9 stories
·
0 followers

Software Needs To Be More Expensive

2 Shares

The Cost of Coffee

One of the ideas that James Hoffmann — probably the most influential… influencer in the coffee industry — works hard to popularize is that “coffee needs to be more expensive”.

The coffee industry is famously exploitative. Despite relatively thin margins for independent café owners1, there are no shortage of horrific stories about labor exploitation and even slavery in the coffee supply chain.

To summarize a point that Mr. Hoffman has made over a quite long series of videos and interviews2, some of this can be fixed by regulatory efforts. Enforcement of supply chain policies both by manufacturers and governments can help spot and avoid this type of exploitation. Some of it can be fixed by discernment on the part of consumers. You can try to buy fair-trade coffee, avoid brands that you know have problematic supply-chain histories.

Ultimately, though, even if there is perfect, universal, zero-cost enforcement of supply chain integrity… consumers still have to be willing to, you know, pay more for the coffee. It costs more to pay wages than to have slaves.

The Price of Software

The problem with the coffee supply chain deserves your attention in its own right. I don’t mean to claim that the problems of open source maintainers are as severe as those of literal child slaves. But the principle is the same.

Every tech company uses huge amounts of open source software, which they get for free.

I do not want to argue that this is straightforwardly exploitation. There is a complex bargain here for the open source maintainers: if you create open source software, you can get a job more easily. If you create open source infrastructure, you can make choices about the architecture of your projects which are more long-term sustainable from a technology perspective, but would be harder to justify on a shorter-term commercial development schedule. You can collaborate with a wider group across the industry. You can build your personal brand.

But, in light of the recent xz Utils / SSH backdoor scandal, it is clear that while the bargain may not be entirely one-sided, it is not symmetrical, and significant bad consequences may result, both for the maintainers themselves and for society.

To fix this problem, open source software needs to get more expensive.

A big part of the appeal of open source is its implicit permission structure, which derives both from its zero up-front cost and its zero marginal cost.

The zero up-front cost means that you can just get it to try it out. In many companies, individual software developers do not have the authority to write a purchase order, or even a corporate credit card for small expenses.

If you are a software engineer and you need a new development tool or a new library that you want to purchase for work, it can be a maze of bureaucratic confusion in order to get that approved. It might be possible, but you are likely to get strange looks, and someone, probably your manager, is quite likely to say “isn’t there a free option for this?” At worst, it might just be impossible.

This makes sense. Dealing with purchase orders and reimbursement requests is annoying, and it only feels worth the overhead if you’re dealing with a large enough block of functionality that it is worth it for an entire team, or better yet an org, to adopt. This means that most of the purchasing is done by management types or “architects”, who are empowered to make decisions for larger groups.

When individual engineers need to solve a problem, they look at open source libraries and tools specifically because it’s quick and easy to incorporate them in a pull request, where a proprietary solution might be tedious and expensive.

That’s assuming that a proprietary solution to your problem even exists. In the infrastructure sector of the software economy, free options from your operating system provider (Apple, Microsoft, maybe Amazon if you’re in the cloud) and open source developers, small commercial options have been marginalized or outright destroyed by zero-cost options, for this reason.

If the zero up-front cost is a paperwork-reduction benefit, then the zero marginal cost is almost a requirement. One of the perennial complaints of open source maintainers is that companies take our stuff, build it into a product, and then make a zillion dollars and give us nothing. It seems fair that they’d give us some kind of royalty, right? Some tiny fraction of that windfall? But once you realize that individual developers don’t have the authority to put $50 on a corporate card to buy a tool, they super don’t have the authority to make a technical decision that encumbers the intellectual property of their entire core product to give some fraction of the company’s revenue away to a third party. Structurally, there’s no way that this will ever happen.

Despite these impediments, keeping those dependencies maintained does cost money.

Some Solutions Already Exist

There are various official channels developing to help support the maintenance of critical infrastructure. If you work at a big company, you should probably have a corporate Tidelift subscription. Maybe ask your employer about that.

But, as they will readily admit there are a LOT of projects that even Tidelift cannot cover, with no official commercial support, and no practical way to offer it in the short term. Individual maintainers, like yours truly, trying to figure out how to maintain their projects, either by making a living from them or incorporating them into our jobs somehow. People with a Ko-Fi or a Patreon, or maybe just an Amazon wish-list to let you say “thanks” for occasional maintenance work.

Most importantly, there’s no path for them to transition to actually making a living from their maintenance work. For most maintainers, Tidelift pays a sub-hobbyist amount of money, and even setting it up (and GitHub Sponsors, etc) is a huge hassle. So even making the transition from “no income” to “a little bit of side-hustle income” may be prohibitively bureaucratic.

Let’s take myself as an example. If you’re a developer who is nominally profiting from my infrastructure work in your own career, there is a very strong chance that you are also a contributor to the open source commons, and perhaps you’ve even contributed more to that commons than I have, contributed more to my own career success than I have to yours. I can ask you to pay me3, but really you shouldn’t be paying me, your employer should.

What To Do Now: Make It Easy To Just Pay Money

So if we just need to give open source maintainers more money, and it’s really the employers who ought to be giving it, then what can we do?

Let’s not make it complicated. Employers should just give maintainers money. Let’s call it the “JGMM” benefit.

Specifically, every employer of software engineers should immediately institute the following benefits program: each software engineer should have a monthly discretionary budget of $50 to distribute to whatever open source dependency developers they want, in whatever way they see fit. Venmo, Patreon, PayPal, Kickstarter, GitHub Sponsors, whatever, it doesn’t matter. Put it on a corp card, put the project name on the line item, and forget about it. It’s only for open source maintenance, but it’s a small enough amount that you don’t need intense levels of approval-gating process. You can do it on the honor system.

This preserves zero up-front cost. To start using a dependency, you still just use it4. It also preserves zero marginal cost: your developers choose which dependencies to support based on perceived need and popularity. It’s a fixed overhead which doesn’t scale with revenue or with profit, just headcount.

Because the whole point here is to match the easy, implicit, no-process, no-controls way in which dependencies can be added in most companies. It should be easier to pay these small tips than it is to use the software in the first place.

This sub-1% overhead to your staffing costs will massively de-risk the open source projects you use. By leaving the discretion up to your engineers, you will end up supporting those projects which are really struggling and which your executives won’t even hear about until they end up on the news. Some of it will go to projects that you don’t use, things that your engineers find fascinating and want to use one day but don’t yet depend upon, but that’s fine too. Consider it an extremely cheap, efficient R&D expense.

A lot of the options for developers to support open source infrastructure are already tax-deductible, so if they contribute to something like one of the PSF’s fiscal sponsorees, it’s probably even more tax-advantaged than a regular business expense.

I also strongly suspect that if you’re one of the first employers to do this, you can get a round of really positive PR out of the tech press, and attract engineers, so, the race is on. I don’t really count as the “tech press” but nevertheless drop me a line to let me know if your company ends up doing this so I can shout you out.

Acknowledgments

Thank you to my patrons who are supporting my writing on this blog. If you like what you’ve read here and you’d like to read more of it, or you’d like to support my various open-source endeavors, you can support my work as a sponsor! I am also available for consulting work if you think your organization could benefit from expertise on topics such as “How do I figure out which open source projects to give money to?”.


  1. I don’t have time to get into the margins for Starbucks and friends, their relationship with labor, economies of scale, etc. 

  2. While this is a theme that pervades much of his work, the only place I can easily find where he says it in so many words is on a podcast that sometimes also promotes right-wing weirdos and pseudo-scientific quacks spreading misinformation about autism and ADHD. So, I obviously don’t want to link to them; you’ll have to take my word for it. 

  3. and I will, since as I just recently wrote about, I need to make sure that people are at least aware of the option 

  4. Pending whatever legal approval program you have in place to vet the license. You do have a nice streamlined legal approvals process, right? You’re not just putting WTFPL software into production, are you? 

Read the whole story
pkropf
232 days ago
reply
Share this story
Delete

Police Militarization Gave Us Uvalde

2 Shares

All my adult life I’ve been around policing, including working as a civilian cop, training and leading military police battalions, and studying police culture as an academic and a researcher. I’ve spent hundreds of hours riding along with cops, interviewing police leaders, and helping educate trainees. I love the police, and I love policing. Few professions will expose you to the gamut of human experience and emotion with quite the same immediacy.

It’s because I love the profession that the police response at Robb Elementary School in Uvalde, Texas, has me so sick at heart.

There’s a lot we still don’t know, and hopefully the promised Department of Justice investigation (run by leaders from the Community Oriented Policing program, a hopeful sign) will fill in the gaps. What we do know suggests that this is among the most profound police betrayals of the public trust. For those who care about the policing profession, it should be an occasion for deep self-reflection. The adoption of aggressive, military-style tactics and weaponry put American policing on the wrong track for decades. Uvalde is the sickening dead end.

For two decades, a group of police analysts (myself included) have been warning about the corrosive effects of police militarization, which have been unfolding for more than 40 years. Through the Pentagon’s 1033 Program, the federal government has been dumping military weaponry, armored personnel carriers, even grenade launchers and drones on police departments large and small. People of a certain age should reflect: You probably don’t recall police regularly hanging out with armored personnel carriers and automatic weapons when you were a kid. But sometime after this nation embarked on the War on Drugs, these scenes became normal.

[Elizabeth Bruenig: The Uvalde police chose dishonor]

SWAT teams have proliferated in towns and cities across the country; almost every town with more than 25,000 people now has a SWAT team, as did the 15,000-person town of Uvalde. Those teams, far from responding solely to crises such as, well, school shootings, mostly serve drug warrants, employing flash grenades and no-knock entries—the methods of a wartime-Baghdad block search—to roust suspected drug dealers out of bed (or, as in the case of Breonna Taylor and many others, kill innocent people).

I focus on SWAT not because it is a substantial component of American policing, though it is large and growing, but because it plays an outsize role in the culture of policing, in its emotional makeup. A consistent theme in my research with local police has been the way SWAT sets the tone for more conventional officers. SWAT members are considered the elites of the profession; joining a SWAT team is many younger officers’ not-so-secret aspiration (some older hands’ aspiration, too). Esteem begets emulation, and the attitudes and tactics of SWAT often set the tone in the lower ranks.

And so, with the sanction of the courts, departments have reworked their tactics to define American communities as battle spaces, and citizens in them as potential enemies. We have for years told American police officers to regard every civilian encounter as potentially deadly, and that they must always be prepared to win that death match. This is not an exaggeration; there is extensive academic literature on the “danger imperative” as a cornerstone of police training. An entire industry of grifting ex-cops have made themselves rich training police departments in fear and loathing of civilians, quite literally telling officers that they must always have a plan to kill everyone they encounter.  

This has always had a touch of morbid self-indulgence about it. Policing can indeed be dangerous; Uvalde is proof. But it is not pervasively or uniformly so. Less than one-quarter of officers ever discharge their weapons a single time in their careers. Ambush killings of police have fallen by 90 percent over the past several decades. Labor statistics suggest that fatality rates for police (for all causes, not just in the line of duty) are far less than those in logging, commercial fishing, and trash collecting. This is not to say that police don’t face real dangers—they do, but the large majority of policing is routine, and the large majority of encounters with civilians are completely innocuous.

The self-indulgence itself isn’t problematic, but this “danger imperative” can have tragic consequences. I served as both a civilian police officer and a soldier in combat. It was always obvious to me that military tactics, training, and weaponry had little place in civilian policing. The goal of the military is to overwhelm enemies, regardless of whether any particular individual on the other side “deserves” to be overwhelmed. It seems clear that police should not approach fellow citizens, rights-bearers, with the same attitude. Yet a profession’s tools and tactics will not-so-subtly define its attitude and culture. When you repeatedly drill officers that everyone is out to kill them, some will shoot first and ask questions later—and not just the weaker or undertrained officers at the margin, either.

[Rosa Brooks: Stop training police like they’re joining the military]

I think back especially to the death of Atatiana Jefferson in Fort Worth, Texas, in 2019. An officer on a routine wellness call approached a house with his gun drawn and fired into a window at the first sign of movement, barely pausing. Ordinary citizens were dumbfounded: Why was this officer so aggressive, without the slightest evidence that he was in danger? But this incident made instant sense to me. That officer didn’t need evidence that he was in danger to draw his weapon. Like so many others, he had been trained to believe that he was always in danger.

The cost of aggressive policing tactics and training can be measured in bodies: Atatiana Jefferson, Breonna Taylor, George Floyd, and others, I believe, died in part because of a policing culture that sanctions unnecessarily aggressive tactics in everyday policing situations. But there are other consequences. Thoughtful police leaders will tell you that frayed police-community relations—especially with communities of color—have become an impediment to good policing, and the problem is growing. Effective policing always depends on buy-in from the community. Every unnecessarily aggressive policing encounter, every viral video of people begging for their life, causes individuals to withdraw their willingness to aid police. A critical mass of everyday citizens at odds with their police is a disaster for effectiveness and democratic legitimacy.

What does this have to do with Uvalde—an event in which more, not less, aggression was called for? It would be insufficient to chalk up the tragedy at Robb Elementary to bad individual decision making. I think it reveals a hollowness that has always lurked deep within police militarization.

Having served in both, I can tell you that police aren’t the military. The intensity of the training, the resources put into developing unit cohesion, the careful cultivation of competent junior officers, the physical demands, the singular focus on obedience—military training is not simply “tougher” (in some ways) than police training; it is different in kind. This reflects the differing purpose and goals of the two institutions. That’s good; we shouldn’t want police to treat Americans like the military treats America’s enemies, and we shouldn’t train them to do so.

But in our ill-conceived attempt to refashion police into a cadet branch of the military, we have somehow managed to get the worst of both worlds. We have trained a generation of officers that being casually brutal in everyday encounters is acceptable, but these same officers show a disturbing tendency to fall back on jargon about “battlespace management” and “encounter tempo” to explain a slow reaction in the rare circumstance that really does require a rapid, all-out response. Especially in poor communities, the result has been the strange dynamic of “over-policing and under-protection” described by the criminologist David Kennedy, in which police are hypervigilant about petty offenses but unresponsive to more serious criminal activity.

Police militarization, it turns out, is largely swagger, and short on substance. What strikes me as I study the Facebook photo of the Uvalde SWAT team, standing in their tactical gear, is the theatricality of the whole thing. Any thoughtful observer of policing over the past 20 years has come to recognize the increasing childishness of the rhetoric about police militarization generally, and SWAT specifically. The journalist Radley Balko and others have documented police units’ use of military insignia and tough-guy mottos totally unsuited to civilian agencies (examples: “Hunter of men,” “We get up early, to BEAT the crowds,” “Baby Daddy Removal Team,” and “Narcotics: You huff and you puff and we’ll blow your door down”). Police education and training standards are abysmally low. In Texas, more training hours are required to be a hairdresser than a cop. National standards for SWAT training and tactics are essentially nonexistent.

[Elizabeth Bruenig: 78 minutes]

So much of this turns out to be LARPing: half-trained, half-formed kids playing soldier in America’s streets and schools. Many of the thousands of SWAT-team members in this country don’t have the training and expertise to respond like they’re SEAL Team 6. It’s time to stop pretending that they do.

After this tragedy, some people will call for pumping more weapons, more training, and more money into the rotting edifice of police militarism. Resist that temptation. The New York Times has reported at length on the school-security drills that local Uvalde police conducted just months ago. The Uvalde SWAT team’s Facebook page shows that it was drilling in schools to learn their layout as recently as 2020. The materials reviewed by the Times suggest that local police were working with up-to-date training and tactics manuals. Everything necessary was in place for police militarism to fulfill its promise last month. Its failure stems not from a lack of training, but from a fundamental misapprehension of the purpose and goals of policing. The solution is not more militaristic training, but attention to police professionalism.

Above all, Uvalde is a clear sign that the benefits of police militarization have been profoundly oversold. Any police leader who does not recognize Uvalde as a foundational challenge to police legitimacy is a fool. The rationale for creating thousands of SWAT teams across the United States was that the good guys with guns would stop the bad guys with guns. For that promise, we have accepted a more and more militarized and aggressive police culture, with serious damage to basic constitutional liberties. What we got in return is 19 cops standing outside a classroom while children were slaughtered. We cannot continue to accept this culture.

Read the whole story
pkropf
887 days ago
reply
Share this story
Delete

Evaluating timeline layouts

1 Share

To show events over time, you can use a timeline, which is often marks on a line that runs from less recent to more recent. But you can vary the shape. Sara Di Bartolomeo and her group researched the effectiveness of different layouts:

Considering the findings of our experiment, we formulated some design recommendations for timelines using one of the data set types we took into account. Here is a list of recommendations regarding timeline readability:

  1. Use linear vertical timelines for situations which require fast data lookup.
  2. Avoid spiral timelines when the task requires fast lookup.
  3. If you use a more creative, expressive shape, such as a spiral timeline, also include a tutorial or visual cues to assist the user in learning and understanding.

Also: it “heavily depends on the context.”

Tags: ,

Read the whole story
pkropf
1654 days ago
reply
Share this story
Delete

Teletype Model 33

jwz
2 Comments


Turn the sound on! Though I was hoping that it would overstrike so much that it cut through the paper.

Actually <STRIKE> should do that. To your screen.

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Read the whole story
pkropf
2102 days ago
reply
old school, 10 characters per minute
Share this story
Delete
1 public comment
JayM
2103 days ago
reply
ha! :)
Atlanta, GA

Officially released these ultra-shiny RAINBOW METAL robocats...

1 Share


Officially released these ultra-shiny RAINBOW METAL robocats into the world. If you want to get your hands on one, check it out on etsy: https://www.etsy.com/shop/starcatsAlley 🖤


DM me for a friend discount ;)
I love the tiny gears!
Read the whole story
pkropf
2230 days ago
reply
Share this story
Delete

Pantsdrunk, the Finnish Art of Relaxation

1 Comment and 3 Shares

Kalsarikanni

You’ve likely heard of hygge, the Danish word for a special feeling of coziness that’s been productized on Instagram and elsewhere to within an inch of its charming life. The Finns have a slightly different take on the good life called kalsarikännit, which roughly translates to “pantsdrunk” in English. A promotional site from the Finnish government defines it as “the feeling when you are going to get drunk home alone in your underwear — with no intention of going out”. They made the emoji above to illustrate pantsdrunkenness.1

Finnish journalist Miska Rantanen has written a book on kalsarikännit called Päntsdrunk (Kalsarikänni): The Finnish Path to Relaxation.

When it comes to happiness rankings, Finland always scores near the top. Many Finnish phenomena set the bar high: the best education system, gender equality, a flourishing welfare state, sisu or bull-headed pluck. Behind all of these accomplishments lies a Finnish ability to stay calm, healthy and content in a riptide of endless tasks and temptations. The ability comes from the practice of “kalsarikanni” translated as pantsdrunk.

Peel off your clothes down to your underwear. Place savory or sweet snacks within reach alongside your bed or sofa. Make sure your television remote control is nearby along with any and all devices to access social media. Open your preferred alcohol. Your journey toward inner strength, higher quality of life, and peace of mind has begun.

Kalsarikännit isn’t as photogenic as hygge but there is some evidence of it on Instagram. As Rantanen explains, this lack of performance is part of the point:

“Pantsdrunk” doesn’t demand that you deny yourself the little things that make you happy or that you spend a fortune on Instagrammable Scandi furniture and load your house with more altar candles than a Catholic church. Affordability is its hallmark, offering a realistic remedy to everyday stress. Which is why this lifestyle choice is the antithesis of posing and pretence: one does not post atmospheric images on Instagram whilst pantsdrunk. Pantsdrunk is real. It’s about letting go and being yourself, no affectation and no performance.

I have been off alcohol lately, but kalsarikännit is usually one of my favorite forms of relaxation, particularly after a hard week.

  1. That’s right, the Finnish government made emoji of people getting pantsdrunk. Americans are suuuuuper uptight.

Tags: alcohol   books   emoji   Finland   food   language   Miska Rantanen
Read the whole story
pkropf
2233 days ago
reply
Share this story
Delete
1 public comment
jhamill
2232 days ago
reply
The footnote is the best part.
California
Next Page of Stories