This is amazing:
bleepingcomputer.com/news/secu

tl;dr:
1. a developer of a bunch of popular packages publishes new, intentionally broken versions of them as he doesn't want to support for-profit companies with his free work;
2. NPM *reverts* the packages to older versions against developer's wishes;
3. GitHub *blocks* the developer for acting "irresponsibly".

That story again: developer blocked by for making changes to his own code.

This is why and @forgefriends are so important!

@gargron @rysiek If you don't want to support BigTech, then don't use "permissive" licenses. Use AGPL. The problem is: Most people don't understand Copyright and licences. So they find their way to choosealicense.com which is curated by Microsoft Github. It prominently advertises the MIT licence with "I want it simple and permissive". This phrase sounds fair and good to most people. But permissive actually means "I permit BigTech to run their profit-driven thing with my code".

@t0k I don't care if others make profit. I just care if they're destroying our living place, and that's why BigTech are a problem.

@Gargron @rysiek

@ffeth @gargron @rysiek Also the #AGPL does allow to make profit. And that's fine. But it requires to play a fair game. That's what the BigTech companies fundamentally don't like. Because many fundamentally can't play such a fair game.

@t0k @ffeth @Gargron that's all correct. In practice, though, Big Tech will do anything they can to keep away from AGPL'ed code, as exemplified by Google's internal policies banning their employess and contractors from even having AGPL'ed code on their work laptops:
opensource.google/docs/using/a

> Do not install AGPL-licensed programs on your workstation, Google-issued laptop, or Google-issued phone without explicit authorization from the Open Source Programs Office.

@rysiek @ffeth @gargron I wonder if that's not somehow part of a smear campaign against the #AGPL. Because technically, I see no problem for Google if its employees use some AGPL program on their laptops. They don't run publicly accessible services from their laptops.

To me feels like it's more about fighting the AGPL in general because it's bad for them. Imagine all FOSS would be AGPL: BigDisaster for BigTech.

@t0k @rysiek @ffeth @Gargron

> Imagine all FOSS would be AGPL: BigDisaster for BigTech

Wasn't there talk of putting this “you must distribute even if over a network” AGPL thing into what would become the GPLv3? Obv that was not included in v3, hence why AGPL was created. It's a shame they didn't do that (maybe GPLv4 🤔), and instead put something against “Tivo-ization” which in retrospect was almost pointless...

Follow

@ebel @t0k @ffeth @Gargron I'm just using AGPL instead of GPLv3 for my projects, even ones that are not providing network services.

I see no downsides, honestly.

· · Web · 3 · 0 · 5

@rysiek @ebel @ffeth @gargron Same. If there's no user interaction at a distance, then the AGPL is like the GPLv3 as I understand. So there's no reason not to use the AGPL. Except if you want to explicitly allow somebody to create a closed-source service.

@t0k @rysiek @ebel @ffeth @Gargron It might be a bit tricky to determine what counts as user interaction at a distance:

AGPLv3 requires a program to offer source code to “all users interacting with it remotely through a computer network.” It doesn’t matter if you call the program a “client” or a “server,” the question you need to ask is whether or not there is a reasonable expectation that a person will be interacting with the program remotely over a network.

(https://www.gnu.org/licenses/gpl-faq.html#AGPLv3ServerAsUser)

E.g., if I modified an AGPL browser and used it to chat with you via some website, would I need to offer the source code of my modifications to you? However, based on the previous opinions of the FSF (https://web.archive.org/web/20100630185154/https://www.gnu.org/licenses/gpl-faq.html#AGPLv3ServerAsUser ), the intention is likely no.

This wouldn’t stop me from licensing client code as AGPL, especially since it’ll likely prevent any google employee from ever using it. :blobfoxdevil:

@rysiek @ebel @ffeth @gargron Many things can be turned into services in fact. Even read about some 'web browser as a service' where rendering is done in the cloud 🙈. Code meant to be client turned into service...

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!