1. We -- as in, geeks -- won the DRM battle for MP3 stores. We have, however, so thoroughly lost the DRM war people barely care it's there. All your streaming services -- Netflix, Amazon Prime, etc -- are using DRM and no one even fights this any more.
2. We won the battle for Linux -- and have thoroughly lost the free software war. No matter how you count, it is, by far, by very far, the most used operating system. A year ago there were three billion active Android devices, all of them using the Linux kernel -- and the overwhelming majority of them only allows sanctioned apps to be installed. There is no freedom any more. And despite the phones have capable CPUs, practically no one uses it to develop software, the entire development ecosystem is completely absent from Android. By any means you should be able to attach keyboard, mouse and monitor and develop and deploy your own phone apps but who does that?
2a. In the web server space, once again, it's Linux all the way. Although w3tech only says "unix alike" for the 80% it reports it's not unreasonable to think the overwhelming majority of that is Linux. But, guess what? increasingly all of that is in a cloud data center where your control is ... limited.
3. We won the battle for browsers -- everything now runs on top of an open source rendering engine. But, do I need to mention how much we lost the war here? Because neither Safari nor Chrome are open source and what else has any market share whatsoever? And in a familiar manner, they restrict of what you can install on them.
I'm untroubled by DRM on all-you-can-eat streaming services because I'm explicitly making a very different deal.
It's transparently gross if music SOLD to me that I'm supposed to be able to listen to in perpetuity is DRM'd so I can't shift platforms or devices or whatever. That's shitty, and I'm glad we're done with that.
However, the deal with a streaming service is that for the price we used to pay to "own" a single CD or album, we get access to an enormous body of music we can listen to at will. That, to me, is a service that I'm paying for. I'm not troubled by the music being locked in, because what I'm paying for is access to that library.
It's definitely a shift in how music works, and it's not without its downsides (especially as I understand it for artists), but in a world where most people don't have access to great record stores I think it's overall better.
We never "won" with video purchases at all, which was predictable (we only got free-access formats on music because it happened outside the industry), but also less of a problem for me personally. I might "buy" something from Apple or whatever, but I understand it as a long-term rental. If I really want to own a film, I buy the BluRay.
As for Linux, man, that's an unalloyed victory. Does anyone even SELL commercial Unix anymore? When I was younger there was still AIX and HP/UX and obviously Solaris, but I never heard of any of those anymore.
And before anyone says yes well but it runs a proprietary application layer so it doesn't count, it also runs all the open ones too just fine. The fact it's barely used for that despite a massive user base (by Unix standards) is hardly Apple's problem, or fault even. It just goes to show how deeply and thoroughly the open source software community has failed in getting the vast majority of ordinary people to care about open source desktop software. Even when all the barriers to access are completely eliminated.
Rarely have there been such obvious and one-sided manipulation of public source repos on strictly licensed code, as have been published by Apple Inc. It appears that they go out of their way to insult and dismiss any "power" over the code itself, like a steering committee especially, but as simple as an open repo maintainer.
There is simply no profit in making current, working source code available in the same way as a published book at a public library is.. and so there is infinite Chutzpah at Apple Inc to say, not our affair. There is no way that current active source code works the way it is supposed to, if you cannot find it, build it, change it and thereby learn it and apply it.
Apple has a certified UNIX, macOS. macOS 12 and many earlier versions certified by TOG as a UNIX product along with AIX, HP-UX, and SCO OpenServer.
Also, Apple's kernel (XNU) is somewhat open-source. Apple isn't really interested in contributions, but you can build it yourself and install it, and macOS will boot and run from it (the main exception being iOS apps on Apple Silicon, maybe Apple Pay, and FileVault gets disabled to make the modification and inability to fully secure your system obvious, those parts are closed source kernel extensions, but they aren't dealbreakers).
I'm not "apologisting" anything, it's just a statement of fact. I make no claims about any ethical dimension to Apple's activities, if you dislike their practices I won't argue with you. The question was about commercial Unix, and MacOS is commercial Unix just as much as Solaris, AIX, etc.
FreeBSD is literally based directly off of AT&T Unix versions 5, 6, and 7 (in varying capacities).
AT&T Unix -> BSD -> FreeBSD -> NeXTSTEP -> macOS. (This is overly simplified, as everything is a mess and macOS contains code from both FreeBSD and original BSD which FreeBSD was based on, among other places.)
macOS is ironically a more authentic Unix than Linux is, Linux having been a clone while macOS being a great grandchild.
Not to be that guy, but isn't BSD and it's derivatives still Unix derived so parent's comment still holds? (Though to the parent comment I'd argue that OSX isn't really a sold OS either because I can't buy just it)
Bought some music from Amazon recently. 2 downloads at my workplace failed because I forgot to deactivate the firewall. 3rd download worked. Couldn't download it at home anymore because you can only download it 3 times. That day some music was pirated somewhere. I don't like spotify at all and I think the situation for music is still bad.
I don't think the film industry gets as much from me as before with physical copies. But I don't accept discs anymore. Give me a digital download or go away. I use some streaming services but just consume far less now.
I am not much troubled by DRM, but the industry mostly regresses to past behavior.
Yea i used to purchase music from Amazon before the locked the digital downloads behind there streaming service. Now I strictly use Bandcamp because, al though it is a streaming service, you can download music in the format of your choice without installing software. If I want to play some mainstream music, I'll do a one off play from youtube. If I need to pull something off of youtube to play later I use yt-dlp.
The latter to be more precise. Perhaps Spotify is the least bad option, but the convenience of audio file formats is just that much larger and it is a minimal requirement for me. I will never use an app specifically to access music, no matter how many songs I can play "offline", I am not interested at that point.
I held off on the subscription services for a long time, but I eventually pulled the trigger for two reasons.
First, OTA access to everything was simpler and easier than cable sync from my (enormous) library. This may or may not be a unique feature of Apple Music, but I'm in the world so it works for me. By signing up to AM, I can get everything on my phone on demand, including weird or esoteric things that aren't actually available on Apple Music because AM will read my actual library and upload anything it doesn't have to facilitate easy access. (Now, YOU can't get access to the weird stuff I have, but that's fine.)
The second reason, which I admit is actually the first forcing function, is that while I understood perfectly well how to go to the music server and plug in my phone and sync music, it was just a Bridge Too Far for my nontechnical wife. She wanted it simpler, and so rather than complain was just not listening to music on her phone. :(
So I signed up for AM, and holy crap it's been pretty much an unalloyed boon. I still buy stuff (mostly local, since I live in a place with a record store), but I sample FAR more widely than I did before because the incremental cost to trying something because I read an article about this-or-that artist is zero. That aspect is pretty great.
And the way I have AM configured, everything I listen to gets downloaded, so if I'm in a place with no coverage (or an airplane) I still have everything I want.
> All your streaming services -- Netflix, Amazon Prime, etc -- are using DRM and no one even fights this any more.
Well, yeah. Streaming services wouldn't exist without DRM. The existence of infinite accessible libraries of content for flat-fee monthly-subscription prices, is built upon IP licenses which were granted conditional to the consumer's inability to leverage that access into piracy. If we deleted DRM, streaming services would cease to exist overnight — all their license grants being revoked, leaving them with nothing to serve — and we'd go back to just relying upon the iTunes Music Store / Netflix DVD rental model. (Which, to be clear, has still also existed alongside streaming this whole time.)
> But, guess what? increasingly all of that is in a cloud data center where your control is ... limited.
But with almost every stack deployed to those data centers just using one or another portable open standard (Terraform, Docker, Kubernetes, etc.) for deployment, commodifying the IaaS provider, such that the moment the IaaS provider attempts to assert any constraints developers aren't uncomfortable with, the developer can just move away in an instant.
(IaaS providers try their best to offer technologies with actual lock-in, but either no significant fraction of users takes them up on them; or a new open-standard abstraction layer is created that re-commodifies the offering by making it something portable to other IaaS providers + open implementations. The "S3-compatible" object-storage API is one good example of such re-commodification.)
If we deleted DRM, streaming services would cease to exist overnight — all their license grants being revoked, leaving them with nothing to serve — and we'd go back to just relying upon the iTunes Music Store / Netflix DVD rental model.
Why is that? You can download everything for free. I don't think people use Netflix to access otherwise inaccessible content but rather because it's more convenient than searching for the right torrent link.
Exactly. Everything is already available and there are really simple ways to find, download, watch and even stream everything but they all have hurdles; how to know the quality you download, download speed (not everyone has fiber or Starlink etc), riddled with fakes, malware etc. Then streaming services that are illegal: again; finding good quality, porn ads popping up during watching, crypto miners in your browser, application installation attempts etc.
It is just far easier to just watch Netflix etc; if it had no drm, the vast majority would not change anything I would think, especially because the GP already said: no-one cares about drm. If they don’t care it doesn’t matter either way for most people (not the handful of Hn readers). It is like privacy; the vast majority of people don’t care; just the few that worry about dystopia.
'Illegal' streaming services are legal for private use where I live. In German there is a huge market with many sites featuring basically any movie in different quality settings. I have an adblock, no idea which kind of evil ads they usually use. With Kodi I also have all of that on my TV available just as easy as Netflix.
However many if not most people still use Netflix even thought they have no real reason to.
Just as a heads up: to my knowledge that's not correct in Germany. It's only highly unlikely to get "abgemahnt" in addition to the difficulty of obtaining IP addresses of users in comparison to alternatives such as Torrents. But not getting caught != legal.
Streaming from a „offensichtlich rechtswidrige Vorlage“ (§ 53 UrhG.) is not legal. That has been clarified by a decision from the EuGH in 2017.
I'm not a lawyer though and this isn't legal advice. Let me know if there have been verdicts and legal proceedings stating the contrary.
Most Kodi plugins for the German market are based on direct downloads. I too wouldn't recommend this to user from a more strict country, however it's completely legal to download for private reasons here in Switzerland
I haven't either, but it's absolutely true that streaming has taken a massive bite out of my downloading stuff.
Ultimately, it should be easy. If using Netflix and Disney+ is easier than using the Pirate Bay, then I gladly pay for Netflix and Disney+. If it becomes harder, more frustrating, fragmented, ad-riddled, or I need additional subscriptions to access the stuff I want, at some point the Pirate Bay becomes more convenient again.
IP rights-holders are hyper-pessimistic paranoid control freaks.
See also: the 30-year-long campaign by the RIAA to stop any kind of non-DRMed digital high-fidelity consumer recordable media from being marketed. They finally lost it with the advent of the CD-R, but it's the reason that MiniDisc had DRM, Digital Compact Cassette was never "a thing", etc.
Why is that? You can download everything for free. I don't think people use Netflix to access otherwise inaccessible content but rather because it's more convenient than searching for the right torrent link.
Convenient, but also relatively affordable to do things the legal way. Back in the day when torrenting was popular, even among the general population, most new albums would cost 15-20 Euro, getting a movie season was 30-40 Euro. Now you can get as much music is you need for 10 Euro per month. The situation with video streaming is a bit more complex, because the market is fragmented, but regardless you can pick your service and watch quite a lot of material for 10 Euro per month.
If you have to spend 50 Euro per month to get fresh music, torrenting looks far more attractive than when it's 10 Euro per month.
If everyone downloaded, the outcome would be the same. No content would be produced if nobody was compensated for it. Some of us want to support the production studies creating the things we value. Some of us understand that we live in a society.
Production studios could stop making a deal with "the devil", and instead ask directly for funding for a good project. Many great content creators are working on crowdfunding basis already. If people want to support good projects, they can do that. If not enough people support it, I guess that means, that not enough people were interested in that particular project. People could also have subscriptions to support creators regularly. I myself do that for several projects.
I would like to see a cultural shift away from the idea, that one must go through some middleman to make and publish anything, towards the idea, that if you have a great project and you put yourself out there and people believe in your idea, they will support you and all of society reaps the benefits. We would become more a society of choice and self-informing, than a society of maximized consumption.
At the same time, I think in many areas there is still a long way to go, to achieve that cultural shift.
These middleman, as all, come from a practical need, not cultural one. The people creating the content usually have no interest or skill in making marketing material, setting up meetings with venues, handle IP infringement/lawsuits, and all the other mind numbing boring stuff that these publishing studies handle that takes time away from their actual skill. I think the obvious outcome is that this middleman is automated, and split, but again, that's not a cultural shift, that's a practical one.
> No content would be produced if nobody was compensated for it.
This is not true. Many if not most artists create art because they enjoy it.
What is true is that middle men like publishers and record labels wouldn’t exist if nobody paid for content. Coincidentally, they are also the ones who push the lie that nobody would make content if they weren’t paid.
>Many if not most artists create art because they enjoy it.
Why is it so common to assume that no artist who is compensated for their work creates art because they enjoy it? You're presenting a false dichotomy.
Quality content takes time, effort and money, even when you love what you're doing. Every creative industry is littered with the corpses of the careers of brilliant, passionate artists who couldn't afford to live on goodwill alone. Compensation is what allows artists the freedom and capability to do what they love.
You are shifting the goalpoasts. The assertion was that "No content would be produced if nobody was compensated for it." which is undeniably false since there has always been content produced without compensation.
I don't think many people will deny that compensation encourages more creation. That is in fact the basis for copyright (at least in the US) - to romote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries. But that does not mean that the current copyright scheme is the best way of achieving more creation. In many ways it stifles creation as much as it encourages it.
Yes, we need to make it so that those who create can afford to live. But why do we need to so heavily restrict everyone elses rights to share and then throw public funds into enforcement of that insanity in order to achieve that? Really, we should make it so that everyone can affort to live instead and encourage creation via public and community funding or private patronage directly instead of doing this copyright dance where middlemen profit off our shared culture.
Fundraising and publishing are specialised skills that artists don't necessarily have. Also, lots of people, including many artists, like the stability of a steady pay check and employment rights, which means companies or co-ops.
The sci-fi author Charlie Stross has a series of blog posts on their site about all the work that goes into publishing a book and how much of it is done by employees of the publisher (and how that is not work that Stross can do / would like to do).
So? You don't think crowdfunding campaigns can be managed by third parties? You think how the artists gets the funds is intrinsically tied to what parts of the work they can or cannot outsource?
> Also, lots of people, including many artists, like the stability of a steady pay check
I'm sure many plumbers would like recurring royalties from their work too. That doesn't mean that that is a good way for society to function. Any discussion of copyright that just looks at the needs of the creators without considering the effects on everyone else is fundamentally flawed.
"Why is that? You can download everything for free. I don't think people use Netflix to access otherwise inaccessible content but rather because it's more convenient than searching for the right torrent link."
Some people aren't comfortable doing illegal, potentially immoral, things like torrents of copyrighted works.
You're talking about things that people think should be illegal. Nobody will punish you for visiting a library or rewinding a tape. What we are talking about are things that are actually illegal. You can be prosecuted or sued for copyright infringement by downloading torrents or illegally streaming.
The moral/ethical side is more murky depending on how you want to look at things. For example, for me personally there is a big difference between things like libraries (a copy was purchased and allows one showing at a time), a rewind lock (interference with how you use something you purchased), and duplication (streaming included). The previous ones required someone to purchase. Does it cut into sales? Sure. But someone still paid money for a true copy and they copy is a single instance. With duplication the scale is different. It can affect sales drastically and hurt the workers (not just the stars and greedy companies). Some people may feel the latter is unethical/immoral. I tend to buy used stuff. I also just don't buy stuff if I think it's too expensive. I haven run into any issues with Netflix either.
You are right, it's murky, but I'd argue it's only murky because of powerful IP owners making it that way.
There was a presentation by Lawerence Lessig everyone should watch from years ago. There was a time when by default _everything_ was public domain, unless explicitly copyrighted.
This has flip-flopped to now where almost nothing is public domain. How did this happen? Money bought enforcement of made up rules and then laws were bought (lobbied?) to take everything out of the public domain.
A simple legal test. Can you make a backup copy of your own data? Yes. Of your own movies? (still just data) Yes. But people still seem to think, maybe it's illegal when it is not.
Can you give your backup copies of _your_ data to your friend? Yes. Even if it includes your movies? Yes.
Why? Because under copyright laws it doesn't cause harm, it's not fraud, etc... I've been to court over copyright infringement, it's a civil issue in almost _every_ single case normal people would be involved in.
Here's what it takes to be "criminal" where you are in trouble with the _law_. (Civil is a contract violation between people, _not_ with the government)
* Done so for private or commercial financial gain;
* Over 180 days, reproduced or distributed 1 or more copyrighted works with a total retail value of over $1,000; or
* Released over a publicly accessible computer network material that was intended for commercial distribution
Now, do you even know a _single_ person that has committed a _crime_ of copyright infringement? I would argue very, very likely no.
Therefore, you making copies of your movies and giving them to friends (even over the internet) for _fun_ or whatever, constitutes civil copyright infringement, _not_ criminal.
If you cross the street without using the crosswalk you are breaking a criminal law. If you drink booze under 21, criminal. If you smoke weed, criminal.
If you copy a movie and even share it on the internet, NOT criminal, it's civil offense.
This doesn't even get into the issues with consciences objections to insane laws.
Last argument: If your core argument is loss of money if copyright was put back to 14 years instead of the bonkers length it is now, I argue patent law proves otherwise. And the rampant file sharing has not hurt any jobs I've heard of so far. (artificial scarcity/supply/demand)
"There was a time when by default _everything_ was public domain, unless explicitly copyrighted."
That wouldn't really change rhis issue because the producers would still copyright.
"Now, do you even know a _single_ person that has committed a _crime_ of copyright infringement?"
Given this:
"Released over a publically accessible computer network material that was intended for commercial distribution"
Yes, a fair amount. The reason they focus on the civil side is that the company can recover damages that way. They likely could go after many individuals criminally if people are distributing over publiclly accessible torrents or download a lot of new movies (not released on DVD digital) in 180 days. Either civilly or criminally, it can be a terrible time, and many people don't want to risk that.
"If you copy a movie and even share it on the internet, NOT criminal, it's civil offense."
As long as the movie is not theaters-only.
"If you cross the street without using the crosswalk you are breaking a criminal law."
Not quite. Jaywalking also requires that you impede the travel of a vehicle.
"If your core argument is loss of money if copyright was put back to 14 years instead of the bonkers length it is now"
I'd be fine with shorter lengths. I believe Disney was one that lobbied for the longer length. That doesn't really address people circumventing copyright during that 14 years.
> That doesn't really address people circumventing copyright during that 14 years.
This is really the crux. How many lawsuits have there been where someone used a patent for personal use, shared their use on the internet and was sued for millions of dollars and lost in court? (even 1?)
I feel it's an absurdity that I can spend _millions_ making a widget and after 15 (or 14?) years anyone can use my design for free, and somehow people support this limitation for patents but not for copyrights. (and we still have a vibrant economy based on patents)
> Disney originally wanted VHS tapes to lock so you had to pay them to rewind them.
Huh. Now that's an interesting claim I have never heard before. Google doesn't seem to turn up anything on it. Do you have any supporting info? If there's really anything to the claim, I'd love to read more.
Huh, it used to be easy to find via Google. It's amazing how much search has changed over the years. If I had more time, I'd dig into the source and post it here. I guess I can't back this up right now.
Oh, yeah. Those are pretty bad. Basically you bought content and then they removed it. DRM in general shouldn't be immoral, but it can be if it's abused like that.
I think the point is a rejection that software should presume to have that power, and also that prevention of duplicates is against the four freedoms (eg, yeah, bad software licensing causes issues because it opens the slippery slope door to control of a users device against thier wishes).
France. Fine can go up to 1500 euros, depending on infraction.
Edit: you don't get fined on the first download, you have to repeat the infraction. First download only gets a warning.
Edit again: Here's the warning you receive first:
Madame, Monsieur,
Vous avez souscrit un abonnement à internet auprès du fournisseur d’accès à internet <insert provider here>.
Votre connexion internet a été utilisée pour télécharger et/ou mettre à disposition une ou plusieurs oeuvres protégées par le droit d'auteur :
* Date et heure des faits : <insert datetime of infraction here> (Horaire GMT : l’heure de Paris correspond à l’heure GMT +1h en hiver et +2h en été)
* Adresse IP: adresse IP <insert IP here>)
* Logiciel(s)/protocole(s) : <insert torrent software used here>.
Conséquences :
Le téléchargement illégal, appelé couramment « piratage », prive les créateurs de leur rétribution et représente un danger pour l’économie du secteur culturel. Il vous expose en outre, vous et votre entourage, a des contenus inappropriés (pornographie, violence...) et/ou malveillants (virus, spams…).
En l'absence d'autorisation des détenteurs des droits sur ces œuvres, les faits constatés peuvent constituer une infraction pénale et entraîner des poursuites devant le tribunal de police pour contravention de négligence caractérisée (punie d'une peine maximale de 1500 euros d'amende ou 7500 euros pour les personnes morales).
L'utilisation qui est faite d'un accès à internet engageant la responsabilité personnelle du titulaire de l'abonnement, c'est donc vous qui êtes exposé(e) aux sanctions prévues par la loi.
Le présent courriel constitue un premier avertissement.
Si votre accès à internet est à nouveau utilisé pour des téléchargements illégaux ou des mises en partage d'œuvres protégées, l'Hadopi sera amenée à réexaminer votre dossier en vue de son éventuelle transmission à l'autorité judiciaire.
Actions à mener :
Je vous engage donc à prendre, sans délai, toute mesure utile pour éviter une nouvelle infraction.
Vous pouvez consulter le site internet de l’Hadopi qui vous propose des fiches pratiques et des vidéos pédagogiques qui vous permettront notamment de :
* L’Hadopi référence les offres légales labellisées par l’institution et celles apparaissant comme respectueuses des droits de propriété intellectuelle : https://hadopi.fr/outils-usages/rechercher-un-site-ou-un-ser...
* L’Hadopi vous donne également des indices pour identifier les sites illégaux.
* Si l'œuvre que vous cherchez n’est pas disponible sur l’un des sites référencés par l’Hadopi, vous pouvez le signaler sur la page dédiée du site de l’Hadopi.
L’ensemble de ces actions est disponible sur https://hadopi.fr/outils-usages.
Vous avez également la possibilité de formuler des observations et d'obtenir des renseignements, en contactant l’Hadopi :
* Par voie électronique, en utilisant le formulaire suivant :https://cpdform.hadopi.fr/ notamment si vous souhaitez obtenir des précisions sur le titre des œuvres qui ont été téléchargées ou mises à disposition depuis votre connexion à internet ;
* Par voie postale: Hadopi - Commission de protection des droits, 4 rue du Texel, 75014 Paris ;
* Par téléphone au 09.69.32.90.90 (Appel non surtaxé de 9h à 12h30 et de 13h30 à 17h).
Retrouvez toutes les informations utiles sur www.hadopi.fr/outils-usages/reagir-a-la-reception-dune-recommandation.
For anyone else wondering what a "personne morale" is:
En droit français, une personne morale est un groupement doté de la personnalité juridique. Généralement une personne morale se compose d'un groupe de personnes physiques réunies pour accomplir quelque chose en commun. Ce groupe peut aussi réunir des personnes physiques et des personnes morales. Il peut aussi n'être constitué que d'un seul élément.
La personnalité juridique donne à la personne morale des droits et des devoirs. Le droit français distingue :
les personnes morales de droit public : l'État, les collectivités territoriales, les établissements publics... ;
les personnes morales de droit privé : les plus courantes étant les sociétés privées, les sociétés civiles, les groupements d'intérêt économique, les associations. Certaines personnes morales de droit privé sont chargées de la gestion d'un service public.
In plain English, that would be a "legal person", where "legal person" can also refer to a group of private individuals that act (commit crimes) as a group, but otherwise do not have/operate a business entity?
There are public and private "personnes morales"... they appear to include the State, local authorities, public establishments, private companies, economic interest groups, associations and "civil companies", not really sure if that is a correct translation...
Hadopi had been abandoned, for all intents and purposes, and there is no longer any enforcement of it. And there was hardly any enforcement to begin with.
It's not just convenience. Some of us would rather stream content legally because it's a straightforward way to make sure the creators of what we watch or listen to get some compensation. I'm getting something I want from them, and their expectation is to get paid; I'd be doing wrong if they didn't get something in return.
I don't think that's what was under discussion, at least as far as I could see. Yes, I agree that it's silly to go on paying forever to see Steamboat Willie, but I'm not going to download a bootleg copy of Infinity War, even though it sucked.
If we deleted DRM now, we'd probably have a longer gap between cinema and streaming releases, but that's about it. Old distribution models are gone beyond revival. Everyone would turn to piracy and rights-holders know this, so they'd have to give in. They're extremely risk-averse, yes, but they still prefer making money over not making money.
As for the cloud point, "in an instant" is definitely not how I'd describe the process of moving between cloud providers. There wouldn't be whole series of blog posts coming out every month or so talking about how some company moved from provider X to Y, spending 100s of engineer hours just to find themselves in another semi-closed ecosystem, but for half the price.
> Well, yeah. Streaming services wouldn't exist without DRM. [...]
> [...] If we deleted DRM, streaming services would cease to exist overnight
And yet GOG exists and sells games all DRM free. To disprove a theory, one only needs to provide 1 counter example.
Maybe some streaming services would cease to exist. Maybe some of them are not needed. I highly doubt though, that it is an impossibility to have streaming services without DRM. I don't see how DRM helps at all. If I were a Netflix user, which I am not because of DRM and because it is shitty built to not work on Firefox on GNU/Linux and without installing shit on my machine, I could simply record my screen copying the content. Even if there was some software limiting this ability, I could use a hardware before the monitor to grab the video signal. DRM doesn't protect anything properly.
It's there because the MAFIA insists, not because it makes sense. It doesn't prevent webrips, which exist. It drives away potential FOSS-using customers toward said webrips, lol.
So true. It's embarrassing how netflix still refuses to play high quality streams on linux. So I'll just head over to my favorite torrent site and grab it there, instead.
I think your priorities may be skewed. To me, supporting content creators (even though, yes, intermediaries take too big a cut) and respecting laws is more important than conveniently consuming entertainment on one's favorite operating system.
I cannot remember a single instance where DRM stopped me from pirating but it certainly stopped me from buying. Mostly it was just the tip of the iceberg because I maybe don't care enough, but there are quite a few examples over the years. I am a buy and think later type for media. Positive side is that anything cultural is very cheap.
> And yet GOG exists and sells games all DRM free.
It is worth noting that GOG exists only because CDPR want it to and subsidise its costs from their other businesses due to their political beliefs.
As a standalone entity GOG would have ceased to exist overnight a long time ago. It's lack of DRM is definitely an argument to why it loses so much money.
GOG isn’t a streaming model, it’s an iTMS model. The streaming model is where each title has no marginal cost after you pay the subscription fee, so you can just download the whole catalog.
The closer analogy would be to Xbox Game Pass, which has no marginal costs per title, but indeed does have DRM.
>Well, yeah. Streaming services wouldn't exist without DRM. The existence of infinite accessible libraries of content for flat-fee monthly-subscription prices, is built upon IP licenses which were granted conditional to the consumer's inability to leverage that access into piracy. If we deleted DRM, streaming services would cease to exist overnight — all their license grants being revoked, leaving them with nothing to serve — and we'd go back to just relying upon the iTunes Music Store / Netflix DVD rental model. (Which, to be clear, has still also existed alongside streaming this whole time.)
Then why there is a ton of Netflix and Amazon Prime owned content on the torrents? It seems the content is very pirateable, DRM or not.
Technically, they're not pirating the content itself; the original, full-fidelity content remains DRMed. Instead, what these torrents are, are re-encodings of the decoded video stream produced by playing the content. (I.e., they're what comes down the HDMI cable out of the streaming box, minus the HDCP.)
This process loses a lot — for example, this signal is very likely post-HDR-color-processing, and so the result won't look very good on any other screen than the one it was originally told it was going to be played on.
Most people won't care, and will just watch the torrent anyway; but the fact that there's this very slight loss of fidelity, makes the IP rights-holders feel warm and happy inside that they still have this "perfect fidelity master copy" that they can show in theatres that nobody else has access to.
Take that away from them, and they really do withdraw their licenses. (See also: Apple being able to license effectively-perfect-fidelity 256kbit AAC versions of songs from certain parties, but being unable to convince those same parties to license Apple Lossless encodings of those songs.)
As the others have answered... I don't have a TV but I've got a projector with a gigantic diagonal. I posted here several times that I don't understand why streaming from Netflix gives a worse picture than playing a torrent. The DRM itself may be the reason apparently (maybe the computer I use to stream from Netflix ain't powerful enough? No clue).
I'll just say this: sailing the high seas (well, kinda: I only pirate the movie which I have access to anyway and I'm subscribed to Netflix/Disney+/Amazon Prime Video/etc. + 140 channels as part of my Internet subscription) gives a better picture than streaming.
People underestimate the quality of streaming movies locally and playing FLAC files locally vs streaming.
If you're not using a setup that plays nicely with Widevine, Netflix will cap your quality at 720p [0], precisely because your free-as-in-freedom stack doesn't lack the capability to record the stream, if you so choose.
I don't know anything about the other services firsthand because I jus-- uh, actually, never mind
> I don't understand why streaming from Netflix gives a worse picture than playing a torrent
Because Netflix is conserving bandwidth by sending you a lower-bitrate stream, while the pirated copy is — for movies at least — very likely a pirated copy of some offline release, e.g. BluRay, which comes with higher bitrate.
This does not match my experience, I have never encountered such a rip. I downloaded a few when Prime and Netflix would be fussy, and the quality is consistently higher than the 1080p (?) low-bitrate I get on auto in firefox.
> This process loses a lot — for example, this signal is very likely post-HDR-color-processing, and so the result won't look very good on any other screen than the one it was originally told it was going to be played on.
Is this really true? I would expect the post-processing to happen in the TV.
Netflix is so bloatet that it consistently has streaming issues on my likely underpowered 4k TV. Rips that use a more standard caching play well in whatever quality.
For me personally quality outside of Netflix is usually always better. Likely because of DRM
Why? Is DRM stopping piracy? Like what do you think would happen if DRM didn't exist, would the pirate bay be even bigger?
People don't pay for netflix because it's hard to pirate stuff, they pay for netflix because it's easier to do so than to pirate stuff, and it would be the same even if the laws of the universe changed one night and all DRM ceased to function.
> The existence of infinite accessible libraries of content
If only that were true, I'd be actually be happy to subscribe to them. I've realized that streaming services are only useful if your problem is "I need entertainment, find me something nice to watch", but mostly useless if you have a specific title to watch. Majority of the time there is no streaming service that offers the titles I want to watch.
"wait I don't see it on netflix, neither on prime or disney or...I should have bought the vhs/DVD/blueray at the time."
Not sure if you can find most +2y old movies on torrent platforms, last time I checked I couldn't find what I was looking for. I lament the death of local videoclubs where you could rent movies from any decade.
I have a netflix subscription, as well as a showmax subscription (local streaming service which has a lot of local stuff, as well as a bunch of international stuff including almost all of HBO's stuff) if there's something that's not on one of those, then I just torrent it. I don't give a crap. If people don't want to make their stuff accessible then I will immediately torrent it and they can lose out on the revenue. (I'm not gonna subscribe to every streaming service there is)
I can find torrents for anything I like, it's really easy. I guess if you don't do it often, you don't know where to look. But piratebay is still up and a good start.
It depends on where you live. In German countries we have plenty of streaming sites (usually not torrents but semi direct downloads) of the 10 sites I visit regularly they all have a WAY bigger library than Netflix and Disney combined.
In fact I am always disappointed how small they libraries actually are as I am used to something else.
In Germany, scummy lawyers spy on your internet traffic with the help of your ISP and send you letters with fines on behalf of small creators like Disney, Warner Bros, BMG, Sony, Universal, etc. if you torrent any of their IP.
Not exactly a model I wish to be followed by other countries.
The fine structure is different for piracy where you download vs piracy where you upload. You'll practically never get in trouble for the former, because the return on investment is not worth the cost of labor.
It's not like radio or TV have any DRM. I used to copy to tape movies and songs I liked all the time. Later we had TiVo &c to automate the process. The push for DRM just makes piracy stronger.
Or as a contemporary example, Steam's DRM is about as effective as a sticky note saying "please do not copy", lots of games on the platform don't even have any DRM. Some of the most financially successful games launched without DRM, e.g. Sekiro and Elden Ring. Stores like itch.io, humble bundle, gog don't have DRM either.
The only ones actually profiting from DRM are the DRM makers.
> Well, yeah. Streaming services wouldn't exist without DRM.
Why? Libraries loan you books and paper does not have any DRM. Works fine.
The only difference is you might get some rate limit, e.g. 30 movies per month, or more watermarks instead of digital restrictions.
On the flip side getting Netflix in high quality has annoying hoops because of DRM (No, nobody wants to use Edge, thank you very much).
> If we deleted DRM, streaming services would cease to exist overnight — all their license grants being revoked, leaving them with nothing to serve
No, only if single stores do that. If lots of stores do that, you simply get the same content but without DRM. That literally happened for music, so you would at least need to argue why not here as well.
Have you never used a digital library to check out an e-book? They use DRM.
And even then, libraries have a different rights model, involving the fact that they legally own each copy they lend out as a distinct purchase of an IP license, placing a distribution concurrency limit on each work of “however many copies they’ve purchased”. They aren’t legally allowed to just make more copies to serve more users; they have to buy those additional copies.
And yes, this applies to both physical books and e-books lent out by libraries. (It also applied to the DVDs Netflix used to be about loaning out.)
Anyone with a scanner and a day of time can produce infinite digital copies of a book. You don't have to throw money at it like Google and do some crazy AI driven OCR, a boring afternoon in front of a scanner, flipping through pages is more than enough. Source: I wasted way too much time to scan the notes I took as student just so I could throw the hard copies out.
I should have said "expensive compared to digital stuff", you're right that it doesn't cost an individual millions to copy a book. But compared to copying a mp3, it takes a lot of time.
There are many groups dedicated to the translation and typesetting of manga that have no official english release. This also counts as piracy and the amount of effort that goes into it dwarfs copying pages one by one significantly. Impracticality doesn't matter as long as you have a hand full of people willing to do it.
> If we deleted DRM, streaming services would cease to exist overnight
I don't think that's true. But assuming it is true, then yeah, I'm in! I'm sure people would find other enjoyable activities that would be DRM-free, we would be fine.
There would not be this social pressure / expectation to use or subscribe to these DRM encumbered platforms (or that you, at least, have access to all movies or series at any time) when you invite people over.
Legally I'm sure that's true since content creators wouldn't agree to it, but in practice that's probably wrong. People would pay for the convenience of a it-just-works streaming service.
> 2. We won the battle for Linux -- and have thoroughly lost the free software war. No matter how you count, it is, by far, by very far, the most used operating system.
If you count only the kernel then yes, we "won". The trouble is a kernel is not an OS. You need also userspace. (linux will panic if no "init" is found). And when we count the userspace, we lost. Android is a closed system.
> 3. We won the battle for browsers -- everything now runs on top of an open source rendering engine.
Just because the rendering engine is OSS i would not call it a win. The rest (Chrome, Edge, Safari) have nothing to do with OSS. And Firefox is an old impaired browser who still remembers its glory days.
> If you count only the kernel then yes, we "won". The trouble is a kernel is not an OS. You need also userspace. (linux will panic if no "init" is found). And when we count the userspace, we lost. Android is a closed system.
This.
It's very funny to still see the same fans comparing a kernel to an entire OS. Android and ChromeOS are still closed operating systems that use the Linux kernel. The kernel itself is useless on its own and needs a user-space to function. So unless there is a LinuxOS? I didn't think so. Since the user-space in Android and ChromeOS is closed and owned by Google. A widespread failure.
The desktop is also a failure as well as the user-space is too as the second problem is Google owning both of them and there is a likely chance that Fuchsia is going to replace them too. So we're back to square one again.
> Just because the rendering engine is OSS i would not call it a win. The rest (Chrome, Edge, Safari) have nothing to do with OSS. And Firefox is an old impaired browser who still remembers its glory days.
Well they still don't know that they actually lost; so badly that the winner (Google) is keeping the sore loser (Mozilla) on life support and is unable to be independent or even achieving their mission statement without being dependent on their anti-privacy foe's money. It is not early days and it is been decades since the Mozilla CEO promised that they would be not dependent on Google's money. A decade later it hasn't happened.
Firefox was supposed to be the dominant browser but today it's (you guessed it) Google Chrome. I consider this a catastrophic and chronic failure.
I need to keep bringing the Termux's use case, and pointing out the documentation of what Google considere public APIs on Android NDK, how apps get killed since Android 7 when they violate this public contract, and how classical Linux drivers are considered legacy since Android 8, to show how irrelevant it is that Android uses the Linux kernel for userspace in Android.
I haven't done frontend dev for years. So I'm surprised to read this. I thought Edge switched to using Blink. How is it possible for there to be "edge quirks" that you need to cater for?
Does microsoft take Blink, and insert their own crap into it? What could they possibly have to gain from doing that? Why not just contribute upstream?
>Because neither Safari nor Chrome are open source and what else has any market share whatsoever?
The important parts of them - the rendering engines - are indeed open source, so this isn't as bad as it seems. One can still build their own browsers on top of those engines (e.g, Ungoogled Chromium).
The "war" that's lost here isn't source availability, but two mega-entities (Apple & Google, primarily) getting to steer so much of the web.
If Google decides to remove addons then it would start losing users fast, and I think we’d find a fork that kept them more than viable. In this sense chrome is very different to for example Internet Explorer where no such fork was possible.
Implying people on mobile know there is an alternate browser. I've seen people not know how to open Google drive, let alone go to the Play store, download FFox and add ad blocker.
You can't realistically write your own browser, if you run something that isn't Chrome or Safari (or MAYBE Firefox), even if it's got Chromium in the core a lot of services will treat you as a bot and block you because your browser is Weird(tm).
> A year ago there were three billion active Android devices, all of them using the Linux kernel -- and the overwhelming majority of them only allows sanctioned apps to be installed.
Huh? I've never seen a device that has sideloading or ADB disabled. Yes, rooting is a different issue, but on the other hand it's not really needed in day-to-day usage and pretty much all phones sold outside of US carriers can be easily rooted. (The fact that US carriers regularly prohibit rooting should be tackled nevertheless)
Yeah, I have no idea what GP is on about. Maybe Android phones in China (which would make a huge portion of the marketshare of Android)?
But there's plenty of reviewers of Chinese-territory-only smartphones running emulators on it, which I'm guessing they installed by sideloading an APK.
> We have, however, so thoroughly lost the DRM war people barely care it's there.
It's even worse than that: NFTs are basically an argument that DRM is a great idea and we should have more of it. The aspiration for NFTs is that sites, apps, and games will treat owning a file's NFT differently from possessing the file itself, possibly even restricting usage to NFT owners.
> But, do I need to mention how much we lost the war here? Because neither Safari nor Chrome are open source and what else has any market share whatsoever?
Not to mention that they killed W3C in its sleep and the web isn’t even based on standards anymore.
How do the WHATWG 'living standards' differ from w3c standards? Is it the width of the radius of people who have buy-in? At what radius does something transition from a "cabal" to a "standards committee?"
> and the overwhelming majority of them only allows sanctioned apps to be installed.
What? You can easily install non-store apps too. It's just a single setting. There's F-Droid as alternative store or you just load the apk on the phone.
It is so easy, that Android will stop you from installing APKs downloaded from, Chrome, lets say, but provide you with a big button to go DIRECTLY to the setting needed to enable sideloading.
It is so easy that Fortnite (the biggest game at the time, and maybe now) was/is distributed directly by APK.
I once worked in a company that distributed an APK via mail to the customers. It was a customized app, and still in development. "How to install" was a regular question.
> It is so easy that Fortnite (the biggest game at the time, and maybe now) was/is distributed directly by APK.
Amazon Prime Video used to be like this back in the day. You'd have to allow sideloading, install Amazon's custom store, then install the video app from there.
This sort of thing is one of the reasons I like that iPhone is locked down. I know that none of the apps I use will decide they can make reducing my phone's security a condition of using their app. If they want to be in the iPhone store -- and they do -- then they'll have to work with iPhone's strong security.
I find that many iphone people have a misconception that Android is locked down too. It's extraordinarily common and I don't know why. I use the non play store install feature for a few things.
For example, I go to Telegram's site and download an APK of it because it lets me look at channels that are explicitly censored by versions downloaded from the Google Play and Apple App store. I do this all on stock, non-root Android.
We all became enamored with the cloud, streaming services, and centralized social media. If you don’t control your own means of producing on the web, you ultimately have no say.
If you read Tim Wu's master switch, this is nothing new. There are certain people (technocrates, geeks too) like to consolidate and centralize stuff. Yes it makes things easier to manage and organise, however the cost is freedom.
A messier world with more freedom is always better for the public.
The elephant in the room is SaaS. With SaaS it is possible to use 100% free software and even release all your code as FOSS as well and it's meaningless. The service has your data and it's the hub. Even if you can self-host few people do and it's time consuming and hard.
SaaS, though often based on FOSS, is far more closed than closed-source commercial software ever was. I can run a closed-source DOS app from 1989 in DosBox today and if I had data in it I could still access it. Same with most commercial PC software for Windows and Mac.
Can't do that with SaaS. Even if I can run it the SaaS has my data. If I stop paying it's gone. If the company goes out of business it's gone. If they rev the software in a way that ruins it for me, I'm out of luck and I have to start over. (Sometimes they let you export your data, but never conveniently and never in a good format.)
Here's the thing. Software is not actually free. Easy to use mature software is hugely labor-intensive to produce.
If you don't design the economic model, the market will design one for you. Usually that model will be worse than what you would have done. The most popular creative way to monetize "free" software is surveillance capitalism followed by adware and cloud-as-DRM SaaS.
Oh, and a sure fire get rich quick scheme for quite some time has been to take a promising FOSS software or standard and slap up a SaaS around it. Something tells me none of these companies pay anything to the original creators.
TL;DR: FOSS lost the war because it confused free "as in beer" with free "as in freedom" and never figured out an economic model. As a result we got one, SaaS with the cloud as back-door DRM, that is worse in every way than the old closed source shrink wrap model.
But the fact that most people in this thread are bringing up DRM for media means that people may care more about free "as in beer" than freedom. Few people are bringing up what FOSS was supposed to be about: control of your own computing environment and ownership of your own stuff. It was never about getting other peoples' stuff for free or even about software not costing any money. It was about software not restricting you and honest freedom-respecting models.
1. I agree we lost the DRM war. But I think the reason no one fights it anymore is that most people only cared for convenience reasons. Netflix, Spotify, etc. have largely solved the convenience issue. So we could say most people were actually fighting a different (temporarily aligned) war and won.
2. On the contrary, it's remarkable that the majority of smartphones now run an operating system that provides both good security (compared to desktops) and openness, and not just the kernel: Developers can write highly privileged apps like MicroG and F-Droid using official APIs to manage the phone (what MicroG does talking to the Google servers is a separate issue). Users can choose to use these apps using the sideloading feature, which is officially supported. For even more access, several smartphone manufacturers offer an official way of "getting root" and replacing the ROM with a custom one. For me this was a rather unexpected and welcome development! Then there are several communities of Android ROMs and companies build all sorts of devices using the AOSP source code. There is actually an ecosystem of apps for writing code on Android. It's indeed small and little used. My guess is that it's due to a combination of factors: IDEs that require huge ressources, separation of work and private devices, something else?
2a. Of course web servers are in data centers. What's your point? It's still nice that they are using open source software. There's a point to be made however about the closed SaaS apps like Google Docs that have replaced open source apps like LibreOffice. I don't care much: people/companies can run whatever they want on their own computers to provide me with a service. What matters for services are 1) data privacy issues (I agree with you on that) and 2) data export options (the SaaS apps I use are generally satisfying on this front).
3. Firefox's market share is small but it's still a perfectly capable browser. And I'm still amazed the whole of Chromium can be built from open source for both desktop and mobile. Sure Chromium is not Chrome but it's not far and many people use it as main browser. There's probably some meat here for a discussion.
>Netflix, Spotify, etc. have largely solved the convenience issue.
An analyst I know made an argument that Napster was so popular because it was so much more convenient than going to the record store--rather than because it was free.
I didn't really accept the argument at the time but, as time goes on, I've at least partly changed my mind. Especially with music, assuming you have reasonably mainstream tastes, it really does make sense for a lot of people to just pay for a streaming service rather than download/rip and curate their own catalog. I have a big catalog but it's only somewhat organized and I don't use it much at this point.
(The situation with video is somewhat more complicated because of the fragmentation.
We don't have good smartphone OS. There is candy crush OS A and candy crush OS B. Otherwise the devices would be quite amazing.
I don't think smartphones are safer than PCs at all. On which metric? Leaking personal and private information? Digital fraud? Sure, that isn't called malware on smartphones, there we call it just app.
I compiled Android multiple times and kudos to those still sticking to it for new models and security patches. Of course it isn't just the OS developer that is guilty here. But overall the devices are trash, even those > 1000$.
> On the contrary, it's remarkable that the majority of smartphones now run an operating system that provides both good security (compared to desktops) and openness
The security is only as good as your security update availability, which is still a major problem for those 3b devices.
Spotify is good enough for most people even if audio quality is mediocre and there is missing music. Most people do not care about obscure music or about audio quality.
Netflix also solved the issue (it used to have most stuff people cared about) and then it got unsolved. Indeed, with all of the competing streaming services with their own exclusives, the situation is worse than ever. This is why movie piracy is on the rise. With all of the exclusives it no longer is convenient. People do not care which corp owns which franchise. They just want to press play and watch. The fact that the industry truly does not understand user convenience and managed to mess up movie and tv streaming after it was solved, is just sad.
"We" also stopped caring. People used to prefer GPL over MIT-style licenses for ideological reasons. That thought you are having now, namely that "ideology" is a dirty word, is a symptom of the same change.
OSS development moving to internet and hardware companies is the most direct cause, as for them MIT-licensing makes sense (in the sense that others need to use it to be an option for them).
But, increasingly, the people writing the software, at those companies and elsewhere, not just prefer MIT over GPL; they actively don't have an opinion and, in many cases, not even an understanding of the issue, or, worst case, the basics of copyright.[0]
Some of this is simply due to most of the salient issues being decisively won or, at least, being replaced by a solid truce: Linux is everywhere but Microsoft still flourishes. Other software companies have either also found out that co-existence is possible. Or they no longer exist/no longer have the power (Netscape, SCO, Oracle), or never had the chance to get started in this environment (that httpd you are not paying for). Facebook, Apple, Netflix, and Google were never threatened. Thus, nobody is fighting Open Source, and the need to defend it has seized to be a motivating factor to get acquainted with the old ways of lawfare.
But growing up without such challenges leads to a generation trying to find meaning. Having lost ideals of freedom to an assumption of such, they've found much the same ideas as other bored generations: getting rich and, along the way, maybe finding some group or other to occasionally hate-stomp into the curb for shits and giggles.
So they're now running GPUs as space- and world-heaters, while whatever capability for political thought they have is busy balancing their love of Ayn Rand and Jordan Peterson with their hatred of women and the New York Times.
0: Note how there was never a thought expended to any moral or legal issues with the use of vast datasets of text, photos, or music to create text-, photo-, or music-generating AI models. But when someone started doing the same to source code, the possibility that their creative use of fopen to open a file provoked outrage usually reserved for female reddit-CEOs or game journalists. Free Software, for someone writing software, was about giving others such freedoms. This was altruism in its purest form (it's in the dictionary close to alt-right, if someone wants to look it up).
It doesn't seem that they "won"; at least not yet. In my case, the bullying of RMS moved me to join the FSF, to stop all use of non-free software in my life, and to become an even more vocal activist for free software.
Looking around, within the scientific community, free software is today stronger than ever, and going even stronger. All the basic tools used by scientists today are 100% free software: R, gfortran, octave, python, torch, numpy, lapack, fftw3, gmp, overleaf, jupyter, git... The only remaining non-free software pieces of infrastructure are github and some proprietary chat rooms that will go unnamed.
It wasn't much of a campaign. My experience with using GPL in a commercial setting went something like this:
"Hey, can we use this GPL software?"
"Better not. We don't have the infrastructure to publish all our code publicly, and legal definitely doesn't want to be in the business of deciding what code we are required to publish by the license and what code we can keep proprietary. Adding GPL code is adding a time bomb to our project."
"Good point. There's some MIT-licensed code that does basically the same thing; I'll use that."
The GPL itself was the best argument not to use the GPL. It placed impositions on the code's consumer that other licenses don't, and network effects will tend to optimize to the path of least resistance (which in this case is the saddle-point between "We want to use other people's code" and "We don't want it to be a hard legal question what code of ours must be published").
Where did you get the idea that GNU deems software non-copyrightable? The GPL itself would not work in any way, shape or form if software copyright weren't enforceable, since you could simply copy the source code without regard to its license.
It may be true that GNU would advocate for removing software copyright, but that in no way means that they believe (deem) software to be non-copyrightable today.
Indeed. Sites like gog.com and itch.io indicate to me that the nerd-hate of DRM lives on. I don't have a Netflix subscription and I haven't knowingly bought a DRM 'd device ever. I even go as far as removing the widevine library when forced to use Chrome, for example.
Content restricted by DRM is not worth watching to me. The best content is produced by real people (such as commenters on HN), not large companies.
DRM customers will have to find out the hard way that as soon as the DRM server has a glitch, they're unable to see the content they paid for. Hell, even an expiring contract might make some ebooks you bought [1] or the music in your game disappear [2]. No thanks.
> Content restricted by DRM is not worth watching to me.
That's a good principle, and a hard bar to meet when the content
is free, but still encumbered.
A chap from our local dads group was really keen to share his Disney+
account with me. That's actually a "legitimate" thing, I guess Disney
want to get other people's kids hooked so they have a "share with a
friend" scheme. I have to admit it was a struggle for us to decide
against using a free child pacifier service.
It causes some friction with my partner as well. I won't watch Channel 4, 5, or similar services that use DRM – only the BBC. I've written extensively to the other channels stating why I won't use their DRM'd offerings and get a stock reply. I keep on banging the drum, however.
> A year ago there were three billion active Android devices, all of them using the Linux kernel -- and the overwhelming majority of them only allows sanctioned apps to be installed. There is no freedom any more.
Practice showed that in the overwhelming majority of cases, the apps user chooses to "install" is malware that he is not aware of.
The love of being free to do what I want with the most incredible device in history drives me. The conviction that this freedom is one of the pillar of a free future society drives me.
Millions of lost battles will never ever change my mind.
I thought about creating "OpenDRM" once, an open source DRM library. It was with another job in the past.
"But that's silly! You can strip it off!"
Of course you can, and you can strip DRM off proprietary DRM schemes too. All of them are cracked. That's not the point. The point is that there's a way for someone to indicate their usage terms along with a piece of media. An OpenDRM would not even necessarily encrypt, or would do so only in a very trivial way. It would instead be a standard for indicating terms of use and automatically checking for licensing entitlements.
You don't really think it's "great", do you? More like, an acceptable trade-off? I'd love to hear the argument if you actually are pro-DRM as a thing in itself.
I’m not claiming there are no downsides to DRM — the fact that it makes it hard or impossible to copy things one has legitimately purchased is clearly a negative. However, I think making piracy more difficult is valuable and more socially important than the downsides.
In an ideal world we would subsidize content consumption for those who can’t afford it (we already do this via public libraries, and public funding of content creation in many countries, but we should do more) and also more strictly enforce laws against piracy by shutting down torrent trackers. Then we wouldn’t need DRM. But until this pipe dream comes true, I think DRM is valuable.
Not getting this idea that Linux is freedom per se. Since the article was written, RedHat was acquired by IBM, and even before, Linux was largely controlled by enterprise demands (systemd, namespaces/docker) and folks with their own agenda (glibc, gnome).
Freedom is choice. Choice requires alternative implementations. Alternatives can and will be developed if there's a common spec, like POSIX, SUS, LSB, X, OpenGL used to be, all of which have atrophied. Linux doesn't inspire anyone to create new end-user apps (with the exception of Blender and Krita, which were started well over ten years ago). Instead, we're loosing the apps we had, and march towards dumb UIs and needlessly containerized apps a la snap/flatpack.
It's of no use and only frustrating to lament and decry the past without also showing a perspective to get out of our situation, or clean up the mess for those who follow after us.
F/OSS is clearly not the solution, as can be seen by the demise of the web going the way of all previous digital communication mechanisms: it has been foobar'd by the ad industry, like email, Usenet, XMPP before.
Open, meaningful standards are the only solution. Not like "web standards" eg WHATWG and W3C. Who thought it was a good idea to hand standard development to an ad company in the first place? We now have a closed-loop web where the content provider and the user agent are from the same party. We had that with CompuServe et al before the web; there was no need for a craptastic CSS and JS detour to arrive at that situation.
>Linux doesn't inspire anyone to create new end-user apps
I'm not really convinced there are more worthwhile apps on Windows / Mac, except for the usual big players. (office, photoshop, etc) I'm sure there are some edge cases here, but for normal users it's not clear this is an issue. Most just use a web browser. They might not even make much use of a file manager.
I'm not suggesting that the application situation is perfect on Linux, but it just seems to be bad everywhere. It seems like simple, single-purpose apps are disappearing, and are being replaced by a constantly-changing sea of noise. Is App "X" a good app? Maybe it was a few years ago but the developer tried to monetize it and ruined the app with ads / extraneous features / countless UI redesigns, etc.
It's gotten to the point where the static nature of Linux apps is a feature. Rhythmbox is far from a perfect music player, but one of the things it's got over it's major competitors is that it's lightweight and hasn't changed in years. I don't need to constantly re-learn something basic just because an application developer wanted to make his mark and shake up the UI or features of the application. It's flawed, but I can rely on it because it doesn't change very often.
There's a ton of commercial apps for the Mac and they seem to be doing just fine. Until more recent mainstream adoption, Macs were traditionally most used by professionals, people like photographers, artists, designers, musicians, publishers, etc so there's always been a healthy ecosystem of software for these people. They're still there, although I expect a lot of the growth of the Mac user base has been home users.
Linux doesn't inspire anyone to create new end-user apps (with the exception of Blender and Krita, which were started well over ten years ago).
Maybe it's because the community is full of people who see any change as an attack on how we used to do things, breaking the UNIX philosophy, etc.? This closed-mindedness leads to thinking like:
Instead, we're loosing the apps we had, and march towards dumb UIs and needlessly containerized apps a la snap/flatpack.
There is a lot of innovation in this space. OSTree (which is also used by Flatpak), replaces the old Unix filesystem model by something that is exciting and much better (atomic upgrades, rollbacks, signed system images, etc.). Flatpak itself finally makes it much easier to deploy desktop applications, which is long-needed to extend Linux beyond the traditional UNIX crowd.
Yeah let's throw portability and any semblance of order away b/c of ... what exactly?
There are only two Unix-like systems left that matter: macOS and Linux. No need to hold them back by pretending we are still in the UNIX wars and retaining compatibility with some UNIX system that nobody really uses anymore.
We need to maintain compatibility with 30 years worth of software. That's a primary reason why Microsoft is still dominant, despite the decline of their flagship to the point where it provokes disgust even in the layperson.
> Flatpak itself finally makes it much easier to deploy desktop applications
I don't really see how this is at all an improvement over just updating all your software via a a package manager. One command to update everything from a trusted source. What does flatpak do to improve upon this?
Allows you to install software that isn't in the distro's package manager and didn't have to go through some third party maintainer. In particular, developers can publish to Flathub whenever they want, can run their own FlatPak repo, and can even just distribute FlatPaks directly through whatever means they feel like. This means you can have up to date software the day it is released and don't have to care if it is popular enough to be in your distro's repo.
Additionally, FlatPaks can be stored in "installations" that can be in arbitrary locations. This allows users to install FlatPaks without root, put FlatPaks on alternative disks, etc.
FlatPaks also make dependency conflicts a thing of the past.
Oh yeah, and the whole thing is distro agnostic[0].
[0] Mostly. The extreme fragmentation of Linux distros does cause a few edge-case problems.
Everything is a choice right, and PPA/AUR are pretty cool usability wise.
So, I understand what you mean.
But the point of package maintainers is:
1) a third party has independently verified and attested to the quality or state of x software. (or there is a responsible person at least)
2) there can be certain guarantees that the package/software integrates with the distro correctly; an example could be bazel vs bazelisk: where both try to write to the /usr/bin/bazel file and would overwrite each other. (same for pipewire-pulse and pulseaudio- they're mutually exclusive).
3) centralises dependencies: if everything depends on the same set of software then you're going to save disk space and memory on every machine, which in aggregate is going to be a lot.
Running "Any old shit" from the internet is such a bad idea overall... it's an artefact from people running windows; and every program bundling it's own update framework....
> Everything is a choice right, and PPA/AUR are pretty cool usability wise.
They're two separate systems for exactly two separate distros and, oh yeah, your PPA needs to have separate repos for every single Ubuntu release.
> But the point of package maintainers is
Irrelevant to a lot of us. To me, they are useless middle men who ensure that it takes entirely too long to get updated software when I want it or alternatively that I can't even get the software I want[0] because no one has bothered to package it and put it in the repo for this specific distro.
For 1), I don't trust random unpaid volunteers to do this anyway. I'd rather either not run applications I don't trust or just containerize them. Guess how Flatpak works?
For 2), FlatPak makes this irrelevant for Desktop software. If you eliminate the ability for software to conflict, you eliminate the need for unpaid volunteers to try and deal with that problem. Pulse/Pipewire is system software, it's part of the underlying platform.
For 3) FlatPak makes this irrelevant. Using containerization and OSTree, FlatPak can provide each application with the dependencies it needs while also keeping only one copy of each necessary dependency (per installation). Besides which, most dependencies (shared libraries) aren't actually shared: https://drewdevault.com/dynlib
> Running "Any old shit" from the internet is such a bad idea overall
I use a computer to run software. I use a personal computer to run the software I personally want to run. I will decide which software is a good idea to run or not on my personal computer, not some random group of internets.
> it's an artefact from people running windows
Consider that one of the reasons Windows is still more popular than Linux Desktop is that it doesn't have all the drawbacks of the traditional package manager/repo model Linux has been using for the entirety of its distant-3rd-place-on-the-desktop reign. It's certainly one of the reasons I still use it.
The traditional package manager repo model has advantages that mostly only apply to servers and platform software[1], but are in my (and many other people's) opinion a terrible way to manage desktop software.
[0] Without all the pain of compiling from source or jumping through other such hoops. We don't have to do this on Windows or Mac, it's exclusively a Linux disease.
[1] Which I argue shouldn't need a package manager in the first place and should be handled the way distros like Silverblue handle it. Which is to say as one complete package that is entirely replaced when it is updated.
> I'd rather either not run applications I don't trust or just containerize them. Guess how Flatpak works?
Containers are not security isolation, I'm not sure why this has to be repeated so often because it's very obviously not the problem containers try to solve.
Maybe you're thinking of Jails or Zones from BSD and Solaris?
> I don't trust random unpaid volunteers to do this anyway.
But you trust them to produce your kernel, coreutils and the very software you're talking about?
> [flatpak] eliminate[s] the ability for software to conflict
I can very much think of ways they can still conflict; one would be port bindings for example. But I agree with the sentiment, you're basically arguing in favour of static binaries being shipped... except instead of static binaries it's... a tarball you run in a chroot... which has some kind of value I suppose.
> I use a computer to run software. I use a personal computer to run the software I personally want to run.
Sure, nobody stops you from downloading random binaries, or an application developer creating their own package repo and allowing you to download directly. There is history with that approach, in fact I consider rpmfusion (third party repo) to be basically essential for desktop fedora/rhel/centos.
My major point is: centralising trust to a few maintainers who you can hold accountable for your entire OS experience has value, and you can still opt out. But making flatpaks mandatory decentralises that trust back to application developers, who might not be trustable.
One need only look at how many backdoored docker containers exist on dockerhub.. since it's a platform where anyone can publish essentially anything, even if you're aware you should avoid it- it _does_ pose a concern.
There's also a minor argument about blast radius', a developer account being compromised: on docker hub this would be disastrous and opaque, but for github it would not be so bad and probably noticable, and for an apt repository it would be much less dangerous (and very noticable).
> Containers are not security isolation, I'm not sure why this has to be repeated so often because it's very obviously not the problem containers try to solve.
They aren't a perfect security solution, that doesn't mean they are useless for it. If I were really worried about an application being nefarious I either wouldn't run it or I'd run it in a VM on a dedicated device or something. You have to trust someone, and I choose to trust fewer people (the developer) rather than more (developer plus packagers).
> I can very much think of ways they can still conflict; one would be port bindings for example. But I agree with the sentiment, you're basically arguing in favour of static binaries being shipped... except instead of static binaries it's... a tarball you run in a chroot... which has some kind of value I suppose.
There are good reasons very few piece of software, let alone desktop software, are distributed as static binaries. And no, it isn't because of dependency size. There are things you just can't do without dynamic linking in Linux, and glibc is especially tricky to deal with as I understand it.
> My major point is: centralising trust to a few maintainers who you can hold accountable for your entire OS experience has value, and you can still opt out. But making flatpaks mandatory decentralises that trust back to application developers, who might not be trustable.
FlatPak still allows you to have your own repo run by the distro. In fact, Silverblue only pre-installs Fedora's own FlatPak repo, not Flathub. But regardless, I do not see a reason that FlatPaks need be mandatory, any FOSS software can just be packaged up by a distro without FlatPak. And if it isn't FOSS software than none of the advantages you speak of apply anyway.
FlatPak just makes my, and a lot of other people's, lives a lot easier and fits how we use a computer better than the traditional package manager/repo model, so we'd appreciate if people would try to understand why.
> and for an apt repository it would be much less dangerous (and very noticable)
Would it? Heartbleed went unnoticed for years. The debian random number bug went unnoticed for years. An actor could slip in such a bug intentionally at any time and it would likely be not only overlooked, but simply considered a mistake rather than malicious when caught. I'm not convinced of the supposed security benefits of package maintainers.
> Containers are not security isolation, I'm not sure why this has to be repeated so often because it's very obviously not the problem containers try to solve.
I quite like Jessie Frazzel, so it pains me to say this: Reality is not in line with what she says in this post.
The paper she's referring to specifically calls out hardening guidelines for containers to make them more secure, but that is not how containers are run, even on GKE (a platform I consider to be the defacto gold standard for container platforms).
Aside from the issue of signing (which, is a continued problem in windows-land FYI) not being the default, even seccomp is disabled by default in the overwhelming majority of cases. Even flatpak only uses seccomp to filter "the most risky syscalls" (perf, ptrace, weird network protocols like DECnet and recursive namespaces).
What I'm trying to say is: ticking the box that seccomp is enabled is not useful if you're allowing bind mounts.
Why would you allow bind mounts? that's insane?!
Well, usability is a trade-off my friend, and telling people their fancy sandboxed application can't read their ~/Downloads folder is not going to fly.
The only solution is an all-encompassing one, with a prompt system like macos has to allow only a selected number of mounts, but that's going to be handled at a completely different level than seccomp itself, and seccomp will be explicitly permitted to do this; thus protections against this one specific thing could be thwarted. This is but one of many things.
Solving security for the general case is really hard. As Jess herself points out in that article.
a third party has independently verified and attested to the quality or state of x software.
If I use an application, I enter a trust relationship with the vendor of that application. I don't want a third-party to make random decisions like adding pile of unsupported patches to the software or deciding that I cannot have it because it is `unethical` (which usually means non-FLOSS). Moreover, you are often stuck with old versions that have known bugs, because they refuse to update packages in LTS versions.
Moreover, I think the verification is overstated. Most package maintainers do not have the competency and/or time to conduct a security audit or review deltas between releases. I have been involved with some distributions and a lot of maintainers just check whether a new version still builds. If it doesn't, in the best case they know what they are doing, in the worst case they'll take random patches from the internet until it works.
I would rather trust whoever made the application. They know their own software well and have a high stake in distributing something that works as expected without large regressions.
The Linux distribution model is fundamentally broken for desktop operating systems. The turnaround time is slow, there is no proper isolation between the operating system itself and its applications, and there is a barrier between the user and the application developer (who usually don't support old, patched versions for a reason).
The model for a modern desktop Linux would be a stable, reliable core, with desktop applications provided as bundles through a platform where malicious applications can be yanked (something like Flathub or the Mac/iOS app store). Luckily, some distributions are open to newer models. E.g. Fedora Silverblue uses a lean, immutable OS, managed through OSTree and Flatpaks on top.
I'm not saying every maintainer does a full security review, I used to package applications for fedora and I did check the bug fixes and do a quick review of code, along with some simple tests while packaging updates. Which is something.
What I'm rather suggesting is that you already trust your distro maintainers, there will always be some packaged software running on the platform. If you decide to go outside of that, it's obviously not as supported, more prone to breakages.
What I'm more concerned of however is that energy gets diverted away from making packaging better and instead running heavy, expensive container processes for everything. Then again, I'm quite fond of the sandboxing in MacOS's .app packages.
Not saying it has no place, just saying I wouldn't be so quick to throw away packages, especially not for "trust" reasons.
> Instead, we're loosing the apps we had, and march towards dumb UIs and needlessly containerized apps a la snap/flatpack.
There is a very real need behind app containerization: distributions are exceedlingly slow to pick up updates in a time where web applications routinely run on a "merge request passed, 5 minutes later it's on production" model. On top of that, distributions routinely run into the problem that package A wants a new version of library B, but the other applications haven't been updated to use the new version yet, so everyone is stuck until all applications in the distribution have been updated.
Also: Most people use LTS distributions and let's be real no one wants to be stuck with a 2 year old browser that only gets backported security patches. Distributions had the chance to move to a model of "the core is stable but the applications the user uses are flexibly updateable", and they blew it completely.
The question you should be asking is why do we need all this if the desktop app "market" is contracting and I'm using just the same old apps on Linux I used 15 years ago. To the detriment of alt-OSs like FBSD and OBSD which I always loved. Why would I want frequent browser updates all the time when the web is 30 years old, and also contracting? As I type this (not making this up!) FF prompts me again to restart because updates - why? I'm sick of browsers updating more frequently than the very few sites I still go to; Moz should be producing an essential browser instead of participating in this drivel. It works just fine on my old 2016 XPS with Ubuntu ESR and infrequent updates.
You can read my comments to see I've praised Ubuntu, Dell (XPS, specifically), and Lenovo in the past. But I'm on my third Dell (Latitude/Precision so no consumer crap) with fatal hardware defects ootb within 8 months that various customers found necessary to send me for work (to run stunts like Docker-on-Windows or something), while my Thinkpad's miniscule track pad with uneccessary mechanical parts is collecting dust, and mechanically blocking due to it. Right now I think I've got enough of it already and am going back to Apple which I've used on and off since around 2003.
Setting aside the fact that rolling release distros are 1) a thing and 2) highly popular, I have to believe that these are problems that are within our capacity as engineers to solve without just saying "screw it, we'll give each program its own OS".
In fact in some sense they are already solved, from a technical standpoint - you can install Debian, with its crufty out of date repos, and then download Firefox from its official website and run it right in your home directory. There you go, stable core and bleeding edge application. What's the problem?
Consider that FlatPak is popular for this case and distributing the way you describe isn't for a good reason: having to deal with all the many and varied dependencies and configurations on any given distro is a giant pain in the ass. People have been screaming this at Linux Desktop evangelists for 20 years about this and mostly fallen on deaf ears, so it is no wonder Linux Desktop is still in a distant 3rd place in the desktop market.
Distributing binaries (that run on any distribution) is not unpopular. Off the top of my head, Firefox, Blender, VSCode, and Arduino IDE are all distributed as simple tarballs with binaries + libraries inside. Many more applications are distributed as AppImages, which are not much more than self-extracting versions of those same tarballs.
It's very simple: build against a mature version of GlibC, and bundle everything else. You know, exactly like you'd do on Windows.
This is a very recent trend that I am quite happy for, but it has not been the trend for the vast majority of Linux Desktop's existence and hardly encompasses even the majority of desktop software.
> It's very simple: build against a mature version of GlibC, and bundle everything else. You know, exactly like you'd do on Windows.
Windows has backwards and forwards compatibility guarantees that Linux userland simply does not have, and Windows doesn't have anywhere near the fragmentation that Linux has either. This is not nearly as simple as you claim it is or FlatPak wouldn't have been invented in the first place.
I like AppImage a lot, conceptually, because of its simplicity. But that same simplicity, combined with the ludicrously fragmentary nature of Linux Desktop, has meant that I've had a lot more problems getting AppImages that work than I have getting FlatPaks that work.
> Windows has backwards and forwards compatibility guarantees that Linux userland simply does not have,
Not really. Linux base system libraries are quite good about compatibility. And it's not like Windows is 100% perfect here either.
The main thing making this better on Windows is having an official SDK that allows targeting older versions from current compilers (within limits, rip XP support) while for Linux you get to put that together yourself.
> But that same simplicity, combined with the ludicrously fragmentary nature of Linux Desktop, has meant that I've had a lot more problems getting AppImages that work than I have getting FlatPaks that work.
The problem here is not the fragmentation (which mostly boils down to not everyone being on the same library versions rather than distros having completely different solutions) but rather broken AppImages or non-portable binaries that don't include things that they should or were compiled against a newer glibc etc. The source of that is again that there is no readily available SDK to create non-broken AppImages or portable binaries for Linux so not all developers will get it right. But instead of working on such an SDK, the big players focus on the overkill solution of shipping essentially an entire userland (except when they can't like with those pesky graphics drivers).
Regarding Linux distributions, I personally find that Ubuntu LTS occupies that sweet middle-ground between bleeding edge and stable software. I find RHEL is too stable (old) and I’d prefer any of Fedora, Debian stable or Debian testing to RHEL (haven’t used anything else).
> no one wants to be stuck with a 2 year old browser that only gets backported security patches
Most people I know – both technical and non-technical alike – would be quite happy with a browser that only gets non-security updates every year or so. The non-technical users tend not to care about new features. And almost nobody likes UI changes (that often aren’t objectively better, easier or more intuitive than the previous version). I now install Firefox ESR on the few PCs that I manage for end-users and it has been better for everyone.
> Who thought it was a good idea to hand standard development to an ad company in the first place?
It is actually not that bad an idea.
Previously, software vendors were in charge, it didn't turn out well, you know, the whole Embrace Extend Extinguish thing. Hardware vendors are no better, they all want to keep competition away, especially if they have market dominance, and (lack of) standardization is a way to achieve that.
Other standard bodies include bureaucratic entities, like committees and governments. They have the right incentives, but they have a hard time keeping up with the latest developments, the standards become obsolete in practice and people stop following them.
Communities are a mixed bag, RFCs are highly successful, but without big money behind it, it often goes nowhere, too easy to ignore.
Ad companies have none of these problems. They are all for interoperability, they want to have their ads seen by everyone. They don't have time to wait, so they keep current. And they have enough power and money to make standards standard. The modern web is far from perfect, but it is way better than it was in the IE days.
> Previously, software vendors were in charge, it didn't turn out well, you know, the whole Embrace Extend Extinguish thing.
Firefox had a consistent upward trend until Chrome came along. I think things were working out just fine without the ad overlord having direct control.
Over the last few years I've begun to understand that freedom in a too-real sense is the reward we experience for loving the truth, to the extent that we do.
I don't care about OS wars, nor do I care about the freedom in the GPL sense of it.
I would like to have a diverse OS landscape so we can chose what suits us best. I would like to have most software available on most platforms.
I would like to have open standards for hardware, to be able to run what software we want on what hardware we want.
I would like to not being forced to "rent" commercial software, but have also the option to buy it.
I would like less bloated JS apps running on mobile and desktops and have instead some optimized and cleverly designed apps that doesn't require a monster of a CPU to do things that required very little computing power decades ago.
I would like to have the option to run the software locally as opposed to have to run it in the cloud.
I venture that if we could successfully fight the GPL battle, then your other concerns would also fall into line. Then again, fighting the GPL battle is hard.
If you aren't yet feeling the importance of GPL, then I still applaud you if you can make any headway on the other issues you mentioned.
On the modern server room, what matters are type 1 hypervisors running managed runtimes or container orchestrators, the real kernel matters very little to most typical cloud workloads. Even if they depend on the Linux kernel in some form, it hardly matters to the large majority of cloud customers.
On mobile space, only one platform uses the Linux kernel, and it is so abstracted from userspace that Google could change it at any time and no one would notice, while at the same time OEMs pretend GPL doesn't exist anyway.
On the desktop, the Year of Desktop Linux seems to be bound to running the Linux kernel on top of virtualization.
Meanwhile on IoT, there is an increasing set of options of alternative POSIX OSes with BSD/MIT/Apache licenses.
Then there is the whole question what will happen when the generation that made Linux happen is no longer around to guarantee it keeps standing for its original goals.
I mostly agree with you. But there was this, where I beg to differ:
> On the desktop, the Year of Desktop Linux seems to be bound to running the Linux kernel on top of virtualization.
In my experience as soon as your IaaS starts offering virtualized desktops, all the users start wondering why you aren't offering Windows VMs. Then the pressure starts to build to bow to that demand.
If you tell users that it's Linux desktops or nothing, they just change to another utility company who gives them the experience they find least challenging, even if it's less secure, less reliable and costs them more. Reminding people about the freedom and other benefits of Linux they'll be missing out on just provokes shrugs and the old retort of "but I need to get work done, I don't have time for your religious principals."
The future is definitely Linux, but that old chestnut about Year of the Linux Desktop is never, ever going to happen. Linux is optimized for large servers and small devices. For such magisteria, you can attract skilled engineers to make things work, and naturally those same engineers can make Linux work on the meso-devices of the desktop realm. But the desktop realm will always be dominated by OSes optimized for that in-between area, where people balk at needing to do their own systems administration, especially when it puts them at odds with what they perceive to be a consensus.
Yes I don’t get the Year of Linux Desktop saying. I am born and bred Windows user, but I dual boot Ubuntu for some coding work and find it very pleasing to use. And a lot faster for bread and butter terminal stuff.
I was thinking of openstack, since that's my job. We always get the question of why aren't we offering Windows VMs, and many of our affiliated openstack colleagues already caved.
I think the royal we here presumes too much on the part of the free software advocates. Nothing against them but GNU software predates linux and the marriage of the two in typical linux distributions was a convenience marriage.
Linus Torvalds wasn't really doing anything else than tinkering with a kernel on his PC and the Gnu tools were there and he respected the license since depending on those tools meant using the license.
The typical linux distribution includes a lot of software; only some of which is licensed under GNU licenses. And of course the most popular uses of Linux are no longer on freedom advocates personal computing devices but on servers, on mobile phones, or in embedded devices/appliances/etc. where there typically is a lot of not so free software. Running that stuff is kind of the point of using Linux: it's a means to an end.
Like Linus Torvalds used the GNU tools, people use Linux (as in the wider ecosystem of packages that come with it) because it's there and does the job. And because it is free as in beer. Only some people use it because they buy into the idealism as well. Nothing against that of course. Freedom includes the freedom to have different points of view.
But the reality is that idealism and business use of software rarely mix well. In a way, GPLv2 was a happy accident in that it had some loop holes that allowed the likes of Google to build Android without leaking their and their implementation partner's proprietary tech. Arguably most commercial usage of Linux on phones, servers, etc. typically involves lots of proprietary software. IMHO that loophole was key to the success of Linux. It's what allowed the industry to back open source with billions of R&D investment and bootstrapped the whole ecosystem.
Arguably a lot of that activity is more centered around less hairy licenses such as Apache2 and MIT/BSD style licenses. GPL has a well deserved reputation for being a PITA to deal with for lawyers partly because of the wording and also because of its fierce advocates.
IMHO that loophole was key to the success of Linux. It's what allowed the industry to back open source with billions of R&D investment and bootstrapped the whole ecosystem.
When do we have the discussion about how that's the very problem, from a lack of user freedom perspective? We want to talk about dictators and technocrats unjustly abusing the powers of surveillance, why not start at the fact that we allowed our FOSS ecosystem that could have given more freedom and power to billions to be loopholed into a corporate hellscape of uninstallable apps, lack of root on devices (without root, you aren't the owner), and other fundamental underminings of what ownership means!
To me, all this and more is exactly why gplv3+ is actually so important, and honestly I just feel like HN is so full of corporate types who have forgotten the hacker mentality in it's curious, freedom loving base type, instead espousing stockholm syndromed repeating points about why linux doesn't matter, why YOTLD (year of the linux desktop) is never going to happen, why gpl is a bad license, etc.
Right to root. Right to repair.
Right to see the source code on your device.
Right to see and modify code and make your device do what you want it to.
Right to share that source code.
It's been here the whole time, RMS and Eben Moglen were truly men far ahead of their time, visionaries of the dystopian future battles that were to come. Users are losing the war right now. When are we going to have this conversation?
I'm not sure about that if you are not root you don't own the device.
Its clearly important to have isolation and security, to the point distros are experimenting with read-only file systems with apps running sandboxes through Flatpak, like Fedora Silverblue and SteamOS.
Other than that I agree with your comment, HN tend to be very corporate with a visible minority caring about the GPL and its derivatives like the AGPL.
The GPL is a very simple agreement.
I put my time on this and made it free and open to anyone.
You do the same, and we improve the whole world because of it, it certainly worked for Linux, and I think its why Linux is way more successful than BSD.
I understand the desire for freedom of choice or configuration but the bit that is missing is who is supposed to do this?
Sure, Google have ringfenced Android for most people and then they restrict it, yes, but Android is open source so everyone is free to create their own version that isn't so encumbered but it is also an enormous amount of work, not just to build it but to maintain it as hardware changes. Who does the work and how do they get paid? Sure, some people can and do this work for free but what is the reward for them when Google etc. can outspend them on everything and most people would choose a polished expensive and locked-down version of phone OS over one that is less so.
Same with OSs. You might not like Windows so don't use it, use Linux. Ultimately every enterprise is looking to make sales but let's not paint this as inherently evil because these same businesses employ an enormous number of people directly and indirectly.
If there is a solution, then do it and prove it works but it seems like the amount of effort consistently increases over time and makes it even harder to create e.g. a rival browser or whatever so maybe we need a rethink at a much higher level.
I can think of some players with trillions of dollars of annual budget that really should do it. They'd favor millions or billions of people whose interest they theoretically represent. Unfortunately, in practice they seem more likely to represent the interests of the few who exploit people's lack of privacy, but there's no reason this couldn't change.
Destroy aggregation - whether it's amazon or msft or airbnb or statism or whatever it's ultimately evil with the advance of technology. Codify trust reciprocation (objectives responded to with evidence) directly into every aspect of the network. Then aggregation becomes a middleman.
Windows won't support this model, neither with android or macos. Currently only linuxes have the inertia to play a role in this space.
What keeps things open source / free software in practice is not a philosophical desire for freedom but the very practical desire to be able to get things done. That's why the Linux kernel is so popular and there is an open source ecosystem for systems tooling and web dev libs and all that. Not because people are hippies who want everything to be free (as in gratis) but because it's just so much easier than going through convoluted licensing requirements.
In the end it's just evolution. If there is a free and open tool doing something better than some hard-to-license alternative, or at least well enough, then it will win. Once there isn't then the proprietary alternative will win in the space.
In other words, once the demand for open hackable mobile phone ecosystems is high enough, they will be open and hackable. The demand is just not there. Similar for other areas raised in threads in here.
The article starts with a lament over closed hardware, like Apple, which I expected. Yes, the open platform of “PC” is closing. However, we also have a rise in open hardware platforms like Raspberry Pi, which are powerful enough to run a desktop and a web browser, and which only costs tens of dollars! No, it can’t compete with Apple or Microsoft of Google, but it IS an open and free platform. Despite giving up and going all in on Apple, after 19 years of Linux on the desktop, I take comfort knowing it’s there.
Linux and other opensource software were just tools big corps used to build the stack they use to control users today.
There is no freedom anymore, because developers didn't care about it and I doubt there is something that can be done to free ourselves from big tech corporate slavery.
There are a lot of open smartphones and laptops, so it's an ongoing battle.
The RPI is quite a big win even though the soc is not open.
It's more a problem of capitalism, in my view. I think that the foundries and the chip industry being centered around Asia, it's one reason that it's more difficult to make good open chips.
I just hope that a new wave of minimalist software will come soon, because that would be a massive opportunity for open stuff to thrive while being cost effective.
The law of wirth allows manufacturers to sell faster chips to consumers, but that can't go on forever.
2. We won the battle for Linux -- and have thoroughly lost the free software war. No matter how you count, it is, by far, by very far, the most used operating system. A year ago there were three billion active Android devices, all of them using the Linux kernel -- and the overwhelming majority of them only allows sanctioned apps to be installed. There is no freedom any more. And despite the phones have capable CPUs, practically no one uses it to develop software, the entire development ecosystem is completely absent from Android. By any means you should be able to attach keyboard, mouse and monitor and develop and deploy your own phone apps but who does that?
2a. In the web server space, once again, it's Linux all the way. Although w3tech only says "unix alike" for the 80% it reports it's not unreasonable to think the overwhelming majority of that is Linux. But, guess what? increasingly all of that is in a cloud data center where your control is ... limited.
3. We won the battle for browsers -- everything now runs on top of an open source rendering engine. But, do I need to mention how much we lost the war here? Because neither Safari nor Chrome are open source and what else has any market share whatsoever? And in a familiar manner, they restrict of what you can install on them.