I'll reply to this now, even though the thread has been dormant for
a bit.
Quoth Michael Spacefalcon:
> I see that after your post, the thread on the mailing list veered off
> into a discussion of security. But that diversion totally misses the
> point: it isn't so much about secure communication as it is about the
> Four Freedoms of software:
The four freedoms are about user freedom. And to me freedom from
surveillance is an very important aspect of living and thinking
freely. You're quite right the FSF don't explicitly list this, but
to me it is just as important as their four freedoms (and indeed
depends on them).
But anyway. Meeting the four freedoms is an excellent place to
start!
> There also are some practical considerations that affect only feature
> phones and not smartphones. I have yet to encounter a phone UI design
> that doesn't suck, and I hope that most people on this list will agree
> with me that being able to customize the UI to one's preferences is an
> essential freedom that a geeky, empowered phone user should have - and
> I mean *really* customize the UI, not just twiddle menu settings, but
> being able to study, modify or even totally rewrite the UI code.
The ability to customise is good, but to be honest I am OK with just
learning whatever weird idioms and bugs exist on a platform and
working around them. Though obviously I've never had much choice
before.
> Now look at the situation from the perspective of a user who does NOT
> want his or her phone to be anything other than a plain phone. For
> such a user, a non-smart feature phone ought to be ideal, but if the
> user also wants the freedom to fully own the UI design, s/he currently
> has to pay for an otherwise completely unnecessary application
> processor. And when I say "pay for", I'm *not* referring to the
> purchase price of the device - I would gladly pay a lot more for my
> ideal Free Dumb Phone than the most expensive GTA04 or Ubuntu Edge or
> whatever. Instead I mean pay for in terms of carrying extra weight,
> extra power consumption, extra system complexity otherwise unneeded,
> many additional points of failure, etc.
>
> *That* is what I seek to rectify with my Free Dumb Phone project,
> aside from the moral issue. Freedom is a right that all phone users
> should enjoy, not a privilege that's limited to just Linux smartphones
> to the exclusion of non-smart feature phones.
Sounds great to me.
> > I've heard that the encryption used is really crappy, and while some
> > things like MITM forced reregistration to disable encryption and
> > ease surveillance could be countered by appropriate phone settings,
> > if the best encryption algorithm available can be cracked by a home
> > PC in a few days, you're still screwed.
>
> The GSM encryption is a red herring - it makes absolutely no difference
> whether it's there or not. Imagine if the GSM encryption were perfect
> and unbreakable - what would change? Nothing. The over-the-air
> encryption is only between the mobile station and the network. In a
> public phone network, where you can dial the phone number of any
> stranger and hear each other's voices if the other party answers,
> encryption can't be end-to-end. The network has to be able to decrypt
> with one end's key and re-encrypt with a different key for the other
> end, so the network itself has (and must have) access to the cleartext
> form of your digitized voice.
>
> If I am the world's most wanted criminal and enemy #1 of all major
> governments, and they want to spy on my phone conversations, they
> aren't going to bother with cracking GSM over-the-air encryption,
> they'll just put in a "lawful intercept" at the switch.
>
> The only way to render all "lawful intercept" mechanisms ineffective
> is to use end-to-end encryption. That won't work when calling
> strangers, or calling the transit line to check bus/train schedules
> etc, but it's a very feasible mechanism for private and secure
> communication mechanism among family members, friends etc.
Aah, thanks for the clarification. Of course you're right, I hadn't
thought through the GSM encryption thing, but of course it's only
between the mobile station and the network. So yes, end-to-end is
the only way, and that will obviously be a more distant goal (and
one that sadly is impossible to make compatible with many other
things). Fine.
> > Because one of the nice things of free software traditionally has
> > been the ability to say "it's free software, so I can do what I like
> > with it, and you can't invoke state violence against me for doing
> > so,"
>
> Counter state violence with your own violence: raise your own army
> that can challenge the forces of the state on a tactical battlefield.
> It isn't too hard, we did it successfully back in 1917, and we can do
> it again.
This is where we certainly differ. State violence is awful, but
organise to counter it with your own violence and you'll at best
repl
