“Your code has an issue here’s a fix for that”.
Corporate: no.
As someone interviewing for Canonical’s Security team (they make you do like 10 interviews, I’m like 5 deep over 3 weeks), I cannot imagine anyone security-minded writing that comment. It either:
- Comes from higher up
- Michal doesn’t think security is important
Can you prove that your joining Canonical (picture proof), as you know, people can be anything in the internet while they’re in their parent’s basement.
If you are, what type of interview questions do they ask?
Are you this obnoxious to people you meet offline?
I mean sure, here you go. I’m in stage 3 of 4 right now:
Congrats, I hope you excel in your journey with canonical.
He has not joined yet. What is he supposed to prove?
Proof that he is being interviewed by canonical, which he did send, which I am grateful for.
Ain’t nothing wrong with asking for proof and you shouldn’t be mad as anyone can be behind a username with or without a pfp.
Vim or emacs?
Vim and nano
That’s too much effort. Just advertise the CVE fix and let a paying customer do the effort.
Free market at work!
Wasn’t Red Hat just complaining that Alma and Rocky didn’t add value because they weren’t submitting fixes upstream?
— “we don’t like people ripping off our work without any added value”
— “Here, let me push this to your staging environment, totally breaking your quality process”
— “No”
— “Well, what the hell do you want broo?”
I don’t think they have ever hidden the fact this is about money. I don’t like the fact this is about money, but the fact that others were cloning and selling their efforts for a cheaper price is awful.
removed by mod
-
they are not breaking any law. This is totally allowed. You can use FOSS to create a commercial product.
-
they are major contributors to the Linux space. And they’ll keep contributing.
-
It’s their effort, they created a business around it, and it cycles back to push Linux forward.
-
this isn’t even going to affect average users. This is going to take money from companies that probably have the money to pay. For other companies, there are other distributions available.
removed by mod
Well, the re-builders would be breaking the law now that the source code isn’t available for non-paying customers. They weren’t breaking the law before.
So, do you expect every company to release the source code of their products just because they used a FOSS web framework or a FOSS programming language like Python? Or by the same logic, for companies to release the source code of their products if their developers use Linux in their development machines? Or if they use Linux to deploy their applications in the cloud? That’s such an unreasonable position.
removed by mod
OK, so is Redhat breaking any license? Do you really think a company like Redhat would open itself to thousands of lawsuits like that. The CEO already explained that this is totally legal and covered by GPL. They are in fact distributing the source to the people receiving the product. This is exactly what GPL says. They are not forced to open the source code to people who aren’t getting the distributed software.
What is your complaint then? They are not breaking any law and they are following the GPL license.
I was using the webframework/language as examples because you said this wasn’t a matter of law but a matter of principle. So why does the principle apply to Redhat but not the million other products that totally depend on FOSS on their core?
So many projects do in fact distribute the FOSS, but they use more permissive licenses like MIT, Apache or LGPL. BUT you’re saying the law is not relevant, what matters is the principle. So why don’t everyone release their code if they depend on FOSS on their core products? Because they aren’t breaking the Apache or MIT licenses? Well, that’s great! Redhar isn’t breaking the GPL license either. Why must Redhat follow whatever subjective principles you have?
— “hey there’s this company creating a commercial product around FOSS. They aren’t breaking any license.”
— “Nice, as long as the licenses aren’t compromised”
— “It’s Redhat”
— “Those mofos! How dare they!”
-
Bro, do you even FOSS?
Its funny how podcasters and commenters seem to have taken Redhat’s spin about “contributing value to the community” seriously, while to the rest of us the whole thing was obviously only about money (same as all the follow-ups from other parties… I would say “including Alma” but that would probably deserve its separate debate).
removed by mod
There goes the narrative. Didn’t last very long, did it?
Alma should use this as advantage for them. Now market it as “Alma Linux is more secure than RHEL”.
Fuck it, let’s go Alma!
Alright, at first I was like okay red hat wants to make money to keep IBM happy. Now I just realize it’s not read hat anymore. Fuck that I’m moving to suse
removed by mod
Nobody has a problem with Red Hat keeping the lights on and people paid. IBM just wants to increase profit margins because capitalism is a flawed system about abusing whatever you can for personal gain.
removed by mod
Not bringing anything of value to the discussion but just want to say - fuck 'em.
Just the good old stock market gently asking for infinite growth. You can´t just be profitable these days, shareholders prefer to kill a profitable business that does not grow constantly.
Yeah, literally a cancer.
Red Hat literally became the first ever billionaire FOSS company (iirc), their pre-selling out business model was working perfectly fine.
2023: The Year of the Assholes
Truth! I wasn’t shocked that all the social media and entertainment companies all decided to treat the Covid years as if that growth was organic/normal (all retail stores started doing this much faster). As if people were just going to keep having the same amount of time to spend on them. Or in the case of sites like Reddit, they think that they are the creators of content instead of the location to get it. Companies like Red Hat are more jarring and seem like they would’ve been more realistic.
The next two paragraphs are just a rant about companies and the government not really caring for stability long-run. Feel free to ignore.
Of course people were going to start unsubbing now that they need to focus on actual things needed for just living. Covid has shown that all these greedy folks running (or holding shares) companies in all sectors refuse to just be focused on stability. They act like all the crazy large profits were all because of their “genius innovative ideas and leadership.” Of course that was going to happen to all the publicly traded companies, due to their literal legal obligation to always make numbers go up. But shit is beyond a bad way to handle the real material conditions of life. It also doesn’t help that the US did a worse job at doing things like monthly stimulus money compared to other places.
A capitalist economy requires that people keep buying both needed and wanted things in order to keep things moving around. But instead of putting money into the hands of people, which would then likely buy more things or even have finally something to save for when things normalized (which would be helpful for making the falloff less dramatic). We barely got two total $2000 payments. Fuck, even just making sure folks could have money to finally get out of various debits would mean people could more easily justify keeping things like Netflix.
I mean obviously for the community this is bad, but I 100% get that doing anything for free is best effort. They don’t even need to have this policy 100% of the time to make large orgs using FOSS with no SLA for vulnerability patching sweat. Which frankly they should.
For real, I’m gonna use this as a tactic to say “we shouldn’t rely on software without warranty and support, FOSS or proprietary.”. Just to get money flowing to devs, because for it’s for real reckless to contribute nothing to keeping pieces of your critical infra secure
It’s a bold strategy, Cotton. Let’s see if it pays off for them.
This makes me much more upset than Red Hat asking people to rebase on CentOS Stream.
This is ridiculous.
Redhat is going full IBM
“You code has an issue, here is a fix for that issue ready to be used.”
Corporate: no.
wow
deleted by creator