This story is nuts. Chef signed a $95k contract with ICE, did some shady shit to cover it up and when that didn’t work, published a blog post claiming they did nothing wrong

@stringlytyped That story is weird on so many accounts. Apparently free software principles suddenly don't apply anymore when used by an evil organization? If that's what the dev believed in, the Ruby gem should have been published with Douglas Crockford's controversial "Not Evil" clause.

@ayo If you are a FOSS maintainer I guess you can’t prevent others from distributing the code. But are you yourself obligated to be the one to distribute it?

Regardless, I don’t think the author of those libraries had any illusions about his inability to prevent others from using them. His aim was likely just to cause some temporary disruption to draw attention the issue—a legitimate form of protest in my eyes

@stringlytyped No obligation, no. But I, for one, wouldn't want to break all products that rely on my code in order to make a political statement, and I wouldn't want to rely on maintainers who do that either. The forks are a perfectly reasonable reaction, in that sense.

But it got attention, so it seemed to have been successful as a statement, at least.


@ayo Fair enough. I can definitely see your point.

But I can’t help but wonder whether the manner in which they “forked” the project (they just removed mention of the original author) is a violation of the license terms

@stringlytyped That wasn't very nice, I agree. Might even count as plagiarism...

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.