Meredith WhittakerApr 2, 2024

I keep brooding on the way the xz backdoor was enabled in significant part via weaponizing the FOSS culture of shitty behavior and abuse.

Yes, there're other pathologies at work here (the big tech capitalist pillaging of the commons, etc).

But what is striking is that the uncool, mean standards of FOSS conduct that many of us have decried for years, & that many defended as authentic, tough, etc., ended up not just being exclusionary loser behavior, but a significant attack surface.

Show threadVincent Tunru

@Mer__edith Unfortunately the only proposed solutions I've seen to deal with FOSS maintainer abuse come down to "why can't everyone just...", which isn't a solution at all. Even if 99% were to behave perfectly, 1% is still enough for maintainers of any somewhat-often used project to encounter shitty behaviour regularly.

Add to that the fact that that behaviour sticks with you far more than a compliment, and we've got.. Not a great situation.

Apr 2, 2024 at 6:04pmWeb
Show threadÓscar Morales VivóApr 2, 2024
@VincentTunru @Mer__edith You don't need "everyone to just…" you need "most people to not tolerate this bullshit whether directed at them or someone else"
Show threadBen RosengartApr 2, 2024
@MyLittleMetroid @VincentTunru @Mer__edith This. We don’t need universal perfection, we need better *norms*.
Show threadVincent TunruApr 2, 2024

@fivetonsflax @MyLittleMetroid

I agree with you, but that is still an "if only everybody just..." solution. People have been calling for better norms forever, and yet here we are 😢

Show threadÓscar Morales VivóApr 2, 2024
@VincentTunru @fivetonsflax The whole point of norms is that they aren't followed by everyone but they are socially enforced by the majority.
Show threadBen RosengartApr 2, 2024
@VincentTunru @MyLittleMetroid I don’t think changing these habits is such an intractable problem.
Show threadVincent TunruApr 3, 2024
@fivetonsflax @MyLittleMetroid I hope you're right! But I do wonder why it hasn't happened so far, and why/how it would happen this time around.
Show threadBen RosengartApr 3, 2024

@VincentTunru @MyLittleMetroid I believe there is a generational component. Open source communities have inherited a lot of values from Silicon Valley engineering culture. As open source becomes more important in the world and more widely used, not all those values are serving us well.

I believe that open source scenes can take feedback from people who aren't my demographic (middle-aged straight white men) and become fairer and more welcoming.