End Of Development For Grsecurity Announced?
vrtk writes "I received this minutes ago, from the grsecurity mailing list, also displayed on the official site for the open-source security project: 'Beginning today, May 31, 2004, development of grsecurity will cease. On
June 7, the website, forums, mailing list, and CVS will be shut down. Due to a sponsor unexpectedly dropping sponsorship of grsecurity while
continually promising payment, I began the summer in debt and had to borrow money from family to pay for food. If none of the companies that
depend on grsecurity, some of them being very large, are able to sponsor the project, grsecurity will cease to exist. I am not looking for paypal
donations at this point, unless those that donate do so with the recognition that despite their donation, grsecurity may still never be
returning.'"
the sort of bastards that make $2500/hour being driven to country clubs to shake hands and joke about 'damned hippies'.
"What, we don't need to pay him?"
"Heh, yeah. Damn fool fell for that Open Source crap. He gets what he deserves."
"Well, Damn Dirty Hippies, etc. Oh, and pass the caviar."
Brad Spender is truly an Internet hero, a pioneer who made us all safer. He went about his work selflessly, with precision and excellence.
If ever there was a time to band together to save one of our own this is it. Brad has gone into debt while helping to make multi-billion dollar corporations safer. Perhaps at the end of the day they will come through for Brad, perhaps they will not. There must be some way that we can all help him regardless of what his corporate sponsors do.
how can it cease to exist? isnt open source software forever? (well in some form or another) it may not be regularly updated (or updated at all by the looks of the article) but could still prove useful in the future...
Since the developers went and got all selfish about things like 'eating' and 'clothes'?
"Ignorance more frequently begets confidence than does knowledge"
- Charles Darwin
I have never heard of this project till today, but I would not be suprised if this is an all too often occurence in the OSS world.
Hopefully he finds a new sponser so that he can carry on. It really sucks when you put a lot of time and effort into something, then to have someone just pull the plug on you (completly out of your control) and to be then left with nothing.
Good luck.
Sorry to say this, but I feel that sponsorship is ultimately not a good way to run an OSS project.
:-)
If you rely on sponsorships, you have to expect this kind of thing to happen. It does. All the time.
If there are businesses which are using your software, then there should be a market for you in consulting. Consulting is a proven business model for OSS development. (Not that it is much more of a guarantee, but at least you have a contract.)
Not to mention that many big businesses view consulting and sponsorship as two very, very different things. It has to do with bookmaking. Money paid as consulting makes it more evident that you are providing a service than money marked down as 'sponsorship'.
Now, if your project is not commercially interesting, and you still want to get paid for doing it, perhaps you should be looking for a research position instead, if it's innovative enough.
And if it's not innovative nor commercially interesting.. Well then it's a hobby, goddamnit!
Sorry, but that's not how OSS development gets funded; you can't just put up some software on a web site and wait for donations.
Grsecurity looks like something you might be able to fund as part of a security consulting business. Or, if dealing with people is not your thing, you might be able to make a living writing books about security and how to use grsecurity. Or you might be able to do it on the side while working for a large company.
If grsecurity is as useful as you think, if there was a lively community around it, and if the code is usable, there is a good chance someone else will pick it up and actually build a successful business around it. If nobody continues development of grsecurity at this point, then it wasn't really a good, live open source project anyway--it was just some useful code released under the GPL.
Please don't complain about it: while your desire to create open source software is admirable, it is still your problem if you fail because you picked a naive business model.
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
I don't want to sound too much like a troll, but is it possible that this is a method to induce payment by the unmentioned sponsor? If the sponsorship was so crucial to the development of the project (which, as stated was done by a single individual for the most part) and the sponsor already has made use of the project, a change to another project, or relying on the OSS community to take over would be too costly or disruptive, that it may be in the best interest of the developer to come to this decision. I feel bad for Brad, grsecurity obviously is/was something he put a lot of time and effort into, and if matters have come up that prevent him from continuing, so be it. I don't, however like the fact that "no one else is good enough to produce the quality work he has" or "lack the vision for the poject", it seems to lack sincerity for some reason, and I wonder if his motives lie somewhere else.
What amazes me is that it's automagically assumed that a code-cutter also has business sense to run a successful business.
:[
:(
Remember at the end of the day he's a code-cutter... not a suit... if he was a suit.. he wouldn't be a code-cutter now would he!
I must admit as a code-cutter I'm sick of many businesses idea of 'yeah... lets' get it under the GPL... we can use, abuse and not pay for it'.
Bad Karma to this idea of thinking...
These fat-cats still drive home to a nice warm bed, big meal and watch their TV.
How about flipping some $$'s towards the smuck that did all your hard work and ensure he's still around next year when you have a real question abuot the software.
At the end of the day... nothing is FREE... someone pays... unfortunately with a lot of GPL.. it's normally the developer and his family.
The problem isn't the code itself, which will remain GPLed. But the problem is the code by itself isn't as useful since this is the kind of project that requires constant maintenance. Who's going to host the code? More crucially, who's going to maintain it and ensure it remains compatible with new kernel versions and modules? You? Didn't think so.
The fact anyone could host the project doesn't help unless someone actually does...
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
I began the summer in debt and had to borrow money from family to pay for food. If none of the companies that depend on grsecurity, some of them being very large, are able to sponsor the project, grsecurity will cease to exist.
Another fine example of the open source business model.
Economics 101: Paying for something that your competitors get for free puts you at an economic disadvantage. Therefore, almost all companies will take open source software and not pay for it.
If General Motors gave away cars and asked for donations to cover R&D, production, etc., do you think that Hertz, Avis, Dollar, Enterprise, or any of the car rental firms would donate money to GM? Of course not. They would all take free cars for as long as GM was able and willing to give them away, though.
I will never understand why many professional software developers are proponents of open source. Buy a big-rig truck and start delivering goods for free. See how many Teamsters rally round you and cheer you on. You'll be lucky if you just get your knees broken.
Just in case everyone forgot, open source was meant to satisfy a programing itch, not necessarily provide a living. The fact that so many coders are able to use it to maintain a standard of living is an unintended side effect.
Though it would be possible for others to handle maintenance of the project, the quality won't be held to the same standards and will not progress with the same goals I have set for the project.
Without a signed, insured contract what guarantee did the sponsor(s) have that the maintainer(s) was doing a competent job anyway? I guess they had the same guarantee the main dev had in getting paid, i.e. none.
No offense meant to the dev, but come the hell on. This is one of the weirdest cases of sour grapes I've read in the OS department.
It's almost blackmail. "Support me else I shut it down."
That's hardly in the spirit of Free Software.
Since when is the spirit of Free Software doing work that benefits others and expecting nothing in return? What any given author expects in return may vary, but expecting money isn't out of line. The author presumably has expenses related to the project and is well within his rights to state that he will not continue development if he can't find someone to offset those expenses.
Remember, though, that since the project is GPL'd, there's nothing stopping you or anyone else from downloading the source & taking over the maintenance & development for him. That's the spirit of open source.
The big BIG problem for the FOSS business model for the little guy is some large company running off with the product and either offering it themselves, or in this case not bothering to contribute anything back.
And yes, software costs money to develop. Even if you do it in your spare time, that is time that could be spent on a profit earning venture. For better or worse, we live in a capitalistic society. You go to the supermarket, they will expect you to pay cash for what you buy.
And the FOSS zealots ARE partially responsible for poor young students / software developers spending huge amounts of their valuable time for free. All over slashdot the zealots will flame anyone who dares to suggest that to run a business you have to think past just simply offering FOSS software / services. It is always suggested that FOSS is the way of the future, all large companies are shifting to FOSS etc etc etc. Why do you think IBM loves Linux? Not because they have a love for their fellow human being - they can get it for free! They can undercut the opposition. If they are true believers in FOSS philosophy, wheres the source code for DB2? Yeahh...suuure..they have fully embraced open source havent they?
Yes, FOSS is a noble cause, but please PLEASE stop trying to convince kids that they will make money from their efforts. Consulting makes money for the little guy, developing FOSS doesnt.
I don't think anyone "in free software" thinks development has no cost. I think they are keenly aware what the cost is - usually their time.
It's only a few idiots who equate Free with free.
However I think your charaterisation of open source development is either naive or trollish.
Yours Sincerely, Michael.
C'mon guys. It's nothing like blackmail. In fact it demonstrates one of the great strengths of the spirit of free software.
One of the key benefits of open source is that if the originator of the product can't continue the project for any reason (bought by a competitor, switched to a closed-source model, got kicked out of parents basement, got bored) - anyone's free to fork it and continue on.
He's just letting the community know that he's likely to move on and if people depend on it to fork the software now. It's still far more courtious than a commercial company going under _without_ any options for continued support for their customers.
Here are some real-world lessons that I learned the hard way:
;)
1. When it comes to business, it's every man for himself... you *really* have to see it that way or some other guy will eat your lunch.
2. Nothing personal, but fuck you. (you being anyone asking for money that isn't compelled by law or contractual obligation). It's simple really, you want people to give *you* their money... not the other way around, got that?
3. Never give anyone a break... that's not how rich men become rich. Do you think that they'd give you a break? Does your landlord give you a break on a month's back rent? How bout the cell phone company... sure, they'll let you skip the early opt-out penality on your 2-year contract
4. Work for yourself... put yourself first 100% of the time. You're in business for you, no one else.
5. It's just business, nothing personal, but fuck you.
With point number 5 constantly in mind, go get 'em tiger. Enough of this cry-baby OSS/Free Software crap. This guy gave grsecurity away for free. No one made him do it. Let's all hope he learned a lesson, I sure as hell did.
Kudos to RMS and Torvalds for giving away top-notch software *and* for not expecting anything in return other than recognition... that's all I've ever given them, and all I ever will.
Anarchism for dummies
1. Co-operate.
Even simpler.
"The only clear view is from atop the mountain of our dead selves." - Peter Carroll