*countable infinities only

Gregory Maxwell gmaxwell at gmail.com
Thu May 31 19:03:02 UTC 2012


On Thu, May 31, 2012 at 12:47 PM, Bill Nottingham <notting at redhat.com> wrote:
> I'm not sure how you meant this, but I'm having a hard time reading this in
> a way that's not:
>
> - directly contradictory
> - intentional raising of FUD then stepping back
> - insinuating some Shadowy Cabal Of Others behind this decision
>
> Hopefully you meant something else?

I wasn't responding to MJG, I was responding to Peter— who said I was
wrong in the message where I was stating that a freedom is being lost,
and has subsequently spoken more clearly on the position— and Byrn.
It seemed to me that they were arguing that the freedom of fedora
wasn't being compromised here.  My understanding has been refined by
further discussion, though I'm still not completely sure if all people
actually take the loss of freedom seriously, or if they do but just
can't accept the idea that the alternative is actually an option.

As far as the Shadowy Cabal— Come on, you know thats how real work is
done anyways.  This absolutely has been discussed and decided on in
private, all for various reason which are believed to be good by the
participants.  And they may well be right about that, and public
backlash may still revert it. (and may ultimately be mistaken for
doing so).

I wasn't trying to complain about shadowy cabals, I was just defending
myself against the crap argument that it wasn't final when I know that
the claims that it's not final do not accurately reflect the views
held privately by at least some of the involved parties. I will gladly
eat a hat should fedora not go down this path.

> In any case, I'm not really understanding the cabal implications here.
> Matthew and Peter did this work for Fedora as part of their maintainer
> responsibilities for the x86 boot portion of Fedora, much as the KDE

Because maintaining the boot portion of the system shouldn't
automatically create a position to make fundamental decisions like
this.  The authors of Fedora packages also don't normally spend large
amounts of time in consultation with Redhat legal, Microsoft,
consortiums, etc.

This is not a normal situation, come on now.

> Yes, we all understand what freedoms are being lost here. Fedora has made
> compromises in the past, not limited to:
> - No third party can have their software trusted to be installed on Fedora
>  by default - we don't hand out RPM signing keys.
> - Hey, look at that binary firmware over there.

I'm very glad that you're being up front about this here— Can I expect
you to see other messages from you in this thread and elsewhere
correcting people who argue that a freedom isn't being lost here?

And yes— Fedora has made compromises and there are many compromises it
hasn't made— including many around hardware compatibility.  I think
this is more of a compromise than some ones it hasn't made.  I accept
that this is something that can be debated.  But not if that debate
keeps getting undermined by people trying to distract from the real
loss of freedom by pointing out that individual users can currently
disable this stuff by efforts which are apparently too heroic for
Fedora to consider them tolerable by the majority of its users.

How about a statement that is just this upfront about this from the
very first words such as,  "Fedora is taking away some freedom's from
its users— an action which is against the general guidance of the
project's values. We were not forced to take away these freedoms but
the leadership unanimously believes the only alternatives are worse
for everyone. We regret this compromise vow to continue to fight to
minimize its harms but we think this is the best option available
because:"

If Fedora is going to compromise there are ways of doing it which
almost everyone can be proud of, but they all start with being
brutally honest.   I don't feel like many of the responses here— which
belabor the ability of the user to jailbreak, if you will, their
secureboot can be characterized as brutally honest, because they deny
that a freedom is being lost here.

Though— as far as I can tell, the ability to disable is entirely not
up to Fedora. If Dell removes the ability to disable— something far
more palatable if it doesn't lock out the major commercially sponsored
Linux distributions—  what recourse do you have and what would
motivate you to take it?  It's something of a slippery-slope concern
but certainly ARM provides strong evidence that this ability will
vanish as soon as excuse (like security compromises) or opportunity
(like the adoption of secure boot by major GNU/Linux vendors removing
antitrust concerns), makes it possible).  As far as I can tell this is
not a law of nature, and is only so right now because you managed to
scare MSFT into thinking the harder lockdown would be legally risky.
(Congrats on that, this effort isn't unappropriated)

But... If Fedora can't prevent this future UEFI systems from not
allowing users to disable secureboot or add keys you ought to be
upfront about that too.

> Furthermore, there's nothing in this proposal that would prevent forks from
> doing the exact same key registration, *even if Fedora decided not to*, which
> seems a prima facie argument that it's not an insurmountable loss of freedom
> for clones.

There is nothing that would prevent a fork of Fedora from shipping
Flash and Skype and binary nvidia drivers (or at least a boot time
auto-net-installer for them) even though Fedora has decided not to.
But would you suggest that doing so wouldn't compromise the importance
of software freedom in Fedora's values?

What if anaconda was change to a license which required forks to
certify and pay a one time $99 fee to some shell company, would anyone
call Fedora still a free software distribution with a straight face?

The fact that there is an additional technical/legal burden for
non-fedora parties here is what creates the software freedom issue.
The fact that the burden is modest may make legal remedies against
MSFT impossible— but while the law may be ignorant of the power of
defaults, Fedora clearly is not so ignorant or no one would consider
this to be worth doing.

Your argument here undermines the statement you make above about "Yes,
we all understand what freedoms are being lost here.", and justifies
my concern that you don't really and my assertion that you're not
actually being up front about this if you do.  You can claim this wins
on the balance, and we can discuss that, but don't present this
illogical 'it doesn't really matter' stuff if you want to avoid being
accused of either not understanding or not being upfront about it.


More information about the devel mailing list