Open Source Needs a New Mission Protecting Users

[Bruce Perens] isn’t very happy with the current state of Free and Open Source Software (FOSS), and an article by [Rupert Goodwins] expounds on this to explain Open Source’s need for a new mission in 2024, and beyond. He suggests a focus shift from software, to data.

The internet as we know it and all the services it runs are built on FOSS architecture and infrastructure. None of the big tech companies would be where they are without FOSS, and certainly none could do without it. But FOSS has its share of what can be thought of as loopholes, and in the years during which the internet has exploded in growth and use, large tech companies have found and exploited all of them. A product doesn’t need to disclose a single line of source code if it’s never actually distributed. And Red Hat (which [Perens] asserts is really just IBM) have simply stopped releasing public distributions of CentOS.

In addition, the inherent weak points of FOSS remain largely the same. These include funding distributions, lack of user-focused design, and the fact that users frankly don’t understand what FOSS offers them, why it’s important, or even that it exists at all.

A change is needed, and it’s suggested that the time has come to move away from a focus on software, and shift that focus instead to data. Expand the inherent transparency of FOSS to ensure that people have control and visibility of their own data.

While the ideals of FOSS remain relevant, this isn’t the first time the changing tech landscape has raised questions about how things are done, like the intersection of bug bounties and FOSS.

What do you think? Let us know in the comments.

Open standards that go beyond FRAND.

I would love to see a way for there to be open standards in a productive way (https://xkcd.com/927/ comes to mind).

That said, I’d love to see this go beyond just software and into all the various pieces of tech that are needed to build a computer too. There is a lot beyond an ISA needed to do that.

I think that cat got out of the bag fifteen or twenty years ago. It had a litter and died of old age already. Sorry but people’s data is too pwned to fix now, unless this is just another “safety” euphemism for FRAND like the other comment implied (this is probably the case).

Your and my data may be thoroughly pwned, but not everyone who will ever be born has been born yet.

FOSS may protect users from vendor-lock, but it doesn’t really protect all that well against data leakage or scams. To do that, you still need skilled people running the services, whether volunteer or paid.

I don’t think users will ever care much about the difference between free-to-use and FOSS. Volunteer-built software will always be a bit rough on the edges. Fortunately there is a growing number of companies that manage to make money while releasing their product as open source.

Even if they did care, it’s not reasonable to expect that they should do something about it.

If the Open Source alternative sucks, then you’re sucking lemons either way. The question is, which way do you actually get your job done?

Who was it that said “I don’t like anarchy – it has too many rules”? A large portion of the problems of FOSS is that people turn software into politics and attempt to control what other people can do with or to it.

It can be things like refusing to maintain a stable driver ABI because “All drivers should be open source instead of binary blobs.” – i.e. trying to own other people’s work. Well, the result is that you don’t get very many good drivers from the OEMs because you refuse to play ball with them. Who’s at fault there? They who refuse to give up their trade secrets, their business model, and break licensing agreements with third parties, or the “freedom warriors”?

ive bricked no fewer than six distros because of this. including the one i was planning to use to bail on windows when 10 goes eol. if my $800 gpu now performs like a $300 gpu because the drivers suck. i either have no incentive to use linux, or no incentive to buy fancy hardware. its lose-lose all the way.

If users and companies use the free stuff, it’s in their best interests to be actively involved in helping to keep the stuff running, riding roughshod over these things doesn’t win you friends or customers. Binary blobs are probably necessary in a competitive world, as long as support is plentiful and isn’t ditched early.

No one is obliged to do anything they don’t want to but if you don’t encourage the open source, you’re probably going to lose out to long development cycles and stuffy roadmaps that can’t adapt quickly enough to true innovations that come from open source and mad lads/lasses trying stuff for the giggles.

How many open source projects and innovations have we seen folded into commercial products a few years down the line with a slightly different badge on them?

> it’s in their best interests to be actively involved in helping to keep the stuff running

Too many cooks spoils the soup. If everyone “gets involved”, the whole thing gets bogged down in logistics.

Of course but actively involved doesn’t necessarily mean ‘let everyone have at it’ all of the time. Forks, branches and pull requests seem to do a good job of allowing people to keep their gatekeeper status whilst allowing others to contribute in meaningful ways. It’s probably not a perfect system but it does allow for participation with less logistics.

foss already does this by default. its really just a popularity game. foss needs to gain market share. one place where foss is typically weak is in ux. where things don’t work as expected or where the ui diverges from the target platform (for example i hate gimp’s save dialog when under windows because it diverges from what the user expects). or the very common ok/cancel dialog where the buttons are backwards from the local convention. linux distros have this problem where they give you clear instructions on how to do x, but they often are sensitive to dependencies and version incompatibility and fail for reasons unknown, followed by very little instruction about what to do when things go wrong or how to roll back the change in a non-destructive way. users just want software that works and is mostly self explanatory.

proton is a good example of it done right. way better at making games work than wine alone, which could require significant tweaking. and those tweaks, if done incorrectly can potentially be system-bricking. ask me how i know. proton, i install it and im playing my games, flawlessly in many cases. gj valve.

I’d argue at this point the core Linux distro’s and the core desktop software folks actually need are now and have been for quite some time in the ‘just works’ and ‘self explanatory’. And you are far far less likely to get problems with dependencies and versions with Linux as anything other than a more advanced user – use the package management system of your distro and everything just works, and changes that break previous workflows are pretty darn rare.

If anything I’d say the big distro’s are much more self explanatory than windoze now – the OS that still can’t manage to put all the stuff that used to be in one place under control panel in one place or explain which bits should be where consistently between versions anymore, who’s audio stack can’t be told to stop trying to be ‘helpful’ unhelpfully every time a device changes, and …

Windows might feel like it ‘just works’ better to a historical windon’t user, but really that is nothing to do with it being better and entirely to do with how familiar the Users are with its idiosyncrasy. Seriously try putting a Mac user infront of a PC and visa versa…

Which is probably why you like proton as though it is darn good the real magic is the user does nothing but click launch in Steam, same UI as always, very familiar and now it just works in nearly all cases, even though the game is supposed to Windon’t native only.

Linux fixed dependencies and incompatibility a long time ago, if you just use snap packages.

We fixed UX(mostly) with GNOME and Cinnamon. Grandma can use it just fine, only some more obscure things like web serial being broken by default because of permissions still need a command line.

The problem is that if you ask “Hey, how do I install Linux” all the hackers and tinkerers respond, advising icky nonsense like Manjaro, where installing most anything requires a ton of commands to first set up the AUR, then a half an hour of waiting for it to compile, or maybe mint, which is very good but still subject to linux’s biggest issue of mutable dependencies for large applications.

The public doesn’t understand what “advanced” distros are, they think that the stuff all the smart people are using must be full of features and really great, like the “Pro” edition of proprietary stuff.

People think advanced distros are like a really fancy power tool, but they’re actually like an antique hand saw that purists enjoy, but most pro carpenters and beginners alike probably use electric if they can afford it. The enthusiast distros have *less* capability, because they’re meant for people who want to DIY everything, because their user base does very very different things with computers than average users or even devs, and they value not having anything unnecessary on their system.

Stick with Ubuntu and use Snap packages and you’ll find incompatible packages and third party repos are mostly not a thing.

It’s difficult to hear that Perens isn’t happy with the way corps are abusing users with FOSS-licensed code. He quit the OSI over their approval of the CAL, the license that covers the software we’re building at work, whose explicit purpose was to protect users’ right to access their data that’s generated and held by the licensed software — sort of an AGPL, but for data. I don’t know his exact reasoning; I gathered that he thought this was overreaching the definition of open-source and turning it political. Maybe he’s softening?

Data privacy means no selling / making money.

If universities (GOVT MONEY) begin or continue to help develop FOSS projects or improvements to existing ones that may be one way to keep funding professional developers.

Most of what is available that is selfhosted could use a lot of improvement in terms of ease of setup / use / maintenance. That would be the best solution, don’t expose your data in the first place. As that body of software grows, improves and gets more interesting perhaps more people will adopt it.

Data privacy means the companies have to make money honestly – provide goods or services instead of selling every bit of information they can beg, borrow, or steal about people.

Data privacy laws need teeth. A data breech should cost the companies so much that they don’t keep any more information than is absolutely necessary.

It needs to reach the point that companies view personal data as toxic waste – don’t gather it, don’t keep it, dispose of it as quickly as possible.

Open Source licences don’t protect users, Free Software and Copyleft do 🙂

 

 

 

 

Hackaday Open Source Need

Tagged . Bookmark the permalink.

About Abu Hamza

Abu Hamza is member of Business Bee Staff

Comments are closed.