undefined | Better HN

0 pointsametrau1y ago0 comments

Probably a state actor. You can look far into the future when you’re working for the party.

0 comments

Which like, also wouldn't be totally weird if I found out that the xz or whatever library maintainer worked for the DoE as a researcher? I kind of expect governments to be funding this stuff.

CanaryLayout1y ago

From what I read on masto, the original maint had personal life breakdown, etc. Their interest in staying as primary maint is gone.

This is a very strong argument for FOSS to pick up the good habit of ditching/un-mainlining projects where they are sitting around for state actors to volunteer injecting commits to, and dep-stripping active projects from this cruft.

Who wants to maintain on a shitty compression format? Someone who is dephunting, it turns out.

Okay so your pirate-torrent person needs liblzma.so Offer it in the scary/oldware section of the package library that you need to hunt down the instructions to turn on. Let the users see that it's marked as obsolete, enterprises will see that it should go on the banlist.

Bulat_Ziganshin1y ago

Collin worked on XZ and its predecessor ~15 years. It seems that he did that for free, at least in recent times. Anyone will lose motivation to work for free over this period of time.

At the same time, XZ became a cornerstone of major Linxus distributions, being systemd dependency and loaded, in particular, as part of sshd. What could go wrong?

In hindsight, the commercial idea of Red Hat, utilizing the free work of thousands of developers working "just for fun", turned out to be not so brilliant.

1 more reply

soraminazuki1y ago

Um, what? This incident is turning into such a big deal because xz is deeply ingrained as a core dependency in the software ecosystem. It's not an obscure tool for "pirates."

DrewRWx1y ago

And that long term perspective could be used constructively instead!

j / k navigate · click thread line to collapse