The famous open source audio manipulation program was acquired by a company named Muse Group two months ago. The same company owns other projects in its portfolio such as Ultimate Guitar (Famous website for Guitar enthuisasts) and MuseScore (Open source music notation software).
Ever since, Audacity has been a heated topic.
The parent company is a multi-national company and it has been trying to start a data-collection mechanism in the software. While Audacity is nothing more than a desktop program, its developers want to make it phone home with various data taken from users’ machines.
This is a sad situation all around – but at the same time, it highlights the incredibly strength, resilience, and unique qualities of open source. The new owner of Audacity might want to turn it into spyware, but unlike with proprietary software, we don’t just have to sit back and take it. Various forks have already been made, and a few months from now, one or possibly a few of those will come out on top as the proper continuation of the project.
I almost submitted this but I figured it would be on your radar, Thom. It’s sad when great open source projects with long histories of giving back to their communities fall victim to activity like this (Sourceforge/Filezilla, Paint.net, etc.). I’ll be following this project until a proper fork comes along, as Audacity is a large part of what I do with my workstation: https://github.com/temporary-audacity/audacity
“Filezilla, Paint.net”
Do you have a summary on what happened to them?
Sure. Back in 2013 Sourceforge started bundling spyware/malware with the installer for the Windows version of FileZilla. This didn’t directly impact the versions packaged for other OSes, nor the source tarballs, but it completely hosed the reputation of the project as a whole, especially considering at the time it was the absolute best FTP software you could get on Windows. This situation is how I found out about ninite.com back then, as I relied heavily on FileZilla at work for maintaining our websites and at the time I was stuck on Windows there (I am now the sysadmin so I have my own Linux box there for most of my work).
Paint.net started out as an open source project but its creator/maintainer made it closed source at version 3.5, and had closed the installer before that. Around that time malware started showing up in the installer and for a long time there was no way to get a clean version unless you had archives of the older versions, then used the built in updater. Later the updater would pull in malware for a while. Users (including me) would complain on the Paint.net forums about the malware and viruses included in the installer, and the maintainer would belittle us and complain about “freeloaders” expecting a great application without wanting to pay for it, as his justification for the malware.
Ninite came to the rescue again with a clean installer for it, and there was an open source “clone” called Pinta that used some code from the last open source release of Paint.net, along with a ton of original code. It had stopped development for several years, and most distro packages were buggy or incomplete, but recently it has resumed development and it’s becoming a real alternative to the closed source project.
Dang – as a LONG time user of Paint.net I am really saddened to hear this, and will look in to this deeper. I have recently installed krita and loving it (https://krita.org/en/)
Krita on Windows has improved a lot over the years. It’s still a bit GIMP-like in its interface but it is very powerful and a great free alternative to the big boys (Photoshop and Paint Shop Pro). You can also throw the developers some money if you wish by either “buying” it in the Microsoft Store or via donation on their website.
The previously mentioned Pinta is also available for Windows and again is a great alternative to Paint.net especially on that OS. Pinta is easy to build for nearly any *nix too; you just need the mono-devel and gtk-sharp2 packages along with the usual build environment (I highly recommend building it from source even if your distro has a package in its repos, as those are usually buggy and far behind current development, and the flatpak is a pain to get working right as well).
Don’t pick on FileZilla. It’s not their fault.
The big stain for FZ comes from 3rd party platform installers.
The official download contains no extra fluff.
What ever I for and communication you have as far as use is selectable in the options.
lostinlodos,
I don’t see these problems in the linux version. But on the windows version it irked me when they began showing ads, I believe it was the official version. It’s awkward when clients are using it and it pops up an ad for a competitor, haha.
It was an agreement between the FileZilla maintainers and Sourceforge to allow malware in the installer, they are not innocent in that fiasco. And as Alfman said below, there were also ads in the program itself in the Windows version, so yes the “official download” also had unwanted garbage. I’m not usually one to throw out the baby with the bathwater, but when my trust in a software project is broken like that, I drop them forever. It may be harsh but it’s necessary to avoid falling victim to computer based attacks.
I’ve seen a few popular apps on Google Play store hit their peak and then be bought out by shady companies who then turn the application into adware/spyware. It’s at that point I either freeze updates for that app or delete it. Some developers after the deal and before the takeover becomes live have rushed out an update. In one case a developer didn’t open source the app but put the last version they were the sole owner of up on their own server as a free download.
I’m not against takeovers or mergers per se but historically there have been far too many over the past few decades and a lot of them have been by predatory investors who often compromise or destroy the product and organisation and customer base.
There is a theoretical case in law to sue Audacity. This hinges on any change of primary aim and purpose and goodwill built up by Audacity. Arguably, there is a claim on the money the company was sold for and potential future earnings of Audacity post takeover. Anyone suing will need a good lawyer and a specialist in contract law.
This has happened many times with many projects (I remember a period where Chrome extensions were popular in this respect).
The main issue is monetization is hard, and it is even harder for open source projects.
If you have been maintaining a project for 10 years at basically sustenance levels, and someone comes with a generous cash offer, would you want to get out of the responsibility, and cash out? What if you have already lost interest? What if those people don’t look shady, but put an actual legitimate front?
The tradeoff is there even for those who has a day job, and can finance their own open source projects. Then, depending on location, their companies can put a claim on that work (fortunately not so here in California).
sukru,
It’s just one of those things. I can’t judge FOSS developers for not wanting to be poor. Even if it’s a project of passion, there comes a time when everyone has to throw in the towel and move on. This happens all the time and most projects simply end up abandoned. Yet most developers genuinely want to see their work end up good hands. The reality though is that it’s tough to find people who will be willing to do that work for free, especially if they’re buying the project for cash. Whether it’s a small project like this or a large project like firefox, the economics of FOSS have always been challenging especially for developers without a cash cow. They’re always criticized when they try to make money, yet without money they struggle to keep the lights on.
I agree. Athlander and javiercero1 are debating this issue in a separate thread about Apple v. Williams III in california no less. I’ve refused to sign some employment contracts that I felt were too onerous in entitling the company to own absolutely everything employees create without any limit on scope. They told me verbally they wouldn’t try to claim ownership for outside projects, but the contract as written didn’t say that. I’ve also heard that some states like california will nullify some employment contract terms as illegal, but I think signing a contract relying on presumed nullification is a dangerous gamble.
Standing up for yourself can mean the difference between having a job or not so I’d like to see federal laws make employee rights more explicit. Employers have rights too obviously, but there need to be limits which should be codified because of imbalance of power. It goes too far when employers demand access to employee activities outside of work like social media accounts.
Individual jurisdictions may offer some employee protections, but not having concise laws at the federal level creates a patchwork of confusing and inconsistent laws for laymen to keep track of.
https://www.employerslawyersblog.com/2013/07/nevada-restricts-employer-access-to-social-media-accounts.html
Alfman,
California is very good for both employees and employers, and it eventually works well for the economy. Side hustles are very important, and this is true even for universities. Stanford for example grew many companies which would not be thinkable in almost anywhere else. I know people who had to make a choice between their academic positions and pursuing their passions.
A professor can start an enterprise with the work they did at the university, with joint ownership. For example the famous “Page Rank” patent is assigned to the Stanford university, and as far as I know Google uses it with a license: https://patents.google.com/patent/US6285999B1/en
You are right, we should not have good laws somewhere, and bad at others. At least not after seeing the benefits.
Pleasure -> Minecraft / 2.5B$ / Notch -> Sorrow
Faustian pact…
The main thing is finding the right partner with business skills you are compatible with. It’s not always going to be the first person who comes along nor the flashiest. Assuming the personal chemistry is there you can move forward. Other people will set up a none profit so an organisation takes over and it is no longer dependant on one person. It’s not always a choice between profiteering and being a charity but sometimes somewhere in the middle. Really all this boils down to sustainability and support. It’s easier said than done but then everything is.
I know my skills and know my limits. I’m good at the design vision and architecture and innovating on technical details but to carry a business I would need a Chief Operating Officer. Some people work well with an equity split. Other arrangements are the COO gets a good remuneration arrangement that reflects their entrepreneurial skills while seperating out the value of the IP which you retain. Getting a lawyer to hammer this out is expensive.
Some people have navigated this problem well while others I know have come unstuck. I think there is opportunity in this space to come up with a form of social democtratic and equitable model. So far people have been fixed on code and copyright and this model is breaking down. The time may have come for drafting a model to step in to the business development and community space which recognises peoples value and contribution. It can act both as a guide and a buffer to the more unpleasant aspects of the world and help build assurance at an early stage. There are sharks out there and the sooner it is put down in writing and there is a document you can point to which lays everything out the better. The sharks will move on to easier targets.
HollyB,
The problem is, without the “much dreaded” price mechanism, there is no known consensus on value. Yes, XKCD is correct, and a thankless developer doing free work might be providing value to millions or even billions of people: https://xkcd.com/2347/ . However we don’t have anything to measure it.
(Metrics like number of downloads or number of dependencies can easily be gamed. Look at academic paper scandals, or older PageRank “Google bombs” from earlier Internet days).
The issue with open source is, we really cannot measure the contribution of each individual project.
One university student might be hacking together a very snappy OS written entirely in amd64 assembly. But it only has educational value, … even though there might be years of love poured into it. On the other hand, a simple npm package written in a day might be solving the day to day needs for millions of javascript developers.
I really do now know an all encompassing solution to the dilemma.
@Sukru
I would benchmark with existing business and measurable benefit from NGO kind of work. Yes, I know some are taking overinflated remuneration and behaving like poverty pimps but I don’t mean them. You mention gaming of metrics and utilitarian value so broadly speaking we’re on the same page. There are workable models to choose from. This is why I’m happy pointing this out and leaving it up to people to reflect on what is possible and make their own minds up about how to proceed and what system to implement.
You could have business licence fragmentation or go for something like the Creative Commons type of licence scheme. Again, I leave it to the reader to decide which direction to go.
The essential point is once the idea is out there it can be researched and talked about and essays written and sample documents produced which is around the time people begin thinking more seriously of implementing.
The involvement of companies in Open Source projects has it’s share of problems most of the times. But I do think Audacity could benefit from this, especially the UI and usability could really need some attention. So I hope these issues get worked out between Muse and the community and the project can continue without being forked.
Anyway, the headlines of both the original and the OSAlert article could have been worded a bit less dramatic in my opionion, but I guess that’s just not fashionable these days
I agree that a fork and the resulting fragmentation would not be a positive development for end users, especially given the nature of the ecosystem revolving around Audacity with all the third-party plugins. But at the same time, this looks like another classic example of corporate interests taking over and ruining an established free software project, and the company seems to be acting exceptionally boorishly, so I’m not optimistic.
The spyware element of the software while technical on the surface is actually very useful marketing data. They can make estimates about whether you are a lone artist or working for a company. Via the kind of technical information they collect over time they can guess what your procurement polices are and how much money you spend. Various other elements which are more “business information” can be indirectly derived. When being tracked in real time this can indicate things like business expansion plans. It’s also possible by running this data past other databases containing industry profiles to have a guess who you are. From this they may be able to derive more critical industry data and who you are doing business with. Given the billions of revenue at stake in the entertainment industry this will be of espionage interest to a state or large business interests.
Once your data is out of the EEA especially the US or Russia anything goes. In the US your data automagically becomes company property. In Russia it becomes subject to very funny nationalistic practices and legal loopholes. The last time I checked you have to opt-in to data being transferred out of European safe harbour. They can’t just grab it or assume they can grab it or push T&C’s which allow them to grab it.
Most of this is about protecting their interests not your interests. A substantial part of the following definitions are left undefined or the fine print not mentioned.
Paid software, the same sh*t forever, behind a, guess it… a “company” Yess!. Sadly, there is not always an open source alternative driven by a kind community.
related news on cdm:
“Audacity makers clarify data usage – and there’s not reason to dump the editor yet”
https://cdm.link/2021/07/audacity-makers-clarify-data-usage-and-theres-not-reason-to-dump-the-editor-yet/
I didn’t read anything in that article which indicated the problems had gone away. Their explanation is getting worse not better. Claiming they are “not doing XYZ full stop” is just words. It’s what is in the contract and their real world business practices which matters. That they had legal advice so shabby it cleared the initial policy is worrying enough. Their rushed rebuttal makes me wonder even more. There’s just too many loopholes before and after for me to trust them. The onus is on them to prove it.
You know, there are VPN companies that do not store logs !
Not !
There are loopholes in their statements on log retention. You can do an awful lot with a 24 hour window. The data itself can be de-anonymised later in the form of a fingerprint and fingerprints can be compared with varying degrees of assurance. In other words saying you are throwing the logs out after 24 hours says nothign more than you are throwing the logs out after 24 hours. It doesn’t say a single thing about fingerprinting and deep analysis which they are very careful not to mention.
They may also as you note simply be lying. Curious they have a US lawyer yet not a European lawyer. Curious also they don’t have a data processing architecture which is legally insulted from abuse. There are simply too many breezy “trust me” statements and curious things with lots of undefined elements which reek of loopholes. Sadly experience has taught me to assue they are lying and if not now then later or, more accurately, telling us the version of the truth which suits the moment which is another form of a lie because as the situation changes they will have another version of the truth. In other words somebody somewhere is lying about something. It may just be they are lying to themselves.
From what I’m reading at Ars, there was an initial out-cry by Devs on GitHub, but there was then some major modifications to make it opt-in, as well as default compile (e.g. what most distros do) does NOT include that code.
https://arstechnica.com/gadgets/2021/07/no-open-source-audacity-audio-editor-is-not-spyware/
So yes, some potential concern initially, but then the changes they made at the behest of the community seems like a solid change from where I’m sitting.
One thing I don’t understand is how something like this can be implemented as open-source. Do they just lay out the collection code or is Audacity now sort of “open-source with closed-source components” thing?
This is essentially brand management issue because that’s what those companies are buying really. The problem is that all contributors kind of added value to such software and indirectly the brand it represents throughout the years and now they have right to consider themselves defrauded.
There were numerous examples in the non OSS world too like companies buying a dying brand solely to use it to sell some low quality crap until it’s totally tarnished.
Unfortunately the bad reputation such project then gets affects the OSS world in general, and I think there should be some ways to protects against such practices embedded in next gen OSS licenses.
I don’t know if a licence is the right place or not to put this kind of stuff but I have commented higher up the thread on the need to define a model for sustainability and some of the elements which may be considered. Whatever happens lawyers will have to look into this. Because of the tight integration of law and business practices and politics it will need to involve European lawyers and points of view. I wouldn’t leave this to the Americans.
I’m not going to be prescriptive because it needs people with expertise in these areas to give their input and give everyone have a chance to have their say.
‘No, open source Audacity audio editor is not “spyware”’
https://arstechnica.com/gadgets/2021/07/no-open-source-audacity-audio-editor-is-not-spyware/
The whole thing whiffs of a dodgy arrangement with too many loopholes. I don’t look to Arstechnica for advice on these issues. They may be good with technical breakdowns and broadbrush industry issues but they have no expertise with European human rights law or European business practices and politics which are integral to this.
Don’t believe everything you read in the newspapers or the first thing to pop out of Google.
HollyB,
You clearly haven’t _read_ the Ars article, and you’re definitely not familiar with its author. Jim Salter is a working sysadmin, and _very_ knowledgeable about open-source. His article is well-researched and refers to Audacity’s _actual_ dev community forums. I believe his conclusion that Audacity’s final choices here are ethical and correct, and also that the balance of evidence suggests that this initiative was well-intentioned from the outset.
Please _actually_ READ the article that three of your OSAlert peers have referenced before commenting further about it, or the story in general.
I glanced through one link making assertions defending them which were full of holes and couldn’t be bothered to repeat the exercise. I honestly couldn’t care less about Jim Salter being a working system admin or knowledgeable about open source. Is he an expert in business practices and human rights issues and jurisdictions outside of the US? I think he’s trying too hard to sanitise the issues and excuse them after the event and he still hasn’t addressed everything to my satisfaction.
And don’t make assumptions and tell me what to read when I have read it. Try reading what I wrote first then ponder it hard then go back to the article and work through it slowly and carefully instead of swallowing something wholesale that your mate said on a branded website on the internet.
Ok, I’m done with you. You clearly can’t carry on a discussion like an adult when challenged. And by the way? If you write something in a tone of voice that you wouldn’t have to guts to use to my face, you’re doing it wrong.
And if you buy any of that? I have a bag of genuine 100% real Unicorn Farts to sell ya, it’ll cure cancer AND wrinkles! Give me a break, Audacity has ZERO reason to be collecting telemetry, hell they could do just like any of the bazillion FOSS projects and have a bog standard Opt In Crash Report (which they know would probably never be used as I’ve been using Audacity for over a decade on some seriously flaky boxes and its never crashed) so if they are sticking with this policy DESPITE the entire community saying DO NOT WANT you can bet your last dollar they have found a way to monetize it.
And remember boys and girls when they put in a line like “Data necessary for law enforcement, LITIGATION and authorities’ requests (if any)” that means the RIAA as they can just spam lawyers at US courts until they get to do all the fishing they want. Yeah…I’ll stick with the 2.x line until the forks is established and then like Open Office to Libra Office its hasta la pasta. Shame as it has been a great tool for me for ages but nice thing about FOSS is if the original owner turns hostile it will always get forked.
I’m aware of OpenOffice’s history back to its roots with Sun. I only ever loaded it once in its early days to have a nose before deleting it and missed all the various troubles, just to put things in context. After Microsoft introduced that infernal bar and I couldn’t find anything on top of upgrade fatigue I switched to Libreoffice. They have had a head of steam for some time now and I like using it. My needs are simple and it does what I want without changing on me every other year.
HollyB,
Same here. I felt office was one of microsoft’s best products, and for a long time I couldn’t find FOSS tools that were of comparable quality. I really did like excel a lot. The biggest problem for MS was MS themselves. OpenOffice/LibreOffice were relatively slow to improve, but given that microsoft was making MS office worse for so many of it’s own customers, it made switching to L/O a whole lot easier.
Thom,
I’m going to join Drizzt321 and Zayn in the linking the Ars report on this (https://arstechnica.com/gadgets/2021/07/no-open-source-audacity-audio-editor-is-not-spyware/), and I strongly recommend that you review that story (and the Audacity dev community posts that it references).
I believe that your initial take is in error, and should be revisited in light of new evidence. I can confirm that Jim Salter is both knowledgeable about the domain and always thorough in his reporting.
@Holly
The data collection will be opt-in.
The data collection will not be compiled in on a default compile.
The data collection code isn’t even in the current release of Audacity.
This drama was solved to the satisfaction of the Audacity developer community two months ago.
Jim Salter really does know what he’s talking about and is a very respected professional sysadmin with decades of experience.
I’m CISO of a cyber security consultancy as well as having 30+ years of development experience, so I’d like to think I have just a little understanding of this. YMMV.
@Zayn
This is all after the event reportage. I couldn’t care less about Jim Salter being a “very respected” professional sysadmin nor could I care less about you being CISO of a cyber security consultancy with “30+ years of development experience”. When issues concern business practicies and human rights I would pay exactly the same amount of attention to a local government admin or a plumber which is exactly zero. I make up my own mind for my own reasons and don’t respond to random job titles trying to whack me around the head.
I’ve come across enough boundary pushers and “mistakes” and hasty scrambling to catch up when hands have been caught in the cookie jar to last a lifetime and when trust is gone it is gone. I don’t care if it was resolved to the satisfaction of the “developer community” or was resolved “two months ago”. I’ve heard all that before only to see the same people pull the same games when the heat has died down.
So your qualifications as an “expert on European human rights law and business practices” are…?
Or am I just talking to someone with no education or experience in those fields who likes the sound of their own voice?
And you sir can get snarky and wave your wittle flag until your arms break but lets look at the facts shall we? Company pays a LOT of money to buy Audacity and then despite the entire community saying this is a DO NOT WANT they cook up a lame BS excuse to why they are doing it anyway…does 2+2 not equal 4 in your reality?
Companies do NOT pay that much money for a project out of the goodness of their hearts, they do it because they ALREADY have a plan on how to moneitize the property, and if the plan isn’t charging for the program itself then YOU are the source of the revenue as they moneitize the data collected from you.
So if you buy their BS then I will be more than happy to sell ya a 100% genuine bag of Unicorn farts, complete with a letter of authenticity from “an expert in blah blah blah with 30 years exp who is happy to cash my check to sign off” and its limited supply, act now!
That’s great to hear. I still have zero faith in Muse Group at this point; backpedaling is _always_ an admission of guilt. The wonderful thing about open source is that forks with zero phoning home will emerge (some already have), and anyone who is concerned about this whole issue can move on with a fork and everyone is happy. Well, everyone except the shills, right Zayn?
@Morgan
Some people are never happy lol
Zayn,
Dis-engage with this one. The kind of people who get this pissy when presented with reasonable facts that don’t agree with their pet position really aren’t worth your time or mine.
@Kuraegomon
I should know better tbh, I have a relative that behaves the same way. Always has to say the opposite of everyone else and spends her life arguing with people on the internet.
https://xkcd.com/386/
Kuraegomon,
I’m glad you and Zayn have provided additional information, maybe it’s much ado over nothing. Sill it is up to everyone to make up their minds as to whether to trust the new owners and it’s perfectly natural for people to be skeptical over their intentions.
The new age restriction seems suspicious, what do they intend to add that they can no longer distribute audacity to kids? It creeped me out when they said they were going to track audacity using google analytics, but at least they changed their mind when the community complained. Personally I’m not a fan of trackers, but if it’s genuinely opt-in it’s already better than most. So I’m willing to keep an open mind. At the same time though many of us have seen the way new owners can take something good and corrupt it to turn a profit (aka pull an “oracle”). We have to see how this one pans out.
@Alfman,
People below the age of 13 (up to age 16 in some member states) cannot legally give consent for any PII whatsoever to be collected according to Article 8 of the EU GDPR.
https://www.privacy-regulation.eu/en/article-8-conditions-applicable-to-child's-consent-in-relation-to-information-society-services-GDPR.htm
I assume they are just choosing 13 as the lowest common denominator for compliance with the regulation.
Russia has similar protections in place for collection of a child’s PII too.
The new owners have listened to feedback from their community of developers and implemented changes to make everyone happy. That doesn’t happen often these days which is commendable.
Zayn,
I haven’t seem such restrictions in any other applications I regularly use, certainly not with FOSS, hence my suspicion. A better option than for the TOS to block children from using audacity would be to have a checkbox disabling the features that would violate the law.
I think it remains to be seen, but like I said I remain open minded. The new owners could work out fine.
@Alfman
“I haven’t seem such restrictions in any other applications I regularly use, certainly not with FOSS, hence my suspicion. A better option than for the TOS to block children from using audacity would be to have a checkbox disabling the features that would violate the law.”
How many FLOSS applications collect PII though? Can’t say I’ve seen many. I think the new owners probably haven’t got very experienced data privacy experts on the team and wanted to look like they were taking GDPR seriously. I see it all the time in other companies sadly.
“I think it remains to be seen, but like I said I remain open minded. The new owners could work out fine.”
So far so good. If they screw up, the code is there to be forked, no one loses except them really.
I get the impression that if they sold a dual licensed proprietary version but also kept the code GPL for others to compile as they wish that some people would still get their knickers in a twist and whine for the sake of it. (I’m not accusing you of being one btw )
Zayn,
That’s just it though, if they’re collecting personally identifiable information in a way that the law would frown upon for children, then perhaps they should rethink that. IMHO they need a really good justification for doing it. In practice it’s one of those things that 100% of reasonable people will ignore and we’ll move along. But in principal It feels regressive to introduce barriers between children of FOSS.
Debian has opt-in package tracking, but to my knowledge they do not prohibit children from using Debian, so it makes me wonder what the difference is here.
IMHO if GDPR compliance is indeed the issue, audacity terms should just prohibit children from opting-in to the tracking (assuming it is opt-in as reported). This would be no worse than all the websites that have users (including kids) opt-in to cookies for GDPR compliance.
@Alfman
“Debian has opt-in package tracking, but to my knowledge they do not prohibit children from using Debian, so it makes me wonder what the difference is here.”
Popcorn doesn’t collect any PII whatsoever.
Audacity will collect at least your IP address, which is PII.
As I said, I think it’s likely that the Audacity owners don’t understand GDPR correctly, hence the “Please don’t use this if you are under 13” statement and as you said, it should be mentioned only on the opt-in to telemetry dialog.
Zayn,
I’m not really sure where Debian is legally incorporated? The server I lookup is outside the EU’s jurisdiction. I checked but their page doesn’t specifically mention IP addresses other than to say it can be eavesdropped by 3rd parties.
All online services have access to the IP addresses for purely technical purposes that have nothing to do with privacy. Not logging IPs at least temporarily can be irresponsible for administrators tasked with protecting servers and weeding out abusers. So I am very skeptical about claims that Debian isn’t at least temporarily logging them for both popcon’s HTTP and SMTP interfaces because it’s technically necessary for responsible administrators to do their jobs. Without evidence to the contrary, I am going to assume that Debian is logging IP address like everyone else does, but they might not be associating IPs with the telemetry data they collect, which IMHO makes a big difference for privacy.
Also note that debian’s usage survey specifically uses a tracking ID (that works much like a browser cookie):
https://popcon.debian.org/README
https://popcon.debian.org/FAQ
Yeah, and I realize nobody’s going to read it in practice, but since I did it feels bizarre having that restriction there. At least the source code is released under GPL, which has no such restriction.
On one hand, the amount of tracking, data mining, “telemetry”, invasions of privacy, blatant disregard for people being anything more than currency, is a sickening abuse of humanity. On the other, people have a nasty habit of feeling entitled and have little to no appreciation for other people’s time and efforts. A lot of people think they deserve high-quality free software with no strings attached and no obligation to its author(s) beyond lashing out when they don’t get what they want.
I love the idea of FOSS but we live in a world based on economics. Most people don’t have the luxury to commit countless hours, energy, and other resources to fulfill people’s sense of entitlement. Idealism is not realism. Good luck paying for food, clothing and housing with “likes” and thumbs-up emojis. I have yet to hear a single good reason why a company shouldn’t buy Audacity and monetize it.
@Friedchicken
Too many people these days have a self of entitlement. Always banging on about their rights but don’t seem to have the maturity to accept that with rights come responsibilities.
It’s not even an age thing because I see even GenX and baby boom people behaving like this not just millennials and kids.
I’m no shrink but narcissism and oppositional defiance are far too common in some Western cultures and it’s even starting to be common in the developing world too sadly.
aaand it forked.
https://github.com/tenacityteam/tenacity