Mastodawn

@SocketSecurity @joshbressers I really don‘t know why developers ever did anything on demand without being paid or without asking for compensation. One should not do this.

Patrick Georgi Jun 18

@lazarus @SocketSecurity @joshbressers It's quite the dopamine kick to have built something that somebody "important" (Apple! Google! Microsoft!) is relying on.

You want to be nice, even though those "important" corporations won't love you back.

You want to be "responsible", even if the irresponsibility was on their part, when choosing a component that wasn't supported well enough to be fit for the purpose.

It took me way too long to unprogram myself from that behavior, too - endogenous drugs are truly powerful 💔

Elias Mårtenson Jun 18

@lazarus @SocketSecurity @joshbressers it should alkali absolutely be normalised that companies using open source components contribute to their maintenence. For most companies it'd be a rounding error on their bottom line.

@loke @SocketSecurity @joshbressers Contributing is nice. Important is: Write quotes before you start working and bills when you‘re finished.

@lazarus @SocketSecurity @joshbressers

While the vast majority of people is busy ruining the field because they do software just for the money, there are actually people who do software because they love developing software.

@taschenorakel @SocketSecurity @joshbressers That‘s fine, I do so as well. But the best software I ever used were those I paid for.

@lazarus @SocketSecurity @joshbressers

Stockholm syndrome.

@lazarus @SocketSecurity @joshbressers

Well, or I am over interpreting your statement, as I aligned "best software" with "good software". There simply is no good off-shelve software. Well and if you pay someone to create highly specialized software for you, this software obviously is better than any other, as you got the chance to spec it. Still you better tell yourself it being good, as you've invested huge amounts of money.

@taschenorakel Huh? If you want to work for billion dollar companies for free - just do it, no complaints. I prefer to support developers making a living from what they do.

jmac Jun 18

@SocketSecurity Great article! The ongoing plight of overburdened, underpaid critical-FOSS volunteers is a problem that needs much more light on it.

One critique: Leading the story with an obviously AI-generated illustration feels like an unforced credibility drain. This was my introduction to Socket, coming in from a Mastodon boost, and I went in wondering if the text would be AI-gen as well. I strongly recommend using non-AI story art (or even no art at all).

Socket Jun 18

@jmac Thanks for the feedback! We have received mostly positive comments on the sketch style blog art, but we are definitely open to changing it in the future. It can be challenging to illustrate some of the security concepts we write about. Thanks for reading and we appreciate your comments!

Okona Jun 19

@SocketSecurity @jmac I can only underline what @jmac is saying.
My recommendation: Before using any machine generated … things, don’t use any at all.

@SocketSecurity @joshbressers

This is bold, but Nick is absolutely right: If companies expect first grade software, they have to pay for first grade software. One way or the other.

Manuel Landesfeind Jun 18

@SocketSecurity @joshbressers the statement that "the world runs on free labor" is so true. In many perspectives...

The Animal and the Machine Jun 19

@SocketSecurity @joshbressers
They should put up a Patreon page (or similar) set a $2k month membership and only work on members requests.

There is demand, they have done work, they should charge the shirt off the corporations.