Displaying posts by Karen Sandler
Linaro Connect, Volkswagen and Developer Ethics
byon September 30, 2015
Last week I had the privilege of delivering Friday's keynote address at Linaro Connect. I was so excited and pleased that I had been asked to speak about compliance there. As Linaro is a consortium for Linux kernel related initiatives on ARM, I was excited and curious as to what the conference was like and thrilled to be given the chance to talk about why copyleft and GPL compliance are so fundamental to the success of collaborative engineering initiatives like Linaro. The fact that the conference is so developer focused was a huge bonus.
One of the topics I touched on, given its newsworthiness was the situation with Volkswagen. Many people have talked about the implications of so-called dieselgate and its implications for free and open source software. In my talk I focused on another aspect of this - engineer and developer culture.
When I was in engineering school at The Cooper Union we had a mandatory course during our first year where we read the book To Engineer Is Human (which incidentally, if you buy you can sign up to support Conservancy on Amazon Smile first). The book discusses prominent engineering failures (including the dramatic Tacoma Narrows Bridge collapse “Galloping Gertie”), why they failed and how such failure is ultimately a part of successful societal engineering. In the class we talked about the culture of engineering ethics and how engineers ultimately have a special responsibility in society on behalf of the people who are impacted by the work they do.
In the recent case of Volkswagen, the failure of the company to behave ethically not only caused a negative impact on the environment and alienated VW's customer base, but also had a massively negative effect on the company's bottom line and financial outlook. How many engineers at the company felt horribly about what was happening and felt powerless to do anything about it? And in that case, the failure of Volkswagen to do the right thing was bad for the company in a number of levels.
As we see that copyleft and best security are linked (I talked about the Honeymoon Effect during the talk, and you can read my old paper on medical device safety plus many great discussions by folks like Matthew Garrett and even Bruce Schneier) and we embark upon an Internet of Things network, the ethical implications of software freedom become all the more poignant. In addition to the ethical aspects inherent in sharing code and the ethical considerations of following a license under which you received software for your use, there's an additional ethics layer in the safety implications of keeping GPL'd code closed. Because software so often interacts in complex ways (as shown in the car vulnerability demonstrations that go through the wheel maintenance system to exploit the critical ignition and brake systems), it's impossible to predict which software the next failure will be based on.
We need companies to understand that complying with the GPL isn't just good community participation or a safeguard from lawsuits - it is fundamental to their longterm financial success in a myriad of ways. Developers play a key role in that process. It's not always easy to stand up for the right thing in a corporate context. Doing so can cause reprisal in the form of some penalty. Obviously, if an engineer had been able to take action at Volkswagen, they would have saved the company a lot of embarrassment and lost revenue but without the hindsight of seeing how that situation actually played out it's likely that there was a real fear of penalty for speaking up.
Fortunately, where copylefted software is involved there are external mechanisms to help with some of these issues. Because companies must make good on providing source when they distribute, an outsider could determine that a company is not meeting its obligations. This is the main reason why having the option of participating anonymously in our coalition of developers who want to enforce the GPL is so important. In software development, coming out in favor of enforcement may not cause you any negative repercussions with your current employer but many developers rightly worry that other future employers may negatively view their participation in the coalition.
In the same vein as my ethical education in engineering school, developers should include the long term ethical considerations in their core technical analysis of what free and open source software licenses their companies should use and how they comply with it on a long term basis. While failures are terrible to have, they're essential to learn from and work towards better technical and ethical infrastructure.
Reflecting on FISL16
byon July 14, 2015
I'm back from Brazil where I attended FISL. I had the honor of presenting three talks! And they were three of my favorite topics: the importance of compliance and the suit against VMware, bringing more women to free and open source software and why I care so much about software freedom in the first place. It was a very fun conference. Besides doing the talks I was able to do a few press interviews too. And of course I loved meeting Brazilian hackers and software freedom activists.
Attendees seemed very interested in enforcement and the VMware suit. I was happy to see support for this work, and there was discussion about local copyright holders signing up to the coalition. It really seems that folks are starting to see the downsides of noncopylefted projects and are frustrated by the pervasiveness of GPL violations.
One of my favorite moments of the conference was the response to my talk about gender diversity. I admit that it's disappointing that this talk is always attended disporportionately by women. As I sometimes say in the talk itself, it doesn't make a lot of sense for the burden of this work to fall only on women. There are so few women right now in free software (1-11% at most) that it would be impossible for us to do it on any meaningful scale alone. Plus it's not fair to expect women to undertake this work on top of their other contributions to free software (many women understandably don't want to think about gender issues at all). Men can make a tremendous impact on this area. Most of our Outreachy mentors are men, and as the dominant group in free and open surce software, it's men who can fundamentally change the culture to be more welcoming to women and other underrepresented groups. Nonetheless, it was amazing that the "mob" after my talk was mostly women. It was great to meet so many women who are leaders in Latin America and to hear about their extraordinary work. I was interviewed after the talk and was askd to give some tips for women getting started in free software.
The conference had a very different feel to it than a lot of the other conferences I attend. It was a community run conference (along with that awesome community feeling, a lot of students, etc.) but it's such a big conference that it has some things that community conferences often don't have. Like GNU and Tux mascots (thanks to Deb Nicholson for the photo)!
I loved seeing schoolkids excited to be there and quite a number of really little kids with GNU and Freedo shirts and toys.
There was also a lot of love for GNOME, and it was great to meet up with people I don't get to see very often, especially since I'm missing GUADEC this year. Plus we got to settle some outstanding Linux kernel/systemd issues.
FISL is an excellect conference - a wonderful alternative to the corporate trade association conference ciruit. I hope to be able to return some time in the future. Now to get ready for OSCON next week...
byon April 20, 2015
I just have to share this picture from last week in Barcelona. It was fantastic to see Conservancy Supporters showing off their shirts and by proxy their support of Conservancy's activities. I was so happy to hear so much positive feedback on the VMWare lawsuit, filed by Christoph Hellwig. Last month, Donald Robertson got a round of applause during my LibrePlanet keynote just for wearing a Conservancy t-shirt! When we first launched the Supporter program I wrote about how impressed I was by the caliber of the intitial wave of Supporters, and as you can see from the notable folks in this picture, the trend has continued as we more than double our numbers. You can get yours by becoming a Conservancy Supporter today!
My Favorite Time to Support Charitable Nonpofits
byon April 15, 2015
Most nonprofits push for donations in December to try to cash in on the giving spirit and the end of the calendar year deadline for tax deductions. Conservancy is no exception - we launched our Supporter program at the beginning of December and promoted that as much as we could until the end of the year. Because this is on everyone's minds, there are a lot of blogposts recommending which charities you should donate to and match challenges lined up to get people excited. While the end of the year is a fine time to contribute to nonprofits, to me the best time to make donations is today. Today is Tax Day in the United States. It's the deadline that everyone scrambles against to file their taxes and hopefully, if this is you, then by the end of today you've made it !
If you got a refund, putting some of what feels like a windfall to a good cause is just the thing. It's nice not to have to worry about remembering to make donations at the end of the year. And if you wish you'd paid less in taxes, it may benefit you next year to make more charitable contributions./p>
Even if you're outside the U.S. or if you're not in a tax situation where charitable donations make a difference to you the donation will make a huge difference to your favorite nonprofits and their ability to budget, as many of them are in the first quarter of their fiscal year.
As painful as it may have been. I'm glad I'm on the FSF's High Priorities Projects Committee to push for inclusion of tax software. It's really upsetting that there's no free alternative.