Slashdot Mirror
GnuPG Gets Back On Track With Funding
jones_supa writes: Soon after the poor state of the GnuPG was unveiled, the online community has rallied to help Werner Koch. He wanted to hire a full-time programmer to work on the project alongside him and to ensure that he's not living on the brink of bankruptcy all the time. Immediately after the article was published, it was revealed that he got a one-time grant of $60,000 from the Linux Foundation's Core Infrastructure Initiative. Also, the community donated over $150,000, and Facebook and Stripe have each pledged to provide $50,000 per year. All in all, it looks like Werner Koch won't be worried about funding for quite some time. The problem remains: it's very likely that other projects just as important as this one are probably facing the same kind of issues, but it would be nice to hear about them before they get in trouble, and not after.
I would love to hire somebody else too, it would help me a lot on my open source projects.
Something like Patreon should be set up for software projects.
Funny how these projects are crypto-related. As in: so shockingly important crypto, they form the basis for most of the security we enjoy on the Internet.
Funny, that. Just saying.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Noone rushes to your rescue when you're not in trouble, how much cash do you think facebook, microsoft or apple would raise if they started fundraiser with bankaccounts overflowing with BILLION$$$ ..
What the fuck are you even talking about? The software is free to use, and is free in the liberty sense as you're allowed to use it however you'd like. But what does any of that have to do with the living expenses and cost of running an open-source project (you do have to pay for things such as various tools, web hosting, SSL certs, Git project hosting, etc.) of the man that is behind its development? Nothing.
You do know that an overwhelming majority of work done on open-source projects is paid-for work, right?
Why would he mysteriously need money when everything is free?
Your misunderstanding of Free software is... staggering.
are we sure he's not pocketing the money?
I'm sure that he is pocketing it, then quickly depocketing it for mortgage/rent, food, heat, transportation, etc, etc ad nauseum.
"I don't know, therefore Aliens" Wafflebox1
This is exactly the kind of thing Core Infrastructure Initiative is meant to help with and I'm happy to see it being used for gpg. Anyone with an underfunded Open Source project that is in wide use can apply for a grant from http://www.linuxfoundation.org.... There's no need to wait until you are in dire straits.
Occam's Razor: he knows perfectly well what's going on and is taking the piss.
Software in the Public Interest is in a unique place to act as an information clearing house, conduit and "amalgamator" for this problem.
"I don't know, therefore Aliens" Wafflebox1
At least in part, this problem seems to be down to a lack of any sort of way(short of investigative journalism for every project you are interested in) of being able to see what the funding situation is.
As with OpenBSD a while back, it was pretty much 100% everything-as-normal until "Boom, out of money, game over, man, game over." followed by a last minute fundraiser.
There are plenty of projects, GnuPG among them(and OpenBSD, at that time), that I'd be happy to assist; but I don't really have the slightest idea of who is A-OK, who could use some more money in an ideal world, and who is about to burn out and quit for lack of resources.
Is there any sort of mechanism in place, or under discussion, for making resource needs more visible before they become emergencies?
You have one life to live. Unless you're the sort of person to believe in re-incartion, in which case nothing (logic included) are going to apply to you.
In that one life you have a certain amount of time to accomplish the things you want to accomplish. GNUPG is still free...people's time is NOT. It's a COST that goes into the development of free software that people like you get to enjoy without ever contributing anything back other than snarky, ignorant remarks on Slashdot. "Free things don't cost anything," sorry to burst your bubble you special little snowflake but EVERYTHING FUCKING COSTS SOMETHING. Just because it's "free software" doesn't mean that someone isn't paying for it in some way and not necessarily with money. Koch chose, with the urging of Richard Stallman, to devote a large part of his life to developing a part of the software "stack" of most free operating systems that's absolutely vital and apparently he's one of the few people, if any, who are actually doing it.
The ignorance you display about how free software actually works is so stunning that...well looking at your post history you're just a fucking troll anyway, so I probably shouldn't have bothered trying to make a case to you. You're just poisoning the well because you know you have no other value in the world. You're worthless. You are nothing. Koch actually accomplished something, free software developers actually accomplish something. You use the fruits of their work and then complain when one of them is looking at being bankrupt and homeless. You are a fucking twat.
He got kicked out for not doing the Patreon donations?
The developers who work on the heart of the operating system are badly funded and its getting worse.
Please consider donating:
https://my.fsf.org/donate/
* The FSF "sponsors" the project, but doesn't have the resources to properly fund it. You can help change that indirectly by donating to the FSF. There are many GNU pieces that need more attention and one of the reasons that many projects are in poor shape is because people are letting politics get in the way.
Rubén Rodríguez a.k.a. quidam has been the lead developer of what might be one of the most important projects in the free software community. Without his work we wouldn't be making progress on a 100% software distribution geared at the masses. It's nice and easy to point people at distributions which don't care about free software- and I'll admit even I do it. However we need to consider the consequences of those actions and the harm its doing to our community. We are sacrificing freedom for proprietary software and in doing so undermining our very values. If you wanted to run proprietary software you could have just stuck with Microsoft Windows or Mac OS X. The reality is we do want free software to prosper, but if we don't even make the effort to develop free software replacements what is that saying? I'll tell you: we're all a bunch of hypocrites. While money is not a solution to this problem it does help avert catastrophe. We do at least need people working on these problems and that won't happen if only proprietary software are allowed into the club- and allowed to subvert the freedom that attracted us in the first place.
You forgot the URL:
http://trisquel.info/en/donate
The problem remains: it's very likely that other projects just as important as this one are probably facing the same kind of issues, but it would be nice to hear about them before they get in trouble, and not after.
I was thinking if XFCE could use some help? A lot of people like it, but the project seems to be greatly underresourced and the development is very slow. It seems that they have a Bountysource page set up already.
The problem is that this fool licensed GnuPG under the GPL license. No business in their right mind would finance him to build a project using it, as then that software would have to be GPL'd, too.
I think he should develop an MIT licensed version and see how that does.
Slashdot Valentines Beta Massacre: iT WORKED! The boycotts killed Beta!!
I think that's fairly descriptive of the behavior that led to this: Projects like OpenSSL and GPG are used by many people (and big companies), but since it's "not their responsibility", the haven't put any support into them. "I got mine--why should I pay up?" Fortunately, in those cases, highlighting the problem led to an outpouring of support. Those who didn't have direct skin in the game (coders, companies, etc) brought the problem to light and those who did have skin in the game (as well as others) started supporting the projects. I'm not making a real criticism--it's just the default human herd behavior. But with enough examples of things going wrong, maybe a few people can emulate those people and take up the mission of supporting them to keep this from happening. It sounds like things are already moving in that direction.
Never confuse movement with action. --Hemingway
Wow. That was an amazing thing the community did, and I have to believe slashdot helped. I think it would be great if there were a continuing thread on /. that just focuses on worthy projects that need help.
I think part of the problem is, I wouldn't trust a company that said it's product was based on GnuPG, but wouldn't let me look at the source code for the encryption bits. How would you know they hadn't given the NSA a backdoor of some sort?
What a result! A wealthy and over-funded individual screams poor and he's suddenly made much wealthier still. To the donors, I can only say that there are some real idiots on this planet and you've just helped to identify yourselves.
And MySQL, GCC, busybox, blender, ...
Not really, because there aren't that many projects as important as GNUPG but without a foundation or something backing them up. OpenSSL is probably the next good example, but that's run by a consulting company.
Without GNUPG, no major GNU/Linux distros could security download updates. It's *the tool* that does digital signatures. It's at least as important as OpenSSL, but in that case there are viable alternatives (e.g. GNUTLS, NSS).
Really, the GNU project needs to spend some more money on maintaining the infrastructure that they sponsor. They'd get quite a bit more money if the had fundraisers directly for core GNU software (e.g. GNUPG / GCC / Bash / libc) development rather than generic funds that might get spent sending their mascott to protest at an Apple store or some nonsense. Activism is great and all, but it's a waste of time if the concrete infrastructure that the movement has built is allowed to rot.
-- The act of censorship is always worse than whatever is being censored. Always.
For better or for worst, those aren't one-man operations, either, but mostly run by foundations with overarching missions and established donors or corporations with deep pockets. They utilize the GPL not as a freedom device but as a control: OPEN SOURCE YOUR CODE UNDER THE GPL *or* PAY US LOTS OF MONEY FOR A COMMERCIAL LICENSE [if we even let you! wahahahaa!]
Slashdot Valentines Beta Massacre: iT WORKED! The boycotts killed Beta!!