-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 12/06/2018 01:39 PM, Luke Kenneth Casson Leighton wrote:
On Thu, Dec 6, 2018 at 4:58 PM Paul Boddie paul@boddie.org.uk wrote:
Discussion can be had about the FSF criteria, of course, but since Luke is actually seeking such endorsement, the only thing that might be helpful for him is to indicate to him that various FSF concerns are now addressed in the more mainstream distributions, such as there not being random firmware binaries in kernel packages, and so on.
the RYF Criteria are extremely specific: it's not enough to have a non-free section that's "disabled", it must be *not possible* for an average end-user to *accidentally* end up installing non-free software by complete accident such as "running a GUI and arbitrarily clicking random buttons".
the absolute worst-case is where an inexperienced end-user, running e.g. synaptics, goes "i have no idea what this does, i'm just gonna click it" and it happens to enable the "non-free" section, happens to silently and happily perform an apt-get update, and wow, suddenly there's binary firmware available... all WITHOUT warning the user of the consequences.
the "convenience" scripts that download mstruetypefonts.
the "convenience" script that gets the latest adobe flash player.
the broadcom wifi firmware extractor scripts
my feeling is, here, that if aptitude, apt, synaptics and other apt front-ends added a simple warning dialog "hello you are adding the non-free section, this can have severe consequences as the source is not available for review", that would quite likely eliminate one of the FSF's major concerns.
Just a note, the only way to add the non-free section in Debian involves typing the word "non-free" into a particular spot on a text file, or if using the GUI interface, to edit the entry for the Debian repo to type "non-free" into the "Components" textbox in the "Edit Source" dialog box. So it's not really possible to accidentally enable the non-free repository. I honestly tend to disagree with the FSF's classification of Debian for this reason.
That being said, it's the FSF's rules, so Parabola is the only real option regardless of what one might think of the FSF's classification. And as for 32-bit MIPS... just outta luck, I guess, at least until an FSF-approved distro starts supporting it.
- -- Julie Marchant http://onpon4.github.io
Encrypt your emails with GnuPG: https://emailselfdefense.fsf.org