hot take: #cs academics should be expected not only to publish the full source of the programs that demonstrate their research (I can't believe this still needs to said), but they should also be expected to offer #ReproducibleBuilds of the environments so that the results may be reproduced at a later point in time. "it works on my machine" is no longer a legitimate problem and "I'm self-conscious about the code because its messy" both holds you to a lower standard than undergraduate CS students are held to for their assignments, while holding the reader responsible for reconstructing your research from some small set of source snippets, which amounts to imposing trust in the authority of university discourse, a kind of metaphysics.
taking a few weeks to learn how to use #guix for #ReproducibleResearch should not be too much to ask, knowledge production is mere discourse production when the results cannot be scrutinized beyond a peer review process without a good deal of effort, which we all know that few people have the time for. if you can't be bothered to get it working, then why should your readers be expected to assume that it works?
I would agree we should all think about the possible risks when writing #software, not just if it's #openSource... but to advocate only for #AI models that are #proprietary will benefit just #bigTech.
Shouldn't #tech be for the benefit of the overall society?
So here we have #Unity trying to launder its (well-deserved) tarnished reputation by getting rid of the CEO (with an absurd golden parachute that should've been 0 for gross incompetence) but without making any meaningful changes to their licensing.
As expected of corposcum pushing #proprietary software.
The fediverse is going to suffer a hideous setback if Xitter goes into receivership, and they actually put a competent CEO in charge. It doesn’t make me feel good to say that, but I have a penchant for reality. It doesn’t mean it fails. But it sure will mean a much much longer trajectory.
@shoq Anyone going back when we've had a first class demonstration of how #proprietary#SaaSS in the hands of corposcum can be rapidly and trivially turned against its users is a fool.
Special shout-out to @nodebb for bringing this amazing #foss#opensource platform 🙂 with no strings attached.
Considering things that recently happened to #unity#unity3d it is absolutely necessary to take everything into consideration before committing into a #proprietary software.
I've been working on a response to the Whitehouse RFI on open source security, and I feel like there's a trend starting to emerge
There are foundations, companies, universities, governments, think tanks ... It feels like everyone is trying to do something to fix open source security
And it also feels like nobody is talking to the open source developers. The people who are actually doing the work
This goes back to @Di4na "I am not a supplier" blog post I think
I'm also starting to wonder if this is turning into "YOU SHOULD BE GRATEFUL FOR THE SCRAPS I'M GIVING YOU!"
This stinks of ulterior motives to me. Someone with a lot of influence wants open source to stop being a thing entirely. Someone, perhaps, who dislikes being outcompeted by plainly superior offerings.
Are you using WhatsApp? Get ready for Ads apart from regular spam and scams. WhatsApp explores ads in chat app as Meta seeks revenue boost https://www.ft.com/content/41f334a5-856c-4512-b550-eb6062036224 . According to two sources, Meta is considering implementing a subscription fee for an ad-free version of the app, but this idea is unpopular among many insiders. Why?
The thing I don’t get in the whole “what happens to all the old lightning cables” discourse is how everyone seems to be ignoring that ever since it was introduced, lightning‘s connector has been so electrically/metallically fragile that for vast number of people, especially those living in humid climates, lightning cables are consumables that only last a few weeks or, at best, months anyway.
Doesn't feel great starting to work on your 2 year #Unity project today with the recent policy changes they've made. Not really keen on using Unity again after this project is finished but thinking about the knowledge I've gained about their proprietary software suite it'll be such a waste!
I think I've learned my lesson. Learning to use #proprietary#closedsource systems is a total waste of time as in any moment the owner of the system could flip a switch and everything you learned is invalid.
just saw a youtube tutorial refer to sublime text as a free editor 🙄
it is not free nor is it open source. #SublimeText is fully #proprietary paid software that allows you to evaluate it. costs $99 to purchase access to releases for three years, then you have to do it again. it's also aging super hard. i wouldn't recommend it to new developers. #vscode / #vscodium has so many more features and is actually free.
what happens when libre software is neglected in preference of #proprietary alternatives? #jitsi happens. #xmpp happens. #widevine happens.
the very last time i pushed jitsi as a solution, the person said, ''i will go on using #zoom and if zoom fails me i will go use jitsi. jitsi will always be there.'' it was a wednesday.
if you and others do not use it, how will it grow?
people literally host libre software as a second thought. the only proprietary software that i tend to prioritize are video games.
The only one who claims that MongoDB/SSPL is open source is a single person who is #openwashing proprietary software using his website and his GitHub repo with 1 star. Just ignore it.
It doesn't even matter if I provide references & explanations on how it works, the "but we're not interesting" (completely failing to understand the automation aspect) mental block seems insurmountable and short-circuits any actual thinking about the matter.
„Despite being widely used and relying on secret cryptography, TETRA had never been subjected to in-depth public security research in its 20+ year history as a result of this secrecy.“
But then again noone pays me to fix it, so it's not my problem.
Spoiler: The proper fix is to abolish all #proprietary shit and demand a fully #OpenSource'd communications system, since everything else violates #KerckhoffsPrinciple and is thus inherently and unfixably insecure by design!
In tech years, I'm pretty old. I started using Linux when it was easiest to get as a boot image and root image on the Banjo FTP server, maybe ftp.funet.fi. Later, SLS, then Slackware, then FreeBSD, OpenBSD (co-wrote the IP Filter howto)... then #RedHat bought my company. I've subsequently spent more than half my life working at RH, and most of that time running Fedora, since Fedora was a thing. This is not impressive, I've just been here, and that means I have some perspective on #opensource.
It was in this spirit that #Linux distributions took off and the struggle to keep doing this fun hobby in a way that paid for itself became commonplace. Working at #RedHat, who was making ends meet with CD sales, coffee mugs, and the occasional support contract kept those good times going. When #proprietary#unix, by way of SCO, started getting lawsuit crazy, we found the #GPL really did stand up in court. #Groklaw was born, and IP law became something we all learned thanks to PJ, Webbink, etc.
It's 2027. LLM's are built into Systems on Chips. Everyone sees their own personalized worlds. Their computers show things in a way the user likes. Or the manufactorers like. Or the ad agencies like. Who knows. Apple helps us all write calm, understandable texts, posts, and books. Google shows us, in AR, "only what we need to see." A map on our walk we take to decompress. No, there are no homeless people in the street. Just follow the lines on the map. Yeah, like that. Hear that soft music. Your own personalized playlist, all made by AI. You like Mooncake right? Well, here's something that sounds like them. A little. But it's 24/7. More, more, more.
Some people make mistakes in their work to show that they're human. That wrong note? That's a mark of humanity. That misspelled word? They're one of us. That blotch of ink? A soul made that. Perfection is of the machines. To err is human.
The blind can see now. But at what cost? The machines know us all now. They see our faces. They see them, pick out details from what they see and what they know. Then they feed that to blind people, who eagerly gulp it down like a dry sponge. But the AI doesn't mention how fake the smile is, on the person who sees the camera that sees them. Wave for the camera, for the machine. But for the blind person, who only wants to have what sighted people were born with? Well.
Our computers then correct all that input. That misspelling? Surely the human didn't mean to do that. The blotch of ink is gone. All distilled into blandness. People begin writing on paper again. Blind people get what the AI gives, just as before. People are angry that their analog becomes digital again. Cycles and cycles. Dim and light. Gifts and hooks. Humanity and the seeking and the taking.
Let's pretend we're proponents of free and open source software, enlist an army of week intentioned FOSS developers to contribute to our project, and once successfully deployed in many enterprises across the industry...
Pull the rug out and convert it into a proprietary product with a bunch of undisclosed, hidden code that we won't ever show you - Muahahaha...
Yeah. I see this happening right now in several prominent and celebrated open source projects that you're probably completely oblivious to those sinister objectives.
This is why the most ubiquitous desktop operating system in the world is Minix.
What's that you say?
Yup, Minix. But that's no secret, the cat was out of the bag on that one a few years back (after being secretly so for many years).
Before you contribute any more code, translations, or documentation to a software project, consider this:
Now, there's another point to be made here, without specifically naming any projects currently abusing user contributions. Let's call this hypothetical project "hammer&anvil", itself a fork of a popular software project - but claims it's all about being free and transparent, wanting to distinguish itself from the project it's forked from by adopting GPL3 instead of a permissive license.
Sure, the project's BDFL (let's call her "Strawberry Daiquiri"), says one day, "were forming a fork of project X because they've formed a company and I'm afraid what they are going to do with X because it's under a permissive license. This girl will be brutally transparent and completely run by the community under the philosophy of anarchy, but we're going to call it a sociocracy so you don't know that it's really just me making a proprietary product for my own ambitions".
Well, Miss Daquiri decides to capture by capitalizing upon the sentiment that folks have for Copyleft - it's supposed to protect free software, right?
Well, this fork (hammer& anvil) is a hosted solution - meaning SaaS, meaning, it runs elsewhere (other than in your computer) in the cloud as a publicly accessible service. Hmmmm.
That means that the most appropriate Copyleft license is likely the AGPL, and not the GPL as one would expect fur a desktop or other local program that you actually download and install in your laptop or server.
The GPL requires that when you distribute (give away or sell) your program, either by letting someone download or handing it to them on a USB stick, Etc., You must also make available ALL of the source code, including any changes you've made to the program.
But if you run a modified GPL program as a service in the cloud you don't have to provide ANY off the changes you've made to the code.
Hmmm.
With AGPL you do have to supply your users with ANY code modifications you've made to the running service to which they have accounts...
So let's just say that you fork Mastodon, and call it Glitch-Soc, modify it, and run it in the cloud for people to create accounts on and use (for free or for monthly subscription fees - it doesn't matter). ANY and ALL changes to the code base that you make MUST be made available anytime a user asks for the source code, because it's an #AGPL licensed product.
And in reality, such is actually the case with this exceedingly popular and capable #fork. It's a fine product in it's own right.
But had you changed the license to all contributions moving forward to #GPL, you wouldn't have to provide any modifications you made (unless you give or sell the software product itself on say, a USB stick or via download).
Why? Because you're just allowing them to access and use your service, your not actually giving them the program to use for themselves elsewhere - so any modifications you made since forking under a different license (GPL instead of AGPL) isn't something you have to show them.
You've essentially created a #proprietary product (if you're so nefarious as to hide your code changes by butt disclosing them), the only code of which you must supply being that which existed under the AGPL before you forked it.
Both #Copyleft and permissive open source #licenses like #BSD and #MIT can be a good thing, or they can be abused beyond the intentions of the #FOSS inclined project contributors. Just make sure that you understand what can and cannot be changed where your intended purpose for the #distribution and #availability of source code is concerned....
There are BIG differences between the ramifications of each #license and how they can affect transparency and distribution of your free gifts to the world.
In our hypothetical scenario with hammer&anvil, the #BDFL, #Strawberry Daiquiri, has decided that she's going to launch a hosted service, and she's going to include things that you don't see and can't be aware of behind the scenes which, if disclosed, you would have nothing to do with - but you'll never know what kinds of scary things she's done with the product that only resembles the original on the surface, because Miss Daquiri will never have to show you the code she has added behind the scenes.
"Beautiful Victor, Beautiful."
-The Monster, speaking to his creator in the film, 'Frankenstein, The True Story'.
I'm just a girl, standing in front of the entire infosec community, asking them to give practical, simple digital security/privacy advice to people seeking abortions instead of describing outlandish Jason Bourne scenarios.
Is there an open source tool that I could use to build interactive courses for undergrad students that doesn't require them to log in/create an account (removal of barriers), is accessible/inclusive design-wise, and allows for stuff like video embeds and interactive quizzes and activities?
As I write I realise GitHub could help but is a higher entry level thing for me. Boosts welcome! :boosts_ok_gay: