[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat

From: bill-auger
Subject: Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat
Date: Thu, 22 Feb 2018 20:55:51 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0

On 02/22/2018 02:56 PM, David Hedlund wrote:
> On 2018-02-22 09:22, Ivan Zaigralin wrote:
>> GPL-licensed code is not necessarily free. An obfuscated source is
>> unmaintainable regardless of the license, so two freedoms are taken
>> away: the freedom to study, and the freedom to run modified versions.
>> LibreJS is unable to detect obfuscated code.
> Thank you. This is a bug, can you please file a bug report to
> https://savannah.gnu.org/bugs/?group=librejs ?

david - ivan was not reporting any bug that could be fixed - he was
saying that it is impossible for libreJS to determine if a script is
obfuscated or the original source - if the only available version of the
script is obfuscated then the GPL does not apply because all
requirements are not satisfiable - for this reason, any yet unseen
obfuscated script should be considered non-free regardless of it's
reported license

the only way libreJS can accurately deem a script to be free is either
if it is an original non-obfuscated source that matches identically to a
previously cataloged copy that has a verified license or an it is an
obfuscated script that matches identically to a previously cataloged
copy of an obfuscated script which has been previously verified to have
been produced from the original source that has a verified license -
beyond that, i think the halting problem would need to be solved first

just as you do for the FSD, this would require a human to verify the
reported license of each and every yet un-cataloged script then either
shipping with libreJS checksums for all known scripts on earth as a
white-list or having every script that every user downloads sent to a
central server for verification which would be as much of a privacy
concern as the script itself - also it should be clear from that any
such catalog would be incomplete at best, especially at the rate the web

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]