Read the thread in full, it’s much worse than The Verge makes it out to be - that was actually one of my contentions with this article when posting.

I don’t think this take is accurate at all. Her actions in that thread appear (to me) entirely as a result of her environment, and honestly there is no basis for the idea she is not of sound mind. The victim blaming is really offputting.

If they’re true, it’s more than likely this kind of abuse was happening throughout the organization and continued up until these allegations, so I’m glad she came out with them.

tl;dr: Customer Content encompasses all data originating from your machine sent to Zoom servers.

It never is by default. In fact, they got in a bit of a fiasco early on (before their current E2EE implementation) for using the term “end to end encrypted” after it was revealed they were simply referring to TLS.

Maybe, it’s definitely a possibility. What’s weird is the original uploader (https://1337x.to/user/VitaminX/) remains unaffected and users were reporting this up to 3 days before it was taken down with very compelling evidence - the miner was barely hidden and only when it blew up on Reddit was any action taken.

Absolutely. It took a bit of digging, but I found an archive with some of the comments: https://web.archive.org/web/20230805153327/https://www.1337x.to/torrent/5753101/Baldurs-Gate-3-GOG-Digital-Deluxe-Edition-Multi13-Baldur-s/

It only goes up to yesterday, so some of the recent comments (especially from mods) are missing - but this should provide sufficient evidence. Mods’ combative and defensive comments from today were widely viewed (just look at Reddit), their authenticity is not under question. That being said, comments from Ex0duS5150 are present, proving mods were aware of the listing early on.

User comments provide proof that malware was uploaded (and 1337x mods themselves admitted it was malware in the Reddit response), yet VitaminX remains unaffected on the site: https://1337x.to/user/VitaminX/

Also, to be clear, there is no evidence one way or the other that 1337x mods took a share of the money - not what anyone here really cares about anyways. What’s being put under scrutiny is the fact that they defended a listing which was clearly malware only until it gained attention on Reddit and similar.

You replied to this comment:

I think there’s been comments calling out the malware that have been deleted, possibly by the admins. In addition the infected torrentes stayed up for a long while (not sure if they still are or not)

… with this reply:

Haven’t seen any evidence of either of those things though…

Can you see how I would misunderstand what you were talking about here?

They admit the listing existed in that statement, and there are easily accessible records of 1337x mods defending the listing prior to its deletion (such as the comment I had also provided in my post). You may need to re-read it?

I can provide additional sources if necessary.

See my reply to Whiskey Pickle for the evidence.

See my reply to Whiskey Pickle for the evidence.

1337x mod response on Reddit, seemingly confirming the existence of the torrent: https://i.imgur.com/ij4CXIm.png

They appear to be implying that it was only checked, verified to be malware and deleted… after the listing was vigorously defended by mods and users complaining that it was malware were banned. Very odd.

EDIT: Found an archived copy of the listing before it was taken down by 1337x mods. Includes some comments (up to yesterday).

https://web.archive.org/web/20230805153327/https://www.1337x.to/torrent/5753101/Baldurs-Gate-3-GOG-Digital-Deluxe-Edition-Multi13-Baldur-s/

User comments provide proof that malware was uploaded (and 1337x mods themselves admitted it was malware in the Reddit response), yet VitaminX remains unaffected on the site: https://1337x.to/user/VitaminX/

There are preserved comments from the 1337x mods, such as:

Ex0duS5150: the next user posting, “Trojan found” is getting the ban hammer. Stop it with the n00bishness. this torrent is not dirty if you dont know what your doing stop DLing torrents.

reply:

IGGGAMESCOM: @Ex0duS5150: thank you so much for this reassurance buddy, now I can breathe a sigh of relief instead of having to “fight” with those guys, lol.

If the admins endorse malware, it’s best to assume the entire site is compromised.

It’s worth noting that KaiOS, a fork of Firefox OS, has been successful - particularly in developing markets.

You’re correct, I mistakenly copied the wrong section. (Posted this from my phone)

Fixed!

We’ve already seen this play out in several countries where web blocking is widely implemented (eg Russia, China.) People (generally) flock to state-endorsed alternatives rather than going through the effort of finding bypasses.

(As an aside, Chrome would probably comply with it. It’d be a lot more damaging for them than smaller browsers to block the entirety of France.)

Do you genuinely believe an average computer user, when presented with a block page, would attempt to circumvent it?

Maybe a small minority would, but overall I find it extremely unlikely. It takes a lot less effort to just download an alternative.

Theoretically yes, but I’d think that would just result in users switching to browsers which do comply with the law (Chrome, probably)

I love RedReader, but I know that the accessibility exemption is temporary. It could end whenever.

It just makes more sense to move to Lemmy regardless.

I find it interesting that even the conservancy can’t really say whether or not it’s OK legally definitively. Here’s hoping someone still takes them to court over this, wins, and sets precedence that it’s a violation of the GPL (extremely unlikely, but a guy can dream)

I remember people talking about potential scenarios very similar to this when Red Hat was acquired. They were right.

We clearly have a disconnect here. There’s a reason I always put a quote to act as summary in the description of my article posts, they provide more detail than the title could. At the end of the day, I think providing the original title regardless of its perceived quality is the better option when these posts are glorified links anyways. (I assure you it was not from AI, The Register has pretty high journalistic standards.)

When most people think of clickbait, there is a disconnect between the content presented and the title. There is no such disconnect in this case. Your interpretation of the word is an outlier, and even if I agreed that it was clickbait, you still haven’t convinced me it is a bad thing in this specific scenario.

Yeah - even if it technically isn’t legal, GPL violators have a long history of getting away with it. IBM has a legal team that’ll scare almost anyone away.

It could be argued that is also a restriction disallowed by the GPL (in my mind any terms that bring negative consequences for expressing your rights given by the license are restrictions), but at that point it’s really beyond my expertise on this subject. I’m not sure if the GPLv3 even defines this at all - maybe Red Hat is banking on that ambiguity.

Accidentally deleted my last comment… but a summary of what I had said, I don’t think it’s clickbait. This is an inflection point for the entire space and I actually considered changing the title because I didn’t think it properly expressed just how damaging it is. It restricts people receiving RHEL source, compromising existing derivatives and essentially closing off the possibility of any more. RHEL is an extremely influential distro, others will follow its lead. Also, it’s a copy and paste of the original title.

If you think anything I’ve said here is incorrect or you have a different perspective, I’m totally open for discourse. Just don’t go around leaving negative comments without explaining yourself - I was hoping this community would be better than Reddit too.

(Lemmy REALLY needs a confirmation box for that. Not the first time lol)

…I don’t see how this is clickbait, this is a major damaging move to downstream distros. They can no longer use RHEL source. Also, I just copy and pasted the original article’s title. RHEL is an extremely influential distro, others will follow its lead.

I actually considered changing it at first because I didn’t think it properly conveyed just how damaging to open source this is. This is an inflection point for the entire space. Red Hat is one of the most influential distros and others will follow its lead.

If you disagree with my take, fair, but tell me why. Same for all the people upvoting @carlyman’s comment. I want to have real discourse with you all, and I will change the title if you have good reasoning that it is in fact inaccurate. Like you said, we don’t want this to be like Reddit.

Another excerpt from the GPLv3 that explicitly describes and disallows what Red Hat is doing - you are explicitly not allowed to add any restrictions when you redistribute GPLv3 licensed software:

If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term.

…aaand an additional excerpt which disallows Red Hat’s restrictions:

Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License.

(note: “original licensors” is not Red Hat regarding any software other than their own. Red Hat cannot change or infringe upon rights received from upstream.) and ANOTHER excerpt:

If you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code.

I was confused they didn’t think of this either, but the language in the license is very clear. I see no way it cannot be infringing - the only way you can be restricted from redistributing GPLv3’d source is if you publish it incorrectly. If you override these rights in any way, you lose your license to distribute the GPLed software and it turns into piracy.

That’s ignoring the variety of other OSS licenses used for software in their repositories, many of which have similar (or even broader) redistribution rights.

Relevant GPLv3 language:

Section 4. Conveying Verbatim Copies.

"You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program."


Section 5. Conveying Modified Source Versions.

"You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so."

Most of their stuff is under the GPL. It’s a GPL violation to not allow their customers to share the source. I’m guessing they’ll reverse this decision (or selectively release everything they’re obligated to) within a week.

I think this might be true for iOS, isn’t the case on Android.

Yup, a lot of very sophisticated mobile malware does not have persistence. His advice holds up.

At the current usage, I really doubt it. If a significant amount of people start using RSS readers as an alternative to the third party clients they were using previously, it’s a possibility.

This strikes me as very exploitative. Capitalizing on loneliness to enrich yourself gives me bad vibes (especially when the users of this thing may actually be worse off mentally in the end, as @cnnrduncan mentioned).

I have no doubts that for some users, it’ll turn into a cycle. They’ll feel lonelier each time they use it, which pushes them to use it more, and so on. I had the same feelings about Replika years before ChatGPT became a thing.

0.18 will also massively improve the user experience for y’all (whenever Beehaw updates). They ripped out the old websockets architecture, which eliminates all of the weird glitches like upvotes disappearing or random posts popping up in your feed.

No, but I had the Game Boy printer back in the day! Printed a lot of Pokédex entries with that guy.

improving.duckduckgo.com is not something they try to hide, you can easily disable it in your search engine settings. DDG was launched in 2008 and has a pretty solid track record - I think we can forgive the Names DB thing at this point.

Tesla FSD is generally being regarded as a joke, Twitter is being flooded by dozens (or maybe even more) lawsuits for nonpayment - it seems like maybe Neuralink/SpaceX are his only businesses that aren’t doomed at this point?

Very exciting! Jerboa is nice but it’s always great to have alternatives.

Beautiful article, perfectly articulates my feelings on this. Maybe Lemmy and the rest of the Fediverse can help us break the cycle.