Re: one of the many reasons why removing non-free is a dumb idea
On Fri, Jan 09, 2004 at 08:31:03AM -0600, John Goerzen wrote:
> On Fri, Jan 09, 2004 at 01:07:47PM +0100, Sven Luther wrote:
> > On Wed, Jan 07, 2004 at 08:37:41AM -0600, John Goerzen wrote:
> > > That's not true at all. Even packages that are well-maintained can be
> > > of very low quality in non-free, especially if you are not running on
> > > i386. This is due in part to a lack of autobuilders for non-free.
> >
> > What has that to do. If the package is only built on i386, or on a
> > reduced set of arches, this doesn't imply lower quality, just that it
> > has not been ported. And the fact that some arches don't really need it
> > is a good thing for its eventual removal.
>
> If I install package foo on my Alpha, and that package has known
> security bugs and can be crashed easily, it's of decidedly low quality,
> even if package foo on i386 has had fixes for all of the above for over
> a year.
Then you are a good candidate for fixing this. As always, quality for
packages nobody cares about or use case of packages nobody cares about
is bad, no wonder there, happens in main too. I even have a package in
main i am convinced nobody uses :))
> As an Alpha user, the quality of a package on i386 is completely
> irrelevant.
Stop trolling, sure i understand about porting, but this is so wrong. If
fixes got in the package, not the i386 package, but the source package,
then you can build the fixed version.
If you don't have the source, sure, it is bad, but was it not you who
said you were not of those who did believe all non-free source was ugly
evil proprietary binary only stuff ?
And in such case, let's just remove the stuff, no problem. netscape and
acroread fall into this category.
> > > But you may trust another source, too. Debian does not have a monopoly
> > > on trust.
> >
> > Nope. Outside packages are not to be trusted, and most of the time of
> > lower quality.
>
> Then that is your own personal decision. I have found multiple,
> quality, trustworthy sites. For instance:
>
> * Branden's experimental X
Which are in experimental and thus in debian. What about joe random
backport packages ?
> * Blackdown's JDK archive on Ibiblio
Sure, tried running those on your alpha lately ? Also tried building
jboss on them on powerpc ?
> * Certain PowerPC X archives at different times
Well, you even agree that quality varies over time.
> > > Packages not distributed by Debian can take advantage of this utility
> > > too.
> > > They just need to add a "send-to" header to the control file
> > > /usr/share/bug/$package/control.
> >
> > A, nice, this would be fine for the users, but decidedly not for the
> > maintainer.
>
> Why? Adding one single file to the package, which takes about 30
> seconds and must be done only once, is a huge burden?
Oh, and when i look at my bug page in the PTS or BTS, i don't see them,
and with the amount of mail that flow into my inbox, it can get lost.
Certainly by looking at the send/response ratio to many of the debian
people, i doubt such a thing would be very usefull.
Also, a mail to my own inbox is not usefull at all, and contrary to our
social contract (we won't hide problems) as well as problematic in case
the maintainer goes MIA. All info on previous bug reports are lost.
> > > I think it's rather far-fetched to claim that an operating system is
> > > usable as a tool for mass murder.
> >
> > Sure, when you embedd it in missiles and such, no ?
>
> Do those actually have an operating system in the conventional sense?
Stop playing words, you perfectly know what i mean, be honest with
yourself at least.
> > > To be sure, this restriction is more of one on paper than one that is
> > > practically enforced; indeed, it is really impossible to enforce, and as
> > > far as I am aware, we do not enforce it. We also maintain mirrors in
> > > countries that do not have those restrictions.
> >
> > Yeah, but i am not at all happy that each and everyone of my uploads is
> > sent to the US governement.
>
> Why should the US government be prevented from using Debian? And, more
Nope. They are keeping files on _my_ activity asa debian developer,
which is a threat to my privacy.
> to the point, even if the above does happen, what is the problem,
> considering they could just as easily get it all from any one of dozens
> of public mirrors?
They have to search it, and don't get them send to by us.
> > > > It can already, where is the problem.
> > > If that is the case, then there should be no problem with removing
> > > non-free.
> > Yeah, sure. but there is no problem too in keeping it.
>
> I disagree with that.
Well, i also disagree in removing non-free, so there. Also i (and
others) have given concrete examples about what we would loose should we
not support non-free anymore, and you have only given unproven and
discutable supposition about the benefit of removing non-free.
> > > > to developing a free alternative.
> > >
> > > Just because you are a business doesn't mean that you have lots of money
> >
> > Well, in that case, you can go to the author of the piece of software
> > you need, and reach an agreement with him. What is the problem with
> > that.
>
> I don't think that's particularly likely to happen.
Well, then what, they don't use it and that's it. In what manner does
debian having a non-free archive on its infrastructure change anything
here ?
And anyway, sure, i doubt adobe will do this, but most of the packages
in non-free have much more open upstreams.
> > > to spare. For instance, someone that works part-time from home may not
> > > be in a position to support these things. Also, it is not necessarily
> >
> > Crap. Most of the licence apply to redistribution, rarely to use. And
> > anyway, those are really a minority of the non-free cases.
>
> Do you have figures to back that up?
Well, of the 3 examples i gave, at least two fall in this category.
ocaml-doc forbids distributing modifications without the author consent,
unicorn includes a binary only library, so you can't obviously not
modify it, but anybody can use it (provided he has the hardware for it
though), and lha, well the licence was in japanese last time i checked
:))
> > > possible to buy rights to non-free software, or it may be prohibitively
> > > expensive; or the original developers may be unreachable.
> >
> > Yeah, that is another problem.
> >
> > Still, what does it change for him that debian distribute non-free or
> > not, nothing.
>
> So where is the problem with removing non-free?
Well, i will loose access to packages i need and i will loose an
infrastructure helping me support package i maintain.
So, where is the problem in not removing non-free ? None.
Friendly,
Sven Luther
Reply to: