[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat
From: |
Narcis Garcia |
Subject: |
Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat |
Date: |
Thu, 22 Feb 2018 18:50:30 +0100 |
It seems a crazy strategy.
If GNU distributions used this kind of analysis instead of trusting
software from subscribed repositories, all our computers could be a
jungle (either with scripts and compiled files).
How does LibreJS check an script's license?
El 22/02/18 a les 18:43, Ivan Zaigralin ha escrit:
> From what I can pick up, LibreJS tries to detect and whitelist "trivial" code
> first, meaning, the code which an algorithm can recognize as data-like and
> harmless. For all other code, it checks the license. I don't have details on
> how these things are done, but both can clearly be programmed in a variety of
>
> ways.
>
> On Thursday, February 22, 2018 10:57:28 Narcis Garcia wrote:
>> I was asking about the CURRENT principle for LibreJS, not for "good" or
>> "bad" of theoretically prossibilities.
>>
>> El 22/02/18 a les 09:35, Ivan Zaigralin ha escrit:
>>> On Thursday, February 22, 2018 08:43:38 Narcis Garcia wrote:
>>>> Which is the principle for LibreJS to approve JavaScript functions
>>>> and/or files?
>>>> A license mention?
>>>
>>> Can be regarded as necessary, but not sufficient.
>>>
>>>> A signature?
>>>
>>> Useful for creating a trust model between users and web parties, but this
>>> is already implemented by https+noscript, and it solves a different
>>> problem, not directly freedom-related.
>>>
>>>> A well-known functions comparison? A code analysis? It replaces funcions?
>>>
>>> A code analysis is pointless. Detecting obfuscated code, in particular, is
>>> an intractable problem. If you could define "obfuscated" formally,
>>> chances are, there would be a formal proof that the detection is
>>> unsolvable by a TM. But generally speaking, a good way to obfuscate is by
>>> writing a virtual assembly interpreter, and then feeding it "binaries"
>>> which appear to be perfectly cromulent, poetic even, JavaScript sources.
>>> And obfuscated code cannot be considered free.
>>>
>>> None of this is purely academic. Dynamic, obfuscated JavaScript bitcash
>>> miners are all the rage right now. This is where we are today.
>>>
>>>
>>>
>>> --
>>> http://gnuzilla.gnu.org
>>
>> --
>> http://gnuzilla.gnu.org
>>
>>
>> --
>> http://gnuzilla.gnu.org
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, (continued)
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, bill-auger, 2018/02/27
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Ivan Zaigralin, 2018/02/27
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, bill-auger, 2018/02/27
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, bill-auger, 2018/02/27
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, bill-auger, 2018/02/27
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Ivan Zaigralin, 2018/02/28
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Narcis Garcia, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Ivan Zaigralin, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Narcis Garcia, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Ivan Zaigralin, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat,
Narcis Garcia <=
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Loic Duros, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Ivan Zaigralin, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, bill-auger, 2018/02/22
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Julie Marchant, 2018/02/23
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Narcis Garcia, 2018/02/23
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Brian Durant, 2018/02/23
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, bill-auger, 2018/02/23
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Narcis Garcia, 2018/02/23
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Adonay Felipe Nogueira, 2018/02/24
- Re: [Bug-gnuzilla] GNU LibreJS won't be removed from GNU IceCat, Narcis Garcia, 2018/02/25