The thing with VC-founded projects is that there's some kind of rug-pull, ads, privacy violation or "feature enhancing" subscription likely coming and as users we should know.
I don't really like services that stress how idealistic they are when this is the upcoming reality.
Better charge money for services or if you're truly idealistic start it as a non-profit. At the very least communicate what's the monetization plan.
The big question is (and I don't know the answer, so not rhetorical) whether the protocol being open can be sufficient to prevent the rug-pull from being too bad...
If their technology choices are holding them back it just means the product becomes more turbulent as they desperately thrash for a way to make more money.
A protocol isn't a good enough reason for investors not getting their payday. They'll just force aggressive and reckless changes to see a return.
The only way this kind of thing works is if profit isn't in the equation, or the easiest path to profit lines up with what's best for the customers.
This is why I'm skeptical about bluesky in general. Despite the protocol, it's incredibly centralised. If they wanted to make money it won't be long before they start putting up the walls around their garden. The same thing applied here as well, if investors demand a return the open protocol usage will shrink or become less open.
When did Bluesky rug-pull? Seemingly they seems hellbent on making it harder for themselves to rug-pull, at least judging by the developments of the protocols and ecosystem so far.
Tangled is built entirely in the open: https://tangled.org/tangled.org/core, and our primary goal is to be "permanent software"—i.e. be fully reproducible and entirely self-hostable at minimal cost.
VC money is a means to an end. We're both Indian founders in Europe, and grants are nigh on impossible to find (4–12+ months for anything to materialize). VC is quite simply the quickest way for us to build a team, setup infra and accelerate development. We're also incredibly aligned with our investors on our goals (we took 6+ months to find the perfect partner for this).
Hey! Love the idea. I think a lot of skepticism here would be addressed if you discussed your plans to monetize. People just want to know how you will (eventually) make money in a way that is aligned with how they expect this to evolve.
In the latest FOSS project I’m starting, I’m not avoiding all “open core” supposedly FOSS projects. In my experience, they’re the projects most likely to do a rug pull and change licenses. If they cannot commit to their entire project being free and open, they are less likely to actually be committed to the principles of free and open software.
While I was quite excited about some of the ideas being discussed in this project, it being VC backed is a complete non starter for me. Your claims of being built in the open don’t make me feel any better, you will eventually need to make returns for investors.
How can they ever see a dollar of profit without a rug pull, license change or hosted moat? This is a neat idea - besides just replacing github, a network of loosely-federated git servers seems like a promising base for distributed social media or chat platform someday - but it seems like the only way it can really stay open is if you're planning to stiff your investors.
How much work are you putting into simplicity? In my experience, in order for software to be permanent it needs to be like mold: only a single spore is required to grow a massive fruiting body and the spores themselves are very small and very uncomplicated. In this case, a spore is a single developer, and the simplicity is a low skill ceiling. Reproducibility does not benefit longetivity if the preconditions themselves themselves are highly complicated, and the benefit of simple bootstrapping is easily overshadowed if the software itself isn't friendly to being extensively hacked on by the average programmer.
there's something about new VC fundedbro narcissism that's so fascinating
> GitHub? Where do we even begin…
The problem with GitHub is neither its UX nor its functions. Its downfall is VC funding but you made sure to only copy that and none of the good things.
> GitLab? Way too enterprise-y, and definitely not easy to self-host.
The only reason you don't offer an enterprise version yet is because atproto sucks and there's no way to make it private. Do you honestly think VCs are paying you to play with your strings and sheep? Your users won't pay for anything because there are already free alternatives that don't force them to join yet another cult. "Why should I join tangled? uhmmm it's like a worse version of everything but it has atproto! you like atproto don't you, 14 year old well established project will millions of users?"
> Sourcehut? So opinionated it alienates about 98% of potential contributors. Pretty great if you really love email, I guess.
Do you hear youself? In what world is tangled not extremely opinionated that alienates everyone but hardcore atproto followers? "pretty great if you really love atproto i guess".
> Forgejo/Gitea? Nice, sure. You can self-host—but without a shared identity, I still need to create an account on your instance just to send a PR.
It also works and is widely used and battle tested. Has a familiar UI and CI. Oh and apparently this newfound concept called private repos.
> Radicle? Honestly, it’s amazing. Purely technically, Radicle is far ahead of anything else, Tangled included. But the world—at present—just isn’t ready for full-on P2P.
The world is ready for appview + pds + did + ... yeah okay. Only hardcore atproto fans wants this bs.
I don't say you specifically have bad intentions or that VC money is all evil.
But now you need to grow fast, which greatly increases the risk for me as your potential user, so you should at the very least write a post to make sure you're aligned with your users not just with your angels.
How are you going to use the money? What's the business model? How do you ensure you're around in 10+ years? How are you going to please your overlords with that business model and what will you do if they force you to squeeze more money out of the business?
I hope you succeed, because the competition is good for users, but VC-founding is a liability not a strength.
VC money is absolutely not a means to an end, what is signals is that the company doesn't care about community and only cares about profit.
I'm with the OP you're replying to. Taking VC is an albatross that means a large portion of devs will never trust you or use your services (outside of bleeding your funds dry).
If this place truly cared about community they should have made a non-profit or some type of NGO, basically anything with a true community governance model. Not the current model of caring about money over a community.
We currently live in a society that solely cares about money and seriously doubt devs want to continue uplifting the current system that only benefits the rich at the expense of everyone else.
How many board seats does the company plan on giving to the community to ensure enshittification doesn't occur?
This kind of absolutism is crazy. People who are doing 90% of what we want them to do should be greatly celebrated and rewarded. Else we penalize idealistic people who are not perfect instead of penalizing the people who are actually doing the opposite of what we care about (ex. Autodesk).
Do you want software to become as closed source as mechanical engineering? No! So let's celebrate people building software that's open source, even if it's VC funded! They are awesome for doing that!
The problem with VC-founded projects is that there's some kind of rug-pull, ads, privacy violation (e.g. using repos to train AI) or "feature enhancing" subscription likely coming.
As a user who would need to invest time and effort in using Tangled, I think it's fair to ask to have the plan explained. I'd rather see explicit price for services than see enshittification happen.
Just like engineering, monetizing is an iterative process. As long as they don't make it hard to move off their platform, IMO it's completely fine for them to try different monetization models.
We should celebrate people building open source stuff and in the public. The alternative is for the software tooling ecosystem to look like EE or mechanical engineering tools - all closed source, proprietary, and with super expensive licensing.
It's easy to take open source for granted - 'information wants to be free', but we are at risk of the open source movement dying with proprietary AI completely changing everything about software.
If we penalize people who are working toward the right goal, we contribute to that decline.
You're badly missing reality here. There's no "community governance" as there would be in a local farm shop or something. It's a bunch of online people with interests. They aren't going to visit you if you're sick or coach your kid's team or attend your funeral.
The two reasons actual communities work in actual locations are: 1) because to some extent the people all live in a place and want the place to be nice for them and their (grand)children, so they are invested personally and 2) companies aren't set up to help communities. Communities are the ones doing community things. It's crazy to demand other people do work in a certain way when you're doing nothing.
> the company doesn't care about community and only cares about profit.
There are plenty of examples of VC funded companies that care about community & don't "only care about profit". Bluesky is a good one (literally a community / social platform). That's such a black & white take it baffles me.
> Taking VC is an albatross that means a large portion of devs will never trust you or use your services
A "large portion of devs" (the majority) use so many VC funded services? Probably _most_ services devs use are VC funded. GitHub itself - was VC funded.
You can have an anti-VC opinion but you have to also live in reality.
It's not about VCs being scum but about investors needing a relatively fast return on investment which is understandable but also often times incompatible with investment in large scale, open source infrastructure.
Would you be open to sharing a version of your pitch deck? The main question in my mind is what kind of exit the VCs have in mind when they give you this money.
Those of us who use it. Tangled is a neat project and architecturally it makes a lot of interesting choices but code-wise it's relatively simple and from my personal forays in it I'd say pretty easy to maintain.
The majority of the codebase is loosely related go modules. Then some static HTML+CSS. And finally a small sprinkle of typescript to tie things together. And of course a bit of Nix for orchestration.
IIRC it all runs on a pretty trivial amount of hardware that a single person could currently host by themself.
Users' knots, spindles, and PDS (plus atproto at large) do the real heavy lifting infra-wise.
Exactly. I'm personally slowly working on my own parallel "appview" of tangled that is accessible exclusively via SMTP, IMAP, JMAP, and eventually integration with a Lore + Patchwork frontend.
I don't think that will work. How many of us did contribute a simple patch to LibreOffice, Firefox, or GNOME?
At least this statement doesn't hold for LibreOffice. Their Online version, including "simple" HTML/CSS components, was archived because of a lack of maintainers. For their main project, the vast majority of contributions in the last release were made by former ecosystem partners (Collabora) or TDF staff. Volunteers only did a fraction of the work [1].
I believe YC is a organization run by bad people. Like, people who actually want to do harm to you. You can peek at Garry Tan's X to get a taste of the type of things I'm talking to.
> Why does it need VCs? Why not company and corporate sponsorship like Ladybird?
You talk about corporate sponsorship like that's trivial to find. Trust me when I say we spent over half a year chasing down grants/sponsorships only to be met with closed doors, extremely long wait times for pennies. We'd also be required to keep our day jobs—which means less focus on Tangled dev, and ultimately very slow progress overall.
We debated VC heavily (we're both idealists after all), but figured we can make it work—it's ultimately the founders that make bad calls leading to enshittification. There's plenty of examples of VC-backed companies that haven't enshittified. Tailscale is an excellent one, and hence we brought on Avery as an angel in our round.
Sure Tailscale is an excellent one. For now at least. It is also not open source and also has a paid product.
Perhaps maybe in a few years time, Tangled Enterprise would be available to compete with GitHub Enterprise and that is where the switch over happens for companies who want to move over from GitHub to Tangled.
I don’t know because somehow Tangled would need to make money somehow?
I hope Tangled becomes profitable enough to withstand enshittification, because more and more funding rounds and not meeting targets means giving up control and facing a repeat of what happened at Bluesky.
Campaigns like this need more info. This page doesn't answer any basic questions.
How much money do you currently get? How much money do you need and how will you use it? Does it even go directly to Thunderbird development or will be used up by Mozilla for other projects?
Still, my point stands that communication around it should be super clear and available on all pages where they collect money. It shouldn't require me to search for it.
Yeah, there's basically nothing explaining why the need more funding, and what they will do with it. Hosting? Salaries? Admin? You'd hope for a bit more context than this.
> How will my gift be used?
> Thunderbird is the leading open source email and productivity app that is free for business and personal use. Your gift helps ensure it stays that way, and supports ongoing development.
Mostly to "technical staff" who work on product and infrastructure. I just don't think the point of the donate page was to be an information warehouse but instead just a dead simple donate page. The other info is googleable if you're looking for it.
For the avoidance of doubt, you won't donate to Thunderbird because you disagree with the following policy?
> We do not discriminate on the basis of race [...], religion [...], gender, gender identity, gender expression, color, national origin, pregnancy, ancestry, domestic partner status, disability, sexual orientation, age, genetic predisposition, medical condition, marital status, citizenship status, military or veteran status, or any other basis covered by applicable laws. Mozilla will not tolerate discrimination or harassment based on any of these characteristics or any other unlawful behavior, conduct, or purpose.
Yes, that is correct. Discrimination is already illegal in hiring. Spelling it out so absurdly verbosely is just virtue signalling. If you're a remote developer, nobody cares about your colour or sex. Except at Mozilla, where people have their pronouns in Bugzilla.
To be clear, I fully support the right to be and feel and think whatever you want, but don't expect me to care about it, and this endless signposting of identity is tiresome.
You say you don't care about these identities, yet you’re willing to let a tool you (presumably) value lose funding over a text block you find 'verbose.' It seems you care enough about the signposting to let it outweigh the software's actual utility.
By that reasoning, nobody would engage in discriminatory hiring practices (or indeed discriminatory behaviour in general), because it's against the law. That is clearly not the case.
As such, I really don't see why you have a problem with Mozilla making their position on this matter crystal clear. Do you really consider reading a few extra words that much of a hardship?
You won't donate because they will try not to discriminate when hiring? It's illegal to discriminate on things like race, sex and gender when hiring, so pretty much every company avoids it.
Just click away is statement from Mozilla with all the usual buzzwords. I am not convinced thunderbird is separate entity. It clearly shares HR and hiring with Mozilla!
I would be happy to directly sponsor independent developers from poor countries (including Africa). But I am not going to pay $180k+ salaries to some corporation!
They are not entirely separate from Mozilla. The MZLA Technologies Corporation is a for-profit subsidiary of the Mozilla Foundation. They have access to some of Mozilla's common infrastructure, but are otherwise entirely funded by donations. Donations to MZLA only fund Thunderbird and no other products.
Seems fine if you can donate to Thunderbird development. Compared to Firefox, where I don't think it's possible to donate to development at all (only to Mozilla activism side).
And both are owned and controlled by Mozilla Foundation, which is the issue. Why on earth would I donate money to an organization that seems dedicated to doing as little as possible other than acting as a tool to be used for the personal benefit of its leaders?
> I’m likely further hamstrung by the fact my content is high-brow & long-form, which comes at a disadvantage in the contemporary media landscape.
I think it comes at an advantage for building a loyal fan base in audio drama podcasts though. The kind of fan base that may want to support you financially.
> Genuine question: what's harming your experience in current podcasting apps?
Oh, where do I begin beyond just saying they are trash. I've used all the big names and each one seems like it was created with a the same basic idea in mind: show the latest episodes of a podcast, and have some form of pagination. Which is fine if that's all your podcast does and isn't meant to be listened to from the beginning.
But the moment your pod cast might have different shows or parts or otherwise intend to start at the beginning, it's suddenly hit or miss. Basically, it makes an assumption about how podcasts should work and ignores the reality of popular podcasts out there.
Not to mention some are just obtuse to use. I forget which one but I was trying to add a feed to a popular one and there was NO where to add my own feed. Spent five minutes looking and there was no way to add a URL feed. Like, that's core 101 functionality.
Like I said, I tried the popular ones and they all were annoying to use. I realize this comment doesn't help much, mostly because it was earlier this year that I tried them out and became frustrated so it's mostly me thinking through how much they sucked and not much on the specifics.
I think the best way I can think of it is they all did the bare minimum and stopped.
I use Apple's Podcast app because it's free, it syncs, and it while it sucks, I don't want to pay for something that isn't better than free.
I'm a Pocket Casts user, and see that it was one you tried.
Pocket Casts lets you select the episode order (as well as do things like group by season). I think it's pretty common to be able to add RSS feeds by putting them in the directory search field, and PC does this as well.
I've had absolutely zero problems using Pocket Casts to add custom Patreon feeds, and to listen to episodes in the other they came out.
Thanks for sharing! I've found your perspective interesting. I mostly listen to audio dramas, which are linear so I indeed didn't think about non-linear listening.
I agree that adding by URL is a must. I find other features like ability to download an episode or "Mark as played" as super useful too.
I've experienced a company not only treating its employees as numbers in a sheet, but also actively lying to them.
I was part of a well performing team in a corporation in the US. Management told us that we've been making a real impact in the company's goals and they are going to increase our capacity to accomplish even more the next year by adding several more engineers in India to help us with tasks. The facade was well maintained - we got expanded goals for the next year, celebratory meeting for exceeding expectations etc. but you could clearly tell something was off in meetings with management. Little did we know that we ended up training our replacements.
Majority of my teammates got kicked out of the company by security, getting paperwork on their way out without a chance to even say goodbye. I was offered a role in another team, but the trust by that point was severed so much that I instead decided to take severance and leave as well.
The lesson for me has been to always act like an independent contractor or business owner, even when employed by a corporation or "family-like" startup. Based on mine and many of my friends' experiences there's no such thing as loyalty in the business setting anymore. You are on your own and you should only engage as much as it makes sense to you. Extra hours beyond what's required (e.g. beyond 40hrs) should directly and clearly benefit you.
> adding several more engineers in India to help us with tasks
Haha this is what my current company is trying to do now. Bet we are dragging our feet helping the team in India. If they chop our heads off now, you bet they’re gonna be left with ruins. Fuck them.
Come to think of it, this is what our management seems to be trying to do now. If true, that is mildly amusing given that we just managed to avoid major pain resulting from all those helping hands.
I saw IBM uproot an entire support team, persuading them to sell their homes and relocate their children to another U.S. state with more lenient layoff laws. Once the team had moved, the company made everyone redundant.
The proportion of psychopaths on the boards of most companies is off the scale:
"...Hare reports that about 1 percent of the general population meets the clinical criteria for psychopathy.[11] Hare further claims that the prevalence of psychopaths is higher in the business world than in the general population. Figures of around 3–4 percent have been cited for more senior positions in business.[6] A 2011 study of Australian white-collar managers found that 5.76 percent could be classed as psychopathic and another 10.42 percent dysfunctional with psychopathic characteristics..." - https://en.wikipedia.org/wiki/Psychopathy_in_the_workplace
Not a clinical psychologists, so something about grains of salt.
I use term 'highly functioning sociopaths', you can see them often in management since they are attracted to pay, power and percieved 'prestige'. You know the types - smart, hard working, ruthless, learned to fake genuine nice emotions and human interactions to almost perfection over years at least under normal, controlled, and previously experienced settings. Once some novel bad situation happens, cracks start to show.
Banks and anything re finance is probably the highest concentration. Another areas are those with real power, whatever that means. Its trait like every other, not binary but gradual. In my experience its more 1/3 of these in middle management, C suite most probably majority. Can't be a nice guy and get, survive and even thrive there.
In my recent layoff, basically what happened is that another company won the contract as the prime and we became the sub The new company brought it a bunch of their hires, then management combined our teams and suddenly everything became redundant. Two dev leads (me being one of them), two tech leads, two product owners, too many testers, etc. After this, they laid off about half the team, most of them being from the subcontractor. It was sneaky and unethical. In the end they were all like “Woops we hired too many people. So sorry!”.
The kicker is that they used me in the RFP to win the contract since I was a specialized SME.
Only one was obvious in the hindsight: management stopped caring and sometimes attending product demos, but really cared about India's part in the deliveries (justified as we want them to level up quickly).
Everything was subtle:
Managers distanced themselves from the team, had more meetings between themselves ("for efficiency - team grew so we cannot include so many people in the meetings anymore"), they were looking at each other often when making decisions (which to me looked as if they were trying to think how to handle requests knowing the team will be laid off soon).
In the final weeks management started suddenly taking/reassigning tasks out of US team's hands in ways that didn't make sense.
CalyxOS is the alternative to Graphene mentioned above. CalyxOS has a bit different goals - it cares about privacy more than security and complete removes Google services instead of sandboxing them (they get replaced with MicroG which is a shim of Google services so that majority of apps continue to work). I successfully used it for a few years on my Pixel 4a. Most apps just worked including banking, but some didn't. Notably dating apps didn't work well and Uber's map didn't look right.
Graphene completely removes Google services in the default install. There is an option to install a sandboxed version of the Google play store, with enhanced privacy and security, but you don't need to install this or any other Google services if you don't want to, and I have opted to keep my Graphene installation Google-free.
There is a disagreement between the Graphene and CalyxOS community about which is more secure/private: Graphene's sandboxed Google play store, or CalyxOS's MicroG. I've read posts advocating for both sides, but I don't have the expertise to have an opinion, and I decided that I don't want either software on my phone, since I don't want to run google code or play store apps.
Although I'm not expert enough to validate the following claims, here's what I've read.
Graphene people claim that MicroG needs elevated privileges to run, privileges that Graphene doesn't grant to any app. MicroG also loads and runs Google code (in a context where that Google code would presumably have access to those elevated privileges). Graphene's version of the play store emulates some APIs without using Google code (for privacy), and sandboxes the Google code that it does run, running it with reduced privileges. This is a security first posture, keeping in mind that if you don't have security then you can lose privacy via exploits of your security holes.
CalyxOS's MicroG emulates a larger fraction of the google play APIs, making it less reliant on google code to operate, and this is the source of the claim that MicroG offers more privacy.
It's really not feasible to run most apps without Google Play APIs/MicroG. The most problematic issue is the notification API.
MicroG runs with elevated permissions to avoid being killed, and so that it can continue listening to socket events. Once an event arrives, it decodes it into a notification, packages into an RPC request, and awakes/runs the target application activity. Then it, crucially, uses the elevated privileges to override the default policy to also allow the target application to run without interruptions for 20 seconds (to process the notification).
I get my apps from F-Droid, which guarantees that the apps are open source, free of most "unwanted features" (ie, not malware), and don't depend on google play APIs. Apps written to the F-Droid standard don't use Google Play APIs for notifications. I acknowledge that most people want to run closed source apps from the google play store, but I consider those apps untrustworthy, and what I do won't work for most people.
The specific privilege that MicroG wants and that GrapheneOS doesn't allow is the ability to spoof the signatures of other apps. GrapheneOS runs the Google Play APIs in a sandbox, and this sandbox allows push notifications to work, so that's not the problem with MicroG from a GrapheneOS perspective.
I just really wish they would just allow microG, sandboxed in the same way as Google services (like DivestOS does), behind as many security warnings as they see fit.
The DivestOS project put stronger emphasis on device longevity and on libre ("free as in speech"), so their microG implementation was just a better fit for their case.
I can explain. The first link actually contains multiple comments -- the complete discussion is linked.
For a specific example within it, it does explicitly state "17.1 and higher have an unprivileged microG feature now: https://divestos.org/pages/faq#appCompatibility" in 2023. The comment was by the DivestOS project author.
The second link, also from 2023, starts with "Latest release of my DivestOS can now run microG in an unprivileged manner:" -- also by the DivestOS author.
I think that covers it for your reading of the links, no?
Anyway, the DivestOS project did have an implementation of microG, and it was sandboxed. As for my comment about projects goals, I also selected those two links because both include such commentary about DivestOS' implementation in relation to project goals and to the GrapheneOS implementation.
Thanks for clearing that up. I should've read your post more closely. To be honest I never checked the second link because I follow the Android privacy/security scene pretty closely and I was already pretty confident that if DivestOS added support for that I'd have already heard about it. My bad!
The way I see it, is that being able to demonstrate specialist-level skills in something is a good signal no matter the problem you need to solve. It means you can learn. As a specialist you have already shown ability to master a skill, so if a project needs another skill, you will be able to pick it up.
And quite often that's how you solve client problems as a contractor. You figure out what the actual problem is (in business terms), the cost/benefits of various solutions and then learn whatever you need to solve the problem. Only then you get to write code.
The funny thing is that you may be a ninja Rust developer, but sometimes all the client needs is a cron job to move data from a spreadsheet to a server. Or even worse, you may need to modify VBA scripts in an ancient Excel file!
I don't really like services that stress how idealistic they are when this is the upcoming reality.
Better charge money for services or if you're truly idealistic start it as a non-profit. At the very least communicate what's the monetization plan.
reply