I wish I could find one that is just a little less ideological. Not that I have a problem with ideologies, but I have trust issues, and I’ve seen some people justify some shit in the name of their ideologies, and as such I don’t fully trust someone with a policy like:
To be hosted on our servers you have to share our principles of anti-fascism, anti-racism, anti-sexism, anti-homophobia, anti-transphobia, and anti-militarism. Your projects must as well be based on the same non-commercial nature which keep our project alive, and on the desire to share and experience relationships and struggles, with all the patience it requires.
for instance not to monitor my email to ensure I adhere even when they pinky swear they don’t. Again, not that any of that would apply to me nor that they do spy but just the thought that they may us enough. Before someone says some smartass shit, I’d say the same for the opposite but idk many nazi mail providers.
I guess I’ll have to pay, idk, maybe forward email. I’d pay proton if they’d just let me use imap/pop3 without some stupid “bridge.”
Disroot stopped using RainLoop long time ago when people became aware of a security bug in RainLoop and the fact that the RainLoop project appeared to be dormant. I think Disroot switched to SnappyMail, and then to Roundcube.
What I don’t understand is how they can tell. There’s no mechanism (that I’m aware of) for signalling the licensing of deployed (minified!) JS code. The development code has licensing and versioning and so on but none of that makes it into production. As far as the client is concerned it’s all proprietary.
Technically that is what LibreJS is for. However, beyond LibreJS you can look at the code and see if it is similar to existing JavaScript frontends or libraries.
It is a imperfect solution but it is better than just arbitrarily running programs in your browser or disabling JavaScript completely.
Apparently it’s (by default) everything that doesn’t explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.
It doesn’t apply to HTML because HTML is fundamentally not code that runs, but rather a markup. It’s just like how licensing a book under the GPL would be weird and unnatural, because it represents someone’s words. JS is code that runs on your computer, just like any other program
Shell and python scripts are also code which is executed. HTML (at least back in the day) wasn’t really a network shipped executable, but more like markdown file which is just parsed and rendered
This feels a bit like the debate over whether a virus is “alive” or not. “But the virus/HTML has DNA/code.” “But it requires another cell/web browser in order to replicate/execute.” etc. 😄
For the sake of simplicity, let’s go back to the time when websites were not full of JS and other modern web stuff
You could in principle just wget the html file from a server and parse/render it without having to run that file. Like I said, it is like a simple markdown file.
In terms of modern web, a crude analogy would be to look at the output from static site generators. In those, the server essentially doesn’t execute code, hence a lot of cloud providers can host your static sites for free
There is definitely a grey area, but HTML is pretty far away from it. HTML doesn’t “execute” and is very far from Turing completeness. You cannot write programs in it, and that is the key. Pure HTML is very much on the side of “rendering text” and not “running software.” Once we start talking about things like LaTex though, the line gets a lot harder to see. Note that whether HTML is “code” is irrelevant. The point is that whether it’s “code” or not, it is never a program.
Apparently it’s (by default) everything that doesn’t explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.
It is never to late to start something and make people aware of problems and as far as I am concerned not only about software licenses but JavaScript as a security problem.
Long time ago Riseup, focused on activists, required two invite codes, probably to avoid abuse. They’ve relaxed it with asking for only one invite code. You should imho not be asking for invite codes on the Internet but ask your activist friends or read this : support.riseup.net/…/13-how-do-i-get-an-account
Add comment