Donor Spotlight: Togán Labs
byon August 23, 2017
Conservancy depends on our Supporters and Donors.We rely on their financial support, of course, but they are also valued ambassadors who spread the word about Conservancy and the work we do. This is the first installment in a series featuring the companies and individuals who support Conservancy. If you're a Supporter of Conservancy and would like to be featured here please let us know!
We're kicking off this series by interviewing Beth Flanagan, CTO and Co-Founder of Togán Labs about why they have chosen to donate to Conservancy.
What is Togán Labs?
Togán (pronounced Toe-gawn) Labs Ltd. is a small startup embedded services provider based in Cork, Ireland. We are the creators of Oryx Linux, an embedded Linux distribution based around the Yocto Project and OpenEmbedded. Oryx incorporates a lightweight container runtime engine which brings the benefits of containerisation to the embedded sector without disrupting existing developer workflows. We are not just another startup. Our core philosophy is the belief that we can work, keep roofs over our heads and be responsible to our co-workers, our customers and our communities. It's not just an afterthought to us, it's designed into our company. Our board consists of 2/3rds women, our core development team is gender balanced, we require our co-workers to learn the Irish language (because without an economic basis the language will become even more endangered than it currently is).
We believe that our ethics make us a stronger company. And part of those ethics is our firm belief in open source, especially in copyleft compliance.
Why are you making this donation to Conservancy?
As IoT and embedded devices become more and more ubiquitous in our lives, it is vital that companies supplying these devices enable the consumer by providing them with complete, corresponding source. It's not just a legal obligation, it's a smart business decision. What happens when companies stop supporting firmware upgrades for devices currently on the market? We can't afford a billion devices out there with out of date firmware and no way for communities to provide community supported upgrade solutions. The work Conservancy and others do moves us towards better compliance in the embedded space.
As well, there are personal reasons I believe in the work Conservancy does. I don't have a university degree but have been a software developer for over two decades because of the existence of open source software. I learned to program because strong copyleft existed. Were it not for the ability to get source code, to understand how things worked under the hood, there is a good chance I would never have entered this industry.
Which of Conservancy's member projects do you rely on?
So many of them! As a company that provides an embedded system we certainly make a lot of use of git, uCLibC, coreboot, BusyBox, QEMU, Samba, boost and of course the kernel. As the original author of the Yocto Autobuilder, a BuildBot based CI solution for the Yocto Project, I made heavy use of BuildBot and Twisted.
How do you see the future of software freedom?
I believe we are at a very important crossroads and that it is vital that our communities, corporations and organizations start having open and honest discussions about what the future of open source looks like and what we, as communities, value. I believe in collaboration, both in open source development and open source processes. I want to see all stakeholders around open source compliance move forward towards that goal.
Why do you think folks should open up their own wallets and become Supporters of Conservancy?
I have built a career and a company around a few billion euro software ecosystem I downloaded 20+ years ago for free! This software was started and built by people who believed that software should be free and open and it is vital that this shared value is protected, both from a moral perspective and a business one. I believe that Conservancy is one of the many organisations working towards that goal and the work they do, from Outreachy to compliance activities, enhances and enables our ability to deliver on the promise that is open source.
Goodbye To Bob Chassell
byon July 3, 2017
It's fortunately more common now in Free Software communities today to properly value contributions from non-developers. Historically, though, contributions from developers were often overvalued and contributions from others grossly undervalued. One person trailblazed as (likely) the earliest non-developer contributor to software freedom. His name was Robert J. Chassell — called Bob by his friends and colleagues. Over the weekend, our community lost Bob after a long battle with a degenerative illness.
I am one of the few of my generation in the Free Software community who had the opportunity to know Bob. He was already semi-retired in the late 1990s when I first became involved with Free Software, but he enjoyed giving talks about Free Software and occasionally worked the FSF booths at events where I had begun to volunteer in 1997. He was the first person to offer mentorship to me as I began the long road of becoming a professional software freedom activist.
I regularly credit Bob as the first Executive Director of the FSF. While he technically never held that title, he served as Treasurer for many years and was the de-facto non-technical manager at the FSF for its first decade of existence. One need only read the earliest issues of the GNU's Bulletin to see just a sampling of the plethora of contributions that Bob made to the FSF and Free Software generally.
Bob's primary forte was as a writer and he came to Free Software as a technical writer. Having focused his career on documenting software and how it worked to help users make the most of it, software freedom — the right to improve and modify not only the software, but its documentation as well — was a moral belief that he held strongly. Bob was an early member of the privileged group that now encompasses most people in industrialized society: a non-developer who sees the value in computing and the improvement it can bring to life. However, Bob's realization that users like him (and not just developers) faced detrimental impact from proprietary software remains somewhat rare, even today. Thus, Bob died in a world where he was still unique among non-developers: fighting for software freedom as an essential right for all who use computers.
Bob coined a phrase that I still love to this day. He said once that the
job that we must do as activists was “preserve, protect and promote
software freedom”. Only a skilled writer such as he could come up
with such a perfectly concise alliteration that nevertheless rolls off the
tongue without stuttering. Today, I pulled up an email I sent to Bob in
November 2006 to tell him that (when Novell made their bizarre
software-freedom-unfriendly patent deal with Microsoft)
had coopted his language in their FAQ on the matter. Bob wrote
I am not surprised. You can bet everything [we've ever come up
with] will be used against us. Bob's decade-old words are prolific
when I look at the cooption we now face daily in Free Software. I acutely
feel the loss of his insight and thoughtfulness.
One of the saddest facts about Bob's illness, Progressive Supranuclear Palsy, is that his voice was quite literally lost many years before we lost him entirely. His illness made it nearly impossible for him to speak. In the late 1990s, I had the pleasure of regularly hearing Bob's voice, when I accompanied Bob to talks and speeches at various conferences. That included the wonderful highlight of his acceptance speech of GNU's 2001 achievement award from the USENIX Association. (I lament that no recordings of any of these talks seem to be available anywhere.) Throughout the early 2000s, I would speak to Bob on the telephone at least once a month; he would offer his sage advice and mentorship in those early years of my professional software freedom career. Losing his voice in our community has been a slow-moving tragedy as his illness has progressed. This weekend, that unique voice was lost to us forever.
Bob, who was born in Bennington, VT on 22 August 1946, died in Great Barrington, MA on 30 June 2017. He is survived by his sister, Karen Ringwald, and several nieces and nephews and their families. A memorial service for Bob will take place at 11 am, July 26, 2017, at The First Congregational Church in Stockbridge, MA.
In the meantime, the best I can suggest is that anyone who would like to posthumously get to know Bob please read (what I believe was) the favorite book that he wrote, An Introduction to Programming in Emacs Lisp. Bob was a huge advocate of non-developers learning “a little bit” of programming — just enough to make their lives easier when they used computers. He used GNU Emacs from its earliest versions and I recall he was absolutely giddy to discover new features, help document them, and teach them to new users. I hope those of you that both already love and use Emacs and those who don't will take a moment to read what Bob had to teach us about his favorite program.
Parsing GitHub’s data on queer participation in FOSS communities
byon June 6, 2017
Earlier this year, GitHub conducted a broad survey of “those who use, build, and maintain open source software.” They just released the results, and for those of us who care deeply about the inclusiveness of FOSS communities, it’s a lot of sobering reading. There’s still a dearth of women participating. It also provides numbers to incidents of bad behavior, and the impacts those have on our communities.
There’s potentially one bright spot in the demographic data, though—and you get the sense the authors were happy to find it, too, since they call it out themselves. They note:
Along other dimensions [than gender], representation is stronger: 1% of respondents identify as transgender (including 9% of women…), and 7% identify as lesbian, gay, bisexual, asexual, or another minority sexual orientation.
As far as I know, this is the first attempt to broadly quantify queer participation in the FOSS community, and I’m really grateful GitHub made it. As discussions about diversity in our communities have come to the fore, I’ve been frustrated that it’s been hard to include queer identities in them, because we didn’t have basic information like whether or not we’re even underrepresented in the first place. GitHub’s results start to help us answer those questions.
I say start to help us answer them, because no one survey will ever answer them authoritatively. Before people run out to declare we’re succeeding at building queer-inclusive communities, I want to contextualize these results a little to help people better understand what they do and don’t tell us.
One limit in this data is in the audience surveyed. GitHub “collected responses from 5,500 randomly sampled respondents sourced from over 3,800 open source repositories on GitHub.com, and over 500 responses from a non-random sample of communities that work on other platforms.” This skews the audience towards relatively technical participants in FOSS communities in a couple of different ways. First, surveying people who are active on GitHub or comparable development platforms means we’re only surveying people who work directly with the tools of developing software. This survey doesn’t collect responses from people who draw and post UI mockups, e-mail in suggested revisions to documentation, or answer other users’ questions on external forums. More than anything, I would love to see a similar survey conducted with a more expansive view of who participates in FOSS.
Second, including more respondents from GitHub biases the audience toward people who are working on newer or more modernized projects. Think of all the FOSS projects that predate GitHub and still host their development elsewhere: GNU, GNOME, Firefox, LibreOffice… when you think about the applications individuals use every day, these are a lot of the most popular ones. Including 500 responses from other communities helps mitigate that, but it’s not clear that’s a representative ratio, and the fact that they were chosen non-randomly is less than ideal too (although I recognize it’s not obvious how to incorporate those responses in a way that would be both random and fair).
Another reason these results aren’t authoritative is that sexual orientation and gender identity are complex. A single question about each on a survey will never be sufficient to accurately capture the community’s full diversity. Most survey results are sensitive to how their questions are worded, and this is famously true for these sorts of questions about identity. Wikipedia’s article “Demographics of sexual orientation” provides a good primer on these issues if you want to learn more. Briefly, it matters a lot whether you ask whether the respondent identifies themselves a certain way, versus whether others would identify them that way, or whether they’ve engaged in activities that could be classified that way. Words like “gay” are also categories that were invented in the west, so people from other countries and cultures may not recognize or identify themselves with them. I think GitHub’s survey asks the two most useful yes/no questions you can ask to inform discussions about queer participation in FOSS, but there’s lots of room for other surveys to dig deeper on these topics.
None of this is to say the survey is flawed or should’ve been done differently. There are many trade-offs involved in designing a survey like this, and I think the trade-offs GitHub made are both clear and justifiable. The best way to understand where we truly stand is not to try to craft a single perfect survey, but to have many surveys with different structures. Then we can learn the most by comparing and contrasting their results. I hope more surveys follow GitHub’s lead to ask about sexual orientation and gender identity, whether they’re small projects surveying their users, large cross-community surveys like this, or anywhere in between.
All that said, the numbers in these results seem to be on the high end when compared against similar surveys of large general populations. I think the authors are right to call them out as a bright spot, and I’m personally encouraged by them too.
Let’s be optimistic for a moment and and assume these results mean that queers are at least proportionally represented in FOSS communities. Does that mean we’re queer-friendly?
Not necessarily. Just like a workplace can have both gender balance and rampant sexism—in wage gaps, in promotion choices, in who does and doesn’t get heard at meetings—our communities can have both proportional queer participation and hostility toward us. Identity policing, bi erasure, transphobia—we see these problems in spaces that are explicitly or even exclusively queer. Of course they can arise in FOSS communities too.
While we work on getting more numbers, we should also be working to defend against these problems. There are a couple of concrete things we can do.
First, we should be working to adopt strong codes of conduct in more of our communites. Any code of conduct worth its salt like Geek Feminism’s already prohibits harassment based on gender identity and sexual orientation. We should be joining this work, both out of self-interest and to help our allies who have been looking out for us in turn.
(An aside to my fellow queer men: this goes extra for us, because this is one of those times when we can wield our male privilege as a force for good. Since it’s mostly been women leading the charge for codes of conduct so far, it’s easy for opponents to try to minimize this work as women “just” advocating for themselves. Tell your community you want a code of conduct, tell them you want it for your own wellbeing, and shut down that train of thought before it even leaves the station.)
Second, us queers need to be out more in our communities, to build personal networks that can identify, discuss, and resolve these issues when they arise. This is easier said than done. Most of our interactions in the community happen on channels focused on getting work done: planning development, putting together documentation, reviewing changes. There’s rarely a good time to say “hey, I’m queer” in these spaces. It’s easy for it not to come up until the annual conference after-party.
We have to be more out than that, for the sake of new or occasional participants. When queers are considering getting involved in a project, seeing people like them already invested can help demonstrate to them that this is a place where they’re welcome. If they’re harassed, they’re more likely to report it if it’s easy to find someone they feel will understand and be receptive.
We can’t wait to come out until the big meetup. We have to be out on the mailing lists, in the chat rooms, on social media. I’m not saying you have to make a dedicated coming out thread, but try putting a sign in your avatars, e-mail signatures, or personal bios. (Personally I love to paste the rainbow flag emoji 🏳️🌈 anywhere I can get away with it, but I know that symbol doesn’t work for everyone. Here’s to more representation in future Unicode standards.) Some people may ask you not to bring “politics” or “sexuality” into the community, but being out is more fundamental than that: it’s about making sure queer people can be in the space at all. If a straight person complains that you bring up your queerness too much, that means you’re undeniably out, and that’s the goal.
How the TC Heartland decision helps free and open source software
byon May 23, 2017
Yesterday, the United States Supreme Court published a decision that is likely to make it harder for patent holders to use frivolous infringement lawsuits to extort settlement fees. In the TC Heartland LLC v. Kraft Foods Group Brands LLC case, the Court ruled that patent holders can only file suit in the jurisdiction where the alleged infringer is incorporated. Prior to TC Heartland, US patent holders had more flexibility to file suit in multiple jurisdictions, and as a result would often select seemingly unrelated jurisdictions for strategic reasons.
The Eastern District Court in Texas is, by far, the most popular venue in the United States for patent holders to file suit, due to its reputation for plaintiff-friendly judges and aggressively brisk (and, therefore, cheaper) litigation schedules. The United States federal court system has ninety four district courts, yet over a third of all patent litigations filed in the United States in the first quarter of 2017 were filed in the Eastern District. And, traditionally, the overwhelming majority of such cases filed in the Eastern District have been brought by non-practicing entities ("NPEs"; unaffectionately known as "patent trolls") — patent holders who enforce patents without being engaged in the business of selling the inventions disclosed in the patents. The media has covered the remarkable growth of a cottage industry centered around patent litigation in Marshall, Texas, the small town where the Eastern District is located. Many NPEs have built their business models around the economies of scale and efficiencies of pushing frivolous suits through this single venue. Hopefully, the fresh burden of having to file suit on a defendant's "home turf" will reduce the volume of nuisance patent litigation — and disrupt the business models that fund it.
As a public charity, Conservancy is not a traditional target for NPEs: we don't generate the kind of product-related revenue streams that NPEs typically hold for ransom in exchange for quick settlement payments. That said, we acknowledge that the threat of NPE litigation casts a shadow on the entire technology sector, including on free and open source communities. We believe that community-vetted free and open source licenses are sufficient to create a pool of explicit and/or implied patent licenses between contributors and users. But, that hasn't stopped many a nervous in-house counsel from using layers of extraneous paperwork to reduce the patent exposure they think participating in a free and open source software project may create. We hope that the TC Heartland decision sends a signal to would-be NPEs that the US judiciary will no longer be as complicit in facilitating nuisance patent litigation. We also hope that software developers and users of all types are encouraged by the decision, and are less likely to allow fear, uncertainty, and doubt around NPE patent exposure chill their participation in free and open source software communities.