i'm sorry, but to be blunt, if you're going to come into my mentions talking about "big tech" without naming specific bad actors, i'm going to be forced to conclude that you're probably a fascist at this point
"big tech" implies a nebulous conspiracy organized by tech workers and executives. it is like the "deep state."
the monopolistic behaviors of google, amazon, microsoft, etc are real, but we must identify these behaviors specifically in order to have any hope of actually addressing them.
One of my larger complaints about Linux Foundation events is that they are very much targeted at corporations with large budgets to send people to conferences.
For example, as someone who has mostly been an indie OSS maintainer over their career, I would love to go to Open Source Summit and meet up with people to discuss what problems they are having with the software I maintain and how we can collaborate on resolving those problems.
But my choices are to register as a "hobbyist" (a frankly demeaning thing to call an indie maintainer) at $249, which requires me to go ask them for a discount code (also frankly demeaning), or register at the full $949 rate, or maybe I could get the "small business" discount code which brings it down to *only* $500. Man, what a favor, huh?
I understand that putting on these events is very costly, but when indie OSS maintainers are given the option of paying nearly $1000 or having to go ask someone for a "hobbyist" discount code, it seems very disrespectful to the maintainers who are building the actual software that this summit is about.
Do you really think the guy in Nebraska who is holding up all modern digital infrastructure in his spare time has the money to spend $949 to go to a conference? For all the talking we do about building inclusive conferences, this has to include *access* for indie maintainers.
One of my larger complaints about Linux Foundation events is that they are very much targeted at corporations with large budgets to send people to conferences.
For example, as someone who has mostly been an indie OSS maintainer over their career, I would love to go to Open Source Summit and meet up with people to discuss what problems they are having with the software I maintain and how we can collaborate on resolving those problems.
@ariadne I don't know if this is solvable, because in addition to the conference ticket, there is travel and hosting. Local conferences do better on these metrics but I feel like we're hitting a contradiction in terms, i.e. gathering contributors from all over the globe to a central place so they can collaborate in person - that's not a local event π
On top of all that, personally I think global conferences the way we do them today are an unsustainable practice. Idk if they can be fixed :/
@ariadne Attended KubeCon EU a few years back, but it felt more like a BigCorp sales event for other BigCorps, but with the occasional food truck and swag.
Not really targeted for an OSS mindset or for maintainers to exchange.
not surprised that @postmarketOS folks pulled the trigger on systemd
in alpine we have promised to build something better than openrc for years, but it still isnβt here.
meanwhile, the polyfills for various systemd apis to work on openrc do not actually work correctly in many cases, leading to unnecessary bugs on the desktop.
i think @alpinelinux should join pmOS in getting off openrc, the project is basically on life support anyway and the maintainers primarily focus on Gentoo usecases also.
in the latest "the software supply chain is only as secure as the humans which review it" debacle, somebody installed a fake exodus wallet application from the snapcraft store, which was reviewed by nobody, and lost ~$490,000 dollars in bitcoin: https://popey.com/blog/2024/02/exodus-bitcoin-wallet-490k-swindle/
this is bad, really bad. it is bad because an attacker can exploit qemu, and then break into a user account which has direct access to other customers' data.
in order to cover our costs (alcohol acquisition for our staff) of moderating threads mentioned on hacker news, we will be immediately mining crypto coins via webassembly when people visit treehouse mastodon via hacker news
Every customer of HE signs a contract, which states that they will abide by the TOS/AUP or their service may be interrupted.
There is no world where KiwiFarms abides by their TOS/AUP. By design the entire purpose of the website is an egregious violation of multiple points of the HE AUP.
HE has the right to enforce their TOS/AUP by not routing traffic to Joshua Moon.
Every customer of HE signs a contract, which states that they will abide by the TOS/AUP or their service may be interrupted.
There is no world where KiwiFarms abides by their TOS/AUP. By design the entire purpose of the website is an egregious violation of multiple points of the HE AUP.
@ariadne@eff I disagree. EFF is, as usual, taking the long and broad view, and they are right. As far as I can tell, KiwiFarms does not have a contractual relationship with with Hurricane Electric. So they are not bound by their TOS/AUP. I know nothing about KiwiFarms except what's in the EFF article. They sound horrible. But we do not destroy bridges because some awful people use them.
@ariadne@eff the EFF clearly states their understanding is that KF is not a customer and would not have signed an AUP. Are you refuting that factual claim or are you suggesting that Crunchbits AUP signature makes them liable for all of their customer's use?
(for the record I'm happy to see any disruption to KF in isolation)
@ariadne@eff I have no comment on the technical aspects (you clearly have a much better grasp on that than I do), but I'd like to add two points that might be persuasive to some:
1. If the concern is "fascists will use this principle against good speech in the future" - since when do fascists care about principles? 2. The speech in this case - harassment and doxxing - is itself the harm that needs to be stopped. So yes, there is a real, actionable difference between KF and other websites.
@ariadne Oh wow. RIP. I can't think of another piece of software that I use so frequently. The sheer number of people that use Vim... I wonder what the future of it looks like without him.
incidentally, the only acceptable response to somebody posting CSAM on your service is to immediately suspend their account, preserve the evidence, and hand it over to law enforcement
instead of deleting evidence and reactivating an account like Elon did
also, the phrase "open source <neural model>" is misleading.
there is nothing that can be open source about a neural model. that is like saying the `/bin/bash` binary you have on disk is, on its own, open source.
it's the *training data* which would be open source here.
@ariadne You ain't kidding. One winter I had one of those sitting in a cold kitchen sink when I dumped hot water from the stove into it. Glass *everywhere*.
(the correct answer to "what is the plural of kubernetes" is "clinical depression", by the way)