Google has fired many heavyweights in the open source world. This has significant implications for software supply chain security.
One of the many people fired was Chris DiBona (photograph). From 2004 until January 20, he was Google’s Director of Open Source.
Support from companies like Google Key to funding security-critical open source projects.in this week Secure Software Blog Watch, will the last person to leave turn off the lights?
Your humble blog watchers have curated these blog bits for your entertainment. not to mention: face.
don’t be evil
what is craic? Steven J. Vaughan-Nichols asks, “What does Google do with its open source team?”
“Google makes the difference between life and death with open source”
Something hit me as I watched who was being fired. Many of them the doors were shown were the best in open source.
…
For example, Chris DiBona, Jeremy Allison, Cat Allman, and Dave Lester. … These are people that no one in their right mind… wants to fire. They are open source movers and shakers. In open source leadership circles, they’re people we all know.
…
Definitely not, because Google doesn’t require open source expertise. Google lives and breathes open source. … Google would be wise to stop listening to pushy investors and pay more attention to protecting their real wealth.
How bad a move was that? Matt Asay researches and analyzes — “Google failed”:
“Reverberation”
This is an incredibly naive move. I do not know. Jeez. …Google has made an impressive foray into its cloud leader, her AWS, by aggressively open sourcing projects such as TensorFlow and Kubernetes. … Google’s Open Source Strategy [delivered] Impressive payout.
…
That’s why it’s so baffling that the company has fired…the key people who established and still maintain the foothold that all of Google’s open source, and therefore the cloud, hopes to rest in…. The strategic advantage of open source software… Kubernetes allows Google to influence the direction of the industry. The same is true for projects that Google doesn’t start but actively contributes to, such as Envoy, etcd, Knative, and Istio.
…
You can’t fire a lot of experience without repercussions. … Google needs to increase its open source expertise, not decrease it. … will save you far more money than you would have spent on an effective open source policy.
Apparently, they were fired via email. As Elizabeth Spiers opined, companies like Google “show employers really care about their employees”:
“Word spreads quickly”
Employees who have been laid off, those who have been with the company for decades, have received the news in their inboxes. I think the approach is not only cruel, but unnecessary.
…
Delivering news without personal human contact serves only one purpose: getting managers off the hook. … look people in the eye. answer the questions. If someone is upset, show sympathy. Treat people the way you would like to be treated.
…
And word spreads rapidly. You’ll read all about future employment prospects on Twitter or Glassdoor. … Treating employees like disposable units ultimately puts the company’s own interests in jeopardy because they can simply cancel their enrollment.
But really? TRUE. yet another anonymous coward Put it succinctly:
If you haven’t taken a freshman business class, think a little beyond the immediate effect.
If you think it’s the kind of place that fires people from spreadsheets, the best people might tend to go and work at Apple.
But all open source stuff doesn’t make money. That’s an incredibly short-sighted view. Lectide:
“Pretty basic and rudimentary”
So it depends on if you actually care about the rest of the computing universe. If you just do your thing and don’t care how the rest of the software universe sees you, well, well, yeah.
…
[But] This seems very basic and rudimentary if you want to have any relationship with the rest of the computing universe. Most companies rely heavily on and use open source. tons of [Google’s] Universe has a vast open source foundation.
Google hasn’t paid attention to this issue for years. claim u/Pistolas Al Amanecer:
“No more paying for lip service”
Google was built on open source projects, but the people who made it great in the early days are gone. Once Google reached critical mass, the value to shareholders of having employees who wanted to keep working on (and releasing) open source code was greatly diminished, thanks to the strength and royalty-free nature of open source.
…
Is it any wonder they waste these efforts? They have enough assets to write proprietary code so they don’t have to pay lip service for open source support. I was.
Many other companies support open source. But Robert Grant It reminds me of the scale of Google’s work.
[Google has] In my opinion, it’s the best cloud platform for engineering, and even though it’s doing a lot of great things like open sourcing VP8, starting Kubernetes, making AlphaFold, making Go, running Android, etc. Regardless, they are clearly not perfect. However, I think this is to be expected based on the comments they get in the media.
Here’s some context. As John Naughton explains, “Why did Alphabet hit the panic button?”:
“Chat GPT”
Over the years, I’ve struggled with quite a few features, just to name five: Google+, Google Wave, Google Glass, Knol, and Google Reader. …which allowed the company to avoid a mixture of creativity, fumbling, and indirectness, apparently, because it was always money rolling around. [from] … the powerful cash pump of surveillance capitalism.
…
why panic? Three reasons: … First, the tech industry has recognized a recession is coming, leading to massive over-hiring in 2021 and 2022. market.
…
But the real reason for the panic is… ChatGPT’s free version seems to be taking the world by storm. Given that people are already using Google as a search engine of sorts, this is worrisome enough for Google. …and the company has a lot of backing from Microsoft. … it makes me want to ask ChatGPT, “Why hasn’t Google released a chatbot like yours?”
Will Conversational AI Replace Search? rich_sasha Not buy:
I tried ChatGPT today…and was like a smart 7 year old kid.
in the meantime, mistaken We offer this decent price:
Google sells advertising. Everything else is either a means to collect data for better ad serving or a pet project that ends up getting killed.
And finally:
this video does not exist
Previously And finally
you are reading secure software blogwatch By Rich Jennings. Richi has handpicked the best blog posts, the best forums, and the weirdest websites.Hate mail may be sent to @RiCHi Also [email protected]Please consult your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare at the laser with the rest of your eye. E&OE.30.
Image source: Joichi Ito (cc:by; leveling and trimming)
*** This is a Security Bloggers Network syndicated blog from the ReversingLabs blog created by Richi Jennings. Read the original post: https://www.reversinglabs.com/blog/google-open-source-staffer-layoffs-put-our-software-supply-chain-security-at-risk
