Planet OFSET

To content | To menu | To search

Monday, October 10 2011

Consumers Don't Own Computers "Designed for Windows 8", and They Go to Landfills Earlier (Side Effects of "Trusted Computing")

Some computer manufacturers will force you
to "trust" Windows 8 only, disallowing you to
do usb-booting or cdrom-booting of other operating systems Microsoft Windows 8 alpha is released and downloadable. But no, I am not recommending it. Nor am I denouncing it in favor of GNU/Linux (well, not in this article anyway). What you should be aware of and concerned about as a consumer is those machines labeled as "Designed for Windows 8". Much more so if you care about the environmental and humanitarian problems caused by e-wastes, for these machines do end up much earlier as e-wastes than the ordinary machines manufactured now.

Machines labeled as "Designed for Windows 8" have to support UEFI。 UEFI is said to have many nice features, which I am not knowledgeable about and will not discuss. But I can assure you that one of those features is a downright hoax, scam, and lie. The "secure boot" feature in UEFI is claimed to make your computer more secure by disallowing intrusions from untrusted sources. This and certain other features in UEFI are important elements of Trusted Computing, a mechanism advocated by Microsoft and other big IT companies. The claim is that booting a computer from an untrusted source (such as a tux usb key which has applications in tourism, education, environment preservation, LOHAS, and ethics) is a security threat and should be avoided.

There is just one tiny problem: it's not you, the consumer, who gets to decide who is to trust. The propaganda claims that the consumers are too dumb (well, ok, actually phrased in a much more polite way.) to make their own decisions about whom to trust. ("Microsoft or Chao-Kuei?") Software booting from an untrusted source may contain rootkit, for example, which would gain absolute control of your computer. The real, unsaid intention, however, is to prevent consumers from using alternative players and readers on alternative operating systems to circumvent the human-right infringing and infamous Digital Rights Management. If the big IT companies let you decide whom to trust, then they cannot trust you as a DRM-abiding consumer. With the secure booting mechanism in UEFI, the IT companies finally can trust that you will not be able to ask your computer to do what is best in your interest, for example exercising your fair use right and other rights requested in the digital consumer bill of right.

Ironically, history shows that one of the most famous rootkit invasions was not performed by individual bloggers and GNU/Linux lovers like me who have to build reader trust by behaving well and telling truth, but rather by big companies who can repeatedly abuse consumers and yet successfully keep them buying. In 2005, Sony BMG invaded consumer computers. The lovely music CD that consumers buy play nicely in CD players or DVD players. But it hijacks your Windows if you play it on a Windows computer. This creepy behavior was exposed on the Internet and caused protests. Sony BMG's Global Digital Business President responded, "Most people, I think, don't even know what a rootkit is, so why should they care about it?" But the most interesting part is the reactions of Microsoft and Anti-virus companies. What would you do if you were Microsoft and if Sony invaded your customers' computer? I would definitely provide security update and then also advise against buying these CD's or even sue Sony, depending on how nice I wanted to be with Sony. But Microsoft did nothing for several months. Nor did most big-name anti-virus companies. These are the companies who take your money, vouch to "make your computer more secure", and assure you that you can "trust" them.

Even more ironical is the ensuing fairuse4wm event in 2006, in which Microsoft behaved exactly the opposite. The newly upgraded windows media player employed DRM measures and suddenly deprived users of their backup right. Someone with the ID of viodentia wrote and shared on the Internet a piece of software called fairuse4wm to restore the users fair use rights. This time Microsoft swiftly produced "security updates" to disable fairuse4wm within 10 days. Viodentia updated fairuse4wm to circumvent Microsoft's updates, and Microsoft produced further security updates to disable it, ... and so on. Whom do Microsoft's "security updates" serve and which of viodentia and Microsoft is more trust-worthy?

From DRM to Trusted Computing to DMCA anti-circumvention History has shown that some of the big IT companies unitedly decided not to trust you. So who would you, consumer, trust? Oh, I am sorry. I should not address this question to you, for it is not you who get to choose whom to trust. I should ask computer manufacturers who enforce trusted computing for you. And for sure we all know that Microsoft is the only party for any consumer to place trust in -- according to the manufacturers. "We decide for you whom to trust." That's the real meaning of trusted computing. And the "secure boot" feature of UEFI, which is "Designed for Windows 8", is one of its pieces. To learn more about trusted computing, you can read the EFF article. My article "DRM and Other Forces Overriding the Three Laws of Robotics" ( English, French, Spanish), my paper "1984 in the Making: Stealthy Invasion of Consumer Rights and Privacy by ICT Corporations" and my novelette in Chinese explain the relationship among DRM, Trusted Computing, and DMCA. It's also summarized in the picture to the right. Search for "windows 8 linux" for recent controversy about Microsoft enforcing UEFI on manufacturers.

To be more precise, it is not true that secure boot precludes other operating systems in principle. If the hardware manufacturer is willing to certify some minor OS, this lucky minor OS can also boot from a "designed for windows 8" computer. Still, the decision is for the hardware manufacture, not you, to make. Finally, some manufacturers may decide to allow the buyers to optionally disable the secure boot feature of UEFI. It is this last category of future computers that we will recommend everyone to buy -- not only because you would want to be a wise consumer but also because it prevents worsening of the environmental and humanitarian problems caused by e-wastes.

As explained in the e-waste part of the censored 4-part iPhone game "phone story", the discarded electronics either end up in landfills or exported to developing countries for "recycling", which in fact employ methods that are harmful to both human health and the environment. Unfortunately the business strategy of planned obsolescence meant to increase the profits of the big IT companies further intensifies this process at the extra cost of the planet and its inhabitants. It's bad enough when phone companies pursue their profits with little regard to the planet, but it adds insults to injury when the computer manufacturers do this without even really increasing their own profits.

You see, you may not care about GNU/Linux, but people like Helios devoted to refurbishing recycled computers for the disadvantaged choose GNU/Linux over outdated or pirated Windows for good reasons -- it makes the recycled computers greener, cleaner, more Ethical, and more educational. With manufacturer-enforced secure boot, these computers would go to the landfills or "recycling" centers instead of going to the disadvantaged because Helios and other people who care would not be allowed to install GNU/Linux for them. And the hardware manufacturers don't even make more money because of these extra, unnecessary harms done to the disadvantaged and to the planet, if profit-making is ever a justifiable excuse for irresponsible manufacturing behaviors! These disadvantaged people are not going to buy new computers because they cannot get refurbished computers.

What can you do to help? Grab (perhaps with the help of you Linux friend) some live Linux CD from distrowatch, and maybe additionally create a live usb from it. Demand to boot the live CD or live usb before purchasing your next computer. Make sure that it is some minor Linux distribution, not just the store-suggested Linux distribution, that successfully boots. It's not about denouncing big brand Linux versions. It's about making sure that you get to decide whom to trust your computer security to. Show the computer guys in the store this article if necessary and insist on buying a computer that allow the buyers to disable the secure boot feature of UEFI. You don't need to love or use or even learn GNU/Linux if software freedom do not appeal to you. You can simply use it as a tool for testing the computer and discard it afterwards (though it would be a pity). Please do this for the planet, for the disadvantaged, for the society, if not for yourself as a wise consumer who knows to claim his/her full ownership of the purchased computer and basic user rights.

Wednesday, June 11 2008

三個運動 一個敵人

自由軟體/開放原始碼運動 (FL/OSS Movement), 開放數位內容運動 (Open Content Movement), 與開放檔案格式/開放介面運動 (Open File Format/Open Interface Movement) 其實是彼此相關, 但包含面與訴求強度大不相同的三個社會運動。 另一方面, 以微軟為首的資訊大廠, 正在用 DRM 與 TC 等等技術, 挑戰消費者的基本權益。 這些資訊大廠, 不只是這三個運動的共同敵人, 也是所有消費者的公敵。 要了解這些問題, 並不需要太高深的電腦知識; 臺灣社會需要更多聰明的消費者站出來替自己的權益發聲。

* * * * *

三個運動 一個敵人 開放檔案格式/開放介面運動的訴求最卑微, 支持者也最多。 我演講時經常舉的一些例子: 提款卡/底片/錄音帶/影音設備/記憶卡/手機, 不同廠牌, 彼此可以互通; 一個簡單的口號: 「允許不同, 才是相容」; 一個不可思議的情境: 「對不起, 您撥的電話號碼, 廠牌不同, 型號太舊, 請慫恿對方升級後再撥」; ... 這些都在談開放檔案格式/開放介面。 任何重視自己基本權益的消費者, 都應該支持這個運動。 詳見 資訊界的標準戰爭。 這個運動, 事關 「溝通」。 封閉的介面, 阻礙溝通. 造成傷害社會的 巴別塔效應, 或者會透過溝通, 進行 病毒式強迫行銷, 任何人都應該反對。 像是微軟借由大學與縣市網教育局散佈 docx 格式, 像是 大學入學考試中心 強迫使用 ie 才能報名查詢 (右邊綠色方塊), 這些事情如果換成日常生活當中的其他消費產品 (例如: "您必須用 motorola a780 手機才能打電話進來鄉公所洽公"), 馬上會引發官商勾結的質疑。 「請允許我和使用不同廠牌型號手機的朋友溝通」: 像這樣越是卑微的請求, 力量越是強大。 也因此, 我個人在 挑戰 docx 封閉檔案格式 時, 採取最強硬的態度, 因為堅持寄送封閉檔案格式的人, 完全不顧他人感受及對社會所造成的傷害, 以強暴的方式, 將自己的選擇強加在他人身上, 這些人甘願成為軟體廠商的免費行銷工具 (或是藉自身工作與地位之便, 接受廠商的好處而替它行銷?) 這些人不尊重別人的自由意志, 他們需要被教育, 體認一下不被尊重的感受。

開放數位內容運動, 以 creative commons 開放授權 當中所提的概念為主要價值觀, 主要在推廣任何形式數位內容 (圖/文/影/音/...) 的共創共享。 一方面鼓勵大眾參與共創, 大方分享自己的作品: 「越多人看到我的創作, 我的智慧結晶, 我就越紅」 不論是個人或是學校都是如此 (努力招生的大學校長們呀, 您聽到了嗎?)。 網路時代, "資訊它天生就想自由" ( "information wants to be free"): 智慧是履歷表, 宣傳車, 海報, 廣告看板...; 智慧不是財產。 但是這樣的訴求, 只能道德勸說, 不能強迫, 不然就變成共產黨了。 因此我自己在從事開放數位內容運動時, 只能以身作則, 把自己的創作與大家分享; 只能分析利害關係, 勸說創作者加入我們; 但在一般狀況之下, 我們沒有權利更沒有膽量要求所有創作者與我們一樣, 選擇以 cc 授權釋放自己的著作。 另一方面, 開放數位內容運動, 鼓勵任何人盡情享用這些大方作者的創作, 不論您有無貢獻, 善用合法自由的數位內容, 都是好事。 開放的數位內容, 當然應該要用開放的檔案格式來傳遞, 否則變成在替封閉檔案格式進行病毒式行銷; 而封閉檔案格式一旦成為主流, 將回過頭來變成老大哥限製資訊自由傳遞的工具, 內含 DRM 與 TC 機制, 破壞當初開放數位內容運動的初衷。 (下詳)

自由軟體運動, 是開放數位內容運動的一小支, 它特別關心 [程式碼形式] 的數位內容, 應自由分享。 它其實也是開放數位內容運動的源頭。 例如, Free Culture 一書的作者 Lawrence Lessig 在設計 creative commons share-alike 授權時, 可能 就是採用了 GPL 的觀念: 「自由的範圍, 以不侵犯他人的自由為限度」。 一如開放數位內容運動, 自由軟體運動的推廣, 不能採取強迫的方式。 不僅作者必須自願釋放原始碼才有意義, 使用者也必須自願使用自由軟體才對。 不然在極權國家「推廣」自由軟體豈不最快? 一聲令下, 誰敢不用? 但這就失去自由的意義了。 一個人在聽過我們的道德勸說之後, 如果還是自願選擇被微軟制約, 只要他不影響他人的自由 (不要寄送 docx), 我們也只能尊重他 「選擇不自由」 的自由。 更多關於自由軟體的觀念, 詳見 Philosophy of the GNU project (革奴計畫的哲學/理念) 或者我的一些 談論自由軟體的舊文章

6 張圖認識老大哥 另一方面, 以微軟為首的某些資訊大廠, 設計了 DRM (Digital Rights Managment, 數位權利管理) 及 TC (Trusted Computing, 信任運算), 最初始的目的是在 「保護智慧財產權」, 也就是避免數位內容的非法複製。 這樣的初衷是可以理解的; 但它所採取的手段卻是侵犯消費者基本權益的封閉檔案格式, 造成的效果則對社會更具有深遠的破壞力, 就像是 George Orwell 小說 1984 裡面所描述的狀況一樣: 老大哥隨時隨地可以監視, 甚至控制任何人的一舉一動。 目前微軟還沒有完全做到這一步; 但這並不是因為技術不成熟, 只是感謝有網路輿論的制衡。 從 2006 年中的 WGA (Windows Genuine Advantage) 升級開始, 所有人的電腦, 包含銀行/國安局/軍情局/國防部的電腦, 只要 windows 的版本夠新, 且連上網路, 都乖乖地每兩週回報一次。 (本來是每天回報的, 且回報資料量本來很大; 是輿論讓微軟稍微收斂。) 詳情請見 「資訊社會的人權議題」, 「迎接資訊人權貴時代」 (kuso 星際大戰的短篇小說), 或直接搜尋 "windows phone home"。

這些議題, 對於關心技術的人而言, 過於政治; 對關心政治 (或關心人權, 或關心社會風氣, 或關心教育, 或關心社會正義) 的人, 過於技術, 因此一直很難為主流媒體所重視, 也很難廣為眾人所了解。 許多人以為自由軟體運動者喜歡與微軟為敵; 事實是: 微軟及其他資訊大廠為了控製數位內容的傳遞, 必須用 「技術上註定有瑕疵的 "security by obscurity"」 方式, 與大眾為敵, 限製大眾的溝通自由。 這導致了對技術議題最為敏感的自由軟體社群經常率先抗議。 而自由軟體, 開放數位內容, 及開放檔案格式三個運動的支持者, 又有許多交集, 因此我們自己也經常角色跳躍, 引起一些誤解。 如上所述, 其實開放檔案格式/開放介面:

  1. 和每位消費者的權益息息相關, 甚至和未參與消費的任何公民都相關 (如果他在乎, 如果他不希望活在老大哥監控的社會底下)
  2. 要認識它, 沒有技術門檻, 只要有常識 (知道不同廠牌的手機可以通話)
  3. 不見得要支持自由軟體或開放數位內容
  4. 是一個很卑微的請求, 但正在被資訊大廠否決

我們期待臺灣有更多主流媒體注意到這三個運動及一個全民公敵, 希望有更多消費者與公民重視這些議題, 有更多人加入開放檔案格式/開放介面運動。 甚至希望出現一些未必支持自由軟體或開放數位內容, 但能夠將開放介面的重要性解釋清楚的朋友, 讓更多公民了解這不是一小撮技術龐克的古怪問題。 這樣, 我們就終於可以更專心於自由軟體運動或開放數位內容運動了。

Monday, October 22 2007

1984 in the Making, or Getting to know Big Brother in 6 pictures

1984 in the making, or getting to know the Big
Brother in 6 pictures I wrote an article "1984 in the Making: Stealthy Invasion of Consumer Rights and Privacy by ICT Corporations" and submitted it to a conference in Taiwan to be held Nov 11, 2007. (They don't have an English page but I guess a suitable translation of the conference name could be "Information Science and Society".) I don't get a chance to talk but will have a poster space to display my article, or some picture related to it.

I spent an entire day to draw this picture using inkscape. I think it would be a pity if I show it only to the conference attendees. So here it is. I am grateful to find nice drawings from wikimedia, such as Butters, squirrel, and kiwi, to include in my drawing. My drawing never got good grades in the elementary school, and I had seldom drawn between then and 1996, when I started advocating FLOSS and the danger of proprietary file formats. By that time I was too old to learn good drawing. So please excuse the crude quality. I hope you enjoy the ideas in the drawing, especially the text in the Big Brother's underwear. You need to save the svg file and zoom in in inkscape in order to read it. But then you would give him a very good reason to shoot you using the DMCA gun. You have been warned. BTW, I feel a strong urge to draw a handcuff on the male genital instead of on the hand. because it really rings very well with Big Brother's command: "Thou Shalt not Reproduce without permission". But I don't have the guts to do so. :-) Any ideas or actual fixes to improve the drawing will be greatly appreciated. (Not the last one about reproduction please...I am serious.)

This picture is distributed under the creative-commons attribution share-alike license. If you find it useful, please feel free to improve on it (I would appreciate if you let me know) and/or show it to the poor souls who don't know that their computers report back to the Big Brother once every two weeks. It will take your voice, her voice, our voices together, to unlock the handcuffs that the Big Brother has placed on the consumers' hands.

Sunday, July 8 2007

Price? Monopoly ... Big Brother! | 價格? 壟斷 ... 老大哥!

不論是一綱一本, 或是 ETC 案, 價格從來就不該是重點。 聰明的臺灣人, 請不要滿足於價格論述。 本文也並不主張教改十全十美不需要檢討改變, 或是主張遠通一事幕後有弊案。 我們的訴求很簡單: 請尊重多元, 開放讓市場自由競爭, 不論是教科書市場, 或是 ETC 的 OBU 市場皆然。

* * *

數位科技與網際網路促成了 web 2.0 現象, 多元化與自由化因而成為世界趨勢。 但是掌握資源的兩大黨, 在言辭敷衍這些觀念的同時, 行動上還是堅持抗拒多元化自由化的潮流, 努力回頭朝一元化的方向鑽, 展現 小魚逆流向上 的偉大情操。 掌控主流媒體的這強大二勢力, 不論誰執政, 應該都有機會將臺灣帶入類似 George Orwell 所著的 "一九八四" 一書所描述的完美一元社會, 從此以後臺灣人民將不必再煩惱 「選擇」 這回事, 一切都交由 老大哥 決定就好。

* * *

國民黨強力推動一綱一本, 說是要減輕學生買書和讀書的負擔。 其實如果他們關心的真的是學生買書的花費, 並不需要反對符合多元化世界潮流的一綱多本。 大可以要求執政黨學習 維基教科書 的精神, 推動教科書共創共享。 也可以要求政府編列預算, 逐年分批向教材製作業者買斷教科書授權, 以某種 creative commons 的方式釋放出來。 長期目標是讓任何人可以無授權障礙取得所有版本的教科書。 每位學童通常只需要一套紙本教科書, 其餘較少看的版本, 以電子檔形式作為參考資料, 需要時可以在家中或圖書館中查閱。 在教科書共創共享的架構下維持一綱多本, 一樣可以讓豐富多元的學習資源、省錢、環保三者並行不悖。 轉學生則藉助 長尾現象 新興商業模式的一個實例: print-on-demand 的方式, 只付列印費, 不需付授權費。

當然啦, 這樣的建議會挑戰傳統書商, 北北基縣市長們當然不願意去推動。 如果一綱一本推動成功, 不僅不會挑戰傳統書商, 還可以循著 宴請建築大亨 的模式, 也把書商們集中到縣長官邸來 「請益」 一下; 當然在場的絕對不可以有關心教育/文化/數位落差 的相關官員及自由文化/自由數位內容的社會運動者之類的閒雜人等, 以免節外生枝, 令大眾對縣市長們清廉的形象產生不必要的誤會。 雀屏中選的版本, 將享有極大的壟斷權; 大家再也不需要煩惱市場機制的多元競爭, 多麼完美啊! 當然價格也不需要大家操心啦: 只此一家, 沒有競爭, 價格他說了就算; 抗爭議價等等無謂的行動都可以省下來。 (畢竟人家要取得壟斷權想必也花了不少錢, 那當然也要算入投資成本的一部分啊!)

* * *

民進黨強力推動高速公路電子收費系統 ETC 由單一公司承包。 或許 「開放市場自由競爭」 「允許不同, 才是相容」 的建議, 從來沒有傳到他們耳朵裡。 最近 OBU 機上盒漲價, 主流媒體的討論仍圍繞在價格, 只有 極微弱的聲音 質疑為何不開放競爭 (要在文中用力找一下)。 看來媒體還蠻好控制, 民眾也還蠻好騙的, 只要把議題鎖在價格, 即使只是短暫的降價, 多元競爭的問題就可以避而不談。 不如就一不作二不休吧。 建議民進黨政府把所有提款卡的製作權收回, 授予單一銀行統一製作。 這樣民眾可以省去選擇的煩惱, 就像要裝設 OBU 根本不需要煩惱要找那一家一樣, 多麼便民啊! (需要排一下隊倒是真的) 如果有少數不知好歹的人士抱怨呢? 只要提出令人眼花潦亂的各種優惠方案及贈品措施 (嗯, 就贈送 「我不是塑膠袋」 好了, 以免大家搶得頭破血流) 讓媒體與大眾的注意力集中在價格, 完全忘記多元競爭這回事, 其他都很好辦。 等壟斷佈局成功, 再來逐年調漲, 過去一切的投資都很容易賺回來。

當然, 對執政黨而言, 真正的重點在後面, 而且要和其他政策一起推動。 以後改用生物特徵辨識, 一卡只能一人使用, 就像眼光長遠的移民署即將換發的 「IC防偽外僑居留證」 一樣。 從此以後, 所有人的所有提款記錄, 政府都一清二楚, 畢竟政府討資料的對象只剩下一家銀行, 簡單多了, 也比較容易躲過媒體, 低調進行。 電信業也是如此, 通通交由一家公司負責就好。 有了這些, 再搭配 OBU 監視與紀錄行蹤, 民眾的一切行動通話金融活動, 都在老大哥的掌控之下, 從此以後再也不怕 黨內初選電話民調舞弊 這類醜聞。 當然更重要的是可以掌控所有市井小民的言行, 思想改造及監控可以做得比蔣介石時代更徹底。 再也不怕有人不愛臺灣了!

* * *

微軟強力推銷... 微軟不必推銷, 教育界有許多教授義務地, 免費地 (應該吧?) 在為它推銷它的作業系統及文書處理軟體。 它已佈局成功, 完全壟斷市場, 並且藉 類似二手煙的力量 迫使不想用的人也非用不可。 有錢的臺灣人, 您對微軟只提供給落後國家的 $3 美金方案 有意見嗎? 那就不要用它的軟體試試看啊。 現在所有夠新的 Windows 電腦 (是的, 包含您的, 您存款銀行的, 及我們國防部的每部夠新的電腦) 每兩週 就會 回報 一次。 即便已經知道這樣的狀況, 連國防部, 國安會, 和軍情局這樣的單位都還是無動於衷 (該不會是毫不知情吧), 持續使用它的軟體, 您說我們一般小老百姓能不用它的軟體嗎?

* * *

不論是一綱一本, 或是 ETC 案, 價格從來就不該是重點。 聰明的臺灣人, 請不要滿足於價格論述。 本文也並不主張教改十全十美不需要檢討改變, 或是主張遠通一事幕後有弊案。 我們的訴求很簡單: 請尊重多元, 開放讓市場自由競爭, 不論是教科書市場, 或是 ETC 的 OBU 市場皆然。

國民黨與民進黨不願意鬆手讓市場自由競爭, 大眾就必須訴諸輿論的力量來要求他們。 如果大家漠不關心, 或是滿足於短暫的降價或優惠措施, 等到壟斷形成時, 我們就只能像現在對微軟一樣, 心不甘情不願地接受, 幾乎沒有討價還價的空間。

更糟糕的是, 壟斷者不會滿足於金錢的收益。 教科書只有一個版本, 就容易控制。 控制教科書, 就可以改寫歷史; 改寫歷史, 就可以控制未來。 這不是危言聳聽, 而是 George Orwell 名言 的另一種表達法。 您可以在其他事情上支持國民黨, 但此事請不要盲目支持它。 ETC 可以帶來很多方便, 但是目前獨家壟斷的做法將對人民的基本權利造成長遠的傷害。 這也不是杞人憂天, 而是 班傑明.佛蘭克林提醒過我們的事。 才剛推出, 離壟斷遠得很, 就敢限定只能在三部車上使用, 完全漠視消費者的 易地使用權, 您期待它未來會尊重您的人權? 您可以在其他事情上支持民進黨, 但此事請不要盲目支持它。

如果這些推測聽起來只像是無病申吟的陰謀論, 請多去瞭解過去只顧賺錢的微軟, 現在如何為掌控世界佈局。 如果連這個燃眉之急的現象也被多數人當成是小題大作, 如果多數人還是只在乎價格議題, ... 那我也只能默默為臺灣祈福了。 套句信用卡的廣告詞:

人權... 無價。