andrewducker (![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
andrewducker) wrote2021-12-12 12:00 pm
andrewducker) wrote2021-12-12 12:00 pm
Interesting Links for 12-12-2021
- This Digital Bank Is Designed for the LGBTQ+ Community
- (tags:LGBT banking finance usa )
- Covid pill being rolled out among vulnerable Britons could fuel dangerous mutations
- (tags:Pandemic medicine Doom mutation )
- The Prisoner Of War who escaped a Nazi camp in full naval uniform
- (tags:wwii impressive viaDanielDWilliam )
- The internet (and many large companies) are dependent on software maintained by people in their spare time, for free. This may not be sustainable
- (tags:software opensource security )
- Britney Spears: Muppet murderer!
- (tags:BritneySpears Muppets )
- Here's a collection of good news from 2021
- (tags:GoodNews )
- "It's hard to overestimate the impact Moominland Midwinter had on me" (looking forward to reading these to Sophia)
- (tags:books children )
- A pictorial history of Santa Claus
- (tags:Christmas pictures history )
- McDonald's McRib NFT Project Links to Racial Slur Recorded on Blockchain
- (tags:funny McDonalds blockchain race food )
no subject
I still recall having to work out how to bank when I was in transition and my bank manager (male as it happened) came up with a genius idea: 'Why don't you have a joint account with yourself and when you're ready, tell us and we'll just knock the old name off'. So simple, but I bet you wouldn't be allowed to do it now!
(no subject)
(no subject)
(no subject)
(no subject)
no subject
The internet (and many large companies) are dependent on software maintained by people in their spare time, for free. This may not be sustainable
I think I have as good a claim as anyone to be one of those people, so here are my thoughts.
I don't feel exploited, or undervalued, when my free software is used by companies without paying me. It's not some kind of accident that I made it possible for them to do that. It was on purpose, in the hope that they would.
Partly, that's because PuTTY in particular is a security project, and security is a special case. Security across the whole Internet is interconnected: the more sites are insecure, the more of them will be taken over by malicious people and { added to botnets to run DDoS attacks | used to participate in large-scale computational attacks like brute forcing passwords | have trust paths exploited to attack accounts on other machines | miscellaneous }, and the more of those attacks will reach as far as sites I personally care about.
So I benefit, selfishly, from helping to secure as many other machines on the Internet as I can manage – whether those machines' owners pay me in money or not¹. And part of that is making all the necessary security tools available free of charge, because the more money they cost, the more companies will take a cost-benefit decision not to bother with them, neglecting the externalised cost of those knock-on effects of their insecurity on everyone else.
Secondly, regardless of the project in question, it's just part of who I am. When I write code for my employer, I do believe in the usefulness of what I'm doing², but I also know that what I'm primarily working towards is my employer's bottom line, and that enabling people to get useful things done is a means to that end, and not in all cases the most efficient means, or the one management will settle on. Giving useful software³ away for free is what sends me to sleep at night believing that I really have enabled people to get useful stuff done, and that there wasn't some tradeoff in which the end user turned out not to be the beneficiary after all. If I don't do it for too long (which has happened, in years where I was exceptionally tired by other commitments), I start to develop a sense of long-term dissatisfaction, which I cure by going back to writing free software.
It is true, of course, that companies who depend on my software can behave in demanding and annoying ways. Often I feel as if some particular correspondent of mine has simply forgotten that I'm not a paid software vendor who has a multi-million-dollar contract with their employer, and hasn't quite figured out that as a consequence I have no incentive to drop everything and solve their particular problem.
(In fact, I'm pretty sure this is literally true in many cases – the most obvious examples being the mass mailings along the lines of "We are harmonising our relationships with all our vendors and require you to sign the following revised contract". I'm sure what happens there is that they have some giant spreadsheet⁴ of Software We Use; Employee A downloads PuTTY and conscientiously sticks my contact details in the spreadsheet; later, Employee B does a mailmerge from the whole thing, without stopping to think that not everyone it mentions is a paid vendor prepared to bend over backwards to keep their lucrative contract.)
But I've always been able to deal with this by pointedly reminding the most demanding people that I'm not at their beck and call. Most of those companies who mistake me for a contracted vendor are prepared to recognise their mistake once I point it out, and the more self-aware ones even apologise. I've not even found it necessary to be especially rude: a plain statement of the facts of life normally does the job. If one of them is rude to me, then the quintessentially British approach of a faint frown and a tone of mild reproof (or its email analogue) generally gets good results – probably a lot better than mouthing off like a sweary 13-year-old in return.
And if someone keeps pestering in spite of every clue you try to impart, well, there's always the 'just stop replying' option.
When it comes to companies depending on my stuff, I take the same no-nonsense attitude, because in every free software licence agreement (even the maximally permissive MIT, my usual choice) is that all-important "NO WARRANTY" clause, and it's there for exactly this reason, and I'm happy to push back if people try to ignore that. If your company is going to come crashing down if some particular bug in my stuff is not fixed – then you can fix it! I even provided all the source code to make it easy for you! With your whole company at stake you can afford to spend a programmer or two's time on that. And if you don't have any programmers on staff, you must at least have money, so try hiring one. You don't get to tell me that it's simultaneously too vital for you to survive without the fix and too footling for you to spend any of your own resources on. Pick one.
(That said, of course, I do take security holes very seriously. It's hard to think of a security bug you could report to me that I wouldn't immediately drop everything to fix in a timely manner. Perhaps the only exception would be if the bug is really in a shared thing like the SSH protocol, where it actually can't be fixed unilaterally without all the other implementors cooperating to deploy a revised version of the protocol in coordination. Or something so huge that it would require rearchitecting everything from the ground up.)
Perhaps this means that a wise company would avoid getting into a position where they depend on my stuff in the first place, if they can't fix bugs downstream of me. That's fine too! Nobody has to use it – the flip side of me not being a commercial software vendor is that I'm also not an evil lock-in merchant. When I define my own data formats I provide conversions to well-known alternatives, so you are always free to walk away and use something else. If your reason for using something else is not that you think my software is bad but simply that you'd rather have someone on call you can scream at to drop everything and help you with this week's emergency, then it's best for both of us that you do exactly that. Good luck, and have fun.
¹ On the other hand, of course, if people do feel like paying me, I'm not about to turn it down! I'd never claim to dislike money :-)
² Well, at least I believe in the ultimate effects of it. When you get into one of those problems everyone must have from time to time where you find yourself pratting about in the organisation's internal CI infrastructure at five removes from any code an end user will see, it starts to require some cognitive effort to remind yourself that anything useful is going on at all :-)
³ Or fun software. I'm often amused that people compliment me on things like PuTTY by telling me how much of their time it saved, whereas people compliment me on my puzzle game collection by telling me how much of their time it wasted. I always think that when I come up before the Great Project Manager In The Sky to be judged on my lifetime contribution to global productivity, I'll probably end up finding out I more or less broke even :-)
⁴ Obviously it should be a database, but I'm sure that in most cases it's a shonky, poorly change-controlled spreadsheet :-)
(no subject)
(no subject)
(no subject)
(no subject)
(no subject)
(no subject)
(no subject)
(no subject)
(no subject)
Well said!
(no subject)
(no subject)
(no subject)
(no subject)
(no subject)
no subject
(no subject)
no subject
I wonder if Britney heard it and took the lyrics a little too literally XD
As regards the Bored Panda Good News List of 2021
I think Canada just added such a posting to our federal cabinet this year, too...? Dr. Carolyn Bennett just got appointed as its first minister!