Free software activities (November, 2018)

An orzo espresso in a glass espresso cup, on a ceramic plate with a spook and a small piece of a poppy seed pastry.Welcome to what is the first and may or may not be the last monthly summary of my free software activities.

November was a good month for me, heavily laden with travel. Conferences and meetings took me to Seattle, WA (USA) and Milano and Bolzano in Italy. I think of my activities as generally focusing on “my” projects — that is to say, representing my own thoughts and ideas, rather than those of my employer or associated projects.

In addition to using my free time to work on free and open source software and related issues, my day job is at the Free Software Foundation. I included highlights from my past month at the FSF. This feels a little bit like cheating.

November Activities (personal)

  • I keynoted the Seattle GNU/Linux festival (SeaGL), delivering a talk entitled “Insecure connections: Love and mental health in our digital lives.” Slides are available on GitLab.
  • Attended an Open Source Initiative board meeting in Milan, Italy.
  • Spoke at SFScon in Bolzano, Italy, giving a talk entitled “User freedom: A love Story.” Slides forthcoming. For this talk, I created a few original slides, but largely repurposed images from “Insecure connections.”
  • I made my first quantative Debian contribution, in which I added the Open Source Initiative to the list of organizations to which Debian is a member.
  • Submitted sessions to the Community and the Legal and Policy devrooms at FOSDEM. #speakerlife
  • Reviewed session proposals for CopyLeft Conf, for which I am on the paper’s committee.
  • I helped organize a $15,000 match donation for the Software Freedom Conservancy.

Some highlights from my day job

Conservancy Match

In January I was at Linux Conf Australia and had the idea of forming a group match campaign for the Software Freedom Conservancy. The Conservancy is one of my favorite nonprofits, and I had been interested in trying to level up my giving while not putting myself into dangerous financial straits.

A match campaign is when an organization, a person, or persons offer/s to give a nonprofit a large(er) sum in the event they can raise an equal amount during their fundraising activities. For example, Private Internet Access has pledged $50,000 to the Conservancy as part of the Conservancy’s matching donation efforts.

I wanted to participate in the fun of running a match donation, but recognized that the amount I could offer was paltry in comparison to most matches, as well as being not actually enough to inspire participation from potential donors. I realized that instead I could work with others others to help reach a number — I picked $10,000 somewhat randomly — and began asking around. With the help of Karen Sandler, Conservancy Executive Director, we surpassed that $10,000 and found ourselves with a $15,000 match.

The Conservancy seemed like a natural choice as a recipient of a somewhat scrappy attempt at a match — they consider themselves to be a scrappy organization, doing a lot with very little. They support free and open source software projects — and unless we have good projects, we don’t have anything to offer people looking to be more freedom respecting in their own lives and their works. They do copyleft compliance work, without which copyleft (and licensing in general) would be meaningless — the licenses need to have teeth in order for any companies to actually follow them and the promise of copyleft to be followed through. They work every day to spread the message and value of software freedom around the world, reaching people who need to be made aware of the way their rights extend to digital spaces and technologies. In the spirit of full disclosure, I also consider the staff of the Conservancy to be among my friends, and I enjoy seeing them at conferences.

I’m really excited (these words don’t capture how excited I am) that I get to participate in something so cool and inspiring as a group of people who want to encourage others to give. I hope you’ll consider making our match successful by supporting the Conservancy.

Last week in digital rights

I’ve been really busy and 1) missed a week (or two?) and 2) fell behind on my reading.

Neato things happening in free software

* Firefox’s new browser will keep brands from stalking you – Mozilla to
take more aggressive measures for our privacy –

* New GNOME release, Almeria, announced –

Quite interesting

* Life behind the tinfoil curtain – Read about how a hacker sysadmin
plays out his use of security in a day-to-day –

Facebook, Google, and other Monoliths

* Why California’s privacy law won’t hurt Facebook or Google –
California introduced CCPA (California Consumer Privacy Act), which is
like a weak version of GDPR –

* The solo JS developer challenging Google and Facebook – Vue is made by
one dude and is a FLOSS JS framework that’s gaining traction. –

* Facebook blocking local news stories – Facebook is blocking local news
stories (by accident?) –

* Linux foundation continues growing – The LF just got a lot bigger. The
LF is the home of the Linux Kernel project. –

* Not in our name: Another Article 13 post – Another article 13 post,
from the perspective of European creators –

Not in our name: Why European creators must oppose the EU’s proposal to limit linking and censor the internet

Other people doing things we probably don’t agree with

* Motorola patents a robocop autonomous car – Cause that’s going to be accountable to people processed by it –

Motorola patents a robocop autonomous car that brethalyzes, mirandizes you, calls your lawyer and collects your bail

* Nintendo’s promised cloud saves won’t work for every game – Why is
this a software freedom issue? It means that games people purchase (and
their saves, even) are being controlled, with a high probability
of DRM involvement –

* Verizon lobbyist runs for NY AG – And wants to recuse herself from NY
state suing the FCC about net neutrality… –


* Required online access in order to use headphones leaves flyer without
noise canceling benefits –

* Xbox adaptive controller is now out – and is a little less accessible
than hoped for –

Last week in digital rights

Every week, I send an email to my colleagues sharing some articles I’ve read.


– How smartphones are becoming a weapon in the fight against
tuberculosis – TB patients can send their doctors encrypted videos of
them taking pills. Why is this a rights issue, as opposed to a cool bit
of news? Proprietary software and encryption, my friends. Proprietary
software and encryption. Medical data is very personal, and at risk
anytime we’re trusting software to protect it. –
– Spyware company leaves “terabytes’ of selfies, text messages, and
location data exposed online – Spyfone is one of the companies out there
that sells mobile surveillance technology to the general public. It
turns out they’re storing the data they gather in insecure ways. Plus,
you know, monitoring people without their consent. –


– Commons Clause – Redis releases the commons clause, which is
effectively a non-commercial addenum to other licenses, making them
non-free. –

Bad government policies

– Verizon throttled fire department’s “unlimited” data during Calif.
wildfire – “Fire dep’t had to pay twice as much to life throttling
during wildfire response.” This isn’t quite about net neutrality, but it relates. –
– Save your internet – Some of our friends in the EU had a day of action about Article 13 –


– Vulnerability affects all OpenSSH versions released in the past two
decades – Security researchers from Qualys discovered a security bug in
OpenSSH –
– Two rounds of stable kernels released – Some cool peeps are fixing the
L1 vulnerability, mentioned last week –
– CVW-2018-5390 and “embargoes – some thoughts on embargoes on security
bugs –

Last week in digital rights

I started sending these emails out to my office, just a selection of some of the digital rights/free software related articles I’ve read over the past week. Here is the list from last week.

Exciting news

Less exciting news

Technical things


Privacy and surveillance


I made kouign-amann. It feels more honest to say I attempted to make kouign-amann or even I made something a lot like kouign-amann or, perhaps most accurately, I really messed up making kouign-amann. However, I also think it’s unfair to myself (and anyone making it for the first time) to downplay the challenge of turning a bunch of butter, flour, water, sugar, and yeast into a pile of sweet, melt-in-your-mouth flakes of delicious pastryness.

I used the Bon Appetit recipe. I read it through a few times and wrote it down (to keep my laptop out of the danger zone). I don’t like how they presented the recipe / ingredients list–though I do like how it is divided into sections.

It takes -forever-. I anti-recommend this recipe if for no other reason than it takes forever. The dough is also, in my experience, super dry. It was basically a total disaster.

A photo of kouign-amann, a light colden color.
A little underdone, but not bad…

To start off, the kouign-amann was underdone. This was the smallest of the problems.

When working on laminating the dough–when trying to turn it into something with nice, flaky layers–it turned into a mess.

When making kouign-amann–or most laminated things–you make a big rectangle of butter. This is quite fulfilling because you get to bash a one-pound pile of butter into a one-pound block of butter.

Kouing-amann, cut in half, showing an underdone inside.
Nope, dry and just barely not raw.

You then wrap this in dough, like your covering a textbook or wrapping a present. Most descriptions talk about this as though you’re folding an envelope around a big letter made of butter.

You then roll this butter-dough mix and fold it over on itself a bunch of times. This should create those aforementioned layers. If you’re me, on this particular day, when you roll out the dough, you mess it up. Rather than layers, I ended up with an amalgamation of butter and dough, which functions more like a bunch of break apart pieces.

In summary, it definitely didn’t work.

I decided to try Martha’s recipe next. This, it turns out, was only a slightly better idea than the Bon Apetit one, in as much as it took about six hours, rather than overnight.

A well cooked kouign-amann, on the slightly too dark side of done.
At least this one is a nice color.

The dough was dry again. When trying to make the BA recipe, I ended up overworking the dough, in hopes that it would eventually come together into the right texture (like my favorite cinnamon roll recipe does). Instead, it just ended up overworked and chewy. I tried to head this off with Martha’s recipe, by NOT overworking the dough. However, it didn’t hold together very well, and I ended up kind of sticking it together with pressure and little bits of water when rolling it out.

It was -really- dry. I talked with a former pastry chef afterwards for advice, who told me that the air was too humid, and I needed to add more water to the dough.


I had the same problem I did last time, and ended up with butter mottled dough rather than delicious, flaky layers. I also think it didn’t rise enough (did the dryness cause this?).

In summary, kouign-amann takes one and two were a total disaster. Stay tuned for take three.

Two halfs of two different kouign-amann, side by side. The one on the left is fluffier, but underdone.
BA on the left, Martha on the right.

Banana muffins

A photo of a hand holding a muffin.

These muffins are kosher for Passover, because it’s Pesach and bakers gotta bake. These contain no flour (or grains)–and therefore no gluten. They also contain no sugar or dairy. They are, however, about 30% egg by volume.

I think these are good! Not just Passover good or gluten and sugar free good, but good good! They’d also probably be good with maple syrup, honey, chocolate chips, banana chips, dried fruit, or 1 tsp baking powder.


  • 2 overripe bananas
  • 4 eggs
  • 2 cups nut flour (e.g. almond flour. I used 1.5 cups almond flour and .5 cups hazelnut flour)
  • 1/2 cup oil


  • Pre-heat oven to 350
  • Mash the bananas into a pulp. You can use anything from a blender to your hands.
  • Combine bananas, oil, and eggs. Mix!
  • Add the nut flour and mix it some more
  • Since these are muffins, I put them in a muffin tin. I usually oil a muffin tin and sprinkle flour in it. Since this contained no flour, I instead used paper liners.
  • I put filled the liners 2/3 of the way. I think it was around 1/4 cup.
  • Put in the oven and bake for 40-55 minutes.
  • Let cool on a wire rack (or plate, which is what I usually use).

Strawberry bourbon tart

I made a strawberry bourbon tart and you can too.


For the filling:

  • 1 cup bourbon
  • 1 cup sugar
  • 1 costco sized strawberry container (my guess is two pounds)

For the crust

  • 200g corn flour
  • A pinch of salt
  • Optional: 1 tbsp arrowroot powder
  • 75g earth balance and 75g coconut oil (or 150g butter)
  • 3 tablespoons maple syrup

For bonus points

Make the filling

  • Make bourbon simple syrup. Take the sugar and the bourbon together in a small pot. Over medium heat, let cook until the sugar has dissolved and it’s become appropriately syrupy.
  • Make the strawberry jam. Okay, I used fresh strawberries, but cooking with whole strawberries is super wet, so I made jam instead. Take the strawberries. If you feel fancy, hull them. If you don’t, just pick off the green bit and cut them in half. TBH you could probably use frozen strawberries and no one would know. Regardless, throw these in another pot and let them cook down until they’re more like jam and less like fresh strawberries. You can also speed this up by using thickener.
  • Are you using thickener? If  you want to use thickener, mix some corn starch or similar with a bit of water and add that.
  • Combine the things. Once the strawberries are jammified, mix the simple syrup and the strawberries and set aside.

Make the crust

  • Preheat the over to 350. While you’re at it, prep whatever container you’re going to cook this in. I bake almost everything in a spring form pan. You might have an actual pie dish.
  • Mix all the dry ingredients. I think this is usually pretty self-explanatory.
  • Add in the fat. You can use a food processor or a stand mixer or a pastry cutter. I just use my hands. This is most easily done (regardless of your preference for mixing), by cutting the fat into smaller pieces.
  • Add the maple. Usually you add water until it all holds together. I used maple syrup. I recommend this.

Rolling out a crust is miserable. It makes a huge mess, takes up a lot of space. You have to clean everything before -and- after. There’s no way to make this not miserable for either your current or future self.


  • Roll out your pie crust. You can do this on wax paper, which helps it be less messy -and- helps you transfer it into the baking dish.
  • Sprinkle some corn flour on the surface which you will be using to roll out the crust.
  • Put the dough onto the surface and flatten it a bit with your hands.
  • Sprinkle more corn flour on top
  • Use your rolling pin (for this particular pie, I used a Campari bottle) to roll out the crust until it’s approximately large enough for your baking dish.
  • “Transfer” the crust to the baking dish. “Transfer” is in scare quotes because this is where I always break the crust into a thousand pieces and then use the magic of dough to roughly squish them back together in the pan. It adds character.
  • Bake the crust (sans filling) for 10-15 minutes.

Assemble your pie


  • Once the crust is done, take it out, pour in the filling, and cook for fifteen minutes.

Bonus Points

For bonus points, you can top your pie. You may have noticed that this pie is both vegan and gluten free. You can roll with that and top it with coconut milk fat (yum). You can also use whipped cream or a soft meringue (link above). It’s also delicious with yogurt, ice cream, or plain.



In January I was at LCA, which was an amazing experience. Thanks to Chris Neugebauer, I had my first opportunity to speak to an entire conference attendance and give a lightning talk. (I recommend watching the other lightning talks, but the link goes directly to mine.)

Over the three, long minutes I somehow managed to talk about small donor fundraising, MollyGive, some cool tech nonprofits, and my newest donation project. (By “talk about,” I mean “mention in a single, run on sentence.”)

Inspired by the success of large matching donation programs and driven by the delusion that there is such a thing as a middle class philanthropist, I found some great people to join me in joining a $10k matching donation fund for the Software Freedom Conservancy’s spring fundraiser.

I don’t have the resources to put up a donation large enough for a match on my own. While I care a lot about the Conservancy (and a number of other nonprofits, charities, and causes), I can’t really justify to myself making a significant donation to a single organization–especially when there’s the potential to double a whole slew of donations through MollyGive.

In addition to wanting to see more of this (in general), I’m still hoping to find a few more people for the spring Conservancy match. We’re close to $10k, but not there quite yet. There’s no minimum, but I think $500 sounds like a nice number.

Even if you can’t join in building the matching fund, I hope you’ll join in helping to meet the match come fundraising time. 🙂

Why I want you to run for the OSI board

The Open Source Initiative board is homogeneous, stratified across generations.

We fit across three (tech) generations of contributors to free and open source software–those who were involved in the early days of free software; those who found places in the community after open source had been established; and the group paultag humorously dubbed the GNU generation–none of us have lived in a world without the explicit concept of user freedom.

Within my cadre of FOSS-loving millennials, several of us have fairly similar stories, both inside of our FOSS lives and out: we all had formative life experiences of financial hardship, and tech helped us emerge into comfortable, middle-class lifestyles. We’re all community-focused and have worked as community managers. We’ve been finalists for the same jobs.

That is to say, while we have different opinions and different outlooks, we all come from fairly similar places.

While I would not go as far as to say the same is true across each generation represented in the board, we do a fairly good job of agreeing with one another. Occasionally we argue, but that frequently comes from practical points and specific concerns relating to the gritty logistics of making decisions for an organization.

We have a range of experiences represented when you take the board as a whole, but not as different as I would like to see.

The fact is, the board does not represent the greater FOSS community. This is why it’s important for more people to join the OSI–in order to vote in elections and make sure their voices are represented. In order for this representation to be real, we need people from different backgrounds and viewpoints to stand for election and become board members.

To say this in more explicit terms: the OSI board is extremely (exclusively) white. Two board members are European, eight of us from the United States, and there is one Canadian. I think this is a problem.

What do I want from you? If you’re from outside North America, I want you to run for the OSI board. If you’re a racial minority, I want you to run for the OSI board. If you come from a background that is a part of the FOSS movement, but not represented, I want you to run for the OSI board. Are you from North America? Are you white? Are you a college educated coder working in a cool tech job? That is -awesome-. I am some of those things. I want you to reach out to your friends with different backgrounds, experiences, and knowledge and encourage them to run for the OSI board.

Think you’re unqualified? You’re totally not. One of the things I’ve learned about life–and especially FOSS–from three of my amazing free software mentors is that we’re never qualified when we start something new–or at least we don’t feel that way. I had no clue what I was doing when I first thought about running for the OSI board. All I knew was that I wanted to do more for the community.

Think you’re too busy? You might be! You might not be! We’re a pretty busy lot, and we each put in what we’re capable of. Sometimes that’s advice and ideas; sometimes it’s fundraising, financial literacy skills, ideas, organizing, writing, and anything else you bring to the table.

Think you’ve nothing to say? I bet you do.

Joining a board is not only about you–it’s about giving back to the community that has given you so much. It’s about pushing a movement forward. It’s about bringing the ideas and voices of others to the table, and making sure that everyone is heard.

If you’re interested in running, but scared, uncertain, don’t think you’re qualified, want help, or just want to talk more about the responsibilities, please email me at molly [at] opensource [dot] org or Josh Simmons at josh [at] opensource [dot] org.

Board members also get sweet email addresses, and that alone is reason enough to run. 🙂

Previously, the board was appointed by the board. This gave them the opportunity to create a group representing a range of experiences and skill sets, as well as fill necessary niches of knowledge (licensing, technical skills, community organization, etc). Now that we have a board elected by membership, it’s more crucial for people to both nominate themselves, if they don’t see enough representation, and join the OSI. In order for elections to actually reflect the FLOSS community, wee need a strong, varied membership from all over the world. So, in addition to running or encouraging your friends to run, consider joining as an Individual or Affiliate member.