Rolle Rückwärts in München: Diese Fragen sollte man sich stellen


Bereits diesen Mittwoch soll die Entscheidung fallen: München will bis 2021 die Nutzung des GNU/Linux-Desktop-Clients “LiMux” beenden und damit ein erfolgreiches Leuchtturmprojekt beenden. Ich habe dazu einen ausführlichen Artikel auf Netzpolitik.org veröffentlicht. Bürger haben ein Recht darauf, dass der Stadtrat verantwortungsvoll und professionell arbeitet. Angesichts der Tragweite der Entscheidung sollte auf jede der folgenden Fragen den beteiligten Stadträten die Antwort daher bereits vorliegen. Gerne dürfen diese Fragen auch als Grundlage verwendendet werden um die Entscheidungsträger zu kontaktieren.

Die drängendsten Fragen zur Entscheidung über die zukünftige IT Startegie in München

  • Warum ignoriert der Stadtrat mit seiner Entscheidung die von ihm selbst beauftragten Studien (MitKonkret, it@M Plus, Accenture) welche alle übereinstimmend mit der it@M die Organisationsstrukturen als Ursprung aller Probleme erkannt haben?
  • Existiert ein Zusammenhang zwischen dem Umzug von Microsoft nach München und der Rückkehr zu Microsoft?
  • Wieso werden immer wieder kostenintensive Gutachten und externe Firmen beansprucht, wenn der Stadtrat letztendlich diesen Empfehlungen nicht folgt? Siehe u.a. auch bereits Mitkonkret, die damals eine volle GmbH oder ein IT-Referat empfohlen haben aber von einer Mischform abrieten.
  • Auf wessen Kompetenz fundiert der Stadtratsbeschluss und die darin enthaltene Einschätzung dass Accenture, it@M und alle beteiligten IT-Experten falsch liegen und die Ursachen sich mit einer technologischen Entscheidung lösen ließen?
  • Diese Entscheidung des Stadtrates hat tiefgreifende technische Konsequenzen. Welcher IT-Architekt hat den Stadtrat diesbezüglich beraten und entschieden, dass die kostenintensive Umstellung auf Microsoft Windows eine notwendige Maßnahme ist?
  • Wie glaubt der Stadtrat in zwei Jahren eine komplett neue Infrastruktur zu schaffen angesichts der Tatsache dass auch die bestehende Infrastruktur mit der geplanten Grösse ihre Schwierigkeiten hat. Wie sollen in diesem Zeitraum 30.000 Mitarbeiter geschult, über 9.000 Vorlagen umgebaut, Wollmux und hunderte von komplexen Makros ersetzt werden?
  • Ist dem Stadtrat bewusst, wie er durch den Antrag die Leistung der IT-Mitarbeiter der Stadt herabwürdigt und dass dieses Verhalten die Attraktivität der Landeshauptstadt München als Arbeitgeber für kompetente IT-Spezialisten nachhaltig schädigt?
  • Was passiert mit den Mitarbeitern, die zur Zeit für den Basisclient und LibreOffice entwickeln? Werden diese entlassen oder wird ihnen eine angemessene Zeit zur Umschulung gegeben?
  • Welche Auswirkung hat diese Entscheidung auf den Betrieb der GNU/Linux-Server und das erst kürzlich neu aufgebaute Rechenzentrum der Stadt?

Weiter Fragen die man sich zu dem Thema stellen sollte

  • Wieso glaubt der Stadtrat an, Fachentscheidungen besser treffen zu können als die mit dem Thema beauftragten Fachleute?
  • Haben die Stadträte des Antrags geschäftliche Verbindungen zu Microsoft oder Microsoft-nahen Firmen?
  • Auf welcher Basis wurde entschieden, dass Windows das geeignete System sei?
  • Die Entscheidung ist nicht produktneutral und benachteiligt u.a. deutsche Anbieter und den Wirtschaftsstandort München. Ist das legal oder drohen der Stadt und den für die Entscheidung Verantwortlichen rechtliche Konsequenzen und Regressforderungen?
  • Erratische und unabgestimmte Entscheidungen können auch dazu führen dass viele Firmen bei Ausschreibungen der Landeshauptstadt München in Zukunft nicht mehr teilnehmen. Wie will der Stadtrat dies verhindern wenn Ausschreibungen, Projekte und betriebsfähige Software durch diese Entscheidung einfach weggeworfen werden?
  • Soll die technische Umstellung die notwendige administrative Umstellung ersetzen?
  • Wie verhält sich die geplante Entscheidung zum Teil der Entscheidungsvorlage in der die Notwendigkeit einer heterogenen, von Windows unabhängigen, Infrastrukturstrategie hervorgehoben wird?
  • Wie verhält sich diese Entscheidung insbesondere zu der “Web First”-Strategie, welche ebenfalls in der Entscheidung angesprochen wird?
  • Es gab schon in der Vergangenheit Gerüchte, dass der Stadtrat sich nicht an die Vorgaben der Stadt gehalten hat und unbetreute Windowsclients im Backbone der Stadt oder für Stadtratsaufgaben eingesetzt hat. Dies wäre u.A. eine grob fahrlässige Gefährdung der IT-Sicherheit. Entsprechen diese Gerüchte den Tatsachen?
  • Worauf begründet der Stadtrat seinen Optimismus, dass es keine Reibungsverluste zwischen den DiKas, der GmbH und dem Eigenbetrieb geben wird?
  • Soll der Stadtratsbeschluss zu einer Abschaffung der städtischen Infrastruktur führen bei der alle Daten der Bürger in der Accenture/Microsoft-Cloud gespeichert werden?
  • Wie sieht der Stadtrat die Gewährleistung des Datenschutzes, insbesondere angesichts der Executive Order von Präsident Trump welche den Datenschutz für nicht-US-Bürger abgeschafft hat.
  • Der Stadtrat zwingt mit dieser Entscheidung die Bürger der Landeshauptstadt München zum Einsatz von Microsoft Office für die Kommunikation mit der Verwaltung. Übernimmt der Stadtrat auch die Kostenfolgen dieser Entscheidung für die Bürger die aktuell nicht über Microsoft Office verfügen?
  • Der Stadtrat hat verlauten lassen, dass der Dokumentenaustausch wegen mangelnder Kompatibilität problematisch sei. Auf welche Art und Weise hat der Stadtrat vor, den Austausch von Dokumenten per E-Mail auszubauen? Angesichts von Viren, Erpressungs-Crypto-Trojanern und staatlichen Angreifern mit dem Ziel der Wirtschaftsspionage und
    Manipulation scheint dieses Ziel in die falsche Richtung zu gehen. Stellt dies nicht eine Gefährdung der Sicherheit der städtischen IT durch die Entscheidung des Stadtrats dar?
  • Wie beeinflusst die Entscheidung des Stadtrats die Kosteneffizenz des Gutachtens?

The most sincere form of flattery


Looking for Freedom

CC BY-ND 2.0 by Daniel Lee

Nextcloud now exists for almost exactly 8 months. During this time we put a lot of efforts in polishing existing features and developing new functionality which is crucial to the success of our users and customers.

As promised, everything we do is Free Software (also called Open Source), licensed under the terms of the GNU APGLv3. This gives our users and customers the most possible flexibility and independence. The ability to use, study, share and improve the software also allows to integrate our software in other cloud solutions as long as you respect the license and we are happy to see that people make use of this rights actively.

Code appearing in other app stores

We are proud to see that the quality of our software is not only acknowledged by our own users but also by users of other cloud solutions. Recently more and more of our applications show up at the ownCloud App Store. For example the community driven News app or the Server Info app, developed by the Nextcloud GmbH. Additionally we have heard that our SAML authentication application is widely considered far better quality than other, even proprietary alternatives, and used by customers of our competitors in especially the educational market. All this is completely fine as long as the combination of both, our application and the rest of the server, is licensed under the terms of the GNU AGPLv3.

Not suitable for mixing with enterprise versions

While we can’t actively work on keeping our applications compatible with other cloud solutions, we welcome every 3rd party efforts on it. The only draw-back, most of the other cloud solutions out there make a distinction between home users and enterprises on a license level. While home users get the software under a Free Software license, compatible with the license of our applications, Enterprise customers don’t get the same freedom and independence and are therefore not compatible with the license we have chosen. This means that all the users who uses propriety cloud solutions (often hidden by the term “Enterprise version”) are not able to legally use our applications. We feel sorry for them, but of course a solution exists – get support from the people who wrote your software rather than a different company. In general, we would recommend buying support for real Free Software and not just Open Source marketing.

Of course we don’t want to sue people for copyright violation. But Frank choose the AGPL license 7 years ago on purpose and we want to make sure that the users of our software understand the license and it’s implications. In a nutshell, the GNU AGPLv3 gives you the right to do with the software whatever your want and most important all the entrepreneurial freedom and independence your business needs, as long as the combined work is again licensed under the GNU AGPLv3. By combining GNU AGPLv3 applications with a proprietary server, you violate this rule and thus the terms of the license. I hope that other cloud solutions are aware of this problem, created by their open-core business model, and take some extra steps to protect their customers from violating the license of other companies and individual contributors. For example by performing a license check before a application gets enabled.

Open Core is a bad model for software development

This is one of many problems arising from the usage of open core business models. It puts users on risk if they combine the proprietary part with Free Software, more about it can be read here. That’s why we recommend all enterprise and home users to avoid a situation where proprietary and free licensed software is combined. This is a legal minefield. We at Nextcloud decided to take a clear stance on it. Everything is Free Software and there is only one version of the software for both home users and enterprises. Thus allows every home user, customer or partner to use all applications available as long as they respect the license.

Werkzeugkasten Freie Software


Open Education Resources

Nach viel Arbeit, die dank einem tollen Autoren-Team und Herausgeber mindestens genauso viel Spaß gemacht hat, freue ich mich das der Werkzeugkasten Freie Software veröffentlicht wurde. Ganz im Sinn der Open Education Resources ist der Werkzeugkasten unter der Creative Commons By-SA Lizenz erhältlich. Damit können alle Inhalte im und außerhalb des Unterrichts frei verwendet werden, solange die Quelle benannt wird. Auch Anpassungen und Erweiterungen sind durch die Lizenz erlaubt. Hierfür steht der vollständige Werkzeugkasten als HTML, PDF, DOCX und ODT zum Download bereit.


Das Konzept Freie Software ist für die Schule wie geschaffen. Freie Software erlaubt es die Software für jeden Zweck zu verwenden, sie zu untersuchen, anzupassen und weiterzugeben. Dadurch können Schüler ohne Hindernisse, wie restriktive Lizenzen, mit der Software ihrer Wahl arbeiten. Durch die Möglichkeit die Software frei zu kopieren ist sicher gestellt, dass alle Schüler die gleichen Chancen haben und der Erfolg im Unterricht nicht vom Geldbeutel der Eltern abhängt. Beim Einsatz Freier Software kann auch der Lehrer bedenkenlos die Software an die Schüler ausgeben, so dass zu Hause und in der Schule mit der selben Software gearbeitet werden kann. Schüler können zusammen lernen und die Software untereinander austauschen, dies ist eine Art der Zusammenarbeit wie sie in vielen anderen Bereichen der Schule selbstverständlich ist. Da Software fachübergreifend in nahezu jedem Bereich eingesetzt wird, kommt ihr eine besondere Bedeutung bei der Frage zu, welche Art des Miteinander und der Zusammenarbeit wir in Schulen vermitteln wollen.
Sollte die Neugier groß genug sein, ermöglicht Freie Software auch das sich die Schüler das Innenleben der Software anschauen und diese vielleicht sogar selber anpassen. Dadurch können Schüler spielerisch ein besseres Verständnis für die Technologie erwerben die sie im Alltag umgibt. Grundzüge dieser Technologie zu verstehen wird in Zukunft genauso wichtig sein wie das Lesen und Schreiben. Mit Freier Software haben Schulen die einmalige Gelegenheit Schülern nicht nur die Bedienung einer Black-Box beizubringen, sondern zur Erlangung nachhaltigem Wissens beizutragen.

Proprietäre Software verwendet oft seine ganz eigenen, undokumentierten Dateiformate. Dadurch besteht die Gefahr das man frühzeitig Dokumente in Formaten anhäuft welche man in Zukunft entweder gar nicht mehr lesen kann oder die einen dazu zwingen weiterhin Software des gleiche Herstellers einzusetzen. Dieser Lock-In Effekt ist einer der Gründe warum Hersteller ihre proprietäre Software oft bereitwillig günstig oder vollständig kostenlos an Schulen ausgegeben. Man sollte sich gut überlegen ob man ein solches zweifelhaftes “Geschenk” annehmen will. Im Gegensatz dazu basiert Freie Software oft auf standardisierten Dateiformaten. Diese erhöhen die Chancen, dass man seine Dokumente auch noch viele Jahre nach der Erstellung lesen und weiterverarbeiten kann. Auch die Möglichkeiten die Software zu wechseln sind dadurch deutlich besser.

Ich hoffe, dass es uns mit dem Werkzeugkasten Freie Software gelungen ist sowohl die grundlegenden Prinzipien und Vorteile Freier Software zu vermitteln, also auch ganz konkrete Softwarelösungen und Einsatzmöglichkeiten für den Alltag in der Schule vorzustellen. Ich bin schon sehr gespannt wie das Ergebnis angenommen wird und freue mich über jede Art von Rückmeldung.

Cloud Federation – Getting Social


Clouds getting Social

Clouds getting Social

With Nextcloud 11 we continue to work on one of our hot topics: Cloud Federation. This time we focus on the social aspects. We want to make it as easy as possible for people to share their contact information. This enabled users to find each other and to start sharing. Therefore we extended the user profile in the personal settings. As the screenshot at the top shows, users can now add a wide range of information to their personal settings and define the visibility for each of them by clicking on the small icon next to it.

Privacy first

Change visibility of personal settings

Change visibility of personal settings

We take your privacy serious. That’s why we provide fine grained options to define the visibility of each personal setting. By default all new settings will be private and all settings which already exists before will have the same visibility as on Nextcloud 10 and earlier. This means that the users full name and avatar will only be visible to users on the same Nextcloud server, e.g. through the share dialog. If enabled by the administrator, this values, together with the users email address, will be synced with trusted servers to allow users from trusted servers to share with each other seamlessly.

As shown at the screenshot at the right we provide three levels of visibility: “Private”, “Contacts” and “Public”. Private settings will be only visible to you, even users on the same server will not have access to it. The only exceptions are the avatar and the full name because this are central data used at Nextcloud for activities, internal shares, etc. Settings which are set to “Contacts” will be shared with users on the same server and trusted servers, defined by the administrator of the Nextcloud server. Public data will be synced to a global and public address book.

Introducing the global address book

The best real world equivalent to the global address book is a telephone directory. For a new phone number people can chose to publish their phone number together with their name and address to a public telephone directory to enable other people to find them. The global address book follows the same pattern. By default nothing gets published to the global address book. Only if the user sets at least one value in their personal settings to “Public”. In this case all the public data will be synced to the global address book together with the users Federated Cloud ID. Users can remove their data at any time again by simply setting their personal data back to “Contacts” or “Private”.

In order to use the global address book as a source to find new people, this lookup needs to be enabled explicitly in the “Federated Cloud Sharing” settings by the administrator. For privacy reasons this is disabled by default. If enabled the share dialog of Nextcloud will query the global address book every time a user wants to share a file or folder, and suggest people found in the global address book. In the future there might be a dedicated button to access the global address book, both for performance reasons and to make the feature more discoverable.

Future work

The global address book can return many results for a given name. How do we know that we share with the right person? Therefore we want to add the possibility to verify the users email address, website and Twitter handle in Nextcloud 12. As soon as this feature is implemented the global address book will only return users where at least one personal setting is verified and also visualize the verified data so that the user can use this information to pick the right person.

Further, I want to extend the meaning of “Contacts” in one of the next versions. The idea is that “Contacts” should not be limited to trusted servers but include the users personal contacts. For example the data set to “Contacts” could be shared with every person to which the user already established at least one federated share successfully, or to all contacts with a Federated Cloud ID in the users personal address book. This way we will move slowly in the direction of some kind of decentralized and federated social network based on the users address book. This will also enable users to easily push their new phone number or other personal data to all their friends and colleagues, things for which most people use centralized and proprietary services like so called “business networks” these days.

Another interesting possibility, made possible by the global address book is to move complete user accounts from one server to another. Given that the user published at least some basic information on the global address book, they could use it to announce their move to another server. Other Nextcloud servers could find this information and make sure that existing federated shares continue to work.

Transfer Public Links to Federated Shares


Transform Public Links to Federated Shares

Transform a public link to a federated share

Creating public links and sending them to your friends is a widely used feature of Nextcloud. If the recipient of a public link also has a Nextcloud or ownCloud account he can use the “Add to your Nextcloud” button to mount the content over WebDAV to his server. On a technical level all mounted public links use the same token, the one of the public link, to reference the shared file. This means that as soon as the owner removes the public link all mounts will disappear as well. Additionally, the permissions for public links are limited compared to normal shares, public links can only be shared read-only or read-write. This was the first generation of federated sharing which we introduced back in 2014.

A year later we introduced the possibility to create federated shares directly from the share dialog. This way the owner can control all federated shares individually and use the same permission set as for internal shares. Both from a user perspective and from a technical point of view this lead to two different ways to create and to handle federated shares. With Nextcloud 10 we finally bring them together.

Improvements for the owner

Public Link Converted to a Federated Share

Public link converted to a federated share for bjoern@myNextcloud.net

From Nextcloud 10 on every mounted link share will be converted to a federated share, as long as the recipient also runs Nextcloud 10 or newer. This means that the owner of the file will see all the users who mounted his public link. He can remove the share for individual users or adjust the permissions. For each share the whole set of permissions can be used like “edit”, “re-share” and in case of folder additionally “create” and “delete”. If the owner removes the original public link or if it expires all federated shares, created by the public link will still continue to work. For older installations of Nextcloud and for all ownCloud versions the server will fall-back to the old behavior.

Improvements for the user who mounts a public link

After opening a public link the user can convert a public link to a federated share by adding his Federated Cloud ID or his Nextcloud URL

After opening a public link the user can convert it to a federated share by adding his Federated Cloud ID or his Nextcloud URL

Users who receive a public link and want to mount it to their own Nextcloud have two options. They can use this feature as before and enter the URL to their Nextcloud to the “Add to your Nextcloud” field. In this case they will be re-directed to their Nextcloud, have to login and confirm the mount request. The owners Nextcloud will then send the user a federated share which he has to accept. It can happen that the user needs to refresh his browser window to see the notification.
Additionally there is a new and faster way to add a public link to your Nextcloud. Instead of entering the URL to the “Add to your Nextcloud” field you can directly enter your federated cloud ID. This way the owners Nextcloud will send the federated share directly to you and redirect you to your server. You will see a notification about the new incoming share and can accept it. Now the user also benefit from the new possibilities of the owner. The owner can give him more fine grained permissions and from the users point of view even more important, he will not lose his mount if the public link gets removed or expires.

Nextcloud 10 introduces another improvement in the federation area: If you re-share a federated share to a third server, a direct connection between the first and the third server will be created now so that the owner of the files can see and control the share. This also improves performance and the potential error rate significantly, avoiding having to go through multiple servers in between.

History and Future of Cloud Federation


Federated Cloud Sharing - Connect self-hosted, decentralized clouds

Federated Cloud Sharing – Connect self-hosted, decentralized clouds

I’m now working for about two years on something called Federated Cloud Sharing. It started on June, 23er 2014 with the release of ownCloud 7.0. Back then it was simply called “Server to Server sharing”. During all this years I never wrote about the broader ideas behind this technology, why we do it, what we achieved and where we are going.

Motivation

The Internet started as a decentralized network, meant to be resilient to disruptions, both due to accidents or malicious activity. This was one of the key factors which made the Internet successful. From the World Wide Web, over IRC, news groups, e-mail to XMPP. Everything was designed as decentralized networks, which is why if you are on the Google servers you can email people at Yahoo. Everybody can set up his own web server, e-mail or chat server and communicate with everyone else. Individuals up to large organisations could easily join the network, participate and build business without barriers. People could experiment with new innovative ideas and nobody had the power to stop them or to slow them down. This was only possible because all underlying technology and protocols were build on both Open Standards and Free Software.

This changed dramatically over the last ten years. Open and inclusive networks were replaced by large centralized services operated by large companies. In order to present yourself or your business in the public it was no longer enough to have your own website, you had to have a page on one or two key platforms. For communication it was no longer enough to have a e-mail address, or be on one of the many IRC or XMPP servers. Instead people expected that you have a account on one of the major communication platforms. This created huge centralized networks, with many problems for privacy, security and self-determination. To talk to everybody, you have to have an account on Facebook, at Google, Skype, Whatsapp, Signal and so on. The centralization also made it quite easy to censor people or manipulate their view by determining the content presented to them. The algorithms behind the Facebook news feed or the “what you missed” in Twitter are very clever — or so we assume, as we don’t know how they work or determine what is important.

The last few years many initiatives started to solve this problem in various ways, for example by developing distributed social networks. I work in the area of liberating people who share and sync all sort of data. We saw the rise of successfully projects such as ownCloud, Pydio and now of course Nextcloud. They all have in common that they built Free Software platforms based to a large extend on Open Standards to allow people to host, edit and share their data without giving up control and privacy. This was a huge step in creating more competition and restoring decentralized structures. But it also had one big drawback. It created many small islands. You could only collaborate with people on the same server, but not with others who run their own server. This leads us to the concept of federated cloud sharing.

Server to Server Sharing

The first version of this ideas was implemented in ownCloud 7.0 as “Server to Server Sharing”. ownCloud already knew the concept of sharing anonymous links with people outside of the server. And, as ownCloud offered both a WebDAV interface and could mount external WebDAV shares, it was possible to manually hook a ownCloud into another ownCloud server. Therefore the first obvious step was to add a “Add to your ownCloud” button to this link shares, allowing people to connect such public links with their cloud by mounting it as a external WebDAV resource.

Federated Cloud Sharing

Server to server sharing already helped a lot to establish some bridges between many small islands created by the ability to self-host your cloud solution. But it was still not the kind of integration people where used to from the large centralized services and it only worked for ownCloud, not across various open source file sync and share solutions.

federated-cloud-id

The next iteration of this concept introduced what we called a “federated cloud ID”, which looks similar to a e-mail address and, like email, refers to a user on a specific server. This ID could then be used in the normal share dialog to share files with people on a different server!

share dialog - federated cloud id

The way servers communicate with each other in order to share a file with a user on a different server was publicly documented with the goal to create a standardized protocol. To further the protocol and to invite others to implement it we started the Open Cloud Mesh project together with GÉANT, an European research collaboration initiative. Today the protocol is already implemented by ownCloud, Pydio and now Nextcloud. This enables people to seamlessly share and collaborate, no matter if everyone is on the same server or if people run their own cloud server based on one of the three supporting servers.

Trusted Servers

In order to make it easier to find people on other servers we introduced the concept of “trusted servers” as one of our last steps. This allows administrator to define other servers they trust. If two servers trust each other they will sync their user lists. This way the share dialogue can auto-complete not only local users but also users on other trusted servers. The administrator can decide to define the lists of trusted servers manually or allow the server to auto add every other server to which at least one federated share was successfully created. This way it is possible to let your cloud server learn about more and more other servers over time, connect with them and increase the network of trusted servers.

federation

Open Challenges: where we’re taking Federated Cloud Sharing

Of course there are still many areas to improve. For example the way you can discover users on different server to share with them, for which we’re working on a global, shared address book solution. Another point is that at the moment this is limited to sharing files. A logical next step would be to extend this to many other areas like address books, calendars and to real-time text, voice and video communication and we are, of course, planning for that. I will write about this in greater detail in on of my next blogs but if you’re interested in getting involved, you are invited to check out what we’re up to on GitHub and of course, you can contact me any time.

Freedom for whom?


We want freedom

CC BY SA 2.0 by Quinn Dombrowski

This discussion is really old. Since the first days of the Free Software movement people like to debate to whom the freedom in Free Software is directed? The users? The code? The developers? Often this goes along with a discussion about copyleft vs non-protecting Free Software licenses like the BSD- and the MIT-License. I don’t want to repeat this discussion but look at the question from a complete different angle. I want to look at it from the position of a software company and its business model.

If you talk to Free Software companies you realize, that very few have a business model completely based on Free Software. Most companies add proprietary extensions on top and use this as the main incentive for customers to buy their software. In 2008 Andrew Lampitt coined the term open core to describe this kind of business models. There are many ways to argue in favor of open core. One argument I hear quite often is that the proprietary parts are only useful for large enterprises, so nothing is taken away from the community. This way the community gets reduced to the typical home user, which is a interesting way of looking at it. Why should we make such a distinction? And why does home users deserve software freedom more then large organizations?

I understand that freedom in the context of software is a concept which can sound scary to some companies at the beginning. After all, that was the main reason why Open Source was invented, a marketing campaign for Free Software to make business people feel more comfortable. Interestingly this changes quickly if you go into more details about what software freedom really means. More entrepreneurial freedom, control over the tools they use, software freedom as a precondition for privacy and security, independence, freedom to chose the supplier with the best offering and in case of software development the freedom to build on existing, well established technology instead of building everything from scratch. These are freedoms well understood and appreciated by entrepreneurs and they demand it in many other areas of their daily business. This lead me to the conclusion that software freedom is not only something for home users but it also important for large organizations.

Open core often comes with a important side-effects. Most companies pick a strong copyleft license like the GNU GPL or the GNU AGPL, and then demand that every contributor signs a Contributor License Agreement (CLA). This CLA puts the company in a strong position. They are the only one who can distribute the software under a proprietary license and add proprietary extensions. This effectively removes one of the biggest strengths of copyleft licenses. If you set CLAs aside, copyleft licenses are a great tool to create an ecosystem of equal participants. Equality is really important to make individuals and organizations feel confident that joining the initiative is worthwhile in the long term. Everybody having the same rights and the same duties is the only way to develop a strong ecosystem with many participants. Therefore it is no wonder that projects using CLAs often get slowed down and have a less diverse community.

RedHat was one of the first company which understood that all this, CLA’s and proprietary extensions, do more harm than good. It slows down the development. It keeps your community smaller as necessary and it adds the burden to develop all the proprietary extensions by your own instead of leveraging the power of a large community which can consists of employees, hobbyists, partners and customers. This goes so far that RedHat even embrace competitors like CentOS, which basically gives RedHat Enterprise Linux away for free to people who don’t need the support. For a truly open organization this is not a problem but a great opportunity to spread the software and to become more popular. That’s a key factor to make sure, that RedHat is the de facto standard if it comes to enterprise GNU/Linux distributions.

If a initiative is driven by a strong company it can be useful to move some parts out to a neutral entity. RedHat did this by founding the Fedora project. Another way to do this is by creating a foundation which makes sure that everyone has the same rights. Such a foundation should hold all rights necessary to make sure the project can continue no matter what happens to individual participants, including companies. For the governance of such a foundation it is important that it is not controlled by a single entity.

This is exactly what makes me feel so excited about what we are doing at Nextcloud. We are building a complete free cloud solutions, not only for home users but for everyone. This solution will be much more than just file sync and share, from a company point of view stuff like calendar, contacts and video conferencing will become a first class citizen. All this will be Free Software, developed together with a great community. Home users, customers and partners are invited to be part of it, not just as a consumer but as part of a large and diverse community. Everybody should be empowered to change things to the better. In order to make all this independent from a single company we will set up a foundation. As described above the foundation will make sure that we have a intact and growing ecosystem with no single point of failure. This guarantees that Nextcloud can survive us and any other participant if needed.

Road Ahead


Road ahead

CC BY 2.0 by Nicholas A. Tonelli

I just realized that at June, 1 it is exactly four years since I joined ownCloud Inc. That’s a perfect opportunity to look back and to tell you about some upcoming changes. I will never forget how all this get started. It was FOSDEM 2012 when I met Frank, we already knew each other from various Free Software activities. I told him that I was looking for new job opportunities and he told me about ownCloud Inc. The new company around the ownCloud initiative which he just started together with the help of others. I was directly sold to the idea of ownCloud and a few months later I was employee number six at ownCloud Inc.

This was a huge step for me. Before joining ownCloud I worked as a researcher at the University of Stuttgart, so this was the first time I was working as a full-time software engineer on a real-world project. I also didn’t write any noteworthy PHP code before. But thanks to a awesome community I got really fast into all the new stuff and could speed up my contributions. During the following years I worked on many different aspects of ownCloud, from sharing, over files versions to the deleted files app up to a complete re-design of the server-side encryption. I’m especially happy that I could contribute substantial parts to a feature called “Federated Cloud Sharing”, from my point of view one of the most important feature to move ownCloud to the next level. Today it is not only possible to share files across various ownCloud servers but also between other cloud solutions like Pydio.

But the technical part is only a small subset of the great experience I had over the last four years. Working with a great community is just amazing. It is important to note that with community I mean everyone, from co-workers and students to people who contributed great stuff to ownCloud in their spare time. We are all ownCloud, there should be no distinction! We not only worked together in a virtual environment but meet regularly in person at Hackathons, various conferences and at the annual ownCloud conference. I met many great people during this time which I can truly call friends today. I think this explains why ownCloud was never just a random job to me and why I spend substantial parts of my spare time going to conferences, giving talks or helping at booths. ownCloud combined all the important parts for me: People, Free Software, Open Standards and Innovation.

Today I have to announce that I will move on. May, 25 was my last working day at the ownCloud company. This is a goodbye and thank you to ownCloud Inc. for all the opportunities the company provided to me. But it is in no way a goodbye to all the people and to ownCloud as a project. I’m sure we will stay in contact! That’s one of many great aspects of Free Software. If it is done right a initiative is much more than any company which might be involved. Leaving a company doesn’t mean that you have to leave the people and the project behind.

Of course I will continue to work on Free Software and with great communities, especially I have no plans to leave the ownCloud community. Actually I hope that I can even re-adjust my Free Software and community focus in the future… Stay tuned.

Freie Software im Koalitionsvertrag Baden-Württemberg


Landeswappen Baden-Württemberg

Am 13. März wurde in Baden-Württemberg der neue Landtag gewählt. Die nächsten 5 Jahre werden politisch von einer Koalition aus Bündnis 90/Die Grünen und der CDU gestaltet. Am letzten Wochenende wurde hierfür der Koalitionsvertrag von beiden Parteien bestätigt. Ich nahm diese Gelegenheit zum Anlass, um mir den Koalitionsvertrag genauer anzusehen, insbesondere mit Blick auf Freie Software. Dabei wurde ich an mehreren Stellen fündig.

So heißt es im Abschnitt “Chance zur Entbürokratisierung”:

Wir werden die E-Government-Richtlinien und das Beschaffungswesen des Landes bei der IT-Beschaffung in Richtung Open Source weiterentwickeln.

Dies ist sehr zu begrüßen. Unter anderem fordern Organisationen wie die Free Software Foundation Europe (FSFE) oder die Open Source Business Alliance (OSBA) schon seit längerem, dass durch die Öffentlichkeit finanzierte Software unter einer Freie-Software-Lizenz veröffentlicht werden soll und dass bei Ausschreibungen Freie Software stärker beachtet wird. Gerade in diesem Jahr möchten beide Organisationen hierzu auch verstärkt aktiv werden.

Weiter heißt es im selben Abschnitt:

Auch die Bereitstellung freier Software und offener Bildungsressourcen (OER) durch das Landesmedienzentrum begrüßen und unterstützen wir.

Gerade Schulen, in denen die nächste Generation mit Software und Bildungsressourcen zum ersten Mal systematisch in Kontakt kommt, ist es von großer Bedeutung, dass von Anfang an ein Verständnis dafür entwickelt wird, wie man im Informationszeitalter nachhaltig Wissen und Information erarbeitet und veröffentlicht. Wie könnte dies besser geschehen als durch den praktischen Einsatz von Freier Software und freien Lerninhalten?

Im Abschnitt “Allianz Wirtschaft 4.0 für die Digitalisierung im Mittelstand” ist sogar ein ganzer Abschnitt Freier Software gewidmet. So heißt es dort:

Kleine und mittlere IT-Unternehmen im Land sind besonders aktiv in der Entwicklung von freier, quelloffener Software (Open Source) und in den damit verbundenen Dienstleistungen. Open Source bietet ebenso wie freie Standards und offene Formate große Chancen für ein herstellerunabhängiges Software-Ökosystem. Diese Ansätze wollen wir unterstützen.

Hier wird zurecht der Vorteil Freier Software zur Stärkung des Standorts gewürdigt. Freie Software ermöglicht es, lokale Unternehmen zu fördern und sowohl Wissen als auch Wirtschaftsleistung im Land zu halten. Darüber hinaus wird auf die Wichtigkeit eines herstellerunabhängigen Software-Ökosystems hingewiesen. Man darf gespannt sein, wie die konkrete Unterstützung und Förderung in den nächsten Jahren aussehen wird.

Der Abschnitt “DIGITAL@BW: Schulen mit Digitalisierung und Medienkompetenz” wird noch einmal ausführlicher auf die Rolle von Freier Software und Open Education Resources (OER) eingegangen:

Wir werden die pädagogisch begleitete Nutzung von E-Learning-Programmen im Unterricht vorantreiben und ihr Potenzial hin zu einer genau auf den einzelnen Schüler abgestimmten individuellen Förderung erschließen. Digitale Medien sind fächerübergreifend ebenso wie im Fachunterricht hilfreich. Entscheidend ist weniger die Technik als vielmehr das pädagogische Konzept. Wir setzen uns dafür ein, dass an den Schulen verstärkt freie Lern- und Lehrmaterialien (Open Educational Resources und Freie Software) genutzt werden können.

Gerade bei der fortschreitenden Digitalisierung der Schulen besteht die Gefahr, dass mit dem Einsatz von proprietärer Software frühzeitig Produktschulung betrieben wird, anstelle dass Konzepte gelehrt werden. Des Weiteren kann es schnell passieren, dass der Unterricht mehr oder weniger direkt zur Werbung für einzelne Unternehmen und Produkte genutzt wird. Auch darf der Lock-In Effekt nicht unterschätzt werden. Haben Schüler über viele Jahre hinweg gelernt, mit einer bestimmten Software zu arbeiten und viele Dokumente in proprietären Formaten erstellt, wird ein späterer Wechsel viel schwieriger. Dieses Risiko kann gemindert werden, indem die Schulen darauf achten, dass Dokumente in offen standardisierten Formaten erstellt und bereitgestellt werden.

Es ist zu begrüßen, wenn durch den Einsatz von Freier Software und Offenen Standards eine Bindung an einzelne Programme oder Unternehmen verhindert oder zumindest reduziert wird. Dies gelingt natürlich nur, wenn der Unterricht auch entsprechend aufgebaut ist. Die Wahl von freien Werkzeugen und offen Bildungsressourcen sorgen aber schon einmal für gute Grundvoraussetzungen.

Die Bekundungen zu Freier Software, Offenen Standards und offenen Bildungsressourcen hören sich durchweg positiv an. Wie man aus vergangenen Koalitionsverträgen weiß, bedeutet das aber nicht immer, dass auch alles entsprechend umgesetzt wird. Von daher bleibt es spannend zu beobachten was in den nächsten fünf Jahren in Baden-Württemberg im Bezug auf Freie Software passiert. Ich werde es mit großem Interesse verfolgen und freue mich, wenn ich im Laufe dieser Zeit über konkrete Umsetzungen berichten kann.

Installing Wallabag 2 on a Shared Web Hosting Service


Wallabag 2.0.1

Wallabag describes itself as a self hostable application for saving web pages. I’m using Wallabag already for quite some time and I really enjoy it to store my bookmarks, organize them by tags and access them through many different clients like the web app, the official Android app or the Firefox plug-in.

Yesterday I updated by Wallabag installation to version 2.0.1. The basic installation was quite easy by following the documentation. I had only one problem. I run Wallabag on a shared hoster, so I couldn’t adjust the Apache configuration to redirect the requests to the right sub-directory, as described by the documentation. I solved the problem with a small .htaccess file I added to the root folder:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^links\.schiessle\.org$ [NC]
    RewriteRule !^web/ /web%{REQUEST_URI} [L,NC]
</IfModule>

I also noticed that Wallabag has a “register” button which allows people to create a new account. There already exists a feature request to add a option to disable it. Because I don’t want to allow random people to register a account on my Wallabag installation I disabled it by adding following additional lines to the .htaccess file:

<FilesMatch ".*register$">
    Order Allow,Deny
    Deny from all
</FilesMatch>