Questions about Linux-Libre's effectiveness

LUH LAH welpthisdidnotwork at gmail.com
Wed Aug 31 18:45:58 UTC 2022 

Thanks for replying,


I see. I suppose I'll look into migrating to IceCat, but I see two
problems (for now) with that.

1.) IceCat isn't updated very often. Right now, the latest version is
based on FireFox 60.7.0. That's ancient! I haven't looked into it, but
I doubt the repository is updated very often either. I would help with
the project, but I don't really know how to program (that much).

2.) The transfer process between FireFox and IceCat is not at all
elegant (at least from what I've seen on Parabola). If this could be
smoothed out a little bit, it's make IceCat a bit more appealing.

I'm not going to use any other FireFox fork/clone either. For me, it's
either GNU or noon.


-[T] IMSOASIAN (I really don't wanna switch back to Parabola now that
I've switched to Debian...I wasn't able to save my data before, and I
don't wanna risk it now. Although, now that I think about it, I don't
have much on there anyway.)

On 8/22/22, Denis 'GNUtoo' Carikli <GNUtoo at cyberdimension.org> wrote:
> On Fri, 19 Aug 2022 15:07:12 -0400
> LUH LAH <welpthisdidnotwork at gmail.com> wrote:
>> However, it seems quite foolish (to me) to disqualify Firefox solely
>> because you "could" install non-free addons. I think that if I were to
>> simply look on each developer's website (which Mozilla makes very
>> easy), I could easily find out whether or not it's FLOSS.
> FSDG compliant distributions makes sure that browsers do not come with
> a repository of addons which also contains nonfree addons.
>
> This is typically done by either patching the browser, changing its
> build configuration or using a forks browsers (like icecat for
> instance) that don't have these issues.
>
> So we have browsers derived from Firefox, but they're not called
> Firefox (look instead for icecat, iceweasel, gnuzilla, etc) because the
> modifications are important enough to require to call it something
> else, even if most of the code is the same.
>
> Even looking for Firefox (with pacman -sS firefox or guix package -s
> firefox) works because the description of the package often mention
> that it's a browser that is based on Firefox.
>
> Here the project that makes Firefox requires distributions to change
> the name if the changes made to the code is too invasive, and that's
> not necessarily a bad thing: if someone modifies linux-libre to add
> nonfree software in it it would make sense to change the name along the
> way, otherwise that would mislead users.
>
> As for the repositories of software like the mozilla addon repository,
> they raise many issues:
> - First the FSDG requires to not refer to repositories that
>   contain nonfree software. So if distributions still want to refer to
>   these repositories, then they have the choice between working to
>   modify the FSDG or deciding not to follow them anymore. The
>   later is not a decision that is to be taken lightly.
>
> - Then the FSDG has these requirement for good reasons, many users,
>   especially the less technical ones, can easily think that
>   everything in the repository is free software while it's not. If that
>   repository is not mentioned in any way or used in any way by an FSDG
>   compliant distribution, it's pretty clear that users are on their own.
>
>   If not, users make mistakes, and even technical users like me
>   sometimes make that mistakes because we don't have the time to check
>   everything.
>
>   Getting together and doing that work together is precisely what FSDG
>   compliant distributions enable people to do, so we are better off
>   doing that together because of time constraints.
>
>   In contrast with non-FSDG distributions having nonfree software is not
>   a bug, so nonfree software can't be removed by bug reporting and/or
>   contributing to remove it.
>
>   That leaves users alone to do all the checking work, but that is
>   almost as much work as doing an FSDG compliant distribution anyway,
>   so it doesn't make sense not to regroup together to do that work. And
>   for GNU/Linux distributions we also need to modify packages for it to
>   work as often in non-FSDG distributions some crucial packages contain
>   nonfree software.
>
>   And the alternative of hoping that everything is fine in non-FSDG
>   compliant distributions doesn't work either because things are not
>   fine.
>
> - Anyone can claim that a given addon is free software. The question
>   here is that, if I understood well, it's up to each addon maker to
>   build the addon. So the current implementation of the mozilla addon
>   repository makes it extremely difficult to check licensing
>   information at a large scale. So again users have a hard time
>   collaborating to do the checks here.
>
>   The free software directory can help users collaborate to do freedom
>   checks on projects but again there is a limitation because this
>   project isn't concerned about binaries, it only check project source
>   code, and it doesn't even build the source code. So for instance
>   nonfree libraries and other things could be in the addons without the
>   ability for users to learn about it easily.
>
>   In contrast many distributions (including non-fsdg ones) do build
>   packages themselves. This makes checking much more easy and it scales
>   pretty well. Just building the package already tests many things
>   automatically (that there is no missing dependency, that nothing is
>   missing, etc). Combined that with manual review (like what the free
>   software directory does) can yield pretty good results.
>
>   Not combining building software and manual review however let too
>   many nonfree software in for package users.
>
> - Different distributions have different licensing standard. For
>   instance Debian main is 100% free software (but not FSDG compliant),
>   so at least what it claims is free software usually is (but it might
>   refer to addons repositories that contain nonfree software for
>   instance).
>
>   FSDG compliant distributions are also very strict on that as they try
>   to do their best not to redistribute nonfree software. This
>   also includes not redistributing upstream source code with nonfree
>   software in it. Parabola has a mechanism (mksource()) that copes well
>   with that requirement for instance.
>
>   In contrast in many non-FSDG compliant distributions, Linux is
>   considered free software even if it has files that contain nonfree
>   software like arch/powerpc/platforms/8xx/micropatch.c.
>
>   Some nonfree firmwares (like signed firmwares that can't be
>   modified by the end users and the distributions) are also considered
>   as free by many of these distributions.
>
>   And here we're in a situation that is even worse because as I
>   understood each addon producer would have their own standards. So we
>   can safely say that there are freedom bugs that can't be fixed in
>   such repositories.
>
> That said, it may be possible to make an FSDG compliant addon
> repository out of the mozilla addon repository without rebuilding the
> addons, but it would at least require a way to review the addons
> and to be able to fix things (for instance by removing non-compliant
> packages).
>
> Parabola works a bit like that as it reuses the FSDG compliant Arch
> Linux packages, but it also has the ability to replace the blacklisted
> packages by packages of its own (because otherwise it wouldn't be able
> to boot, because some packages like linux need to be replaced).
>
> Denis.
>

More information about the linux-libre mailing list