← Back to context

Comment by Hello71

5 years ago

This argument confuses and saddens me. If I give away free food which I and others know to be contaminated with foodborne pathogens, is it wrong for them to criticize it? What if I don't know, but I obtain it from a supplier which is known to persistently sell contaminated food? What if I put up a sign in very small print saying that the food comes with no warranty whatsoever and all consumers eat it at their own risk? What if I put up a large sign? What if instead of pathogens, I intentionally add lead-based decorations on the basis that they look and taste good, even if they may be slightly carcinogenic if consumed? What if I clearly state that the decorations must be removed before eating? At what point do I acquire moral culpability for the harms suffered by my customers? These sorts of comments seem to imply that there is no problem with me doing any of this, as long as the food is provided for free and consumers have the choice to not take the food. I would vehemently disagree with that claim. Uninformed choice is not a true choice, and even informed choice cannot excuse certain foreseeable harms.

That is an entirely specious analogy. This code will not cause someone to get sick or die. And "contaminated" vs. "not contaminated" is a binary result for food -- one is the case and one is not the case. With code, there's nearly always room for reasonable disagreement as to what is the right/good or wrong/bad way to do things, and often people argue over two (or more) perfectly fine ways of doing things that just come down to a matter of style.

  • I'm not sure if this will change your mind, but in the Rust world, there's a concept of "unsafe" code that can lead to vulnerabilities.

    The difference here is that a code consumer can check a Rust project for unsafe code, whereas a food consumer cannot check for unsafe contaminants.

    • If it's OK to demand a project use only Rust and not unsafe Rust, then it must be OK to bitch at every C or C++ project and demand they rewrite in Rust. If that sounds absurd, that's because it's supposed to.

      1 reply →

  • Indeed. Not to mention, embracing this analogy means literally all food is poison because every piece of software has critical security vulnerabilities whether they are widely known or as of yet discovered.

  • Are you seriously claiming that food contamination is a "binary" thing? That it's impossible for food to be only a little contaminated, at a level that won't make you "get sick and die?"

    Its common knowledge that a certain amount of food contamination is considered safe. And, although specifics are not generally common knowledge, it's easy enough to find that, e.g., the FDA views < 100 ppb of lead in candy as safe.

    I don't think hyperbole is helpful to this conversation.

    • >Are you seriously claiming that food contamination is a binary thing? That it's impossible for food to be only a little contaminated, at a level that won't make you "get sick and die?"

      >I'm sorry, but I think you're being disingenuous. Every little kid knows there's some small amount of nasty stuff that's allowed in things like bread (grasshoppers in the wheat fields caught in the combines) and peanut butter because it's such a small amount of contamination and doesn't pose a health risk.

      >Please don't be disingenuous in your arguments. It only serves to exacerbate the polarization over contentious issues.

      At least he tried to answer in a good faith. Your answer is a lot worse.

      2 replies →

I mean, the license state:

> THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

So if some random person on the side of the street gave away browny, and had a sign like that, I'd do a bit of personal investigating first before eating it, like looking at the ingredients, asking for expiry, and all that. Which you can do for open source software, by just looking at the source code.

There's a difference between leaving poisoned but attractive looking food on a sidewalk, and putting code on github. You're losing perspective regarding open source programming -- it's supposed to be fun. There seems to be a political / ideological dimension to this disagreement. Your nanny state would be correct to punish someone for leaving poisoned food out. But we don't need your nanny state in open source software. People can choose to use or not use free software. Anyone whose software has life or death implications would indeed be culpable if they make those choices rashly. But the responsibility does not lie with the maintainer.