White hat

FSF site was humor hacked.

This was just an example of a security vulnerability that many websites carry.

This particular fun hack I did with their site is not damaging at all - it is just play. Nor is it extremely urgent, although after a few weeks someone might do something with their site that would be interesting if the bug were not fixed. I would have informed Stallman or FSF privately if they had found me first before developing their site, and paid me by the hour to give advice. See below short story for Free Consulting fun.

Humor was used in this whitehat hack, recommending OpenBSD as a free operating system.

Why it is funny: Stallman would never have recommended OpenBSD on his site like this. As of Jan 2008, he doesn't believe OpenBSD is perfect enough for his endorsement. The joke was now that I could modify his site to endorse OpenBSD myself. Exercising my freedom to modify open websites like his.

The hack was originally done this way:

I assigned Richard Stallman to fix the bug, but he claimed he couldn't and wasn't capable of such fixing. He had the FSF programmers change the site.

It then directed to:

So the website recommends openbsd still, just not as pretty - and it displayed additional new message that OpenBSD offers "many advantages for your freedom" which was not visible the first time.

The FSF programmers could have detected the message and redirected the link to nowhere.. but they left that OpenBSD recommendation in plain text.. and offered a visible new message that OpenBSD "offers many advantages for your freedom".. which implies they really are recommending OpenBSD even after being informed of this. I could be twisting words here.. just like Stallman. Yes.

Free Consulting
A Short Story.
To Richard Stallman and FSF,

Private conversation with me will cost you and/or your FSF programmers by the hour.. so I saved you a lot of money by repairing this bug for free. I restrict speech by charging for consulting, just as you do on cruise ships. It may have taken months for this security bug to get fixed if you had hired me to come speak on a cruise ship privately to your FSF programmers. With free consulting, not available today, you would have had the bug fixed much quicker.. as free consultants use the Bazaar model of consulting rather than Cathedral.

I don't charge to talk on a public website or mailing list.. since it is more of a "friendship thing". But for this bug to had been reported privately.. I would charge a fee for my private time. As you can see, restricting speech can be done by closing the consulting too - not just by closing source code. By restricting the consulting to certain people able to pay me for private consulting, and by restricting it to people who only know to contact me first before developing their websites...I have proven to you that free source code is not the most important freedom, which is what GNU implies. Free consulting would mean I would have immediately contacted your FSF programmers privately, without restricting through other forms, such as monetary payment or public humiliation first.

Note: If I accidentally come across any OpenBSD related websites that have security vulnerabilities, I will tell people privately first, for sure. This was purely a joke about restriction of freedom and restriction of speech, free consulting, free food, twisting words, saying one freedom is more important than another when in fact freedom is a general thing and not specific, etc.

Ultimately lots of GNU programmers hold people hostage and restrict consulting from them.. but go on to say that software code must not be closed up and proprietary. I find this to be hypocrisy and it is a blindness in the eyes, caused by wearing GNU sunglasses.

As I am not getting paid to write this article privately - I must go public with this short story. Sending this directly to RMS or FSF programmers would be considered private consulting and cannot be done until those people pay first. By not finding me first before developing their website, this bug went public, rather than private. With a free consulting model, this wouldn't have happened.

End. Free Consulting
A Short Story by Lars.


Someone tried to Digg this web page (submitted to digg.com) under a fake screen name.. posing as my own. I studied who did this and/or participated, and I feel bad for them. It is not that wise to mess with someone as intelligent and egotistical as I am, as a warning. Although I did find the identity theft hilarious and am flattered.
Related: Back Home | Free Consulting (hippo critter) | Free Books | Free Eggs