Open Source Advocacy Embarrassment
By rusty in Culture
Tue Jan 18, 2000 at 02:34:26 PM EST
Tags: etc (all tags)
As mentioned here before, there's been a lot of discontent lately over the two major so-called "Open Source Advocacy" web sites, and their total failure to operate in anything like an open fashion, themselves. Both Slashdot and Freshmeat run sites using custom software (perl, and php3, respectively) which can only, truthfully, be called closed-source and proprietary. Yet these are the very sites that go absolutely gaga when any other company refuses to embrace open source methodologies.
These days, you can't read comments on slashdot without seeing one or two (or more) demanding the release of up-to-date code. The most recent official slash code release was over a year ago. This site is running on that code, and I think it's obvious that it lags far behind the current state of slashdot. Freshmeat, as well, has never released any of their code, and claims to have no plans to do so.
The situation is, frankly, an embarrassing one for everyone in the open source community. What else can we call it when our biggest advocates flat-out refuse to practice what they preach? James Turinsky has written a summary/rant which nicely sums up the current situation, for the slash-help mailing list. I've taken the liberty of posting it below, for anyone who is not aware of the real situation. Read on for the truth.
Update [2000-2-14 4:49:24 by rusty]: Yes, the code is out. And best of luck to the slashcode gang. Also, to the posters below who said "write your own": I did. :-)
Below is James's email, in it's entirety.
To: Dave Aiello
Cc: Slash Help
Date: Tuesday, January 18, 2000 12:12 PM
Subject: Re: [Slash-help] seclev problem still there
>On Mon, 17 Jan 2000, Dave Aiello wrote:
>> Matthew Sachs wrote:
>> > btw, has anyone looked at the 0.3-3.8 CVS tree? I do intend on releasing
>> > an 0.3-3.8 (hrm, maybe I'll just call it 0.3-8 or somesuch tho ;P)
>> Why not just 0.38? I think it's fairly clear that the next major release
>> from the guys in Michigan is 0.4 anyway.
>I thought it was fairly clear that the next release from /. is not worth
>wasting list space discussing, imminent as it always is (allegedly)
Dammit don't mention The Alleged Code Release (That Shall Not Be Named).
Don't you know that every time you imply a release, The Pos^HWers That Want
To^W^W Be delay the release by a day?
>By the way, the appropriate version number for the Y2K (etc) release is
>0.3.4 - James' first two releases were 0.3.1 and 0.3.2,
pre-0.3-jt and -jt2. Or something to that effect. :) Like AC's patches.
>mine was 0.3.3
>and then for some reason it started going 0.3.3-1, 0.3.3-2, etc...
Slash 2000 anyone? :P I'm sure if we get enough Malaysian crack monkeys
together to code it, we might have it for Feb 17 :P
>This next release is at least as far ahead of my release as mine was of
>James', so it should be bumped a minor version number, not a patch level,
>and certainly not a complete change of the numbering scheme :)
Aren't we talking about things related to Sl*shd*t? Then there is only as
much continuity as one can find in an Infinitely Improbably universe.
We might as well scrap the works and start from scratch, reverse-engineer
Sl*shd*t, and complain loudly to whoever is reasonably independent (and not
had an IPO) when Ben^H^H^HAnd*ver's lawyers try a DeCSS-style lawsuit on us.
Frankly, I've had it with this [expletive] of "We LOVE Open Source" yet the
things you *want* aren't available. Ben^H^H^HAnd*ver's track record is BAD.
Right now you can find almost anything you want in the line of Open Source
(as in whatever the definition of Open Source is) at Fr*shm**t. Now, if what
you actually *want* is the code behind Fr*shm**t, well...
"Q: Are the freshmeat PHP scripts available?
A: No, and there are no intentions to change this to date.
scoop - May 31st 1999, 21:29 EST"
-- source: http://freshmeat.net/faq.php3
YET THESE SITES ARE THE FIRST BLOODY [EXPLETIVE] SITES TO HAVE A MAJOR
DIGITAL CORONARY INFARCTION OVER ANYTHING THAT VAGUELY THREATENS ANYTHING
THAT LOOKS LIKE OPEN SOURCE!!!
"Possible loophole in GPL"
In order for the next part of my rant to make sense...
THESE SITES ARE THE ONES SCREAMING ABOUT "SECURITY THROUGH OBSCURITY" AND
M*CR*S*FT'S (among others) PRACTICES!!!
Now. If I may continue... thank you.
What is the [expletive] deal here that they CANNOT release THEIR CODE in
some fashion as to be
o timely (no promising "any day now" and delivering a year later)
o aware of and correcting security and major bugs
o somewhat receptive to user input
o fitting some definition of "Open Source"
To restate that, release the code under some form of "Open Source" license,
fix the bugs that *NEED* to be fixed, and take some input from users (or AT
LEAST point them to some user-run list/site/IRC channel/whatever).
It's not the [expletive] Linux kernel or XFree or GNOME or KDE or whatever!
Now, if there is some *SPECIAL* reason that they *CANNOT*/*WILL NOT* release
the code, it's up to them to give an appropriate REASON. Excuses along the
lines of "security through obscurity" are not going to be accepted, because
they and/or their users don't accept that from other sources. Similarly, if
they can't maintain the code, it's up to them to give REASONS why, and
optionally put those people who are using it in touch with some sort of
group who is still working with/on it.
Just to keep the zealots from leaping on this and demanding that everyone
must hand over their hard work, I'm specifically talking about those
particular sites who sit in public view and whine about the way others
conduct business. I'm also talking about those sites which have made a
major change in others (see "weblog" I think). Joe Blow with modified M*tt
Wr*ght scripts or someone with a database and PHP and/or mod_perl to
manipulate it for records doesn't have to release their code. That stuff is
TRIVIAL. Given enough time with the appropriate info sources, the
appropriate functionality can be easily duplicated, and originally often was
borrowed from other sources.
Now, Sl*shd*t has mutated (for lack of a better word) into something with
$num forms of moderation, $num date formats, $num ways to read the comments,
$num methods of pretty much everything. Achieving that functionality is
non-trivial. Fr*shm**t has also gone in that direction. The people
apparently want to get something approximating the latest code from these
sites, and rightly so, given the apparent pro-Open Source attitude they
have. This isn't too far off from Linus's saying "here's my free Unix
thingy, I doubt anyone will want anything much with it". Of course, if
Linus hadn't said that, well, I doubt the appropriate people and companies
would be around now.
These folks, whether they like it or not, are staking their reputations as
Open Source advocates on the line by not practicing what they preach or
appear to be preaching. Maybe it's time to call them on it. Maybe it's
time we heard from someone in the executive levels of Ben^H^H^HAnd*ver and
other big Open Source advocate-types instead of the same broken-record from
the lower levels.
Yes I have W*nd*ws on my machine and I use it as my primary OS for doing
normal stuff. I also have SomeSites.com, which is a Linux machine that
costs me $280/mo. to co-locate. If you have nothing better to do than flame
me over what OSes I use and where/how I use them, perhaps you might be
better off spending that time reading something instead.
I have here the appropriate books on PHP and Perl. Given enough time, I can
probably bash out the appropriate code to do
what I want to do, but it's easier for me to learn from already-working code
and examples. I also am not planning on writing code to totally run/control
a major website. If I did write such code, I'd probably open it up after a
while to get it improved. There's a point where the code is written and in
use but not ready for others to look at, and that I understand.
I also hope that someone has the fortitude of the $body_part to take and
submit this to someplace that's going to publish it, because this is
probably as close as I'm going to get to writing a paper on the subject. I
congratulate anyone with the fortitude to post links to this and who can
write a response or rebuttal in a somewhat coherent fashion.
Slash-help maillist - Slashemail@example.com