[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Web versions

From: Jean Louis
Subject: Re: Web versions
Date: Wed, 17 Mar 2021 06:01:07 +0300
User-agent: Mutt/2.0.6 (2021-03-06)

* Alfred M. Szmidt <> [2021-03-16 21:12]:
>    Webassembly runs in the browser, I click on the URL and
>    application is in the browser, 
> And thats the problem.  How do you check that the program you just ran
> (pretense) is free software?

In that particular example I have been checking programs that are free
software as they are hosted on Github with free software licenses. I
gave you hyperlinks as references, you could verify it yourself.

Level of verification is never perfect, regardless of the type of
software. How do I know that software delivered in Guix or Parabola
GNU OS is free software? I do not know, I can just assume as
developers claim to be so, and OS-es are endorsed by FSF.

On the next level of verification one will find that proprietary
pieces may be found in such OS-es and those issues are handled by bug

But I still cannot verify if software is really free software, I would
need to verify each upstream and compare it with the one that I got.

Then again, how do I know that binary is really free software? I would
need to do it on the next higher level of verification.

Maybe I would need to re-compile myself and get reproducible build
that I become more sure that it is free software, and also not
tampered or malicious one.

There is practically no difference between Webassembly and packages
delivered with GNU OS.

> When you download something, you have not executed the program yet,
> and can make an informed decision if you wish to run it or not,
> e.g.,

There are various gradients of informed decision as I have
demonstrated above. Teenagers will be informed enough if the software
they downloaded can run on their computer. They may not go into any
verifications. Majority of people will not verify anything.

Once I was verifying all software and there were still proprietary
issues. That is why we are safer with FSF endorsed GNU OS and other
endorsed OS distributions.

We rely on trust to FSF or our basic knowledge about the distribution
mostly. Majority of people will not go into extensive verifications of
each single package.

Thus making adequately informed decision is difficult task for any

For Webassembly, I have been following the list of examples and found
the SSH in browser, it is free software and I find it very handy. I
can finally use mutt/ssh and handle my stuff on servers through a

My way of making informed decision is looking for useful pieces of
software that is free and then using it.

> if it is free software or not by looking at whatever tar-ball it came
> with, examining the license, etc.

You can do that with Webassembly in the same way.

> That is not normally the case with Javascript or Webassembly -- when
> you access the program, you're already executing it

It should be by consent of the user -- that is open task to do, to
make some plugins to help user consent to each website
specifically. LibreJS is good plugin for Javascript, but I think it
will not handle Webassembly.

In desktop OS, when I access the system like any computer, I am
already executing software. Unless I am informed that it is GNU/Linux
or other free system, I am already executing it. Majority of users are
in this situation, they are not root or administrators or aware users.

Majority of GNU/Linux users are in  the same situation as you
described it, there are many distributions and they are not fully free
-- so users will not necessarily know differences.

Thus Javascript or Webassembly shall simply by sorted by GNU into same
lists, or packages that we are distributed in FSF endorsed
distributions. It is the same process of selection of software just as
how developers do it now.

How do we choose software? By accessing and downloading the indexed
and curated list of software that is assumed to be free software
because of developers who have set their set of principles.

How can we choose Webassembly as free software? By having lists of
websites that provide useful Webassembly programs. If such list is not
curated by free software enthusiast then one may find some proprietary
software inside just as it happened to me with that PDF kit.

Firefox is free browser, so GNU OS may ship derivative with
Webassembly disabled or with a plugin that may ask if to run software
or not.

about:config and one can disable javascript.options.wasm not to run
it. Easy.

To mitigate risks not to run Webassembly or Javascript automatically
one can use plugins (if such exists).

We could create plugin that white lists the free software websites
running Webassembly, where users can report the website to be free
software for further review, and otherwise to keep Webassembly


reply via email to

[Prev in Thread] Current Thread [Next in Thread]