Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
GNU is Not Unix Google Software Technology

FSF Suggests That Google Free Gmail Javascript 413

Phoe6 writes "Apparently, FSF is calling it a 'JavaScript Trap' and wants 'useful websites' such as Gmail and others such as Twitter, Facebook to release their JavaScript code under Free Software License so that users can trust their service."
This discussion has been archived. No new comments can be posted.

FSF Suggests That Google Free Gmail Javascript

Comments Filter:
  • In other news.. (Score:3, Insightful)

    by LordStormes ( 1749242 ) on Thursday March 31, 2011 @02:10PM (#35681086) Homepage Journal

    FSF wants Windows, Office, Photoshop, and everything else to be free. That's their job. People need to be able to make money on software, or large corporations won't invest in it. That's why FOSS-friendly companies like Sun are going under and being snapped up by profit-hungry pricks like Larry Ellison. Film at 11.

    • Re:In other news.. (Score:5, Insightful)

      by betterunixthanunix ( 980855 ) on Thursday March 31, 2011 @02:13PM (#35681120)
      Well, except for Red Hat, which last I checked was neither being bought out nor in any financial trouble.
      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Thursday March 31, 2011 @05:16PM (#35683410)
        Comment removed based on user account deletion
        • ...yet thanks to the "Free beer!" brigade nearly 30% of the web servers are running not RH but CentOS...

          RH doesn't mind CentOS -- the people who run CentOS and stay there generally wouldn't have been paying for RH anyway; and it's an opportunity to start free, realize you actually need support (or that support is cheaper than hiring an army of IT people capable of doing it themselves), and upgrade to RedHat.

    • by h4rr4r ( 612664 )

      And why redhat makes a billion a year, oh wait. FOSS had nothing to do with Sun going under. Sun was dieing long before that.

    • Re:In other news.. (Score:5, Informative)

      by hduff ( 570443 ) <hoytduffNO@SPAMgmail.com> on Thursday March 31, 2011 @02:21PM (#35681284) Homepage Journal

      FSF wants Windows, Office, Photoshop, and everything else to be free. That's their job. People need to be able to make money on software, or large corporations won't invest in it. That's why FOSS-friendly companies like Sun are going under and being snapped up by profit-hungry pricks like Larry Ellison. Film at 11.

      Yes, "free" as in the concept of freedom or liberty, not software at no charge or profit.

      You embarrass yourself by not understanding the distiction while speaking on the subject. Or you shame yourself by deliberatley mis-stating it.

      Oh, I see you're in marketing . . .

      • Re:In other news.. (Score:4, Insightful)

        by brit74 ( 831798 ) on Thursday March 31, 2011 @02:48PM (#35681726)

        FSF wants Windows, Office, Photoshop, and everything else to be free. That's their job. People need to be able to make money on software, or large corporations won't invest in it. That's why FOSS-friendly companies like Sun are going under and being snapped up by profit-hungry pricks like Larry Ellison. Film at 11.

        Yes, "free" as in the concept of freedom or liberty, not software at no charge or profit. You embarrass yourself by not understanding the distiction while speaking on the subject. Or you shame yourself by deliberatley mis-stating it. Oh, I see you're in marketing . . .

        Or maybe you're the one in marketing. It's completely obvious that the phrase "free as in freedom, not free as in beer" is a flat-out false statement. It be accurate, it should be restated as "free as in freedom, AND free as in beer". Here's what the FSF says:

        "When we call software “free,” we mean that it respects the users' essential freedoms: the freedom to run it, to study and change it, and to redistribute copies with or without changes. This is a matter of freedom, not price, so think of “free speech,” not “free beer.”"

        Notice the phrase "to redistribute copies" - that's "free as in beer". The FSF wants to paint is as a "freedom" issue when they're also smuggling in "free" under that banner.

      • Re: (Score:3, Insightful)

        by dgatwood ( 11270 )

        Yes, "free" as in the concept of freedom or liberty, not software at no charge or profit.

        That's a nice theory, but it doesn't work in practice. There is no way to make software that can be easily bug fixed by the end user that cannot also be easily enhanced by the end user, and commercial software fundamentally relies on being able to get money from the consumer for new features.

        This basically leaves support contracts as the only practical revenue stream. That works fine if you are writing software for bu

        • Comment removed based on user account deletion
        • This basically leaves support contracts as the only practical revenue stream. That works fine if you are writing software for businesses (who want someone to sue).

          This seems to be working just fine for Red Hat and others. Why waste time with individual consumers who are fickle, stupid, and above all, cheap, and are going to copy everything on BitTorrent anyway? Trying to sell something that can be copied trivially on the internet is a losing proposition, unless you also provide something else that can't b

          • by tsm_sf ( 545316 )
            It's a lot easier, faster, and probably cheaper to just hire the people who wrote it to make changes you want. If the people behind it are trying to make money on it, why on earth wouldn't they make the improvements you want, since you're offering to pay them for it?

            I'd like to mention that the option you bring up here is woefully overlooked in its various forms. I've had clients bemoan the fact that they can't use an otherwise perfect piece of software in their project because the license is too restr
          • by dgatwood ( 11270 )

            Why waste time with individual consumers who are fickle, stupid, and above all, cheap, and are going to copy everything on BitTorrent anyway?

            Because if you depend on corporate use to sustain your business, you're going to be very disappointed unless your product is in the IT space or is something very generic like a word processor. For other products, you can't make enough money that way to cover your costs.

            Diving into someone else's codebase and trying to get a handle on it and start making nontrivial im

        • I'll give you another: Enthought. They drive the development community around NumPy, SciPy, and Matplotlib. They do sell packaged versions (EPD), but primarily derive their revenue from selling targeted software development services to companies. Admittedly, it is a BSD style license, not GPL, but those companies were free to develop their software using the same tools themselves. Enthought makes money because they have the mineshaft and the experience to best utilize those packages. The business model
      • Re: (Score:2, Insightful)

        by ivucica ( 1001089 )
        Sometimes it's hard to make a distinction.

        I'm always looking for ways to be supportive of FSF's stances, but they are a puritan organization. As such, they present views that they know won't gain mainstream acceptance but that's ok, since something more reasonable will gain it. And that's where I stand: I don't consider words of FSF to be holy [stallman.org], but I will support a more "secular" view.

        Same here. It's unreasonable to consider an offering "libre" to be truly possible without being fully "unpaid". Not beca
        • Software needs funding before it exists.

          Not necessarily.

          Unix, Linux, the GNU Project, Apache, and gazillions of other very useful bits of software were created without specifically funding them. In most cases, the software came first, the funding later. While the early developers of each of those packages used resources that had to come from somewhere, most of those resources were scrounged and repurposed stuff. All of them operated on a "write working code now, worry about logistics and organization later" system very early on.

          • While developing the software, developers at least consumed food. Hence they needed to ensure funding for the food. Despite that I have, in effect, implied organization as necessary, I intended to say that nothing is unpaid for.

            I release stuff as free software. I label it as such (not as open source). At the same time, I don't expect to make a living off of that software.

            I don't have software-unrelated skills. I don't want to do unskilled labor. What can I do? I can write software for living.

            I want
      • Re: (Score:2, Insightful)

        by nstlgc ( 945418 )
        Explain to me how to make those things "free" without making them free of charge.
        • by Mazzie ( 672533 )
          Free as in free to turn you car in to a hot rod and re-sell it to someone else if you feel like it. Closed source software is a car with the hood welded shut that you aren't allowed to fix if the engine dies, or resell if you need the money to buy movie tickets.
    • Except unlike you, FSF is actually making sense - of course, the apps will not get open source, but it will sensibilize the people a little more, each time they do such "PR" announce.

      Eventually enough people would realize that open source is good - that's FSF's goal - and some of these apps could be built open source instead.

      Now if you like open source or not is another story, of course. I'll just mention that RedHat is doing extremely well. Proprietary companies are going down every single day. Some open s

  • I was going to be all snarky about some blog post probably not being the voice of FSF, but then, http://www.gnu.org/people/speakers.html [gnu.org] and he's on there.

    So I guess I disagree with the FSF, and not just him!

    • Out of interest, what do you disagree with?

      • Re: (Score:2, Flamebait)

        by PRMan ( 959735 )

        If they care so much, why don't they raise money and build their own free FSFMail? They can make it as free as they want.

        What's that? They can't afford to? So, basically it makes it look like FSF stands for FreeLOADER Software Foundation.

      • I feel like it's asking too much. The concern is, "hey gmail maybe your code triggers some js machine bugs, and we dont trust it." That's valid. But asking them to open source it for inspection, well that lets other folks pick the pieces up and start hawking their own version. Isn't there a middle ground [to ask for, and be denied]? I've just become jaded enough to start agreeing with that crappy business model "let the 10% that complain cancel their service". So long ago that seemed like a joke answer a fake company would use, but now we see it all the time. And I agree with it, alas. If you dont trust gmail, dont use it. Dont ask for their trade secrets either under the veil of security auditing and the intended benefit of legally copying it, or legitimately security auditing it and haphazardly allowing competing services to glean legal copies. Ask for some NDA access to have yourself or someone you trust inspect it. Just because something can be open sourced, doesn't mean it needs to be.

  • by MobyDisk ( 75490 ) on Thursday March 31, 2011 @02:15PM (#35681154) Homepage

    The FSF wants all software released under a free software license. So it really isn't news that they want Javascript software released under a free software license.

    • The thing is, JavaScript is inherently source visible. Since it is a script, and it runs on the client system, you can always see the source. For trusting an app, you don't need the source to be open, as in free to redistribute. You just need it available. The US Government trusts MS software because they have the source (many people have the source to Windows, governments, universities, etc). You can audit it, compile it yourself (or interpret it yourself which is automatic in JS) and so on.

      Thus there is n

  • by Ironchew ( 1069966 ) on Thursday March 31, 2011 @02:18PM (#35681202)

    Releasing the client-side code isn't a big deal (it's right there in the page source!) I'd be more interested in the server-side code.

    • by h4rr4r ( 612664 )

      It is a huge deal. It is right there in the page source, and you do not have the right to do a thing with it according to the current license on that code. Giving you the four freedoms on software you are running is a huge deal and the goal of the FSF.

      • by Terwin ( 412356 )

        With the stated reason of: "so that users can trust their service", the important part is being able to examine the source-code.
        Admittedly the GWT generated JavaScript is not very reader-friendly, but it is all there for you to look at if you should choose.
         

      • You can do at least one thing with any code you have in front of your eyes, including client side javascript, and that is examine it to see if you can "trust" it. No, you may not have the right to do anything you want with it, but that's within their rights to license the code however they wish. If you don't like how they license their code, don't use their service, find one that meets the four freedoms and live happily.

    • by twebb72 ( 903169 ) on Thursday March 31, 2011 @02:47PM (#35681702)

      I would agree that client side code is (relatively) accessible via the programmer (even if it is compressed); however trusting their server side execution of those includes is really where the trust factor comes into play. Most browsers will lock down cross domain requests. The real power is controlling what the server serves to the users that use that include.

      For example, www.xyz.com decides to include a couple lines libraries from google.com, say, jquery, and analytics. By virtue of making the include, that third party site has the ability of pass messages back and forth via code generation (to bypass the cross domain issues) and manipulate the DOM of www.xyz.com in however it sees fit. Now, a security minded person wouldn't include a resource that's off-site, for this very reason. Good examples of this are bank sites like usaa.com. No where on that site will you see a third party domain resource, once you've signed to your account. Putting the resource files on www.xyz.com makes a lot of sense for versioning, but also securing the site from potential hacks of the third party (hacking that google's analytics includes or akamai servers is a juicy opportunity, but only if you could execute code server side).

      When it comes to javascript, the best way to secure your site is to host your own resources, and DON'T use off site includes that are from untrusted sources. Even if the source is trusted, it doesn't mean your in the clear. Your best bet, is to always host your own site resources.

  • Nobody complained when WebKit, an open source product, had a vulnerability in it that allowed for remote code execution. Sure, it was eventually found, but having it open source didn't make it instantly safe. I don't see why we should force companies to publish all of their javascript. It is plenty open as plain text, no need for a free license. Open sourcing the code would encourage modification, which could easily lead to the attacks that we are all afraid of.
    • We're not talking about forcing anyone to do anything -- but JavaScript is programming code too.

      The FSF's goal is for all the software a user runs on their computer to be free software -- without a license, the software would be full copyright and not in a fit state for modification. This is completely within the goals of the FSF.

    • the js client can't do anything the API doesn't already provide access to. you can modify it all you want, the server doesn't trust the client any more than the user privileges allow.

  • Sorry, but this it stupid. The real brains that we'd need to trust is in the SERVER code. And all of Google's procedures. Knowing what the client is up might make some feel good, but this all very centralized.

  • The popular Greasemonkey Firefox extension (Which I believe is built-in on Google Chrome) lets the end user modify the javascript/css running on the site to the user's desires. There's a huge database on UserScripts.org that lets you browse site-specific mods to Twitter, Facebook and yes, Gmail.

    Another very popular extension is "Better GMail 2", which basically packages some greasemonkey scripts into a single extension.

    • You seem to have the same answer that others here do but it's a bit off. Anyone can already get the source code and use it. But it's the license that is the issue here. No one can legally place it on their site and write their own version AFAIK.

  • And a space unicorn! And free candy!

  • You may not know it, but the website you're reading RIGHT NOW is a festering hotbed of evil. EVIL. Evil code that will steal your information, kill your wife and children, and damage the transmission on your car.

    The ONLY way around that is to use our new FSF GnuWebScript, which is Totally Open and Free. Not only is it a Force for Good, it whitens your teeth and makes your toes smell nicer. It will never do those evil and nasty things that the Javascript does, because it's not Javascript - it's GnuWebScript!

  • That someone at the FSF has been using Gmail and started feeling guilty about using "non-free" software and instead of switching to something else is trying to get Google to change?

  • Speaking of obfuscation, the article by the FSF drags Node.js and V8 into the discussion, even though they have nothing at all to do with the client-side javascript that the ostensible topic of the article.

    Also, as the author mentions, it is possible via greasemonkey to do essentially what is wanted--modify the client-side javascript--so it seems like an ideological point rather than a practical one. The "obfuscation" of the javascript source is as much about reducing the bandwidth consumed by javascript as

  • Does anyone listen to what this Botanophobe says anymore? Seriously?
  • by grumbel ( 592662 ) <grumbel+slashdot@gmail.com> on Thursday March 31, 2011 @03:51PM (#35682556) Homepage

    I don't quite see the point. Sure it would be nice to have the Javascript under a Free Software license, but that would be very far down my list of priorities, as with Javascript and the Web in general there is one very fundamental difference to regular software: You neither own that stuff nor control it, they do and that is the problem that needs attacking. It doesn't make a difference if they stick a GPL header on top of their code or not, I as I would still be forced to use whatever version they ship me, keeping around an older copy with features they might have changed/removed/whatever doesn't help me when the API to their servers has changes, that old GPL copy might either break or become unusable. The real solution would be to provide standard data driven APIs for webservices, so that I wouldn't depend on their Javascript and HTML code, but could roll my own.

    The whole problem with the Web today is that I don't have direct access to my data, but instead can only access it via a whole swoop of HTML and Javascript stuff, that makes it frequently hard or even impossible to actually do certain operation. A very basic example would be backup. Yeah, I can download mail from GMail via POP or IMAP and that will give me some of my mails, but what about chat logs, mail I send, tags, contacts, etc. and a bunch of other meta data that isn't just the mail? Can I backup all that? And even more importantly: Can I actually restore it? If GMail decides to delete my account tomorrow, can I open a new one and restore my backup into the new account? Can I do that when I change mail providers? Will meta data survive the transfer? That is the problem that needs fixing, as almost all webpages suffer from it, even the glorious 100% Free Software ones generally don't give you full import and export capabilities of your data and even when they do the interfaces are often limited and cumbersome.

If money can't buy happiness, I guess you'll just have to rent it.

Working...