• 0 Posts
  • 47 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle

  • That is a good idea just so that you don’t have to think about any potential privacy issues. Your email could be {firstword}{secondword}{4 numbers} and so long as the words and numbers are randomly generated, you can avoid accidentally including personal references or biases.

    Your username does not need to be high-entropy, though. It will be semi-public. So it’s not about strength against dictionary attack or similar, it is just about leaving the selection process up to a random process that isn’t witnessed by a third party. You can write scripts that will generate these kinds of things using Python and the faker library.


  • I think it is unlikely that they are simply bad at PR and not trying to do damage control for something they would like to push anyways eventually. Why are they creating a proprietary element in the first place? Is the selling point of their product not that it is open source? They are making some changes.

    …or they made an honest mistake and don’t care to put it back on F-droid for reasons to which we are not privy.

    An honest mistake of hosting their entire own repo and writing up documents for it? It isn’t just off F-Droid, they are doing their own thing.

    I bring up these counter-examples not as a way to point out where I’m right and you’re wrong, but to point out that there are other candidate explanations, and it’s not justified to infer that malfeasance is the only likely possibility.

    Yes you are suggesting that people give them the benefit of the doubt. And I am saying that would be unreasonable given the facts.

    I also understand why you would cynically think that Bitwarden might succumb to Capitalism—I too live in a late-stage-capitalism country—but that’s not a forgone conclusion, and I say again that we don’t need to be imagining villains when there’s plenty of objectively real ones at which to point a finger alreadIy

    Bitwarden has already succumbed to capitalism, it is a product by and for a for-profit company. It is, with few exceptions, just a question of when they will have a profitability crisis and need to find avenues by which to increase revenues or decrease costs. Sometimes that takes 15-20 years, sometimes it takes 3.

    I have not followed their finances but I would be curious to know what they are doing at the moment. Could be seeking to get bought out, could be looking for new funding, could be working around the needs of a major client, could be something else.

    As always, when a project is backed by a company we should approach it tentatively because while they will provide support for it for some time they will eventually be tempted to do something shady to increase profit. Or to just be profitable at all, which investors always want ASAP when interest rates are high. And then we will need to fork it and see if it is feasible without VC backing. To my knowledge the only other viable path for an open source company is to become an industry standard where the major monopolies decide to not fight about it and instead say, “it is fine as it is and won’t be profitable but it is a useful thing to share costs on”. Docker, Inc. is somewhere along that path, scraping together products at the periphery of the software while the industry monopolies more or less share the core project in its various compatible forms. And Docker similarly tried to ham-fistedly seek profit sources like when it tried a silly fee scheme for Dockerhub and created a small exodus that the monopolies ate up (e.g. GitHub).


  • Of course you inherently cannot trust a private company to keep their product open, including open core models. In that situation everyone using or contributing should be making a gamble: that if they go too far the project will be forked, the company will cut its community in two, and the fotk will go on to be decently successful as a community project.

    Their inability to do the right PR things is just a signal that they can’t be bothered with the facade that is useful for them to maintain community support and FOSS nerd marketing for their product.

    Re: ethics, they are no longer on F-Droid because they tried to get this in under the radar and include non-free code in builds. Instead of fixing that problem they made their own repo.

    Bitwarden will likely eventually destroy their FOSS model for profit-seeking, it is just a matter of when. This is how these things work.




  • Yes because it is about, ultimately, making the major clients incompatible with vaultwarden on both a legal and technical level.

    A likely outcome if they don’t reverse course is a split where FOSS Nerfs fork the clients and have to maintain their own versions. That’s the outcome Bitwarden wants. This reeks of a bazinga, “how dare they benefit from our work and take our users”, which is hilarious for a FOSS ecosystem that almost universally benefits corporations with free labor.


  • They’re trying to argue legal technicalities because acknowledging that they’re trying to reduce compatibility with servers like vaultwarden would be bad PR.

    Per their new license, anyone that uses their SDK to build a client cannot say, “this is for Bitwarden and compatible servers like vaultwarden”. They cannot support those other servers, per their license. Anyone that gets suckered into using their SDK now becomes a force against alternative implementations.





  • Neither of those are exactly quality organizations whose claims should be taken at face value, though Amnesty International has made no claims about slave labor and HRW doesn’t itself have any statements about that so far as I can tell.

    Though this is beside the point as, again, we are talking about EV manufacturing. Please do your best to not support the orientalist implications throughout this thread. If you would like to make a specific claim, go ahead and do so, but be ready to explain it with more than NGO or State Department name dropping.






  • Slave labor is a system in which a person is bought sold and indentured to a master for a substantial duration, often life. Their labor is coerced as property of that master.

    That is not how China produces cars. They use highly automated systems and paid workers like everywhere else. While Chinese workers are paid less due to the forces of unequal exchange (a system imposed by the US) and an export economy (a system usually imposed by the US but more of a 4D chess move by China to develop productive forces, with the US gladly taking the deal for exploitation), that is not really why the cars are so much cheaper. It is because China has highly concentrated industry and a much less financialized system.

    Speaking about “fair” is amazing in this context. The US is simply trying to protect domestic monopsony industry and to damage Chinese industry. This is a jingoistic and corporate policy.



  • I… agree but isn’t then contradicting your previous point that innovation will come from large companies if they only try to secure monopolies rather than genuinely innovate?

    Nope.

    I don’t understand from that perspective who is left to innovate if it’s neither research

    Who said there’s no more research?

    not the large companies… and startups don’t get the funding either.

    Both are, on average, just doing boring work minorly translating research in the hope to become more monopolistic, just at different levels of the good chain. The former eats the latter.