> Projects with CLAs more commonly are subject to rug pulls; projects using a developers certificate of origin do not have the same power imbalance and are less likely to be rug pulled.
Would be worth explaining why: my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA. So you say "it is a GPL project, my contribution is GPL, but I allow you to relicence my contribution as you see fit".
If the project uses a permissive licence already, honestly I don't really see a big impact with signing a CLA: anyone can just take the codebase and go proprietary with it. However, if it is a copyleft licence, then signing a CLA means that the beneficiary of the CLA doesn't play by the same rules and can go proprietary with the contributions!
If you don't want a rug pull, you should use a copyleft licence and not sign a CLA: nobody can make Linux proprietary because the copyright is shared between so many people.
If you use a permissive licence, then a rug pull is part of the deal.
dig1 · 17m ago
> Contributors and maintainers often have less power than even the smaller companies, and users have less power yet.
If contributors/maintainers are not happy with what the small company does, they can fork the project (assuming a liberal license) and continue in their own way. Valkey is a good example (with an interesting twist of license dynamics where Redis can use Valkey code now, but not the other way around).
> We have built a world where it is often easiest to just use whatever a cloud provider offers
And, IMHO, this is the major problem in the dev community these days - we've become lazy and focused on nonsense ("pretty"/unusable UIs, web gymnastics, llm, "productivity" etc.). We didn't have problems in the past to fork or reimplement OSes (various BSD instances), compilers (gcc versions), databases (MariaDB), and so on. There are tons of geniuses around hacking on cool stuff, but, sadly, the loudness of various hipsters and evangelists limits their visibility.
> Those providers may not contribute back to the projects they turn into services, though, upsetting the smaller companies that are,
The significant contribution that these providers (AWS, et al.) make to these projects is often overlooked - free advertisement. If I can remember correctly, ElasticSearch got popular when AWS started to offer it as a service. Additionally, cloud providers usually contribute (by employing core developers, shipping patches or testing) to the kernel, gcc or jdk, from which these small companies benefit significantly. In contrast, they themselves could do none of this.
But it is easier to blame "big scary clouds" than to rethink your business model. Be honest, start closed; no one will touch that and no one will be standing in your way.
3np · 3h ago
Building the software you rely on from source by default is one way to reduce the impact these events have on you and shift the power dynamic. If you're installing binaries/images from a vendor (free or otherwise), transitioning to a fork may be an undertaking and a sweaty risk-assessment.
Switching your existing build-infra to sync sources from a new remote should be a snap.
Also no major need to hound maintainers to ship a release or merge that neglected bugfix or feature you desperately need - just cherry-pick it.
andersmurphy · 2h ago
Not sure why this is getting down votes but I agree. Also building from source doesn't have to be hard (see sqlite).
pjmlp · 1h ago
Depends on the actual software licence, many commercial vendors do provide source code, however the licence doesn't allow you to do whatever you feel like with code, even if technically it is possible to do so.
This happens a lot in commercial products where scripting languages are used, for example.
Or enterprise consulting as another example, where the code is delivered as part of the project, but it is bound to the agency for compiling purposes, unless the customer pays extra for that right.
anilgulecha · 1h ago
IMO if you're a technical decision maker, you should ignore fair source/business source stuff with extreme prejudice. These are fundamentally incompatible with the goal of having autonomy for your systems.
Only pick these if they're non-critical, have a significantly higher RoI, or a high commodity item.
MangoToupe · 20m ago
It's hard to feel any sympathy for people who spend money and still bend over.
pjmlp · 2m ago
For most people it is only business, there is zero FOSS ideology.
A hard lesson many have come to learn when there are bills to pay, and coffee priced donations hardly make it.
tetha · 1h ago
This is causing management at the current company to run in circles a bit as well. The company has been fairly adamant about having support contracts for systems, and it has encountered a number of these stunts. Opscode with chef a long time ago, CentOS exit, VMWare, Broadcom has a number of more ugly things available in Tanzu.
And we were either paying these companies (looking at VMWare), or looked for quotes and intending to pay these companies. But suddenly, your configuration management is supposed to cost almost 6 digits per year. Very basic services should suddenly cost a mid-6-digit range per year for a basic suport contract. Sorry but what the fuck? And - again, looking at VMWare - even then we can't really rely on it?
I've been recommending to instead sponsor foundations, or straight up paying maintainers and developers of OSS we use regularly. The giggles when suggesting that have been getting quieter. But I'd rather hire a Proxmox/qemu dev than start paying the next VMWare.
palata · 1h ago
> There is typically a spike in these clones after a relicensing event, suggesting that people are considering creating a hard fork of the project
That, or maybe people make a "snapshot" just in case. I don't believe many people seriously consider leading the effort of maintaining a fork...
OgsyedIE · 1h ago
I believe there should be a broader family of terms besides rug pull for when the intentions of vendors and developers change over time to become extractive and negative. No, enshittification is not the right word.
positron26 · 3h ago
Without commercializing the non-contributor users, they have really no leverage in any of the relationships. Connecting them together by pooling their financial power to pull in contributors creates a real force to resist rug pulls a la Val-key. That is one of the kinds of thinking behind PrizeForge and why I'm implementing bare-minimum Postgres backups today because we're a fledgling startup and need Rust engineers: https://positron.solutions/careers
roenxi · 3h ago
It's nice to see an article that is just interesting. Although trying to model an environment of extreme freedom as 'feudal' is one of the big philosophic mistakes in the current discourse. Although it is easy to establish that the majors are very sticky they're only sticky as long as they do a good job. Groups like AWS or Google are actually pretty vulnerable - the US right wing looked like it was about to build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public. Places like AWS had to pull their head in and the spin offs from that like Rumble or Truth Social haven't gone away, they just partially marginalised when the censorship backed off. That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
rixed · 1h ago
> they're only sticky as long as they do a good job
> Groups like AWS or Google are actually pretty vulnerable (...) build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public
The part of AWS or Google infrastructure necessary to "speak up in public", relative to their total infrastructure, is probably close to the tiniest number you can imagine. I can't see how an alternative web forum or short text message service, even if used and supported by many, could make AWS or Google vulnerable. And as a reminder, the public is not a customer for Google nor AWS.
Or maybe by "the US right wing" you meant a handful of billionaires who would fund an alternative to Google and AWS? That still sounds naive to me. The estimated assets of Google or AWS in datacenters only is somewhere in the hundredth of billions, plus a good fraction of that every year for maintenance. Their current valuation is between $2 and $3 trillion.
Having no exeprience about peasants revolts (yet ;)) I only meant to comment on that part of your message.
BinaryIgor · 2h ago
Exactly; there are many mechanism in-place that allow us (anybody) to create alternatives if the currently dominant players start to misbehave too much; they just have not
throwawayqqq11 · 1h ago
And there are mechanism that restrict you. The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Otherwise, im am really wishing for alternative payment processors ... could someone proove me wrong here please.
delusional · 2h ago
You worldview is incredibly foreign to me, but I'll try to engage fairly with it.
> the US right wing looked like it was about to build a complete alternative internet for a while there
This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
> they just partially marginalised when the censorship backed off.
Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
> That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
I think it's interesting that you posit this as a fight between the "peasants" and the "soliders". I'm assuming, to make sense of your analogy, that the "peasants" in this case is the current president of the united states and Elon Musk. the "soliders" would then be "Jeff Bezos" and "Sundar Pichai"
roenxi · 1h ago
> This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
No, the left wing wasn't really involved. It looked from the outside like a pocket of authoritarians settled in the US intelligence services. Given the priorities of the Trump establishment on starting Term 2 when they moved very quickly to gut the US propaganda services I think Trump's people came to a similar view. And the relenting came when it was obvious that the companies involved were going to start suffering commercial consequences. Or, in cases like Twitter, got bought out by prominent right-wing figures.
> Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
Yeah. It isn't really operating on the same scale as Twitter and it only exists because Twitter felt the obvious way to construe "To all of those who have asked, I will not be going to the Inauguration on January 20th." was as glorification of violence [0]. It's commercial wisdom is unclear.
> I think it's interesting that you posit this as a fight between the "peasants" and the "soliders".
I'm almost positing the opposite, NOT(it is a fight between peasants and soldiers). That is why I think the feudal meme is a mistake - this isn't a situation where the powers that be in the tech world can actually bring consequences down on a class of people. The people have freedom.
[0] It was bizarre. I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
throwawayqqq11 · 47m ago
> The people have freedom.
I repeat my other reply:
The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Feudalism is formed by birth right privileges, excluding peasants or merit. With a look to present wealth distribution mechanisms (inheritance), its is no far fetch to apply that polarization effect to software infrastructure too, because software isnt really that immaterial.
roenxi · 39m ago
> Feudalism is formed by birth right privileges, excluding peasants or merit
Lots of systems have that property, including many democracies (the UK political system, for example, is quite democratic yet embraces birthright privilege excluding peasants). It doesn't characterise or get to the important parts of feudalism.
throwawayqqq11 · 30m ago
unless you make that privilege about a universal resource like money, which can be translated to political power. You are right, many societies have that feudalism-like problem (social mobility), when you look at it that way, even without a royal family.
I have 0 trouble understanding why Twitter didn't want to be whipping up fury against democracy using their power to do so. Six days before that ban Trump had definitively crossed the line over to full-blown treason with the Reffensperger call. Two days before the ban he sat quietly, waiting and hoping a mob of his supporters whipped up by his verbal diarrhea would sieze power for him, ending democracy. Make no mistake, Twitter did exactly what they had every legal and moral obligation to do.
delusional · 28m ago
> No, the left wing wasn't really involved.
That's fair. You didn't mention the left wing at any point, and I made an assumption.
This is veering quite quickly into unsubstantiated claims of collusion and conspiracy. You're weaving a network of secret deep state authoritarians secretly colluding with tech CEOs, and leaving no trace. It's honestly pretty close to QAnon, which is a huge red flag for me. I can't follow you there, and therefore can't make any substantial arguments for you.
What I would like to point out is the historical revisionism of Elon Musk buying twitter to weed out the subversive forces. He tried to get out of the deal, but the establishment forced him to see it through.
> I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
The announcement twitter made mentions that you have to take those tweets in context of the whole Jan 6. insurrection event. When you say that it's not incitement of violence, should I take that to mean you believe that the armed insurrection was not connected to Donald Trump? or do you believe that it was but that the further tweets weren't a further escalation of that conflict?
> The people have freedom.
I understand your argument for that then. I would caution that by saying that your conclusion hinges heavily on whether you believe Donald Trump is actually a popular reformist, or if you believe he is an elitist authoritarian. Your argument is quite close to "This can't be feudalism, the lords wants what's best for us", which is a quite unconvincing argument.
palmfacehn · 2h ago
>This would seem to imply that the established internet, what we had before this relenting, was somehow left wing.
I would omit the left-wing characterization as a debatable generalization. Perhaps it would be better described as the specificplatforms being opposition partisans, rather than the Internet itself.
delusional · 2h ago
> Perhaps it would be better described as the specific platforms being opposition partisans
I'm sympathetic to such an argument, but it does beg the question: Which platforms? The original comments choices of singling out Rumble and Truth Social, would imply that YouTube and Twitter would at least be _among_ those "specific platforms" but neither of those platforms are, at least according to the left, particularly left wing. Both platform have repeatedly been criticized for creating and propagating structures that lead people down what was called "the alt-right pipeline" and has, historically, hosted some of the most active alt-right figureheads.
That's not to say either platform is or was right-wing either. I'm not the one making an argument. Though I'm not convinced they were particularly left-wing or partisan before the creation of Rumble and Truth Social.
roenxi · 1h ago
Just to be clear, I never said anything about the left wing. I don't think they were involved in that one. Suppressing speech is generally opposed by the leftists.
Would be worth explaining why: my understanding is that if you sign a CLA, you typically give a right to relicence to the beneficiary of the CLA. So you say "it is a GPL project, my contribution is GPL, but I allow you to relicence my contribution as you see fit".
If the project uses a permissive licence already, honestly I don't really see a big impact with signing a CLA: anyone can just take the codebase and go proprietary with it. However, if it is a copyleft licence, then signing a CLA means that the beneficiary of the CLA doesn't play by the same rules and can go proprietary with the contributions!
If you don't want a rug pull, you should use a copyleft licence and not sign a CLA: nobody can make Linux proprietary because the copyright is shared between so many people.
If you use a permissive licence, then a rug pull is part of the deal.
If contributors/maintainers are not happy with what the small company does, they can fork the project (assuming a liberal license) and continue in their own way. Valkey is a good example (with an interesting twist of license dynamics where Redis can use Valkey code now, but not the other way around).
> We have built a world where it is often easiest to just use whatever a cloud provider offers
And, IMHO, this is the major problem in the dev community these days - we've become lazy and focused on nonsense ("pretty"/unusable UIs, web gymnastics, llm, "productivity" etc.). We didn't have problems in the past to fork or reimplement OSes (various BSD instances), compilers (gcc versions), databases (MariaDB), and so on. There are tons of geniuses around hacking on cool stuff, but, sadly, the loudness of various hipsters and evangelists limits their visibility.
> Those providers may not contribute back to the projects they turn into services, though, upsetting the smaller companies that are,
The significant contribution that these providers (AWS, et al.) make to these projects is often overlooked - free advertisement. If I can remember correctly, ElasticSearch got popular when AWS started to offer it as a service. Additionally, cloud providers usually contribute (by employing core developers, shipping patches or testing) to the kernel, gcc or jdk, from which these small companies benefit significantly. In contrast, they themselves could do none of this.
But it is easier to blame "big scary clouds" than to rethink your business model. Be honest, start closed; no one will touch that and no one will be standing in your way.
Switching your existing build-infra to sync sources from a new remote should be a snap.
Also no major need to hound maintainers to ship a release or merge that neglected bugfix or feature you desperately need - just cherry-pick it.
This happens a lot in commercial products where scripting languages are used, for example.
Or enterprise consulting as another example, where the code is delivered as part of the project, but it is bound to the agency for compiling purposes, unless the customer pays extra for that right.
Only pick these if they're non-critical, have a significantly higher RoI, or a high commodity item.
A hard lesson many have come to learn when there are bills to pay, and coffee priced donations hardly make it.
And we were either paying these companies (looking at VMWare), or looked for quotes and intending to pay these companies. But suddenly, your configuration management is supposed to cost almost 6 digits per year. Very basic services should suddenly cost a mid-6-digit range per year for a basic suport contract. Sorry but what the fuck? And - again, looking at VMWare - even then we can't really rely on it?
I've been recommending to instead sponsor foundations, or straight up paying maintainers and developers of OSS we use regularly. The giggles when suggesting that have been getting quieter. But I'd rather hire a Proxmox/qemu dev than start paying the next VMWare.
That, or maybe people make a "snapshot" just in case. I don't believe many people seriously consider leading the effort of maintaining a fork...
> Groups like AWS or Google are actually pretty vulnerable (...) build a complete alternative internet for a while there until the management in tech relented and allowed them to speak up in public
The part of AWS or Google infrastructure necessary to "speak up in public", relative to their total infrastructure, is probably close to the tiniest number you can imagine. I can't see how an alternative web forum or short text message service, even if used and supported by many, could make AWS or Google vulnerable. And as a reminder, the public is not a customer for Google nor AWS.
Or maybe by "the US right wing" you meant a handful of billionaires who would fund an alternative to Google and AWS? That still sounds naive to me. The estimated assets of Google or AWS in datacenters only is somewhere in the hundredth of billions, plus a good fraction of that every year for maintenance. Their current valuation is between $2 and $3 trillion.
Having no exeprience about peasants revolts (yet ;)) I only meant to comment on that part of your message.
Otherwise, im am really wishing for alternative payment processors ... could someone proove me wrong here please.
> the US right wing looked like it was about to build a complete alternative internet for a while there
This would seem to imply that the established internet, what we had before this relenting, was somehow left wing. Is that an accurate description of your view? When did this relenting take place?
> they just partially marginalised when the censorship backed off.
Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
> That isn't how feudal revolts work in my understanding; typically peasants just got squished by better armed, armoured and organised soldier classes.
I think it's interesting that you posit this as a fight between the "peasants" and the "soliders". I'm assuming, to make sense of your analogy, that the "peasants" in this case is the current president of the united states and Elon Musk. the "soliders" would then be "Jeff Bezos" and "Sundar Pichai"
No, the left wing wasn't really involved. It looked from the outside like a pocket of authoritarians settled in the US intelligence services. Given the priorities of the Trump establishment on starting Term 2 when they moved very quickly to gut the US propaganda services I think Trump's people came to a similar view. And the relenting came when it was obvious that the companies involved were going to start suffering commercial consequences. Or, in cases like Twitter, got bought out by prominent right-wing figures.
> Is it your position that Truth Social (the social network started by the current president of the united states) is currently a marginalized space?
Yeah. It isn't really operating on the same scale as Twitter and it only exists because Twitter felt the obvious way to construe "To all of those who have asked, I will not be going to the Inauguration on January 20th." was as glorification of violence [0]. It's commercial wisdom is unclear.
> I think it's interesting that you posit this as a fight between the "peasants" and the "soliders".
I'm almost positing the opposite, NOT(it is a fight between peasants and soldiers). That is why I think the feudal meme is a mistake - this isn't a situation where the powers that be in the tech world can actually bring consequences down on a class of people. The people have freedom.
[0] It was bizarre. I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
I repeat my other reply:
The article states it too: There is a resource (for software, id add knowhow) asymmetry and market innertia at play here.
Feudalism is formed by birth right privileges, excluding peasants or merit. With a look to present wealth distribution mechanisms (inheritance), its is no far fetch to apply that polarization effect to software infrastructure too, because software isnt really that immaterial.
Lots of systems have that property, including many democracies (the UK political system, for example, is quite democratic yet embraces birthright privilege excluding peasants). It doesn't characterise or get to the important parts of feudalism.
https://www.wired.com/story/yanis-varoufakis-technofeudalism...
That's fair. You didn't mention the left wing at any point, and I made an assumption.
This is veering quite quickly into unsubstantiated claims of collusion and conspiracy. You're weaving a network of secret deep state authoritarians secretly colluding with tech CEOs, and leaving no trace. It's honestly pretty close to QAnon, which is a huge red flag for me. I can't follow you there, and therefore can't make any substantial arguments for you.
What I would like to point out is the historical revisionism of Elon Musk buying twitter to weed out the subversive forces. He tried to get out of the deal, but the establishment forced him to see it through.
> I've kept a copy of Titter's announcement saved to disk as a reminder of how crazy groupthink can get. Anyone willing to state such a stupid theory in public has to believe it.
The announcement twitter made mentions that you have to take those tweets in context of the whole Jan 6. insurrection event. When you say that it's not incitement of violence, should I take that to mean you believe that the armed insurrection was not connected to Donald Trump? or do you believe that it was but that the further tweets weren't a further escalation of that conflict?
> The people have freedom.
I understand your argument for that then. I would caution that by saying that your conclusion hinges heavily on whether you believe Donald Trump is actually a popular reformist, or if you believe he is an elitist authoritarian. Your argument is quite close to "This can't be feudalism, the lords wants what's best for us", which is a quite unconvincing argument.
I would omit the left-wing characterization as a debatable generalization. Perhaps it would be better described as the specific platforms being opposition partisans, rather than the Internet itself.
I'm sympathetic to such an argument, but it does beg the question: Which platforms? The original comments choices of singling out Rumble and Truth Social, would imply that YouTube and Twitter would at least be _among_ those "specific platforms" but neither of those platforms are, at least according to the left, particularly left wing. Both platform have repeatedly been criticized for creating and propagating structures that lead people down what was called "the alt-right pipeline" and has, historically, hosted some of the most active alt-right figureheads.
That's not to say either platform is or was right-wing either. I'm not the one making an argument. Though I'm not convinced they were particularly left-wing or partisan before the creation of Rumble and Truth Social.