03.25.20

Gemini version available ♊︎

Microsoft Continues to Attack and Steal From the Open Source/Free Software Communities

Posted in Deception, Free/Libre Software, Microsoft at 12:42 am by Dr. Roy Schestowitz

Law-breakers won’t change their ways; they only optimise their PR strategy (and bribe more of the media to play along)

Microsoft Loved Linux.

Summary: Microsoft cannot be trusted and there’s no “new Microsoft,” as another fairly new story serves to show

“Shocked, Roy!”

So said a reader of ours, who used to work for Microsoft.

“Microsoft copies/steals lerna,” our reader summarised, pointing to this archived copy/snapshot of a page that’s now gone (although the Web site is still there).

We are gratified to see that more people from inside Microsoft are starting to see just how evil the company really us. I know of several such people, some of whom I speak to regularly. They have inside information and leads/tips.

It will be good for Techrights to make a copy anyone can find by searching. The original was removed. Sometimes Microsoft bribes or threatens to make this happen (e.g. threatening through one’s boss/customers). We covered examples of that in past years.

With the original deleted we think it would only be fair to reproduce the full message (the emphasis below is ours for the “tl;dr” crowd):

I think it’s time I publicly shared about how Microsoft stole my code and then spit on it.

I’d been waiting for them to do something about it, but that is clearly never happening.

When we were working on Babel 6, one of the big changes was to split everything up in to nice little plugin packages. However, this created a need to manage dozens of packages. Thus @lernajs was born
I picked up Lerna a little while later and focused on making it work well for design systems. I rewrote it like 5 times to try and get the architecture right.
Lerna then started getting picked up by others who also contributed back and added features. I enjoyed watching it grow and so I started looking out for users.
One day I came across a new design system from a team at Microsoft. I saw that it was made up of lots of small packages. I was excited and wondered “ooh is MS using Lerna?”
It turns out, no they were not. They were using this other thing called “Rush”. I hadn’t heard of it, but I was interested in seeing how it differed from Lerna.
I found the repo and started exploring. The first thing I noticed was how familiar all the code was. I could navigate the file structure very easily. I realised that it was almost a mirror of Lerna’s code base.
Files and directories were named the same things, it had many of the same core functions with code that I distinctly remembered writing.
But no big deal right? It must be a fork. I was actually flattered at first. So I went back in the git history.
I got all the way back to the first commit, and looked at the date. Turns out Rush was created a couple weeks after Lerna was announced.
I continued working through the commit history and looked at commits that added features, it all felt so familiar and now I was getting suspicious.
Comparing dates of commits, it looked like Rush kept copying changes from Lerna days after they were made. Rewritten using this weird event system they added.
It left a bad taste in my mouth, I could tell this was my code. I looked at the license, no mention. I looked at the readme… Oh wait
In the readme they acknowledge the fact that there are “other solutions” and say that they are bad. No mention of the fact that Rush was taken directly from one of these bad other solutions.
You know if it were anyone else, I would have been mildly annoyed and ignored it. But Microsoft is a multi billion dollar corporation. If they are going to steal code without crediting the original author I’m gonna be pissed.
So I reached out to people I knew at Microsoft. This was probably a year ago now. They were shocked and apologized. But since then nothing has happened.
Oh wait yeah, something did happen. The commit history of Rush was messed with and a lot of the code was moved around, functions renamed, rewritten. It still feels familiar, but it’s more scrambled.
Instead of just updating a license or even just adding a footnote, they went through all that trouble.
Anyways, it’s really annoyed me to listen to all these people give Microsoft free good press about open source when clearly their product org is still happy to be dicks to open source communities
I don’t trust Microsoft (or Google or Facebook or Amazon) to be good shepherds of open source communities
.

Just because we’ve made it impossible to compete with their old closed source stacks doesn’t mean they’ll act in the best interest of open source
And just because there are great people at Microsoft who love open source and want to do the right thing does not mean that they’ll be able to stop Microsoft from doing shitty things when there’s money involved.
I know plenty of people at big corporations who want to change things but can’t because millions of dollars are in the way.
A few years back we were able to petition GitHub to start improving the tools the offered to open source maintainers.

later on at a @maintainerati event, GitHub acknowledged that this letter had a huge impact on how they worked with open source communities
Imagine a couple hundred people signing a letter to try and change things at Microsoft/Google/Facebook and it actually working. These companies deal with stuff like that on a daily basis and it doesn’t make them trip up for even a second
The consolidation of our infrastructure is dangerous. Having lots of small companies or even medium sized corporations forces them to work together without much effort which prevents any one of them from ever totally fucking us over
The tech industry has so many monopolies right now. Building more everyday. It’s only going to hurt consumers more and more. And when it comes to infrastructure, we’re going to be those fucked over consumers
If you trust a handful of corporations with your entire toolchain and expect them not to fuck you over I’ve got a bridge to sell you

As recently as this year we wrote about another such example. People, watch out. The warnings are there.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Links 31/01/2023: GNOME 44 Wallpapers and Alpha

    Links for the day



  2. Free and Open Source Software Developers' European Meeting (FOSDEM) and KU Leuven Boosting Americans and Cancellers of the Father of Free Software

    The Free Software Foundation (FSF) and its founder, Richard M. Stallman (RMS), along with the SFLC one might add, have been under a siege by the trademark-abusing FSFE and SFC; Belgium helps legitimise the ‘fakes’



  3. Techrights in the Next 5 or 10 Years

    Now that I’m free from the shackles of a company (it deteriorated a lot after grabbing Gates Foundation money under an NDA) the site Techrights can flourish and become more active



  4. 60 Days of Articles About Sirius 'Open Source' and the Long Road Ahead

    The Sirius ‘Open Source’ series ended after 60 days (parts published every day except the day my SSD died completely and very suddenly); the video above explains what’s to come and what lessons can be learned from the 21-year collective experience (my wife and I; work periods combined) in a company that still claims, in vain, to be “Open Source”



  5. IRC Proceedings: Monday, January 30, 2023

    IRC logs for Monday, January 30, 2023



  6. Taking Techrights to the Next Level in 2023

    I've reached a state of "closure" when it comes to my employer (almost 12 years for me, 9+ years for my wife); expect Techrights to become more active than ever before and belatedly publish important articles, based on longstanding investigations that take a lot of effort



  7. The ISO Delusion: When the Employer Doesn’t Realise That Outsourcing Clients' Passwords to LassPass After Security Breaches Is a Terrible Idea

    The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that



  8. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day



  9. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”



  10. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day



  11. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023



  12. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"



  13. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.



  14. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software



  15. Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

    Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here's what that did to my life.



  16. Stigmatising GNU/Linux for Not Withstanding Hardware Failures

    Nowadays "the news" is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor 'report' about "Linux servers" failing to work



  17. Microsofters Inside Sirius 'Open Source'

    Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it



  18. Links 29/01/2023: GNOME 43.3 Fixes and Lots About Games

    Links for the day



  19. The Hey Hype Machine

    "Hey Hype" or "Hey Hi" (AI) has been dominating the press lately and a lot of that seems to boil down to paid-for marketing; we need to understand what's truly going on and not be distracted by the substance-less hype



  20. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023



  21. Unmasking AI

    A guest article by Andy Farnell



  22. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage



  23. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day



  24. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023



  25. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)



  26. This is What the Microsoft-Sponsored Media Has Been Hyping Up for Weeks (Ahead of Microsoft Layoffs)

    Reprinted with permission from Ryan



  27. [Meme] António Campinos Wants to Be F***ing President Until 2028

    António Campinos insists he will be EPO President for 10 years, i.e. even longer than Benoît Battistelli (despite having appalling approval rates from staff)



  28. European Patent Office Staff Losing Hope

    The EPO’s management with its shallow campaign of obfuscation (pretending to protect children or some other nonsense) is not fooling patent examiners, who have grown tired and whose representatives say “the administration shows no intention of involving the staff representation in the drafting of the consultant’s mandate” (like in Sirius ‘Open Source’ where technical staff is ignored completely for misguided proposals to pass in the dark)



  29. IRC Proceedings: Thursday, January 26, 2023

    IRC logs for Thursday, January 26, 2023



  30. Sirius Relegated/Demoted/Destined Itself to Technical Hell by Refusing to Listen to the Technical Staff (Which Wanted to Stay With Asterisk/Free Software)

    In my final year at Sirius ‘Open Source’ communication systems had already become chaotic; there were too many dysfunctional tools, a lack of instructions, a lack of coordination and the proposed ‘solution’ (this past October) was just more complexity and red tape


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts