#15 – Morten Rand-Hendriksen on Governing Open Source Projects

On the podcast today we have Morten Rand-Hendriksen.

Morten has a long history of working with WordPress, but that’s not the main focus of the podcast today. Today we talk about the way that open source as a whole is governed and managed, and his thoughts on the changes he thinks are needed.

When open source software came into the world, the landscape was very different. Back then, there was no real clarity about whether the proprietary or open source software model would dominate. There was no indication that the internet would become such a crucial part of how we communicate, interact and shop.

People gave their time because they enjoyed what they were doing and had high hopes about the world that they could build with their software.

Fast forward to today and many open source projects are critical to the functioning of the internet. A small collection of people, sometimes an individual, might be in charge of a component which, were it to fail, would bring the web to a halt.

Recent episodes have shown us that given this reliance on the contributions of open source community members, it’s important that we can turn to them for patches and updates when they’re needed. But that might not be the case. The contributors might be busy with other projects, or otherwise unable to fix problems that arise.

Morten thinks that there’s a need to revisit the governance model for open source given that we now live in a world where important parts of the internet rely on the work of such volunteers. He wants there to be systems by which contributors are remunerated for their contributions.

He also wants to shine a light on who is able to contribute to open source projects, and so we discuss his thoughts on who in reality has the time, interest and resources to contribute. His opinion is that open source might not be as open to everyone as it would seem.

It’s a fascinating conversation and will no doubt stir up some discussion.

Open Source Considered Harmful

A Fatal Flaw in the Bazaar’s Foundations

Transcript

[00:00:00] Nathan Wrigley: Welcome to the Jukebox podcast from WP Tavern. My name is Nathan Wrigley. Jukebox is a podcast which is dedicated to all things WordPress. The people, the events, the plugins, the blocks, the themes, and in this case, the nature of open source. Before we begin, I would encourage you to subscribe to the podcast so you can get all the episodes automatically each and every week. You can do that by searching for WP Tavern in the podcast player of your choice. Or by going to WP Tavern dot com forward slash feed forward slash podcast. And you can copy and paste that URL into most podcast players.

I’d really like to hear from anyone out there who would like to come onto the podcast and talk about whatever it is that you do with WordPress. It might be that you’re a designer, a WordCamp organizer, contributor, honestly if it’s about WordPress I would love to hear from you. And hopefully get you onto the show. To do that. I head over to WP Tavern dot com forward slash contact forward slash jutebox, and use the contact form there.

So on the podcast today, we have Morten Rand-Hendriksen. Morton has a long history of working with WordPress, but that’s not the main focus of the podcast today. Today, we talk about the way that open source, as a whole, is governed and managed, and his thoughts on the changes that he thinks are needed.

When open source software came into the world, the landscape was very different. Back then there was no real clarity about whether the proprietary or open source software model would dominate. There was no indication that the internet would become such a crucial part of how we communicate, interact and shop.

People gave their time because they enjoyed what they were doing and had high hopes about the world that they could build with their software. Fast forward to today, and many open source projects are critical to the functioning of the internet.

A small collection of people, sometimes an individual, might be in charge of a component which, were it to fail, would bring the internet to a halt. Recent episodes have shown us that given this reliance on the contributions of open source community members, it’s important that we can turn to them for patches and updates when they’re needed. But that might not be the case. The contributors might be busy with other projects, or otherwise unable to fix problems which arise.

Morton thinks that there’s a need to revisit the governance model for open source, given that we now live in a world where important parts of the internet rely on the work of such volunteers. He wants there to be a system by which contributors are remunerated for their contributions. He also wants to shine a light on who is able to contribute to open source projects.

And so we discuss his thoughts on who, in reality, has the time, interest and resources to contribute. His opinion is that open source might not be as open to everyone as it would seem. It’s a fascinating conversation and will no doubt stir up some discussion.

If you’re interested in finding out more, you can find all the links in the show notes over at wp tavern dot com forward slash podcast, and look for episode 15. And so, without further delay, I bring you Morten Rand-Hendrickson. I am joined on the podcast today by Morten Rand-Hendriksen. Hello Morten.

[00:03:57] Morten Rand-Hendriksen: Hello.

[00:03:59] Nathan Wrigley: We are today going to have a fairly interesting in-depth conversation, despite the fact that we are on the WP Tavern Jukebox podcast, today, we are probably going to stay well away from WordPress itself because we’re going to have a conversation about the open source model in general, obviously that could imply WordPress, but equally it could imply lots and lots of other things out on the internet because Morten has recently produced a couple of pieces.

I’m going to link to them in the show notes. It may well be useful to go and read them to provide context for this episode. The first one is at Morten’s website. It’s mor10. So. that’s Mor and then the digits one zero dot com. That’s a brilliant URL by the way.

[00:04:42] Morten Rand-Hendriksen: I wish I came up with it.

[00:04:45] Nathan Wrigley: It’s really good. Open source considered harmful is the title of the first one, and then there’s a sort of followup piece, a fatal flaw in the bazaar’s foundation. So it might be worth going to provide some context there. Do you want to just drop in what it was that you were vaguely trying to sum up, and then I will steer the conversation a little bit later. You’ve got some issues the way that certain things are handled on the internet, particularly open source software and the way that they’re managed, and so on. just sum up what your concerns are.

[00:05:15] Morten Rand-Hendriksen: Yeah, I can explain the two articles in hopefully a short amount of time. So the first one, this one that’s called open source is considered harmful. There’s this trope in tech writing, the considered harmful trope, that you say at something you don’t like is considered harmful. In this case, it’s actually open source is literally considered harmful by people.

It was in relation to these major security issues that occurred right before Christmas. Log4j that was anything that runs any kind of Apache server had this major security flaw in it.

And when the security flaw was discovered, it was also discovered that because it’s an open source project and there is no, there are maintainers, but the maintainers are volunteers who’ve worked for other corporations. There’s no immediate path for the people who discover these flaws to go and say, hey, get this fixed right now, this is mission critical. In the case of Log4j it exposed government state operatives, government institutions, hospitals, very critical infrastructure, as well as companies all over the world. And it exposed this underlying issue with open source, which is that. If something goes wrong, you rely on the open source community to fix it. And that’s fine, except if something goes wrong and you can’t talk about it and you need to be able to go to a person and say, you go fix it right now, or a company or an organization to go, you go fix it right now before we tell anyone. It’s not that easy.

So in response to that, the Biden administration or the White House as the president is referred to reached out to the community to call them in and say, come have a meeting with us and let’s figure out how to deal with this moving forward so that we can patch all the security holes in open source software.

They reached out to industry executives in large companies. And those companies are companies that are invested in open source, and asked them what to do. And you wonder when you hear that, they published a list of people who were invited to the meeting, and yes, the Apache foundation was invited, but there was also a glaring lack of other open source projects that have similar problems. And you wonder, why is it that when the White House goes out and says, we’re going to talk to the open source leaders, they don’t talk to the open source leaders. And the simple answer is no one speaks for open source. Because open source as a whole, doesn’t have a special interest organization. Doesn’t have any policies, doesn’t have any representation anywhere, and there is no place you can go and say, hey, I want to speak to open source. Or even something smaller. Hey, I want to speak to web based open source. Because the open source community as a whole has no governance structure, has no meaningful way of appointing someone to do so. Even if there was a person appointed to speak on behalf of open source, there is no policy or any kind of framework to speak from.

So you wouldn’t be speaking on behalf of open source who would be speaking either on behalf of yourself, or you’d be speaking on behalf of your employer. Or the interests of your particular project as you’ve defined them. Because again, these projects don’t have any policies. And that was even acknowledged in this meeting, both in the invite to the meeting, and afterwards, that one of the big problems with open source, as seen from like a leadership perspective, a corporate perspective, a government perspective, is there’s no policies in place because there’s no one held responsible for anything. Because there’s no cohesive leadership, there also no accountability within the system. And that is untenable when the software in play is mission-critical to, let’s say a country, the operation of a country. So when I say open source considered harmful, I mean, people are starting to look at open source and saying, this is actually dangerous because when something goes wrong, we have no guarantees that it can be fixed. And we have no clear path to go to someone and say, even though you think this is okay, it’s actually not okay. And here are the reasons why you need to patch it or patch it in a specific way. And when you hear me talk about this, you’ll also notice that a lot of these things I’m saying, they sound like the opposite of what we want in open source. Like this idea that a government can come to you and say, you need to fix this in a certain way, sounds like something that open source would be against. And it is something that a lot of open source people would be against. However, open source operates in the real world and in the real world, sometimes that is a necessary thing.

And in those circumstances, if the open source community itself can’t deal with it, the government or whatever entity needs to get something fixed will go through a corporate interest that is embedded enough of an open source community and has enough power in that community to just strong hand their way in and get it fixed in a way that works for them, which runs against the nature of open source again.

So it just begs the question, if we won the war, which we did against proprietary software, shouldn’t we now have to hold ourselves to the same standard that we hold proprietary software to? You can’t play this game of, ah, we’re just playing around if you control the internet. And that’s what’s happening right now.

So that was like the first article. The second article is just about how, the reason for this is that of open source, the GNU manifesto, or the GNU manifesto or whatever you want to call it, and The Cathedral and the Bazaar, are both these utopian fever dreams of how the world would be if we had open source and open source won the battle.

what we know for a fact now is that those fever dreams did not come to pass. In many ways, what we ended up with is completely opposite of what they envisioned yet. Our ideology as open source people, still rests on these fever dreams and that just doesn’t fly anymore.

[00:10:52] Nathan Wrigley: So we’ve broadly outlined the articles and therefore we’ve outlined hopefully the course of the discussion over the next few minutes. I’m interested though to hear more about you personally, just for a couple of minutes, interested to let the audience know it is that you’re interested in this. Your history. How it is that you’ve this that, it’s obviously very important to you. Why are you concerned about these things? What in your background has led you to put this at critical importance?

[00:11:19] Morten Rand-Hendriksen: I’ve been an open source contributor for 15, 16 years. I fell into open source, like most people did in the beginning of the modern web, which was, I was building solutions, web solutions for people, for companies, for clients. And I needed to find functional solutions for them, where they could do what they needed to do without either tying themselves to onerous licensing agreements with companies, or use applications that put them at risk of breaking things.

And what I discovered was the open source community was building tools for users. Whereas big corporations were building tools primarily for developers. Or they were building tools primarily to lock users into specific platforms. And it’s something that appeals to me. I’m a socialist. I think this idea of people having self determination and self control of their assets and that there’s fairness in the system., that power is distributed. I believe in all those things. And it looked to me like open source was embracing those ideals. And open source is embracing those ideals to a degree, which we’ll, I’m sure we’ll talk about later. So I started using open source software. Quickly realized that if you use open source software and you can contribute to open source software, you really should contribute to open source software.

I started contributing, with code fixes and templates, and just things to support the community and answering questions. Being a productive community member, right. And helping other people onboard into it.

After awhile, I realized there were challenges within the community that needed to be dealt with. And I tried to help with that. In some cases, those challenges were on a structural basis in terms of how do you manage a project? How do you manage volunteers and direct volunteers towards specific things to get done? How do you solve a very difficult problem, which is there’s this shiny new thing that people want to work on, but then there’s this maintenance thing that was just really boring, that’s very important that gets fixed, when no one is in control over who does what. And when I started looking at that, I quickly realized that there’s this glaring problem in open source thinking, which is that, if there’s a problem someone will always find it interesting enough to fix. That turned out to not be the case, that you would see. There might be like one or two people that were interested in fixing a big problem, but for the most case, the big problems were just shoved to the side and then new things were invented. And then eventually those problems became legacy features. And it started really bothering me. Because what I would see is, occasionally open source projects would either omit something, or do something in an incorrect way based on a standard, like they would implement a standard incorrectly. Or they would make an omission in the application, that would then years later, either influence how people outside the open source community were using it, or implement things, or even make a standard that was incorrect, or alter the standard. Or they would introduce a problem that would later become a problem for some users. Let’s say an accessibility, a lack of accessibility features would bubble to the surface later as the software became more popular.

And we’re not going to talk specifically about WordPress here, but, you could look at WordPress as an example of an open source project, and you could say for example, the async and defer feature in JavaScript has been around for, nine years, ten years, eleven years, something like that in browsers. WordPress still has no support for it. And when you look at the ticket for it, the first ticket was filed eight or nine or ten years ago, and it’s still under debate.

And the debate around the ticket is still around this, how is this going to be used? And it’s very weird, the web as a whole has implemented this as a standard. So there’s no question about how to use it. You’re talking about implementation internally in the application. That is a problem to be solved separately from whether or not you included in the application as a whole, but because it’s not being included, the developers who build a WordPress application can’t use these web standard features that have been around for almost a decade because the application itself isn’t able to make a decision around this issue, and separate adding a feature or supporting a feature from how would that feature be used internally in the application itself.

And that’s harmful to the web, because when WordPress takes 40% of the web or 45% or whatever it is now, and 45% of the web is not implementing a web standards feature in a proper way, it means that the majority of the sites on the web are not using this feature.

And you can see this in other open source projects too, that you get these sticking points, where lack of decision-making power leads to things not being done properly. And then eventually it becomes a standard within the community to do things the old way, or an incorrect way. And then that standard starts leaching out into the wider community, and disturbs how the web evolves, and stands in the way of certain things taking place, and prevents the platform from moving forward.

And then, you get this very interesting situation where a corporation with a vested interest in moving the web in a specific direction, say for example, Google sees, hey, we can inject developers into this project, and then get them to implement certain features in a certain way. And then we can help move the web forward in the direction we prefer via the software.

And that happened with responsive images. So when responsive images was first implemented on the web, there were actually two separate standards. You had the RICG standard, which is what we have now, and then you had like a slightly different version of it that approached responsive images in a slightly different way.

And then some people who are very pro one side, started to embed themselves in various open source projects to get the open source projects to implement responsive images in that way. And one of those projects was WordPress, and then suddenly, all of WordPress sites were shipping responsive images in a specific implementation. And then that just became the standard.

And Google has done the same thing. They’ve said there are certain features that we want on the web, the best way to move that forward is to implement them into CMS’s. Because CMS’s then automatically distribute this feature in a specific way across all of their implementations. And that just bumps up the frequency of use. And unless the people in the project are super conscious of what the politics are around those features, and understand what is going on, like, understand whether this feature implementation that’s being proposed by corporation is actually what is going to be proposed by the standards body, or if this is the corporation’s interpretation of it. There’s a lot of politics involved in this. Without acute awareness of this, to the point of almost being in the room, it’s very hard for a project to make those decisions. And in reality, what happens more often, is that the corporation will come in and say, hey, we have a solution for you to a problem. And then they will implement it and be like, oh yeah, by the way, that also included this thing that we had just decided that we were going to, like, the direction we were going to steer the web in.

So looking at this, it became very clear to me that there are some very serious problems in terms of how open source projects are governed. And also how open source projects see themselves when it comes to their role on the wider web. Which is, if you win the war of of what type of software runs on the web, which open source did in that said open source is better than proprietary software, we should have open standards. of which are great things. But if you do that you take over control effectively of how the web operates, then you also have to take the responsibility that comes along with that. And that means about your decision-making, not just in terms of how it impacts your particular application, or how it impacts your particular users, but how it impacts the web as a whole.

also take on the responsibility of speaking on behalf of the web and establishing standards for what we want the web to look like, how we want it to function, or even something as basic as saying, what are the necessary conditions for this way of thinking to persist, in relation to regulations and policies and international politics. None of which is being done because open source developers, by and large, still consider themselves just volunteers who are playing around with software that they have value from. So there’s a disconnect there, and that’s how I got involved in this whole nebulous problem of open source governance as a whole.

[00:19:46] Nathan Wrigley: Let’s rewind, because I think maybe there’s people who are listening to this podcast who don’t have any They’ve not bothered to look into how the open source movement began. And were at pains in your piece to spell that out, or at least in part. You wanted to illustrate how dream of being able to contribute, having software which was freely available, free to modify, and so on. The underpinnings of what is now open source, which as you say, has taken on the role of the dominant software on the internet. But, I think it’s important to go back and without judging, because when it was happening, obviously there were different constraints and different thoughts.

And perhaps there was no intention that the web would be sitting in everybody’s back pocket and everybody would be consuming it twenty-four seven. And, at the time it was just something which would sit on a handful of computers and there was no thought. So we’re not, trying to rewrite history. We’re just trying to look back and see what happened. Do you want to just describe those underpinnings of how open source began back in the, I’m going to say eighties?

[00:20:47] Morten Rand-Hendriksen: The open source way of thinking, as far as I understand it, actually predates open source software. The anecdotal piece that I’ve seen is that it started with an engineer who wanted to repair a copy machine, and realized that although he knew what part to fix, there was a screw, disassemble it, replace a screw with a new screw.

And he discovered that there was no way for him to do that without breaking the warranty on the machine. So effectively saying, if I do this, I am in breach of the use agreement of the thing that I own. Which makes no sense, like why on earth should I not be allowed to repair my own things, when I paid for them.

And anyone who has a cell phone knows this, right? If you open the phone and you’ll see their stickers inside that say, if you breach this sticker, you’ve breached a warranty. Which is a bizarre thing. If you think about it, but this is mine. Why on earth would working on my own thing somehow invalidate the value of the thing, right? It’s very strange.

So there was the thinking around this open standards thing where people should be allowed to understand how their own things work and be able to repair their own things. It comes from that. But if you make it that broad, you’re gonna think that that’s not something that was invented in the eighties. That was probably something that was invented around year minus 3000. The second people started making things, they would also start thinking, this is mine, this rock that I made that has a chink in it. This is mine. And I should be able to modify this to make it work the way I want it to.

And it’s only in this modern capitalist world where we have this idea that, oh no, the thing you own is also governed by a corporation who made it and you can’t make a copy of it and you can’t. So there’s a whole thing around there. So in this environment where everything was made by corporations and everything was heavily controlled in terms of what you can do with it, how you can modify it, whether or not you can repair it, who can repair it, et cetera, et cetera, et cetera.

There was a pushback to people saying, actually, no. I want to be able to make things and then give it to other people and then allow them to do whatever they want with it. And from there came this notion of a new license for software development that explicitly gives the user control over the thing that they pick up.

So when you develop something, you give it to a person and then you say to that person, okay, you can do whatever you want with this. You can use it as this. You can modify it if you want to. You can redistribute it, give it to your friends. You can redistribute your modifications of it. And you can allow your friends to make modifications and redistribute them.

And the only requirement I have is that you extend this license to anyone you give the software to. And this is the root of what we call copy left licenses. So instead of copy right, you have copy left. You pass the license onto the next person. And this was manifested in the GNU manifesto, The GNU, GNU, new manifesto that was written by Richard Stallman. It’s a screed, it’s a political manifesto in a very real sense. And I encourage anyone who works in open source to read it, maybe many times, and discuss it with each other. Because it is truly a remarkable piece of fictional writing. Embedded within it are all of these ideas, including everything I described. So the four freedoms or the five freedoms of open source.

The rationale for why we should have free open source software. And why there can still be an economy, even though you have free open source software. You’re giving away something for free, how do you make money? Why that is a good thing. All of that is described in the document. And it also introduces interesting things like, here are a bunch of different ways you can earn money from it. You can teach or maintain. You can run groups and have people pay dues for those groups. You can introduce a software tax where corporations who use your software have to pay a tax in, and then the money is then paid back into the community. All of those things are contained within the GNU manifesto. Along with very utopian ideas about how, in the future, where open source software will rule the world, no one will need to work because software will do everything for us. So basically you just spend all your time doing whatever you want. And because software developers love writing software, they will continue maintaining it just because it’s interesting to them. And no one will need to get paid because payment will be automatic. There’s a picture of a future that will never exist, that is underpinning this whole ideology. So there’s this document, the GNU manifesto, which is the origin of the GNU, GPL license, which is what most free open source software is published under.

There’s also a book called The Cathedral and the Bazaar that was written by Eric S Raymond which is seen as the Bible of open source, or one of the canonical texts of open source that defines the economics of open source. And again, this was written around the same time or a little bit later, it was like 10 years later from the GNU manifesto. In The Cathedral and the Bazaar, Raymond outlines his own project and how he took something that was proprietary and turned it into, or an idea that only was covered by it, proprietary software made an open source type of software that did the same thing, and all the reasons why this is a good thing. And it really outlines this whole idea that if you make something other people will contribute to it because they see value in it.

And then over time, developers from different spaces will gravitate towards it. So by the time you need security developers, a security developer will find interest in the project, contribute to the project to help you with security. When you need a designer, a designer will gravitate towards the project, and it will build on its own.

And when you look at open source project in general, you can see that successful open source projects do follow this model, where someone says, hey, I want to build this thing. And then they distributed on the web. And then other people say that’s cool, but it’s lacking X. And then they say, hey, I can contribute X. And then someone else says, oh, I can contribute Y, and then over time you grow a community of like-minded people who want to see the things succeed because it’s useful to them. It keeps growing and attracting more and more people. So that’s the source of this whole thinking, that if we put something into the world that is valuable to the people, other people will come in and start using it.

And we’ll also contribute back to it. Which is very much in honesty, a socialist way of thinking, right? From each according to his ability to each according to his needs. It’s core sociology. This idea that, you make a thing that’s valuable, you put it into the world. Other people use it, and if they can, they will contribute to it.

But contribution should not be requirement for using it. And that part of open source is what has made open source what it is today. But when we talk about socialism, then a bunch of people are going to be like well, you know, that’s been proven to not work. See Soviet Russia, China, whatever.

And I always have to point out there is the fundamental difference between the socialist idea of everyone using a thing in a way that’s meaningful to them, and then contributing back what they can. To the communist Soviet way of thinking, which is from each according to his ability to each according to his work, or labor investment. You see that change at the end there? From needs to work? what you get back from the system is contingent on what you provide.

And what we’ve seen over time in source is a gradual shift power from the needs to the work part. That the people who make decisions within open source projects are the people who do the work. The classic term is decisions are made by the people who show up. Which is the same as saying, if you have the benefit of being able to contribute, automatically also get within the community.

And if you look at who is able to contribute freely, without pay, their own time and expertise, you will notice it’s a subset of the population is very privileged in some way. Mainly the ability to have time, and the ability to their knowledge without having to take money for it.

And then you get this power problem, which was never accounted before by Stallman or Raymond, because both of them believe this future in which this is irrelevant. And you can see when you read these articles that they wrote, that they have this underpinning idea that the best developers will automatically bubble to the top, simply because they are the best. Which is meritocracy, which is nonsense.

Meritocracy is a dystopian idea that doesn’t comply with how the world works at all, because it assumes that everyone is playing on an even field. That no one has privileges, and that everyone has the capability of partaking in the same way, but that’s not the case. So there are these underpinning ideological stances that sit on the bottom as the foundational stones of open source ideology that are deeply problematic.

And then the stuff that’s built on top, sounds fine until you start investigating, but what happens if this actually becomes the standard? Because due to these ideological underpinnings, there’s a lack of consideration for things like diversity, things like inclusion, things like imbalances of power, or things like equity.

They’re just not there because of these assumptions about equal access and skills being a determinant of whether or not you should be able to contribute.

[00:30:15] Nathan Wrigley: It’s really interesting because it feels to me as if the problem isn’t one of open source. It’s one of growth. And what I mean by that is open source has just grown to the point where, not only is it critical some sense, literally of society will fail if certain portions of the open source community are not updated regularly and what have you. But also, it kind of got away from us, this idea that everybody could contribute, sounds lovely, it feels as if it works very well on a small scale, and all those years ago, when you were talking about the manifesto and so on, imagine that even though it was described in terms of open source will take over the world.

There probably wasn’t any conception of what that would actually mean. And yet, here we are. The open source software literally has taken over the world, and tens of thousands, maybe millions of people, are usefully employed in using it, it feels like, maybe what you’re describing is that it’s grown in a way that has had really time to inspect. Nobody’s had eyeballs inspecting this as it’s grown. On the corporate side, there are people who are paid to govern how things grow, are people whose job it is to make sure that things are made fair and equal. And I’m guessing that may be, part of the problem you’re highlighting. Is that there’s nobody looking down from the top saying, look, we really need to address this thing over here because, it’s getting out of hand.

[00:31:45] Morten Rand-Hendriksen: It’s not a problem with scale. It’s that the governance model, or lack thereof, isn’t scalable. There is no governance model on the bottom because there’s an assumption that this will never be large, in terms of who contributes.

It’ll always be a small group of people who are building software for everyone. It will not be communities of tens of thousands of contributors. But this scale problem, and the legacy debt problem isn’t unique to open source. I think the best example I can give you is Internet Explorer.

When I say this, I have to do the whole disclosure. I work for LinkedIn learning. LinkedIn learning is part of LinkedIn. LinkedIn is owned by Microsoft. Saying that, I have no interfacing with Microsoft nor have I ever worked for the Internet Explorer or the edge team or anything else. So I’m saying this as an outside observer, and these are my opinions about the history of a browser, not a statement from the company I’ve worked for nor anything. Okay?

The people wondered for a very long time why Microsoft didn’t sunset Internet Explorer, right? Internet Explorer was like the curse on web development, that you had all these browsers that were moving forward very fast. And then you had Internet Explorer that wasn’t. And what people fail to recognize is it’s because of how Internet Explorer was originally built.

So Internet Explorer still is, until it was sunsetted it, Internet Explorer was a variant of the file Explorer inside Windows. Meaning you could open files from your computer into Internet Explorer, just like you could open a webpage. In fact, if you go an open an old version of Windows, and go into the file explorer and type in a URL, you can open a website inside the file explorer, because it’s the same application. It’s just a different skin on it. So changing Internet Explorer, meant changing how file explorer works inside Windows. I think the reason that is, is because when Internet Explorer was introduced, way back before the internet was a thing or the web was a thing, people were really using in a meaningful way. It was considered a file repository. The internet was a file repository. You would go on the internet and find files and then open them. And it was natural to take the file explorer and just say, okay, we’re going to extend it so you can pull files from elsewhere. And then people publishing these HTML documents will be like, add an HTML parser to it. And then eventually a CSS parser. We should probably pull that out and make it a different application, but it’s actually the same. And then, oh my God, the web is the only thing people are using my computer for, but our Internet Explorer is still tied to our file server, our file Explorer. So how do we solve this? You have this problem of everything is moving so fast, and scaling so rapidly, you can’t stop everything and be like, stop, we’re going to spend a year redeveloping this from the ground up to be completely different. Because the whole operating system is wired to this. And this is also why for a while, on Windows you had both Internet Explorer and Edge at the same time. Because Internet Explorer’s functionality is wired into applications. And that functionality as in Internet Explorer has access to files on your computer, as well as the web at the same time is wired into a lot of applications, which is why you often see these very advanced tools that people are using in say a bank or a doctor’s office that can only use Internet Explorer, because it’s also the file explorer, So there’s decisions made early on in a rapidly evolving space, lead to enormous legacy debt that is almost impossible to get out of. in the open source world, that legacy debt is the lack of governance protocols for how decisions are made. And what you see in the open source world is that ad hoc governance models are introduced, like a very poorly defined consensus model. Because of a lack of existing models. But then due to how the community has over time, and the freedom given to contributors, it’s very hard to go and say, now that we are successful, we’re going to start imposing rules onto the way we work. Because then all the people who came in when there was free to do whatever you want, will be like, hey, why are you suddenly restricting my freedoms?

Why are you standing in the way of me doing things the way I want to? this is what you see anytime you try to bring these issues up that people are saying, you’re standing in the way of what I’m doing. again, this becomes a scale problem because, from the individual contributors perspective, when you are working in open source, you’re really solving your own problems.

You’re saying, I want this feature, and I believe that this feature is something someone else would have so I’m going to make it and put it into the project. But if you’re doing that on a project that influences or impacts tens of thousands of businesses, for example. Say you’re making an e-commerce platform, every change you make will have mission critical impact on all the people who use it.

So you’re not making a decision for yourself. You’re making a decision for all the other people who are using the thing. And, when I spoke, I speak at an open source conferences, I always start by saying the people in this room are the 1% of open source. Because by being at an open source conference, you are identifying yourself as not being a standard open source user. The normal open source user, never interfaces with the community at all.

They download the software and use it as is. That’s it. That’s their interface with the community. By being an active part of the community, you are identifying yourself as a privileged person within the community. You have more knowledge of the software than anyone else. You have more influence over the project than anyone else.

And you do not use the software the way your users use it. So you are not developing the software for you. You’re developing the software for someone you don’t fully understand because you’re not that person anymore. And that’s a scale thing. Understanding that is very difficult.

It’s a skill that you have to constantly train yourself to maintain and understanding that a trivial decision has an impact on a thousand or ten thousand or a hundred thousand or a million people, is very difficult, because it makes it challenging to even do anything, unless you then go, actually, no, it’s just from me. And I have the power to do it because it’s open source.

[00:37:48] Nathan Wrigley: One of the things which comes out of your piece is a desire people, going to use the word remunerated, not strike a balance of what it is that you actually want to say, but I’ll use it anyway, are remunerated for the work that they do. In the sense that, volunteering is laudable. It’s an altruistic thing. I don’t think in any walk of life, anybody is going to say that volunteering is not something to be commended, but presumably there is some line in the sand, I don’t know where that line lives exactly, there’s a line at which perhaps you feel that remuneration ought to take place.

And I don’t know what the criteria for that is/ maybe it’s the legacy of things that you’ve done in the past. Maybe it’s the of the thing that you’re about to commit. I don’t know. But I’d be curious if you could develop that a little bit. Talk about how it is that you feel people desiring remuneration.

And in the case of some recent events, how perhaps they felt challenged and perhaps bullied is the right word by larger entities who almost imagined that they were employees of theirs. In the case of Log 4 j, being contacted via email by people who just assumed that their software was something that they could force them to update, after sending them a snotty email. So let’s develop that a little bit.

[00:39:09] Morten Rand-Hendriksen: I’m going to say two very contradictory things. I don’t think anyone should be paid for open source development. I also think that all open source developers should be paid for open source development. The reason is, in an ideal world, open source should be completely free, and we should all have the capability to contribute what we can, and build software that has no strings attached. That is the ideal. That is the dream of open source. That open source software exists independent of capitalism. That we can say, you build software, people use it, no one ever attaches any strings to any of that. If you can contribute, you contribute. If you have something meaningful to contribute, you can. It’ll get included. You can fork it. Everything will be fine.

However, and this was the dream of the GNU manifesto, that this would be the future we would be building. Where it would no longer be necessary to get paid because dynamically people would just get paid through other means somehow, I don’t know. It’s very unclear how that’s going to happen, but that was the dream. However, we live in a real world and the real world is a capitalist world, where your contributions have value, whether you are paid for them or not. And this has become exceptionally clear in the open source space because in the open source spaces, there are corporations that have billion dollar valuations, that are built either on the open source software or basically represent the open source software itself. Who for every contribution that’s made by a volunteer, an unpaid volunteer contributor, the corporation is able to pull significant monetary value from the project. At that point, you get this enormous power imbalance between the volunteer, unpaid contributor, and the corporations who earn billions of dollars off the application, and are able to spend some of that money putting contributors into the project. When you have that kind of power imbalance, the only responsible thing to do is to put a monetary value on contribution and say, we are going to redistribute the wealth. And the insane part about this is this was actually addressed by the new manifesto. I have it open here.

All sorts of development can be funded with a software tax. I’m just reading verbatim, right? By the way. Suppose everyone who buys a computer has to pay X percent of the price as a software tax. The government gives this to an agency like the NSF, that’s the organization that he was running at the time, to spend on software development. But if the computer buyer makes a donation to software development itself, he can take a credit against the tax.

He can donate to the project of his own choosing, often chosen because he hopes to use the results when it’s done. He can take a credit for any amount of donation up to the total tax he had to pay. The total tax rate could be decided by a vote of the payers of the tax weighted against the amounts they will be taxed on.

And the consequences for that would be the computer using community support, software development. The community decides what level of support is needed, and users who care, which project their share is spent on can choose this for themselves.

So, in this, which partly makes sense, and partly is just a utopian fever dream, he lays out in very clear language. There should be a software tax. If you talk to open source leaders, they will aggressively fight this idea. And I think part of the reason for that, and this is purely my opinion and observation, is the second we start paying people for contribution, the power balance shifts dramatically within the open source communities, because there is a large portion of people in the world who do not have the privilege of contribution right now, who just can’t. Either their jobs preclude them from doing it to begin with. Not because the company’s saying you can’t contribute, but because their jobs are too overwhelming to spend time contributing to open source. Their lives may be in the way. They may not have time in their lives to do open source contribution. They may not be in a position where they can volunteer their time because their monetary value they derive from their time in a work is more important to them than being able to contribute.

And people find themselves in a myriad of circumstances where just volunteerism of any kind is not possible. In addition to that, you have all the socioeconomic factors and the social factors that impact how we interact with other people. All the things that impact our interactions with people impact open source contribution. Including gender representation, sex representation, race, culture, creed, religion, physical location, ethnicity, how you present yourself to the world, neurodivergence, disability, all of these things come into play, right? So the assumption that open source has the best contributors, because the best contributors bubble to the top, assumes everyone is the same. In reality, everyone is not the same. There is a small handful of people who fall into that category of, just being able to contribute their time freely.

The majority of us can’t do that. The majority of us are dependent on money to pay for housing, to pay for food, to pay for our kids, to pay for being able to function in the world. And all of those people are more or less excluded from contribution. So therefore you get a subset of the population during the contribution. In that scenario, when you at the same time, have corporations deriving billions of dollars out of the source project, you cannot argue that, no, we should continue to not pay contributors.

And then you get to that whole question that you brought up with, like, how do you do this? How do you pay contributors? Because how do you measure. Let’s say someone who goes and rewrites all the PHP in the project from someone who runs one of the support groups on a Slack channel, right?

Both of those things are valid contributions to the project. One of them is easily measurable. The other one is very difficult to measure. Which one of them have the most impact on the project? I would say if you want to follow like the open source ideology of like in the future, everything will be free no one will have to be paid for anything. would say the measure should be time. It should not be what you do. It should be time. And then you have to qualify the time and say like, if you spend eight hours doing something that should have taken you two minutes, probably shouldn’t be paid eight hours of work. But if you are spending eight hours on something that someone who is more skilled than you would do in hours, you should probably be paid for the eight hours of work because it’s a learning process. But then if you go down that route, you then ask, who pays and the simple answer is the people who earn money from this should pay a part of that money back into the community. And it should not be 5%, because their entire financial basis is built on the platform of the open source software.

The wealth of these companies that are built on top of open source is entirely contingent on the free labor of the volunteers, which is insane and would never fly in any other context, right? If you want to use Marxian terms, it’s exploitation of labor, right? And you’re taking the free labor of someone else and turning it into money and not giving money back to them. And no amount of oh, but my corporation volunteers its people back into the community, will account for that because that’s not what’s happening. If you have a corporation that’s financially dependent on the success of the open source project, and you put some of your people back into the project, you are not volunteering anything. Those people are now paid to direct the project in directions that are fruitful to your company so that you can derive more money from it. And if that’s the model you want to run, that’s fine. Then that has to be explicitly stated, that this open source project is actually a money machine for me, and I’m going to put my people into it, and they are being paid to direct the project in directions that are fruitful to me. And if you contribute that as on you. Gatsby actually does this, right. Gatsby used to have two websites. They used to have the dot org version of Gatsby, the open source project. And then they had gatsby.com, which was Gatsby cloud and their commercial offering. They combined them and they said we’re not going to pretend what’s happening here. There’s a commercial project called Gatsby that has an open source component to it. So you can use Gatsby any way you want, but we’re going to be crystal clear about this being a commercial venture. And when you contribute to Godspeed, you are putting money in our pockets. And it’s a very open way of dealing with this problem.

So as long as you have interests within the community that are deriving value from the open source community, they should be paying back into the community. And the way that practically this should be done would probably be something like having a foundation of some kind, or an organization within the community that collects money that anyone can pay to. If you’re a user and you go, I want to, I can’t contribute in terms of writing software or being in the community, but I can give some money. Or if you’re a company that relies on the software, you can pay into this organization, and then that organization determines how to distribute that money, not through what is of interest to the corporate interest, but just like looking at the project, where should we funnel money right now to get things done?

This is what the open JS foundation does. So they have foundation where you can pay in money and then they will distribute the money according to need, both for the project and for the people who contribute to it so that you can actually get work done. There is no reason why open source projects can’t have this. Other than that it’s resisted by the leadership, because it shifts, power. That’s the way it is. It’s a power thing. When you give people money for work, you’re changing the structure of how things are done. And that’s not something people who are driving massive amounts of money from a project want because then the power shifts.

[00:49:10] Nathan Wrigley: What would you say to somebody, I suspect this imaginary person wouldn’t be tremendously difficult to find, but what would you say to somebody who said, am totally happy with the way it is now? am really content with volunteering. Some time literally volunteering it with no expectation of anything. Just to be a good citizen, to be a part of the community and to see the project that I’m involved with over time. Don’t want to see financial reward or whatever it may be, I just want to contribute and see it grow for growth’s sake.

[00:49:41] Morten Rand-Hendriksen: Congratulations on being a white man living in north America or Western Europe, is what I would to say to that. That is basically the person you’re describing. That is a person with enormous privilege. Doesn’t have to be the person I just described, but it’s very likely to be that person I described. A person who has the privilege, not only of contributing their free time to a project like this without any expectation of renumeration, and who has the worldview that this is something everyone can do, and therefore it’s okay, is a person with enormous privilege. This is basic deontology, right. Duty ethics. If you do something, you are saying that this is the model you want everyone else to follow. It also implies that if you think that this is okay, you are saying, this is okay for everyone.

This is part of the problem that we have. The ideology that underpins this assumes equity in the system. When we know the system is not equitable. When we know that there are people with enormous power within all these open source projects, who earn millions of dollars off the open source project, where there are other people, with great ideas who earned zero dollars off the project who have no power because they don’t get paid for it, and they don’t have the ability to contribute. And that’s when you get this whole like, decisions are made by the people who show up and the people who show up are the people with privilege. So that means decisions are made by the people with privilege. And that’s how you get things like open source projects that disregard accessibility, because people with accessibility issues have a much higher threshold to walk across to get into the project and be able to contribute. And they are facing challenges in their lives that make it more difficult for them to be able to contribute without getting paid. As a result, the voices that would argue for more accessibility are effectively excluded from the conversation because they are not contributing as much as everyone else and thereby their views of the world are not embedded into the project because they’re never heard.

So it’s about privilege, and it’s a very privileged position to say, I’m fine with not getting paid. I’m one of those people, who, when I was contributing to open source projects, when I still contribute to open source project, I do that while I’m being paid by my company to do that.

Part of my job is to be embedded in open source projects to see what’s going on. And I use part of that time to help open source projects. But that means I am not the normal contributor. And that also means I have freedoms that other people don’t have to do things that other people can’t do. And I have to keep that in mind because that means I need to then bring those voices that can’t be at the table to the table, or represent the ideas of those voices at the table, ensure that those voices are heard in some way. part of that is me having conversations like this and saying, the fact that you don’t have equity in your system that the system is inequitable, and that the system will remain inequitable until you actively do something about it.

And the clearest path to doing that is by paying people. then you could extend that and say, people can choose. If you work for a company that’s paying for a contribution, then you don’t get paid. you don’t work for a company that’s paying for your contributions and you’re doing it on your own, then you can go apply to get paid.

[00:52:59] Nathan Wrigley: As with all of these things, the broad brush strokes of the idea are easy to crystallize. It’s straightforward conceive of these things. My guess is that some parts of the internet where you live, these ideas are crystallizing and they’re up for discussion, and this debate is ongoing. Where do you go to discover these ideas? What communities are you in, where these kinds of things are up for debate and so on.

[00:53:24] Morten Rand-Hendriksen: Open source projects are grassroots political organizations pretending to be software development communities. If you go look at grassroots political organizations, you very quickly see that it’s the same thing. ad hoc communities that grow over time, power. There’s power struggles within those communities. And eventually someone realizes, hey, doesn’t work, so they start implementing governance rules and they turn into either functioning organizations or they collapse, or they fracture, or fork into multiple different versions of themselves. Acknowledgement of this fact a long way to understanding how to move forward. Because the notion that, if you talk to individual open source contributors, especially powerful open source contributors who have significant sway on projects, they will always talk about the project as if it’s still some sort of hobby thing that they and their friends are doing on their spare time for fun. And in that frame that anyone who comes in and says, hey, we should do things differently are infringing on their freedom to do whatever they want in their spare time, as a hobby, Someone is coming to me and telling me I can’t drive my RC boats in the local lake. how it’s approached in reality. not what it is at all. It’s more like, you started with your little RC boat in a lake, now you’re running the main transportation hub for people who are moving from one island to another, but you’re still acting as if it’s just some hobby project. It’s not. There’s a disconnect between the reality of the impact people have how they treat it. And a grassroots political organization, the impact of the work you do become immediately apparent to you because you interface with the people you’re working with all the time, and you can see the real world impact .

In software development you never interface with the people you impact, or you only interface with the people, a small handful of them in very specific circumstances. you don’t really have a full understanding of what you are doing to the people you are building software for. I very intentionally say what you are doing to the people, because when you do any kind of design or development work, you’re really using people a vehicle to bring forth a view of the world or your vision of what the future should be like. It’s instrumentalism, you’re, quite literally building tools for people to use, and when they use those tools, they build the future that you devised for them. And that future is to your design. Software development gives you enormous power, but it also removes you from seeing the consequences of what you’re doing. And it gives you this cushion that you can sit on where you say, no, it’s just me mucking around with some software, it’s not a big deal. Meanwhile, it is a huge deal for a lot of people. So it’s a very sticky problem because it has to do with changing the way people think about open source software contribution, not as something you’re doing because you like it, but it’s something you’re doing that is changing the world.

And it’s funny because the open source contributors will very, very happily talk about the enormous impacts open source software has on the world until you ask them, how are you held accountable for this, at which point they are very quick to tell you, oh no one is allowed to restrict my creativity and freedom in doing any kind of development. How dare you bring this up, right?

[00:56:43] Nathan Wrigley: I feel like we’ve just scratched the surface. We’re the best part of an hour in, and I know that you’re constrained by time, but I’m sure that for those people who have been intrigued, they’ll be keen to make contact with you and discover about your thoughts. you have a place, some places on the internet where you can be best discovered?

[00:57:06] Morten Rand-Hendriksen: Yeah. I’m on Twitter @mor10, mor 10, cause that’s my name. You can also find me on LinkedIn. I’m Morten Rand-Hendriksen on LinkedIn. I should be fairly easy to find. And I have a website, Mor10.com, one zero dot com. I’m I cross post everything. I post elsewhere onto my website too, so that I have control over my own content.

And I’m on TikTok now, at mor 10 web, so mor one zero web, because there’s someone else by the moniker Morten who’s not using their account, so you can find me there as well. Reach out to me from any platform. You’ll find me.

[00:57:41] Nathan Wrigley: Absolutely fascinating discussion. I hope that you get some reaching out to you and continuing the discussion and the debate and thank you so much for joining us.



source https://wptavern.com/podcast/15-morten-rand-hendriksen-on-governing-open-source-projects

Comments