Free Software Leftovers

posted by Roy Schestowitz on Jan 26, 2023

• EU’s proposed CE mark for software could have dire impact on open source

  The draft legislation includes an impact assessment that says “for software developers and hardware manufacturers, it will increase the direct compliance costs for new cybersecurity requirements, conformity assessment, documentation and reporting obligations.” This extra cost is part of a total cost of compliance, including the burden on businesses and public authorities, estimated at EUR 29 billion ($31.54 billion), and consequent higher prices for consumers. However, the legislators foresee a cost reduction from security incidents estimated at EUR 180 to 290 billion annually.

  The question is though: how can free software developers afford the cost of compliance, when lack of funding is already a critical issue for many projects? Mike Milinkovich, director of the Eclipse Foundation, said it is “deeply concerned that the CRA could fundamentally alter the social contract which underpins the entire open source ecosystem: open source software provided for free, for any purpose, which can be modified and further distributed for free, but without warranty or liability to the authors, contributors, or open source distributors. Legally altering this arrangement through legislation can reasonably be expected to cause unintended consequences to the innovation economy in Europe.”

• Everyone, learn how to code

  Learning the basics of how code works and how to code simple things is all I’m asking; as you point out, the difference between knowing how it’s constructed vs having the time, resources, skill level to do everything from scratch always.

• Inside ShmooCon 2023: The wacky, the weird and, of course, the cybers

  From hallway debates over what’s working in cybersecurity to idiosyncratic displays of oddball humor — such as eating Batman cereal from 1989 — the annual hacker conference ShmooCon has been attracting an eclectic mix of techies, academics, lawyers and policy researchers since 2005. This year was no different. More than 1,600 people gathered at the Washington Hilton in D.C. to see old friends, make new ones, and, of course, talk infosec. “This isn’t just about professional growth, it’s networking, it’s a time to be with friends and fellowship,” said ShmooCon co-founder Bruce Potter. Here are five big takeaways from this year’s conference: [...]

• New Alpha Release: Tor Browser 12.5a2 (Android, Windows, macOS, Linux)

  Tor Browser 12.5a2 is now available from the Tor Browser download page and also from our distribution directory.

  This release updates Firefox on Android, Windows, macOS, and Linux to 102.7.0esr. It includes important security updates to Firefox and GeckoView. There were no Android-specific security updates to backport from the Firefox 109 release.

• Thank you and a very warm welcome to our new members

  January 20, 2023 marked the end of our most recent fundraising campaign and associate member drive. We are proud to add 330 new associate members to our organization, and we have immense appreciation for the community that helped us get there. Please help us share our appreciation.

  We may have not reached our ambitious goal of welcoming 455 new associate members to the FSF, but we'd rather fail at meeting high expectations than aim too low from the outset. In the end, hundreds of new members signed up for the first time, and even more renewed. We were humbled throughout this fundraiser to see that, despite not making our goal, support for us this year has been immense. We want to express our appreciation to all of you, the contributors and supporters, who helped us raise more than $400,000 during this year-end fundraiser campaign. Those who donated $500 or more and give their permission can be publicly acknowledged in the monthly newsletter, the Free Software Supporter, as well as on our social media channels. Look for such donors via the hashtag #ThankGNU.