Trumps administration will likely start out with a lot of power hungry egomaniac freaks, and then with its very high turnover, trump loyalists will be filtered through, like they did in their first term.

Competence doesn’t really matter.

NixOS would be like brewing coffee with laboratory equipment and then setting it up for automation.

From the two unsuccessful ban trials of the NPD, I do not have much hope of this one succeeding. Sadly.

deleted by creator

The SDK is not closed source, you can find the source here: https://github.com/bitwarden/sdk

It might not be GPL open-source, but it is not closed either.

Sure. To me “source available” is still closed-source, since looking into it might give companies an attack surface for you to have violated their copyright in the future. Happened with IBM in the past: https://books.google.de/books?id=gy4EAAAAMBAJ&lpg=PA15&pg=PA15&redir_esc=y#v=onepage&q&f=false

Let’s wait and see before we get out the pitchforks.

Sure. Bitwarden doesn’t owe us anything, but it is still sad to see this decision and better clarification and explanation could have alleviated the breaking of the trust here.

So you meant to say:

I would go as far as to say that Bitwarden’s main competitive advantage and differentiation is that it’s source is available.

That is not true, there are a lot of other password management software out there where the client source code is either open source or source available. For instance keyguard: https://github.com/AChep/keyguard-app?tab=License-1-ov-file#readme which is an alternative proprietary bitwarden client, where the source is also available. Also the Proton Pass client is under GPLv3.

I would argue that the main advantage of bitwarden compared to others is that it is open source and has an open source server for self-hosting (vaultwarden). Which of course makes it difficult in terms of business strategy with their VC funding. But maybe becoming a non-profit org and getting money from donors, the strategic funds of EU and other governments, etc. might be an alternative way.

Ok, lets take it step by step:

Thanks for sharing your concerns here. We have been progressing use of our SDK in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.

• the SDK and the client are two separate programs

I think they meant executable here, but that also doesn’t matter. If both programs can only be used together and not separate, and one is under GPLv3, then the other needs to be under GPLv3 too.

• code for each program is in separate repositories

How the code is structured doesn’t matter, it is about how it is consumed by the end-user, there both programs are delivered together and work together.

• the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3

The way those two programs communicate together, doesn’t matter, they only work together and not separate from each other. Both need to be under GPLv3

Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.

Not being able to build a GPLv3 licenses program without a proprietary one, is a build dependency. GPLv3 enforces you to be able to reproduce the code and I am pretty sure that the build tools and dependencies need to be under a GPLv3 compatible license as well.

But all of that still doesn’t explain what their goal of introducing the proprietary SDK is. What function will it have in the future? Will open source part be completely independent or not? What features will depend on the close-source part, and which do not? Have they thought about any ethical concerns, that many contributors contributed to their software because it under a GPL license? How are they planning on dealing with the loss of trust, in a project where trust is very important? etc.

None of that makes Bitwarden not open source.

Yes, it does, because it violates its own license GPLv3 by having proprietary build-/runtime dependencies.

If it was under a different, maybe more permissive, open source license, then maybe it would still be open source, but as of right now i likely breaks its own license terms.

Not only that, they specifically state this is a bug which will be addressed.

From what they state, they think that because executables that share internal information via standard protocols does somehow not break GPL3 terms compared to two libraries that share internal state via the standardized C ABI which does. And they seem to not consider that a bug, just the build-time dependency.

Well, then it would be nice to hear from them an explanation on why they decided to violate the GPLv3 on their client, by coupling it with proprietary code in a way that disallows building and/or usage without that proprietary component.

They would be insane to change that.

Yes. And i hope that they recover from it soon.

I would say a proper explanation includes the goal you want to achieve, not just the statement that you think that you are allowed to do something.

That “explanation” is unsatisfactory and likely wrong: https://www.gnu.org/licenses/gpl-faq.html#MereAggregation

So they either have to license their SDK under a GPLv3 compatible license, or switch the license of their client to a non-GPL one.

Their “explaination” only mentions why they think can do it, but not why they are doing it.

Banning AfD is the best short term solution, it needs to be followed by a stronger social focus of the government.

One reason for conservative and right-wing sentiment is fear of the future in the populace. Fear causes people to try to isolate themselves from “others” and wanting to horde and protect their stuff instead of supporting others.

If the government is able to alleviate those fears, they will not see a need for fear anymore. But that is a long process, which constantly gets sabotaged by commercial outrage media, foreign intervention, social media, conservative/right-wing politicians, etc.

Still silly, if they aren’t confident to weed out Russian spies with Russian nationality, they are even less confident to weed out Russian spies with other nationalities. I would think that most undercover Russian spies don’t have Russian nationality, because that is an obvious attribute, which is easy for a government secret agency to change.

There really is nothing better than background checks, and privilege separation for this kind of stuff.

Because part of the right-wing rise in Europe is caused by foreign influences of authoritarian states like Russia and China in order to destabilize democracies by divide and conquer strategies and to validate their oppressive governments. Higher living standards for normal people in their own or other countries are a threat to their power.

That might make it even more dangerous, because you get used to flash to usb sticks on “/dev/sda”. And when you then use a device with a built-in sata drive, you might forget checking in a hurry.

Happened to me a once or twice. I am now only using bmap tools for this.

This is the same between many different software development disciplines, fpga devs (or hardware devs for that matter) vs. driver devs, driver devs vs. backend dev, backend devs vs frontend devs, integrators vs everyone.

I think you misunderstood, after 6 weeks Telsa doesn’t need to pay anything, the state ensurance pays them 70% of their wage.

There are two kinds of freedom, negative and positive liberty. US has a lot of negative liberties, they dictate little in what you can or cannot do, but is lacking in positive liberty, they don’t support you very well to do what you want to do.

While Europe might have less negative liberty, their generally better social welfare system grants people more positive freedom.

Sure it isn’t a good system, but it is the one we have. And if you have concrete improvement ideas, it would be interesting to hear.

I mean, where ever we set the age limit for instance voting to 14, some 10 or 9 year old will feel disenfranchised. We could remove it completely and let toddlers vote. What would the consequences of that be? I have no idea!

The reason is to protect the physically or mentally weak from the strong while also having rules that are easy to follow and to enforce, that don’t require psyche exams, which depend on the examiner.

Age might not be a good metric of evaluating maturity, but it is the best and most practically useful we have. (I use “maturity” here as having reached certain physically and mental level where they can operate, think and decide independent, and the risk of being manipulated is low.)

Because age is not a good metric, that means that we have false positives and false negatives on a maturity tests based on age, which we need to balance. And I would rather have more false negatives (wrongly ascertained immaturity) than false positives (wrongly ascertained maturity).

If someone comes up with a better and still practical maturity test, that would be interesting. “Solutions” like every citizen has to do a yearly physical and mental exam in order to keep their rights as an adult, seem much to harsh and easily manipulatable. Especially around blurry lines like disabilities.

Wherever certain thing needs a maturity test or not and where that should be, I cannot say. Just if the age limit is too high, then mental decline will raise the false positives, which would be bad as well.