Skip to content, sitemap or skip to search.

Personal tools
Join now
You are here: Home Campaigns High Priority Projects Security by and for free software

Security by and for free software

by Georgia Young Contributions Published on Jan 13, 2017 04:30 PM
Security is a concern for all computing and all computer users.

Although users cannot ever be truly certain of their security when using proprietary software, that does not mean free software is automatically secure. Free software developers and users must take steps to improve the security of free software projects.

Because security is so important, creating free software projects that help users secure their computing could drive free software adoption. This is an effort of great ethical import that is only possible at all because users have the freedom to do so.

Ways to help

  • Make your own computing more secure: one place to start is encrypting your email, and the FSF offers an Email Self-Defense Guide to help you get started, and get your community started by teaching an encryption workshop.
  • The Electronic Frontier Foundation offers several free software security projects, including HTTPS Everywhere, a browser extension that encrypts your communications with many Web sites.
  • Tor is a free software open network that helps you defend against traffic analysis, a form of network surveillance that threatens your privacy. You can use Tor, donate to the project, teach your friends about Tor, or run a Tor relay.
  • Also, if you maintain a free software project, take steps to improve its security. Seek a code audit from a security expert. Mozilla awards funding for security audits of free software licensed code.
  • Take steps to ensure reproducible builds of your free software project. Reproducible builds are a set of software development practices that create a verifiable path from human readable source code to the binary code used by computers, which allows users to gain confidence that a distributed binary code is indeed coming from a given source code.
  • If you have a website, check out Let's Encrypt, an automated, free-software based certificate authority (CA), run for the public’s benefit, as well as the W3C's extensive security information and recommendations for the Web.

This is just one item on the Free Software Foundation's High Priority Projects list.

Document Actions

The FSF is a charity with a worldwide mission to advance software freedom — learn about our history and work.

fsf.org is powered by:

 

Send your feedback on our translations and new translations of pages to campaigns@fsf.org.