this post was submitted on 16 Jun 2024
1002 points (88.6% liked)

linuxmemes

21273 readers
1567 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     

    Context:

    Permissive licenses (commonly referred to as "cuck licenses") like the MIT license allow others to modify your software and release it under an unfree license. Copyleft licenses (like the Gnu General Public License) mandate that all derivative works remain free.

    Andrew Tanenbaum developed MINIX, a modular operating system kernel. Intel went ahead and used it to build Management Engine, arguably one of the most widespread and invasive pieces of malware in the world, without even as much as telling him. There's nothing Tanenbaum could do, since the MIT license allows this.

    Erik Andersen is one of the developers of Busybox, a minimal implementation of that's suited for embedded systems. Many companies tried to steal his code and distribute it with their unfree products, but since it's protected under the GPL, Busybox developers were able to sue them and gain some money in the process.

    Interestingly enough, Tanenbaum doesn't seem to mind what intel did. But there are some examples out there of people regretting releasing their work under a permissive license.

    you are viewing a single comment's thread
    view the rest of the comments
    [–] TheImpressiveX@lemmy.ml 216 points 5 months ago (28 children)

    The MIT license guarantees freedom for developers. The GPL guarantees freedom for end users.

    [–] TheOubliette@lemmy.ml 92 points 5 months ago (21 children)

    The MIT license guarantees that businesses will use it because it's free and they don't have to think about releasing code or hiding their copyright infringement. The developers I've seen using that license, or at least those who put some thought into it, did do because they want companies to use it and therefore boost their credibility through use and bug reports, etc. They knowingly did free work for a bunch of companies as a way to build their CV, basically. Like your very own self-imposed unpaid internship.

    The GPL license is also good for developers, as they know they can work on a substantial project and have some protections against others creating closed derived works off of it. It's just a bit more difficult to get enterprise buy-in, which is not a bad thing for many projects.

    [–] CapeWearingAeroplane@sopuli.xyz 15 points 5 months ago* (last edited 5 months ago) (1 children)

    You're not seeing the whole picture: I'm paid by the government to do research, and in doing that research my group develops several libraries that can benefit not only other research groups, but also industry. We license these libraries under MIT, because otherwise industry would be far more hesitant to integrate our libraries with their proprietary production code.

    I'm also an idealist of sorts. The way I see it, I'm developing publicly funded code that can be used by anyone, no strings attached, to boost productivity and make the world a better place. The fact that this gives us publicity and incentivises the industry to collaborate with us is just a plus. Calling it a self-imposed unpaid internship, when I'm literally hired full time to develop this and just happen to have the freedom to be able to give it out for free, is missing the mark.

    Also, we develop these libraries primarily for our own in-house use, and see the adoption of the libraries by others as a great way to uncover flaws and improve robustness. Others creating closed-source derivatives does not harm us or anyone else in any way as far as I can see.

    [–] TheOubliette@lemmy.ml 4 points 5 months ago (1 children)

    If the government is the US (federal), I think you are technically supposed to release your code in the public domain by default. Some people work around this but it's the default.

    But anyways, the example you've given is basically that you're paid with government funds to do work to assist industry. This is fairly similar to the people that do the work for free for industry, only this time it's basically taxpayersl money subsidizing industry. I've seen this many times. There is a whole science/engineering/standards + contractor complex that is basically one big grift, though the individual people writing the code are usually just doing their best.

    I'm also an idealist of sorts. The way I see it, I'm developing publicly funded code that can be used by anyone, no strings attached, to boost productivity and make the world a better place. The fact that this gives us publicity and incentivises the industry to collaborate with us is just a plus.

    Perhaps it makes the world a better place, perhaps it doesn't. This part of the industry focuses a lot on identifying a "social good" that they are improving, but the actual impact can be quite different. One person's climate project is another's strategic military site selector. One person's great new standard for transportation is another's path to monopoly power and the draining of public funds that could have gone to infrastructure. This is the typical way it works. I'm sure there can be exceptions, though.

    Anyways, I would recommend taking a skeptical eye to any position that sells you on its positive social impact. That is often a red flag for some kind of NGO industrial complex gig.

    Calling it a self-imposed unpaid internship, when I'm literally hired full time to develop this and just happen to have the freedom to be able to give it out for free, is missing the mark.

    Well you're paid so of course it wouldn't be that.

    Also, we develop these libraries primarily for our own in-house use, and see the adoption of the libraries by others as a great way to uncover flaws and improve robustness. Others creating closed-source derivatives does not harm us or anyone else in any way as far as I can see.

    Sometimes the industries will open bug reports for their free lunches, yes. A common story in community projects is that they realize they're doing a lot of support work for companies that aren't paying them. When they start to get burned out, they put out calls for funding so they can dedicate more time to the project. Sometimes this kind of works but usually the story goes the other way. They don't get enough money and continue to burn out. You are paid so it's a bit different, but it's not those companies paying you, eh?

    You aren't harmed by closed source derivatives because that seems to be the point of your work. Providing government subsidy to private companies that enclose the derivative product and make money for their executives and shareholders off of it.

    [–] CapeWearingAeroplane@sopuli.xyz 2 points 5 months ago (1 children)

    You are almost on point here, but seem to be missing the primary point of my work. I work as a researcher at a university, doing more-or-less fundamental research on topics that are relevant to industry.

    As I wrote: We develop our libraries for in-house use, and release the to the public because we know that they are valuable to the industry. If what I do is to be considered "industry subsidies", then all of higher education is industry subsidies. (You could make the argument that spending taxpayer money to educate skilled workers is effectively subsidising industry).

    We respond to issues that are related either to bugs that we need to fix for our own use, or features that we ourselves want. We don't spend time implementing features others want unless they give us funding for some project that we need to implement it for.

    In short: I don't work for industry, I work in research and education, and the libraries my group develops happen to be of interest to the industry. Most of my co-workers do not publish their code anywhere, because they aren't interested in spending the time required to turn hacky academic code into a usable library. I do, because I've noticed how much time it saves me and my team in the long run to have production-quality libraries that we can build on.

    [–] TheOubliette@lemmy.ml 4 points 5 months ago

    You are almost on point here, but seem to be missing the primary point of my work. I work as a researcher at a university, doing more-or-less fundamental research on topics that are relevant to industry.

    This is something I'm very familiar with.

    As I wrote: We develop our libraries for in-house use, and release the to the public because we know that they are valuable to the industry. If what I do is to be considered "industry subsidies", then all of higher education is industry subsidies. (You could make the argument that spending taxpayer money to educate skilled workers is effectively subsidising industry).

    This is largely the case, yes. Research universities do the basic research that industry then turns into a product and makes piles of cash from. And you are also correct that subsidizing STEM education is a subsidy for industry. It very specifically is meant to do that. It displaces industry job training and/or the companies paying to send their workers to get a degree. It also has the benefit of increasing overall supply in theur labor market, which helps drive down wages. Companies prefer having a big pool of potential workers they barely have to train.

    We respond to issues that are related either to bugs that we need to fix for our own use, or features that we ourselves want. We don't spend time implementing features others want unless they give us funding for some project that we need to implement it for.

    That's good!

    In short: I don't work for industry, I work in research and education, and the libraries my group develops happen to be of interest to the industry. Most of my co-workers do not publish their code anywhere, because they aren't interested in spending the time required to turn hacky academic code into a usable library. I do, because I've noticed how much time it saves me and my team in the long run to have production-quality libraries that we can build on.

    I think your approach is better. I also prefer to write better-quality code, which for me entails thinking more carefully about its structure and interfaces and using best practices like testing and CI.

    load more comments (19 replies)
    load more comments (25 replies)