[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)

>> Accordingly, I urge you not to encourage an artificial split between 
>> the cypherpunks and the open-source community.  Your licensing argument
>> is not with the open-source community as a whole, it is very
>> specifically with the partisans of the GPL.

- Cypherpunks want to maximize distribution and use of good crypto.
Access to source for any product you use is necessary, 
primarily so you can tell if it has backdoors, weak crypto,
bad implementations, known bugs, previously unknown bugs,
and similar problems that are easiest to detect when
lots of people look at the source code.  

Secondarily, unencumbered source code is easier to include
in products, whether they're public-domain, commercial,
freeware, Genuinely RMS-Approved Free Software (r,tm,patpend),
careware, Greedy Hoardware, or whatever, 	and 
the easier some code is to include in a product,
the more likely it is to get used.  In particular, if using
some code requires paying money to its authors, that makes it
hard to include in low-priced products and harder in free products.
If using the code requires changing the user's business model,
it's less likely to get used, though the Library versions of
the GNU license are much easier to use than the full GNU Public Virus,
and almost anything is easier to use than Patented Algorithms
Only Licensable From David Chaum.

These two issues fit together - secret algorithms
and secret code lead to junk like MS PPTP or GSM A5 which
totally collapse when examined by professionals, and even
with available source, there are bugs that can hide for a long time,
so the more people checking out a system, the better.

Some cypherpunks produce mostly free or Free software, some sell theirs
for money while hoarding what they can, some work for tax-subsidized
universities where publishing work is critical.

- Open Source proponents differ on the tactics they think are most effective
in making it possible for anyone to use source, from PD to GNUware.

[We at the People's Front For Open Source don't believe in religious wars,
unlike those HERETICS over at the Open Source People's Front, who believe
that the best way to get everybody to open their source is to give away
good source code only to virtuous people who agree to give away _their_
source code under the same conditions, instead of giving it away
untainted by even the recognition of the sin of code hoarding like we do.:-]

To the extent that openness-promoting tactics interfere with use of good code,
they act against cypherpunk goals, though the same can be said about
license-revenue-promoting tactics and other attempts to control users.

Most of us in both overlapping camps disapprove of software patents, 
and patents has done almost as much as the NSA to impede crypto deployment, 
but there are some cypherpunks who have them, and some who believe that 
patent and copyright _have_ had their intended benefit, 
which is to encourage authors and inventors by
making it easier for them to make money from their work.

I had one interesting discussion with RMS in which we ended up agreeing
that if software patents only lasted 5 years instead of 20,
they'd still be bad but we could more or less live with them,
because that would reduce the extent to which they interfered with
programmers using techniques, whether the programmer was using
a published patented technique or had reinvented it independently
and missed it when doing literature searches before publishing.

Bill Stewart, [email protected]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639