![[RSS]](/static/img/feed-icon-14x14.2168a573d0d4.png){kind=icon}
Conservancy BlogDisplaying posts
tagged conservancy
by on December 27, 2021
This fundraising season we were incredibly fortunate to be supported by so many individuals. In addition to our large anonymous donors, we had a few people contribute to bump up the number. One of donors was a board member, Mark Galassi, who runs The Institute for Computing in Research. We asked him a few questions about free software and his passion and motivations for interdisciplinary research.
Software Freedom Conservancy: “Why do you care about software freedom?”
Mark Galassi: “I started working on developing software for others to use in 1984. At that time my brother and some friends of ours worked to develop a public access UNIX system so that people who were not in a university or big company could have the joy of doing advanced computing.
Soon after a fellow student at Reed College pointed me to the birth of the free software movement, and its goal and principle perfectly matched what I thought was important for the world.
A robust idea can last a long time, and more than 35 years later I feel that just as strongly.”
SFC: “What is it that you see Software Freedom Conservancy does that other groups are not?”
MG: “Conservancy is firmly focused on the importance of software freedom, while at the same time carrying out practical steps to allow it to flourish. It also expands and adapts its role as new areas become relevant to software freedom, as the embracing of Outreachy and the Institute for Computing in Research have shown.
I'm not sure if I would say that other organizations are not doing important things: we benefit from other orgs in various ways. But combining stewardship and principle and adaptation is hard work, and I think that only Conservancy takes it on in full.”
SFC: “How do you see our role amongst the various FOSS organizations?”
MG: “I think that Conservancy should lead other FOSS organizations in a few ways. At least:
SFC: “Do you think we do a good job standing up to the organizations with more corporate funding?”
MG: “Yes. The current action against Vizio's violations renews that clarity.”
SFC: “What's got you most excited from the past year of our work?”
MG: “I am particularly excited by Conservancy's picking up of the Institute for Computing in Research (2021 was our first full year as part of Conservancy). This addition of a focus on free software in the academic world will be important: the free software movement was born in the research and university world, and I believe that academic research should be the steady keel of the free software movement.”
SFC: “Have you been involved with any of our member projects in the past?”
MG: “Yes: I have used many of Conservancy's member projects over the years, and I am co-founder of the Institute for Computing in Research.”
SFC: “What other (non-tech) organizations are you supporting this year?”
MG: “I donate a bit to my college, and I donate to Planned Parenthood, but Conservancy and the Institute are where I donated the most this year.”
SFC: “Why did you start the Institute for Computing in Research? How did you wind up teaching kids these important skills?”
MG: “I have loved my career so much that it seems impossible.
Here is how that happened:
I entered the world of physics just at the time when computing was becoming a key part of research (since then this has extended to all other academic areas). The free software movement was born at the same time. Being a free software developer, I was in a position to promote the use of FOSS in research, and to really love the research work because I did not have to use proprietary software.
When you love something so much, you want to pass on the recipe that makes it work so well -- in my case that has been the use of advanced software development based on free software, applied to academic research.”
SFC: “As the chair of Software Freedom Conservancy's board, what unique place do you think we have in the field of FLOSS organizations?”
MG: “I enjoy serving on the board, and my fellow board members are a cross-section of all that is amazing in the world of research and development.
But more than us, I think that our staff has the real angle on what's important: in many ways they teach us what is happening and what should happen in the world. So maybe one of the coordinates of our "unique place" is that Karen and Bradley have created a staff of world class thought leaders who also do detailed practical work.”
SFC: “You are a strong proponent of interdisciplinary research, what avenues do you think free software has to help promote both academic and civil freedom?”
MG: “Ahhh, the academic side is an easy one: research software can only be free software, for all the reasons that makes science honest. This is already mostly true, but we need to go the rest of the way.
You also ask about civil freedom. What is also quite clear to me is that corporate control and vendor lock-in are real problems in any society. They are the cause of a good amount of economic and cultural alienation. Most of this lock-in is in software, and software freedom is our strongest tool against that.”
SFC: “Given your academic background, what are your thoughts on projects like Reproducible Builds and the effects it might have on reproducibility in the academic community?”
MG: “Reproducible builds is one of the coolest projects we have in Conservancy - both its fundamental idea, and the impressive intelligence of the people working on it. Much of its motivation comes from the security angle, but a sign of a deep project is that other important angles naturally come up. In my case, for example, I talk to members of the project regularly to get advice on how to improve reproducibility in research software. They also help me think about how to frame those issues.”
by on November 30, 2021
Yesterday, we received from Vizio their first official response in our pending litigation against Vizio for their copyleft license violations. So, what was their response?
Did Vizio release the source code — as the GPL and LGPL require — for the modified versions of Linux, alsa-utils, GNU bash, GNU awk, BusyBox, dmesg, findutils, dmsetup, GNU tar, mount and selinux found in their TV’s firmwares? No.
Did Vizio propose a CCS candidate for us to review, provide them with additional feedback, so that we could help them get consumers who bought their TVs the source code they deserve? Nope.
Did Vizio argue that we had erred, and in fact, none of those programs we list above appear in their firmware? Not that either. (Unlikely though — after all, they surely know those programs are in their firmware!)
Instead, Vizio filed a request to “remove” the case from California State Court (into US federal court), which indicates Vizio's belief that consumers have no third-party beneficiary rights under copyleft! In other words, Vizio’s answer to this complaint is not to comply with the copyleft licenses, but instead imply that Software Freedom Conservancy — and all other purchasers of the devices who might want to assert their right under GPL and LGPL to complete, corresponding source — have no right to even ask for that source code.
That’s right: Vizio’s filing implies that only copyright holders, and no one else, have a right to ask for source code under the GPL and LGPL. While we expected Vizio held this position (since they ultimately ignored us during our discussions with them in years past), Vizio has gone a disturbing step further and asked the federal United States District Court for the Central District of California to agree to the idea that not only do you as a consumer have no right to ask for source code, but that Californians have no right to even ask their state courts to consider the question!
Vizio’s strategy is to deny consumers their rights under copyleft licenses, and we intend to fight back.
We believe in complete transparency of the copyleft compliance process, and so encourage everyone to read the filings. We’ve even paid the Pacer fees and used the Recap browser plugin, so that all the documents in the case are freely available via the Recap project archives.
Software Freedom Conservancy’s annual fundraiser is happening right now! Please help us continue our work by becoming a Sustainer. Donate now and have your donation matched by a group of generous individuals who care deeply about software freedom.
by on October 21, 2021
In 2002, we used phrases like “Web 2.0” and “AJAX” to describe the revolution that was happening in web technology for average consumers. This was just before names like Twitter and Facebook became famous worldwide. Web 2.0 was the groundwork infrastructure of the “social media” to come.
As software policy folks, my colleagues and I knew that these technologies were catalysts for change. Software applications, traditionally purchased on media and installed explicitly, were now implicitly installed through web browsers — delivered automatically, or even sometimes run on the user's behalf on someone else's computer. As copyleft activists specifically, we knew that copyleft licensing would have to adjust, too.
In late 2001, I sat and read and reread section 2(c) of the GPLv2. After much thought, I saw how it could be adapted, using the geeky computer science concept called a quine — a program that has a feature to print its own source code for the user. A similar section to GPLv2§2(c) could be written that would assure that every user of a copylefted program on the Internet would be guaranteed the rights and freedoms to copy, modify, redistribute and/or reinstall their software — which was done by offering a source-code provision feature to every user on the network. The key concept behind the Affero GPL (AGPL) version 1 was born. Others drafted and released AGPLv1 based on my idea. Five years later, I was proudly in the “room where it happened” when Affero GPL version 3 was drafted. Some of the words in that section are ones I suggested.
We were imagining a lot about the future in those days; the task of copyleft licensing drafting requires trying to foresee how others might attempt to curtail the software rights and freedoms of others. Predicting the future is difficult and error-prone. Today, a piece of Affero GPLv3's future came to pass that I would not have predicted back in November 2007 at its release.
I invented that network source code disclosure provision of the AGPL — the copyleft license later applied to the Mastodon software — in 2002 in light of that very problem: parties who don't share our values might use (or even contribute to) software written by the FOSS community. The license purposefully treats everyone equally (even people we don't like or agree with), but they must operate under the same rules of the copyleft licenses that apply to everyone else.
Today, we saw the Trump Media and Technology Group ignoring those important rules — which were designed for the social good. Once caught in the act, Trump's Group scrambled and took the site down.
Early evidence strongly supports that Trump's Group publicly launched a so-called “test site” of their “Truth Social” product, based on the AGPLv3'd Mastodon software platform. Many users were able to create accounts and use it — briefly. However, when you put any site on the Internet licensed under AGPLv3, the AGPLv3 requires that you provide (to every user) an opportunity to receive the entire Corresponding Source for the website based on that code. These early users did not receive that source code, and Trump's Group is currently ignoring their very public requests for it. To comply with this important FOSS license, Trump's Group needs to immediately make that Corresponding Source available to all who used the site today while it was live. If they fail to do this within 30 days, their rights and permissions in the software are automatically and permanently terminated. That's how AGPLv3's cure provision works — no exceptions — even if you're a real estate mogul, reality television star, or even a former POTUS.
I and my colleagues at Software Freedom Conservancy are experts at investigating non-compliance with copyleft license and enforcing those licenses once we confirm the violations. We will be following this issue very closely and insisting that Trump's Group give the Corresponding Source to all who use the site.
Finally, it's worth noting that we could find no evidence that someone illegally broke into the website. All the evidence available on the Internet (as of 2021-10-22) indicates that the site was simply deployed live early as a test, and without proper configuration (such as pre-reserving some account names). Once discovered, people merely used the site legitimately to register accounts and use its features.
Update (2021-10-22): Some have asked us how this situation relates to our Principles of Community-Oriented GPL Enforcement, since we are publicly analyzing a copyleft violation publicly. Historically, we did similarly with the Canonical, Ltd., Cambium, Ubiquiti, and Tesla (twice!) violations. We do believe that “confidentiality can increase receptiveness and responsiveness”, but once a story is already made widely known to the public by a third-party, confidentiality is no longer possible, since the public already knows the details. At that moment, the need to educate the public supersedes any value in non-disclosure.
by on October 15, 2021
Like many small organization that are overloaded with work, it's hard to make the time to conduct a proper hiring process, and no one on staff is dedicated to making sure the process goes smoothly. Because it is very important to our organizational values to make sure that our hiring is fair and also that we wind up with the best person for the job, we were very careful in how we designed our search.
We finished our last hiring a few months ago. I'm proud of the way we handled the process, and I think it resulted in the best hire possible for the position. As I describe the process below, you can see how we worked to respect our applicants, interview while minimizing bias, and select for skills that were essential for the actual work to be covered by the open position. (There's a TL;DR summary at the end! Perhaps the most interesting part is that we paid people who made it to the final round to respect their time and to defray their costs of participating,)
A neutral and realistic job posting
We thought hard about our job posting, including a detailed description of the role. We were clear that we were open to hiring from a variety of backgrounds and were willing to train less experienced candidates. We worked to eliminate any gendered language or anything that we thought would create heightened requirements for the job, which can reinforce bias in the process. Finally, we were open to feedback, and when folks suggested that we include a narrow salary range to bring transparency and lower stress for our applicants, we added that too.
You can see the job posting we just put up for an Outreachy related position where we once again are following these principles.
Happily, for the position that we already hired for, we received around 40 really solid applications for the position - a really high number for an organization like ours, especially since we only advertised the position in limited ways.
Initial screen by volunteer directorsAfter a very quick review of resumes to weed out the few applications that were spammers or otherwise not really targeted to our organization, we scheduled 15 minute screening interviews with two of our volunteer directors. We wanted to make sure that we added a layer of independent review that would otherwise be impossible in a small org like ours.
In order to make sure that we were comparing apples to apples, and giving everyone the same chance at success, the directors were given a set list of questions to ask. Because the role was about advocacy and communications, most of the questions were connected to explaining what software freedom is, and how the applicant became interested in it. The directors were also given a rubric to grade the interviews, both question by question and overall. The directors put their grades and thoughts about each candidate (along with any red flags) in spreadsheets so that we'd be able to access the information easily later. Spelling out what questions will be asked and how the responses willl be graded helps to eliminate bias that can come from an an interviewer and interviewee that "click" in ways that might be related to their background or shared experiences.
Anonymous exercise
After the screening interviews, the bulk of the applicants were asked to participate in an anonymous exercise. The goal of having an anonymous exercise is to overcome any biases we might have for or against particular candidates. Each applicant was assigned a random string, and they were instructed not to put any personal identifying information in their answers.
We designed the exercise to reflect actual tasks we'd expect the new employee to take on, while providing some opportunities to brainstorm some big picture topics that could come up in the position. Writing emails to our organization's Supporters and member projects are key components of the job, so we created short hypothetical situations (that encompassed typical problems we need to address) and asked the applicants to write mock email responses. Because the role also has a public press and event organizing component, we asked applicants to write the beginning of a website news item and tell us a few things they thought were essential to run a successful in person event.
To respect our applicants time, we kept the exercise bounded. We expected it to take an hour or less, and asked the applicants send us their responses after an hour and a half, explicitly adding a little bit of extra time in case they were interrupted during the process. We also scheduled the exercises at the convenience of the applicant at any time during normal east coast business hours, since being able to coordinate with staff in the US was an important part of the role. We offered flexibility for applicants who could not make time during the workday during their existing role or had other obligations they needed to schedule around.
Conservancy staffers graded the responses on an anonymous basis, scoring each exercise. When this was completed, the graders met to compare their results. At this point, there were five applicants whose exercises stood out from the group. We de-anonymized them and cross referenced them to make sure that their screening interview scores were also strong and all of them moved to the next round.
At this point, I should note that I was surprised by the results. Long-time software freedom activists, whose work we know and respect, wound up not making it to our final group, whereas our final applicants included people who were new to software freedom, had never been in a communications role or who we simply hadn't met before. This final group consisted of people who showed the skill sets most likely to succeed in the position, not people who were already part of our network.
Because the exercise was anonymous, it was also easier to explain to the other applicants why we weren't advancing them to the next round, and I think (hope!) that it made it easier to preserve our relationships with the applicants who are truly excellent advocates for software freedom in a variety of other contexts.
Paying the finalists
Because we are a small organization, adding another employee is a big deal. We knew that to do this job right we were going to need to take some time talking to them to figure out if they were the right fit for the role. We also know that not everybody does their best when put on the spot in an interview, and wanted to make sure that we allowed people the chance to know what we'd be asking and to prepare if they wanted to. We didn't want to take our applicants' time for granted, even though we are a small publicly supported organization.
Because of this, we decided to pay each our five finalists $500 to proceed with the rest of the interview. While $500 is not a huge amount, we thought it was a nice amount for a charitable organization to give to an applicant who would dedicate some time and thought to our hiring process, which would cover strategic thinking about our organization's mission and operations in our communications and other related areas.
Again, we used the same questions with all candidates, and we provided them in advance of the interview, offering the applicants the option of providing written answers or just discussing them on the spot, whichever they were most comfortable with. We were trying to avoid a gamification of the interview process, while still getting insight into the thought process of the applicants. These questions included difficult ones about the software freedom community and also about Software Freedom Conservancy. Now that we knew these candidates were very strong in their ability to write quick emails and website copy, the idea was to bring some of the most strategic problems that we'd be looking to include the new employee in tackling.
Conducting final interviews
This step looked like a more traditional interview. Bradley and I scheduled video chats with the remaining candidates. We first had the applicants tell us their answers to the questions we had sent in advance and used those as a jumping off point for relevant conversation.
While all five candidates were strong in these interviews, three candidates had a mix of skill sets that seemed like the best fit for the role. For these three candidates, we scheduled an interview with Conservancy's staff in its entirety. Again, with a small organization, the addition of another person is a huge chance in organizational dynamics. Feedback from all employees was essential to making this decision.
Choosing the final candidate
In the end, going through the interview process and learning more about the job convinced one of the final three candidates that they were not really interested the role we were hiring for, which they understood much better through our hiring process. It was a tough choice between the two remaining candidates, but we were able to have confidence in Pono as our choice due to feedback from staff, the comparisons made possible by asking the candidates the same questions and the grading from the previous two rounds. If we'd had the budget, we would have hired all three of these final candidates.
Feedback on the process
Each of the finalists were surprised that we were willing to pay them for their time. For some of the applicants, being paid to participate gave them the flexibility to devote more time to their interview preparation. We were happy we were able to show our appreciation for the impressive applicants who were willing to give us so much of their time.
We also got positive feedback on the anonymized exercise. Because the exercise gave insight into how some of the every-day work in the position would look, it made it easier for some of the candidates to decide if they wanted to actually work in that role. In addition to the benefit I mentioned above about the anonymization making it easier to explain who would advance to the next round, some applicants indicated that making it to the final round via an anonymous exercise gave them confidence that they were qualified for the position.
TL;DR
For future hiring, we'll be looking to bring the same concepts to the process. Namely:
Many thanks to all of Conservancy's staff who helped us with this process (Rosanne Dimesio, Bradley Kuhn, Sage Sharp, Brett Smith), and to Deb Nicholson who helped bring some of these concepts to our previous hiring process.
Outreachy is hiring for a community manager position and using some of the strategies listed above. If you or someone you know if interested in applying for the community manager position, check out the post here.
Next page (older) » « Previous page (newer)
1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52