Privacytools.io: π Software Suggestion | GNewSense
Description: Add GNewSense to OSes.
Why? GNewSene is a fully free'd version of Debian.
How?: I recommend changing the Debian description to:
Debian is a Unix-like computer operating system and a Linux distribution that is composed of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project. GNewSense is a completely free/libre and open source version of Debian.
But isn't Debian fully free'd: Yes and no, this is what the FSF has to say:
Debian's Social Contract states the goal of making Debian entirely free software, and Debian conscientiously keeps nonfree software out of the official Debian system. However, Debian also provides a repository of nonfree software. According to the project, this software is βnot part of the Debian system,β but the repository is hosted on many of the project's main servers, and people can readily find these nonfree packages by browsing Debian's online package database and its wiki.
There is also a βcontribβ repository; its packages are free, but some of them exist to load separately distributed proprietary programs. This too is not thoroughly separated from the main Debian distribution.
Debian is the only common non-endorsed distribution to keep nonfree blobs out of its main distribution. However, the problem partly remains. The nonfree firmware files live in Debian's nonfree repository, which is referenced in the documentation on debian.org, and the installer in some cases recommends them for the peripherals on the machine.
Debian's wiki includes pages about installing nonfree firmware.
Instead of this nonfree distribution, use one of the free distros which are made from it: gNewSense, and PureOS.
This is very similar to the way Parabola is listed as a free'd version of Arch.
gjhklfdsa
All 17 comments
So what it brings to the table is the removal of an optional contrib repo?
blacklight447-ptio
on 17 May 2019
They appear to be on GNU's list.
I was thinking of Trisquel but they are based on Ubuntu instead.
Mikaela
on 17 May 2019
So what it brings to the table is the removal of an optional contrib repo?
Not just that, it also gets all the benefits of being an FSF endorsed distro.
Its bounty program is largely backed by the Free Software Foundation.
Since it is FSDG endorsed any backdoors or spyware but be removed promptly.
Plus, I think many users think that since an OS is Linux/GNU it is fully free'd.
Many users seem to assume that all the software repos and recommendations are thus also free'd.
This is not the case, by recommending an OS like GNewSense it shows to users this and enables them to have a more informed choice.
gjhklfdsa
on 18 May 2019
How do fully free OSes handle CPU vulberabilities that are addressed by microcode updates? I am not sure whether <amd|intel>-microcode is in contrib or nonfree in Debian (as I won't boot laptop yet).
Mikaela
on 18 May 2019
I also have questions about the update-cadence of gNewSense, and whether it is still active? Is there a place showing how often security-patches are applied, to the current release? Where is the roadmap for when the next gNewSense release will ship?
five-c-d
on 18 May 2019
Somewhat un/relatedly we have a supporting comment for Trisquel at the forum.
Mikaela
on 19 May 2019
@Mikaela I would assume "CPU vulberabilities" are fixed the same way as in other major OSes like GUIX and Trisquel.
gjhklfdsa
on 27 May 2019
Where is the roadmap for when the next gNewSense release will ship?
I'm not certain where to find information about security patches.
However, here is the next release notes: https://www.gnewsense.org/ReleaseNotes/Next
gjhklfdsa
on 27 May 2019
@gjhklfdsa the thing is, the full fixes require closed source micro code, so supposedly it either doesnt have those fixes and is vurnable against those expliots, or its has them, but is not "fully" free.
blacklight447-ptio
on 27 May 2019
@blacklight447-ptio In that case, I believe we can presume the GNU foundation wouldn't support such a thing.
But, this isn't doesn't appear to be a factor in recommending software.
Otherwise OSes like Trisquel wouldn't be a suggestion.
Plus, many Debian users delete the contrib and non-free repos.
Hardware that respects users privacy and freedom wouldn't recommend non-free micro code. :)
ghbjklhv
on 27 May 2019
Then I would like to ask you if you could research whether Gnewsense pushes micro code update to fix the cpu exploits, and if they do, what else they try to fix the issue.
blacklight447-ptio
on 28 May 2019
@blacklight447-ptio I'll try asking through the email list and forums.
I would assume, as @ghbjklhv pointed out non-free code is prohibited.
IMO, this is more of a feature. I don't want my computer doing something I don't want it to.
Wouldn't you be able to install this manually?
gjhklfdsa
on 29 May 2019
Probbaly, but most users are not aware of it, and the patches are quite important, so if they are not included, then it should atleast come with a major warning.
blacklight447-ptio
on 29 May 2019
@blacklight447-ptio I'm just basing my response on precedent.
Neither Trisquel or Parabola have a "major warning".
Also, the software suggestion is more about listing gNewSense as a free'd alternative to Debian.
The whole point is that it only includes free software, this is similar to how Parabola is listed as a free'd version of Arch.1
gjhklfdsa
on 29 May 2019
Neither Trisquel or Parabola have a "major warning".
I don't know when they were added, but I guess microcode may not have been very timely issue at that time, while I was now thinking of it, because it hasn't been that long time since zombieload. I think a major warning should be added for them too if they don't handle this well.
Mikaela
on 30 May 2019
:+1: #978
gjhklfdsa
on 8 Jun 2019
Unmaintained and old :disappointed:
It's still Debian 7 by the way.
kewde
on 8 Jun 2019
Related issues
Echo1707
Β·
3Comments
ghost
Β·
3Comments
Mikaela
Β·
3Comments
Mikaela
Β·
3Comments
freddy-m
Β·
3Comments