SourceForge Removes Blanket Blocking

Recently there was much gnashing of teeth as SourceForge (which shares a corporate overlord with Slashdot) started programmatically blocking users in certain countries to comply with US export restrictions. Thankfully they didn't let it end there and have found a way to put the power back in the hands of the users. "Beginning now, every project admin can click on Develop -> Project Admin -> Project Settings to find a new section called Export Control. By default, we've ticked the more restrictive setting. If you conclude that your project is *not* subject to export regulations, or any other related prohibitions, you may now tick the other check mark and click Update. After that, all users will be able to download your project files as they did before last month's change."

This is completely stupid.

[frinkacheese]

This is dumb. The terrorists will just get their mates in another country to get whatever it is they want.

Only the kind of stupid Americans that though that restricting the export of encryption technology would actually work would think of this. What happened there? They all got it anyway.

What exactly do they hope to achieve with this stupidity?

Re:This is completely stupid.

[BHearsum]

They hope to avoid liability.

Re:This is completely stupid.

[2short]

They are complying with the law. Certainly, what they are doing is stupid and will be completely ineffective. But that's hard to avoid when complying with a law that is stupid and completely ineffective.

And these restrictions makes so much sense

[JoshuaZ]

Yeah. These restrictions make so much sense. Because we all know that North Korea has no way to get access to any servers outside North Korea. And no one can use a proxy server at all. And they really are going to be absolutely helpless without the tiny open-source projects. This is as ridiculous as the old restrictions on exporting encryption (at least those got removed a few years ago).

The right thing to do :)

[neo00]

Great news, and this is a brave thing to do :) Blindly blocking all SF projects to some people was wrong. I said this before, US export laws should only apply to US products. OpenSource/Free software projects should stay "open" and "free/libre" to everybody. Those who worked hard on these projects, including developers from the banned countries, should have the right to decide whether their projects should be blocked or not. Some said the law applies to SF just because they host the projects. If the law was strict to this level then the whole internet should be banned to these countries.

Dump sourceforge

[starsong]

Why the hell does anyone even use SourceForge anymore? Their tools suck, the site is beyond slow and plastered with ads, and you have to play download roulette with their crappy 90s-era mirroring system. Plus you get crazy decrees like this from whatever's going on at the top. It's not like there aren't alternatives these days. Google Code is awesome by comparison.

Re:Duh

[HungryHobo]

Feel free to rent a server in some random country and mirror sourceforge.

It is for these reasons...

[steelfood]

...that projects such as TOR and Freenet exist.

Re:And these restrictions makes so much sense

[HungryHobo]

I'm fairly sure those restrictions were never actually dropped.
they just gave up trying to enforce them.

Stupid, stupid law

[bcmm]

The USA has compiled a list of the countries it considers most repressive, and attempted to forbid the citizens of those countries from using encrypted communications... I don't think the governments on that list mind.

Re:This is completely stupid.

[vlm]

But that's hard to avoid when complying with a law that is stupid and completely ineffective.

How is it stupid and ineffective if the purpose was to enlarge/preserve the great American bureaucracy and secondarily harass O.S. developers?

Re:Mates in another country

[CastrTroy]

Or any of the millions of the completely open proxy servers.

Re:The right thing to do :)

[countertrolling]

should only...should stay...should have...should be...

Well, if you really want want all these should've...could've...would've(s), then you and your neighbors should vote for politicians that will handle the issue properly. If if you're going to cry about how the "system" is rigged against you, save your breath. I'll have none of it. You all are just cursing darkness instead of lighting a candle. There is no law on the books that require you to vote for spoon fed by mass media candidates.. yet.

Re:Liability?

[Yvanhoe]

But before opening a project on sourceforge, you have to describe your proposal and they manually accept or not. That could be argued to be editorial control. This is not exactly a gmail situation.

Reality Check

[mpapet]

The number one reason why this is *very* much ado about nothing is that the projects the U.S. Government would have any interest in AT ALL are novel and strong encryption schemes. To satisfy both novel and strong conditions puts one into a *very* small and elite group.

Sure, there are many projects that implement standard/weak/known encryption. That's completely different than a project that implements legitimately novel AND strong to the point of piquing the interest of the BIS/spooks. I don't know for sure, but zrtp might be an example.

An American company can export SSL/TLS/PKI and similar, crypto products without ever drawing the interest of the BIS. I guess at some point in distant history, this was not the case. As someone that actually worked with the BIS on getting encryption export compliance it has been easy for a long time.

Counterproductive laws

[presidenteloco]

The USA is squandering some of its technological lead and economic opportunities with dumb-ass laws.

I've already had to stop hosting several online businesses in the US due to the patriot act and international customers' unwillingness to have there data stored in the US.

Stem cell research was set back a decade by Christian fundamentalist opposition making its way into
federal law.

Laws restricting export of US software just result in software being innovated faster elsewhere.

As Freeman Dyson once said: The best way to defeat soviet communism would be to ship Apple computers to their population en masse. He was basically right, though who knew it would be cloned PCs that would do the trick.

Re:Liability?

[westlake]

Is Google liable if I Gmail you restricted encryption algorithms?

Google isn't hosting the file or providing you with a "home page" for your project. Sourceforge is much more exposed.

Re:Don't think so

[Locke2005]

Some information... only has use for killing. I can't think of any information that would make it easier to kill that couldn't also be used to help prevent death. In the technological realm, almost everything is a two-edged sword. Security by obscurity is a poor means of defense.