Ubuntu explores replacing gnu utils with rust based uutils
-
I fear moving away from GPL that moving to Rust seems to bring, but Rust does fix real memory issues.
So you prefer closed-source code to potentially unsafe open-source code?
Take the recent rsync vulnerabilities for example.
Already fixed, in software that's existed for years and is used by millions. But Oh no, memory issues, let's rewrite that in <language of the month>! will surely result in a better outcome.
Already fixed, in software that's existed for years and is used by millions. But Oh no, memory issues, let's rewrite that in <language of the month>! will surely result in a better outcome.
Rsync is great software, but the C language fates it to keep having memory issues in spite of its skilled developers.
Preventing a bug from being possible > fixing a bug.
-
but they do exist and most of those would be solved with a memory and type safe language.
Maybe.
Still, there are other sources of bugs beyond memory management.
And i'd rather have GPL-ed potentially unsafe C code to... closed-source Rust code.
The Rust code isn't closed source, but I'd strongly prefer a coreutils replacement to use GPL over MIT as well.
-
At first I was sceptical, but after a few thought, I came to the solution that, if uutils can do the same stuff, is/stays actively maintained and more secure/safe (like memory bugs), this is a good change.
What are your thoughts abouth this?
The correct title should be "Ubuntu explores replacing gnu utils with MIT licenced uutils".
-
The code can be taken and used in close source projects
And how does this hurt all of us who use it for open source projects?
-
And how does this hurt all of us who use it for open source projects?
Competitive improvements the company makes make be kept secret, re packaged, and sold without making contributions to the src code.
Basically embrace, extend, extinguish
-
I wonder whether Linux Mint will follow suit?
Mint is basically Ubuntu with all of Canonical's BS removed. This definitely counts as Cononical BS, so I'd be surprised if it made its way into Mint.
-
And how does this hurt all of us who use it for open source projects?
means it can also be captured by a corpo takeover and taken private
-
Unlike the other alternative coreutils, uutils focuses on GNU compatibility. If you depend on GNUisms, this allows you to unGNU & unGPLv3+ your system.
I don't understand, you'd still have to completely replace the linux kernel for a situation where this matters to occur, no?
and the linux kernel is where 99% of the work is, correct?
-
means it can also be captured by a corpo takeover and taken private
It can be forked by anyone, but what is already out there will always be there.
-
It can be forked by anyone, but what is already out there will always be there.
Until you're left with choosing between an abandoned open source version and an up to date closed source blob.
-
At first I was sceptical, but after a few thought, I came to the solution that, if uutils can do the same stuff, is/stays actively maintained and more secure/safe (like memory bugs), this is a good change.
What are your thoughts abouth this?
I for one welcome our rust overlords
-
I don't understand, you'd still have to completely replace the linux kernel for a situation where this matters to occur, no?
and the linux kernel is where 99% of the work is, correct?
The Linux kernel is licensed under GPLv2, not v3. The third version of the license forbids tivoization (vendoring unmodifiable copyleft software). Also, the GNU coreutils aren't limited to Linux.
-
This is one of the old-time original arguments in the OSS community.
The crux of the matter is that the GNU licenses require that modifications be released back to the community. Other "more permissible" licenses like MIT do not.
So if you want to make a commercial version of X, and X is under a GPL, then any changes you make need to be released under the GPL. The idea being "I shared this code with the community with the intent that you can use it for free and modify it as you like, but you need to share back what you do." Also called "Share and share alike".
This defends against "embrace, extend, extinguish" tactics that companies like Microsoft has loved to do. They can't take your code, modify it for their own purposes and re-sell it possibly making a more popular version that is now proprietary.
Somewhat ironic example.
X (Xorg) has been MT licensed for 40 years. So is Wayland. So is Mesa.
I think Xorg is a good example of the real world risks for something like core utils. If you did not know or care until now that X and Wayland were MIT licensed, you probably do not need to care too much about utils licensing either.
-
Competitive improvements the company makes make be kept secret, re packaged, and sold without making contributions to the src code.
Basically embrace, extend, extinguish
Ideas can only be patented, not copyrighted. If a company designs something novel enough to qualify for a patent, and so good that people willingly pay for the feature, that's impressive, and arguably still a good thing. If instead they design a better user experience, or an improvement in performance, the ideas can be used in open source, even when the code cannot be.
-
The correct title should be "Ubuntu explores replacing gnu utils with MIT licenced uutils".
Waiting for Canonical to up sell proprietary features for a subscription. Ubuntu's regular release cycles were brilliant in 2004 when there weren't a lot of alternatives but why does it still exist?
-
What does the license change actually mean? What are the differences?
The best example I could point to would be BSD. Unlike Linux, the BSD kernel was BSD (essentially MIT) -licensed. This allowed Apple to take their code and build OSX and a multi-billion dollar company on top of it, giving sweet fuck all back the community they stole from.
That's the moral argument: it enables thievery.
The technical argument is one of practicality. MIT-licensed projects often lead to proprietary projects (see: Apple, Android, Chrome, etc) that use up all the oxygen in an ecosystem and allow one company to dominate where once we had the latitude to use better alternatives.
- Step 1 is replacing coreutils with uutils.
- Step 2 is Canonical, Google, or someone else stealing uutils to build a proprietary "fuutils" that boasts better speeds, features, or interoperation with $PROPRIETARY_PRODUCT, or maybe even a new proprietary kernel.
- Steep 3 is where inevitably uutils is abandoned and coreutils hasn't been updated in 10 years. Welcome to 1978, we're back to using UNIX.
The GPL is the tool that got us here, and it makes these exploitative techbros furious that they can't just steal our shit for their personal profit. We gain nothing by helping them, but stand to lose a great deal.
-
The Linux kernel is licensed under GPLv2, not v3. The third version of the license forbids tivoization (vendoring unmodifiable copyleft software). Also, the GNU coreutils aren't limited to Linux.
I know they aren't limited to linux, but can you give me an example of a situation where this matters?
All of the situations I can think of are remedied by the fact that linux is still GPL'd
-
Ideas can only be patented, not copyrighted. If a company designs something novel enough to qualify for a patent, and so good that people willingly pay for the feature, that's impressive, and arguably still a good thing. If instead they design a better user experience, or an improvement in performance, the ideas can be used in open source, even when the code cannot be.
@prime_number_314159 @thedeadwalking4242 this is how Google killed RSS -
the deGPLification of the Linux ecosystem ffs
-
And how does this hurt all of us who use it for open source projects?
Imagine a contributor of the project. He would have been fixing the bug for free and give the work to the public project. Right before he submit the code change, he sees an ad from a big tech bro: "Hiring. Whoever can fix this bug gets this job and a sweet bonus." He hesitated and worked for the company instead.
Now that he is the employee of the company. He can't submit the same bug fix to the open source project because it is now company property. The company's product is big free, and the open source counterpart remains buggy.
