[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fine differences

From: Jean Louis
Subject: Fine differences
Date: Sat, 31 Oct 2020 10:57:44 +0300
User-agent: Mutt/+ (1036f0e) (2020-10-18)

"To control people" is principle that many corporations have. We do
not even know what human atrocities have been prevented in last 2-3
decades would not be awareness about the free software.

Do we really want to have chips implanted in our bodies changing our
proteins and doing what they want by means of central control and
software? There are today plans for that. Yet resistance is there due
to awareness that is widespread. Would be same resistance in the world
without free software? I doubt it.

Awareness comes from promoting free software principles.

> Besides that, the free/libre system distributions generally also remove
> those for NodeJS's npm, Rust's cargo and other package management
> facilities that by default point to repositories not committed to de GNU

I have not verified each system distribution and I do not think that
the approach to simply remove packages that could go to non-free
repositories is the best approach. I do not say it is not right, I say
it is not best approach.

Best approach would be to bundle or prepare package repositories or
packages of let us say npm in the distribution itself. Better is
providing one's own repository which software have been verified. This
is expensive approach as it asks for more effort. But it also helps

Repositories that do not have principles:

- NOT to include proprietary
- NOT to verify if software is proprietary or not
- TO INCLUDE anonymous dubious software
- TO INCLUDE software with UNKNOWN licenses (pip)
- TO INCLUDE software that is meant to use exclusively other non-free software

Then such shall not be promoted in free software system distributions.

But there are fine differences.

> guidelines which require exactly that, or a change in the default
> repository configuration to either remove all of such (leaving only
> the package manager there, but with no repository information)

That is one of fine differences, if one leaves package manager at the
system is it not also guiding the user to non-free?

We have to have well defined position on that.

Leaving package managers in the system is good idea and removing
non-free repositories is good idea.

> point to a repository that is committed to the GNU FSDG

In my opinion OS distributions that are FSF endorsed could or should
bundle a lot of popular free software from repositories that may
bundle non-free to satisfy users.

Maybe bunch of software from some repositories should be in one bundle
so that user can download like 500 packages at a time. I would prefer
that approach

For GNU Emacs, I would prefer approach that full GNU ELPA is bundled
in one big package so that one can download it on system and install
for every user on a multi user system.

Then to avoid MELPA that distributes packages wrapping non-free
software or packages that are meant to run exclusively non-free
software, free system distribution shall make a choice of packages and
bundled it as a package and make it in similar way available.

I think that Debian is doing it like that. Maybe in Debian they
provide pip, but they also package many Python software in
distribution itself.

Goal shall be seeked that all dependencies in one OS distribution are

More important is teaching of free software. Articles that are
available on should be bundled in packages for offline
reading and to become accessible to new users who install free
software but do not mind or do not care or do not know about free

Recently I have installed Dragonfly BSD and in the root directory /
there I can see COPYRIGHT file with the free software license. Same
can be done for other OS-es especially for GNU based OS-es that should
promote freedom. The file could give enough pointers to people how and
where to read about free software on their own system.

Greater effort should be made to teach users about free software
rather then only not transparently removing repositories for npm or
pip or removing those package managers and having surprised users.

We have to tell why those package managers have been removed.

$ pip

could be a wrapper that tells to user:

- it is a wrapper, and how to change it not to be the wrapper

- that many packages on their repository are non-free, as license
  UNKNOWN means non-free. Even if one would know that package is
  normally distributed with free license, when receiving another copy
  of a package without license that package is legally not free, as
  one did not verify relation between the author and
  repository. Author could have distribute package by different

- that users are disadvised using non-free software and for which

- pointers on where and how to configure repository should be given as

- pointers how to make their own repository and advise how to license
  their software and maybe even bounties for free software

That is better than removing pip from system. 

> for which there are rare ones since most JavaScript, Python, Rust
> folks don't seem to care until it bites them in some other way.

Rust I heard is changing policies, watch out their news.

There shall be legal care about software received and published or
distributed. Many do not understand the danger. youtube-dl was taken
down by DMCA notice from Github. But DMCA notices can be given to any
organization. Thousands of DMCA notices are are on Github and many
related to GPL enforcements:

This can happen to any OS, including to Hyperbola.

If distribution is let us say in country X, distribution manager shall
consult attorney on how to accept software by which principles and
which legal verification.

I do not think it is just enough to say "I got the license" and
"therefore I am fine and free". As that is obviously not true. DMCA
notices on Github are proving it that it is not enough to say "I got
the license and we are fine", as they are not fine. Github just has
enough money to handle all those problems.

We all assume we run free software. But how much of it inside is
really free, we cannot know easily. DMCA notices are clearly a warning
that probability is high that we have a lot of non-free software in OS
distributions for which we assume to be free but may not be
free. People reuse the code. They will reuse proprietary code in free
software as well. If some package is dependency for many other
packages that can break all OS distribution.

DMCA notice for Github can now be as well given to all OS
distributions having youtube-dl as a package. They would all need to
comply with it. Distributions that do not have frequent distribution
cycles would need to remove  the DVD from their website and would face
difficulties making new DVD or USB images.

In general we make too many assumptions that we run free
software. Just like I was believing that Debian never delivered to me
non-free software, but they did in the form of firmwares for
devices. And they do have non-free repository.

I was believing Linux kernel is free but it was not. I got

We make too many assumptions without good verifications. We better
make a central repository of problems or freedom issues so that fully
free OS-es can better collaborate with each other.

When including Python, it will have many references to pip, and users
will realize they do not have pip and sooner or later they will get
it. I see there fine differences on guiding users to non-free
software. It is better having free software Python repository.

We remove pip from Hyperbola but we do not remove Epiphany that cannot
even turn off Javascript. Probability that I am guided with Epiphany
to non-free software is so much bigger than by using pip. I want to
browse, but I do not necessarily need special installations of Python

Users are mostly users not necessarily administrators and not
necessarily developers.

Users will mostly browse, not develop.

I do not vouch to remove Epiphany from system but I say there lacks
sense of logic and good set of principles well defined.

What about the package docker-machine in Hyperbole? It is for docker,
so even if there is no local tool to access remote docker packages by
having docker-machine in the system users are to find remote dockers,
including non-free docker packages. It is inevitable

What about emulators? While software could be useful to make new
software for other machines, in practice it is 99.9% used for playing
non-free games. Emulators are included in Hyperbola but pip is not

Solution to above problems is communication to users, to teach more
about free software by including documentations, articles, free
software philosophy.

For example why I do not find not even one package that includes free
software philosophy articles? I find that surprising.

What is really "guiding user to non-free software" shall be well
formulated and defined with reason and without contradictions. 

Without looking into popular proprietary games on emulators and
without study we would not get free similar games, clones of
proprietary games. That is the argument for emulators. But reality is
that 99.9% people will use it for non-free games. 

Browsers like epiphany in Hyperbola do not even have the option to
turn off the javascript. It drives me and guides me straight to run
Javascript on many websites, including by clicking on references to
links that I may find in the packages of distribution itself. Isn't
that guiding me as user to non-free software? Yes, it is.

Did I get any warning? No. I should have get it.

We need better defined set of policies for free system distributions.

I am mostly running Icecat browser with LibreJS turned on and other
protective plugins. By doing so one becomes more aware on what is
going on Internet. That websites wish to control users it becomes more
obvious. I can turn off Javascript in Icecat with easiness. But Icecat
is not in Hyperbola.

I get Iceweasel-UXP in Hyperbola, it works well and has LibreJS
built-in but I cannot turn off easily Javascript. I can use hidden
options. That is not easy for users to find out about that. It does
not teach users about freedom like Icecat teaches.

My opinion is that every browser on free software distribution shall
have option to easily turn off Javascript, and I do not speak of
hidden options. There shall be even command line options like Surf
browser has it.

When I open IceCat, the first option on screen at upper left corner is
to turn off Javascript. It has links to Javascript trap.

Javascript trap is good way to increase awareness at society.

I am surprised to see that years later people are less aware of
Javascript problems. And I remember entering for demonstration
purposes into file systems of my friends in the same room, just by
offering them website to visit.

Every browser with Javascript initially had the option to turn it
off. Today we can see Epiphany browser in Gnome not even having that
option. New versions maybe have it. But I do not have the option in
Hyperbola GNU/Linux-libre. I need to use gsettings but there is no
such option.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]