[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/philosophy javascript-trap.html
From: |
Richard M. Stallman |
Subject: |
www/philosophy javascript-trap.html |
Date: |
Fri, 8 Mar 2019 14:39:07 -0500 (EST) |
CVSROOT: /web/www
Module name: www
Changes by: Richard M. Stallman <rms> 19/03/08 14:39:07
Modified files:
philosophy : javascript-trap.html
Log message:
Substantial rewrite to make it clear to non-programmers.
Clarify the [...] nontriviality rule.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/javascript-trap.html?cvsroot=www&r1=1.72&r2=1.73
Patches:
Index: javascript-trap.html
===================================================================
RCS file: /web/www/www/philosophy/javascript-trap.html,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -b -r1.72 -r1.73
--- javascript-trap.html 22 Feb 2019 09:54:15 -0000 1.72
+++ javascript-trap.html 8 Mar 2019 19:39:07 -0000 1.73
@@ -41,16 +41,26 @@
software, and disregard the issue.</p>
<p>Some sites still use JavaScript that way, but many use it for major
-programs that do large jobs. For instance, Google Docs tries to download into
-your machine a JavaScript program which measures half a megabyte, in a
-compacted form that we could call Obfuscript because it has no
-comments and hardly any whitespace, and the method names are one
-letter long. The source code of a program is the preferred form for
-modifying it; the compacted code is not source code, and the real
-source code of this program is not available to the user.</p>
+programs that do large jobs. For instance, Google Docs tries to
+install into your browser a JavaScript program which measures half a
+megabyte, in a compacted form that we could call Obfuscript. This
+compacted form is made from the source code, by deleting the extra
+spaces that make the code readable and the explanatory remarks that
+make it comprehensible, and replacing each meaningful name in the code
+with an arbitrary short name so we can't tell what it is supposed to
+mean.</p>
+
+<p>Part of the <a href="/philosophy/free-sw.htnm">meaning of free
+software</a> is that users have access to the program's source code
+(its plan). The source code of a program means the preferred form for
+programmers to modify -- including helpful spacing, explanatory
+remarks, and meaningful names. Compacted code is a bogus, useless
+substitute for source code; the real source code of these programs is
+not available to the users, so users cannot understand it; therefore
+the programs are nonfree.</p>
-<p>In addition to being nonfree, many of these programs are malware
-because
+<p>In addition to being nonfree, many of these programs
+are <em>malware</em> because
they <a href="http://github.com/w3c/fingerprinting-guidance/issues/8">snoop
on the user</a>. Even nastier, some sites use services which record
<a
href="https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/">all
@@ -100,20 +110,21 @@
practice this capability is limited and inconvenient; merely to make
it do something is an impressive hack. Such programs ought to be
free, but CSS is not a serious problem for users' freedom as of
-2016.</p>
+2019.</p>
<p>A strong movement has developed that calls for web sites to
communicate only through formats and protocols that are free (some say
"open"); that is to say, whose documentation is published and which
-anyone is free to implement. With the presence of programs in web
-pages, that criterion is necessary, but not sufficient. JavaScript
+anyone is free to implement. However, the presence of JavaScript programs
+in web pages makes that criterion insufficient. The JavaScript language
itself, as a format, is free, and use of JavaScript in a web site is
-not necessarily bad. However, as we've seen above, it also isn't
-necessarily OK. When the site transmits a program to the user, it is
+not necessarily bad. However, as we've seen above, it can be bad—if
+the JavaScript program is nonfree. When the site transmits a program
+to the user, it is
not enough for the program to be written in a documented and
-unencumbered language; that program must be free, too. “Only free
-programs transmitted to the user” must become part of the criterion
-for proper behavior by web sites.</p>
+unencumbered language; that program must be free, too. “Transmits only
free
+programs to the user” must become part of the criterion
+for an ethical web site.</p>
<p>Silently loading and running nonfree programs is one among several
issues raised by "web applications". The term "web
@@ -160,7 +171,8 @@
<li>it does Ajax calls.</li>
- <li>it does <b>[…]</b> calls.</li>
+ <li>it uses bracket notation for dynamic object property access,
+which looks like <b><em>object</em>[<em>property</em>]</b>.</li>
<li>it alters the DOM.</li>
@@ -284,7 +296,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2019/02/22 09:54:15 $
+$Date: 2019/03/08 19:39:07 $
<!-- timestamp end -->
</p>
</div>
- www/philosophy javascript-trap.html,
Richard M. Stallman <=