-40
Software with politic opinion is are security threat (vitonsky.net)
submitted 2 months ago by vitonsky@programming.dev to c/programming@programming.dev
23 comments fedilink hide all child comments
top 23 comments
sorted by: hot top controversial new old
[-] luciole@beehaw.org 32 points 2 months ago

I would like to offer as a counterpoint that everything is political. Tech is no exception. Tech is a tool, a tool comes with a specific affordance and an affordance suggests to the wielder a certain worldview. To wilfully ignore the social and political impact of one's work does not protect it from the world's turmoil.

[-] 0x0@programming.dev 2 points 2 months ago

How is a text editor political?

[-] luciole@beehaw.org 13 points 2 months ago

Whether it is being offered to the end users as free (as in freedom) software or as paid closed source has the usual implications. Ease of use, accessibility measures and support impacts inclusivity. Supported languages (natural and programming) will influence further who uses them or not. What constitutes the user base will determine what’s it’s used for and in turn will apply pressure to the editor to take a certain direction.

Political impact is not always obvious and not every single grain of software will be infused with a powerful one. The point is that our choice is either to ignore it or to acknowledge it. We can’t opt out of the world; blind neutrality is as political as any other position.

[-] Kaboom@reddthat.com 5 points 2 months ago

Whats the position of vim?

[-] Gobbel2000@programming.dev 5 points 2 months ago

A major political agenda of Vim is to support children in Uganda. A message about that is displayed whenever you open Vim's start page. Bram Moolenaar insisted on users donating to the ICCF charity instead of to him, making Vim a very political editor in my view.

[-] SatouKazuma@programming.dev 3 points 2 months ago

It's a major supporter of Big Shortcut

[-] 0x0@programming.dev -1 points 2 months ago

It's. A. Text. Editor.

Are you referring to any political views its author might've had? 'Cos all i could find is some charity stuff.

[-] Kaboom@reddthat.com 2 points 2 months ago

No, I was agreeing with you, just adding another example

[-] stepan@lemmy.cafe 1 points 2 months ago

I think it's absolutely fine for software to show support for something political (e.g. supporting Ukraine against Russia), but I agree with the author that it's not ok to act violently against certain group of users (e.g. wiping Russian PCs). Not because I don't like the idea of Russian PCs getting wiped, knowing majority of them support the agression against Ukraine, but because they can do the same thing. They will wipe our PCs with theirs NPM packages or whatnot, we will malwarize more of our software to attack them and so on. The end result will be that:

  • unradicalized Russians will be radicalized because we wiped their PCs (and vice versa)

  • we can't use a lot of great software out of fear that it's authors will wipe our PCs (and vice versa)

I see nothing good coming from this type of cyber war for either side of the conflict, and thus I don't think we should support it.

[-] luciole@beehaw.org 6 points 2 months ago

Agreed that it’s an entirely acceptable position to try and avoid being stuck in the crossfire of cyber warfare. Let’s be clear though, cyber warfare is already going on and Russia+China are pulling no punches routinely wiping American and European servers in various ways. Anyone on the front line of cybersecurity sees them knocking ceaselessly.

[-] 0x0@programming.dev 4 points 2 months ago

knowing majority of them support the agression against Ukraine

Do make me laugh with your sources.

[-] onlinepersona@programming.dev 16 points 2 months ago

There is no way to completely protect ourselves from cyber attacks, but at least we can avoid software with an "opinion."

Well... everybody has an opinion. It's inevitable as thinking beings. The difference is whether people are willing to act upon it.

There are many projects with a Code Of Conduct out there that could be interpreted as very left leaning. There are projects with the express purpose of fighting subjugation or helping journalists' ability to report on political topics. Signal is an example of such a project. Are those projects to be avoided too?

Anti Commercial-AI license

[-] vitonsky@programming.dev -4 points 2 months ago* (last edited 2 months ago)

Well, the Linguist is no have any public opinion. You are welcome to use the unique project who care about UX, and don't care about political views of their users.

[-] trashgirlfriend@lemmy.world 12 points 2 months ago

Hi!

This is a political opinion that you hold!

[-] Miaou@jlai.lu 1 points 2 months ago

How does this tool translate "Taiwan is de-facto an independent country that should follow its own path, rather than be integrated to the mainland." to Chinese (simplified)?

[-] stepan@lemmy.cafe 1 points 2 months ago

I appreciate that, thanks.

[-] gravitas_deficiency@sh.itjust.works 16 points 2 months ago* (last edited 2 months ago)

Reading between the lines, sounds like he’s pissed about being called out for being a Putin apologist and following Russia’s party line on Ukraine.

You’re not going to shame people into disowning their morality. This isn’t a fight you’re going to win.

[-] SatouKazuma@programming.dev 13 points 2 months ago

What the fuck did I just read? The headline even is completely unintelligible.

[-] trashgirlfriend@lemmy.world 10 points 2 months ago

Someone blocked me on twitter dot com :(

[-] stepan@lemmy.cafe 2 points 2 months ago

If I understand it correctly it isn't the blog author who got blocked.

[-] StryderNotavi@infosec.pub 8 points 2 months ago

He also seems to be throwing in unrelated concerns and just glossing over the details that bring their relevance into question - consider this paragraph

Browser extensions, mobile, and desktop apps also implement logic to attack users by regions and based on their political views. Nowadays, there are many teams who buy popular apps and browser extensions to inject malware. I have a blog post about it.

You're not going to be able to identify whether a developer might do a deal that compromises a library you use based on their political stance - it's an entirely unrelated threat vector to his core thesis (and even his own related blog post recognises this, discussing how developers of browser extensions are sometimes tricked into including malicious code - something that is even less related to their political beliefs than their willingness to take a bribe or payout.

[-] mrkeen@mastodon.social 6 points 2 months ago

@vitonsky this link is political. Do not click it! (You know, for security reasons)

this post was submitted on 21 Jun 2024
-40 points (22.2% liked)

Programming

16991 readers
394 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 1 year ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz