I find this response (and the class of responses like it) really frustrating, because it uses a (likely feigned) misunderstanding of the scope of the question to attempt to sidestep the real question. My question for the CTO would be, roughly:
You've now answered "Do your lawyers think you can get away with this?". But the questions you're not answering directly, which I think underlie the 'concerns' you're appreciating our sharing, are things like...
- Does the Bitwarden team see no ethical problems with making proprietary a project which many supported and contributed to explicitly because it was open source?
- Given that password management is explicitly a high-trust enterprise, how does your organization intend to navigate the rupture of trust, and subsequent forks and waves of departure, caused by an open-to-proprietary rugpull?
- Is there something that the community could do together which would help your company navigate through the dire situation you must be in to be considering something like this, without resorting to proprietarization?
I know it's his job as CTO right now to be feigning concern, particularly in forums where you can't close the conversation, but the current approach is basically confirming the worst fears ("They believe they can legally do it, and see no problem with their actions"), and that seems like exactly the wrong vibe for a company whose bottom line depends on users trusting the code and the people updating it.
This is wildly impressive. Thank you for doing and sharing this, and the 1337 on either end is just icing on the cake. It's also a beautiful example of just how broken MD5 is. I wish I'd had this to show my students 3 weeks ago when teaching about collision attacks.
I’m disappointed to hear that, just because it’d be very useful for this to be a thing. But I love the science behind it, and this is the way it should be.
Teaching about language in a university setting, we often talk about various forms of evidence for language-like communication among animals.
As I tell students, I would bet that within our lifetimes, as research continues and our instrumentation becomes better at detecting non-human communication means, we'll finally be able to detect and decode 'language' in a non-human animal which is sophisticated and rich enough as to be impossible to handwave away.
But what I keep to myself is that this kind of discovery, and the cross-species conversations it would prompt, has the potential to change the course of the dialogue on animal rights and what it means to be 'human'. But I suspect it will wind up being largely buried outside of certain academic and spiritual communities, mostly because I don't think parts of our society could handle learning the bovine words for 'slaughterhouse' or 'mourning'.
So, a different-but-related question: Putting aside the desired addictive nature, are there any gamers out there who actually prefer microtransaction-driven loot box mechanics to more conventional item drops?
Or is this just a UX element that most people dislike or don't care about, but some people get badly addicted to?
There's so much argument about gambling, etc, but I'm yet to hear a compelling argument for why these should be allowed to exist, from a game design perspective, short of "we can make a lot of money from gamblers".
This just underscores one of the main things I desire from social media these days: Ephemerality. I wish that social media services, Snapchat aside, started treating content as transient. Services like TweetDelete help, but I can't think of anything I'd say on a Microblogging service that I want to exist in 9 years.
Yes, yes, "everything on the internet is permanent". But every one of my social media streams could benefit from a "Automatically delete after one month" setting.
We grow, we learn. Why not let our social media represent who we are, not who we were?
You've now answered "Do your lawyers think you can get away with this?". But the questions you're not answering directly, which I think underlie the 'concerns' you're appreciating our sharing, are things like...
- Does the Bitwarden team see no ethical problems with making proprietary a project which many supported and contributed to explicitly because it was open source?
- Given that password management is explicitly a high-trust enterprise, how does your organization intend to navigate the rupture of trust, and subsequent forks and waves of departure, caused by an open-to-proprietary rugpull?
- Is there something that the community could do together which would help your company navigate through the dire situation you must be in to be considering something like this, without resorting to proprietarization?
I know it's his job as CTO right now to be feigning concern, particularly in forums where you can't close the conversation, but the current approach is basically confirming the worst fears ("They believe they can legally do it, and see no problem with their actions"), and that seems like exactly the wrong vibe for a company whose bottom line depends on users trusting the code and the people updating it.