I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
-
I wonder how @fdroidorg (https://opencollective.com/f-droid) feels about this? I have a feeling they wouldn't be too happy.
Some unrelated privacy concerns about accessing the Open Source Collective funds have already been raised - so it's extra disappointing to me to see another dimension being added to the issue. Thanks for bringing this to our attention, @liaizon
-
RE: https://social.wake.st/@liaizon/116206925371202010
I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
I work with an NPO which currently uses Open Collective and likely would vote to stop using Open Collective if this level of corporate doxxing is required to interact with their platform.
Don't dare open source hackers, we can switch/build services in a heartbeat.
We are not trapped like teenagers hooked on discord, we can simply leave and never look back if forced.
-
Open Collective is adding KYC from Peter Thiel backed Persona. If you are not familiar with Persona: https://www.openrightsgroup.org/press-releases/roblox-reddit-and-discord-users-compelled-to-use-biometric-id-system-backed-by-palantir-co-founder-peter-thiel
Here is the github issue where its being worked on:
https://github.com/opencollective/opencollective/issues/8609 -
@leonieke @liaizon it is also possible to support GoToSocial on LiberaPay https://liberapay.com/GoToSocial/. Which I cannot say about Guix, for example…
@yacodes Yeah, I've set up alternative payment there - waiting for approval
-
Some unrelated privacy concerns about accessing the Open Source Collective funds have already been raised - so it's extra disappointing to me to see another dimension being added to the issue. Thanks for bringing this to our attention, @liaizon
@seabass thanks for the reply Sebastian. I am a huge fan of F-Droid and a daily user. I have great respect for F-Droid and wish it the utmost success. This situation seems like it might need a quick response by the community and I think Open Collective must really not be thinking very deeply about who they are representing if they are making moves like this. I would hope this issue can be brought up internally and maybe some peer pressure from orgs like yours might really help this situation.
-
@liaizon Kind of wonder if it'll be legal on the non-US side of things (like in regards to GDPR) as that could add legal backing to opposing it.
@lanodan I can't imagine how all of this sort of sharing of personal data with "partners" would work in a legal sense but it sure seems like its common in Valley startups
-
I work with an NPO which currently uses Open Collective and likely would vote to stop using Open Collective if this level of corporate doxxing is required to interact with their platform.
Don't dare open source hackers, we can switch/build services in a heartbeat.
We are not trapped like teenagers hooked on discord, we can simply leave and never look back if forced.
@nullagent @liaizon @scan
> build services in a heartbeatI believe that when I see it
-
@seabass thanks for the reply Sebastian. I am a huge fan of F-Droid and a daily user. I have great respect for F-Droid and wish it the utmost success. This situation seems like it might need a quick response by the community and I think Open Collective must really not be thinking very deeply about who they are representing if they are making moves like this. I would hope this issue can be brought up internally and maybe some peer pressure from orgs like yours might really help this situation.
@liaizon It's always nice to hear from users, and on behalf of the project, thanks for your kind words! I agree that this is an unfortunate decision - made independently by both Open Collective and Open Source Collective, it seems - that has the potential to harm lots of FOSS maintainers. I hope you can understand that it is, well, a delicate matter to raise complaints against the very organization that holds >80% of our funds, but I shall do my best to address this with sensitivity and expediency.
-
RE: https://social.wake.st/@liaizon/116206925371202010
I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
@liaizon @scan The First Person project is needed quickly. TLDR , proof of identification without breaching privacy. Linux Foundation is the first test case for it to avoid Jia-Tan-like attacks. Why OpenCollective needs the identity verification provider in the first place though, what are they using it for?
-
@lanodan I can't imagine how all of this sort of sharing of personal data with "partners" would work in a legal sense but it sure seems like its common in Valley startups
@liaizon Yeah, it seems like the vast majority of VC-backed or publicly traded companies from the silly con-valley has their business model based on privacy violations. -
@lanodan I can't imagine how all of this sort of sharing of personal data with "partners" would work in a legal sense but it sure seems like its common in Valley startups
-
I have a feeling @mollyim (https://opencollective.com/mollyim) might not want to be supporting this initiative.
Because of Open Collective's belief in transparency, you can see directly how much @OpenSourceCollective is paying to use Persona and when those payments started:
https://opencollective.com/opensource/transactions?searchTerm=persona&kind=ALL
-
J jowek@autonomous.zone shared this topic
-
RE: https://social.wake.st/@liaizon/116206925371202010
I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
-
@liaizon @scan The First Person project is needed quickly. TLDR , proof of identification without breaching privacy. Linux Foundation is the first test case for it to avoid Jia-Tan-like attacks. Why OpenCollective needs the identity verification provider in the first place though, what are they using it for?
-
Because of Open Collective's belief in transparency, you can see directly how much @OpenSourceCollective is paying to use Persona and when those payments started:
https://opencollective.com/opensource/transactions?searchTerm=persona&kind=ALL
So yeah, this really seems like they are integrating Persona directly into Open Collective. So even if the fiscal host changes directions here, this seems totally not ok.
https://github.com/opencollective/opencollective-frontend/pull/11988 -
A abekonge@venner.network shared this topic
-
Because of Open Collective's belief in transparency, you can see directly how much @OpenSourceCollective is paying to use Persona and when those payments started:
https://opencollective.com/opensource/transactions?searchTerm=persona&kind=ALL
Huh. The amount of absolutely private data Persona and the companies they sell it to are hovering up is mind boggling.
With that I assumed companies using their product would be paid for it instead of being the ones paying. -
@Li @liaizon @scan I think we are going to need it. Open source will be attacked by bad faith actors which can set up a bot army of "contributors" - the openness we want needs some kind of trust mechanisms. I am not saying this specific case warrants an identification system - just that there are sharks in the water ahead. Say someone wants to infiltrate the forums of KDE, and make a lot of noise and disturb development, they can already. In the future they can x1000 it in volume and distruption
-
So yeah, this really seems like they are integrating Persona directly into Open Collective. So even if the fiscal host changes directions here, this seems totally not ok.
https://github.com/opencollective/opencollective-frontend/pull/11988Soooooo @Mastodon is using @OpenSourceCollective as their fiscal host...
-
@Li @liaizon @scan I think we are going to need it. Open source will be attacked by bad faith actors which can set up a bot army of "contributors" - the openness we want needs some kind of trust mechanisms. I am not saying this specific case warrants an identification system - just that there are sharks in the water ahead. Say someone wants to infiltrate the forums of KDE, and make a lot of noise and disturb development, they can already. In the future they can x1000 it in volume and distruption
look okay we just "need" mass privacy violations, we just *need* to destroy all anominity on these projects, its super important! we just need to discriminate against people who are not 'blessed' by teh state with the privledge of being able to exist.
yeah; how about no;
i do not care how 'palletable' you try to make this dystopian bullshit
please fuck off
-
RE: https://social.wake.st/@liaizon/116206925371202010
I didn't want to be break this story over here but since no one else seems to be posting about it here I am sharing a screenshot from the other side with @scan's post.
