Hans-Christoph Steiner @eighthave@librem.one

Now that #Apple is removing ever more apps from their Chinese app stores, it looks like Chinese mobile buyers are leaving Apple in droves. Most recently it was #Signal, #Telegram, #WhatsApp, and more. True to their #gatekeeper status, Apple locks users in with no other supported option for installing apps. For Android devices, there are lots of app stores available.

https://www.cnbc.com/2024/04/23/apple-iphone-sales-drop-19percent-in-china-as-huawei-demand-soars-counterpoint.html

The lack of direct funding to all the code maintainers the #gatekeeper monopoly companies rely on is a clear sign how little they actually care about security. They have massive profit margins, so they have the cash. And a company can just give cash to devs. I know this because #Google in early #Android days just handed @guardianproject $100,000 to do what we were doing. Among other things, we used that to work on IOCipher, our per-app encryption lib, back when Android stored files unencrypted.

Lots of hackers would love to go in an contribute to new projects. If there was a way that people could make a living doing that, we would greatly improve the #FreeSoftware ecosystem. Lots of devs want to improve the code they work on, but so many company ban employees from contributing to #FOSS. One promising new model is maintenance funding from governments and foundations, like @sovtechfund and #LinuxFoundation. Since 93% of codebases use #FOSS, this affects the entire software ecosystem

4/4

This also happens in companies, but the dynamic functions a bit differently. The maintainers will start quitting their jobs, reducing the number of people who know the code. In a number of companies, I've seen this happen where the end result is an essential system that no present employee understands. So no one is allowed to touch it as long as it is working. This happens at mega corps and small companies alike. I experienced it at Merrill Lynch, a wealthy bank that was always cutting costs 3/

This can turn into a downward spiral, because it can drive away contributors, making things worse. Then only the ones who really feel responsible for their user base will continue working on it. Then ultimately they can burnout and the thing goes down in flames. The #XZBackdoor is a version of this dynamic. The #XZUtils maintainer was caught in that dynamic and felt he could not keep up, and was desparate for help since so many essential pieces of software rely on it.

2/

There is a dynamic that arises when there is a growing difference between the amount of maintenance required and available developer time. The maintainers need help to keep up. Until then, they need to ensure that the essentials are maintained. That in turn makes it harder for others to contribute, because the maintainer cannot afford to take any risks that might trigger unexpected work sometime later. So the maintainers have less time to review, less time to help complete merge requests, etc 1/

#Automattic just acquired #Texts and #Beeper, two #matrix chat apps that work with a bunch of bridges to popular apps :

* https://blog.beeper.com/2024/04/09/beeper-is-joining-automattic/
* https://automattic.com/2024/04/09/automattic-acquires-beeper/

I really hope they open source it.
Since they are going for a fee-for-service model like Wordpress, I'm optimistic. This is key for breaking the network effects that #gatekeeper companies rely on: #Apple #Meta #Facebook #WhatsApp #Discord #Telegram #Signal.