• 1 Post
  • 37 Comments
Joined 2 years ago
cake
Cake day: July 16th, 2023

help-circle
  • Unless there are those who need certain words for their jobs, I can kinda understand why Microsoft wouldn’t want emails from work addresses to go out with political agendas… for either side.

    Sure. Then block both sides, and not only the one not bringing you money.

    Work emails should just be about work. Too many people use their work emails like a personal email… with their banking, shopping, etc. That’s what personal email addresses are for.

    No one uses their company email for their personal banking, simply for the reason because if you’d leave, you’d lose your access, and since most companies run behind firewalls, vpns, 2fa tokens and similar additional credentials, it’s simply harder to use.

    This policy should go for many non-work related topics too. IT can unblock the words for certain users who need to use them for their job.

    Of course, let’s waste resources to maintain idiotic blocklists that are out of date the moment they are rolled out, and additional resources to make the blocklist actually work. Palestine, p4lestine, pale s tine, p a l e s t i n e, paleztine. Need more?

    You’re not at work for someone with this kind of unhinged mentality watching you working for 8 hours a day straight with no breaks and no distractions. You’re there to get your work done. In my current team, we’ve had the best ideas talking about our problems at the coffee machine. I personally focus best when I have music on. We’re doing sports together once a week on a company fitness incentive, which boosted our team dynamic massively. None of this would be possible in such a controlled environment.


  • Quality journalism:

    Yesterday, we reported on actors using Russian IP addresses to breach the National Labor Relations Board immediately after DOGE engineers obtained “God-tier” access. According to whistleblower Daniel Berulis the intruders used newly created DOGE credentials and techniques “consistent with sophisticated Russian intelligence operations.”

    Shocking, if inexperienced, young idiots get to do whatever they want in critical systems, shits gonna hit the fan.

    Any IT system DOGE touched should be considered compromised, not because of “sophisticated” state agents, but because you’ve had those idiots touching it.

    Remember the first days of post-Musk twitter? Yeah, now imagine that with older, more brittle systems, way less experience in the staff, more AI slop, less time and way more god complex.

    Also, still waiting for the day those “journalists” will learn that an IPs geolocation does not have to be the actual source…



  • It’s not about being dumb and expecting stuff for free but a general anger towards subscription based models. Fair models exist and are possible, but are a collateral of the general hate.

    Then, free alternatives exist, and believe it or not, some people do not have a tiny monthly fee they could spare or do not want to pay for something that a free alternative exists.

    Threema tried exactly that, and failed comically.




  • Why are we giving this person their stage again? How probable is it that the instance admins of the like 15 instances they have accounts on will all collectively ban him? It’s just your average nazi spammer on the internet. You’ve read that “bio” this person has. Even if they get banned, they’ll come back just on principle. Just block him like any sane person would do, leave him shadow banned like that with his nazi friends, and call it a day.


  • So, you mean using a proprietary vendor to operate something binds you to that vendor? Congratulations, you’ve just discovered vendor lock-in.

    “Obfuscating the environment” is also an absolutely unhinged claim, what even is that supposed to mean?

    And again, Automattic is NOT in the right. What Automattic did was break license terms, attempt to extort, steal code, and light their whole brand, company, ecosystem and community on fire. Matt spit in the faces of his open source community (and open source in general), and every single person dependent on WordPress losing their job because of the shift he’s causing will be blood on his hands personally. Even if WP Engine was questionably morally or ethically, they did play by the laws and the license terms. Matt went on a mental breakdown and additionally to his unethical behavior broke several laws on that journey, which is exactly why he is losing the lawsuit. Matt and Automattic are NOT in the right.





  • That whole blog post is so full of salt, that it really hurts to read.

    Still going on about the “imbalance of the contributions”, well that’s open source for you - you don’t get to control who contributes how much, all you can do is ask nicely, and provide a good experience for contributors. Acting like a lunatic does not do that.

    legal attacks started by WP Engine

    Of course they did after the witch-hunt and the absolutely illegal, unethical and plain ridiculous behavior of Automattic. The counter they did, the whole ACF takeover and the slandering are a lawsuit handed on a plate.

    The way “community” is quoted in that article for those who dared to disagree.

    This legal action diverts significant time and energy that could otherwise be directed toward supporting WordPress’s growth and health.

    Yeah, as a developer I also hate when lawsuits are stopping me from working. He had no problem letting go of nearly 10% of his staff with their “alignment offer” to get rid of people who again dared to disagree, but the legal action is diverting resources now.

    But the whole “Focused on the Future” paragraph is going full mask off:

    Before, they said that resources will be reallocated to “for-profit projects within Automattic”, and

    We will redirect our energy toward projects that can fortify WordPress for the long term

    It’s only a matter of time another hostile takeover will take place, and Matt will attempt to go full for-profit on WordPress itself.

    We’re excited to return to active contributions to WordPress core, Gutenberg, Playground, Openverse, and WordPress.org when the legal attacks have stopped.

    Full on extortion. Stop the lawsuit or we won’t contribute.

    Honestly, if I’d be dependent on WordPress for my work, I’d not sleep well and start going into something else right fucking now. How are people that stupid, childish and entitled getting into such positions.



  • Matt never ceases to amaze with his smoothbrain decisions.

    The amount of effort this moron puts into his weird personal vendetta against WP engine, even after the court told him that he has nothing, which was actually his last chance to end this kinda gracefully, could’ve been used for so much better things.

    And he’s not only successfully kicking himself in the balls, he’s willing to throw so many years of community and project time and effort under the bus for it.

    Go on Matt, keep telling how much you’re only doing this for WordPress.


  • And where did I say that no one should pay for youtube premium? Where did I say that everything should be 100% free?

    If YouTube premium is worth it for you, go for it. In my opinion YouTube is getting worse by the day, and it’s monopoly due to its reach and resources suppresses any competition, unfortunately. Even if YouTube Premium would cost 10 cents I won’t pay it, because I simply think that YouTube has severely gone wrong. Vote with your wallet.

    And before other connoisseurs of boot material chime in - I’m paying for Google one. I’m using drive and mail daily. I bought the new pixel, watch and buds day one, and all of those are amazing Google products I’m very happy to pay for, just as I do for Spotify, HP, Netflix, IntelliJ and any other product that brings me value.

    Pay for what you want, and let me do the same.




  • This has nothing to do with licensing. […] If you’re going to run a business that depends on open-source software, there’s an expectation of contributing back or, at the very least, not exploiting the resources of a non-profit.

    Sorry, but you have absolutely no idea what you’re talking about. It’s absolutely and only a licensing issue, and as a user of open source software you are obligated to do what the license states. WordPress is licensed under GPL, which explicitly allows software being run for any purposes, explicitly including commercial purposes. The giving back part would come into play if WPE would use WordPress as part of their own software - which they don’t.

    WPE did what the license, and therefore Matt and Automattic allowed them to. Matt decided to try and literally extort money from them, before going on his fully fledged meltdown.

    Whether WPEs business model is morally questionable is irrelevant. They did play by the rules. Matt did not.

    And the situation is not new, as far as I remember redis was the last big player in that situation. But they also did play by the rules, they changed their license starting from a given version, made big hosters that made money by redis-as-a-service pay for using redis, and took the L like grown ups by losing their FOSS community and having valkey as a hard fork and direct competitor now. No drama, no meltdowns, no shit storms and no lawyers involved.


  • You also don’t get to randomly change license terms because you’re having a childish meltdown because someone earns money with an open source product while according to the terms of the license of the said product.

    You also don’t steal code from a user of your platform and maliciously redirect to your fork.

    This is not about WPE vs Matt’s lack of brain cells. This is also not about hardlining on what’s open source or not. But Matt needs to lose this fight, not only because of his decisions, but because if he wins, he not only successfully burned down WordPress, but the open source ecosystem as a whole.

    If you publish something with a license that allows people to earn money without paying a share to you, don’t be butthurt if people won’t do that. And if you don’t want that - change the license properly and carry the consequences.



  • NPM allows for code to be executed while you install the package which is different from maven or nuget and allows for easy exploitation paths

    This is the winner. Combine that with a vastly bigger group of inexperienced developers (and I’m willing to die on that hill), and you have a lot of people running node / npm as an admin / root user, who have close to zero idea what they are doing, hitting their project with third party dependencies left and right for no particular reason (left-pad, is-number, ansi console and similar useless crap), and then your dependency management allows for code execution. Also, from my personal feeling, it seems that npm simply cannot properly audit the packages due to the sheer mass. From a technical standpoint it’s close to trivial to put your malware onto npm, and then you just need to get someone to install your package, which is way simpler than in other package managers