Re: [GNU-linux-libre] Proposal to revise FSDG to exclude SaaSS-only software clients

[Jean Louis]

Thank you.

I do understand RMS that he wishes that there are free software
distributions without too many moral obligations.

Bill Auger said, if it would be in the FSDG he would remove it, but I
say, he can make his own distribution policies and make distribution
better than then what FSDG requires it, just as Hyperbola
GNU/Linux-libre is doing it.

* Adonay Felipe Nogueira via gnu-linux-libre <gnu-linux-libre@nongnu.org> 
[2021-04-14 17:03]:
> # Is Telegram spyware?
> 
> In this thematic axis, a section of the GNU FSDG against spyware (which it 
> also describes as malware) is brought to light (as seen on [2]):
> 
> > No Malware
> >
> > The distro must contain no DRM, no back doors, and no spyware.

That means all PRISM Surveillance Program related interactions from
FSF endorsed distributions should be removed from such
distributions. For example any Skype related software should be
removed.

Telegram does not encrypt messages on its dekstop client, and there is
no secure chat feature.

Is Telegram spyware? Does it have backdoor? According to this story,
Telegram refused to give support for backdoor only for reason that
back then, Telegram was not US company:
https://www.neowin.net/news/fbi-asked-durov-and-developer-for-telegram-backdoor/

Quote: "Durov believes that because Telegram has no legal presence in
the US that the company, therefore, has no obligation to co-operate
with the FBI’s request and he described it as being a “ruse”."

However, Telegram is today US company. Management of Telegram gave
public statements that they would not comply if they are not US
company. Now they are US company, it implies, they will be ready to
cooperate, I have not seen any contrary statements. Maybe more
benefits was offered to them, we cannot know if it is spyware until we
know it.

Another issue:
==============

Telegram does not follow its GPLv2 Obligations

Telegram clients are advertised as free software, but in practice the
source code is not immediately accessible.[2], the delay sometimes
being up to 5 months. So, unknown spyware features could be in the
official Telegram client binaries that you download, without you
knowing. It's recommended that you build an outdated version of
telegram from its source code, since it's not provable whether or not
the binaries that are distributed have unknown spyware or not.

Reference:
https://github.com/overtake/TelegramSwift/issues/163

> # Should the GNU FSDG foster decentralized communication
> # technologies?

Myself, I was thinking that FSF, which does the work towards
decentralization to endorse, to stand behind those distributions which
distribute software for centralized networks.

In that case, also in that case, where software freedom is more valued
than that political issue, than FSDG should state so clearly,
something in the sense that number of free software distributions are
more valuable than what is the distribution of software causing in the
world, as FSF does not want maybe to influence distributions for
politics, rather for sole purpose of software being free.

With such policy then I can imagine in next 100 years having 20 more
client software that interact to heavily centralized networks, in the
same time endorsed by the FSF.

I still feel hypocrisy there, as FSF is the leading organization that
gave all the guidance on decentralization.

Then it is better to make a new sub-list of OS distributions endorsed
by FSF which also commit to some additional guidelines similar to
those how Hyperbola GNU/Linux-libre is following.

> I don't know how to summarize this argument enough, so I might be
> missing some context or terminology.
> 
> All I can say from the study I made so far is that there seems to be
> a subgroup in the free/libre software movement that is fostering
> decentralized communication technologies. Now, their
> *recommendations* on *what* to foster diverges sometimes.
> 
> For starters, they can conflict at the communication structure, for
> which (based on Katharina Nocun's work at [3]):
> 
> * They can foster distributed decentralized technologies, where
> * there is almost no server in between the clients, similar to
> * torrents as long as you do use peer exchange, distributed
> * hashtables and don't use torrent trackers.

> * Alternatively, they can be in favor of federated decentralized
> * technologies, in which case there is at least two servers between
> * clients and, by the nature of free/libre software, this would also
> * allow the users themselves to host their servers.

The FSDG is not aligned to those opinions. The goal of FSDG is rather
to enable more and more distributions which are FSF endorsed, it is
kind of gurantee that software is truly free but not that it
necessarily follows all FSF politics. Which is fine.

But then at least FSDG could say that distribution managers could
adopt their own policies on what kind of software to distribute, as
they may tend to just get endorsed, for their good image, but may not
be political followers of the FSF in all aspects.

I am downloading the video to watch, thank you for references.



Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

Sign an open letter in support of Richard M. Stallman
https://stallmansupport.org/
https://rms-support-letter.github.io/