The latest Firefox build that Debian did only took just over one hour on amd64/armhf and 1.5 hours on ppc64el, the slowest Debian architecture is riscv64 and the last successful build there took only 17.5h, so definitely not days. Your average modern developer-class laptop is going to take a lot less than riscv64 too.
I think Bootstrappable Builds from source without any binaries, plus distributed code audits would do a better job than locking down already existing binaries.
> That sounds like what Software Freedom Conservancy would call a GPL violation
Sure, it is. So what? Have you got 200k for lawyers and years of your life to spend in court fighting over it?
I have personally contacted the SFC with ample evidence of deliberate and wilful GPL violations, such as providing a written offer for source code and then ignoring or flat out refusing requests for the source code. The SFC has acknowledged the vendors are violating the spirit and letter of the GPL.
Nothing happens. The SFC is one organisation with limited resources, FOSS developers don't want to spend their time in court, they'd rather develop software. Vendors know 9 times out of 10 they will get away with the GPL violation scot-free.
It's fine to put on your rose colored glasses and pretend GPL forces companies to release source code. Reality is, the vendors have a larger marketing budget than the entire SFC endowment and the vendor's legal team is happy to tar-pit requests ad infinitum.
It is definitely true that any license including the GPL requires effort and resources to enforce, and that almost all authors of GPL software don't have enough of those.
If the SFC lawsuit against Vizio succeeds, then there will be another option; since yourself and others are third-party beneficiaries of the contract embodied in the GPL between Linux kernel developers and hardware vendors that ship Linux; start a class action with other users of the hardware where GPL violations are present, and sue for GPL compliance instead of money. The lawyers will get their legal costs presumably and the users should get source code. Probably some law firms would take this on just for the legal costs, especially if the Vizio precedent makes it easy to win future cases.
PS: another tactic I have seen applied for GPL enforcement is for the copyright holder to have customs block devices on import since they contain illegally obtained software. This is pretty rare, but can be effective.
ArchiveTeam definitely do not intend to kill websites with too fast crawling, but definitely have done that unintentionally and always will stop/slow the crawling when it happens.
Even the distributed crawling system has monitoring and controls to ensure it doesn't kill sites.
reply