[icon ] blenderdumbass . org [icon scene] Articles

Never Trust Proprietary Software With Security

[avatar]  Blender Dumbass

December 06, 2024

👁 139

https://blenderdumbass.org/ : 👁 3
https://blenderdumbass.org/articles : 👁 1
https://blog.madiator.com/ : 👁 5
https://mastodon.social/ : 👁 3
https://blenderdumbass.org/articles/the_incels_of_computing:_the_depressive_defense_mechanisms_of_free_software : 👁 1
https://phanpy.mrdonaldson.net/ : 👁 1
https://blenderdumbass.org/articles/libre_games_and_making_money:_introducing_petitions : 👁 1
https://blenderdumbass.org/reviews/queer___2024___is_an_indiana_jones_movie_in_a_style_of_david_lynch : 👁 1
https://blenderdumbass.org/articles?page=1 : 👁 1
https://blenderdumbass.org/reviews/Rebel_Moon : 👁 1
https://blenderdumbass.org/articles?page=2 : 👁 1

#freesoftware #userfreedom #malware #security #privacy #gnu #linux #opensource

License:
Creative Commons Attribution Share-Alike
Audio Version





There is a person on the inter-webs, who dedicated himself to reviews on security devices. His name is Lock Picking Lawyer and he showcases how secure real life locks are. In his video 1543 he reviewed a rather peculiar security feature on a lock from ABUS. Which is strengthening itself not by building some clever mechanism that is hard to bypass, but rather, uses law, to make bypassing it more illegal than it already is. They made the key-way ( and by extension the key ) to be shaped as the trademarked logo of the company. Therefor producing or distributing blanks for this lock would be a violation of the trademark law. Using proprietary software for security is doing the same mistake as trusting this lock by ABUS.

Proprietary Software is not without their own ABUSes. In the 90s, as people joined the internet and started sharing media-files around, the media companies started experimenting with software that will encrypt the contents of a media-file, such that these contents would not be share-able, so people would be forced to buy more copies. They did such a bad job at this encryption, that instead of trying to develop better ones, they lobbied for a law that would make breaking this encryption illegal. Thus the infamous DMCA was born.

By the way, if you want to know about this type of encryption and how it violates your human rights, please go to DefectiveByDesign.org.

A lot of people, when I talk to them about the evils of proprietary software tend to agree with me on most of the points, but not all of them. A lot of those people tend to believe that proprietary software is more secure. Free Software ( the opposite of proprietary ) has a requirement for its source code to be accessible to all users. So in theory, somebody that wants to break through a security system implemented as Free Software, has an advantage of knowing how this system is secured. And not having the knowledge, potentially makes this system more secure. This is called "security by obscurity".

So lets go and smash this argument to pieces! Shall we?

Few years ago, before I had this website, I reviewed a Microsoft Software Licensee Agreement, that you pretty much have to agree to in order for the system to run. Apart from the usual demands to waive all your rights and surrender all your data to the overlords at the Microsoft corporation, and apart to agreeing to all the insecurities that come with the software being done by dumbasses at Microsoft, they also briefly mention the use of code published under the GNU Lesser General Public License. Meaning, to make Windows they used source code published under that license.

Even as far back as the 90s Microsoft was vilifying Richard Stallman for coming up with the regular GNU GPL, they thought it was viral, ugly and tried to claim it unconstitutional. Why? Why would a company that apparently can make software of their own, care so much about a license, for use of source code?

Well here an answer: If they can, they will not develop anything. They will use code that is already out there. And their shareholders will only be happy about it.

To pay for development time for some new clever security algorithm is to waste the shareholders investments, if an algorithm that does the job already exists in Free Software. Just copy-paste the source code and you are done. Of course sign that "developer" onto a non-disclosure agreement, as to hide the process and claim ( with a big asterisk ) the so called "security" of the software, hiding the truth about it deep in the agreement nobody ever reads, and you're chillin'! People believe you are secure and clever, while all you did was to repackage somebody-else's work.

Apple does the same thing. I remember a few decades ago finding a full text of the Lesser General Public License on my mother's iPhone. And their Mac operating system is a modified version of BSD. A Free Software operating system that isn't copylefted.

They do not have some better software for security. They are using the same stuff. Sometimes even older versions of the same stuff as in Free Software. And therefor breaking into those systems is at least as easy as breaking into Free Software system. But no... It does not stop there.

Some geniuses at the Microsoft corporation, some time ago decided that it would be a clever idea to make all Windows computers connected to the same network, be accessible through the normal Files Explorer. They were probably thinking about how convenient a feature like this could be. How easy it will be to drag and drop files from one computer to another.

Of course to implement such a feature, every Windows computer was essentially turned into a server that awaits commands from another Windows computer to hand over any file what so ever. Or to save any incoming file what so ever. Therefor making a huge security vulnerability that was widely exploited.

In the current version of the Microsoft Software License, there is even a passage saying that Microsoft itself can access files on your computer, probably using that same feature. And we known that Apple computers had similar security concerns that they tried to argue to be for the greater good.

Those companies just can't hold themselves from implementing baffling insecurities into their software, just so they themselves could violate your freedoms more conveniently.

Comparing this to the Free Software model is comparing a bush put in front of a door in order to disguise it, to a robust lock proudly on display on a high security vault.

Free Software does not afraid you knowing how the security is implemented. The same way Bowley ( a lock company; featured in video 636 of the Lock Picking Lawyer ) does not afraid you knowing the mechanism of the lock. Because the mechanism is so good, you knowing how it works will defeat you. And you will move on to the next target.

Every lock is breakable. Every encryption is decryptable. Security is not absolute. Computers get faster, therefor passwords get longer and algorithms get stronger. Free Software who's whole reputation is built on security cannot lack behind. They can't just hide their mistakes behind non-disclosure agreements and copyright infringement lawsuits. They actually have to make the code pass the scrutiny, or risk losing the users. And down the line, few generations later, after the feature is well known and no longer copylefted, proprietary software companies will pick up the leftovers and will repackage it as "more secure" because apparently they "have the money to pay the developers". But in that time they themselves will add insecurities on top of that. And the code they will be using will be way past its prime. And therefor you should never trust proprietary software with security!

Happy Hacking!!!


[icon terminal] JSON [icon markdown] Markdown

[icon question] Help

Subscribe RSS
[icon link] Author
[icon link] Website
Share on Mastodon


[icon question] Help


You can comment from Mastodon.







[avatar]  Madiator2011 c:0


...from blog.madiator.com

Unpicking the Digital Locks: My Take on Blender Dumbass’s Security Skepticism

A reply from blog.madiator.com

[icon internet] View Full Reply [icon send] Reply



[icon articles]How AI, ICE and Elon Musk Manipulate People Into Supporting Evil?

[thumbnail]

[avatar]  Blender Dumbass

👁 101 💬 0



Elon Musk is now infamous for showing a Nazi-Salute when Donald Trump became the president for the second time. Yet, this is the same Elon Musk, who's cars were disliked by the same people who have a hard on Trump. People who like to burn gasoline. For them an electric-car company is an epitome of wokeness. It was very funny to see, then, Donald Trump making an ad-read to promote those cars, before realizing what he had done and deciding suddenly to hate on poor Musk. Was Musk playing a part of a Nazi? Was the Nazi-Salute a genius marketing move, to try to make the conservative public of the United States consider buying a car they so disliked? Or was it just a funny set of coincidences?


#AI #ICE #ElonMust #FreeSoftware #OpenSource #Privacy #Copyright #Freedom #DRM #Libre #uspol #Politics


[icon petitions]Release: Dani's Race v2025-03-17

[thumbnail]


26 / 50 Signatures

[avatar]  Blender Dumbass

👁 305 💬 2



Dani's Race version 2025-03-17


#DanisRace #MoriasRace #Game #UPBGE #blender3d #project #petition #release


[icon articles]PewDiePie is now using GNU / Linux

[thumbnail]

[avatar]  Blender Dumbass

👁 182 💬 4



PewDiePie, once the king of YouTube, has now decided to stop shannigans and move to GNU / Linux operating system. And not simply to move to GNU / Linux, but stop using Photoshop and move to GNU Image Manipulation program, known as GIMP. Go back to using OBS. And even gave a rather okay-ish explanation of GNU / Linux and his reasons to move to it, to his 110 million followers, in a video he published titled: I installed Linux (so should you).


#PewDiePie #GNU #Linux #FreeSoftware #GIMP #OBS #OpenSource #YouTube


[icon articles]Is The DeVault Report a Spiteful Metajoke

[thumbnail]

[avatar]  Blender Dumbass

👁 103 💬 0



Oh god, I'm trembling right now in anticipation of hate coming my way for this article. If you want to attack me, you should look no further than at the article I wrote about the subject matter a few articles ago. Or look no further at my stance on the whole matter which many times I had brought up in various things I do. The plots of my films Moria's Race and I'm Not Even Human directly or indirectly deal with the subject matter at hand.


[icon codeberg] Powered with BDServer [icon python] Plugins [icon analytics] Analytics [icon mastodon] Mastodon [icon peertube] PeerTube [icon element] Matrix
[icon user] Login