Avoid nonfreedom software

From Whonix

Ambox warning pn.svg.png For system security it is strongly advised to not install proprietary [archive], non-freedom [archive] software. Instead, use of Free Software [archive] is recommended [archive]. As Free Software pioneer Richard Stallman [archive] puts it:

  • "... If you run a nonfree program on your computer, it denies your freedom; the main one harmed is you. ..."
  • "Every nonfree program has a lord, a master -- and if you use the program, he is your master.“
  • "To have the choice between proprietary software packages, is being able to choose your master. Freedom means not having a master. And in the area of computing, freedom means not using proprietary software."

Or as the GNU project [archive] puts it:

  • Proprietary Software Is Often Malware [archive]

  • Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; that is the basic injustice [archive]. The developers and manufacturers often exercise that power to the detriment of the users they ought to serve.

  • This typically takes the form of malicious functionalities.

  • Some malicious functionalities are mediated by back doors.

  • Back door: any feature of a program that enables someone who is not supposed to be in control of the computer where it is installed to send it commands. (added by editor "Most times without consent or awareness.")

The GNU protect created a list with examples of Proprietary Back Doors [archive]. The Electronic Frontier Foundation [archive] (EFF) has other examples of the use of back doors [archive].

Open Source software [archive] like Qubes, Linux [archive] and Whonix ™ [archive] is more secure than closed source [archive] software. The public scrutiny of security by design [archive] has proven to be superior to security through obscurity [archive]. This aligns the software development process with Kerckhoffs' principle [archive] - the basis of modern cipher [archive]-systems design. This principle asserts that systems must be secure, even if the adversary knows everything about how they work. Generally speaking, Freedom Software projects are much more open and respectful of the privacy rights of users. Freedom Software projects also encourage security bug reports, open discussion, public fixes and review.

Possible risks associated with using non-freedom software:

  • Potential advanced malware in the software itself.
  • Privacy breaches. Possible key logger or keystoke deanonymizer?
  • Software that depends on third party servers could access identifying information for payments or logins linked to real identity.

For more information on installing free, third-party Libre software [archive] consult the Foreign Sources page for advice. See also: Is It Ever a Good Thing to Use a Nonfree Program? [archive]

Related: Why Whonix ™ is Freedom Software