this post was submitted on 06 May 2024
56 points (98.3% liked)

Privacy

32173 readers
534 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 7 months ago (3 children)

I'm still trying to understand what "proprietary JavaScript" means.

[–] [email protected] 6 points 7 months ago* (last edited 7 months ago) (1 children)

JavaScript that's under a proprietary license (code that doesn't give you the 4 freedoms)

[–] [email protected] 1 points 7 months ago (1 children)

What I don't understand is how they can tell. There's no mechanism (that I'm aware of) for signalling the licensing of deployed (minified!) JS code. The development code has licensing and versioning and so on but none of that makes it into production. As far as the client is concerned it's all proprietary.

[–] [email protected] 2 points 7 months ago

Technically that is what LibreJS is for. However, beyond LibreJS you can look at the code and see if it is similar to existing JavaScript frontends or libraries.

It is a imperfect solution but it is better than just arbitrarily running programs in your browser or disabling JavaScript completely.

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago) (2 children)

Apparently it's (by default) everything that doesn't explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.

What if they did this with HTML too? :p

[–] tarix29 1 points 7 months ago (1 children)

It doesn't apply to HTML because HTML is fundamentally not code that runs, but rather a markup. It's just like how licensing a book under the GPL would be weird and unnatural, because it represents someone's words. JS is code that runs on your computer, just like any other program

[–] [email protected] -1 points 7 months ago (2 children)

where is the line drawn though, and who gets to decide?

MANY people say "html code" even if you consider that wrong.

Is a shell script or python "code"? Because it doesn't directly translate to machine code?

See what I'm getting at?

[–] tarix29 1 points 7 months ago* (last edited 7 months ago)

There is definitely a grey area, but HTML is pretty far away from it. HTML doesn't "execute" and is very far from Turing completeness. You cannot write programs in it, and that is the key. Pure HTML is very much on the side of "rendering text" and not "running software." Once we start talking about things like LaTex though, the line gets a lot harder to see. Note that whether HTML is "code" is irrelevant. The point is that whether it's "code" or not, it is never a program.

Edit: typo in "grey"

[–] [email protected] 1 points 7 months ago (1 children)

Shell and python scripts are also code which is executed. HTML (at least back in the day) wasn't really a network shipped executable, but more like markdown file which is just parsed and rendered

[–] [email protected] 0 points 7 months ago (1 children)

This feels a bit like the debate over whether a virus is "alive" or not. "But the virus/HTML has DNA/code." "But it requires another cell/web browser in order to replicate/execute." etc. 😄

[–] [email protected] 1 points 7 months ago (1 children)

I really don't think so.

For the sake of simplicity, let's go back to the time when websites were not full of JS and other modern web stuff

You could in principle just wget the html file from a server and parse/render it without having to run that file. Like I said, it is like a simple markdown file.

In terms of modern web, a crude analogy would be to look at the output from static site generators. In those, the server essentially doesn't execute code, hence a lot of cloud providers can host your static sites for free

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

I agree. Html could also be compared to a config file. Only parsed; it doesn't provide new instructions (unlike python etc)

[–] [email protected] 1 points 7 months ago

Apparently it’s (by default) everything that doesn’t explicitly specify a license (especially a FOSS one) within the javascript code of the page, which is a ridiculously huge portion of JS on the internet.

It is never to late to start something and make people aware of problems and as far as I am concerned not only about software licenses but JavaScript as a security problem.