| ▲ | ahtihn a day ago |
| The analogy is more like "Here's a free car on a parking lot. You can take it if you want it for free. The car hasn't been inspected and there are no guarantees that it's road-worthy". I think this is perfectly acceptable in most countries and I doubt you'd have any standing to sue if the car turns out to have safety issues. |
|
| ▲ | ButlerianJihad 14 hours ago | parent | next [-] |
| It's clear that people in this thread do not understand what "Free Software" is, and what it isn't. Let's recall the classic analogy of rms: "Free as in Beer" and "Free as in Speech". "Free Software" and its cousins, F/OSS, and Creative Commons, are "Free as in Speech" (in Spanish: libre). This freedom often means it is provided free of charge. But it does not require it. Free software may cost money. In fact, we now often pay for free software, because it's incorporated in our routers, our smartphones, our smart home devices, our IoT things. SaaS is replete with free software under the hood, yet we pay for subscriptions and access and all kinds of costly things that incur fees. Free software is ubiquitous and often costs $$$ just to distribute it. Ask anyone who subscribes to Red Hat Enterprise Linux. Please stop with your stupid analogies comparing a "free car" to Free Software. They aren't the same thing by any means. If I serve you "Free Beer" all night, and you don't get drunk, that has nothing to do with Free Software or Free Speech: capice? |
| |
| ▲ | ahtihn 9 hours ago | parent | next [-] | | You're confused. Do you know what you pay for when you pay Red Hat? Exactly the kind of guarantees people seem to expect from free software. You're not paying for the software, you're paying for the contractual support relationship. If you're updating your RHEL server through the channels you are paying for, you'd absolutely be able to sue Red Hat if they were distributing compromised software. The cost matters. No one's taking on legal liability free of charge. You can't expect any guarantees of fitness for purpose, safety or whatever if you're getting something for free. The moment you pay though, things change and licenses can't absolve you from everything. | | |
| ▲ | ButlerianJihad 6 hours ago | parent [-] | | Yeah, obviously, Free Software vendors can support themselves in certain ways, chiefly being the selling of support contracts. The people who are confused are claiming that "Free Software" is zero-cost, and you yourself contradict that belief. "Free Software" is not "free as in beer". However, just because software is provided free of cost, doesn't mean it can't be supported, or the developers held liable. I don't see really what kind of difference that would make. I mean, other than creating an actual and direct contractual agreement between customer and distributor. If you grab a download for no money, that's obviously different than paying for a subscription, and signing a contract that includes an SLA. But that doesn't preclude "Free as in Beer" software from having guarantees. Why should it? |
| |
| ▲ | gayboy 31 minutes ago | parent | prev [-] | | give me free robux |
|
|
| ▲ | IshKebab a day ago | parent | prev | next [-] |
| Poor analogy. Nobody is saying that there is a legal obligation for the Rust community to improve supply chain security, but this post is saying it's already fine; we don't need to improve things - just do your own auditing! which is the kind of "just don't make mistakes" bullshit that led people to create Rust in the first place. |
| |
| ▲ | pixl97 a day ago | parent [-] | | > just do your own auditing! Then feel fucking free to pay the Rust community to audit the software. Oh, that's too much for you. I see how it is. I sound a bit pissy, but the amount of entitlement that occurs when things are free is off the charts in this thread. | | |
| ▲ | IshKebab 21 hours ago | parent [-] | | Nobody is being entitled or demanding that others do work. We just also aren't saying "it's fine; there's no problem". In any case just paying people do to a ton of auditing is clearly a terrible solution. We need structural changes, like: * Namespaces on crates.io (I believe people are working on this). * Crate level effects systems ("zlib shouldn't be able to access environment variables, the filesystem or network"). No idea if anyone is working on that or if it is already possible. CHERI provides one solution which people definitely are working on. * Probably a bigger standard library, or at least a set of crates that are maintained by core Rust developers. I vaguely recall that this might happen. Anyway the sensible among as aren't demanding this work. We're just saying it would be really good if it happened. Whereas this misguided person is saying "nothing more is needed" which shows a lack of understanding and imagination. |
|
|
|
| ▲ | gayboy 31 minutes ago | parent | prev | next [-] |
| hello retard |
|
| ▲ | gayboy 32 minutes ago | parent | prev | next [-] |
| [dead] |
|
| ▲ | gayboy 32 minutes ago | parent | prev [-] |
| [dead] |
