Dismantling Of LiMux On Eve Of Pirate Party Security Conference 20/02/2017 by Monika Ermert for Intellectual Property Watch 1 Comment Share this:Click to share on Twitter (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Facebook (Opens in new window)Click to email this to a friend (Opens in new window)Click to print (Opens in new window)MUNICH — For the Pirate Party gathered at the Pirate Security Conference (PirateSecon) in Munich this is bad news. On the eve of the PirateSecon, held alongside the big Munich Security Conference, the city council of Munich decided to reverse the once-celebrated migration to LiMux, its much reported about Linux platform. For the German Pirate Party, the dismantling of “LiMux” is a step in the wrong direction. At the third edition of the Pirate Security Conference Pirate Party members from Luxembourg, Iceland, Switzerland and the Czech Republic discussed how to take back data and even algorithms – and how to win elections. The Pirate Security Conference took place from 16-19 February. The Munich Security Conference took place from 17-19 February. Birgitta Jónsdóttir The controversial Linux decision was taken on 15 February by the majority of the Munich City Council members – Conservative and Social Democrats. The much fought over decision obliges the administration of the Bavarian capital to “immediately develop a concept that allows the realisation of a standard unified client architecture based on a Windows based client before 31.12.2020.” For all standard functionalities (text, spreadsheet, presentation software, PDF reader, email client and internet browser) uniform and commercially available standard products are to be used. In 2004, the city under former mayor Christian Ude opted to not update their old, no longer supported Windows NT 4 systems, but instead use Linux to save money and also make an attempt to become less dependent on one proprietary platform. The decision then was emphatically celebrated by the free and open source community and resulted in an emergency visit to Ude from then Microsoft boss Steve Ballmer. Microsoft last year moved back into a big office in Munich. That has nothing to do at all with the decision, underlined a spokesperson for the city speaking to Intellectual Property Watch. Any linkage would contradict the way the city administration works, and be illegal, he said. Religious Wars and Considerations for Coexistence The situation in the city’s Communications Department itself illustrates one of the issues the LiMux migration project, officially completed in 2013, just a year before the first calls were made to roll back. As in other departments, the press people were not able to get rid of Windows completely, both platforms lived side by side, due to either the demands of outside partners or to special software, used for administrative tasks. “People did not follow us in this revolution,” the city spokesperson said. While a number of in Europe followed the example, there have been defectors as well. There were some technical issues, acknowledged Thomas Mayer, Pirate Party politician who advised a Pirate City Councillor in Munich on the issues. Mayer pointed to updates rolled out before being checked for performance, resulting in problems. But many problems resulted from a notorious understaffing of the IT team of the city. “It is a general problem, be it Linux or Microsoft Network administrators, the market is empty,” said Mayer. The problem of understaffing was also addressed in a lengthy study commissioned by the city and prepared by Accenture. The consultancy did recommend to re-introduce Microsoft Clients in phases, but clearly in the study foresaw a mixed environment, with LibreOffice for example being the office program to be used. At the same, Accenture made a long list of recommendations for restructuring the IT organisation of the city that is currently divided between three different departments. By the end of the year, according to the city spokesperson, a new head of department for IT should be hired and then finalise and prepare for the next migration. With the city council decision this week, only the potentially considerable costs could become an issue for the roll-back push. Not only has the city invested in developing at least some administrative applications based on Linux. Licences could add up, according to one official calculation, to more than 10 million euro plus annual fees. Planning and operations for the client renewal could cost up to €30 million over six years, but a number opponents have criticised that as being too low. Opponents are pessimistic that the presentation of costs later this year will cause a reversal of the LiMux departure as they consider it a political and not technical move. From the conservative party, Kristina Frank, chastised opponents for what she called an edition of “IT Wars”. Hacking into Politics, but How? There are more backward steps the Pirate Party representatives from the different EU countries were concerned about when gathered in Munich for their three-day in-depth discussions over security. Both the chiefs of both the Czech and Iceland Pirates, Ivan Bartos and Birgitta Jónsdóttir, spoke of the urgency for their groups to stem the tide of bad policymaking. Jónsdóttir said: “We need more geeks in the Parliament.” Geeks, she said, would be more capable of “recognising how legislation is abused.” During her tenure she has seen “Minority Report”-like surveillance mechanisms being sneaked into draft legislation, she said. Jónsdóttir, who has received 22.6 percent of vote in the Icelandic election last year – the highest result of a Pirate Party so far – called on listening to the people voting for populists out of protest against politicians. After the election of Donald Trump, the Icelandic pirate party leader went to see Edward Snowden in Moscow. “I went because I was worried about him. I feared that he is a big sort of a bargaining chip between big powers,” she said. With Snowden and Harvard Professor Lawrence Lessig, she talked about the future of democracy itself. Ivan Bartos “Every day the government is using the technology against us,” Bartos said, while promoting the idea that the internet is to be a tool to enable and inform people. Just this week, data was withdrawn from the US government open data portal. The site that offered access to various public databases only sent a failure message stating: “no results”. The computer scientist presented a long list of new Czech legislation limiting expression and privacy rights in his country. According to Bartos, the Czech Security Intelligence Service (BIS) is allowed to collect and store citizens’ banking and taxing information. Judge approval was a mere formality, the record showed. Another new provision shifts the liability for potentially criminal expressions on the net, the provider or platform can be hold accountable. The liability regime was badly felt by media, Bartos said. Legislation intended to block non-Czech gambling devices is currently being challenged by the Pirates before the European Court of Justice and will be decided on 22 February. More competencies for meta-data collectors also have been put on the legislators’ table. The Czech Military Intelligence Service would be granted in this law the ability to install black boxes for data collection, which Bartos thinks clearly contradicts the recent data retention judgement of the European Court of Justice. “We try to stand up every time,” Bartos said, but the speed with which governments are dismantling civil rights is breathtaking. A much more technical hack was presented by Carlo von Lynx. “If I were the Supreme Court I would say the internet is illegal,” he said provocatively. The market could not solve the issue, because there was no “business model for constitutional fundamentals.” Carlo von Lynx The “Constitutional Internet,” according to von Lynx, would get rid of classical routing and the domain name system and provide for anonymous, authenticated and end-to-end encrypted communication and payment. This should be regulated; to avoid it would be fined. One basic concept is that only friends and friends of friends can exchange messages. From a GNU name system to Mumble, the latter a privacy friendly Skype-like application, a whole lot of tools are already available. The micro-payment system Taler allows for anonymized payment. Controversy arose over a von Lynx concept to have the regulator make the use of the “constitutional” device mandatory and provide for legal interception based on a maximum number of devices (like 0.1 percent) that can be intercepted at the same time or a collaboration of device and law enforcement, when enabled with a key from the Justice Department. Despite the invitation for police, von Lynx defended that this is much better than what users have right now – “the haystack”. With the GNU solution that could well run over the classical internet, the needles in the haystack would all be end-to-end encrypted and willingly cooperate when a request from law enforcement arrived. Too complicated and onerous to implement? It will take time, but IPv6, the next generation internet protocol, also took time, he said. Image Credits: Monika Ermert Share this:Click to share on Twitter (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Facebook (Opens in new window)Click to email this to a friend (Opens in new window)Click to print (Opens in new window) Related Monika Ermert may be reached at firstname.lastname@example.org."Dismantling Of LiMux On Eve Of Pirate Party Security Conference" by Intellectual Property Watch is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.