Well if it isn't cryptocurrency spam coming from the biggest, open instance on the #Fediverse. 👀
I wonder if this is at all related to challenges with moderating an instance of checks notes 200k active accounts? Or with moderating new accounts on the only instance actively promoted in the official apps? :thinking_rotate:
Thankfully we can always defederate! What's that? It's the biggest instance so there are real concerns about a lot of people losing connections? Whodda thunk it!
We talk about our "culture" from this consensus building we social "police" our "commons" it's basic stuff we should not need to talk about, it's natural if we are not worshiping a #deathcult
The project of the #4opens for the last ten years, is a non-legalistic path towards codification of #FOSS culture. A tool to compost healthy soil to nurture seeds of hope.
The Register should actually read the draft of #CyberResilienceAct , which clearly makes that distinction in item 10 of the preamble:
In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.[^1]
The fact that you see companies such as Microsoft (through GitHub) speaking against CRA is quite telling: because if FOSS volunteers aren’t legally responsible for software #security under CRA, then who will be? Well, of course the Microsofts, Amazons and RedHats of the world, who take free software and sell products based on it as well as support contracts for #FOSS packages. This is precisely why they started this “grassroots” disinformation campaign, just like Google did with “ACTA2”, having even Python Software Foundation confused to repeat the nonsense:
The existing language makes no differentiation between independent authors who have never been paid for the supply of software and corporate tech behemoths selling products in exchange for payments from end-users.^2
After reading the three The Register articles[^1]^2 on the #CyberResilienceAct I have an impression that British press is again doing exactly what they have done on #Brexit - taking EU ideas their sponsors don’t like and intentionally distorting them to create an utterly absurd picture of “Brussels idiots”, while perfectly realising they’re lying. Just read this:
But the EU commissioners don’t have a clue about how open source software works. Or, frankly, what it is. They think that open source is the same as proprietary software with a single company behind it that’s responsible for the work and then monetizes it. Nope.[^1]
Note this is not written by some Daily Mail intern who doesn’t distinguish “directive” from “regulation”, this is written by an IT journalist who clearly has read the CRA draft. He perfectly understands what he’s writing about, he knows how the software market works. And then he writes this:
The CRA’s underlying assumption is that you can just add security to software, like adding a new color option to your car’s paint job. We wish! Securing software is a long, painful process. Many open source developers have neither the revenue nor resources to secure their programs to a government standard. The notional open source developer in Nebraska, thanklessly maintaining a vital small program, may not even know where Brussels is in Europe (it’s in Belgium). They can’t afford to secure their software to meet EU specifications.[^1]
I have spent quite large part of my professional life in software #securityand I do #FOSS, so let me correct this misleading paragraph:
“Notional open source developer in Nebraska” may not have resources for user support and security, but doesn’t have, because CRA clearly excludes him from the regulation (preamble, item 10)
Because large companies still want to use the Nebraska library, and because large companies like to have “software support contracts”, they do pay for the latter to “software support companies” whose names we all know.
Majority of the “software support company” job is to repackage the original FOSS library and cash “support contract” payment. This is exactly how we ended with OpenSSL library being placed literally everywhere for decades until someone decided to have a look and found tons of vulnerabilities.
Could these vulnerabilities have been found earlier? Of course: the software (SAST, DAST, IAST etc) to do it is widely available. There’s just one problem: it’s bloody expensive.
Of course, Nebraska dev won’t spend 10^5 USD annual cost of a decent SAST scanner just for peace of mind. Otherwise, if someone sends a merge request with a fix, he or she will likely happily merge it.
But hey, maybe there’s someone in the food chain who is already casually cashing a lot of money for repackaging the Nebraska free software that could possibly spend a fraction of it for that kind of maintenance? 🤔
Make your own mind about who might be the most impacted by CRA here…
The #4opens has many useful roles, one that needs highlighting now is grassroots tech projects being pushed aside by obviously parasite #NGO and #fashernista tech projects that grow from them.
Over the last 20 years, in my in-depth expirence this happens in every case
The open process makes visible this #techshit, so we can compost it at source.
Use the #4opens in all your grassroots tech, please.
Just migrated over from another instance and figured I'd do an #introduction.
I am a SWE whose background is heavily in the #FOSS space. In college and throughout, I helped bring up devices for #CyanogenMod/#LineageOS and eventually became the frameworks lead for the parent company.
Apart from that I really enjoy #biking, hanging with my wife and dog, making mobile games, apps, and playing with my soldering iron. I'm always looking for new projects!
What I'm dying to see out of #ProgrammingLanguages, #tools and #FOSS in the near future is even more package managers. You can never have too many package managers. We already have a different package manager per language, and considering everyone thinks this is so amazing, why stop there? If you're really serious about your project, if you dream that it may become Your Project Foundation one day, ship it with it's own package manager, and, hell, add a fancy new build system. The worst thing you could do is narrow your ambitions down to software that plays nicely within a greater universe of user tools, because you must seek to not to attract not users but rather Projectstaceans for whom the sky is the limit, an individual ecosystem is the only serious contemporary #FreeSoftware goal.
Join our policy breakfast to discuss the impact of the proposed Cyber Resilience Act on #FOSS in Europe. Discover the role of FOSS, why the CRA may miss the mark, and how co-legislators can address the concerns.
🗓️ May 25, 08:30 - 10:30CET
📍 Brussels
Speakers:
Dr. Detlef Zerfowski, VP of Security and Runtime Environment at ETAS
Dirk-Willem van Gulik, Apache Software Foundation
Moderator:
Astor Nummelin Carlberg, Executive Director, OpenForum Europe
I swear anyone who explains to me what #FOSS is again gets an instant block.
I’ve freely shared nearly everything I’ve created in four decades of programming and I’ve been writing free software exclusively, at great personal expense, for over a decade. (So I haven’t been working at fucking Google or Facebook and hacking on my personal hobby project in the evenings, which seems to be a particularly common trait among #fossbros)
Library Space Technology Network is a pilot project that involves public libraries and hands-on construction of satellite ground stations. It seeks to promote public access to open source #space technology by building #SatNOGS stations pioneered by the Libre Space Foundation at five public libraries around the world: #FOSShttps://lstn.wolba.ch/
I'm a former #conlanger (a #conlang is a constructed #language) which got me into #linguistics, #languages and language-learning in general. I'm in a long-term, purely cerebral relationship with #Welsh, whether it likes it or not.
In June 2022 I stumbled across the r/Asexuality subreddit and found people talking about me. Of course, they were talking about themselves, but for me it was like a second awakening. On the #asexual spectrum, I'm specifically #anegosexual (a.k.a. #aegosexual) and some flavour of grey-homoromantic I haven't explored yet.
I'm generally #sex-positive, but I spent too many years being made to feel like shit by other young #gay guys who saw themselves as the only valid way to be #queer so it doesn't always come across.
Hey we have some info about Vanilla OS 2.0 Orchid!
Meet Pico, Core and Desktop!
Orchid structure is very different from 22.10, it's built using images.
Pico is a mini Debian image built using the Vanilla OS repos and provide a dev env.
Core is built on Pico, provide all the core components (ABRoot, Apx, VSO..). It's a Vanilla, even more vanilla.
Desktop (Vanilla OS) is built on Core, offers the complete Vanilla OS experience with all GUI components, including GNOME.
After #ArmCord 3.2.0, I will not be maintaining the #Flatpak any more.
The devs refuse to stop relying on tray icons which are so blatantly broken on Linux. I've stated that I don't care if they have tray icons, but don't rely on them and assume they're available. If they don't fix either the spec or stop relying on tray icons, I won't be supporting them, be it fixes or maintaining it.
So either #FreeDesktop adds a new tray icons spec and everyone adopts it, at which point I will consider maintaining and contributing to ArmCord, or Flatpak makes a portal that implements them properly. but if ArmCord doesn't stop relying on broken behavior I will not be supporting it in any way.
In the meantime I recommend you to use the web version of #Discord.
To say a bit more: I travel a lot, including in the US and to less-populated, lower-infrastructure and less-traveled places. I'm just getting started with it but based on a couple of trips, @organicmaps straight up out-performs the competing, surveillance-addled commercial alternatives on data quality and UX. You should download it now and start using it as your default. Truly excellent and righteous. #privacy#foss#life
"It’s kind of an open-source victory, because we’re flying an open-source operating system and an open-source flight software framework and flying commercial parts that you can buy off the shelf if you wanted to do this yourself someday." — NASA Jet Propulsion Laboratory (JPL) senior engineer Tim Canham on #Mars Ingenuity Helicopter #FOSS#space, Source: https://spectrum.ieee.org/nasa-designed-perseverance-helicopter-rover-fly-autonomously-mars
I just finished the slightly nerve-wracking but very important task of flashing and sideloading the #LineageOS 20 release and recovery images (an upgrade from 19.1). All went smoothly. #heimdallflash and #adb served me well once again. As always, many thanks to the @LineageOS maintainers! 👍 #android#foss