I'll reply to this now, even though the thread has been dormant for 
a bit.

Quoth Michael Spacefalcon:
> I see that after your post, the thread on the mailing list veered off
> into a discussion of security.  But that diversion totally misses the
> point: it isn't so much about secure communication as it is about the
> Four Freedoms of software:

The four freedoms are about user freedom. And to me freedom from 
surveillance is an very important aspect of living and thinking 
freely.  You're quite right the FSF don't explicitly list this, but 
to me it is just as important as their four freedoms (and indeed 
depends on them).

But anyway. Meeting the four freedoms is an excellent place to 
start!
 
> There also are some practical considerations that affect only feature
> phones and not smartphones.  I have yet to encounter a phone UI design
> that doesn't suck, and I hope that most people on this list will agree
> with me that being able to customize the UI to one's preferences is an
> essential freedom that a geeky, empowered phone user should have - and
> I mean *really* customize the UI, not just twiddle menu settings, but
> being able to study, modify or even totally rewrite the UI code.

The ability to customise is good, but to be honest I am OK with just 
learning whatever weird idioms and bugs exist on a platform and 
working around them. Though obviously I've never had much choice 
before.

> Now look at the situation from the perspective of a user who does NOT
> want his or her phone to be anything other than a plain phone.  For
> such a user, a non-smart feature phone ought to be ideal, but if the
> user also wants the freedom to fully own the UI design, s/he currently
> has to pay for an otherwise completely unnecessary application
> processor.  And when I say "pay for", I'm *not* referring to the
> purchase price of the device - I would gladly pay a lot more for my
> ideal Free Dumb Phone than the most expensive GTA04 or Ubuntu Edge or
> whatever.  Instead I mean pay for in terms of carrying extra weight,
> extra power consumption, extra system complexity otherwise unneeded,
> many additional points of failure, etc.
> 
> *That* is what I seek to rectify with my Free Dumb Phone project,
> aside from the moral issue.  Freedom is a right that all phone users
> should enjoy, not a privilege that's limited to just Linux smartphones
> to the exclusion of non-smart feature phones.

Sounds great to me.

> > I've heard that the encryption used is really crappy, and while some 
> > things like MITM forced reregistration to disable encryption and 
> > ease surveillance could be countered by appropriate phone settings, 
> > if the best encryption algorithm available can be cracked by a home 
> > PC in a few days, you're still screwed.
> 
> The GSM encryption is a red herring - it makes absolutely no difference
> whether it's there or not.  Imagine if the GSM encryption were perfect
> and unbreakable - what would change?  Nothing.  The over-the-air
> encryption is only between the mobile station and the network.  In a
> public phone network, where you can dial the phone number of any
> stranger and hear each other's voices if the other party answers,
> encryption can't be end-to-end.  The network has to be able to decrypt
> with one end's key and re-encrypt with a different key for the other
> end, so the network itself has (and must have) access to the cleartext
> form of your digitized voice.
> 
> If I am the world's most wanted criminal and enemy #1 of all major
> governments, and they want to spy on my phone conversations, they
> aren't going to bother with cracking GSM over-the-air encryption,
> they'll just put in a "lawful intercept" at the switch.
> 
> The only way to render all "lawful intercept" mechanisms ineffective
> is to use end-to-end encryption.  That won't work when calling
> strangers, or calling the transit line to check bus/train schedules
> etc, but it's a very feasible mechanism for private and secure
> communication mechanism among family members, friends etc.

Aah, thanks for the clarification. Of course you're right, I hadn't 
thought through the GSM encryption thing, but of course it's only 
between the mobile station and the network. So yes, end-to-end is 
the only way, and that will obviously be a more distant goal (and 
one that sadly is impossible to make compatible with many other 
things). Fine.

> > Because one of the nice things of free software traditionally has 
> > been the ability to say "it's free software, so I can do what I like 
> > with it, and you can't invoke state violence against me for doing 
> > so,"
> 
> Counter state violence with your own violence: raise your own army
> that can challenge the forces of the state on a tactical battlefield.
> It isn't too hard, we did it successfully back in 1917, and we can do
> it again.

This is where we certainly differ. State violence is awful, but 
organise to counter it with your own violence and you'll at best 
replace their "bad" reigime backed by violence with your "good" 
regime backed by violence.

> > With this in mind, I do wonder why the OsmocomBB work isn't 
> > appropriate as a base for your work? Can you explain this a bit more 
> > why it isn't?
> 
> For two reasons:
> 
> > Is it just that they are quite a long way from 
> > producing a complete firmware for a phone?
> 
> That's one reason.  The other is a personal/moral one.  The leader of
> that project is Harald Welte, and I have strong reasons to suspect
> that many of its other major contributors are also members of that
> elite clique of people who are sitting on copies of the Closedmoko
> hoardware and not sharing.  I'm not going to contribute to a project
> led by such people.

I think it's a pity not to work with such people. They are still 
working to increase user freedom, albeit with more respect for NDAs 
than they perhaps deserve (as Joerg mentioned, ability to continue 
to get good employment doing free software likely plays a role, 
which is a pretty good reason). But anyway, I'll cheerlead and 
celebrate (and hopefully find a way to help) any work towards a 
fully free phone, and your focus on producing a handset is great.

Nick

_______________________________________________
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community

Reply via email to