[tor-talk] Fwd: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most!
WhonixQubes
whonixqubes at riseup.net
Fri Feb 6 23:42:55 UTC 2015
привет :)
Thanks for posting this story.
GPG is certainly a fundamental tool that many of us rely upon and is
well-deserving of more donations and funding.
I will certainly donate some euros to him soon.
I'm developing security/anonymity-focused free software (Qubes + Whonix)
without any funding or donations, but am largely driven by my strong
personal desires for having and using such software. This strong
personal desire sustains me as long as I need such software for myself
(probably several years into the future). And I'm focused on a software
platform that affects my entire computing base, from low-level system
infrastructure to high-level user applications.
I could see how not really truly personally needing his own software, or
focusing so tightly on maintaining a secondary component of his own
computing needs and for other people, would wear on a developer/person
over time, compared to the development situation I'm currently in.
Overall the free software community focused on security and privacy
really needs meaningful investment made into it that reflect its
fundamental value to society.
Sadly, most users just want shiny new stuff with cool features, and so
closed source mainstream technology corporations see the majority of all
demand and revenue from users.
Sadly, the most powerful arms of governments around the world do not
want robust open source security and privacy/anonymity tools to be
successful.
Leveraging the self-interest of corporations and wealthy individuals is
probably where the most fertile ground currently exists for large
funding of open source security/privacy tools.
There probably needs to be a further mass culture shift of realizing...
Open Source = Trustable = Secure/Private
Closed Source = Untrustable = Backdoored/Spyware
The corporations and wealthy individuals take in trillions per year.
Spending a fraction of a fraction to ensure the technology that their
organizations, families, and themselves personally use is
trustworthy/secure/private and is not compromising their own lives
should be an investment no-brainer for them, since they as a class
control trillions per year in financial resources. If they can just make
the very good association to open source technology and very bad
association to closed source technology. Unlike less-powerful
organizations and less-wealthy people, they have both the means and
motives to ensure that their technology is not screwing them, by
investing into key open source projects.
As more business executives and business IT people make the association
of closed source being untrustworthy, there is probably some growing
market demand for business products to deliver open source security and
privacy technologies to businesses/corporations. It would be great if
there were more beneficial financial links between successful open
source security/privacy products and the open source infrastructure we
all widely rely upon. For example, just *one* popular security/privacy
tool, based on open source, could generate the funds to double or more
Tor's current stream of annual funding.
And, also, I wonder why "bad guys" of the world don't regularly invest
many millions into open source technology development. It would seem to
be in their logical opsec self-interest and they have the economic means
as well. Not that they'd openly write checks with their name on it, but
done anonymously via cryptocurrency etc.
Low open source funding is probably one of the biggest security holes to
the integrity of our infrastructure/security/privacy/anonymity tools.
It is hard to even point to a stack of existing tools for anybody, even
including to us security/anonymity tool developers, to remain truly
secure and private, since so much key infrastructure is so over-bloated,
under-verified, and ripe for exploits.
This quote from the article is probably also one of the key reasons why
our industry of open source security/privacy remains so grossly
under-financed...
"Really I am better at programming than this business stuff."
The "business stuff" is a fundamental key for ensuring the successful --
not just social mission -- but actual core technical integrity of our
security/privacy technology.
We'd be many years ahead of our current development and verification
curve as an industry if we had greater financial resources within our
currently teeny tiny industry that probably at least hundreds of
millions of people are directly trusting in and relying upon.
Those who have the most money and most to lose should be running to
invest in key projects. And we should do better at positioning ourselves
and our industry for such (ethical) investments.
Such a critical issue!
Thanks,
WhonixQubes
More information about the tor-talk
mailing list