this post was submitted on 12 Jul 2025
29 points (93.9% liked)

libre

10037 readers
1 users here now

Welcome to libre

A comm dedicated to the fight for free software with an anti-capitalist perspective.

The struggle for libre computing cannot be disentangled from other forms of socialist reform. One must be willing to reject proprietary software as fiercely as they would reject capitalism. Luckily, we are not alone.

libretion

Resources

  1. Free Software, Free Society provides an excellent primer in the origins and theory around free software and the GNU Project, the pioneers of the Free Software Movement.
  2. Switch to GNU/Linux! If you're still using Windows in $CURRENT_YEAR, take Linux Mint for a spin. If you're ready to take the plunge, flock to Fedora! If you're a computer hobbyist and love DIY, use Arch, NixOS or the many, many other offerings out there.

Rules

  1. Be on topic: Posts should be about free software and other hacktivst struggles. Topics about general tech news should be in the technology comm or programming comm. That doesn't mean all posts have to be serious though, memes are welcome!
  2. Avoid using misleading terms/speading misinformation: Here's a great article about what those words are. In short, try to avoid parroting common Techbro lingo and topics.
  3. Avoid being confrontational: People are in different stages of liberating their computing, focus on informing rather than accusing. Debatebro nonsense is not tolerated.
  4. All site-wide rules still apply

Artwork

founded 4 years ago
MODERATORS
hello_hello@hexbear.net
context@hexbear.net
29
I'm now absolutely convinced the FSF is the trot org of the FOSS world. "Our small team vs millions of bots — Free Software Foundation" (www.fsf.org)
submitted 2 days ago by Super_Lumalo@hexbear.net to c/libre@hexbear.net
18 comments fedilink hide all child comments
 

Like fuck off, to think I ever liked these guys.

top 18 comments
sorted by: hot top controversial new old
[–] machinya@hexbear.net 12 points 2 days ago

the most infuriating part is how they decide anubis is bad (valid concerns, i do share some of them) but haven't talked about any possible alternative, even a temporary one, they can use to avoid overworking their two sysadmins. anubis is specially useful for sites like that, where they had very little admin power. trying to use gnu sites lately is a pain because they are often not-operational, which is way more disrupting than having to wait a bit for whatever challenge they could have

the whole post reads like an useless rant without any proper aim. if they are so interested on the free internet, they could probably try and come up with some alternative but the way they talk makes me think they are just ignorant of the modern hostile internet and just want to magically return to the past where this didn't happened without having to do any effort about it

[–] hello_hello@hexbear.net 14 points 2 days ago* (last edited 2 days ago) (1 children)

A website using Anubis will respond to a request for a webpage with a free JavaScript program and not the page that was requested.

This is a legitimate critique though. Anubis requires the use of capital W Web Browsers (chromium, Firefox) in order to access the site. This effectively blocks users who A: dont want to run the computations of the JS program (which can't be circumvented due to the server side computing done) and B: users using web browsers without or with limited JS functionality that wouldn't meet the reqs of Anubis.

Anubis was created as an emergency stop valve on LLM scrapers, but I think having a solution which doesn't require Anubis is also valuable as well.

Malware is a terrible choice of words. Anubis isnt malware. It may provoke questions about the state of the Web but there's nothing malicious about protecting your digital infra when the vast majority of users browse with JS enabled and not doing so would take down your site or leave you with thousands of dollars in upkeep costs.

The FSF do give off the trot vibe and thank you for making that connection that I will never unsee. I think if they just posted what I wrote above they would get far less backlash.

[–] Super_Lumalo@hexbear.net 6 points 2 days ago* (last edited 2 days ago) (1 children)

The FSF do give off the trot vibe and thank you for making that connection that I will never unsee. I think if they just posted what I wrote above they would get far less backlash.

And probably less nonsense from me, I tend to get angry and irrational easily (partly because I'm passionate and care) and that leads to me overlooking some important parts.

This is a legitimate critique though. Anubis requires the use of capital W Web Browsers (chromium, Firefox) in order to access the site. This effectively blocks users who A: dont want to run the computations of the JS program (which can't be circumvented due to the server side computing done) and B: users using web browsers without or with limited JS functionality that wouldn't meet the reqs of Anubis.

And well yes, I do agree that Anubis basically only help to entrench the big browsers while cutting off people using for example Lynx. Now, I'm writing this after checking their changelog, and they have introduced a challenge that works without client side JS, so I guess we can disregard the concern of entrenching.

Anubis was created as an emergency stop valve on LLM scrapers, but I think having a solution which doesn't require Anubis is also valuable as well.

And that's what I understand it's purpose to be, I don't want it to be the end all be all. But it's "good enough" as the dev themself put.

Malware is a terrible choice of words. Anubis isnt malware. It may provoke questions about the state of the Web but there's nothing malicious about protecting your digital infra when the vast majority of users browse with JS enabled and not doing so would take down your site or leave you with thousands of dollars in upkeep costs.

That's the biggest issue I have with the FSF, it's all posturing with no substance. They should absolutely spearhead a project that would be an alternative for what Anubis is currently doing, or I don't fucking know try and find one to support and endorse?? Their inability to compromise for a limited time is way too annoying.

[–] PorkrollPosadist@hexbear.net 1 points 5 hours ago* (last edited 5 hours ago)

That's the biggest issue I have with the FSF, it's all posturing with no substance. They should absolutely spearhead a project that would be an alternative for what Anubis is currently doing, or I don't fucking know try and find one to support and endorse?? Their inability to compromise for a limited time is way too annoying.

This sums up my opinion of the organization as well. The whole thing gives me the feeling of learned helplessness. The state of the World Wide Web is a fucking disaster. The browser duopoly is a disaster. Mozilla's position as the only 'competition' to Google, while being completely dependent on funding from Google is completely farcical and untenable. We are all Wile E. Coyote, standing 10 feet past the edge of the cliff waiting to look down.

I wouldn't describe the FSF as Trots though. They are 100% dyed in the wool market liberals. The archetypal flaw of the Free Software movement under their guidance has been the messianic belief that the market will sort everything out, and the only work which needs to be done is to produce (tautologically) superior products and services. While this has had some positive aspects (the software and services generally are superior in many regards due to this fixation), it has left us in a situation where Free Software is still out of reach, and essentially invisible to the vast majority of end users 40 YEARS after the publication of the GNU Manifesto.

The movement has completely failed to engage with the process of production whatsoever, and the results are dire. Across the board, consumer electronics are manufactured exclusively by monopoly capital and shipping with proprietary software which is more invasive and abusive than ever before. Only one or two percent of end users appear to have the means, know-how, or desire to help themselves. We succeeded only in building a commune in the middle of the woods, surrounded by an entire continent of surveillance capitalist decadence which pays us no mind. Free Software itself has proliferated, but it hasn't freed the users. It runs on billions of consumer devices around the world. But it comes in the form of an operating system kernel for Google's cursed ad-tech mobile operating system, or some audio codecs and shell utilities buried like fossils under several layers of proprietary SDKs on an Apple iPhone.

The situation is a total crisis, like most other aspects of advanced Capitalist society. The situation calls for bold action. A reassessment and change of tactics, at least. But the FSF seems content to remain in this meek holding pattern indefinitely.

This rant doesn't have very much to do with their statement about Anubis, but in this statement specifically there is another thing that rubs me wrong. You can make a technical argument that mandatory JavaScript puts considerable limitations on system accessibility (not specifically in a disability sense). They should stick to that argument. It is ideologically sound, if pedantic (pedantry is one of the FSF's redeeming traits, though). This comparison to malware goes beyond the pale for me. The FSF has guidelines on the development of free, non-obfuscated JavaScript. It is news to me that the use JavaScript in and of itself is disqualifying for Free Software infrastructure. Additionally, the comparison to malicious crypto-mining malware just because it implements a basic proof of work algorithm is absurd and disingenuous. Again, a rational objection could be made about the distributed energy costs, battery drain, etc. of requiring clients to perform a proof of work computation, but that's not what they're doing.

[–] balsoft@lemmy.ml 11 points 2 days ago* (last edited 2 days ago) (1 children)

Can you elaborate a bit? The blog post is a tad overdramatic but doesn't seem to have anything particularly bad in it.

[–] Super_Lumalo@hexbear.net 3 points 2 days ago (1 children)

TL;DR: Rant about the FSF as a whole and why they annoy me with their puritanism

The problem I have with the FSF is their stance on this "good enough" solution is, as always, that it cannot be accepted. Their "purity" is pointless as I don't find it at all useful in furthering free software, while Anubis is doing actual work against mass scraping by AI companies, their choice is to outright disavow it because "it acts like malware", and performing "useless computation". And then they have the gall to beg for even more donations when the solution to their DDOS problems is right there. I hate them for being so ineffective at what they're supposed to be doing. "The same calculations as cryptominers", fuck off.

It's so fucking annoying having to deal with their puritanism, especially after I tried their ways of running 100% free software as by their own guidelines! Genuinely I need to do more investigating on this part, but they really do seem like a Trotskyist org to me more and more and I'm glad I'm out of fanboying over them.

[–] balsoft@lemmy.ml 2 points 2 days ago* (last edited 2 days ago) (1 children)

I mean, Anubis would do a pretty bad job in their case anyways, and their attitude kind of makes practical sense there. Almost all code fetching tools (from git to ftp to curl) don't run any external code (and I think we can agree it would be a horrible idea to do so); as such, proof-of-work solutions like Anubis won't work for code hosting (which is what the article is about).

But yeah I agree that in more human-oriented use-cases Anubis is great. Still, I can also see FSF's point that it's somewhat close to what an annoying proprietary system would do, even if I think it's a good compromise given the circumstances of the modern web.

It’s so fucking annoying having to deal with their puritanism

You in particular don't need to deal with them in any way at all. The code they host is free software and has plenty of other mirrors all over the web. If you want to contribute to any of the projects for which they are hosting upstreams you can almost always just send an email with your patch to authors directly. Save your anger for capitalists.

[–] Super_Lumalo@hexbear.net 1 points 2 days ago

I mean, Anubis would do a pretty bad job in their case anyways, and their attitude kind of makes practical sense there. Almost all code fetching tools (from git to ftp to curl) don't run any external code (and I think we can agree it would be a horrible idea to do so); as such, proof-of-work solutions like Anubis won't work for code hosting (which is what the article is about).

I don't really care about whether Anubis would make a good use case for them, the problem is that even if it did they wouldn't have used it as stated in the post. I get angry and irrational easy when I see bullshit about things that I care about, and that tends to me overlooking actually important parts.

You in particular don't need to deal with them in any way at all. The code they host is free software and has plenty of other mirrors all over the web. If you want to contribute to any of the projects for which they are hosting upstreams you can almost always just send an email with your patch to authors directly. Save your anger for capitalists.

I'll keep interacting in a way that points out "hey maybe this isn't the best course of action" because I will keep caring, even if I hate them. My hate must be pointed out, shown why it exists. Because even if I hate capitalism and capitalists, I hate ineffectual action even more. joker-laden

It won't work through patches, if the rot is fundamental. I'll probably contribute to other projects, Libreboot is now more enticing after Leah cut away from their type of bullshit.

[–] ZWQbpkzl@hexbear.net 9 points 2 days ago (1 children)

The FSF is ideologically incapable of implementing bot management strategies because they value internet anonymity. Bot evasion strategies are literally just advanced ways of being anonymous. You can't tell if a person is a bot or not without violating their anonymity or internet freedom.

Anubis is a modest compromise. It checks if you can run JavaScript and blocks those who can't. It's not perfect. It'll block elinks/lynx users or a real person using curl. But it'll also block any bot that doesn't use a browser, which accounts for most of the volume.

The "cryptomining" and "malware" comparisons against Anubis or hyperbolic but sort of true. Proof of Work is the dumbest and most wasteful possible strategy to combat bots. It's not the hashing that stops bots, its the check if they can run JavaScript that does.

Anubis has a new javascriptless metarefresh which uses HTML to refresh the page after a few seconds. This is a much better solution than the computational proof of work, in my opinion. This line from the docs though is perplexing:

This is not enabled by default while this method is tested and its false positive rate is ascertained. Many modern scrapers use headless Google Chrome, so this will have a much higher false positive rate.

The false positive rate will be the same as proof of work minus however many bots run headless browser with JavaScript disabled. Proof of Work doesn't give you positives or negatives, it's a flat tax.

[–] Super_Lumalo@hexbear.net 4 points 2 days ago (1 children)

It'll block elinks/lynx users or a real person using curl. But it'll also block any bot that doesn't use a browser, which accounts for most of the volume.

nuh uh smuglord

Anubis has a new javascriptless metarefresh which uses HTML to refresh the page after a few seconds. This is a much better solution than the computational proof of work, in my opinion. This line from the docs though is perplexing:

yuh uh!

(I'm just fucking around now I'm too tired lol, it's 10 pm. But it does work on lynx!!!)

Just want to reiterate, I understand the concerns with Anubis, it's just that FSF makes me go maddened

[–] ZWQbpkzl@hexbear.net 5 points 2 days ago
  1. The Anubis homepage uses the new meta-refresh strategy which should work on lynx since its doesn't use JavaScript.
  2. I doubt you even saw an Anubis challenge. Anubis normally configured by User-Agent. IDK what lynx's User-Agent is but I bet Anubis wasn't configured to challenge it.
[–] git@hexbear.net 6 points 2 days ago (1 children)

Sounds like they’d be fine with Anubis if it was opt-in instead of automatic. Their concerns are valid in that it runs an unwanted/non-consented payload and so fits a strict definition of malware. The browser is a user agent, so it should only do what the user wants it to do.

Like fuck off, to think I ever liked these guys

You might have liked them for the wrong reasons, this is the least surprising response they could have made lol. Either you share in their hard-line stance or you align with something lesser like open source. Copyleft is uncompromising by design.

[–] hello_hello@hexbear.net 5 points 2 days ago (1 children)

Copyleft is uncompromising by design.

Copyleft and open source has nothing to do with this. This is just a blogpost of them of why they dont use Anubis and their concerns.

[–] git@hexbear.net 1 points 2 days ago (1 children)

Copyleft and open source has nothing to do with this.

It informs exactly the type of response they’ve given. If you can’t understand why the authors of the GPL would respond like this that’s on you.

[–] hello_hello@hexbear.net 2 points 2 days ago

What is this supposed to mean? How does software licensing relate to this? Anubis is a free program.

[–] RedSailsFan@hexbear.net 6 points 2 days ago* (last edited 2 days ago) (1 children)

what exactly is the issue here? the article is complaining about DDOS attacks from botnets and LLM scrapers, seems very reasonable to me

[–] Super_Lumalo@hexbear.net 2 points 2 days ago (1 children)

replied to another user with the same question, I just don't like the FSF for it's nonsensical puritatnism

[–] RedSailsFan@hexbear.net 2 points 2 days ago

you should point this out in the headline or in the post body then, my original impression was that you were saying they are calling others "bots" or something like that