Ideas for a Better Internet

Apr 25, 2011

User Control over Installation of Non-free Software

From Richard Stallman:

What is the problem this idea addresses, why does it matter?

One of the problems of the web is that web pages contain (or load) nonfree Javascript code, in effect installing and running nonfree programs on users’ machines without their knowing it. As frequently occurs with nonfree software, some of those programs have malicious features, often for surveillance.  We need to arrange for users to have control over this software, as they do over the software that they install knowingly.

What is the goal of the idea?

To ensure individual freedom and security by ensuring that the use of any JavaScript on a website is transparent, voluntary, and non-proprietary.

How does the idea work?

(The following text comes directly from Richard Stallman, http://www.gnu.org/philosophy/javascript-trap.html)

First, we need a practical criterion for nontrivial JavaScript programs. Since “nontrivial” is a matter of degree, this is a matter of designing a simple criterion that gives good results, rather than determining the one correct answer. Our proposal is to consider a JavaScript program nontrivial if it makes an AJAX request, and consider it nontrivial if it defines methods and either loads an external script or is loaded as one. At the end of this article we propose a convention by which a nontrivial JavaScript program in a web page can state the URL where its source code is located, and can state its license too, using stylized comments. Finally, we need to change free browsers to support freedom for users of pages with JavaScript. First of all, browsers should be able to tell the user about nontrivial nonfree JavaScript programs, rather than running them. Perhaps NoScript could be adapted to do this.

Browser users also need a convenient facility to specify JavaScript code to use instead of the JavaScript in a certain page. (The specified code might be total replacement, or a modified version of the free JavaScript program in that page.) Greasemonkey comes close to being able to do this, but not quite, since it doesn’t guarantee to modify the JavaScript code in a page before that program starts to execute. Using a local proxy works, but is too inconvenient now to be a real solution. We need to construct a solution that is reliable and convenient, as well as sites for sharing changes. The GNU Project would like to recommend sites which are dedicated to free changes only.

 

 

 

 

Category: Privacy & Identity

Tagged:

Leave a Reply