this post was submitted on 26 Oct 2024
72 points (72.8% liked)

Asklemmy

43945 readers
554 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

I for one am going through quite a culture shock. I always assumed the nature of FOSS software made it immune to be confined within the policies of nations; I guess if one day the government of USA starts to think that its a security concers for china to use and contribute to core opensource software created by its citizens or based in their boundaries, they might strongarm FOSS communities and projects to make their software exclude them in someway or worse declare GPL software a threat to national security.

(page 2) 50 comments
sorted by: hot top controversial new old

There was more drama? I didn't even notice. They're always doing drama.

[โ€“] notTheCat@lemmy.ml 5 points 4 weeks ago

Yes, bad actors can exist everywhere, it doesn't really help anything but fragment the project and harm it, do we need multiple directed forks ? Fuck no it will be best if everyone can monitor and contribute, I kind of think of it as they do peer reviewing in research and shit, it's always better when more people can view it, that will leave less room for biasing and frankly detect bad actors easily

[โ€“] kyub@discuss.tchncs.de 5 points 4 weeks ago

I get that it's a nice daydream to think of open source projects as existing in some kind of independent, ethereal vacuum just because the code is out there and accessible from any place on Earth. But every software project is (mostly?) dependent on the jurisdiction in one country, in this case it's the US, and so their laws about sanctions and so on apply. And yes, this means that unless conflicts/wars between nations happen to cease, that we will eventually have completely separated blocks of politics/culture/military and also IT. Globalization is over. China will have their own stuff, Russia will have their own stuff, and US+EU will have their own stuff. And none of those countries should continue using high-tech products made by the other because they could be sabotaged and it might be hard to find, so it's best to not use them at all and just cook your own stuff. It's unfortunate, but bound to happen in the current state of the political world.

[โ€“] TORFdot0@lemmy.world 5 points 4 weeks ago

If someone really wants to use the contribution of the expelled maintainers they can just make their own fork. Part of the Free in FOSS is the freedom to associate or not associate with contributors.

[โ€“] j4k3@lemmy.world 5 points 3 weeks ago

I think the prestige of "maintainers" and contributions/control are what is being torn down. Anyone anywhere is still welcome to contribute, they are simply limited from direct control. They can still fork at any time, anyone can. Getting people to follow your fork is another thing entirely, and your open source code will still likely be incorporated directly or indirectly. The only thing that has changed is the misguided prestige that has grown around the project and is not a required or relevant part of the project as a whole.

[โ€“] bloodfart@lemmy.ml 4 points 3 weeks ago

Unfortunately no.

I remember the selinux controversy and the nsa trying to slip bad algorithms in.

[โ€“] Dr_Vindaloo@lemmy.ml 4 points 4 weeks ago

Yes. I always thought of sanctions as being finance-related, meaning you can't transact with sanctioned groups. I figured it couldn't apply to decision-making/membership in non-profit organizations (that it might somehow violate "free speech" or some shit). Finding out this is not the case is terrifying and one more reason to hate the US (not that we needed more). This might disincentivize some people to contribute to FOSS.

[โ€“] sharkfucker420@lemmy.ml 4 points 4 weeks ago (2 children)
load more comments (2 replies)
[โ€“] deadcatbounce@reddthat.com 3 points 4 weeks ago

Nothing is devoid of global politics.

[โ€“] Dekkia@this.doesnotcut.it 3 points 3 weeks ago

From what I understand this wasn't a decision dictated by sanctions nor was there any strongarming. Otherwise it would've happend way earlier.

I also think splitting politics and literally anything else doesn't work and is something people who benefit from the discussion (or lack therof) made up.

[โ€“] QuillanFae@lemmy.world 2 points 4 weeks ago (1 children)

I just wanted to say that I have the same questions, and it's a relief to see it posted by someone with more courage. I'm too ignorant to contribute to the discussion though. I don't know how a government or private entity could pressure a FOSS project in this way, unless that pressure was put on the project's git platform. At which point the repo just moves elsewhere.

[โ€“] wewbull@feddit.uk 5 points 4 weeks ago

FOSS does not mean:

  • Community owned: Linux is owned by the Linux Foundation, a legal entity of the United States and subject to it's laws.
  • Obliged to accept all contributions: The owner is free to accept or reject contributions for any reason.

Nothing changed except some people are no longer responsible for maintaining parts of the source tree. Their delegated power to accept contributions was removed. They can still propose changes, but they will be reviewed by others who aren't subject aren't at risk of Russian state influence.

This isn't saying they've done anything wrong, or that they are currently under state influence, but now that they no longer have maintainer privileges the chance of the FSB knocking on their door has probably dropped 90%.

[โ€“] sag@lemm.ee 2 points 4 weeks ago

@Artemis_Mystique@lemmy.ml Views on the idea, no. But it confirmed my opinion that the current socio-economic system is unfriendly to FLOSS

[โ€“] reddit_sux@lemmy.world 1 points 4 weeks ago

Everything be it software or anything else is beholden only to those who is the highest bidder. Being FOSS doesn't change anything. This has been true for some time now that Linux and TLF is duty bound to businesses running it.

It had been covert till now, it is the overtness of this action which is surprising to most. I for one am surprised it didnt happen sooner.

[โ€“] esc27@lemmy.world 1 points 4 weeks ago* (last edited 4 weeks ago) (1 children)

I'm not concerned that they followed the best advice of their lawyers to respond to the legal and political challenges that currently exist.

I am concerned that hostile nation states (define those as you will) have made supply chain attacks (remember the xz Utils backdoor) so common that actions like this or worse are becoming necessary and that open source, globally contributed software could be at risk.

[โ€“] rottingleaf@lemmy.world 4 points 4 weeks ago

This does very little to protect against supply chain attacks.

Your example shows that too.

Increasing modularity and reducing complexity of software seem to be the right way to that end. Plan9, GNU Hurd, Minix3 are interesting in that context.

load more comments
view more: โ€น prev next โ€บ