Free software is needed for security

Micah Lee has been working on recent controversies around TeleMessage. If you’re not familiar with the topic, here’s a small backstory:

Some time ago, Mike Waltz and several senior U.S. government officials were caught discussing military plans on the messaging app Signal, after someone mistakenly added Jeffrey Goldberg, editor-in-chief of The Atlantic, to the conversation. Later, Waltz was seen using TM SGNL—a clone of Signal developed by TeleMessage—that includes features like cloud message archiving.

Micah recently created a program called TeleMessage Explorer, designed to simplify the investigation of TeleMessage dataset (provided by him and available to journalists and researchers) and published it under GNU AGPL v3, a free (as in freedom) license. It made me think about the importance of software freedom to achieve security and privacy. And it certainly made me appreciate Micah’s program more, as it didn’t refuse me my digital rights.

The license ensures users can run, study, modify, and share the program, as they wish. It ensures people own their copy of the program, rather than giving power to the developers to control what users can do.

Free software, as Ian Kelling puts it, is an under-appreciated cause. Free software accelerates collaboration, technological innovation, troubleshooting, and transparency. It allows people to build upon each other’s code and make cutting-edge tools accessible to all.

A flat-style digital illustration in shades of blue and green symbolizing software freedom and digital security. It features an open padlock, a shield with a checkmark, and a stylized code panel. To the right, there’s a circular keyhole icon representing free software, accompanied by the bold text “FREE SOFTWARE.” The background includes abstract dots, plus signs, and plant elements, creating a clean and modern tech aesthetic.

Note: I'll refer to this freedom-respecting cause as free, and will refer to free as in free beer, or free of cost, as gratis.

I’ve experienced this myself. During heavy censorship and internet shutdowns, free (as in freedom)-licensed programs enabled people to develop tools and bypass internet filtering; making it possible to connect to outside world. Free and decentralized messengers such as Tox and Briar allowed people to connect to each other, and above all, it was free protocols that made these communications possible.

In today’s world, digital freedom is as vital as physical and ideological freedom—and it exists because we have access to code and programs that benefit not just developers, but everyday people as well.

In times of oppression, free software stands as a safeguard for the right to safe and secure communication. It allows journalists to connect with their sources without government interference and to share their stories without fear of censorship. Because anyone can own, run, and modify their software, people are free to compute on their own terms. This independence removes third-party control and ensures that vital communication tools remain in the hands of those who need them most.

When Trump was banned from Twitter, he created his own social network upon free Mastodon source code, giving him power to communicate with his followers in his desired platform and medium. This reminded people that even the president of the United States isn’t immune to censorship. I’m not arguing that banning him was unjust nor I’m suggesting everybody should be able to say anything. But it’s important that when needed, we’d be able to resist censorship and maintain our control over our own communication.

Returning to the TeleMessage incident, it’s important to note that free software doesn’t automatically guarantee security. As mentioned, SGNL—TeleMessage’s messenger—was free code but still had vulnerabilities that led to a serious breach. However, the key point is this: because SGNL is based on free software, its code can be studied, improved, and adapted by anyone. This makes it possible to build a more secure messenger on top of it, tailored to specific needs, while preserving the freedom for users to communicate on their own terms.

If there’s a vulnerability in the source code, users have the freedom to fix it themselves—or hire someone who can. A great example is Session, an instant messenger built on top of Signal’s free code, designed to offer additional features and enhanced privacy based on the developers’ vision of secure communication. They added specific features for specific needs, that weren’t met by the original Signal app. This was only possible because the source code of Signal is free, empowering people to study, run, modify, and share the code and build such incredible program for people.

Micah releasing his program with a free license enables researchers to modify and use it for other purposes as well. Enabling them to further their research and, in a direct result, benefiting other people, enlightening people about this kind of security.

I should mention this again. Free software is essential for privacy and security. True security and privacy comes when you can ensure that the program you’re running is the same code you study and are able to modify. So if and when you find a vulnerability, or a practice that isn’t in your interest, you can modify it. If you prefer, you can compile the program from the source code to ensure it’s running the same code you trust.

It’s essential for security because you won’t be relying on the original developer to fix what’s wrong. You can either fix it yourself, if you can, or hire someone to fix it for you. You can protect yourself from future backdoor or vulnerability because you control exactly what goes into your program.

Most free software we use daily is maintained and published by their dedicated communities. This collective collaboration and public scrutiny make it easier to identify security issues, monitor development, and, to some extent, ensure that the process prioritizes the interests of the users rather than corporate shareholders. While free software can certainly be financially beneficial, its core principles and values put people’s rights above all else.

It also means that people have choices. If you don’t want reading or modifying yourself, you can rely on public review or trusted experts who have taken the time to analyze and comment on it. Web sites such as privacyguides.org give good impression of what privacy-respecting and relatively secure tools and services people can use and, importantly, software freedom is not a bonus in their review and is rather a fundamental strength. The team behind Privacy Guides understand that ability to read, modify, run, and share freely is essential to achieve real security and privacy.

I personally avoid using proprietary software because I deeply value my privacy and security. To keep what’s mine truly private, I rely on freedom-respecting programs. While I do have to use some proprietary software at work—since my company and field require it—as Richard Stallman says, that doesn’t mean I “should get lost.” I stay true to my principles whenever I can. I continue to look forward to find a way to stop using them. This is unfortunate though currently unavoidable compromise to me but I haven’t stopped trying yet.

Freedom is essential. In today’s rapidly advancing digital age, where computers and software touch nearly every aspect of our lives, protecting our physical and ideological freedom means ensuring our computing remains free. “Free software, free society” isn’t just a slogan or an empty promise—it’s a living practice carried out every day. It empowers communities, especially those at risk, giving them a voice and enabling us all to exercise our freedoms of thought, mind, and speech.

Freedom is not just important—it’s essential and arguably the most precious right we have. We must protect this right by all means necessary. Don’t forget, freedom wasn’t won easily or without great sacrifice for many people. Today, countless individuals still risk their lives to defend it, and we have a responsibility to do the same.