I for one am going through quite a culture shock. I always assumed the nature of FOSS software made it immune to be confined within the policies of nations; I guess if one day the government of USA starts to think that its a security concers for china to use and contribute to core opensource software created by its citizens or based in their boundaries, they might strongarm FOSS communities and projects to make their software exclude them in someway or worse declare GPL software a threat to national security.
Not realy since Open source is most of the time still the best Option, and you cant realy controll Open source since there is always the option to fork Things. (For example If the US decided that China ist a NoNo the Open source Community in EU or India can do what they want since it is not under their jurisdiction)
but then the project loses momentum, the userbase fragments, opensource projects are fragile as they are mostly volunteer work; I guess the discussion of government threat and overreach towards opensource projects is mostly discussed in the context of cryptocurrencies and other ‘disruptive’ software
Those kinds of problems aren’t particularly new (PGP comes to mind as an example back when you couldn’t export it out of the US), but it’s a reminder that a lot of open-source comes from the US and Europe and is subject to western nation’s will. The US is also apparently thinks China is “stealing” RISC-V.
To me that goes against the spirit of open-source, where where you come from and who you are shouldn’t matter, because the code is by the people for the people and no money is exchanged. It’s already out there in the open, it’s not like it will stop the enemy from using the code. What’s also silly about this is if the those people were contributing anonymously under a fake or generic name, nothing would have happened.
The Internet got ruined when Facebook normalized/enforced using your real identity online.
Nope. Politics is part of being open source.
As for US strong arming you don’t have to be a US company for them to do that. RISK-V and ASML have been targeted by them in the past to prevent Chinese use.
I just wanted to say that I have the same questions, and it’s a relief to see it posted by someone with more courage. I’m too ignorant to contribute to the discussion though. I don’t know how a government or private entity could pressure a FOSS project in this way, unless that pressure was put on the project’s git platform. At which point the repo just moves elsewhere.
FOSS does not mean:
- Community owned: Linux is owned by the Linux Foundation, a legal entity of the United States and subject to it’s laws.
- Obliged to accept all contributions: The owner is free to accept or reject contributions for any reason.
Nothing changed except some people are no longer responsible for maintaining parts of the source tree. Their delegated power to accept contributions was removed. They can still propose changes, but they will be reviewed by others who aren’t subject aren’t at risk of Russian state influence.
This isn’t saying they’ve done anything wrong, or that they are currently under state influence, but now that they no longer have maintainer privileges the chance of the FSB knocking on their door has probably dropped 90%.
It wasn’t a culture shock but it made something obvious that sometimes gets forgotten. The “Open” just means that one can look at the source code and copy it to make a new version. There is no obligation of the original creators to support things outside of what they want/can do.
