to do so.
+But average Tor users aren't necessarily technology experts,
+ and certainly don't have the extra (often maliciously-acquired) resources
+ that bad actors do,
+ so they are disprortionally affected by blocks.
+A particularly unsettling problem I often encounter is that a website will
+ outright prohibit access by Tor users _even on read-only resources like
+ articles or information_.
+I've even seen this on informational resources on United States Government
+ domains!
+Blocking access to interactive website features---like
+ posting comments or making purchases---can
+ be understandable,
+ or maybe even necessary sometimes.
+For example,
+ Wikipedia prohibits page edits over Tor.
+But Wikipedia _does not block reading_ over Tor.
+If you are considering threats that may mask themselves behind Tor and you
+ are running a blog, news site, or other informational resource,
+ please, consider how your actions [may affect innocent
+ users][tor-users].
+Allow users to read over Tor,
+ even if you decide to prohibit them from interacting.
+For users of Tor who do find themselves stuck from time to time:
+ I will often prepend `https://web.achive.org/` to the URL of a page that
+ is blocked,
+ which allows me to view the page in the Internet Archive's [Wayback
+ Machine][].
+For example,
+ to view my website in the Wayback Machine,
+ you'd visit `https://web.archive.org/https://mikegerwitz.com/`.
+[Wayback Machine]: https://web.archive.org/