This is an old revision of the document!


Further details: * Java security: https://en.wikipedia.org/wiki/Java_security * Criticism of Java: https://en.wikipedia.org/wiki/Criticism_of_Java * OpenJDK Trademark Notice: https://openjdk.java.net/legal/openjdk-trademark-notice.html * Cat-v.ORG's article: https://harmful.cat-v.org/software/java

Java's Language Downfalls

As free software activists, we all enjoy using the latest and greatest in free software, but we need to make sure that the software we are using really does respect our freedom. A lot of software relies and depends on Java, since it appears to be fully free software, nontheless we have many concerns with implementation and decisions made by authors of this language.

What are the issues?

Removal reasons: * Trademark: OpenJDK is trademarked and is not to be distributed without modification unless all branding is removed. * Security: Java has been one of the most common infection vectors for GNU/Linux. Poor coding practices in JVM have resulted in many popular cross-platform exploits. * Packaging Standards: All current PKGBUILDs that were inherited from Arch are “dirty” in the sense that they download various pre-compiled and pre-packaged binaries. These are a risk to our users. To properly build them requires several hundred additional PKGBUILDs and the time to rebuild Java from scratch. This would require considerable effort and is not currently feesable at this time.

(jvm) write here. Their trademark license imposes requirements for the distribution of modified versions that make it inconvenient to exercise freedom 3. The Rust's Media Guide says it merely supplements the official Mozilla trademark policy; it doesn't replace it. Since their trademark policy applies, then everything in that list (including Rust and Cargo) pulls in the same issue as Firefox and Thunderbird.

In short, Mozilla won't be happy with us applying patches and modifications to their trademarked language without “explicit approval”, except for non-commercial usage, so it is a freedom issue. For further references, there is a report in Rust about those trademark restrictions and Niko's response (one of the members of the Rust Legal Team).

Big Picture

There are various project utilizing Java as a aceptable language. I2P is one of them, has well as a huge plenora of projects.

As an alternative to the java I2P implementation, i2pd (I2P Daemon) may be used. It is a full-featured C++ implementation of I2P client, useful for building and using the anonymous I2P network. However, this implementation still lacks some features given is overall less mature.

Solutions

  • Rebranding the entire language to avoid the trademark restriction. Such as IceCat was made to replace Firefox and Iceweasel-UXP to replace Basilisk; however it is a programming language, not a browser. A rebranded version of Rust maintained by the GNU Project and FSDG-compliant distros could be the way. However, we would need patches to adapt all Rust-dependant applications to the modified version of Rust, since it is a programming language. We would also need to maintain a list of nonfree cargo packages to blacklist those for your-freedom.
  • Getting Rust to change its trademark agreement to allow modifications on the rust binary for any purpose in respect of Freedom 3.

Comparisons with other software trademarks

Some users have correctly mentioned that many other software packages have trademarks, do we plan to remove them all? No. We are not against all trademarks, only those which explicitly prohibit normal use, patching, and modification.

As an example, neither Python PSF nor Perl Trademarks currently prohibit patching the code without prior approval. They do prohibit abuse of their trademarks, e.g. you cannot create a company called “Python”, but this does not affect your ability to modify their free software and/or apply patches.

Due to the anti-modification clause, Rust is a non-permissive trademark that violates user freedom.