Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
clbrmbr 3 days ago

It depends on the domain. There are a lot of critical utilities in the systems space maintained by volunteers. The “xz” compression library was one recent infamous example where an exhausted volunteer maintainer was social engineered into a supply chain attack that briefly compromised OpenSSH.

Not a lot of applications being maintained by altruists, but look under the hood in Linux/GNU/BSD and you fill find a lot of volunteers motivated by something other than money.

Arch-TK 3 days ago | parent | next [-]

It briefly compromised the custom patched Debian version of OpenSSH. The issue had nothing to do with OpenSSH itself.

izacus 3 days ago | parent | prev [-]

Yes, but even in those domains those projects are minorities and in many examples they make it effectively impossible to legally fund or contribute to them from the side of corporations.

graemep 3 days ago | parent | next [-]

Why is it legally impossible to fund or contribute? Do they turn down contributions from paid developers? Do they refuse donations or just have no no mechanism for accepting them? Do they not have any form of commercial services or licence?

I think there are very few projects that do not accept support in any form.

izacus 3 days ago | parent [-]

In most cases they need to be able to issue a commercial invoice in a region compatible with company accounting.

For a lot of single developers that's not a thing they're ready or able to do. Those that can, usually have companies established as a revenue source for their OSS project.

pessimizer 3 days ago | parent [-]

> In most cases they need to be able to issue a commercial invoice in a region compatible with company accounting.

The need for this invoice is because companies cannot justify irrational spending. The have no process for gift-giving. There is almost nothing that will make spending on OSS not irrational, unless you're paying for specific bugfixes or customization work. You can't issue an invoice for nothing. How much would the invoice be for?

edit: that being said, please continue to make up any pretense to get OSS contributors paid if that's working for anyone.

xrisk 3 days ago | parent | prev [-]

Yeah I’m not buying it. If the corporations wanted to, they would.