There's a serious lack of useful information here.
"Due to circumstances outside of the control of the Fosshost volunteers, we are now in a situation where we cannot guarantee our servers will stay online, and in fact expect them to go offline shortly."
and in the link: "I'm expecting the BOS datacenter to go offline in the very near future."
And in their Twitter profile, they seem to be a non-profit. I presume then that they're a formal organization of some sort, and should hopefully have some sort of budget and ability to handle contingencies.
So... what's going on? What is the "BOS datacenter"? How is a datacenter suddenly going offline?
Why does a non-profit dedicated to hosting critically depend on a particular datacenter and can't just move to hosting stuff somewhere else?
Why are links from September that might be of help explaining already a 404?
Also, who are these people, and whose projects are hosted there?
We are unable to pay for co-location costs, and that's why our servers will go offline as Thomas our CEO is unreacheable. He only has access to bank and thus to funds.
You might not want to, but you should put some of that information on your website. Otherwise this is a huge red flag against the "Radix project" you are advertising there. If not for the information in this thread, I would stay the hell away from a project "founded in part by one of the original architects" from the ashes of the one which died suddenly without any explicit reason.
You don't have to put your dirty laundry there, but you should at least mention that the Fosshost leadership moved on, and that it's the other members that are starting Radix.
Yeah it's good to know when the people who actually built and ran stuff are moving on, and the problems are due to poor management (especially by people with zero connection to the new thing).
> Thomas our CEO is unreacheable. He only has access to bank and thus to funds.
Does your nonprofit have a treasurer? I thought it was a legal requirement for the treasurer to be a different person from the CEO. In that case the treasurer should be able to present something on official letterhead and gain access to the account.
[former fosshost member] We did not (as far as I'm aware) have a treasurer, but did have a volunteer as the CFO. After appointing them, the CEO never fully gave them access to finances and after many requests, eventually just started taking away financial access from everyone else too.
There should be a legal way for them to gain access to the funds without the cooperation of the CEO. A CIC has specific rules for usage of funds which can be enforced especially if the CEO isn't applying them as they are required to.
I don't know if the whole thing was ever officially documented, so we don't really have a way to gain control to the bank account. There's two directors remaining, and no board to speak of as they have resigned.
All in all, we have tried our best to prevent this, but we cannot anymore.
I don't know what's the motive for the CEO to be unresponsive and I don't want to speculate anything, but it's not at all fun for anyone.
It is going to be a problem for the radix project though, since given how close the ties are between that and fosshost there are significant questions about the motivation and competence of the team, and their dedication to protecting donor money/supporting the organizations they host etc. If this happens again, are they just going to abandon everything and walk away again? Why did those volunteers decide that the better way to further their mission was to abandon their old nonprofit as a loss and start a new one instead of taking serious steps to regain control and at the least clearly document all leg routes taken/the reason that they had to give up in the end? It's the same community of people that are being asked to trust substantially the same set of people a second time.
You should really put some of this on your website. You don't have to air out all of the dirty laundry, but some clarity about what went wrong would be very helpful to people just learning about it.
That would also help explain what's Radix about and why they are the alternative you recommend.
This really highlights why rules for nonprofit governance exist. The CEO could have also run off with donor's money and nobody else in the organization would know.
in situations like this, if you could use financial help you need to blurt out what the costs are that need to be covered.
There's plenty of people with money about, so if you have somebody's attention take advantage of it. I've already clicked a half a dozen link and there's no info. Why make me work so hard?
if you are happy it's over, well, that's ok, thanks for volunteering as long as you guys have.
Looks like you're a UK CIC, which means you're regulated like a company, and your CEO/Director has statutory responsibilities.
If he is failing to dispense his duties, he could be struck off as a company director in future.
He incorporated a Limited company called Fosshosts Projects Ltd. last year, on his own. It'll be struck off in the next two months due to failure to file.
He also has another company currently in protracted liquidation, and it sounds like he is failing in his responsibilities there too.
Can anyone file a complaint for authorities to investigate? It sounds like embezzlement of organizational funds might be a possibility and it warrants whomever oversees non profits in the jurisdiction asking some questions.
It's just as likely they're having a mental health crisis of some sort (in my experience this is generally why people on the Internet go nonresponsive), I'd really encourage people not to call the cops on people in a situation they can't understand or get eyes on. It can make a bad situation much, much worse.
It's even entirely possible for both things to be true, eg, for someone to have a medical crisis in their family, which leads to a series of desperate decisions including misappropriating the funds (I recall a former HN user who did a Kickstarter that ended this way, where they had an issue paying rent and a mental health crisis while they were trying to deliver on their Kickstarter - I don't think they've been active online since, further isolating them from their community and support network). Would law enforcement help that situation? Absolutely not, even if the money was recovered it probably wouldn't be worth it.
I mean no offense to those having a mental health crisis, it happens (I have had one myself), but that also doesn't mean a non profit should have its funds walked off with (regardless of why). I've reported non profits to the IRS in the US when it appeared they might not be entirely above board, and I never felt like I was "calling the cops" in the same way I would where they're going to break down someone's front door; it's asking people who are tasked with oversight to do their job.
Unequivocally, I hope this person gets whatever help they need if they need help, regardless of the outcome of this non profit.
I understand you didn't feel that way, but I think maybe you should do a thought experiment of what "doing their job" would mean? Once those events are set in motion, you can't control how they unfold or predict the outcome; even if that person didn't do the thing you were worried about, law enforcement may well find some reason to antagonize or imprison them.
I'd encourage people not to contact any law enforcement entity of any kind if they don't have a really solid understanding of the situation. Consider this story from a few weeks ago: https://news.ycombinator.com/item?id=33626670 where someone called the cops because they were concerned that they saw a child walking alone, and the mother ended up going to jail. That wasn't the intention of the person who called the police; but once you invite law enforcement into someone else's life, you have no idea what they will do and you have no power to recall them. 'pessimizer relayed a similar experience yesterday: https://news.ycombinator.com/item?id=33836312
I honestly encourage everyone to consider whether letting it go is the best thing to do in any given situation. Someone might've stolen money? Contacting law enforcement probably won't get it back. An organization is dissolved? We can form it again, with a structure that ensures a higher bus number. These are things we can control, and where we can predict the outcome.
The purpose of reporting crime is not to receive compensation; it's to create a norm where crime is punished and hence deterred. It's a societal benefit not a personal one.
It's not good that miscarriages of justice do happen, but that doesn't change the overall point.
I understand the principle of what you're advocating for, but the unfortunate reality is that miscarriages of justice are the norm and not the exception. I'd put forward another principle; it is better to let 1000 guilty parties go free than to condemn 1 innocent party (and "innocent" here should be taken to include people who are committing a "crime" that is normally tolerated, employed as an excuse to arrest someone - each of us commits dozens of these "crimes" regularly, without realizing it). When we reflexively invite law enforcement into other people's lives, when we do not and cannot understand the situation at hand, we are not likely to promote a societal good. We are far more likely to promote a societal ill; that of overpolicing.
I'd encourage people to think of law enforcement as an adversarial entity, constantly trying to do everyone in, who needs your invitation to act. It might be because they need to drive their performance metrics up, it might be because they're overzealous in the pursuit of what they view as justice, we can't really know and it doesn't matter. When you give them that invitation, they will make the absolute most of the opportunity. If you invite that monster into someone else's life - you had better be damn sure that they are a real threat to the community. You don't want to ruin (or perhaps end) someone's life over a miscommunication.
>I understand the principle of what you're advocating for, but the unfortunate reality is that miscarriages of justice are the norm and not the exception. I'd put forward another principle; it is better to let 1000 guilty parties go free than to condemn 1 innocent party (and "innocent" here should be taken to include people who are committing a "crime" that is normally tolerated, employed as an excuse to arrest someone - each of us commits dozens of these "crimes" regularly, without realizing it).
I think the ideal solution to this would be to work on fixing the system, not avoiding contact with the system. Hold police accountable for violating people's rights. Remove laws that don't need to be enforced, and consistently enforce ones that do need to be enforced.
>When you give them that invitation, they will make the absolute most of the opportunity.
When my car's window was broken and my work laptop was stolen, I reported it to the police and they didn't seem to do anything besides enter it into a database. I even have the thief's blood, but the police didn't want it.
> I think the ideal solution to this would be to work on fixing the system, not avoiding contact with the system. Hold police accountable for violating people's rights. Remove laws that don't need to be enforced, and consistently enforce ones that do need to be enforced.
This is a fair point. Personally I don't believe this reform is possible, as I believe that the nature of police powers is such that they will always become abusive and insulate themselves from accountability. Regardless, in the same way you go to war with the army you have, when you contact law enforcement, it's the law enforcement that you have and not the law enforcement you believe should exist.
> When my car's window was broken and my work laptop was stolen, I reported it to the police and they didn't seem to do anything besides enter it into a database.
I'm sorry that happened. Once my laptop with full disk encryption was stolen - while it was booted and asleep (thus defeating the full disk encryption), and I felt like such a fool.
I meant this more as a mental model of what the worst case scenario you should anticipate is. Because we simply cannot predict how law enforcement will respond on a spectrum of not giving you the time of day to showing up with their weapons drawn, we have to consider whether the most extreme scenario is acceptable before contacting them.
For what it's worth, I believe we should have a more diverse array of emergency services, who can be contacted directly, so that you have more control over what kind of response you are requesting.
Yeah, you have some good points. It's a complicated situation.
>while it was booted and asleep (thus defeating the full disk encryption)
Well I thought it would require a cold boot attack which would be extremely hard against a laptop with soldered RAM (like my stolen macbook pro). Until I looked it up just now and found this video...
It sounds like you have a deep (and IMO unjustified and motivated by wrong or weirdly interpreted statistics) hatred of law enforcement, probably from either personal experience or political activism. That's your prerogative, of course, but it's a really fringe position and most people would disagree.
Nope, no hatred. Just conclusions I've come to through observation and reflection.
This is something I'm seeing more and more, where people will say "You just have strong feelings on X, so your opinion doesn't matter." And for one, it presumes to know things about the contents of someone else's mind that you don't know, and for another, it's just not a criticism. It's a way to avoid engaging with the substance of someone's ideas.
Basically what this comes down to is saying, "because you have an opinion, you don't get to have an opinion," which is nonsense.
I haven’t seen any hint of “hate” in their comments and their position is anything but fringe. Focusing on having a diverse set of emergency response teams has become mainstream, I’d say it’s a fringe position to think otherwise. Trust in police is very low nationwide and you seem to be out of touch.
Having a mental health crisis should not mean that you're free of consequences. It's not like random people are driving up to their house to harass them, they're reporting them to a regulatory body who will investigate themselves and prosecute if needed. And if they are having a mental health crisis, they should be able to plea insanity.
All is this is compounded by the fact that, at least according to another commenter, they're head of operations at another company.
If someone in control of a lot of money with duties to other just vanishes (and according to other commenters, they do have legal duties in the UK), they should face consequences. People didn't donate to Fosshost so one person can disappear and take their money with them.
> It's not like random people are driving up to their house to harass them
When you direct law enforcement to investigate someone, you should anticipate this as a strong possibility.
> And if they are having a mental health crisis, they should be able to plea insanity.
I think the bar for this is much higher than having a mental health crisis, and that even if successful it won't result in you maintaining your liberty but being institutionalized instead of imprisoned. But IANAL and certainly not a UK lawyer (barrister? solicitor?).
> [T]hey should face consequences.
Personally I don't buy the notion of retributive justice. It seems like the volunteers of Fosshost are taking lessons from all of this, and creating a new project with better governance. I think that's a productive and healthy response, and the place where effort should be focused. To me, creating a new, better project to continue the mission, that's what justice is. That's what people donated their money to do, too; to support the mission.
Personally, I plan to donate to their new project. I'm not in a position to contact authorities (as I had no involvement in their last project), but I wouldn't if I could. Everyone makes up their own mind about these things, but I hope anyone considering contacting law enforcement really weighs the potential for harm and what exactly the likelihood of a good outcome is (and what that even means) before acting.
Well, your sentiment is nice and all, but you're effectively dooming every nonprofit to spectacular dissolution if their CEO decides to not answer the phone. Non-profits, you know, those things that are supposed to serve the public good? But I guess public good is on hold if the CEO goes AWOL.
Am I? This group wasn't able to separate the executive function from treasury function (despite their efforts to do so, it seems like this executive simply refused) - isn't that what caused this mess? If you structure an organization such that there is a single executive who cannot be held accountable - then your bus number is 1. Law enforcement cannot improve your bus number. It doesn't matter if your executive steals your money or gets hit by a bus, eventually something is going to happen to them and then your organization won't be able to recover from it.
If this was unclear, I'm not in favor of theft and am in favor of public goods. I'm not advocating for blind trust and am in favor of accountability - to peers in real time, not to law enforcement when the damage is already done.
If you want to know what I think, it's that horizontally organized groups, composed of as few people as possible (accepting redundancy to improve your bus number and allow for vacations and other contingencies), with a narrowly scoped mission, and without accepting more money than is necessary (as too much money leads to mission creep & perverse incentives) are the best way to do almost anything. A pyramid terminating with a single person is probably the worst.
> Law enforcement cannot improve your bus number [...]eventually something is going to happen to them and then your organization won't be able to recover from it.
In this particular instance, the regulators absolutely can. If the CEO is failing to discharge their duties, they will be disposed of as a company officer, and a new officer will be installed, who can get access to bank accounts and other resources (websites, domains, taxes) backed by the force of law. Not going to regulators is what wil lead to an irrevocable failure in this instance, but it appears the volunteers have already resigned to that fate.
I find rather suspect that the CEO registered a private company with a name similar to the non-profit they already run. I don't have full context, but that alone sets off alarm bells for fraud and/or self-dealing: I'd definitely contact oversight on that basis alone, if I had standing.
They may resolve these issues, but that doesn't improve your bus number. There's no guarantee they will, how long it will take, and whether the money will be there; this doesn't address the root problem. If you did all of that and then carried on in the same manner, you'd run into a similar problem eventually.
There's certainly things I find suspicious about this CEOs actions, I won't deny that. I'm still not going to contact law enforcement about strangers on the Internet.
> They may resolve these issues, but that doesn't improve your bus number
You're conflating negligence/dereliction of duty and bus-factor-of-one here, while Fosshost suffers from both, they are not the same thing.
Regulators can absolutely solve the former, but not the latter. The volunteers can solve the latter, but only after the former is resolved. I don't see why you assume why a new CEO would resist relinquishing all treasury duties.
> You're conflating negligence/dereliction of duty and bus-factor-of-one here, while Fosshost suffers from both, they are not the same thing.
I appreciate the distinction, but they're certainly related. We can see that because we can achieve the same result with a bus accident as with dereliction, and that addressing the dereliction without addressing the bus factor will result in a repeat of the problem.
> I don't see why you assume why a new CEO would resist relinquishing all treasury duties.
I don't, that was a thought experiment to illustrate the point that addressing the dereliction does not address the root cause.
We can certainly create much more effective systems of accountability than having a single point of failure who we threaten with legal action to keep them honest (just splitting up executive and treasury functions is already a huge improvement), and like I mentioned, that doesn't defend us against buses.
I think we can all agree that empirically, this single point of failure plan didn't work.
> If you structure an organization such that there is a single executive who cannot be held accountable
I think you're assuming an ideal, spherical organization, in a vacuum (as the physicists say). In other words, you're assuming that you can "just" structure your organization such that there's no single human point of failure, or that you can remove that point of failure without legal intervention. Which... well, you have to prove that!
Sure, but I don't think it's even that controversial or untested an idea. I think this is pretty common in startups, but they'd call it a "flat org-chart." It's generally seen as unacceptable to have the executive and treasurer be the same person, even in very vertical organizations. It's my observation that, if you leave people to their own devices to perform a task with a narrow scope, they pretty much form a horizontal organization where they make decisions by consensus, because that's what makes the most sense to them.
That being said, I do have a lot of ideas about this, which I am hoping to test by starting a company when I have the means to do so, and if you'd like to fund me, my email is in my bio. (/s)
Are you sure? Consider what happens when a CEO is suddenly unable to function. What happens to company property, intellectual property, notes, etc. that are in their possession? Do they magically vanish? Or do you try to recover them? Maybe the CEO's corporate laptop will show up on ebay with files intact. Is that an optimal outcome? What if the person lives alone? At what point is law enforcement a.k.a. "the gubment" involvement okay with you?
I don't really understand where this comment is coming from, I think you've maybe misinterpreted me; I'm not trying to say there is never an appropriate role for government, I'm saying not to call the cops on Internet strangers, and that accountability you proactively build into the structure of your organization is going to work much better than going through the legal system. But sure, it's okay for law enforcement to let you into the empty house of the late CEO, and if a stolen laptop shows up on eBay, it should be returned to you if possible. (But it's going to go a lot smoother for you if you use full disk encryption so that the stolen laptop can't be used to steal your files, and if you've backed them up to a company drive so you never lose access - you're not going to want to rely on law enforcement to give you these guarantees post hoc, and they're not going to be able to deliver on that most of the time.)
Do we actually disagree? The way you kinda derisively said "the gubment", and how previously you said I had "nice sentiments", makes me think maybe you don't like how I've expressed myself or that I'm reminding you of other ideas you don't like?
I'm just trying to explain why "don't call the cops on internet strangers" is too hardline of an argument for the real world, because everyone is a bit of an internet stranger.
I think if you read my comments in the sibling thread (https://news.ycombinator.com/item?id=33849719 & the following 3 responses I make), which I view as the main part of my argument, you'll find nuance there & that I don't take a hardline position (I present a case & urge people to consider it, I don't prescribe any particular action). I was tired of explaining myself in this part of the thread & taking is as read that people had read that part of the conversation, but I should've tried harder to preserve the nuance. And I forget sometimes that other people's view in the UI looks very different from mine, so while from my perspective these comments were visually emphasized by being sorted higher, that probably wasn't the case for you.
I doubt you'll agree with me after reading those either, but I think you'll find it isn't a hardline stance.
Reporting this incident to the charities regulator won't result in any police involvement unless said regulator find that serious fraud has been committed.
As it stands, the director should be struck off the register of directors and prohibited from directorship by companies house, for the protection of everyone else.
I absolutely agree with you that police often make things worse than they need to be. But we can't just allow people to do bad things, shrug, and move on. Even if the CEO of Fosshost has a legitimate excuse for what's going on, taking no action at all just tells the true sociopaths among us that they can get away with whatever they want, because people will assume there's a reasonable explanation, and not involve authorities.
That's not an outcome I'm comfortable with either. And I am very sympathetic to your statement in another subthread about preferring 1000 guilty people going free over even 1 innocent person going to jail. But where's the threshold? How about 10,000 guilty people? 100,000? A million? As much as it pains me to say this, at some point we do have to accept that innocent people will get caught up in the system. Because if we refuse to take action against any guilty people due to a fear of hurting the innocent, then the guilty people will just take more and more advantage of that, until society itself is untenable. I don't think you're directly advocating for a breakdown in society, but I think that's the eventual outcome of your policy.
Don't get me wrong, the system as it is... is terrible. It needs boatloads of reform. There are many issues that police are ill equipped to handle, and yet end up handling -- poorly -- anyway, because there is no one else empowered and funded to handle those situations. Even the best police officers can handle situations outside their training poorly, and unfortunately there are many police officers who are very far from being the best, to put it mildly.
I don't have solutions here. Policing is incredibly broken, and I don't really know what will fix it. But I don't think a productive response to that is to just let people get away with doing bad things, regardless of their intentions or their personal situation.
To the actual matter at hand, posts like this one -- https://news.ycombinator.com/item?id=33849353 -- lead me to believe that the CEO was intentionally doing something shady. No, I don't have proof of that, but I don't think anyone is going to figure out what was really going on without involving some sort of authorities. At some point you just have to judge for yourself if you believe someone was acting maliciously or not, and take whatever action you think is best. The people working on Fosshost are certainly in a much better position to do that that than we are, here.
It's clear from your reply that you've read closely & made an effort to hear me out despite disagreeing with me, and it's appreciated. I don't have all the answers here either; I can point in what I think is the right direction, but my understanding on this is a work in progress, and I'm not any sort of genius of sociology or political theory. I don't expect to be the person who cracks the code on the human condition. But I'll try to address your comment with the same respect you've addressed mine.
The question of how many guilty people we can let go free per innocent is like the question of how many angels can dance on the head of a pin; a vital question to which there is no answer, but which must be evaluated and re-evaluated ceaselessly. I think it's important that we keep trying to perfect society. I think it's important that we come up with utopian visions and try to implement them, knowing full well that we won't reach them. We must avoid the pitfall of looking at the tools available to us, finding them unsuited to the task, and then saying, "well, these are all the tools that I have to work with" - when we find ourselves with only bad options, what we need are more tools. Every tool we have was created by that same process.
Coercing people to follow the law with violence is just not a great plan for many reasons. There are unjust laws. There are abusive police. Fundamentally, it is a reactive system; it responds to injustices that have already happened. The idea that we punish people when they step out of line as an example to everyone else doesn't really solve the problem - if it had, surely we wouldn't be having this discussion. Desperate people will commit crimes anyway, and their punishment will only enhance their desperation. People with significant privileges realize that they can't be held accountable. Overall retributive justice treats crime as some sort of affront that demands a violent response, an eye for an eye, but I think it's more productive to think of it as a problem which demands a solution. When you view it through the lens of problem solving, it changes your perspective and what you imagine to be possible.
We should eliminate desperation and perverse incentives that lead to crime wherever possible. When that isn't possible, we should seek to detect & reverse it immediately, within the organization or community where it's happened, and excise or reprise that community member as appropriate. We should be accountable to one another, through peaceful means, and not the state through violence.
It's a common concern that, without the threat of violence, society would fall apart, as you expressed. But I don't believe that is what will happen. I think the root of this is a Hobbsian view that the fear of violence is what binds us together - if you hold this view than naturally, without violence, that binding force would be gone. But is that true of your own life? I believe people are generally motivated by care for one another more often than fear of violence. When I think about the actions I take in a given day, and I ask myself why I did them, virtually all of them are because I want to take care of the people around me. That's why I did the dishes and cooked meals for my household today; that's why I checked up on my friend who was supposed to call me, but didn't (they're fine); that's why I've been shopping for gifts; etc. I think violence in our society serves to shape our behaviors to fit a particular mold, that benefits those in power and which we wouldn't submit to voluntarily. But without that violence, I think we would still have a society, and a more just one at that. It hijacks our society for a particular purpose, but it isn't the glue that holds it together.
It's easy to find ways my ideas are imperfect, I'll readily admit that. You can't simply detect and reverse murder, being an obvious one. I'm not so naive as to think a perfect society can be achieved without perfect humans, and I don't see that as a real possibility. But I hope I can convince you that it's worth looking at things from a problem solving perspective, rather than a coercive one.
> And if they are having a mental health crisis, they should be able to plea insanity.
"Not guilty by way of insanity" is an incredibly high bar to meet, and it happens very rarely.
What usually happens (in England!!) is that the person is tried, convicted, and sentenced, and then given a hospital order. At that point they stop being a prisoner serving a sentence, they become a patient getting treatment at a low secure, medium secure, or high secure specialist commissioned hospital. I've spoken to patients in low and medium secure units, and they often say they'd prefer to be in prison doing time rather than being in hospital getting treatment.
I have some poorly formed thoughts about the need to set a high bar on criminal convictions, especially when people have made major errors, perhaps driven by mental poor health, rather than criminal intent. Mens rea and actus reus are a pretty important combination. And it's not a binary prosecute vs do nothing, there are a range of community restoration measures and protections that can be put in place leaving criminal prosecution for unrepentant criminals.
I love the NHS and have written previously in defence of it but mental healthcare is practically non-existent with extremely long waiting lists and you really need to know what you're expecting to get from it to get anything at all from it. Unlike physical health, it does not work to help those who really need it.
So, uh, yes, but it's very dependent what bit of England you're in and what bit of mental health service you're trying to access. I'm not disagreeing with you btw, the picture is pretty bleak for very many people.
What you’ve described sounds eerily like negligent mismanagement, possibly embezzlement. To avoid liability yourself, you may want to put a note into the authorities.
You’re aware. That bring liability. Unlikely liability. But the only person in litigation or prosecution distance, even if low level, is likely to get bonds. Particularly if someone can show knowledge and inaction, and thus plausible complicity.
Juristriction would add context to your note. Liability differs from place to place.
Personally I'm of the opinion that in most juristrictions volunteers would have no liability, but I am not a lawyer, so if in doubt run the question past a local lawyer.
Plus, who exactly is going to come after you for liability? Liability for what?
Directors are responsible for the management of the Company's business, for which purpose they may exercise all the powers of the Company.
The drectors all have full authorisation under the Articles of Association. The bank will give them authority on the bank accounts should it be requested. The articles also make it fairly trivial to remove the problematic director and return to business as usual.
That these absolutely basic steps have NOT been taken - and directors have been resigning is a massive of a red flag to me.
There's your problem: "Fosshost Enters Into Long-Term Partnership With Freenode"
Last week this not-for-profit hosting provider announced they would be moving their IRC presence to Libera.Chat from Freenode. But the plot twist now is a new announcement made on Tuesday that they have entered into a long-term partnership with Freenode Limited and Andrew Lee.
They will be assisting Freenode and are said to be working on long-term plans around Freenode on the Fosshost network. Additionally, "In the near term, the two projects will partner to launch co/cross branded public and tenant-facing SaaS offerings, available BYOD or levering the combined network for DNS."[0]
Mostly all of the volunteers did not support going into partnership with freenode. Thomas was one of the only ones who wanted it (and he only did it when mostly all of the tech team threatned to quit)
No implication that there wasn't also pushback internally was intended, my apologies for the fact that now I look at it again, my comment can clearly be read that way.
I kept to a generic 'they' because the communications in question were private so while I'm comfortable revealing they existed I felt keeping the description deliberately vague was only fair.
Parent means IP as in Internet Protocol, not Intellectual property. The DNS for gnome.org resolves to 8.43.85.5, which lists Red Hat Inc. as the ISP. Indicating it's unlikely to be hosted by Fosshost.
Oh I see what you mean. Fosshost is unique in that they have a lot of arm64 metal floating around (maybe locked up in a DC soon?). They typically have offered it up for CI or distro build servers.
If the approach of the other people at fosshost seems to be that the response to the ceo allegedly potentially embezzling funds/derelicting duty (just walking off with control of the bank account and going dark) is simple to shrug and start a new organization, why should we trust them to operate correctly? I'm not seeing details on what the lessons learned are. If you donated money to fosshost, amd you see the ceo walk away with the money while the rest of the team just decides to start with a new name, why would you then trust that new team with a donation? This whole situation is not confidence inducing.
It doesn't sound like the CEO has necessarily stolen any money, just that he isn't using them to pay the bills and the board hasn't taken any action to fix the problem.
This problem can likely be solved by the board simply electing a new authorised signatory from their own ranks. Assuming anyone is still around who wants to take on such a role.
The fact that it hasn't happened (?) would suggest that the real problem is a general lack of interest from those involved, not just the CEO.
You're right, there's so many ways they could have intervened. It also seems pretty clear that they do want to take on such a role, since they've gone ahead and created another organization that does the same thing. It's so baffling that they seem to think the way to go about it is to give up on regaining control of the organizations funds and start a new one, and expect that people will just trust the new one somehow
Discord is good for real-time communication. For long-lived discussions on important topics, it is objectively not a good option. The hate train is there for a reason.
My grand theory is that for a lot of reasons we need to restructure society to focus on automating most of the basic tasks required to reproduce society (basic manufacturing of shoes, farming, etc) in a collectively owned and managed way, and then provide the "dividend" of this production for free to everyone as a kind of basic support. Cheap housing, free food and clothes, basic medical care, etc.
In such a world, open source devs could live off of that basic support indefinitely, rather than slowly draining savings or killing themselves working a second job to fund the open source work.
I think if we did this we would see much more open innovation, which would lead to more rapid innovation, which would be good for everyone.
Its more of a distant goal and doesn't solve the problem today, but its something I like to discuss as it can inform what direction we head in.
This sounds like a fantastic future, but I have problems imagining it actually working out that way, given how greedy humans can be. I'm not convinced by projections of UBI maybe due to my own lack of imagination.
I find it difficult to imagine a world where UBI doesn't create a two-tier system -- pre-nationalization haves and have-nots. Such schemes make me imagine a world where people who built capital and became necessary (ex. Walmart) will have fresh money for their monopolies guaranteed for all time.
As for the very specific problem of open source not being properly supported, I think there's a closer/easier stopgap -- monetization.
Free software exists because idealists manipulating existing legal systems to meet their ends. I think we need the same thing, but in the business domain. We need hackers that are good at business just like free software needed hackers that knew enough about the legal system.
Put simply -- we need more businesses who work with F/OSS and give back to it. Imagine if even .1% of Amazon's revenue was going back into the open source projects it uses across the stack. The open source world would look drastically different.
I'm biased towards this solution because I'm trying to build it, but I bet I can build something to generate value for F/OSS faster than we can straighten out the allocation of society.
So to be clear I’m not talking about UBI or nationalization. I agree there’s big problems with that. Nationalization can work well for things like railroads, but I’m talking about something else.
Specifically I’m advocating for an economy comprised of a federation of cooperatives. There would be no nationalized Walmart, instead there would be community owned cooperative stores that achieve economies of scale through voluntary federation with similar stores in neighboring regions, or across even wider areas. Health care could be managed by regional cooperatives, again federated.
An important part would be a culture that avoids buying from businesses outside of this federated arrangement. Traditional businesses controlled by a small board of directors can under pay workers and try to undercut competition, but businesses in the federation would understand the importance of building their own solutions to these problems to prevent control by large entities.
This might work similar to housing in Vienna. There, the city government owns about 50% of all housing units, and this keeps the privately owned housing prices in check. In a federated economy, perhaps 50% of the businesses would be cooperatives, but they would keep workers rights and wages at privately owned businesses in check.
One thing about cooperatives is that workers will have a tendency to want to automate their jobs. For profit businesses are happy to under pay workers and only automate if it makes financial sense. But cooperatives may have more incentive as more automation can mean less work for them personally. Cooperatives also may have less incentive to create artificial demand and low quality products. If they are essentially making products for themselves and people like them, they will appreciate quality products that last longer, reducing waste.
I’m happy you’re working on more solutions to fund F/OSS. Nothing I’m talking about will support developers in the near term. I prefer solutions that make our economy more like F/OSS rather than the other way around, but one is easier to change than the other.
This is the first I've heard of Fosshost, but from a glance at their
twitter: [0]
> Fosshost is a cloud computing platform for the open-source community
Presumably then the Radix project will have similar goals, and it will
presumably not serve as a forge, although their website isn't very clear on this point. [1]
Yes, but Fosshost's bitfall is that one singular person is the only person with access to critical things, like the bank and thus is the only person able to pay our bills despite having money there or there should be.
The Radix Project is trying to learn from our mistakes and do them better so one doesn't face a similar issue due to a singular person having too much control.
I'd be quite interested to hear the Radix Projects governance plans to prevent a future single point of failure again. Not being able to contact the bill payer on the last project isn't helplessness, it's a failure of the created organizational structures to have planned redundancy, succession and legal accountability.
Pray for the goodwill of DCs and donations, mostly.
Ampere had provided a very generous amount of hardware. Actually putting that hardware into places was a lot of finding DCs willing to support the project.
This is the problem of inherently unsustainable, poorly-governed, amateur operations: they're houses of cards waiting to fall apart.
If someone wants hosting, then pay for real VPS or colo. Electricity, rack space, and cooling are usually the limiting factors rather than data transit.
This is the main reason why I still don't open-source my commercial projects, even though people ask, "Why would I choose this? There are free alternatives!"; the projects are earning money to sustain themselves and everyone is happy (customers get better support, I can sustainably work on it, going 10 years strong now).
My big concern with this whole thing is that users weren't alerted as far as I can tell. I happened to visit the website for the first time in ages and saw the news, but if I hadn't done that I would never have known until my site went offline (I guess only users on Twitter got notified).
Anyways, alternative suggestions welcome, our open source project has no money for hosting and has a few services outside of our static site that actually need a VPN to run. A small 1CPU 512MB box (or whatever it was) was plenty for us as we're not big, but we can't afford to buy that from anyone and now we're having to scramble to ask related businesses who use our stuff for sponsorship and hope one of them comes through.
It seems there's currently another director who could use the available legal mechanisms to take over from the missing director-CEO but is not doing so, and previously a board that resigned rather than use the available legal mechanisms (which would be easier for a group of them). The organisation is a CIC, which means it is regulated, and has a constitution whereby a non-responsive director-CEO can be removed, and indeed places a duty on the other directors to do so if that's what it takes, which they haven't done.
It is possible that the rest of the board was derelict in their legal duties by resigning if they knew what the consequences would be.
Even if there are no directors left, or only an unresponsive one, the collective owners of the organisation have a right to get together and install a new one, and there are legal mechanisms to do that if there's no director or secretary to do the administration in the usual way.
The keys to the bank account will be provided to the other director or new directors if they show to the bank's satisfaction that they have the right to them.
Fosshost served a niche that Github did not cover. The general audience was people who needed raw compute — e.g. for testing service deployment, or for conducting builds without needing to change how their builds worked.
They also did things like hosting for distro packages, providing domain names for projects that could have benefitted from one, etc.
A big volume of tenants came from underprivileged regions or were in personal situations where they couldn't afford these themselves, and there really isn't an "industry standard" for "I need compute on a budget of $0," at least not previously.
After its launch, the Oracle Free tier provided way more bang for $0, but between their bad habit of (seemingly) randomly firing their customers, and the fact that initial verification requires a credit card, this still wasn't a perfect fix.
Trusting random no-name organizations isn't great, but for many people, there really wasn't a better choice if they weren't able to fulfill their needs themselves.
> There's really no reason not to host on industry-standard free hosting, ie Github
GitHub will autoban accounts that post certain content. For example, I had an account for three years, with hundreds of stars across different repos. I pushed an M3U8 file containing content that GitHub didn't like for some reason, boom, account dead. No warning, not even an email with explanation.
Every single issue or comment that I ever posted across three years is now gone.
My account was banned for no explicable reason one day (I have nothing remotely controvercial). They reinstated it after I contacted support they never answered my question "why?", because of course they don't even know why. Some ai black box did it and luckily a human was able to undo it. And even if they did kn9w why, they would probably still not say, under the guise of "we don't want to tell the hackers how to get around it"
Welcome to late early stage advent of the internet.
URLs from tv.apple.com, paramountplus.com, roku.com. Although to be fair, most (all?) of those URLs expire after one hour or so, so its purely to test parsing the playlist files
> There's really no reason not to host on industry-standard free hosting, ie Github or Gitlab.
Eh, I can understand not wanting to be at Microsoft's mercy. And ideology oriented projects are likely to take issue with hosting on a platform that is not itself open source.
Microsoft at least is the devil you know. It’s like the problems with staying on Musk’s Twitter are known - but some random mastadon server could have a literal who in charge; who could do anything (or disappear as Thomas the CEO seems to have done - check Sodor mayhap).
You would choose a company that thinks Open Source is "literally cancer"[1] to support your FOSS project, rather than an unknown person: You need more faith in humanity.
Is Github more stable as a platform, sure. Does Github ban a higher percentage of projects than are effected by unreliable 3rd parties, unquestionably!
My own personal experience is that about 5% of the FOSS projects I have hosted on Github have received a DCMA takedown notice, normally from people trying to monetize in the same domain. (Including a website for a local sports club and an Android app for learning fingering of an obscure musical instrument).
Less than 0.3% of all FOSS projects I have hosted elsewhere have received a S&D or DCMA or any equivalent...
edit: I mistook Fosshost for a forge, but they were more like a cloud provider.
SourceForge used to hope everyone would think that way. Fortunately
their abusive [0] dominance didn't last.
As well as a general anti-monoculture argument, [1] there's a case to be made that Free and Open Source projects should live on 'forges' which are themselves Free and Open Source. [2][3] Also, in the specific case of GitHub, a lot of people are unhappy about the Copilot project.
Also on this general topic I recommend this hour-long discussion video [4].
Hey! I'm one of the remaining Fosshost volunteers, and I'm trying to keep the "EOL" site updated with orgs who've offered some sort of solution, like this, for impacted projects. Would you mind if we mentioned the GitLab Open Source program on our site, so more of our former tenants can see?
There is every reason to rent dedicated server / VM and self-host with something like Gitea to prevent big corps from any potential messing with one's account that can happen and is happening for various reasons. Moral / ethic standards might also play a role.
The problem with that is that every piece of software you run on your own will be attacked by hackers constantly. Everything from plain old password guessers over scriptkiddies playing around with DDoS attacks to script kiddies finding your old Gitea, Gitlab, ... on Shodan and exploiting it with yet another 0day. Or, worse, shitcoin miners who have a direct financial interest in hacking systems to run their crap on.
Don't get me wrong: I love the idea of doing your own stuff on the Internet, but it's simply unfeasible to run anything more complex than "here's an S3 bucket with Cloudfront in front of a static-built website" because of all the abuse. Or running a mail server which is even worse, as many providers have blacklisted all known dial-up and many cheap hosting network IP ranges, not to mention the mailserver software itself that is a constant source of exploits or the constant onslaught of spam and scams.
You have to invest untold amounts of work just to exist on the Internet these days, and it's incredibly sad.
Tired of this type of FUD. I run my own servers for years without any problems. So do many of the companies I deal with. They're not so fond of paying 10x and more to Amazon for less capacity and performance.
I agree about email servers, no business case for it. Dirt cheap from multiple 3rd parties. Just have your own domain so that you can transfer at whim.
Yeah, GitHub definitely has its issues. But I can be fairly certain that GitHub's CEO isn't going to suddenly go AWOL and have GitHub lose all funding.
Even if this were just static site hosting (it wasn't, but for the sake of argument let's assume it was), GitHub is in no way "the industry-standard" and lots of Open Source projects need something a bit more complete than a place you can put a few HTML files.
As an outsider, using FOSS in general for anything important seems like a bad choice unless there is a giant tech firm behind it like React with Meta. It is generally so fragile as it depends on so few people.
And commercial software may very well be one intern copying stack overflow to keep the lights on. Until the the day they stop and shutdown the product with no further updates. For example, the issue here isn't FOSS but rather a small corporate non-profit entity. The failure being the corporate governance, finance and management.
If anything, I think commercial is much riskier to have as a core dependency - they can unilaterally change the deal on you, and if they decide to stop supporting your use case, you’re completely SOL (I’ve had a couple of very close calls with this). With open source, you can keep it running yourself, because you have the source, and you always have the option to patch it.
Ok, I tried doing this but now its blocking me from posting further. I think since it needs to keep context, jumping back and forth with ls, cd is causing issues.
For my iteration there were 4 videos in the Documents folder, would have been cool to see what they videos were...
"Due to circumstances outside of the control of the Fosshost volunteers, we are now in a situation where we cannot guarantee our servers will stay online, and in fact expect them to go offline shortly."
and in the link: "I'm expecting the BOS datacenter to go offline in the very near future."
And in their Twitter profile, they seem to be a non-profit. I presume then that they're a formal organization of some sort, and should hopefully have some sort of budget and ability to handle contingencies.
So... what's going on? What is the "BOS datacenter"? How is a datacenter suddenly going offline?
Why does a non-profit dedicated to hosting critically depend on a particular datacenter and can't just move to hosting stuff somewhere else?
Why are links from September that might be of help explaining already a 404?
Also, who are these people, and whose projects are hosted there?