There is a reply to this message where I also share the contents that people shared with me, which is was sent for review to the mailing list administration due to the size of the content --- that's perfectly fine, better safe than sorry. ;)
Anyways, while that message doesn't come, here is the message I would send to the organizations involved. --8<---------------cut here---------------start------------->8--- This message can be passed on to the organization involved. I have read the files attached. The page numbers reported in this message are based on the ones reported by the document viewer, not those displayed in the document. I do agree with page 6 of the "Trustworthy tech partners --- 2017 handbook" when it mentions reusing "appropriately licensed code" as good practice. However, I also share the same concern raised by others in the parent thread. Software and other functional data is it self so important to society, and at the same time somewhat trickier subject that is very hard for the end-consumer to inspect by himself and also to switch to another "solution" if one takes into account that there are other forces that may help keep the not-so-good situation. Stablishing a "trust mark" requires using a "fake client" approach to do detailed evaluation of the product periodically. For such a fast change in functional data, we have projects such as the Free Software Directory ([1]), evaluators for free/libre system distributions ([2]), the maintainers of the GNU Linux-libre scripts ([3]) --- which remove non-free parts of Linux (the kernel) ---, the contributors to the list of computer parts that require non-free software ([4]), the editors of the list of software and packages that do not respect the guidelines followed by [2] (see reference [5]), and the various evaluators inside the various projects for free/libre system distributions ([6][7]). Now, if one talks about physical/tangible products that already provide functional data inside (built-in, with no requirement for Internet access), then although the problem and requirement for periodic evaluation, the release of the physical product is slower compared to the software and other functional data. So a "trust mark" for these is somewhat easier to set, although care still must be taken so that the mark isn't used for advertising without permission. One can see the evaluators that test for Respects Your Freedom certification compliance ([8]) as an example of "trust mark" verifiers for such physical products. There is also the testers of h-node ([9]) --- which review if computers/devices and parts are at least friendly to free/libre system distributions, although the approach provided by h-node isn't sustainable because it leaves the end-consumer as a hostage to the "good-will" of the manufacturers and local providers. Besides, it's already known that simple reuse of "correctly licensed" things isn't enough if the original project isn't also free/libre and if it isn't to keep the resulting work free/libre, preferably through strong copyleft licenses such as the latest version of both GNU GPL and AGPL, with "or later"/"+" option --- and most importantly: compliant with these licenses ([10]). Lack of observation of this issue can lead to issues that affect all the environmental, social and econimic pillars of sustainability, common cases include the non-compliance of some device manufacturers that provide their own custom copies of Android wrapped in Restricted Boot, which forbids the end-user to reuse/use an adaptation that a person made even when person's perfectly able to "sign" per own adaptation as trustworthy ([11][12]). This, combined with the presence of non-free software in the custom copies, causes the perception of need to change device more often. Now, if one wants to talk about "web services" or "apps", all of those deserve to be taken with a grain of salt, because they might not be sustainable. In the case of streaming, most of the times it's done in a way such that you can't get an exact copy of the media easily ([12]), and the provider doesn't follow any completely "open" standard that allows other place/website to make exact and complete copies of the content in order to also be a provider of it (and related things, such as comments, likes, etc.) ([13][14]). Simply put: the streaming provider would be the central provider, one greedy attempt from him, or other issues, and any content can be changed or vanish. Projects like GNU MediaGoblin and the ActivityPub/ActivityPump standard (in process of standardization) are an attempt to address this. The same notes for streaming is valid for social networks and communication technologies. In the first case, ActivityPub comes as important again, together with Diaspora, Pump.io, GNU Social and Mastodon --- if I'm not mistaken, ActivityPub is supposed to integrate all theese within themselves and GNU MediaGoblin. For the second case (communication technologies), XMPP/Jabber (with all extensions enabled by the service provider and the client application being used) and emails --- yes these ones, preferably shifting the recommendations to favor independent small local providers (not the bigger ones) and those which provide at least POP3 and SMTP access to everyone, or at least IMAP and SMTP access (also to everyone). For this entire paragraph, see the references [13][14][15]. As for the online or "app-based" payments, it's also a mess. GNU Taler provides ways for standardization ([16]), allowing payments or donations in any currency and requiring less computing power/energy than blockchain --- thus, it will be in compliance with the future Regulation (EU) 2016/679 (GDPR), which requires privacy by design and data minimization for all data processing in Europe after 25/05/2018 ([16]). There's always the problem with websites that make the visitor's/guest's web browser run non-free software automatically (generally done through JavaScript). This results in privacy and accessibility problems ([17]), and either the website is made without JavaScript, or these are liberated --- this can be tested with GNU LibreJS ([18]). Unfortunatelly, its not yet common for website designers and programmers to free/liberate their JavaScript. Finally, all of this should be taken into account in the case of public procurement, so it would be a good idea to have a step to differentiate each of these items from those related to functionallity. So that the items mentioned here weight more in favor of those who comply than those who don't, that is: simple "+1" points might not be enough if all the other items also give "+1". Respectfully, Adonay. [1] <https://directory.fsf.org/wiki/Main_Page>. [2] <https://www.gnu.org/distros/free-distros.html#NewDistro>. [3] <https://www.fsfla.org/ikiwiki/selibre/linux-libre/>. [4] <https://libreplanet.org/wiki/LinuxLibre:Devices_that_require_non-free_firmware>. [5] <https://libreplanet.org/wiki/List_of_software_that_does_not_respect_the_Free_System_Distribution_Guidelines>. [6] <https://www.gnu.org/distros/free-distros.html>. [7] <https://www.gnu.org/distros/free-non-gnu-distros.html>. [8] <https://www.fsf.org/resources/hw/endorsement/respects-your-freedom>. [9] <https://h-node.org/>. [10] <https://copyleft.org/guide/comprehensive-gpl-guide.pdf>. [11] <https://media.libreplanet.org/u/libby/m/embracing-secure-boot-and-rejecting-restricted-boot-matthew-garrett/>. [12] <http://audio-video.gnu.org/video/2015-10-24--rms--free-software-and-your-freedom--seagl--speech.ogv>. [13] <https://media.libreplanet.org/u/libreplanet/m/christopher-webber-federation-and-gnu-2b47/>. [14] <http://cdn.media.ccc.de/congress/2015/webm-hd/32c3-7403-en-de-A_New_Kid_on_the_Block_webm-hd.webm>. [15] <https://media.libreplanet.org/u/libreplanet/m/the-surreptitious-assault-on-privacy-security-and-freedom/>. [16] <http://cdn.media.ccc.de/events/eh2017/webm-hd/eh17-8471-eng-Taler_-_Talk_webm-hd.webm>. [17] <https://media.libreplanet.org/u/libreplanet/m/the-surreptitious-assault-on-privacy-security-and-freedom/>. [18] <https://media.libreplanet.org/u/zakkai/m/javascript-if-you-love-it-set-it-free-54ab/>. --8<---------------cut here---------------end--------------->8--- Andres Muniz Piniella <[email protected]> writes: > So they have had an open page open for comments and they are going over the > first draft. Hopefully we are not late to the party this time. > > They have an open document where they accept input. I have done my bit, but I > really don't have a completely full understanding of free software as many of > you here. > So please comment: > https://docs.google.com/document/d/1bAScKd1eIKgPX3T8nXOkwbB2h8GC01SUP_du3O7H7oU/edit#heading=h.exstkxcrxuof > > > Sorry that they are currently using googledocs, but I guess that is something > we can address later down the line. -- - https://libreplanet.org/wiki/User:Adfeno - Palestrante e consultor sobre /software/ livre (não confundir com gratis). - "WhatsApp"? Ele não é livre. Por favor, veja formas de se comunicar instantaneamente comigo no endereço abaixo. - Contato: https://libreplanet.org/wiki/User:Adfeno#vCard - Arquivos comuns aceitos (apenas sem DRM): Corel Draw, Microsoft Office, MP3, MP4, WMA, WMV. - Arquivos comuns aceitos e enviados: CSV, GNU Dia, GNU Emacs Org, GNU GIMP, Inkscape SVG, JPG, LibreOffice (padrão ODF), OGG, OPUS, PDF (apenas sem DRM), PNG, TXT, WEBM. _______________________________________________ Discussion mailing list [email protected] https://lists.fsfe.org/mailman/listinfo/discussion
