I for one am going through quite a culture shock. I always assumed the nature of FOSS software made it immune to be confined within the policies of nations; I guess if one day the government of USA starts to think that its a security concers for china to use and contribute to core opensource software created by its citizens or based in their boundaries, they might strongarm FOSS communities and projects to make their software exclude them in someway or worse declare GPL software a threat to national security.

  • walden@sub.wetshaving.social
    link
    fedilink
    arrow-up
    9
    arrow-down
    2
    ·
    2 months ago

    It’s basically the same as me not installing that Flappy Bird copy because the dev is Russian. I don’t trust it, even if the code is available to review.

    We also learned a lot about trust with that file zip software a year or so ago. I don’t remember the details of that, but open source doesn’t automatically mean secure.

    • Crashumbc@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 months ago

      One of the big weaknesses of open source is the same as democracy. Nobody has time to review every piece of code (or research and hold accountable every politician) which leads to risks.

  • CanadaPlus@lemmy.sdf.org
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    2 months ago

    What happened this time?

    Edit, answered elsewhere:

    Recently, Linux removed several people from their organization that have Russian email addresses. Linus made a statement that confirmed this was done intentionally. I believe that there was some mention of following sanctions on Russia due to the war. I haven’t looked into the details of it all, so take my analysis with a grain of salt. From what I understand, it sounded like it was only Russian maintainers that were removed and normal users submitting code from Russia can still contribute. Maintainers have elevated permissions and can control what code gets accepted into a project, meaning that a bad actor could allow some malicious code to sneak past. This may have also contributed to the decision since this type of attack has happened before and Russia seems like a likely culprit. The reactions to this change have been varied. Some people feel it is somewhat justified or reasonable, some people think that it means it is no longer open source, and some people think it is unfairly punishing Russian civilians (it is worth noting that that is part of the point of sanctions).

  • slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    2 months ago

    Nope. Politics is part of being open source.

    As for US strong arming you don’t have to be a US company for them to do that. RISK-V and ASML have been targeted by them in the past to prevent Chinese use.

  • Max-P@lemmy.max-p.me
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    Those kinds of problems aren’t particularly new (PGP comes to mind as an example back when you couldn’t export it out of the US), but it’s a reminder that a lot of open-source comes from the US and Europe and is subject to western nation’s will. The US is also apparently thinks China is “stealing” RISC-V.

    To me that goes against the spirit of open-source, where where you come from and who you are shouldn’t matter, because the code is by the people for the people and no money is exchanged. It’s already out there in the open, it’s not like it will stop the enemy from using the code. What’s also silly about this is if the those people were contributing anonymously under a fake or generic name, nothing would have happened.

    The Internet got ruined when Facebook normalized/enforced using your real identity online.

  • geneva_convenience@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    2 months ago

    Yes. There is an extremely arbitrary distinction made between the USA and Russia. Both are known for injecting spyware. China is somehow still okay? It makes no sense.

    Not to mention the elephant in the room by not banning another certain country actively committing war crimes.

    All software should be safety checked. Where the maintainer is from should be irrelevant.

    But the most weird aspect is the timing. Why now and not a few years ago?

    • troed@fedia.io
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      2 months ago

      There is an extremely arbitrary distinction made between the USA and Russia.

      Your world view seems to be highly influenced by propaganda. It’s very easy to draw a distinction between these two countries. Let me start with an easy one:

      Russia is a dictatorship, the US is a democracy.

          • Binette@lemmy.ml
            cake
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago
            1. You’re replying to someone from db0

            2. Lemmy.ml is not the only place that believes the US isn’t a democracy.

            3. The US is an oligarchy. It’s one of the things agreed by philosophers, including my teacher. The current controversy in the left surrounding the elections obviously proves this point.

      • FriendBesto@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        2 months ago

        Read about Operation Condor. Its actions, repercussions and number of deaths due to it, and continue to pretend the USA follows Democratic Values™. And this is just but one example.

        They are just better at PR than most. You are walking proof of it.

        • Alsephina@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          A KGB spy and a CIA agent meet up in a bar for a friendly drink

          “I have to admit, I’m always so impressed by Soviet propaganda. You really know how to get people worked up,” the CIA agent says.

          “Thank you,” the KGB says. “We do our best but truly, it’s nothing compared to American propaganda. Your people believe everything your state media tells them.”

          The CIA agent drops his drink in shock and disgust. “Thank you friend, but you must be confused… There’s no propaganda in America.”

      • فریدون حسینی@vegantheoryclub.org
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        2 months ago

        The commenter says as he repeats other propaganda.

        The US is not and has never been a democracy. The US is an oligarchy.

        Read The People’s History of the United States by Howard Zinn.

  • communism@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    Not really, open source projects don’t necessarily have to be open to all contributors and I was aware of this already. They have to be open to anyone doing what they want with the code, by definition, which is good, but they don’t have to allow everyone to contribute to upstream. I’m not sure if there’s any particular defence against this being used in a discriminatory manner, but I do think this effect is significantly mitigated by the decentralised nature of open source and the fact that it’s not too uncommon for forks to become preferred over the original, the fact that open source projects rise and fall in popularity, etc.

    I wonder if there’s some way to manage an open source project so that it’s not subject to particular national laws in this way.

  • Wutchilli@feddit.org
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    Not realy since Open source is most of the time still the best Option, and you cant realy controll Open source since there is always the option to fork Things. (For example If the US decided that China ist a NoNo the Open source Community in EU or India can do what they want since it is not under their jurisdiction)

  • Dekkia@this.doesnotcut.it
    link
    fedilink
    arrow-up
    1
    ·
    2 months ago

    From what I understand this wasn’t a decision dictated by sanctions nor was there any strongarming. Otherwise it would’ve happend way earlier.

    I also think splitting politics and literally anything else doesn’t work and is something people who benefit from the discussion (or lack therof) made up.

  • bloodfart@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    2 months ago

    Unfortunately no.

    I remember the selinux controversy and the nsa trying to slip bad algorithms in.

  • hazel@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    2 months ago

    I just wanted to say that I have the same questions, and it’s a relief to see it posted by someone with more courage. I’m too ignorant to contribute to the discussion though. I don’t know how a government or private entity could pressure a FOSS project in this way, unless that pressure was put on the project’s git platform. At which point the repo just moves elsewhere.

  • j4k3@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    I think the prestige of “maintainers” and contributions/control are what is being torn down. Anyone anywhere is still welcome to contribute, they are simply limited from direct control. They can still fork at any time, anyone can. Getting people to follow your fork is another thing entirely, and your open source code will still likely be incorporated directly or indirectly. The only thing that has changed is the misguided prestige that has grown around the project and is not a required or relevant part of the project as a whole.

  • Dr_Vindaloo@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    Yes. I always thought of sanctions as being finance-related, meaning you can’t transact with sanctioned groups. I figured it couldn’t apply to decision-making/membership in non-profit organizations (that it might somehow violate “free speech” or some shit). Finding out this is not the case is terrifying and one more reason to hate the US (not that we needed more). This might disincentivize some people to contribute to FOSS.