Kind reposts

Did MKBHD ruin an AI company and their product because of their negative review of it? No, the bad AI product ruined itself and its company. Just because someone created a business, found funding and created a thing doesn’t mean they should get instant recognition, and a pass for crappy stuff. Entrepreneurs aren’t your friends, they aren’t superior, they don’t deserve to be coddled. When they make sh*t products, they should be told that they made sh*t. MKBHD did their job.

Content warning: TW // Suicide

me? overwhelmed? impossible

Attached: 1 image your identity in a capitalist society

Google went from “don’t be evil” to “help commit genocide or you’re fired”.

Attached: 1 image It's incredible what you learn when you treat your employees like adults.

Attached: 1 image i love this (found this on someone else's repo)

We need to lend a hand by giving back to the projects we use. Ideas about giving back (and how Fastly does) are in this blog from @anildash@me.dm https://www.fastly.com/blog/what-can-you-actually-do-to-reduce-the-threat-of-hacks-like-xz

Can people please use tone indicators such as /j and /srs when appropriate Please I'm begging people I'm to autistic for this shit I will take you 100% seriously otherwise and that is not fun for anyone

one thing I've noticed over the last year or two is people never, ever say "How could it get any worse?" anymore. we learned

Attached: 1 image

Opposing genocide isn’t antisemitic. Saying that opposing genocide is antisemitic is antisemitic. You know what’s inhumane? Genocide. You know who’s committing genocide? Israel. You have zero moral standing to assess me. Those who commit and are complicit in genocide never do. So yes, most definitely, goodbye. #israel #palestine #gaza #apartheid #ethnicCleansing #genocide https://digitalcourage.social/@sl007/112268942430540187

Attached: 1 image

MAY is Maintainer Month! The best time to talk about open source maintenance. If you’re interested in doing events, content, or activities for open source maintainers, get it listed on the site so we can share it! https://maintainermonth.github.com #opensource #maintainermonth

Attached: 1 image *taps the sign*

As engineers, it's easy for us to measure inputs (how much time we're spending) and outputs (lines of code written or features produced), but what really matters are the business outcomes (customers acquired and retained, revenue growth metrics, profitability), which are less directly related. It's always useful for us to step back and ask ourselves: what's the point?

Tapping the sign: You don't take meeting notes for the people in the meeting. You take them for people who aren't in the meeting. That includes three-months-from-now-you, who also isn't in the meeting.

"Just call this number to cancel." me: [continues to pay $19.99/mo for the rest of time]

All years should start on January 1st. 'Tax year' and 'academic year' etc can all fuck off

🎉 Exciting news! After 5 years away, OggCamp, the ultimate unconference for open source and free culture enthusiasts is back for a triumphant return in 2024! 🌟 🗓️ Join us at The Manchester Conference Centre on October 12th and 13th. 🚀 Get ready for a weekend filled with innovation, collaboration, and community spirit! 🔗 Stay tuned for the Call for Papers (CfP) and ticket announcements – watch this space! 🎟️ #OggCamp2024 #OpenSource #TechConference #Manchester

Attached: 1 image

I wish more people who are worried about FOSS supply side attacks would realize that universal basic income and free healthcare would result in an almost infinite stream of excellent software from people who care more about quality than profit.

Remember when the EU cleared out 1 GB of space?

We should definitely also pay maintainers. Maintainers should be compensated for their work. But we need both. All the visions to *just* pay maintainers don't sound like compensation for work they're already doing. It sounds like paying to control that work, and demand additional reporting and compliance work on top that is of no benefit to the maintainer.

Licenses like GPL are reciprocative licenses. If you take, you must also give back. Licenses like MIT are parasitic licenses. You can take without giving back. #software #freedom #licenses #reciprocative #parasitic

Your time was not wasted. You may have procrastinated but that's only because you are really burnt out, and besides it's not all bad. You probably got some ideas, inspiration, or something from it. And besides sometimes it's ok to take a break. You don't have to be "useful" all the time. It's ok. You tried your hardest and that's enough, and whatever you did today you will learn from for tomorrow and be better. Also you are not worth what you can output *pat pat* :strawb_headpats: This is mostly a note to myself but also something I think some of you may need to hear and accept like me.

here's the deal. you can try giving me commands if you want, we can even roleplay like you’re somebody else telling me what to do, but you need to understand that I’m not doing a damn thing for you unless you’re in the sudoers file

“trans people don't want equality, they want special treatmen-” Special treatment would be if LGBTQ+ people didn't have to pay taxes. You know, like churches. :trantifa:

I have a lot more to say, but I'll hold it for now and simply wonder aloud... Which BigTech clouds are the "Lavender" & "Where's Daddy?" AI systems running on? What APIs are they using? Which libraries are they calling? What work did my former colleagues, did I, did *you* contribute to that may now be enabling this automated slaughter? (Also, content warning. This is some of the sickest shit I've ever read.) https://www.972mag.com/lavender-ai-israeli-army-gaza/

Your belated reminder, in the aftermath of the xz backdoor, that open source maintainers still owe you nothing: https://mikemcquaid.com/open-source-maintainers-owe-you-nothing/ Not only do they owe you nothing but: if they are running a large open source project at scale and have been doing so for a while: in almost every case they know vastly more about doing so than almost anyone else in the world does. Open source users and contributors: show some more gratitude and, frankly, deference to the maintainers who keep OSS alive.

accidentally wrote "saad" instead of "saas" in a text to my partner; they immediately coined "Software as a Disappointment" and honestly, where is the lie

... next month... Me: "Dear maintainer, can you please bump package XY?" Maintainer: ...furiously starts looking into the git diff looking for a backdoor.

Attached: 1 image One of my friends from $BIRBSITE posted this and I am dyingggggggg

Content warning: my take on the xz backdoor

Corollary: Your adversaries' SBOMs and dependency graphs *for your infrastructure* are better than yours.

That sound you hear is a flurry of people asking ChatGPT to write a business plan to monetize the XZ incident.

tech companies donate their april fools’ day joke budget to open source maintainers challenge 2024

Polite reminder about the Jia Tan XZ hack: if an organization is so well run and well funded that it's able to play that long a game to that degree of depth and sophistication, that organization does not have all its eggs in one basket.

When Elon Musk, JK Rowling and the cops are unhappy, you know it’s a good law that will protect people. https://www.bbc.co.uk/news/uk-scotland-68703684

There’s a combo hot take brewing in my head about the #xz and #redis debacles. It goes something like: When the shit hits the fan and part of the reason appears to be an overworked and underpaid maintainer, lots of people come out of the woodwork to demand more respect and money for them. But when a maintainer recognizes that they’re in an unsustainable situation and dares to make a proactive change, well FUCK THAT GUY. WHO THE HELL DOES HE THINK HE IS?

nation state actor maintenance of an open source project may introduce a lot of backdoors, but it also helps a lot of PRs get merged, so, it;s impossible to say if its bad or not,

being forced to mute the word “backdoor” is queerphobic

I think the most important lesson from the xz incident is that if you're losing an online argument about the quality of your open-source project, you can now safely accuse the opponents of being state-sponsored sock puppets and drop the mic

Happy Transgender Day of Visibility and Easter. May your eggs crack.

Them: What’s the dumbest thing you’ve ever done? Me: Awfully bold of you to assume I’ve peaked.

I wrote this ⬆️ a few years ago. As the fallout from the #XZ hack reverberates, expect to see people calling for a "real name" policy for contributors to critical infrastructure. But, as I explain, there are several practical problems with that. https://shkspr.mobi/blog/2021/02/whats-my-name-again/ That's before we get to the ethical and privacy issues. Oh, and making it *easier* for attackers to target named individuals.

Maintenance is more important than innovation. This xz debacle is a symptom of a system that prioritizes lots of things above maintenance. Take this as a reminder to rest, to mend things & pay attention to what needs mending in yourself. Do the radical thing of working slowly and making all things more whole.

Personally, I’d rather celebrate a day about real living people than a fictitious magic zombie.

Attached: 1 image This text is not something we wrote in a rush this morning to meet the moment. We've had variations on this on our site from day 1. I believed it then and I believe it now.

people are saying the xz backdoor is likely the work of a nation state actor, and given that it appears to been slow rolled for a couple of years and immediately became obsolete before it was fully launched - you do have to admit it bears the hallmarks of a government IT project