forums, mailing lists and other tools

Fri Jan 19 05:04:03 UTC 2018

On Thu, Jan 18, 2018 at 07:27:19PM +0100, Carsten Agger wrote:
> Technically, with browser plugins, if the JavaScript is available in a
> non-minimized form, it /is/ possible to modify it as it runs in your
> browser. If you interact with a number of specific sites, you could even
> program these modifications in your own plugins.

This would cover Freedom No. 3.

It would even cover it badly, because the site might require you to update the
script anytime to function any further. You could only do this for known
scripts, keeping up with all the modifications around would be an overwhelming
task. This bares no comparison with actual document standards, where viewing a
new document does not require a software update.
It leaves the task of reviewing arbitrary changes and keeing up with authors
decision to the user, who is forced to either keep up, or become unable to use
a site. The relation of dependence here is fundamentally different, from what
we are used from desktop software, and...

> So in that way I don't see how JavaScript collides with the Free Software
> Definition if it's under a free license. Of course, it should be that -
> releasing software under a non-free license is never morally acceptable.

The relation of dependence is also fundamentally different from what we expect
Free Software Licenses to provide in a classic case. Those licenses do not do
in relation to browser side scripting, what they usually do in relation to
software running independently from a service.

> And note, with this I'm only defending JavaScript for building user
> interfaces, which I think is far too powerful a tool to be discarded;
> generally, the Web is far too powerful a technology to be discarded.

I believe this is a great misunderstanding. Scaling websites to different
screen sizes, building menues, building responsive dialogs, play video, etc.
does not require the use of JavaScript. For building user interfaces it is
simply a sign of bad quality. Web standards to enable those features have been
around for at least half a decade, and are nowadays well supported by
browsers. Yet websites are increasingly forcing users to enable JavaScript for
the most mundane features, just to remain usable. Many web services associated
with Free Software make no exception, and are in my view a big part of the
problem.

> With this, however, I'm not defending tracking & advertising JavaScript - my
> personal hope is that Internet advertising dies, and I don't care at all if
> it takes Google etc down with it.

It is not just advertising anymore, and it is not going to die anytime soon.
Unfortunately it is perfectly legal to pack any number of antifeatures into a
Program under a Free Software license. Free Software was meant to prevent this
arrogance by software authors, yet as a Free Software community we have grown
accustomed to letting it slip, especially on the web.

> > Furthermore, strong separation of the browser from the rest of the system,
> > even if it were possible, hardly leads to a gain where this browser and the
> > websites I visit are the focus of my work.

> Aren't we all in some way depending on the Web for our work these days?

My point exactly. The idea of a "sandbox" is, that within its boundaries a
system can be allowed to do any damage, and it should not affect our work
outside this sandbox. Yet when our work happens within the sandbox in the
first place, "sandboxing" becomes ridicoulous as an excuse for running
untrusted software.

> I mean, those of us who work in software. The separation is a good idea
> because we hope the sandboxing can protect us from the potentially malign
> effects of software originating from other people's computers. The
> alternative would be to only visit sites we have reason to trust or only
> have passive HTML pages.

HTML pages need not to be passive in any way, and to provide a service with a
dynamic website it is still not necessary to execute programs on a users
computer.

> The first of these alternatives is kind of infeasible (because why *would*
> you trust your bank, airlines, travel agencies, grocers etc.,
> indiscriminately, together with all of their employees),  and the second
> doesn't appear to be necessary - and as I said, I see many advantages in
> being able to construct software with JavaScript.

My argument goes not against JavaScript as an application language. It is as
good a programming language as any, and can be suitable for applications which
are installed and run by a user as such.

My argument goes against contrabanding applications as documents for no good
reason at all. The web as a library of interlinked documents is too powerful a
technology to be discarded to the mindset of software authors viewing
themselfes as patron and minister over consumers.

-- 
Paul Hänsch                     █▉            Webmaster, System-Hacker
                              █▉█▉█▉                                  
Jabber: paul at jabber.fsfe.org    ▉▉     Free Software Foundation Europe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20180119/a42f6aeb/attachment.sig>