Source Code Is Not Enough

https://fuzzypixelz.com/blog/source-code-is-not-enough/

When was the last time you took a tour inside Linux, Chromium, LLVM, or VS Code? It’s nice that these titans are Free and Open Source Software, but their codebases are unapproachable to a casual user. Even with knowledge of the domain, potential hackers will need to make their way through layers of cleverness, accidental complexity, and technical debt before making that small change.

VS Code is open-source software. Nobody cares. Everyone uses the plugin interface designed to extend the editor in well-defined ways. That’s why you never see drastic changes to its UI like you would in Emacs — and that might even be a good thing. Point is, the rest of the codebase isn’t designed to be hackable, and so very few people will actually attempt to hack on it.

The Free Software Foundation considers obfuscated JavaScript blobs to be unfree, even though they are source code. As long as we’re being whiny hackers, why not go the extra mile and declare all unreadable code unfree? Where exactly would you draw the line here?

If the issue with a binary blob (that you’re legally allowed to modify, run and redistribute) is that it’s hard to decipher, then any sufficiently complex and unapproachable FOSS program is equally unfree.

image2224×1836 1.15 MB

A true definition of free software would also include the freedom from tinkering with source code. A truly free program would be designed from the ground up with customizability and extensibility in mind, through an interface accessible to regular users, not just developers.

A truly free program would be independently audited for security and privacy. Knowing that their programs were verified not to perform arbitrary instructions would put users at ease. Such a practice could be enforced through regulation.

Requiring that the source code be public doesn’t guarantee that it will be checked for security and privacy let alone for good engineering practices. The fact that most free software is privacy-respecting is due to cultural circumstances and the personal views of its developers, and not a binding contract.

Join the TFS Foundation today.

Just kidding.

Visual Studio Code is using Electron underneath. That’s Chrome with the web browser UI ripped off, basically.

Since it’s somewhat a Web App, „optimisation strategies” such as on the web are applied as well.

You would also have binaries as distributed packages. Otherwise, tinkering with it would require all of us to learn assembly language - so adding even more knowledge required by learning how machines work.

In other words: according to this logic, only interpreter languages have a chance to receive the approval of The Free Software Foundation. Even if that means paying the performance penalty.

Regarding the security aspect: true. But you would raise the entry barrier even higher if you require security knowledge. We can already be thankful that they react on notices.

Hmm, I think I would actually follow this logic, and that indeed for programs to be free, it must be so simple to modify them that an average person can learn to do it on the side.

It’s like this article Just like how someone in the family is able to cook for the family, programming should be simple enough that someone in the family is able to make programs for the family.

Tell me, what other professions would allow that?

I would say, like a home-cook. It’s very different from being a professional chef. Similarly, I wouldn’t expect someone to be able to make server software that can support thousands of users on the side, but it would be nice if an average person was able to make server software that can support their family or friend group.

Edit: Ah, I see what you mean now. I think the issue is just the over-loaded word “free”. I don’t really care too much about the definition of “free software”. I just care about software that’s “home-cooked”… ah, I guess there’s the word. Home-cooked software.

Free as in freedom or as in beer?