Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
SYSV Fanfic
Sep 9, 2003


Anyone remember when "left tab" or w/e got deleted from node and they ignored the author's license and wishes for several days because it broke the entire ecosystem? If the license he used allowed it, he should have sued for every download after he revoked authority to distribute. Destroying javascript is the lords work.

rotor posted:

If you're a maintainer of an open source project, just stop.

If you want people to stop taking advantage of you, the first step is to stop helping them to take advantage of you.

People poo poo on the GPL, but people who accept the license and use the code have to pay for it in a way that might be more important to you than the money you could make off of it.

I'm never going to make much or any money off an endian-neutral C re-implementation of Microsoft's binary floating point format. Including the source zipped in your distribution is minimal, and I get paid if it gets used anywhere else, because that code becomes GPL.

Adbot
ADBOT LOVES YOU

SYSV Fanfic
Sep 9, 2003


prisoner of waffles posted:

username post combo? also I don’t think this makes sense, hth

Anyone who uses my GPLed code pays by having to follow the GPL. If I consider other people's improvements and enhancements to my code fair payment, then by complying with the GPL they've paid me.

If it's important enough to me, I can pay the $250 to initiate a pro-se federal lawsuit and use the references on the software freedom conservancy to aid me.

susan b buffering posted:

left pad was licensed under MIT so he wouldn't have been able to do that

dang.

edit: The filing fee is now $400, but po folks can have the fees waived.

SYSV Fanfic fucked around with this message at 17:50 on Dec 24, 2021

SYSV Fanfic
Sep 9, 2003


The beauty of pro-se is that if you have time to show up in court, and the other party has to pay a lawyer you've already won.

SYSV Fanfic
Sep 9, 2003


prisoner of waffles posted:

if that pays off as a hypothetical cost-benefit analysis for you, go nuts. in my mind it still looks like donating effort to the benefit of companies, primarily large ones.

What software are you talking about? My contributions to KDE have gotten me an incredible desktop environment I love using. My contributions to dosbox early on indirectly caused several very difficult edge-case problems to be worked out by CD-Projekt Red employees involving audio.

I have yet to start from scratch a project - it's very hard to come up with software that someone else hasn't already started that can just be extended. But I have contributed and the result was software I preferred using for my hobbies.

Most GPLed software could never be the product of a one or two person indie software dev shop. By the time the project gets incorporated into something else, it was something that wasn't going to exist any other way than "open sores". It was clear in the 90s that any functionality that could be implemented by one guy and was worth buying was going to be duplicated by a larger company and incorporated into another product as a bullet point. The for-profit software industry is notoriously anti-competitive/monopolistic.

For a long time the only minimally palatable alternative to most software monopolies were largely GPLed, until corporations figured out they could trick people into doing free work they could use absolutely gratis with a different license.

GPL lawsuits for the most part do not involve huge companies. Like rotor said it's a poison pill.

SYSV Fanfic
Sep 9, 2003


Like, I just kicked off another 3d print on my heavily modified tevo tarantula running Marlin firmware (gpl), sliced with cura (derived from slic3r, gpl). As an engineer/hobbyist I've derived intense benefit from GPL software that a billion dollar company will never have interest in.

edit: like most GPL software it looks like hell, but it works nearly as well as a $2k printer (also based on marlin and cura) from the same period.



GPL.jpg.

SYSV Fanfic fucked around with this message at 22:01 on Dec 24, 2021

SYSV Fanfic
Sep 9, 2003


MononcQc posted:

the biggest value of GPL code is that it endlessly pisses off wanna be startups that just want to use free poo poo without having to talk to lawyers

Haha. Most of the "don't gpl your code" poo poo comes from people that dream of creating a multibillion dollar startup off their ability to glue pip/node packages and code snippets together.

SYSV Fanfic
Sep 9, 2003


Kinda unrelated but commercial hackathons were the best. "Help us overcome a crippling design challenge in 48 hours and win a macbook pro!"

SYSV Fanfic
Sep 9, 2003


If crypto has done anything for the tech world, it's concentrating the worst of the assholes in one bubble and painting the rest in nature's bright colors.

SYSV Fanfic
Sep 9, 2003


Cybernetic Vermin posted:

which rather misses the theme of the thread, which is not "don't write software" (that's the rest of yospos), but that more effort should be expended trying to control where and how such software gets used. the agpl3 is a start, but as was demonstrated by the gpl3 evolving into being perfectly acceptable for cloud services companies you can't just assume that you have a sufficiently poisonous pill already.

Yeah sorrry sometimes poo poo goes over my head b;c itt's hard to keep context together when your jumping thread to thread.

I was specifically responding to rotor's hardline stance that writing/maintaining free software automatically means personal exploitation. Trying to control how the software gets used (as opposed to getting paid) means taking responsibility for something that's largely beyond your control.

SaaS has never bothered me. Even if they're deriving a lot of economic benefit. They're end users using the code in a way that no one other than a cloud provider can - and "freedom" matters mostly to programmers not users. If you really want end users to contribute their code upstream just break the internal APIs constantly b/c it breaks their patch sets. When they ask you to not do that laugh in their face.

The people being exploited are the ones that were deluded into thinking they could run a business by giving poo poo away for free. Deliberately, by the first movers who wanted more software they could bundle into the products they were selling (redhat, here's looking at you) b/c of their trademarks.

SYSV Fanfic fucked around with this message at 13:39 on Dec 25, 2021

SYSV Fanfic
Sep 9, 2003


As far as who would maintain a java logging library or openssl - people like to feel important and useful. I think it was rotor who was wondering why anyone would maintain deprecated features on behalf of major corporations - the corporations aren't the ones that approach people. Employees who are flesh and blood humans do. Most people have not yet cultivated the attitude that anyone who works for a corporation has voluntarily installed a brain implant to where they can be remote controlled by psychopaths.

also a lot of the anti copyleft ppl are taking a play from the anti-union playbook - "The gpl was for a different time and we've moved past that". https://martin.kleppmann.com/2021/04/14/goodbye-gpl.html

SYSV Fanfic fucked around with this message at 16:20 on Dec 25, 2021

SYSV Fanfic
Sep 9, 2003


ultravoices posted:

working for exposure is good actually.

Exposure is something you die from, sadly.

As far as trying to control what other people try to do with your code, I made an incredibly insignificant contribution to 3d printing (involving a problem with infills). That contribution has most definitely been used by violent extremists, but it was also was used by the people trying to save lives during early covid by 3d printing parts for ventilators and canulas and strap tighteners for masks. My GF works in a grocery and we might have dodged getting covid b/c of a 3d print that let disposable masks fit her better.

I try to be optimistic that the good will outweigh the bad. That my dumb KDE bugfixes will be used by as many social workers as chinese labor camp administrators and whatnot.

SYSV Fanfic fucked around with this message at 17:01 on Dec 25, 2021

SYSV Fanfic
Sep 9, 2003


Cybernetic Vermin posted:

one of those articles that have a lot of basic things right (e.g. how the big cloud platforms have rendered a lot of past license activism moot), but fails to then inspect his own motivations and moral position, instead just obliquely referring to "software freedoms" and going "whelp, might as well keep coding away and releasing under mit licenses v:shobon:v".

It's a very deliberate and manipulative technique. Build common ground then try to sway from there. The benefits of the GPL family stand apart from the FSF, RMS, and SaaS.

SYSV Fanfic
Sep 9, 2003


raminasi posted:

isn't that just persuasion

If you genuinely believe the common ground, possibly. Most people who self label entrepreneur really mean aspiring noteable psychopath so you should just assume the worst.

SYSV Fanfic
Sep 9, 2003


rotor posted:

to recap, my fundamental objections to open source as currently practiced are:

1) you give up all control over the ends to which your work is a means.

2) you're largely doing volunteer work for startups

3) it devalues software itself

4) in many ways, esp for junior devs, it's become work for exposure

1. is a weird problem due to the fact software is usually licensed and not sold. In almost any other industry you lose the ability to control how your product gets used once it's been sold. It's connected to the harm software can do, because most products you cannot handwaive away your liability for injury and fault. That's not going to change until people ask why software can ruin a business or end a life without recourse, whereas any other product class can seek remedy. The 737 air max was really a story about tech industry ethos seeping into other industries. European pharma could threaten their distributors, but they can't sue US prisons for killing people with their drugs.

2. Like the clopen source link (dunno if you wrote it) points out about certain projects - the "big" projects everyone points to as successful are only considered so because they were monetizeable. Social pressure is pretty powerful so maybe start clowning on people who decide they're going to contribute to mongodb in their spare time.

3. Software was always going to be a race to the bottom, and the only thing that really stabilized prices was the emergence of a monopoly that everyone else could set their prices by. Eventually the only products that could compete with the resources of the monopolists were FOSS. GCC didn't kill Borland or Aztec. They died because they could not fund the development time necessary to compete with the Visual Studio monopoly (dominant because of the windows monopoly), which itself employed anticompetitive bundling practices (msde, all languages, etc). Average consumers/users don't choose FOSS b/c of the price - eventually it winds up being the only competitor on features. Software with high, domain specific utility still sells really well via referral at my hackerspace (vcarve, vinly master, insync, mesh mixer off the top of my head) - despite (harder to use and buggy) foss software being available.

4. I really disagree that foss is even close to the root cause of this. Those stupid coding bootcamps are everywhere promising participants that if they waste three months of their lives learning CSS/HTML/Javascript. I started an "open code" for my hackerspace. I intended it to help people get started with raspberry pi/arduino projects. The first night I wound up with 28 people I'd never seen before all doing one of two local bootcamps. Dumping ~1,000/year quasi-qualified applicants that do not have the skills of a CS associates into the local job market means that people have to find a way to distinguish themselves. Internet related companies have pretty successfully used the "extreme shortage, good jobs" to create an oversupply of the underqualified. The fact they benefit from their unofficial unpaid internships in FOSS is icing on the cake.

quote:

edit: just gonna post this again because why not https://docs.google.com/document/d/1h__zP17eMoSXntHq6Jo7nKxRB8DoCOcVZ794Qd4LEA4/

Read the whole thing start to finish. If you wrote it, It's a good argument.

edit: also, cooperative education should be the norm.

SYSV Fanfic fucked around with this message at 03:16 on Dec 26, 2021

SYSV Fanfic
Sep 9, 2003


Was thinking while I slept last night. Imagine finding a box truck on the side of the road where every part had been machined or cast by random people then put together. Imagine taking it and building a delivery business around it. Neighborhood you do your deliveries in gets rough and you get robbed a few times. You start driving your truck around to the random people who made the parts and demanding they turn it into an armored box truck. You start writing blog posts about how you can ensure the (random) people who make the truck parts (for free) spend the time to make sure they already come reinforced. At no point do you reflect that you built your livelihood on a boxtruck made by random people you found on the side of the road.


rotor posted:

The idea that average users don't choose FOSS software based on price seems ... like way off base. People tolerate all kinds of bullshit out of lots of open sores poo poo because the price is right.

In my experience, it's people who don't need the tool to do economically productive work/frequently use that justifies buying the software. Most people who tolerate terrible FOSS are using it for one offs or things they don't do very often. Kinda like piracy in games - most FOSS users would not translate to sales.

Can you explain what you mean by napster, netscape, etc?

quote:

And GCC definitely hastened Borlands demise

I don't think it was by much. From the beginning Borland's programming products were about ease of use with quck compiles/turn around. GCC never had a good IDE/Debugger on windows. It definitely never had a good windowing toolkit. Borland couldn't keep pace with visual studio, and their longest lived product (Delphi) survived because MS never made a visual pascal. Free Pascal only started when Borland said it was abandoning DOS.

SYSV Fanfic
Sep 9, 2003


I just realized the box truck is even more ludicrous, because it's dozens of guys with box trucks they found on the side of the road free blogging about quality control problems in the free box truck part industry. Some of them welded together the box trucks into cargo ships that they're delivering hundreds of tons of goods with.

SYSV Fanfic fucked around with this message at 15:40 on Dec 26, 2021

SYSV Fanfic
Sep 9, 2003


MononcQc posted:

tech is its own environment with its own reality.

I wonder how much longer and how bad of a thing has to happen before the public at large starts demanding that software be held to the standards of normal reality. People don't question the status quo. Essentially when will "but with a computer" stop making something special and unique. The fact that there is a difference between a cleaning service destroying your family picture album and a microsoft updating trashing your mydocuments becomes more absurd and unfair every year.

rotor posted:

This is all true but the point remains that we are in a position to retain control the use of our work, and yet we don't because ... idk, because we're vain, or we're lazy or any of half a dozen reasons. Liability has nothing to do with whether you can enforce a license agreement or not.

I wanted to respond to this separately and think on it good and hard first. A whole lot of social problems from tech stem from the fact that the tech industry carved out all the regulations, laws, and case history without much or any input from the public. Individual responsibility is all well and good, but just like guns, vaccinations, or anything else collective/social action trumps it. Even guns - you cannot sue a gun manufacturer because someone shot you. But if you get shot by someone holding a gun because of a misfire you can. If discriminatory facial recognition software, or a software bug or w/e cause you harm - I'm not aware of people suing the makers of the software directly and winning - because of the absurd legal landscape of software licenses.

I think it's fair to ask people to consider the ethical implications and the harm that can result from giving away their software. How bad could it make someone's life if it has a bug. I don't think it's fair to expect people to try to tackle a societal issue through personal responsibility or direct action.

It would also kill a lot of FOSS, or at the very least necessitate releasing/publishing as an LLC .

Anyone remember shrink wrapped licenses? How long it took to finally kill them?

SYSV Fanfic fucked around with this message at 19:01 on Dec 26, 2021

SYSV Fanfic
Sep 9, 2003


The same thing was said about interstate trusts/corporations in 1899. The US at least is a representative republic, with 50 co-sovereign representative republics that can all implement their own regulation. People can't pay much attention to tech at the moment because of the consequences of wealth inequality. While the current supreme court hates administrative law, they very much believe in congress's powers to tax, legislate, and regulate. It will be fixed eventually, but other poo poo's more pressing.

Consider the US political system is still so broken that after Jan 1st there will be insulin dependent diabetics showing up in emergency rooms to get their insulin b/c they'll die without it and they can't pay their annual deductible out of pocket.

I know it's hard to keep from getting crazy cynical, but if you spend a lot of time angry thinking about these things and you have the energy/time to volunteer with kids try to find an opportunity. Doing a reading skills program was really good for me, and for a time I was paid by the boy scouts (yeah, I know) to do outreach at community centers in neighborhoods with high murder rates. As a guy that's never going to be a father it was a real realignment of my priorities and it's helped me keep hope that things will change for the better.

SYSV Fanfic
Sep 9, 2003


MononcQc posted:

yeah I get that. Mostly it's just the idea that things won't improve with the system as-is. The required shifts will need to come from bigger changes elsewhere, and I'm just putting more of my energies elsewhere than in OSS given they tend to fuel that self-propelling machine these days. They don't need more of my help and almost anything new I do in my free time is obscure or licensed in ways that would just piss any corporation off.

Yeah, definitely only do stuff you enjoy. I can't fault someone who thinks b-trees or indexes or w/e are the most interesting thing ever so they hack on a DBMS. A lot of FOSS newbies need deprogramming from the productivity cult. There are other measures of value than economic utility. Go add some new levels to kolf, or make a crappy game and sell it for a buck.

SYSV Fanfic
Sep 9, 2003


Man, I was reading it as "foxpen"wondering wtf they were talking about, not realizing it was a play on Faux Pas.

SYSV Fanfic
Sep 9, 2003


It's almost as if the AGPL/Server side public license is bad for their major donors.

https://opensource.org/corporate-sponsors-support#sponOps

SYSV Fanfic
Sep 9, 2003


Looks like it's pretty bad for the main employers of the OSI board as well... Tidelift, Redhat, Google, Etc.

SYSV Fanfic
Sep 9, 2003


What a really clever trick to get licenses vetted for your use in a tax exempt way.

SYSV Fanfic
Sep 9, 2003


rotor posted:

Liability concerns are a legal thing and I haven't spent much time thinking about it.

I don't think you can completely separate the two as we often compel a minimal morality via the legal system.

rotor posted:

Sure, I'll agree with this, but i'm not sure if this is some follow-on commentary or an objection to some part of that long fuckin doc

It was a follow on to your four point summary. I don't object to anything in the doc outright, though I might disagree somewhat. I don't think your wrong about anything. Your opinions are well formed, your facts are correct, and it's conclusion well reasoned.


rotor posted:

you said "Eventually the only products that could compete with the resources of the monopolists were FOSS" and i feel like those companies are some counterexamples.

Of all those companies I think Macromedia is the only one that didn't fail. I believe the main reason it didn't is because Microsoft was on it's absolute best behavior post 1999 judgement. Gotta wonder how the tech world would be different if gore had won and Microsoft had been busted under the sherman act. In the end macromedia got bought out by another monopolist.

SYSV Fanfic
Sep 9, 2003


As a total aside, I just learned something I was taught in college during a lecture (2002) was wrong. I was told that the Therac-25 manufacturer was found liable for the software defects because of the software license had them assume all liability for use. I don't think that's the case, I think it was re-used internal code from other models. That's always shaped my perceptions of software licensing - that you could get away with murder, and that might be wrong.

SYSV Fanfic fucked around with this message at 02:48 on Dec 27, 2021

SYSV Fanfic
Sep 9, 2003


rotor posted:

I mean all companies eventually fail, but they had long runs doing things monopolists didnt/couldnt. I think the larger point we were talking about is that FOSS was the only way you could bring a robust platform to compete with monopolists and I think that's overly cynical.

I see it still happen a lot. Fusion 360 for personal use was designed from the beginning to flatten any and all competition to autodesk's hegemony. When it was clear that they'd Tungusku'd the market they pulled it back. They can always deploy it again later if need be.

SYSV Fanfic
Sep 9, 2003


rotor posted:

Solidworks still exists. The CAD, CAM & machine control vertical is very weird and it's strange to me that the only FOSS participants are either

1) LinuxCNC
2) some hosed up script someone wrote in python like f-engrave or pycam
3) grbl for tiny little machines
4) a bunch of weird poo poo around 3d printing like slicers

You forgot inkscape plugins!

There were a couple of startup offerings around 3d printing, as well as tyring to improve the cad style 3d modelling in blender that were gaining effort. Autodesk moved to capture the market really aggressively by buying Tinkercad and 123d (and halting further development for both), and licensing fusion 360 for free. In the span of like three years they'd made sure that their competitors would remain toys or crap foss.

LinuxCNC is surprisingly good for proprietary machines that no longer have support. I've resurrected two old CnC machines with it, a parallel card, and a mach3 board.

SYSV Fanfic
Sep 9, 2003


Well, they may have nukes but they don't have FMA Bill.

Edit: They do not do Bounty :)

SYSV Fanfic fucked around with this message at 19:11 on Dec 29, 2021

SYSV Fanfic
Sep 9, 2003


PCjr sidecar posted:

on a nine figure procurement hpe can spend a few dollars to make nnsa happy

Dudes' just a schmuck namedropping, who told his client they didn't need to buy a fortran compiler.

SYSV Fanfic
Sep 9, 2003


PCjr sidecar posted:

i can guess which procurement this is, and I can guarantee they’re paying orders of magnitude more for compilers than what they’d pay for a bounty

id bet they validated one of their forty year old go-boom code on gfortran a decade ago, or they need to have fma on all supported compilers before they can use it in the code

Sandia/LLM has some of the top people in the world across all CS disciplines. Probably it's just in the unit tests that have to compile and perform to fulfill the contract. If it was actually holding anything up, they would have had it implemented within two weeks.

SYSV Fanfic
Sep 9, 2003


Wonder if he bid on a sub contract for HPE thinking he'd be able to get the gfortran guys to do it for free.

SYSV Fanfic
Sep 9, 2003


lol.

https://www.linkedin.com/in/bill-long-a5a0957

SYSV Fanfic
Sep 9, 2003


rotor posted:

"principal engineer at cray for 25 years" should tell you everything you need to know about this guy

Hey, at least he let whoever implements this know that their FOSS hobby could help kill a couple of million people at once.

Edit: Is it poop touching to reach out to HPE media relations and ask whether he was implying his customer was important, or implementing features useful for perpetrating nuclear holocaust is a cool once in a life opportunity you shouldn't let pass you by?

SYSV Fanfic fucked around with this message at 21:07 on Dec 29, 2021

SYSV Fanfic
Sep 9, 2003


Man, gently caress having a hobby that could make me the hacking/rendition target of a foreign nation state. I was thinking about the gfortran thing today, and realized they truly meant op-sec in the counter intelligence way.

I asked a friend who worked at a national lab. Only thing they could figure (besides contracts) is HPE/Cray exec said he knew people and could get it taken care of b/c he wanted to look important. Otherwise they'd just ask under the auspices of getting some of their open source fortran code working.

SYSV Fanfic
Sep 9, 2003


I think it was pretty nice of him to have it break immediately, rather than wait two months before activating.

SYSV Fanfic
Sep 9, 2003


akadajet posted:

he took "direct action" against ever being employed again

I really doubt that. It's been eight hours and I already forgot the guys name.

SYSV Fanfic
Sep 9, 2003


I'd like to point out that this is what he decided to do after receiving mental health treatment.

SYSV Fanfic
Sep 9, 2003


prisoner of waffles posted:

… sounds like people itt know marak squires more personally than I do

e: yikes Twitter searches appear to deliver

IDK him, but Look at the timeline - crazy house full of bombmaking stuff, child endangerment charge, involuntary psychiatric hospitalization. Articles were written in September 2020, In November 2020 he stops updating his libraries and expects to get paid for his work. He got mental health treatment and realized what he was doing with colors and faker for no gain was delusional.

My assumption is that the reason there are no more news articles about a crazed bomb maker being investigated by the feds is that he either checked himself in voluntarily for a relatively long stay (4-6 weeks is a long time today), or he agreed to a criminal mental health diversion (no more public updates).

Also looking at the github, I don't think they locked him out to protect the giants of the industry. He probably triggered an internal process that everyone except for one ten billionth of the planet would be glad existed if it looked like their account was being used maliciously.

SYSV Fanfic fucked around with this message at 00:36 on Jan 11, 2022

SYSV Fanfic
Sep 9, 2003


Would have been fun in the psych eval - "So this code that got saved in a doomsday vault, the one massive corporations are using to exploit you - we googled it, it's real, and it seems you did that for free?".

Adbot
ADBOT LOVES YOU

SYSV Fanfic
Sep 9, 2003


DaTroof posted:

but have you offered him a job in the past eight hours

This really was nothing. He pointed out that his code was unmaintaned, which was responsible post log4j. He also pointed out how important it is to hire developers with the skill to be able to do something other than glue NPM packages together. Because those were the people he hurt. The literal parasites that have built careers/enterprises off the NPM "ecosystem" without contributing much of anything back.

As a "local man" whose been in the news with a decent personality, credentials, and talent - whether he'll have trouble finding 1099/w2 work after this comes down to his people skills. Not the fact he made clowns out of a bunch of people for relying on unmaintained code.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply