[Dev] [libreplanet-discuss] QTWebengine is nonfree

[Isaac David]

Le lun. 9 janv. 2017 à 15:24, Hanno Böck <hanno at hboeck.de> a écrit :
> 
> I've read through the entire thread now and tried to follow the links,
> yet I can't find any evidence for the claim that chromium is nonfree.

It could very well be free by now, but only if you are willing to
overlook the fact that it's not actually being built from sources.
The chromium repository still distributes and uses some object
code, instead of the original free libraries. We learned that from
the aforementioned ungoogled-chromium patchset. Following
[1] I also found otherwise-free javascript that only seems to exist
in minified form in the Chromium "source" tree.[2] (Ironically,
that page requires nonfree javascript to load, but you could
clone the repo and follow the same directory structure).

I must say most files reported on [1] are false positives; so it's
not indicative of how bad the situation really is.

> Issues regarding to privacy are imho orthogonal to the free software
> state of an application, but they shouldn't pose any blocker to using
> the rendering engine.

Orthogonal yet absolutely important, because QtWebEngine is
said to contain *all* of Chromium, not just the Blink engine. Even
if the freedom problems were fixed soon (they could be), we would
still need to worry about Qt (and therefore KDE) possibly subjecting
their users to the well-documented Google tracking. Chromium
would become one of those rare cases of free software that is also
spyware.

> I'd also want to note that there are good reasons why people want to
> move from webkit to the chrome rendering engine. Many applications
> using webkit have been stuck with unfixed security vulnerabilities in
> the past. The chromium engine is well maintained and generally at the
> forefront when it comes to security and features in the web.
> While software freedom is important, it's by far not the only issue
> that is important when it comes to software ethics.

I buy into the unfixed vulnerabilities argument, but the rest is
what I would actually deem not only orthogonal, but also
irrelevant to the ethical discussion.

[1]: 
https://lintian.debian.org/maintainer/pkg-chromium-maint@lists.alioth.debian.org.html#chromium-browser[2]: 
https://cs.chromium.org/chromium/src/third_party/catapult/tracing/third_party/d3/d3.min.js
-- 
Isaac David
GPG: 38D33EF29A7691134357648733466E12EC7BA943
Tox: 
0C730E0156E96E6193A1445D413557FF5F277BA969A4EA20AC9352889D3B390E77651E816F0C


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20170114/b37a26a7/attachment.htm>