965 comments

[ 4.9 ms ] story [ 376 ms ] thread
It's actually really sad that someone who has easily generated millions of dollars of value with their work gets nothing for it. Yeah yeah, it's open source, but it still sucks. I'm assuming they can't be compensated easily due to legal reasons?
They won't be compensated easily due to cheapness reasons. Anything legal is just an excuse (assuming Marak isn't on some terrorist blacklist or something).
I'd be interested to know if that's really the case. Hopefully some people can weigh in. I really don't want to believe that what you think is true because it's upsetting.
Interesting you should mention that, New York Post claims he was arrested for having bomb-making materials in his apartment which may be related to the apartment fire he discusses on his Twitter!

https://news.ycombinator.com/item?id=25032426

I'll have myself checked for psychic abilities...
True, but is there anything new here? That's been an conundrum as long as open source has been a thing.

There are also example of open source developers who have made a great living from their projects. That's on the developer to find a business model that works.

Can't or won't? He's literally saying "hire me if you want this". If that's too high a bar for "generating millions of dollars of value" then something is grossly wrong and headline worthy in of itself.
Looks like he does get paid a little bit by half a dozen companies/employees - maybe $1200/month? https://opencollective.com/fakerjs#backer But yea, people aren't paying because they don't want to pay.

I've written something similar at work in the past, and the work required to support a single fixed scenario is so much less than the work required to support a generic tool that it would have felt hard to justify paying for something instead of building it, if I'd known about this at the time.

Looking at the Open Collective transaction log, looks more on the order of ~$20/month. (With some variation caused by one-time donations.)
Oops, I think I couldn’t tell the difference between onetime and recurring donations.
There is a "Sponsor" link right at the top of the Github page. Companies sponsor all sorts of initiative so I don't see the what legal reasons would prohibit sponsoring here.
The problem is that adding some open source code to a project when it's free is simple, easy, and can be done without oversight (it shouldn't, but it can). If the code couldn't be added without paying the owner a sum of money and receiving a licence in return (i.e. something that would have to be archived and looked after), then it all gets more difficult. Budgets have to be allocated, spending authorised, receipts processed, etc. This would require approval from authority, and they would want assurances frrom the supplier that the code is well-maintained, does what it says it does, etc. Someone would have to review the code, and that costs time and more money. They might even have to review multiple alternatives to ensure that the project selected is the right project. At this point commercial suppliers get invited into the room, who send professional salesfolk to a meeting with management, and the whole ball game changes.

This isn't "management bullshit". It's what should happen in a well-run organisation with a good procurement process.

If you want to sell your software, that's the game you play, and you better hite professional salesfolk to get your cash. If you don't want to play that game, then give it away for free. But don't whine later that it created "millions in value" and you didn't get any of that.

I'm curious what the motivation was for doing this now after supporting faker.js for 8+ years.

Also, isn't faker.js a completed project? What is there to maintain?

I am guessing it's the usual, either money or time problems. Could also be burnout I suppose.
Or a change of work environment. Too much paid work or no more JavaScript, who knows.

I've been offered to take over the development and maintenance of a small Ruby gem many years ago. I think I contributed a patch or something. I needed that gem in my current Rails project, probably not in the next one. Furthermore I don't work only with Ruby. So I refused.

Something like faker is useful in nearly every project and I contributed to the Elixir faker (my customer agreed to that, we needed it.) I learned a couple of things of the Elixir environment in the process. By the way, nice team and great tooling. Would I take over that package if offered? Again no, because I don't use Elixir full time and I'd rather drop another contribution whenever I need it. No time to work on fixes and look at issues not related to my work.

Or the apartment fire. See the comment above.
With 179 open issues, many of which seem related to bugs or out of date information, seems like there's quite a bit to maintain.
a programmer's work is never done. I imagine this is doubly true for anything js related. this project has 179 open issues and 85 open PRs, impressively almost as many issues as lines of code!
I guess this didn't help:

"I lost all my stuff in an apartment fire and am barely staying unhomeless. Lost access to most of my accounts. All precious metal is missing. If anyone could bless paypal@marak.com with a little cash it would help me from freezing on the street. lol."

https://twitter.com/marak/status/1320465599319990272

Certainly his right; his project (though it has a very permissive license), his time. It sounds like he's tired of working on it, and he requires sponsorship to make it worthwhile. Let's say he doesn't, and the project is forked. This begs an interesting question: does he own the npm name? "faker" has mindshare, not just in JS; if he's unwilling to work on it, would it make sense for the NPM organization to reassign the name to whatever the active fork is?
He ought to keep the name, however there should be some way to keep track of the public forks via something that is github oriented. Maybe something in DHT like IPFS. It maybe something npm/yarn can work out.
Let's just use domain names?

ytld.org/youtube-dl

google.com/rust_icu

facebook.com/react

Don't have a domain name?

marak.github.io/faker

Not everything needs to be reinvented.

the whole point is the original author may not want to publish the forks on his domain. There ought to be independent 3rd party to keep track of the fork or a npm name that is not the author and not github (aka Microsoft).
Kind of sets a horrible precedent by NPM no? Keep, maintaining your open source project or we use it for a different project. How many builds does that break the very next update? What about downstream codebase security?
Given that NPM hasn't done so before, I find it very unlikely they would do so now.

More likely, the fork would become "faker2" if they don't want to come up with a new name.

I'm not sure they haven't. Their dispute process even outlines this as a use case: "This process is an excellent way to: Adopt an "abandoned" package"

https://www.npmjs.com/policies/disputes

According to that document, they only take action after four weeks of no response from the original owner.

It doesn't say so explicitly, but to me it seems that a cordial "No" from the original author will probably be the end of it.

Similar on Github, how do you announce new forks and get people to come to you instead of opening issues which can be closed?
I've seen a few abandoned projects where the first issue is by someone announcing their fork and their willing to continue maintenance, merge PRs, etc. Not an ideal situation, but sometimes it proves helpful.
Which corporation sponsoring the fork gets to be declared the active fork?

It seems simplest to keep his original version and whatever updates he feels like doing as his own thing, and if a corporation feels like forking the project to add some feature they can add their name to it. If others prefer that version they can switch to it.

It's reasonable given the people doing it are well versed in this stuff. He keeps doing what he's doing without being as annoyed, the project stays on trajectory, and individual users can switch if they feel like it to an alternative option.

He got exposure. If he wanted money he should've got a job or started an agency. This is childish and why would anybody give him a 6 figure contract for "maintaining" faker.js?
Right move IMO. The consulting firm a friend works for uses faker.js for almost all their projects. The consultants get paid $1500 a day and they haven’t even thought of donating as it “free and open source”.

I also hope the license is more restricted for commercial use.

To be fair, you get paid $1500 a day regardless. If you write the thing yourself, you'll get paid $1500 a day for a bit longer.
but if somebody else if equivalent skill could save the client money by using faker, then they will get all the business and out-compete you!
[this comment was deleted as HN doesn't pay me to contribute to the discussion]
> Yet, we continue to pay for our daily basics; food, water, electric…Yet we’ve decided for some insane reason that all this programming work the world’s richest companies rely on is worth absolutely nothing.

Stop making stuff open source, and there will be more paid jobs, and the paid jobs that exist will be valued more because they are no longer just "plumbing together open source components". Easy as that.

Will the software be higher quality? No. But that does not seem to be a concern anyway.

I realise what is happening. I realise there are thousands of people whose work contributed to being able to do this.

I also realise that some of those people are getting pissed off and annoyed that their contribution isn't being recognised (see TFA for details). And those people have the ability to "inject code that steals secrets" into my code base and cause massive headaches for me.

Which is why I'm extremely careful which dependencies I use, and don't use dependencies whenever possible.

I wonder, how much shareholder value FOSS, either in a package manager or otherwise, has added to MFAANG and other technology companies over the years?

A few years ago, someone did break a package that many companies cloned and integrated... the internet nearly broke...

My guess; a disruption in services is one thing that’s not already “priced in” to the stock market.

Well, Microsoft didn't spend $8G on Github out of the goodness of their hearts...

As Neal Stephenson said two decades ago : it's not like Microsoft controls developer's means of production and distribution ! (/s now)

You sir have misunderstood the concept of open source software.

As an open source author or maintainer you don't do the work for others and then expect some kind of compensation. The idea instead is to do the work that you would have done anyway because somebody else paid you or because you did it for fun, and then you publish it to use the community to help you fix issues. A philantropic motivation is nice but not necessary and just a minor side effect. And just as you don't have an obligation to help does nobody have an obligation to help you either.

That's why I like the term "open source" better than the original "free software". If you get the root motivation that RMS had for the "freedom" aspect of it, then that's the same thing, but too many people read it as "for free". Like apparently the author of this article. And that's just wrong.

It's also fully his choice to no longer do that...
Absolutely. I would even encourage people to stop do this kind of thing.

It's just that the rant demonstrates the misunderstanding, which is what I'm trying to point out.

I don't know if there is "one true motivation" for working on open source software, and any other reasoning is a lack of understanding.
Open Source has nothing to do with Free Software. There is a plenty of OSS products which are not free to use.
Free Software doesn't have to be free to use either (free as in free beer).
That's not correct, those are not considered OSS.

https://en.wikipedia.org/wiki/The_Open_Source_Definition

I am not really happy that a string of words which have an understandable meaning ('open' and 'source' leading to 'open source') has been hijacked by some foundation. I mean how would you phrase it if your customer wants to source to be open, but without the freedom of redistribution (because he doesnt want to pay for it).
It wasnt hijacked, it was invented by them.

Source available is very much a widely accepted moniker for what you describe.

I feel that the author started open source out of passion but is at the stage where he is sick of incredibly valuable companies using his work for profit without contributing back.
I can see that a passion to please can be disappointed if there is no reciprocity.

But a passion to build great technology should not depend on who starts using it.

I don't think his passion depends who is using his software, but rather his passion is being eroded by users constantly taking without giving back.
Maybe one's passion starts to dwindle when one's house burns down.
Did you mean to reply to someone? Because your post doesn't fit the original link at all.
Have github issues been elevated to the level of articles?

There comes a time with all open source where the person developing goes away for some reason and someone else has to take charge. That is open source. Expecting him to feel bad about this choice is bad form.

I hope the developer gets financial support if the project is truly that popular. The reality of getting support is likely to be thin.

While not as mission critical, stories like these remind me of openssl.

> That's why I like the term "open source" better than the original "free software". If you get the root motivation that RMS had for the "freedom" aspect of it, then that's the same thing,

That's revisionism : Open Source split from Free Software because they wanted to give freedom to companies to profit from it. With predictable consequences…

> but too many people read it as "for free". Like apparently the author of this article. And that's just wrong.

Indeed.

https://www.gnu.org/philosophy/selling.en.html

And this is why 'free' is a very bad adjective to use in this context. IMHO 'libre' is way better.

it's actually quite close to paying taxes, most people understand the benefits of a tax system (even libertarians with some caveats) but it is hard to be enthusiastic about paying taxes if you can see widespread evasion, corruption, and waste.

I am okay with paying 32% in taxes, but only if everyone else is doing it too

Seriously. What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

Apple is telling us we can't run our own software on their goddamned devices, yet they built their empire on open source.

Look at Facebook, Google, Amazon. They've extracted all the blood they can and given us back scraps. AWS is repackaged software you pay more for. Yes, it's managed, but you're forever a renter.

They've destroyed our open web, replaced RSS with DRM, left us with streaming and music options worse than cable and personal audio libraries.

The web is bloated with ads and tracking, AMP is given preference, Facebook and Twitter are testing the limits of democracy and radicalizing everyone to cancel one another.

Remember when the Internet was actually pleasant? When it was nice to build stuff for others to use?

Stop giving your work away for free when the companies only take.

I agree with your sentiment, but this is not the right reaction. It won't improve anything.

What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

You are free to adjust the license to prevent this. But then tomorrow everybody comes and rants about that the GPL is too restrictive. That's the price we pay for this. It's the license that keeps work free.

The right reaction is not to stop producing open source software. The right reaction is to adjust the license.

GPLv4 needs to address a number of new problems:

* "any user data serviced by this software must be easily exportable; no attempt must be made to block other 3rd party companies or services from consuming this data"

* "if this software is itself sold as a service, any automation or tooling built in service of this system must also be made available as open source"

* "any devices using this software must not actively prevent or prohibit users from running their own software"

Two of those are already in the GNU AGPLv3 (2007).
It’s like a catch-22 though. If I start a company using open source and must give away the software I then build on top of it as open source then I likely fail to capture revenues and my company fails.

What would be a nice option in GPL 4 is a mandatory commercial licensing fee structure to pay either to author of software or to EFF / FSF if the author doesn’t provide payment details. That would give a commercial incentive to startups to pursue using open source AND provide real revenues back to the community.

> It’s like a catch-22 though. If I start a company using open source and must give away the software I then build on top of it as open source then I likely fail to capture revenues and my company fails.

How is that the open source author's problem? Open source is meant to enable user freedom, not to save corporations money. If you want to use something, contact the author and get a commercial license.

I agree. I guess what's missing is some coordination mechanism for the "contact the author and get a commercial license" part. If it's one author it's easy, but if it's eighty, it's hard to contact each even if they would all be willing to provide such a license.

That's not a problem of open source itself, of course.

If you want to dual license, you probably should have a contributor license agreement. (It may be possible to relicense absent such an agreement, especially if it's permissively licensed, but a CLA certainly makes things clearer.)
It's a problem for the community that it still creates no long term motive for people to invest in the code. There needs to be sustainability (profits) that funnel back into the community somehow.
GPLv4 cannot exist. The GPL was a clever hack the first time it became popular, but it is fundamentally a singleton that cannot be instantiated more than once.

Not like we didn't try.

Which is why we have three versi…oh, wait.
I'm curious, why not?
For projects with copy-left license one has to contact all contributors and ask for their permission to relicense:

https://opensource.stackexchange.com/questions/33/how-can-a-...

Most of the time, when you license something under GPLv3, you explicitly allow for later versions of the GPL. The "either version 3 of the License, or (at your option) any later version." part was famously removed in the Linux kernel.

This clause is a bit dangerous -- if a bad actor gets control of the FSF and manages to release an official GPL version that is completely bonkers, all current GPL-or-later software can be distributed under that license.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
This has nothing to do with copyleft outbound licensing.

If you have BSD-style outbound licensing and you assume that all inbound copyright is transferred to you, you will wake up in court after you try to change the outbound license conditions of someone else's copyrighted code.

The correct answer is that for any project in which there is no inbound contribution agreement in place, you would have to contact all contributors and seek their permission to relicense.

Inbound and outbound licensing are orthogonal.

last one is sort of basically what GPLv3 has.
What about actually including a clause about pushing your changes upstream because from my recent HN readings, that clause is not present.
The source code has to be provided. From this, one can easily generate a diff. The only thing that such a clause will do is having to inform the original maintainer of this.

But I don't think that such a clause is a good idea: very often these internal modifications are not of the required quality. Also, I can easily imagine that some projects might drown in low-quality upstream pushes.

Bug fixes is what I am thinking about.
It is often not clear what is a bug and what is "unexpected/surprising (but 'correct') behavior". Also, many bug fixes of authors that don't have a good understanding of the code cause lots of additional regressions or don't fit the original architecture of the software well.
This is a bad idea. All licenses released under GPLvX or later where X<4 will be not affected by this as the company could always pick X. It would further increase license fragmentation in the GPL sphere which is one of the reasons why BSD style licenses became more popular. I'd recommend looking into Rob Landley and why he created 0BSD. [1]

The whole reason why we are in this mess and why GPL died is because the people behind GPL wanted to push their political views using the weight of persons using GPLv2 or later. The Linux kernel reacted by switching GPLv2 only. The only reason why would might want to name it GPLv4 is to use the weight of code of GPLvX or later people. Don't do that In addition some of you clauses have been shown to be easily enforceable by laws like GDPR and attempting to use contract is a crutch. They way to some of your points is phrased might be unenforceable in court and might void the complete license if it is ever testing in court. -> very bad

[1] https://youtube.com/watch?v=MkJkyMuBm3g somewhere around 25 min it starts

> The right reaction is not to stop producing open source software. The right reaction is to adjust the license.

The right reaction is whatever the author/maintainer wants to do. If they want to re-license, that is fine. If they want to just shut the whole thing down, that is fine too.

> If they want to just shut the whole thing down, that is fine too.

Actually if it's under a non-restrictive open source licence, it's not fine at all - the code will still be legally available for everyone.

I should've worded that better. Of course they can't pull the existing versions, but then can shut down any further development and support.
> but then can shut down any further development and support.

Not really. A fork can easily continue developing and supporting it.

The original copyright holder can require the fork be distinguishable and non-confusable with the original project. There is plenty of precedent in that respect.

There isn't much that can be done with lax distribution licenses, but there is still much that can be done under copyright law.

>fork be distinguishable and non-confusable

You're mostly talking about trademarks at that point, not copyright.

No, trademarks are irrelevant at this point. The original author of a work retains copyright in that work, regardless of the license under which derivatives are distributed. If they have distributed their work under a lax license and then chose to stop distributing under that license, a pre-existing recipient of that code does not suddenly gain copyright. They can not claim the project as their own or lead users to believe they have copyright in the materials they are modifying and distributing other than as a derived work.

For this to come under trademark legislation, there would have to be demonstrable trade. That's hard to show in the case of free distribution.

I assume that parent meant «shut down the copies of the code under their own control».
Another potentially _right_ solution is for programmers to have a union, and put pressure on employers such as google/amazon/facebook/apple to donate x% of their profits back to open source initiatives.
Google and Facebook already both contribute heavily to a lot of open source projects actually, despite some negative influences.
If an app from google uses 1000 open source projects (probably more in practice), how do you distribute the x%?
I don't want GPL. I want a license that prevents unpaid use by any entity that has any stakeholder worth more than a billion USD. That's it. That's all I want. MIT-Billionaires. Want to take funding from A16Z? That's a million a year for the license or something that maybe scales with a market cap just to level the playing field between a funded startup and Apple Computers.

Don't get me wrong, I love Apple, but I don't love this hyper-centralization of wealth and it would be better for the world if we defanged the power that billionaires have.

So write the license this way. I think it's a fabulous idea.
I actually did write a license at one point, but I realized that the core issue here was buy-in from the rest of the hacker community. It's like trying to end slavery. Until there are enough of us willing to work an underground railroad the best strategy is evangelizing the issue and collectively coming up with something that works for all of us. I also think that there are good billionaires out there, like Bill Gates and Paul Graham, I don't want a war. I want something that the existing billionaires that are pro-social will sign onto and we need their input and ideas too.
May I suggest something along the lines of Dmytri Kleiner's Peer Production License?

As discussed more generally on P2P Foundation: http://wiki.p2pfoundation.net/Copyfarleft

Hey, original author of the Peer Production license here.

AMA

Hi Dmytri, in your work you mentioned that PPL isn't intended for software. (As it is based on CC-BY-NC-SA which is also not intended for software)

Do you have licensing recommendations for software along the lines of copyfair/copyfarleft?

For the most part the PPL is intended for consumer information commodities, this could be software, but not captial information comodities like server software or programming languages, but rather books, movies, video games, end-user consumer desktop top software, etc.

For capital information goods I recommend the GPL, or even BSD style licenses depending on what it is and who is making it and what their plan is.

Unreal Engine license is along these lines: it's free if you are small / no significant revenue, and it's 5% of your revenue otherwise.

That said, not every shared-sources project would be used, if its license requires to pay royalty.

Unreal isn't open source
What the parent is asking for is inherently not open source.
For a moment I disagreed with this, so I'll add a link to the OSD [0] for anyone else who wants to quibble.

Also a choice quote about Stallman [1]:

"Richard Stallman argues the obvious meaning of term "open source" is that the source code is public/accessible for inspection, without necessarily any other rights granted"

[0] https://en.wikipedia.org/wiki/The_Open_Source_Definition

[1] https://en.wikipedia.org/wiki/Open_source

Thanks, that led me to this intriguing origin story from Christine Peterson, involving some advanced people skills: (my italics)

"Between meetings that week, I was still focused on the need for a better name and came up with the term "open source software." While not ideal, it struck me as good enough. I ran it by at least four others: Eric Drexler, Mark Miller, and Todd Anderson liked it, while a friend in marketing and public relations felt the term "open" had been overused and abused and believed we could do better. He was right in theory; however, I didn't have a better idea... Later that week, on February 5, 1998, a group was assembled at VA Research to brainstorm on strategy. Attending – in addition to Eric Raymond, Todd, and me – were Larry Augustin, Sam Ockman, and attending by phone, Jon "maddog" Hall... Todd was on the ball. Instead of making an assertion that the community should use this specific new term, he did something less directive – a smart thing to do with this community of strong-willed individuals. He simply used the term in a sentence on another topic – just dropped it into the conversation to see what happened.... A few minutes later, one of the others used the term, evidently without noticing, still discussing a topic other than terminology. Todd and I looked at each other out of the corners of our eyes to check: yes, we had both noticed what happened... "

https://en.wikipedia.org/wiki/Christine_Peterson

Stallman is about Free/Libre Software.

Eric S. Raymond is about Open Source.

There are somewhat subtle, but very important differences between their philosophies.

And not even all Free Software is the same.

Eg the Linux kernel deliberately uses GPL 2, and that community has rejected GPL 3.

it may not be free software, but it is open source
The term of art is "source available" - "open source" means something different.
As far as I am aware, a usual term of art is also "shared source" (this term was in particular used by Microsoft in the past).
My understanding was "shared source" was MS's particular license for "source available" not their term for the practice.
"Shared source" was an umbrella term by Microsoft for its licenses that allows access to the source code. Among these licenses were ones that were also open-source licenses, but also ones that were not.

https://en.wikipedia.org/w/index.php?title=Shared_Source_Ini... lists the following licenses:

- Microsoft Public License (Ms-PL) [open source]

- Microsoft Reciprocal License (Ms-RL) [open source]

- Microsoft Limited Public License (Ms-LPL) [not open source]

- Microsoft Limited Reciprocal License (Ms-LRL) [not open source]

- Microsoft Reference Source License (Ms-RSL) [not open source]

So, "shared source" was clearly not a particular license by MS.

Also, at that time, Microsoft tried to establish this term (by its Shared Source Initiative) for the general concept of "source code is available, but the license is not necessarily open source".

In the linked Wikipedia article, one can read on this:

"However, former OSI president Michael Tiemann considers the phrase 'Shared Source' itself to be a marketing term created by Microsoft. He argues that it is 'an insurgent term that distracts and dilutes the Open Source message by using similar-sounding terms and offering similar-sounding promises'."

That's not a term of art, it's someone's opinion. "Open source" means whatever I say it does, whatever you say it does, whatever Apple says it does, whatever ESR says it does, and whatever RMS says it does.
Sorry, can you define each word you've used in your post?
I don't understand what you're asking, can you elaborate?

Edit: I guess you're asking about 'ESR' and 'RMS.' ESR = Eric Raymond, an early proponent of open source as a communal development model ( http://www.catb.org/~esr/open-source.html ). RMS is Richard Stallman, the originator of the GNU project on which the Linux kernel is based, as well as the GPL. RMS disagrees with ESR, in that he argues that the term "open source" is a distraction from the larger goal of free software ( https://www.gnu.org/philosophy/open-source-misses-the-point....) .

There have been plenty of other authors with strong opinions on the subject but these are the two whose names most often come up in the context. Point being, it is unreasonable to say that "open source" is a term of art (as the GP did) whose meaning will be agreed upon by practitioners and advocates everywhere.

No, the question was supposed to illustrate that if you have that approach to language, then communication is impossible. There needs to be a shared notion of what certain words and concepts mean. You claimed that they mean whatever some person claims them to mean. So the question to you was what do your words mean, since with that entirely freewheeling approach to language, nobody here can know what you meant.
My claim was a response to an assertion which has now been edited, so... meh. You win teh Internets.
> My claim was a response to an assertion which has now been edited, so...

This is certainly something I sometimes do, but not here. What are you talking about?

Weirdly, at one point, your reply no longer seemed to contain the phrase "term of art." It's back now; I must have been mistaken about the initial change, since you'd have had to edit it well after the expiration period.

In any case, "open source" isn't a term of art. It did not originate with ESR or with anyone else in the software development field, so it means whatever anyone wants it to mean.

No, the OSI has precedence: https://opensource.org/history
No, it doesn't. Just saying something doesn't make it so. Trying to enforce a trademark on "Open Source" as a development methodology would be good for a few laughs in a courtroom, but that's it.
No, not according to the Open Source Definition of the OSI, which is generally recognized to be the authority in terms of what we call "open source".

> No Discrimination Against Fields of Endeavor The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.

https://en.wikipedia.org/wiki/The_Open_Source_Definition

Games using UE wouldn't work without desktop client so it's easy to licence it.

A lot of business code can just as well run on server, and that works around basicall all the open source licences.

Except AGPL if I'm not mistaken ? So combine both I guess ?
What is wrong with saying “all rights reserved. You are free to use this software for educational and nonprofit purposes but once you start to make money off it you must request permission in writing” - I’ve seen a few licences like this. I guess the down sides are it might send some people elsewhere and you might be on your own trying to enforce it in court.
I think for a lot of companies that would be an instant turn-off, especially if they're still starting up.

Besides, it would have to be a lot more formal; another commenter mentioned the Unreal Engine, which states something to the tune of "free to use until you earn over X, then you pay us Y% of your revenue".

Cynically, open source libraries need to use the err, hook-and-sinker approach? Be really good at bootstrapping a company or part thereof, then when they have buy-in, start charging. It's what Unreal and (I think?) Unity do, it's what Slack did (really successfully, in a lot of places where it was introduced it was snuck in the back door by employees, used for a couple of months until the restrictions became too much, then the company started to pay for it; I've never seen 'grassroots' software deployment like that before and I'm impressed).

But it'll be difficult to pull off fully without the software being as-a-service or DRM things.

I wonder if the package manager systems could play a role in that. Require you to register your application at e.g. NPM, then every time an `npm install` is done, keep track of it. If usage does not decrease, start charging for things.

One could also consider an alternative, compatible package manager; an open source publisher could opt to only push to and promote that one. The package manager charges for use, and pays package maintainers relative to usage.

I think for a lot of companies that would be an instant turn-off, especially if they're still starting up.

It is very much the Silicon Valley mentality that all value is added by that company and that no suppliers should make any profit.

Cynically, open source libraries need to use the err, hook-and-sinker approach?

The common terminology is “bait and switch”. Also very much Silicon Valley. Apple for example likes to become a critical customer for any supplier, then use their leverage to squeeze them.

> I think for a lot of companies that would be an instant turn-off, especially if they're still starting up.

You can't have your cake and eat it too. If you want usage, you can make it MIT and then suffer while they capitalize your code (as they are with in their rights to do), or if you want protection but low usage, make it AGPL or proprietary even. I don't really see a scenario where you have high usage, high protection and also high profit from you selling your product, unless you are good at marketing and selling your product.

What's the point you're making? There's a lot of proprietary software that's

- high usage - high protection - high profit

What's the argument that OSS software (which you could use for free indefinitely until you gain profitability) is somehow not capable of the same?

There's even more software that's not used much at all.

Going open source is one of the ways to increase your chances of increased usage.

> What's the point you're making? There's a lot of proprietary software that's

> - high usage - high protection - high profit

> What's the argument that OSS software (which you could use for free indefinitely until you gain profitability) is somehow not capable of the same?

Software that meets those criteria also has an organization that spends quite a lot on sales and marketing. Stimulation of usage and extraction of revenue doesn't happen on its own.

More explicitly, if an already-profitable organization can't use the software without paying on day zero, quite a lot of effort has to be expended to get them to make the leap, hence the long enterprise sales cycle. You can do it with just marketing if you keep the purchase price low (ie. below what a department manager is allowed to spend using a corporate credit card).

Open source can circumvent this to an extent, but to do so it has to allow businesses to use the software for free, and convert a percentage of those users to paying voluntarily.

Whether the mechanism of conversion is consulting and customization services, hosting services, support services, dual licensing, an 'enterprise' version with specific features, or something else is immaterial, they are never just paying for exactly what they were getting for free. The closest a business will come to that is employing developers to work on the open-source software, or at least allowing employees to work on the software during work hours.

The specific licensing-only approach you're outlining will only work in a very narrow case: A new unprofitable company starts using the software for free, and starts paying once they cross over to profitability (at which point they might decide to switch to using something else, instead). Note that there are some very large VC-fueled companies that have yet to be profitable. Convincing an already profitable business to pay at the outset just can't be done without the aforementioned marketing and sales.

> educational and nonprofit purposes

> once you start to make money

So if a nonprofit uses that software to sell services (they gotta fund their expenses after all), does that count? Seriously. With vague phrasing like this, you're gonna have a bad time. Contracts are that verbose for a reason.

That’s why it’s all rights reserved. If you want to use it to make money you have to ask me. In the scenario you describe is probably say that’s okay, but like I say it’s up to me and only me, at the end of the day.

This of course means it’s not open to the kind of free-form open collaboration that typifies Open Source but if anything this just goes to show how more restrictive licences such as GPL actually promote innovation.

The GPL is perhaps restrictive than the license you suggested.

It's definitely more predictable.

Yes but you are still free to make money off the software, and this is the topic under discussion.
Sorry, I missed a word. I was going to say, the GPL is perhaps less restrictive.
I for one wouldn't use a library licensed like this. There are ideological reasons, but more practically, let's say I run a server that provides a public service. At some point, it gets a lot of traffic and I want to accept donations or use ads to fund the hosting. Under such a licence, I'd be completely at the mercy of the author, who could effectively shut down the server.
Yep. That's the point. You have the option to use something with a more liberal license, develop something yourself, or pay for it.

Yes, maybe at the end of the day I lose out to potential suitors, customers, collaborators etc. but that's my choice.

I don’t think anyone is suggesting that it isn’t your choice.

Most people are likely assuming that the typical author intent behind the decision to open source is to increase usage and contributors over the default closed source/proprietary licensing.

Is the problem that you have to pay at all - or is the problem merely that in the absence of a listed price, there's no guarantee the price will be fair?

Would you also reject a library with this license if you knew the commercial use license was pocket change?

If the commercial license was literally pocket change, I’d be inclined to use it under that commercial license right out of the gate to increase my certainty going forward.
Or you could pay the author for his/her work from your income.

I could be wrong but it seems obvious to me that semi-commercial licenses would explode the amount of open code available, because instead of devs working for corporations, corporations would end up working for them.

Commercial licensing - open code, free for non-profits, per-seat or per-user pricing for for profits with an official license, forks are considered a derivative work, clean room clones aren't. There would be details, but there are always details, and they don't stop two hundred page EULAs from existing and being (mostly) binding.

But we don't have this because Stallman is a zealot and he wanted to Make A Point about purity. So instead of creating a market where devs could actually get paid for original work and corporations would be the ones paying, corporations get millions of hours of development effort for free - because he thought he could somehow magically strong-arm them into playing to his rules.

I see antitrust as a critical purpose of freedom-respecting software - suppose you pay the author for the rights to use the semis proprietary software. You go on a decade or two, and become critically reliant on it.

But then they jack up the price a hundredfold.

You can't do anything (short of rewriting), even if you could flat-out hire a replacement dev team for the entire project for cheaper than what they're charging you.

OpenOffice and MariaDB are classic examples of Free Software solving this - the IP holder sandbagged, so the community forked and fucked off. Even despite that though, LibreOffice still suffers from losing its OpenOffice name, and plenty of users lose out because they're unknowingly using a barely-updated version due to abovementioned sandbagging.

Proprietary software hands a default victory to the IP holder. Free Software hands a default victory to the user. It's either one or the other.

> But we don't have this because Stallman is a zealot and he wanted to Make A Point about purity.

Uh, he's okay with selling exceptions.

> "I could be wrong but it seems obvious to me that semi-commercial licenses would explode the amount of open code available"

More likely it would implode the open code available, since usage would drop like a rock.

1) Once you're required to pay money, people start comparison shopping and proprietary software is optimized to win that game.

2) Nobody wants to spend the engineering, accountant, and lawyer hours to keep track of assorted semi-commercial licenses for a zillion dependencies and what they're owed. Half the point of FOSS is that you don't have to keep track of licenses and compliance, as the periodic sob stories on HN/Slashdot about "Oh no, I got audited and wasn't in compliance and had to pay. I'm going to switch everything to FOSS; that'll show them!" show.

Have you seen the Anti-capitalist Software License?

https://anticapitalist.software/

By default it disallows use by entities like Apple, but you could dual-license it, to provide the million-a-year alternative

Potential*; it won't do much good if it's trivial software easily reimplemented by Apple's great army of engineers, or if there's competitive software that does the same thing.
This is the traditional point that Open Source™ people turn up and say that you’re not allowed to discriminate between different groups of users with an Open Source™ licence. Personally, I’d be in favour of a non-military licence, but that’s historically been blocked by the OSI for the same reasons (not that it stopped Crockford).
That's just a proprietary license, just write the license like that if you want as I don't see how anything is stopping you from creating or using such a license. Just don't make the assumption that it's open source, it's just another form of a proprietary license like much of the paid software currently present.

However, don't complain later on that you can't modify software or run it on your own device like you can with GPL. You can't have your cake and eat it too, pick one.

I wrote more about this in another comment but I'll paste here for convenience.

---

Why do people create something and explicitly license it under an open source license and are then surprised when it's used as the license permits? I can see a few possible reasons:

1. Culture: GitHub seems to have the culture of people using and putting out their code as open source just because everyone else is doing it, or they just don't know or care to do enough research about software licenses.

2. Promotion: open source seems to be used as a way to promote your product and you simply hope that no one will "screw you over" by using the license as it permits, even by big companies. They'll use open source to build their product but will cry foul when corporations do the same exact thing the open source creators were doing in the first place!

These two factors seem to account for a the reasons behind switching licenses or other licensing issues for a significant portion of the open source license based posts on Hacker News in the past several years. Companies could have just started with a proprietary or copyleft license initially but inevitably in most of the posts I've seen, it's always a company with a permissive MIT style license that then bemoans cloud vendors rightfully taking advantage of their code.

What will happen in the future? It seems that people will create more proprietary software in the form of ostensibly "open source" licenses such as the SSPL by MongoDB or others. People will say that they're not truly open source, just another variation on proprietary source available licenses, which is true but the problem isn't a moral one, it's a practical one. GPL was started because the end user freedoms were eroded, and these licenses also fall into that, where people will soon discover that a proprietary license isn't great when they want to expand the original software but are encumbered by the license, such as if they work for a large company or other such restriction. Having no restrictions is always better than having even small ones.

But how will open source creators make money, one may ask. The simple answer is, they don't, and they shouldn't expect to. The more complex answer is, open source is not a business model, it is merely a licensing and distribution model. You must compete not on the code but the problems your code solves. Your product must also include marketing, sales, branding, and other business skills. Treat your product as a startup.

Amazon could open source all of its code and infrastructure and it would still be the dominant player in cloud computing as well as buying stuff online. Why? They are not in the business of selling code, they are in the business of selling convenience (as every business is actually, you don't hunt your own meat, a grocery store sells you the convenience of buying food, with money rather than time and effort; business is just commoditized convenience). Moreover, people know and trust Amazon, they don't know your other site, even if you took their source code and made your own website.

At the end of the day, people need to understand that a product is not a business. If you want to make money, you probably shouldn't make a free product. There are ways to leverage a free product into a business, as seen with TailwindCSS (free, open source) to Tailwind UI (paid, proprietary) or Laravel to Laravel Spark and Forge (they're wha...

When I worked at Google I heard AGPL called the "fuck google license" for this reason. There do exist licenses which restrict certain business models, but I agree there could probably be even more work around improving it
There are a ton of real world problems here though: if a small company gets acquired, do they have to stop using the license? Negotiate with you to pay for it? FOSS licenses are meant to be free to anyone, including big orgs, so long as they play by the rules. AGPL might be your target.
I was just mentioning to the OP about their wants, that it's possible for them to write their own license with their own terms, it is their source code after all, but I'm not necessarily advocating for such a proprietary license. I am in full support of the AGPL over 'permissive' MIT style licenses, although of course I'll still use MIT open source code if it exists.
> That's just a proprietary license, just write the license like that if you want as I don't see how anything is stopping you from creating or using such a license

It would be nice with a license template for this purpose, vetted by a lawyer to be reasonably airtight. Encoding that intent in a way that's not easily avoidable is probably harder than most people think.

Probably true, someone else mentioned that Apple could simply make a shell company that is technically only worth a small amount of money in order to fit into the "under 1 billion dollar valuation" stipulation. I'm not a lawyer so you'd have to take up the specifics with them.
The traditional ways to make money from free (libre) software and open source were :

1.) selling physical copies

2.) charging for support

The first one is probably not viable most of the time these days, but I can see how the second one could work : for instance one could modify one's code forge so that you would need to pay to open a ticket, and/or put up an asked sum of money to start working on a ticket (that several people could contribute to).

We could still sell software if distros decided to add support for selling freedom-respecting software through the package manager. Some people still do it (see RCU on http://davisr.me , it's a $15 FOSS third-party program for stuff related to the ReMarkable e-ink stylus tablet)
Neither option stops Amazon from packaging your code up and selling it as a cloud service.
That sounds like an aggressive copyleft license plus a paid commercial license to avoid the copyleft terms. If someone wants to charge for a software library, is there a good royalty-free, one-time payment license template out there somewhere?
The problem with dual-licensing is that it impedes collaboration. If one contributes a big feature, shouldn't they also get some cash from those sales? If so, who decides how much?
That would be a negotiation between the library maintainer, who is running a business selling commercial licenses, and the potential contributor, who wants to be a paid supplier to said business. If the negotiations fail, the contributor’s code is neither merged into upstream nor sold as part of the commercial offering.
> I want a license that prevents unpaid use by any entity that has any stakeholder worth more than a billion USD.

That is an arbitrary criteria, and you'll end up with software being written by Apple Development LLC, the loss-making shell company that Apple uses to do all it's development.

If you want something other than the GPL you can use it but don't be surprised when people commercialise your software at scale, don't pay for it and don't release changes back to the community.

Nope. Because the loss-making shell company has a stakeholder worth more than a billion USD.

The core issue here is all these lawyerly lawyers try to parse words and contracts and it's all bullshit. The core point about OSS isn't to hyper-centralize wealth. The core point about OSS is to enable people to create a common good. A common wealth for the people. I'm not against the core function of capitalism—the feedback loop that allocates resources to those that produce things that others want—I'm against some of its outcomes. Namely, a class of hyper-wealthy people that make out like bandits and incorporate in places like Cyprus to pay as little back as possible to the very communities that enriched them in the first place.

It isn't just. And quite frankly, I consider it to be a disease that hurts the billionaire class as much as it hurts the rest of us. This never ending dick measuring contest while the world burns. Ferraris driving past over-packed women's shelters. People ashamed that they "only" drive an Audi. Like, in bayesian free energy terms it's the equivalent to holding onto ninety tons of fat and still trying to eat more. Of course Bezos went ballistic when his phone got hacked. Security concerns sky-rocket when you're holding onto this much energy and power.

Almost all public company has stakeholders worth billions: Vanguard for example.
I mean, this is a fairly trivial loophole to close if you have a lawyer who knows what they're doing.

In fact, you don't even need to close the loophole. You just need to make FAANG employees pause long enough to worry that they might not comply, deterring them from using said library.

"I mean, this is a fairly trivial loophole to close if you have a lawyer who knows what they're doing."

In the same way that it's trivial to write a twitter clone in a weekend, yes.

Hundreds of goverments have tried for decades to do what you claim is trivial. Good luck.

Extending restrictions to affiliates/related bodies corporate is absolute bread and butter commercial legal work. Most lawyers are writing these kind of clauses week in, week out.

What you are presumably referring to is transfer pricing, which is a completely different beast.

Writing clauses in a license is one thing, I suspect enforcing them through ultra complex international corporate structures is quite another.

Edit: Sadly, I think these kinds of battles are rather one sided.

Of course, licence clauses won't physically stop someone who is fine with wilful infringement. But they're not intended to. They're intended to restrict the behaviour of people who, by and large, respect the law.

It's practically unthinkable that a company like Apple/Amazon/etc is going to create an expensive, complicated international legal structure to conceal wilful infringement of some open source licence.

It's perfectly achievable to write a licence that forbids use or incorporation in products, servers or services from particular companies.

It’s achievable. You could even just name the companies with a periodic process to update the list.

There are all kinds of ways you can write a license that won’t be used popularly but would achieve this specific goal. Do you want to close “your” software off to companies who might seek to be acquired later?

While I have never practised as a lawyer, I do have a law degree, and I've written several papers on IP and IP licensing when I was in law school. And I will also add that I did not do my degree in the US. Still, I am quite convinced that it is very hard to codify the intention of what the OP wants to do in a generic software license (i.e. one that you do not draft specifically for each client).

I do not have the motivation to lay out my full argument as that would take another entire paper, but even if it turns out to be not as hard as I think it is, it certainly isn't as easy as is posited here.

I don’t know why you think it’s not possible (or that it’s anything more than trivial). Revenue, affiliated companies, third party service providers, etc are all basic legal concepts.

The risk is far more likely to be inadvertently making the licence overly narrow and preventing usage by companies that you would actually intend to allow (or at least contemplate should be allowed).

Regardless, the text doesn’t really matter. Most companies will run for the hills as soon as they see anything remotely like the contemplated licence. It’s just not worth the risk for them.

Source: former lawyer.

shrug The Unreal engine mentioned elsewhere in this threat also seems very simple (an order of magnitude more straightforward as what we're talking about here I'd argue), yet if you go on the Id forums you'll find many questions from people in various edge cases that fall under one category in spirit and another in the letter of the license. But hey, I'm just some guy on the internet, what do I know, we'll just have to agree to disagree until someone really tries to find out.
Governments don't try very hard. It's in their best interest that this fraud-adjacent activity keeps going on, or at least that's the only reasonable explanation for why they keep cooperating so well with it.
If you don't want FAANG employees to use your code, why don't you just forbid them?
Agreed, this is a perfectly acceptable solution too.
Exactly. If you feel this is unjust, put a non-commercial clause in you license.

And watch everybody avoid your lib. You think you are special? A competing lib will soon show up without that restriction. And that lib will get attention from corporations and they will have thousands of eyes use the lib and test it and beat the hell out of it and fix issues and send them upstream (since maintaining a fork is too much work) and eventually this commercial-permissive alternative will thrive and be 100x as stable and streamlined and your alternative will cease to exist.

But you are free to do this. Nobody prevents you from it. But please don't cry later when seeing effects that you don't like.

A permissible MIT license might even be the best way to exploit this.

Assuming there are network effects for being the 'official' place to contribute to your project, than you can start with an MIT license, and once it gets popular, you take it private with slightly ever less permissible licenses.

(GPL wouldn't make this so easy.)

> fix issues and send them upstream

Fat chance. An average programmer will replace the library if the current one has issues, not fix the issues in the library. It is rational to do so (assuming a different lib exists, which it does for most libs).

Depends on how deeply the library is integrated into their code, and on what flaws the other alternatives have.
How does it help you if they don't use your lib? Why do you publish your work in the first place? To get donations? That's not what open source was invented for.

If you don't want people to use your work, don't publish it. Publishing has the totally selfish goal of getting others to help you by trying things out, report bugs and improvements and some of them to contribute those things to you. Don't publish if you don't care and just want mobey out of it. Then open source is not for you.

You think Linus Torvalds wanted donations when he published Linux? Or that he was in a particularly philantropic mood? No way. He did it to get other people to work for him. And it turned out great for the project! That he is now making a living with it is just a side effect.

> Why do you publish your work in the first place? To get donations? That's not what open source was invented for.

I don't know about everyone else, but if I publish something as open-source it's because it's something I made and needed in the first place.

Open-sourcing it is just a way to enable other people who have an itch to scratch to be able to do so. More often than not, such scratches comes back benefiting me as the original author.

I don't get this fixation on everything having to be profitable, but then again I don't work on any FOSS projects full time. I only do it to scratch an itch, to make the software work for me.

And when it works... I go do the actual work I'm paid to work on, using the software I've helped make better.

I feel the same way. In the early nineties a corporation got in touch with me, they said they were working on a Java IDE and could they ship some of my source as "example projects". I thought about it for about six seconds and said "Yes please!" I think they even mailed me a CD-ROM at some later point.

At the time I was thinking "Yay! I'm famous! My code is good!".

Over the years I've seen some of my code, not much of course, end up in other big projects and I'm a little proud, and a little pleased. The fact that the company got the money and not me? Doesn't bother me in the slightest.

I write code for me, and if I get bug reports that prove other people used it then I'll try to improve things. Money just isn't a consideration, although I have linked an Amazon wishlist in a few places over the years, and received unexpected books/films which make me smile.

I think Free Software was intended to receive money and replace proprietary software in its entirety.
> You think Linus Torvalds wanted donations when he published Linux?

If you look at the mailing list with the announcement, it was "look ma, no hands" kind of moment. Just letting people know of his experimental project, with entirely no expectations if it growing as much as it did decades later.

That's not to say Linux is a good example to go by, for an average free software project.

> Don't get me wrong, I love Apple, but I don't love this hyper-centralization of wealth and it would be better for the world if we defanged the power that billionaires have.

We tried it here in russia back in 1917. But then oops! something went wrong.

In all fairness, there is an extremely large middle ground between Communist insurrection and loophole-diseased corporatism.

Just using anti-trust laws to their full effect would be enough.

Well, in practice anti-trust law has proven a better tool for the people who can afford expensive lawyers than it's supposed intended purpose.

Funny enough, even the original paradigmatic case of breaking up Standard Oil was a farce.

As the person who wrote the software and owns the copyright, nothing prevents you from dual-licensing your software. You can release your software as GPL on GitHub, with a notice that you're willing to also license your code under a paid proprietary license; interested parties may send an email to sales@example.com at their leisure.

Do note that this effectively prevents other people from collaborating with you, since their contributions would be GPL-protected and you may not sell them. So it's not a good model for larger open-source projects. But if you're an independent open-source developer who works as a sole contributor and feels exploited, then it's probably a better model.

It's not what OP meant at all. He's asking for a license that lets regular devs use your project freely, but require fortune 500 like companies to pay.
In a way the dual licensing could do exactly that, it's just a manual process, and not "automated" by the license.
It depends on the project.

If your GPL project will be so tightly coupled with the company's project that their entire project will become GPL - then yes. Big libraries like Qt, for example.

On the other hand, if the coupling to the user's project is loose and doesn't make their entire project GPL, they have no reason to pay for a license. For example, compiling with gcc or hosting with nginx, or calling ffmpeg doesn't make your entire product GPL.

Who do you think a "regular dev" is?

If it's software for personal use, then the GPL is just fine. The GPL is explicitly designed to protect personal use.

If it's software for commercial use - I mean, that's exactly what the issue is here. Commercial users ought to need to pay for the software they use. Just because you offer a commercial license doesn't mean you need to charge a million bucks for it - if someone emails you and says that they work for a startup, you can always respond with a exclusive commercial license free of charge, if you like.

If you own the software you can charge whatever you like to different people.

> Who do you think a "regular dev" is?

Someone who's not employed by a fortune 500 company, probably the 99% of devs?

Why is it evil for a large company making a large profit to exploit your free work, but not a small company making a small profit? They're both benefitting from work you're doing without paying you. Personally I don't see an qualitative difference, just one of degree.

Like I said, go ahead and offer free commercial licenses to small companies, who in your estimation are 99% of developers.

Because a small company, by definition, doesn't earn millions and usually has very small margins (if none, if they're still in the startup phase). A large company can definitely afford to contribute more.

> Like I said, go ahead and offer free commercial licenses to small companies, who in your estimation are 99% of developers.

Offering commercial licenses adds a lot of work on top of the already difficult development of OSS projects. I don't understand why you think that the situation can be fixed using existing solutions, when the problem arised with these solutions already in place.

Perhaps we need something different??

Edit: I also completely reject the notion that everything should be commercialized. OSS is the antithesis of this. Down with commercial licenses, down with rich capitalists exploting people's voluntary work.

There must be a way to expand the GPL to allow for dual licensing contributed content.

You could also share revenues, to incentivize developers to join.

I'm not sure how that would be possible in an effective and transparent way though.

> Do note that this effectively prevents other people from collaborating with you, since their contributions would be GPL-protected and you may not sell them.

It is common to require a CLA/CAA in these dual-licensing cases such as Qt and other big commercial projects.

Apple doesn't love you back. Amazon doesn't love you back. Any company that seems oh-so-awesome, but makes their software proprietary, does not love you back.

You are never going to fix the problem of centralization of wealth if you keep thinking that is a matter of "unfairness". (Much like Socialism and central planning), as long as people give in their freedoms to big central entities for the immediate benefit they offer (shiny hardware, low TCO, whatever) economies of scale lock-in and then it becomes almost impossible to get these entities back under control.

As long as there are people that think that it is okay for us to spend our resources creating private software we will get companies exploiting trying to extract value from software developers, and especially so from those that work on FOSS

I thought free software was all about allowing people to create value from it?
Even though I believe it is more about the principles than the economics, where am I saying otherwise?

The problem I am talking about is the asymmetry: Apple (Amazon, Google, MS, etc) can create value from the work from FOSS developers, but FOSS developers can not create value from the work of Apple (Amazon, Google, MS, etc).

I would say that developers have been able to create a lot of value building on top of Android (Google), Flutter (Google), and .Net Core (Microsoft).

I could probably dig up specifically an Amazon open source example, but I think you can convincingly argue that devs have created a ton of value building on top of the work on AWS.

First, creating value on top of the platform is not the same of extracting value from it.

Second, the examples you give are not part of the core value of the companies. They are commoditizing their complements. [0]

When Google releases a self-hosted version of their search and adwords programs, when Amazon makes AWS products compatible with OpenStack or when people can run iOS on any hardware and have access to the source, then I will start believing they are willing to give back proportionally to the amount of value they extract.

[0]: https://www.joelonsoftware.com/2002/06/12/strategy-letter-v/

Developers have made massive gains overall by commoditizing their complements. Linux OS is almost surely the largest single example of this.

How many fewer developer jobs would there be now if every OS installation cost what Solaris used to cost (or even what Win2K8 Server cost)?

> Developers have made massive gains overall by commoditizing their complements

Sorry, I am not following. What is the implication here, that application developersand Free Operating Systems are complemetary products?

> How many fewer developer jobs would there be now if every OS installation cost what Solaris used to cost?

Of course the market would be much smaller without FOSS, but how does this relate to what I am talking about?

I wish we had more FOSS, not less. I wish people were willing to refuse the short-term apparent benefit/convenience of closed source and started at least hedging their investments on FOSS alternatives.

> application developers and Free Operating Systems are complementary products

Yes, that was my point (or at least application development and OSes are)

It's not application development that is complementary to OS. It is the applications themselves.

Anyway, the point from Joel's article that I think so many people miss is that *every smart business should try to commoditize their complements". If you are an OS developer, you will try to commoditize you hardware, If you are an application developer, the smart thing is to commoditize your OS, and so on up the stack.

So, I don't understand the remark about Linux costing as much as Solaris. I am not expecting the final consumer to look at Windows and Linux and say "yeah, we need to pay for Linux". What I do believe is that smart application developers would never voluntarily lock themselves into a closed platform.

> If you are an OS developer, you will try to commoditize you hardware, If you are an application developer, the smart thing is to commoditize your OS, and so on up the stack.

Both applications and hardware are complementary to an OS.

So if you are an OS developer and are following this logic, you'll also try to commoditize the applications.

(And see eg the Apple app store for an illustration.)

Yes, you're right. The smart thing to do is to to commoditize up and down the stack.
> First, creating value on top of the platform is not the same of extracting value from it.

Please explain. Especially what you mean by extracting value.

I get a lot of value out of eg the Linux kernel. But I never contributed any value back to that project.

What makes me a better person than Apple etc?

Do you use Linux to create applications that restrict user freedoms? If yes, then you are not better than any of them.
Apple already evades use of GPL3 software, so GPL currently does solve the problem. You can also dual license, like mysql, if you want to provide non-GPL use.
Apple writes software mostly for distribution, so the license affects them heavily. It might not be enough for companies that run the software on their servers and just offer it as a service.
This means you're no longer producing open-source software. You're now producing proprietary software.
Check out the Polyform Project's Small Business License. It has a threshold of 100 employees and contractors, and 1,000,000 USD in annual revenue.

Of course, the OSI's Open Source Definition precludes these kinds of restrictions, so it isn't "open source" by that definition.

https://polyformproject.org/licenses/small-business/1.0.0/

I am not a lawyer, and please correct me if needed, but you can publish with GPL in all your projects that you own the copyright and simply include "if GPL doesn't suit your needs ping me" in a README and you can do agreements on case by case basis where you can grant a different license to a specific third party. With this FAANG will need to negotiate to use your code in close source but any average Joe can just write a nice email and use it.
If the GPL is fine for them, why would FAANG need to use a different license?
I am referring to the case where FAANG would make money out of your work in closed sources:"With this FAANG will need to negotiate to use your code in closed sources(...)"

Still I get your point, and they indeed don't need to negotiate to use GPL but, with GPL most of the times the actual developer receives the merit of the work (whatever it means) and more important, the community can use any improvements/features/functionalities that FAANG may develop on top of original work.

Then write one. You can write a license with any terms you want. It won't be open source (per FSF, Debian, and OSI definitions) but it can impose absolutely any terms that are important to you. Don't be surprised if not many use it, but you'll have achieved what seems to be your primary objective.
This.

Using a free use license and then complaining that companies and people freely use is just completely moronic.

And it's not stealing so stop with the hyperbolic nonsense.

Andreesen Horowitz primarily focuses on early stage startups. A company with 5mm in investment isn’t able to spend 1mm on a single open source license.
> I don't want GPL.

Any reason for that? Most of the opposition is on religious/fashion/popularity grounds as far as I can tell.

> I want a license that prevents unpaid use by any entity that has any stakeholder worth more than a billion USD.

What's that supposed to mean? Surely the value of e.g. Linux to its stakeholders surpasses 1B.

(comment deleted)
I can't blame the authors for the choice permissive licenses. Maybe they were idealistic and starry-eyed, maybe they never thought their project would catch up, maybe they were naive victims of propaganda or maybe they had ulterior motives, who knows. I don't blame the companies that take advantage of it, they are profit-seeking entities - if they see an opportunity for profit they'll take it, morality be damned.

I blame those that justify and help propagate this behavior, justifying abusers of free labor arguing that we wouldn't have all these nice products that make our lives easier. Yes we would, if there's a market for them we would - only now people would either get paid to create them or the companies would be forced to give back to the community just like they benefited from it.

So, authors, if you are sick and tired of your good Samaritan efforts being abused, switch to GPL and let them rant

But then tomorrow everybody comes and rants about that the GPL is too restrictive. That's the price we pay for this. It's the license that keeps work free.

SaaS is the “antidote” to GPL from a corporate point of view.

Similarly like democracy is brittle and depends on the values being upheld and cultivated by everyone involved, open source is more than a legal license.

Many people have paid it forward with a lot of hard work and built the entire infrastructure, starting with open source operating systems, bios and drivers. It's the motivation of these people that keeps work free, and they probably want to see a thriving ecosystem of software and an open internet.

What is the consensus on using/extending GPL licensed code in the web backend?
If it's just being used in the web backend (or not being made available for download generally), you're not distributing so GPL doesn't come into play. This is the "loophole" that AGPL was created to address.
> The right reaction is not to stop producing open source software. The right reaction is to adjust the license.

I think the kind of software written also needs to be adjusted. Most open source software I've encountered recently has either been created to solve a business problem that only happens at a large scale or solves a developer tooling problem that only occurs when working in large groups.

When the open source software is being made to address the problems of corporations and their employees, of course corporations are going to be the ones that benifit.

[this comment was deleted as HN doesn't pay me to contribute to the discussion]
What? You opted for Spotify model when you sign up for the service. I am pretty sure you are still free to purchase the music or album in iTunes.
You’re even still free to just go buy the CD and rip it, as odd as it sounds.
(comment deleted)
What happens with your iTunes music if your apple account would get locked? Sadly the only option nowadays would be purchasing hard discs, and hope theres no protection on the disk as you are not allowed to break it
ITunes has been DRM free for over a decade?
Nothing, you can download all the music DRM free first. You do own what you bought, at least from iTunes you do.
Here in Australia the streaming options for music/video are better than our previous options for CD's/cable. A three month subscription to Spotify costs less than a single album would cost me 20 years ago.... not even account for inflation. A monthly Netflix subscription is 20% of the price that cable would cost here 5 years ago.
> Spotify

You don't own the music. You can't share it, use your own software to analyze, shuffle, remix it, etc.

> Netflix subscription

But now there's Hulu, Disney+, Amazon Prime, HBO Go, Showtime Anytime, Peacock Premium, etc. Except now instead of one easy to use interface to access it all, it's spread out all over the place and inconsistent as hell. And more expensive!

> You don't own the music. You can't share it, use your own software to analyze, shuffle, remix it, etc

I'm a consumer of music, not a creator so I don't care that I don't own it. There are tons of ways creators can analyze, shuffle, remix or do whatever with it, but as a pure consumer Spotify is simply much better for me than CDs. I never cared about owning Music, CDs were always just a transport Medium so I can listen to the music.

> But now there's Hulu, Disney+, Amazon Prime, HBO Go, Showtime Anytime, Peacock Premium, etc. Except now instead of one easy to use interface to access it all, it's spread out all over the place and inconsistent as hell. And more expensive!

They aren't though because you can be selective and cancel anytime and resubscribe. And you can watch exactly what you want at any time compared to cable. As a consumer it is way better because there is way more choice and competition at the moment.

(comment deleted)
> instead of one easy to use interface to access it all

one easy to use interface to access whatever was on

> But now there's Hulu, Disney+, Amazon Prime, HBO Go, Showtime Anytime, Peacock Premium, etc.

Outside of the USA there’s far less choice, so less subscription overflow

I just stopped watching things. Kind of a strange outcome but I'm also more happy with it than expected.
I haven't watched a lot of things the past 10 years. A couple movies with friends, but I can count those on one hand. I don't really miss it. Some friends find t weird and try to push recommendations still, and I thank them and tell them I'll put it on the list. Then I promptly forget what they talked about, but they seem to have been satisfied with this. No harm done, right?

On the other hand, they seem to be all about audio books while I tell them they are not the same as sitting down with a real one. They tell me they don't have time for books, and listening to them while working our, jogging, cycling is how they 'read'. I don't think they are getting the same thing out of it that I do actually reading the physical book in a single tasking way, but then again, I shouldn't be bothered by other people's habits.

Oral sharing has been the human way of transmitting stories for tens of thousands of years. Your newfangled "written books" are just a novelty :)
I do audio books too. Actually often if a book is good I'll download the text too to read and listen to interchangeably. It's nice going for a walk in the park while listening to the book once in a while.
I enjoy the walk and quiet. I do t want someone talking into my ear when I go for a lonely walk to get away from people, work, noise. I find that it defeats the purpose to take your phone with podcasts and audio books with you for such occasions.
You never did “own” it on a CD, or for that matter a on vinyl or cassette. You owned a license to privately listen to your copy of the music, that lasts as long as the medium is playable. Recording from the radio is technically unlawful, as is playing the music at large gatherings or broadcasting the music. Same goes for video cassettes, DVDs and other mediums. What you do own is a physical copy of the music/film. You cannot do what you want with it, which is what you are implying. I’m not suggesting that this is fair or just either.

Also, if you’re arguing against 30% fees, Spotify takes about 30% as a margin on every fee they receive, more for ads.

At least you had the right to resell CDs. Something lost even in DRM free online services. Cannot even give (transfer) a copy of the digital thing they bought to someone on the same service (ie they have it on their account, you now don't). The change to digital distribution has destroyed customer rights.
> Recording from the radio is technically unlawful

I thought this was settled the other way in https://en.m.wikipedia.org/wiki/Sony_Corp._of_America_v._Uni....

My frame of reference there is the UK. Should've been more explicit stating that. Sorry :)
In the US the Audio Home Recording Act explicitly legalized noncommercial recording (and also created a tape/CD-r tax to compensate copyright holders.) In an alternate reality this could have legalized file sharing onto (taxed) MP3 players. (Though the subsequent NET act added criminal penalties.)

How did Apple's Rip. Mix. Burn. campaign play out in the UK?

> But now there's Hulu, Disney+, Amazon Prime, HBO Go, Showtime Anytime, Peacock Premium, etc. Except now instead of one easy to use interface to access it all, it's spread out all over the place and inconsistent as hell. And more expensive!

Back in my younger days in Australia I remember we had to get the "Entertainment Plus" pack in order to get the sports channels on Cable. That included 65 other non-sport channels for a minimum of $110 a month. Now I pay $15 a month for a sports-only subscription service.

My single access frontend is the transmission-qt client. I can recommend it wholeheartedly.
That's coming out of the musicians' pockets...
You might honestly be right, for anyone who expects to buy five albums a year. The downside being that all the music you've "bought" might just disappear if the service goes down. It might be worth it, but the best of both worlds would be nice.

I'm not sure what that should be, but unlimited local copies of everything for a small amount of money doesn't sound fair -- but Spotify hardly deserves a big cut of it either.

A pickle indeed, if only there were a service that was more of a co-op of artists. Happy to hear recommendations, I'm using soundcloud still.

It already exists on both fronts: stream2own and a cooperative.

https://resonate.is/

Oh, I remember this. Gosh, I really wish it was good, and I mean that sincerely. It's just got such a limited selection and set of genres, and if what I want is a radio station to listen to in the background half the time...

Don't get me wrong, the music is lovely. I like the idea a lot. It's just really not comparable =/

It surely lacks RIAA-adjecent content; hopefully it gets better over time and improves the musicians' living conditions.
> might just disappear if the service goes down

The service doesn't even need to go down, the licenses with Spotify can be revoked/expire/etc. I love the convenience of having an almost unlimited library of music to listen to, I absolutely detest the fact that one day I might think, "Oh I'd like to listen to <X> from my playlist." and suddenly it's no longer available, because <reasons>.

We should fork everything and relicense for the end user’s sake. Have said this for years.

Also start looking at a plan B for the www. Gopher is a winner there because it’s difficult to use it for anything other than information delivery.

While this is extreme, we need a contrasting platform to fall back on always.

Hmm, I agree with you, but this is a bit different. It’s not like someone took faker.js and started charging for it. It’s a tool that the author chose to give away, and other companies used. There’s literally nothing even asking people to pay, other than sponsorships at the bottom of the README.

You can’t expect companies to pay if you never ask!

I’d love to see GitHub create more avenues for paying for software. Shareware-esque licenses with an easy way to pay, bounties attached to Issues, etc. I think companies _would_ pay (if given a reason); right now it’s framed as a sponsorship (not even a donation!) so the thought process for a company (assuming they even notice it and consider it) is “well, I don’t think it’s a good marketing expense for us” and that’s it.

I’d say most people using faker.js aren’t big companies trying to fuck over a random dev. It’s an employee typing “npm install faker.js”, and genuinely never thinking about it.

> You can’t expect companies to pay if you never ask!

You're right. Sadly, those making use of the software are often not the ones holding the purse. The request gets only to the Devs looking at the software pages and nobody generally writes to management saying "we want to use this open source software in our product and this guy/girl asks to be monetarily supported to maintain the software".

Just straight off making a commercial use license is better and clearer. However, often devs can't take on potential liabilities in such cases, which further complicates matters.

It’s an employee typing “npm install faker.js”, and genuinely never thinking about it.

That's the problem.

It's not stealing when you've given it away, explicitly and out of your own free will.
You're right, it's not stealing. You have chosen to give it away for use in this manner.

But the other side of the coin is that this is increasingly unsustainable. Free/open source software development works best when it is based upon mutual self-interest fostering cooperation and collaboration. At the extreme, it is increasingly an altruistic/parasitic arrangement (on the part of producer and consumer, respectively) where the producer gets zero benefit from their efforts but the consumer benefits greatly.

It has always been the case that there are more consumers than producers. That's an inevitability, and the number of consumers isn't itself the problem. But this simply cannot be sustainable at scale due to the limitations of available developer resources and ongoing requirement for unavoidable commitment. It becomes exploitative because it sets up the expectation and demands that people work for free, writing code, reviewing code, maintaining infrastructure, supporting users etc.. This is one reason I've dialled back all my participation; it ends up costing me greatly in time, resources and stress, for almost zero benefit. At some point, free is actually too costly, and paying for products and services is fairer all around. We have, after all, invented a monetary system, companies and employment laws to ensure that people are properly compensated for their efforts.

What a sad zero-sum way of looking at things. Your open source software doesn't go away because some corporation decides to use it. The companies you list have made substantial contributions to open source.
They've destroyed our open web, replaced RSS with DRM, left us with streaming and music options worse than cable and personal audio libraries.

The web is bloated with ads and tracking, AMP is given preference, Facebook and Twitter are testing the limits of democracy and radicalizing everyone to cancel one another.

This is the important part from the GP. If they were under the AGPL or say a new better GPL which patches the problems with GPLv3 then those companies that have destroyed the open web would have at least had to buy the work or do it themselves. Even if that doesn't have a huge impact on the state of things, at least project maintainers can say that they are not contributing to it.

That is what happens when the hipster folks attack GPL and push for MIT like licenses.

Had Linus not chosen it for Linux and I bet I would still be using a mix of Solaris, Aix and HP-UX on the server room.

Dual licensing is the only true path, it was already so in the shareware days, and it will be back to be the daily reality.

Bills have to paid.

How does dual licensing works? Got a prime example simple to understand?

Asking for a friend...

You offer a copyleft license like AGPL but also offer a paid license for those who don't want to deal with AGPL. Since you as the creator own the copyright, you can license it however you want, including multiple licenses simultaneously.
It's a pattern that works very well - many large companies have standing policies that they can't use copyleft licensed software so they have to get the paid license while those happy with the copyleft social contract get to enjoy and contribute for free.
Correct, although not every company shies away from copyleft, namely Amazon which will package your AGPL product wholesale and sell it. They are after all not required to open source their infrastructure code.
> package your AGPL product wholesale and sell it.

if anyone has a problem with that, then they have a problem with software being open source.

Or they are discriminatory and just don't want anyone they personally dont like to benefit.

> Or they are discriminatory and just don't want anyone they personally dont like to benefit.

Which is their right as long as they are not discriminating against a protected class, as it's their work, but they should have put that in the license.

Forgive me for a naive question but how do external contributions to the AGPL code find their way back to the commercially licenced code?

Are all contributions to the "original" pre-licenced source? If so is there some extra legalese to ensure that the changes will always end up in the AGPL source too?

I know of many successful projects using dual licencing so it must work, I'm just wondering how on a legal front.

I don't understand all of your questions, but the proprietary part of the "dual license" can be anything the copyright holder wants. Qt is probably the most famous dual-license software. Check https://www.qt.io/pricing for some but not all details.

It looks like this is subscription-based, so I'm guessing you can update for the length of your subscription.

Perhaps you're asking whether you're allowed to use development patches written by external people that you'd maybe find in github discussions etc.? If you need that, you will probably have to negotiate for that option yourself. If that is your question, then that isn't really a naive question at all.

The contributor would need to either:

- Agree to a Contributor License Agreement that grants the project owner an irrevocable world-wide commercial license (probably missing a few adjectives but you get the idea)

- Transfer the copyright

- Release to public domain

Outbound licenses (say, the GPL or proprietary) and inbound license for contributions are orthogonal. If you intend to dual license outbound, you need to clarify that in your inbound CLA.
You publish under AGPL for free and also under a commercial license for people who do not want to abide to the conditions of the AGPL. See servicestack.net as an example. It seems to work for some people.
Just like Qt does it.

You don't want to pay upstream for their work? Use GPL license and get as much money as you are willing to give them.

Otherwise use it in a commercial setting, you need to pay for the commercial license instead.

It is not much different from the demo versions of shareware days, and yes even in those days you could get the source in some products.

I think Atlassian have a dual licensing model where you can download the source code and build the product yourself, but only for single users, or open source projects.

Commercial users however have to buy a copy, but the source is available for all.

Maybe somebody could create a github (sharehub?) equivalent where anybody doing a clone has to register and then commercial entities can pay for the licence or single use hobbyists could attest.

people sharing the code can then set what they see as a fair price and the website will take a cut of the revenue (e.g. 30% ducks )

> Dual licensing is the only true path, it was already so in the shareware days, and it will be back to be the daily reality.

It's strange to me that the GPL licenses get regarded as too ideological, but an mit license also has an ideology behind it. Yet now we're discovering that lots of people have been using mit style licenses when they don't agree with the ideology.

All the tools have been available to avoid this problem. Essays have been written about why these things are problematic. Hopefully now actual practice will catch up with theory.

Have you actually looked at his project ? It's a library that helps you write tests by generating dummy data - even if this was GPL it would have no impact (except maybe scaring some people from using it or making it a non starter in companies with policies banning GPL). You will never distribute your tests to the client and if you're running test you already have access to the code.

And this is trivial but tedious code that you could replace on the spot.

I'm not dissing the author but these rants about opensource licensing and whatnot are completely out of touch.

Most (but importantly not all) of serious non-trivial open-source is sponsored by big corporations or academia so this stealing narrative is ridiculous, and MIT/ Apache is an excellent licence that successfully facilitates collaboration on some of the largest OSS projects out there so there's nothing wrong with using them.

I didn't need to, it is just yet another example of someone realizing the hard realities of business life.
Yeap. Commercial licences encourage fragmentation and often abandonment. If you're going to go open source, go GPL its the best way to ensure long-term success.
not all gpl is the same
Sadly, because adoption by large companies requires permissive licenses these days, or maybe just developers think so, everything is MIT license these days.

Sometimes I think adherence to the open source has pushed hobbyist community backwards. Source available for hobbyists and paid for commercial use is no worse than GPL (GPL gets violated as much).

Well this somehow reflects what I am seeing for last 20 years.

Hobby or just passion of open source is fueling the industry to forge massive profits while on other side provide peanuts for authors, far less than if they were their employees (or lets rather say: 0).

I was working on multiple close source projects for different companies that were avoiding anything GPL, searching for permissive replacements and in never giving back anything - not even bug fixes.

Like openssl[1].

Actually even GPL is not a protection here, with sources given away they become almost a manual how to re-implement it which is far simpler than making it from scratch (oh and yes, people are doing that without copy pasting).

What open source has accomplished was for sure making technology more available, but on the other side, to name just a few:

- lowered expenses of companies on buying software, especially on various SaaS companies that dont distribute software

- keeping the need for experienced developers and vages down while on the other side raised paychecks of system administrators and system integrators

- creating a viability to hire anyone as a developer while on the other side driving anything complex out of industry as companies were avoiding doing projects where complex knowledge is needed (I am not talking about top of gauss curve companies)

- lowering a quality of software - putting together lego blocks and if they dont fit writing a little glue is hardly ever as efficient as writing tool for problem solving dedicated to the problem. Not to mention free availability of tons of over-complicated "does it all" frameworks that dont really fit to solving any particular problem perfectly, but are good enough to avoid solving complex problem where you have no workforce that would actually be able to solve it.

And guess who profits - engineers certainly not.

Actually we are denominating our work by giving it out for free (try to get someone to paint your walls, to lay down some ceramic tiles, to fix your car,... for a price of mentioning who did it behind the bumper, under a tile,...)

[1] https://www.buzzfeed.com/chrisstokelwalker/the-internet-is-b...

> Actually even GPL is not a protection here, with sources given away they become almost a manual how to re-implement it which is far simpler than making it from scratch (oh and yes, people are doing that without copy pasting).

That's quite a gamble, since it falls foul of the Clean Room Implementation criteria

https://en.m.wikipedia.org/wiki/Clean_room_design

Big companies (faang) won't touch that approach with a 10 meters pole, but obviously I'm not surprised that smaller actors might have a more cavalier attitude to copyright law.

That's all just called capitalism.
or rather it is not paying for free stuff and internet-enabled global scale.

Not really sure whether capitalism really plays a significant role here more than simply allowing enterprises to exists

> if companies just steal it

just like how biden stole the election? how is using the software stealing when it's used as licensed?

Perhaps people should start reconsider using GPL 3... once again, Richard Stallman was right all along.
> Apple is telling us we can't run our own software on their goddamned devices, yet they built their empire on open source.

Stop. Buying. Their. Shit.

Are you familiar with the TimescaleDB license[1]? It basically means open source but companies cannot just take the product and offer it as a (paid?) service. They are allowed to provide other services services that are built with timescale underneath but not offer the product itself as a service.

[1]: https://github.com/timescale/timescaledb/blob/master/tsl/LIC...

The TimescaleDB license can only apply to TimescaleDB.
There is nothing holding you back to create a similar license for your own product.
Except for the fact that I can't afford to pay a lawyer a few thousand dollars to draft a license for my OSS libraries.
Treat it like code. Do some refactoring and that's it. I do see your point, if the license had to be written from scratch. But you already have a template. Use it.
"companies just steal it," - they're definitely not, they're using it well within the terms into which it's published.

Of course, there might hopefully be a better way of sorting this out so that if devs want to, they can also get some kind of 'open comp' as well.

Seems like Feudalism rides again. We’re just peasants working on a new set of kings’ land now.
While I agree with some of your points - which to me mostly boils down to rent-seeking monopolies / duopolies - I think you're seriously underestimating the "Yes, it's managed..." part.

People are still perfectly at liberty to run their own servers, and the fees for running servers that handle the kinds of traffic that used to happen "when the Internet was actually pleasant" are peanuts. Running any kind of server used to involve purchasing hardware, bandwidth was orders of magnitude more expensive and so on.

This server-as-a-service means that for $5 a month I was able to build a Python Twitter bot that tweets the diary entries of a 17th century English naturalist[0,1]. It means I got to do something fun without the overhead of actually running the server. It's a small thing, and as I said I agree with what was probably the main thrust of what you were saying, but it really feels like you're throwing the baby out with the bathwater through your obvious exasperation.

[0] https://twitter.com/gilbertwhitetwt [1] https://gilbertwhitetweets.org/

> What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

That sentence is a contradiction in itself.

> Apple is telling us we can't run our own software on their goddamned devices, yet they built their empire on open source.

Not on GPL-licensed open source, as far as I know.

> Look at Facebook, Google, Amazon. They've extracted all the blood they can and given us back scraps.

That is simply not true. A great deal of the open source software I use on a day-to-day basis is funded by some of these companies. The number of GitHub repositories they publish for all to use, under permissive licenses, is immense.

> The web is bloated with ads and tracking, AMP is given preference, Facebook and Twitter are testing the limits of democracy and radicalizing everyone to cancel one another.

You are right about this, but this is at best tangentially related to open source.

The point of Free Software is to protect the freedom of the user. Open Source doesn't have a point and never did.
You’re far too generous. Open Source has always had a point, and it’s succeeded in achieving that point: the point is to take mindshare away from Free Software so developers use non-copyleft licenses that are preferable to big business.
> Look at Facebook, Google, Amazon. They've extracted all the blood they can and given us back scraps.

Facebook and Google at least have put out a lot of open source code, have you heard of React and Angular? PyTorch and TensorFlow? There are some pretty big names in their list of public open source projects.

> Serge quickly discovered, to his surprise, that Goldman had a one-way relationship with open source. They took huge amounts of free software off the Web, but they did not return it after he had modified it, even when his modifications were very slight and of general rather than financial use. “Once I took some open-source components, repackaged them to come up with a component that was not even used at Goldman Sachs,” he says.

> Open source was an idea that depended on collaboration and sharing, and Serge had a long history of contributing to it. He didn’t fully understand how Goldman could think it was O.K. to benefit so greatly from the work of others and then behave so selfishly toward them. “You don’t create intellectual property,” he said. “You create a program that does something.” But from then on, on instructions from Schlesinger, he treated everything on Goldman Sachs’s servers, even if it had just been transferred there from open source, as Goldman Sachs’s property. (At Serge’s trial Kevin Marino, his lawyer, flashed two pages of computer code: the original, with its open-source license on top, and a replica, with the open-source license stripped off and replaced by the Goldman Sachs license.)

From an excellent article[1] by Michael Lewis, on Goldman Sachs' attitude towards open source software.

EDIT: typo

[1] https://www.vanityfair.com/news/2013/09/michael-lewis-goldma...

That's a great read. I don't understand the prime number part though:

> 3599 = (3600 – 1) = (602 – 12) = (60 – 1) (60 + 1) = 59 times 61. Not a prime number.

Where does the (602 - 12) come from? Can someone explain that to me?

Also, use a leading space to keep things out of your bash history.

That’s 60^2 - 1^2. The exponentiation was lost in the rendering I suspect.
That should read as 60^2 - 1^2 -- the twos should be typeset as superscript.
One reason why I use the EUPL license for most of my hobbies.
> Seriously. What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

You can’t offer people a free lunch and then claim they are steeling if they don’t voluntarily tip you the full cost of a lunch.

Open source software is provided under a license and if Apple or Amazon or whoever do not violate that license they are not steeling. If you didn’t want them to use the software under the license you provided the software under chose a different license.

The point of open source is exactly to provide software under open source terms. If you want to add additional terms like “unless you make money then I want to get paid”, then just do that! It’s your software and your license! But you cannot have Heisenbergs open source software which is open source only until someone picks it up and makes money at which point it retroactively becomes proprietary in order to force that moneystream past you.

> You can’t offer people a free lunch and then claim they are steeling if they don’t voluntarily tip you the full cost of a lunch.

No, but I can be miffed if I offer people a free lunch and they turn around and sell the free lunch I paid to make and keep all the money.

You certainly can, but why? It’s a problem easily solved by not giving away free lunches or adding terms.

It seems odd to me to have the solution completely within my power to fix, but not fix it, and complain about the situation.

In my view, the license is specifically made to allow reselling. That’s why I pick MIT, Apache, and BSD. If I don’t want people to resell then I pick GPL or some other license.

Because I want to give my software away to individuals and small companies, but if someone gets big enough that they can afford to pay, I want them to pay me then. I don't want to discourage them from using my thing when they're small.
That makes sense. What I mean is that you can do that. Set up a license so rich people can’t use it.

What I meant is that releasing software under a license that doesn’t reflect what I want and the complaining will just lead to frustration.

This seems like a simple problem to solve, just release under whatever license I want. This faker.js project is released under MIT. The author can continue development under some non-OSS license and I think that will make him happier because rich people would stop using it. But I don’t think it will make him the income he wants.

I think the problem is that non-OSS licenses will result in people just not using the project, not that rich people will start shelling out.

As a small business, I would avoid these licenses as well because having multiple licenses kick in at different levels will be confusing and expensive. I’d rather use OSS or just buy commercial products.

Oh, agreed. I'm more lamenting the fact that there's no good license for this (that I'm aware of, anyway).

> As a small business, I would avoid these licenses as well because having multiple licenses kick in at different levels will be confusing and expensive. I’d rather use OSS or just buy commercial products.

You could just license it from the start and not have to worry about the license kicking in, though.

That's exactly what the maintainer of faker.js is doing. He decided to stop giving away free lunches.
Not really. The repo is still MIT. He said he won’t make further changes, but hasn’t set up his project with a different license.

It seems like his current take is just seeking patronage to keep working on an MIT project.

I think this happens quite a bit, but not normally this way. There are lots of companies who employ people with the sole purpose of writing for MIT/Apache/BSD projects. So I guess that’s a form of patronage.

I hope this guy gets what he likes. I’ve never heard of this project, but it has at least 26k people who liked it enough to star it on GitHub. Not sure how that will ever equate to 100k+/year.

(comment deleted)
I would disagree about google and Facebook. Both have made tremendous OSS contributions such as BPF LSM, level db, react, and zstd.
The internet is now positively a nasty place. Everyone is optimizing for "engagement" which essentially equates to "controversial content". You can't find any genuine advice because Google has been gamed to the point where top 50 pages for any query are affiliate pages.

Forums and the communities they fostered are dead. Their replacement, Reddit, has a structure that favors the hive mind.

There are ads everywhere and they swing between downright creepy (ads about what you were searching for an hour ago) to completely awful (semi-pornographic Taboola/Outbrain ads). When they're neither of these things, they are just plainly deceptive (sponsored content).

I really hate the internet now.

I used to love it so much. It's what taught me my current career and brought me financial independence.

If I could press a button and erase Apple, Google, Facebook, and Twitter from existence I would. It's all trash.

>Forums and the communities they fostered are dead.

Not really - I still use forums (that use my native language) and they feel great! way better than Reddit and have significant active user base.

This 1000x.

I used to work at a company that pivoted into "growth hacking" and it seriously made me sick how at the end we had 1500 freelancers being paid peanuts to write about subjects they had minimum knowledge about, using other similarly shallow articles as their only reference.

Today I can't search anything on the internet without coming across those. It's always the same: a shitty Wordpress blog and a 1500-word article with 1% of the depth of a Wikipedia Article. And some people have the gall to distrust Wikipedia when believing those.

We have 50 websites for lyrics and guitar tabs but they are 10% content (and it's always copied from somewhere else, or each other) and 90% advertisement.

If you look for software you're are either gonna get legitimate companies (Download.com) trying to inject you with install-spyware, or piracy blogs trying to infect you with legitimate malware.

Review sites are the worst. I frequently start reading reviews I've looked up on google that seem pretty legitimate, only to realise by part way down that it's clear the 'reviewer' has never actually seen the product and is just aggregating content from amazon reviews and spec sheets.
It's come to a point where I have to search for reviews on YouTube because there, I can at least be assured that the person reviewing it has the product in their hands
No, the mainstream internet is the nasty place.

The "old" Internet is still out there, at places like https://tilde.town.

I would like the spirit of the old internet with modern graphics. I don't understand why sites like that need to look like they're from the 90s.
(comment deleted)
> I don't understand why sites like that need to look like they're from the 90s.

Nostalgia and signalling (that leverages said nostalgia), basically.

>Remember when the Internet was actually pleasant?

That was went it wasn't useful for normal people. You don't want to go back in that time. Most people browsing this site wouldn't have the job they currently have without popularization (and thus pollution) of the Internet.

>left us with (...) music options worse (...) personal audio libraries.

This has to be hyperbole, right? My music library has exploded since I signed up to Spotify. I get exposed to new artists and genres pretty frequently. Way more often than in the days of sneaker netting mp3s. Not to mention that I get this all legally and guilt free.

> the Internet was actually pleasant? When it was nice to build stuff for others to use?

The internet was not pleasant, it was chaotic and that s what made it so fun. And yeah there's nothing like building stuff on an open platform that nobody gatekeeps. A feeling lost for an entire generation of developers now.

I agree with the sentiment, but the responsibility is as much as (if not more) from consumers as from companies.

If consumers only look at sticker price of every product and ignore all externalities, then companies will work to give them that. It is up for consumers to refuse software that takes their freedoms, locks them up in golden cages, makes their lives super convenient at the expense of underpaid/exploited labor, etc.

Copying isn’t stealing when we do it with songs and movies, and copying isn’t stealing when corporate programmers do it with free software we’ve published on the web for all to use.
Yes helllo, agpl called, they wanted to let you know to not license your stuff with permissive licenses. If you do stop complaining about the situation
I'm going to replicate one of my recent replies ([4] which unsurprisingly got me downvoted, but I regret nothing) here because it seems relevant. Specifically, Marak seems to grok the exploitatitive nature of the current setup (chosen in part by themselves) but lacks real negotiation leverage because they have no organization behind them (besides people cheering them on in the comments). With this in mind, I think it's okay for me to get the big scary words out here again. :)

The problem (okay, "a" problem) here is that it is indeed OSS, and not FOSS, that is being used.

It might be worth re-visiting "Post-Open Source" by Melody Horn (boringcactus) [1] on this. You might want to copy/paste that link instead of clicking. :) It has been discussed here before [2] and (unsurprisingly, IMHO) gotten quite a bit of blow-back from the HN crowd.

The General Intellect Unit podcast recently had an episode on the piece [3] and I think they made the point clearer (well... also they roll the piece out to 1h 40min) by more openly posing it in a class struggle context. (Side note: please don't post replies attacking this as communist. The podcast has "marxists" in the name, you wouldn't be insulting them, and I'm merely engaging with their content, so if you're gonna try to attack their/my positions, please do the same and don't just throw scary words.)

The bottom-line is that Open Source Software has nothing to do with the freedoms of the developers. It is...

* a corporate entrenchment scheme: enlarging your hiring pool by establishing your in-house solution as the industry standard, giving you full hiring pipelines and stronger negotiation position against current and prospective employees.

* a capitalist commons: by tending to one industry standard, the companies (not their devs, who will still have full work days) save on duplication of effort.

At the same time FOSS (which does focus on the freedoms of the devs to read, modify, learn...) kind of misses the point by being...

* too obvious a trap, and thus ineffective. No sane capitalist company will go anywhere near AGPL code (and we just had an example on HN of someone trying. it wasn't pretty)

* ultimately not even clear on how this will make anyone's lives materially better, even if it were effective. It's not gonna raise your salary, nor give you more paid vacation, health insurance. As a dev, you'll still be producing surplus value (okay, in a hopefully less alienated way) that will then not be paid to you (that's the definition of profit) so from this perspective the "F" in FOSS doesn't really bring much to the table.

The GIU podcast concludes that yeah, working in IT was nice for a while, because it posed some fundamental problems to capital and as a dev you were in a much better negotiation position. However, those times are over. Capital has found a way to make IT labour just as fungible as manual labor, at least to the extent that we should expect those "rock star" benefits to dwindle soon. Up to us to realize that and take action.

Again: relaying analysis here. Not sure I buy all of it. But even if, please keep your replies centered on the content, not the vocabulary it's presented with.

[1]: https://www.boringcactus.com/2020/08/13/post-open-source.htm...

[2]: https://news.ycombinator.com/item?id=24397552

[3]: http://generalintellectunit.net/e/066-post-open-source/

[4]: https://news.ycombinator.com/item?id=24977616

> * too obvious a trap, and thus ineffective. No sane capitalist company will go anywhere near AGPL code (and we just had an example on HN of someone trying. it wasn't pretty)

Source plz ?

> the "F" in FOSS

It's free as freedom, not beer. GNU seemingly doesn't want to use 'libre' because Indians might not understand it or something, which IMHO is ridiculous considering how often this confusion is made !

Otherwise, I get that E.S.Raymond has furiously anti-leftist political views, and I can respect that, but IMHO he should be held accountable for the current situation…

EDIT : Also, isn't it fairly ironic of someone using the closed and Microsoft-owned Github to complain about these issues ?

> Source plz ?

The dominance of permissive licenses in the industry (compared to GPL) and the relative non-impact of AGPL software. I can't think of many AGPL (or similarly licensed) projects that have similar industry standard status as react or tensorflow have in their respective niches.

> It's free as freedom, not beer.

I'm sorry I should have made this point more explicit I guess. Of course I am well aware of the double meaning of free, and that it relates to freedom in this context. My point is that yes, that freedom allows you to do and read things, of course. But what? In an (exaggerated, and not entirely fair) analogy, it would be like claiming/securing the right to wear clown shoes during coffee breaks in the office. Yes, it's a right you may not have had otherwise, and it will brighten up your day, but ultimately it won't change the material relationship to your employer.

In the same way, being allowed to read, modify, and distribute software is not in itself a solution to this specific problem at hand here, i.e. the strategy of Fortune 500 companies, as a stand-in for capital to get free labor from OSS devs. (note the omission of the "F" in this case because again, for the most part, this will happen with open source work, but not so much with libre projects).

-------

As an aside, I'm unsure how to interpret the tone of your comment, so just to clarify: please don't mistake this as an attack from me on AGPL and similar. I think they're better than nothing and I personally prefer contributing to strongly copyleft projects. But they won't be a mechanism that can have a similar impact on the software industry as widespread unionization had on employer/employee relationship a hundred years ago. I lived in the Ruhr Area in Germany for a few years and the impact was really impressive, quite hard to imagine it happening like this today... The conclusion of the podcast I linked above is that IT work (and programming in particular) has developed from something where the individual holds significant negotiation power (and thus individual choices matter a lot) to a market in which workers are essentially interchangeable (since they all work with the same tools anyhow) and thus individual choices like Marak's are relatively less likely to be effective.

Of course I hope that Marak gets hired and paid accordingly asap, but following this argument, in the long run programmers (the non-glamorous term for anything to do with code) will have to organize and/or accept significant drops in their salaries.

No, I meant, what happened in that specific example : ?

> we just had an example on HN of someone trying. it wasn't pretty

----

Yeah, sorry, short comments can end up sounding critical/judgemental - that wasn't the goal.

The FSF has been saying this for decades.

I don't know whether to laugh or cry that so many proponents of non-copyleft software are belatedly discovering that grasping corporations will take and take without ever contributing back.

Now do you people see why the GPL matters?

I said this years ago: open source always the brides maid, never the bride. That or its a bit like atlas, holding up the burden of capitalism.

Either way the internet is still just a big ip network. You can still setup a vps and run your own email, website, rss, blog, etc. And I know some people (masochists, psychos?;-) who do but they do that admin work for a living. Yeah, you gotta roll up your sleeves but that's just life: you have to work for it. These companies prey on human laziness and "free" stuff.

Just stop using garbage services and take back control. I'm one of those technological troglodytes who refuses to participate in most modern web nonsense. I have a smart phone with only a few utilitarian programs. I don't use any social media. I use bandcamp to stream/download my music collection which I paid outright for. I don't have any smart appliances, TV's or IoT trash. My life is fine and I have plenty of friends and a social life. Don't let anyone fool you into thinking you need to drink the dumpster juice internet koolaid.

> Remember when the Internet was actually pleasant? When it was nice to build stuff for others to use?

I do. I definitely miss it. And I fully agree with your post up until this point.

> Stop giving your work away for free when the companies only take.

Or just use a license which forbids locked down SaaS exploitation.

(comment deleted)
> Seriously. What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

Let's imagine a VPN company is a thin front on top of Tor and they charge $50/year for their "service". They're not stealing Tor. It doesn't mean Tor should stop existing. Sure, it's a scummy thing for the company to do, but Tor is still a valuable resource that remains free for anyone to use.

The point of open source is the creation of value. That some companies capture some of that value (usually less egregiously than this example - AWS is actually providing a dynamic host scaling service that happens to host open source software, Apple is providing a software vetting service and top-notch hardware that happens to be built on Unix) is irrelevant in the bigger picture.

> Remember when the Internet was actually pleasant? When it was nice to build stuff for others to use?

This is still true if open source developers are more focused on delivering overall value than they are on their jealousy that a company is integrating their software and charging for it. This could definitely be frustrating if the developer was hoping to make a business out of their software, but if that's the real problem then the license should reflect that.

What billion dollar industry is built on top of faker.js?
None, but think of it in the context of time = money. Discussions about self hosting development environments will be filled with people claiming it's not worth the opportunity cost to spend the time setting up and maintaining anything yourself when you can pay $X per month and make it someone else's problem.

In the same context, how long does it take to write something like faker.js? I've never used it, but I see commits that are at least 6 years old and there are 200+ contributors. Is that 1000s of hours? I honestly don't know.

Let's say it's 1000 hours just for an example and that someone worth $100k / year could write it. At $50 / hour that's $50k if you have have to build it in house and you lose out on the value of having 200+ contributors that are familiar with part of the codebase plus tens of thousands of users exposing bugs and edge cases.

So IMHO when you have codebases like this the corporate donations should be in $10k increments.

I would never publish a line of code under the MIT license. It's great for companies that want to popularize their platforms (like Microsoft is doing), but it's terrible for small developers and you'll rarely get any value from those projects.

Almost every project I worked on had a shitty version of faker, written in half an hour for specific needs. It’s a very cosmetic thing, as you’d never rely on this type of dataset for testing actual behaviour of critical code.
There's a certain level of irony when people complain about the morality, after using the term "open source" that was specifically coined to distance itself from the moralizing of "free software".

I'm not saying there's a radical difference between "free software" projects and "open source" projects or anything, but it really seems like we ought to stop and reflect on where we might have made mistakes in the past.

> Seriously. What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

To nitpick: They are not stealing it, they're using it per the license terms. Don't like that? Well, choose a different license.

That being said, I think there's an underlying point here. The "business-friendly" open source movement co-opted the idealistic free software movement. It was no longer about making the world better in terms of having a software ecosystem that respects the four freedoms etc., but about reducing wheel reinvention, minimizing transaction costs, attracting good developers to come work for your corporation, and so on.

One could argue that the idea of causing social change by coding free software in your basement was always an impossible dream. If you want to see political change, join a political movement and get out on the street protesting or something. And vote!

> Yes, it's managed, but you're forever a renter.

Welcome to 21st century tenement farming.

> Remember when the Internet was actually pleasant? When it was nice to build stuff for others to use?

I started hanging around on usenet in the early-mid 90'ies. Let me tell you, it was already a cesspool then (maybe it was better in the 80'ies, but I was too young then, sorry). Of course, back then it was mostly just people being assholes, not billion dollar corporations weaponizing assholes and hatred to drive clicks.

> Stop giving your work away for free when the companies only take.

I think so far open source has worked out pretty well for programmers, because there's such a huge demand for (competent) ones. If you want a glimpse how it'll look when demand starts to match supply better, take a look at your friends with liberal arts, sociology, politics etc. degrees. Unpaid internships and extensive open source portfolios before you get a real job, here we come!

Good points!

The issue that I see is that many (most?) people want a middle ground:

On the one hand, it's not important to them to use some sort of viral copyleft license that forces people who use their project to make their code free.

On the other hand, they don't want people who use their project to be aggressively anti-competitive or anti-developer.

So for example, it would be fine if Apple charged for their OS and kept it closed source as long as they allowed anyone who wants to develop apps for their OS to do so.

I think the first misstep the Free Software movement made was relying on corporate money. Not because "corporations are evil lololol", but because they aren't focused on the what we care about. For instance, when a webpage is bloated with ads/trackers the website itself is usually relatively lightweight, but has to embed ads/trackers to make money, and the ad/tracker companies don't care about the user experience. Fundamentally, even if the money ultimately comes from the customer, it comes more directly and more short-termly from businesses, so we focus on meeting business use-cases. So if you cut out indirect payment and get money directly from users, I expect we'll have a much healthier ecosystem.

But let's talk more broadly: Servers. Linux is great for servers. But remind me: who gives a flying fuck about servers? Surely not the FSF, because most real people use personal computers (that means desktop/laptop/tablet/phone/smartwatch/anything else you the typical user can physically unplug/open) and don't administer servers, and on top of that the FSF dislike services in the first place! (See: "service as a software substitute").

People don't have control over enterprise software in most cases - even at the office, your IT department literally chooses what you can do on "your" computer. So why do we have so much free software aimed at business, and so little aimed at e.g. games? Because that's what our money systems are set up to get funding from. Point is, enterprise software being open-source is not an end in itself, it's only useful as a means to an end.

So while corporations can be a useful tool when our interests align, they should not be our primary pillar of support. That should be the actual users, who pay money.

I think the biggest mistake we ever made was leaning into the "free" in free software. It's not as hard as you'd think - let me ask you, why is paying with ads and data-sucking so popular? I'd say, because they're convenient and ubiquitous. Every browser and user on the planet has support for ads/tracking, so every webpage supports them. They make PayPal niche in comparison! They're also incredibly convenient, having zero-click autopay!

Distros should have had payment models built into the OS (available) from the start. There should have been "app stores" selling free software from repositories - it's absurd that selling free software is claimed as a way of making money, but distros do absolutely nothing to accommodate such sales and will in fact undercut* potentially sustainable free software by repackaging it and putting it in repositories gratis, so now there's not even the slight convenience benefit to buying!

Yes, it's legal for a distro to do that. It's also legal for corporations to be parasitic, that doesn't make it moral.

Anyway, move towards patreon-style funding or traditionally proprietary models that take money directly from the consumer. Then you won't see desktops stagnate due to all the money coming from servers.

Relevant xkcd: https://xkcd.com/619/

By "Free Software movement... relying on corporate money" do you mean the volunteer developers/contributors who have corporate jobs? The FSF is mostly funded by individuals / not corporate money.
I think you're on to something. We might see a further bifurcation of open source and free software.

Open source will mostly be corporate developers developing OSS on the payroll, where the corporations deem that releasing (some, not all!) software as OSS is better for the bottom line.

Individual developers may release stuff as OSS if they think building an OSS portfolio makes them more employable. Otherwise I think we'll see more, say, "source-available free for non-commercial use" style licenses, because people don't want to be schmucks that are taken advantage of.

Free software will be more clearly focused around trying to drive social change, together with traditional political activism approaches. E.g. right to repair legislation, forcing opening of network protocols so users can access services with their own software and devices, anti-DRM work etc. And as you say, this will clearly be focused on individual computation devices, or small scale servers that individuals can and have a reason to run. That some huge corporation runs or doesn't run free software on their server fleet is irrelevant.

My first interaction with the internet was in the mid-to-late 90's, first AOL then IRC (if ZithTar rings a bell, please reach out), and other than a few super-specific niche communities I also feel looking back that it was a cesspool. I was maybe 10-12 years old then but I can't ever remember a time when the internet was objectively pleasant in a broad sense.
>To nitpick: They are not stealing it, they're using it per the license terms. Don't like that? Well, choose a different license.

Agreed, and you're not even nitpicking, this is a significant point that devs need to understand before they choose to go open source.

> The "business-friendly" open source movement co-opted the idealistic free software movement.

Yeah, this. To me, as an admitted Free software person, the Open software movement looks like it was designed to undermine the Free movement. I don't think it actually was deliberately designed that way, just that it looks that way in hindsight.

I also don't really get the point of Open licenses because you could always already just give away your code, so to me it makes it seem like the only folks really benefiting from OSS are the people using the code but not sharing their improvements and the people (often the same people) who want to lock you out of [editing the software in] their products.

> idea of causing social change by coding free software

FWIW, that also seems to me to be a later gloss. If anything, computers and software are new enough that it's not so much a matter of social change as it is of founding new social norms around these (physical/virtual) machines. RMS just wanted to edit the software in his printer. Look at the restrictive B.S. that tractor makers are foisting on farmers to see the relevance. Is the idea of being able to fix your own tractor a "social change"? :)

> To me, as an admitted Free software person, the Open software movement looks like it was designed to undermine the Free movement. I don't think it actually was deliberately designed that way, just that it looks that way in hindsight.

Yes. I think the original idea was just to present the hippy free software idea in a more business-friendly form, and thus cause more FOSS to be written.

> > idea of causing social change by coding free software

> FWIW, that also seems to me to be a later gloss. If anything, computers and software are new enough that it's not so much a matter of social change as it is of founding new social norms around these (physical/virtual) machines.

Fair enough. Though I don't think free software was so much about forging norms per se, more like an adaptation of old ideas like "Liberté, égalité, fraternité" to the digital age. As opposed to just letting the modern day robber barons have it their way, which to an extent is what's happening with open source.

> RMS just wanted to edit the software in his printer.

Sure, but it spiraled away from that pretty fast.

> Look at the restrictive B.S. that tractor makers are foisting on farmers to see the relevance. Is the idea of being able to fix your own tractor a "social change"? :)

No, more like defending "Liberté, égalité, fraternité" rather than letting the robber barons get away with whatever they can. That being said, AFAICS free software has had about zero impact on this topic; the successes in this are seem to be due to grassroots political campaigning (right to repair laws etc.) rather that some argument that software should be free (in the FSF sense).

Yeah, I agree with you.

It's hard to avoid feeling like the free software movement has failed pretty comprehensively at its stated goals.

For me, as a computer nerd, it's always been hard to understand why normal people aren't fascinated by computers like I am, but the plain fact is they're not. Something like two billion people think facebook is the internet, eh? Everyone has a radio-connected supercomputer in their pockets but it's a locked-down mall and video game arcade, and that seems to be all most people want.

I try not to think about it too much. Maybe this is the shape of human destiny? To be cells in some vast AI body?

>left us with streaming and music options worse than cable and personal audio libraries.

The way you word this is like streaming is the only option we have. It's not. Just buy CDs.

I'm curious how you would feel about a scrappy bootstrapped startup building their business around your FOSS and then, sometime much later, becoming a large company whose founders become billionaires. (I have a couple of examples in mind where this has happened.)

> What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

For folks who do not work 100% in OSS, there can be many points:

- The whole Github-as-resume thing makes it important to have public contributions (most people's day job lives in private repos). To some extent, much of the industry needs OSS in lieu of effective employee screening processes.

- It's a convenient way for big companies to exchange IP without formal bilateral agreements. Everyone else just benefits for free.

- Your line of work is X, but you built a crude project for Y. You open source it because you don't actually care about area Y at all but hope your work could be useful for someone else.

- You write something for yourself and publish in the hopes that someone else will help you improve it for free. You're looking for free work and/or critique of your work. You don't actually care if someone else makes a billion dollars on it because you weren't interested in starting a business around it. Plus, you gain reputational points from having built it (consider Linus Torvalds's ability to get work as a programmer as a result of having started Linux, for example).

>> Seriously. What's the point of open source if companies just steal it, build billion dollar industries on top, and then lock everything down?

If this a a concern, then at least use GPLv3 and not BSD or MIT.

> picks mit license

> gets mad when people use the work under his license

oh no!

I am not religious but labourers in the vineyard stuck with me from school:

The workers who were hired about five in the afternoon came and each received a denarius. 10 So when those came who were hired first, they expected to receive more. But each one of them also received a denarius. 11 When they received it, they began to grumble(D) against the landowner. 12 ‘These who were hired last worked only one hour,’ they said, ‘and you have made them equal to us who have borne the burden of the work and the heat(E) of the day.’

13 “But he answered one of them, ‘I am not being unfair to you, friend.(F) Didn’t you agree to work for a denarius? 14 Take your pay and go. I want to give the one who was hired last the same as I gave you. 15 Don’t I have the right to do what I want with my own money? Or are you envious because I am generous?’(G)

Matthew 20:9

(Marek has the right to renegotiate. The fortune 500s had the right to use the work he offered for free, as that was the terms set)

Yes. The problem with licensing your software one way or another is exactly that: you agree on sone terms NOBODY imposed upon you.

Open Source developers need to take burn out into mind before committing themselves to such a labor.

Making an ethical judgment based on religious text is a serious folly.
Yeah but there are some timeless truths in many religious texts. This one seems to be applicable.
You can also mine out some awful stuff by plucking certain passages without the right context, and we have certainly seen hatred and violence justified that way through history.

This story is also missing the larger context that explains what it's really about -- and the answer isn't labor and wages.

As opposed to basing them on...some system you came up with?
Almost as good, one might imagine. No truth written in the Bible gets less true. No lie gets less false. About the only benefit is that you know the Bible as a whole is fairly Lindy and full of powerful and competitive memes.

Which may mean that the text is useful as a means to express your opinions.

Personally I'm an atheist, but I still find this piece of religious text interesting. It tells us that this is as old problem as human civilization is. How do people share the work and the fruits of the labour?
> It tells us that this is as old problem as human civilization is

Only if you presume human civilization started with the bible. Fair bit of civilizing went on before that.

> How do people share the work and the fruits of the labour?

Atheist now, but formerly not. This story isn't about that. See my other comment for the broader context it is contained in.

Dismissing a text, simply because some people consider it holy, seems a worse folly.
What's your preferred alternative for making ethical judgements?
You're painting in broad strokes and getting some flak for it, but there's definitely some truth to this. The context surrounding the story is extremely relevant.

The Workers in the Vineyard is a story being told by Jesus within the larger story of the Gospels. It is a parable. It's not a beast fable with some clearcut moral. The whole story itself is intended as a metaphor for salvation and heaven.

He's not even indirect about it this time, he makes it clear from the beginning:

> For the kingdom of heaven is like a landowner who went out early in the morning to hire workers for his vineyard..."

The workers object because (surprise) this actually is unfair in a landscape of mortal human struggles. It's jarringly so. It defies common sense and notions of fairness. In that confusion, Jesus is trying to make a point about just how incomprehensible the generosity of the godhead is. He's saying it breaks your prior notions and that salvation doesn't map to time and money.

There's literally no other point being made by the parable, and it's a total error to try to divine another message.

It's surprising Jesus din't make the point that being good is its own reward, instead of focusing on the ultimate payoff of heaven.
Flattery gets you far, bribery gets you farther
> that was the terms set

The terms do not include free support.

Basically, Marak is just saying he won't go back to the vineyard to work for free, but he will if he gets paid a fair salary. Else, the landowner will have to search for new workers.

It's a parable wherein the landowner is the Christian god, the work of the vineyard is the work of his will, and the denarius is salvation. It doesn't have anything to do with people getting paid fairly, it has to do with the Christian god's generosity disrupting notions of fairness.
Sorry, but I don't get your point.

I think that, independently of the original meaning of the parable (which is not at all what we are discussing here), it indeed is a nice example of having to accept the terms you negotiated without looking at what terms others get. I used the same example to explain why I think this situation is a bit different. But it is just an analogy, nobody is claiming this is the right interpretation of the biblical text.

the parable serves to introduce the idea of fundamental dignity in contrast to conventional notions of reason and merit. and ought not be taken as youve suggested
People ought and do take whatever they please from the Bible.
> Don’t I have the right to do what I want with my own money?

No. Money is a collective construct and strictly subject to collective norms (e.g., taxes). Paying selected people money for not really working is the cornerstone of corruption.

I just bought a TV from a shop selling the same as in another store, but cheaper. Should I return it and go and pay more? I've paid my taxes, the rest is mine.
Through no fault of your own, powerful and/or discontent people in your country can significantly alter your purchasing power.
One of the fallacies in reasoning is that people tend to judge outcomes solely on the results, not taking into consideration the initial conditions.

When the authors started, did they really know that the library was going to take off and be used by many companies in the world with boat loads of money? Hell no.

Open source licenses by are optimized for high usage and freedom. You also have to consider that because it was so permissive, people at huge tech companies used it for their projects, which led to those engineers telling other engineers about the project and fast tracked to amazing growth there.

Anyways, the authors have the right to renegotiate but I don't think companies have done significant evil.

The way I see it, the landowner is exploiting the workers and not paying them the just price for their labour.
(comment deleted)
This landover should not be surprised if workers start tp show up late as a rule. After all, showing up late means same money for less work.

In modern world, of course business owner can set salaries however, but should accept consequences on turnover and company culture.

Yeah, it's not a very good story. There are a few possible outcomes.

1. All workers start showing up later, thus the employer is motivated incentivize those who show up earlier.

2. Instead of raising wages, the employer limit the number of available position, thus incentivizing workers to show up earlier in order to be paid the denarius whereas those that show up later risked not getting the work and therefor lowered the statistical amount of money they can earn over time.

3. The workers organize together and mutually decide to bargain with the employer as a group for work hours and wages.

4. Scabs decide to work for the employer at an increased rate of 1.5 denarii.

5. Half of the crops rot on the vines, the employer raises the price of the wine to double it's original amount to recoup the losses.

6. The employer spends some additional money on lobbyists to convince Roman governors that their business is too important to fail, and receives a bailout.

7. The original workers and their families starve to death or turn to crime.

8. The bureaucrats and landowners profit and the scabs are forced to take 0.75 denarii as their wages because they have no bargaining power and they fear starvation as their contemporaries were made an example of.

i’m afraid you’ve missed the point of this teaching
I empathize with the sentiment, but if you want to get paid for your open source work, surely it would work better to set up a Patreon and point people to it, rather than write "send me a six figure contract or fork this!" in a GitHub issue.

It's also weird to use a license that explicitly lets Fortune 500 companies use the code for free, and then write that you don't want them to do so in the issue. Just change the license if you don't want to license it freely to big companies!

> Just change the license if you don't want to license it freely to big companies!

Marak doesn't want to prevent big companies from using his (?) code, he's saying that he won't support them for free anymore. Read the Github issue again, carefully.

I find that those companies that add issues and support requests _ought_ to have the decency to also donate to him.

But, I guess, companies don't have any decency to donate unrequested, so maybe he should put up some sort of notice to request payment for any work they request from him. Oh, wait...

There's also probably distance between the arm of the company that donates to open source and the developers who are opening issues when they spot a bug. And that distance probably gets longer for companies with the most money to donate too.
This is not exactly so. Those developers who are opening issues belong to a team, that team has access to a budget. If the company has a lot of money, as you say, they themselves have some say over where this budget gets spent.
And they can use that budget to pay an invoice from an approved vendor. (Beyond something small that can be put on an expense report.)
He's not complaining about use, he's complaining about support.

This is not a licensing issue.

He is frustrated that companies that use his software for their business raise support and feature requests and expect him to work on them for free again and again.

Do they really expect him to work on them?

I'm 100% sure they know that open source doesn't guarantee that and that he's well within his rights to ignore their support requests if he feels like doing something else.

It's not about organizations _demanding_ that you do work for them for free, it's the constant _expectation_ of it. I experience it myself quite often where users of my software ask about timelines for bug fixes or new features, but very rarely offer to chip in and certainly never to sponsor the work.

Of course these organizations have no way to force me to do anything, but it is emotionally draining to constantly have people expect you to.

I would be happy if somebody asked for timelines for feature requests, because it would mean that I have the option to extract money by prioritizing those features. Just make the companies bid against eachother, writing a bidding system (maybe second price auction for a work point where you set the number of work points needed for a feature) is really easy.
I already offer both sponsorship as well as tailored consulting, but I haven't found any success in trying to sell that in response to issues. The moment I mention that I can provide commercial support, they tend to become silent. Maybe it's viable if you have a truly massively successful product like Redis or something, but it hasn't been for me at least.
I'm really sorry about that. Still, probably every successful open source project should offer the commercial support by default, I feel like that's the best way to change the culture.
I wonder where this expectation comes from? Is it because of high quality free as adware/spyware commercial software? Or the way development centered around repository name and we do not use forks?

I treat open source as a gift. It allows modifications, it allows forks, what's wrong with people?

About your first point, I've had people open issues on one of my Github projects, asking for new features. I then politely replied "I currently don't do free support for this project. If you have a budget, then I can make time. Let me know."

For me, this is the best way. It's clear and states that the ball is in their court.

I think this is a great approach
I think a better approach is make some of the corporate users making requests admins on repo and take a break from the project. Companies would rather not maintain a private fork, but there are ways other than saying "pay up" to get them involved.
If you read the thread there is a link to a tweet. He had an apartment fire and lost just about everything. That is one of the things that is motivating this.

It makes complete sense to make a case in a project where there are a lot of requests for work and many companies using it.

I think this is fair for him to do, and well within his rights. He’s clearly frustrated.

I wish there was a better way for open source projects to solicit donations. It’s hard to get your boss to pay for software; it’s extra hard when you get no additional value.

I feel like open source would have more luck if Issues could have attached bounties. I may not think to donate to faker.js, however as someone with access to a company credit card, I’d definitely attach $100-$500 (or more!) to certain Issues. (Tobi from Shopify recently did a $10k bounty to get OBS working with Zoom, and someone claimed it.)

I do wonder why GitHub hasn’t done more here (I know sponsorships exist). It feels like they have the opportunity to build an open source Upwork... an army of people who create software and get paid a living, except in this case they also contribute to good. GitHub already changed how people work, and now they could do it again.

EDIT: after reading his Twitter, it seems something is going on with him. https://twitter.com/marak

Please stop painting open source as a donation-based development model. That's completely distorting what it is about.
Okay? This particular project is soliciting donations:

“Support us with a monthly donation and help us continue our activities.”

I’m not really sure what your point is, because you never actually made one. You just said I was wrong.

One issue is that donations implicitly promote a cost-plus pricing model (I'd like to earn 10k a year doing open source, so that's how many donations I need to fund me working on this).

Whereas something like dual-licensing promotes a value-based pricing model (our fortune 500 doesn't need to pay 5 engineers for a year to build and maintain this distributed system; we would happily pay equivalent of an engineer per year for that.)

Then you're just indirectly donating money, no? What you described is just proxying the donation through an engineer.
What's the problem with a cost-plus pricing model? Having a solid ecosystem of cost-plus priced open source software would already be a great step up from the status quo.
No problem per-se, but to give a simple example:

Suppose a developer, let's call him Salvatore, lives in a modest apartment in, say Italy, and would live very comfortably indeed on three hundred thousand euros a year.

And let's say three cloud providers, call them, Jungle, Blue, and Lots, agree to give Salvatore a hundred thousand a year each to keep developing a, I don't know, a high-performance in-memory database. Lucky Salvatore, plenty of money for doing what he loves anyway.

Let's say that this database is quite good, and Jungle, Blue, and Lots each make a cool hundred million a year in pure profit renting out instances that run Salvatore's code.

So, whilst Salvatore has done perhaps better with the cost-plus model than he was before, he is capturing just 0.1% of the economic surplus that is being generated by his code.

And that is the problem in this scenario: if all elements of the value chain are cost-plus except one, that one element captures all of the surplus even though it may not be deserved.

The problem with this is that Redis isn't used because it is particularly good. It's used because everyone else uses it. And everyone else uses it because it's free.

If you tried to charge for Redis then "everyone else" would stop using it and pretty much all of the value disappears. It becomes a niche product that you shouldn't build on. You're vulnerable to high license fees and experienced developers become harder to find since few get experience with it.

You couldn’t be more out of touch with reality.
Ok, name one building block type piece of software that isn't open source and is a market leader.
I meant you’re wrong about Redis. It was in a unique position for a long time, if you pulled it out there would be nothing to really replace it.

RedisLabs does charge for redis (extensions, and support) and seems to be doing pretty damn well for the matter.

>meant you’re wrong about Redis. It was in a unique position for a long time, if you pulled it out there would be nothing to really replace it.

You haven't really said where I was wrong.

>RedisLabs does charge for redis (extensions, and support) and seems to be doing pretty damn well for the matter.

Charging for extras is not the same thing as charging for the product.

Here:

> The problem with this is that Redis isn't used because it is particularly good. It's used because everyone else uses it.

Ok, and why do you think most people use Redis? Is it (1) they did a careful evaluation of the options and selected Redis because it was best or (2) everyone knows you use Redis if you need an in memory cache?
Wasn’t the case until at least 2016. Memcache was the default.
Congratulations! You have just described capitalism! Have a lolly pop.
There is a difference between one-off bounties and continuous sponsorhips.

- Stable income vs. unplannable amount of bounties

- Bounties generally don't cover general maintenance work for a project (e.g. updating dependencies)

- Bounties (as they are implemented today) generally only pay the contributor, and not the maintainers, which can also have significant cost in reviewing a feature

- Bounties traditionally have been so disproportionally small compared to the work required that they don't come close to provide a reasonable hourly rate for contributors

(I think you'll find enough articles that go into more details on the difference between the two.)

Bounty platforms have been around for ages, and I don't know a single project that is able to finance itself from that. Even for the OBS example you mentioned, it the bounty was a good way to get the ball rolling on a specific issue, but the overall maintenance is still financed by monthly sponsoships.

One-off donations might be a nice supplement, but they don't form a solid foundation.

(comment deleted)
One size does not fit all. It's good that OSS exists, as is the case for public domain work.

But it's only natural that there is only so much goodwill in a person when their work is used by billion dollar companies that enrich a select few and can't even pay their employees fair wages, let alone share their success with those whose work it is built upon.

Care to elaborate on what _you_ believe it's about?
Making the source code available for everybody to see and use for derivative works under certain conditions like retaining authorship notices or keeping the same license (copyleft). There are many varieties of this, some are more permissive than others. But this does not directly imply a certain business model.

Some people do donation-based development. And that's fine. And some people do things entirely for free, that's also fine. (But don't be angry that somebody then takes your code and does what the license you put it under permits them to do, e.g. not pay you.)

And others are corporations that have full-time employees write code and publish it as open source. See all the Red Hat work. Or Intels and others contributions to the Linux kernel.

Open source is more than the lone dev in their basement doing selfless acts and sometimes begging for donations.

"Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith."

https://news.ycombinator.com/newsguidelines.html

(Your comment would be better for conversation if it explained more instead of just denouncing what you think is wrong.)

Establish an industry standard with the programmer union that you will send any project they are using some agreed upon amount based on size per year. Distributed programming, distributed payment. Doesn't have to be a trick to it, just the slightest effort.
BountySource did this. It failed.
That's because their product sucked, they charged excessive fees, and they were actively hostile to their users.
They also got acquired and the acquiring company tried to take the existing bounty money for themselves.
There’s a ton who have tried variations of adding money to open source! None have managed to stick for some reason.
Issuehunt and bountysource already exist.
> I wish there was a better way for open source projects to solicit donations. It’s hard to get your boss to pay for software; it’s extra hard when you get no additional value.

That’s the big issue IMO. It’s easy for one developer to say "if you make money you can pay me a tip". When you have hundreds of dependencies, tracking developers wanting donations is almost a full time job…

If I were npm CEO, I would :

1. Propose the users (the ones using npm install/ci without publishing packages) to create accounts

2. You can put any amount of money on your account ; it will be monthly used to finance the packages you have downloaded that month

3. Developers (the one publishing packages) can flag their packages to be downloadable either publicly, only by registered users or only by paying users

4. Take a small fee

5. Profit

Then do the same with composer, apt, yum, and you have a pretty good coverage of the FLOSS ecosystem and potential monetary contributors just have to monthly fund 4 accounts.

I don’t understand how it hasn’t happened yet.

Besides the fact that this would limit access to those projects for those unable to pay, there are the issues of multiple contributors and transient dependencies.

Say a project is started by one person, made open source, and becomes popular. They start accepting contributions from the public, including substantial features and bug fixes. They later move on and someone else becomes the lead maintainer. Who would receive the money in your scheme? The original author? The current maintainer? Divvied up among anyone who has ever touched the code? If the Digital Ocean tshirt giveaway is anything to go by, popular paid projects would be overwhelmed by "contributors" hoping to snag a slice for changing around a few words. It gets really complicated pretty quickly.

Say a project depends on one or more of these paid projects - does it now require payment of at least as much as the sum of its dependencies, and their dependencies, etc? That could add up quickly unless there's some scaling factor and you hope those projects make it up in volume. Surely there will be typosquatting projects which are (at best) wrappers for real ones and siphon off some of the fees.

And so on. All this is just to say that it's complicated and the details matter.

Let the maintainer monetize release versions. If new releases have major contributions from others, charge for the new release and dole out funds to the contributors.

Certainly some thought needs to be put into how to monetize this, but we haven’t ever even tried. I’d say something like NPM is sort of like how Uber/Lyft built and validated the ride sharing infrastructure - it works, it’s normalized. Now how do you manage the money between the drivers and riders.

It’s not like software devs and companies are broke and are unwilling to pay modest amounts, and we will always support free for non-commercial.

Also, if we extended this idea of paying for all the software people use, the whole thing would fall over very quickly. I don't think most developers here have ever sent Jean-loup Gailly and Mark Adler any money for zlib/gzip? And how many have sent checks to the people who've been contributing to the linux kernel? And gnu file utils and bin utils and compilers? And the openssl project? And OpenBSD for openssh? And any of the other hundreds of bits of code that they rely on on a daily basis to get their work done.

At the end of the day if you want to get paid for your work, don't give it away under a free license. This is the second major story -- that I've seen anyway -- in the last couple of weeks about people wanting to be paid for the software that they freely give away. It reminds me of the time I went to Rome and a man came up to me and slipped a string bracelet around my wrist. When I told him I didn't want it, he said "no, no, it's free. just a friendly gift." and when I said thanks and turned to walk away he got mad that I didn't give him any money. Apparently it's a typical scam. "Give a gift" but then demand a return donation of money.

https://romevacationtips.com/avoid-the-african-bracelet-scam...

> They start accepting contributions from the public, including substantial features and bug fixes.

I spent a considerable amount of weekends helping out with a FS2020 mod. The maintainer now accepts donations and makes a considerable sum. I got none of that. Personally, it left a bad taste in my mouth. I maintain a private fork now, because I don't like the idea of someone profiting off my rare nights and weekend work. It would be one thing if he recognized the work and/or gave back to the contributors in some way, but they don't... so I stopped contributing publically.

> it’s extra hard when you get no additional value.

I believe this, the identification and the articulation of additional value, is the problem with FOSS sustainability, and it's urgent that we resolve that.

I hope I am onto something with the idea of crowdfunding specific commitments, as I have sketched there: https://archives.gentoo.org/gentoo-project/message/3735cd917...

The mental model behind this is quite simple, and I hope that once adopted, it will avoid a lot of unproductive behaviours and expectations on both sides, of the producers and the consumers.

It's strange that there's so little crowdfunding happening to deliver free and open source software. One of the very few prominent examples is https://www.kickstarter.com/projects/andrewgodwin/schema-mig...

Basically I believe in offerings which promise specific qualities (timeliness of responses and bugfixes, roadmap features schedule etc) and cover the costs of development (including market rate salary for the developers according to their skills which they use to develop and manage the project).

I am currently developing this with the aim to roll out my first experimental offerings. I am keen to help others to adopt this approach, so everybody is most welcome to reach out to me with any questions.

> I am keen to help others to adopt this approach, so everybody is most welcome to reach out to me with any questions.

I'll take you up on this.

How far have you gotten? What surprises have you uncovered?

Are you blogging or tweeting the project?

Thanks for your interest. Do you maintain something yourself? Do you have some projects on your mind which could adopt such approach?

I am currently just beginning my research of the current state of things in Linux distributions with regard to the distribution (pun not intended) of bugticket time to resolution. I am doing this to get a fine grasp of actual state, and be able to articulate the additional value of such userbase-funded commitments.

I aspire to tracking my commitments up to full deployment in SDLC terms, but it seems this information is too hard to consistently get with the existing bugticket handling practices of Linux distros, so now I am going to start with measuring how much time it takes to mark the ticket "closed" or "resolved", whatever that means (seems to mean mostly "integration completed" in SDLC terms).

I sketch some of my thoughts here, but the notes are somewhat outdated: https://github.com/userbase-funded/wiki/wiki

I have also contacted the current maintainer of one valuable but neglected project, but got no response so far. That project is vdirsyncer, it has been not actively maintained for a year and a bit until recently, but has many consumers, and I think such projects are a good fit for my idea. https://github.com/pimutils/vdirsyncer/issues/790

There are several projects in the low cost, user maintainable, appropriate technology space that I'm currently estimating the feasibility of starting.

I'm biased towards fascination with processes and markets, however, and value mapping and incentives are more strengths of mine than programming.

From my vantage point, there's a massive shortcoming in the mechanisms by which programmers, user programmers, and users are connecting.

Simply, I know several programmers looking for interesting physical world side projects and several craftspeople looking for automation. There's simply not a clear way to meaningfully connect them.

My ideas revolve around defined test, unit based recognition/compensation.

Person A has a specific use case, proposes it, persons B-G have similar use cases and agree on a test specification and deadline and place deposits. When the deadline is reached, the best performing commit is selected and merged, and the developer receives recognition and compensation.

I ran out of TV to watch months ago and have been working my way down Youtube videos.

Several people I follow have a call in their video to "donate to help protect our independence," and I think maybe we need to call that out more.

If you don't pay for this video, then either there is no video, or advertisers pay, and advertisers want something in return that is probably not in your best interests.

I'm not sure whether the same goad works for open source, but given the boldness of forkers, perhaps it does.

We have new leadership in our engineering organization, I should bring up the idea of having a budget for open source donations that the developers vote/nominate and the company cuts a check based on how many votes each tool gets. Everyone writing a check for $5 is a lot of work on both ends. It's simpler if an org cuts 10 checks for $100-500.

> been working my way down Youtube videos. ... If you don't pay for this video, then either there is no video, or advertisers pay

Youtube Premium which helps pay for videos is right here:

https://www.youtube.com/premium

Looks like they lost all their possessions in an apartment fire: https://twitter.com/marak/status/1320465599319990272
Additionally the FBI were called and Marak was charged with reckless endangerment for the potentially explosive bomb making materials found on the premise, including potassium nitrate, magnesium powder, sulfur powder, copper powder, aluminum powder, hobby fuse and mixing cups, and books about military explosives, booby traps. (https://abc7ny.com/suspicious-package-queens-astoria-fire/64...)

So yeah "seems something is going on with him"

>Next-door neighbor Debbie Riga said the box was suspicious, and so they decided to open it.

>"Obviously the man is sick," Riga said.

I guess that must be sick in the "pyrotechnics are fun" way, not sick in the neighborhood cat lady prying into other's possessions and then running their mouth about it to the news, sort of way.

If someone chooses to endanger their neighbors by bringing dangerous, explosive materials into a densely populated living area that shows a very bad decision making process at minimum, and at worst malicious intent. That's something that others need to know about, in order to protect themselves and their families.

What you are calling "running their mouth" is the community protecting itself from someone who has already considerably disrespected the safety and lives of the community.

I was acquainted with Marak many years ago and he was an awful person then and probably still is. He put out some very well circulated revenge porn of his ex-girlfriend when she broke up with him long before that term was being used. He's a shitty person who seems to still be.
Has there been any coverage on the revenge porn incident? It sounds plausible given the circumstances but it's a pretty heavy claim.
It was a pretty well known incident when it happened. This was back in the Kazaa days (p2p file sharing). He clipped the whole thing together and made it like one of those old mastercard commercials. The file was called "master card revenge." He's in the video himself and it's clear he made it because it was an explicit fuck you to her. He even put her email address and physical college address in it. I'm not sure what came of the incident. This was about 15 years ago.
One issue with "getting paid for open source" is how much marginal value the project is generating. For example, take left-pad. At the time of its infamous removal, it was relied upon by thousands of packages, including Node and Babel.

But does that mean that it was worth millions of dollars? Of course not. Because if it wasn't available, anybody could have replicated it in a few hours of work.

I don't know if that's the case for this project, but just wanted to note that "being used by <multi billion dollar company>" does not necessarily mean that you're providing that much value.

But if I am not providing much value, why am I wasting time on the project?

Like even if I am willing to work for free, I select a project thats more valuable and meaningfull. So if open source is all free, its hard to tell what is meaningfull.

Also maybe fundamentally important packages should be more carefull with their dependencies.

I think people initially work on some of these projects, at least in part, to beef up their CV and make themselves more hirable. Every second tech job advertisement these days brainlessly asks you about your 'open source contributions'.
Yes I've always found this off-putting. People in HR departments are literally earning six figure salaries in return for making job ads advising people to do a bunch of unpaid labor which, by the way, the company benefits from.
How many times in an interview has anyone even showed anything beyond a superficial level of interest in your hobby project? Just mindless box ticking
I've been noticing more push back against the open source bargain lately. Years ago software was fully build on the backs of a multitude of giants within their niche domain.

But for a while now large companies have been adopting a model of taking from open source contributions and raking in billions. The original social bargain of "pay it on" has been broken by the Bezos of the world raking in billions. And yes, as others have pointed out, nobody owes you anything, this has down the line knock on effects of ingraining having to build widgets inhouse for the thousandth time because all the talent went and put it into their day-job instead of the community. Maybe a partial factor because the industry has expanded and matured so much in the past three decades that name recognition is harder to filter out among the noise by merely doing good work.

Whatever the case, developers are starting to believe that voluntary free open source contribution is for smucks. Which will hamper innovation and morph the industry to how, well, every other industry operated before tech came along. Siloed and slow.

you mean the good ole days when Microsoft paid 50k for quickdos before making billions from it?
That's 50k more than most open source projects make, also: No one forced the owners of qdos to give Microsoft that license for 50k. Sellers remorse is a thing, but I'm not sure why we should feel sorry for them.
As a really fun thought experiment, imagine that they took the $50,000 and put it into 30-year US Treasury bonds in 1981 and sold them in 1986 to buy Microsoft at the IPO.

It would be worth about $212 million today. And that ignores dividends.

But MS hired Tim Patterson and gave him equity. How is that not fair?
"I've been noticing more push back against the open source bargain lately."

it's open source vs. free software

open source = free labor for private profits.

I think the term "free software" is a marketing failure because you'd always have to add "as in free speech, not free beer".

In German you can differentiate that, "frei" vs. "gratis".

I'd go as far as saying that the term "free software" is a complete an utter fail. In my mind "free speech" is speech that is entirely unrestricted. Almost all FOSS licenses come with "restrictions", such as you must leave the copyright notice in place, you must add the "PROVIDED AS IS" spiel somewhere the end user can read it, you must release your derivative work's source code under the same license etc., so it is by definition no longer "free".

WTFPL is probably the only real "free" license.

the freedom part is not for the software developer, it is for the end user running the software.
I've obviously missed something here, what are the freedoms the end user is afforded?
0. The freedom to run the program as you wish, for any purpose.

1. The freedom to study how the program works, and change it so it does your computing as you wish. Access to the source code is a precondition for this.

2. The freedom to redistribute copies so you can help others.

3. The freedom to distribute copies of your modified versions to others. By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

It's as if open source was invented to make part of free software more palatable to corporations.
Even in 1998 it didn't take a genius to see what a Faustian bargain that Bruce Perens and Eric Raymond were leading us to sign.

Now we have SaaS, PaaS, and AWS. L-O-L. Bigly L-O-L. MySQL and PHP alone probably contributed to half of Zuckerface and Bezos billions.

Imagine writing an npm package that the FAANGs install as a dependency of their giant website and not being able to pass the leetcode gatecheck to even get a job there. Dystopias aren't much fun when you live in one.

Like which npm package? This would be a great tale to hear :p
It's because we could never get users to care about open-source software. Users continue to lap up closed-source software and that's what leads to billions for these companies.
I already realized that during the first .com wave, it is naive to think otherwise, rainbows and happy songs can only last so long.

It is easy to be idealistic when the source of income is not selling software.

The only reason this ‘bargain’ existed at all in the first place was because of the GPL and other more restrictive licenses which encoded this ‘bargain’ into their verbage.

The current version of the ‘bargain’ - use MIT or BSD and expect more participation as a result - has never been the norm. The norm is corporate programmers taking whatever code they can and using it.

The norm is a cleanroom implementation of open source software written because companies would rather pay for that implementation rather than muck around in open source licensed code (I watched Oracle do this with several MySQL feature/bug fix patches).

And so here we are. Yet Another MIT License Regret.

> But for a while now large companies have been adopting a model of taking from open source contributions and raking in billions.

I've been working at a large corporation for about five years now. I've been on more than a few projects where we wanted to use an open source product/tool to help build an application and it was roundly rejected by the security team. After two back-to-back requests were rejected, we were told corporate policy was 100% against using any open source tools or products in anything we did.

The ironic part is this monolithic, hulking corporation is losing chunks of market to smaller, more nimble companies who can get their product to market in three months. Whereas, it takes us 18 teams and 100 people and two years to get the same product to market. Their solution? Just buy the technology instead. We've had dozens of acquisitions over the past year or so.

Which now creates another new set of problems I'm sure you can already see. . .

> I've been noticing more push back against the open source bargain lately.

Open source is a niche. The vast majority of developers don’t participate in open source. If they do, it’s simple bug fixes that they need for their paid jobs. The number of people creating and releasing significant open source projects is vanishingly small relative to the entire pool of developers.

I think it was a mistake to tell entry-level devs everywhere that open source was some sort of secret cheat code to boost one’s career. On the hiring and recruiting side of things, seeing open source contributions is helpful, but it’s almost never the deciding factor in hiring someone. Meanwhile, Internet forums for juniors are full of anxiety about creating side projects and GitHub profiles because young developers think it will get them to the head of the hiring line. It’s a recipe for a lot of disappointment in open source.

Out of the hundred or so resumes I have worked with at this point the handful that have had their github up that I had time to look at were net-zero or net-negative as an addendum of their resume. There's a difference between an engineer with a history of open source and one that 'did something and pushed to github', and most entry-level engineers haven't had such a strong history of open source that what you see of them would be meaningful anyway. I do try to preach this to what developers I come across but there's only so much that can be done.
Significant part of open source development is paid for by companies. I don't know why the myth of its being done mostly for free persists, but maybe we should stop pretending it.
Depends on how you define "part". Maybe the visible part like MySQL or the Linux kernel or Android. But I'd say open source has a long tail mostly unpaid. From where I'm staying there is also a myth that companies pay for all the open source I use.
I don't know what open source you use. But yes, the big ones are mostly done by people who are paid for it. They are not after work occasional effort.

The smaller ones are also often done a part of university research or on clock. Not necessary because companies are altruistic, but because they need something and because open source developers need to eat.

A big part of Apache projects are not done by paid employees. Which is why you see the main developer for Maven push his Patreon for donations.
> The vast majority of developers don’t participate in open source.

On the producing side, you mean.

I'd argue that including a package in your code is not participating. It's consuming, but not participating.

Football players participate in a football game. Fans consume that game.

I have seen hiring manager on this site say they wouldn't hire anyone without opensource experience. Sometimes they say something wishy-washy about how contributing to open source is such a specialized skill that they don't have the bandwidth to train someone new. At other times they are more willing to blatantly admit that they just want someone who's capable of spending all their free time writing code.

I tend to wonder about the legality of it all. Since when did judging candidates on what they do off-the-clock become acceptable? To make it easier, if I don't have time to do open source because I am heavily involved in my religion, does that start to toe the line of acceptable work qualifications.

If you work with web standard technologies your code is probably inherently open. Even still most developers in that space cannot write any original code to save their lives. They are utterly reliant on mountains of shit that does everything and they string a few build tasks together. As an experiment take NPM, Angular, React, or SpringMVC away and observe the forth coming violence like a zombie apocalypse in a third world nation. The entitlement runs deep.
Take away browser plus html? Sure. Take away React? People would get along just fine imo
I have hired a guy that was applying for his first job at the highest salary we could afford because of his phenomenal open-source contributions. We knew right away that it was a particularly strong candidate. We were right.

Most Github repositories I've seen since then are net negative and it would be better if they hadn't been included at all.

>Whatever the case, developers are starting to believe that voluntary free open source contribution is for smucks.

In today's environment, it kind of is for shmucks. How many times have I seen the same tired FreeBSD copypasta about how FreeBSD powers netflix and playstation, and won't I please donate because netflix and sony are parasites who won't pony up the dough to keep FreeBSD solvent.

Why on earth would anyone directly subsidize these CEOs when they could get paid to do it instead?

[this comment was deleted as HN doesn't pay me to contribute to the discussion]
What is exploitative about the model? You explicitly license your code in a way that's free to use for anyone, with the intent of giving back to the community.

The author of jQuery did fine as a book author. WordPress gave birth to a massive profitable company. PHP is alive and kicking with the backing of Zend. These are all perfectly fine ways to make a living out of OSS work.

Eh, I don't really buy that these contributions are so huge. What is the replacement cost of tools like this? It's not that high. It actually seems like this kind of software negligibly impacts large businesses, but small businesses and individuals are the ones who really benefit, because even a small replacement cost is significant for them.
(comment deleted)
Yes, a company will pay you to work on open source projects that are considered valuable for that company.

I am surprised that Marak hasn't been offered a satisfactory job that pays six figures already. Perhaps he makes some mistakes while applying, or luck hasn't been on his side.

You’d pay someone $100k a year to write a little JavaScript that generates a few random words? You wouldn’t be in business long.
Or perhaps he hasn't applied?
Is this about not wanting to support bug and feature requests from big companies for free or does the developer can't find a day job? Surely someone who created some popular open source software wouldn't have a problem landing a high paying job?
Marak sponsors me on Github. When I was thanking him I also asked, what’s your name? His reply: “I am marak.” Not a word more.

Marak is a giver.

Used the open source licence to get popular and now you're butt hurt? You would have zero users if your project was closed source.
And zero of the extra stress associated with maintaining a large project for free on your spare time.
On Twitter, he claims that he was recently made homeless due to an apartment fire, and asks the community to send funds to help him avoid homelessness, which seems reasonable enough. He later goes on to describe "fake news written by the NY Post." I searched for this, and found an article that might be the article he describes (timing fits) [0]

Pretty crazy story, all in all!

He seems to be in some pretty dire straits, and is reacting to the perceived grievance of others profiting off of his work. All in all, I don't think this is the best way to handle the situation, although building some kind of SaaS API is probably not really possible for something that can be trivially implemented and operated locally. However, many other SaaS APIs have seemed equally trivial in the past and have been extremely successful, so it still might be a useful avenue to explore if he can sort out his legal troubles...

[0] https://nypost.com/2020/09/16/resident-of-nyc-home-with-susp...

This looks like a pretty popular project, so I assume he's decently talented. How does he not have a day job? Passion projects are great and all, but they're not known for paying the bills. Especially for solo maintainers, it's almost like playing a gig at a coffee shop for tips. Want to make a career out of it? You need talent, marketability, and be ready to compromise on your vision.
Playing a gig at a coffee shop for tips and not compromising on your vision seems like a solid choice to me.
Until your house burns down.
> Making the world a better place by allowing big corporations to generate solid fake test data for their QA flows.

--- Random Guy in a random Silicon Valley episode

Not compromising your vision? Not to belittle Marak's work here, it's certainly valuable, but it doesn't sound like something that one does to make the world better, but like something that is useful (nearly) only in a corporate context and should be done for a decent salary.

But you know, that's just like, my opinion...

I think regardless of the repository, participation in the FOSS ecosystem strengthens it and encourages more people to join. The very act of doing so makes the world a better place, indirectly.

It's not the same as boots-on-ground charity work, no. But it's something.

Yes, I don't want to say I disagree with their work, not at all!

And while I thought this is classic corporate-centric coding, some people [1] seem to have a strong relationship with this:

> Faker is love. Faker is life. I applaud this move. Someone sponsor this man!

I can't edit the GP anymore, but it really seems to be a beloved tool. I guess we love the tools we use, even if they ultimately benefit someone else. :)

[1]: https://github.com/Marak/faker.js/issues/1046#issuecomment-7...

Definitely, it would be nice. A key to this approach is being able to survive based on tips alone.

It will make me really frustrated if I play for tips and then yell about how listeners should pay be $100k.

The difference here is that you have thousands of listeners, and some of them are recording your music to sample in their #1 album.
Then it’s pretty easy to stop playing for tips or perhaps stop hanging out a sign that says “feel free to sample without paying me or even referencing me.”

If I’m playing for tips, have thousands of listeners, and making an amount of money that doesn’t make me happy then that’s a good sign to stop doing that because people don’t value my music as much as I do.

It’s really hard to understand what makes an album #1 as there’s so many factors. I think that’s why it’s so important to set up licenses beforehand. I don’t think it’s reasonable that I’m entitled to any percentage of a #1 album just because they sampled my CC-commercial licensed music.

This is wrong. If someone works a day job, they won't have time to work on their OS projects. Corporation should pay contribution to the OS projects they use to make billions/year. We should have license that requires only high income companies to pay for usage.
> This is wrong. If someone works a day job, they won't have time to work on their OS projects.

As everybody knows, every OSS maintainer doesn't have a day job.

> Corporation should pay contribution to the OS projects they use to make billions/year.

Impossible to accomplish, because "OS project" is not a legal entity to whom one could pay.

> We should have license that requires only high income companies to pay for usage.

We have such licenses, but they don't have anything to do with Free Software or Open Source Software. Such licenses are called "commerical licenses".

> As everybody knows, every OSS maintainer doesn't have a day job.

We could still have many more if it was viable to do it without being forced to have a day job. Especially when your software is used by many succesfull companies.

> "OS project"

It stands for open source project. I don't get your quotes here.

> Impossible to accomplish, because "OS project" is not a legal entity to whom one could pay.

You talk about law, I talk about ethics.

> We have such licenses, but they don't have anything to do with Free Software or Open Source Software. Such licenses are called "commerical licenses".

Using "commerical licenses" hurts every use cases that is not profit based. Having mixed licenses adds a lot of complication for the mantainers on top of the already difficult volontary development.

I suggest you do some research. It is perfectly fine to have “mixed” licenses. Redis operates like this and has no problem making money, as do many others.

“adds a lot of difficulty” is a terribly weak argument - you want to make it your job and get paid for it, of course it will take some effort. Nobody owes you anything.

As a developer, I want my job to be about producing software. Handling the nitty gritty of commercial licensing is something I will happily leave to people who studied to do it.

I also reject the notion that everything should be commercialized, OSS is the antithesis of it.

I agree wholeheartedly with that.

I thought you were proposing a form of hybrid paid-OSS as many seem to want now. If you want to make a living, make it a business (yes, someone will have to deal with the business stuff).

And that's true, but then we circle back to the OP (original problem), if you can't make a living out of OSS you're generally very limited in how much you can achieve, which then stiffles innovation in all other sectors that depend on OSS.

So the question stands, how do we allow OSS maintainers to contribute without forcing them to find ways to monetize their project, which would be against the very nature of OSS?

And I'm loving this discussion, because then why can't you apply it to other fields, like arts? In fact similar discussions are already happening in most creative fields. I know where this is going, and it's great.

>how do we allow OSS maintainers to contribute without forcing them to find ways to monetize their project

The most common way--which is pretty widespread--is to work for a company that is monetizing the project or otherwise depends on it as they're often interested in hiring someone with particular familiarity with the code base.

>which would be against the very nature of OSS

The very nature of OSS is not against monetizing.

> Using "commerical licenses" hurts every use cases that is not profit based.

At the end of the day, people still have to eat.

The direct consequence of releasing you work under a copyleft license is that you have to figure out an alternate source of income in order to sustain yourself.

You could do that by providing paid consultancy, or by selling a product. It's perfectly valid to have a full time day job as an employee to sustain yourself, and do related or totally unrelated open source on the side. It's valid to start your own business providing consultancy based on your own open source project. Or maybe own a business on something entirely unrelated. To put it even to the extreme: you could be homesteading in the outback, living on cans of beans and rice while writing open source code on a dingy laptop powered by a generator and a satellite uplink each night.

My point is that covering your primary needs by making an income should come before any considerations to provide free labour.

In fact, this principle extends beyond open source code and to any creative endeavour. For instance, many famous writers didn't write full time. Kurt Vonnegut managed a Saab car dealership and J.D. Salinger was an entertainment director aboard a cruise ship at one point.

Copyleft isn't a business model. And one should interpret "business model" in the broadest sense of the word here: figuring out your personal finances and how you make an income is privy to the notion.

Copyleft protects the creator exactly because it isn't a business model in itself. Copyleft doesn't guarantee any support or continued maintainership towards users. It is not an SLA. There's zero obligation on your part, as a creator, to maintain anything you release on account of what users might want. You're entirely free to walk away.

As far as users are concerned, if they decide to rely on open source, they also accept the risks that comes with using third party code which doesn't get maintained or even gets abandoned. That's not a problem of the creator, that's entirely the problem of those who rely on open source code. Copyleft protects users to the extent that they are entirely free to fork your code and do whatever they want with it as long as they use the same copyleft terms if they decide to publish their modifications.

The perceived robustness of Linux by users actually translates into a due sense of trust in an emerging collective behaviour: that there will always be a wide community of maintainers working on the codebase either being paid or voluntary. But that trust isn't a formal, legal SLA at any given point.

Those are the consequences that come with deciding to maintain or use open source software.

Yes, it's true that there are several companies who have leveraged open source to unrivalled financial and business success. And it's also true that there are plenty of maintainers who barely see a tuppence for their long hours at night herding issue queues and reviewing pull requests.

Pitting them against each other isn't the way forward. If Amazon or Facebook are using open source software in order to sell their services to the tune of billions of dollars, then that's not solely because of Torvalds' decision to put Linux out there under the GPL license. It's equally because they understood and managed other aspects such as legal compliance, financial / asset management, human resources management, sales, marketing, acquiring and mergers,...

The problem there isn't the apparent 'abuse' of copyleft tools in it's own right. It's a far more complex set of economic, political, financial, cultural, ideological,... variables that created a unique context that allowed those companies to emerge.

The biggest fallacy open source maintainers face is that they are somehow obliged to boundlessly cater to the wishes, desires and needs of communities that emerge around their projects for next to nothing...

He was one of the founders of Nodejitsu, acquired by godaddy in 2015. I wonder if he ended up not seeing any of that acquisition money?
To be honest, any small 3-person company "acquired" and then promptly shut down, probably was just a fancy way to close the business.

Each person got a job with a signing bonus. And the investors may have gotten their money back.

Be interested to know which part of it is fake news eh.

The culmination of the recent tweets and actions presents this as having more of a personal tone than a grand indictment of big companies relationship with open source.

I dunno, there's websites like placeholder kittens and the like which are "mock data as a service"; faker.js could be offered as a service as well in that regard. I can't see much opportunities for making money, but it's something at least.
If the police would ransack my family home after a fire you could probably write the same article. Charred RPi's and lots of computer parts, enough wiring for a new house, lots of chemicals (cleaners, fertilizers, other chemical agents with regular gardening use cases), ultimate survival guide and related parts ("This guy was prepping for something!"). The naming of suspects is just adding insult to injury. If he's in good faith... Anyone could lose it after a house fire plus being named a 'unabomber' by your neighbours.
Ah well, just saw the house fire tweet and sent him a few bucks. Guess I'm on one more list now.

There seem to be a few articles that are at least not half filled with the ramblings of an elderly neighbour:

https://www.qgazette.com/articles/more-charges-possible-for-...

https://www.dailymail.co.uk/news/article-8737513/NYPD-discov...

https://abc7ny.com/suspicious-package-queens-astoria-fire/64...

Emotional distress seems pretty normal after your house burns down and there's plenty of people in our community with hobbies that would be considered odd. Naming suspects in these cases seems so weird from a non-US perspective, there's not even been a court case.

This is terrible. All the news are based on speculation, but they plastered his very-Googlable-name everywhere, only making it harder for him to get a job now.

I honestly can't see anything positive about those articles existing before there's a proper court case.

I never understood the need to name suspects - address and all - in this country.

In my home country suspects that are (or are about to be) charged and convicted with a crime have their last name abbreviated (e.g. Paul S.), which seems completely reasonable to me. You're innocent until proven guilty, for one. But even if you're guilty and convicted, your punishment should be limited to whatever the judge rules it should be.

I don't see the need for public shaming beyond whatever punishment they get in court should they be convicted. When someone is released after a prison sentence they have a right to resume their life. They did their time, after all.

Sorry if I sound like I'm rambling a bit, English is not my native language.

It's about retribution and the idea that lawyers can influence the justice system and let "bad guys" go free. A lot of the states with lax laws around naming people accused of crimes are the same ones still dishing out the death penalty.
>Naming suspects in these cases seems so weird from a non-US perspective, there's not even been a court case.

As I understand it, the original reason for this is to prevent the police from simply making people disappear. It's a public check on what the police and government do to people.

Even in that case is the WRONG solution to a problem.
Then what is the better solution? Saying it's wrong without giving alternatives isn't a very useful comment imho.

edit: And the solution needs to apply to the US, with all it's brokenness, not some other country with different social structures.

The media doesn’t do this is the U.K. or Australia. We have much stronger libel laws.

Nobody has been “disappeared” by the police, either.

serious question: how would you know?
> Nobody has been “disappeared” by the police, either.

Your faith in the British police would be charming if it wasn't the thing that lead to things like the Guildford 4.

> Then what is the better solution?

That police should not make people disappear from their families without proper noticing, it would be a starter. I'm not from the USA but I think I can already guess who usually suddenly go missing because the police got them.

I agree it's terrible that the papers named him so early, and I do think we should give him the benefit of the doubt, but given the information out there right now, there is a reasonable chance he actually was making a bomb. It seems to me like people are willing to jump to the opposite conclusion simply because he's "one of us". Let the investigation play its course.
... what?

You realize the concept of innocent until proven guilty is not a unique concept to HN readers right?

That presumption of innocence is not "act like maybe he was making bombs until proven guilty"?

It sounds like you've let the media erode your understanding of a very basic human right, but do not try and cast it on others as some sort of tribalism.

He is innocent until proven guilty.

Not "reasonable chance" according to your random opinion, but a judge and jury and various council go through a legal case and legally find him guilty.

Obligatory Reddit-type response: "Sir, this is a Wendy's drive-thru. Not a court of law."

HN response: Of course, everyone is free to say what they wish. First amendment. Freedom of speech. Freedom of thought. Freedom is the basic human right.

Wikipedia says, The Universal Declaration of Human Rights, article 11, states: "Everyone charged with a penal offence has the right to be presumed innocent until proved guilty according to law in a public trial at which he has had all the guarantees necessary for his defense."

Notice that this covers the rights of someone "who has been charged with an offence" in "a public trial".

There's not actually a "human right" preventing people from having or expressing opinions.

Does that make sense?

Precious little about your comment makes sense from that first sentence to the rest of it.

> Of course, everyone is free to say what they wish. First amendment. Freedom of speech. Freedom of thought. Freedom is the basic human right.

I'm not even going to bother falling into the tangential tarpit of acting like someone is a bomb maker without them having gone to trial is a "1st amendment right". After all, if your best defense of a statement is "I'm legally allowed to say it", it's probably not worth much consideration.

> Notice that this covers the rights of someone "who has been charged with an offence" in "a public trial".

No it doesn't. It covers the rights of a person. Period. That's literally the point of a universal declaration of human rights

You're trying to play word sashimi to make a point that isn't made. The definition of guilt is specific to a public trial exactly because a "trial" of public opinions is so easy to manipulate.

Sure it can't force the general public to be decent people and understand that people should be presumed innocent until proven guilty... but it's also not endorsing the public not do so. It's not limiting presumption of innocence to trials.

> He is innocent until proven guilty ... Not "reasonable chance" according to your random opinion, but a judge and jury and various council go through a legal case and legally find him guilty.

If someone is running towards you with a knife shouting religious scripture, are you going to stand still and think to yourself "I'm going to assume this person is innocent until they are convicted of my murder in a court of law"? No, you're going to consider the possibility that they actually might intend to murder you, and you'll take appropriate precautions.

Innocent until proven guilty is a concept for the court of law, not for the court of public opinion. People are allowed to hold opinions and thoughts regarding how dangerous other people are.

Is the court of public opinion what makes you run away from someone coming at you with a knife?! Is a compelling article using stinging quotes what makes you think a knife coming at you is going to be a bad thing?

They're completely non-comparable concepts. It's such an embarrassingly lazy strawman I can't believe you bothered to waste words on it, and it's silly I should have to respond to it.

Innocent until proven guilty is not a concept born for the sake of legal rigor... it's born of the fact that "court of public opinion" is easily swayed by nonsense. It's largely seen as detracting from the proper functioning of an actual impartial justice system which is why we go to such great lengths to isolate jurors in major cases and why some countries don't even publish people's information this easily.

-

So many comments are replying trying to say "there's nothing that legally requires me to assume people are innocent!!!"

That's not a clever argument, there's no legal requirement to be a free-thinking person.

But as I pointed out before, the same way a literal alarm clock splayed out in a box became a national scandal, the burden of proof for the media to sensationalize anything is embarrassing low.

Someone could have a picture taken of a simple hobbyist electronics bench and most people would see it as some sort of mad scientist's electronics lab.

Use your brain cells of a second and think of the context. Someone running at you with a knife? Where the hell does public opinion come into it?

Someone asking for money for thousands of hours of free work that they've done after their apartment burns down and they're left homeless?

And you want to protest that because the Deputy Commissioner of Intelligence and Counterterrorism of the entire NYPD found some unmixed materials and some reading materials and felt:

> the totality of the circumstances that raised our concern to a level where we're going to need more investigation

Really?

If a deputy commissioner of counterterrorism is saying "we're just worried enough to look into it" almost 2 months ago and the guy is still out here on the street, you really think you have a leg to stand on protesting the guy getting some money to not be homeless?

This honestly feels like inverse-concern baiting. The man is asking for money and about to go homeless after spending a good chunk of his life doing free work used by multi billion dollar corporations.

Trying to go "oooOOooOo he might be a terrorist!!!" over this weak of an indictment is the height of something so insulting, the words to describe it escape me.

> Someone running at you with a knife? Where the hell does public opinion come into it?

Look, you decided to build your entire argument on this extreme form of innocent-until-proven-guilty-nonsense. So I took an extreme example to demonstrate to you that your position was too strong. Let me try to explain in more detail: if you must assume that "everyone is innocent" until they are proven guilty in a court of law, then clearly you would assume that the man charging at you with a knife has no intention of committing a crime, right? Since you assume that they are entirely innocent, then there is no risk of being murdered, so you would not try to run away, right? Can you see how that doesn't make sense? Clearly you would try to run away from someone running at you with a knife, and that's because you have no obligation (legal or otherwise) to assume that everyone is innocent. It's okay to assign probabilities to different events, including crimes that people may or may not commit.

If you didn't take the extreme position to begin with, we wouldn't have to go over extreme examples to demonstrate why your extreme position was wrong. Anyway, I'm going to assume that we both now agree that there is no obligation to assume people are innocent until proven guilty. If you still disagree, please explain how this obligation should work out in the context of the knifeman attack.

> ...the same way a literal alarm clock splayed out in a box became a national scandal...

...but this was not an alarm clock. This was ammonium nitrate (among other stuff). Ammonium nitrate is used for fertilizer and explosives. Was he a farmer? No. So either he was intending to use it for explosives, or he was running some chemistry experiments or something. Can you see how this is different from the possession of an alarm clock?

For what it's worth, I think the most likely explanation for the stuff found is that he was geeking out some harmless experiments. I think the second most likely explanation is that he was going to build bombs and blow stuff up in the forest for fun. I don't think it's likely that he intended to hurt people in bombs, because it's extremely rare for people outside warzones to hurt other people with bombs. But it's definitely within the realm of possibility, and it shouldn't be dismissed out of hand.

> Someone asking for money for thousands of hours of free work that they've done after their apartment burns down and they're left homeless?

I'm not calling for any fundraisers to be shut down, and I'm not admonishing people for donating money. Even if he intended to hurt people with bombs (which he probably didn't), I think the world is going to be a better place if people donate money and help him get on his feet. Let's hope that the investigation can clear him innocent of any suspicions, and that this doesn't loom over his job search in the future.

> Look, you decided to build your entire argument on this extreme form of innocent-until-proven-guilty-nonsense.

This is complete and utter nonsense. In your own damn comment you're saying:

"For what it's worth, I think the most likely explanation for the stuff found is that he was geeking out some harmless experiments."

In your own goddamn comment you're saying your primary thought is this was innocent experimentation.

When someone is running at you with a knife is the thought "this person is going to harm me" a tertiary thought?

You realize it's not illegal to own any of the materials he had or to experiment with them? The reckless endangerment charge is not just for having them but for having a box catch fire after storing it near a stove?

Your entire comment is essentially "I have no objection to anything you actually said I said but I still want to build a strawman to tear down"

I mean

> This was ammonium nitrate (among other stuff). Ammonium nitrate is used for fertilizer and explosives.

Where the HELL did you see him have Ammonium Nitrate? Don't tell me you read POTASSIUM Nitrate... literally saltpeter you can order of Amazon right now with next day shipping... and thought it was AN. It'd just drive home how precious little you know of the topic and hand and how your serious of comments literally is just concern-baiting that we're jumping way too quickly to treat an innocent person as innocent...

> Your entire comment is essentially "I have no objection to anything you actually said I said but I still want to build a strawman to tear down"

I laid out very specific objections to very specific claims made by you. In particular, I used the knife attack example to demonstrate that - contrary to what you claimed - "innocent until proven guilty" is not an obligation that people must apply to their thoughts and opinions. And I very specifically asked "If you still disagree, please explain how this obligation should work out in the context of the knifeman attack." Based on your tone I get the impression you're still holding on to your extreme belief about "innocent until proven guilty", but you're not willing to reconcile it with this example. Instead, you're trying to weasel out with vague claims about strawmanning. You know, if someone actually was strawmanning, you would be able to point out how the strawman is different from the actual argument presented. In this case you don't even attempt to do that, because there is no strawman, you were very clear that people have an obligation to assume everyone is innocent until proven guilty (in their thoughts and opinions, at all times).

Since you're not willing to address the claim you made in the context of my example which clearly demonstrates that your claim was nonsensical, there's no point in continuing this conversation beyond this.

> It seems to me like people are willing to jump to the opposite conclusion simply because he's "one of us".

Because many of us have our own collection of weird oddities. I literally have cannon fuse sitting on the shelf behind me, that I got to make my own smoke bombs/devices (just sugar and potassium nitrate, nothing insane or dangerous). I would take a hard look at the worst thing someone could accuse you of building using the materials you have in your house. If you have any metal piping sitting around, and a nail or screw, that could be turned into a primitive gun. If you have metal piping and anything that burns very quickly like gunpowder, that's a pipe bomb (or pressure cooker). If you have a propane grill and a gun (or anything that could be used as a detonator), that propane tank could cause some serious damage.

I'll grant you, ammonium nitrate isn't a terribly common substance to have around an apartment. I still don't think it's very compelling evidence that he was building a bomb, and weaker evidence that if he was building a bomb, it was to hurt people. Maybe he was just trying to make his own fireworks. He shouldn't be doing that in an apartment, cuz risk of accidental explosions, but it seems hasty to start painting him as a domestic terrorist.

The reason why presumption of innocence is so important is, you don't need a smoke bomb making materials to get the public to think someone is a bomb maker.

Are we forgetting the time a splayed out alarm clock became a national scandal?

You could go into someone's home, pull out a Raspberry PI and some loose jumpers and hold up something that the average citizen thinks of as proof this person is some sort of mainframe hacking nutjob anarchist.

(And more importantly, there are police out there right now who would jump to the same conclusions. See a simple hobbyist electronics bench and take it as something nefarious.)

That's why you don't go around presuming people are guilty of things.

You've made the point about the clock several times, but it's kind of dishonest. Anyone who actually takes a look at the photos of what the "clock" looks like will immediately think it looks like a bomb. Now imagine ANYone, literally anyone, doesn't matter what race or what skin color, taking that around school and showing it off to teachers or other random people who won't know any better when they see it and get spooked, and for good reason. It could've been the last thing they ever see. They are lucky it was just some kid's joke clock this time.
You're clearly missing the point, if you've read so many of my comments then you've seen my point about the raspberry pi...

The point is laypeople don't know what bombs or basic electronics look like. And why should they when there are pictures of TV shows using CPU coolers to represent bombs and computer power supplies to represent hard drives?

> Anyone who actually takes a look at the photos of what the "clock" looks like will immediately think it looks like a bomb

Kind of makes my point. You realize the thing was in a pencil box, not some full size briefcase? The most common image used:

https://media.shellypalmer.com/wp-content/images/2015/09/ahm...

doesn't actually convey the actual scale of it, the thing was barely larger than the original alarm and maybe an inch thick.

If you found this in a train unattended it'd be one thing, but the student says it's an alarm clock, anyone with a modicum of electronics knowledge would immediately look at it and say "yes that's an alarm clock". Which is exactly what both teachers did.

No one ever thought it was an actual bomb, the confusion was the intent behind it since Texas has a law about hoax bombs that treats them seriously based on intent not just appearance.

-

And more generally I bring it up because it should show, laypeople are easy to convince of guilt if your standards are literally adding "allegedly" to every claim.

People in general are vastly overestimate their own reliability and underestimate their suggestibility. It takes a few weasel words to fool people into creating alternate realities so far and away from reality they almost seem absurd compared to the truth, yet they're absolutely convicted about them.

See, here's the thing. If I make comments implicitly about going to shoot up the neighborhood school, even though I didn't do it yet, do you presume me innocent and leave me alone? No, it's going to be investigated and I'll likely get a nice greeting from some men in black soon after.

This wasn't some genius, novel clock that kid invented. He put the internals of a clock into a very specific kind of pencil case to bring around school to show people until it was confiscated by a teacher due to the very fact that it looked like a bomb. So don't tell me that no one thought it was an actual bomb. That doesn't matter. It's not the best example for what you want to say about presumption of innocence - which I agree with you on by the way.

> If I make comments implicitly about going to shoot up the neighborhood school, even though I didn't do it yet, do you presume me innocent and leave me alone?

If you don't make those comments to me, and a news story is making the call that your comments were about shooting up a school, I'll presume you're innocent.

That's literally what this is about. You're not an investigator, you're not sitting on the case files for every story you see. No one is expecting you to have the same standards as a court for what guilty is, but you should still internalize some concept of innocent until proven guilty

Because the news can, and will, and does paint people as criminals when they did nothing wrong. Now a days literally all it takes is saying "so and so person was arrested for allegedly committing so and so crime".

That's it.

People don't need any more proof than that, and the fact that this entire conversation is happening when the investigation into the materials was almost 2 months ago by an NYPD Counterterrorism unit and the FBI, yet this guy is still walking around is pretty damn strong evidence that nothing more came of it, should be proof.

Tour standard of guilty should be much more than a simple news story.

A news story mentioning saltpeter and prepper books is nothing. The kind of people who experiment with saltpeter are exactly the kinds of people to read those books out of interest, not some sort of malicious plan to commit crimes.

-

Also this is an aside but...

> So don't tell me that no one thought it was an actual bomb. That doesn't matter.

That's literally the crux of the matter. That's literally all that matters. That no one thought it was an actual bomb, and he didn't act like it was an actual bomb.

If both teachers immediately realized it wasn't a bomb, how are you claiming it looked like a bomb?

It didn't look like a bomb. It looked like an electronic thing splayed out, they asked what it was, he said alarm clock.

The second teacher knew it didn't look like a bomb, what happened is they presumed that he was trying to make it appear like a bomb. No one thought it was a bomb because it didn't look like one.

I'm not claiming anything.

https://en.wikipedia.org/wiki/Ahmed_Mohamed_clock_incident

>His English teacher thought the device resembled a bomb, confiscated it, and reported him to the school's principal. The local police were called, and they questioned him for an hour and a half.

I misremembered the case and forgot it was the police who realized it wasn't a bomb but were trying to prove intent by interrogating him due to Texas's hoax bomb laws...

but exactly like I said above that's an aside, and the entire story just shows how little people understand of the appearance of these things if anything.

If all it takes to convince laypeople to call police on a child is a splayed out alarm clock, how many electronics hobbyists have more than enough contraptions for someone to go on record as saying "I saw a bunch of really suspicious stuff on his desk" after a fire?

I agree, it's pretty bad. But I don't think it's on the laypeople. The English teacher did the right thing. Could they live with themself knowing they could've stopped a real bombing that killed people? The problem isn't that people will call the police based on some suspicions they have in order to protect others in their community or cooperating with law enforcement and telling them what they know and have observed. What else to do?
If the teacher thought it was a real bomb do you think they would have waited until after class and walked it down to the principal's office? The school would have been evacuated before the police got to interrogating him.

The teachers said it looked like a bomb, but even they did not think it was a bomb, again the trouble came down to the hoax law, not someone thinking he had an actual bomb

> I'll grant you, ammonium nitrate isn't a terribly common substance to have around an apartment. I still don't think it's very compelling evidence that he was building a bomb, and weaker evidence that if he was building a bomb, it was to hurt people. Maybe he was just trying to make his own fireworks. He shouldn't be doing that in an apartment, cuz risk of accidental explosions, but it seems hasty to start painting him as a domestic terrorist.

For what it's worth, I fully agree with this. All I'm saying is, we shouldn't outright dismiss the possibility that he was building a bomb, simply because he's an open source developer.

I am deeply involved in the same open source communities he’s in and got a bunch of texts when he was arrested because none of us were surprised
Yikes, what you describe could easily be a decent portion of HN people’s homes. Don’t forget the anti-social, unpopular with the neighbors bit either. And of course the NYPost appears to thrive on drumming up scandal.
I second that. The ammount of microcontrollers, arduino/RPI boards, gsm modules, 400 Mhz radio transcievers and such would most likely "make me available" for "interviews".

Just a few years back when moved to a diff city for the job we had a visit to check if "we're ok" because our electricity bill was way above the average for the area. The silver lining: My wife was ok with me upgrading everything in the rack with new, low(er) power equipment.

Also, never forget how these intitial police investigations are wrong all the time. How do they know this is potassium nitrate? Was it labeled? Does it look like it? Smell like it? Taste like it?
Do you have any ammonium nitrate though? I mean, chances are he was just some pyro and not actually interested in bombing/killing people. But it's dumb to do that in a flat.
> But it's dumb to do that in a flat.

One of the other articles refers to some sort of fireproof container outside of the house.

>Cops said FDNY fire marshals are combing through Squire’s charred, first-floor apartment to determine the cause of the blaze, an FDNY spokesperson said.

The fact that his apartment is 'charred' suggests he was doing stuff in it.

Could be he took the materials with him as he was trying to escape out the back window, or that's just where he was storing them so they wouldn't be found if a search was conducted.

I think it's useful that this was reported on, because it could make people more wary of shelling out money to a guy who was recklessly endangering others even if there were no nefarious motives.

> The fact that his apartment is 'charred' suggests he was doing stuff in it.

Or, it suggests that there was a fire, which is not really up for debate.

> Could be he took the materials with him as he was trying to escape out the back window

You are making up a hypothesis to make someone sound guilty with no evidence.

> I think it's useful that this was reported on, because it could make people more wary of shelling out money to a guy who was recklessly endangering others even if there were no nefarious motives.

This is a poor opinion. First, he has not been found guilty of "reckless endangement", and you are just assuming he's guilty. Do you also expect to see reporting every time someone recklessly endangers others by driving at high speeds through a school zone, or accidently runs through a stop sign?

Publishing accusations of someone (especially a very easily google-able person) being a terrorist is not something that should be done lightly without proof.

Hell, right now I'm pretty sure I have both bleach and ammonia in my apartment as regular cleaning supplies. When combined, these ingredients are dangerous, but that sure as shit doesn't mean I'm endangering others just by possessing them.

Yes I'm sure it's all just a big misunderstanding.
I have a garden of about 400 m2. So yes, there are different 20kg bags of fertilizer in the shed. Ammonium nitrate being NPK 34-0-0 (wiki), I think I can get pretty close to that with boosting fertilizer (like 25-5-5 or something). The point is that one could write a hit piece with only "true" information about me. I even have both "rightwing" and "leftwing" extremist propaganda in my house! (Say, Nozick and Solzjenitsyn. Or Nietzsche and Orwell.)
40 pounds of potassium nitrate?
Pretty common size from the big box and home & garden type stores. https://www.lowes.com/pd/Sta-Green-43-lb-15-000-sq-ft-32-0-1... I'd be suspicions if he had 10-20 bags and didn't run a landscaping company or multiple acres or grass to maintain.
For an apartment in NYC??
My drugs and alcohol spidey senses are tingling.

I’d be so pissed if my next door neighbor in my apartment building was doing that.

Looked more like a row house than an apartment.
There is no reason to implicitly trust what a police officer tells a reporter or says at a press conference during the initial investigation of a crime.
I think it's reasonable for police & even FBI to investigate after a fire in a home with lots of chemicals, including 40lbs of potassium nitrate, after also finding bomb-making information. However it does seem like they made a rush to judgment in arresting him rather than simply letting the hospital hold him until medically cleared, after which the police could hold him for 48 hours without charging, all while they investigate things more thoroughly like any writing/internet posts etc that could indicate any actual intent to use the stuff, rather than simply a (very dangerous) lack of care in how he conducts his hobbies.
Fair enough, but would you take all of the most suspicious-looking items in your house that could possibly implicate you in a crime and put them all into one crate, including printed material and books that explain how to perform said crime?
(comment deleted)
I mean if we're sharing stories: "I started a project to learn javascript and node.js through rap," Nodejitsu co- founder and New York expat Marak Squires"

I think he is terrible at being frugal, spent all his money, and is now begging for handouts.

Starting a company doesn't make one rich. There's no evidence he had any significant money to spend. In fact, it's likely the founders got nothing after the VCs were paid off.
He's reported as being an early bitcoin investor too, so your point might stand ignoring every opportunity this guy had, and every privilege. Ask your average inhabitant of Queens how much their last startup sold for, or how much they made off of Bitcoin. Otherwise not so much.
sure but it still seems this post resonates with many ppl
For all those people in this thread praising his work, now's the time to put your money where the mouth is. If you have used his work, push your companies to sponsor/donate. Asking irrelevant questions like whether he has a job does not help the situation. The community's response to events like this is what determines the future of open source. People like to complain about copyleft vs libre licenses. But if you have benefitted much from open source software and are hesitant about contributing back financially, you are part of the problem. This is not just about Amazon, Microsoft, Facebook, Google and Fortune 500s. If you are a tech startup with revenue or funding and uses his software in your products, consider a 5 to 6 figures contract, or at the very least a significant one time donation.
I feel for him being in his tough spot, but let's be clear on what faker.js is. I suspect many companies (like mine) use it to create "decent"-looking data for tests. But we could trivially do without it, and basically just used it because it was there. I contrast this with some other open source projects we use that we specifically contribute to (using GitHub donations) because they are central libraries to our code base.
That's going to be true to some extent of every library your company uses, but for every library someone writes and offers as FOSS, you don't have to spend the cycles designing, developing, and maintaining your own, nor training new hires on using it. You're fundamentally misunderstanding the value of having good quality tools developed by someone else.

And I'm not even going to _start_ on what I think of your attitude towards test tooling vs "central libraries" other than to note that if you don't consider test tools central to your development process, I think you have bigger problems.

You're completely mischaracterizing my post. My point is that if faker were anything slightly above free, we really wouldn't have used it, and our code quality wouldn't suffer from not having it. It was more of a "ooh, that's kinda nice" thing when we used it.

> And I'm not even going to _start_ on what I think of your attitude towards test tooling vs "central libraries" other than to note that if you don't consider test tools central to your development process, I think you have bigger problems.

That's not my attitude at all and is a bullshit strawman. I actually do donate to libraries that are fundamental to our test framework. Faker is just definitely not one of them.

> and our code quality wouldn't suffer from not having it

Your code quality is irrelevant. What matters is did it save you time, and what is that time worth to you and your business.

Their whole point is that it didn't actually save any time; if it didn't exist for free, they wouldn't have done it themselves.
How often have you implemented a trivial feature and, after adding tests, debugging, doing code review, etc, you find it’s taken a nontrivial amount of time. And it’ll likely take maintenance too as you learn what you need (easier when you’ve seen it done already).

Most of these trivial things probably take nontrivial time, and if you add all of them together for all the trivial projects you use, it’s probably saved a really serious chunk of time.

The ocean is made of “trivial” drops of water, yada yada.

Likewise, the trivial or novel that you borrow for free isn’t really free when you need to use it suddenly in ways that the license doesn’t permit or it is just technically inconvenient. It is sort of like leasing vs buying, but not really a good analogy.
Let's be clear, this is the difference between your test user being called Tom Smith with email tom@smith.com and Joseph Baker with email jbaker@bigcorp.com versus being called Foo Bar and Foo Bar2 with emails foo@example.com and foo2@example.com
"Let's be clear, action developer actually took versus action developer didn't take but in my opinion isn't that different, as someone who didn't take any actions at all" is a bad hill to die on.
I think the point is that generating pretty fake data as opposed to bland fake data is a "nice to have" rather than a "must have" for 98% of companies. And by the time you get up to AirBnb and FB, etc., they have their own internal testing data and standards based on years of real-world false negatives and false positives.

It's really a content library, which is useful, but it's not in the mission-critical category where developers can get a rubber stamp budget approval from their boss. It's a great project to get your name out there as an open source developer, rather than a viable business model IMO.

That just goes to show you how rough the real world really is. Like, it’s free and a pretty good solution, but still replaceable lol.

Tough crowd.

Always charge, or get value somehow, because I can promise you people will feel entitled to whatever baseline you give them (in this case ‘free’).

Everyone and everything is replaceable, oh cruel world, why you do us dirty like that?

That's not how tough the world is, it's how tough people choose to make it.
Yeah but it is also hilarious when the contributors of free open source software rage quit when they realize others can use their work for free while the contributors forget to make money.

Software developers, man!

For a bi-weekly hilarious rage quit, check out Andre Conje on twitter!

That’s horrible. If you produce something for free, and someone uses it to reduce effort and expenses, at least throw some money their way! Doesn’t even have to be much.
I wonder if npm packages should operate in a similar way YouTube does. Why can’t people sell a license via npm? That would be a nice way to browse packages, pay a buck or two for Faker.js for commercial projects. Plenty of us have budgets that $50 dollars could get you some solid pro versions of a lot of software.

We devalue ourselves really.

I'm not sure that's the case here. It sounds like their apartment caught fire and now they are homeless. In my opinion, this sounds more like a desperation move than anger; this developer really needs money ASAP in order to keep a roof over their head.
Yeah.

And this other time I saw a hardware company be “in the spirit of open source” and then saw another company use their code in cheaper hardware sold for less and then the first company went on a rage tirade and tried to edit their commit history to change the license, tarnishing themselves in their whole community and customer’s eyes at the time.

FOSS rage quits are hilarious.

I use his work, but for me the situation is more complicated my prior experiences with the author.

He's been making similar complaints about his lack of renumeration for quite a while. In an older GitHub where he requested contributions, I pointed out that he had barely worked on the project for many months (at that time), and not published a new version to npm in years[1], despite making a $600 withdrawal from his Open Collective fund in June 2018 with the explicit purpose of releasing v5[2].

In the thread, I suggested that I and others might be willing to contribute, but I wanted more certainty on what exactly my contribution would be paying for. As I saw it, at that point he had a number of regular donors who were essentially paying him to do nothing.

He responded very angrily, saying nobody had any right to question his actions or to expect anything from him, even if they were paying him. He then deleted my comment entirely and banned me from commenting further. This interaction didn't exactly leave me with a strong desire to contribute. I think he's a rather volatile individual and the community would indeed be better off forking this project than indulging his sense of grievance.

[1] https://www.npmjs.com/package/faker.js [2] https://opencollective.com/fakerjs/expenses/3972

You might see that as “volatile”, but I think I can see what he’s getting at. A charitable reading of his whole stance:

• We can enter into a formal contract where I actually do owe you work-on-this-project in exchange for pay;

• but without such a contract, donations to me are just that — donations — and don’t influence my work;

• but this is an open-source project, so you’re free to put whatever work you like into it, and keep/use/share the results (in your own space, that I don’t have to referee.)

• I’ll just be over here, doing what I want, unless/until someone makes a contract with me to do what they want. (Which, of course, they’re not obligated to do; they could just as well hire someone else to fork and maintain the project, rather than hiring me. That’s their choice.)

• So, in short, you’re not the boss of me; unless you’re literally my boss. (A patron is not a boss.)

This is more of a matter of, if some Internet rando has a comfy development job, it's easy to go and flame nonconformists like Marak on the Internet.

Even if Marak was a jerk or a liar, he still deserves to be paid!

I do not think he 'deserves' to get paid. It is nice if he gets paid, but I dont even see a moral obligation (not speaking of legal). I mean the idea of gpl2 (at least from linus and my perspective) is nicely laid out here:https://www.youtube.com/watch?v=PaKIZ7gJlRU Paraphrasing:'I give you my sourcecode and if you change it and give the software away, please give me the changes'. For MIT license (which Marak choose) (this is not in the video link), it is more like: 'please use this for whichever cause you like, I dont even expect software changes back'.
Everyone deserves to get paid (in the sense of moral desert; i.e. people "deserve" human rights.) You don't have a personal obligation to pay them, though.

Solving that discrepancy isn't going to be done in an HN comment; it's the Great Work of capitalist statecraft.

I agree he deserves to get paid like everybody else, but not because of this work he did. Unfortunately not all societies do that, so uually the common route to get paid is to get (a) work (contract), somebody is willing to pay for.
I believe prison laborers deserve to be paid minimum wage, despite their convictions and despite their inability to negotiate. Additionally minimum wage should be raised to a living wage.

You’re taking an overly reductionist view, incompatible with things like “equal pay for equal work.” He definitely deserves to get paid for his work, and it’s obviously a matter of by whom, and he’s fed up with giant corporations using his stuff despite being able to pay him, and he’s totally in the right even if he’s insert-some-undesirable-here.

I agree with the other commenter that "deserves" is a strong word.

If you want to sell something for money, you put a price on it. And people decide to buy it or not.

If you give it away for free, going back after the fact and asking for a donation is fine. But I don't think it's required. And it doesn't make people who choose not to donate bad in any way.

He should probably figure out his next business and get to working on that. Start a business, sell a thing, profit.

Yeah, bringing money into free software equation complicates things.

It comes down to donors expecting something back for their donation, while authors expect something back for all the effort they put so far into the project that is obviously useful to other people.

For my open source project I made a hard decision not take any money. This curbs expectations and puts users at disadvantage, but lets me take as much time off as I want and I sleep better.

Donors shouldn't expect something back, because per definition from Wiktionary:

donation

A voluntary gift or contribution for a specific cause.

This feels like a semantic non-sequitur. Maybe that's actually a great example of core of the problem at hand!

You're trying to argue a conclusion based on the specific word "donor", but many of these "donors" (or in this thread's case potential "donor") don't see themselves that way; they are not interested in "donating" with no strings, it seems like they are more interested in "patronage" or some sort of "sponsoring", where their money is not no-strings, but instead conditional on some specific threshold of level/quality of support/service.

Perhaps we just need a bit richer vocabulary for these discussions; if the project author is only interested in unconditional donations, that's their prerogative, and you're free to fork or fund accordingly. But also recognize that at the margin, "donate with no strings" is a much tougher sell for enterprises than "patronage will buy you X quality of service".

So if you're actually making an effort to turn an open-source project into revenue, I think you'll probably need to listen to your potential customers/patrons a bit more and give them the assurances they are looking for. Again, any open source author is free to do as they please! But as the GP notes, bringing money into the situation complicates things, and I don't think it's reasonable or rational to expect companies to start throwing donations your way without listening to what they want to get in return.

For most people, the funding mechanisms on the Internet pretty much all carry an expectation that they're to support ongoing work that will be used to either explicitly deliver a product, as with Kickstarter, or is to fund an artist's/coder's/etc. ongoing work. Not many people are making donations based on past effort.

I sold a (non-open source) shareware product way back when. Money definitely provided the incentive to put more work into it than I otherwise would have. On the other hand, it made me treat it as a business, albeit a part-time one.

Donating isn't funding. The distinction has to be made.
I've participated in a project using Bountysource some years ago; in total I received something on the order of 1500-2000 $. Which is nice. I assume a lot of people did a lot more work than I did back then and never saw any money for it. So I probably have no right to complain or lament about these transactions in any way. But, in a way, it is very hard to not think about dollar per time, especially with Bountysource being attached to solving specific issues. I believe this contributed to my mentality souring over time, because in the back of my head I never got rid of the idea that I'm sort-of at work here, but at about 2 $/hr average wage. I stopped contributing to that project completely after about just two years or so.
I call BS. The tagline on his opencollective page is "Continue to make faker.js the best open-source fake data solution available."

That implies that if people donate then the funds will be used to improve the project.

To be fair, it would be nice if he explicitly expressed such a stance rather than tacitly implying it, but otherwise that sounds about right.
By my understanding, in the US, if you solicit donations and say you will do something specific with them (e.g., use them to pay yourself to work on a project), then those aren't really donations. They're payment for a service. You may not think that you entered into a contract with the "donors" by accepting the "donations," but you did. You made an offer to perform an action in exchange for money and someone accepted that offer by paying you. That's a contract and anyone who donated could take you to court to get the money back.
> despite making a $600 withdrawal from his Open Collective fund in June 2018 with the explicit purpose of releasing v5[2].

I just want to point out how crazy it is that we expect people to releasing a whole major version for $600

Meanwhile in the commercial world, changing the colour of a button in your iOS app will cost you $1000s...

Having been on both sides of that pay discrepancy, I have come to the conclusion that most of our economic theory about the nature of business and competition is bullshit. I now see corporations as social organizations which exist to keep educated people fed and controlled, everything else is secondary. The sums are big because the money has to get divvied up amongst everyone, even if the work involved is just changing a hex value by the lowest paid and probably most technically skilled person in the network.
Yep, that money has to pay for not only the developer "doing the work", but all the overhead: the product managers, QA, release/deployment... then redo of work because someone used the wrong shade of blue.
He was co founder of Nodejitsu, the company who raised kickstarter funding for NPM, the same time NPM raised money from investors . There was a legal conflict about who owns NPM, they didnt refund or make a statement the money they raised for a project they don't own. That Kickstarter campaign was a scam and they got away with it.
If you're using his work, pay him something. Everything else is just excuses.
I mean, I'm not using faker.js but I'm not exactly sure I'd finance a potential terrorist.
Yes, it is a good look to donate money so this guy can make more bombs.
Debian (for example) has 51,000 free software packages. How do we decide which ones to fund and how much they get? Do you earn money for being the maintainer. LOC you commit? Bugs you report or fix? What about people that write documentation or packaging?
Honestly, he should have used the GPL and allowed other licensing options for commercial entities. Frankly I wouldn't use MIT license for personal open-source projects.
> If you have used his work, push your companies to sponsor/donate.

That's not how any of this works. Most people work for companies that do not just donate to random software developers. If you want companies to send you money, you need to have something on an invoice. You don't actually have to make the commercial edition different than your community edition, especially if you're charging a low amount, finance isn't going to grill you about why you aren't using the free version. But you need to align how you expect to get paid with how companies are set up to pay people. Charge for stuff!

What I do, is ask for a receipt before I donate. Then it becomes a business cost to me.
> building some kind of SaaS API is probably not really possible for something that can be trivially implemented and operated locally

A SaaS that allows you to deploy APIs and handles Auth/Billing/Customer Support/Usage Metrics etc would be a viable service. There are plenty of 1 man APIs that could be built by an engineer if the heavy business aspects were taken care of.

Has anyone ever heard of a service that allows users to attach bounties to issues? So if the open source developer fixes an issue, the developer gets the money offered by the issue reporter.

Edit: Answering my own question.

https://gitpay.me

Doesn't appear to be too popular though: "We paid $2547 USD in bounties "

Edit 2: No wonder it's not popular

https://github.com/gitpay/website/pull/4

https://www.bountysource.com is one. I have used a few times to sponsor features in Weblate.
Looking at the Bountysource docs, it looks like users can offer bounties. Do you know if it has a Github integration that allows developers to post some sort of price schedule, or to request a bounty on a given issue?

Edit: It looks like there are red flags around Bountysource too:

https://blog.elementary.io/goodbye-bountysource-hello-github...

"If no Solution is accepted within two years after a Bounty is posted, then the Bounty will be withdrawn and the amount posted for the Bounty will be retained by Bountysource."

"In December, 2017, Bountysource was acquired by a cryptocurrency company called CanYa who redesigned the Bountysource site and service with a new cryptocoin focus."

This one looks interesting. The top project has gotten $7,858.50. Not too shabby.

The docs are pretty thin though, so it's not clear if it's possible for devs to attach a price to feature requests themselves. I've been looking for service with a flow like

1. User opens feature request 2. Dev responds with "Not useful to me, so I'll do it for $200. Click this button to pay."

Edit: Issuehunt.io seems to be a side project of the people that make Boost Note. That may explain why BoostIO/Boostnote is the most funded project, and why there doesn't seem to be much ongoing effort to promote the service. I get that "we made it for us, but you can use it too" vibe from their site.

(comment deleted)