Bonum Certa Men Certa

GitHub is a Dagger Inside Free/Open Source Software (FOSS); This is Why Microsoft Bought It

Remember that GitHub is proprietary software, it is centralised, and it gives Microsoft control over its foremost rival, which is a movement rather than a company



Summary: A year later it seems pretty evident that Microsoft doesn't like FOSS but is merely trying to control it, e.g. by buying millions of FOSS projects/repositories at the platform level (the above is what the Linux Foundation's Jim Zemlin said to Microsoft at their event while antitrust regulators were still assessing the proposed takeover)

THE PREVIOUS post ended by saying that we would deal separately with Microsoft's GitHub and the threat it poses to Software Freedom. This threat is unfortunately growing over time as not enough people shun GitHub. They walk right into the trap.



"In its internal documents Microsoft once explained that it needs to attack Software Freedom while ensuring the attacks don't look as though they come from Microsoft."Microsoft is still the biggest foe of Software Freedom, which it combats constantly. No other company stands to benefit from the destruction of Software Freedom as much as Microsoft. The same goes for GNU/Linux. Microsoft hates it and if it could destroy it overnight, it would (it already tried many times and failed every time).

In its internal documents Microsoft once explained that it needs to attack Software Freedom while ensuring the attacks don't look as though they come from Microsoft. This is what the likes of SCO and Black Duck are for. SCO's case isn't 100% over (believe it or not!) and Black Duck is still around and still active under another name because it got bought. It's being amplified by Microsoft allies, a Microsoft-connected FUD bunch with history and 'pedigree'. In "The license and security risks of using Node.js," for instance, Black Duck continues to attack FOSS as usual, amplified by the anti-FOSS site Security Boulevard (propaganda front of an anti-FOSS hack). Days ago it also promoted/copy-pasted Black Duck's "Review of Apache Struts vulnerabilities yields 24 updated advisories". Security Boulevard is not a news site (though Google News thinks it is). It's focused on FOSS...

"...Microsoft continues to attack FOSS. It's just doing that less directly."...always negative.

...has never mentioned back doors in proprietary software.

This anti-FOSS site is also constantly advertising WhiteSource (e.g. event placements, with a new example here), the 'new' Black Duck. They're Microsoft partners. They co-author papers with Microsoft and they attack FOSS by proxy for Microsoft. What a truly malicious network of hacks. But the point we wish to make is, Microsoft continues to attack FOSS. It's just doing that less directly. Security and licensing FUD (especially targeted at copyleft/GPL) is rampant. Now imagine how they can leverage GitHub to further amplify such FUD, as they very publicly do. They barely make that a secret. Their managers speak about that in Twitter. It's all public. They bash the GPL. Consider who Microsoft put in charge of GitHub; past Techrights articles about him would likely be eye-opening [1, 2, 3, 4].

"It's secret code and much worse things happen behind the scenes (including NSA surveillance; GitHub is in PRISM now)."Any project which takes Software Freedom seriously needs to avoid/reject GitHub and choose something else because GitHub is proprietary software, antithetical not just to FOSS but also to the decentralised nature of Git. It's secret code and much worse things happen behind the scenes (including NSA surveillance; GitHub is in PRISM now). Days ago we noticed that a decentralised code/content project, Audius, chose GitHub [1, 2]. That's like a vegetarian choosing to work for a butcher. We also noticed that the New York Times started pushing Microsoft GitHub (which is a proprietary software trap) under the headline "How to Take Your Open Source Project from Good to Great" (as if Microsoft entrapment in a proprietary software platform makes it "Great"!).

"As before, many so-called 'studies' or surveys count nothing but data from Microsoft (GitHub). If you're not on it, you don't exist or don't count."We've been observing a disturbing trend lately. As before, many so-called 'studies' or surveys count nothing but data from Microsoft (GitHub). If you're not on it, you don't exist or don't count. This way Microsoft can bias statistics about so-called 'FOSS' (only what Microsoft controls). This is not a particularly new issue; GitHub has long attracted projects that don't care so much about freedom. GitHub is strictly centralised and it is proprietary software. GitHub also helps put one heck of a twist on the term "Open Source" (which increasingly means nothing at all, e.g. outsourcing to a proprietary software platform of Microsoft). 2 days ago we saw evidence that Google still makes this mistake by outsourcing its projects to Microsoft. Is Google out of its mind? GitHub is Google's rival. It's controlled by company that still blackmails Android using patent lawsuits. Wrong platform for Google's code, no? Unless they stop outsourcing code (and control) to Microsoft -- a company full of criminals (who admit their crimes but never get arrested) -- they will simply make Microsoft stronger. Microsoft grossly misuses its control of the platform, based on imperialism and racism. You just know that something has gone very wrong with FOSS (or rather that Microsoft sabotages it for a price) when "going open source" means outsourcing everything to a proprietary software platform of Microsoft, which censors projects, bans developers etc. based on country of birth/origin.

Belatedly, or perhaps too late, countries realise that GitHub is a danger and a risk factor. Days ago JAXenter wrote:

At the end of July, GitHub enforced access blocks for its software repositories in line with United States trade controls, including U.S. Export Administration Regulations, on sanctioned countries. Instantly this made it difficult for developers based in countries such as Cuba, Iran, North Korea, and Syria to access private repository services, private organisational accounts or GitHub Marketplace Services. However, this also limited access to public repository services for personal communications only.

It’s important to stress that the individual developers themselves had no say over this decision. GitHub has to follow the rules around selling software to specific countries, yet the software itself is neither sold or bought. For open source projects, copying and distribution are important for building up community and use of the software. Blocking GitHub access – one of the main distribution methods for these software assets – therefore has an impact on the community building activity and makes it more difficult over time.

GitHub has become a central resource for downloading the latest official release code for projects and developers who use these repositories for building their own applications. Suddenly blocking access to GitHub repositories has meant that developers based in those countries were cut off and unable to work with many components, which highlights a key issue for open source software developers: if you don’t want your software to be restricted by international politics you had better choose self-hosted solutions, such as GitLab.


Business Times (Chinese site) explained that this motivated China to bypass GitHub altogether:

China will officially be forming the country's first-ever open-source software foundation to bolster its open-source software community. The plan was unveiled by Huawei Technologies, which plans to partner with domestic software firms to achieve the ambitious plan. Huawei also revealed that it plans to establish the infrastructure in as early as one or two months.

The plan to establish the country's first open-source software hub was put into place following the ban imposed by GitHub, the world's largest host of open-source software, on sanctioned nations by the United States. The US-based company began blocking access to its services in July, starting with the removal of Iranian accounts.

The incident itself has highlighted the increasing dangers of geopolitical interference on the open-source community. China likely felt that it needed to establish its own community as a precaution if the US government does decide to sanction the nation as trade disputes escalate.


The Phnom Penh Post and other Asian sites said this:

The plan for the software foundation came after GitHub, the world’s largest host of source code, last month prevented users in Iran and other nations sanctioned by the US government from accessing portions of its service.


Last but not least, ITWeb wrote the following some days ago:

This follows an acknowledgement from GitHub, the world’s largest open source code host, that it has to prevent users in nations sanctioned by the US government – potentially including China as well as Iran and Crimea – from accessing portions of its service.

[...]

While it is not yet clear whether Huawei or any other Chinese organisation has been impacted by GitHub’s actions, Wang lamented that although it had long been the de facto open source position that open source communities were supposed to be fair and equitable for all, the American position, and GitHub’s compliance with its government’s dictates, meant that open source had become a pawn in the power play between countries.


As we explained some days ago in relation to bogus foundations, it's not clear whether Huawei is serious about FOSS and BGR published "Huawei’s long-awaited mobile OS elicits mixed reactions in China". It quotes Torvalds as saying: “Talk is cheap. Show me the code.”

On it goes: "That user’s skepticism about the OS would seem to stem from its viability as a replacement for Android, which continues to be talked up given that the ban remains in place that prevents US companies (like Google) from working with Huawei. Accordingly, Huawei’s billionaire founder Ren Zhengfei sent out an internal memo in recent days spelling out his ambition of building an “iron army” over the next three to five years that can withstand the US ban — the “iron army,” being a generalized reference to a Huawei overhaul that puts more of the company’s fate in its own hands."

The bottom line is, a lot of what's being characterised as Open Source is nowadays neither "Open Source" (as per OSD) nor Free software. We'll deal with that in our next post which is dedicated solely to openwashing.

Recent Techrights' Posts

[Meme] 9AM Meeting at Brett Wilson LLP
Brett Wilson LLP in space
 
Links 18/07/2025: Peace With PKK and Connie Francis Dies
Links for the day
Gemini Links 18/07/2025: Alhena 5.1.8 and Bornhack 2025
Links for the day
How to Top Up a "Limited Liability" With Even More Limitations (Dodging Accountability in the UK)
Some people call it a "shell game". Sometimes it's done for tax evasion purposes.
Free Software Foundation, Inc. (FSF) Inches Towards 75% of Fund-Raising Target
Will the cutoff date be extended again?
Gemini Space (or Geminispace) Grows, But Usage of Certificate Authority Let's Encrypt Drops Further
Ideally, all Gemini capsules should use self-signed certificates
Links 18/07/2025: More Microsoft Layoffs in Activision, The New Stack (Sponsored by Microsoft) Complains About Openwashing
Links for the day
Gemini Links 18/07/2025: OCC25 Gnus for Reading Usenet and RSS Feeds, Small Web Updates
Links for the day
Listing as Staff People Who Left the Company More Than Six Years Earlier
There are apparently no laws against that
Brian Fagioli Shovels Up LLM Slop (Plagiarism) Onto Slashdot, Then Uses Slashdot for Affirmation or as Badge of Honour
Notice how some of his latest slop is presented ("as featured on Slashdot")
Social Control Media Productivity
Snapping photos of the bone
The Law Firm SLAPPing Us For the Microsofters Lost 72% of Its Tangible Assets in the Past Year, According to Its Own Reports
That might help explain why they're willing to tolerate serial stranglers from Microsoft as clients
Slopwatch: LinuxSecurity.com Slopfarm and Slopfarms Propped Up by Google News
"As LLM slop is foisted onto the WWW in place of knowledge and real content, it now gets ingested and processed by other LLMs, creating a sort of ouroboros of crap."
Links 18/07/2025: Weather Events and Health Hazards
Links for the day
Microsoft's All-Time Low in Finland
Microsoft is in a freefall
Security: Shane Wegner & Debian statement of incompetence
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 17, 2025
IRC logs for Thursday, July 17, 2025
Gemini Links 17/07/2025: "Goodreads for Gemini" and Defence of "The Small Web"
Links for the day
Links 17/07/2025: Anger and Morale Issues at Microsoft, Wars and Conflicts Get Digital
Links for the day
CALEA / CALEA2 is the Real Problem, Not Chinese Operatives Exploiting CALEA / CALEA2 (as Any Other Nation Can)
CALEA / CALEA2 is more of a front door than a back door
99.99% Uptime in First Half of 2025
Since January there was only one noticeable outage
Nils Torvalds and Anna "Mikke" Torvalds (née Törnqvis) Hopefully Use GNU/Linux by Now
"Torvalds Family Uses Windows, Not Linus’ Linux"
Attack of the Slopfarms
FUD-amplifying bots with slop images, slop text (LLM slop)
When People Call a Best/Close Friend of Bill Gates a "Serial Rapist"
Good thing that the Linux Foundation keeps the "Linux" trademark ("Linux Mark") clean
Not My Problem, I Don't Care
Context/inspiration: Martin Niemöller
Honest Journalism About the European Patent Office Ceased to Exist After SLAPPs and Bribes to the Media
The EPO is basically a Mafia
Microsoft Bankruptcy in Russia, Shutdown in Pakistan, What Next?
It seems possible that in 2025 alone Microsoft will have laid off over 50,000 workers
Life Became Simpler When I Stopped Driving and I Don't Miss Driving When I See "Modern" Cars
Gee, wonder why car sales have plummeted...
Why I Believe Brett Wilson LLP and Its Microsoft Clients Are All Toast
So far our legal strategy has worked perfectly
EPO Jobs Are Very Toxic and Bad for One's Health
Health first, not monopolies
Response to Ryo Suwito Regarding the Four Freedoms
the point of life isn't to make more money
Microsoft's Morale Circling Down the Drain
Or gutter, toilet etc.
What Matters More Than "Market Share"
The goal is freedom, not "market share"
Tech Used to be Fun. To Many of Us It's Still Fun.
You can just watch it from afar and make fun of it all
Links 17/07/2025: "Blog Identity Crisis" and Openwashing by Nvidia
Links for the day
Greffiers and the US Attorney of the Serial Strangler From Microsoft
The lawsuit can help expose extensive corruption in the American court system as well
Credit Suisse collapse obfuscated Parreaux, Thiébaud & Partners scandal
Reprinted with permission from Daniel Pocock
The People Who Promoted systemd in Debian Also Promote Wayland
This is not politics
UK Media Under Threat: Cannot Report on Data Breach, Cannot Report on Microsoft Staff Strangling Women
The story of super injunction (in the British media this week, years late)
Victims of the Serial Strangler From Microsoft, Alex Balabhadra Graveley, Wanted to Sue Him But Lacked the Funds (He Attacked Their Finances)
Having spoken to victims of the Serial Strangler From Microsoft
Links 17/07/2025: Science, Hardware, and Censorship
Links for the day
Gemini Links 17/07/2025: Staying in the "Small Web" and Back on ICQ
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 16, 2025
IRC logs for Wednesday, July 16, 2025
Under the Guise of "MIT Technology Review Insights" the Site MIT Technology Review Posts Corporate Spam as 'Articles'
Some of the articles aren't even articles but 'hit pieces' against Free software and some are paid advertisements
Brett Wilson LLP Has Track Record in Scam Coin Cases (e.g. Craig Wright and More), Now It Works for 'Crypto' Scam Purveyors
But wait, it gets worse
Exclusive: corruption in Tribunals, Greffiers, from protection rackets to cat whisperers
Reprinted with permission from Daniel Pocock
Will Brett Wilson LLP Handle Its Own Winding Up Petition or be Struck Off for Overt Abuse of Process?
Today we sue not only the first Microsofter
Links 16/07/2025: Chip Bans and Microsoft’s “Digital Escort” Program
Links for the day
Ubuntu Becomes Microsoft GitHub, Based on Decision Made by British Army Officer
You're hopeless, Canonical
Revolving Doors: One Day You're a Judge, the Next Day You're an Attorney Paying Public Officials and Working for Violent and Dangerous Microsoft Employees
how the US justice system works
Sharing Code and Recipes
It helps explain the triviality of software freedom
Slopwatch: Noise, Plagiarism and Even Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation
What are we meant to do to prevent a false association or misleading connotations? Game the LLMs? No. Boycott slopfarms.
How Many Women Has Microsoft's Alex Balabhadra Graveley Already Strangled and Where Does That End?
If you too are a victim of this man and wish to share information, contact us
Gemini Links 16/07/2025: BaseLibre Numerical System and Simple Web Browsing with TLS
Links for the day
Links 16/07/2025: Fascist Slop Takes "Intelligence" Clothing, New Criminal Case Against MElon
Links for the day
"We Might Save Somebody's Life"
I follow the example of my father
Why I am Suing the Serial Strangler From Microsoft, Alex Balabhadra Graveley, in the UK High Court This Week
Out of respect to the process and to the Court, I shall not share any pertinent details about the case
Links 16/07/2025: China’s Economy Grows Steadily, France Takes Action Regarding Harm to Children by GAFAM and Fentanylware (TikTok)
Links for the day
It is Not About Politics
Beware the people who try to make this about politics
Good Journalism Saves Lives
a shocking number of women die or get seriously hurt every day due to violence from a partner
Recognition of Women's Contributions to Free Software
Being passive is not an option when bad things are happening
Slopfarms Are Going to Perish Because Public Opinion is Changing
Many slopfarms will simply go offline
19 Years of Standing Up for Justice, Equality, and Truth
This week we shall take it up a notch
Gemini Links 16/07/2025: Tmux and OCC25 Working TLS
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 15, 2025
IRC logs for Tuesday, July 15, 2025