The name is important because of the parallels between slavery and modern day prisons.

At minimum, the movement is about completely rethinking our approach to dealing with crime. If we “only” reduce the prison population to 5% or 1% of its current count in the process, we won’t have abolished all prisons, but we will have succeeded in abolishing many parts of the current criminal justice system.

1. I was showing that my understanding of the word “asset” was based in fact. The 4th definition wasn’t relevant to that.
2. I literally talked about the 4th definition in the next paragraph.

If anyone’s operating in bad faith, it’s you. Are you drunk? You’re being an intentionally obtuse pedant and a liar (by your own definition). Try replying once you’ve sobered up, clown. Once you reread and realize how much of a dick you were, I’m sure you’ll apologize - unless I’m right about you being too much of a coward to admit when you’re wrong about something.

You could try reading the rest of my comment first.

Before I reply to your comment, I’d like to share this link. It didn’t change any of my existing understanding because Linus’s comment already made it clear that this was out of their hands, but maybe it’ll help clarify something for you.

I realize now that this comment on that post was made before this one (“What’s free about delisting maintainers based on their country of residence?”) by the same person. It’s disingenuous for someone to act like this is about “country of residence” when they already engaged with a post clarifying that it’s because of sanctions against specific companies.

that you unironically think asset means property

I unironically think that because it does mean that:

1. assets plural

a. the property of a deceased person subject by law to the payment of his or her debts and legacies

b. the entire property of a person, association, corporation, or estate applicable or subject to the payment of debts

2. ADVANTAGE, RESOURCE

a. an item of value owned

b. assets plural the items on a balance sheet showing the book value of property owned

When I do a search for “state asset,” the results I get are all related to property, resources, etc., things that belong to and can be exploited by the state - for example https://www.epa.gov/dwcapacity/state-asset-management-initiatives-documents

Searching for “asset” specifically I see a tertiary definition reading “A spy working in his or her own country and controlled by the enemy” as well as the wikipedia definition, but that still means “spy,” not “paid lobbyist.”

just that incredibly obtuse

I’d apologize for not being well versed enough in counter-intelligence lingo to properly interpret the comment, but even with a proper interpretation, the comment I replied to was still incoherent, so I’m not really sure what you expect here.

It feels weird to say that it was incredibly obtuse of me to not spend more time trying to figure out what someone meant when they were, as far as I can tell just mad that Linus and other Linux maintainers didn’t ignore what their attorneys advised, regardless of what impact that might have had on them personally, and spouting a bunch of nonsense as a result.

Maybe I’m wrong, though. If so, would you care to explain how this was a violation of the GPL and/or how all of the 4 freedoms I listed were violated?

Feel free to argue it in court

Sadly, there are plenty of instances of drivers who killed pedestrians doing just that and succeeding. Heck, in two cases the pedestrian was on the sidewalk or inside a building.

• https://dailyprogress.com/news/local/charlottesville-driver-found-not-guilty-of-ivy-road-pedestrian-death/article_f6620862-b94d-11ed-8e8e-2bdbe8368a37.html
• https://www.cbc.ca/news/canada/new-brunswick/bus-driver-found-not-guilty-in-pedestrian-death-1.1362139
• https://www.kolotv.com/content/news/Reno-police-investigating-pedestrian-injury-accident-on-Plumb-Lane--427602243.html
• https://www.capecodtimes.com/story/news/2019/01/04/driver-found-not-guilty-in/6376784007/
• https://www.indaily.com.au/news/2022/08/18/lamborghini-driver-found-not-guilty-over-pedestrian-death
• https://globalnews.ca/video/3873815/driver-found-not-guilty-of-killing-pedestrian-on-leslieville-sidewalk

I think it happens even more when it comes to cyclists being killed by drivers

Are you thinking of something like Stack Overflow’s reputation system? See https://stackoverflow.com/help/whats-reputation for a basic overview. See https://stackoverflow.com/help/privileges for some examples of privileges unlocked by hitting a particular reputation level.

That system is better optimized for reputation than the threaded discussions that we participate in here, but it has its own problems. However, we could at minimum learn from the things that it does right:

• You need site (or community) staff, who are not constrained by reputation limits, to police the system
• Upvoting is disabled until you have at least a little reputation
• Downvoting is disabled until you have a decent amount of reputation and costs you reputation
• Upvotes grant more reputation than downvotes take away
• Voting fraud is a bannable offense and there are methods in place to detect it
• The system is designed to discourage reuse of content
• Not all activities can be upvoted or downvoted. For example, commenting on SO requires a minimum amount of reputation, but unless they’re reported as spam, offensive, fraudulent, etc. (which also requires a minimum reputation), they don’t impact your reputation, even if upvoted.

If you wanted to have upvoted and downvoted discourse, you could also allow people to comment on a given piece of discourse without their comment itself being part of the discourse. For example, someone might just want to say “I’m lost, can someone explain this to me?” “Nice hat,” “Where did you get that?” or something entirely off topic that they thought about in response to a topic.

You could also limit the total amount of reputation a person can bestow upon another person, and maybe increase that limit as their reputation increases. Alternatively or additionally, you could enable high rep users to grant more reputation with their upvotes (either every time or occasionally) or to transfer a portion of their rep to a user who made a comment they really liked. It makes sense that Joe Schmo endorsing me doesn’t mean much, but King Joe’s endorsement is a much bigger deal.

Reputation also makes sense to be topic specific. I could be an expert on software development but be completely misinformed about hedgehogs, but think that I’m an expert. If I have a high reputation from software development discussions, it would be misleading when I start telling someone about hedgehogs diets.

Yet another thing to consider, especially if you’re federating, is server-specific reputations with overlapping topics. Assuming you allow users to say “Don’t show this / any of my content to <other server> at all,” (e.g., if you know something is against the rules over there or is likely to be downvoted, but in your community it’s generally upvoted) there isn’t much reason to not allow a discussion to appear in two or more servers. Then users could accrue reputation on that topic from users of both servers. The staff, and later, high reputation users of one server could handle moderation of topics differently than the moderators of another, by design. This could solve disagreements about moderation style, voting etiquette, etc., by giving users alternatives to choose from.

Right? It’s weird how so many people upset about the situation in this thread are incapable of explaining why it’s a problem without lying.

Like, I get that it sucks to be removed as a maintainer because of something outside your control. But being, or continuing to be, a maintainer of a project isn’t a right that’s integral to that project being free.

I’d honestly even consider it a good idea for Russia to get the FSF to fight this considering it’s a blatant violation of the GPL.

How is telling someone that you won’t accept their contributions anymore a violation of the GPL?

Literally none of those freedoms were impacted. Everyone is still free to use the program as they wish, fork it, make changes, etc… Linux doesn’t have a new license that says “anyone but Russians” can use it.

he then followed up by gloating about Russian maintainers

How did he gloat? He explained the change. If your complaint is that he was abrasive, I feel like you’re not familiar with Linus.

Ok, lots of Russian trolls out and about.

It's entirely clear why the change was done, it's not getting
reverted, and using multiple random anonymous accounts to try to
"grass root" it by Russian troll factories isn't going to change
anything.

And FYI for the actual innocent bystanders who aren't troll farm
accounts - the "various compliance requirements" are not just a US
thing.

If you haven't heard of Russian sanctions yet, you should try to read
the news some day.  And by "news", I don't mean Russian
state-sponsored spam.

As to sending me a revert patch - please use whatever mush you call
brains. I'm Finnish. Did you think I'd be *supporting* Russian
aggression? Apparently it's not just lack of real news, it's lack of
history knowledge too.

Sounds a lot more like he’s frustrated than delighted to me.

Calling your former volunteer contributors bots

He didn’t call the contributors bots.

He called the people submitting reverts and complaining about those maintainers, who weren’t contributors themselves, “troll farm accounts.”

and state assets because of their home country

When did he call anyone a state asset? To be clear, being a troll or a paid actor doesn’t make you someone’s property.

He also explained that this was a legal matter:

> Again -- are you under any sort of NDA not to even refer to a list of
> these countries?

No, but I'm not a lawyer, so I'm not going to go into the details that
I - and other maintainers - were told by lawyers.

I'm also not going to start discussing legal issues with random
internet people who I seriously suspect are paid actors and/or have
been riled up by them.

First, you’re acting like the decision was made by Linus or another member of the team and that they weren’t following the law.

Second, even if that weren’t the case, it’s still completely free. Unless you can name one of the following freedoms that was impacted by those actions:

• Freedom 0: The freedom to use the program for any purpose.
• Freedom 1: The freedom to study how the program works, and change it to make it do what you wish.
• Freedom 2: The freedom to redistribute and make copies so you can help your neighbor.
• Freedom 3: The freedom to improve the program, and release your improvements (and modified versions in general) to the public, so that the whole community benefits.

What “not at all free dogmas” are you referencing, and why is “free” in scare quotes?

“But tante, then we will never have Open Source AI”. Exactly. That’s how reality works. If you can’t fulfil the criteria of a category you are not in that category. The fix is not to change the criteria. That’s playing pigeon chess.

This is a bad take. If your criteria aren’t grounded in reality, they aren’t useful, so of course you should change the criteria.

It’s also a missed opportunity to point to an AI model that did things right and that would qualify as “open source AI” even if that definition were not watered down. For example, OLMo (which I just learned about) says that they provide full insight into the training data as well as “full model weights, training code, training logs, training metrics in the form of Weights & Biases logs, and inference code.” Their most complex models are 7B models, which is enough to be relevant.

Saying “Meta and Alphabet will never release Open Source AI that meets the proposed definition” is fine. Saying “we’ll never have Open Source AI, period, that meets the proposed definition” means your proposed definition needs rewritten.

Do you only experience the 5-10 second buffering issue on mobile? If not, then you might be able to fix the issue by tuning your NextCloud instance - upping the memory limit, disabling debug mode and dropping log level back to warn if you ever changed it, enabling memory caching, etc…

Check out https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html and https://docs.nextcloud.com/server/latest/admin_manual/installation/php_configuration.html#ini-values for docs on the above.

Your Passkeys have to be stored in something, but you don’t have to store them all in the same thing.

If you store them with Microsoft’s Windows Hello, Apple Keychain, or Google Password Manager, all of which are closed source, then you have to trust MS/Apple/Google. However, Keychain is end to end encrypted (according to Apple) and Windows Hello is currently not synced to the cloud, so if you trust those claims, you don’t need to trust that they won’t misuse your data. I don’t know if Google’s offering is end to end encrypted, but I wouldn’t trust it either way.

You can also store Passkeys in a password manager. Bitwarden is open source (though they did recently introduce a proprietary, source available SDK), as is KeepassXC. 1Password isn’t open source but can store Passkeys as well.

And finally, you can store Passkeys in a compatible security key, like the YubiKey 5 series keys, which can each store 100 Passkeys. This makes them basically immune to being stolen. Note that if your primary interest in Passkeys is in the phishing resistance (basically nearly perfect immunity to MitM attacks) then you can get that same benefit by using WebAuthn as a second factor. However, my experience has been that Passkey support is broader.

Revoking keys involves logging into the particular service and revoking them, just like changing your password. There isn’t a centralized way to do it as far as I’m aware. Each Passkey is only used for a single service, after all. However, in the same way that some password managers will offer to automatically change your passwords, they might develop a similar for passkeys.

Do any of the iOS or Android apps support passkeys? I looked into this a couple days ago and didn’t find any that did. (KeePassXC does.)

You have your link formatted backwards. It should be Vaultwarden, with the link in the parentheses.

Up until a year ago, the README explicitly said they didn’t claim to be an open source project: https://github.com/jgraph/drawio/commit/8906f90ac0cc50a0c6da77c28cf9b2b2339277b1#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L10

For starters, it was never “open source”…

From your link:

Instead, as Winamp CEO Alexandre Saboundjian said, “Winamp will remain the owner of the software and will decide on the innovations made in the official version.” The sort-of open-source version is going by the name FreeLLama.

While Winamp hasn’t said yet what license it will use for this forthcoming version, it cannot be open source with that level of corporate control.

If I upload the source code for my project on Github/Forgejo/Gitlab/Gitea and license it under and open source license, allowing you to fork it and do whatever you want (so long as you follow the terms of my copyleft license), and I diligently ensure that code is uploaded to my repository before being deployed, but I ignore all issues, feature requests, PRs, etc., is my project open source?

Yes.

Likewise, if Winamp had been licensed under an open source license, it would have been open source, regardless of how much control they kept over the official distribution.

Winamp wasn’t open source because its license, the WCL, wasn’t open source.

a talking collar isn’t likely to help … if the cat is even willing to wear the thing at all.

“Realistically,” Quagliozzi says, “that collar would just be saying ‘get this fucking collar off me’ all the time.”

Do you memorize all of your passwords? If so, I take that to mean that you don’t use a password manager. Password managers - really, any app with 2FA - have this problem, too. But if you use a password manager and store your 2FA methods in it, then you only need to be able to regain access to your password manager.

If you use a cross-platform password manager with Passkey support, like Bitwarden, you can use it on any of your devices. In the event that you lose all of your devices, if you don’t have an Emergency Contact set up, you will need your password and one of the following to gain access to your account:

• Access to your 2FA method
• Access to your Recovery Code
• If you’re in an enterprise using Duo 2FA, access to a Duo bypass code (contact your Duo admin to request this)

If you use security keys for 2FA, then you should have at least two - one that you keep with you and a backup that you keep in a safe place, like at home in a lockbox.

If you use a TOTP app to log in, or if you use security keys and want another backup, then making sure you’ll have access to the Recovery Code should be your priority. You can write it down and keep it in a few different places - at home, in your car, in your locker at work, etc… You can share it with someone you trust in person or over an encrypted channel (like Signal). You can store it on a flash drive, encrypted by a second password (which can be much easier than your primary password) or even unencrypted, if you generally keep the drive somewhere safe, disconnected from your computer. As long as you remember your password and can access your recovery code, you’ll also be able to regain access to your account, including all of your passkeys.

Emergency Access requires someone else to have access to their Bitwarden account, but assuming you don’t both lose access, it’s a pretty solid solution. When they request access, Bitwarden will send you an email allowing you to accept or reject their request. If you accept or don’t respond within the allotted “Wait Time” (which you configure: 1 day minimum, 90 days maximum) then they’ll be granted access. You also get a choice (when setting this up) to let them takeover the account (resetting your master password) or to just get read-only access.

Maybe you don’t like Bitwarden and want to use some other app, like 1Password, Dashlane, Roboforms, etc… Whatever your choice, familiarize yourself with how to restore access to your account in an emergency. Then you only need to worry about that and not about how to get access to your passkeys that are on your Windows laptop or only synced to your Apple devices.