[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Let's stop feeding the NVidia cuckoo

Matthew Garrett wrote:
> Don Armstrong <don@debian.org> wrote:
>>It's not either. It's a hypothetical. That is, if, hypothetically, the
>>source provided is the result of a obfuscation regex, then it's not
>>source. [IE, we aren't provided the real prefered form for
> While the GPL defines source as the prefered form for modification, that
> definition doesn't exist in the DFSG. There's no reason to believe that
> we need the preferred form for modification, merely an acceptable form
> for modification. Otherwise we run into all sorts of issues with JPEGs
> and suchlike...

"acceptable form for modification" will get you in even worse trouble
than "(author's) preferred form for modification".  The former is a
subjective criteria, and could raise issues with any code that someone
claims is difficult to maintain (due to lack of documentation, poor
programming practices, obscure language, any arbitrary criteria you
might think of for unmaintainability).  The latter is an objective
criteria, which will only ever trigger in cases of obfuscation and/or

We do need some ability to determine if we have real source code
available; "preferred form for modification" seems like a
well-established definition, and far better than the alternatives.

I don't think we'd be having this conversation if the code was truly
obfuscated, in the sense of deleting all whitespace, using #defines to
obscure code structure, changing all control structures to gotos, etc.
The only reason we're hesitating is that we aren't 100% sure that the
author hasn't just written the code this way because they have the
documentation in front of them and it all makes perfect sense to them.
I don't think intentionally obfuscated code passes the source code
requirement of the DFSG any more than a compiled binary does; if it
does, we have a problem.  Undocumented code, on the other hand, while
rather annoying, is not an issue of freedom.

- Josh Triplett

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: