It’s been a wonderful summer that should be coming to a close, soon, but you couldn’t tell just by observing the weather, or looking at the forecasts.
I’m just fine with that. Let it be summer forever.
So, IRC. Those communities are generally toxic and it’s difficult not to internalize the weird confidence games that get played in those spaces, particularly on IRC. Or the weird baiting element that’s been introduced in recent years, caused by things I’ll explain later in this post.
This all picked up around the time I started harping on some pretty serious problems that span across the open source community. When I realized that key groups that drive those communities were being infiltrated with corporate and SIG saboteurs that were exploiting cultural vulnerabilities in those communities to advance corporate interests, I started building a system that was designed to expose it called IRCThulu.
I’ll highlight some events in chronological order over the last couple of years while I’ve been laying low:
F/OSS: You’re being systematically cleaned out and you lack the executive vision to see it.
February 2016: Mint Linux site compromise results in a hacked ISO with a backdoor placed in it to be released to the general public.
June 2016: Prominent Tor developer Jacob Appelbaum targeted by ramping, anonymous and completely unsubstantiated sexual assault allegations and is forced to resign.
June 2016: Microsoft acquires LinkedIn, giving it effective control over the flow of money and people in the entire software world — free, commercial, you name it. This acquisition included Lynda, giving them a strong market share in technical training on systems and software, which gave them a heavy bit of control over what training is accessible on technology of their choosing, allowing Microsoft to elevate or sink projects of their choosing.
July 2018: Arch Linux AUR repository is compromised highlighting vulnerabilities in the Arch Linux user-provided repository space in their architecture.
June 2018: Gentoo’s Github account hacked which houses the source code for the Gentoo Linux Distribution. All code was considered compromised but the upstream master repository was marked safe during the attack, comprising a heavy public relations blow to the distribution without causing enough damage to warrant a deeper discovery and lawsuit.
June 2018: LinuxForums.org gets hacked exposing the user accounts of a significant portion of the more involved members of the open source community.
October 2018: Microsoft acquires Github, which acts as a repository for the overwhelming majority of free and open source software, a few years after divesting from their “Embrace. Extend. Extinguish.” strategy after decades of an adversarial relationship with open source systems and software communities, effectively giving Microsoft control over the majority of published software in the western world.
September 2018: Linus Torvald, Ted Ts’o are both aggressively targeted by corporate-sponsored Sarah Sharp and Valerie Aurora (both previously associated with the Ada Initiative) under false pretenses of suppressing women and minorities in the Linux community. For those of you unaware, the Ada Initiative is a failed activist organization that was basically rendered non-credible after multiple members were outed in failed honey pot attacks targeting high profile open source project contributers with sexual assault allegations. Google it, and then google peoples’ names. Also be aware that the “Code of Conduct” phenomenon sweeping across projects in recent years is being sponsored and largely driven by its previous members and leadership where they’re not being identified.
July 2019: Canonical’s Github account hacked which houses the source code for the Ubuntu Linux distribution. While no source was affected before it was caught, this was a heavy public relations blow to the distribution without causing enough damage to warrant a deeper discovery and lawsuit.
July 2019: After the quiet failure of Bluemix, which was a last resort line of business launch for a struggling IBM following the rampant divestiture of corporate customers from z/OS on mainframe for Linux on contemporary hardware, IBM purchases Red Hat giving IBM a dominant market share of enterprise operating systems while taking control of all RHEL-based distributions, including Fedora Linux and CentOS. Corporate communities aside, while these downstream projects are separate entities in some cases, they are directly based on RHEL and are not vulnerable to supply chain strategies and intellectual property problems at IBM’s sole discretion.
January 2019: Oracle changes JDK license strategy to start charging users massive license fees to effectively paywall the Java-on-Linux communities, which comprises a startling share of software architecture in use in the world, today, effectively restricting its use to corporate customers.
September 2019: Richard Stallman targeted as “rape defender” by activists and open source groups that have been infiltrated by activists who failed to read the actual statements that he made. Richard Stallman was forced to resign from several positions he held that deeply influence the open source community.
Following the arrest of Eppstein, who had apparently been running a sex trafficking ring involving minors, which is horrible, Professor Marvin Minsky was named in a deposition as one of the victims’ clients. As details have surfaced about these events, Eppstein had apparently been blackmailing these girls, often underage, into performing sexual acts for his visitors.
One of those visitors was Professor Minsky, who worked with Richard Stallman at MIT’s AI laboratory.
Richard Stallman then defended Professor Minsky when the topic came up in one of MIT’s mailing lists, under the grounds that from Minsky’s perspective that he likely could not have known the girl was under age or was being coerced, given that if Eppstein had been blackmailing these girls he likely would have forbidden them from disclosing to their clients that they were so blackmailed. This intimates that from the late Minsky’s perspective he had likely engaged in intercourse with a willing participant that he did not know was underage.
Enraged activists then took charge to the response as “defending a rapist”, which was not the case, and misconstrued Stallman’s comments on the matter to say that the girls were somehow lying, which would not have been the case to anyone who actually read them.
The media heavily particpated in this public and knowing set of lies designed to destroy someone and completely obfuscated the conversation from the public view to prevent independent research while news agencies simply republished each others’ inaccurate stories.
Get the picture, yet? At least we’re more polite though, amirite?
Why this isn’t easily fixed
This is a several pronged attack happening:
- Acquisition and intellectual property strategies are being coordinated between these corporations that allow control of information regarding products as well as the security of those products. If you don’t believe that giant corporations collaborate, you are an idiot.
- Social engineering attacks are being funded by corporate activist groups to infiltrate and destroy open source software. It has nothing to do with gender discrimination and everything to do with taking control of key pieces of strategic software pipelines. No one wants to fix the vulnerablity in our society that allows these attacks to be temporarily credible, and I don’t blame them: I want men and women to be equal in software and systems as well.
- Money flows are changing in software.
It’s just coming from all sides, and, Linux is absolutely under attack. If you don’t realize this by now then you are likely a liability to the open source movement.