Dear Ivan, thank you for your detailed analysis, in which you obviously put much effort. If hope it will be awarded by a clear statement by the maintainer where he sees the future of IceCat.
Best regards, Dimitris Am Mittwoch, den 14.10.2015, 16:43 -0700 schrieb Ivan Zaigralin: > First of all, thanks for fixing the spyblock bug where custom filters > would not work. I've got zero feedback when I reported it, so it was a > pleasant surprise. > > Get ready for another angry rant. Once again, I yell because I care, > because I believe users must have an alternative software source to > Mozilla, which is now not to be trusted, and icecat is pretty close to > an optimal answer. I am a long-standing user and also a maintainer of > the SlackBuild, which is a source-based distribution way in Slackware > derivatives, so please take my frustrated yells as signs of <3 > > OK. > > There is a reason, I think, why users like maestro curse at this project > and its maintainers every now and then, and here's what I think is the > problem. Please note I am not at all endorsing or excusing the that kind > of trolling, but I really wish that devs would stop for a second and > look at the likely causes of the obvious user frustration. > > In my humble opinion, the priorities need an adjustment. One of the > HIGHEST priorities for web browser users is staying on top of the > security patches, so every time the concern for the "new features" > results in skipped releases, the users are gnashing their teeth and > thinking about jumping ship and just customizing the heck out of the > stock Firefox. The official goal #1 is to produce a FREE browser, but > this goal is in jeopardy whenever the browser falls behind, since it > almost ENSURES that MANY users will be running non-free software such as > viruses and trojans, and that WITHOUT even knowing. > > On the technical side, I want to bring up once more what I see as a very > mistaken move, which is the inclusion of addons. I hope to convince if > not the devs than at least other package maintainers like me, who > prepare icecat for distribution within a paricular OS. Starting with > this release, I am cutting all the addons, and I strongly urge all the > involved parties (including devs) here to do the same. I am doing this > precisely to improve the user experience and to make icecat and its > signature addons more popular, and here are some reasons why including > addons is a REALLY BAD idea. > > (1) Since gnuzilla does not test addons and occasionally gives silent > treatment to bug reports in addons, including the ones produced > in-house, it should not distribute them. A common pattern seems to be > when users install icecat, they immediately run into an addon bug, and > give up. Here's my experience with a 38.3.0 and a VIRGIN profile: > duckduckgo does not work, asks to turn on javascript. I check settings, > javascript is on. This is already a show-stopping bug. I check LibreJS > (and how would a NEW user know that?), enable all that page, it reloads > and... still DOES NOT WORK, it's blank. I check librejs again, > everything is enabled. I try google maps, and the outcome is exactly the > same. Yes, maestro is a troll, but I think his emotional state is a > perfectly predictable consequence of the browser JUST NOT WORKING. > > (2) Addons were intended to receive security updates independently from > the browser or the OS, but when we package icecat into GNU/Linux > distributions, the pre-added addons end up in the distro channel, so > they update only when users get around updating the OS. This is > suboptimal. The only addons which belong in the OS channel are the > OS-related addons, such as "Ubuntu Integration" or whatnot. Everything > else must go. Then there are users who get icecat directly from > gnuzilla, and they get addon updates only when they get around updating > the browser, which is slightly less bad. But the lazy release schedule, > which seems to be the norm, confounds this problem a lot. > > (3) Why does gnuzilla think they know best about which addons user > should run? What if I want to run a different fork of adblock, not the > spyblock? Not many users know these forks are INCOMPATIBLE, so > installing a different blocker will break things. In effect, gnuzilla is > forcing its users to maintain gnuzilla's faulty package, as if users > didn't waste enough time maintaining addons they themselves installed. > > (3.1) Forgive me for being blunt, but whose bright idea was it to > distribute blocklists along with spyblock? Do you realize you are > censoring the web without asking for explicit consent? Notice that good > adblockers (the addons themselves) do not do that, because USERS are the > only ones in the position to decide what is an unwanted ad. They offer a > choice of blocklists upon install, and taking this step out is meddling > edging on censorship. > > (3.2) LibreJS in particular is basically nagware. Ostensibly, it should > help users to nag at web designers, but all it actually accomplishes is > nagging the users. As I explained before, it is 0% effective, since it > cannot possibly check whether javascript code is free. The only good way > to check that is to (a) authenticate the script source (b) check it > against the list of authorized free software sources. What makes THAT > script likely to be free is the tendency of users to put their trust in > ethical software sources such as FSF, Trisquel, FreeSlakc, etc. The > presence of a license boilerplate has not a JACK to do with ANYTHING, > and I frankly cannot believe this useless addon is still being bundled. > > So here is a specific proposal: > > (i) All currently bundled addons should go into the common directory, > none should be installed by default. Until this is done, the browser > will be bloated and unstable, and curses will fly thick. This will also > free the devs' hands to work on the long-neglected goal of making new > releases prompt and secure. > > (ii) Even in the addon directory, no adblocker should be bundled with > blocklists. > > (iii) The free addon directory which shows up at about:addons should > contain a simple "get started" list saying which addons are essential > for user freedom and why, and (IMHO) this list should omit LibreJS until > it's shown to do something useful. > > On 10/12/2015 09:05 PM, Rubén Rodríguez wrote: > > GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the > > GNU version of the Firefox browser. Its main advantage is an ethical > > one: it is entirely free software. While the Firefox source code from > > the Mozilla project is free software, they distribute and recommend > > non-free software as plug-ins and addons. Also their trademark license > > restricts distribution in several ways incompatible with freedom 0. > > https://www.gnu.org/software/gnuzilla/ > > > > The user manual pages are at http://libreplanet.org/wiki/Group:IceCat/ > > You can contribute by joining the wiki and editing the manuals. > > > > Source tarballs, binaries for generic GNU/Linux systems and translations > > are available at http://ftp.gnu.org/gnu/gnuzilla/38.3.0/ > > GPG key ID:D7E04784 GNU IceCat releases > > Fingerprint: A573 69A8 BABC 2542 B5A0 368C 3C76 EED7 D7E0 4784 > > https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=gnuzilla > > > > This is a major release upgrade following the Extended Support Release > > upstream cycle, moving from v31.x-ESR to v38.x-ESR. All the features in > > previous releases have been preserved, along with extra polish and > > improvements in privacy. > > > > == Changes since v31.8.0-gnu2 == > > * Rebased to v38.x > > * Updated to v38.3.0ESR > > * LibreJS updated to 6.0.10.20150620 > > * HTTPS-Everywhere updated to 5.1.1 > > * HTML5 Video Everywhere updated to 0.3.3 > > * Added more privacy settings and crypto hardening > > - Disabled battery handling in dom > > - Disabled sensor handling in dom > > - Disable face detection and autofocus controls > > - Disabled DNS prefetch > > - Disabled ssl/tls protocols that are useless or too weak > > > > > > > > -- > > http://gnuzilla.gnu.org > > > > -- > http://gnuzilla.gnu.org
signature.asc
Description: This is a digitally signed message part
-- http://gnuzilla.gnu.org
