[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Informing users that the directory doesn't review binaries. Was: [GN

From: bill-auger
Subject: Re: Informing users that the directory doesn't review binaries. Was: [GNU-linux-libre] Criteria for Android applications
Date: Tue, 2 Nov 2021 15:27:39 -0400

On Tue, 2 Nov 2021 02:43:02 +0100 Denis wrote:
> I propose changing it to:
> > we don't review any of the binaries releases ; For instance
> > if an application is also available on Apple's Appstore, the binary
> > distributed through it will not be free software

thats an improvement; but its a weak disclaimer, as to why the
FSD can not relate to binaries - the strongest one would be:

> > Although the source code has been determined to be libre, it is
> > prohibitively difficult to determine whether or not any binary
> > was actually produced from those libre sources exactly and exclusively.

presumably, everyone would agree that a binary from libre
sources plus an injected virus, is worse than an "app store"
binary, which is actually clean (harmless), but is non-free -
especially when it is non-free only because of hardware/system
limitations or some third-party distributor's policies, not
because of any property of the software or it's upstream license

in short, i would emphasize non-reproducibility/non-auditability
as the main dangers of binaries, to make it clear that the danger
lies in:

  "binaries compiled by anyone other than me"

and not merely

  "binaries from repos with libre-hostile policies"

whether from a distro or directly from the upstream, in either
case, the only person who could know what went into the binary,
was the person who compiled it; and that person was not "you" nor
the FSD volunteers - to people looking for binaries, that supply
chain factor is probably more important than permission to
modify or share (or access to the source code) 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]