FOXTROT/ALFA: Bruce Perens Quits the OSI, Python 2 is Dead, Apple Share Eclipses $300

Welcome to issue 55 of FOXTROT/ALFA, the first of the new decade. It is Saturday, 4 January 2020 and I’m breaking my weekday rule once again. I originally wanted to bring you the first newsletter of 2020 on Thursday or Friday, but I was pretty busy right off the bat this year, including with the reaveal stream of a brand new Magic the Gathering card yesterday .

Because of this, you now get a special week-wrap-up edition of the newsletter on a Saturday. Normal service will resume next Monday, I promise.

Apple Share Eclipses $300

On Thursday, Apple’s share rose above $300 for the first time since its last stock split in 2014.

Shares of the iPhone maker rose 2.3% to close at a record $300.35, topping the $300 mark for the first time on a split-adjusted basis. Thursday’s gain was in stark contrast to the dismal start Apple had in 2019 when it cut its sales forecast for the first time in almost two decades exactly a year ago. Despite the setback, Apple went on to outperform all other megacap technology stocks in 2019 with a gain of 86%, its best year in a decade.

Apple went public in December 1980 at $22 per share.

The stock has split four times since the IPO so on a split-adjusted basis the IPO share price was $.39.

Patches for Critical Cisco Vulnerabilities

New decade, same old problems: Cisco has released security updates for their Data Center Network Manager.

The updates address a total of 12 CVE-listed patches and range in severity from moderate to critical, though should all be patched regardless of rating. Nearly all were found within the REST and SOAP APIs.

More details on these can be found on Cisco’s security advisory page.

Fake Amazon Order Confirmations Spreading in Germany

German police is warning consumers that phishers are currently trying to trick them into giving up their Amazon login credentials with fake order confirmation emails. The emails include hints that the user’s Amazon account was used by someone else’s device and a link to a fake Amazon login page.

Amazon users who are unsure if their account was compromised in this or another way should never click on such links in emails. If you want to be sure, just visit Amazon by typing in the URL manually in your browser, login in on the real site and then visiting the “message center” in your account settings. All legitimate messages from Amazon should be listed there.

Bruce Perens Quits the OSI Again

Bruce Perens, creator of the Open Source Definition and Open Source Initiative (OSI) co-founder has quit the OSI amid allegations of a corrupted license acceptance process. The Register reports:

Last year, lawyer Van Lindberg drafted a software license called the Cryptographic Autonomy License (CAL) on behalf of distributed development platform Holo – and submitted it to the Open Source Initiative (OSI) for approval as an Open Source Definition-compliant (OSD) license. The debate over whether or not to approve the license, now in its fourth draft, has proven contentious enough to prompt OSI co-founder Bruce Perens to resign from the organization, for a second time, based on concern that OSI members have already made up their minds.

“Well, it seems to me that the organization is rather enthusiastically headed toward accepting a license that isn’t freedom respecting,” Perens wrote in a missive to the OSI’s license review mailing list on Thursday. “Fine, do it without me, please.” Another open-source-community leader familiar with the debate – who spoke with The Register on condition of anonymity – claimed Lindberg lobbied OSI directors privately to green-light the license, contrary to an approval process that’s supposed to be carried out in public. “I don’t think that’s an appropriate characterization,” said Lindberg, of law firm Dykema, in a phone interview with The Register. In an interview with The Register, Pamela Chestek, chair of the OSI’s license review committee, said she was not aware of whether Lindberg had approached other OSI board members to lobby for the CAL.

Perens, in a phone interview with The Register, explained that the OSI has existed for 21 years and has been approving software licenses during that time. There are more than 100 such licenses, he said, and having that many is harmful to the community because when you combine software with multiple licenses, that creates a legal burden. “One of the goals for open source was you could use it without having to hire a lawyer. You could put [open source software] on your computer and run it and if you don’t redistribute or modify it, you don’t really have to read the license.” Perens contends the CAL breaks that model. “The reason it does is if you are operating software under the CAL and you have users, you have the responsibility to convey the user’s data back to them under certain conditions,” he explained. “We’ve gone the wrong way with licensing,” he said, citing the proliferation of software licenses. He believes just three are necessary, AGPLv3, the LGPLv3, and Apache v2.

I’ll keep an eye on this srory for you and will update you in future newsletters if there are any new developments. It seems to early to tell if this is the start of a new identity crisis for the OSI or even the beginning of some kind of organisational fork.

Stack Overflow Appeases Ex-Moderator after Lawsuit Threat

Stack Overflow appears to try to make good with a volunteer moderator who was fired from her position for objecting to a new code of conduct requiring users of the site to use certain pronouns for other users. Stack Overflow has now backpaddled hard:

On December 23, 2019, the biz, which operates a collection of more than 140 community-driven Q&A websites that form the Stack Exchange network, announced that it had made peace with Monica Cellio, a volunteer moderator who lost her moderator status and associated site privileges after questioning the company’s Code of Conduct.

This might have something to do with the fact that she was going to sue them.

Aggrieved at being named by the company and accused of wrongdoing without justification, Cellio subsequently threatened to sue the organization for defamation and established a page to pay for litigation. She managed to raise more than $25,000. In November, Cellio said she intends to share details of how she has used her GoFundMe-raised funds eventually. She also disclosed she had spent $7,500 at that point to retain an attorney. She has proposed donating fundraising proceeds in excess of her legal costs to The Trevor Project, which provides services for LGBTQ youth.

It’s not quite clear what happened next.

The Register asked Cellio whether she wished to comment further but she declined, citing the terms of her agreement with Stack Overflow. We also asked Stack Overflow whether Cellio had actually brought a lawsuit against the company, given that no such complaint is evident in the US court system’s PACER database of filings. A Stack Overflow spokesperson declined to answer. “We came to an agreement, and we can not provide any further details on the matter beyond what is in our statement,” the spinner said.

I doubt she’s going back to voluntarily moderate user-submitted content for the company.

Python 2 Development has Stopped

You really should stop using Python 2. Even though Python 2.7.18 isn’t released yet, the code has been frozen and development has stopped.

But the Python 2.7.18 code base has officially been frozen. Between now and PyCon 2020 (April 15-23), code fixes developed in 2019 will be integrated through the beta and Release Candidate process and new pull requests are blocked.

This marks the end of 20 years of Python 2 development. It’s been a long road to transition to Python 3.

When Python 3 was released in late 2008, it was not backward-compatible with Python 2. The plan since then has been to sunset v2 once enough developers made the transition to v3, also initially known among its developers as Python 3000 and Py3k. At first, Pythonistas thought the version migration could be managed by 2015. But by the time 2014 rolled around, vendors weren’t ready and there were still unresolved Unicode handling issues in the Python standard library and in various third-party libraries. So those maintaining the language decided to wait until 2020 before lowering the lifeboats and abandoning Python 2.

If you write new Python code, it should really be Python 3 code.

Those catering to corporate clients intend to continue support Python 2.7 for a while. In October, Red Hat said it will stop supporting Python 2.7 in RHEL 8 come June 2024. But those developing Python code should be focusing on Python 3.

WhatsApp Disables Chat Backups for German Users

In Germany, WhatsApp has disabled the function to export chat histories . In other countries, this kind of data can be exported from the client as a ZIP archive. Heise is speculating that a pending lawsuit could be a reason for the change in Germany, but isn’t providing any further details except pointing out that there is no announcement from WhatsApp or Facebook regarding this – only an inconspicuous hint in their FAQ that this function isn’t supported in Germany.

Also Noteworthy

Additional stories that also might be worth a read:

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.