• sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    a human is entirely defined by their country of origin

    That’s missing a big part of the justification here. When you’re from a given country, that country frequently has a lot of influence over you. You probably have family and other ties in your home country, and those can be used as leverage to get you to do what the state wants. And when your country is in active opposition to a large portion of the free world, it makes a lot of sense for people to be extra cautious in who they deal with, because it’s never clear if that person is being manipulated by their former state.

    So excluding someone based on nationality can absolutely make sense as an easy rule of thumb to avoid most of the problems stemming from that state.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        That’s completely unrelated to contribution to FOSS. The only way it would be relevant is for software projects that do some kind of filtering, so something like Lemmy might be an area where I’d hesitate to put someone from Israel, Gaza, Russia, or Ukraine into a maintainer/moderator/admin role because they could influence what content is viewed by users in a way that paints their country in a better light.

    • DrDystopia@lemy.lol
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      Would you agree it’s a good thing to avoid US software as they’ve incorporated secret surveillance into law through letters of national security to private companies?

      And by extension, perhaps even shunning US citizens?

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        As a US citizen, I care less about where the software comes from, but who hosts that software, so I tend to use FOSS products and services, preferring to self-host where it’s not too annoying.

        I don’t think anyone should shun citizens from any country, but we should be wary of trusting citizens from countries where the government has a larger influence. So we should be hesitant to trust people from Russia, China, North Korea, and Iran (and a bunch of others, I’m just listing the official enemies of the US), especially if they still live in those countries. That doesn’t mean we should shun people from those countries (I have an awesome coworker from Iran), just that we should hesitate to put them into influential positions. I have no problem collaborating with people from any of those countries, I just think we should be a little extra careful when there’s a stronger incentive for their government to get involved (and manipulating Linux is attractive for pretty much every government, esp. my own).

        • Rolling Resistance@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 months ago

          I have no problem collaborating with people from any of those countries we should hesitate to put them into influential positions

          “I’m an American, and therefore I’m better”

          where the government has a larger influence

          We’re literally talking about Linux Foundation making these changes to comply with requirements of your government.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            2 months ago

            We’re literally talking about Linux Foundation making these changes to comply with requirements of your government.

            In leadership, not code. That’s a pretty big difference.

            I also think we shouldn’t have people from the NSA, CIA, or FBI as maintainers either, because they have clear conflicts of interest. That said, I think it’s a lot less likely for the US government to extort a maintainer to let bad code through than the Russian government. It’s much more likely for the US government to try to hide bad code in the normal review process, and I’m sure that happens w/ Russian spy agencies as well, but allowing someone in a region that has demonstrated that they’re willing to strong-arm people into doing things that benefits the state (i.e. through threats or even outright force) to hold a maintainer position in a very influential piece of software isn’t a great idea, especially when their government is choosing to be an international pariah.

            I have zero problem with Russians contributing code to the kernel, I just think it’s wise to remove Russian citizens from leadership positions to limit the impact of Russian interference in Linux development.

            • Rolling Resistance@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              2 months ago

              You are talking about hypothetical situations in the organization with around 2694 maintainers. What I find interesting, is that no one in this thread thought it would be good to check if these 11 already contributed something harmful. Instead, it’s just “good, we prevented a bad thing”.

              Anyway, your extreme take “ban all Russians because what if” goes much further than what happened in reality (“ban Russians working for companies under sanctions”): https://social.kernel.org/objects/860ef93c-229b-4070-8ee6-cb80d1f51337

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                0
                ·
                2 months ago

                I never said “ban all Russians,” I said we should be more skeptical of allowing Russian citizens to be in leadership positions on projects like the Linux kernel, especially while their government maintains a hostile attitude toward much of the rest of the world, and thus presents a greater risk of knowingly allowing malicious code to get into the tree. That’s it.

                Perhaps some Russian citizens can be trusted, idk, I honestly haven’t looked into exactly who the maintainers are (as you mentioned, there are a lot), or where they’re domiciled. I have zero issues with Russian people in general, I just think the current political climate makes it much more difficult to trust Russian citizens on these projects. They can absolutely submit code and it’ll go through the normal review process, they may just be prohibited from holding leadership roles.