Actually, I've been studying the situation with the adblocking, and I want to roll back my comments about blocklists. It seems much more of a gray area than I imagined, with SOME categories of content being clearly pointless and/or malicious, so I'd like to rescind my opposition to bundling blocklists, as long as it's done in moderation :)
On 10/15/2015 05:42 AM, Dimitris Arvanitis wrote: > Dear Ivan, > > thank you for your detailed analysis, in which you obviously put much > effort. If hope it will be awarded by a clear statement by the > maintainer where he sees the future of IceCat. > > Best regards, > Dimitris > > > Am Mittwoch, den 14.10.2015, 16:43 -0700 schrieb Ivan Zaigralin: >> First of all, thanks for fixing the spyblock bug where custom filters >> would not work. I've got zero feedback when I reported it, so it was a >> pleasant surprise. >> >> Get ready for another angry rant. Once again, I yell because I care, >> because I believe users must have an alternative software source to >> Mozilla, which is now not to be trusted, and icecat is pretty close to >> an optimal answer. I am a long-standing user and also a maintainer of >> the SlackBuild, which is a source-based distribution way in Slackware >> derivatives, so please take my frustrated yells as signs of <3 >> >> OK. >> >> There is a reason, I think, why users like maestro curse at this project >> and its maintainers every now and then, and here's what I think is the >> problem. Please note I am not at all endorsing or excusing the that kind >> of trolling, but I really wish that devs would stop for a second and >> look at the likely causes of the obvious user frustration. >> >> In my humble opinion, the priorities need an adjustment. One of the >> HIGHEST priorities for web browser users is staying on top of the >> security patches, so every time the concern for the "new features" >> results in skipped releases, the users are gnashing their teeth and >> thinking about jumping ship and just customizing the heck out of the >> stock Firefox. The official goal #1 is to produce a FREE browser, but >> this goal is in jeopardy whenever the browser falls behind, since it >> almost ENSURES that MANY users will be running non-free software such as >> viruses and trojans, and that WITHOUT even knowing. >> >> On the technical side, I want to bring up once more what I see as a very >> mistaken move, which is the inclusion of addons. I hope to convince if >> not the devs than at least other package maintainers like me, who >> prepare icecat for distribution within a paricular OS. Starting with >> this release, I am cutting all the addons, and I strongly urge all the >> involved parties (including devs) here to do the same. I am doing this >> precisely to improve the user experience and to make icecat and its >> signature addons more popular, and here are some reasons why including >> addons is a REALLY BAD idea. >> >> (1) Since gnuzilla does not test addons and occasionally gives silent >> treatment to bug reports in addons, including the ones produced >> in-house, it should not distribute them. A common pattern seems to be >> when users install icecat, they immediately run into an addon bug, and >> give up. Here's my experience with a 38.3.0 and a VIRGIN profile: >> duckduckgo does not work, asks to turn on javascript. I check settings, >> javascript is on. This is already a show-stopping bug. I check LibreJS >> (and how would a NEW user know that?), enable all that page, it reloads >> and... still DOES NOT WORK, it's blank. I check librejs again, >> everything is enabled. I try google maps, and the outcome is exactly the >> same. Yes, maestro is a troll, but I think his emotional state is a >> perfectly predictable consequence of the browser JUST NOT WORKING. >> >> (2) Addons were intended to receive security updates independently from >> the browser or the OS, but when we package icecat into GNU/Linux >> distributions, the pre-added addons end up in the distro channel, so >> they update only when users get around updating the OS. This is >> suboptimal. The only addons which belong in the OS channel are the >> OS-related addons, such as "Ubuntu Integration" or whatnot. Everything >> else must go. Then there are users who get icecat directly from >> gnuzilla, and they get addon updates only when they get around updating >> the browser, which is slightly less bad. But the lazy release schedule, >> which seems to be the norm, confounds this problem a lot. >> >> (3) Why does gnuzilla think they know best about which addons user >> should run? What if I want to run a different fork of adblock, not the >> spyblock? Not many users know these forks are INCOMPATIBLE, so >> installing a different blocker will break things. In effect, gnuzilla is >> forcing its users to maintain gnuzilla's faulty package, as if users >> didn't waste enough time maintaining addons they themselves installed. >> >> (3.1) Forgive me for being blunt, but whose bright idea was it to >> distribute blocklists along with spyblock? Do you realize you are >> censoring the web without asking for explicit consent? Notice that good >> adblockers (the addons themselves) do not do that, because USERS are the >> only ones in the position to decide what is an unwanted ad. They offer a >> choice of blocklists upon install, and taking this step out is meddling >> edging on censorship. >> >> (3.2) LibreJS in particular is basically nagware. Ostensibly, it should >> help users to nag at web designers, but all it actually accomplishes is >> nagging the users. As I explained before, it is 0% effective, since it >> cannot possibly check whether javascript code is free. The only good way >> to check that is to (a) authenticate the script source (b) check it >> against the list of authorized free software sources. What makes THAT >> script likely to be free is the tendency of users to put their trust in >> ethical software sources such as FSF, Trisquel, FreeSlakc, etc. The >> presence of a license boilerplate has not a JACK to do with ANYTHING, >> and I frankly cannot believe this useless addon is still being bundled. >> >> So here is a specific proposal: >> >> (i) All currently bundled addons should go into the common directory, >> none should be installed by default. Until this is done, the browser >> will be bloated and unstable, and curses will fly thick. This will also >> free the devs' hands to work on the long-neglected goal of making new >> releases prompt and secure. >> >> (ii) Even in the addon directory, no adblocker should be bundled with >> blocklists. >> >> (iii) The free addon directory which shows up at about:addons should >> contain a simple "get started" list saying which addons are essential >> for user freedom and why, and (IMHO) this list should omit LibreJS until >> it's shown to do something useful. >> >> On 10/12/2015 09:05 PM, Rubén Rodríguez wrote: >>> GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the >>> GNU version of the Firefox browser. Its main advantage is an ethical >>> one: it is entirely free software. While the Firefox source code from >>> the Mozilla project is free software, they distribute and recommend >>> non-free software as plug-ins and addons. Also their trademark license >>> restricts distribution in several ways incompatible with freedom 0. >>> https://www.gnu.org/software/gnuzilla/ >>> >>> The user manual pages are at http://libreplanet.org/wiki/Group:IceCat/ >>> You can contribute by joining the wiki and editing the manuals. >>> >>> Source tarballs, binaries for generic GNU/Linux systems and translations >>> are available at http://ftp.gnu.org/gnu/gnuzilla/38.3.0/ >>> GPG key ID:D7E04784 GNU IceCat releases >>> Fingerprint: A573 69A8 BABC 2542 B5A0 368C 3C76 EED7 D7E0 4784 >>> https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=gnuzilla >>> >>> This is a major release upgrade following the Extended Support Release >>> upstream cycle, moving from v31.x-ESR to v38.x-ESR. All the features in >>> previous releases have been preserved, along with extra polish and >>> improvements in privacy. >>> >>> == Changes since v31.8.0-gnu2 == >>> * Rebased to v38.x >>> * Updated to v38.3.0ESR >>> * LibreJS updated to 6.0.10.20150620 >>> * HTTPS-Everywhere updated to 5.1.1 >>> * HTML5 Video Everywhere updated to 0.3.3 >>> * Added more privacy settings and crypto hardening >>> - Disabled battery handling in dom >>> - Disabled sensor handling in dom >>> - Disable face detection and autofocus controls >>> - Disabled DNS prefetch >>> - Disabled ssl/tls protocols that are useless or too weak >>> >>> >>> >>> -- >>> http://gnuzilla.gnu.org >>> >> >> -- >> http://gnuzilla.gnu.org > > > > -- > http://gnuzilla.gnu.org >
signature.asc
Description: OpenPGP digital signature
-- http://gnuzilla.gnu.org
