Sunil Mohan Adapa’s Blog

Users’ privacy is being attacked vigorously by online services and entities with malicious intent. More and more of browser functionality which people thought was harmless is turning into a privacy threat for the users. Unwelcome technologies like Flash introduce more problems. Browsers don’t address these for various reasons such as loosing existing functionality, compatibility and difficulty in arriving at solutions. Over time, I have been doing some changes to the way I browse the Internet that makes me less prone to these problems even at the cost of losing some functionality, a price I am willing to pay gladly.

I knew about the CSS history attack which can be used by a website to determine which sites I have visited earlier. I just came to know that there are successful attacks using this vulnerability that can be used to reveal my identity on the web. So, in Firefox I disabled colouring the visited links with a different colour although this feature is a bit useful when doing web searches. For this, I set the an advanced preference called ‘layout.css.visited_links_enabled’ to ‘false’ in Firefox’s advanced preferences page. This page can be see by typing ‘about:config‘ in the address bar.

Then, in that advanced preferences page, I also disabled sending of the referrer header by setting the preference network.http.sendRefererHeader to ‘0′. Referrer header tells websites where you have come from. This is sometimes useful when sites highlight the Google search keywords on the page I am visiting. However, it has great potential of abuse.

I installed a Firefox add-on called Redirect Cleaner. This add-on prevents sites like Google from knowing which link you have clicked in the results page. Google tracks your visits to other sites by crafting a special website address which will take you to Google first and then to the actual website. When you visit first page, Google records what site you are going to visit. Removing the two step process and directly visiting the intended page also means that loading will be slightly faster.

Talking about Google, it has been quite some time I stopped using Google for search and started using a meta search engine called Ixquick which respects users’ privacy. Although at times I find the quality of search results to be a bit lower than that of Google’s, I am quite content with the results. I’ve installed Ixquick into Firefox searchbox with the Mycroft page. Also, I am using secure connection via SSL, even for search.

Flash is bad for the future of the Internet as it is not a openly developed standard and its fate is controlled by a single corporation. Flash websites are also very annoying and suffer many problems. More annoying and danger to privacy are the Flash ads on regular websites. I hardly ever require Flash. So, I installed the Flash Block add-on which makes sure Flash content is not loaded by default on a page. In a very rare situation where I want to use see a site or video in Flash, I simply click on the Flash Block’s icon and to start running Flash. This process make me highly immune to Flash cookies which are used by advertisers to track me.

I also use a fairly non-informative user-agent string by installing the User Agent Switcher Firefox add-on. I also sometimes use a user-agent string belonging to some search bot so that sites serve me data which they would not otherwise serve unless I registered an account with them.

Finally, I am considering using the NoScript Firefox add-on to prevent javascript and cookies wherever not needed.

I am participating in foss.in along with Prasad who spoke about contributing to Spicebird. I was disgusted when along with the delegate kit, I was given a CDROM containing proprietary software from VMware.

Organisers, perhaps, are doing that because VMware is a silver sponsor. They are, in effect, trapping people into proprietary software. I have come to think that the organisers don’t give a rat’s ass about Free Software philosophy or at least the spirit of open source development communities. This is what happens when people get involved for petty/wrong reasons.

I returned the CDROM at the delegate kit distribution desk as soon as I found it in the kit. I even got some objection from across the desk when i was doing that. Next time, however, I will mostly certainly refuse Foss.in itself.

Update: If you happened to visit the VMware stall and give your contact details out of courtesy, you will also receive a recruitment offer from VMware. So, now, FOSS developers have cool venue to turn into proprietary software developers.

There is an article at law.com titled “Open Source Software Shows Its Muscle”. It has been quite some time I have seen a close to 100% pure FUD article. So, I decided to write something in reply.

1) “a round of lawsuits filed by the Software Freedom Law Center (SFLC) against for-profit companies using the software for commercial gain”

This shows that the author either has no understanding of Free Software principles or is maliciously trying to portray a bad image. Free Software community or Software Freedom Law Center has never objected or disliked companies for being for-profit. There are many for-profit companies that are considered a integral part for Free Software ecosystem.

2) The article is written to sound as if the “muscle-flexing” is recent activity. Free Software Foundation (FSF) and SFLC have been fighting GPL violations for a long time.

3) “For-profit companies using open source software should take notice and understand the risks.”

3.1 – The author fails to notice that using any software has risks in this exact sense. Every software (except one’s in public domain) come with a license agreement from the copyright holder and violation of copyright agreement is always a “risk”.

3.2 – The companies that SFLC has filed cases against are not companies that have simply “used” Free Software but built proprietary software with code from Free Software projects violating the terms GPL.

4) “The new lesson is that the freedom belongs to the software, not to users.”

If you read the GPL it will be very clear that GPL is trying to protect the freedom of the users of the software from companies that abuse it to turn Free Software into proprietary software. Whenever the companies take Free Software and turn them proprietary, like the companies in question did, the freedom of the users for software is hurt. This is despite the intention of the original author of the Free Software that his/her software users should receive all the freedoms that he granted. It also against his will that no one who wishes to deny this freedom to other users shall build software using his/her Free Software.

The newly added clauses in GPL v3 against patents, tivoization etc. clearly protect the freedom of the end user to use the software. Not to mention the additional advantage that many for-profit companies that “use” Free Software would get from these clauses.

5) “You are not free to do whatever you want with the open source software and may find yourself in a legal fight if what you do restricts the freedom of the software.”

With GPL, the user is free to do anything also long as he does not deny the same freedom to other users. Which I believe is completely fair.

6) “Any activity that leverages software for business advantage is likely to restrict the software’s freedom”

A company simply “using” Free Software for business activity is in no way restricting freedom. Further, there are many companies to prove that businesses can be built around developing Free Software without restricting users’ freedom.

7) “and the growing use of open source software by for-profit companies has been a growing irritant for free software advocates”

This is a baseless accusation. The community has been cheering the steady raise in the use of Free Software.

The rest of the article contains lot more FUD, but I feel its too pointless to continue.

Update: I meant accusation not acquisition.

So, I decided to move out of Gmail. I am not moving to Yahoo or any other commercial-they-own-your-data company. We’ve had our own server space for some time now at medhas.org. I simply installed RoundCube on my server in about 20 minutes and configured it to use my hosting provider given mailbox. I will slowly move all my mails to this account (thanks to Google for letting me to that). I shall be asking people to use sunil or bunny at medhas dot org now and not sunilmohan at gmail dot com.

RoundCube offers only basic stuff and is still very much in development. However:

1. Its Free Software and I know what it is doing with my mails.
2. I own my mails and all my data, truely. No evil entity or its AI machines are invading my privacy.
3. No ads on my face when I look at my own content.
4. Nobody is going to automatically subscribe and log me into new services that I don’t want/like.
5. I know php well enough to add my own features to it and I am indeed planning to contribute to the project if I find time.

Like many others, I’ve noticed a lot of things over the past few months of Google doing that are definitely evil. Here is the latest one:

Libraries Shun Deals to Place Books on Web (The New York Times)

Saying that the deals are not exclusive is not an excuse to what they are trying to do. They will take the works for millions of people for free and use it for their commercial advantage and not allow everyone to freely have it. For God’s sake, those are public domain books. I see two ways now

1. Say No Thank You to Google and a few years (even if it is 10 or 20) years down the line projects like Gutenberg will eventually do the task with volunteer support. We waited more than 80 years for them, I am sure we can wait more.
2. Hand over those books forever to the commerical advantage of a single (or a few) company in exchange for immediate access to digital content.