Trump cuts funding to FOSS projects. (thelibre.news)
from grue@lemmy.world to selfhosted@lemmy.world on 07 Apr 19:37
https://lemmy.world/post/27908150

cross-posted from: programming.dev/post/28204065

#selfhosted

threaded - newest

grue@lemmy.world on 07 Apr 19:38 next collapse

Relevant to !selfhosted because one of the projects getting funding cut is Let’s Encrypt.

InvertedParallax@lemm.ee on 07 Apr 19:57 next collapse

I’m gonna have to donate then.

sugar_in_your_tea@sh.itjust.works on 07 Apr 20:27 collapse

Same. I’ve been thinking about who to donate to this year, and it looks like they’re making the cut. I’ll probably also throw some money at my Lemmy instance and a handful of projects I use, including Tor, because apparently they got caught in the dragnet too.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 02:34 next collapse

Which other projects caught your attention? I was going to donate to Graphene, EFF and some TOR operators

sugar_in_your_tea@sh.itjust.works on 08 Apr 04:35 collapse

Far more than I can reasonably support:

  • self hosted things I use - caddy, the document foundation, Jellyfin, Forgejo, etc
  • Android apps - F-Droid, NewPipe, Signal, RethinkDNS, etc
  • desktop apps - flatpak, For, Godot, etc
  • infrastructure stuff - let’s encrypt, openssh, Linux distros (mine doesn’t accept donations unfortunately), etc

But the short list for now is:

  • Let’s Encrypt
  • Signal
  • F-Droid

And I’ll probably run a Tor relay or something as well.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 12:01 next collapse

Man, ReThink is such a lifesaver. It’s so good people at Graphene recommend it. I might give Qubes some bucks too, they are awesome

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 12:03 collapse

If only there was a decentralised tracker which would track project funding and give us metrics like which project is dangerously close to shutting down

Auli@lemmy.ca on 08 Apr 11:47 collapse

Well donating is good it’s not going to replace the government funding.

renegadespork@lemmy.jelliefrontier.net on 07 Apr 20:01 next collapse

Let’s Encrypt has done so much for encouraging the spread of HTTPS and good certificate practices. If they went away, I honestly think a good chunk of the internet would start breaking after ~6 months.

gray@pawb.social on 07 Apr 20:13 next collapse

Less HTTPS = easier government & advertiser data collection

ShittyBeatlesFCPres@lemmy.world on 07 Apr 20:23 collapse

I’m pretty sure browsers don’t even load http sites anymore.

gray@pawb.social on 07 Apr 20:29 next collapse

I’m sure google will fix that in chrome, like killing adblocker functionality.

AbidanYre@lemmy.world on 07 Apr 20:36 next collapse

When I spin up a new self hosted service it’s easier to add caddy to the stack than to convince Firefox to load http.

dparticiple@sh.itjust.works on 07 Apr 21:16 collapse

Tailscale is also ridiculously easy to use for this purpose. The serve and Funnel features make secure self hosting really easy from your tailnet (one can easily provision certificates for nodes using Let’s Encrypt from the CLI: tailscale.com/blog/reintroducing-serve-funnel

cmnybo@discuss.tchncs.de on 07 Apr 20:41 next collapse

HTTP works fine in Firefox unless you set it to HTTPS only. Even then, you only have to click off a warning to open an HTTP site.

[deleted] on 07 Apr 21:26 next collapse

.

hakunawazo@lemmy.world on 08 Apr 12:21 collapse

But if you try to load a local resource as localhost in Firefox…
<img alt="" src="https://lemmy.world/pictrs/image/e914e28b-85e5-4f16-9a68-eac9b83ccc3e.gif">

For the sake of completeness:

Firefox contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit.

More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp

Insecure, but fast fix, if you don’t want to install a local webserver:

about:config
security.fileuri.strict_origin_policy
change to false

StrawberryPigtails@lemmy.sdf.org on 07 Apr 21:11 collapse

They load. I have to specify http:// to get it to work though.

dan@upvote.au on 07 Apr 20:25 collapse

At least there’s some competitors now, which could be used as drop-in replacements if Let’s Encrypt were to disappear.

I suspect the vast majority of certificate authorities will implement the ACME protocol eventually, since the industry as a whole is moving towards certificates with shorter expiry times, meaning that automation will essentially be mandatory unless you like manually updating certs every 90-180 days.

kibiz0r@midwest.social on 07 Apr 20:02 next collapse

It’s okay, Let’s Encrypt only provides SSL certs for… 63.7% of the market?

Okay okay, that is a lot. But what does a CA need funding for anyway? It doesn’t take much bandwidth to send out new certs.

The only thing that could be expensive is if they had to rapidly invalidate thousands of certs to protect the security of the entire internet.

But haha, that’s a pretty outlandish scenario that would never happen.

Cantaloupe877@lemmy.world on 07 Apr 21:55 collapse

Every day just gets worse doesn’t it.

renegadespork@lemmy.jelliefrontier.net on 07 Apr 19:58 next collapse

This really sucks. I honestly didn’t know the Feds gave so much money to FOSS, but I looked up the USAGM and that makes sense.

It tracks with current trends. Basically anything that could be interpreted as benefiting any county other than the United States or any demographic other than rich white men is getting funding cut. What an embarrassment.

At a time when decentralizing information is critical, our tools to do so are also threatened.

sugar_in_your_tea@sh.itjust.works on 07 Apr 20:28 collapse

Fortunately, those projects still exist and we all have an opportunity to financially support them.

heavydust@sh.itjust.works on 07 Apr 20:03 next collapse

Why would he fund communism in the first place? (/s before you try to hit me with that downvote button).

LambdaRX@sh.itjust.works on 07 Apr 20:12 collapse

Sorry, downvoted anyway.

foggy@lemmy.world on 07 Apr 20:09 next collapse

Im not saying Zuck is good or a savior of choice, but now would be a good time for facebook investors to pressure him to eat that difference.

Not that he should, but hes all in on Open Source*

*Massive stipulations apply.

sugar_in_your_tea@sh.itjust.works on 07 Apr 20:25 next collapse

Let’s put some numbers on all of this. The OTF’s total budget slowly raised from ~$10M in 2019 to a grand total of $40M in 2023, almost half of all allocated funds by Congress to promote Internet freedom globally.

That’s an incredibly tiny amount of money.

More recently, Congress had directed that - for both the fiscal years of 2024 and 2025 - the funding should be “not less than $43,500,000”, which guaranteed an income stream for 2025 too.

Looks like some spicy legal action will suck up a lot of those cuts…

joeldebruijn@lemmy.ml on 07 Apr 20:30 collapse

I also like to measure in jetwing money … This is like half a jetwing.

sugar_in_your_tea@sh.itjust.works on 07 Apr 20:54 collapse

I like to estimate by cost per congressperson, which is ~$7.5M/year. So the whole of OTF is about 3 congresspeople (and their staff), that sounds fair.

metaStatic@kbin.earth on 07 Apr 21:13 collapse

is that their taxpayer funded salary? because you can buy one much much cheaper.

sugar_in_your_tea@sh.itjust.works on 07 Apr 21:17 collapse

No, current salary for all representatives outside of a handful of leadership positions is $174,000. This is the cumulative cost for everything else (staff, expenses, etc).

I personally think $174k is a bit low for salary, especially given the COL for the area and the importance of the role. I’d like to see that increase, while also increasing our expectations from our reps (i.e. jail time for bought politicians).

Moonrise2473@feddit.it on 07 Apr 21:11 next collapse

That 4 miles long military parade for his 79th birthday doesn’t pay by itself, unfortunately 😢

metaStatic@kbin.earth on 07 Apr 21:20 next collapse

Yet another instance of Trump being too small to understand soft power.

PhilipTheBucket@ponder.cat on 07 Apr 21:50 next collapse

I know it’s only vaguely related, since they’re not US-funded, but at some point I think it would be hilarious (in a particularly poignant way) if the Lemmy developers’ funding got cut off by the process of the explicitly rabid governments they are fans of finally succeeding at destabilizing the friendly Western countries where they live to the point that NLNet wasn’t funded anymore. As I understand it, NLNet is already facing some headwinds because the friendly liberal elements in EU politics are getting replaced by the same kind of “fuck everyone just give money to rich people and also anyone who disagrees with me dies” elements that Russia likes to give money and social-media-shilling campaigns to support.

Surely Russia and China will jump to the front and fund basic infrastructure work for the good of everyone, if that happened. They could count on it happening, instead of having to get jobs.

Surely.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 01:36 next collapse

The problem is, European leaders are sacks of shit too. They don’t care either.

djsp@feddit.org on 08 Apr 09:05 collapse

Although they could do more, I wouldn’t say they don’t care. For instance, Germany established the Sovereign Tech Agency.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 12:00 collapse

With the new leadership I am doubtful on how long that will last. One of the better things that came of Scholz’s era

djsp@feddit.org on 08 Apr 12:41 collapse

On the one hand, I share your doubt, which is justified in the face of all the deceit and mismanagement that Merz in particular and the CDU and CSU in general engage in and their disdain for the public good. On the other hand, the fact that the Sovereign Tech Fund / Agency survived the German budget crisis gives me some hope that it will at least stay.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 12:52 collapse

The problem is that no other country has done anything of the sort. I’m sure the Swiss, the Dutch, the French, the other german-speaking countries and especially the Nordics have enough money to give a few million here and there to FOSS. But they didn’t, because their leaders are just as corrupt and vile. Everybody is acting as if America is the ultimate villain: the fact of the matter is, give any of those European leaders power over America and sooner or later they would turn out exactly the same. It is in their nature. And I say this having lived in Europe for a while.

The German fund staying is pure luck since the hawks at EU are stupid. They’ll come after it once they’re done with Chat control.

sith@lemmy.zip on 08 Apr 07:44 next collapse

What languages and patterns will be considered woke?

For sure memory safety and dependent types. C++ will probably be shoved down our throats.

nepenthes@feddit.it on 08 Apr 11:01 next collapse

Rust

j0ester@lemmy.world on 12 Apr 23:07 collapse

COBOL.

sj_zero@lotide.fbxl.net on 08 Apr 08:53 next collapse

Have you donated to your favorite foss projects this week?

DarkDarkHouse@lemmy.sdf.org on 08 Apr 11:07 next collapse

He has angered the penguins

hakunawazo@lemmy.world on 08 Apr 12:09 collapse
y0kai@lemmy.dbzer0.com on 08 Apr 12:09 collapse

Have you even said thank you once