Notices by Matt "msw" Wilson (msw@mstdn.social)

This article by @anna speaks to me.

"I speak the language of technology—and if you're reading this, there's a high chance you do too. We're living bridges of domains mysterious and unknown to many, domains that make and will continue to make a difference in the scale of oppression and horrors being spread and perpetuated into the world. What you do with that capacity and that knowledge can mean the difference between life and death. Use it to empower others."

https://notapplicable.dev/freeze-but-fight.

@jbzfn no, they aren’t “abusing” anything.

And, naturally, FreeBSD uses a BSD license, not MIT as the post claims…

#FreeSoftware #OpenSource #FOSS #OSS

https://docs.freebsd.org/en/articles/bsdl-gpl/

"A community of scholars should not have to build walls as high as the sky to protect a reasonable expectation of privacy [msw: or 'security'], particularly when such walls will equally impede the free flow of information.

There is a reasonable trust between scholars in the pursuit of knowledge, a trust upon which the users of the Internet have relied for many years.

#FreeSoftware #OpenSource #FOSS #OSS #InfoSec #XZ

This policy of trust has yielded significant benefits to the computer science community and, through the contributions of that community, to the world at large.

Violations of such a trust cannot be condoned. Even if there are unintended side benefits, which is arguable, there is a greater loss to the community as a whole."

- The Cornell Commission: On Morris and the Worm

https://dl.acm.org/doi/10.1145/63526.63530

#FreeSoftware #OpenSource #FOSS #OSS #InfoSec #XZ

Given the latest attack on the Internet through persistent threat actors via xz-utils, what demands will be placed on the community of scholars (including Free and Open Source software developers) that build the software we all use and enjoy as digital public goods?

Will they be "walls as high as the skies?"

#FreeSoftware #OpenSource #FOSS #OSS #InfoSec #XZ

I don't speak for either community effort, though I've been freely sharing my personal opinions with both efforts. 😅

I wouldn't advise going with the CNCF unless you're happy with the policies that are already established (including the IP policy and project incubation / graduation process).

I can't see how those policies and practices are a good fit for either community.

@michael @msw I will place my bet on the project that attracts the most previously active contributors. Personally speaking I don’t think Drew’s fork will be it.

Wow, what an overwhelming community response in this PR. It is not a surprise when something like #Redis has become so loved by its community. There’s a clear sentiment that with this change it has been taken away.

I encourage folks to support #OpenSource maintainers who were doing the hard work as individuals. They didn’t ask for any of this disruption in their lives. They exist and their efforts matter.
#FOSS #OSS #FreeSoftware
https://github.com/redis/redis/pull/13157#issuecomment-2014355620

@ariadne @ocdtrekkie @theuni @schmittlauch @wwahammy @scott @msw @Atemu for the avoidance of doubt: Amazon is very clearly not an “open source company” and its branding has never claimed to be.

@ocdtrekkie @ariadne @wwahammy @scott @msw are you familiar with Software Freedom Conservancy and their position on the SSPL? https://sfconservancy.org/blog/2020/jan/06/copyleft-equality/

Microsoft ❤️ Open Source

#OpenSource #FreeSoftware #FOSS #OSS #Redis
https://azure.microsoft.com/en-us/blog/redis-license-update-what-you-need-to-know/

@sageofredondo @Ric MPL was not sufficient friction to prevent Hashicorp's license change... There are believed to be MPL v2 contributions that haven't been "written out" of the code base that were pre-CLA.

@Ric From my POV, we'll have to see how the Redis community responds.

@Ric I mean, a hard fork already exists (KeyDB).

How it started: "This change has zero effect on the Redis core license, which is and will always be licensed under the 3-Clause-BSD."

How it's going: "Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1)."

#FreeSoftware #OpenSource #OSS #FOSS #Redis

https://redis.com/blog/redis-adopts-dual-source-available-licensing/

I'm glad that the page with all the historical sponsors of Redis will live on in the git repository for redis.io.

Because it's been deleted from the live site.

#FreeSoftware #OpenSource #OSS #FOSS #Redis
https://github.com/redis/redis-doc/commit/69921f506c02f65606498cfb4c083c6d8f91f125#diff-37e42b9ec4444d471df6fb6ecdf749410085a20c7c345f76de31fae9ed69be1f

Unpopular opinion: "patch all the things" was a zero interest rate phenomenon.
#InfoSec #CVE #SBOM #Linux #OpenSource #OSS #FOSS #Patching
https://www.redhat.com/en/blog/patch-management-needs-a-revolution-part-4

@ramsey @aral when I get replies constructed with narrative advancing framing like "we both know the reason", I regret trying to engage in a dialog in good faith.

@aral I can imagine why you may believe it's easy. You'll just have to trust me when I say it's not.