By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: As issues of fairness and sustainability boil over, a developer sabotages his open-source code in protest
Share
Font ResizerAa
TechgoonduTechgoondu
Font ResizerAa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Enterprise > As issues of fairness and sustainability boil over, a developer sabotages his open-source code in protest
EnterpriseSoftware

As issues of fairness and sustainability boil over, a developer sabotages his open-source code in protest

Alfred Siew
Last updated: January 14, 2022 at 1:11 PM
Alfred Siew
Published: January 10, 2022
4 Min Read
SHARE
  • PHOTO: Kevin Ku from Pexels

A developer of open-source libraries used in many popular projects, such as cloud-based applications, was so angry about the demands on volunteers like himself that he corrupted his own code to make a point yesterday.

As a result, thousands of projects ended up breaking, with users of the libraries called “colors” and “faker” seeing gibberish on screen instead of the output they had expected, reported Bleeping Computer.

The mischief by a developer called Marak Squires appears to be targeted at the many commercial entities that build their apps and infrastructure with the open-source foundation maintained by volunteers but which do not contribute any code back or help solve problems when they arise.

NPM, which hosted the code, has since got an older version of the software back up while Github, another site hosting open-source code, has suspended the developer’s account.

By now, you can imagine the controversy this has brought about. While some fellow open-source developers have backed Squires, others lambasted him for deliberating sabotaging not just his own code but a central tenet of open-source software.

Instead of causing disruption, could he not have made a statement by stopping work on the software altogether, thus forcing commercial parties to fork the project or take the code and develop it themselves?

That said, the burden of maintaining open-source software, like fixing bugs and patching up vulnerabilities, has caused much unhappiness to many developers who are often volunteers.

When vulnerabilities over the commonly used Log4j software utility were found over the holiday period recently, the open-source developers had to scramble to fix the problem on their own free time.

This has led to accusations of large companies, which hire teams of IT experts themselves, “exploiting” the work of volunteers who do not get paid for their efforts.

Whether you agree with that, the recent episodes also raise questions of risk and sustainability.

Is it safe to base so much of one’s digital infrastructure on the work of volunteers without learning about it or contributing anything in return?

Unsurprisingly, the use of open-source components in apps has grown, from an average of 84 components per app in 2016 to 528 in 2020, according to a report by Synopsys, which specialises in chip design and application security.

Correspondingly, the number of vulnerabilities has grown as well, it found. Eighty-four per cent of open-source codebases had at least one vulnerability, with an average of 158 per codebase, according to the study of 1,500 open-source codebases across 17 industries.

It is time that businesses took a more active interest in the foundational code they use every day, instead of trusting that things will get fixed automatically by an enthusiastic community.

The open-source idea is one premised on transparency and ground-up, crowdsourced efforts to create the best, most secure code.

However, if that effort continually comes from unpaid, overworked people who are taken for granted, then the quality of the output will surely suffer.

We know what happens when disgruntled employees leave. Projects are stuck in limbo and work gets disrupted.

So, why should it be a surprise that the most important software that underpins so much of today’s digital infrastructure goes bonkers when the people who work tirelessly to maintain it are unappreciated?

AWS to invest S$12 billion in Singapore to drive cloud, AI adoption
In a software-defined, interconnected world, supply chain attacks are hard to ward off
On-premise has no future as an IT model
What now, after going over the top?
Half of Singapore to have full-fledged 5G coverage by 2022, in “pragmatic” approach
TAGGED:cybersecurityGithubLog4JMarak Squiresopen-source softwareSynopsys

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Whatsapp Whatsapp LinkedIn Copy Link Print
Avatar photo
ByAlfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Phishing, attacks on cloud entities and ransomware bring new cybersecurity challenges this year
Next Article Oppo Reno7 Pro 5G review: A new sensor for a selfie camera
2 Comments
  • Bruce says:
    January 11, 2022 at 3:20 am

    Marak was co-founder of cloud platform Nodejitsu, which was sold to Godaddy in 2015, so I’ve never seen him as the downtrodden developer being taken advantage of by corporations.

    Maybe he is trying to raise awareness, or maybe he is trying to increase donations to pay for legal issues: https://www.qgazette.com/articles/more-charges-possible-for-astoria-bomb-suspect/

    Reply
  • Bruce says:
    January 11, 2022 at 2:05 am

    your comments box either clears or posts mid sentence, not sure which.

    Reply

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

FacebookLike
XFollow

Latest News

Promising speed and better coverage, Singtel 5G+ targets premium users
Mobile Telecom
May 15, 2025
Fujifilm GFX100RF review: Fun medium-format street photography camera
Imaging
May 14, 2025
Looks over AI? Samsung pitches slimmed-down Galaxy S25 Edge
Cellphones Mobile
May 13, 2025
Stunning AI advancements could transform healthcare, education and agriculture globally: Bill Gates
Internet
May 7, 2025

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
© 2024 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact
Join Us!
Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Username or Email Address
    Password

    Lost your password?