This is a wake up call. Too many things are relying on Github right now.
Microsoft was part of the PRISM program. If Microsoft shares SSL certs with NSA they could do MITM attacks. What if in some very specific cases you download dependencies from GitHub and they give you a different version with malicious code?
It's the NSA. They could be smart enough to only deploy those attacks on production servers were nobody is going to manually review npm packages.
They could also do it regardless of whether or not Microsoft owns them or whatever favorite acronym authorizes them, or whatever. I've never understood why people love freaking out about this stuff. If the NSA felt like spying on you, pro tip, they're gonna be able to do it. If you care about keeping your shit secure, it shouldn't be on the internet at all.
>If you care about keeping your shit secure, it shouldn't be on the internet at all.
If only we lived in a world where this was practical.
I don't think it's unreasonable to be concerned about privacy this way, or to take issue with the possibility that this acquisition could make it easier for one to be spied on or surveilled. However, we should also cautious that our tin foil hats do not grow too heavy.
Whenever I read these kinds of posts on this website I think of Sterling Hayden in Dr. Strangelove. (The crazy SAC commander who thinks the Russians are plotting to steal Americans' precious bodily fluids).
I understand that people don't trust the NSA/US government. And they shouldn't: the US government will always put its interests above yours and mine, and above those of allied countries.
At the same time, this stuff is bordering on parody. Very few of us (maybe none of us) need to worry about "the NSA MITM-ing our NPM packages". If you're that paranoid then you shouldn't be using github, NPM, or non-local dependencies. And of course you should be reviewing everything manually.
I didn't mean that this is going to happen. I wanted to give an example of a potential threat. My idea was to show one of many problems with centralization and relying so much in GitHub and GitHub SSL certs.
Maybe we can start signing our commits to increase security giving the potential threat. The same way that after the Snowden revelations we started using more and more HTTPS.
We can also think of better ways of sharing/releasing open source code. Debian has a pretty neat system with keys so it's pretty safe to install software from their repos [1]. Maybe there is a better system to be develop than just grabbing whatever from GitHub[2] and running it in your machine.
They now have access to private projects so can use that to help create exploits to closed source products that are hosted on GitHub or use it to create their own products or patents.
I agree with the concern around too many things depending on Github for real time builds and deployment.
In regards to MITM, that can happen regardless of who maintains the repositories. If an NSL is issued, compliance is mandatory. A gag order is included. AFAIK there are no large organizations that would fall on that sword.
It is on the individual organizations that utilize public resources to do proper certificate and checksum validation, along with code diff reviews to reduce the risk of tainted packages.
Your intention is correct, but your details are not (as are the OPs). Microsoft share's it's SSL certs with the entire planet. Microsoft protects it's private keys and does not share them with the NSA.
The NSA forges Microsoft's SSL keys, they do not need to ask for them.
> And Microsoft is all-in on open source. We have been on a journey with open source, and today we are active in the open source ecosystem, we contribute to open source projects, and some of our most vibrant developer tools and frameworks are open source. When it comes to our commitment to open source, judge us by the actions we have taken in the recent past, our actions today, and in the future.
It’s a fair point but I still cannot read this without thinking of someone saying “yeah I did some things in the past but I’ve totally changed I promise. Look, for the whole past week I’ve been really nice to people haven’t I?”
The MS of today has massive skin in this OSS game. They've been contributing to the Linux kernel for years now [0]. They've got over 4000 repos on GitHub. Many projects are actively developed on GH. As an example, the VS code team solicits contributions on GH [1]. It's hard to say what kind of resources have been invested in .NET core and the open source compilers (Roslyn) and the CLR. Substantial resources.
If you told me 5/10 years ago about these developments I would have never believed you.
I don't think it's fair to reason about a (40+ year old, 100k+ employees, public) company's behaviour as if it has a mind. It doesn't.
The new Microsoft only exist in markets where the old Microsoft have been pushed to the fringes. In the markets where Microsoft still have the ability to set the rules their behavior is even worse then the bad old days when they still believed the windows market could grow(as anyone trying to get a telemetry free copy of windows10 can tell you).
What we are seeing now is Microsoft reacting to being kicked out of several markets by going back to the embrace phase in an attempt to regain some of the ground lost from Balmers failed attempt to secure a foothold for MS in the mobile and web framework markets.
If they had really been about embracing open source and open standards we would have seen them do something useful for Linux like releasing a version of excel for Linux or opening up the protocols outlook and exchange use to talk to each other, but that kind of openness was never on the table.
What i would expect to see with github is that if/when ms decide they want to utilize their investment for profit is a heavy integration with the azure environment in the form of CI hooks designed around azure api's to the point where other CI platforms become 2nd degree citizens in the ecosystem and i would not be surprised if a github account becomes a add on to an office365 subscription rather then a stand alone product.
> If you change the leadership and change employee incentives, it might as well be a different company.
Exactly. Which is why the idea of "trusting" a corporation, or treating them like you would a human being on any level, is ludicrous. They're a plane crash and a stock dip from becoming a totally different entity.
But incentives are still very much in the hand of shareholders who have been rewarding and continue to reward Microsoft's predatory stance on the market (including its continuous abuse of patents against open-source projects like Android and Linux).
It may sound like a harsh statement, but exactly because corporations are not like people, they seem to be harder to change, in my opinion. I'm not saying Microsoft can't change, but it's easy to forget that the main goal of any corporation is profit, specially when it's so big.
I'd argue that the incentives of a company who made their fortune and moat on deliberately incompatible lock-in OS/software are permanently broken, so I agree with you but come to the opposite conclusion.
The thought that Satya Nadella, who joined Microsoft in 1992 and then steadily climbed his way (in extremely fierce competition) to the top would be a better, more moral person than the "old guard" is kind of funny.
He's just younger and less out of touch than Gates (and particularly Balmer). Many people seem to mistake ascribe this aspect of him (more in touch with modern tech) with some higher moral standards etc than e.g. Gates/Ballmer. I don't see why he should be any less fierce/brutal.
(1) Make it easy for alternative OS to run on Surface/Windows-certified devices: Both x86 and ARM.
(2) Support OpenDocumentFormat in their office apps. Still remember how they corrupted the ISO certification process by creating OOXML (which is just a wrapper over binary blobs produced by MS-Office)
He consistent and have a good track record for years.
It feels just like yesterday that Microsoft was spying on windows boxes. In my mind, everyone has a "Days since last accident" counter in their head, and Microsoft's number is quite low.
Sell the majority of their shares to other people and behave very nicely, doing things against their short and medium term interest, for 15 years.
That's about the minimum, given their track record.
In the meanwhile we can give them increasing credit, if they do behave nicely, but it's absurd to believe that they've suddenly become a good company and that they'll stay like this for the next decades. I have a hard time believing that anyone not payed by them could think so.
And by the way, they have yet to reverse the decidedly un-nice things they have done with Windows 10 in the last years. Allow everyone to disable the telemetry and to better control the updates, and then we can start the 15 years count. Oh yeah, and maybe also stop astroturfing, that's another extremely un-nice thing that they clearly started doing only recently.
There would be nothing wrong in discussing with the people, if they paid people to do so while stating in every message that they're being paid by Microsoft it would be perfectly ok, but that's very different from what they're doing now.
These things make it clear that they're still motherfuckers, just less then they used to be.
I'd believe them if they open sourced Windows. They could still keep their web platforms (Office365, Azure, etc.) closed but it would be a huge statement to open up Windows 10.
(Never going to happen, not just for philosophical reasons, but I'm sure legal reasons too)
I think the biggest issue would be the audit. Recall that NT started out as part of OS/2 which is owned by IBM. I suspect that Edge/IE has similar issues, because it was evolved from NCSA Mosaic it probably has legal issues preventing it from being open sourced.
I know for a fact that the ZIP component of the windows shell would be an issue as that is definitely licensed to Microsoft instead of being owned by.
Friendly reminder: this is the same Microsoft that "empowered" skype and once called open source a cancer. Its the same Microsoft that ruined open document standards and started the browser wars.
I wouldnt be surprised to see next years release of "Github Pro Platinum with Minecraft 3D and Windows Store integration"
For those looking to move, https://gitlab.com is an excellent open source alternative that can easily import all your github projects. https://gitea.io is also available and runs on as little as a raspberry pi.
There are some really good arguments as to why we should be worried about Microsoft so can we please stop ruining them by using this complete misquote as a component.
This comment covers it well:
> This is disingenuous. He was referring to the licensing model of certain open-source projects, where the introduction of a single line of code coming from an open source project would require the whole of the Windows stack to be open-source, effectively "contaminating" the rest of the stack. To this day this is still a problem to many companies and legal department must carefully review the licensing of the libraries used by their devs.
This fits pretty well with Microsoft calling Linux a "cancer".
(Note that you also have to carefully review licensing of libraries used with proprietary licenses; that's not a problem caused by open source unlike the quote wants to imply. Proprietary licenses also tend to "contamine" a project and make the entire project non-free, so that is not specific to open source either.)
> In November Munich city council decided to revert to Windows by 2020 with all systems being replaced by Windows 10 counterparts.
> Reasons cited were adoption and users being unhappy with the lack of software available for Linux.
> A report commissioned by Munich and undertaken by Accenture found the most important issues were organizational.
> In 2018, journalistic group Investigate Europe released a video documentary via German public television network ARD, wherein it is claimed that the majority of city workers were satisfied with the operating system, with council members insinuating that the reversal was a personally motivated decision by lord mayor Dieter Reiter.
> Reiter denied that he had initiated the reversal in gratitude for Microsoft moving its German headquarters from Unterschleißheim back to Munich.
May be of further interest to German-speaking folks in Munich: there will be a discussion about LiMux on 11th June with former Munich mayor Christian Ude and others.
I just finished moving all my 20+ repos over from github and deleted all of my github accounts. Feels good actually. I'm glad to see gitlab getting good attention. I bet all of the people behind gitlab are feeling pumped/anxious/excited right now! ^_^
I hope you are right and I hope Gitlab folks are happy. But also note that it just became easier in many big corporations to sell Github to senior management, because you know, "nobody got fired for choosing Microsoft"
Erm, while I agree Skype wasn't the pinnacle of chat software pre-MS acquisition, I believe OP is referring to their absolute butchering of the consumer client[0].
Anecdotally, I stopped using Skype for iOS shortly after it was changed because it went from a solid, reliable internet-calling service to probably the most buggy / laggy interface I could have expected.
You're totally off your rocker. They undeniably obliterated Skype in every possible way. Literally, it is an absolute abortion. Look on ANY community site about Skype, you will see its 95% livid rage to this sorry excuse of an app (including me, I actually used Skype for everything, now I'm forced to use the old version which hopefully isn't deprecated). https://www.reddit.com/r/skype/search?q=new+skype&restrict_s...
Seeing GitHub acquired, I can’t help but imagine that Gitlab would go that route sooner or later. Their free offering is even more extensive than GitHub’s, and I don’t think there’s visibility into whether their revenue from paid plans is enough to offset that.
Since becoming backed by a major player is both a blessing (cash reserves to fuel the free offering!) and a curse (drive to increase shareholder value could go against longer-term community interests), I have mixed feelings about this trend.
Slightly tangentially, Gitlab has nearly caught up with GitHub and is arguably ahead in some ways feature-wise. I’m happy having built my small agency’s workflow around it.
I enjoy being able to drop a dotfile into repository root and have the product tested and deployed by CI to (in my case) AWS S3 or EC2, or get an email report if something prevented that from happening, after subsequent commit. On my roadmap is Terraform integration and having the automation provision all resources, but even in its current state I don’t think I can overstate the difference it makes, especially with a smaller team of engineers.
Some features of Gitlab at the moment are objectively inferior to GitHub’s implementation (simpler protected branch model with no way to mandate signed commits comes to mind), but many others appear stronger (issue tracker & boards, milestones, merge requests, the above-mentioned CI).
Feel free to give me a shout if you’re considering moving your business to Gitlab and I’ll share my experience.
> Seeing GitHub acquired, I’d speculate that Gitlab will go that route sooner or later.
Bingo. It's bizarre to hear people stampeding to GitLab when they're subject to the same financial and revenue pressures as GitHub or any other business. Somebody's paying for those servers and bandwidth and that somebody is expecting a return on their investment.
Whatever happens to Gitlab, you have the option of hosting the open source edition yourself. If they get acquired by Oracle in the morning, a fork could conceivably rise to take its place.
The difference is that Gitlab has publicly stated, from the beginning, that the goal is an IPO:
> Stay independent so we can preserve our values. Since we took external investment we need a liquidity event. To stay independent we want that to be an IPO instead of being acquired.
travis-ci has a pledge to keep their open source free tier always available. I don't know how much they stand by it but theyve said it on twitter and their plans page says "Always free for open source projects"
IMO being open-source isn’t such a minor deal, because it alleviates the worst-case scenario should Gitlab ever get acquired: if theoretical new management removes or changes price tiers, you can spin up your own on short notice. That management could reduce the effort put into maintaining their CE product or take it in an unfavorable direction and cause a fork, but the immediate damage is avoidable.
One possible caveat is performance. While I haven’t had to deal with this personally, some people reported that Gitlab can be a bit slow to run[0]. This doesn’t matter much if you use their hosted solution (if they have cash now, they can solve it by beefing up their hardware), but could result in higher than anticipated costs of running a self-hosted instance.
[0] Speaking of anecdotal evidence easy to find on HN and elsewhere. I’m yet to see any performance benchmarks comparing self-hosted versions of Gitlab and GitHub Enterprise (the latter starting at about $2500 per year) on similar hardware. It could well be that Gitlab is the fastest product for its maturity and feature set.
I still see Microsoft's predictable behavior in 2018. I have a friend who owns a Surface, and I was thinking it would be useful to put Linux on it (it was older ARM hardware). Well you can't, it's a Surface RT and Microsoft not only locks the bootloader but it also only runs Microsoft approved apps. That's their endgame whenever possible. Apparently people didn't like having fully locked down computers and they discontinued the product, shocker.
The Surface RT was discontinued in 2015, and was manufactured in 2012. Is this an six year old anecdote?
Sorry, but these days I feel like there are more anecdotes involving the Surface RT to prove that "Microsoft hates Linux" than there are actual Surface RT devices still in active usage, but yet people still eat this stuff up.
> That's their endgame whenever possible.
Their "endgame" was six years ago and hasn't come back since..?
You still see Microsoft's predictable behavior in 2018 by looking at a discontinued product from 2012-2014? I think that's evidence that there has been a shift, and support for Linux has improved significantly since then.
Of course, if the user's motivation for using Linux is in protest against Microsoft, this won't matter, but for those who work in multiple platforms, Microsoft seems to have the most comprehensive vision of computing: not tied to any particular technology or license but fully integrated and interoperable. This is a good attitude worth supporting, even if you might object to some of their other policies. We're moving toward the era of ubiquitous computing where there's a single ecosystem with multiple technologies powering an integrated whole.
Long time Linux user and it is still my preferred OS, but I never understood the hypocrisy of the MS hate in Linux. Normally it is written on an Apple product running OS X and a VM of Linux for a server.
Over the years Apple's laptops are the number one laptop at Linux conferences. As a whole Apple has been the biggest enemy to open source even though they have had some good open source projects. MS has had several years showing that Linux and Open Source makes business sense just like most of us have been saying for years.
It doesn't have to pretend, it is a full computer that is intentionally crippled by the vendor. Apple doing it to doesn't make it any less despicable. These stupid strategies turn perfectly good computers into landfill.
That's because you don't appreciate hardware design. Its understandable that you might be confused because of the presence of x86 compatible hardware. There is no such thing as "ARM Laptop". All ARM devices choose their own ARM processor implementation integrated with a custom motherboard with an undocumented firmware design. Not to mention custom drivers for all of the I/O. You can't install any OS on any random hardware.
You can install Linux on ARM architectures. It's commonplace that people install it on low end ARM laptops (and yes, those definitely exist in the 2-in-1 market). Also what do you think a Raspberry Pi is?
I have a Surface RT too that I love for couch computing. It didn't cost much and I continue to get a lot of use from it, but the fact is it is not fully supported.
If you're wondering why they bought GitHub, it's here:
> Second, we will accelerate enterprise developers’ use of GitHub, with our direct sales and partner channels and access to Microsoft’s global cloud infrastructure and services.
This is it.
At one time Microsoft used to dominate enterprise software development in certain areas (most of the east coast in the U.S.) to such a degree that it was almost impossible to find a non-.NET developer job.
Their biggest failure was TFS. At one time all .NET shops used it. But then git crept in and the rest is history.
Microsoft is going to sell a lot of enterprise hosting accounts. Look for the on-premises installations to go through the roof, especially.
> it was almost impossible to find a non-.NET developer job.
Mostly agree with the points, but I think it was always just as easy (if not easier) to find an enterprise Java based job than it was a .NET developer job.
> Their biggest failure was TFS. At one time all .NET shops used it. But then git crept in and the rest is history.
TFS certainly used to be a horrible product, and I still hate working with TFVC. But Visual Studio Online, their cloud version of TFS, really is a fantastic product, and even let's you host Git repos. The CI and CD features are extremely powerful too.
This is probably the most important reason. Microsoft is doubling down on cloud, and they are willing to do anything to get ahead in this game. This is the sole reason why stocks are going up for Microsoft.
I don't think they will. They will most likely want to replace Team Foundation Server with GitHub Enterprise. There might not be a special AWS image anymore but a lot of developer teams rely on the on-premises variant of TFS.
I am a GitLab user and have been for about 2 years now. With that being said, I think this acquisition makes a ton of sense strategically. Microsoft has really been trying to change their identity from being a stuffy close-source corporation to an open company that developers can rely on. And they have done pretty well at this. They open sourced .net, run MS SQL on Linux, and have released the WSL (which would have been unfathomable a decade ago). They also moved their VCS over to Git for Windows development.
GitHub, however, has a business issue of not making money. I think with the resources that Microsoft can provide GitHub can continue to build a great product and tap further into Microsoft's enterprise user base to make sales and release more features that customers want/need.
Congrats to everyone at GitHub for this momentous acquisition!
It's a great move for both, and as a developer I like the opportunities this creates for tooling and productivity. Good to see those two dev focused organizations team up!
To your very good post you forgot to add that majority of large corps with lrge projects scramble at the moment to move and delete off of their source codebase from GitHub so that Microsoft programmers dont get access to their repos and secret souce.
I just don't understand this take. How many of those companies run Windows on any of their devices? Either you trust Microsoft or you don't. If you don't trust Microsoft, you have bigger problems than them owning GitHub.
Part of the reason we trusted GitHub with our projects and our code was they were a neutral party simply providing a service.
Sadly, being bought out by microsoft completely removes their neutrality. Whether they will abuse the trust of having complete and total access to every private repo and all of the code inside or not remains to be seen. But I certainly don’t view GitHub as neutral site anymore. Sadly, from a business perspective, GitHub just isn’t rational when they’re owned by Microsoft. Even less so when we’ve seen how blatantly evil they have been in the past. For us, at least at this point, it will be better to bite the bullet now and move sooner rather than gamble. As someone else here said, even good community oriented companies are only a rough quarter away from shady business practices.
I truly hope they don’t kill off GitHub, it’s been a truly amazing space and I really hope it works out for the devs who work there — the ones I know are amazing people and true believers, I really do hope this works out well for them, they deserve it. Now off to start the long arduous process of migrating everything to GitLab :/
Why will they kill of Github? They just shut down their own repository website (Codeplex) and moved all their code to github. That's perhaps the most misplaced fear I've read here.
Plus, from what I've read, MS was perhaps the best possible buyer of GH - and no, a federated distributed model was definitely not a possibility given the huge sums of investor money involved.
They don't need to literally kill, they can just make many useful features internal to Microsoft developers, or make some features that are free now subscription-only.
Readit News
Microsoft was part of the PRISM program. If Microsoft shares SSL certs with NSA they could do MITM attacks. What if in some very specific cases you download dependencies from GitHub and they give you a different version with malicious code?
It's the NSA. They could be smart enough to only deploy those attacks on production servers were nobody is going to manually review npm packages.
If only we lived in a world where this was practical.
I don't think it's unreasonable to be concerned about privacy this way, or to take issue with the possibility that this acquisition could make it easier for one to be spied on or surveilled. However, we should also cautious that our tin foil hats do not grow too heavy.
True, but I suppose it matters how easy/difficult it is for them to do that.
Dead Comment
I understand that people don't trust the NSA/US government. And they shouldn't: the US government will always put its interests above yours and mine, and above those of allied countries.
At the same time, this stuff is bordering on parody. Very few of us (maybe none of us) need to worry about "the NSA MITM-ing our NPM packages". If you're that paranoid then you shouldn't be using github, NPM, or non-local dependencies. And of course you should be reviewing everything manually.
Maybe we can start signing our commits to increase security giving the potential threat. The same way that after the Snowden revelations we started using more and more HTTPS.
We can also think of better ways of sharing/releasing open source code. Debian has a pretty neat system with keys so it's pretty safe to install software from their repos [1]. Maybe there is a better system to be develop than just grabbing whatever from GitHub[2] and running it in your machine.
[1] https://en.wikipedia.org/wiki/Debian#Development_procedures
[2] https://github.com/mklement0/n-install/blob/master/bin/n-ins...
In regards to MITM, that can happen regardless of who maintains the repositories. If an NSL is issued, compliance is mandatory. A gag order is included. AFAIK there are no large organizations that would fall on that sword.
It is on the individual organizations that utilize public resources to do proper certificate and checksum validation, along with code diff reviews to reduce the risk of tainted packages.
There is zero reason to believe they do.
The NSA forges Microsoft's SSL keys, they do not need to ask for them.
https://en.wikipedia.org/wiki/Flame_(malware)
Even with the mitigations provided by moving away from MD5, simple integration with a CA would be much more strategically beneficial.
Deleted Comment
It’s a fair point but I still cannot read this without thinking of someone saying “yeah I did some things in the past but I’ve totally changed I promise. Look, for the whole past week I’ve been really nice to people haven’t I?”
If you told me 5/10 years ago about these developments I would have never believed you.
I don't think it's fair to reason about a (40+ year old, 100k+ employees, public) company's behaviour as if it has a mind. It doesn't.
[0] https://www.zdnet.com/article/top-five-linux-contributor-mic...
[1] https://github.com/Microsoft/vscode/blob/master/CONTRIBUTING...
What we are seeing now is Microsoft reacting to being kicked out of several markets by going back to the embrace phase in an attempt to regain some of the ground lost from Balmers failed attempt to secure a foothold for MS in the mobile and web framework markets.
If they had really been about embracing open source and open standards we would have seen them do something useful for Linux like releasing a version of excel for Linux or opening up the protocols outlook and exchange use to talk to each other, but that kind of openness was never on the table.
What i would expect to see with github is that if/when ms decide they want to utilize their investment for profit is a heavy integration with the azure environment in the form of CI hooks designed around azure api's to the point where other CI platforms become 2nd degree citizens in the ecosystem and i would not be surprised if a github account becomes a add on to an office365 subscription rather then a stand alone product.
If you change the leadership and change employee incentives, it might as well be a different company.
Sure there's cultural inertia... but incentives trump culture every time.
Exactly. Which is why the idea of "trusting" a corporation, or treating them like you would a human being on any level, is ludicrous. They're a plane crash and a stock dip from becoming a totally different entity.
So yeah, they are "all in on Open source", right.
He's just younger and less out of touch than Gates (and particularly Balmer). Many people seem to mistake ascribe this aspect of him (more in touch with modern tech) with some higher moral standards etc than e.g. Gates/Ballmer. I don't see why he should be any less fierce/brutal.
(2) Support OpenDocumentFormat in their office apps. Still remember how they corrupted the ISO certification process by creating OOXML (which is just a wrapper over binary blobs produced by MS-Office)
(3) Stop suing Android OEM's for patent licenses
It feels just like yesterday that Microsoft was spying on windows boxes. In my mind, everyone has a "Days since last accident" counter in their head, and Microsoft's number is quite low.
That's about the minimum, given their track record.
In the meanwhile we can give them increasing credit, if they do behave nicely, but it's absurd to believe that they've suddenly become a good company and that they'll stay like this for the next decades. I have a hard time believing that anyone not payed by them could think so.
And by the way, they have yet to reverse the decidedly un-nice things they have done with Windows 10 in the last years. Allow everyone to disable the telemetry and to better control the updates, and then we can start the 15 years count. Oh yeah, and maybe also stop astroturfing, that's another extremely un-nice thing that they clearly started doing only recently.
There would be nothing wrong in discussing with the people, if they paid people to do so while stating in every message that they're being paid by Microsoft it would be perfectly ok, but that's very different from what they're doing now.
These things make it clear that they're still motherfuckers, just less then they used to be.
* Drop MSVC for Clang or GCC
* Drop Edge for Firefox or Chromium
because they love open-source, right?
* Drop OOXML and make ODF the default format
* Drop the patents
* Drop the telemetry
* Drop Xbox
* Drop DirectX
* Drop the cloud garbage
* Drop or open MSVC
* Drop or open Edge
* Actually open .NET
Everything said after that is just some cheap PR trick for chumps.
Quickly after they get back into an advantage position again they will abuse it same as before and you will live in an age of digital slavery.
(Never going to happen, not just for philosophical reasons, but I'm sure legal reasons too)
I know for a fact that the ZIP component of the windows shell would be an issue as that is definitely licensed to Microsoft instead of being owned by.
I wouldnt be surprised to see next years release of "Github Pro Platinum with Minecraft 3D and Windows Store integration"
For those looking to move, https://gitlab.com is an excellent open source alternative that can easily import all your github projects. https://gitea.io is also available and runs on as little as a raspberry pi.
There are some really good arguments as to why we should be worried about Microsoft so can we please stop ruining them by using this complete misquote as a component.
This comment covers it well:
> This is disingenuous. He was referring to the licensing model of certain open-source projects, where the introduction of a single line of code coming from an open source project would require the whole of the Windows stack to be open-source, effectively "contaminating" the rest of the stack. To this day this is still a problem to many companies and legal department must carefully review the licensing of the libraries used by their devs.
https://news.ycombinator.com/item?id=17225806
> [...] Linux is a cancer that attaches itself in an intellectual property sense to everything it touches. That's the way that the license works.
https://web.archive.org/web/20011108013601/http://www.suntim...
This fits pretty well with Microsoft calling Linux a "cancer".
(Note that you also have to carefully review licensing of libraries used with proprietary licenses; that's not a problem caused by open source unlike the quote wants to imply. Proprietary licenses also tend to "contamine" a project and make the entire project non-free, so that is not specific to open source either.)
[0]: https://en.wikipedia.org/wiki/LiMux
> Reasons cited were adoption and users being unhappy with the lack of software available for Linux.
> A report commissioned by Munich and undertaken by Accenture found the most important issues were organizational.
> In 2018, journalistic group Investigate Europe released a video documentary via German public television network ARD, wherein it is claimed that the majority of city workers were satisfied with the operating system, with council members insinuating that the reversal was a personally motivated decision by lord mayor Dieter Reiter.
> Reiter denied that he had initiated the reversal in gratitude for Microsoft moving its German headquarters from Unterschleißheim back to Munich.
It's not as clear-cut as you're painting it.
It doesn't seem as if MSFT has entirely changed.
https://www.gruene-muenchen.de/terminliste/termin/freie-fahr...
No, it isn't. It's like saying that Ford is the same company that finds more profitable to let customers burn than to fix a flaw[1].
[1]: https://en.wikibooks.org/wiki/Professionalism/The_Ford_Pinto...
GitHub?
Deleted Comment
Started the browser wars? Too bad the browser wars have been too small, because we obviously haven't learned anything from them.
Anecdotally, I stopped using Skype for iOS shortly after it was changed because it went from a solid, reliable internet-calling service to probably the most buggy / laggy interface I could have expected.
[0] - https://www.zdnet.com/article/microsoft-updates-skype-after-...
You have a weird memory. Skype was a very nice thing back in ~2009-2010.
Since becoming backed by a major player is both a blessing (cash reserves to fuel the free offering!) and a curse (drive to increase shareholder value could go against longer-term community interests), I have mixed feelings about this trend.
Slightly tangentially, Gitlab has nearly caught up with GitHub and is arguably ahead in some ways feature-wise. I’m happy having built my small agency’s workflow around it.
I enjoy being able to drop a dotfile into repository root and have the product tested and deployed by CI to (in my case) AWS S3 or EC2, or get an email report if something prevented that from happening, after subsequent commit. On my roadmap is Terraform integration and having the automation provision all resources, but even in its current state I don’t think I can overstate the difference it makes, especially with a smaller team of engineers.
Some features of Gitlab at the moment are objectively inferior to GitHub’s implementation (simpler protected branch model with no way to mandate signed commits comes to mind), but many others appear stronger (issue tracker & boards, milestones, merge requests, the above-mentioned CI).
Feel free to give me a shout if you’re considering moving your business to Gitlab and I’ll share my experience.
Bingo. It's bizarre to hear people stampeding to GitLab when they're subject to the same financial and revenue pressures as GitHub or any other business. Somebody's paying for those servers and bandwidth and that somebody is expecting a return on their investment.
> Stay independent so we can preserve our values. Since we took external investment we need a liquidity event. To stay independent we want that to be an IPO instead of being acquired.
https://about.gitlab.com/strategy/
One possible caveat is performance. While I haven’t had to deal with this personally, some people reported that Gitlab can be a bit slow to run[0]. This doesn’t matter much if you use their hosted solution (if they have cash now, they can solve it by beefing up their hardware), but could result in higher than anticipated costs of running a self-hosted instance.
[0] Speaking of anecdotal evidence easy to find on HN and elsewhere. I’m yet to see any performance benchmarks comparing self-hosted versions of Gitlab and GitHub Enterprise (the latter starting at about $2500 per year) on similar hardware. It could well be that Gitlab is the fastest product for its maturity and feature set.
https://about.gitlab.com/2016/07/20/gitlab-is-open-core-gith...
I'd love to hear your input on this.
Sorry, but these days I feel like there are more anecdotes involving the Surface RT to prove that "Microsoft hates Linux" than there are actual Surface RT devices still in active usage, but yet people still eat this stuff up.
> That's their endgame whenever possible.
Their "endgame" was six years ago and hasn't come back since..?
The current year is 2018, right? Or did I miss something :)
Something about how Microsoft is changed and how unfair it was people were continuing to judge it by it's actions in the past.
What an endlessly forgiving position you have adopted.
Of course, if the user's motivation for using Linux is in protest against Microsoft, this won't matter, but for those who work in multiple platforms, Microsoft seems to have the most comprehensive vision of computing: not tied to any particular technology or license but fully integrated and interoperable. This is a good attitude worth supporting, even if you might object to some of their other policies. We're moving toward the era of ubiquitous computing where there's a single ecosystem with multiple technologies powering an integrated whole.
Over the years Apple's laptops are the number one laptop at Linux conferences. As a whole Apple has been the biggest enemy to open source even though they have had some good open source projects. MS has had several years showing that Linux and Open Source makes business sense just like most of us have been saying for years.
They do, it just can't pretend to be a full on computer, see the iPad.
[1]: https://en.wikipedia.org/wiki/Windows_RT#Demise
> Second, we will accelerate enterprise developers’ use of GitHub, with our direct sales and partner channels and access to Microsoft’s global cloud infrastructure and services.
This is it.
At one time Microsoft used to dominate enterprise software development in certain areas (most of the east coast in the U.S.) to such a degree that it was almost impossible to find a non-.NET developer job.
Their biggest failure was TFS. At one time all .NET shops used it. But then git crept in and the rest is history.
Microsoft is going to sell a lot of enterprise hosting accounts. Look for the on-premises installations to go through the roof, especially.
Mostly agree with the points, but I think it was always just as easy (if not easier) to find an enterprise Java based job than it was a .NET developer job.
TFS certainly used to be a horrible product, and I still hate working with TFVC. But Visual Studio Online, their cloud version of TFS, really is a fantastic product, and even let's you host Git repos. The CI and CD features are extremely powerful too.
GitHub, however, has a business issue of not making money. I think with the resources that Microsoft can provide GitHub can continue to build a great product and tap further into Microsoft's enterprise user base to make sales and release more features that customers want/need.
Congrats to everyone at GitHub for this momentous acquisition!
Rumor has it that Satya is furious he still gets so many LinkedIn emails, but is keeping hands off.
So long github.
Dead Comment
Sadly, being bought out by microsoft completely removes their neutrality. Whether they will abuse the trust of having complete and total access to every private repo and all of the code inside or not remains to be seen. But I certainly don’t view GitHub as neutral site anymore. Sadly, from a business perspective, GitHub just isn’t rational when they’re owned by Microsoft. Even less so when we’ve seen how blatantly evil they have been in the past. For us, at least at this point, it will be better to bite the bullet now and move sooner rather than gamble. As someone else here said, even good community oriented companies are only a rough quarter away from shady business practices.
I truly hope they don’t kill off GitHub, it’s been a truly amazing space and I really hope it works out for the devs who work there — the ones I know are amazing people and true believers, I really do hope this works out well for them, they deserve it. Now off to start the long arduous process of migrating everything to GitLab :/
Plus, from what I've read, MS was perhaps the best possible buyer of GH - and no, a federated distributed model was definitely not a possibility given the huge sums of investor money involved.