Conversation

Notices

1. Embed this notice
   Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 24-Mar-2023 12:48:26 JST Haelwenn /элвэн/ :triskell:

   • mdn
   @mangeurdenuage I guess that will be the death of Java.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 24-Mar-2023 12:48:22 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • mdn
     • :SOGG: ing
     @pedophilesoftwareinc @mangeurdenuage Except OpenJDK is owned by Oracle and we have never left the situation where we need IcedTea to build it as true libre software.
     And no up-to-date alternative implementations (which we actually need for bootstrapping from source).
     翠星石 likes this.
   • Embed this notice
     :SOGG: ing (pedophilesoftwareinc@cum.salon)'s status on Friday, 24-Mar-2023 12:48:23 JST :SOGG: ing

     in reply to

     • mdn
     @lanodan @mangeurdenuage more like a rise in openjdk uptake
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Friday, 24-Mar-2023 13:01:14 JST 翠星石

     in reply to
     @lanodan >see BSDs having to seek alternatives to GNU Software after GPLv3 relicensing
     Ah, the BSDs at it again, including proprietary malware and then complaining that they can't make derivative works of GPLv3'd works with the proprietary mess, rather than just not including the proprietary malware.
     
     I guess the BSDs can't help themselves but do everything possible to ensure the users don't have freedom?
     
     
     Actually, I'm not really sure if there are any actually used licenses, proprietary or otherwise that are compatible with the GPLv2, but not the GPLv3, so the re-licensing claim doesn't make much sense (maybe there are some licenses that wouldn't be compatible with the GPLv2 if it wasn't for a clause that stated the the GPLv2's terms win and that clause doesn't apply to the GPLv3, but the usage of such licenses are very rare and tend to be isolated).
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 24-Mar-2023 13:01:17 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • mdn
     • :SOGG: ing
     @pedophilesoftwareinc @mangeurdenuage And while Eclipse OpenJ9 might be a worthy alternative (Not sure why I didn't see it before), it requires copyright assignment.
     
     Which I consider to be inacceptable, even if it wouldn't become proprietary, as if you change to a completely different license, it can break compatibility with other software (see BSDs having to seek alternatives to GNU Software after GPLv3 relicensing).
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Friday, 24-Mar-2023 18:09:56 JST 翠星石

     in reply to
     @lanodan >otherwise Debian, Ubuntu, … would likely also be.
     Although Debian and Ubuntu contain proprietary malware, they mostly only merely aggregate separate software, so the issues with derivative works don't occur (until you open the Linux can of worms).
     
     >using a sort of monorepo for their base system, any kind of license incompatibility there is pretty fatal as it would force a re-licensing (that's what "viral" means).
     It took me way too long, but I think I figured it out.
     
     They want to keep all of the software they hold the copyright for under cuck licenses, so proprietary software companies can just take it and cuck them by making it proprietary and then using such software against them.
     
     It seems they actually want to be cucked - as they're deathly afraid of licenses that put a stop to such.
     
     
     No version of the GPL is a "viral" license, as no version "infects" separate software merely aggregated on say a file system.
     
     Rather, all versions are like a spider plant - if you decide to take a piece, it will grow and also form a barrier against proprietary degeneracy.
     
     
     >without someone like Theo de Raadt we would likely be with deeply proprietary device-software("firmware") and drivers
     I've read a few comments from Theo and it seems that he only cares about convenience - not actually about putting an end to proprietary software.
     
     It's not convenient for Theo if OpenBSD isn't permitted to distribute the firmware/drivers, or fix/workaround the most glaring bugs, if the license on the firmware/drivers doesn't allow for redistribution.
     
     As a result, Theo is quite happy if the manufacturer slaps most of the driver into some loadable firmware that runs on the hardware itself, as long as the license allows merely redistribution, as OpenBSD can then legally distribute such malware and OpenBSD can then implement the rest of the driver in a way that fixes most of the bugs.
     
     But, such setup does not give you freedom - it's proprietary software with merely permission to distribute the proprietary software and not much else.
     
     Of course, Theo uses "free" to refers to such proprietary servitude, even though the proprietary software isn't even gratis, as you paid for it as part of the cost of the hardware.
     
     
     We are indeed still with deeply proprietary firmware and drivers and such is getting more and more proprietary - although some freedom enjoyers have liberated some hardware (usually only when the hardware doesn't use digital handcuffs to prevent replacement of the software).
     
     
     >GPLv2 itself is already an example of that, it is incompatible with GPLv3
     It's impossible for a copyleft license to be compatible with a different copyleft license (aside from an upgrade mechanism) - otherwise the copyleft would have a hole big enough to drive a truck through.
     
     >the only reason shit didn't blow up is because most have "GPL2-or-later" licensing
     Yes, most freedom enjoyers have the sense to follow the recommended practice and license -or-later and then there's no problem.
     
     >which is comparable to dual-licensing except no one knows in advance what the later licences will be.
     Everyone does knows in advance what the later licenses will be:
     " 14. Revised Versions of this License.
     The Free Software Foundation may publish revised and/or new
     versions of the GNU General Public License from time to time. Such
     new versions will be similar in spirit to the present version, but
     may differ in detail to address new problems or concerns."
     
     Later versions will be a free software license that defends freedom in a way that's similar in spirit and this has happened with the GPLv2 and GPLv3 - why would the GPLv4 would be any different?
     
     If you are still worried that later versions will be different to freedom somehow there's always:
     " If the Program specifies that a proxy can decide which future
     versions of the GNU General Public License can be used, that
     proxy's public statement of acceptance of a version permanently
     authorizes you to choose that version for the Program."
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 24-Mar-2023 18:09:59 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • 翠星石
     @Suiseiseki
     > Ah, the BSDs at it again, including proprietary malware and then complaining that they can't make derivative works of GPLv3'd works with the proprietary mess, rather than just not including the proprietary malware.
     
     That's not why it's incompatible, otherwise Debian, Ubuntu, … would likely also be.
     The reason for BSDs comes down to them using a sort of monorepo for their base system, any kind of license incompatibility there is pretty fatal as it would force a re-licensing (that's what "viral" means).
     
     By the way, without someone like Theo de Raadt we would likely be with deeply proprietary device-software("firmware") and drivers (in fact two dramas were linux relicensing bcw/bcm43xx and ath5k) because linux just accepts those, even when not even freely redistributable, as you can still see today with the linux-firmware repository and the vast majority of distros preferring nvidia binary drivers.
     
     > Actually, I'm not really sure if there are any actually used licenses, proprietary or otherwise that are compatible with the GPLv2, but not the GPLv3
     
     GPLv2 itself is already an example of that, it is incompatible with GPLv3, the only reason shit didn't blow up is because most have "GPL2-or-later" licensing, which is comparable to dual-licensing except no one knows in advance what the later licences will be.
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Friday, 24-Mar-2023 20:21:06 JST 翠星石

     in reply to
     @lanodan >That is quite false. As seen in
     Yep, that was one article that I was thinking about, except it kind of proves my point instead of yours.
     
     "there is still the issue of no free re-distribution of the microcode" - as I mentioned, he regards proprietary software you have permission to distribute only to be "free".
     
     "Firmwares (like for instance on a Intel wireless card, or a such) are binary pieces of code that will run on the little processor that is on the wireless card. As an operating system, we need to load the code out to the card. To include a firmware in OpenBSD, we simply need a nice copyright statement from the vendor that lets us distribute the firmware." - he is happy to redistribute proprietary malware as long as the license lets him.
     
     "This is code that is expected to be linked against the operating system and run on the host processor. There are many problems with this. First off, can we trust the code to do what it should do? I don't think so. If there is a bug, can we fix it? No, as developers our hands are tied, and if our user community runs into bugs it just makes us look bad. Therefore when faced with the choice of supporting a device very poorly (as the blob would force us to) we instead choose to wait until we (or someone else) can reverse engineer it or." - his concern with proprietary drivers is not how they are proprietary, rather that such drivers are buggy and can't be fixed.
     
     >There is a difference between accepting free-dist device-software and not wanting to go against it
     Choosing to redistribute proprietary malware is directly supporting proprietary servitude, rather than not wanting to go against it.
     
     Remaining neutral on the topic would entail not redistributing such proprietary software.
     
     
     >Which is rather rare as digitally signing a software is very expensive, specially for peripherals.
     Digital handcuff mechanisms have been common since at least 2006 (before?), as doing so is relatively cheap and it's becoming more common.
     
     >I *hate* SecureBoot, I don't even get why GNU/FSF even accepts that garbage.
     The FSF doesn't reject the concept of a bootloader optionally implementing digital signatures for the kernels it boots just a long as the user is the one that can set the signatures.
     
     Mind you, the FSF doesn't accept restricted boot: https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot
     
     I don't like UEFI as it's a terrible way to boot things (I use grub as my BIOS), but I don't have a problem the concept of UEFI, just as long as the implementation is free software.
     
     >that doesn't protects them anyway given that you can cheat your way out via grub-shim and run malware.
     Ideally, a proper UEFI mechanism would allow you to clear out all the default root certificates that sign ??? and import yours only, which would fix that problem.
     
     >I'm not even sure SecureBoot can properly let the OS check that the boot-chain wasn't tampered with.
     It can't, but if an attacker has physical access, you're gone regardless.
     
     >Ever looked at the Mozilla Public License or the LGPL? Those are copyleft, sadly they allow proprietary software to use the code instead of requiring free software.
     Yes, those all versions of those licenses have holes big enough to drive a truck through, but they still aren't compatible between versions unless compatibility clauses are used to force compatibility, or if the truck sized holes are utilized.
     
     >I'm worried is contributing to software and using it to the point of heavily depending on it, and then being effectively forbidden to use it because of a relicensing I implicitly accepted.
     Why would you be forbidden from using existing versions of the software under the original license terms?
     
     No version of the GPL places restrictions on usage - you can use it in any way you wish - the terms only apply if you choose to redistribute with or without modifications.
     
     If some software is GPLv3-or-later licensed and upstream decides to upgrade to GPLv4-or-later, you always have the option to distribute copies of the software you already had under the terms of the GPLv3 and maybe even continue development under the GPLv3 if you wish.
     
     >Copyright assignment meant Oracle just threw the license out
     What do you expect from a license written by Oracle?
     
     Provided you don't infringe the terms, the GPLv2 and GPLv3 are irrevocable:
     - In the case that all copyright is assigned to one copyright holder, any attempt to terminate the license is null and void - the copyright holder can only choose to stop distributing the software themselves under the original license.
     - In the case that the copyright has multiple copyright holders, any attempt by a copyright holder to terminate a license when there is no infringement would be an infringement on the copyrights of the other copyright holders.
     
     >sure, relicensing a massive piece of software with asking consent of everyone takes a long time
     One a piece of software grows large enough, without prior arrangement, re-licensing it becomes impossible.
     
     After just a decade, some of the copyright holders are very likely to be almost impossible to contact or be dead.
     
     I would love to be proved wrong by someone getting every copyright holder of Linux to agree to license GPLv2-or-later, but that's not happening.
     
     >I'd rather have that than taking the risk of having a piece of software so complex everyone depends on it, suddenly being unusable because of the decision of one organisation that's borderline a fanclub of RMS (FSF) and one person (relicensing).
     A borderline fanclub? The church of Emacs isn't a mere fanclub.
     
     Just because upstream decides to release some software under slightly different terms doesn't change the existing copies of the software you have and the terms you have them under one bit.
     
     Usually you cannot trust organizations, but the FSF is one of the few organizations you can trust to make the GPLv4 similar in spirit, if it's required.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 24-Mar-2023 20:21:09 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • 翠星石
     @Suiseiseki
     > As a result, Theo is quite happy if the manufacturer slaps most of the driver into some loadable firmware that runs on the hardware itself
     
     That is quite false.
     As seen in https://web.archive.org/web/20130424125958/http://kerneltrap.org/node/6550 one of the things is wanting redistributable documentation (while Linux signs NDAs and might even just accept whatever passes code review from vendors themselves) and being aware that proprietary device-software is a security issue.
     There is a difference between accepting free-dist device-software and not wanting to go against it, of course FSF/GNU doesn't makes that difference, together with forgetting that devices can be freed.
     
     > usually only when the hardware doesn't use digital handcuffs to prevent replacement of the software
     
     Which is rather rare as digitally signing a software is very expensive, specially for peripherals.
     
     Speaking of which, I *hate* SecureBoot, I don't even get why GNU/FSF even accepts that garbage.
     And of course some cryptonerds being all rejoicing at an horribly flawed implementation that doesn't protects them anyway given that you can cheat your way out via grub-shim and run malware.
     I'm not even sure SecureBoot can properly let the OS check that the boot-chain wasn't tampered with.
     (Meaning CoreBoot + tamper-evident tape/paint is the actual thing they want)
     
     >It's impossible for a copyleft license to be compatible with a different copyleft license (aside from an upgrade mechanism) - otherwise the copyleft would have a hole big enough to drive a truck through.
     
     Ever looked at the Mozilla Public License or the LGPL? Those are copyleft, sadly they allow proprietary software to use the code instead of requiring free software.
     
     > If you are still worried that later versions will be different to freedom somehow there's always
     
     The part I'm worried is contributing to software and using it to the point of heavily depending on it, and then being effectively forbidden to use it because of a relicensing I implicitly accepted.
     In a way, OpenSolaris death gave me two licensing pains that likely will never forget:
     - Copyright assignment meant Oracle just threw the license out, that's the biggest pain of all
     - Linux distros had either no support of garbage support for ZFS, the most resilient filesystem out there among other qualities, mostly because of the CDDL being libre software but GPL incompatible
     
     And sure, relicensing a massive piece of software with asking consent of everyone takes a long time, but I'd rather have that than taking the risk of having a piece of software so complex everyone depends on it, suddenly being unusable because of the decision of one organisation that's borderline a fanclub of RMS (FSF) and one person (relicensing).