Re: Agenda for board meeting on September 26th

[Richard Stallman <rms gnu org>]

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

    I'm not sure I understand Richard. Out of curiosity, have you used 
    Bountysource?

I almost never contact commercial web sites with a browser.  I never
even heard of Bountysource before this discussion, and I know very
little about it.  Depending on facts I don't know, it may be bad for
users privacy or their freedom.  Or it may be just fine.

Since I don't know the answers to the crucial questions,
I've posted the questions hoping people will post the answers.

Your message gives some information.

    > * Privacy.  This would result in giving Bountysource people's personal data,
    > which it shouldn't have any right to know.

    I don't see how one can give more personal data than the one you give 
    from signing up with GNOME's bugzilla.

Are you saying you _know_ that Bountysource would not ask for more
personal data?  Or that you _think_ based on theoretical grounds that
it would not?

It makes a difference, because if you know this, then we have the
answer to the question; but if you're reasoning theoretically, we
don't actually know yet.

Does the Bountysource site have any "web tags" that give information
about page visitors to various companies?

    > * Free software.  Many web sites require visitors to run nonfree
    > software to use some or even all of the functionality.  See
    > http://gnu.org/philosophy/javascript-trap.html.  Does Bountysource
    > work without nonfree JS?  I don't know, but one can't presume that.

    Their JS is opensource

Whether a program is open source is not the pertinent question.
What matters is whether it is free software.

Most published programs that are "open source" are free software,
so that is a positive indication.  But there are exceptions,
so it does not give certainty.

Also, the philosophy associated with "open source" doesn't say
it is a moral requisite, only a convenience; thus, people may
say "our code is open source" when in fact 5% of it isn't, and
they think the discrepancy does not matter.

Would someone like to verify that Bountysource works with
the LibreJS extension activated in Firefox?  If it does,
we will know it is ok on this dimension.

    Unfortunately not all of their code 
    is open source (their server-side is not).

The code that runs _in their server_ is not directly an ethical
concern for us because we're not considering asking GNOME users to run
it.  If they are using nonfree software, that is unfortunate for them,
and we should encourage them to migrate, but that is no reason to
condemn or punish them.

Or the code that they run in their server could be unpublished,
private software; if so, it is probably free software.  (See
http://gnu.org/philosophy/categories.html#PrivateSoftware.)

It's not wrong to run private software on a server, but if
FreedomSponsors publishes their server software as free software, that
is a nice contribution to the community.  Perhaps we should choose
them instead in order to give them a boost -- provided it's ok
on the crucial ethical questions stated above.

-- 
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org  www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
  Use Ekiga or an ordinary phone call.