Open Source, Open Mind: The Cost of Free Software - Dylan Beattie - NDC Oslo 2024
HTML-код
- Опубликовано: 7 сен 2024
- This talk was recorded at NDC Oslo in Oslo, Norway. #ndcoslo #ndcconferences #developer #softwaredeveloper
Attend the next NDC conference near you:
ndcconferences...
ndcoslo.com/
Subscribe to our RUclips channel and learn every day:
/ @NDC
Follow our Social Media!
/ ndcconferences
/ ndc_conferences
/ ndc_conferences
#ethics #software
Free lunch, free speech, free time, free spirit... when we talk about something being "free", that's normally a good thing. But as anybody who's ever given away their software for free will know, it's not that simple - and sometimes, it's not clear what "free software" even means.
At one end of the scale, volunteers use free software to resurrect old laptops, turning e-waste into useful tools they can donate to worthy causes. At the other end of the scale, tech giants use free software packages to create products which generate millions of dollars in profits every year - but when the creators of those packages try to recoup even a tiny part of that revenue, social media goes into an angry meltdown.
Join Dylan Beattie for a look at the past, present, and future of free software. We'll talk about the history of the free software movement, from MIT's Artificial Intelligence lab, to the shareware and public domain movement of the 1980s, to the era of GitHub and package managers. We'll explore why people choose to give their code away for free in the first place - and what happens if they change their mind. We'll talk about licences and legalities, we'll learn about some of the weird and wonderful edge cases that free software has created over the years, and we'll ask the question: is a truly sustainable open source ecosystem possible, and if so - what might it look like?
I am simple fox, I see new talk by Dylan Beattie- I watch.
He's got a channel too
@@AldoInza holy heck, I never even considered to check that :0
Fun fact, Linus Torvalds first created Linux because Minix was too expensive.
Then later, when the source control he used wanted to charge him money to use it (among other issues he had at the time with the source control they were using), he went and made his own source control to manage Linux... that source control tool he made is Git.
You know, that's a really interesting point - I actually remember the BitKeeper controversy that led to the creation of Git; I'll definitely include in the next revision of this talk. Thank you!
Oh the memories. I know people who worked for bit mover. It was an odd company to say the least.
The story for the move to git was a bit different if memory serves. They were allowed to use it for free when agreeing to not reverse engineer the protocols (making their own tooling possible). But the samba guy (Andrew Tridgell or so?) did that. And Larry McVoy got upset and that was that. So Linus created git.
Dylan Beattie, you damn legend, just don't stop doing this! )
The 'open deez nuts' joke cracked me the fuck up, didn't expect that
EXCELLENT talk; it's good to see a little bit of practical discussion about this after all the freaking out about the xz thing especially. I'm just a hobbyist, but here's hoping bigger fish than me can keep on figuring out how to be the change
Blender is in a much better state than presented here
As is GIMP, especially if you grab the beta for 3.x. Of all the Adobe products to single out, those 2 might have the best FOSS alternatives :P
Also: Blender does manage to get sponsored by big companies. So it's not always impossible.
And there are other programs beside GIMP, like Krita.
For me, The GIMP was the first FOSS project I used and thought "Hey! This is, not only usable, but actually quite good" (FOSS and I go back a long long long time)... I'm still using it for all of my interactive image editing now and It's still great.
... video editing, on the other hand? I've tried A LOT of options and some of them are "tolerable" but none of them are actually "good".
Some more widely used ones:
GIMP, Krita, VLC, 7zip, filezilla, OBS, Git, etc.
Also, Linux, even though it only has like 4% of the desktop market share, it has a huge majority of the market share when it comes to servers, and embedded.
@@edgeeffect Kdenlive is what I use as a non-linear video editor. Granted, I'm a casual RUclipsr and not a professional film-maker, but it works pretty well for me.
41:09 thesamesam is a Gentoo developer. Amazing guy and an amazing maintainer. He really stepped forward when the whole XZ ordeal was going on and helped a lot of us understand what was going on.
Kudos to him!!!
I like making software and giving it away for anyone, I just wanna be helpful ._.
One project landed me my current job, and got me out of poverty, but now I'm in the world of writing some cool and useful software, but I can't just put it out into the world because I'm working with a lot of proprietary software. It's the kind of licensing where if I find a bug and I disassembled some binaries and find the cause, I can't simply say, "hey, the bug is here: ," because now I broke the rules.
And the worst part is that it kind of makes sense sometimes, but dang I miss just being able to write code.
Also, I'm pretty sure my employers saw, "oh, this person made all of this for free, and while being a cashier? I bet they'll do a lot of free work for us!" And I have, and I feel gross. I hate how my [human] urge to create and help is being exploited. I wish I didn't have to give up my humanity in order to not be exploited.
You're learning to set boundaries and demand fair compensation. That's not giving up your humanity.
Don't think about asking money as losing your humanity.
It's the opposite: demanding fair compensation, either by negotiating or by changing jobs, will give more financial stability to easier help the people close to you, and enables you to donate to causes you support.
If I can go by your comment, that would mean the money will be spent in a more human way than before.
Don't push it though, think out a good strategy without jeopardizing yourself.
The Moq package is an interesting example. The maintainer got fed up with almost no sponsoring and put in a functionality that the library sends mail adresses of the Git repository constributors to a server to check that they are sponsors. If not you get a warning output, which breaks most build pipelines.
At my work I had to switch to NSubstitute (which we don't sponosr either).
What does prevent NSubstitute to issue such a "break"-warning one day? Or why couldn't you fork the Moq without this message?
@@kyriosity-at-github
1) Nothing what-so-ever.
2) Forking Moq puts the company on the hook for updates. If they comply with the GPL and put the fork out there for public use, it's the company that's on the hook for any issues that arise (particularly security issues). It's a cost increase regardless, one they don't have by swapping to a different free alternative.
I simply love listening to this man!
The rise of open source came with Java and the move from big box unix (not linux) servers as x86 servers became more competitive in the 2000s. And along with that came a whole ecosystem of open source alternatives from Apache, Eclipse, Spring foundation, Linux and so forth. Prior to that paying a lot for hardware and software to do everything with built in support contracts was the norm and nobody would be caught dead loading some code from some random folks on the internet into production.
One thing, tho: Germany law to my knowledge doesn't operate directly by precedent like it does in the US and the UK. So on one hand you don't need a precedent to enforce a law but also even if you have one, next time similar case ends up in a court it's not forced to decide the same. Judges do check history of previous cases when ruling, I believe, but it's not binding.
To me a big part of this is that organizations can operate on FOSS, depend on it for critical systems, holding sensitive information, but when those things fail, when their customers suffer loses of critical system uptimes, data, or confidentiality, the consequences for them the organization are just to minor to justify the expense.
If a CTO chooses to run software, without capable contractually obligated support internal or external they have choose to bear 100% of the consequences on their organization. If it effects their stakeholders, and customers they should be held liable as they have failed to do due diligence to shield them from risk.
I have bought video games second hand in the past, but sadly, that is no longer a thing people do (unless they are selling some old game that you actually could buy a copy of). I miss the times when you actually owned the media that you bought. When you could continue to play it even when the developers stopped sporting it, when you could share the game with your friends. I was only around for the end of it, but I got a taste of it, and I miss it.
I bought a preowned PS3 last year and obviously some discs with preowned games along. But even thought stuff like GT5 and GT6 work, they are now cut down in their functionality as some parts of the game play already depended on servers that are shut down by now.
I completely agree support and maintenance should be paid.
But for some commercial software I just feel even I paid I didn’t get the support I need even with premium Just answer you some standard answer.
Great talk, thank you~!
Brilliant!
XZ is not “part of the OpenSSH login system”. It's a dependency introduced only on certain GNU/Linux distributions. OpenBSD, FreeBSD, NetBSD, Devuan GNU/Linux, and many others could never have been affected. So not “just about every Unix and Linux system on this planet”.
It was not even direct dependency. On experimental versions of RedHat Linux, Fedora and something else, it was pulled in because libsystemd was included because someone just didn't wanted to write (or search for a KISS alternative) code that did dbus. That's it, it was not even using it, it just was linked together. That's even more curious because that attack could not even worked out in the end the way it was planned.
@@rogo7330 Probably because it's only one of a large number of state-sponsored social engineering attacks on OSS projects, and this just happens to be one that got detected. Which sucks because it means the CIA already probably has backdoors into Linux.
35:10 contributing some code as learning developer is a good learning experience and can build a solid portfolio if you succeed.
Don't expect big money from it, but some companies consider this to be equal to getting a degree.
Don't expect little money too :)
What amazing talk ❤
perfect talk
What about the Westinghouse TV v Busybox case, wasn't that over a GPL dispute?
Wow Dylan, your talks have been steadily getting better the more of them you do... but this one... this one IS Geoff's solid gold helicopter! Top notch stuff!
Glad to see John Popper is getting work.
Haven't valve also said that if steam ever shuts down, they will give a way for players to continue to enjoy the games they have in their library?
That WASI suggestion. terrifies me. Imagine: You want to build a program with may parts written in different languages, you could end up with needing to include a Javascript engine to run your JS, a Java virtual machine to run Java components, a Go run time a dotNet visual machine, a Python interpreter etc. Oh and all that has to run on a WASM run time of course. Dear God the idea is insane,
Why would you build everything from source?
@@chrisnuk I did not say anything about building everything from source. If your program uses a Java component it will need to include (or at least have available) a Java Virtual Machine to run it. If it uses a C# component it will need a dotNet run time. Even a compiled Go program has a run time built in. Python, JS, Lua etc will of course come as source components and require their interpreters. And so on. The only way to avoid having to include this huge mountain of VM/runtimes would be to restrict the languages used to those that compile to WASM, C, C++, Rust etc.
Why would people want an interpreter running on wasm for components, that'd go entirely against the point. Just build directly to wasm.
@@ITR That is exactly my point. If the languages your components are created in compile down to WASM directly and can be linked together like native objects then all is well. But if your components are written in Java, C# and others that need a JVM or dotNet run time then you have to deliver that run time as well (compiled to WASM of course). If your components are written in Python, Lua etc then you need to deliver an interpreter as well. Even Go requires run-time support. The whole idea of mixing whatever languages together to run as WASM therefore brings huge overheads.
@@Heater-v1.0.0 From their website it seems like their main target is projects where people are already using different languages.
But I assume if it was components, then eventually whatever components are written without the need for a runtime would win out on being efficient. Or maybe it'll go the web-route and people just won't care and make horribly slow software
47:22 the free software foundation is fighting for freedom as a basic right of the internet dwellers. yeah we see it as extreme because they are few but that only means, to me, that we must push harder for this. Many of our rights today where once a convenience for few people. You don't always get free water to your house and the water you pull get from the well isn't the best and only the rich could use water as conveniently as today. but here we are, free access to water and convenient. I think the end goal of free software foundation is the answer. And I think it can be implemented for the business environment today. I don't think it is possible for games but maybe in the future it can.
businesses that there model is a weak relationship with the customers don't want GPL because they will lose all the profit, but business that are made to serve customers will work with GPL and it is what the user of the software needs
Where do you live? I pay a monthly connection fee of 13 € and 1,93 € per cubic meter for water.
The new payment model: Sounds like a very natural way of doing things.
Would be nice if there would be someone who created the necessary infrastructure even for current package managers. As devs can make money, in the long run they will put their code on the freemium platform. naturally the older platforms will die out.
This approach also seems quite fair (depending on the exact constraints): if you're a hobbyist and rather spend time than money, you can get it for free.
However, I think he following are considerable problems:
(1) large companies might rather get the source than to pay large bills, because it checks out for them (perhaps good pricing strategies will prevent that?) (Will the model still hold in these cases?)
(2) With money comes the money-transfer-problem, accounting, laws, jurisdiction and locations-that-cannot-transfer-money (depending on the country the service is located). I wonder how this will impact things.
There's also a metrics problem. If your library is important but only used indirectly through other packages, you're potentially not getting the downloads depending on the form of packaging used.
The GOAT at it again
I write FOSS / Open Source code in my spare time because I enjoy it, and because I like sharing knowledge.
Though to do that I write proprietary code for work so that I can earn a living.
Sadly, just living of writing FOSS / Open Source code isn't a very viable thing unless you are a large contributor to a large project, which isn't a lot of people.
It's interesting that you didn't talk about the possibilities of co-ops. Suppose you pay your $15/mo (Spotify model) or $50/mo (Adobe model), but it's a co-op instead. There is always the question of how to start one up, but that's true of any business. Venture capital seems easy at the start, but there are other ways that don't have the same long-term downsides. Any business can fail, but historically, co-ops have a relatively good track record.
Technically in Norway, drinking beer while under age is not illegal, since we don't want to scare kids from asking for help if they give themselves alcohol poisoning, or just make some mistakes while drunk, but we still have a way of preventing them from getting alcohol. The solution is that through law we prevent you from being able to obtainin alcohol. If you buy it at the store, the person selling it to you is breaking the law. If you steal it, you're breaking the law. If someone buys it for you, they're breaking the law. If someone gives it to you, they're breaking the law.
Dylan always brings briliance, but the audio is buzzy and giving me an itch.
The way we are heading, coding won't really be a marketable skill and its only going to get harder to charge people for software.
Descent 1 was fully 3d, released one year before quake. Descent 2 added support for accelerated graphics cards and was released 3 months before Quake.
I love Quake, but please do not claim it was "first", not that it being first has _that_ much significance.
15:13 Linux wasn't originally licensed under GPL but its own license that restricted commercial usage
I just back-to-back watched Tenet like 9 times and can now no longer read 'Oslo' the same way.
Presenter is smart, but he forgot that companies are filled with such things as NuGet, so it would scale to large amounts of money anyway.
Xerox were assholes. I was both an employee then a customer. They denied us technical knowledge to make best use of our $500,000 9700 laser printer.
I'm not so sure about using Spotify as the role model. Spotify has historically been good at losing money, although that might just have changed. I fear that a similar model may just lead to en$hittification of OSS:
Steve Ballmer saying "Linux is a cancer" is a bit rich coming from the guy at the helm of a company that was starting to become quite cancerous on the desktop computing environment aroud that time
The golf in the Middle: have a look at Kicad.
i think you had more impact if you'd stated and explained what the point is.
Is there any precedent to state that a package manager could only accept public domain packages? It was Arto Bendiken's writings that basically blackpilled me into realising that copyright-free software was the only way forward
Anyone seriously interested in setting up an infrastructure as dylan beattie presented to enable devs to get a pay back?
algorithm. More shit like this please.
Dylan dropping the ligma on a conference, what a G
I like the joke version that free software is free as in "free toilet"
1:50
2:20
Insert Crocodile Dundee meme
dylan is my favourite furry
Why not just sum the downloads of the 100 most popular ones? You'll get close enough. No need to do curve fitting and integration, jeez.
2 years away from general AI is a terrible estimate. It's a lot further away, maybe 20 years away, if not more, but that is relying on that we actually discover a way to do it in the near future... which I doubt that we will even do.
(As with all other developers, I'm terrible at estimating, and my estimate is probably wrong, as I am not very knowledgeable in AI, but I know enough to know that we are far away from general AI. And in my opinion, we probably won't make general AI unless we find a different solution than throwing training data at the problem and hoping the AI will learn.)
I think it was some sarcasm, like "FSD next year" from Mister X since 2014.
It was a joke about how every year since 80s general AI has been 2 years away.
I like how people give estimates, even in the decades, about _Anything_ Intelligence,
all the while we do not even have a _definition_ for what intelligence is, let alone measure and characterise it as "general" or "artificial".
#StopKillingGames
I cannot believe nobody laughed at Blender & The Gimp. I mean, yes it's a Scandinavian audience, but still...
open source is controlled by big tech, they decide what is being developed by sponsoring what they need, i have seen open source devs being proud of their project getting money from a company and all think is that they are slaves
Sponsoring isn't a salary or contract. You are not obliged to do anything for donation - thus there's no control such a way.
In software sponsorships generally all you're expected to do is say they gave you money and you get money and get to brag that your project matters enough that it gets sponsors. Its generally quite the win. Modest sponsorship offers rarely come with any requirements of any kind Outside of divulging the sponsorship exists in some public way.
@@Diamonddrake no, companies sponsor what they need, that is why linux is mostly used by companies
@@kyriosity-at-github i am getting censored btw, why do you think i am getting censored in this topic?
I never understood what free as in beer or free as in speech meant. I still don't. I think these are just bad analogies, or maybe I am stupid. beer and speech have a ton of weird rules.
Well I guess those weird rules are what we are talking about.
As in, “free” is complicated. Different of kinds of free needs to obey different types of rules.
They aren't analogies, they're positions in example sentences.
The "free" in "free beer" means without paying
The "free" in "free speech" means without restriction.
Over time this explanation of the two meanings got shortened to "free as in beer" or "free as in speech"
"Free as in free beer" means you don't have to pay for it. It's free as in cost. "Free as in free speech" means you have access to the source code AND you can modify the source code if you wish to make a different/better program.
@@Onyx-it8gk you can modify beer for your own consumption, but you need a separate license to redistribute it, is that the correct understanding of the concept? Free as in speech is still confusing. people get angry at plagiarism, like stealing jokes or stealing comments. Free as in Air might make more sense. Idk maybe summarizing legal contracts into buzzword phrases is inaccurate and kinda confusing.
there's no such thing as 'free beer', there's always a catch.