A hearing for a bill will take place in New Hampshire on February 16th, 2023, for a bill that, if passed, will require state agencies to accommodate libre software users in public-facing applications, so that people do not have to use proprietary software to access state services on the internet.
Your help is needed. More information is available in the linked article.
I read the article, but didn’t see a list of the proprietary software that’s required to interact with New Hampshirite state agencies. Are there examples of this problem?
I'm not sure of New Hampshire's stage agencies, but the most common problem I've experiences interacting with government agencies is PDFs. The format is fairly well-designed to be easy to read so many libre software alternatives can view PDFs, but forms are another story. If a PDF form hasn't been tested in libre readers, it would be unwise to assume that it works in libre readers (or even some proprietary readers). And if testing discovers that it doesn't work, getting it to work isn't necessarily possible with the PDF editing tools available, as making their editors compatible with libre readers isn't exactly a priority for Adobe.
I recently edited a pdf form using Okular (KDE app on Linux - Arch in this case). It was a pretty involved multi page bank mortgage related form. The app that designed this beauty was running on a Mac (can't remember more but I did see Mac in some metadata on it). One field went a bit odd - it would show one number and print another after I got my data entry a bit wrong and corrected it. Clearly a bug.
I passed the form over to Chrome's pdf handler and got the same result. I also passed it through Windows based stuff - I run an IT company. Same result. I did eventually manage to clear the fault.
If I recall correctly it was the day field for date of birth. My DoB is 7th December - I'm a Brit so 7/12. The field wanted 07 for single digit days and I entered 7 followed by the month numbers. So I ended up with 71 in the day field. Field validation was probably not a consideration for an admin in a bank tasked with knocking up a form used by millions of people! If that thing was from IT then they should look for another job.
Anyway - Okular worked the same way as the rest and shared their faults. It did at least manage to look much prettier and work very, very quickly.
Okular uses the poppler PDF library under the hood - and probably do most other non-Adobe implementations. Each software package is not a complete reimplementation of the standard, so it is not unexpected that they share behavior (and bugs).
If you can share the PDF we can file a bug report against poppler.
It’s not as bad currently, but 10 years ago it wasn’t that unusual to find things like government and bank websites using freaking ActiveX.
These days I would imagine it means things like not publishing videos with (only) proprietary codecs, or using some sort of non-standard non-open 2fa or something.
With all due respect, speaking as someone not in New Hampshire, your (and the article's) request to me and others like myself is a subversion of democracy.
This New Hampshire state bill is being deliberated in the New Hampshire state legislature, to be eventually voted on by New Hampshire state legislators voted in by and representing the people of the state of New Hampshire.
As a strictly state matter, any influence from outside the state of New Hampshire is a subversion of democracy in the state.
Are you aware of how common this type of behavior is? Where are you purposing to draw the line? Should we not even discuss local and state elections on the internet to prevent outside voices from swaying the views of voters? Should we not report on these elections?
A free and fair election is about ensuring that eligible voters are informed, that they have access to the ballot box, and that those ballots are accurately counted.
It's fine to discuss others' affairs, but actually going as far as to contact state representatives (read: spam them) when you aren't their constituent over stuff like this is a subversion of democracy.
You may or may not like what's going on in New Hampshire, but if you aren't a New Hampshire resident with voting rights you don't get to have any say in their affairs.
> But under no circumstances should you try to unilaterally influence
Why do you believe that to be true? I'm asking as an outside observer, I don't live in the US so I have no real interest in all this.
But, since things are interconnected, and a state isn't just some lonely abstract entity, isn't in your interest to try push for things that are good overall?
Why shouldn't I try to convince people that a certain change is a good thing, even if that change doesn't influence me directly?
>But, since things are interconnected, and a state isn't just some lonely abstract entity, isn't in your interest to try push for things that are good overall?
States are separate for a reason, the people of each state want to do things their own way. For the things we can all agree nationally there is the federal government, but for everything else it's separated at the state level so we step on as few toes as possible.
Spamming a New Hampshire state representative when you aren't in New Hampshire, let alone not in the US, subverts democracy by violating state and possibly country lines.
This feels more like an identity-politics-adjacent opinion. I don't think it's as unarguable as you're acting like to say that such a thing is corrupt. It's at worst an open question.
I remember my mother telling me a story of how she was dragged for interrogation after undercover cops overheard her and her friend talking about political situation in communist Poland.
It's a dangerous territory you're trying to propose.
Maybe, maybe not. Wouldn't surprise me if there are at least a few.
What OP and the article are asking is for someone in, say, Belgium or Canada or Texas to go and contact a New Hampshire state representative about a strictly New Hampshire state affair. Talk about making unnecessary and inappropriate noise for New Hampshire's democracy.
It's not asking us to falsify votes or commit fraud or anything, just asking for people to sing the virtues of this approach.
As an analogy, say Colorado passed a law that New Hampshire is also considering passing. In that case would you consider it interference for people from Colorado to speak in New Hampshire saying "You guys shouldn't pass this, it worked out poorly for us in Colorado"?
Trade groups in the US routinely try to influence state legislation outside the state where they are domiciled, and sometimes outside the country.
For example, the Business Software Alliance (BSA), founded by Microsoft, operates in over 30 countries. It engages in both lobbying and litigation, around the US and around the world.
Individual companies engage in lobbying outside of trade groups as well.
The irony of the parent comment is that "tech" companies, the ones that disseminate proprietary software, have done and continue to do more to "subvert democracy" than any individual in history has ever done, and they do this more or less free from civil liability or criminal prosecution.
This bill is interesting because, as it currently reads, it does not force the state to use non-proprietary software. It is not stopping the state from purchasing Microsoft software licenses, for example. Instead it prohibits the state from forcing the residents of NH to use proprietary software in order to interact with the state agencies:
"21-W:1 Mandatory Use of Proprietary Software Prohibited. No person in the state of New Hampshire shall be required to use proprietary software for any interaction with the government, including, but not limited to: the filing or payment of taxes, remote appearance for court proceedings, the taking of standardized tests or the completion of coursework by school students, applying for or receiving unemployment benefits, or other similar benefits, unless the government agency has determined that the proprietary software is the only means available for the required interaction. In such cases of proprietary software use, the agency shall post a notice of its determination and the use of proprietary software on the agency's website."
This is a topic that comes up on HN with moderate frequency. For example, a website tries to force the user to use a specific client, which is effectively proprietary software under the control of a "tech" company.
The client might be a Big Tech advertising-sponsored web browser that no one except Big Tech employees ever audits, modifies or compiles, regardless of whether the source code is available. It might be a closed mobile app that pins TLS certificates to stop anyone from observing what data it records about its user and sends to the "tech" company, sometimes called "phoning home" to the "mothership".
The website might use something like Cloudflare in the name of "protection" primarily to restrict clients to a certain browsers controlled by Big Tech that can be leveraged against users (ad targets) for data collection, surveillance and advertising.
these machines have osboot, based on coreboot, that replaces proprietary bios/uefi firmware, and a libre OS like linux/bsd with full driver support. encrypted ssd by default. secure, private laptops for people who need it. no proprietary bloatware, just freedom. sales fund osboot development
However, those other companies that advertise neutered ME are shipping newer Intel platforms where actual x86 hardware initialization is handled by binary blobs (e.g. Intel FSP).
Sandybridge and Ivybridge platforms (e.g. X220/X230) in coreboot are all free software for the x86 part, and that's the majority of it. It's only the ME that isn't. With me_cleaner used, it's very close to Libreboot.
X230 used to be worse in coreboot; for instance, it previously had non-free raminit. Nowadays, it's all GPL code.
My finances are really good these days. I had temporary difficulties in early 2020, as did many people at the start of the covid pandemic, but those are long behind me now. The company has existed since 2014.
The company is doing extremely well these days. I'm very grateful for everyone's support!
PS:
New Libreboot release soon.
The current Libreboot 20210522 testing release (from May 2021) is more or less complete, and the most major issue (the reset bug) is now fixed in libreboot Git.
I'm polishing the current Git and aiming for a new stable release.
I think the RockPro64 [1] as well as the rockpi4 can be run without any binary blobs. Why I don't see any vendor considering ryf-certifiying devices based on them?
The FSF must decide whether to endorse a product, and it must be requested by the supplier. So if a product could be endorsed, but isn't, it's either being reviewed or has not been submitted by the vendor.
In fact, I'm interested in their product commercially for Minifree, and also interested in terms of Libreboot. You can replace the default uboot firmware with coreboot, which offers many more features and there's where my company could really offer some nice custom services.
I acquired a Rockpi4 in the hope to use it blob-free. But I'd love to see vendors trying to ryf-certify it. Do you (or any other vendor) have plans to sell or certify it?
Looking forward to it. Getting an rk3399 device ryf-certified would be great. They have accelerated 3d graphics and video codecs that are (AFAIK) fully supported by fully free software. It would be, although not very powerful, the most modern affordable ryf-certified device available. I really hope you do it.
Also in your list of tasks you list ROCKPro64. Although I really like pine64 steps, I think the best rk3399 device for such a task is the Rock Pi 4 Model A Plus, it's got a faster processor, no wifi and the usb-c port is used for power only: no need to care about blobs for eDP! So, if you are thinking about a board to support, I'd suggest you to think about the Rock Pi 4 Model A Plus.
> The current Libreboot 20210522 testing release (from May 2021) is more or less complete, and the most major issue (the reset bug) is now fixed in libreboot Git.
That's really exciting news! Is there any documentation on how to upgrade libreboot?
Unless new progress has been made that I'm not aware of, you need at least another blob beside the ME firmware (me.bin) to build a full coreboot image on the X230: there's the "Intel flash descriptor" (ifd.bin). I'm not sure if that contains executable code or it can be generated similarly to the gbe.bin (ethernet controlled config).
yeah but that's not software. It's configuration data, in a binary format that's well-documented. There is also a tool for managing it in coreboot, called ifdtool.
There is also the GbE NVM (non-volatile memory) region, which configures the onboard ethernet chipset.
These configure the hardware, and the format is fully documented by datasheets.
Thanks for the explanation. Do you know if it would be possible to fully create an ifd.bin knowing the specs of the mainboard? Basically the opposite of `ifdtool --dump`. I'm surprised because it seems to contain some pretty secretive options like the HAP bit.
Yeah it's possible to know the format by reading the Intel datasheets (sandybridge/ivybridge ones). Certain parts are "reserved" but have been reverse engineered like you see in ifdtool.
In Libreboot there is a tool that I wrote called ich9gen, which can entirely generate ich9 ifd+gbe from scratch. This does not exist yet for sandy/ivy i think, but yes there is that --dump option in ifdtool.
By the way:
bincfg is a nice tool in coreboot, and you can write a spec file for that, based on intel datasheet, to generate gbe/ifd images. I actually have this on my todo list, as I've been studying it. The datasheets are very confusing especially for the Gbe NVM region, making it look like it's not even documented, but it is, poorly.
> I actually have this on my todo list, as I've been studying it. The datasheets are very confusing especially for the Gbe NVM region, making it look like it's not even documented, but it is, poorly.
That's very good news. I thank you for all the work you've done on this.
I wish Andrew and Swiftgeek all the best. Their work is fully preserved in the Git repository, should they wish to continue it in their own repositories.
