> Projects with CLAs more commonly are subject to rug pulls; projects using a developers certificate of origin do not have the same power imbalance and are less likely to be rug pulled.
Would be worth explaining why: my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA. So you say "it is a GPL project, my contribution is GPL, but I allow you to relicence my contribution as you see fit".
If the project uses a permissive licence already, honestly I don't really see a big impact with signing a CLA: anyone can just take the codebase and go proprietary with it. However, if it is a copyleft licence, then signing a CLA means that the beneficiary of the CLA doesn't play by the same rules and can go proprietary with the contributions!
If you don't want a rug pull, you should use a copyleft licence and not sign a CLA: nobody can make Linux proprietary because the copyright is shared between so many people.
If you use a permissive licence, then a rug pull is part of the deal.
> my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA.
Just to clarify, this depends upon the exact CLA you sign. Canonical's CLA (CCLA) [1] for example, contains this clause in Section 2.3 Outbound license:
> We may license the Contribution under any licence, including copyleft, permissive, commercial, or proprietary licences. As a condition on the exercise of this right, We agree to also license the Contribution under the terms of the licence or licences which We are using for the Material on the Submission Date.
This means that they promise to release your contribution under the original license as well. Or in other words, they won't relicense the old contributions retroactively. There may be other CLAs that don't make this promise. It's generally a good idea to read and understand what you are signing up for. (Applicable for any agreements, not just CLAs, since your argument is to avoid them.)
Almost all CLAs let the contributor retain the copyright. (If I understand correctly, copyright transfers are involved only in CAAs.) So that option is also available for you to do whatever you want to do with your contributions. In any case, the actual problem is the breach of an unwritten trust you place in the project owners. Since you generously contributed your work to them and everyone else, you'd expect the same favor in return for the contributions by others in the future. But CLAs leave that open and under the sole control of the project owners, primed for a rug-pull. The only way you'll ever get the benefit of those contributions after a rug-pull is if you collaborate directly with the other contributors - a fork in essence.
> If you don't want a rug pull, you should use a copyleft licence and not sign a CLA
There is an odd and particularly hideous combination of those two - AGPL + CLA. I'm generally a proponent of AGPL. However, I believe that this combination is worse than a permissive license + CLA. Copyleft licenses require you to supply the source code (including your custom modifications) upon request to anyone you distributed the application to. In AGPL, the use of an online service also falls under the definition of 'distribution of application'. So you have to distribute the modifications of the server-side code to anyone who uses your service. I see this as a good thing - because someone else with a lot of resources can't just improve and host your service, denying you the benefit of those improvements. However with a CLA, the project owner (perhaps a company) can host a relicensed version with undisclosed improvements, while you will be forced to reveal your improvements if you try to do the same (since you're using AGPLed code). You wouldn't have the same problem if the source was under a permissive license + CLA.
But here is where it gets particularly egregious. The above problem can also affect software under just a permissive license and no CLA. This is what happened to Incus and LXD. LXD was initially under the Apache license and the linux containers community, in collaboration with Canonical. One fine morning, Canonical just decided to take control of the project, prompting the linux containers community to fork it as Incus. For a while after that, both projects used to borrow code from each other since they had the same license. But then Canonical decided to relicense LXD under AGPLv3 + CLA. This means that it was no longer possible for Incus to borrow code from LXD due to license incompatibility, while Canonical continued to do so under a slightly odd arrangement. You can read about it in detail here: [2]
Yes, it's a pretty weird notion. The only "rug pull" is wrt. ongoing maintenance of the project, but any maintainer may end up abandoning their own project for any reason or no reason at all. This is why essentially all FLOSS licenses have long provided for the right to fork the existing codebase under a new maintainership.
> Contributors and maintainers often have less power than even the smaller companies, and users have less power yet.
If contributors/maintainers are not happy with what the small company does, they can fork the project (assuming a liberal license) and continue in their own way. Valkey is a good example (with an interesting twist of license dynamics where Redis can use Valkey code now, but not the other way around).
> We have built a world where it is often easiest to just use whatever a cloud provider offers
And, IMHO, this is the major problem in the dev community these days - we've become lazy and focused on nonsense ("pretty"/unusable UIs, web gymnastics, llm, "productivity" etc.). We didn't have problems in the past to fork or reimplement OSes (various BSD instances), compilers (gcc versions), databases (MariaDB), and so on. There are tons of geniuses around hacking on cool stuff, but, sadly, the loudness of various hipsters and evangelists limits their visibility.
> Those providers may not contribute back to the projects they turn into services, though, upsetting the smaller companies that are,
The significant contribution that these providers (AWS, et al.) make to these projects is often overlooked - free advertisement. If I can remember correctly, ElasticSearch got popular when AWS started to offer it as a service. Additionally, cloud providers usually contribute (by employing core developers, shipping patches or testing) to the kernel, gcc or jdk, from which these small companies benefit significantly. In contrast, they themselves could do none of this.
But it is easier to blame "big scary clouds" than to rethink your business model. Be honest, start closed; no one will touch that and no one will be standing in your way.
Building the software you rely on from source by default is one way to reduce the impact these events have on you and shift the power dynamic. If you're installing binaries/images from a vendor (free or otherwise), transitioning to a fork may be an undertaking and a sweaty risk-assessment.
Switching your existing build-infra to sync sources from a new remote should be a snap.
Also no major need to hound maintainers to ship a release or merge that neglected bugfix or feature you desperately need - just cherry-pick it.
Depends on the actual software licence, many commercial vendors do provide source code, however the licence doesn't allow you to do whatever you feel like with code, even if technically it is possible to do so.
This happens a lot in commercial products where scripting languages are used, for example.
Or enterprise consulting as another example, where the code is delivered as part of the project, but it is bound to the agency for compiling purposes, unless the customer pays extra for that right.
This whole discussion is about FLOSS projects where the right to "do whatever you feel like with code" is well established - even literally so, in the case of purely private/internal changes that are not distributed to or publicly performed for any third party.
IMO if you're a technical decision maker, you should ignore fair source/business source stuff with extreme prejudice. These are fundamentally incompatible with the goal of having autonomy for your systems.
Only pick these if they're non-critical, have a significantly higher RoI, or a high commodity item.
This is causing management at the current company to run in circles a bit as well. The company has been fairly adamant about having support contracts for systems, and it has encountered a number of these stunts. Opscode with chef a long time ago, CentOS exit, VMWare, Broadcom has a number of more ugly things available in Tanzu.
And we were either paying these companies (looking at VMWare), or looked for quotes and intending to pay these companies. But suddenly, your configuration management is supposed to cost almost 6 digits per year. Very basic services should suddenly cost a mid-6-digit range per year for a basic suport contract. Sorry but what the fuck? And - again, looking at VMWare - even then we can't really rely on it?
I've been recommending to instead sponsor foundations, or straight up paying maintainers and developers of OSS we use regularly. The giggles when suggesting that have been getting quieter. But I'd rather hire a Proxmox/qemu dev than start paying the next VMWare.
I see what you mean. The original developer can engage
in a practice that blocks coopertation.
By contrast, using some other license, such as the ordinary GPL,
would permitt ANY user of the program to engage in that practice.
In a perverse sense that could seem more fair, but I think it
is also more harmful.
On balance, using the AGPL is better.
I believe there should be a broader family of terms besides rug pull for when the intentions of vendors and developers change over time to become extractive and negative. No, enshittification is not the right word.
Why is LWN writing articles about purple hairs ranting about social problems? I expect them to focus on the technical developments of Linux and not this drivel.
Why are you trying to distract from the content of the article? I don’t know why her hair color is so triggering for you but she has a couple decades working in open source, multiple relevant degrees, is on the CNCF Contributor Strategy TAG, and is talking about some real issues affecting a lot of projects.
If you can’t get over her physical appearance long enough to engage with the topic, it’s healthier to leave the thread and do something else.
Why does her hair color matter to you? Why is open source longevity and viability not on-topic for LWN discussion?
Dr Foster holds a PhD, did her dissertation about the Linux kernel, and has had a respectably long career in technology with a focus on open source and governance. The topic is literally straight in her professional wheelhouse.
Without commercializing the non-contributor users, they have really no leverage in any of the relationships. Connecting them together by pooling their financial power to pull in contributors creates a real force to resist rug pulls a la Val-key. That is one of the kinds of thinking behind PrizeForge and why I'm implementing bare-minimum Postgres backups today because we're a fledgling startup and need Rust engineers: https://positron.solutions/careers
It's nice to see an article that is just interesting. Although trying to model an environment of extreme freedom as 'feudal' is one of the big philosophic mistakes in the current discourse. Although it is easy to establish that the majors are very sticky they're only sticky as long as they do a good job. Groups like AWS or Google are actually pretty vulnerable - the US right wing looked like it was about to build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public. Places like AWS had to pull their head in and the spin offs from that like Rumble or Truth Social haven't gone away, they just partially marginalised when the censorship backed off. That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
> they're only sticky as long as they do a good job
> Groups like AWS or Google are actually pretty vulnerable (...) build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public
The part of AWS or Google infrastructure necessary to "speak up in public", relative to their total infrastructure, is probably close to the tiniest number you can imagine. I can't see how an alternative web forum or short text message service, even if used and supported by many, could make AWS or Google vulnerable. And as a reminder, the public is not a customer for Google nor AWS.
Or maybe by "the US right wing" you meant a handful of billionaires who would fund an alternative to Google and AWS? That still sounds naive to me. The estimated assets of Google or AWS in datacenters only is somewhere in the hundredth of billions, plus a good fraction of that every year for maintenance. Their current valuation is between $2 and $3 trillion.
Having no exeprience about peasants revolts (yet ;)) I only meant to comment on that part of your message.
Exactly; there are many mechanism in-place that allow us (anybody) to create alternatives if the currently dominant players start to misbehave too much; they just have not
And there are mechanism that restrict you. The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Otherwise, im am really wishing for alternative payment processors ... could someone proove me wrong here please.
You worldview is incredibly foreign to me, but I'll try to engage fairly with it.
> the US right wing looked like it was about to build a complete alternative internet for a while there
This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
> they just partially marginalised when the censorship backed off.
Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
> That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
I think it's interesting that you posit this as a fight between the "peasants" and the "soliders". I'm assuming, to make sense of your analogy, that the "peasants" in this case is the current president of the united states and Elon Musk. the "soliders" would then be "Jeff Bezos" and "Sundar Pichai"
> This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
No, the left wing wasn't really involved. It looked from the outside like a pocket of authoritarians settled in the US intelligence services. Given the priorities of the Trump establishment on starting Term 2 when they moved very quickly to gut the US propaganda services I think Trump's people came to a similar view. And the relenting came when it was obvious that the companies involved were going to start suffering commercial consequences. Or, in cases like Twitter, got bought out by prominent right-wing figures.
> Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
Yeah. It isn't really operating on the same scale as Twitter and it only exists because Twitter felt the obvious way to construe "To all of those who have asked, I will not be going to the Inauguration on January 20th." was as glorification of violence [0]. It's commercial wisdom is unclear.
> I think it's interesting that you posit this as a fight between the "peasants" and the "soliders".
I'm almost positing the opposite, NOT(it is a fight between peasants and soldiers). That is why I think the feudal meme is a mistake - this isn't a situation where the powers that be in the tech world can actually bring consequences down on a class of people. The people have freedom.
[0] It was bizarre. I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Feudalism is formed by birth right privileges, excluding peasants or merit. With a look to present wealth distribution mechanisms (inheritance), its is no far fetch to apply that polarization effect to software infrastructure too, because software isnt really that immaterial.
> Feudalism is formed by birth right privileges, excluding peasants or merit
Lots of systems have that property, including many democracies (the UK political system, for example, is quite democratic yet embraces birthright privilege excluding peasants). It doesn't characterise or get to the important parts of feudalism.
unless you make that privilege about a universal resource like money, which can be translated to political power. You are right, many societies have that feudalism-like problem (social mobility), when you look at it that way, even without a royal family.
I have 0 trouble understanding why Twitter didn't want to be whipping up fury against democracy using their power to do so. Six days before that ban Trump had definitively crossed the line over to full-blown treason with the Reffensperger call. Two days before the ban he sat quietly, waiting and hoping a mob of his supporters whipped up by his verbal diarrhea would sieze power for him, ending democracy. Make no mistake, Twitter did exactly what they had every legal and moral obligation to do.
That's fair. You didn't mention the left wing at any point, and I made an assumption.
This is veering quite quickly into unsubstantiated claims of collusion and conspiracy. You're weaving a network of secret deep state authoritarians secretly colluding with tech CEOs, and leaving no trace. It's honestly pretty close to QAnon, which is a huge red flag for me. I can't follow you there, and therefore can't make any substantial arguments for you.
What I would like to point out is the historical revisionism of Elon Musk buying twitter to weed out the subversive forces. He tried to get out of the deal, but the establishment forced him to see it through.
> I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
The announcement twitter made mentions that you have to take those tweets in context of the whole Jan 6. insurrection event. When you say that it's not incitement of violence, should I take that to mean you believe that the armed insurrection was not connected to Donald Trump? or do you believe that it was but that the further tweets weren't a further escalation of that conflict?
> The people have freedom.
I understand your argument for that then. I would caution that by saying that your conclusion hinges heavily on whether you believe Donald Trump is actually a popular reformist, or if you believe he is an elitist authoritarian. Your argument is quite close to "This can't be feudalism, the lords wants what's best for us", which is a quite unconvincing argument.
> You're weaving a network of secret deep state authoritarians secretly colluding with tech CEOs, and leaving no trace.
I'm really not, I just read political news from time to time. The Twitter files [0] were front page material for a few weeks, there isn't really any argument about whether the big social media companies are coordinating with US intelligence. They have regular meetings and there is some cross-pollination of employees.
It's hardly traceless, and it is good stuff to keep abreast of.
> What I would like to point out is the historical revisionism of Elon Musk buying twitter to weed out the subversive forces.
Again, you seem to be reading more than I'm writing with this one. You asked when the relenting happened, I picked a rough date on the timeline. I don't think it is remotely controversial to say that he's made Twitter more accommodating for voices from the US right wing.
> When you say that it's not incitement of violence, should I take that to mean you believe that the armed insurrection was not connected to Donald Trump?
I mean, if we're talking about the ~100 people who turned up armed [1] then I think it would have been easier for Trump to maintain the element of surprise and just hire some goons rather than making whiny statements on Twitter that require a Doctorate of Crazy to detect violent intent. Maybe even arm them all with guns. He is said to be quite wealthy.
It is an interesting open question of how many of those hundred people decided to come armed because he wasn't going to attend the inauguration. Although I have always applauded Trump's ingenious follow-up of not attending said inauguration to make it look like he was serious rather than the modern Machiavellian puppetmaster he actually is.
>This would seem to imply that the established internet, what we had before this relenting, was somehow left wing.
I would omit the left-wing characterization as a debatable generalization. Perhaps it would be better described as the specificplatforms being opposition partisans, rather than the Internet itself.
> Perhaps it would be better described as the specific platforms being opposition partisans
I'm sympathetic to such an argument, but it does beg the question: Which platforms? The original comments choices of singling out Rumble and Truth Social, would imply that YouTube and Twitter would at least be _among_ those "specific platforms" but neither of those platforms are, at least according to the left, particularly left wing. Both platform have repeatedly been criticized for creating and propagating structures that lead people down what was called "the alt-right pipeline" and has, historically, hosted some of the most active alt-right figureheads.
That's not to say either platform is or was right-wing either. I'm not the one making an argument. Though I'm not convinced they were particularly left-wing or partisan before the creation of Rumble and Truth Social.
Just to be clear, I never said anything about the left wing. I don't think they were involved in that one. Suppressing speech is generally opposed by the leftists.
> Projects with CLAs more commonly are subject to rug pulls; projects using a developers certificate of origin do not have the same power imbalance and are less likely to be rug pulled.
Would be worth explaining why: my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA. So you say "it is a GPL project, my contribution is GPL, but I allow you to relicence my contribution as you see fit".
If the project uses a permissive licence already, honestly I don't really see a big impact with signing a CLA: anyone can just take the codebase and go proprietary with it. However, if it is a copyleft licence, then signing a CLA means that the beneficiary of the CLA doesn't play by the same rules and can go proprietary with the contributions!
If you don't want a rug pull, you should use a copyleft licence and not sign a CLA: nobody can make Linux proprietary because the copyright is shared between so many people.
If you use a permissive licence, then a rug pull is part of the deal.
> my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA.
Just to clarify, this depends upon the exact CLA you sign. Canonical's CLA (CCLA) [1] for example, contains this clause in Section 2.3 Outbound license:
> We may license the Contribution under any licence, including copyleft, permissive, commercial, or proprietary licences. As a condition on the exercise of this right, We agree to also license the Contribution under the terms of the licence or licences which We are using for the Material on the Submission Date.
This means that they promise to release your contribution under the original license as well. Or in other words, they won't relicense the old contributions retroactively. There may be other CLAs that don't make this promise. It's generally a good idea to read and understand what you are signing up for. (Applicable for any agreements, not just CLAs, since your argument is to avoid them.)
Almost all CLAs let the contributor retain the copyright. (If I understand correctly, copyright transfers are involved only in CAAs.) So that option is also available for you to do whatever you want to do with your contributions. In any case, the actual problem is the breach of an unwritten trust you place in the project owners. Since you generously contributed your work to them and everyone else, you'd expect the same favor in return for the contributions by others in the future. But CLAs leave that open and under the sole control of the project owners, primed for a rug-pull. The only way you'll ever get the benefit of those contributions after a rug-pull is if you collaborate directly with the other contributors - a fork in essence.
> If you don't want a rug pull, you should use a copyleft licence and not sign a CLA
There is an odd and particularly hideous combination of those two - AGPL + CLA. I'm generally a proponent of AGPL. However, I believe that this combination is worse than a permissive license + CLA. Copyleft licenses require you to supply the source code (including your custom modifications) upon request to anyone you distributed the application to. In AGPL, the use of an online service also falls under the definition of 'distribution of application'. So you have to distribute the modifications of the server-side code to anyone who uses your service. I see this as a good thing - because someone else with a lot of resources can't just improve and host your service, denying you the benefit of those improvements. However with a CLA, the project owner (perhaps a company) can host a relicensed version with undisclosed improvements, while you will be forced to reveal your improvements if you try to do the same (since you're using AGPLed code). You wouldn't have the same problem if the source was under a permissive license + CLA.
But here is where it gets particularly egregious. The above problem can also affect software under just a permissive license and no CLA. This is what happened to Incus and LXD. LXD was initially under the Apache license and the linux containers community, in collaboration with Canonical. One fine morning, Canonical just decided to take control of the project, prompting the linux containers community to fork it as Incus. For a while after that, both projects used to borrow code from each other since they had the same license. But then Canonical decided to relicense LXD under AGPLv3 + CLA. This means that it was no longer possible for Incus to borrow code from LXD due to license incompatibility, while Canonical continued to do so under a slightly odd arrangement. You can read about it in detail here: [2]
[1] https://canonical.com/legal/contributors/agreement?type=indi...
[2] https://stgraber.org/2023/12/12/lxd-now-re-licensed-and-unde...
> If you use a permissive licence, then a rug pull is part of the deal.
True. Yet CLAs do not always give away all rights.
There is no such thing as a rug pull in regards to open source. A GPL copy of your code will exist forever.
Yes, it's a pretty weird notion. The only "rug pull" is wrt. ongoing maintenance of the project, but any maintainer may end up abandoning their own project for any reason or no reason at all. This is why essentially all FLOSS licenses have long provided for the right to fork the existing codebase under a new maintainership.
> Contributors and maintainers often have less power than even the smaller companies, and users have less power yet.
If contributors/maintainers are not happy with what the small company does, they can fork the project (assuming a liberal license) and continue in their own way. Valkey is a good example (with an interesting twist of license dynamics where Redis can use Valkey code now, but not the other way around).
> We have built a world where it is often easiest to just use whatever a cloud provider offers
And, IMHO, this is the major problem in the dev community these days - we've become lazy and focused on nonsense ("pretty"/unusable UIs, web gymnastics, llm, "productivity" etc.). We didn't have problems in the past to fork or reimplement OSes (various BSD instances), compilers (gcc versions), databases (MariaDB), and so on. There are tons of geniuses around hacking on cool stuff, but, sadly, the loudness of various hipsters and evangelists limits their visibility.
> Those providers may not contribute back to the projects they turn into services, though, upsetting the smaller companies that are,
The significant contribution that these providers (AWS, et al.) make to these projects is often overlooked - free advertisement. If I can remember correctly, ElasticSearch got popular when AWS started to offer it as a service. Additionally, cloud providers usually contribute (by employing core developers, shipping patches or testing) to the kernel, gcc or jdk, from which these small companies benefit significantly. In contrast, they themselves could do none of this.
But it is easier to blame "big scary clouds" than to rethink your business model. Be honest, start closed; no one will touch that and no one will be standing in your way.
Building the software you rely on from source by default is one way to reduce the impact these events have on you and shift the power dynamic. If you're installing binaries/images from a vendor (free or otherwise), transitioning to a fork may be an undertaking and a sweaty risk-assessment.
Switching your existing build-infra to sync sources from a new remote should be a snap.
Also no major need to hound maintainers to ship a release or merge that neglected bugfix or feature you desperately need - just cherry-pick it.
Not sure why this is getting down votes but I agree. Also building from source doesn't have to be hard (see sqlite).
Depends on the actual software licence, many commercial vendors do provide source code, however the licence doesn't allow you to do whatever you feel like with code, even if technically it is possible to do so.
This happens a lot in commercial products where scripting languages are used, for example.
Or enterprise consulting as another example, where the code is delivered as part of the project, but it is bound to the agency for compiling purposes, unless the customer pays extra for that right.
This whole discussion is about FLOSS projects where the right to "do whatever you feel like with code" is well established - even literally so, in the case of purely private/internal changes that are not distributed to or publicly performed for any third party.
IMO if you're a technical decision maker, you should ignore fair source/business source stuff with extreme prejudice. These are fundamentally incompatible with the goal of having autonomy for your systems.
Only pick these if they're non-critical, have a significantly higher RoI, or a high commodity item.
It's hard to feel any sympathy for people who spend money and still bend over.
For most people it is only business, there is zero FOSS ideology.
A hard lesson many have come to learn when there are bills to pay, and coffee priced donations hardly make it.
This is causing management at the current company to run in circles a bit as well. The company has been fairly adamant about having support contracts for systems, and it has encountered a number of these stunts. Opscode with chef a long time ago, CentOS exit, VMWare, Broadcom has a number of more ugly things available in Tanzu.
And we were either paying these companies (looking at VMWare), or looked for quotes and intending to pay these companies. But suddenly, your configuration management is supposed to cost almost 6 digits per year. Very basic services should suddenly cost a mid-6-digit range per year for a basic suport contract. Sorry but what the fuck? And - again, looking at VMWare - even then we can't really rely on it?
I've been recommending to instead sponsor foundations, or straight up paying maintainers and developers of OSS we use regularly. The giggles when suggesting that have been getting quieter. But I'd rather hire a Proxmox/qemu dev than start paying the next VMWare.
> There is typically a spike in these clones after a relicensing event, suggesting that people are considering creating a hard fork of the project
That, or maybe people make a "snapshot" just in case. I don't believe many people seriously consider leading the effort of maintaining a fork...
I emailed Stallman about the ethics of using AGPLv3 with a CLA to allow selling exceptions. Here's his reply:
https://news.ycombinator.com/item?id=42601846
I believe there should be a broader family of terms besides rug pull for when the intentions of vendors and developers change over time to become extractive and negative. No, enshittification is not the right word.
Why is LWN writing articles about purple hairs ranting about social problems? I expect them to focus on the technical developments of Linux and not this drivel.
Why are you trying to distract from the content of the article? I don’t know why her hair color is so triggering for you but she has a couple decades working in open source, multiple relevant degrees, is on the CNCF Contributor Strategy TAG, and is talking about some real issues affecting a lot of projects.
If you can’t get over her physical appearance long enough to engage with the topic, it’s healthier to leave the thread and do something else.
Why does her hair color matter to you? Why is open source longevity and viability not on-topic for LWN discussion?
Dr Foster holds a PhD, did her dissertation about the Linux kernel, and has had a respectably long career in technology with a focus on open source and governance. The topic is literally straight in her professional wheelhouse.
[dead]
Without commercializing the non-contributor users, they have really no leverage in any of the relationships. Connecting them together by pooling their financial power to pull in contributors creates a real force to resist rug pulls a la Val-key. That is one of the kinds of thinking behind PrizeForge and why I'm implementing bare-minimum Postgres backups today because we're a fledgling startup and need Rust engineers: https://positron.solutions/careers
It's nice to see an article that is just interesting. Although trying to model an environment of extreme freedom as 'feudal' is one of the big philosophic mistakes in the current discourse. Although it is easy to establish that the majors are very sticky they're only sticky as long as they do a good job. Groups like AWS or Google are actually pretty vulnerable - the US right wing looked like it was about to build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public. Places like AWS had to pull their head in and the spin offs from that like Rumble or Truth Social haven't gone away, they just partially marginalised when the censorship backed off. That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
> they're only sticky as long as they do a good job
> Groups like AWS or Google are actually pretty vulnerable (...) build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public
The part of AWS or Google infrastructure necessary to "speak up in public", relative to their total infrastructure, is probably close to the tiniest number you can imagine. I can't see how an alternative web forum or short text message service, even if used and supported by many, could make AWS or Google vulnerable. And as a reminder, the public is not a customer for Google nor AWS.
Or maybe by "the US right wing" you meant a handful of billionaires who would fund an alternative to Google and AWS? That still sounds naive to me. The estimated assets of Google or AWS in datacenters only is somewhere in the hundredth of billions, plus a good fraction of that every year for maintenance. Their current valuation is between $2 and $3 trillion.
Having no exeprience about peasants revolts (yet ;)) I only meant to comment on that part of your message.
Exactly; there are many mechanism in-place that allow us (anybody) to create alternatives if the currently dominant players start to misbehave too much; they just have not
And there are mechanism that restrict you. The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Otherwise, im am really wishing for alternative payment processors ... could someone proove me wrong here please.
You worldview is incredibly foreign to me, but I'll try to engage fairly with it.
> the US right wing looked like it was about to build a complete alternative internet for a while there
This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
> they just partially marginalised when the censorship backed off.
Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
> That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
I think it's interesting that you posit this as a fight between the "peasants" and the "soliders". I'm assuming, to make sense of your analogy, that the "peasants" in this case is the current president of the united states and Elon Musk. the "soliders" would then be "Jeff Bezos" and "Sundar Pichai"
> This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
No, the left wing wasn't really involved. It looked from the outside like a pocket of authoritarians settled in the US intelligence services. Given the priorities of the Trump establishment on starting Term 2 when they moved very quickly to gut the US propaganda services I think Trump's people came to a similar view. And the relenting came when it was obvious that the companies involved were going to start suffering commercial consequences. Or, in cases like Twitter, got bought out by prominent right-wing figures.
> Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
Yeah. It isn't really operating on the same scale as Twitter and it only exists because Twitter felt the obvious way to construe "To all of those who have asked, I will not be going to the Inauguration on January 20th." was as glorification of violence [0]. It's commercial wisdom is unclear.
> I think it's interesting that you posit this as a fight between the "peasants" and the "soliders".
I'm almost positing the opposite, NOT(it is a fight between peasants and soldiers). That is why I think the feudal meme is a mistake - this isn't a situation where the powers that be in the tech world can actually bring consequences down on a class of people. The people have freedom.
[0] It was bizarre. I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
> The people have freedom.
I repeat my other reply:
The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Feudalism is formed by birth right privileges, excluding peasants or merit. With a look to present wealth distribution mechanisms (inheritance), its is no far fetch to apply that polarization effect to software infrastructure too, because software isnt really that immaterial.
> Feudalism is formed by birth right privileges, excluding peasants or merit
Lots of systems have that property, including many democracies (the UK political system, for example, is quite democratic yet embraces birthright privilege excluding peasants). It doesn't characterise or get to the important parts of feudalism.
unless you make that privilege about a universal resource like money, which can be translated to political power. You are right, many societies have that feudalism-like problem (social mobility), when you look at it that way, even without a royal family.
https://www.wired.com/story/yanis-varoufakis-technofeudalism...
I have 0 trouble understanding why Twitter didn't want to be whipping up fury against democracy using their power to do so. Six days before that ban Trump had definitively crossed the line over to full-blown treason with the Reffensperger call. Two days before the ban he sat quietly, waiting and hoping a mob of his supporters whipped up by his verbal diarrhea would sieze power for him, ending democracy. Make no mistake, Twitter did exactly what they had every legal and moral obligation to do.
> No, the left wing wasn't really involved.
That's fair. You didn't mention the left wing at any point, and I made an assumption.
This is veering quite quickly into unsubstantiated claims of collusion and conspiracy. You're weaving a network of secret deep state authoritarians secretly colluding with tech CEOs, and leaving no trace. It's honestly pretty close to QAnon, which is a huge red flag for me. I can't follow you there, and therefore can't make any substantial arguments for you.
What I would like to point out is the historical revisionism of Elon Musk buying twitter to weed out the subversive forces. He tried to get out of the deal, but the establishment forced him to see it through.
> I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
The announcement twitter made mentions that you have to take those tweets in context of the whole Jan 6. insurrection event. When you say that it's not incitement of violence, should I take that to mean you believe that the armed insurrection was not connected to Donald Trump? or do you believe that it was but that the further tweets weren't a further escalation of that conflict?
> The people have freedom.
I understand your argument for that then. I would caution that by saying that your conclusion hinges heavily on whether you believe Donald Trump is actually a popular reformist, or if you believe he is an elitist authoritarian. Your argument is quite close to "This can't be feudalism, the lords wants what's best for us", which is a quite unconvincing argument.
> You're weaving a network of secret deep state authoritarians secretly colluding with tech CEOs, and leaving no trace.
I'm really not, I just read political news from time to time. The Twitter files [0] were front page material for a few weeks, there isn't really any argument about whether the big social media companies are coordinating with US intelligence. They have regular meetings and there is some cross-pollination of employees.
It's hardly traceless, and it is good stuff to keep abreast of.
> What I would like to point out is the historical revisionism of Elon Musk buying twitter to weed out the subversive forces.
Again, you seem to be reading more than I'm writing with this one. You asked when the relenting happened, I picked a rough date on the timeline. I don't think it is remotely controversial to say that he's made Twitter more accommodating for voices from the US right wing.
> When you say that it's not incitement of violence, should I take that to mean you believe that the armed insurrection was not connected to Donald Trump?
I mean, if we're talking about the ~100 people who turned up armed [1] then I think it would have been easier for Trump to maintain the element of surprise and just hire some goons rather than making whiny statements on Twitter that require a Doctorate of Crazy to detect violent intent. Maybe even arm them all with guns. He is said to be quite wealthy.
It is an interesting open question of how many of those hundred people decided to come armed because he wasn't going to attend the inauguration. Although I have always applauded Trump's ingenious follow-up of not attending said inauguration to make it look like he was serious rather than the modern Machiavellian puppetmaster he actually is.
[0] https://en.wikipedia.org/wiki/Twitter_Files
[1] https://en.wikipedia.org/wiki/January_6_United_States_Capito...
>This would seem to imply that the established internet, what we had before this relenting, was somehow left wing.
I would omit the left-wing characterization as a debatable generalization. Perhaps it would be better described as the specific platforms being opposition partisans, rather than the Internet itself.
> Perhaps it would be better described as the specific platforms being opposition partisans
I'm sympathetic to such an argument, but it does beg the question: Which platforms? The original comments choices of singling out Rumble and Truth Social, would imply that YouTube and Twitter would at least be _among_ those "specific platforms" but neither of those platforms are, at least according to the left, particularly left wing. Both platform have repeatedly been criticized for creating and propagating structures that lead people down what was called "the alt-right pipeline" and has, historically, hosted some of the most active alt-right figureheads.
That's not to say either platform is or was right-wing either. I'm not the one making an argument. Though I'm not convinced they were particularly left-wing or partisan before the creation of Rumble and Truth Social.
Just to be clear, I never said anything about the left wing. I don't think they were involved in that one. Suppressing speech is generally opposed by the leftists.
A lot of words without any mention of copyleft, protective licenses, GPL. Difficult to take the article seriously.