2024 Fundraising matcher interview with Patrick Masson

by Daniel Takamori on December 5, 2024

We're so happy to feature our incredible matchers this year! Thanks to all of them for contributing to our largest match goal yet. Today we're talking with Patrick Masson, Executive Director of the Apereo Foundation.

SFC: Tell us a bit about yourself! Where are you from, what are some of your hobbies? Social media?

Patrick: I am currently the Executive Director of the Apereo Foundation. Apereo was established in 2012 as a non-profit organization and works to support and develop open source software for higher education. The foundation's mission is to assist academia in developing, adopting, and maintaining open source software for teaching, learning, and research. Before Apereo, I was the General Manager of the Open Source Initiative. I have also worked in higher education as a CIO of The State University of New York, Delhi, and CTO at the University of Massachusetts, Office of the President. I started my career as a Scientific Illustrator, moving from pen and ink to computer-generated imaging, thus leading to my later roles in academic computing and free and open-source software.

I live in Albany, New York, moving here from southern California (San Diego and Santa Monica) about 20 years ago. I am on Mastodon at @massonpj@fosstodon.org. I have a Twitter account, but it is dormant and redirects to Mastodon. I'm on LinkedIn but rarely participate. In addition to working at Apereo, I am an adjunct professor at The University at Albany, teaching "Open Source Princinples and Practices" in the College of Computing & Information. I also served on my local school board for four years, 2014-2018. I enjoy playing hockey and biking (slow touring, nothing serious) with my wife, Jamie. We have two sons--and despite all my tutelage and advocacy, one works for Microsoft as a software engineer developing very proprietary video games--Thanksgiving is tough ;-).

SFC: Why do you care about software freedom? How long have you been involved?

Patrick: I first discovered Free Software in the early 90s while working at UCLA. My work focused on medical and scientific visualization. Many of the tools we used from academic and research initiatives were readily shared. The idea of "software freedom" was not well established (or perhaps known to me) then. Rather, universities worked under traditional, collaborative models where peers created cohorts of practice around shared research interests and efforts. The software was just another output of research to be peer-reviewed, edited, built upon, and used by researchers as needed (That sounds like "software freedom"). While we did use software that today carries an OSI Approved License (remember this is before the OSI was founded), including Linux, NCSA HTTPd, some FTP servers, etc., most of the software was community-built, where collaboration, cooperation, and co-creation, were the drivers. No one thought about this beyond the software-specific use cases driving development at an institution or across research efforts. While not labeled as such, the ideals or ethos, practices, and benefits of software freedom took root with me then.

SFC: How do you use free software in your life?

Patrick: I use free and open source software daily and emphasize its use, from my home computing (mobile phone, laptop, and desktops) to professionally at the Apereo Foundation. Working for an organization advocating and supporting free and open source software, I feel it is essential that "we eat our own dogfood." As such, my work computer runs Linux and only FOSS tools/applications, and we strive to deploy FOSS for our business and administrative computing, e.g., Drupal for our website, CiviCRM for our constituent management, BigBlueButton for web conferencing, XWiki for our document management, etc. Truth be told, a few legacy systems are in place, but as opportunities arise to migrate, I expect to do so. How can we convince the institutions we reach out to that FOSS is a viable option if we've not also selected that option?

SFC: On the spectrum on developer to end user, where do you lie? And how do you think we could do better bridging that divide?

Patrick: Like many in our industry, "career advancement" often requires moving away from developer to administrative roles. So, while I am--and always will be--an end user personally and an advocate for free and open source software within the organizations I work with, I do not do any significant development (coding) of software these days. I suppose it could be said that my "development" efforts today are focused on developing organizations that create and maintain free and open-source software and the communities of practice that make it all possible. My efforts (building awareness, fostering adoption, and promoting contributions) include developing an authentic ecosystem beyond software communities were free and open source software--and even the ideals/ethos--can thrive throughout industries and institutoins.

SFC: Tell us about how Apereo is forwarding software freedom and about your role in the org.

Patrick: I joined Apereo just over two years ago. At the time, Apereo primarily served as a fiscal sponsor for open source software developed by academic and research institutions. As free and open source software has become operational on campuses and fundamental to research activities, Apereo is extending its role in supporting educational, administrative, and research computing through software freedom. Many campuses have opportunities through grant funders and consortia initiatives to adopt and even develop their own free and open source software. Campuses, too, rely on open source software created internally or even developed and deployed by trusted third-party service providers. In response, Apereo offers "OSPO as a Service" and "Foundation as a Service." support models where campuses can access Apereo expertise and services to manage their own internal open source software projects locally or outsource their initiatives to the Apereo Foundation. Despite the long history of the practice, especially in higher education where many free and open source projects began, software freedom is still poorly understood by many outside technology fields (i.e., faculty, researchers, administrators). Apereo is working to foster authentic engagement to realize the maximum benefits of software freedom.

Institutions of higher education have an inherent understanding and an appreciation for software freedom as it aligns with and supports academic freedom. Guiding principles include the open exchange of ideas and the pursuit of knowledge. Both prioritize transparency, collaboration, and the freedom to explore, modify, and share work without undue restrictions. In higher education, academic freedom empowers scholars to research and teach freely, fostering innovation and critical thinking. Similarly, software freedom enables developers to study, adapt, and improve code, driving technological progress and accessibility. Together, these principles create an ecosystem that values intellectual curiosity, shared learning, and the democratization of knowledge. Apereo's vision is for an academy where both flourish and mutual support creates a thriving environment for education and technology to grow together.

SFC: What's got you most excited from the past year of our work?

Patrick: FOSSY, FOSSY, FOSSY!!! While there are several activities SFC undertook this year (and has undertaken for many years, hosting several important projects, Outreachy, license protection, general advocacy etc. etc., etc.), organizing and delivering a software freedom-focused conference was for Apereo (and me personally) a highlight. It is not simply because it provides a forum for peer communities of practice to meet after such a dearth of opportunities (due to COVID, OSCON shutting down, etc.), but because the event so well aligns with Apereo's direction and strategy.

For Apereo, the event is a perfect opportunity to work with the free and open source community--projects, foundations, industry, experts, advocates--to introduce the higher education community--institutions, faculty, researchers, administrators--through shared interests and activities. Rarely do these two groups interact, and Apereo--because of FOSSY and SFC--has another touch point to facilitate greater engagement and productivity; we were thrilled to run the FOSS for Education track and are excited to submit a proposal again for the track in 2025. SFC's work to grow and mature the event is phenomenal and inspiring. I am sure FOSSY will continue to grow in size and impact, and Apereo is dedicated to supporting it as best we can through community and contributions.

SFC: What issues happened this past year that you were happy we spoke about?

Patrick: While the history and activities undertaken by SFC related to AI and LLMs extend back to 2020, the recent announcement, "Aspirational Statement on LLM-backed generative AI for Programming," was uniquely prominent for Apereo and higher education. While there are many issues related to AI, two fundamental concerns among institutions of higher education are bias and reproducibility. AI is taking higher ed by storm--if you attended the recent EDUCAUSE Annual Conference, you know what I am talking about. However, real concerns should be evident considering how and where AI "solutions" are being marketed.

A core tenet of research is reproducibility. Research reproducibility suffers significantly when AI models, particularly LLMs, and the datasets used to train them are closed-source or proprietary; transparency, black box algorithms, independent verification/validation, accessibility/equity, etc., are all issues that may impact research and hinder discovery. The same applies to administrative systems where bias, ethical concerns, and a general lack of accountability can impact student and faculty affairs.

I was also delighted to see SFC's response was "aspirational" and delivered in a tone to help and contribute.

SFC: Do you think we are doing a good job reaching a wider audience and do you see us at places you expect?

Patrick: I think SFC--like other organizations working with shared values and a common vision, like Apereo--is in a tough spot. Despite the 30 years of history, many organizations are either unaware or unengaged with free and open source software. Gone are the early days (2004-2012?) where open source was the hot topic, marketing magic, and investors' and industry's funding choice. While the adoption and dependency on FOSS are greater than ever (especially in higher education), actual support and participation by those who most rely on sustainable communities and the projects they produce are declining (disappearing?).

Reaching a wider audience is a real challenge, considering reaching the current audience- which should already be engaging- is so difficult (and frustrating). I honestly believe organizations will come to appreciate the importance of supporting the FOSS core to their business and operations, especially with growing external pressures (e.g., the Cyber Resiliency Act, Software Bill of Materials) combined with new opportunities (e.g., increased funding from granting organizations). While several new organizations are popping up--which, in my opinion, are simply chasing the latest money and buzz--those like SFC, with years of services, credibility with the community, and authenticity in practice, will emerge as fundamental resources and valuable services for organizations that choose to best leverage FOSS for their benefit and the benefit of others.

SFC: Have you been involved with any of our member projects in the past?

Patrick: While most of my involvement has been as an end-user (e.g., I have several scientific illustrations created in Inkscape and published in medical and dental textbooks and journals), I have been most active with the Teaching Open Source project run by Heidi Ellis and Greg Hislop. Considering the project's focus on using open source software and technologies to teach computer science and other disiplines, it's probably obvious why I am involved.

SFC: How do you see our role amongst the various FLOSS organizations?

Patrick: "Supporting the supporters." I rely on SFC as a resource for Apereo's foundational work, which extends Apereo's capacity and capabilities in service to our constituents in higher education. Examples include policy analysis and advocacy, copyleft compliance, the aforementioned "Statement on LLM-backed generative AI," etc. In this sense, SFC serves a similar role to the OSI, where organizations like Apereo, whose focus is "FOSS outward facing," i.e., connecting with end-users, benefit from SFC's "FOSS inward facing," i.e., connecting with FOSS organizations on broader issues impacting their constituent communities.

SFC: Do you think we do a good job standing up to the organizations with more corporate funding?

Patrick: Times are tough for FOSS foundations, and funding from all sources should be pursued. I think SFC does a good job with corporate sponsorship- everyone knows what SFC is all about, and SFC has stayed true to its mission and is authentic in its practices. I do not feel SFC has compromised its credibility or shied away from issues based on corporate support.

SFC: What other organizations are you supporting this year?

Patrick: I am committed to supporting the FOSS projects and foundations I use (rely on) personally or professionally. I consider this no different than those who pay annually for proprietary software. Both models need funding to develop software, but FOSS is a better deal for the consumer: lower TCO, funds that support development--not profits, the ability to help shape the project (features and functions), etc. It is simply a better/smarter business decision for organizations (and individuals) to pay for FOSS than proprietary software.

[permalink]

Tags: conservancy, fundraiser

OpenWrt One: manufacturing software freedom

by Denver Gingerich on December 3, 2024

Software cannot run without hardware. To have software freedom, we need hardware to run our software. Sadly, the vast majority of hardware is not built with software freedom in mind. Too often, we are beholden to the big hardware companies that sell us our laptops, phones, routers, TVs and other devices. Few manufacturers today build devices with user modifiability and longevity in mind. And it's getting worse. Hardware is becoming more and more locked down, making the need for devices that will work in our interests more and more acute.

Software Freedom Conservancy announced on Friday, in conjuction with our OpenWrt member project, that the first router designed from the ground up by the OpenWrt community is now shipping. OpenWrt developers and SFC staff have been coordinating over the past year to design and produce a hardware device that showcases the best of what OpenWrt has to offer. From the upstream-first approach, to the up-front source code availability, no stone was left unturned in ensuring the device would give people flexibility and control over the software (and hardware) that runs their network.

SFC works toward GPL compliance across the industry, so the devices running Linux out there (which now include toasters, dishwashers, fridges, and dryers, as well as laptops, phones, routers, and TVs) all comply with the copyleft terms that give you the right to modify and reinstall changes onto your device. GPL enforcement is one way we tackle this problem, but we constantly seek other approaches. In the case of OpenWrt, we have yet another example that shows the device manufacturers that haven't yet complied with the GPL (and given users the rights they are owed) how to do it right — to give people what they want and what the GPL requires.

We are very excited to watch the interesting applications you find for your OpenWrt One. We're amazed and impressed to learn some people are already running Doom and other software that just won't run on a router that you buy from one of the big name router brands. :) We think it's important for people to have the freedom to make their software work for them, to explore, and enjoy their software experience. The GPL and other copyleft licenses exist to make this possible.

The OpenWrt One is admittedly not perfect. It's sadly a prime example of hardware from recent eras that relies on a few binary component firmwares (in this case, for small parts of the wifi, 2.5 GbE port, and RAM calibration). It is difficult to construct modern hardware without a few of these binary blobs. While this reality is a travesty, we are excited that nearly all the source code for the software on the OpenWrt One is freely licensed. This ensures the maximum possible ability to repair and improve the device. We hope the device will last, and someday, since the binary parts are electronically upgradable, future users can replace the binary component firmwares as FOSS replacements become available. The design and distribution of the OpenWrt One shows that it is not only possible to distribute a device containing both copylefted and non-FOSS code, but that it is also cost-effective and straight-forward to comply with the relevant licenses, and allow users to modify and reinstall the device from source.

SFC wants to build this future of freedom for all your electronics (especially those running Linux and other GPL'd software). I work every day through private channels (and the courts, when needed) to get companies to respect your rights under the GPL. I'm ecstatic that we're now creating new hardware to show the world what is possible when we put software rights first! We're excited for everyone to join us on this journey, and encourage you to read our OpenWrt One launch announcement for more details on this first step.

We just started our annual fundraiser and we'd be thrilled if you could support us by becoming a sustainer. For a limited time, until January 15 (or $204,887 of donations), all donations will be matched, so renew or become a Sustainer today! Thanks for helping us bring software freedom (and hardware respecting it) to everyone!

[permalink]

Tags: GPL

An interview with Anna e só

by Karen Sandler on November 28, 2024

Today is Thanksgiving in the United States, and I am so grateful for all of the amazing people worldwide who are working together towards software freedom.

I am excited to share with you this video where I recently sat down with Anna e só, one of our intrepid Outreachy organizers. Anna is one of the voices I'm most excited to hear from, especially about the most important issues concerning our digital freedoms.

In the interview, we got so excited talking about Anna's experiences and thoughts that we didn't even get to topics related to diversity and inclusion. We'll have to do it again! I'm sure you'll understand from watching this discussion why I'm so thankful to work with Anna!

[permalink]

Tags: software freedom for everyone

Open Source AI Definition Erodes the Meaning of “Open Source”

by Bradley M. Kuhn on October 31, 2024

This week, the Open Source Initiative (OSI) made their new Open Source Artificial Intelligence Definition (OSAID) official with its 1.0 release. With this announcement, we have reached the moment that software freedom advocates have feared for decades: the definition of “open source” — with which OSI was entrusted — now differs in significant ways from the views of most software freedom advocates.

There has been substantial acrimony during the drafting process of OSAID, and this blog post does not summarize all the community complaints about the OSAID and its drafting process. Other bloggers and the press have covered those. The TLDR here, IMO is simply stated: the OSAID fails to require reproducibility by the public of the scientific process of building these systems, because the OSAID fails to place sufficient requirements on the licensing and public disclosure of training sets for so-called “Open Source” systems. The OSI refused to add this requirement because of a fundamental flaw in their process; they decided that “there was no point in publishing a definition that no existing AI system could currently meet”. This fundamental compromise undermined the community process, and amplified the role of stakeholders who would financially benefit from OSI's retroactive declaration that their systems are “open source”. The OSI should have refrained from publishing a definition yet, and instead labeled this document as ”recommendations” for now.

As the publication date of the OSAID approached, I could not help but remember a fascinating statement that Donald E. Knuth, one of the founders of the field of computer science, once said: [M]y role is to be on the bottom of things. … I try to digest … knowledge into a form that is accessible to people who don't have time for such study. If we wish to engage in the highly philosophical (and easily politically corruptible) task of defining what terms like “software freedom” and “open source” mean, we must learn to be on the “bottom of things”. OSI made an unforced error in this regard. While they could have humbly announced this as “recommendations” or “guidelines”, they instead formalized it as a “definition” — with equivalent authority to their OSD.

Yet, OSI itself only turned its attention to AI only recently, when they announced their “deep dive” — for which Microsoft's GitHub was OSI's “Thought Leader”. OSI has responded too rapidly to this industry ballyhoo. Their celerity of response made OSI an easy target for regulatory capture.

By comparison, the original OSD was first published in February 1999. That was at least twelve years after the widespread industry adoption of various FOSS programs (such as the GNU C Compiler and BSD). The concept was explored and discussed publicly (under the moniker “Free Software”) for decades before it was officially “defined”. The OSI announced itself as the “marketing department for Free Software” and based the OSD in large part on the independently developed Debian Free Software Guidelines (DFSG). The OSD was thus the culmination of decades of thought and consideration, and primarily developed by a third-party (Debian) — which provided a balance on OSI's authority. (Interestingly, some folks from Debian are attempting to check OSI's authority again due to the premature publication of the OSAID.)

OSI claims that they must move quickly so that they can counter the software companies from coopting the term “open source” for their own aims. But OSI failed to pursue trademark protection for “open source” in the early days, so the OSI can't stop Mark Zuckerberg and his cronies in any event from using the “open source” moniker for his Facebook and Instagram products — let alone his new Llama product. Furthermore, OSI's insistence that the definition was urgently needed and that the definition be engineered as a retrofit to apply to an existing, available system has yielded troublesome results. Simply put, OSI has a tiny sample set to examine, in 2024, of what LLM-backed generative AI systems look like. To make a final decision about the software freedom and rights implications of such a nascent field led to an automatic bias to accept the actions of first movers as legitimate. By making this definition official too soon, OSI has endorsed demonstrably bad LLM-backed generative AI systems as “open source” by definition!

OSI also disenfranchised the users and content creators in this process. FOSS activists should be engaging with the larger discussions with impacted communities of content creators about what “open source” means to them, and how they feel about incorporation of their data in the training sets into these third-party systems. The line between data and code is so easily crossed with these systems that we cannot rely on old, rote conclusions that the “data is separate and can be proprietary (or even unavailable), and yet the system remains ‘open source’”. That adage fails us when analyzing this technology, and we must take careful steps — free from the for-profit corporate interest of AI fervor — as we decide how our well-established philosophies apply to these changes.

FOSS activists err when we unilaterally dictate and define what is ethical, moral, open and Free in areas outside of software. Software rights theorists can (and should) make meaningful contributions in these other areas, but not without substantial collaboration with those creative individuals who produce the source material. Where were the painters, the novelists, the actors, the playwrights, the musicians, and the poets in the OSAID drafting process? The OSD was (of course) easier because our community is mostly programmers and developers (or folks adjacent to those fields); software creators knew best how to consider philosophical implications of pure software products. The OSI, and the folks in its leadership, definitely know software well, but I wouldn't name any of them (or myself) as great thinkers in these many areas outside software that are noticeably impacted by the promulgation of LLMs that are trained on those creative works. The Open Source community remains consistently in danger of excessive insularity, and the OSAID is an unfortunate example of how insular we can be.

Meanwhile, I have spent literally months of time over the last 30 years trying to make sure the coalition of software freedom & rights activists remained in basic congruence (at least publicly) with those (like OSI) who are oriented towards a more for-profit and corporate open source approach. Until today, I was always able to say: “I believe that anything the OSI calls ‘open source’ gives you all the rights and freedoms that you deserve”. I now cannot say that again unless/until the OSI revokes the OSAID. Unfortunately, that Rubicon may have now been permanently crossed! OSI has purposely made it politically unviable for them to revoke the OSAID. Instead, they plan only incremental updates to the OSAID. Once entities begin to rely on this definition as written, OSI will find it nearly impossible to later declare systems that were “open source” under 1.0 as no longer so (under later versions). So, we are likely stuck with OSAID's key problems forever. OSI undermines its position as a philosophical leader in Open Source as long as OSAID 1.0 stands as a formal defintion.

I truly don't know for sure (yet) if the only way to respect user rights in an LLM-backed generative AI system is to only use training sets that are publicly available and licensed under Free Software licenses. I do believe that's the ideal and preferred form for modification of those systems. Nevertheless, a generally useful technical system that is built by collapsing data (in essence, via highly lossy compression) into a table of floating point numbers is philosophically much more complicated than binary software and its Corresponding Source. So, having studied the issue myself, I believe the Socratic Epiphany currently applies. Perhaps there is an acceptable spot for compromise regarding the issues of training set licensing, availability and similar reproducibility issues. My instincts, after 25 years as a software rights philosopher, lead me to believe that it will take at least a decade for our best minds to find a reasonable answer on where the bright line is of acceptable behavior with regard to these AI systems. While OSI claims their OSAID is humble, I beg to differ. The humble act now is to admit that it was just too soon to publish a “definition” and rebrand these the OSAID 1.0 as “current recommendations”. That might not grab as many headlines or raise as much money as the OSAID did, but it's the moral and ethical way out of this bad situation.

Finally, rather than merely be a pundit on this matter, I am instead today putting myself forward to try to be part of the solution. I plan to run for the OSI Board of Directors at the next elections on a single-issue platform: I will work arduously for my entire term to see the OSAID repealed, and republished not as a definition, but merely recommendations, and to also issue a statement that OSI published the definition sooner than was appropriate. I'll write further about the matter as the next OSI Board election approaches. I also call on other software rights activists to run with me on a similar platform; the OSI has myriad seats that are elected by different constituents, so there is opportunity to run as a ticket on this issue. (Please contact me privately if you'd like to be involved with this ticket at the next OSI Board election. Note, though, that election results are not actually binding, as OSI's by-laws allow the current Board to reject results of the elections.)

[permalink]

Tags: licensing