I’m @froztbyte more or less everywhere that matters
vscodium isn’t immune to the problem tbh - put it behind a gating proxy (mitmproxy or something is probably easiest) and watch just how chatty it still is (for plugin mechanism etc)
the entire design of how the vscode ecocystem is put together is in service of their telemetry aims, imo. they may argue it’s “for safety” or whatever, but it’s just control and surveillance. alternative options that don’t do this shit exist and operate just fine
the posting account for that comment looks like such a hollow shell… real from-outta-left-field shit
why’s that name familiar? calibre?
please enjoy the calibre dev repeatedly stepping on rakes that smack him in the face when multiple computer security professionals showed him 10+(!) severe vulnerabilities in a setuid root mount program nobody asked for that he implemented for frankly fucked personal reasons over the strong objections of his own community
I’d heard of these but never looked into it (hadn’t needed to), opened now and saw who the bug was reported by. imagine getting that report from that source and then your first answer is to start arguing
double up that multiple distros going back older than that report have had support for automatic user mount systems (and that calibre could’ve just used that)… goddamn
recently I ran into the term “outsider programming” and I really like it as a frame for the kind of inexpert contributors (driveby or otherwise) that you get in a project like calibre, people who just trying to make their own little thing work as best they can - you could look at e.g. the code for the dedrm plugin if you want some examples of this. but then you also get whatever the fuck goyal is doing here, which is … far the other way
(Posting this at 01:41 after a very, very full week and with flubrain: take considered potentially faulty on delivery)
I’ve often thought about this specific problem part, and i gotta admit I’m pre-conflicted. Due aforementioned note I haven’t read the license yet (I’ll do in the week and post a reply with thoughts) but from what I’ve observed to date:
And ito a policy having defensive teeth, those are two load bearing pillars that turn out to not even be moth eaten wooden beams but instead rice crispies held together in a sugar glaze
Consider: what if some popular projects had a “if you’re using this in something making >= $thresholdOrPortionCalc, you must support the project with $percentageOfRevenue” clause in licensing? Modulo the payment distribution admit (lol @ modern aml nightmare), would help a ton with the open source funding squeeze. But can you imagine the bleeting (and probably parasitic forking) if that started happening?
Put another way: without copyright and IP reform (into what shape I have only vague suggestions), how far do licenses get us?
(I’m sorry if this sounds extremely negative -afaict with current regulatory climates and where-IP-is-at, it’s the broadstrokes view. Icbw in detail (I expect I am at least in some detail). But I want to be wrong because god this all fucking sucks)