Archives

Categories

The Squirrel and the Grasshopper

There’s a story going around the neo-con blogs titled “The Squirrel and the Grasshopper”. It was forwarded to me by a business associate with the claim that it’s “right on the money”. It’s strange that someone could be considered to be “right on the money” for Australia when essentially the same text is posted in the UK, New Zealand, and Sweden (from a 30 second google search – I’m sure that the neo-cons in other countries have posted it too).

The following are the neo-con ideas promoted by the story in question:

  1. To mis-represent a local main-stream political party that is known for representing workers (the ALP in the case of Australia) as being extremist and associated with Greenpeace (an organization that is out of favor at the moment and disliked by many people who vote for main-stream parties).
  2. To spread the “liberal press” lie that wing-nuts like to believe. Any analysis of the press will show that most multi-national media organizations are quite biased towards the right-wing groups.
  3. Making false claims about the legal system to drive support for recent fascistic legal changes. In the case of Australia this means allowing employers to lay off employees and immediately re-hire them at a lower rate, allowing employees to be laid off if factory equipment breaks down, and for almost any reason you can imagine. Driving the idea that the judges are incompetent and therefore imposing legislation to remove judicial discretion is an important step in removing civil rights.
  4. Claims that the government is communist and takes the property from the middle-classes and gives it to unworthy people. In fact the opposite is true (for Australia at least). Large companies and wealthy individuals are routinely given community property. The toll roads are the best example of this, the government closes public roads that can be used as an alternative to a toll road, and then politicians get paid off after they leave office. Far from taking money from people who work (as the neo-con propaganda claims) the government allows big corporations to do so with impunity. The Australian government (as many governments in first-world countries) has been becoming increasingly fascistic recently.
  5. The claim that asylum seekers are terrorists. If the government wanted to stop terrorism then they would cease involvement with those parts of the world. However only plebians (people like us) are likely to be hurt by terrorism so the government has little motivation to stop it – it’s good for winning elections! By joining the invasion of Iraq the Australian government helped al Quaeda establish new training bases while also giving al Quaeda (and related organizations) a reason to target Australia. Also whenever a war is started people will be forced to leave their homes and seek asylum else-where. If you don’t want asylum seekers seeking entry to your country then you don’t want to mess up other countries and force people to flee.
  6. Support for the “war on drugs”. That war has been at best a stale-mate and generally a loss for a century now. The approach that is being adopted experimentally of legal supply of hard drugs to addicts seems to have more promise. Incidentally the breaches in border security that are established for the purpose of drug smuggling are available for any illegal purpose that pays enough – if al Quaeda wanted to smuggle weapons into a first-world country they would probably get drug dealers to do it for them. I’ll blog more on this topic in future.

There you have it, The Squirrel and the Grasshopper covered all of the neo-con propaganda bases apart from the pro-Christian angle.

For the benefit of anyone who is thinking of forwarding on a “parable” in future, the first thing you might want to do is a google search on it. Search for comments and also search for who is promoting it. If a message you are considering forwarding is being promoted by people who are obviously racist or who discriminate against people on the basis of religion then you might consider whether you want to associate yourself with them by forwarding the message.

Related posts:

  1. Outsourcing – Bad for Corporations but Good for the World There is ongoing discussion about whether outsourcing is good or...
  2. economics of nuclear power It’s interesting to note in this press release from the...
December 10th, 2006 | Category: Politics | Comments are closed

Debian SE Linux policy bug

checkmodule -m -o local.mod local.te
semodule_package -o local.pp -m local.mod
semodule -u local.pp

Save the following policy as local.te and then run the above commands to make semodule work correctly and to also allow restorecon to access the console on boot.

module local 1.0;

require {
        class chr_file { read write };
        class fd use;
        type restorecon_t;
        type tmpfs_t;
        type initrc_t;
        type semanage_t;
        role system_r;
};

allow restorecon_t tmpfs_t:chr_file { read write };
allow semanage_t initrc_t:fd use;

Related posts:

  1. SE Linux on Debian in 5 minutes Following from my 5 minute OSDC talk yesterday on 5...
  2. Debian SE Linux Yesterday Erich Schubert blogged about reducing Debian SE Linux work...
  3. planet debian, spam, and SE Linux In regard to my post yesterday about Planet Debian I...
  4. a newbie question about SE Linux and anti-spam measures An anti-spam measure that is used by a very small...
  5. combining two domains in SE Linux To get the maximum value out of my writing when...
December 9th, 2006 | Tags: | Category: Security | Comments are closed

SE Linux on Debian in 5 minutes

Following from my 5 minute OSDC talk yesterday on 5 security improvements needed in Linux distributions I gave a 5 minute talk on installing SE Linux on Debian etch. To display the notes I formatted them such that they were in 24 line pages and used less at a virtual console to display them. The ultra-light laptop I was using has only 64M of RAM which isn’t enough for a modern X environment and I couldn’t be bothered getting something like Familiar going on it.

After base install you install the policy and the selinux-basics package:

# apt-get install selinux-basics selinux-policy-refpolicy-targeted
The following extra packages will be installed:
checkpolicy libsemanage1 mime-support policycoreutils python python-minimal
python-selinux python-semanage python-support python2.4 python2.4-minimal
selinux-utils
Suggested packages:
python-doc python-tk python-profiler python2.4-doc logcheck syslog-summary
The following NEW packages will be installed:
checkpolicy libsemanage1 mime-support policycoreutils python python-minimal
python-selinux python-semanage python-support python2.4 python2.4-minimal
selinux-basics selinux-policy-refpolicy-targeted selinux-utils
0 upgraded, 14 newly installed, 0 to remove and 0 not upgraded.
Need to get 6362kB of archives.
After unpacking 41.5MB of additional disk space will be used.
Do you want to continue [Y/n]?

The package install process also configures the policy for the machine. The next step is to label the filesystems, this took 26 seconds on my Celeron 500MHz laptop with 20,000 files on an old IDE disk. The time is in proportion to number of files, often bottlenecked on CPU. A more common install might have 5* as many files with a 5* faster CPU so 30 seconds is probably common for labelling. See the following:

# fixfiles relabel

Files in the /tmp directory may be labeled incorrectly, this command
can remove all files in /tmp.  If you choose to remove files from /tmp,
a reboot will be required after completion.

Do you wish to clean out the /tmp directory [N]? y
Cleaning out /tmp
/sbin/setfiles:  labeling files under /
matchpathcon_filespec_eval:  hash table stats: 14599 elements, 14245/65536 buckets used, longest chain length 2
/sbin/setfiles:  labeling files under /boot
matchpathcon_filespec_eval:  hash table stats: 19 elements, 19/65536 buckets used, longest chain length 1
/sbin/setfiles:  Done.

The next step is to edit /boot/grub/menu.list to enable SE Linux, auditing, and put it in enforcing mode:

title   Debian GNU/Linux, kernel 2.6.17-2-686
root    (hd0,1)
kernel  /vmlinuz-2.6.17-2-686 root=/dev/x selinux=1 audit=1 ro enforcing=1
initrd  /initrd.img-2.6.17-2-686

Then reboot.

After rebooting view the context of your shell, note that the login shell will have a domain of unconfined_t when the targeted policy is used:

# id -Z
system_u:system_r:unconfined_t

Now let’s view all processes that are confined:

# ps axZ |grep -v unconfined_t|grep -v kernel_t|grep -v initrc_t
LABEL                             PID TTY   STAT   TIME COMMAND
system_u:system_r:init_t            1 ?     Ss     0:02 init [2]
system_u:system_r:udev_t         1999 ?     S.s    0:01 udevd --daemon
system_u:system_r:syslogd_t      3306 ?     Ss     0:00 /sbin/syslogd
system_u:system_r:klogd_t        3312 ?     Ss     0:00 /sbin/klogd -x
system_u:system_r:apmd_t         3372 ?     Ss     0:00 /usr/sbin/acpid -c /etc
system_u:system_r:gpm_t          3376 ?     Ss     0:00 /usr/sbin/gpm -m /dev/i
system_u:system_r:crond_t        3402 ?     Ss     0:00 /usr/sbin/cron
system_u:system_r:local_login_t  3423 tty1  Ss     0:00 /bin/login --
system_u:system_r:local_login_t  3424 tty2  Ss     0:00 /bin/login --
system_u:system_r:getty_t        3425 tty3  Ss+    0:00 /sbin/getty 38400 tty3
system_u:system_r:getty_t        3426 tty4  Ss+    0:00 /sbin/getty 38400 tty4
system_u:system_r:getty_t        3429 tty5  Ss+    0:00 /sbin/getty 38400 tty5
system_u:system_r:getty_t        3430 tty6  Ss+    0:00 /sbin/getty 38400 tty6
system_u:system_r:dhcpc_t        3672 ?     S.s    0:00 dhclient3 -pf /var/run/

The initial install of policy inserts modules to match installed software, if you install new software then you need to add new modules with the semodule command:

# semodule -i /usr/share/selinux/refpolicy-targeted/apache.pp
security:  3 users, 7 roles, 824 types, 67 bools
security:  58 classes, 11813 rules
audit(1165532434.664:21): policy loaded auid=4294967295
# semodule -i /usr/share/selinux/refpolicy-targeted/bind.pp
security:  3 users, 7 roles, 836 types, 68 bools
security:  58 classes, 12240 rules
audit(1165532467.874:22): policy loaded auid=4294967295

Note that the security and audit messages come from the kernel via printk, it is displayed on console login but you need to view the system log if logged in via ssh or running an xterm. Now you have to relabel the files that are related to the new policy:

# restorecon -R -v /etc /usr/sbin /var/run /var/log
restorecon reset /etc/bind context system_u:object_r:etc_t->system_u:object_r:named_zone_t
restorecon reset /etc/bind/named.conf context system_u:object_r:etc_t->system_u:object_r:named_conf_t
[...]
restorecon reset /etc/apache2 context system_u:object_r:etc_t->system_u:object_r:httpd_config_t
restorecon reset /etc/apache2/httpd.conf context system_u:object_r:etc_runtime_t->system_u:object_r:httpd_config_t
[...]
restorecon reset /usr/sbin/named context system_u:object_r:sbin_t->system_u:object_r:named_exec_t
restorecon reset /usr/sbin/apache2 context system_u:object_r:sbin_t->system_u:object_r:httpd_exec_t
restorecon reset /usr/sbin/rndc context system_u:object_r:sbin_t->system_u:object_r:ndc_exec_t
restorecon reset /usr/sbin/named-checkconf context system_u:object_r:sbin_t->system_u:object_r:named_checkconf_exec_t
[...]
restorecon reset /var/run/bind context system_u:object_r:var_run_t->system_u:object_r:named_var_run_t
restorecon reset /var/run/bind/run context system_u:object_r:var_run_t->system_u:object_r:named_var_run_t
restorecon reset /var/run/bind/run/named.pid context system_u:object_r:initrc_var_run_t->system_u:object_r:named_var_run_t
restorecon reset /var/run/motd context system_u:object_r:initrc_var_run_t->system_u:object_r:var_run_t
restorecon reset /var/run/apache2 context system_u:object_r:var_run_t->system_u:object_r:httpd_var_run_t
restorecon reset /var/run/apache2/cgisock.3558 context system_u:object_r:var_run_t->system_u:object_r:httpd_var_run_t
restorecon reset /var/run/apache2.pid context system_u:object_r:initrc_var_run_t->system_u:object_r:httpd_var_run_t
restorecon reset /var/log/apache2 context system_u:object_r:var_log_t->system_u:object_r:httpd_log_t
restorecon reset /var/log/apache2/error.log context system_u:object_r:var_log_t->system_u:object_r:httpd_log_t
restorecon reset /var/log/apache2/access.log context system_u:object_r:var_log_t->system_u:object_r:httpd_log_t

The -v option to restorecon causes it to give verbose output concerning it’s operations. Often you won’t do it in real use, but it’s good to illustrate the use.

Now you have to restart the daemons:

# killall -9 apache2
# /etc/init.d/apache2 start
Starting web server (apache2)....
# /etc/init.d/bind9 restart
Stopping domain name service...: bind.
Starting domain name service...: bind.

Apache and BIND now run in confined domains, see the following ps output:

system_u:system_r:httpd_t   3833 ?     Ss     0:00 /usr/sbin/apache2 -k start
system_u:system_r:httpd_t   3834 ?     S      0:00 /usr/sbin/apache2 -k start
system_u:system_r:httpd_t   3839 ?     Sl     0:00 /usr/sbin/apache2 -k start
system_u:system_r:httpd_t   3841 ?     Sl     0:00 /usr/sbin/apache2 -k start
system_u:system_r:named_t   3917 ?     Ssl    0:00 /usr/sbin/named -u bind

It’s not particularly difficult. I covered the actual install of SE Linux in about 1.5 minutes. I had considered just ending my talk there on a note of “it’s so easy I don’t need 5 minutes to talk about it” but decided that it was best to cover something that you need to do once it’s installed.

If you want to know more about SE Linux then ask on the mailing list (see http://www.nsa.gov/selinux for subscription details), or ask on #selinux on freenode.

Related posts:

  1. planet debian, spam, and SE Linux In regard to my post yesterday about Planet Debian I...
  2. Debian SE Linux Yesterday Erich Schubert blogged about reducing Debian SE Linux work...
  3. a newbie question about SE Linux and anti-spam measures An anti-spam measure that is used by a very small...
  4. The benefits of SE Linux Today I discovered a bug in one of my programs,...
  5. invasive vs inconvenient security The recent news from the UK gives us an example...
December 8th, 2006 | Tags: , | Category: Security | 4 comments - (Comments are closed)

some advice for job seekers

A member of the free software community recently sent me their CV and asked for assistance in getting a job. Some of my suggestions are globally applicable so I’m blogging them.

Firstly I recommend that a job seeker doesn’t publish their CV on the net in an obvious place. Often you want to give different versions to different people, and you don’t necessarily want everyone to know about the work you do. I can’t imagine any situation in which a potential employer might view a CV on the net if it’s available but not ask for one if it isn’t there. If you are intensively looking for work (IE you are currently between jobs) then I recommend having a copy of your CV in a hidden URL on your site. This means that if you happen to meet a potential employer you can give them a URL so that they can get your CV quickly, but the general public can’t view it. A final problem with publishing your CV is that it may cause disputes with former colleagues (EG if you describe yourself as the most skilled programmer in the team then a former colleague who believes themself to be more skillful might disagree).

Next don’t put your picture on your CV. In some jurisdictions it’s apparently illegal for a hiring officer to consider your appearance. If there are many CVs put forward for the position then it may be easier to just discard yours because of this. There is absolutely no benefit to having the picture, unless of course you are applying for a job as an actor. Incidentally I’ve considered applying for work as an movie extra. The amount of effort involved is often minimal (EG pretend to drink beer in the back of a bar scene) and the pay is reasonable. It seems like a good thing to do when between computer contracts.

I write my CV in HTML and refuse to convert it. If a recruiting agent can’t manage to use IE to print my CV then they are not competent enough to represent me. If a hiring manager can’t manage to view my CV with IE then I don’t want to report to them. However I recommend against using HTML features that make a document act in any way unlike a word-processor file. There should be no frames or CSS files so there is only one file to email, and the text should be all on one page so the PGDN and PGUP keys can scroll through all the content. Tables, bold, and italic are good, fonts are a minor risk. Colors are bad.

Recruiting agents will often demand that your CV be targeted for the position that you are applying for. I often had complaints such as “I see only sys-admin skills not programming”. To solve this I wrote my CV in M4 and used a Makefile to generate multiple versions at the same time. If a recruiter wants a version of my CV emphasising C programming and using Linux then I’ve already got one ready!

These are just a few thoughts on the topic based on a CV that I just saw. I may write more articles about getting jobs in the computer industry if there is interest.

Related posts:

  1. Advice for speakers I am not an expert at public speaking. Attending Toastmasters...
December 7th, 2006 | Tags: | Category: Career | Comments are closed

OSDC

Yesterday I gave a presentation at OSDC in Melbourne about my Postal mail server benchmark suite. The paper was about my new benchmark program BHM for testing the performance of mail relay systems and some of the things I learned by running it. I will put the paper on my Postal site in the near future and also I’ll release a new version of Postal with the code in question very soon.

Today at OSDC I gave a 5 minute talk on 5 things that need to be improved in the security of Linux distributions.

  1. The fact that unprivileged programs often inherit the controlling tty of privileged programs which permits them to use the TIOCSTI ioctl to insert characters in the keyboard buffer. I noted that with runuser and a subtle change to su things have been significantly improved in this regard in Fedora, but other distributions need work (and Fedora can go further in this regard).
  2. A polyinstantiated /tmp should be an option that is easy to configure for a novice sys-admin. There have been too many attacks on data confidentiality and system integrity based on file name race conditions in /tmp, this needs to be fixed and must be fixable by novice sys-admins.
  3. The capability system needs to be extended. 31 capabilities is not enough and the significant number of operations that are permitted by CAP_SYS_ADMIN leads to granting excessive privilege to programs.
  4. The use of Xen on servers such that a domU is always used for applications should become common. Then if a compromise is suspected there will be better options for investigation.
  5. SE Linux needs to be used more, particularly the strict policy and MCS. Use of the strict policy often reveals security flaws in other programs.

I’ll blog about each of these in detail at some future time.

Related posts:

  1. Ruxcon and SLUG This weekend I was in Sydney for Ruxcon. Ruxcon is...
  2. invasive vs inconvenient security The recent news from the UK gives us an example...
  3. SE Linux is like a moat filled with sharks with laser attached head gear Here’s an interesting blog entry comparing SE Linux and AppArmor....
  4. a newbie question about SE Linux and anti-spam measures An anti-spam measure that is used by a very small...
December 7th, 2006 | Category: Benchmark, Postal, Security | Comments are closed

xen

I’m currently working on a little Debian Xen server, and I encountered a few problems that aren’t documented.

The first problem I found was that serial ports don’t work with a default Xen setup (as documented in a previous blog entry). However the solution to this turns out to be putting xencons=off on the kernel command-line for the dom0 kernel. This allows the dom0 kernel to see all the serial hardware. If I had wanted to use the serial ports from a domU then something else would need to be done, but as I have no need for this I didn’t investigate the matter any further. Thanks to Brian May for discovering this for me.

Next in the early test relreses of etch the udev hotplug interface isn’t enabled. So I had to add kernel.hotplug=/sbin/udevsend to the /etc/sysctl.conf file. A newer version of udev appears to fix this without modifications to the kernel.hotplug setting though. The symptom of this was the error “Error: Device 768 (vbd) could not be connected. Hotplug scripts not working” where 768 is the number for /dev/hda (the same message would occur with number 769 if you use /dev/hda1). I choose to use unpartitioned virtual disks such as /dev/hda and /dev/hdb in Xen because there is no benefit in partitions (my Xen instances are not doing enough to need more filesystems than there are virtual IDE disks) and because I don’t desire the fake partition table thing that Xen apparently does.

Related posts:

  1. Xen and serial ports Currently there is a serious problem with Xen. Fedora Core...
December 7th, 2006 | Category: Uncategorized | Comments are closed

Hans Reiser

According to this article in the San Francisco Chronicle Hans Reiser pled “not guilty” to the charge of murdering his wife. This isn’t particularly exciting news as all previous indications were that he was going to do so.

However one noteworthy fact from the article is that they are setting up an education fund for his children. Regardless of whether Hans is convicted or not, his children will still be in a bad situation and in need of assistance. While there are plenty of other worthy charities needing donations, if you are considering donating towards a Linux related cause then you might want to consider the children of a kernel coder.

No related posts.

November 29th, 2006 | Category: Uncategorized | Comments are closed

when you can’t get along with other developers

Many years ago I was involved in a free software development project with write access to the source tree. For reasons that are not relevant to this post (and which I hope all the participants would regard as trivial after so much time has passed) I had a disagreement with one of the more senior developers. This disagreement continued to the stage where I was threatened with expulsion from the project.

At that time I was faced with a decision, I could have tried to fight the process, and I might have succeeded and kept my position in that project. But doing so would have wasted a lot of time from many people, and might have caused enough productivity loss for enough people to outweigh my contributions to the project for the immediate future. But this didn’t seem very productive.

So I requested that my write access to the source tree be removed as I was going to leave the project and unused accounts are a security risk.

I never looked back, I worked on a number of other projects after that time (of which SE Linux is one) and the results of those projects were good for everyone. If I had stayed in the project where things weren’t working out then it would have involved many flames, distraction from productive work for everyone, and generally not much good.

The reason I mention this now (after many years have passed) is because in another project I see someone else faced with the same choice I made who is making the wrong decision. The people who are on the same private mailing list as me will all know who I am referring to. The individual in question is appearently suffering health problems as a result of stress caused by their inability to deal with the situation where they can’t get along with other people.

My advice to that person was to leave gracefully and find something else to work on. If you don’t get along with people and make a big fuss about it then they will only be more glad when they finally get rid of you. Running flame-wars over a period of 6 months to try and get accepted by a team that you don’t get along with will not do any good, but it will convince observers that removing you is a good idea.

No related posts.

November 27th, 2006 | Tags: | Category: | Comments are closed

Supporting an Election Campaign

Yesterday I handed out “how to vote” cards for the Greens at the state election. It did seem to be a significant waste to have so much paper produced. Slightly more than half the voters who visited my polling booth took cards from all parties, which was obviously of little use. There is some useful information to be gained from reading the cards from all parties, but nothing that you can analyse during the short period spent waiting in line. I expect that most people decide who to vote for before they get anywhere near the polling booth and just accept the cards because they feel that it may be rude to reject them. While ironically some people who didn’t like the Greens refused to accept a card from me and told me that they didn’t want it with the impression that they would offend me, I’d rather save the trees and not give cards to people who don’t want to use them…

I spoke to a representative of the Family First party who tried to convince me that the Greens should be against homosexuality because the Greens are “against unnatural things“, he also claimed that people who choose not to have children (being gay is apparently choosing not to have children) are selfish – unless of course they are a celibate priest. He also managed to offend a supporter of the ALP in two different ways which led to an amusing heated debate and then left before I could have any more fun. For the reference of other Family First people, I’ve pasted in the dictionary definitions of “homo” and “hetero”, when used as prefixes those Greek derived words mean “like attracting like” and “opposites attract”. An example of such usage is the term “homo-charged electrets” used in electronics.

From The Collaborative International Dictionary of English v.0.48 [gcide]:
Hetero- \Het"er*o-\ [Gr. "e`teros other.]
  A combining form signifying other, other than usual,
  different; as, heteroclite, heterodox, heterogamous.
  [1913 Webster]

From The Collaborative International Dictionary of English v.0.48 [gcide]:
Homo- \Ho"mo-\
 A combining form from Gr. "omo`s, one and the same, common,
 joint.
 [1913 Webster]

From Bouvier's Law Dictionary, Revised 6th Ed (1856) [bouvier]:
HOMO. This Latin word, in its most enlarged sense, includes both man and
woman. 2 Inst. 45. Vide Man.

The ALP (usually known as Labor) supporters had unfortunately believed the lies of their own apparatchiks. They were convinced that the Greens were directing preferences to the Liberal party, even though in most districts the Greens actually directed preferences to the ALP! The only exceptions were a small number of districts with split preferences (favoring neither Liberal nor ALP). It continually amazes me that while helping the ALP they were attacking us! Once I showed the ALP supporters the cards I was distributing they became quite friendly, as the Greens had a very low chance of winning the lower house in the districts for the polling place in question the preferences would go to the ALP.

It was interesting to talk to a Liberal supporter, he supports the workplace reforms implemented by the Federal government (Liberal) because he was hired for his current job because his employer can easily get rid of him if the business has a down-turn. It is hard to argue with someone who has only got a job because of the policy in question, but I did point out that continuity of employment is a major factor when applying for a mortgage. I recently bought a house and had a significant amount of hassle from the banks due to the fact that I work as a contractor. I had previously enquired about borrowing twice as much money while at my last permanent position and had much fewer problems from the banks.

I mentioned some of the other bad things the Liberal government has done (such as invading Iraq for no good cause), but the Liberal supporter was too sensible to comment on any of the issues where he would only lose. This however left him with not very much to say.

Most of the work of handing out the cards was quite boring and very tiring. Fortunately a friend decided to visit and help out so there were three people handing out Greens cards instead of the scheduled two which made it easier work. The ALP apparently had four people which seems to be an optimal number as there were voters arriving from two directions and no matter where they came from at least two ALP supporters would be able to intercept them.

Surprisingly the work was easier at the most busy times. When the queue stretched out into the street I could stoll along the queue and give the cards to the voters. When the queue disappeared later in the day the voters were walking past at high speed and I had to move quickly to get to them.

Now it’s time to start planning for the next Federal election.

Related posts:

  1. nuclear power in Australia From Crikey: If a government wanted to figure out how...
  2. why I joined the Australian Greens In 2004 I was browsing the web sites of the...
  3. Linux support by politicians In two days time we are having a state election...
  4. wasted votes In a mailing list to which I subscribe there is...
  5. economics of nuclear power It’s interesting to note in this press release from the...
November 26th, 2006 | Category: Politics | Comments are closed

Linux support by politicians

In two days time we are having a state election in Victoria (Australia). For this election there is only one party with policies that are positive towards free software, that is the Australian Greens. The policy documents include an IT policy (note that the IT policy is on a link that may change while the policy documents is a permanent link).

The Greens IT policy has three sections under the goals, one of those is about open standards (ensuring that government data is in documented file formats for use by all with no need to purchase software) and another is about Open Source which directly advocates the use of free software by government agencies. The principles part of the document is also very positive towards free software and explains why it’s beneficial for Australia.

Any Greens representatives that are elected on the weekend have to abide by the party policy, that means that they must advocate the use of open standards and Open Source in government use and vote accordingly when any legislation related to computers is being considered!

Some of the members of the Greens are also members of the free software community, we were able to explain to the other party members the benefits for Australia and for social justice in the use of free software, and thus we reached an agreement about on a policy that suits people who use free software – not to benefit such people, but because of the benefits to society of the use of free software.

I think it would be good if members of the free software community in other countries would also join their local Green party and promote similar policies. While there is no direct connection between the Green parties in different countries the aims are very similar and therefore the arguments that persuaded Green members in Australia can be expected to work reasonably well in other countries (I am happy to provide advise in this regard via private mail if requested).

Also it would be good if other parties could be persuaded to have similar policies. If you want to help the free software community but for some reason you don’t support the Greens then please join a party that matches your views and advocate an IT policy that promotes free software.

Currently people who want to vote for free software in the Victorian election have no option other than to vote for the Greens. As a member of the Greens I am happy to document this as a reason to vote Green. But as a member of the free software community I would like to see other parties adopt policies that promote free software.

The Greens adoption of a policy that promotes free software was largely driven by the issue of social justice. We believe that every Australian citizen has the right to access all public government data. If government data is available in proprietary formats then access is only granted to people who can afford the latest software ($800 for a full copy of MS Office) and hardware to run it ($600 at least). We believe that unemployed people who receive free Linux computers from Computerbank should be able to access government data. We also believe that when FOI laws apply in 30 years time all current data should be accessible, there’s no chance that whatever version of Office is being sold in 30 years time will read current MS file formats, and there’s no guarantee that MS will even be in business then. File formats for which there are authoritative open-source programs written to use them will be accessible in 30 years time and more.

Related posts:

  1. why I joined the Australian Greens In 2004 I was browsing the web sites of the...
  2. economics of nuclear power It’s interesting to note in this press release from the...
  3. electric cars Here’s an interesting post on the Green’s site about the...
  4. nuclear power in Australia From Crikey: If a government wanted to figure out how...
  5. wasted votes In a mailing list to which I subscribe there is...
November 23rd, 2006 | Category: Politics | Comments are closed
« Newer Entries  
  Older Entries »