From mboxrd@z Thu Jan 1 00:00:00 1970 From: bill-auger Subject: Re: FSDG status of chromium Date: Tue, 25 Sep 2018 19:36:58 -0400 Message-ID: <20180925193658.7529612c@peers.community> References: <20180925092922.20b2a32d@peers.community> <87tvmdl7id.fsf@fastmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:48134) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g4wtK-0004HM-D9 for guix-devel@gnu.org; Tue, 25 Sep 2018 19:37:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g4wtE-0006SB-Sc for guix-devel@gnu.org; Tue, 25 Sep 2018 19:37:16 -0400 Received: from sub5.mail.dreamhost.com ([208.113.200.129]:54553 helo=homiemail-a78.g.dreamhost.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g4wtD-0006O0-4m for guix-devel@gnu.org; Tue, 25 Sep 2018 19:37:12 -0400 Received: from homiemail-a78.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a78.g.dreamhost.com (Postfix) with ESMTP id C98D04867A7C0 for ; Tue, 25 Sep 2018 16:37:08 -0700 (PDT) Received: from localhost (75-138-187-221.dhcp.oxfr.ma.charter.com [75.138.187.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: bill-auger@peers.community) by homiemail-a78.g.dreamhost.com (Postfix) with ESMTPSA id 7906B48000A35 for ; Tue, 25 Sep 2018 16:37:08 -0700 (PDT) In-Reply-To: <87tvmdl7id.fsf@fastmail.com> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org On Tue, 25 Sep 2018 21:08:42 +0200 Marius wrote: > Can you elaborate on what exactly the issue is? I am aware that > Chromium bundles non-free sources > That leaves "first party" source files. Admittedly I haven't audited > all of those other than superficial grepping. Do you know whether > parts of Chromium are considered non-free? no - and that is exactly the core problem - AFAIK no person on this planet knows the definitive answer to that question, including the upstream developers themselves, as demonstrated by the 10 year old bug report that was never closed all i have to say about chromium specifically is that, if this program is so massive that even its developers can not determine whether or not it is 100% freely distributable, then the sheer size of this behemoth is a better reason to avoid it than any fuzzy licensing concerns to answer your question specifically, "Do you know whether parts of Chromium are considered non-free?"; my answer is: "yes absolutely" - the main point i was trying to get across in the OP, is that all software should be considered to be non-free until it is convincingly demonstrated to be otherwise - it's developers have not been able to do that in 10 years - perhaps they dont care so much about the issue, i dunno, but even that would be no justification to let it slide past the FSDG On Tue, 25 Sep 2018 21:08:42 +0200 Marius wrote: > I noticed a number of > files are missing license information: in those cases I have assumed > that the top-level "LICENSE" file (BSD-3) applies. i dont think that is a reasonable assumption to make - by that logic, you could assemble any collection of unlicensed or conflictingly licensed source code projects, heap them all in a tarball with a single BSD-3 license at the root level, and that would somehow make everything adequately licensed, simply because none of the files within contradict that otherwise unfounded assumption - the unfortunately broad and brief wording of permissive licenses (no more precise than "this software") encourage that lazy assumption to be made as applying to "everything in this tarball", probably more often than people realize On Tue, 25 Sep 2018 21:08:42 +0200 Marius wrote: > It seems to me using "Ungoogled-Chromium" remediates Lukes concerns yes most people agree that the ungoogled patches would be necessary but not sufficient for any FSDG compliant build of chromium On Tue, 25 Sep 2018 21:08:42 +0200 Marius wrote: > Andreas Enge writes: > > So at least it is apparently possible to get a working binary with > > only free sources. =20 >=20 > To clarify: the few files flagged by 'checklicenses.py' are as far as > I can tell all free software. The script just fails to classify them > 379 files for which it fails to detect license. to be clear here, what is truly meant there by: "only free sources" is "with only sources that have not yet been demonstrated to be non-free" - that is the key distinction - just because they have not yet been proven to be non-free, does not make them free - and i have yet to see anyone make that determination convincingly On Tue, 25 Sep 2018 21:08:42 +0200 Marius wrote: > All non-essential "third_party" directories are purged in the same > manner. I have audited the remaining third_party files and AFAICT > they are free software. adfeno recently did a some preliminary digging into this also[1] - maybe you and he could compare notes ad/or combine efforts On Tue, 25 Sep 2018 21:36:45 +0200 Cl=C3=A9ment wrote: > I hope we'll > make it free at some point, so that it can be integrated into Guix. to these i again want to underline the secondary point i hoped to make; that is if *anyone* can liberate this program, it would allow this browser and dozens of derivative programs that are currently blacklisted to be included in guix AND also *any* of the FSDG distros - what bothers me most about this situation here, is that no one from guix seems to be "on the same page" sharing information and effort with the other FSDG distros - i really do encourage you guys to join in on these conversations that pertain equally across all FSDG distros[1] - if you have some success liberating chromium, or have determined any of its dubious licensing concerns, please do make it known on that mailing list - it would be of great interest to many outside of guix - at the very least it could lead to the recommended fix for chromium on the "does not respect the FSDG" list to be changed from "use icecat instead" to "this browser can be used in freedom if you ...." [1]: https://directory.fsf.org/wiki/Talk:Chromium [2]: https://lists.nongnu.org/mailman/listinfo/gnu-linux-libre