Slashdot Mirror

If they do that, then that's absolutely great and reason alone to switch to Kaspersky. Everybody should welcome this.

No, in fact the continued lack of software freedom for users is precisely the reason users should reject Kaspersky's, Microsoft's, Norton's, McAfee's, and so many other nonfree anti-malware software.

Closed-source Antivirus and other security products (encryption, voting machines, credit card processing, etc.) tend to be fairly insecure for lack of external auditing. Companies go at great length to claim how careful they are etc., but the sad truth is that without any external auditing they will allow all kinds of blunders, fix vulnerabilities late and secretly, etc. This has been proven again and again.

"Closed source" is the tell here—that term is a reference to the open source development methodology. And here we see why free software is better than open source: open source enthusiasts are fine with proprietary software so long as some people get to "review" the source code. In this case that set of people are described as "a broad cross-section of computer security experts and government officials"—an unknown set of people who, for all we know, are not interested in looking out for security issues users would find problematic, or bugs that might harm users. Such an arrangement is no better than what Kaspersky is offering now; any proprietor can offer an NDA-laden "review" that does not respect a users' software freedom. It's no accident that the open source group takes this view. Open source was defined to reject software freedom in its pitch to businesses. Ultimately we find time after time that open source enthusiasts are ready to abandon their own development methodology if it would make a business happier to work in secrecy. Software freedom activists, on the other hand, won't settle for less than software freedom: the freedom to run, inspect, share, and modify published computer software—users included.

In fact what we're seeing in your post is precisely what a later revision of the aforementioned essay talks about. In "Why Open Source Misses the Point of Free Software" we can find:

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. I will get my work done some other way, and support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

Many years ago Apple sold a device with a custom OS called the Newton. Apple sold Newtons for about 5 years (1993-1998) but never released the OS under a free software license. Today some users still own, repair, and use Newtons but they do so with no respect for their software freedom. Whatever problems Apple built into the Newton's software (whether on-purpose or accidentally) cannot be fixed by its users no matter how technically skilled or willing those users are.

PC-MOS/386 currently requires a nonfree compiler (the Borland compiler) but now that PC-MOS/386 is free software it can be ported to systems so it will compile with free software compilers, thus avoiding the problem of free software with nonfree dependencies (what was originally known as "The Java Trap" named after free Java programs that depended on Sun's formerly nonfree Java software). We went from having no software freedom with PC-MOS/386 to being free to port and improve PC-MOS/386 as we wish! So PC-MOS/386 now that it has been released as free software treats you better than Apple treats Newton users. Thanks PC-MOS/386 developers for respecting our software freedom!

People never liked the x86 PC, but had to have them to use the Internet's content consumption aspects.

A creative work isn't "content" to fill a box, nor is it "consumed" by viewing it. With that out of the way, assuming "content consumption" refers to viewing works made by others:

Once someone finishes viewing works, what device should he use to create other works, such as replying to mail, commenting on news, or drawing his own art? Or perhaps by "content consumption", you were implying that people are content to view works created by others rather than participating in creation. If so, why does this remain the case?

https://www.gnu.org/proprietar...

What about providing something to help cover the costs of creating content you consumed?

For one thing, the act of viewing a work of authorship does not consume the work.

For another, publishers often don't even want to take my money. Where's the lawfully made region 1 or all region DVD copy of the film Song of the South, the film Pinocchio and the Emperor of the Night, or the TV series Spartakus and the Sun Beneath the Sea (the English language dub of Les mondes engloutis)?

The right to read is fundamental to intellectual freedom. Any abridgment is effectively mind control.

"If the First Amendment means anything, it means that a state has no business telling a man, sitting alone in his house, what books he may read or what films he may watch."
  – Thurgood Marshall

For communication during games, me and some friends use Teamspeak. No bullshit, not spyware, no hustle, it just works.

If Teamspeak is proprietary software as Wikipedia's Teamspeak entry says it is, you're making claims beyond your knowledge. Part of your description uses terms which have no clearly agreed-upon definition, and you have no idea if Teamspeak is spyware now or will become so later. For all we know, Teamspeak "just works" to implement its developers' ends implemented via proprietary malware. The fact that we don't know what Teamspeak does when it runs is a problem, not something we should overlook because it appears to reliably allow its users to chat and share data.

So, "No thanks!" indeed, but I'd aim this message at both Skype and Teamspeak because both should be flatly rejected for the same reason—both programs don't respect a user's software freedom to run, inspect, share, and modify the software at any time for any reason.

So does Ubuntu and Chrome.

Apple's users need to declare their independence from dependence on Apple and switch to free software OSes running on hardware they own. The same is true for independence from any proprietor.

You will never get the control over your own damn equipment you seek so long as you do business with proprietors (Apple, Google, Microsoft, etc.). Like I've said so many times before on /., the themes of the articles here are the same and so are the fixes you can implement today: software freedom is a good unto itself because it helps grant you the independence and true ownership you seek, running free software on hardware you can fully own is the best currently viable way to get the independence you seek. The rest is a matter of political will—are you willing to change your system and hardware so you can have the best available hardware and software that respects your freedom? Wishing and hoping achieve nothing, real change requires political action.

I recommend perusing the GNU Project's list of free distros and the Free Software Foundation's "Respects Your Freedom" hardware list.

Apple's users need to declare their independence from dependence on Apple and switch to free software OSes running on hardware they own. The same is true for independence from any proprietor.

You will never get the control over your own damn equipment you seek so long as you do business with proprietors (Apple, Google, Microsoft, etc.). Like I've said so many times before on /., the themes of the articles here are the same and so are the fixes you can implement today: software freedom is a good unto itself because it helps grant you the independence and true ownership you seek, running free software on hardware you can fully own is the best currently viable way to get the independence you seek. The rest is a matter of political will—are you willing to change your system and hardware so you can have the best available hardware and software that respects your freedom? Wishing and hoping achieve nothing, real change requires political action.

I recommend perusing the GNU Project's list of free distros and the Free Software Foundation's "Respects Your Freedom" hardware list.

the user does need to download and run the app [...] And, since it's unsigned, I'm assuming it won't work for most users by default

No on both counts—the app demonstrated in the movie is for proof of existence. The relevant code could exist in any application, even apps MacOS users already have and have been using (since this security flaw is old and also affects earlier variants of MacOS). In other words, sensitive data could have already been uploaded somewhere including changes to those credentials.

Apple's security is not only totally unimpressive here, Apple has a horrible track record as well. Wardle was quoted as saying he's "continually disappointed in the security of macOS...", "...every time I look at macOS the wrong way something falls over", and "Apple marketing has done a great job convincing people that macOS is secure, and I think that this is rather irresponsible and leads to issues where Mac users are overconfident and thus more vulnerable". I don't know precisely what Wardle was referring to to draw that conclusion. Perhaps he is referring to the time Apple chose to leave a 3-year old remotely exploitable iTunes bug unfixed after being informed about the problem. As Richard Stallman pointed out, "During that time, governments used that security hole to invade people's computers.".

But the worst part is that the software in question is proprietary (in other words, it's user-subjugating and non-free). So even technical users who are motivated to fix this, capable of fixing the problem, and willing to help others by distributing copies of their fix to other MacOS users in an easy-to-install package are rendered helpless. Such technically-inclined and helpful users can't help themselves or their community. They can either switch to a free system where their software freedom is respected or wait for Apple to fix the problem. And as the article says, "Apple did not say if or when it will patch the bug.".

Bear in mind that RMS does not consider Ubuntu to be free software, or advocate its use.

To be clear, his exact words are "If you ever recommend or redistribute GNU/Linux, please remove Ubuntu from the distros you recommend or redistribute." and "While you're at it, you can also tell them that Ubuntu contains nonfree programs and suggests other nonfree programs."

"FOSS-ware" would mean "(Free/Open Source Software)-ware"

The accepted terms are "free software," "free (as in speech) software," "software libre," and if you really insist, "F/OSS" or "FOSS" as expanded above. Also valid but with slightly different definitions: "GPL-compatible" (tighter definition), "open source" (looser definition, allows prohibiting modification or even sharing), and "copyleft" (looser still).

If I were to coin a new term for something meeting RMS's Free Software Definition, I'd consider "freedomware"

Why "consume" and not "view"? Why "content" and not "work"?

Anyway, find me a shop serving the U.S. market where I can purchase a lawfully made copy of the film Song of the South or the TV series Spartakus and the Sun Beneath the Sea, and I'll consider your point of view more valid.

Until two or three versions from now, when [the "Enable DRM" checkbox] is removed from Preferences and can only be toggled via about:config, or five or six versions of Firefox later when even that is removed...

At that point, Firefox users can switch to a fork that omits support for proprietary CDMs, such as Waterfox. If Mozilla makes support for proprietary CDMs mandatory, I'd bet money Debian will either revive the Iceweasel brand or package IceCat.

Open software's main benefit is the ability to easily fix and customize it yourself, and to make it possible for other developers to fork custom versions. For many professional users, the gratis feature is just a bonus.

So just remove Freedom 0, and use a licence that requires users to pay if they make (production) use the software. Have the source and build exposed, and allow anyone to sell forks, but have the licence say that users of those forks still pay you, while fork developers can charge a premium. Money flows up the fork tree, just like MLM sales.

Enforcement? Most professional users will pay if making the software run in production requires an explicit act such as setting a "Licenced" flag, even if it's easily bypassed, and especially if registered users get better support.

citation needed

Here you go.

Need more?

Still not enough?

Perhaps you need a little bit more?

Or a little less?

I hope you learned your lesson, son.

Brave is slimeware. It's filled with all sorts of commercial bullshit like ads, tracking and monetization crap.

The parent comment: " First, be Evil. I'm pretty sure that's Google's motto."

Google is now often acting in a way that is, in some ways, bad for users. What underlies that? Very poor management.

My guess is that Sergey Brin and Larry Page became overloaded running Google, now Alphabet Inc. Consider, for example, how you would feel about running a company with 72,053 employees. Extremely overloaded?

Now Pichai Sundararajan, also known as Sundar Pichai, is the CEO of Google. He was originally from Tamil Nadu, India. About 88% of Tamils are Hindus.

It is my understanding, based on talking with Hindus in India, that Hindus generally don't handle conflict well. For example, consider this quote from the article, Conflict resolution and Hinduism:

"The main teachings of Hinduism, according to Rao, include the following components:
An emphasis on suffering, impermanence and contingency;
Every act is suffused with spirituality and is meant to enable one to realize oneself;
Self-effacement, not self-assertion, is taught;
..."

To manage a technology company well, there must be deep emphasis on logical resolution of both technological and social conflicts. Conflicts must be resolved, not avoided. The quote above lists methods of avoiding the deep details of conflicts, not resolving them.

I'm guessing, and it is only a guess based on observation from outside the companies, that Google CEO Sundar Pichai is good at seeing methods Google can use to make more money, but is not good at understanding and resolving negative issues concerning those methods.

Now, technically knowledgeable people are complaining about many ways Google is abusive. For example, Google sells several services to companies that have web sites. The negative result is that Google tracks users of those sites.

A long time ago, I installed the Google Chrome Browser. The installation installed 3 system services. I uninstalled Chrome. I would not let Google's browser software to have more control over my computer than I have when I'm operating as a limited user.

See the article by Richard Stallman, The JavaScript Trap. Google is especially abusive: "Google Docs tries to download into your machine a JavaScript program which measures half a megabyte, in a compacted form that we could call Obfuscript because it has no comments and hardly any whitespace, and the method names are one letter long. The source code of a program is the preferred form for modifying it; the compacted code is not source code, and the real source code of this program is not available to the user."

The present emphasis of Google is apparently only on making more money. Alphabet and Google top management aren't paying attention to the social damage that is being done to the companies.

There are plenty of ways for Alphabet and Google to make money without having a negative affect on the companies, the users, and the world. Top managers who recognize and resolve conflicts can make healthy decisions. Top managers who think merely about making more money, and don't think deeply, damage their companies.

First off, you're using the word "Linux" as though that were an operating system. Linux is not now and never was an OS, it was and remains an OS kernel. You can't run the software you use as examples if all you have is the Linux kernel. Secondly, democracy is messy. People start projects which other people don't like. But we're all free to start our own projects and include the free software we like. Nobody "forc[ed] systemd into Debian". Debian GNU/Linux decided to include systemd, and for a community that is still going strong you'd never know that Debian had been "tor[n] apart" as you claim.

Contrary to your way of putting it, the initial work behind GNOME was quite practical and, coming from the GNU Project, started in making free software more practical. GNOME was started because the K Desktop Environment (KDE) had nonfree dependencies, notably Qt which used a nonfree license until around mid-1999. Thus KDE was unsuitable for the GNU Project which aims to provide an OS which respects a user's software freedom (to run, share, modify, and distribute). A second project aiming to do roughly the same job as Qt was also started by the GNU Project (a Qt API-compatible project called "Harmony"). Qt ended up being relicensed as free software and GNOME ended up being useful. So we have both KDE and GNOME today. Thus a pragmatic pursuit of software freedom, which you apparently eschew, was quite effective at delivering a modern GUI look-and-feel for users who want that (which, I'm guessing, would be most computer users).

"Splintering the community" is a natural outcome of software freedom just as people use their freedom of speech to express different and sometimes conflicting views. People try to work together to meet their needs but sometimes that just isn't possible. This kind of thing happens in science all the time; people with different ideas on how something works set out to investigate their hypotheses in parallel and sometimes we end up with multiple divergent theories and, over time, some convergence. When it comes to software development we should celebrate, not minimize or disdain the software freedom to express ourselves in such a way.

Please do cite examples to back up your claims. Stallman doesn't talk about "closed source" because that's a reference to open source, a group founded on rejecting the ethics-based free software movement he founded over a decade before open source began. In fact, Stallman has been known to point out why open source misses the point of free software and open source is a right-wing reactionary counter to free software probably because open source proponents are ready to drop their development methodology if a sufficiently robust and powerful proprietary program comes along. That choice reveals a scam akin to "greenwashing" among polluters who want to look more environmentally-conscious than their behavior would deserve. Virtually every story on /. can be described as yet another story that wouldn't have adversely affected users if the users had software freedom (the freedom to run, inspect, share, and modify published computer software).

Despite your clear misunderstanding of what Stallman argues for, why, or what the relevant issues at hand are, it should be interesting to you defend "open source is being pushed down peoples throats with the exact same lockins and customisations on devices".

For years Eben Moglen has been pointing out "Stallman was right" in his talks. Moglen regularly cites how Stallman got there years before the corporate-minded press (and thus repeater sites like /. don't promote that point of view). It's very much the problem we see with the open source advocacy for nonfree software (or, put differently, the open source enthusiasts' unwillingness to stand by their pitched development methodology). I understand it rankles to read someone pointing out that free software and open source aren't the same, but when it comes to endorsing proprietary software they certainly are not and this endorsement ought not be pushed aside. Red Hat has a cozy relationship with Microsoft which includes bundling .NET software despite patent claims that render such software nonfree particularly if one wants to do something with the software they can do with free software—adding covered code to another project.

You still see people here (even on this topic) posting something that demonstrates an unfounded belief they have more control over their nonfree OS-running computer than they have. "At least on PCs I could figure out what was crap, and delete it.", for example. Taking "PC" not to mean "personal computer" but computer running Microsoft Windows, there are plenty of examples of programs that either don't include working uninstallers or installers that purposefully leave something behind which can't be easily uninstalled (Sony's rootkit which also interfered with CD ripping, for example).

/.'s user-driven censorship scheme effectively increases the odds that freedom-talk goes unseen. If you want to see your post never get moderated up (and thus be less likely to show up for most /. readers using default settings), try pointing to any of the GNU Project's malware pages. These pages are highly informative lists which are helpfully divided into useful subcategories. They all explain how nonfree or proprietary software most computer users run deserve the alternative name "user-subjugating" and point to stories written by others, naming names and leaving no doubt as to their authenticity. /. wants clicks and like any click/like-oriented publication, adherence to established corporate norms is the heart of the effort. Stories like this come along once in a while but clearly the mainstay of tech press is convincing people to argue over minor technicalities while they narrow the allowable debate to which proprietary programs shall run on one's system.

You express the case for "Open Source" quite well, and that's where your entire post misses the points I raised and offers no response to them. Open source claims to support much the same thing as free software but you've inadvertantly put your finger right on where they differ, where it matters most: respect for software freedom. Open source was designed to throw away software freedom in a bid to speak to business interests (most notably software proprietors) and offer the reactionary right-wing response it has offered since its beginning.

Free software predates open source by over a decade and is at heart a social movement centered around the ethics of how to treat other people where computer software is concerned. Open source is a development methodology proprietors prefer because of the very tradeoff you expressed wherein robust proprietary software is adopted (thus showing how ready open source proponents are to throw away their meager development methodology). This difference is the night-and-day difference between free software and open source. The GNU Project covered this issue many years ago in their essays on the difference between free software and open source (old essay, newer essay). I recommend you read the newer one in particular, "Why Open Source misses the point of Free Software" because you've certainly missed the points I raised in my grandparent post. Calling proprietary software "more robust support" compels one to ask 'More robust than what?' as there is no other so-called "support" available for proprietary software; proprietary software so-called "support" is a monopoly. That's one of the points you completely missed: You can't know what else that proprietary software is doing without the inspections you aren't allowed to carry out on the proprietary software (irrespective of your will to do said inspection or to hire the job out to be done by someone more skilled than you). If that proprietary software ever doesn't do what you want (for any definition of "doesn't do what you want") you have no recourse to understand what all the software is doing or to change it in ways the proprietor doesn't allow. If you build promises on top of that software (such as running a business which keeps other people's sensitive data a secret) your promise is impossible to keep and you've made a bad choice in trusting a black box you're disallowed from inspecting, improving, (and sometimes even running) to keep those secrets for you. I hope you're contributing to the Samba team so that they can afford to spend more time developing the software to act as a full replacement for the directory service you point out.

The issue is not robustness of code; in fact, there's no argument that some proprietary software is more featureful and remarkably robust. The issue is also not whether you choose to learn enough programming and possess the curiosity to look into what the software is doing. The issue is what one is allowed to do with one's own computer, and recognition of the underlying ethics of this situation. The ethical way to treat other people where computer software is concerned requires respecting their software freedom. What you've said is what the newer of the two aforementioned essays describe, and I quote below:

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our d

You express the case for "Open Source" quite well, and that's where your entire post misses the points I raised and offers no response to them. Open source claims to support much the same thing as free software but you've inadvertantly put your finger right on where they differ, where it matters most: respect for software freedom. Open source was designed to throw away software freedom in a bid to speak to business interests (most notably software proprietors) and offer the reactionary right-wing response it has offered since its beginning.

Free software predates open source by over a decade and is at heart a social movement centered around the ethics of how to treat other people where computer software is concerned. Open source is a development methodology proprietors prefer because of the very tradeoff you expressed wherein robust proprietary software is adopted (thus showing how ready open source proponents are to throw away their meager development methodology). This difference is the night-and-day difference between free software and open source. The GNU Project covered this issue many years ago in their essays on the difference between free software and open source (old essay, newer essay). I recommend you read the newer one in particular, "Why Open Source misses the point of Free Software" because you've certainly missed the points I raised in my grandparent post. Calling proprietary software "more robust support" compels one to ask 'More robust than what?' as there is no other so-called "support" available for proprietary software; proprietary software so-called "support" is a monopoly. That's one of the points you completely missed: You can't know what else that proprietary software is doing without the inspections you aren't allowed to carry out on the proprietary software (irrespective of your will to do said inspection or to hire the job out to be done by someone more skilled than you). If that proprietary software ever doesn't do what you want (for any definition of "doesn't do what you want") you have no recourse to understand what all the software is doing or to change it in ways the proprietor doesn't allow. If you build promises on top of that software (such as running a business which keeps other people's sensitive data a secret) your promise is impossible to keep and you've made a bad choice in trusting a black box you're disallowed from inspecting, improving, (and sometimes even running) to keep those secrets for you. I hope you're contributing to the Samba team so that they can afford to spend more time developing the software to act as a full replacement for the directory service you point out.

The issue is not robustness of code; in fact, there's no argument that some proprietary software is more featureful and remarkably robust. The issue is also not whether you choose to learn enough programming and possess the curiosity to look into what the software is doing. The issue is what one is allowed to do with one's own computer, and recognition of the underlying ethics of this situation. The ethical way to treat other people where computer software is concerned requires respecting their software freedom. What you've said is what the newer of the two aforementioned essays describe, and I quote below:

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our d

Please don't use the abbreviation "PC" with the implication that the computer is running Microsoft Windows. If you install GNU/Linux on the same computer, it is still a PC.

The term “WC” has been suggested for a computer running Windows.

https://www.gnu.org/philosophy...

and you are even using the internet how? did you personally audit the code running on your machine line for line.

Some people use a Firefox ESR extension* called LibreJS. It's similar to NoScript, except it automatically whitelists any script that it can verify as having complete corresponding source code available under a free software license. This preserves the user's ability to audit code that runs in the browser's ESVM.

* I refer to this as a "Firefox ESR extension" because it uses Jetpack, not WebExtensions.

and you are even using the internet how? did you personally audit the code running on your machine line for line.

Some people use a Firefox ESR extension* called LibreJS. It's similar to NoScript, except it automatically whitelists any script that it can verify as having complete corresponding source code available under a free software license. This preserves the user's ability to audit code that runs in the browser's ESVM.

* I refer to this as a "Firefox ESR extension" because it uses Jetpack, not WebExtensions.

How are we over 100 comments without a link to this?

The Right to Read

As a content creator

Why does that phrase make me think of "happy god"?

Apple must defend its copyrights or risk losing them.

True of trademarks, not so much of copyrights.

Nonfree software didn't recently "add spying/telemetry/etc". The malware was a part of nonfree OSes (such as Windows, iOS, MacOS) for a long time in both the OS and various apps. Here are a few examples concerning Windows: the backdoor in Windows by which Microsoft can impose any change it wants and when this was used, and who can forget Microsoft's choice to trick or force Windows 7 and Vista users into Windows 10 "upgrades". Since that software was nonfree even technical users and developers couldn't legally remove the malware and distribute the improved malware-free variant to help others.

When it came to spying, Windows 10 gave users a UI that apparently deceived them into believing that the user had a say in how much their OS ratted them out. Windows 10 shipped with bad defaults for preserving user's privacy and continued "talking to Microsoft" (as Condé Nast put it) "even if a user turn[ed] off its Bing search and Cortana features, and activate[ed] the privacy-protection settings" (quoting the GNU Project). So now Microsoft assures Windows users things are better, but one has to wonder for whom and what users are legally allowed to do if they discover the proprietor's words aren't how the software behaves.

You can't sell open source

Yes you can sell open source software under various licenses. However, you have your terms confused.

Free software is a subset of open source software often licensed under the GPL. There is nothing in the GPL that says you can't sell the software. When you transfer your binaries, however , the GPL license requires that you provide your customers with four freedoms:

The freedom to run the program as you wish, for any purpose (freedom 0).
The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
The freedom to redistribute copies so you can help your neighbor (freedom 2).
The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

You can sell software using other licenses, such as BSD and Apache. Both meet the definition of Open Source, but do not convey the rights listed above. In fact, these licenses allow you to relicense the code as proprietary. For instance, a quote from the Apache license:

You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.

This is how Apple has legally built it's operating system on top of the Mach kernel and BSD Unix. They sell it, and they have relicensed it. A person contributing significant code to these projects is therefore unable to acquire their own source code from Apple. This loophole renders these licenses as non-free.

You can't sell open source

Yes you can sell open source software under various licenses. However, you have your terms confused.

Free software is a subset of open source software often licensed under the GPL. There is nothing in the GPL that says you can't sell the software. When you transfer your binaries, however , the GPL license requires that you provide your customers with four freedoms:

The freedom to run the program as you wish, for any purpose (freedom 0).
The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
The freedom to redistribute copies so you can help your neighbor (freedom 2).
The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

You can sell software using other licenses, such as BSD and Apache. Both meet the definition of Open Source, but do not convey the rights listed above. In fact, these licenses allow you to relicense the code as proprietary. For instance, a quote from the Apache license:

You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.

This is how Apple has legally built it's operating system on top of the Mach kernel and BSD Unix. They sell it, and they have relicensed it. A person contributing significant code to these projects is therefore unable to acquire their own source code from Apple. This loophole renders these licenses as non-free.

It appears a lot of Slashdot users oppose script-in-the-browser to such an extent that they would prefer "a return trip to the server" to automatic execution of unvetted proprietary third-party code. And as for "a validation error message at a conveniant time", they consider the inconvenience of waiting for form submission to be worth the increased security arising from less third-party code on their machines.

Why do you allow software written in languages other than JavaScript?

Because it is free software that is included in the repository of FreeBSD, Fedora, or Debian, which means it has undergone at least some level of third-party code review. Most applications that use script-in-the-browser have not. Some people who consider script-in-the-browser a "trap" make an exception for free software with machine-readable license markup.

Why do you allow software written in languages other than JavaScript?

Because it is free software that is included in the repository of FreeBSD, Fedora, or Debian, which means it has undergone at least some level of third-party code review. Most applications that use script-in-the-browser have not. Some people who consider script-in-the-browser a "trap" make an exception for free software with machine-readable license markup.

Then why not just make all apps "free" on grounds that an app's functionality is a "subscription service" as a software substitute, and require an IAP after installation to use it past 30 days? The only reason I can see is Apple's "stubborn refusal" to allow trial versions, which is killing the iPad Pro.

m claiming the following things about reality. GRsecurity may be violating GPLv2 (I'm not taking a definite position on that). If so, GRsecurity doesn't have a valid license for the Linux kernel, and is forbidden to change or further copy it. If GRsecurity doesn't have a valid license, GRsecurity can't grant a license, and therefore their customers are running unlicensed copies of software.

And reality disagrees with you. Per the GPLv2:

"4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance."

"6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License."

From the SFLC:

This is GPLv2's "automatic downstream licensing" provision. Each time you redistribute a GPL'd program, the recipient automatically receives a license from each original licensor to copy, distribute or modify the program subject to the conditions of the license. There is no requirement to take any action to ensure the downstream recipient's acceptance of the license terms, see above. This places every copyright holder in the chain of descent of the code in legal privity, or direct relationship, with every downstream redistributor. Two legal effects follow. First, as sec. 6 says, parties themselves remaining in compliance have valid permissions for all actions including modification and redistribution even if their immediate upstream supplier of the software has been terminated for license violation. Their licensed rights are not dependent on compliance of their upstream, because their licenses issue directly from the copyright holder. Second, automatic termination cannot be cured by obtaining additional copies from an alternate supplier: the license permissions emanate only from the original licensors, and if they have automatically terminated permission, no act by any intermediate license holder can restore those terminated rights.

It also follows, as sec. 6 makes clear, that licensors are in no way responsible for enforcing compliance by third party recipients or distributors. Every licensee gains or loses permissions from each original licensor solely on the basis of its own conduct .

We know from the MAFIAA and lawsuits that illegitimate copies of copyrighted works can cost a whole lot of money. The Linux kernel does not operate under a copyright-assignment principle, so there's a large number of people with copyrighted code in the kernel, and I believe any of them could sue.

But they are all bound by sections 4 and 6 of the GPL as "original licensors" of their contributions, they've automatically granted licenses to GRsecurity's customers by the terms of section 6, and those licenses were not terminated by GRsecutiy's alleged violation of the terms of section 4.

Hence, it looks legally risky to me to rely on a kernel supplied from GRsecurity.

Wrong.

You are mistaken.

E.g. see https://www.gnu.org/licenses/g...

Where it says: The right to sell copies is part of the definition of free software.

If you still believe you can not sell software licensed under the GPL then I suggest you consult with your lawyer.

And please stop posting misinformation about things you can and can't do with GPL licensed software.

Does the GPL allow me to sell copies of the program for money?
Yes, the GPL allows everyone to do this. The right to sell copies is part of the definition of free software. Except in one special situation, there is no limit on what price you can charge. (The one exception is the required written offer to provide source code that must accompany binary-only release.)

Note the word "everyone" - that includes Red Hat (amongst others). Here's a more detailed piece on the matter, where they even state that they "encourage people who redistribute free software to charge as much as they wish or can." (my emphasis)

Does the GPL allow me to sell copies of the program for money?
Yes, the GPL allows everyone to do this. The right to sell copies is part of the definition of free software. Except in one special situation, there is no limit on what price you can charge. (The one exception is the required written offer to provide source code that must accompany binary-only release.)

Note the word "everyone" - that includes Red Hat (amongst others). Here's a more detailed piece on the matter, where they even state that they "encourage people who redistribute free software to charge as much as they wish or can." (my emphasis)

Section 6 of the GPLv2 states:

6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.

GRSecurity is clearly imposing a restriction on the recipients' exercise of the right of redistribution. Whether or not they limit future access to the source code of the Program (as defined by the GPLv2) is irrelevant.

When GRSecurity loses (and they will) they may face a restriction of their own in the form of Section 4 of the GPL"

4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.

Let's assume that a court finds that GRSecurity is attempting to modify the GPLv2 license by adding a restriction. In doing so, they are denying the rights of Linux kernel devs to distribute their code as licensed. In other words, they are denying redistribution of source code that other people wrote to their own customers. If I were a kernel developer, I would consider invoking Section 4 to terminate GRSecurity's rights to the Linux kernel.

Long live ed.

By using the code that no longer has license, it is possible for them to be guilty of secondary infringement.

Very unlikely. Downstream recipients are likewise required comply with the terms of the GPL, regardless of any violation upstream.

"Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License."

https://www.gnu.org/licenses/gpl-3.0.en.html#section8

They can be sued if the distribute with the same clause the code from GRSecurity because they're doing the same thing.

Correct. They have no more right to add restrictions to the license than the upstream distributor does, and if they violate the terms of the GPL their license is subject to termination.

Don't blame the free software movement for that. The free software hackers who make the Linux-libre variant of the Linux kernel spend time deblobbing the upstream kernel (Linus Torvald's variant) which contains non-free software. This difference is at the heart of the philosophical difference between the older free software movement and the younger open source development methodology. They don't see proprietary (non-free, user-subjugating) software the same way.

The GNU Project points out:

...people from the free software movement and the open source camp often work together on practical projects such as software development. It is remarkable that such different philosophical views can so often motivate different people to participate in the same projects. Nonetheless, there are situations where these fundamentally different views lead to very different actions.

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users' freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, "I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?" This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, "Your program is very attractive, but I value my freedom more. So I reject your program. I will get my work done some other way, and support a project to develop a free replacement." If we value our freedom, we can act to maintain and defend it.

Gnash. It's perfectly happy to load locally-stored SWF files and if they're old enough to work on Flash Player 7 (which was released in 2003) then they'll probably work on Gnash.

This means no matter how much skill Android users possess Android users can't usefully investigate and fix the leveraged vulnerabilities themselves should they wish to do so or hire someone to do so on their behalf. The most they could do is write an exploit which demonstrates the bug, report the bug with the exploit program, and hope the proprietor takes corrective action. Upgrading to another version of proprietary software is no real fix as it could (at best) mean trading in fixes for these bugs in for other bugs the users are prevented from usefully investigate and fix. The user being rather helpless to improve their own situation or help their community all along the way. This is how proprietary (read: non-free, user-subjugating) software treats its users.

All complex software has bugs, proprietary OSes and apps are no exception, but as the GNU Project points out, "The difference between free software and nonfree software is in whether the users have control of the program or vice versa. It's not directly a question of what the program does when it runs. However, in practice nonfree software is often malware, because the developer's awareness that the users would be powerless to fix any malicious functionalities tempts the developer to impose some.". Since there aren't any free software tracker (none might be possible so long as the phone network insists on proprietary control over the user's device) this is also an opportunity to learn to say no to proprietary control and do without a tracker (and, yes, particularly given the context of this thread it is proper to call them 'trackers' and not 'cell phones' or 'mobile phones', names which help obscure the main reason organizations want users to get these devices and install apps in the first place).

This means no matter how much skill Android users possess Android users can't usefully investigate and fix the leveraged vulnerabilities themselves should they wish to do so or hire someone to do so on their behalf. The most they could do is write an exploit which demonstrates the bug, report the bug with the exploit program, and hope the proprietor takes corrective action. Upgrading to another version of proprietary software is no real fix as it could (at best) mean trading in fixes for these bugs in for other bugs the users are prevented from usefully investigate and fix. The user being rather helpless to improve their own situation or help their community all along the way. This is how proprietary (read: non-free, user-subjugating) software treats its users.

All complex software has bugs, proprietary OSes and apps are no exception, but as the GNU Project points out, "The difference between free software and nonfree software is in whether the users have control of the program or vice versa. It's not directly a question of what the program does when it runs. However, in practice nonfree software is often malware, because the developer's awareness that the users would be powerless to fix any malicious functionalities tempts the developer to impose some.". Since there aren't any free software tracker (none might be possible so long as the phone network insists on proprietary control over the user's device) this is also an opportunity to learn to say no to proprietary control and do without a tracker (and, yes, particularly given the context of this thread it is proper to call them 'trackers' and not 'cell phones' or 'mobile phones', names which help obscure the main reason organizations want users to get these devices and install apps in the first place).

This means no matter how much skill Android users possess Android users can't usefully investigate and fix the leveraged vulnerabilities themselves should they wish to do so or hire someone to do so on their behalf. The most they could do is write an exploit which demonstrates the bug, report the bug with the exploit program, and hope the proprietor takes corrective action. Upgrading to another version of proprietary software is no real fix as it could (at best) mean trading in fixes for these bugs in for other bugs the users are prevented from usefully investigate and fix. The user being rather helpless to improve their own situation or help their community all along the way. This is how proprietary (read: non-free, user-subjugating) software treats its users.

All complex software has bugs, proprietary OSes and apps are no exception, but as the GNU Project points out, "The difference between free software and nonfree software is in whether the users have control of the program or vice versa. It's not directly a question of what the program does when it runs. However, in practice nonfree software is often malware, because the developer's awareness that the users would be powerless to fix any malicious functionalities tempts the developer to impose some.". Since there aren't any free software tracker (none might be possible so long as the phone network insists on proprietary control over the user's device) this is also an opportunity to learn to say no to proprietary control and do without a tracker (and, yes, particularly given the context of this thread it is proper to call them 'trackers' and not 'cell phones' or 'mobile phones', names which help obscure the main reason organizations want users to get these devices and install apps in the first place).

Though Chromium and Firefox are free software, accessing www.twitter.com in Chromium or Firefox causes the browser to download and execute proprietary software written in JavaScript. How well does www.twitter.com work in Chromium or Firefox when JavaScript is turned off?

The context is "All of which are crap or a better open source alternative exists".

If you're referring to the use of the https://twitter.com/ web interface as a replacement for desktop Twitter clients, how well does that work with the browser set to run only scripts that are licensed as free software?

The real discussion is much more nuanced and scientific than "peer review is bullshit," but that blunt approach is appropriate for Slashdot.

I totally agree. The problem is even worse in free software than in real science. It is enough for a "reputable" developer to state that a given free software project is "superior" to another for most everybody accepting it on his word alone, even if the evidence shows that the opposite is true.