One of those mails came from a set-top box manufacturer, stating that thousands of customers were unable to watch TV because their boxes crashed when Telize didn’t return any data, and demanding that I return an empty JSON object for a two weeks period.
I eventually changed my pf rules from “reset” to “drop” because of this. Dickheads would poll my site every 30 seconds, but if the connection was rejected, they’d poll it five times per second. Fortunately, TCP is below the level of most application code, so dropping the syn meant they got stuck waiting for the full retransmit timeout.
That’s because people don’t value what they don’t pay for (or pay too little). patio11 and Ramit mentioned it many times. IIRC, patio11 received more customer service requests from the lowest plan (I think it was around $9) than from all the other plans taken together.
I’ve also seen that pattern, but I think it’s more due to sophistication of the customers than to subjective value perceptions created by the pricing. Lower-tier customers are a lot more likely to be hobbyists or understaffed small businesses, while customers paying you enterprise-tier prices are much more likely to have proper IT staff assigned to take care of things.
I read this less how I think the author meant it and more as “When you run free, unrestricted things on the internet, they become public infrastructure.”
(which is entirely why I have run an open bittorrent tracker for like 7 or 8 years.)
Fairly unfortunate that they made it Github’s problem, but it sounds like it ended well.
I believe github fronts their sites with cloudflare. So, cloudflare’s problem, at github’s cost.
edit I think I may be wrong, as I only find references to using cloudflare’s universal SSL with github pages.
I’m generally annoyed by this attitude, prevalent in the open source community. I still don’t have the whole thing in focus, but it overlaps a little with the Don’t call yourself an engineer. I understand completely that free does not imply that you have any commitment, but the simple fact is when you make stuff, people use it and the how/who/why of that usage and the responsibility involved in that is part of the craft of building it in the first place.
When you attempt to separate out the building of the software and the moral obligation that goes with building something people will use (aka ‘engineering’) Bad Things happen.
The natural conclusion of my point of view would be if you really do not give a single fuck about the people who will use something you build, you need to go out of your way to ensure that people do not use it at all - do not release it, do not publicize it, do not make it available to download anywhere.
The author makes clear that it wasn’t even intended to be a production service, just a demonstration for people who wanted to see what it did before setting up their own. They also mentioned that they were willing to keep it going, at their own expense, until they discovered malware was making use of it.
I don’t feel like this particular case really touches on the obligation issue you bring up. I’d like to talk through how I feel about that, but it’s harder without a scenario at hand that’s actually relevant, so I’ll refrain until the next thing like this.
Thanks for response, how do you feel about software engineers vs. e.g. civil engineers who build bridges, related to the ‘Don’t call yourself an engineer’ piece?
If I’m a civil engineer and I build a bridge over the stream in my backyard, and then one day I decide I don’t like my bridge anymore because too many people are cutting through my yard, I think I have the right to take my bridge down.
I gave a couple of responses on the Lobste.rs thread about that piece. An interesting thing that came up on that thread was that several people chimed up to say they in fact don’t regard themselves as engineers, and a few including me said the opposite. It definitely depends, as well, on the employer and how seriously they take engineering values - such as reliability.
The way I think about it is this.
Let’s say that, out of the goodness of my heart and a desire to practice my craft, I bake four pies every day. I put these pies outside, along with the variant of the recipe used to make them.
When some shyster comes along and sets up a booth to sell those pies to other people, I’ll merrily ignore them and keep baking pies. Once I’m bored with the process though, I’ll stop–but what I sure as hell won’t do is listen to their complaints of how I’m ruining their business model.
The difference between this and engineering is thus: I’m doing it out of the goodness of my heart and out of convenience. I am not being paid nor respected to help The Public. If anything, I’m just putting out goods to help the public.
If I had signed a contract to provide free-range pies for The Public to do with as it pleases, sure, I’m in default…but the mere act of being generous does not and ought not attach a moral obligation to me.
This is a terrible and shortsighted view. There’s a difference between maliciously wanting to hurt others by tricking them into dependence, and simple indifference as to how something will be used. It’s a far better state of affairs where progress is shared, whatever the reason, than having people horde and discard knowledge when it doesn’t have a clear beneficiary.
@angersock @irene Think the gist of my point is not addressed and I think it merits conversation: the point is that if I bake pies and put them on the street, then no matter my intention or even stated desire (i.e. a sign next to the pies), people will eat them, and the act of putting the pies on the street loads me with the responsibility of making sure they are safe for people to eat. The same can be said of the recipe. Both can and would cause people to come to real harm.
If I go and put a pie on the street right now then someone will probably eat it (I live in a poor area). If I someone came to harm because of eating that pie, it would be unreasonable to say it wasn’t my obligation to make it safe for consumption OR to not put it on the street, knowing it wasn’t safe.
Progress can be shared by sharing the correct part of the pie making process with the correct audience, thus maintaining your moral obligation as someone releasing something to the public that the public will come to no harm, according to reasonable measures. So, if I develop a pie making machine that can chop your hand off, I need to give this to other people who know how to work pie making machines, not everyone who wants to eat a pie or wants to eat anything at all. I can do this easily by releasing my work such that it only makes sense if you know how to build pie making machines.
Nobody has proposed silently changing the service to provide deliberately faulty, poisoned data. They are only shutting it down.
As pointed out in my edit–I find the gist of your point abhorrent.
If we give something away with an expectation of it being helpful (and not harmful), we should not somehow find ourselves in a state of affairs where we are more responsible and burdened than had we remained selfish.
The hypothetical about pies is honestly pretty contrived. Although I am happy to discuss hypotheticals at great length as long as nobody is taking them seriously, it seems like this is being advanced seriously, and honestly that’s just a difficult way to explore anything real.
I do think there are a wealth of moral dilemmas that have actually come up in open source, and my suggestion is to do a little research and post old but interesting stories about that, as their own threads. I can’t really think of any offhand that are really precisely this pie-sharing thing, and that’s why I’m reluctant to discuss it: I can’t see how a conclusion would apply to reality.