🆕 Software Suggestion | GNewSense #936

New Issue

2019-05-17T04:10:27Z

gjhklfdsa commented

2019-05-17 04:10:27 +00:00

(Migrated from github.com)

Description: Add GNewSense to OSes.
Why? GNewSene is a fully free'd version of Debian.
How?: I recommend changing the Debian description to:

Debian is a Unix-like computer operating system and a Linux distribution that is composed of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project. GNewSense is a completely free/libre and open source version of Debian.

But isn't Debian fully free'd: Yes and no, this is what the FSF has to say:

Debian's Social Contract states the goal of making Debian entirely free software, and Debian conscientiously keeps nonfree software out of the official Debian system. However, Debian also provides a repository of nonfree software. According to the project, this software is “not part of the Debian system,” but the repository is hosted on many of the project's main servers, and people can readily find these nonfree packages by browsing Debian's online package database and its wiki.

There is also a “contrib” repository; its packages are free, but some of them exist to load separately distributed proprietary programs. This too is not thoroughly separated from the main Debian distribution.

Debian is the only common non-endorsed distribution to keep nonfree blobs out of its main distribution. However, the problem partly remains. The nonfree firmware files live in Debian's nonfree repository, which is referenced in the documentation on debian.org, and the installer in some cases recommends them for the peripherals on the machine.

Debian's wiki includes pages about installing nonfree firmware.

Instead of this nonfree distribution, use one of the free distros which are made from it: gNewSense, and PureOS.

This is very similar to the way Parabola is listed as a free'd version of Arch.

**Description**: Add [GNewSense](https://www.wikipedia.org/wiki/GNewSense) to OSes. **Why?** [GNewSene](https://www.wikipedia.org/wiki/GNewSense) is a fully free'd version of Debian. **How?**: I recommend changing the Debian description to: > Debian is a Unix-like computer operating system and a Linux distribution that is composed of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project. GNewSense is a completely free/libre and open source version of Debian. **But isn't Debian fully free'd**: Yes and no, this is what the FSF has to say: > Debian's Social Contract states the goal of making Debian entirely free software, and Debian conscientiously keeps nonfree software out of the official Debian system. However, Debian also provides a repository of nonfree software. According to the project, this software is “not part of the Debian system,” but the repository is hosted on many of the project's main servers, and people can readily find these nonfree packages by browsing Debian's online package database and its wiki. > > There is also a “contrib” repository; its packages are free, but some of them exist to load separately distributed proprietary programs. This too is not thoroughly separated from the main Debian distribution. > > Debian is the only common non-endorsed distribution to keep nonfree blobs out of its main distribution. However, the problem partly remains. The nonfree firmware files live in Debian's nonfree repository, which is referenced in the documentation on debian.org, and the installer in some cases recommends them for the peripherals on the machine. > > Debian's wiki includes pages about installing nonfree firmware. > > Instead of this nonfree distribution, use one of the free distros which are made from it: gNewSense, and PureOS. This is very similar to the way [Parabola](https://www.wikipedia.org/wiki/Parabola_GNU/Linux-libre) is listed as a free'd version of [Arch](https://www.wikipedia.org/wiki/Arch_Linux).

blacklight447 commented

2019-05-17 08:26:39 +00:00

(Migrated from github.com)

So what it brings to the table is the removal of an optional contrib repo?

Mikaela commented

2019-05-17 09:28:57 +00:00

(Migrated from github.com)

They appear to be on GNU's list.

https://www.gnu.org/distros/free-distros.html

I was thinking of Trisquel but they are based on Ubuntu instead.

They appear to be on GNU's list. * https://www.gnu.org/distros/free-distros.html I was thinking of [Trisquel](https://trisquel.info/) but they are based on Ubuntu instead.

gjhklfdsa commented

2019-05-18 02:24:18 +00:00

(Migrated from github.com)

So what it brings to the table is the removal of an optional contrib repo?

Not just that, it also gets all the benefits of being an FSF endorsed distro.
Its bounty program is largely backed by the Free Software Foundation.
Since it is FSDG endorsed any backdoors or spyware but be removed promptly.

Plus, I think many users think that since an OS is Linux/GNU it is fully free'd.
Many users seem to assume that all the software repos and recommendations are thus also free'd.
This is not the case, by recommending an OS like GNewSense it shows to users this and enables them to have a more informed choice.

> So what it brings to the table is the removal of an optional contrib repo? Not just that, it also gets all the benefits of being an FSF endorsed distro. Its bounty program is largely backed by the Free Software Foundation. Since it is FSDG endorsed any backdoors or spyware but be removed promptly. Plus, I think many users think that since an OS is Linux/GNU it is fully free'd. Many users seem to assume that all the software repos and recommendations are thus also free'd. This is not the case, by recommending an OS like GNewSense it shows to users this and enables them to have a more informed choice.

Mikaela commented

2019-05-18 07:15:04 +00:00

(Migrated from github.com)

How do fully free OSes handle CPU vulberabilities that are addressed by microcode updates? I am not sure whether <amd|intel>-microcode is in contrib or nonfree in Debian (as I won't boot laptop yet).

How do fully free OSes handle CPU vulberabilities that are addressed by microcode updates? I am not sure whether `<amd|intel>-microcode` is in contrib or nonfree in Debian (as I won't boot laptop yet).

five-c-d commented

2019-05-18 21:49:47 +00:00

(Migrated from github.com)

I also have questions about the update-cadence of gNewSense, and whether it is still active? Is there a place showing how often security-patches are applied, to the current release? Where is the roadmap for when the next gNewSense release will ship?

Mikaela commented

2019-05-19 10:23:30 +00:00

(Migrated from github.com)

Somewhat un/relatedly we have a supporting comment for Trisquel at the forum.

Somewhat un/relatedly we have [a supporting comment for Trisquel at the forum](https://forum.privacytools.io/t/what-linux-distro-do-you-all-use/80/55?u=mikaela).

gjhklfdsa commented

2019-05-27 03:15:37 +00:00

(Migrated from github.com)

@Mikaela I would assume "CPU vulberabilities" are fixed the same way as in other major OSes like GUIX and Trisquel.

gjhklfdsa commented

2019-05-27 03:26:24 +00:00

(Migrated from github.com)

Where is the roadmap for when the next gNewSense release will ship?

I'm not certain where to find information about security patches.
However, here is the next release notes: https://www.gnewsense.org/ReleaseNotes/Next

> Where is the roadmap for when the next gNewSense release will ship? I'm not certain where to find information about security patches. However, here is the next release notes: https://www.gnewsense.org/ReleaseNotes/Next

blacklight447 commented

2019-05-27 07:05:27 +00:00

(Migrated from github.com)

@gjhklfdsa the thing is, the full fixes require closed source micro code, so supposedly it either doesnt have those fixes and is vurnable against those expliots, or its has them, but is not "fully" free.

👍 1

ghbjklhv commented

2019-05-27 20:20:16 +00:00

(Migrated from github.com)

@blacklight447-ptio In that case, I believe we can presume the GNU foundation wouldn't support such a thing.

But, this isn't doesn't appear to be a factor in recommending software.
Otherwise OSes like Trisquel wouldn't be a suggestion.

Plus, many Debian users delete the contrib and non-free repos.

Hardware that respects users privacy and freedom wouldn't recommend non-free micro code. :)

@blacklight447-ptio In that case, I believe we can presume the GNU foundation wouldn't support such a thing. But, this isn't doesn't appear to be a factor in recommending software. Otherwise OSes like Trisquel wouldn't be a suggestion. Plus, many Debian users delete the `contrib` and `non-free` repos. Hardware that respects users privacy and freedom wouldn't recommend non-free micro code. :)

blacklight447 commented

2019-05-28 10:10:36 +00:00

(Migrated from github.com)

Then I would like to ask you if you could research whether Gnewsense pushes micro code update to fix the cpu exploits, and if they do, what else they try to fix the issue.

👍 1

gjhklfdsa commented

2019-05-29 00:47:21 +00:00

(Migrated from github.com)

@blacklight447-ptio I'll try asking through the email list and forums.

I would assume, as @ghbjklhv pointed out non-free code is prohibited.
IMO, this is more of a feature. I don't want my computer doing something I don't want it to.

Wouldn't you be able to install this manually?

@blacklight447-ptio I'll try asking through the email list and forums. I would assume, as @ghbjklhv pointed out non-free code is prohibited. IMO, this is more of a feature. I don't want my computer doing something I don't want it to. Wouldn't you be able to install this manually?

blacklight447 commented

2019-05-29 06:47:23 +00:00

(Migrated from github.com)

Probbaly, but most users are not aware of it, and the patches are quite important, so if they are not included, then it should atleast come with a major warning.

gjhklfdsa commented

2019-05-29 20:10:09 +00:00

(Migrated from github.com)

@blacklight447-ptio I'm just basing my response on precedent.

Neither Trisquel or Parabola have a "major warning".

Also, the software suggestion is more about listing gNewSense as a free'd alternative to Debian.

The whole point is that it only includes free software, this is similar to how Parabola is listed as a free'd version of Arch.1

@blacklight447-ptio I'm just basing my response on precedent. Neither [Trisquel or Parabola](https://www.privacytools.io/operating-systems/#os) have a "major warning". Also, the software suggestion is more about listing [gNewSense](https://www.wikipedia.org/wiki/GNewSense) as a free'd alternative to Debian. The whole point is that it only includes free software, this is similar to how [Parabola](https://www.wikipedia.org/wiki/Parabola_GNU/Linux-libre) is listed as a free'd version of [Arch](https://www.wikipedia.org/wiki/Arch_Linux).[1](https://www.privacytools.io/operating-systems/#os)

Mikaela commented

2019-05-30 16:56:52 +00:00

(Migrated from github.com)

Neither Trisquel or Parabola have a "major warning".

I don't know when they were added, but I guess microcode may not have been very timely issue at that time, while I was now thinking of it, because it hasn't been that long time since zombieload. I think a major warning should be added for them too if they don't handle this well.

> Neither Trisquel or Parabola have a "major warning". I don't know when they were added, but I guess microcode may not have been very timely issue at that time, while I was now thinking of it, because it hasn't been that long time since zombieload. I think a major warning should be added for them too if they don't handle this well.

gjhklfdsa commented

2019-06-08 04:41:38 +00:00

(Migrated from github.com)

👍 #978

:+1: #978

kewde commented

2019-06-08 16:47:51 +00:00

(Migrated from github.com)

Unmaintained and old 😞
It's still Debian 7 by the way.

Unmaintained and old :disappointed: It's still Debian 7 by the way.

This repo is archived. You cannot comment on issues.