Depuis 2001, la FSFE renforce les droits des utilisateurs en supprimant les obstacles à la liberté des logiciels. Voilà 20 ans que nous aidons les individus et organisations à comprendre le rôle que joue le Logiciel Libre dans la liberté, la transparence et l'autodétermination.

Pour les deux prochaines décennies, nous avons besoin de votre aide. Nous voulons que tout le monde puisse contrôler sa technologie. Le Logiciel Libre et ses libertés de pouvoir utiliser, étudier, partager et améliorer les logiciels sont la clé pour atteindre cet objectif.

Avertissement : Cette page n'a pas encore été traduite. Vous voyez ci-dessous la version originale de la page. Merci de consulter cette page pour tout renseignement sur la manière de participer, entre autres, aux traductions.

Actualité

Huawei case demonstrates importance of Free Software for security

le:

The discussion of the Huawei security concerns showcases a general trust issue when it comes to critical infrastructure. A first step to solve this problem is to publish the code under a Free and Open Source Software licence and take measures to facilitate its independently-verifiable distribution.

The ongoing debate about banning Huawei hardware for the rollout of 5G networks, following earlier state espionage allegations, falls too short. It is not just about the Chinese company but about a general lack of transparency within this sector. As past incidents proved, the problem of backdoors inside blackboxed hard- and software is widely spread, independently from the manufacturers' origins.

A digital building disallows to audit its code. A metaphor for software blackboxes.

However, it is unprecedented that the demand to inspect the source code of a manufacturer's equipment has been discussed so broadly and intensely. The Free Software Foundation Europe (FSFE) welcomes that the importance of source code is recognised, but is afraid that the proposed solution falls too short. Allowing inspection of the secret code by selected authorities and telephone companies might help in this specific case, but will not solve the general problem.

To establish trust in critical infrastructure like 5G, it is a crucial precondition that all software code powering those devices is published under a Free and Open Source Software licence. Free and Open Source Software guarantees the four freedoms to use, study, share, and improve an application. On this basis, everyone can inspect the code, not only for backdoors, but for all security risks. Only these freedoms allow for independent and continuous security audits which will lead citizens, the economy, and the public sector to trust their communication and data exchange.

Furthermore, in order to verify code integrity – so that the provided source code corresponds to the executable code running on the equipment – it is either necessary that there are reproducible builds in case of binary distribution, or that providers are brought into the position to compile and deploy the code on their own.

"We should not only debate the Huawei case but extend the discussion to all critical infrastructure." says Max Mehl, FSFE Programme Manager. "Only with Free and Open Source Software, transparency and accountability can be guaranteed. This is a long-known crucial precondition for security and trust. We expect from state actors to immediately implement this solution not only for the Huawei case but for all comparable IT security issues."