Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
VA

SourceForge Terms of Service Change, Users Unhappy 444

Posted by CmdrTaco from the stuff-to-think-about dept.
An email fluttering around a few mailing lists has been submitted in various forms here today. It's about changes to the SourceForge terms of service. Some relevant links unclude the old terms, new terms, old privacy statement, new privacy statement and contact for "questions or concerns" (Patrick McGovern, Site Director). Obviously since SF is owned by the same parent company as Slashdot, I'm biased and corrupt and you should ignore my opinions on the subject, but while I don't particularly like this any more then anyone else, I also don't think it's the huge deal that others are making of it. Especially considering projects aren't paying for the free service. You get what you pay for after all. I have attached a summary to this article of the changes that are being called into question if you don't want to do a mental diff on the links above.

This list was submitted by a few different users and was apparently originally posted to several mailing lists, although I don't know who actually originally wrote it. I just quote it here for reference.

  1. They can henceforth change the terms without notice, just by posting the new terms on the website. (Currently they are obliged to give 15 days notice by email, a period that we are currently in for this change.)
  2. They can henceforth remove user accounts without giving a reason. (Currently they are obliged to have a reason, though the set of acceptable reasons is open-ended.)
  3. They're no longer obliged to make the contents of a deleted account available to its owner. (There was previously a "reasonable effort" clause to that effect.)
  4. They're no longer obliged to provide notice of changes to the privacy policy, unless the changes are "substantive". (Currently they are obliged to provide notice of any change.)
  5. The privacy policy is acquiring a disclaimer that amounts to "this is not true". It actually disclaims the entire privacy policy.
This discussion has been archived. No new comments can be posted.

SourceForge Terms of Service Change, Users Unhappy More

SourceForge Terms of Service Change, Users Unhappy

Comments Filter:

  • I dunno ... (Score:3, Interesting)

    by gurensan ( 259321 ) on Wednesday February 13, 2002 @02:36PM (#3001517) Journal
    If they disclaim the privacy policy, why do they bother having one at all?

    • Re:I dunno ... (Score:3, Informative)

      by Brawyin_Neytal ( 469168 )

      Having a useless "Privacy Policy" is a common tactic by commercial web sites to decieve users. It fools most users into thinking that there are protections on thier data due to the fact that the policy exists, or if the user bothers to read it the goal is make it worded such that the lack of protections is concealed.

      • Having a useless "Privacy Policy" is a common tactic by commercial web sites to decieve users.
        So Taco doesn't understand why that's a big deal ?

        Question to Taco: How do you think has OSDN been perceived by its users ?

        Added Bonus for elaborating what this shift means for OSDN's corporate identity

  • I can understand what the controversy is about (Score:5, Funny)

    by LordOfYourPants ( 145342 ) on Wednesday February 13, 2002 @02:38PM (#3001526)
    "Other Notification: In order to implement or enforce the Terms of SourceForge.net, SourceForge.net may use personal information to contact users on an individual basis."

    What this basically means is that they reserve the right to call you on the phone at 3 AM and breathe heavily.

    • Hey, for most of the geek crowd, they would be listening to that heavy breathing and try to get a word in edgewise. They might even trace the call and find the person breathing heavily; it was the first time their phone rang in months :-)
      • You get what you pay for after all.

        Did CmdrTaco, one of the helmsmen of the most popular Free/OS news sites in existence just mimic what Microsoft PR/FUD machine has been saying since Linux showed up on its threat radar?

        Why isn't everyone kicking CmdrTaco's ASS?
        • Did CmdrTaco, one of the helmsmen of the most popular Free/OS news sites in existence just mimic what Microsoft PR/FUD machine has been saying since Linux showed up on its threat radar?

          I was thinking something along those same lines, but then I remembered that he's talking about a service that it costs money to continue providing. He's not talking about source code or software, he's talking about a website providing a service.

          There is a very big difference.

          We're lucky to live in a time when people are giving away their code, but we're luckier still to live in a time when there are SO many entirely free (except for ads) web services.

          All the same, free or not, I can't think of an above-the-board reason a why site would need a policy allowing it to change it's terms of use without first notifying it's users. That just seems low down and shady.
          • Here's my take...

            I don't use SF, and so none of this effects me...plus, I'm a horrible programmer [grin]

            But if SF can't do it right, why not just quit? If they did, I'm sure some alternative would pop up. But the fact that a huge vendor is still in the gap, providing service for free, means that others who might be able to do it better, but might have to charge, can't.

            Sheesh, this is like saying, "I'll mow your lawn, but occastionally, I reserve the right to kill the lawn..." Well, if you can't do it right, just get out of the way, don't do it at all, and let someone else do it better.

            The terms are inexcusable. They don't really provide any significant benefit to SF. What I think happened, they got some shark-head lawyer to redo the terms. He promptly slanted all the terms dramatically in the favor of SF. It wasn't necessasary, and SF should tell said legal counsel where to stick it. They should also redraw the terms again to be more fair.

  • hmm (Score:5, Interesting)

    by Anonymous Coward on Wednesday February 13, 2002 @02:38PM (#3001535)
    Sounds like they're trying to streamline the administration of the service so as to make it more attractive to a buyer... Wonder if they have any particular company in mind?

    • Re:hmm (Score:5, Insightful)

      by technomancerX ( 86975 ) on Wednesday February 13, 2002 @02:59PM (#3001753) Homepage
      Either that or they're just trying to cut costs in general (not unreasonable considering SourceForge.net isn't exactly cheap to run... the cost of the connections alone has to be monstrous....)

      Also, considering SourceForge is their product and SourceForge.net is a great demo of their functionality/scalability they'd have to be looking to sell the whole SourceForge business, not just SourceForge.net for it to make sense... Logical buyers would probably be RedHat or IBM. It would be a PR coo for whoever buys it, and if it's IBM and they move it over to their hardware it'd be a REALLY good marketing point... especially for their new Linux mainframe...

      Nothing like fanning the flames of random speculation =)

      • Sourceforge.net not a viable business (Score:5, Informative)

        by Eric Green ( 627 ) on Wednesday February 13, 2002 @03:36PM (#3002046) Homepage
        From what I can tell, Sourceforge.net is not a viable business. It spends millions of dollars each year on bandwidth, sysadmins, and server farm in order to get maybe half a million dollars in contract fees. IBM is not in the business of losing money, and neither is RedHat. Neither needs SourceForge for PR purposes.

        SourceForge will eventually either need to charge money or will be spun off as a (soon to be bankrupt) spinoff business, leaving VA Software with just the various web sites. The web sites are probably (barely) profitable with the cost-cutting that has been done on them over the past year or so. SourceForge is not profitable, and never can be.

        I currently have four projects hosted at SourceForge. I download the CVS web-ball every night in my crontab, and am investigating alternatives. At the moment it appears that any alternative will require developers to fork up money to help pay for the bandwidth. SourceForge itself has too many big (bandwidth) projects to make money even then, because if they charged what the bandwidth costs, most of those projects would end up hosted elsewhere shortly with companies who can hide the bandwidth costs in their accounting noise.

        Does this mean that I wish SourceForge ill? Of course not. I just don't see how it can ever be profitable, and thus while I'll use it while it lasts, I'm not banking on it.

        • If you're looking for alternatives, have a look at BerliOS [berlios.de]. It uses the software of SF so you won't have to change much.
        • It spends millions of dollars each year on bandwidth, sysadmins, and server farm in order to get maybe half a million dollars in contract fees. IBM is not in the business of losing money, and neither is RedHat. Neither needs SourceForge for PR purposes.

          Let's see, Microsoft spends $1,000,000,000 to promote XP through print, TV, Radio, purchase of journalists, politicians and stenographers and billboards. This brings abslolutlly nothing in return but some marginal good will that they nullify with poor programs and scandal. Their sales are kept through extortion and other monopoly tricks. Yet people consider it a viable business.

          You would conclude that Red Hat, IBM and Source Forge taken as a unit are not a viable business? Source Forge returns good will and programs for free use to both Red Hat and IBM. Without that kind of PR, what does Open Source have? The scale of losses you quote, if accurate are nothing to a company with revenues in the billions. Those paltry millions, spent on ordinary adverts, could hardly push a brand of soap.

          The only think that can kill source forge is a betrayal of free software or some other greedy grab move. It's bad enough that they would switch to comercial databases and made the site an advertisment for software they would sell rather than a demonstration of free software they would service and issue with equipment. Anything to lessen Source Forge good will or software contribution would hurt them more than any direct costs.

        • IBM is not in the business of losing money, and neither is RedHat. Neither needs SourceForge for PR purposes.
          RedHat, and even IBM, do seem to be willing to invest in the betterment of Open Source, and SF (or a clone) is actually a great investment. An expensive investment, and an almost completely untargeted investment, but the cost of bandwidth, servers, and admins is directly related to the benefit gained from them (if SF was useless they could host it on a 486 running in some kids dorm room). And I think the cost of running SF is far, far less than the cost of all those projects doing similar things independently.

          If either company wanted to be more targeted, they could set something like SF up and be more selective of their projects.

      • "It would be a PR coo for whoever buys it"

        hehe too little sleep... yes, coo should be coup... thanks for pointing it out.... 4 times (as of this post) =)

  • Alternatives (Score:2, Insightful)

    by GroovBird ( 209391 )
    Somebody should come up with a system that allows you to host your opensource projects on your own server.

    Like a combination of CVS/PHP with a saucy bug-reporting and discussion thingie..

    I'm sure one already exists.

    Dave

    • Re:Alternatives (Score:5, Insightful)

      by gte910h ( 239582 ) on Wednesday February 13, 2002 @02:49PM (#3001670) Homepage
      Check out savannah...here [gnu.org]. Download the software its run on. Put that on your computer. Then you have the project on your own server. That's the idea of free software.

    • Re:Alternatives (Score:2, Informative)

      by Lukey Boy ( 16717 )
      You might want to check out the GNU Savannah [gnu.org] project. It's based on the Sourceforge codebase, but it has a nice distributed architecture, so that the main site for your project is mirrored in a read-only format on other servers. It seems like a good solution to me.

  • Big deal (Score:4, Insightful)

    by PhotoGuy ( 189467 ) on Wednesday February 13, 2002 @02:38PM (#3001542) Homepage
    So they changed their terms of service saying they can change their terms of service in the future (whooopie), and that they can delete user's accounts without needing cause.

    I think this is perfectly reasonable; they're running the show, and a lot of the time in communities, there are members you need to deal with. I think the changes listed are more of an administrative streamlining than a major conspiracy.

    Now, if they start abusing things, folks will be all over them, and they'll be sorry they did. So that ain't gonna happen.

    Not a big deal.

    -me

    • Re:Big deal (Score:4, Insightful)

      by BluesMoon ( 100100 ) on Wednesday February 13, 2002 @03:24PM (#3001951) Homepage
      Didn't anyone notice this?
      After receiving a claim of infringement, SourceForge.net will process and investigate notices of alleged infringement and will take appropriate actions under the DMCA and other applicable intellectual property laws. Upon receipt of notices complying or substantially complying with the DMCA, SourceForge.net will act expeditiously to remove or disable access to any material claimed to be infringing or claimed to be the subject of infringing activity, and will act expeditiously to remove or disable access to any reference or link to material or activity that is claimed to be infringing. SourceForge.net will take reasonable steps promptly to notify the subscriber that it has removed or disabled access to such material.
      I am not a lawyer, but I get touchy when people mention the DMCA. Maybe someone would like to clarify what this means.

      • Re:Big deal (Score:3, Informative)

        by ajakk ( 29927 )
        Hmmm...IANALY, but what this means is that Sourceforge.net will follow the law. It means that if someone posts copyrighted material without authorization, they will take down that material (as required by law of a common carrier).

        • Re:Big deal (Score:2, Interesting)

          by Cyno ( 85911 )
          And I suppose its not enough to state that you will protect copyrighted works. Today you have to state that you will uphold the DMCA, a rather controversial law, to show how faithful you are to copyright holders and wealthy corps.

  • privacy policy (Score:2, Informative)

    by Brandon T. ( 167891 )
    snip

    NO GUARANTEES

    While this Privacy Statement expresses SourceForge.net's standards for maintenance of private data, SourceForge.net is not in a position to guarantee that the standards will always be met. There may be factors beyond our control that may result in disclosure of data. As a consequence, SourceForge.net disclaims any warranties or representations relating to maintenance or nondisclosure of private information.

    /snip

  • Sourceforge reality. (Score:5, Interesting)

    by Matt2000 ( 29624 ) on Wednesday February 13, 2002 @02:39PM (#3001553) Homepage

    Anyone who's using Sourceforge to host their project, as I am, should be realistic about what they're getting and for how long they'll get it.

    First of all, I love sourceforge. It gives me all of the things I want right out of the box and for free. User forums, bug tracking, SSH CVS, and so on.

    However, it is free and I think we all know has a pretty slim chance of making money. With that in mind, no matter what their polcies state there seems to be a pretty good chance of them just exploding one fine morning and taking a whole bunch of source down with them. Make backups, I should too.

    Other than that, we can be a demanding lot so try to go easy on these guys, let's give them a chance to survive.
    • Make backups, I should too.

      Is there a way to sync a private CVS server with theirs? Including all previous versions in the current system? A HOWTO might be nice, possibly attached to that email.

      --
      Evan "Who really has to get around to uploading a half dozen patches he has for a variety of apps" E.

      • You can sync or backup via downloading daily cvs tree snapshot:
        http://cvs.sourceforge.net/cvstarballs/your_proj ec t-cvsroot.tar.gz

      • Yes, there is.

        You can download a CVS tree tarball (updated nightly) by grabbing the URL:

        http://cvs.sourceforge.net/cvstarballs/PROJECTNA ME -cvsroot.tar.gz

        Personally, considering some of the recent changes made to SourceForge (the one I dislike the most is the fact that SourceForge is no longer an open source project (you can no longer download the current source for SourceForge itself (actually, you haven't been able to for quite a long time)) and worse, they've worked hard at covering up the fact that they've closed sourced the project and killed it's development) I would suggest grabbing CVS tarballs of your project very frequently. . . just in case.

        [Wow, that's one long, convoluted sentence.]
      • Is there a way to sync a private CVS server with theirs? Including all previous versions in the current system? A HOWTO might be nice, possibly attached to that email.

        How about this? Replace PROJECT with your project name:

        (change into a suitable directory to put your CVS tarball in)
        $ wget http://cvs.sourceforge.net/cvstarballs/PROJECT-cvs root.tar.gz

        $ tar -zxf PROJECT-cvsroot.tar.gz
        $ export CVSROOT=`pwd`/PROJECT

        (change to where you want your working directory)
        $ cvs get PROJECT
    • It would seem these types of "ad sponsered" services can only work if they perform "editorial" functions. Otherwise the "dark side" can just flood them with garbage, overloading them with junk and causing them to shutdown in frustration. That's basically another form of DOS attack, it's more subtle though and even sounds like a "free speech issue". Look at the problems of "junk speech" showing up on slashdot to get the idea. It's obviously done to degrade the service and cause harm... In such cases I think a vigorous response is required.

      Anyhow let them have the tools to do the job. Personally I think they ought to offer the service for a small fee, something like a web hosting service but tune'd for the software distributor. I already keep a seperate web space and could just as easily host at sourceforge. They should also have shopping cart service for shareware and for developers that do both freeware and commercial software. Finally a small fee based update subscription service would be great for people who don't have the time to track all the different projects. Something that auto-pulls stuff to your system but lets you control install/backup ...

  • This is round 1, round 2 will sneak by (Score:5, Insightful)

    by ShmakDown ( 536071 ) <jim@cs.uoregon.edu> on Wednesday February 13, 2002 @02:39PM (#3001554) Homepage

    It seems like this is laying the ground work for real changes that can be slipped by when they think no one is paying attention!

  • Substantive? (Score:2, Interesting)

    by TheMatt ( 541854 )
    If I might ask, who determines what a substantive change to the privacy policy is? I know of a few people on /. that think any change beyond fixing the spelling is a pretty substantive change to a privacy policy.

  • My only problem (Score:2, Interesting)

    by roXet ( 95005 )
    My only problem that I can see with this right off is the "We don't have to notify you of changes to the TOS, you should check it often" crap. This is the type of shit that is ruining the internet and I thought(hoped) VA was above this kind of stuff.

  • It's inevitable (Score:5, Funny)

    by immanis ( 557955 ) <immanis AT sfgoth DOT com> on Wednesday February 13, 2002 @02:43PM (#3001592) Homepage Journal

    Anytime you get a wide user base to anything, ranging from a development site to a game site to a bbs or chatroom, if the powers that be add a period to the end of a sentance in thier policies, there will be:

    1. no fewer than 6 users who try to mount an Exodous;
    2. 14 threads or conversations from the angry citizens
    3. at least two campaigns to get the policies changed back, one angry with a lot of swearing, one long and thought out with good reasoning
    4. a spike in usage
    5. at least 12 users who say "it is the end of an age.

    Now, watch the comments here, and have your scorecards ready.

  • I got more than what I paid for (Score:5, Insightful)

    by gmhowell ( 26755 ) <gmhowell@gmail.com> on Wednesday February 13, 2002 @02:43PM (#3001593) Homepage Journal
    I host a project [http] at sourceforge, and I've been more than happy with the service I've gotten. I have CVS space, ftp space, mailing lists, discussion boards, and web space. And as far as I can tell, they have nothing from me except for some slightly useful information from my profile.

    Big whoop.

    There is nothing they can take from me. I have the source code. I update my local cvs daily. The project webpage is garbage, and half of the discussions about development are in email. The greatest benefit is that the package I run has been difficult to find, and now it has a 'permanent' home.

    I'd have more problems with, oh, say, Comcast changing the TOS. Or M$. Or AOL. When those guys change things, I always get the "I changed the bargain, just pray I don't alter it any further" impression. With sourceforge, I AM A LEECH. I live at the whim of my host.

    If they piss me off, it's off to the FSF hosted site. No problem.

    Hey, I don't like the VA Systems->Linux->Software scam. I'm part of the gang whinging about the 'post'. And I often question the integrity of folks. But sourceforge.net never promised anything, and they haven't disappointed me yet.

    Nothing to see. Move along.

  • What are the chances ... (Score:5, Interesting)

    by zangdesign ( 462534 ) on Wednesday February 13, 2002 @02:43PM (#3001598) Journal
    of getting Sourceforge to kill off old, inactive projects? Seriously, the tree needs a little trimming. One has to wade through so many unmaintained alpha releases when trying to find a specific thing that it's easier to do a search on Google these days.

    SF is a great resource and all, but there needs to be some way to filter out the abandoned stuff.

    • Re:What are the chances ... (Score:4, Insightful)

      by DaCool42 ( 525559 ) on Wednesday February 13, 2002 @02:46PM (#3001636) Homepage
      On the contrary, i think that it is very good that old projects are not thrown out. They are always there for people to pick up where others left off.

      • Re:What are the chances ... (Score:5, Informative)

        by istartedi ( 132515 ) on Wednesday February 13, 2002 @03:05PM (#3001802) Journal

        I was thinking the same thing, but the OP has a point. Why not create a "Sourceforge attic" with an option to exclude the attic from searches? A project would go into the attic if it had less than a minimum number of downloads and/or changes for a period of 6 months.

        The attic could be hosted on older, slower servers, or on a configuration that worked well under low demand. Or perhaps it could even be archived on CD or DVD and distributed to various mirrors.

        Regardless of how it is maintained, old code is a valuable resource, even if it's just there to let people know about methods that have been tried and failed. How can we learn from mistakes if we can't *see* them?


      • I thinking keeping old projects around is a good idea, if the projects have actually done something. Too many times I've looked into a project only to find that absolutely nothing has happened other than the project's name being approved and added to SF. Even the homepage hadn't been touched.

        Those projects are the ones that need to be removed. An empty project does nothing but take up space.

  • you get what you pay for (Score:2, Funny)

    by Anonymous Coward

    You get what you pay for after all.


    An ironic quote coming from someone who supports FREE software.

  • Coincidence? (Score:4, Funny)

    by jeroenb ( 125404 ) on Wednesday February 13, 2002 @02:46PM (#3001635) Homepage
    After being registered for over two years [sourceforge.net], about a week ago I started my first project there [sourceforge.net]. And a couple days later they change their policies so they can kick me off, keep all the stuff I put up there, contact me whenever they want and sell my personal information. Coincidence? :-)

  • Projects (Score:3, Informative)

    by mystran ( 545374 ) on Wednesday February 13, 2002 @02:47PM (#3001653)
    If they can delete accounts at will, and they don't even need to recover the data you had there, then they can basicly remove all admins from a project if they wish so. This means that you need to have a copy of everything somewhere else just in case. (which you should have anyway but..)

    It's a bit questionable if you need a CVS somewhere else, a mailing list archive somewhere else, a patch archive somewhere else, project homepage somewhere else.. whether it's any use to have them a SourceForge at all.. too bad since it really is a great tool, even if sometimes really laggy.

    This sure ain't good news for maintainers of small projects.. especially of projects of questionable usefulness..

  • It's true, it's not true (Score:5, Insightful)

    by bperkins ( 12056 ) on Wednesday February 13, 2002 @02:48PM (#3001661) Homepage Journal
    OB IANAL

    1. The privacy policy is acquiring a disclaimer that amounts to "this is not true". It actually disclaims the entire privacy policy.

    To say that the clause at the end claims the privacy policy is "not true" is pretty simplistic. It attempts to avoid iablility for circumstances beyond their control, which is a far cry from disclaiming the entire thing.

    In other words if armed men break into our facilities and steal our database and sell it to spammers, or our daatabase administrator gets a brain tumor and tries to "MAKE MONEY FAST!", we think we shouldn't be sued.

    • In addition, I think this clause is to prevent them from being sued in the event that they are liquidated. During liquidation, user information will be sold to the highest bidder. I know precedents for this have made slashdot in the past.

      Also, a police organization (e.g. FBI) can force them to hand over information about their users.
      • That's a crock. No court would hold you liable if the FBI came in with a warrant - in fact, you probably couldn't get it into court.

        If they are liquidated, and whoever the owning entity is, if they voliate the terms of the contract, they should get sued.

        All the reasons I've seen so far explaining the changes in privacy policy are bogus, short of those saying that SF wants to abandon any restrictions on their privacy requirements.

        That doesn't mean they're going to violate your privacy, but they want no reprocussions when they do.

  • Privacy Statement (Score:5, Insightful)

    by colmore ( 56499 ) on Wednesday February 13, 2002 @02:48PM (#3001663) Journal
    NO GUARANTEES

    While this Privacy Statement expresses SourceForge.net's standards for maintenance of private data, SourceForge.net is not in a position to guarantee that the standards will always be met. There may be factors beyond our control that may result in disclosure of data. As a consequence, SourceForge.net disclaims any warranties or representations relating to maintenance or nondisclosure of private information.

    Since I don't think we're dealing with an vast evil corporate conspiracy here, I don't think the proper reading of this is "these statements are not true."

    Basically they're protecting themselves against crackers. If someone steals the password list, they aren't responsible. I don't think that this means they're going lax on security or forgetting about privacy, it just means that shit happens, and they don't want to be sued.

    As to the rest of the changes: this is their perrogative. They don't have to warn you about service changes. And if that fact alone bothers you, you can take your (non-paying) business elsewhere. It's how they use this priviledge that matters, and I don't think that they are going to radically alter their service in an attempt to scam users.

  • slashdot editors propogating yet another myth (Score:5, Insightful)

    by FreeUser ( 11483 ) on Wednesday February 13, 2002 @02:52PM (#3001699)
    You get what you pay for after all.

    Amazing. Now I understand why the slashdot editors really appear to not "get" a lot of fundamental things, like the ongoing, direct harm the Copyright Cartels (Hollywood and the music industry in particular) are doing to free software.

    "You get what you pay for," is demonstrably a myth. (c.f. GNU/Linux, FreeBSD, non-paid sex, love be it familial or romantic, and as a counter example underscoring the very same point, Windows vis-a-vis quality, used cars, enron stock, and so on ad nauseum.). Air is the most valuable substance to any living, breathing human. Don't believe me? Try going ten minutes without it. Yet it costs nothing.

    With free software you don't "get what you pay for," you get what many thousands have contributed to a public commons to give themselves and you, with a resulting value far greater than any single enterprise could possibly offer. These contributions are often completely unrelated to any economic value as defined in the traditional market sense, and are only very indirectly related to any sort of free market or monetary value at all.

    If you don't understand this (because of your libertarian bent of capitalism ueber alles, perhaps ... and I can relate, as I have some libertarian leanings myself), then I suggest you consider, with an open mind, the implications of applying one set of assumptions (scarcity and greed driving a free, self-organizing market) vs. the actual conditions (a fundamental lack of scarcity in the electronic world) which may well make those assumptions invalid in the context in which you are trying to apply them.

    In this particular case the area is more gray ... we are dealing with an area that interfaces the (cyber)world of virtually unlimited abundance (virtually zero-cost copying) and the physical world of scarcity. It is along this interface that the most interesting problems and opportunities are going to arise (and the area the copyright cartels would be concentrating on if they had any intelligence, rather than trying to use authoritarian laws to impose their business model on a world which lacks the scarcity they require).

    I should point out that the Free Software Foundation's GNU project offers a similar service to sourceforge called Savannah [gnu.org], which I highly recommend. Will the laws of supply and demand as created out of scarcity apply, or are there enough willing donars, and enough inexpensive (or free) resources available that the laws of plenty will apply? In this gray area the answer is probably both yes, and no, depending on local circumstances and conditions.

    In any event, the notion that "you get what you pay for" has been disproven numerous times in the physical world of scarcity-driven capitalism (ask any number of people who have purchased property or used automobiles, only to have their worth drop to zero, or climb insanely, in no relation to "what they paid for"), and in the abundant sphere of free software is demonstrably inapplicable in nearly every case.
    • Air is the most valuable substance to any living, breathing human. Don't believe me? Try going ten minutes without it. Yet it costs nothing.
      You obviously haven't read Gasping [amazon.com], by Ben Elton ;-)

    • Air is the most valuable substance to any living, breathing human. Don't believe me? Try going ten minutes without it. Yet it costs nothing.

      It's free? Damn. I paid like twelve bucks for three bottles of it just last weekend.

      Excuse me... I've got to go have a word with the guys at the dive shop.

  • Whats the big deal... (Score:5, Insightful)

    by warpSpeed ( 67927 ) <slashdot@fredcom.com> on Wednesday February 13, 2002 @02:52PM (#3001701) Homepage Journal
    These changes are not draconian. What is the hubbub all about?

    1. They can henceforth change the terms without notice, just by posting the new terms on the website. (Currently they are obliged to give 15 days notice by email, a period that we are currently in for this change.)
    It is a free service... if they want to change something should they be shackled by having to email all the users to change anything?

    2. They can henceforth remove user accounts without giving a reason. (Currently they are obliged to have a reason, though the set of acceptable reasons is open-ended.)
    They avoid leagle entanglement for said free service... People abuse free systems, they need to be delt with quickly and effectivly.

    3. They're no longer obliged to make the contents of a deleted account available to its owner. (There was previously a "reasonable effort" clause to that effect.)
    The users should have local backups... this is more then resonable.

    4. They're no longer obliged to provide notice of changes to the privacy policy, unless the changes are "substantive". (Currently they are obliged to provide notice of any change.)
    Hmmm, some web notice would be nice... but again it is a free service...

    5. The privacy policy is acquiring a disclaimer that amounts to "this is not true". It actually disclaims the entire privacy policy.
    Well, if you bother to read (and comprehend) the policy you should know what you are in for, again it is a free service...

    Have you read Hotmail Terms of Use [msn.com]?
    You know they have your best interest at heart.

    ~Sean

    • > Have you read Hotmail Terms of Use [msn.com]?

      From the Hostmail Terms of Use:
      By way of example, and not as a limitation, you agree that when using a Communication Service, you will not:


      • ...
      • Create a false identity for the purpose of misleading others
      • ...



      Funny. I thought that point was their business model and represented their 'heaviest users' base! (Of course, if you dont like it, you can email their abuse department at angelgirl435_abuse@hotmail.com .. )
    • All the others, like you said, are perfectly reasonable, especially given the zero-monetary-cost nature of the service. It's just the potential of being kicked without notice and then losing all your stuff that is the double-whammy. Either by itself wouldn't be so bad. It'd be nice of them to either:
      1. Give you X days warning your account is about to be revoked, with instructions on how to pull your content, or...
      2. Send you a fait accompli notice and say "go here to download a tarball of all your stuff, you have X days to do so before it is deleted". (The only non-completely-trivial part of this would be bundling in the content in the project's forums and whatnot, and that's probably just a few sql dump-to-file statements...)
    • 3. They're no longer obliged to make the contents of a deleted account available to its owner. (There was previously a "reasonable effort" clause to that effect.)

      The users should have local backups... this is more then resonable.

      Yes, the users should have local backups. But of what?

      Another poster commented that this wasn't a big deal because "I update my local CVS checkout daily." So what? You have the latest current version, okay, true, that's good. But without the CVS repository itself, you've lost all the history (diffs over time, commit log entries, etc).

      For the projects I care about, I use rsync and get a local copy of the CVS repository itself; that way I have it all. (It's also handy to be able to check out a copy from that repository; CVS ops go really quickly. *grin*)

      I'd like SF.net to make a "reasonable effort" to mail me the CVS repo. Other than that I don't particularly care.

    • 1. They can henceforth change the terms without notice, just by posting the new terms on the website. (Currently they are obliged to give 15 days notice by email, a period that we are currently in for this change.)
      It is a free service... if they want to change something should they be shackled by having to email all the users to change anything?

      I've always hated those "we can change things without any real notice" clauses. 15 days could be a bit long, i suppose... Why not 2 business days or something like that? Gives people enough time to move out if they really don't like the changes, and still allows reasonably fast changes to the policy.

      2. They can henceforth remove user accounts without giving a reason. (Currently they are obliged to have a reason, though the set of acceptable reasons is open-ended.)
      They avoid leagle entanglement for said free service... People abuse free systems, they need to be delt with quickly and effectivly.
      3. They're no longer obliged to make the contents of a deleted account available to its owner. (There was previously a "reasonable effort" clause to that effect.)

      Couldn't they still do that with having to give a reason? Hell, "abuse of site resources" is one of their explicitly listed reasons for termination. This makes me think they're going to start deleting things for reasons they don't want to be publically known...

      Ok, reading the actual terms of service, these seem to be not exactly true. Since the reasons for termination were never limited, "we don't like you" is technically a good enough reason. And they were never obligated to make the information available, they just said "We'll be nice and do it if we can without too much trouble." It's still kind of shady though...

      4. They're no longer obliged to provide notice of changes to the privacy policy, unless the changes are "substantive". (Currently they are obliged to provide notice of any change.)
      Hmmm, some web notice would be nice... but again it is a free service...

      That's no excuse for giving no notice. It would be nice to know what their lawyers (it always comes down to lawyers) consider "substantive". Fixing grammar and spelling mistakes is fine for no notice, but i'd want notice of anything that changed the actual policy.

  • Taco turns Republican (Score:2, Funny)

    by Anonymous Coward
    I don't particularly like this any more then anyone else, but I also don't think it's the huge deal that others are making of it. Especially considering projects aren't paying for the free service. You get what you pay for after all.

    Ain't it always the case? You start making lots of money and the Republicans start making sense.

  • Pot, Kettle, etc. (Score:2, Redundant)

    by tiltowait ( 306189 )
    "You get what you pay for after all."

    Hmm, I'm going to say that about Linux now.

    Let's see how that get's moderated.
  • Taco: "while I don't particularly like this any more then anyone else, but I also don't think it's the huge deal that others are making of it."
    5.The privacy policy is acquiring a disclaimer that amounts to "this is not true". It actually disclaims the entire privacy policy.
    Well, considering the way /. is run [kuro5hin.org], Taco calling the total elimination of the privacy policy 'not a huge deal' does not surprise me in the least.

  • All CYA (Score:2, Insightful)

    by mikewas ( 119762 )
    Looks like a bunch of CYA stuff.

    e.g. The term "reasonable effort" is open to a million interpretations. Anything you do would likely disapoint somebody. Promise nothing and you always exceed what was promised.

    Use the service to its best advantage, don't rely on SourceForge (or anything else) 100%, and if it doesn't work for you move on. After all, it IS free.

  • Indemnity is the real issue (Score:2, Interesting)

    by Anonymous Coward
    These new changes are the last straw, and now after thinking it over for a long time I'm finally going to have my SourceForge account cancelled, but the new terms aren't the real problem. The real reason I'm having my account cancelled is that SourceForge's TOS requires that I "indemnify" them for any trouble they get into as a result of my actions on their system.

    In other words, if I do something that upsets a corporation with a legal department, and SourceForge gets sued, I have to pay their lawyer's bills.

    Because of that clause, I can't do anything that is legally sensitive; and because free software is by definition revolutionary, I can't do anything real or important on SourceForge at all. I respect and admire the Freenet people, who are going ahead and hosting with SourceForge anyway, but I have no wish to emulate that display of courage. I don't blame SourceForge for having the indemnity clause in their TOS, but it means that their service isn't much use to me. The risks are just too great.

    Incidentally, y'all have missed the most important new terms in today's revised TOS - the new DMCA compliance terms. Those, too, are perfectly understandable, and I can't blame SourceForge for having them. As a business operating in the U.S.A., SourceForge is legally obligated to have DMCA compliance procedures. But if I had any illusions left that SourceForge was part of the revolution, those illusions are gone now. SourceForge is now just another profit-making business, and I don't need, or have any particular reason to want, to do business with them. I'll be hosting my free software on amateur servers outside the U.S.A. (I'm outside the U.S.A. myself) where I can be assured of its continued freedom.

  • "You get what you pay for"?! (Score:4, Insightful)

    by dstone ( 191334 ) on Wednesday February 13, 2002 @03:01PM (#3001771) Homepage
    CmdrTaco wrote:
    but I also don't think it's the huge deal that others are making of it. Especially considering projects aren't paying for the free service. You get what you pay for after all.

    What the heck kind of attitude is this for the founder of a pro-Open, pro-Linux website, CmdrTaco?! I took a quick diff of the terms of use changes, and you're right, it's not a big deal. But reinforcing the myth of "you get what you pay for" doesn't help traditionally minded people embrace new paradigms such as Open and Free. Tsk tsk.

  • sourceforge alternative (Score:2, Informative)

    by keeg ( 541057 )
    While I don't really think sourceforge will be going down soon, savanna [gnu.org] is a good alternative. It is based on sourceforge source code, (it was GPL after all), and should have most facilities sourceforge users are used to. It is also garantueed to stay Free.
    • Note that Savannah is trying to move away from the Sourceforge engine, due to its, quote, "unmaintainable nature". Savannah was really created to ease the work of GNU maintainers, not as a general-purpose hosting solution, and while they're talking about making it a general-purpose hosting solution, we'll see. Given its FSF nature, it will probably only be GPL-friendly.
  • I can see that somebody might get their account deleted without any notification and lose all of the work they've been doing. If I have to make an effort to keep copies of everything somewhere else in case something happens, why exactly am I hosting my work there in the first place? Seems like an e-mail and a couple weeks notice would be nice.

  • Journalistic efforts when covering one's self (Score:3, Insightful)

    by JoeBuck ( 7947 ) on Wednesday February 13, 2002 @03:06PM (#3001807) Homepage

    Yes, it's CmdrTaco's site, but it looks bad when a VA employee uses his position to put his opinion that a controversy involving his employer is a non-story in the article rather than in a comment.

    It would be better form to use a just-the-facts approach in the story itself and then post opinions as comments like every other user. Another possibility would be to have a separate "Editorials" section for staff members to give their opinions, and to have a separate news item and editorial in cases like this.

  • "You get what you pay for after all", what a laugh coming from a open source advocate. BillG must love it when comments like this get pointed out to him.
  • I've been hedging my bets for a while on Sourceforge. I have a fairly popular project [sourceforge.net] (over 1 million downloads) hosted there. This week I've averaged something like 5000 downloads/day at 10+MB each (which is why I have it on SF rather than on a server I pay for). I've been questioning how long this can last. There's no way SF can get enough revenue from my project to cover that kind of bandwidth usage. So, I wrote a simple PHP-based distributed mirror system (100% Buzzword Compliant(TM)) [phpgeek.com] that lets people handle very small portions of the download traffic with daily bandwidth limits. I'm hoping to start shifting some of the burden off SF so that it isn't a single point of failure in distribution. Eventually the gravy train of massive free bandwidth is going to end.
  • Anyone have comments about the maturity of Savannah [gnu.org]? I know of several projects that have moved from SF to Savannah recently and wondered how comparable the two services are.
    • I use Savannah and it is a very slick service, well documented (as is Sourceforge), it's also nice to be able to cut time by been able to automatically apply to be a GNU project. The licensing issues are well dealt with (anything as long as its FSF approved) and any questions that I have posted have been answered in hours.

      With regards of compatibility there is an offer (when you sign up) to use your existing CVS's data on their systems. The only caveat was that they are far stricter with licensing. So if you use the Sourceforge CVS it should be easy (providing the licence is OK) to transfer to Savannah.

      You also geta homepage at: http://www.freesoftware.fsf.org/yourprojectname

      Which is adminned via RSYNC or CVS over SSH.

      So almost identical to Sourceforge.

      It doesn't seem to be as fast as Sourceforge, but this is opionion and I have no metric to support this.
  • Dear Redhat,


    you're a commercial company, but you've shown your dedication to open source. Please start hosting something like SourceForge so we can stop having to trust SourceForge. You seem safer.


    Dear IBM,


    you are new to open source, but you've produced a lot of great technology over the years, lost out to Microsoft for a dose of humility, and shown recent commitment you open source. You own Lotus Notes, and you host that free really cool patent database. Howsabout you start hosting something like Slashdot? it's a discussion forum just like Notes. Oh, and host something like SourceForge too while you're at it.


    No, guys, not to drive these other guys out of business, but because competition makes everybody perform better, just like in the Olympics. It's so much easier to trust competitors than monopolists.

  • Something has to give somewhere (Score:3, Insightful)

    by Nelson ( 1275 ) on Wednesday February 13, 2002 @03:38PM (#3002062)
    I've been critical of VA from the start. I've just never liked the idea of them being a big and powerful player in "Linux" and owning many of the more valuble resources. Call me a pessimist but I know what IBM, HP, Apple and Microsoft are all about, I know how they are going to react to some thigns and I can predict what they are usually going to do. VA is/was a bunch of upstarts who were too bold or foolish be told they couldn't do it and brash enough to think they could, it's a wild card, at best. Who knows what VA will do when things get tough? They've surprised me so far but I keep expecting something big and bad to happen. It's been a theme on Advogato for a while now, it would seem from there that a number of people aren't satisfied with SF.


    Let's look at this a little more objectively. Hosting kernel.org costs about $80,000 a year (Larry McVoy posted this number to lkml about a month ago) at the least. It's an ftp site. That's bandwidth, not any warm bodies doing admin, not any fancy database stuff, nothing fancy just an ftp server and a minimal web site. Sourceforge has to cost 20 times more, probably more, to run. I have no idea what the numbers are but it has a staff and a huge amount of resources to manage and keep running. Personally, I'd assume that it's in the neighborhood of $5million+ a year, that's just my half-assed guess though. That's some substantial output for most companies, at IBM you can't spend that kind of money without producing something, people notice chunks that big. At most places, that kind of funding simply isn't available for something like that. At some point the free ride has to end, or something has to come out of it, or something has to change. Even a company like MS would see $5mill on the books in red ink and not black and there would have to be some reason to justify it and goodwill towards the community might not be enough.


    Then with subjects like these, things rise up. Well they should trim dead stuff out of the tree, trimming the "dead" stuff is silly becuase it might be useful to people, that's the whole premise, if it's in use anywhere then it's not really dead. It might be dead to you and me, but that guy who is using it might want it. They should do x, y, or z to better support projects like q. They could do this or that. I think the most alarming propect is that there will be code in SF and it could be lost because of a policy change. I can get over most things, the changes to the mailing lists, and various other things they've done, it's free and you get what you pay for but a big part of the justification has been to promote interaction with developers to give VA a community they have close ties with and to promote open source software development. The idea of losing code is appauling, SF no longer serves a big part of its purpose at that point. That's what brings credibility in to question, what are they doing to prevent that from happening? Can I buy a set of DVDs that have SF backed-up on to them? Or is this it, the policy change is that there won't be any warning of future policy changes and those might cost you your code. I understand that they might have to sell stuff, or charge for services or do lot's of different things. I also understand that services like SF are prime for pirates and porn hustlers and others to use to propagate data and they need to protect themselves. It's time to look to tigris [tigris.org], Savannah [slashdot.org], and Berlio [berlios.de] more seriously.


    I wonder if there is something we could add to licenses that would prevent a place like SF from shutting down and taking your code with them.

    • Re:Something has to give somewhere (Score:4, Informative)

      by Hemos ( 2 ) on Wednesday February 13, 2002 @04:01PM (#3002242) Homepage Journal
      Actually, kernel.org costs a lot more then that - the bandwidth alone, in real dollars would be about 250k per year.
      • wow. Now that I reread the this message [insecure.org] I can see that Larry was quoting a bare minimum type price.


        Either way, SF has to be forking out some very serious money for the bandwidth, the machines, the admin staff and then any development they are trying to do on it all.

    • Sourceforge shutting down would not be the first time I have experienced a site hosting my code shutting down. When EST shut down, it took my CVS archives with it (thus why the CVS version numbers in the mtx logs suddenly restart). I lost not a line of code. Why? I had/have a policy that I maintain a backup of my code, preferably two backups, on servers and/or workstations directly under my control (i.e., at my house). With SourceForge, you can download a tarball of your CVS archive on a nightly basis (I have a cron job that does that), so the most code that I could ever lose in a Sourceforge shutdown is a day's worth.

      This DOES mean that I'm reluctant to use SourceForge's forum and bug tracking and etc. software, since those cannot be easily backed up. Luckily I don't currently work on any multi-programmer project where bug tracking is necessary (and as for their forums, I prefer mailing lists and don't enable the forums on any of my projects).

      As for VA, I've had my reservations about them ever since interviewing there in 1999 and finding that all the top VP's were former Apple and Sun people installed by the VC's and that the people who'd built the business were relegated to low-level sysadmin and wrench monkey jobs. Their business model also sucked, they needed to be the Dell of the Linux business and were instead trying to be the Compaq of the Linux business. VP's who didn't understand the Linux business, disgruntled employees, bad business model, to say I lacked enthusiasm is an understatement. I hate to say "I told you so", but I suspect that if I pulled out the EMAIL's that I shared with VA VP's back then, they would be eerily prescient.

      -E

  • I think centralized open source projects in working developer format, especially concentrating them all in one organization, is a bad idea.

    1) Break ins.
    2) Sourceforge is bought by Microsoft.
    3) Disruption to work to SO MANY projects at once, due to break ins.

    The disruption and dependance of the Open Source way on one organization is probably a bad idea. Not that SourceForge is the one stop and only place on the net, but it has a large enough number of projects to be of concern.

    I don't know why or what sourceforge is that is is such a big deal to have projects here. Big fat Pipe perhaps?

    There are plenty of tools for individual projects and group projects that work just fine and are free for everyone too use.

    There are too many gotcha's that could impact too many projects if someone got in and decided to spend the next 5-10 months secretly writing small back doors into fairly large projects, that just perhaps not many would notice.

    Makes my skin crawl just thinking about it.

    I think source forge should probably be a "BinaryForge" with MD5 and CRC signatures with perhaps the ability to sign out certs for binarys that are extremely critical.

    Perhaps a mechanism to post builds from CVS systems authors maintain themselves to sourceforge of binaries would be OK.

    At least that would maintain the ease of use of getting all your goodies from one location.

    But in general I don't think it is a good idea to have so many open source source code trees in one place on the net.

    -hack

  • Has CmdrTaco lost his mind? He uses a free OS yet he says "you get what you pay for". Go figure. Of course he'll say anything to defend VA

  • With all due respect... (Score:4, Insightful)

    by frost22 ( 115958 ) on Wednesday February 13, 2002 @03:52PM (#3002154) Homepage
    Taco:
    I'm biased and corrupt and you should ignore my opinions on the subject,
    Amen, brother. Unfortunately, that about sums it up on this issue. --f.
  • AFAIK, there are no tools to pull the contents of the bug lists, patch lists, etc off the site. There probably never were.

    So, here's what we need:

    1. Tool to "web-scrape" the contents of the bug-list for a project.
    2. Tool to "web-scrape" the contents of the patch-list for a project.
    3. Tool to "web-scrape" the mailing list archive and member list for a project.
    4. Tool to put together a mirrored CVS repo (a la CVSup, but it just needs to work in one shot).
    5. Any other similar tools to above needed to reconstitute project state on a different host.

    Putting an XML-RPC interface on these would allow them the most general use.

    We've always needed them. This announcement doesn't really change anything, but it should bring the point home that we who admin projects are responsible for our own disaster recovery, just in case Lars Ulrich decides he owns that sample mp3 of your cat hacking up a hairball because it sounds just like Metallica.

    And finally, just a common sense clarification, in case some people don't get it: don't put crypto on SF, because it'll probably get DMCA'd.

    I'll start the project on sourceforge.net (of course). Volunteers welcome.
  • Quoth The Founder:

    I'm biased and corrupt and you should ignore my opinions on the subject, ...
    Umm, the sarcasm obscures a logical problem. If you are (using your words), biased and corrupt, and have an EDITORIAL POSITION, then people have a very hard time ignoring your opinions. And the above is a case in point.

    Yes, publically defending changes made by your owner, especially considering how those changes would likely be savaged if done by an opponent, raises deep issues of conflict of interest which deserve better than such an offhand dismissal.

    After all, how different is "You get what you pay for after all", from "If you don't like our click-wrap license, don't use the software"?

    Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]

    • I think Rob's point is moreover that his opinion will be discounted by all anyway, so there's no point in stating that.

      *My* feeling is that this TOS change is not a substantive change. The part in which the Privacy Policy is disavowed is done specifically because *if* the site is cracked, then we're lying about protecting it - not because we're going to sell anything. I'll shoot myself in the eye before we do that.

  • Something is missing..... (Score:4, Funny)

    by Chuck Chunder ( 21021 ) on Wednesday February 13, 2002 @04:12PM (#3002326) Journal
    This article simply isn't complete without the standard "VA = Satan himself and I told you so first" comment from Bowie J. Poag.

  • Further proof... (Score:3, Insightful)

    by talks_to_birds ( 2488 ) on Wednesday February 13, 2002 @04:27PM (#3002464) Homepage Journal
    ...that someone needs to take all the lawyers out and shoot^H^H^H^H^H rehabilitate them.

    It's the same general deal you get anywhere these days:

    • We're not responsible for nuttin..

      You can't get us for nuttin..

      We don't know nuttin, and if we did, we wouldn't admit it anyway..

      If you got it, it's ours, an' we're gonna take it no matter what you do..

    Here's a real punchline from the Privacy Statement:

    • "While this Privacy Statement expresses SourceForge.net's standards for maintenance of private data, Sourceforge.net is not in a position to guarantee that the standards will always be met..."

    uh.. then who is in a position to guarantee what Sourceforge itself has just attested to?

    No-body!

    End of discussion!

    And have a nice day!

    t_t_b

    • Re:Further proof... (Score:5, Interesting)

      by dasmegabyte ( 267018 ) <das@OHNOWHATSTHISdasmegabyte.org> on Wednesday February 13, 2002 @05:42PM (#3003071) Homepage Journal
      And that's one of the problems with modern capitalism...in the odd case that you don't claim to know nothing and be irresponsible, you're inviting people to sue you. How many times have I heard in the same breath "X Co, Inc, is a huge, evil, corrupt institution with no care for its customers" and "let's sue them so we can have money?"

      I run a very small (read: profits are almost half my car payment) web hosting service under the flag of openness and freedom of content. I started it because I got upset that every single host I went with wanted to corral me into a year contract, tell me what I couldn't do or say and take credit and the ability to edit my personal thoughts and ideas. Originally, it was a co-op, and I began to take on extra users who wanted the same thing -- ownership of their work and a fair charge for the low bandwidth they were moving.

      In the past three months we've grown a dozen times larger -- so big that I no longer know every site op by name. Now, I don't want to have to force the new people to sign a TOS or a EULA. I think that posting the rules on the frontpage should be good enough for everybody. But I'm afraid. We've had a couple users ask if they could serve porn, and when I said no a few signed up anyway. I trust them (and check my logs), but if I go away on vacation and one of them starts serving nude shots of Frankie Muniz, I'm the one who gets in trouble. I'm the one who's got his name on the tax forms, and I don't intend to incorporate the business.

      So I'm stuck. I want to let users do their own thing, own their own shit, but I'm the one who's ass is on the line. If one site slips up, they all go down. Everybody loses their stuff and all the good I've tried to do, all the bright young folks I've formed relationships with are scrambling for a new host. Someday soon I'll need to call my lawyer (okay, I don't have a lawyer to call my own, I'll have to pick a name out of the phone book) and have him draw me up a plan for a TOS. It'll probably be pretty brutal. Legally, I'll have to claim responsibility or ownership over users and content so I'll have the ability to pull it if I have to. And I'll have to do the same stupid shit, bowing to C&Ds and dropping user info and so forth.

      It won't make me as a host and as a person any more of an asshole. I won't trade email addresses for cigarettes or claim rights to rkm's work [somethingpositive.net]. But I'll look just as corporate and uncaring as the rest.

      Just think about it, baby, before you hate the legalese. You can't avoid being screwed without screwing somebody on paper. At the end of the day, it all comes down to who you trust, and after these long years with Slashdot, OSDN and SourceForge, I guess I trust VA. I have to, they designed my new server!

      Shameless plug: webslum.net [webslum.net]. Say you read this post and I'll give you a free shell :)

  • Let's think about exploiting p2p (Score:3, Interesting)

    by moebius_4d ( 26199 ) on Wednesday February 13, 2002 @06:13PM (#3003335) Journal
    I think the main weakness of SourceForge is that it is hosted by a single entity. The tremendously valuable information hosted by freshmeat is a similar example. It does the FS/OS community no good to have the various project sources cached all over the place if we have no way to access information about the projects, including where they are, what they do, and so forth.

    How can we surmount this problem? Maybe by making a set of standards (beyond the informal ones that exist now) for how to document what your software is and where to get it. This could be a variation on the old .lsm (linux software map) files. This could be submitted to multiple places on the web. Freshmeat might parse it into their database, while metalab might just through it in the .osm directory. But at least there would be a way to track things down. Google would help a lot.

    I am concerned that a lot of good code and good projects are left to die while other people re-invent that particular wheel. Since FS/OS is based on volunteer work, we can't really afford to throw it away or waste it. I hope other people who also have ideas about this will reply to this, and perhaps we can get together a mailing list or something to brainstorm about possible solutions to this problem.

  • this is the part I hate.. (Score:4, Interesting)

    by Dr. Awktagon ( 233360 ) on Wednesday February 13, 2002 @06:22PM (#3003409) Homepage

    They can henceforth change the terms without notice, just by posting the new terms on the website. (Currently they are obliged to give 15 days notice by email, a period that we are currently in for this change.)

    This is the part that disgusts me about "Terms of Use". Basically, they could say anything they want, and you would be bound by it, before you can even read it!

    So Tuesday, they can say they don't own the copyright in your programs, but Wednesday they can, and NOBODY WOULD KNOW until AFTER the terms went into effect.

    Yes, they have the right to put pretty much anything in their terms, BUT they should have to make a reasonable effort to inform their users of any new terms.

    Free markets work best when information is available about your choices. Saying "if you don't like it, go elsewhere" is silly if you don't know what it is exactly you just agreed to.

    There should be a consumer protection law that says, you have 30 days before new terms go into effect, no matter what. Then you would know, just have your attorney or your web-page watcher script check the terms every 30 days. But now, they can change them twice a day, or just for 5 minutes every night, or whatever, and nobody knows.

    Of course every company is completely honest and above-board and would never change their terms like that, would they??

  • How does this save sourceforge money? (Score:3, Insightful)

    by Reziac ( 43301 ) on Thursday February 14, 2002 @12:26AM (#3005205) Homepage Journal
    Okay, it's a free service and you get what you pay for, yadda yadda ad disclaimerum.

    But what I fail to comprehend is -- how on earth do these new terms create any reduction in the cost of running Sourceforge?

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close