[Arm-netbook] eoma68-jz4775 x-ray pictures

[Luke Kenneth Casson Leighton]

On Fri, Apr 29, 2016 at 1:25 PM, Manuel A. Fernandez Montecelo
<manuel.montezelo at gmail.com> wrote:
> Hi,
>
> (probably a mistake to add to this thread, but... hey, it's Friday).

 no problem manuel :)

> 2016-04-29 11:55 Luke Kenneth Casson Leighton:
>>
>> the hardware situation is: there's no proprietary firmware required.
>> period.
>>
>> the software situation is: in debian, a nonfree repository is easy to
>> add, and is possible - and convenient - to add by default during the
>> installation as well as during normal operation [see preamble sentence
>> above about not reading into this as being "disrespectful" in any way:
>> it's just stating the facts].
>
>
> You are probably right that the FSF will not certify products with
> Debian enabled, but your examples are incorrect, it's not easier to
> install non-free software in Debian than in FSF-blessed distros.  (But
> again, you are right that FSF might use the same examples as an excuse).

 please: be respectful.  i don't want to hear the word "excuse"
applied to anyone.

 right.  ok, it's important to qualify what's "easy" - easy for whom?

 you and i, yes it's easy.  i run fvwm2, and most of the programs i
start up (including firefox) are done by opening an xterm and typing
"firefox".

 however it's very very important to note that when considering an RYF
Certification, the FSF will do it from the perspective of an *average
end-user* - not you or i.  and that's a completely different analysis
criteria.  they will go "is it easy for my *grandma* to install
non-free software with this OS on this hardware?"


> Since the alternatives that FSF recommend and bless are something like
> Trisquel or gNewSense, which are based on Debian (or Ubuntu?),

 trisquel's based on ubuntu 8.04, and hasn't moved since.  gNewSense
is debian, and they appear to have used debian, but went for a much
more comprehensive "rebranding".  i'm interested in doing the minimum
required amount of work here.

>  it's
> similarly trivial for any user to enable non-free repositories or
> install non-free software directly in their hypothetical RYF-cerfitied
> computer with some Debian/Ubuntu-based and FSF-blessed distro -- using
> non-free or Ubuntu repositories directly in Trisquel/gNewSense, for
> example, or grabbing the packages from them and installing by hand, or
> even compiling from upstream's repos (I have many non-specially-savvy
> friends who do this).

 cool.  that's actually very useful to know... but i woudn't count
even your friends as being average-end-users.  think "grandma" or
"busy secretary in an office".  the kinds of people where, if
something snowballed to a million or a hundred million end-users, the
actual number of people installing non-free software would still
remain well below the 0.05% mark.

 where the FSF *really* has to get paranoid and concerned is if, say,
the number of people using Trisquel or gNewSense and then installing
non-free packages hit, say... 20% of the total number of users.  if
*that* happened then they'd start reconsidering.


> If Trisquel/gNewSense are based on Ubuntu rather than Debian, and users
> go to Ubuntu's forums to get help (if their distro it's just Ubuntu with
> the non-free bits removed, it would be the natural place to go), and
> decide to enable the Ubuntu repos or others (SteamOS, ...) rather than
> Debian, they possibly have even more chances to use more non-free
> software than if they restricted themselves to Debian's non-free repos
> (which after all don't have lots of "non-free software" as most people
> understand it, e.g. proprietary games).
>
> It's also similarly trivial for them to got to some communication
> application website (let's call it Spyke), see that there's a version of
> Spyke for Debian/Trisquel/whatever, download the .deb and install with
> dpkg, which all of these distros provide.

 that's fine, because it's outside of the remit of the company that
got the RYF Certificate.  skype is *not* in a GNU repository, or in
the debian repository, or in any repository at all.  it's not
GPG-signed by the debian team, it's certainly not GPG-signed by the
FSF, so would definitely be considered to fall into the "feel free to
do what you like but don't call us for tech support" category.

 however: about the forums bit - yes, that's a risk that they'd just
have to take, and in some ways it's good that gNewSense uses debian
already, because it's set the precedent.

>
> ...now, for all of these cases I assume that people enabling those
> repositories are not mislead/tricked into installing non-free software,
> and that they are not idiots, which sometimes seems to me that it's the
> condescending view of FSF to treat Debian in that way while blessing
> Trisquel/gNewSense.

 there's a level of separation between Trisquel/gNewSense and the
original debian and ubuntu, in terms of them being entirely separate
web sites, as well as having people have to jump through "unofficial
hoops", and separate archive mirrors which are again, on a totally
different domain name.

 i don't really like to use the words "idiots" - let's call them
"average end-users" instead (examples include "grandma" or "busy
secretary" or "7-year-old" or "49-year-old farm mechanic and cattle
breeder")

 average end-users simply cannot cope with the "jumping through hoops"
- they haven't got time.  if they really need to, they'll go buy a
windows PC.  or a mac.  and that's fine.  we're not catering to them,
and neither is the FSF.


> In your example of "synaptic", if they have to enable non-free repos
> explicitly, they are not doing it unknowingly.  The fact that somebody
> may install synaptic (as in your example) already indicates that they
> know what they are doing and what they want to achieve.

 given that you're not making the distinction between "competent
people capable of and having the time to follow clear instructions"
and "average end user", i believe that the point you make here is
referring to the former category only, so would not apply.


> Like Phil, I believe that the problem that users are trying to solve by
> installing those pieces of non-free software is that they need the
> firmware to enable the hardware that they have (possibly recycled from
> their family, not an option to buy new one), or need to use Spyke
> temporarily for a job interview / university application / talk to their
> uncle in Taiwan before arranging a visit (the alternative that the
> company or university are going to offer is not to use a free
> communication tool, but to ignore the applicant), or use some non-free
> software for their tax-returns (or otherwise possibly face huge fines or
> jail).

 that's fine: we are not catering to, targetting, or in any way
interested in selling to such users.  so apart from mentioning such
users as an aside, it is not necessary to include such people in any
plans.


> So in summary, if the users are conscious about the non-freeness, they
> will do the possible/reasonable to avoid it whether they use Debian or
> FSF-blessed ones; and if they don't care, they can circumvent it as
> easily in FSF-blessed distros and in Debian.

 again: you haven't specified the ability or the amount of time that
"they" have, in this paragraph.  see above.


> But again, yes, probably you will not pass RFY filter if you use Debian
> with that name.

 again: this is a follow-on conclusion from a set of criteria that
were not clearly expressed.

>
>> an RYF Certification is therefore only possible if:
>>
>> (a) the software source code is entirely libre, right down to
>> power-up (boot time) of the hardware.
>
>
> Debian is, by default.
>
>
>> (b) the installation of proprietary software, whilst *NOT*
>> prohibited, must at the very least not be made "convenient".
>
>
> 'wget spyke*.deb && dpkg -i spyke*.deb' convenient enough in all the
> alternatives to Debian   :-)
>
> (even easier to install than your example with synaptic)

 again: you're assuming that the person is competent enough to work
that out on their own.  you are competent to do that: i am competent
to do that.  your _friends_ are competent to do that.  however we are
specifically talking about the people who are *ACTIVELY AFRAID* to run
a command prompt, or are otherwise extremely irritated or annoyed to
have to contemplate it, or just plain haven't got a clue what a
"command" is, let alone a "prompt".

 do you understand and appreciate the difference, here?


>
>> (2) to move the nonfree archive GPG key into a separate package, which
>> is then not installed.  this again satisfies FSF criteria (b), above.
>
>
> My example above (dpkg) doesn't check gpg signatures, and it's trivial
> to ignore them in apt (--allow-unauthenticated) or other installation
> tools.

 again, you are talking about people who are competent with and not
afraid of typing commands in case they do harm to their computer and
lose all their files by doing something that they have *no idea* of
the consequences.

 they see the words, but it is completely meaningless to them.  the
only reason i can get my non-technical friend to type commands over
the phone (which takes an hour out of my day) is because i've known
him all my life, and he trusts me.  without my help he'd be absolutely
stuffed.  he's a plumbing and mechanical engineer.

 you - and your friends - have the ability to logically deduce meaning
from results.  most people in the world have *absolutely no clue*, and
absolutely no faith in computers.  viruses have stolen their bank
account contents: why should they *ever* trust computers.... and
you're talking about running a *command*????

 no.

 think at their level, from the perspective of someone with zero
knowledge.  *that's* whom we have to consider.  you and i - and your
friends - are extremely lucky, believe me.


>> this basically satisfies and respects the both the Debian Charter and
>> the FSF's requirements, without implying any disrespect for either.
>> what is STILL POSSIBLE for an end-user to do is as follows:
>>
>> (3) at any time, an end-user MAY still install that [hypothetical]
>> keyring for the nonfree archive.  it will be slightly inconvenient.
>> lots of steps will be needed, such as maybe even downloading a dpkg
>> and running as root, and following written instructions.
>>
>> (4) once that package is installed, they will then need to edit
>> /etc/apt/sources.list - by hand.  this, again, will be slightly
>> inconvenient - and to add "nonfree" to the sources.list debian archive
>> line.
>>
>> this "inconvenience" is an extra hoop which i believe would help
>> satisfy the FSF's criteria in a respectful way whilst, critically, NOT
>> actually preventing the end-user from doing it in the first place.
>> and that, i believe, would mean that it also satisfies and respects
>> the *Debian* Social Charter, because it's not actually stopped
>> end-users from doing something that they want to do.
>
>
> See above, no necessary to go through these hoops at all.

 if the entire world of computing users were as competent as you, i
and your friends, you would be absolutely right.


> Your example of synaptic and stuff also needs running as root.

for the average person, that's total shit-scared pants-wetting
territory.  it's where, on windows, you hear about how viruses get
"Admin".  in the minds of the average end-user, it's a massive
barrier, just from all the bad publicity from windows and now macs
which get hit by phishing attacks and so on.

 have you ever installed GNU/Linux on a windows user's computer?  i
did so for one person.  coincidentally, their daughter had visited
during that week.  a virus attack destroyed the windows partition
because their daughter had brought in a virus on a memory stick.  the
blame for destroying the OS was placed firmly on the installation of
Debian GNU/Linux.  this was even after their son patiently explained
to them in non-technical terms that it was flat-out impossible to
occur, which the father completely ignored.  so, ironically, rather
than use the Debian GNU/Linux installation to carry on using the
hardware, they went without any computing resources for over a week.

 this type of faulty logical reasoning is rampant amongst
non-technical people.  they *genuinely* believe that it is their fault
when something goes wrong, so are completely afraid to do anything -
to experiment, to tinker and to step outside of the box.

 and who can blame them when they've been conditioned by decades of
abuse from mass-volume monoculture software weaknesses?

 so yes.  *please* think from the perspective of the target audience -
average end-users - not from your own personal perspective of
technical expertise.  i see that mistake being made a lot here on this
list.

l.