Bonum Certa Men Certa

Shaya Potter & Debian WaReZ expulsion

posted by Roy Schestowitz on Mar 15, 2024,
updated Mar 15, 2024

Shaya Potter

Reprinted with permission from Daniel Pocock.

In recent years, Debian leaders have abused their positions to leak rumors and gossip about some developers while hiding far more serious scandals.

One of those is the shadow expulsion of Shaya Potter (blog, CV) in 1998.

Potter was a child prodigy who began a US Navy internship when he was fifteen or sixteen. At the same time, Novare, Inc was hosting some Debian infrastructure on their company servers.

Potter claims his software was being deployed to the USS Theodore Roosevelt (Secure Tactical Access Terminal) while at the same time, Debian records show that he was stashing WaReZ on master.debian.org, a server operated by Novare.

The case of a navy intern committing piracy is interesting for a wide range of reasons that have a lot more to do with Debian than the navy.

Potter began co-authoring Debian as a minor. It appears that he was 19 when he was caught with WaReZ but it is not clear what age he was when he actually downloaded these illegal copies of software. The age of majority varies between different countries and different states of the US. Therefore, there was some confusion about whether it should be handled as a juvenile offence. I recently wrote about the concerns with FSFE encouraging minors to do unpaid work on open source projects.

Earlier this year I wrote about the fact that only 86 of the original Debian co-authors agreed to form an association with a constitution. If we look at the names of the people who consented to form an association, Shaya Potter is not in the list. If Potter did not consent to the constitution then he wasn't a member at all. Morever, the association only came into existence at the end of the vote in December 1998. Potter was supposedly expelled in November 1998, one month before the vote. Therefore, as the organization didn't really exist yet and as he hadn't consented to be a member, we can't really say he was expelled at all.

Nonetheless, it looks like his position with the US Navy also ended the year after the Debian drama. Barely five years later, Potter went on to win the LISA'05 award for the best student paper.

The great irony in this case is that people were angry with Potter for violating copyright law. Yet this was the first time the developers forcefully removed the name of a Debian co-author from the software. Therefore, by removing his name and failing to give him equal credit as a joint author of the Debian software, they were violating his copyright interests. They set a precedent for violating the copyright interests of other authors, for example, the violent suppression of Ted Walther in DebConf6.

To put this in perspective, consider the case of Rolf Harris, convicted of harassment and abuse in the UK. His copyright interests from a long career in show business still continued to receive royalties even during his time in prison. If a sex offender can continue receiving royalties while in prison, why can't all Debian Developers continue receiving recognition even after minor disputes within the project?

At the time, developers expressed some concern that the scandal would be leaked and gain significant publicity due to the connection with the US Navy.

It is interesting to see how this scandal regarding a minor and the US military was covered up while gossip about other developers, like the assault on Ted Walther was deliberately leaked. The accusations against Potter were far more serious than the gossip about Walther.

In 2018, Debian leader Chris Lamb started making attacks on the privacy of volunteers and our families.

Despite supposedly being "expelled" from an organization that didn't exist, Potter has continued maintaining the hebcal package, the Perpetual Jewish Calendar, for more than twenty years. Potter moved to Israel in August 2019, four months after the decision to send DebConf20 to Haifa, Israel. It looks like the expulsion was in some ways a charade so that Debian can pretend they take a hard line on piracy while in reality, there were no consequences for Potter's career. He walked straight out of the US Navy and into IBM TJ Watson research laboratory.

Please see the next blog post for details about how Potter made these bad choices under the burden of 14,000 messages from debian-private.

One of Potter's earlier emails to the debian-private gossip network

Subject: Re: Debian release strategy (Was: Re: XFree86 3.2 is out, should we , , delay the release , of Debian 1.2)
Date: Fri, 1 Nov 1996 14:17:42 -0500 (EST)
From: Shaya Potter <spotter@itd.nrl.navy.mil>
To: Klee Dienes <klee@sedona.com>
CC: Bruce Perens <Bruce@pixar.com>, debian-private@lists.debian.org

On 1 Nov 1996, Klee Dienes wrote:
> > > I think the key is getting LIBC 6 and the new X available _early_ in > > the time frame. > > I've got a preliminary packaging of glibc-1.96 ready (as part of the > testing/development of the POSIX/FIPS-152 conformance testing > package). I've been holding off on uploading it until after rex was > frozen to avoid adding too much confusion to the pot, as well as to > see what comes of our new-found relationship with Lasermoon. I'll > upload a copy on Monday after the code freeze takes place.
Oh, about the posix testing, if you need help I am still here.
Thanks,
Shaya -- Shaya Potter spotter@itd.nrl.navy.mil
-- Please respect the confidentiality of material on the debian-private list. TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Potter asked the Debian leader to hand over copies of debian-private discussion about underage developers.

Subject: Re: why I want the archives on me (was Re: spotter@debian.org)
Date: Tue, 17 Nov 1998 12:56:41 -0500
From: Shaya Potter <spotter@ymail.yu.edu>
To: joost@pc47.mpn.cp.philips.com
CC: debian-private@lists.debian.org

----- Original Message ----- From: <joost@pc47.mpn.cp.philips.com>
> >On Tue, 17 Nov 1998, Shaya Potter wrote: > >> Now that this is out of the way, I'd like to publicly ask if I can have an >> archive of all the communication that went on in regard to me. > >Strictly speaking I tend to disagree that you or anybody has an a-priori >right to know what is being said and told on debian-private. It is simply >a private list. Things would be different if you were mentioned in a >public list without being able to respond. But that is in all aspects >clearly not the current situation.
First, I never said I have a right. In many ways I think i don't have a right, or even if I did, I don't deserve it. I don't think my statements have implied that I believe I have a right to demand that it be given to me.
I do have a right to ask that it be done. Debian has a right to say yes or no.
> >(Nevertheless, I think that it would be considerate to cc: you in >any discussion that involves you in a very personal manner - this has >IMHO until now hardly been the case though.)
It hasn't? Than how did the decision to expell me come about? Who told people who made the decision what happened? Was this all done in private mail?
> >If a non-subscriber of debian-private must share in the conversation on >debian-private, then this should IMHO be done by adding that person to the >clearly visible cc: line of the header of any messages to be "published." >That way, it will be adequately clear that the correspondence leaves the >realm of debian-private and thus everybody can conclude that normal >confidentiality can not be expected. AFAIK respect for the confidential >nature of debian-private is a prerequisite for subscription to this list.
I would have respected the confidentiality, as I have made it known that I don't want this to spread, as I am embarrased by my actions.
> >Practically speaking, I disagree that the underlying case generally >concerns you. What matters here is not who Shaya Potter personally is or >what particularly Shaya Potter did. The discussion is about how issues >like the one involving you relate to Debian. This discussion does not >involve you personally.
I don't want the entire discussion, I just want to see the parts that touch on me personally. I don't care for the rest, of what about underage developers and the like....
> >> I was told that it would not be a star chamber, and that I'd be cc'd in >> on all the corrospondace. That didn't occur. > >There was no "star chamber." You have already been generously cc:'-ed.
I was? The only cc:'s I ever got were in response to me starting a thread. That implies to me, that acc. to what you were saying, that no discussion on -private occured that I didn't start. However, I know this not to be the case, as before I was unsubscribed from -private, I saw a thread or 2 started that dealt with me.
> >IMHO you do not have a right to be cc:-'ed on the _general_ discussion >which does not particularly (personally) involve you.
never said I did.
> >> Also, I really have no idea of what discussion went on, if mistruthes >> were spread about the incident (as in reality, I'm the only one that >> knows completely what happened, and no one really ever asked me for the >> full story). > >If this worries you so much, then I seriously wonder why you did not >immediately relate it to debian-private when the issue arose in the first >place?
I did apologize on -private right away, however, I didn't want to spread what I did. I specifically told people that I would rather this not be discussed on -private and have me showed the door quietly, and told never to come back. That didn't happen, it was discussed on -private. I don't know what was discussed in relation to me, so I want to be informed.
> >Again, the discussion is not yours. Again, you are not personally >involved. Your only "role" in the discussion is that you have created a >precedent. I thinks we can all agree that we would rather have had you >not be a precedent case, but it happened. I'm very sorry, but you'll >have to blame yourself for that.
Trust me, I've blamed myself a lot for this. If you seen any of my corrospondance you would know this. I don't blame anyone for my predicament, but myself.
>Discussion on debian-private does not count as a statement from Debian. >So there simply were no statements. I'm not really in favor of making any >strong or overly verbose statements either. If there ever is to be a >statement from Debian about an issue such as the current one involving >Shaya, I think that person should be briefed thoroghly beforehand.
I'm not talking about a debian statement. I don't want a public statement, and I know a lot of people from debian don't want one either (though some might). What I meant by statements, was statements that individuals made, that might be incorrect, or inacurate.
>Shaya, can you please just put this to a rest? IMHO it is not very >productive for anybody. And please take it from me that you have no >reason to be concerned that you have been in a "star chamber."
I am not worried about a star chamber, I would have prefered it in many ways. However, at least with a star chamber you usually get to see the case presented against you, even though you don't have the ability to defend yourself. As I said many times, my case is indefensable, so that wouldn't bother me.
Shaya

Potter actually resigned on 2 November 1998 but they still spent two weeks deciding to expel him

He was not a member anyway as the organization didn't exist yet. He resigned. Therefore, how obscene it is to retrospectively have an expulsion.

This practice of expelling a non-member, which is obviously unethical and impossible, laid the foundation for many future problems in Debian. For example, Frans Pop had tried to resign before committing suicide but people pulled him back in.

Subject: Re: Novare and master
Date: Mon, 2 Nov 1998 15:56:06 -0600
From: Ean R . Schuessler <ean@novare.net>
To: Shaya Potter <spotter@yucs.org>
CC: debian-private@lists.debian.org

On Mon, Nov 02, 1998 at 12:59:22AM -0500, Shaya Potter wrote: > I have heard through the grapevine that you are considering pulling > novare's support of debian b/c of my actions. is this true? if it is, I > would hope that you reconsider and view me as an aberation. My behavior > was wrong, stupid, illegal, puts novare and debian in a sticky situation > and above all that, broke a trust that was given to me. I would like to > apologize for these things, but in my mind an apology doesn't fix the > past, it can only set the foundation for the future. If in your mind, you > would be more open to allowing debian to continue on as is, if I am gone, > let this be my letter of resignation. If other debian developers think I > should be gone,let it too be a letter of resignation. I don't want this > to turn into a public argument and the more it's argued even in private, > the more public it can become. I can't take the embarasment and rather be > kicked out and punished swiftly than have the chance of staying.
Say what? You're on smack. Kick your bootie for being a naughty little man, yes. Stop supporting Debian because you wanted some 3l1t3 w4r3$, not friggin' likely.
I think that you should take on 10 new packages and maintain them in an exemplary manner, you should also break some raw eggs on your face, take a picture and we'll post it on devel. I might even send my girlfriend to infiltrate your Navy base and spank you bloody. What you should stop doing, however, is whining and pirating software.
Ahimsa. E
-- _______________________________________________________________________ Ean Schuessler Director of New Products and Technologies Novare International Inc. The Unstoppable Fist of Digital Action *** WARNING: This signature may contain jokes.

Please see the next blog post for details about how Potter made these bad choices under the burden of 14,000 messages from debian-private.

Other Recent Techrights' Posts

The Internet is Failing to Protect Democratic Processes and Human Knowledge
Amplifying lies, rewarding plagiarists
Links 05/11/2024: Criminal Referrals Regarding Patent Trolls and Disinformation About the Election Process (Already)
Links for the day
Saving the Planet With Honesty, Transparency, and Sharing (Not Only of Computer Code)
GAFAM is destroying the only habitat humans and other animals have and it'll only get worse
Disinformation About Election Outcomes Even Before Any Election Outcomes (or Election/Voting!)
seeding doubt about election outcomes
Against Outsourcing of Sites and E-mail
Software Freedom is great, but it is not enough if you let someone else do it 'for you'
Drew DeVault: People Talking About My Attack Site (Against the Founder of GNU/Linux) is "Spam"
"Spam on sr.ht mailing lists"
"Oppose the Fascist"
what the founder of GNU/Linux said
Halloween, All Saints Day & Swiss citizenship
Reprinted with permission from Daniel Pocock
 
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day
Birthday Tomorrow
Many cakes and drinks are ready; we're one day away now
Gemini Links 05/11/2024: 'App' Needed for Parking, NNCP, Gomphotherium
Links for the day
How Voting Does Not Work
You cannot vote from an "app"
Links 05/11/2024: Bluesky and Enshittification, Pugad Baboy, and Lots of Disinformation Flooding the Web
Links for the day
[Meme] Sweaty Under the Belly
"OK, my critics are 'spam'"
Microsoft Bribing Canonical (to Stop Competing) and Bribing Users to Shun the Competition
Canonical is worth shunning
[Meme] The 2024 'Info Bros'
And prehistoric googling
Computers Getting Worse (for the User) Over Time
This is like Windows-ism coming to "Linux" through the hardware
[Meme] How NOT to Vote
Another form of (mostly-unspoken-of) election interference
An LLM Inside a 'Search' Engine Means That Companies Tell You What They Want, Not What Web Pages to Visit
The future of 'googling' things might be as unreliable as using Social Control Media as a source of information
Google's Debt Has Increased and 'Cash on Hand' Fell by 22.27% This Past Year
These are the numbers that the corporate media intentionally leaves out
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 04, 2024
IRC logs for Monday, November 04, 2024
There's a Reason Why Techrights is Turning 18 and Tux Machines Will Turn 20.5 Next Month
I started advocating GNU/Linux when I was a teenager
Techrights Has a Long History of Fighting to Expose 'Team Mono' or Microsofters Inside GNOME
Never downplay the malice of Microsoft and its operatives
Gemini Links 05/11/2024: Halloween Over, Intention and Implementation, Bookmark Syncing
Links for the day
Microsoft Lost Nearly Half of Its 'Cash Reserves' This Past Year
Is Microsoft (MSFT) the next Intel (INTC)?
The Year Isn't Over Yet, There Will be More Waves of Microsoft Layoffs
Nowadays Microsoft just tries to conflate/equate its energy waste with "value"
The Corporate Media Blasted Bitcoin for Destroying the Planet and Must Do the Same to Incite the Public Against the 'Great Rigging of Wall Street' (Under the Guise of "AI", the Latest Gold Rush)
"AI" is the next "metaverse" (trailing by a few months)
[Video] Richard Stallman is Back to Halo and Gown (in Peru) With 2+ Hours of a Public Talk
The globetrotting Richard Stallman gave many talks at the end of last month
Going Strong Against the Wind
the abuse serves to emphasise or affirm the importance of what we do
Links 04/11/2024: Squashing More Software Patents and Taiwan at Risk
Links for the day
Gemini Links 04/11/2024: Typing vs Writing and a Smol (Net) Pub
Links for the day
Links 04/11/2024: LibreOffice Had Adopted PeerTube, "Hey Hi" Hype is a Threat to the Energy Grids (Worse Than Fake-Coins)
Links for the day
[Meme] Social Control Telescreens With Microphone
Nineteen Eighty-Four
Shout-out to Christine From FOSSForce
Who noticed our short story
Not Boycotting Apple (Yet)?
"Apple Forces The Signing Of Applications In MacOS Sequoia 15.1"
statCounter This Month: Android Has Nearly Become Twice as Big as Windows
If it happened, it would be an unprecedented milestone
Why Technical Sites Need Not Make Political Recommendations or Endorsements
Except perhaps when it's for some purely technical role, e.g. FCC chief
[Meme] Apple Freedom
Freedom is... the ability to purchase as many 'i' things as you want
Apple's MacOS Shows Us the Vision of Computing That GAFAM Has for Us (Digital Prisons)
Freedom means "we the people" should be in control, not people being controlled by corporations (contemporary slaveowners)
"Active" as in One URL, One Emoji, and 4 Words in One Week
Diversity community in Fedora
Apple Vision Pro Has Failed, Just Like "Metaverse"
Vision Pro lacks software
Things That Can Improve Election Integrity
the first two relate to "tech"
Rigging Elections is Difficult, Cheating a Little is Not
Avoid social control media, it is the biggest rigger of all
"People who live in glass houses shouldn't throw stones"
On throwing stones in a glass house
Our Stance on Electronic (or Digital) Voting Machines
The simple activity of voting and counting ballots does not require thousands of complex machines with hundreds of millions of transistors and hundreds of millions of lines of code
Microsoft and "Retrospective Re-writing of History..."
in YouTube anyone can make stuff up (as one goes along)
This Coming Week
Go exercise your right to vote
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 03, 2024
IRC logs for Sunday, November 03, 2024
Reddit is (Still) Lying and Faking
Don't fall for this phony idea that the above sites are grassroots or edgy; they're not
GNU/Linux Users Are Not Cheaters
The bottom line is, most cheaters use Windows
Links 04/11/2024: FCC, Broadband Industry Spar Over Net Neutrality; Software Patent Squashed
Links for the day
Gemini Links 03/11/2024: Official MyGemini.Space Announcement
Links for the day