It seems those words have somehow found their way back on the website.
Time to raise awareness again and try to make Cyph understand. If the fedizens would like to join the effort and leave a little comment on the issue, that'd be awesome!
Just to make sure we're on the same page: I'm asking that, if you agree with this stance, you make your voice heard in a polite manner. This could be as simple as putting a thumbs-up on the issue I raised. In fact, unless you're adding to the issue, there's no reason to post a comment. A thumbs-up will suffice.
I'm not inciting harassment. The issue simply deserves a level of attention proportional to the crowd that agrees with it. If none of you care about this, the issue should reflect that.
“open source” was in use before OSI created a marketing term in response to political “Free Software” by FSF.
OSI cannot enforce term “open source” but clearly that creates confusion because we don’t have a popular term for a software with open code base e.g. “public source” is also confusing.
I hear arguments from both sides but using ‘open source’ is not false advertising in this case.
‘Open Source by OSI’ has a specific meaning and list of licenses.
‘Free Software by FSF’ has a specific meaning and list of (fun fact: different) licenses.
‘open source’ is now a generic term and lost its meaning like haggis, appstore, hoover, jetski, pampers, thermos, etc.
We can thank OSI for trademark erosion.
That's a rather bizarre logic. I take it you are happy to be sold horsemeat as "beef", brooms as "hoovers", and handkerchiefs as "pampers"?
What matters is whether advertising claims are misleading (intentionally or not) – not whether someone owns a specific term or has regulated around it.
@selea @reto @yarmo
Incidentally, generic terms have commonly agreed upon meanings too. In this case, all the dictionaries I can find – Oxford, Collins, Merriam-Webster, Cambridge – all have definitions that include some combination of rights to use, modify, redistribute. The software in this case lives up to none of them.
@selea @reto @yarmo
@gamayun that’s a valid argument but it’s weak because for example https://www.merriam-webster.com/dictionary/open-source notes first usage of ‘open source’ as 1998 which is false.
“open source in British English
a. intellectual property, esp computer source code, that is made freely available to the general public by its creators”
So I doubt we could win a case against Cyph in a court based on that.
@fudgel I wasn't arguing that dictionaries are arbiters of truth. They are just good indicators for established usage - and *some* less specific definitions don't invalidate *most* definitions.
Of course, if nobody complained when there was pig-gelatin in the "vegetarian candy", no beef in the "beef", or no open source in the "open source", commonly accepted usage might change. Hence people are complaining.
@selea @reto @yarmo
@gamayun In late 90s OSI took an in‑use term ‘open source’ and made it *narrower*. That definition is now popular but it gives us no power to enforce that *narrower* meaning onto others. That’s why descriptive terms are refused as trademarks.
A proper food comparison is defining ‘vegetarian candy’ as a vegetarian candy + some restrictions and then enforcing that meaning on a vegetarian candy without those restrictions.
I hope that makes it clear where’s the issue.
if something is not clear then please ask about clarification. I’m trying to explain why using descriptive term was a mistake, why we cannot legally enforce ‘open source’ on others, and why using descriptive term is not ‘false advertising’ *legally*.
The situation is confusing and the best way forward *IMO* is grant OSI rights for ‘open source’ and let them enforce it. Otherwise we can only shame (or harass) ‘open source‑in‑descriptive‑sense’ folks.
How come you are so hung up on whether you can win a hypothetical court case?
Customs and norms always come before laws and regulations, not the other way around. You are arguing that people should just abandon terms that have clear and established use over +30 years, just because you can find examples of different use and the term has become more clearly defined over time. That's how language works!
@gamayun There’s a misunderstanding if you came to a conclusion that I’m arguing anyone should abandon ‘open source’ (which btw didn’t have established meaning for over 30 years, OSI re‑defined term in 1998 and made it stricter).
Words can have many meanings at the same time and we cannot *legally* enforce only one meaning on others.
Anyone can use descriptive words to describe things that’s why using descriptive terms as trademark creates issues.
@gamayun does beef describes horse meat in a literal sense?
Does hoover describes a broom in a literal sense?
Does open source describes an open code base in a literal sense?
In this case it matters whether the term is descriptive or not.
Trademark erosion examples were about mishandling of OSI.
I’m sorry that I did not make that clear.
I'm really surprised they don't just fess up and state on the website they are open core. Well I'm not, they are trying to appeal to FLOSS. They just use use a paragraph to say they are opencore without saying. But if you are a developer and you care about fully open free to use code don't go down this route. Heck release your code under GPL. They pay lipservice to FLOSS as they want a business with access restricted to their code.
@selea @reto @yarmo
@fudgel @selea @reto @yarmo It's technically not an unambiguous lie but practically misleading, given that in software open source is generally understood today to mean under a licence that allows free use, modification and distribution, whether it meets the OSI or FSF definitions or not.
Even the license that they use calls itself a *reference source* license.
I wouldn't support harassing them over it but it's misleading.
@byron Term ‘open source’ was and can be used in descriptive manner.
That’s confusing and that’s exactly why we are not able to register descriptive terms as trademarks.
OSI created that situation by choosing (already in use) descriptive term ‘open source’.
What Cyph is doing is unkind, can be misleading for folks not checking the license (we should always check the license)
and can be misleading on purpose taking into account their past. I’m not disputing that.
@reto hostile behavior is making proprietary software and then freeloading off the labor and reputation of open source.
In a society shaken by corporate scandals, open source is slowly becoming a concept that stands for openness, security and privacy friendliness. We, maintainers of foss, must act now to protect that standard before it falls to corporations and businesses who will just deceive their users with false promises.
@reto I use the word secure because I never handle private keys, I do not store any user data nor allow the website to do anything that could alter keys in any way.
But you know what? I agree with your point. Not handling user data doesn't mean it's secure, it just means a security breach will have much less impact.
I need to reconsider the use of that term and would love feedback on it. I cannot guarantee "secure" without a proper audit.
The power of dialog 🤗
“secure” is popularly known as “that word that means safe but by real no-nonsense guys” so I think you can use “secure,” even if someone occasionally bitches about the technical definition. You could also reword it so it says that the user is secure, rather than the platform. “A modern, safe, and privacy-friendly platform to establish your secure online identity?”
I am admittedly very leery of your claim to safely “perform basic cryptographic operations.” For instance, if I use your “Encrypt” form to generate an encrypted message for someone, then didn’t your server just see the message, unencrypted? And couldn’t your server verify a bogus signature, claiming it’s signed by just about anyone? A service to link accounts is valuable enough. Probably can scrap the cryptographic operations part, or replace it with tutorials or something.
@cy encryption happens in the browser so the server did not see the message! That would have been a terrible design…
But the proofs, yes, someone could change the code and verify bogus proofs. Working on apps to solve that issue.
And yes, I want to scrap "cryptographic operations" 😉 focus is on identity
@yarmo Eh, yeah, it's a little shady I guess. But their explanation when you click the "open source" link isn't unreasonable either. Rather than just taking you to GitHub, it takes you to a post where they explain clearly what they mean by the term.
What term would you prefer? "Public source?" I personally don't feel decieved based on their website alone.
@pcrock it could say "source code" which is an accurate description without promising open source values.
The dev agreed with our request last time so there was mutual understanding of the potential power there is in using the words "open source" relative to "source code" or "code available"
@yarmo Yeah, agreed, I suppose there are better alternatives that would communicate the idea to average people well, while still respecting developers like us who have a very specific definition of what "open" means.
@yarmo It seems like a long time ago that open source was considered dirty. Remember Steve Ballmer. Nowadays it's a popular marketing term like green or bio. These terms have eroded and have therefore become meaningless and are only meant to separate you from your money. That's pretty hard to swallow for people that recognize and promote the importance of FLOSS.
@ericbuijs what do you think is the way forward? Defend the words open source? Or are they too far gone and should we find a new term?
Open-source: the source code is open
Free/libre: follows the tenets of Debian/FSF/OSI
If you think free/libre is too muddied or whatever, open-source as approved by OSI or OSI approved is a good term
Also, the Wikipedia article ( https://en.wikipedia.org/wiki/Bitwarden ) starts, " _Bitwarden is a free and open-source password management service that stores sensitive information such as website credentials in an encrypted vault._ " with the " _free and open-source_ " linked to https://en.wikipedia.org/wiki/Free_and_open-source_software.
I don't see what is wrong with BitWarden that you had to bring it up here.
@threed ah, your first toot was kind of ambiguous. this one makes sense.
well, if you wanted to judge a product by the choice of service providers they use to host their services, then you shouldn't be using a lot of other software either. I know #GitLab is hosted on #Azure as well. I can speculate that #GitHub and #npm might move from #AWS to #Azure in the coming future too.
but that's not the topic of discussion here. we're talking about how the term "open source" is being (ab)used by mis-interpreting its meaning by releasing code with a read-only license.
> In addition to the patents, our source code is licensed under Ms-RSL, which is effectively a read-only license; this means that third parties can’t fork and modify our code or deploy their own instances of Cyph without our permission.
So you can inspect the code if so inclined, but cannot copy or modify it.
This could be an ugly surprise for someone who thinks "even if the startup pivots, there's still the community"
I think what's more disturbing than anything is Cyph filed a patent in 2015 ( https://patents.google.com/patent/US9906369 ) which appears to describe Hyperboot ( https://github.com/substack/hyperboot ), a project that @substack started in 2014. Guess what, they got the patent.
Now there's not only marketing confusion but confusion about whether it's legal to work on Hyperboot without paying royalties to Cyph.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.