Should Maintainers of Open Source Projects Be Paid?

Matt Asay, a former COO of Canonical now working at AWS, writes “Over the last few weeks I’ve interviewed a range of open source project maintainers, most of which don’t directly get paid for supporting their projects… Is this a bad thing?”

It’s not completely clear. Linux Foundation executive Chris Aniszczyk has been an outspoken opponent of open source “tip jars” that seek to sustain projects with donations. “These [open source developers] should be encouraged to start businesses or your business should hire them directly,” he argues. But many such developers don’t want a 9-to-5 corporate job, preferring the independence of contract work. Open source sustainability, in other words, is messy. Most open source project maintainers with whom I’ve spoken got started because it was a “fun” way to spend their free time. They had a variety of personal “itches” they needed to scratch. Exactly none started coding because they were hoping to get paid for that work.

In fact, in some cases, it was specifically to create space from their employer that they started the project. For Datasette founder Simon Willison, for example, he “wanted a creative outlet.” That is, a project that he got to have complete control over. In some ways, he said, it was perhaps “a way of blowing off steam,” but really it was a place where he could express his creativity without a corporate overlord steering that creativity. See the problem…?

Aniszczyk reasonably suggests that the most sustainable source of funding is a paycheck, but that’s precisely what many of these developers don’t want. Or, at least, they don’t want a paycheck that comes with restrictions on their ability to code freely… [O]pen source sustainability will never have one, meta answer for all of open source. It’s always a project-by-project analysis and, really, a founder-by-founder (or community-by-community) decision.

Read more of this story at Slashdot.

Source: Slashdot

Microsoft Replaces Dozens of Staff With AI for News Stories on MSN

“Workforce automation is about to cost dozens of news contractors their jobs,” writes Engadget:

The Seattle Times and The Guardian report that Microsoft is letting go of dozens of news contractors (about 50 in the US, 27 in the UK) after June 30th due to a shift to AI news production on MSN. The workers were responsible for choosing, editing and curating stories.

The work included identifying trending news stories, planning content, and rewriting headlines, according to the Seattle Times. “It’s been semi-automated for a few months but now it’s full speed ahead,” one of the terminated contractors tells them.

“It’s demoralizing to think machines can replace us but there you go.”

Read more of this story at Slashdot.

Source: Slashdot

What Would The Internet Look Like If America Repeals Section 230?

“REVOKE 230!” President Trump tweeted Friday, and NPR reports that the movement to revoke its safeguards “is increasingly becoming a bipartisan consensus… But experts caution that eliminating the legal protections may have unintended consequences for Internet users that extend far beyond Facebook and Twitter.”

“We don’t think about things like Wikipedia, the Internet Archive and all these other public goods that exist and have a public-interest component that would not exist in a world without 230,” said Aaron Mackey, staff attorney at the Electronic Frontier Foundation, a digital civil liberties nonprofit.
Without Section 230, experts argue, sites would have less tolerance for people posting their opinions on YouTube, Reddit, Yelp, Amazon and many other corners of the Internet…

The tech industry, unsurprisingly, is fighting hard to preserve Section 230, said Jeff Kosseff, the author of a book about Section 230, The Twenty-Six Words That Created the Internet. “The major platforms came into existence because of 230,” Kosseff said. “Without 230, their operations would have to be substantially changed.” In particular, Facebook, Twitter and Google would likely become aggressive about removing content and may side more often with complaining users, Kosseff said. Mackey with the Electronic Frontier Foundation agrees.”It could create a prescreening of every piece of material every person posts and lead to an exceptional amount of moderation and prevention,” Mackey said. “What every platform would be concerned about is: ‘Do I risk anything to have this content posted to my site?'”

Another possible ripple effect of repealing, Kosseff said, is making it more difficult for whatever company is hoping to emerge as the next big social media company. “It will be harder for them because they will face more liability at the outset,” Kosseff said. Eric Goldman, a professor at Santa Clara University Law School and co-director of the High Tech Law Institute, said rescinding Section 230 could reduce the number of online platforms that welcome open dialogue.

Read more of this story at Slashdot.

Source: Slashdot

Apple Opens 100 More US Stores — With Mandatory Temperature Checks For Customers

“Apple is in the process of reopening 100 U.S. retail stores,” reports Apple Insider, adding “as expected, those outlets look a lot different post-coronavirus.”

For example, the company is performing temperature-checks at the door and requiring facial coverings before entering the store. Apple has also indicated that it will provide facial coverings to customers if need be. As you approach the Apple Store, you should notice some changes right away. In the Lynnhaven Mall in Virginia Beach, Virginia, the Apple Store had multiple employees outside to guide customers into lines — one line for walk-ups, and another for reservations. While waiting in line, an employee asks you a series of four questions and takes your temperature:
– Do you currently have a fever?
– Do you currently have a cough?
– Are you currently experiencing any respiratory issues?
– Have you been in contact with any suspected or confirmed cases of COVID-19 in the last 14 days?

Answering “yes” to any question will prevent you from entering the store, even if wearing a mask. Answering “no” across the board will allow you to have your temperature checked. Apple assures customers that data isn’t being recorded…
Apple retail is enforcing social distancing measures by mandating six feet of space between customers, reducing the number of products on display, and rearranging store features to allow for more space between them… If a device is handed from customer to employee, the employee will wipe it down on receipt, before beginning service or operation of the device. There are multiple stations with disinfecting wipes and hand sanitizer…

Customer occupancy and store hours have also been reduced, with Apple encouraging customers to purchase online or opt for curbside pickup when possible.

Read more of this story at Slashdot.

Source: Slashdot

GitHub Warns Java Developers of New Malware Poisoning NetBeans Projects

GitHub issued a security alert Thursday warning about new malware spreading on its site via boobytrapped Java projects, ZDNet reports:
The malware, which GitHub’s security team has named Octopus Scanner, has been found in projects managed using the Apache NetBeans IDE (integrated development environment), a tool used to write and compile Java applications. GitHub said it found 26 repositories uploaded on its site that contained the Octopus Scanner malware, following a tip it received from a security researcher on March 9.

But the article adds GitHub “believes that many more projects have been infected during the past two years.”
GitHub says that when other users would download any of the 26 projects, the malware would behave like a self-spreading virus and infect their local computers. It would scan the victim’s workstation for a local NetBeans IDE installation, and proceed to burrow into the developer’s other Java projects. The malware, which can run on Windows, macOS, and Linux, would then download a remote access trojan (RAT) as the final step of its infection, allowing the Octopus Scanner operator to rummage through an infected victim’s computer, looking for sensitive information.

GitHub says the Octopus Scanner campaign has been going on for years, with the oldest sample of the malware being uploaded on the VirusTotal web scanner in August 2018, time during which the malware operated unimpeded.

Read more of this story at Slashdot.

Source: Slashdot

Google Says It Inadvertently Removed Ability To Visit URLs From ‘Image Search’ AMP Pages

DevNull127 writes: Wednesday someone calling themself “Zenexer” complained on Twitter that Google “appears to be phasing out the ability to visit the original URL from an AMP page. Tapping the info icon in the top left used to provide the option to visit the real URL. Currently only an issue in Image Search.”

“This is an oversight,” tweeted Malte Ubl, the Google software engineer who created AMP (and a member of its Technical Steering Committee), citing a conversation he’d had with the Image Search team, who said they’d be adding back the feature soon. “Sorry about that and thanks for the report!”
When asked about a timeline for a possible fix, he responded “Sorry, no way to do it in fewer than a couple days.”

Read more of this story at Slashdot.

Source: Slashdot

Eight Amazon Workers Have Now Died from Covid-19

The Los Angeles Times tells the story of 63-year-old Harry Sentoso, an Amazon warehouse worker who was called back to work on March 29th — and died two weeks later of Covid-19.

Across the country, Amazon workers have documented more than 1,000 cases among warehouse workers as of May 20, and 7 deaths. Sentoso is the eighth…. The company has put new measures in place to make its warehouses safer for employees, but the number of cases at its facilities keeps rising… Amazon also fired two tech workers who had publicly criticized safety and working conditions at the company’s warehouses…

The week before Sentoso died, the company began requiring employees to wear masks on site, and started checking the temperature of workers before they could enter. It began requiring employees to stay six feet apart in late March, and staggered shifts and canceled in-person meetings to make that easier. The company has increased the frequency of cleaning and disinfecting in warehouses as well, and began spraying down whole facilities with disinfectant fogs in mid-April. But [the late Harry Sentoso’s son] Evan, and a contingent of Amazon workers across the country, don’t think that those measures are enough. Hundreds of workers at Amazon’s facilities in Hawthorne and Eastvale, in Riverside County, have signed and submitted petitions asking the company to close the facilities for two weeks after infections for thorough cleaning and send workers home with quarantine pay. Following worker complaints compiled by the Warehouse Workers Resource Center, Cal OSHA has also launched investigations into both facilities…
The call for a shutdown has been especially loud at warehouses in Pennsylvania and New York that have become coronavirus hotspots, with more than 60 reported cases at each before the company stopped updating the tally even to local employees.

Read more of this story at Slashdot.

Source: Slashdot

Cisco Discloses Security Breach That Impacted VIRL-PE Infrastructure

Thursday Cisco disclosed a security breach that impacted a small part of its backend infrastructure and two of its commercial products also bundling the SaltStack software package as part of their firmware.
ZDNet reports:

Cisco said that hackers used a vulnerability in the SaltStack software package, which Cisco bundles with some products, to gain access to six servers… The six servers provide the backend infrastructure for VIRL-PE (Internet Routing Lab Personal Edition), a Cisco service that lets users model and create virtual network architectures to test network setups before deploying equipment in real situations. “Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised,” the company said Thursday.

Cisco said it patched and remediated all hacked VIRL-PE servers on May 7, when it deployed updates for the SaltStack software. However, the issue isn’t localized to Cisco’s backend infrastructure alone. Cisco says that two of its commercial products also bundle the SaltStack software package as part of their firmware. These are the aforementioned Cisco VIRL-PE, and Cisco Modeling Labs Corporate Edition (CML), another network modeling tool. Both VIRL-PE and CML can be used in Cisco-hosted and on-premise scenarios. In case companies use the two products on location, Cisco says CML and VIRL-PE need to be patched.

Read more of this story at Slashdot.

Source: Slashdot

Tunguska Meteor That Blasted Millions of Trees in 1908 Might Have Returned To Space

schwit1 quotes Space.com: A new explanation for a massive blast over a remote Siberian forest in 1908 is even stranger than the mysterious incident itself. Known as the Tunguska event, the blast flattened more than 80 million trees in seconds, over an area spanning nearly 800 square miles (2,000 square kilometers) — but left no crater. A meteor that exploded before hitting the ground was thought by many to be the culprit. However, a comet or asteroid would likely have left behind rocky fragments after blowing up, and no “smoking gun” remnants of a cosmic visitor have ever been found. Now, a team of researchers has proposed a solution to this long-standing puzzle: A large iron meteor hurtled toward Earth and came just close enough to generate a tremendous shock wave. But the meteor then curved away from our planet without breaking up, its mass and momentum carrying it onward in its journey through space.

Read more of this story at Slashdot.

Source: Slashdot

Watch Live: SpaceX Launches NASA Astronauts to ISS

“Crew Dragon’s hatch is closed, securing @AstroBehnken and @Astro_Doug in the spacecraft ahead of liftoff,” SpaceX tweeted an hour ago.

Livestreaming of the launch has already begun, with liftoff scheduled in about 41 minutes.
GeekWire reports:

If liftoff from NASA’s Kennedy Space Center in Florida occurs today at 3:22 p.m. ET (12:22 p.m. PT), it’ll be a feat that America hasn’t been able to perform since NASA retired its space shuttles, nearly nine years ago. “We are going to launch American astronauts on American rockets from American soil,” NASA Administrator Jim Bridenstine declared during a launch-eve briefing at the space center’s countdown clock.

But even Bridenstine acknowledged that’s not a sure bet for today. “Weather challenges remain with a 50% chance of cancellation,” he tweeted this morning. A drenching rainstorm swept over Florida’s Space Coast overnight, but the skies cleared up this morning… The launch can be scrubbed at any time, all the way down to the last second, if the weather doesn’t cooperate or if a technical glitch arises. If the gumdrop-shaped Crew Dragon doesn’t lift off today, Sunday is an option. The chances of acceptable weather are expected to improve to 60%. The weather outlook is even better for a June 2 backup opportunity…

Hurley and Behnken, who are both experienced shuttle astronauts, are scheduled to rendezvous with the space station on Sunday and move in alongside its current occupants, NASA’s Chris Cassidy and Russia’s Anatoly Ivanishin. NASA hasn’t yet decided how long the Dragon riders will spend in orbit. Their stay could be as short as six weeks, or as long as 16 weeks, depending on how the test mission proceeds. For the return trip, Hurley and Behnken will strap themselves back inside the Dragon and descend to an Atlantic splashdown.
This whole flight serves as an initial demonstration of the Crew Dragon’s capabilities with an actual crew aboard. If the mission is successful, yet another Crew Dragon will carry four different astronauts to the space station weeks after Hurley and Behnken return.
Reuters reporter Joey Roulette also spotted NASA astronaut Garrett Reisman by the side of the road as his fellow astronauts drove by. He was holding a sign that said “Take me with you.”
And GeekWire notes that NASA Administrator Jim Bridenstine sees this event as historic. “I really think, when we look into the future, we’re going to see these models of doing business with public-private partnerships apply not just to low Earth orbit… but we’re taking this model to the moon and even on to Mars.”

Read more of this story at Slashdot.

Source: Slashdot