Right, so 'open' Gentoo would get forked into a hundred locked down, obfuscated, proprietary flavours with all the same problems. In fact it's only a closed system with a single gatekeeper that can avoid this problem at scale, because it's the only way to maintain clear lines of responsibility.
> Right, so 'open' Gentoo would get forked into a hundred locked down, obfuscated, proprietary flavours with all the same problems.
That's the beauty of the GPL: one can't lock down a GPLed distro that way.
> In fact it's only a closed system with a single gatekeeper that can avoid this problem at scale, because it's the only way to maintain clear lines of responsibility.
Those who s/freedom/security/g tend to rm -rf / and get neither freedom nor security.
"That's the beauty of the GPL: one can't lock down a GPLed distro that way."
True, but its strength is also its weakness in this context: anyone can keep the distro open but add some "vital" code that is closed and does what they want without anyone noticing. The GPL doesn't prevent closed code from running on open source machines, it just sets limitations on imposing limitations (which makes it so great IMO), so a module that displays advertising, tracks users or steals personal data can easily be implemented inside a closed app, blob, device driver etc. and unless I missed something the GPL can do nothing if that module was compiled using non GPLed compilers, linked against non GPLed libraries etc.
In other words, if I take a non GPLed compiler and a set of non GPLed libraries that set no obligation to open the resulting code if I distribute the output, I can write anything and add it to a Linux distro then distribute them together without any legal obligation to publish the source and reveal the internals of my code. That would be the case for suspicious code inside blobs and drivers.
Someone please correct me if I'm wrong.
Of course the community can fork in no time, but imagine a very popular piece of hardware which could work only with that closed blob.
> only a closed system with a single gatekeeper that can avoid this problem at scale
I guess you are hinting at Apple phones but this works only because the gatekeeper is acting in good faith. Then again why do you need a single gatekeeper?
> In fact it's only a closed system with a single gatekeeper that can avoid this problem at scale, because it's the only way to maintain clear lines of responsibility.
PC hardware is available from arbitrarily many vendors and you can install stock Windows or Linux on pretty much all of it. Many of the OEMs preinstall their various spyware, but you don't have to buy from them to begin with, and even then they can't stop you from removing it.
The primary difference in the phone market is the lack of open source drivers, so you can't install stock Android on your arbitrary phone because it needs the specific weird kernel it came with. But basically everybody hates that -- even the OEMs, because they neither want to be blamed for not providing updates nor want to have to actually provide them themselves. So it's slowly changing.
And even now, as a customer, there are unlocked devices available that will run stock Android, all you have to do is buy one of them.
