Just saw the discussion around the Haier Home Assistant takedown and thought it would be good to materialize the metaphorical blacklist.

  • bionicjoey@lemmy.ca
    link
    fedilink
    arrow-up
    73
    ·
    10 months ago

    Should add Reddit. Started out as FOSS, closed down their GitHub, then killed their API which killed dozens of third party integrations impacting hundreds of thousands of users.

  • bluegandalf@lemmy.ml
    link
    fedilink
    arrow-up
    35
    ·
    10 months ago

    It might be a good idea to do the exact opposite I.e. make a OSS whitelist. It will be much easier to maintain given the scale of applications/services/products.

    • akrot@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      10 months ago

      Although I agree, it’s tough to make a whitelist than a blacklist, as the latter requires only 1 bad decision, the former is tough to assess (how many good decision to be on the list, ex Microsoft support lots of open source projects, should they be added?)

  • thesmokingman@programming.dev
    link
    fedilink
    arrow-up
    33
    arrow-down
    2
    ·
    10 months ago

    It’s probably a good idea to have a stronger definition and mission. Here are a few scenarios you should consider.

    • FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.
    • Mongo wrote the SSPL and MariaDB wrote the BSL. Both licenses are seen as regressions. I personally respect the MariaDB case and have been harassed by too many Mongo salespeople to say the same about them.
    • Platforms like AWS are the reason companies like CockroachDB and Elastic implemented restrictive licenses.
    • IBM has been gutting open source through its acquisition of Red Hat. This is a common story; Oracle has been screwing *nix longer.
    • Protecting trademarks causes a lot of consternation from users. The Rust Foundation is the most recent example of this I remember blowing up the FOSS community.

    I like your idea a lot. I think it needs some definition to be very successful!

    • qaz@lemmy.worldOP
      link
      fedilink
      arrow-up
      16
      ·
      edit-2
      10 months ago

      FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.

      I’m not planning on counting that as hostile behavior. Organizations can choose a license for their software (and I can choose not to buy/use it). This collection is mostly focused on companies that hurt existing Open Source software. Such as sending a cease and desist to an unofficial plugin/extension or closing down software that was originally open source.

      • taladar@sh.itjust.works
        link
        fedilink
        arrow-up
        5
        ·
        10 months ago

        Maybe your could also add organisations (companies, government agencies, NGOs,…) that create standards in such a way that the standard is hard or impossible to implement in open source implementations?

          • taladar@sh.itjust.works
            link
            fedilink
            arrow-up
            6
            ·
            10 months ago

            I was more thinking about things like governments that decide that every implementation of something must be certified to be used, e.g. with wireless technologies. Not so much implementation as specification or legal compliance barriers to open source basically.

            You raise a good point though, financial barriers such as per user pricing that are hard to implement for software distributed for free would be quite similar.

    • psud@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      10 months ago

      IBM is so good and so bad. Their machines are so open. Their software is not.

      • thesmokingman@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        10 months ago

        I personally use Apache 2.0 because it’s been upheld in court. I’m not sure if MPL has been directly challenged in court. Either way, I agree with the sentiment. The legal perspective is why I moved away from MIT/ISC.

        • jackpot@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          10 months ago

          you should considwr MPL, if someone found a security vulneravility theyd be legally obligated to tell yoy for example. also, it still allows commerical closed source software. try it!!

    • jaeme@lemmy.ml
      link
      fedilink
      arrow-up
      3
      arrow-down
      4
      ·
      10 months ago

      FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.

      Citations please? Using a pushover license instead of copyleft is not hostility but a missed opportunity. Copyleft is about a community safeguarding itself and making sure the software can’t be used in proprietary applications as much as possible.

        • jaeme@lemmy.ml
          link
          fedilink
          arrow-up
          3
          arrow-down
          5
          ·
          edit-2
          10 months ago

          We in the free software movement don’t think of the open source camp as an enemy; the enemy is proprietary (nonfree) software. But we want people to know we stand for freedom, so we do not accept being mislabeled as open source supporters. What we advocate is not “open source,” and what we oppose is not “closed source.” To make this clear, we avoid using those terms.

          Your own citation disproves the hostility claim. To answer your question, yes I was a student associate member of the FSF. Nowhere did I learn to treat non copyleft licenses as “hostile.” In fact, they are so prevalent that considering it hostile/harmful would be fruitless. They are still free licenses at the end of the day (at least the ones that dont violate the four freedoms)

          Edit: actually we are hostile to some open source licenses, like the ones that prohibit commercial use to any group or individual! That’s a huge no-no.

          • thesmokingman@programming.dev
            link
            fedilink
            arrow-up
            4
            arrow-down
            1
            ·
            10 months ago

            Your pull quote expresses hostility to not FSF idealism. I get that you drank the koolaid and believe you get to tell anyone who uses your product what they can do with it. That’s just telling a cook what they have to do with their ingredients just because they bought from you. It’s okay.

            • jaeme@lemmy.ml
              link
              fedilink
              arrow-up
              1
              arrow-down
              8
              ·
              10 months ago

              What??? It’s literally just a group distinguishing itself from another. Both Open Source and Free Software work together against a common enemy.

              It’s good to distinguish different groups that have different methodologies, motives and goals to avoid friction. This essay is actively trying to avoid hostility.

              you get to tell anyone who uses your product what they can do with it.

              Horseshoe theory but for copyleft and copyright. What a fucking joke. I thought you had good intentions but now I know you’re unwilling to see another perspective.

              • thesmokingman@programming.dev
                link
                fedilink
                arrow-up
                3
                arrow-down
                1
                ·
                10 months ago

                You don’t seem to understand the implications of GPL and you’re real interested in pushing an org that propped up a pedophile. Based on your comment history, you’re either a troll or you really are into some objectionable shit.

                I don’t have a problem with FSF or copyleft. I do have a problem with people that don’t understand either.

  • nilloc@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    27
    ·
    edit-2
    10 months ago

    Add Haier to the list. They’re threatening Homekit devs and issued a takedown on a GitHub hosted HVAC controller for their units. Citing it hurting their income (I assume they mean data mining income when you stop letting them monitor your appliances online).

    The dev is looking for a lawyer to consult, and wants to fight, so has probably not got any copyright infringing code in his repo.

    Oh and for boycotting purposes, they sell appliances under the brands: Haier, Casarte, Leader, GE Appliances, Fisher & Paykel, Aqua and Candy.

  • BlanK0@lemmy.ml
    link
    fedilink
    arrow-up
    20
    ·
    10 months ago

    I really like seeing codeberg being used more.

    Also I’m definitely keeping my eyes on this repo once in a while 👀🧐🍵

    • qaz@lemmy.worldOP
      link
      fedilink
      arrow-up
      30
      ·
      edit-2
      10 months ago

      I created it less than an hour ago. If you have any other suggestions please share (or send a pull request).

      EDIT: The list contains 3 companies now

  • OneThere@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    10 months ago

    Add Mazda to this list please.

    The developer of this plugin for HomeAssistant apparently didn’t have insurance and couldn’t risk the legal fight. This is the DMCA take down that Mazda issued for the reason that the code “provides functionality same as what is currently in Apple App Store and Google Play App Store”

    https://github.com/github/dmca/blob/master/2023/10/2023-10-10-mazda.md

    Additional Coverage: https://arstechnica.com/cars/2023/10/mazdas-dmca-takedown-kills-a-hobbyists-smart-car-api-tool/

  • DigitalDilemma@lemmy.ml
    link
    fedilink
    arrow-up
    13
    ·
    10 months ago

    We are writing to inform you that we have discovered two Home Assistant integration plug-ins developed by you ( https://github.com/Andre0512/hon and https://github.com/Andre0512/pyhOn ) that are in violation of our terms of service

    Did the guy explicitly agree to their Terms of service? If not, how can he be in breach of them?

    cease and desist all illegal activities

    What illegal activities exactly?

    Feels like unenforceable scare tactics, but IANAL.

  • amigan@lemmy.dynatron.me
    link
    fedilink
    English
    arrow-up
    12
    ·
    10 months ago

    Good to know I have never given money to anyone on the list. Just don’t buy products where the manufacturer is even in a position to pull these kinds of bait-and-switch manoevers, then you won’t have to worry about who they are.

  • Gooey0210@sh.itjust.works
    link
    fedilink
    arrow-up
    9
    arrow-down
    2
    ·
    edit-2
    10 months ago

    As i understand google and Microsoft don’t really fit here

    Probably the definition should look something like: companies that proactively did actions towards harming open source culture/community/movement. Don’t respect foss licensing, etc

    I nominate Gitea for this one, for hijacking the project, and making it for profit organization

    Also, Ultimate Guitar with their kido musescore, for basically trying to do the same thing that manga company is trying to do right now

    And my favorite… Facebook for their oculus privacy and for threatening to sue everyone who tries to jailbreak or modify their devices

    Simple tools is probably not considered open source anymore

    P.S. oh! Really also think about Proton, Brave, and Telegram

    Three companies that are famous for saying they are foss, but in really it’s often not exactly that

    Proton’s and telegram’s servers are not foss

    Telegram and brave had many instances of delaying publishing the source, even though they already updated the apps

    Also, not sure how about now, but telegram is famous for having not reproducible builds, brave probably too

    • bluegandalf@lemmy.ml
      link
      fedilink
      arrow-up
      11
      ·
      10 months ago

      Proton’s server code is not Open Source because it contains filter and anti spam detection which if released, would severely hamper their ability to detect spam and keep their users safe + detect abuse for their service.

      Proton has had extensive security audits done and their claims have been backed up by independent third parties.

      The definition should be further modified to include legitimate reasons for not open sourcing some code + having audits to back up claims.

      • Gooey0210@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        arrow-down
        4
        ·
        10 months ago

        Facebook has their reasons to keep stuff as closed as possible, and they don’t claim to be opensource

        But proton does, and it’s not about privacy or security, but about using banner of foss just for their own benefit, and don’t contribute what they claim to the foss community

        • bluegandalf@lemmy.ml
          link
          fedilink
          arrow-up
          18
          arrow-down
          1
          ·
          10 months ago

          They open source all of their clients (when not in beta). They maintain multiple open source cryptographic libraries, in multiple languages, which a lot of developers and companies go on to use. They have a yearly fundraiser for open source and digital rights groups, which they contribute a $100,000 to each year.

          Just because their server code is not open source, doesn’t mean they don’t support open source. It’s not an all or nothing situation. Binary thinking and classification is a very dangerous and naïve way to look at things.

  • jaeme@lemmy.ml
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    10 months ago

    Surprised that most hardware companies aren’t on the list. AMD, Intel, Nvidia, Apple, Broadcom all are hostile to reverse engineering or in Nvidias case, not even bothering to do the bare minimum for an ultra lenient Torvalds.