The spring of 2003 was a watershed moment for software freedom on + electronic devices. 802.11 wireless technology had finally reached the + mainstream, and wireless routers for home use had flooded the market + earlier in the year. By June + 2003, the + general public knew that Linksys (a division of Cisco) was violating the + GPL on their WRT54G model wireless routers. Hobbyists discovered that + Linux, BusyBox and many GNU programs were included in the router, but + Linksys and Cisco had failed to provide source code or any offer for source + code to its customers. Linksys had violated the GPL, the license of these + projects.
+ +A coalition successfully enforced the GPL in this case, and Linksys + released source code A group of + volunteers quickly built a new project, called OpenWRT based on that + source release. In the years that have followed, OpenWRT has been ported to + almost every major wireless router product. Now, more than 15 years later, + the OpenWRT project routinely utilizes GPL source releases to build, + improve and port OpenWRT. OpenWRT has spurred companies to create better + routers.
+ +Simply enforcing the GPL is an important first step, and Conservancy + continues our efforts in that regard. However, + the success found with OpenWRT can be replicated only if there is + substantial effort after enforcement occurs to turn the + compliant source release into a viable alternative firmware for the + platform.
+ +Conservancy has seen non-compliant Linux-based firmwares on refrigerators, + baby monitors, virtual assistants, soundbars, doorbells, home security + cameras, police body cameras, cars, AV receivers, and televisions.
+ +This wide deployment of general purpose computers into mundane household + devices raises profound privacy and consumer rights + implications. Home security cameras are routinely compromised + — invading the privacy and security of individual homes. Even when + companies succeed in keeping out third parties, consumers + are pressured + by camera makers to automatically upload their videos to local + police. Televisions + routinely spy + on consumers for the purposes of marketing and massive data + collection.
+ +“Internet of Things” firmware should never rely on one vendor — even the + vendor of the hardware itself. This centralized approach is brittle and + inevitably leads to invasions of the public’s privacy and control of their + technology. Conservancy plans to address this issue in the manner that the + FOSS community knows best: put one foot in front of the other, and work to + create FOSS for every possible task that users want to accomplish. For IoT + devices, this means creating alternative firmware in the same manner that + OpenWRT has done for wireless routers.
+ +Alternative hardware projects remain an essential component of small + device freedom. Conservancy supports and engages with communities that seek + to source and build IoT-style devices from the ground up. We’re excited to + see deployable boards that allow Maker efforts to create new devices.
+ +Nevertheless, we remain ever-cognizant that FOSS succeeded on servers, + laptop, desktop, and wireless router computers precisely because + users could buy commodity hardware at any store and install FOSS. There is + no complete, operational base operating system for most IoT devices on the + market.
+ +To many, the benefits of software freedom are abstract. For less technical + users, the idea of modifying or even reviewing the software on their + devices is wholly theoretical. For technical users, there is a limited time + available to invest in the devices they use for their everyday + lives. Bringing people together to take collective action for the control + of their own technology is a powerful proposition that has rarely been + demonstrated.
+ +When alternative firmware projects like OpenWRT exist for IoT devices, + non-technical users can replace the software on their devices and benefit + from custom, community-controled software. Technical users are more likely + to contribute knowing their efforts will be meaningful.
+ +However, decades of corporate involvement in copyleft have demonstrated + that without an organized effort, control over one’s own software is purely + theoretical, even when software has a copyleft license, and + sometimes even when compliance with the copyleft license is + acheived. Conservancy recognizes that there is a unique opportunity for + charitable organizations to step in and change the power dynamic of the + tech industry for consumers.
+ +Conservancy seeks to fund work on liberating firmware for a specific + device. This is accomplished with a two-prong approach: first, we will + leverage increased interest and tendency toward GPL compliance throughout + the embedded industry to more quickly achieve compliant source releases in + a particular subindustry.
+ +Second, depending on what subindustry (i.e., specific class of devices) + seems most responsive to increased enforcement activity and willing to + provide compliant source releases quickly, we will launch, coordinate and + fund an alternative firmware project for that class.
+ +While we’ve long hoped that volunteers would take up compliant sources + obtained in our GPL enforcement efforts and build alternative firmware + projects as they did with OpenWRT, history shows us that the creation of + such projects is not guaranteed and exceedingly rare.
+ +Traditionally, our community has relied exclusively on volunteers to take + up this task, and financial investment only comes after volunteers have put + in the unfunded work to make a Minimum Viable Product (MVP) liberated + firmware. While volunteer involvement remains essential to the success of + alternative firmware projects, we know from our fiscal sponsorship work + that certain aspects of FOSS projects require an experienced charity to + initiate and jump-start some of the less exciting aspects of FOSS project + creation and development. (In our last fiscal year, Conservancy funded 160 + contributors to work on FOSS)
+ +In the initial phase of this grant, Conservancy will to select a specific + class of device. Upon achieving compliant source releases in that + subindustry through GPL enforcement, Conservancy will launch an alternative + firmware project for that class of device.
+ +Conservancy will seek to fund the time of project leaders and + infrastructure for the project. The goal is to build a firm base that draws + volunteers to the project. We know that sustaining funding over long + periods for a grassroots hobbyist activity is quite challenging; we seek to + use this grant to bootstrap and catalyze interest and contribution to the + project. Ideally, Conservancy would run the project with a single full-time + staffer for a about a year, and achieve a volunteer base sufficient to + reduce funding to one part-time staffer.
+ +The IoT device industry moves quickly and we must be prepared to adapt + based on new information. The first stage in this work will be to carefully + evaluate and select the device on which to focus for this + project. Conservancy will evaluate the following criteria in selecting a + class of devices:
+ +Do most devices in the subindustry already run a known FOSS system + (such as Android/Linux, BusyBox/Linux or GNU/Linux)?
In response to our increased enforcement activity, how many existing + GPL-compliant source releases are available from how many different + vendors in this subindustry?
Is there a known userspace application that runs on Maker-built + hardware that does the task the proprietary userspace software from the + vendor did?
What is the excitement level among volunteers for this + project?
What value will hobbyists achieve from replacing the software on their + device? For example, would they be able to avoid surveillance or add + accessibility features?
Finally, Conservancy will be prepared and willing to recognize temporary + failure and setbacks in a particular subindustry and pivot quickly to + choosing a different class of devices. This project is ambitious, and we’ll + be adept in our approach to ensure success.
+