
FUSE for macOS is no longer open source - khc
https://colatkinson.site/macos/fuse/2019/09/29/osxfuse/
======
hizanberg
Likely the best outcome for the project barring company sponsorship that pays
him to continue working on it as OSS.

He's been the sole maintainer on the project since 2012 [1] and has never been
compensated for it, he says it will always be free to end users but wants
companies that are financially benefiting from it to help sponsor continued
development [2]:

> I will never ask end users for financial support. FUSE will always be free.
> However, what I'm asking for is for companies, that are selling FUSE-based
> products or rebrand FUSE and bundle it with their apps, to re-invest some of
> the profits in the continued development of FUSE on macOS, if they can
> afford it. I don't think that is unreasonable.

So he's just exercising the same BSD rights that all the other companies who
have been taking and commercializing his work and not contributing back any
fixes or funding for continued development.

Given that the alternative was to abandon the project [3], the only way it was
going to see continued development as an OSS project was is if others took
over maintenance/development of it, which anyone is free to do by creating and
maintaining a fork.

[1]
[https://github.com/osxfuse/osxfuse/graphs/contributors](https://github.com/osxfuse/osxfuse/graphs/contributors)

[2]
[https://github.com/osxfuse/osxfuse/issues/590#issuecomment-5...](https://github.com/osxfuse/osxfuse/issues/590#issuecomment-508021742)

[3]
[https://github.com/osxfuse/osxfuse/issues/590#issuecomment-5...](https://github.com/osxfuse/osxfuse/issues/590#issuecomment-501809602)

~~~
pjmlp
This will keep going on, until FOSS community accepts that beyond university
projects, someone pumping up their CVs, having a company sponsorship, or being
able to pimp it up with some kind of subscription/consulting, there is little
to no money to be made and everyone has bills to pay.

~~~
f1refly
No, this wouldn't have been a problem if the software had been gpl licensed,
as the companies would've been forced to give back whatever they changed
themselfes, potentially helping him out a lot

~~~
javajosh
You cannot pay rent with 3rd party code contributions.

~~~
dspillett
But you might be able to pay rent with it if those not wanting to feed back
their work wanted the code enough to negotiate a paid licence under other
terms.

That can be messy for projects with many past maintainers where the licence
options at the time of individual contributions did not explicitly allow this
or arbitrary relicensing, but in this case (single current maintainer, other
contributions made under a licence that allows him to do this) it needn't be.

~~~
javajosh
I'm not sure how that works, legally. If I understand you, you're suggesting
that you can GPL your work to create leverage in a future negotiation with a
potential user who wants to modify it privately and/or integrate it into
proprietary software.

Can you un-GPL your work for a single entity? Doesn't that mean that you
yourself are violating the GPL? I'm legitimately asking, not being rhetorical.

~~~
beering
If you're the sole author of the code (or own the copyright or have the
ability to relicense), then you can. It's not "un-GPL"ing the code because
whatever you GPL'd will continue to be available under the GPL forever.

But you can say, hey, I'm ALSO releasing this code under a separate commercial
license that costs $X dollars to get.

You can't infringe on your own copyright!

~~~
javajosh
Well, that's pretty cool actually. I was unaware that was an option, and I'm
pretty sure that many other people don't know that's an option either! It
seems eminently fair to ask for money from people who are making money from
your thing (and if they aren't, to not ask for anything).

------
simias
I agree that any aggressive towards the maintainer is unwarranted, even if I
personally disagree with his move. In particular this comment quoted in TFA
amused me:

>Then drop it and let someone else maintain it.

I want to reply to this person: then fork the last open source version and
maintain that. That's the whole point really. Besides he apparently made the
change two years ago and people only start noticing now, it's pretty clear
that there's not a vibrant community of contributors ready to take the project
over.

It's not entirely fair in this case because of the certificate needed to sign
the kernel module but if it's really that difficult to get a certificate from
Apple as an open source project that seems more like a problem with Apple than
with osxfuse's maintainer. Besides what can he reasonably do? Just give the
certificate to whoever asks for it? That's going to get it revoked by Apple in
approximately 4 femtoseconds.

Companies benefiting from the work of opensource projects and not giving
anything back is genuinely a big problem IMO. It's not illegal of course, but
it is unethical in my opinion. Look at the state of OpenSSL, one of the most
(if not _the_ most) popular crypto library out there, who has to beg for
scraps in order to fund the project. And when there's a critical vulnerability
like heartbleed, who gets mocked online? The poor guy or gal who authored the
commit, not the countless multi-billion dollar corporations who deployed their
code for free without paying for a thorough audit or contributing anything
back.

~~~
marcus_holmes
I'm a startup tech founder, benefiting massively from FOSS code. I realise
there is a debt here, and the plan is definitely to repay that debt once we're
cash-positive.

Being able to have that plan, and not having to pay for software licences up
front, is awesome.

But I totally understand TFA's point of view. Maintaining a FOSS library is
hard work, and those benefiting from it should contribute. If he's not seeing
that happen organically, then he's quite within his rights to make it happen.

And to be fair, he's not even saying "I'll charge you". He's just saying
"contact me". I'd speculate that if I needed to use his code, I could cut a
deal where we would pay him when we get cash-positive.

~~~
earonesty
"Small companies don't have the resources"... that's some backward thinking
right there.

By failing to contribute, small companies cost themselves money very quickly.
How can a small business afford to live in a world of un-maintainable forks,
patches and tech debt?

Only large companies can afford to maintain private forks of FOSS. Small
companies _have_ to give back, or they will simply disappear.

~~~
toadkicker
I can't count how many times I've submitted a patch only to hear my
supervisors complain that I made a contribution to the thing that makes the
business profitable.

~~~
nicky0
I know you are deploying irony but due to competing interpretations I can't
figure out its intent. Do you mean the supervisors do complain or they don't?

~~~
dylan604
Company A and Company B both use the same FOSS application. Company A has
internal devs that add/fix the FOSS, but keep those updates internal. This
gives Company A an advantage Company B does not get. Company A managers
recognize this, and feel that since the updates were made on company time,
they do not _have_ to provide that to the rest of the world. Company A devs
commit their updates to the repository, and now Company A mangers feel like
they have given away work product for free. Lots of way pointy hair bosses to
be upset in this scenario.

------
ChrisMarshallNY
That was a very good write-up. Quite fair, and Kool-Aid-free.

It is a pretty good synopsis of the issues faced by open-source developers,
these days.

Much like The September That Never Ended was probably the best thing that ever
happened to the Internet, but was really tough on the folks already there, the
adoption of open-source systems by commercial entities is making open-source
"sexy."

Open-source developers (of which I'm one) need to make extra efforts to
document and "decorate" their projects, and often dream of "going viral."

However, like so many folks have found on YouTube, fame != money.

In fact, once your project starts getting all that lovely adoption and
enthusiasm, it will also start getting demanding, pithy, threatening and
abusive contacts from users.

I strongly suspect that a lot of OS developers have walked away from promising
projects because of this crap. I'm a stubborn, cantankerous bastard, so I
haven't; but I also have the "advantage" of not having any projects that have
gone massively viral. It's been a drip that I can use a saucepan to catch; not
a deluge.

This smells like a business opportunity. Maybe set up a service for OS
developers that will field all the abuse for them, and make it real cheap.

~~~
MayeulC
I'm starting to feel that September is slowing and it might end at some point,
that in the end it really is related to the technology adoption life cycle[1].

If you look at the bell curve on that page, its integral is the technology
penetration, that is a sigmoid: start slowly (initial period), accelerate
(eternal september) for a while, and start to decrease the penetration speed.
At some point, enough people will likely have knowledge about the technology
that new entrants will take much less time for those already in to bring up.

You can argue that those that enter the field now are adopting GAFAM rather
than OSS alternatives, but I think that as long as you have the "eternal
september" feeling, it means that a lot of people are jumping in, and will in
turn help the upbringing of others later in the cycle.

Hopefully FOSS culture and knowledge will become endemic in companies at some
point; that's all I'm saying. But it's hard, at any point of the curve, to
predict where we are in that cycle, and when it will end.

I'd be curious to see some data on say, the number of Facebook users. I'm
pretty sure it can be seen as a sigmoid.

~~~
72deluxe
Are you sure? I am certain it's accelerating. More and more people use the
Internet for their daily life and more and more services are "going digital".
I know some 16 year olds (born 2003, after XP how depressing, I feel old) and
the concept of NOT having the Internet and dirt cheap music streaming etc. is
completely alien to them. They also have no concept of privacy and will
install every service known to man on their devices (with the sucking up of
data from them) without any thought because "it's free". This only increases
the expectation of free (as in £0.00) software and services.

When's the last time you met anyone without a Facebook account? Tell them you
don't have a Facebook account or a WhatsApp account and they will look at you
as if you are from Mars, and trying to explain to them why you don't want such
an item is like talking to a brick wall.

Try living without Google.

It's all getting very difficult to do because the alternative is so very very
easy.

~~~
toyg
I was installing everything that was “free” back in 1995. You cannot expect a
teenager to be familiar with internet-privacy mantras; it’s actually horrible
how we’ve created a situation where these poor kids are _forced_ to learn and
self-defend against an onslaught of trackers.

~~~
72deluxe
Agree! I can't see it getting any better for 99% of users either - you have to
be quite technical.

And once DNS over HTTPS is the norm (thanks Google + Microsoft) I literally
have no clue what I'm going to do - I won't be able to stop any of the
tracking domains requested or "telemetry".

It's a nightmare and I think the Internet will be "over" for me at that point.

eg. Little Snitch tells me all the outgoing requests on my Mac, I have to run
piHole for DNS to block 27% of my DNS requests (yes that much), OOSU10 is
mandatory on Windows 10 to turn off a boatload of telemetry, and every site on
earth these days don't self-host - they pull from 20 different sites instead
of just their own site. That's 21 different organisations that know I've
visited their site,

eg. visiting White Stuff's website (clothing) for my wife and I get
whitestuff.com, googletagmanager.com, google-analytics.com,
wsweboptimisejs.blob.core.windows.net, via.placeholder.com,
tag.bounceexchange.com, fsm.attraqt.com, fonts.googleapis.com,
data.rci.eggplant.cloud, cdn.optimizely.com, c3n4sovn.cloudimg.io

It's ludicrous.

~~~
z3t4
You can block all IP ranges owned by the tracking companies. Sure many
services will stop working.

Some people go vegan, some people go GNU. There are plenty of content to
discover beneath the mainstream commercials. There is so much content on the
web, and the Internet is not just the web. That I'm sure you can live a happy
life, without consuming the services which business model is centered around
how many ads, trackers and spyware they can install on your devices.

~~~
72deluxe
Yes this is true. I am quite happy living my life without all of this garbage,
but more interested in how to effectively be able to stop this kind of garbage
without constantly playing whack-a-mole.

------
mike_d
It is buried in the footnotes of the post, but the ultimate reason behind
going closed source is that Google built their enterprise GDrive syncing
client for mac off a fork of osxfuse. The original author of osxfuse feels
entitled to some compensation for that and is doing his damnedest to make it
happen.

~~~
eps
I'm not sure if the dev feels entitled for _compensation_ per se, but G and
other companies don't contribute back to the project in any form. Not $ and
not in code. Now _that_ is not a very good thing... though technically that's
exactly what you get with permissive O/S licenses. It looks like the dev
realized that and changed the license.

It also doesn't look like he trusts this companies much, because otherwise he
could've just slapped the Commons Clause on his existing license and be done
with it. So he closed the source instead.

[https://commonsclause.com/](https://commonsclause.com/)

~~~
tus88
> Now that is not a very good thing

I am still waiting for someone to explain why open-source software is harmed
by people using it, if they don't contribute back.

~~~
blihp
To many developers, the main reason they contribute to open source software is
for the benefit of leveraging each others work. If one is the sole author due
to lack of contributions, from that perspective there is no value _to the
developer_ in providing it as open source. The problem is compounded if they
look around and see companies profiting off of their work and neither
contributing fixes/improvements back nor funding the developer(s) who do.

So how is it harmed? By exactly the situation playing out with FUSE: the
person who has been maintaining it has been seeing no benefit financial or
otherwise and decides to take his ball (the source code) home as he has every
right to do. I suspect if he doesn't see some corporate sponsorship soon he
may very well decide to stop releasing future updates entirely.

~~~
jagged-chisel
> To many developers, the main reason they contribute to open source software
> is for the benefit of leveraging each others work.

Then these developers need to understand copyright and licensing, and choose a
license that enforces that motive. If you release under BSD, you're not
_encouraging_ companies with a profit motive to contribute back.

------
jasonkester
Good for him.

I hope we see more of this in the future: developers realising that the work
they do has value and that they’re not required to spend their lives giving it
away for free. So they take control of their work product and start capturing
some of that value for themselves.

It’s a shame that the article is written in this tone, as it mirrors the
dominant sentiment among open source folks. There is still a lot of
entitlement to be seen, even here in the comments from people who are likely
to end up in the same boat as the software author referenced in the article.

I think it’ll take a while to get there.

~~~
Semaphor
> It’s a shame that the article is written in this tone

The article seemed pretty neutral excluding the slightly shady stuff like not
mentioning the license change properly, timely or even in expected locations

> the dominant sentiment among open source folks

The dominant sentiment of open source folks is that they want open source
instead of proprietary software? That seems expected, it’s after all the whole
point.

edit: positive -> neutral; shady -> slightly shady

~~~
pjmlp
The dominant sentiment of open source folks is that they don't want to pay for
anything, even if it is open source.

~~~
f1refly
That's a lie, lots of people donate voluntarily for their favorite free
software every day. If you decide to be a leech that's fine too, but don't try
to convince yourself others are that way as well.

~~~
pjmlp
Donations don't allow for a sustainable business.

~~~
laughinghan
But they demonstrably can allow for a sustainable _project_ , the obvious
example being the Linux Foundation.

And if you admit to the existence of donations, then do you admit that you
were wrong to say "open source folks don't want to pay for anything"?

~~~
pjmlp
Since you brought up the Linux Foundation as an example, the large pool of
contributions are from Fortune 500 happy to use Linux instead of paying for
UNIX licenses.

Which in any case only a tiny part of kernel contributors can live from.

~~~
laughinghan
Tiny part? Your immediate preceding sentence observes that the large pool of
kernel contributors live on salaries provided to them by Fortune 500
companies.

Is that a roundabout way of admitting that you're wrong and open source can be
sustainable?

~~~
pjmlp
Not even close, because those developers are employees from Fortune 500
companies in one way or the other, they are not being paid by other developers
paying to use Linux based software as such.

~~~
laughinghan
I don't understand. "Not even close to sustainable", you say, then complete
the sentence by describing the situation in which Linux has been and continues
to be sustainable.

~~~
pjmlp
Here is the part you keep ignoring "other developers paying to use Linux based
software".

~~~
laughinghan
What is the relevance of that part? Your claim that open source projects can't
be sustainable is straightforwardly false, regardless of whether there are any
Linux developers who are payed by other developers in order to use Linux-based
software.

Similarly, your claim that "open source folks" don't value open source
software as worth paying for is straightforwardly false, regardless of whether
they pay out of their personal bank accounts or push their Fortune 500
employers to donate money and time (which every Fortune 500 calculates in
terms of money).

------
hapless
The heart of the matter is that a fairly small number of people on a
proprietary UNIX are mad that they have to pay money to continue to be free
riders on the Free Software movement.

Mr Fleischer has done a huge amount of unpaid work so a narrow segment of
wealthy software workers can avoid the choice between paying for proprietary
software and supporting Free Software, _after spending thousands of dollars on
a MacOS system_

No world has ever produced a violin small enough to play an elegy for those
“victims.”

If you wanted a Free Software FUSE, maybe a Linux desktop would have been a
better choice?

~~~
fierarul
+1

> after spending thousands of dollars on a MacOS system

Note how much the developer also pays in hardware and in subscriptions like
the Apple Developer account.

Apple does _not_ give free certificates for open source projects. Everybody
must pay!

~~~
saagarjha
It’s not like those things are useless outside of the context of this project.

~~~
fierarul
A paid Apple Developer account just to sign an open-source license is pretty
useless.

------
cr0sh
I find this to be yet another example of why the GPL (in general) was created,
and why licenses like or similar to the BSD license are flawed.

The way I see the GPL is that by modifying and publicly releasing the modified
version of the binary, the payment for being able to do that is paid, at a
minimum, in the code that should be released to accompany those changes.

You want to use my code, and not pay me for it with money? Then pay me (or pay
it forward) with the code instead.

The BSD license and other similar licenses, while seemingly more free - really
aren't. They allow for someone or some company to just come in, take the code,
then profit off of it in a closed-source manner - provided they give some
acknowledgement somewhere that it came from the original BSD based project or
whatnot.

Now - granted - in neither case would the programmer get paid money - but in
the case of the GPL, at the very least the changes, fixes, updates, whatever -
get "paid for" in code. It won't put food on the table, but it is the least
that someone could do, imho, by benefitting from the rest of the codebase.

I note that the above is a very simplified understanding of the GPL, BSD, etc
- and of this issue in general. But I still think the basic idea stands; that
at its core, the GPL is about "paying for" code with code, so that code nor
changes to it will ever "go missing" or become "locked up" into some
proprietary version of the code, and ultimately benefiting users less (whether
they know or understand it or not).

~~~
donatj
I honestly didn’t see the need for GPL until a project I had sunk a lot of
time into contributing to changed their license from Apache to Proprietary and
started charging more than I could possibly afford for a license.

I feel tricked and betrayed, it has been a year and I am still upset. The
whole thing feels like I got robbed. I donated my time to a project I thought
was for the good of the community, turns out I was just doing free work on a
proprietary product others stood to make money on.

It’ll be a long time before I sign another CLA on something I care about.

~~~
z3t4
You can fork the latest Apache version of the project.

~~~
donatj
I’m actually still running the last Apache release. It’s a large project
however and the thought of maintaining it entirely by myself is daunting.

------
otikik
I'm fortunate enough to have been paid to do open source code for the last ~10
years or so. I am thus a huge open source & free source advocate, and I am
completely biased for it.

I think everything done here seems legal, because BSD licensing pretty much
allows for this (I am not a lawyer though, and I haven't examined how things
were with third-party contributions for example).

Morally, the only fault I can say on the maintainer's behavior is a lack of
transparency. This kind of decisive move ideally should be accompanied by an
equally decisive communication effort. Trying to do this "quietly" isn't an
option when a big number of users and/or big players are involved (as it seems
Google is involved to some extent).

~~~
m000
> Morally, the only fault I can say on the maintainer's behavior is a lack of
> transparency.

Totally agree with that. The maintainer seems to have made very little effort
to get compensated for his work. It would surely be nice if some company
stepped-up and offered to sponsor the development of the project. But it's
also kind of childish to scheme and hold grudges for not getting something you
never bothered asking for.

Other open-source developers have been in a similar position in the past, but
the handling of the situation was much more transparent and considerate. Off
the top of my head, I can remember the example of Synergy [1]. When the
developer needed support, he announced well in advance the changes to the
model of development. And actually put the time to spin-up a company around
the project, and offer ways for normal users to support development.

[1] [https://symless.com/synergy](https://symless.com/synergy)

~~~
CathedralBorrow
> "But it's also kind of childish to scheme and hold grudges for not getting
> something you never bothered asking for."

When you state that he never bothered asking for something, what are you
basing that on?

------
hemancuso
I think this is fairly overblown, there are a fair number of FUSE for macOS
forks out there with signing certificates.

I have kext signing certificate for ExpanDrive, Google has one for Google
Filestream, I suspect many others have one as well. Rightfully, Apple doesn't
hand them out as easily as they do with regular developer certificates, but if
you want one and do a reasonable job representing that you're not going to
panic end-user systems, you can get one too.

FUSE for macOS remains open source, fork it if you want. Benjamin merely
decided not to work on it for free anymore and essentially providing bug fixes
etc for those who pay for it.

Lastly - FUSE of macOS is not going to be around in the current form much
longer. Apple has made it abundantly clear that Kernel Extensions are on the
way out, and that macOS 10.15 will be the last release to fully support kexts
without compromises. Check this slide from WWDC

[https://imgur.com/a/EAzT6Ch](https://imgur.com/a/EAzT6Ch)

~~~
khc
What do you think future of fuse on macOS will be like?

~~~
hemancuso
I have no inside information but assuming they continue to expose the VFS
layer they will very likely build a usermode extension framework that is quite
like FUSE, but supported by the OS and maintained by Apple.

------
znpy
I am afraid there's nothing people can do about this issue: according to
[https://github.com/osxfuse/osxfuse/blob/master/LICENSE.txt](https://github.com/osxfuse/osxfuse/blob/master/LICENSE.txt)
the project is BSD licensed and AFAIK closing the sources of a BSD-licensed
project ("re-licensing") is allowed.

Yep, he's allowed to do this and people basically have to suck it up.

This couldn't have happened if the code was GPL-licensed.

This might be a good occasion take a moment to think about all the BSD-
licensed software you're currently using, and imagine it disappearing just
like this piece of software. Then go back to your repository and re-license as
much as you can as GPLv3.

~~~
kjksf
Cursory look at recent checkins seems to indicate that he wrote all the code.

As the copyright holder of the code he could re-license it the same way even
if it was GPL.

~~~
nordsieck
> Cursory look at recent checkins seems to indicate that he wrote all the
> code.

1\. There are github commits not by him in the project.

2\. There are lots of copyright assertions scattered through the project. The
first one I ran into was:

> Copyright (c) 2006-2008 Amit Singh/Google Inc.

but I'm sure there are way more than that.

------
larodi
this quite reminds of the openssl saga, but on a smaller scale, with single
developer more or less responsible for world's encryption for decade.

it's a pity, it's a shame that companies who use FOSS benefit, but do not
understand (or do, but ignore) the idea of FOSS, which is to give back to
community. this also includes other FOSS companies, etc as everyone uses
openssl, zlib and sqlite.

to base a project on FOSS requires that you contribute back. or pay back if
you can. and when your business makes 1000$ then 1$ out of every 1000$ for the
FOSS guy that made it possible is money worth spending, isn't it?

if it's true that VeraCrypt, the G company and others based work on this
developer's efforts and forgot, for decade, to give back anything, well - it's
well deserved to leave them staring at the blank repo. well deserved indeed,
as they had plenty of time and resource to compensate the author while reaping
benefits off his work. well done to choose the BSD license in this case.

all other companies building big-software based on hundreds opensource
projects should rethink their strategies.

there is no free lunch, someone pays for it. and its a shame, when this
someone is left alone to pay for his lunch, while hundreds benefit from it.
maybe there should be the FOSS Church and at least make these people revered
as saints.

~~~
aembleton
Why should companies give back when the code was licenced in such a way as to
not require it?

If a developer works on a project and wants commercial companies to give back
then they can choose a suitable licence such as GPLv3; if they just want to
get their code out there and don't really mind how it's used then BSD is more
suitable.

~~~
hmottestad
Seems like the reason he changed it up!

------
dangus
> He can do that?

> Uh… probably? As I mentioned, most of the code is under BSD-style licenses.
> The command line utility to actually mount the damn thing is under the Apple
> Public Source License, which has a “soft copyleft.” But in theory, if no
> further changes are made to this part of the code, it already meets the
> requirements for source code distribution.

Just a note here, my understanding of the legal status of software licenses is
that they don’t supersede your own ownership of copyright.

As the nearly-sole contributor, the author can violate his own license for the
code he created. Even if the whole thing was GPLv3, I think he could simply
remove anyone else’s contributed commits and take the rest as proprietary
code. It doesn’t sound like much work was done by other contributors on this
project anyway.

Now, if he’s closed sourcing and using/changing someone else’s contributions
that were licensed to the public in a copyleft license, that’s a different
story.

(IANAL)

~~~
matkoniecz
> As the nearly-sole contributor, the author can violate his own license for
> the code he created.

To be more specific, it is not in a violation of copyright. I am pretty sure
that when I publish my code under any standard* licence it is not an exclusive
license.

I can still sell access on a more business friendly licence, publish it under
CC0 and so on.

*is there even serious licence that includes "no dual licencing" exclusivity clause that is binding the author? Is it even possible to do as a licence?

~~~
wongarsu
> Is it even possible to do as a licence?

I guess you could draft it as some kind of exclusivity licence "this work will
only ever be available under this licence". You would still own the copyright,
just contractually bound not to exercise it.

But even that wouldn't be very convincing. If the author republishes under
another licence this isn't in violation of copyright or any criminal law, it's
more like "I gave written agreement not to do something I have the legal right
to do, did it anyway, and nobody can demonstrate any damages. Sue me"

------
tambourine_man
I think the issue is lack of user interest.

I’ve tried using FUSE for the Mac many times throughout the years, mostly for
curl_fs and ssh_fs.

Believe it or not, I’m not happy with the FTP alternatives on the Mac.
Transmit is beautiful but buggy and lacks features such as general purpose
SOCKS proxy. FileZilla is ugly as sin. Cyberduck is neither pretty nor feature
packed.

Although it got better recently, FUSE for the Mac has always been incredibly
slow and buggy, no matter how many command line flags I added.

So between native NTFS read, ExFat read/write and decent for most people
remote disk apps, there are probably very few users who care about FUSE on the
Mac.

~~~
cerberusss
There's also Expandrive.

~~~
tambourine_man
I briefly tried. Does it work well?

Also tried Transmit's mount feature, but wasn't very satisfied.

~~~
cerberusss
I tried it many years ago. They changed so much in the meantime. But back
then, the product was pretty good.

------
ajnin
I don't think going closed source is the solution to fight against others
leeching off your work. The solution is more stringent GPL-style licenses that
are more protective of the open-source community.

Overall BSD-style licenses are not protective enough for the open source
community, in fact they open it up to predatory behavior by selfish entities
with large commercial interests and which don't care about giving back to the
community. BSD gives the most freedom to the developers (that includes
companies making private use of the code), while GPL gives the most freedom to
the user of the software (who can then chose to become a developer). BSD code
is often higher in popularity but there's a reason for that. I think GPL is
the better choice overall.

------
rahuldottech
IIRC, FUSE is also required for VeraCrypt to function. So now the source code
of this library (module? whatever) that's used by popular encryption software
won't be available for public scrutiny. Amazing.

The author is, of course, completely within their rights to stop publishing
the source code of their software, but this is a real pity.

The way to go would be for members of the FOSS community to fork the last
version of the source code that was published and continue development, but I
don't know who (if anyone) will step up and take responsibility.

This also leads to fragmentation, were now you have two popular forks of the
same thing which may not be compatible with each other. Sigh.

~~~
hizanberg
You make it sound like there's a tonne of FOSS community on-hand just waiting
for the chance to step in and create a popular fork that will lead to
fragmentation, when he's effectively been the sole maintainer since 2012 [1].

It's far more likely there will no future well maintained OSS forks, he'll
continue developing it as a closed-source product, allowing end-users to
install it for free but any company who wants access to his future source code
and improvements can compensate him for it. This is a far better outcome than
it turning it into abandonware where that will stop working in future macOS
versions.

> software won't be available for public scrutiny.

It's a popular cliche to think all OSS projects have healthy development
communities and many eyes pouring over it, but as he's the only person
contributing fixes, the only way the product was going to improve is if he
spends more time working on it which is more likely to happen if he can get
sponsored to continue working on it.

None of your fears are likely to come to pass and the health of the project
would be far worse off if he abandoned it.

[1]
[https://github.com/osxfuse/osxfuse/graphs/contributors](https://github.com/osxfuse/osxfuse/graphs/contributors)

~~~
rahuldottech
1\. I'm sorry if I make it sound like that, definitely not my intention. I
recognize that there's a serious lack of volunteers and contributors in the
FOSS ecosystem.

2\. When it comes to FOSS encryption software, it is important that it's
audited every-so-often. Relying on closed-source frameworks makes that
impossible. All FOSS software may not be scrutinized, but it's a definite
advantage that it _can_ be, when the need arises.

~~~
tonyedgecombe
Has FUSE for macos ever been audited?

~~~
gdfasfklshg4
Not publicly[1] but it could be on given day. Closed source code can't be.

[1] Google presumably audited it when they used a fork.

~~~
tonyedgecombe
So probably not then.

~~~
gdfasfklshg4
The potential for audit is powerful on its own.

Do you remember the shareware days? Installing something you wanted meant
getting a bunch of browser toolbars etc.

The potential for forking is also powerful.

------
rsync
So, so many of the use-cases for osxfuse/macfuse involve people using sshfs to
mount SFTP-capable logins into the Finder.

 _All of this_ could be very simply avoided if Apple just made SFTP a
supported protocol under "Connect to Server".

I've asked/wished/pleaded for this since 2005.

It's one of those Apple deficiencies that makes you wonder _just how do people
at apple get work done_ if they don't have this feature ? It's like the multi-
year failure of OSX to properly or sanely support 2+ monitor setups ... just
what were all those apple employees doing during that time ?

How do they not need these things ?

------
pilif
Nitpick:

 _> Now this may come as a shock to some of you, but Apple really doesn’t seem
to like it when third party developers change just about anything about their
UX _

_> Deploying a kext requires it be signed using a special Kernel Extension
Signing Certificate, which can only be acquired from Apple_

this restriction has nothing to do with them not liking people doing stuff
about their UX and everything to do about the fact that kernel extensions
bypass all security boundaries between users and processes.

Kernel extensions are bloody dangerous and I'm happy with Apple putting
additional scrutiny on them.

~~~
adrianN
Forbidding users from doing dangerous stuff with the machines they own is not
good imho.

~~~
tinus_hn
But is it allowed for users to choose a machine that forbids this?

~~~
adrianN
That's a difficult question because it might limit supply of open machines for
users who want the freedom to hack their own stuff. I think it's okay to offer
computers that are basically Facebook appliances, but there should always be a
toggle somewhere that allows people who know what they're doing to do whatever
they please.

~~~
pilif
Macs do have such a toggle. You can boot from the recovery partition, launch
the terminal and issue the `csrutil disable` command.

This will turn off all the security features that have been added over the
years, including the “Catalina Vista” prompts people were complaining about in
September.

The reason this requires booting from the recovery partition is to make it
impossible for malware to flip the switch and to make it convoluted enough
that even the most gullible of users will question their actions when pushed
to do these steps by malware.

(Apple has stated publicly and in very clear language that they fully intend
for the Mac to continue to be able to run unsigned code, so I believe this
toggle isn’t temporary)

~~~
saagarjha
> This will turn off all the security features that have been added over the
> years, including the “Catalina Vista” prompts people were complaining about
> in September.

I installed it back in June, so my memory might be a bit hazy, but as far as
I’m aware SIP doesn’t control TCC.

~~~
pilif
You are right. That's controlled by gatekeeper which you disable with `spctl
--master-disable`

~~~
saagarjha
You sure turning off Gatekeeper turns off TCC too?

------
angry_octet
We need something like carbon credits for open source. As in, if you
contribute to open source you earn credits. If you make lots of use of open
source but don't contribute back you need to buy open source credits.

How we would value open source is a tricky question. Would AWS owe a gazillion
credits for all the hours of linux and apache they've burnt? Probably doesn't
make sense. Maybe a logarithmic scale. But the real value of open source isn't
dollars but people time (which, if you've had a pile of dollars and tried to
spend it to employ people to do something, you will know is not the same
thing). How many people hours is there in producing something like FUSE, and
how many hours saved by end users? Maybe that determines the utility.

Until we have a value and a _currency_ for open source there won't be an open
source _economy_.

~~~
ohithereyou
To me, this is the root of the difference between Free (libre) software as
defined by the FSF and open source software as popularized by the OSI.

The primary case for open source is business and money - money is more
efficiently spent on supporting open source, and all of the businesses that
spend money on open source get to benefit from contributions from others. In
this model an open source economy is desirable because that's how you prevent
one greater fool from funding all of the open source software that everyone
else uses without paying.

The primary case for Free (libre) software is the social utility/social value
of the software. Their case is primarily moral and ethical first. They're not
against making money on Free (libre) software, but that's not their end goal.
Their end goals are political and focused on end users, not businesses.

I'm not trying to say one is inherently better than the other, just trying to
highlight the differences.

~~~
angry_octet
I agree to some degree, but I don't think an open source economy is
fundamentally opposite Libre/FSF style objectives, in that they are not
opposed to people getting paid for their efforts, but that binary only
distribution and restrictive licencing are bad in a variety of ways.

If we consider a company like Oracle, which seems antithetical to open source
principles on many levels, it would be possible to treat them as an open
source debtor. Transactions between Oracle and open source economy
participants would incur a tax, making their products less competitive with
others, until they started contributing or bought open source offset credits.
This provides the dual benefits of funding open source and penalising non-
sharing. Things that really cost companies nothing, like publishing their
Android patches, become valuable, and keeping them private becomes a cost.

------
thayne
I'm surprised it doesn't say anything about security concerns with depending
on a single individual to develop a kernel module without any ability to audit
the code.

~~~
tonyedgecombe
Does that even happen with these small projects. Having the ability to audit
is pointless if it never happens.

~~~
thayne
Well, I'd be surprised if companies like Dropbox and Google didn't audit it.
And if it is used as much the article says, it would also be a decent target
for security researchers, if for no other reason than they could send a bounty
request to the big companies that rely on it.

~~~
newhouseb
Dropbox doesn't use FUSE -- in large part because I was terrified of adopting
60k LoC in the kernel (from FUSE) that we weren't experts on versus 1k LoC
that we actually needed (and had audited by third parties).

------
kiney
Not relevant but it's funny that the maintainer of osxfuse has the name
Fleischer and is discussing on github with Metzger. Both are german words for
"butcher". (but also common surnames)

------
upofadown
The article makes this out to be more complicated than it is. Apple makes it
very difficult to use 3rd party kernel modules. That is the whole thing.

The open source thing is a complete red herring for everyone except the
current maintainer who just happened to use some code that might be open
source in a different context. The source for the module that could end up in
the Apple kernel was never open to begin with. No one else could actually use
the result of compiling the code. So the source was not ever open in a way
that made any practical difference.

The only moral here is that it is sometimes possible to prevent the use of
open source code in some contexts and that Apple sometimes does. We already
knew that.

~~~
saagarjha
> Apple makes it very difficult to use 3rd party kernel modules. That is the
> whole thing. The open source thing is a complete red herring

I would argue that the Apple part is the red herring. It’s boring; it’s common
knowledge that they don’t particularly like kernel extensions and it’s
somewhat difficult to develop them.

> No one else could actually use the result of compiling the code. So the
> source was not ever open in a way that made any practical difference.

Sorry, how did you end up at this conclusion?

~~~
upofadown
Simply being able to see the source code does not make it "Open". You have to
be able to use it for what it is intended.

~~~
saagarjha
Yeah, you can compile it yourself and load it if the source had been
available…

------
zem
think of it this way - like all the other companies, he's maintained his own
private fork of the open source osxfuse code. his happens to work on catalina,
and he's telling those companies that if their forks do not, he's willing to
sell them access to his code.

~~~
zellyn
I really like this articulation of the situation.

------
mr__y
Is there any copyright/licence specialist here? I've come up with an idea of
having a free open software library that randomly displays offensive[0]
messages full screen that comes with a BSD type licence with a clause that
forbids removing/disabling that message. I assume that many developers or end-
users[1] at home are perfectly fine with a messagebox popping up once a month
with a "f## off" message, while any corporation planning to use that library
will find it not acceptable to have their software display offensive content.
And here comes a dual licensing, where there would be a possibility to buy a
different licence that allows to disable that message. What I'm asking here is
whether this would be possible to do so and enforce in a court or a legal
dispute.

[0] or otherwise inacceptable in corporate environment

[1] I'm assuming that this would also be acceptable for the derivative
projects: end-users might find that acceptable while businesses would not.

edit: wording of last sentence, formatting

~~~
progval
> with a clause that forbids removing/disabling that message

This sounds similar to the "invariant sections" clause of the GNU Free
Documentation License; except you're talking about software instead of
documentation.

> I assume that many developers or end-users[1] at home are perfectly fine
> with a messagebox popping up once a month with a "f## off" message

Some people are really angry about GNU Parallel's citation "nag", though. eg.
[https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=884793](https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=884793)

~~~
mr__y
>Some people are really angry about GNU Parallel's citation "nag

the way I understand this, is that by requiring to interactively enter "will
cite" the ability to run it as part of a larger script is broken. This would
break a cron-job as well. The non-interactive nag in output would not cause
such probles.

The non-interactive message in output of course could create problems on its
own - especially if the nag would or would not display randomly. If someone
intends to parse the output, this would require additional code to discard the
nag. If the nag would sometimes display and sometimes not, this could randomly
break stuff - if there was no nag during tests someone could not notice that
they need to discard it.

But there are non-intrusive ways to insert some offensive message - they could
be put to syslog, or a file with an offensive name/content would be created.
My general idea is not to nag the users per se but do something that does not
cause actual inconvenience for the user but is unacceptable in corporate
environment.

For a GUI app a simple message box appearing once a month would not cause a
major problem or hurt productivity of the end-user but I assume that for
example Apple or Google would not find it acceptable for their software to
display "f-off" even if this was rare.

For non-interactive/non-GUI software other ways to inject that message would
be needed. For instance, a http server could inject additional X-F-Off header
or a daemon could require env variable ICONSUMEFECES set to "daily"

~~~
mechanical_jane
> This would break a cron-job as well.

How so? GNU Parallel _only_ outputs the notice if stderr is a terminal. I
think you did not try this. Am I right about that?

It is litteraly the 3rd point in
[https://git.savannah.gnu.org/cgit/parallel.git/tree/doc/cita...](https://git.savannah.gnu.org/cgit/parallel.git/tree/doc/citation-
notice-faq.txt)

Did you try any of the other situations? Or are you simply speculating that
this _might_ cause problems without actually testing?

------
thosakwe
If you're an open-source maintainer and either don't have a team, have a niche
to small, are receiving zero compensation for the work, or some combination of
those things, at this point in my life I believe it's best to either use a
strong copy left license like the (A/L)GPL (only use LGPL for libraries, never
anything else), or just stay closed source.

The problem with permissive licenses is that they do nothing for the people
actually developing the software, and makes it extremely likely that others
will profit off their back without ever pushing even a line of code upstream.

People will try to guilt you into changing licenses so they can use it in a
commercial product, but seriously - if that person is going to profit off
_your_ code, you should be profiting too.

------
shmerl
_> Isn’t there a better way?_

There is. Ditch Apple and use sane systems without some control obsessive
entities constantly hovering over you and dictating you how to (or not to) use
them.

Developers abandoning Apple should be the taste of their own medicine for
them.

~~~
saagarjha
That’s not the issue.

~~~
shmerl
Well, it pretty much is. Apple cultivates such kind of approaches by design.

~~~
saagarjha
This literally has zero to do with Apple aside from the fact that the project
runs on macOS.

~~~
Athas
The FUSE maintainer (and this article) implies that kernel driver signing
certificates are so difficult to get that forking is not realistic, even
without considering the technical issues.

I don't know if that is true, but if it is, then that is a certainly due to
Apple policies.

It's also interesting to contrast with Linux FUSE, which to my knowledge has
never been associated with any maintainer drama.

~~~
saagarjha
I don’t think getting a signing certificate is all that difficult if you can
demonstrate that you’d use it for something that Apple approves of.

~~~
shmerl
Doesn't matter. Apple is a gatekeeper, and that was exactly my point. They
cultivate such kind of approach, and maintainer becoming a gatekeeper simply
mirrors their own attitude.

------
khc
submitter and author of goofys here. As I see it there are 3 issues:

1\. osxfuse is effectively closed source but the license is not changed

2\. there's no open source fuse on latest version of OS X

3\. most importantly, having only one maintainer for osxfuse is clearly not
sustainable

I don't really use OS X so mostly have an interest in this because some of my
users are on OS X.

~~~
f1refly
It was BSD-licensed the whole time, so it's not like you're entitled to an
"open-source" application at all. Pay the guy, or use free software so this
doesn't happen.

------
wildduck
> I will never ask end users for financial support. FUSE will always be free.
> However, what I'm asking for is for companies, that are selling FUSE-based
> products or rebrand FUSE and bundle it with their apps, to re-invest some of
> the profits in the continued development of FUSE on macOS, if they can
> afford it. I don't think that is unreasonable.

Sounds like he should have released it under GPL type of licensing.

------
IfOnlyYouKnew
I'm not sure if the signing process actually matters in this case? If the
signing step is the limiting factor in maintaining a fork, he could have
switched to the GPL and achieved the same result (commercial redistribution
requiring a paid license) while maintaining the benefit of being open source.

------
captn3m0
I had a project planned for iOS[0] that would have been so much better if it
could use FUSE, but looks like it can't happen now.

If someone wants to try, having a generic link between FUSE and File Providers
in iOS will be a great addition. You could make a generic application that
interoperates various FUSE projects against the File Provider API in iOS, so
you could mount all sort of crazy stuff in iOS Files application.

[0]: [https://github.com/captn3m0/ideas/blob/master/opds-ios-
file-...](https://github.com/captn3m0/ideas/blob/master/opds-ios-file-
provider.md)

~~~
saagarjha
MacFUSE requires deep hooks into the kernel to work correctly. Do you think
the File Provider API is sufficient for this purpose?

~~~
steeleduncan
It's API is not very clear, but it does seem to have roughly equivalent
functionality to FUSE. The only obvious restriction is that there must be a
physical file on disk rather than doing everything in-memory.

~~~
tinus_hn
The restriction is that the FileProvider api is only used by desktop
applications for user files. You can’t for instance run the application itself
from there.

------
jpincheira
If he made a software that is making companies using it millions, and he still
doesn't benefit a dime from his work and explicitly wants to, I think he has
the right to go this way.

------
jitendrac
Well, We should respect contributors. It is upto contributor to release their
code unless he is redistributing app with viral license like GPL.

Here neither big companies nor the sole maintainer is breaching any license
clause.

If anyone want to get the project mainstream, just find and fork the last
open-source code version available, fork it and contribute/maintain/re-license
as needed use case. another options is to, hire/contract the sole maintainer
to develop needed feature of current version.

------
kstenerud
This is a very sucky situation to be in, and I've been on both sides of it.

I wrote KSCrash [1] a decade ago, and it's become the de-facto standard for
crash handling in the Apple ecosystem. I didn't intend for this to happen; I
just wanted crash handling MY way. But it's my baby, and I need to support it
(technically no, but yes I do), even though I get no financial benefit from
it. For a year, I was paid by a private company to supercharge it, but that
funding dried up, and as a result the Android port stalled because I took a
new job to pay the bills, writing Java code.

Musashi [2] is a smaller example. It's an emulator, so it doesn't need nearly
as much attention. All the same, a number of 68k based anthology releases for
popular game systems used it and contributed neither fixes nor funds. I don't
mind so much with this one because, as I said, it's pretty low maintenance.

Today, my latest itch is efficient and human-accessible data communications,
and so I'm spearheading a new bidirectional, general-purpose, platform
agnostic, encryption-capable, transport-agnostic RPC protocol [3], including
all of the supporting technology it requires [4] [5] [6] [7] [8] [9]. If it
takes off, it will save the entire planet a TON of time, energy, and cost, and
I'll probably not see any donations or thanks from those who benefit the most.

Please don't take this as complaining. I'm still going to develop and support
my babies, because I'm not doing this for the money; I'm doing it to better
the state of computing systems (mostly for my own sanity). However, because
I'm forced to find separate employment to support my family, it leaves me with
FAR less time to focus on these technologies. My estimate would be that I'm
running at 1/4 my usual velocity when I require separate employment. For
bigger projects that turns a 1 year project into 4 years.

However, from a company perspective I also understand. Giving donations is
actually a big pain in the ass, especially if it's to a foreign entity. Normal
invoices are FAR easier, but then how do you structure it for free access +
payment options without pissing people off? It's a tricky situation...

[1]
[https://github.com/kstenerud/KSCrash](https://github.com/kstenerud/KSCrash)

[2]
[https://github.com/kstenerud/Musashi](https://github.com/kstenerud/Musashi)

[3]
[https://github.com/kstenerud/streamux](https://github.com/kstenerud/streamux)

[4] [https://github.com/kstenerud/concise-
encoding](https://github.com/kstenerud/concise-encoding)

[5] [https://github.com/kstenerud/compact-
float](https://github.com/kstenerud/compact-float)

[6] [https://github.com/kstenerud/compact-
time](https://github.com/kstenerud/compact-time)

[7] [https://github.com/kstenerud/varpad](https://github.com/kstenerud/varpad)

[8] [https://github.com/kstenerud/variable-bit-
padding](https://github.com/kstenerud/variable-bit-padding)

[9] [https://github.com/kstenerud/vlq](https://github.com/kstenerud/vlq)

~~~
earonesty
Dual licensing is your friend. Look at QT for an example of a company that has
managed to generate decent revenue while maintaining a popular open source
project.

------
retroplasma
By the way if you are searching for some cross-platform FUSE-like alternative
for a project I encourage you to try WebDAV if something else is your
bottleneck.

It saved me some headaches from bundling an installer for macFUSE or Dokan's
blue screens in the past. There are server implementations and also FUSE
wrappers on GitHub. It's not perfect but worth a try. And it's supported
directly by many OS.

------
_pmf_
Good, but in this case, the osxfuse maintainer expects to be paid by Apply
because they derived from his work ... what about original FUSE, of which
osxfuse is spiritually derived? When is it ethically OK to profit from your
derived work?

------
angry_octet
See also: [https://tidelift.com/](https://tidelift.com/)

You pay them to support an open source product. Only a small number of things
covered at present, but maybe better than doing it yourself.

------
romaaeterna
Can someone explain to me why there are PRs that seem to be opened and merged
by other people, but all of the commits show up as bfleischer? I don't quite
understand the git history of this project.

------
rossmohax
Reading the article I cant understand, how is it possible for other companies
distribute patched version of FUSE module, if they don't have certificate to
sign it?

~~~
hjmallon
You can always build and sign something with your own cert (if you have a kext
cert in this case)

------
lostgame
FUSE is a fantastic project that I’ve used since it’s inception.

I did notice commercial projects using the source, and if there’s only one
dev, I agree he does deserve compensation.

------
robgibbons
Someone should fork it and apply to Apple as a new kext.

~~~
yborg
You'd be forking 2 year old code, he hasn't updated the repo in the last 2
years, knowing that the next OS release would leave commercial users at his
mercy. Apple also doesn't just hand out kernel extension signing certificates
to everyone that signs up for a developer account, you'd have to be someone
with some reputation.

It was a well-executed fake punt, he'll get people to pay; Catalina is out now
and if you want to pick it up from the fork it would take a long time to get
it right. That said, I would imagine organizations like Google will make the
effort after paying the toll this time because the price will only go up.

~~~
koolba
I’m impressed with the business savvy applied here. Well played!

~~~
tinus_hn
It all sounds clever but obviously Catalina was not released yesterday, it was
released some time ago and if a companies software required changes for
Catalina they should have noticed many months ago while testing on the beta
releases.

------
therealmarv
Any price tag known for commercial developers? Was interested in doing
something with FUSE on Mac.

------
Danieru
Let's all wait for BSD license apologists to insist true freedom is the
freedom to blackmail your users.

Props to the OS Xfuse maintainer, he does deserve a fat payout so begrudging
him. Still, it paints the clear picture of how BSD is an inferior license when
it comes to freedom for users.

Maybe this comment is too slashdot 2006 era, but still, licenses matter.

~~~
rahuldottech
Correct me if I'm misinformed, but I don't see your point? The original author
of code is always free to stop publishing their software as FOSS, regardless
of which license they use, as long as they don't try and stop the re-
distribution and forking of existing FOSS releases?

~~~
Danieru
In this case the original author was an employee of Google and is not the
current maintainer.

Google then released their implementation under the BSD. It was forked and
worked on, and eventually it now comes to the maintainer. Had GPL been used at
any point the current maintainer would not own full copyright and thus not
have legal grounds to distribute binaries without source.

Original authors can only unilaterally change licenses if they were the sole
authors, or with agreement of all other authors. Or with copyright assignment
contracts as you see in GNU projects.

My comment is also not about the maintainer. My comment is about how BSD as a
license is often framed as an equivalent choice to GPL or other copyleft
licenses.

Years ago this was a topic hackers cared a lot about. Not so much anymore I
imagine, but there was indeed a time when hackers cared if their software was
open source/copyleft or BSD. Most of the online chatter was hypothetical,
today it is practical.

~~~
mtrower
> My comment is also not about the maintainer. My comment is about how BSD as
> a license is often framed as an equivalent choice to GPL or other copyleft
> licenses.

Are they really? But they're clearly not the same. Both are "open" licenses,
but one is permissive, and the other is strong copyleft. The intentions behind
them are quite different, and I don't see how anyone could read them and not
understand this.

Still, I don't appreciate the aspersions I see being cast in this thread
towards application of the BSD license. When I release OSS, I prefer to do so
under MIT license - because I just want to put it out there for people to use,
should it prove useful to them. I don't expect anything in return for it, nor
do I wish to place restrictions on its use. Why should I be crucified for
selecting a license that accurately reflects my intentions?

------
rgrs
Go Benny!

------
mikorym
This explains why there are banners in macOS that say "x is supported by
Catalina!" where x is one of the companies using osxfuse.

------
whydoyoucare
His project, his rules. Period.

------
ossworkerrights
Finally. People need to understand that expecting someone to put their OWN
free time into making something open source, and the ripping off the monetary
gain AND expecting them to continue maintaining and adding features for free
is pure entitlement.

------
syshum
>>So What now?

Easy Switch to Linux and enjoy freedom

------
newnewpdro
This is why permissive licenses are bad news for users.

~~~
kome
Amen. People have a very hard time to understand this: we don't need
concessions, we don't need benevolence: we need rights.

------
quotemstr
When a FOSS project closes itself off this way, the proper response is to
treat it as abandoned and continue development from the last-good version with
source available. In particular, MacPorts should _not_ be distributing the
binary-only versions. Total disengagement.

~~~
f1refly
It's not FOSS, it's just OSS. If it where free software, this whole drama
wouldn't have happened.

~~~
quotemstr
Permissively-licensed software is still free software.

------
ixtli
I read more than two thirds of this blog post before realizing the author
doesn’t seem to agree with this guy he quoted:

> Then drop it and let someone else maintain it.

To be clear, if maintenance of a popular open source project is too much for
you then stop. Taking your marbles and going home is childish, if the authors
third party analysis of the motives behind Fleischer‘s behavior is to be
believed. The post says on one hand that he never financially benefited but
then on the other hand that he’s justified in obscuring the source because
maintenance is onerous.

~~~
dmitriid
It's not childish. That's the main problem with open source as a whole: devs
expect somebody else to maintain projects indefinitely long, for free. _This_
is what's unsustainable.

See "Software below poverty line": [https://staltz.com/software-below-the-
poverty-line.html](https://staltz.com/software-below-the-poverty-line.html)

~~~
oefrha
As discussed in
[https://news.ycombinator.com/item?id=20174418](https://news.ycombinator.com/item?id=20174418),
with comments from devs represented in that "Software below poverty line"
article, the interpretation from the article is seriously flawed.

~~~
dmitriid
I've skimmed through comments and I can't agree with your conclusion.

Most comments are:

\- it's true

\- exploitation is a wrong term

\- you don't take into account devs who are already employees and work on OSS

