On 11/01/2015 05:04 AM, Jorge Araya Navarro wrote: > But there is no fundamental difference between partnering or not partnering, > the issue is the same, > there is a use of a "nonfree service" (or whatever that phrase wants to mean) > being promoted and its > "nonfreeness" (to put it in some way) of the service doesn't not change > because developers did no > partnering with the Big Brother, adding the fact that no free software have > been installed in my > laptop in order to use Firefox Hello or the social directory (or whatever its > name is), the thing > done to remove this so-called "nonfree" feature was changing some javascript > in a file called > vendor.js.
I agree with you that saying "nonfree service" was very stupid (and I apologize for that but in my defense, it was night here!) but you get what I meant - who knows what the hell TokBox is? (I just think it's funny that they call their proprietary platform "OpenTok"). The only way we can trust a server is to inspect its memory as it is running, because otherwise even if it's running a free program it might as well run other programs (even free ones) that collect user data from logs (or even memory) and send them somewhere. And even if we were able to do that, we would have to be able to disassemble the programs in memory to make sure they are what we think they are and without physical access to the physical hardware, it still would be easy to trick users. Moral of the story: on the web, you are going to trust someone eventually. It's either other people in peer-to-peer or some server in client-server. All we can ask is to choose what services to trust, and Firefox Hello does not offer that option because it's sneaked in a completely unrelated program, a web browser. I'm not against programs like Pidgin, because the choice is left entirely to the user and it doesn't actively recommend any protocol over the other. Pidgin claims to be a "universal chat client" and what they do is reasonable. Is Firefox a video conferencing program? > Using the same logic, we should blacklist half Internet (or shipping EFF's > Privacy Badger by default > with Iceweasel and IceCat, at least) because they promote "nonfree services" > like Facebook and > Twitter as content-sharing platforms, but no, we had to ban a feature that > works as an excellent and > more practical alternative to Skype. That doesn't sound like the same logic to me. Users should have the freedom to make their choices. If Firefox Hello were the only way to replace Skype, I would agree with you, but it isn't. Trying to replace Skype is noble and all but I call bullshit on the nobility of their efforts - they saw a chance to partner with a big company and they took it. If they really wanted to replace Skype, they would have collaborated with the community and let a trusted entity (like the EFF or the FSF) run the service. > If the feature don't require proprietary software to run on user's machine, > but it may rise a > privacy concern, then the feature should be disabled in a package put on > Nonprism repo, is that > simple, otherwise we may fall in the slippery slope. I think that in this case there might be another solution: explain to users in the post-install message that the browser optionally relies on an external service which might violate user privacy, and if it's possible during the first time the program is launched as well. _______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
