Comment on EnteAuth (and a bunch of other FOSS) take Microsoft's "free" money
just_another_person@lemmy.world 3 days ago
You may as well just stop using computers all together, bud 🤣
I don’t mean to ruin your world view, but there are no ways to run anything you want to run by focusing on “altruistic companies”, however you may subjectively define that.
Look, you’re focusing on the wrong thing here. Maybe you didn’t know this, but the massive majority of FOSS projects get funded by companies - either for consulting, feature bounties, IC development - and is a main driving force for the ecosystem.
Many in this ecosystem would even tell you that every single project is massively UNDERfunded by said companies, and they should kick in more to help keep these projects secure and in good standing. They make billions and billions of dollars off people’s work, and it surely seems they should kick some of that back to the projects.
Whatever Microsoft’s involvement is here, it’s not going to be changing the direction of any of the projects mentioned. If for some reason something untoward starts happening with any project: boom, fork and new community. It’s that simple.
In short, these people getting funding for their work is a good thing. If you take issue with who is providing that money, you’re going to be digging a deep, deep hole in your research, and if you’re running down the dep chain, you’ll find out that all of the things you use have some funding by companies like Microsoft, Apple, Google, Facebook, IBM, Red Hat, Amazon, Alibaba, Halliburton, Qualcomm…I could keep going on and on.
WhyJiffie@sh.itjust.works 3 days ago
I think you misunderstood OP. their complaint is not that these projects should search an altruistic donor… but that Microsoft is suspicious in doing this, because arguably they rarely have good intentions.
let’s hope so
easier said than done.
I think OP (and me too) is worried about the terms. like, can these projects abandon github without repercussions? can they start using another code forge in parallel?
just_another_person@lemmy.world 3 days ago
Uhhh, repercussions like what? They’re getting small amounts of money for specific work. Up front. What repurcussions could there be for project moving to Gitlab, for instance?
WhyJiffie@sh.itjust.works 3 days ago
sudden closure of donated azure services without prior notification and time to move off.
having to pay back some of the money.
the project planning with the promised donations as a given (they don’t get all of it upfront, but as they get the most of it it’s actually fair) and microsoft either using it as leverage or just carelessly terminating the contract to save money.
in extreme case banning the project from microsoft owned services, including github.
any of that in decreasing order of probability if implementation is different from expected (like not baking in specific security tools to the project) and the parties cannot agree on a solution.
WhyJiffie@sh.itjust.works 3 days ago
sudden closure of donated azure services without prior notification and time to move off.
having to pay back some of the money.
the project planning with the promised donations as a given (they don’t get all of it upfront, but as they get the most of it it’s actually fair) and microsoft either using it as leverage or just carelessly terminating the contract to save money.
in extreme case banning the project from microsoft owned services, including github.
any of that in decreasing order of probability if implementation is different from expected (like not baking in specific security tools to the project) and the parties cannot agree on a solution.
just_another_person@lemmy.world 3 days ago
They’re payments for work services.
You listen to Joe Rogan, don’t you…
abrasiveteapot@sh.itjust.works 3 days ago
…wikipedia.org/…/Embrace,_extend,_and_extinguish
OP has a reasonable concern, Microsoft has had a troubling past history, and embrace extend extinguish hasn’t gone away, just look at the office file standards shenanigans.
It’s certainly the case that the purchase of github is intended to create a platform that has network effects (making it hard to leave).
Microsoft has proven many times that their participation in FOSS tends to come with a catch or an intent to subvert.
kennedy@lemmy.dbzer0.com 3 days ago
yes exactly, my problem is not the money. These giant tech firms have use free projects all the time without any support at all. My problem is that I do not trust Microsoft at all.
orclev@lemmy.world 3 days ago
In terms of the open source community Microsoft has been significantly less sketchy than usual for about a decade now. For those of us that are old enough to remember the halloween files it’s hard to let go of that paranoia, particularly with the sketchy shit MS has been doing with their proprietary stuff lately, but near as I can tell they’ve been above board on their open source stuff.
I wouldn’t go so far as to say blindly trust them at this point, but I wouldn’t just assume with no evidence at all that there has to be something nefarious going on either.
kennedy@lemmy.dbzer0.com 3 days ago
I’ve never heard of the Halloween files I just looked it up and that’s just so crazy. I don’t know what’s going on behind closed doors in their c-suite but I wouldn’t be surprised if this fund is a way to get their hands into open source projects. Like you said there’s no explicit proof so it’s best to be be cautious.