
Handshake Donates $300k to Debian - edward
https://www.debian.org/News/2019/20190329
======
abhinai
I think we all owe a lot to Debian. I know there are a lot of high quality
distros out there but most silicon valley companies I know use either Debian
or Ubuntu which is ultimately based on Debian. It is just that one never
consciously thinks about Debian and Ubuntu as non-profit services they've been
using unlike for example Wikipedia. We should change that!

~~~
Operyl
Eh .. while Debian is non profit Canonical most definitely is not. While they
reinvest a ton of their profits back into Ubuntu, as far as I know they’re
still in it to make money.

~~~
tormeh
Kind of. I think Canonical is losing money on purpose, because Shuttleworth
really likes the desktop Linux dream.

~~~
Operyl
They ended up turning a profit year after they dropped Unity and the team
involved, I believe. But otherwise, Shuttleworth definitely does reinvest most
of the profits.

------
airnomad
How we ended up here? Many of us make $100K+ per year yet important projects
we use every day get little to no funding. It's Debian! And I'm as guilty as
the next guy for not donating.

~~~
toxicFork
There is one easy way to get rid of that guilt now. Have you donated yet?

~~~
maimeowmeow
He'd gonna hard pressed to find anything left over from a 100k salary lol.

Sure you could give a few dollars here, and there but when the shit hits the
fan, hes gonna wish he had those dollars over of eating the family pet, or
leather accessories.

------
stdcli
[https://handshake.org/files/handshake.txt](https://handshake.org/files/handshake.txt)
<\-- is good to read. Blockstack is in there.

Handshake's security audit was also done by Zcash. If you look in the project
info, they list all the info there.

------
metaphor
Supposing there was such a thing, what would a Debian developer's hypothetical
"billing rate" be?

US$300k seems like it'll fund roughly 1 proper man-year while covering
indirect costs and effectively zero profit margin.

~~~
maheart
Freexian[1] is a software development company that hires developers[2] to work
on Debian LTS[3]. The rates appear to be roughly $100/hr[4], which is about
$200k/yr.

[1] [https://www.freexian.com/](https://www.freexian.com/)

[2] [https://wiki.debian.org/LTS/Funding](https://wiki.debian.org/LTS/Funding)

[3] [https://wiki.debian.org/LTS/](https://wiki.debian.org/LTS/)

[4] [https://www.freexian.com/services/debian-
lts.html](https://www.freexian.com/services/debian-lts.html)

~~~
tyingq
Nitpick, but calling it out as clients sometimes do the same thing as they see
the math repeated.

The back of the napkin $100 x 40 x 50 == $200k w2 salary is misleading. Aside
from self employment tax, needed liability insurance, no health insurance
subsidy, no 401k match, etc...depending on location, you can also be subject
to franchise taxes, etc. And most people making $200k as a salary don't work
50 weeks a year.

The health insurance subsidies alone, at a good company, are often worth
$12k+/year, for example.

------
AdamGibbins
There is a section on Handshakes site concerning this:
[https://handshake.org/faq#grants](https://handshake.org/faq#grants)

------
whotheffknows
Blockstack was also awarded equity. docs.blockstack.com

------
runn1ng
I am sad that the biggest donation to Debian is... a DNS-but-on-blockchain, in
Javascript. (And with their own coin, of course.)

~~~
ajvs
You're leaving out the fact that this eliminates the security mess that is the
current DNS system which is so easily compromised by hacker groups and state
actors.

Blockchain is the perfect protocol for DNS since it's totally transparent and
establishes consensus without blind trust.

~~~
lapinot
There is in fact blind trust in blockchains. It's blind trust in stone-written
legislature that has the aim of being universal. You can't change what trust
means, it's a highly complex concept which already has a meaning for
individuals and groups, prior to any techno-financial
objective/essential/analytic metric you map to it. BGP has understood that,
SCP too. ssl/tls PKI also works that way although big corps effectively
control the policy using large CAs and browser bundles. On the "dns" side,
there is the gnunet name system which goes that way too [1].

Names and identities are always relative to a (tree of) policy and
decentralization of control means that ultimately the root is you. Blockchains
(quite well-defined by handshake actually, as crypto-financially incentivized
strong consensus) take the incompatible route of making statements public and
permanent (instead of gated and amendable) and conflating abstract protocol
with concrete network (eg imposing a distinguished core policy). Blockchains
may be participatory but they are totalitarian and authoritarian, they deny
the possibility of local independence. It's "either you are us or you don't
exist". It's authoritarian in the same way android permissions are (or were, i
don't recall the specifics): either you accept all we ask or you don't
install. There is no room for negotiation since the whole thing works as a
monolithic black box and treats you as an outsider/client/consumer.

I believe a core property for a decentralized naming protocol should be to
stop trying to construct trust anchors and concrete network. Fluctuations and
definitions of these trust anchors cannot be governed by tech, they will come
out of meetings, social circles, interests, beliefs. As such the system should
encourage that out-of-band behavior and make it easy to have the system
controlled by the real-life status of these anchors and the scope of the
networks.

[1] A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name
System. Matthias Wachs, Martin Schanzenbach, Christian Grothoff.

~~~
SkyMarshal
You can just link the site you know...
[https://gnunet.org/](https://gnunet.org/)

