iPhones end up being cheaper in the long run. They get software updates much longer than almost any Android phone, and at least here even small cities have local shops that repair them. It's also just a superior user experience.
I wish they kept on making the mini models though. I'm using a 13 mini, which has been really nice. Most modern smartphones are uncomfortable to carry in the front pocket of slim pants.
A lot of mobile sites break on the mini phones it’s a huge hassle. Would not recommend. I have one and that’s my biggest gripe with it. There are restaurants I can’t checkout at for example because the button is stuck just below the fold and I can’t scroll to click it due to shitty ui
I've found just setting the browser to always load sites at 75% zoom solves a lot of these issues. There is also the option 'Hide Toolbar' behind the 'aA' button on Safari which also helps as well
I'm still using an iPhone XS (2018) and have zero complaints aside from a lack of RAM. I plan to upgrade this year, so it will come out to $200/year. Seems like a good deal.
I'm actually with Red Hat on this one. There are many other great distributions that you can use, such as Debian. People are just angry that they can't get an exact copy of a paid product and 10 years of support for free.
If there are non-profits and hobbyists who have been using one of the free derivatives, and this change causes problems for them, I feel sorry for them. But actual for profit companies could very well pay or use something else. If you want a similar system for free, you can use Fedora or CentOS Stream. And RHEL even gives you 16 free installations for non-commercial use. If you can't pay for RHEL and that 16 installations isn't enough, you most likely don't actually need it. So many companies rely on free labor of others in the form of FOSS, and they seem to be angry about the idea that they would actually have to make a contribution.
RHEL also isn't just stealing software others wrote, they are a big contributor to many of the projects that RHEL is built upon.
Besides, FSF/GNU never said that you can't charge money for FOSS or that the source code must be published for anyone in some git repository.
https://www.gnu.org/philosophy/selling.html
I've been watching this "crisis" unfold since the original announcement from Red Hat and I think most people are. Not giving Red Hat carte blanche here but fundamentally they are one of the largest contributors to open source, they're not violating the GPL (yet), and they're unhappy with Oracle and VC funded rebuilders using Red Hat's brand value for a free ride. Anyone with a foot in the business world at least kind of understands their position.
What seems to have happened is "influencers," including many who have no skin in the game and shallow takes, have seen an opportunity in this topic to make a few bucks by churning out populist clickbait. It's a discussion about business and licensing which has been perverted into a culture war. As usual all the nuance is lost and the loudest personalities have ended up dominating. /barf
I'd view it more similarly to the whole Reddit fiasco.
There is a valid problem. The business has tried to solve that immediate problem without worrying about the knock on.
In this case blocking large funded competitors ripping off your work is valid. The way they've approached it has cut off a large number of valid use cases that have arguably driven adoption of RHEL in the first place.
In Reddits case for profit firms were hammering APIs and costing Reddit significant amounts. 3rd party apps also cut off ad revenue. A flat high fee cuts off those 3rd party apps entirely when your own product has significant deficiencies it upsets your most valuable users (contributors and mods).
In both cases there was potential for a more nuanced change that works for both sides.
I don't think Red Hat's been quite as thoughtless as Reddit, but you have a good point. Personally I have a vested interest in FOSS, I'm a big proponent of it and I operate a business around it, consulting/integrating/extending etc.
From my view, Red Hat is a company which is doing something similar and as long as they comply with the GPL (which in fairness may be a bit of an open question with Red Hat now, but we'll see), then I don't really care what else they do, they have a business to run, and in the grand scheme they're still one of the good guys compared to companies with proprietary business models.
There is a lot of outcry among the "FOSS community" which frequently seem to be people that I don't relate to (and some don't really contribute to any FOSS projects or run any FOSS businesses, they just make content). This reminds me of the time that Canonical added an Amazon lens to Unity. It was in poor taste, there was some subset of the FOSS community which went apeshit over it. It took me all of twenty seconds to uninstall that lens and move on with my life and I continue to wish Canonical all the best in terms of making money in a GPL-compliant way. Businesses sometimes do things that are in poor taste but as long as they continue to contribute they are still part of the team as far as I'm concerned.
One of the biggest problems with open source, is no one wants to pay for it. It is time to charge for great work and people need to stop expecting excellent software being delivered to their doorstep for free. The whole idea behind open source is knowledge sharing, not free work.
It's especially funny when some people complaining about this probably make 200k a year in silicon valley, then think that someone else should work for free to supply their company with software that they can use to make a profit.
> Besides, FSF/GNU never said that you can't charge money for FOSS or that the source code must be published for anyone in some git repository.
The issue is, IMO, that they are saying they are terminating access to those publishing those sources. I don’t know if that goes against the letter of the GPL (IANAL), but I’d say it certainly goes against the spirit, they are denying their users a freedom to publish those sources, in a way.
The source code requirements of licenses like GPL is fulfilled if a person who receives a component can request e.g. a tarball of the source used to build the version of the component they had received, in such a state that you can reproduce the component.
Only those whom the component was distributed to can make this demand (although GPL lets this individual distribute the source afterwards), and only for that specific source revision.
Well, you implied differently and said it was not in the spirit of GPL.
The spirit of GPL is just compliance. It predates all modern source code distribution and collaboration systems and processes - a floppy disk sent by snail mail in response to a letter is likely the original intent.
The spirit of GPL is the free software movement. Not raw compliance.
People who choose to attach GPL licenses to their code are certainly not lawyers and bureaucrats; they intend for a certain level of sharing to occur, else they'd have chosen BSD or MIT license.
With regular updates and a 10-year committed support lifecycle for each
major release, Rocky Linux is ideal for use in enterprise environments. It
is easy to migrate from CentOS and other RHEL-derived Linux distributions,
and it is secure and scalable.
Looking at this, what is the cost for CIQ here? What is the cost for Red Hat?
That's actually not true. The whole move is a business concern, that's evident from all the announcements.
Platforms on top of GPL-licensed can promise all they want but still live under the control of the community and that's part of the business many companies like Google, Meta, Obsidian are in.
Selling, and entering into an agreement, the support you don't own based exclusively on the work of another third-party that actually promises that, that's at the very least not right. CIQ/Rocky can't do anything on top of Rocky Linux because of their bug-for-bug compatibility and this decision and message benefits CIQ and not Rocky Linux users. That's also evident.
Rocky Linux could go on using CentOS Stream as an upstream with the help of Red Hat, but CIQ made the business decision to push for a RHEL clone, not the Rocky Linux user community.
You talk about morals, but if you can't see the morals here I don't think you really understand how this whole business works.
GPL is nothing but a legal tool, and it's entire purpose is encoded into its decades old verbose wall of text - unless you try to game the license with things like GPL shims, compliance with the text means compliance with the spirit: if the product recipient can get source code access, all is good.
FOSS is not GPL, GPL is not FOSS. Licenses are a very small part of what we consider the modern free software movement.
No, it does not say this. It says that if someone gets a piece of software, a binary for example, they must be given the source code it was built upon on request. It does not say that they have to receive all future source code updates even if they don't get future versions of the software.
Yes, that is my point. They terminate your subscription (stopping you from receiving "the binary"), for re-publishing the source code which you are allowed to re-publish, but they don’t want you to.
Terminating the subscription and preventing you from receiving the binary is Red Hat's prerogative. GPL does not say why Red Hat should not do so, and philosophically, it also does not contradict any software freedom.
Of course it is, legally. But they are threatening termination specifically to prevent people from exercising their freedom. How that can’t be seen as violating the spirit, I don’t know.
Sure, not legally. Just de-facto. Or to use some reductio ad absurdum, you can exercise all your freedoms, but you will be killed for it, is not very free, is it?
That comparison doesn't work in exactly the way that illustrates Red Hat's compliance with the GPL.
Yes, if the consequence of excercising freedom is death(or imprisonment) then you aren't actually free, because killing (or imprisonment) stops you from excercising freedom. Red Hat terminating your license does not stop you from excercising the freedom the GPL gives you.
Okay, I can see that argument. So let me rephrase: "You can exercise freedom 4, but only if you never use any updated version of this software again", would you say that leaves you just as free as normal GPL software does? A licence like that would not even be GPL compatible, but Red Hat is essentially prescribing just that in a roundabout way.
I don't see how that is equivalent to what Red Hat is doing. They never restrict your freedom 4 with their EULA. Only availability of future binaries. All already received binaries have their licenses intact and unrestricted, even if you break the EULA.
To clarify, you think a license saying "You can exercise freedom 4, but only if you never use any updated version of this software again" is just as free and GPL compatible?
> They never restrict your freedom 4 with their EULA. Only availability of future binaries. All already received binaries have their licenses intact and unrestricted, even if you break the EULA.
And
> You can exercise freedom 4, but only if you never use any updated version of this software again
To me those seem 100% equivalent in what they do, I’m asking you to explain the difference which is obvious to you, but not to me.
I never say already received binaries have their licence violated. I actually never ever said the licence is violated at all, that was in my premise before the IANAL part.
I'm not nitpicking, what I've said is the difference between GPL compliance and not. This next version of yours is different to Red Hat's EULA in the same way.
Well, if you take it so far as death, I can even argue that even death does not stop you from exercising your freedom. You just don't deserve to live if you dare to redistribute my software in a way I don't like.
The problem is defining what a "restriction" is. As an example, The Government of India pulled the same tactic as Red Hat in this case. Enrolling in India's biometric Aadhar program is "voluntary", but it is mandatory to do a lot of basic things - like filing taxes.
Red Hat is doing the same thing, threatening to cut off the relationship if you decide to exercise one of the GPL's freedoms. Counts as a restriction in my book.
Of course you are correct. The people you are discussing with and who pretend not to understand may be several of the numerous outsourced employees in the Czech Republic or Germany who are awake now.
GPL means I can’t distribute GPL software or its derivatives without its source. It doesn’t mean i have to distribute it to you for ever.
So if I don’t distribute the software to you, I don’t need to give you updates. Just like if I download some gpl code and change it locally, as long as I don’t distribute any part of it, i also don’t have to publish its sources.
Now the issue is not that, the issue is the spirit. GPL meantions “no further restrictions”, so is “exercising your GPL rights terminates your contract” a restriction? Technically you can still do what ever you want with that software , without any law suite etc, but I wouldn’t consider it free if there’s grave, even if non legal, consequences from doing so.
Edit : written before parent clarified his comment :)
How is it against freedom 4? You can distribute modified versions to the end of the world. You just don't get access to future modifications made by Red Hat. You are not entitled, neither legally nor morally, to Red Hat's future modifications.
> Sure, not legally. Just de-facto. Or to use some reductio ad absurdum, you can exercise all your freedoms, but you will be killed for it, is not very free, is it?
You can still learn it for free with the developer subscription or CentOS Stream. A company building it's entire infrastructure with the free derivatives isn't "learning" anymore.
Yes, it was controversial in 2017, but the dust settled and in six years since it was generally accepted to be legal. My point is that Red Hat is not trying something new. There are precedents and it is an explored territory.
> Specifically, it means that a user is free to run the program, study and change the program, and redistribute the program with or without changes.
if one user bought a copy, the license allows them (encourages them even) to redistribute it however they see fit, including say selling it for one cent less than the original, or simply giving it away for free. All the license requires is a single seminal user, and from that point onwards, “free as in free beer” is enabled by “free as in free speech.”
What a weird cosmology that leads to - you create a product, which everyone wants, and you carefully evaluate what the maximum price you can receive for it is - which is paid to you, by the luckiest person alive, who in turn distributes it to absolutely everyone for free, for the good of all.
Yes, someone can buy RHEL, request the source, and then share it away. And they can do nothing about it.
However, it doesn't mean that Red Hat is required to keep doing business with them, or that they are automatically entitled to receive all future updates.
As I said, GNU never said that the source code must be downloadable by anyone, anytime, anywhere in the world, from some public repository. It would be a completely valid business to sell binaries and then only provide the source code on request. This of course does not fit some people's idea of what free software is about.
There are of course a lot of ways that people can use to obtain RHEL source code even from now on, but I think that some people underestimate how much friction this can cause for the downstream derivatives.
> GNU never said that the source code must be downloadable by anyone, anytime, anywhere in the world, from some public repository. It would be a completely valid business to sell binaries and then only provide the source code on request.
The GPL says "Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code" (emphasis mine). So if one of your paying customers were to post your binary and the written offer somewhere public, then you would have to make the source code available to anyone in the world.
> So if one of your paying customers were to post your binary and the written offer somewhere public, then you would have to make the source code available to anyone in the world.
That's misreading the GPL. The person who posted the binary has to provide the source code; in your example, that's the "paying customers", not RedHat. RedHat is only required to provide the source code to persons they distribute the binary to.
> The person who posted the binary has to provide the source code; in your example, that's the "paying customers", not RedHat. RedHat is only required to provide the source code to persons they distribute the binary to.
Nope, look at this option in the GPL:
> Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)
3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)
----
RedHat is only required to pick (a), (b), _or_ (c). AFAICT, they picked (a) by putting SRPMS in their repos alongside their RPMS.
> RedHat is only required to pick (a), (b), _or_ (c). AFAICT, they picked (a) by putting SRPMS in their repos alongside their RPMS.
Well they can't pick (c) because they don't meet either of the two requirements it has. And I know they picked (a) in real life, but I was responding to thedriver's hypothetical:
> It would be a completely valid business to sell binaries and then only provide the source code on request.
> Yes, someone can buy RHEL, request the source, and then share it away. And they can do nothing about it.
> However, it doesn't mean that Red Hat is required to keep doing business with them, or that they are automatically entitled to receive all future updates.
That sounds a lot like they can do something about it. It also sounds like RedHat would be violating the GNU Public License by restricting what people can do with it, i.e. share it.
> As I said, GNU never said that the source code must be downloadable by anyone, anytime, anywhere in the world, from some public repository.
There are people who think the earth is flat, but we don't take them seriously in conversations about geography, nor should we use them as examples when discussing various opinions on geography.
The legal issue as I've read it is that RedHat is trying to restrict their customers from redistributing the source code themselves; their removal of the public repos is an annoyance but not the legal issue.
Some of the comments here seem absolutely ridiculous. What is the probability that a perfect flute just happened by accident and survived until this day?
For whatever reason, a lot of people have this fixation that humans were somehow significantly less intelligent all the way until the modern industrial era. Based on what I've read, human brain hasn't significantly changed in tens of thousands of years. People in the stone age didn't have significantly lower cognitive abilities.
This idea is mind-blowing. Imagine humans surviving in nature without any of the technology we have today. There must have been a wealth of 'oral tradition' regarding plants, places, animals, and social norms. People must have been highly physically active, which naturally boosted their cognitive abilities. Social interaction must have been intense and tightly connected to survival.
When I think about all this I feel thrilled and comforted. Sometimes, I wish my life didn't revolve solely around abstract tasks and concepts.
> Sometimes, I wish my life didn't revolve solely around abstract tasks and concepts.
Unless you're socially insulated, your life doesn't really revolve solely around abstract tasks and concepts. You spend time with other humans, where you have a lot of non-abstract tasks and concepts. You go buy groceries, which is a physical activity, and so on. Maybe we're blind to it, but our worlds are still very much physical and non-abstract on a daily basis.
To me this signifies the very core of society itself. Someone made this flute, meaning, they had the time to imagine and experiment. Meaning, they played a different role than hunters or foragers of food.
This was probably a gift to someone (concept of love / family) or some higher ups (strata / class in society)
And, the reason only a very small sample was found was because someone had the idea, tools and time to probably fashion one out of wood, as it may be more easily workable.
Nextcloud is fantastic. I'm personally running it on a Debian 11 server. I like the web-ui more than for example onedrive or gdrive, and it's not even that hard to setup.
Do you run it at your home or on some VPS? If the latter, and if you don't mind my asking, where do you find affordable storage for your VPS?
The biggest hurdle for me to use Nextcloud is that attaching a large storage to a VPS seems to be quite a bit more expensive than using Google drive, etc. My current VPS is on DigitalOcean, which asks for $100/month for 1TB storage. (To be fair to DO, the storage is SSD, but in this use case, the benefit of SSD is not particularly important)
Google drive and icloud both offer $9.99 for 2TB, and Onedrive offers 6TB for that price I think. That's $0.005/GB and $0.0017/GB respectively. As a comparison, S3 is $0.023/GB.
Time4VPS also has a storage VPS, which is about on par with Contabo's pricing, but has discounts for first month. Right now they have a deal where you can get a 1 TB VPS for 26 Euros/year (a bit over 2 Euros/month), though renewals are regular price: https://www.time4vps.com/storage-vps/?affid=5294#annually (affiliate link, I use them for regular VPSes)
In comparison, a 1 TB HDD costs around 40 Euros where I'm from, way cheaper than most other options in the longer term, even with a backup drive or two added into the equation. Uptime remains a challenge then, though, as might data correctness long term and time spent validating whether backups actually work as expected (and keep doing so).
Although, as I understand it they don't actually financially support nextcloud. If you want hosted nextcloud that sends money back to development https://thegood.cloud/ or similar would do it.
> Although, as I understand it they don't actually financially support nextcloud. If you want hosted nextcloud that sends money back to development https://thegood.cloud/ or similar would do it.
This is plain stupid. If you want money to arrive at a developer, just send some yourself.
I have a VPS for web hosting, but not enough storage for my Nextcloud needs. As mentioned by others, Hetzners Storage Box [1] has great value. I hooked up the latter to the former using Nextclouds External Storage and it works flawlessly. You could even think about running Nextcloud locally on a RaspPi and using this method to hook up cloud storage.
Most of my files are private but not sensitive, so I basically just trust them for those. A few sensitive files, which don't fit on the encrypted VPS, are encrypted classically using Veracrypt. I hope Nextcloud will support encrypting externally in the future, but for my use case it's not a big deal.
Yes, it gets synched just like any other file inside my Nextcloud. However, if you have to often change the data inside, it might not be a suitable solution, since the file has to be uploaded as a whole. If it's a big container, it might be cumbersome to upload a few gig each time you make a small change.
I run it on a rented dedicated server. Yes, it's pretty expensive, but I also use it for other stuff and this is a hobby for me.
>My current VPS is on DigitalOcean, which asks for $100/month for 1TB storage
Some VPS providers let you attach HDD based storage to a VPS, that's a bit cheaper. For example Upcloud (https://upcloud.com/pricing) prices HDD storage at 0.056€/month. Which is not exactly cheap, but not terribly expensive either.
It seems to be hard to beat big cloud services like google drive in storage pricing. I haven't tried this myself, but Nextcloud can use external storage like Amazon S3 (see the link below). But even then it's hard to beat 2TB for $9.99
Wow that’s expensive. If you are willing to get away from those highly dynamic providers and commit for a month or a year (which seems reasonable for that sort of thing) I currently rent a VPS at strato [1] with 1.5TB SSD/8 cores&16GB Ram guaranteed for 15€/month inkl an ipv4 and a TLD
Have a look on lowendtalk.com there are regular offers for cheap storage servers (I'm currently running a 2 Tb 6G 2CPU VPS that I got for $80 a year). Also if you just want to attach storage to an existing VPS you could get a storage box from hetzner. Other alternatives exist, e.g. Ionos.de had (has?) a nextcloud offer with 2TB for 10 euros a month.
I just set mine up two days ago, VPS for NextCloud and storage is a RPi with a SATA SSD in my closet at home with Wireguard connecting the two. The NextCloud data folder pointed to NFS on storage. Its not the fastest solution, but it does work and gives my RPi a purpose.
S3 the is quite expensive the cheapest compatible alternative I'm aware of is idrive E2 which is $40 per year for 1Tb, they currently have an offer for $4 for the first year. That said I bought one of those offers and the connection from Europe was quite slow, however for that price it's an easy try.
Depending on your perf requirements, you could use one of those S3 mounts and put stuff in Wasabi or Backblaze.
Also, a minute on DDG brought me to AlphaVPS[0]. No idea if they’re any good, but the point is there are cheap storage providers out there. It’s a matter of spending the time to find and vet them.
I'm not the OP but for me it's connectivity (my home connection can be flaky at times) and maintaining a server with all the updates. I'd rather do it on shared hosting.
I can see that but if I were going to put significant money towards a subscription service, I'd rather try to fix my home connection with that money (granted that this may not be feasible in some circumstances, but it is for the vast majority of people)
Nothing wrong with a home server. In fact, I've already gotten a home server running, and I save my backups there. It's just that I don't quite trust my crappy apartment internet connection enough to make it as the only cloud drive. I might suddenly need a file when I'm out, while my computer is offline.
How do you deal with encryption? Did you encrypted the storage volume, using the Server Side encryption of nextcloud or any other way?
Was just thinking about that and I'm thinking what's the best way to enjoy both security and usability.
same. I've been running NextCloud for years on multiple installations (even on a small RaspberryPi under k8s at home) and it works perfectly.
Recently I read up about OwnCloud's OCIS and I really want to try it out, it sounds like it could scale much better than the PHP behemoth that is NextCloud (where all you can do if you have performance issues is throw more CPU and memory at the VM)
I'm not a PHP developer but I know that PHP is really fast, especially after v7. If only PHP developers stopped trying to write your typical corporate Java code with the tool, we'd have much faster websites.
Yeah. Owning and driving a car is becoming really expensive. It's understandable that people will avoid it if they are able to.
Also, I'm pretty sure that many "anti car" teens still know someone, like their parents or a friend, that owns a car and can help them out occasionally.
>With hardware remote attestation there will no longer be any point in even owning an android phone anyway. Android is obviously inferior to iOS in every way but the whole point was you could have control over the machine and do whatever you wanted. Now apps will be able to verify that you "tampered" with the phone and will refuse to run, and since it's hardware cryptography it cannot be faked without massive effort. Might as well get an iPhone which at least isn't a shitty Google product.
Wait a minute, will something like this really come to Android phones? I guess that installing a custom rom will become impossible at the same time?
If this happens, then there truly isn't going to be much point in using an Android phone over an iPhone
Google SafetyNet can be used to attest that the device has not been modified or "tampered" with. Basically Google cryptographically proves it owns your phone and has control over what you do with it. You can fake the software attestation right now with stuff like Magisk but once it moves to hardware attestation it's over. You'll be able to install custom systems but what's the point if they can't run the apps you want or need?
Why wouldn't an app require this? Banks want it because "fraud", streaming services want it because "piracy"... You can come up with pretty much any reason for any "rightsholders" to want control over our computers. If WhatsApp starts requiring this, it's either accept Google control or my phone turns into a paperweight.
It won't become impossible to install a custom rom, it will simply become impossible to use many if not most popular apps.
Android already provides a mechanism for apps to refuse to run on modified devices, it's called SafetyNet and is widely used for example by banking apps. Currently, it's usually possible to trick it, but with hardware attestation it will become practically impossible.
The simple solution --- install the bank's web site as an app.
Go to the site, click the browser menu button (3 dots on Android or up arrow on iOS) and select "Add to Home Screen". You now have a link icon on your phone that looks and acts just like any other app.
Some banks (Chase for example) offer a "Progress Web App" which removes the browser interface elements so the causal observer can't even tell it's not a native app.
I am able to use Chase's app on my LineageOS + Magisk rooted device. The annoying part is that they seem to disable fingerprint login, so now I have to copy/paste the password every time.
Wait a minute, will something like this really come to Android phones?
Google has been doing this for quite some time to prevent unlocked devices from accessing the Play Store. The solution is to avoid Google Play --- along with all other Googly things.
This is a security feature and the play store doesn't require it AFAIK. Apps can choose to use it as a signal on whether a client is secure. Unlocked devices are insecure because an attacker can flash a malicious image and steal all of your sensitive data such as an authentication token for your bank account.
If your solution is to just be less secure go ahead, but don't complain when services don't want to serve you or treat you different since you are less secure than the other users.
> don't complain when services don't want to serve you or treat you different since you are less secure than the other users
Hell no. They should not be allowed to discriminate against me just because I chose to own my system. They should not even be able to figure out what software I'm running, to say nothing of "treating me different".
"Don't want to serve us" unless we let them invade and own our machines? Please. This should be illegal.
>They should not be allowed to discriminate against me just because I chose to own my system.
App developers don't care if you own your system. They just want a way to prove that the device their app is running on is secure and that the client has not been modified. If there was a way for you to prove that to them they wouldn't mind.
>They should not even be able to figure out what software I'm running, to say nothing of "treating me different".
They just want to know that the client has not been tampered with so that they know you are not going to shall user's tokens, scrape people's information, or mondo automated actions as a bot. A signal that you are using the vanilla client makes you much more trust worthy to a service.
>"Don't want to serve us" unless we let them invade and own our machines?
Apps aren't invading your machine. They just want some guarantees about the environment they are operating in. The information that they get from you is the package's name, certificate, version, whether it's from the play store, whether your device passes integrity checks, and whether the app is properly licensed.
> App developers don't care if you own your system.
> They just want a way to prove that the device their app is running on is secure and that the client has not been modified.
Contradictory. If I own the system, I can obviously modify it and everything running on it. Including your app. Therefore what they want is proof that I don't own the system.
> They just want to know that the client has not been tampered with
"Tampered with" -- there's that language again. Owning my computer is not "tampering", it is freedom.
> They just want some guarantees about the environment they are operating in.
Who cares what they want? It's my machine, I decide what they get. If they get anything at all. If I want them to believe they are running on a clean environment, that's what they should believe.
> The information that they get from you is the package's name, certificate, version, whether it's from the play store, whether your device passes integrity checks, and whether the app is properly licensed.
"Integrity" checks? Rooting my phone does not violate its "integrity". If anything it restores it.
Certificates? Store? Licensing checks? Look at all this crap that must be installed on "my" system just to give you your "guarantees". My phone's gotta come out of the factory pwned at the hardware level for your "guarantees" to be worth anything. It has to come with a full root of trust from the firmware to the bootloader to the operating system to each individual app just to prevent my "tampering". But you're seriously claiming apps aren't invading our machines.
I disagree. You can have control in modifying your system, but the software just needs a way to prove that the security features it assumes are true. There could be a way for it to analyze the changes you made and decide whether or not it should trust your system.
>"Tampered with" -- there's that language again. Owning my computer is not "tampering", it is freedom.
It's someone else's software. You may own your computer, but you don't own the YouTube client. Google owns the YouTube client. Tampering with Google's client is tampering.
>"Integrity" checks? Rooting my phone does not violate its "integrity". If anything it restores it.
No, it does not. One part of Android's security model is that app's have storage that only they can access. Take for example a 2FA app which stores it's private key in this location. This makes it so that you must physically have your phone in order to get a 2FA code. This is the "something you have" part of 2FA. Rooting your phone violates the integrity of the system because now someone can just become root and steal the private key. Now they can generate 2FA codes without physically having the device with them. It then becomes another "something you know."
>My phone's gotta come out of the factory pwned at the hardware level for your "guarantees" to be worth anything.
These are security features. Your phone is less secure without them. It's not pwned.
>An app "wanting" anything is invasion enough.
Everyone wants something. Every business transaction includes both parties wanting something from the other.
That was my first thought, but I found the article way more interesting than the title suggests.
Lest anyone else be put off - the doodles are just one example of something not (or barely) visible without the new imaging techniques described. It's about finding new artefacts in an existing collection, not 'oh wow so weird an ancient human doodled something'.
I will always remember one reported on my high school Latin textbook: "Apollinaris medicus Titi imperatoris hic cacavit bene": "Apollinar, physician of the emperor Titus, here pooped well"
If you visit Hadrian's Wall in the north of England you can see Roman graffiti there.
I find it curious that archaeologists or historians (?) seem to take a lot of things like this so seriously and assume everything has some sort of symbolic meaning, rather than just some teenager scribbling on a page or painting his hand on the wall of a cave just 'because'.
Almost literally everything is called 'ritual' or done for 'religious reasons'.
If you have a gnome garden ornament on your shelf, no-one would seriously think you worship it, just that it looks nice. But this entire profession will call it a 'mysterious religious figure' etc.
Same with tattoos, ask any girl why they have a tramp stamp they'll say it looks 'cute' or something, these guys will call it 'symbolic'.
I recommend Motel of the Mysteries by David Macaulay, which explores this concept by having a future archaeologist investigate a motel from the 20th century and arrive at extremely bizarre conclusions.
An owner of a tattoo may not care or know it's symbolic, but someone observing it may project that aspect onto it. I think it depends on the context of the analysis..
>I find it curious that archaeologists or historians (?) seem to take a lot of things like this so seriously and assume everything has some sort of symbolic meaning, rather than just some teenager scribbling on a page or painting his hand on the wall of a cave just 'because'.
Yes, it's definitely funny how they completely fail or refuse to consider this possibility. Humans weren't any different in 10 000 BC. Evolution doesn't work that fast.
Could it be possible to create an open-source license that allows hobbyists and researchers to use the software for free, but would require commercial users to pay? Or does something like this already exist?
Of course, enforcing that might be pretty difficult in practice.
You might be able to accomplish more or less the same goal by dual licensing under AGPL and paid proprietary if you require a contributor agreement. QT (a GUI library for C++) is dual licensed LGPL and proprietary because some corporate users are uncomfortable using LGPL software (LGPL allows software to be dynamically linked but not statically linked to proprietary code).
The reason why I suggest AGPL is because it closes the "running it on a web server isn't distribution" loophole in GPL and that makes AGPL code persona non grata at Google and most SAAS companies. This license scares many companies either because they want to modify GPLed code without sharing changes or because they're afraid of having to open source other code that the AGPLed code is integrated with. This would effectively be virtually the same as a non-commercial/proprietary dual license but you'd be able to rely on the Software Freedom Conservancy's lawyers to enforce your copyrights for you and you'd have the support of the existing FOSS community.
The key however is that you have to do the contributor agreement and secure copyright or an unrestricted license to all code before merging it into your project. Otherwise offering the proprietary license option would be copyright infringement on your part if any contributor objects because you'd only have rights to their contributions under AGPL. (It's also a good idea in general to make sure any employed contributor's employer isn't going to attempt to claim copyright to their FOSS contributions before accepting the pull request.)
I think it's a good question, and would mirror the spirit of some of the Creative Commons licenses [1] but I don't think the core problem is the license as such. The problem is that writing good open-source software and running a successful business are entirely different and somewhat contradictory skill sets.
Were I a billionaire, I'd just set up a program of grants to individual developers with proven track records of making things useful to the world. Something like the MacArthur Fellows program [2] (also known as "genius grants"). There's a lot of library code that we feel should just be free, and for whom pricing and charging for it would be such a giant pain in the ass that it's uneconomical.
Sometimes that work gets big enough that it can support the overhead of a non-profit that can go out and hustle grants and donations. E.g., numpy. [3] But it's not easy for a project to get to that level and then to attract the new set of right people to make it happen. I still think there's a huge gap between what we are funding and what's societally optimal to fund.
Certainly. Despite what some people might tell you, the only real requirement behind something being Open Source is that its Source code be Open for viewing. Nothing more, nothing less.
There are plenty of "free for personal use; restrictions apply for commercial use" type products and licenses out there. To use a specific software example, almost all mods for Kerbal Space Program are open source with a "free for personal use, commercial use prohibited; redistribution prohibited" license.
Also note how there are plenty of free-as-in-beer, closed source software out there. Commercial, open source software is simply a mirror opposite of them.
Free-as-in-beer vs. Commercial, and Open vs. Closed source, are separate concepts that can co-exist in any combination.
This is incorrect, by no means does the Open Source Definition require that source code be open for viewing by the public, only by recipients of the software.
I never specified public viewing, nor does any code require the blessings of "Open Source Initiative" or their "Open Source Definition" to be open source code.
Open source code is simply source code that is open. Nothing more and nothing less.
>The tech industry is desperate to somehow frame a period of time where it took advantage of low interest rates to recklessly overhire and overinvest as something that created entitled workers.
But in a way, didn't it do exactly that? Lots of tech workers have the audacity to complain about having to show up to the office, like it's some form of oppression. Or act like getting laid off is something really cruel, while getting months worth of severance.
After 2 years of WFH, the RTO complaints are absolutely valid. Everyone saw that it was not necessary for most people to be at the office to continue doing their work, but now they are being forced to go back because...
1. HR needs to justify real estate costs or HR will be cut back
2. HR wants to fire some people who refuse to go back because if they're not in the office then HR will be cut back
3. HR doesn't like the people that WFH because they are bucking the pay bands and if HR doesn't enforce the arbitrary salary bands then there won't be budget for hiring and HR will be cut back
I wish they kept on making the mini models though. I'm using a 13 mini, which has been really nice. Most modern smartphones are uncomfortable to carry in the front pocket of slim pants.