About

Member of the Board of the Polish Linux Users Group. Human rights in digital era hacktivist, Free Software advocate, privacy and anonimity evangelist; expert volunteer to the Panoptykon Foundation; co-organizer of SocHack social hackathons; charter member of the Warsaw Hackerspace; and Telecomix co-operator; biker, sailor.

Formerly President of the Board of the Polish Free and Open Source Software Foundation; CTO of BRAMA Mobile Technologies Laboratory on Warsaw University of Technology and a student at Philosophy Institute on Warsaw University.

Table of Contents

languages:
19.01.2015Ban on encryption is not about banning encryption en 149 13.01.2015Not Free as in Beer en pl 148 30.12.2014GPG Key Transition en pl 147 18.12.2014Siła wyższa pl 146 04.12.2014Internet in Poland to be porn-free after all? en pl 145 27.11.2014Block everything! en pl 144 02.11.2014Introducing: rysiek's law of unavoidable consequences en pl 143 09.09.2014Stop paedophilia en pl 142 22.06.2014Even with EME, Mozilla will become "the browser that can't" en 141 21.06.2014EuroDIG 2014 en pl 140 19.06.2014Hacker in the Digital Affairs Council en pl 139 30.05.2014Public consultations and anonymity en pl 138 18.05.2014Why being a pirate is not worth it en pl 137 15.05.2014On Mozilla, DRM and irrelevance en pl 136 14.05.2014Not-quite-good-enough-Mundial en 135 12.04.2014Irresponsible non-disclosure en pl 134 29.03.2014Ecologic, Ford and surveillance en pl 133 15.03.2014Otwórzmy edukację pl 132 10.03.2014Blurry line between private service and public infrastructure en 131 08.03.2014IM IN UR MINISTRY, CONSULTING UR INTERNETZ en pl 130 17.02.2014Encrypted VoIP that works en pl 129 11.02.2014So you want to censor the Internet... en pl 128 02.02.2014This is why we can't have nice IRC en 127 31.01.2014Decentralize where your mouth is en pl 126 30.01.2014A link cannot be illegal en pl 125 30.01.2014Copyright reform debate lives on en pl 124 26.01.2014Neat HaCSS, or let's de-JS the Web a bit en 123 27.12.2013Information Account Number en 122 14.12.2013HaIPu en 121 20.11.2013Friends of TTIP and data protection in Brussels en 120 19.11.2013Social media, Polish Pirates style en pl 119 05.11.2013A rude comment en 118 20.10.2013TEDx Warsaw Women and privacy en pl 117 03.10.2013Copyreform at CopyCamp 2013 en pl 116 22.09.2013Long-expected KMail2 rant en 115 18.09.2013Facebook for schools en 114 12.09.2013In which I call upon United Poland parliamentarians to guarantee citizens the right to Internet free of surveillance en pl 113 08.09.2013Complaintivism en 112 04.09.2013It's his own fault en pl 111 19.08.2013Lies, damn lies, and analytics en pl 110 27.07.2013Shortest Internet censorship debate ever en pl 109 22.07.2013How information sharing uproots conservative business models en es 108 22.07.2013Posts' markup is now available en pl 107 11.07.2013Kultura wolna i legalna pl 106 07.06.2013Internet is not a problem en pl 105 05.06.2013Libel Culture en 104 17.05.2013Wojtuś Fatalista i wolność w Internecie pl 102 17.05.2013Why I find -ND unnecessary and harmful en es pl 101 28.03.2013Wolność nasza codzienna pl 100 17.03.2013Nie wszystko korpo co o wolności w Internecie pl 99 15.03.2013♫ Odpowiadam na e-maile ♫ pl 98 11.02.2013One year anniversary of Anti-ACTA en pl 97 30.01.2013Nie ma haka na słabe dziennikarstwo? pl 96 30.01.2013Fighting Black PR around OER en pl 95 29.01.2013HOWTO: effectively argue against Internet censorship ideas en 94 20.11.2012Border conditions for preserving subjectivity in the digital era en pl 93 19.11.2012Social blogosphere en pl 92 07.11.2012Embrace fragmentation en pl 91 02.11.2012SERVICES.TXT en pl 90 24.10.2012Apple finally jumped the shark en es 89 24.09.2012Breaking the garden walls en es pl 88 24.09.2012Minister i Kultura pl 87 24.09.2012Melbourne CryptoParty video message en 86 16.09.2012On sailor's sensitivity, or "the starry heavens above me" en pl 85 22.08.2012Black PR around Polish e-Textbooks en pl 84 15.08.2012Regaty utracone pl 83 24.07.2012Hypochristian Love en 82 24.07.2012Some new Layout Goodness en pl 81 17.07.2012Party 2.0 en pl 80 16.07.2012Prawo autorskie po ACTA pl 79 13.07.2012Party as a system hack en pl 78 10.06.2012Are corporations dangerous only in collusion with governments? en 77 09.06.2012Proxies! Proxies everywhere! en 76 05.06.2012Automagic re-publishing from Twitter to StatusNet en pl 75 18.05.2012TPSA/Orange and GIMP, or a word on 5 users en pl 74 16.05.2012Słowo o Warsztatach MAiC pl 73 15.04.2012Schowaj gadżeta pl 72 05.04.2012Perfect ToDo-oid en 71 27.03.2012Subjectively on Anti-ACTA in Poland en pl 70 25.03.2012On copyright in Budapest en pl 69 23.03.2012Kościoła poczucie odpowiedzialności pl 68 20.03.2012Learning to Internet en pl 67 19.03.2012Kościoła wiara w wiernych pl 66 29.02.2012Brussels Safari #1 - EP press conference and ITRE en pl 65 21.02.2012Because ACTA is passé en pl 64 20.02.2012Privacy of correspondence, EU-style en pl 63 17.02.2012Polish PM on ACTA: I was wrong en pl 62 12.02.2012Anonymous vs Corponymous en pl 61 10.02.2012To have a cookie and dowload it too en pl 60 19.01.2012About ACTA at Polish PM Chancellery en pl 59 19.01.2012Free as in United en pl 58 16.01.2012Towarzystwo czuje się oszukane pl 57 10.01.2012Terms of Using the Service en pl 56 05.01.2012Corporate lack of patriotism en pl 55 04.01.2012Terroristcopters en pl 54 03.01.2012IceWeasel and Privacy en pl 53 28.12.2011Good Uncle Stal... Putin en pl 52 25.12.2011Useful Bash defaults done right en 51 21.12.2011Google Mail, or how mail becomes publication en pl 50 20.12.2011Occupy Gotham en pl 49 11.12.2011Copyfraud en pl 48 08.12.2011Multikino Wikipedia FAIL pl 47 27.11.2011Nie miejsce na pl 46 18.11.2011One-way cutting en pl 45 12.11.2011Tolerancja dla Kościoła pl 44 11.11.2011Users and Citizens en pl 43 30.10.2011Adhocracy and Net4Change en pl 42 18.10.2011War on Fun en pl 41 16.10.2011Boli mnie w krzyżu pl 40 14.10.2011Technocomplacency en pl 39 10.10.2011I Can Haz? pl 37 09.10.2011Election Silence in Poland en pl 38 03.10.2011Kibice i kampania pl 36 02.10.2011E-textbooks, Johnny Mnemonic, business and the Net en pl 35 19.09.2011CC Global Streaming/Summit/Party pl 33 19.09.2011Czy jest coś takiego jak darmowe śniadanie? pl 34 12.09.2011Faktycznie Super pl 32 12.09.2011Diaspora-Based Comment System en 31 11.09.2011Conflict of values en pl 30 06.09.2011Wolność słowa to nie wolność od myślenia ani od krytyki pl 29 06.09.2011On-line privacy and anonymity: case in point en pl 28 04.09.2011On being careful with words en pl 27 03.09.2011W obronie QR Code pl 26 31.08.2011Stolica Nie Tak Święta pl 25 29.08.2011Of malware, hot steam, privacy, using one's brain and paedoparanoia en 24 29.08.2011Kragen Thinking Out Loud en pl 23 18.08.2011Ból, blizny, dziewczyny i wiosła pl 22 07.08.2011Worst. Woodstock. Ever! pl 21 27.07.2011Willpower, productivity and cycling en pl 20 19.07.2011Neo FreeRunner as a WiFi Soundcard en 19 10.07.2011A Weekend with lawyers en pl 18 09.07.2011One step closer to ideal en pl 17 04.07.2011Apostasy in Poland en pl 16 28.06.2011YAFR (Yet Another Facebook Rant) en pl 15 19.06.2011Wiara w priorytety pl 14 17.06.2011Important meetings, fun meetings en pl 13 13.06.2011Ooops I en pl 12 30.05.2011Playing with Node.js en pl 11 25.05.2011Mozilla, Google and the Location Bar en pl 10 24.05.2011At Sector 3.0 conf en pl 9 23.05.2011Layout, CSS and RSS/Atom en pl 8 15.05.2011Startup Weekend Network Fun Fun Fun en 7 11.05.2011Nowy szef Bramy pl 6 10.05.2011World's Smallest Open Source Violin en pl 5 10.05.2011Po kolejnym spotkaniu w KPRM pl 4 08.05.2011Inspiracja na niedzielę pl 3 08.05.2011I horizontally the whole blog is that serious pl 2 07.05.2011I can has brag en pl 1

Ban on encryption is not about banning encryption

en | txt src

David Cameron's bright idea to ban encryption that is not backdoored by the UK law enforcement, backed, of course, by Barrack Obama, is not exactly popular among the geeks and the technically savvy.

Main argument against the ban goes: if an encryption system has a master key, "bad guys" too can get it or discover it. The whole encryption scheme, then, is critically flawed.

Apart from that, the prevailing view among the geeks and hackers can be summarized as "good luck banning it, I'm going to use it anyway and what are they going to do about that? They're not going to put us all in jail!"

Problem is, the ban is not about banning encryption. It's about criminalizing its use and flagging those who use it.

Hence, the whole technical community — hackers, activists, IT specialists, etc — discussing technical merits of the proposal and technical means to go around it once introduced miss the point completely. Technical issues are not relevant for the British PM and his ilk.

All for one and one for all

Right now John McDoe using an HTTPS-protected website or TLS-protected IMAP-server basically uses the same crypto, that a TOR-using privacy activist does. AES, Diffie-Hellman key exchange, public-key crypto are all there. These are tried and true, based in some basic math, ingeniously used.

If any of the elements gets compromised, it's compromised for everybody. Security of your bank's HTTPS-protected website is directly connected to the security of TOR or GnuPG.

And of course, it's as deplorable to the listeners, as it is obvious to the techies.

Show me a man and I'll find a crime

Making strong, non-backdoored crypto illegal is a neat "solution" to this "problem".

Banks and large corporations will bend over, because being prosecuted for non-compliance with "legislation critical to national security" is not good for business. Besides, they're patriots, right?

Anything used or offered officially by any company in the UK or the US will have to be backdoored. This will "solve the problem" of commercially-available secure platforms, offering good security and privacy for non technically-savvy users. You either pay for backdoored encryption, or are on your own using (unwieldy at times) FLOSS tools.

Of course, the tech-savvy can still use the encryption tools, and help the less technically fluent to do so too. However, when they do, they become criminals. The Government does not have to show that you did anything illegal other than the simple fact that you used non-backdoored encryption services or software.

The very fact of wanting to stay secure and keep your privacy will become a criminal offence.

How can they prove you used non-backdoored encryption tools? Simply by saying so, provided that you used any encryption at all. This also means that even if you do use a backdoored encryption platform, the Government can always claim that this particular platform has not been backdoored, and therefore you still broke the law. You have no way of proving otherwise. Can we guess how that plays out?

Oh, and have you ever participated in a CryptoParty, or, even worse, organised one? Congratulations, you might also be liable also for "conspiracy to commit a crime".

Nobody's going to be putting non-backdoored encryption users in jail by the dozen, no doubt. But as soon as the Government wants you, they can have you. By the balls or behind the bars.

Not Free as in Beer

en pl | txt src

This text has been written for the CopyCamp 2014 post-conference publication, where it has been published originally. I recommend the whole publication, and hope to see you at CopyCamp this autumn.

Free as in Freedom,
not free as in beer

Richard M. Stallman's quote, well known to free software advocates, brings clarity to an ambiguous term — "free" can refer to freedom, or can mean "gratis"; both can be on-topic as far as software is concerned. It has also become, in a way, the motto of the free software movement.

Many initiatives draw inspiration from free software philosophy — libre culture movement, Wikipedia, open educational resources, and many other, base on ideas floated by and tested within free and open source software projects. The "free as in freedom, not free as in beer" thought is also present outside of the freedom-loving software developers' world.

Usually it's the first part of the quote that gets the most attention and focus. It is about freedom, after all, and not about whether or not something is available gratis. This focus was (and is) required to clearly demarcate software, culture or educational resources that give and preserve freedoms of their users from those that are just available cost-free (allowing for access, yet denying the rest of the Four Freedoms); the priceless from the zero-priced.

We might need to change that accent, however. Software developers, artists and educational resources creators, libre or not, have to eat, too.

Four Freedoms

Richard Stallman had introduced a simple yet effective criterion of whether or not a given software (or any other resource, for that matter) is freedom-preserving — its license has to guarantee:

  • freedom to run/use the program without any restrictions;
  • freedom to examine how it works and to modify it;
  • freedom to distribute it further;
  • freedom to distribute one's own modifications of it.

To make extending the set of libre software easier, in the first free software license, the GNU GPL, one more trick has been also used — copyleft, the requirement that all software based on GPL-licensed software will also have to be distributed under the same terms.

Copyleft clause has since become a point of contention within the free/libre/open-source software community. The debate between its detractors and proponents is as vivid today, as it has been 30 years ago.

The former prefer non-copyleft licenses, like MIT or BSD; the latter — promote the use of GNU GPL family of licenses.

The MIT/BSD crowd argues that copyleft denies developers of derivative works (in this case, software based on a GNU GPL-licensed project) the freedom to close their project or change the license.

The GNU GPL side points out that even if that particular freedom is denied in such a case, it's for the greater good — others, including the users of the derivative work, have their four freedoms preserved.

The debate, then, concerns the freedom of the derivative work's author to close that work, versus the four freedoms of all users, ever. And of course, this is relevant not only to software.

Business models

Within the software development world and outside of it the copyleft clause tends to be considered "bad for business". Derivative work authors would like to be able to close their works regardless of the licensing of the originals, so as to earn a living on them — after all, how can one make money on something that is free to copy at will?

The answer lies with new business models, compatible with the culture of sharing (and sharing of culture). Crowdfunding, voluntary payment-based models, making money on merchandise (like band t-shirts) or concerts, and (in the case of software) selling services like feature implementation, support, or deployment, allow the creators to thrive and earn a living even though — or, as often is the case, precisely because of — fans sharing of their works.

These are not obvious and seem uncertain — and yet more and more often they finance productions, large and small. On the other hand, the "tried and tested" ways of making money on creative work are not a guaranteed way to make a profit. Even more so with the market being saturated by huge companies.

Preference for non-copyleft licenses might stem from lack of trust to new models: "I might want to sell a closed product based on this, what then?" However, if I can close something, others can, too. We're all worse-off.

Heartbleed

The Heartbleed debacle illustrates this well. A trivial software bug in a popular free software library used on the Net by big and small alike to provide secure transmission had huge consequences for the whole FLOSS ecosystem, and broader: for the whole Internet. It also remained undiscovered for years.

Software involved — the OpenSSL library — is available on a non-copyleft license. It's being used by companies, including most of the heavyweights (including Google, Facebook, and Amazon), in their products and services.

They use it, but do not really help develop this crucial piece of software. OpenSSL developers did not have the funds for regular code audits that would have discovered the bug long before it caused any harm.

Large companies also do not share their modifications. OpenSSL's license does not require it, so why would they? Turns out Facebook modified their OpenSSL version in a way that (inadvertently, probably) made it insusceptible to the bug.

Had OpenSSL used a copyleft license, requiring sharing modified code with the community, Heartbleed might have been discovered much earlier, causing much less harm.

Not free as in beer

Free software, libre culture, open educational resources development has its cost. Thousands donate their time and expertise, and share effects of their work. It often is overlooked, usually when while arguing for use of FLOSS the "it's gratis" argument is being used.

It is not. Time to start properly valuing the work put into those initiatives. And to support them, also financially.

Copyleft, turns out, can help here too: if nobody can close my work, I myself can also use their enhancements. We're all better-off.

GPG Key Transition

en pl | txt src

This is my GPG key transition statement. I am transitioning off of my old key:

07FD 0DA1 72D3 FC66 B910 341C 5337 E3B7 60DE C17F

To a new key:

D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E

The old key has not been compromised. The main reason for transition is this weak subkey:

sub 1024R/0x085C4F046A46EBC9

I have generated a new, much stronger key. And I have done so in a way that (to an extent) protects me from ugly consequences of a possible private key loss (think: stolen laptop, with keys). I used these three great howtos:

With their help I have generated a master keypair, stowed away in a safe place; and a laptop keypair that I use day-to-day.

The master keypair has never touched my laptop or any device associated with me — it has been generated on an airgapped random loner laptop in the Warsaw Hackerspace (every hackerspace has a few of these), running a copy of TAILS.

From it, the laptop keypair has been also generated on the airgapped loner lappy. Then, the master keypair has been transferred to the storage medium, and the laptop pair — to my laptop; both have been safely wiped from the loner afterwards (besides, everything was happening on a ramdisk anyway).

The minor inconvenience if this setup is that I can only sign other people's keys with my master keypair, i.e. when I am not travelling.

Key Transition Statement

Below you'll find my key transition statement. You can also download this statement signed by both the old and the new key.

GPG Key Transition Statement
Date: 30th December, 2014

For a number of reasons, i've recently set up a new OpenPGP key, and will be transitioning away from my old one.

The old key will continue to be valid for some time, but i prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition.

The old key was:

pub 4096R/0x5337E3B760DEC17F 2011-09-28 [expires: 2014-12-30]
Key fingerprint = 07FD 0DA1 72D3 FC66 B910 341C 5337 E3B7 60DE C17F

And the new key is:

pub 4096R/0xEAA4EC8179652B2E 2014-10-14 [expires: 2020-10-12]
Key fingerprint = D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E

To fetch the full key from a public key server, you can simply do:

gpg --keyserver keys.riseup.net --recv-key 'D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E'

If you already know my old key, you can now verify that the new key is signed by the old one:

gpg --check-sigs 'D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E'

If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint 'D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E'

If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key. You can do that by issuing the following command:

**
NOTE: if you have previously signed my key but did a local-only signature (lsign), you will not want to issue the following, instead you will want to use —lsign-key, and not send the signatures to the keyserver
**

gpg --sign-key 'D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E'

I'd like to receive your signatures on my key. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system):

gpg --export 'D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E' \
| gpg --encrypt -r 'D0E9 E1E3 D80A 098A 0D0D 7EC4 EAA4 EC81 7965 2B2E' \
--armor | mail -s 'OpenPGP Signatures' rysiek@hackerspace.pl


Additionally, I highly recommend that you implement a mechanism to keep your key material up-to-date so that you obtain the latest revocations, and other updates in a timely manner. You can do regular key updates by using parcimonie to refresh your keyring. Parcimonie is a daemon that slowly refreshes your keyring from a keyserver over Tor. It uses a randomized sleep, and fresh tor circuits for each key. The purpose is to make it hard for an attacker to correlate the key updates with your keyring.


I also highly recommend checking out the excellent Riseup GPG best practices doc, from which I stole most of the text for this transition message ;-)

https://we.riseup.net/debian/openpgp-best-practices

Please let me know if you have any questions, or problems, and sorry for the inconvenience.


Michał "rysiek" Woźniak
rysiek@hackerspace.pl
http://rys.io/

Siła wyższa

pl | txt src
This entry does not seem to be available in the language of your browser; displaying in: pl.

Jakkolwiek nie jestem wielkim zwolennikiem przepływu celebrytów i celebrytek do polityki — mamy, jak sądzę, lepsze źródła kompetencji intelektualnych niezbędnych do rządzenia w naszym pięknym kraju — to jednak wolę wyborców wypada uszanować.

Z tejże woli wyborców do sejmiku wielkopolskiego weszła Katarzyna Bujakiewicz, którą posiadający telewizory czytelnicy mogą kojarzyć z tak wiekopomnych projektów artystycznych, jak seriale "Na dobre i na złe" czy "Magda M".

Ja jednak radną Bujakiewicz kojarzyć będę jednak z tego, jak krótko sprawować będzie swój mandat, oraz (i przede wszystkim) ze względu na powód, dla którego mandatu sprawować nie będzie dłużej.

To nie jest jej zła wola czy lekceważenie wyborców. Po prostu w oświadczeniu majątkowym, jakie musi złożyć każdy radny, nie może ujawnić niektórych swoich dochodów z komercyjnych kontraktów aktorskich. Za kłamstwo grozi kara pozbawienia wolności, a za niezłożenie tylko wygaśnięcie mandatu. To drugie wyjście jest bardziej uczciwe — mówi jeden ze sztabowców komitetu Teraz Wielkopolska.

Sztabowca komitetu Teraz Wielkopolska zachęcam do rozważenia, czy aby nie pominął pewnych możliwości wyjścia z sytuacji. Skoro tak lekko podchodzimy do tematu zerwania swego rodzaju kontraktu pomiędzy radną Bujakiewicz, a jej wyborcami, może moglibyśmy przynajmniej wziąć pod uwagę, że przecież kontrakt z dotychczasowymi pracodawcami radnej również można zerwać?

Czy dowiemy się, jakie konsekwencje groziły by radnej w takim wypadku. Oczywiście, że nie. Są wszak rzeczy ważne i ważniejsze. Głos wyborców jest ważny; komercyjny kontrakt radnej Bujakiewicz z producentami bawiących tych wyborców seriali jest jednak, jak widać, ważniejszy.

No cóż. Kamyczek do ogródka sceptycyzmy względem celebrytów i celebrytek próbujących swych sił w polityce.

Internet in Poland to be porn-free after all?

en pl | txt src

Can't leave parliamentarians alone for 3 days, can you.

Today, the Administration and Digitization Commission of Sejm (the lower chamber of Polish Parliament) has approved for further proceedings a project of "A Resolution concerning actions to limit children's access to pornography on the Internet", which used to "call upon the Minister of Administration and Digitization to guarantee parents a right to porn-free Internet" — the final draft is still not available on Sejm website, but it should soon be available here.

In comparison with the original project the new text is... better, although that does not mean it's any good. Here it is for your reading pleasure (please note: the translation is mine and unofficial, and I omit the rather unimportant "whereas..." part):

RESOLUTION

By Sejm of the Republic of Poland
of ...............

Concerning actions to limit children's access to pornography on the Internet

(...)

1. Sejm of the Republic of Poland moves for the Minister of Administration and Digitization to prepare solutions which will guarantee parents a right to access the Internet network free from pornography.
2. These solutions should follow these guidelines:
a. Any person should have the possibility to block transmission of any pornographic materials;
b. An internet service provider should provide tools that would allow blocking transmission of pornographic materials;
c. An internet service provider is required to provide tools that would allow blocking transmission of pornographic materials free of charge;
d. An internet service provider can disable access to pornographic materials. An agreement with a customer should reflect this.
3. Minister of Administration and Digitization shall present a proposal of such solutions within 18 months from the date of adoption of this resolution.

Wait, what?

Yep. The Commission has convened on this issue mere week after the previous session, not giving enough time to properly prepare and have a serious discussion. At least the text has been changed in a way that makes it not entirely absurd (only just a bit, depending on who is reading it).

What does that mean?

One could read the text of the resolution in a way that would give the Ministry the possibility to simply reply:

There are parental filters available, free of charge, for any software platform, KTHXBAI.

...or, in a way that would require an answer along those lines:

ISPs are required to "voluntarily" censor the Net on the level of their core infrastructure, opt-in or opt-out.

Basically, we need to make sure that (providing that the resolution clears Sejm) the Ministry will not go in the direction of a solution that would introduce central filtering of the Internet.

The only sane solution I see is filtering on end-user devices (including home routers). During consultations last year, regarding this very topic, this has exactly been the solution we have suggested the Ministry should go along with. Time to take it off the shelf, I guess.

Now what?

Now Sejm has to decide, and this will happen during next few weeks. Unfortunately, the modified project apparently has the support of the coalition, so I'd like to invite Poles to write their representatives, and in the meantime I'm prepping up for an 18-month fight to keep any central-level filtering, be it obligatory or "voluntary" (as in the UK), limited to end-user devices.

This means a lot of work; if you feel it's important or valuable — support Panoptykon.