Join the FSF and friends Friday, May 22, from 2pm to 5pm EDT (18:00 to 21:00 UTC) to help improve the Free Software Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on freenode.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

While the Free Software Directory has been and continues to be a great resource to the world over the past decade, it has the potential of being a resource of even greater value. But it needs your help!

If you are eager to help and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today!

Join the FSF and friends Friday, May 15, from 2pm to 5pm EDT (18:00 to 21:00 UTC) to help improve the Free Software Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on freenode.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

While the Free Software Directory has been and continues to be a great resource to the world over the past decade, it has the potential of being a resource of even greater value. But it needs your help!

If you are eager to help and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today!

• Stand up for the GNU GPL! (slides available for download) by Karen Sandler, executive director of Software Freedom Conservancy. Karen shares an account of Conservancy's support for Christoph Hellwig's recent suit against VMWare to defend the GNU General Public License.
• Free software, free hardware, and other things by Richard Stallman, founder of the Free Software Foundation. Richard gives his take on some major issues facing the world of free software and explains how the free software philosophy extends to hardware.
• Let's encrypt by Seth Schoen, senior staff technologist at the Electronic Frontier Foundation. Let's Encrypt is a robotic certificate authority that will soon issue publicly-trusted certificates, at no charge, by the millions.
• Style or substance? Free software is totally the 80's by Deb Nicholson of the Open Invention Network, OpenHatch, and GNU MediaGoblin. Deb discusses the need to look at free software development from a long-term perspective, focusing on robust designs.
• Federation and GNU by Chris Webber, lead developer of GNU MediaGoblin. Federation refers to the loose networking relationship that allows the creation of decentralized Web systems like GNU MediaGoblin, pump.io, and GNU social.

Want more info about a session? Full descriptions are up on the LibrePlanet 2015 Web site.

There are many more videos on their way from the 2015 conference; we wish we could have them all up today, but some are still being prepared. All published videos are hosted on , our instance of the publishing platform GNU MediaGoblin, which also includes videos from LibrePlanet 2014 and 2013.

Finally, we want to say thanks again to all the volunteers who worked hard designing and running our free software streaming and recording system and transcoding and editing the videos. You keep LibrePlanet spinning!

One relatively frequent request we receive is for the FSF to provide GPG-signed copies of our licenses. GPG is a tool that lets users cryptographically sign or encrypt documents and emails. A GPG-signed document lets anyone who receives it know that they have received the exact same document as the one that was signed. By providing signed documents, users will be able to easily ensure that they have received an unmodified copy of the license along with their software. It's also possible that some system of signing the documents could help projects tracking the use and adoption of various free software licenses. Providing these signed documents is a simple task: run a command and publish the documents. A trivial investment of resources, or at least that is how it appears at first.

The reality is that projects can comply with their duty to provide a copy of a license while also modifying the format of the license documents to meet their own needs. To our knowledge, there's no simple way to correctly identify when a document is the proper license, given that the formatting or structure of the document can vary between distributions. Many distributors even put the license at the end of a longer document or manual. If a valid copy of the license were to fail our check, resolving this issue could waste resources and lead to further problems. We don't want to cause undue grief for projects that are properly licensed under a free license, simply because they want to shift around some white space on the license, wrap the lines at different points, or store the document in a different encoding system.

We turned to our licensing team for ideas about how to reap the same benefits with fewer false failures. Possibilities included flattening the document and removing white space before generating a hash of the document. But testing showed that some valid copies of licenses in the wild would fail this check. There doesn't seem to be a simple method that will accurately verify that the text of the document is unchanged, without constricting the ability of free software developers in how they format the document.

The fact remains that even if users could check that a document they receive is a legitimate, unmodified copy of a GNU license, that doesn't mean that the accompanying software is free of impermissible restrictions. Additional restrictions on the software do not need to be written into the license. In fact, proprietary developers have mastered the art of using many different documents to place restrictions on their software, and the same can happen when a user receives a piece of software that purports to be under a free license. Additional restrictions could be hidden in a README file, a manual, or even a separate licensing or TOS document.

In the end, while it would be convenient and useful to verify via command line that a document is a genuine copy of a GNU license, the problems this can cause are unfortunately more trouble than they are worth. The license, like the documentation, is among the few things distributed with software that are meant exclusively for humans to understand, not for computers to process. After all, it's always great for users to take the time to read the license themselves.

This week I had a chance to add a NeuG, a True Random Number Generator, to the Free Software Foundation network. The NeuG exclusively uses free software and was developed in Japan by NIIBE Yutaka. A random number generator (RNG) is a device used to generate random numbers for computers. Without getting into a philosophical argument, we humans tend to take the concept of entropy (randomness) for granted. If we wish to produce random data, we simply do so. Computers, on the other hand, do as we tell them to do. They follow a set of instructions provided by a programmer and follow each instruction precisely. So there is no way to ask a computer to give us a random number because we would have to tell the computer in advance what the number is. There are some ways around this. For example, we could use a system's current timestamp as a seed, or starting point, for producing random-seeming numbers by using an algorithm. This approach will create the illusion of entropy, but if someone else knows both the timestamp used for the seed and the algorithm used to generate the random numbers, the sequence of the random number generator can be calculated and predicted.

To solve this problem, a True Random Number Generator (TRNG) is needed. A TRNG takes samples from various sensor data. Then it either uses the collected samples as a raw source of entropy or passes the collected sensor data to a final step for conditioning. The process of conditioning is used to remove bias (trends in the samples taken from sensor readings) from the random numbers produced by the TRNG. In general, conditioning is the process of passing samples collected by the entropy source to a cryptographic hashing algorithm (a one-way mathematical function). Thus, the bias is stripped out of the output and true random numbers can be collected.

At this point, you might ask, "But why are random numbers so important in the first place?" The most common uses of a TRNG include generating cryptographic keys, input for a simulation, and games (including video games and slot machines). If you have a program that requires non-deterministic data, a TRNG can be used to provide it. Our use case at the FSF is to generate strong cryptographic keys. In the age of mass surveillance, the ability to generate strong keys is increasingly important.

Most RNGs function by taking samples from various sources of input from analog sensors. A NeuG uses four sensors for input, and reads them with a STM32F103 microcontroller. These sensors take input from the voltage reference pin on the STM32F103 (VRef), a temperature sensor (Temp), and two analog input pins on the STM32F103 (A0 and A1). These inputs are then combined into the following pairs: VRef and A0, Temp and A1, VRef and A1, and Temp and A0. Next, the sensor data is converted into a digital signal and passed four times through a cyclic redundancy check (CRC) module. Finally, the data is sent to a SHA-256 function to condition the output before it is ready for use via USB.

Overall, the NeuG is easy to set up and install on a network. The device appears as /dev/ttyACM0 and requires no extra software for use on GNU/Linux operating systems. In the coming weeks, I will use a NeuG and am very curious to see how it performs for our use cases at the FSF. Here's more information about the NeuG, including the full source code. To try one out yourself, pick up a NeuG TRNG from the FSF Shop.