
Former developer at software company deletes his code to protest its ties to ICE - konceptz
https://www.dailydot.com/irl/former-chef-developer-deletes-code-ice/
======
codegeek
"Earlier today, a former Chef employee removed several Ruby Gems, impacting
production systems for a number of our customers."

So the developer already had left the company but one of his own Open Source
code hosted on his personal github was used in production by Chef Customers ?
Really ? That is just Wow. I don't have any strong opinions on whether he did
the right thing but this absolutely surprises me. Running a small company, I
am very strict against any of us using any personal accounts for anything that
impacts our company work especially production. This has to be a no no by
default I would assume.

~~~
WrtCdEvrydy
Remember leftpad?

~~~
CaptainJustin
For those interested see: How one developer just broke Node, Babel and
thousands of projects in 11 lines of JavaScript

[https://www.theregister.co.uk/2016/03/23/npm_left_pad_chaos/](https://www.theregister.co.uk/2016/03/23/npm_left_pad_chaos/)

------
saagarjha
Not completely related, but the tone of the two tweets linked in the article
doesn’t make sense to me. The first is a reasonable request for a comment
about an issue that Shanley cares about, but it’s immediately followed by a
comment a minute later screaming at Chef to take a certain action while
hurling epithets at them in all-caps. How can you possibly assume good faith
from the first comment after reading the second? Why didn’t she just go
straight to attacking them if that was clearly her intention?

~~~
thrower123
Expecting good faith from shanley given her track record is like yet another
frog offering a ride across the river to the scorpion, despite the frog
corpses nearly damming the flow downstream. This is just not a person who
deserves to be taken seriously.

------
konceptz
The technicals of the story are interesting around the software supply chain.

I’m put off by the statement: “I want to be clear that this decision is not
about contract value—it is about maintaining a consistent and fair business
approach in these volatile times,” he wrote. “I do not believe that it is
appropriate, practical, or within our mission to examine specific government
projects with the purpose of selecting which U.S. agencies we should or should
not do business.”

I hear about practicality all the time at my office and sometimes it’s real
and sometimes it’s laziness. This sounds like a little of both but also profit
motivated (not saying that’s wrong for a for-profit company).

Interested in your options on code of ethics and the above.

~~~
SpicyLemonZest
It's definitely impractical to say you won't do business with anyone who does
things you don't endorse. Imagine an electrician trying to demand a
certification that the buildings he works on will host only ethical tenants.
You just can't run a company that way; even people who do meet your ethical
standards won't do business with you.

If you think that ICE is so uniquely bad that they specifically need to be
boycotted, that makes sense. Without inviting any debate on whether it's true,
it's a consistent position that can be reasonably applied.

~~~
sneak
You absolutely can run a company that way. I do, as do many others. My company
has grossed multiple millions of dollars operating that way.

~~~
SpicyLemonZest
I'm glad to hear that you can make it work. About how frequently do you cancel
contracts because you've discovered your client is doing something unethical?

~~~
sneak
I recently declined a client who appears to be a white supremacist. I have
declined work in the past due to the potential client organizations working
with the military, police, or other violent organizations.

We all have this responsibility to place nonviolence above profit.

~~~
SpicyLemonZest
I think that's a very different thing than, as Chef is being asked to do here,
terminating existing clients because they got some bad press on Twitter. Both
in terms of your own operations (sudden cashflow interruptions are hard) and
your clients' willingness to do business (can I justify the risk of waking up
one Monday to learn that our CI provider is cutting me off and all development
is dead in the water?)

------
mcguire
" _Another user pointed out that Chef isn’t the only company to profit from
working with ICE. Microsoft has raked in $4.6 million, IBM has received $1.6
million, and CISCO has received about $500,000 through their work with ICE._ "

Those numbers seem very low. Is this just for one year or one contract?

~~~
remarkEon
Does each government agency have to individually enter into a contract with
Microsoft et al.? That sounds wildly inefficient and silly. My guess is that
this "user" pulled those numbers out of thin air.

~~~
mcguire
Yes. Mostly.

The contracts are generally for specific products or services, for a specific
time. High-level agencies have a great deal of autonomy and also get to pull
their needs out of their own budgets. Lower-level elements within an agency (a
NASA center, for example) can also have more or less autonomy.

~~~
remarkEon
Yeah I shouldn't been more clear in my question. I was more referring to high-
level services (e.g. Office). For specific use-cases, it makes sense for lower
level agencies to have at least a little autonomy.

------
sethvargo
Hi there. I’m around to answer any questions!

~~~
frittig
Do you think that there is a point in having boarders between countries? If so
how should they be enforced? If a 17 year "child" crosses the boarder should
they be detained (ie. kept in prison until deportation) or should they be
allowed to walk free in the US. If a child and parent both crossed the border
should only the parents be detained leaving the child to fend for itself in
America? Should they be detained in the same cell? ie keep children detained
with adult.

I agree that keeping children in cages is not good, but there are solutions.
If ice had a bigger budget maybe it could have more beds, larger cells, better
food. I don't see how removing enforcement is a solution.

~~~
iamaelephant
> I agree that keeping children in cages is not good, but

Come on, man.

~~~
repolfx
Would you be much happier if it was a normal room, but locked from the
outside?

I never saw anyone talking about "cages" until about a year or so ago. It
seems the alternative of better accommodation isn't what people are demanding
here, but rather, giving children a waiver to break any and all laws. If you
want to see children being forced or recruited into cartels in record numbers,
making them immune from any kind of border enforcement is a surefire way to do
it!

------
doggydogs94
You would be a fool to hire this guy after this stunt.

~~~
WrtCdEvrydy
What stunt? He removed an open source library from his own personal account
because he felt the nazis shouldn't be using his software. It's kinda like
when IBM sold the nazis hardware to keep track of the Jews.

~~~
sethvargo
It’s also worth noting that the same result would have happened if I’d died.
My will requests the immediate deletion of “all Internet accounts”. Such an
action (deleting my GitHub account) would have had a very similar result.

------
handlegoeshere
Seth, as a person that has learned a lot from you over the years and benefited
from your work while at Chef, Hashicorp, and Google Cloud, this act has only
increased my respect for you. Thank you for taking a stand against oppression
and injustice.

------
ykevinator
Hero. Too many vanity talkers today, not enough doers.

------
schmookeeg
I expect that, to be ethically consistent, this developer will also return all
salary or payments he received while creating this now-deleted code.

I think leaving a job is a better protest than doing damage to your employer.
And perhaps for his next contract, he might insert a clause limiting what his
code can be used for. In limiting the utility of the code he sells, I expect
he'd be taking a lesser pay rate for it.

~~~
konceptz
If you read the article, the developer already was not working for Chef. Chef
was/is relying on OSS components which the former develop pulled from the open
repository. -edit for clarity.

~~~
schmookeeg
Thanks, I overlooked that somehow. (pre-morning tea over here :) )

I haven't read many OSS licenses. Can't someone just publish an 'unethical'
fork and life goes on?

~~~
konceptz
Interesting approach. Makes me wonder if you authored a component and extended
a license to say that “use of this code must abide by [inert relevant code of
ethics]”, could you enforce that?

~~~
garmaine
Such licenses exist, and yes. But it wouldn’t apply retroactively.

~~~
temac
Also such licenses are not Free Software. And from a practical point of view
(existing in the ecosystem) that matters a lot.

