2022-02-16 00:53:01 -05:00
|
|
|
---
|
|
|
|
title: Contributor Code of Conduct
|
2022-05-06 22:49:33 -04:00
|
|
|
...
|
2022-02-16 00:53:01 -05:00
|
|
|
|
|
|
|
# Peace on Earth to all men of good will
|
|
|
|
|
|
|
|
May you do good and not evil. May you find forgiveness for yourself and
|
|
|
|
forgive others. May you share freely, never taking more than you give.
|
|
|
|
|
|
|
|
# Operational Security
|
|
|
|
|
|
|
|
A huge problem with software that relates to privacy and/or to money is
|
|
|
|
that frequently strange and overcomplicated design decisions are made,
|
|
|
|
(passive tense because it is strangely difficult to find who made those
|
|
|
|
decisions), decisions whose only apparent utility is to provide paths for
|
|
|
|
hostile organizations to exploit subtle, complex, and unobvious security holes.
|
|
|
|
|
2023-02-19 02:15:25 -05:00
|
|
|
McAffee reported that this is a result of plants - the state plants engineers
|
|
|
|
in nominally private organizations to create backdoors. Shortly after he
|
|
|
|
reported this he was arrested and murdered by the US government. (To be
|
|
|
|
precise he was arrested at the instigation of the US government, and then
|
|
|
|
"mysteriously" murdered while in prison. Prison murders remain
|
|
|
|
"mysterious" only if carried out by the state.)
|
|
|
|
|
2022-02-16 00:53:01 -05:00
|
|
|
These holes are often designed so that they can only be utilized efficiently
|
|
|
|
by a huge organization with a huge datacentre that collects enormous
|
|
|
|
numbers of hashes and enormous amounts of data, and checks enormous
|
|
|
|
numbers of hashes against an even more enormous number of potential
|
|
|
|
pre-images generated from that data.
|
|
|
|
|
|
|
|
Another huge problem is that if we get penetrated by enemy shills,
|
|
|
|
entryists, and buggers, as the Patriot Front is and the Jan Sixth protestors
|
|
|
|
were, we are likely to wind up like the January sixth protestors, who as I
|
|
|
|
write this are imprisoned indefinitely being tortured by black guards
|
|
|
|
recently imported from the northern part of black Africa, awaiting
|
|
|
|
trial with no likelihood of any actual trial for years.
|
|
|
|
|
|
|
|
## No namefags
|
|
|
|
|
|
|
|
A participant who can be targeted is likely to introduce unobvious security
|
|
|
|
flaws into the software architecture. All contributors should make some
|
|
|
|
effort to protect themselves against a third party subsequently coercing
|
|
|
|
them to use the reputation that they have obtained by contributing to make
|
|
|
|
subsequent harmful contributions.
|
|
|
|
|
|
|
|
All contributors will use a unique name and avatar for the purpose of
|
|
|
|
contributing to this project, and shall not link it to other names of theirs
|
|
|
|
that are potentially subject to pressure. In the event of videoconferencing,
|
|
|
|
the participants shall wear a mask over the lower part of their face that
|
|
|
|
conceals the shape of their mouth and jaw and a rigid hat like a fedora that
|
|
|
|
conceals the shape of the upper part their head.
|
|
|
|
|
|
|
|
Apart from your mouth, the parts of your face that communicate non
|
|
|
|
verbal information turn out to be surprisingly useless for identifying
|
|
|
|
individuals.
|
|
|
|
|
|
|
|
If you wear glasses, should not wear your usual glasses, because facial
|
|
|
|
recognition software is very good at recognizing glasses, and easily
|
|
|
|
distracted, confused, and thrown off by unusual glasses.
|
|
|
|
|
|
|
|
Even if there are gaping holes in our security, which there will be, and
|
|
|
|
even if everyone knows another name of a participant, which they will, no
|
|
|
|
need to make the hole even bigger by mentioning it in public. People who lack
|
|
|
|
security are likely to result in code that lacks security. They come under
|
|
|
|
pressure to introduce an odd architecture for inexplicable reasons. We see
|
|
|
|
this happening all the time in cryptographic products.
|
|
|
|
|
|
|
|
# Code will be cryptographically signed
|
|
|
|
|
|
|
|
Of necessity, we will rest our developer identities on GPG keys, until we
|
|
|
|
can eat our own dogfood and use our own system's cryptographic keys.
|
|
|
|
Login identities shall have no password reset, because that is a security
|
|
|
|
hole. If people forget their password, they should just create a new login
|
|
|
|
that uses the same GPG key.
|
|
|
|
|
2023-02-19 02:15:25 -05:00
|
|
|
Every pull request should be made using `git request-pull`, (rather than
|
|
|
|
some web UI, for the web UI is apt to identify people through the domain
|
|
|
|
name system and their login identities.)
|
|
|
|
|
|
|
|
The start argument of `git request-pull` should correspond to a signed
|
|
|
|
commit by the person requested, and the end argument to a signed and
|
|
|
|
tagged commit by the person requesting.
|
|
|
|
|
|
|
|
When creating the tag for a pull request, git drops one into an editor and
|
|
|
|
asks one to describe the tag. One should then give a lengthy description of
|
|
|
|
one's pull request documenting the changes made. Or, better, the tag
|
|
|
|
should already contain a lengthy description of the pull request containing
|
|
|
|
the changes made.
|
|
|
|
|
|
|
|
When accepting a pull request, the information provided by the requestor
|
|
|
|
through the tag and elsewhere should be duplicated by the acceptor into
|
|
|
|
the (possibly quite lengthy) merge message. Or, better, if he can fast
|
|
|
|
forward the pull request, the tag will be the merge message, which will
|
|
|
|
lead to git recording a more intelligible and linear project history.
|
|
|
|
|
|
|
|
Thus all changes should be made, explained, and approved by persons
|
|
|
|
identified cryptographically, rather than through the domain name system.
|
|
|
|
|
|
|
|
It is preferable to simplify the history recorded in git by rebasing the
|
2023-02-19 02:24:36 -05:00
|
|
|
changes in the branch that you want pulled to the most recent version of
|
|
|
|
the branch that you want it pulled into. This produces an artificially linear
|
2023-02-19 02:15:25 -05:00
|
|
|
history, which is likely to be more intelligible and informative than the
|
|
|
|
actual history. In particular, more intelligible to the person pulling.
|
|
|
|
|
2022-02-16 00:53:01 -05:00
|
|
|
# No race, sex, religion, nationality, or sexual preference
|
|
|
|
|
2023-02-19 02:15:25 -05:00
|
|
|
![On the internet nobody knows you are a dog](../images/nobody_know_you_are_a_dog.webp)
|
2022-02-16 00:53:01 -05:00
|
|
|
|
|
|
|
Everyone shall be white, male, heterosexual, and vaguely Christian, even
|
|
|
|
if they quite obviously are not, but no one shall unnecessarily and
|
|
|
|
irrelevantly reveal their actual race, sex, religion, or political orientation.
|
|
|
|
|
|
|
|
All faiths shall be referred to respectfully. Even if they happen to be
|
|
|
|
making war on us, this software may not be very relevant to that kind of
|
|
|
|
warfare, in which case that discussion can be held elsewhere.
|
|
|
|
|
|
|
|
All sovereigns shall be referred to respectfully, if they are referred to at all,
|
|
|
|
which they should not be. If this software is likely to frustrate their
|
|
|
|
objectives, or even contribute to their overthrow, no need to make it
|
|
|
|
personal, no need to trigger our enemies. War will come to us soon
|
|
|
|
enough, no need to go looking for it.
|
|
|
|
|
|
|
|
# No preaching supererogation
|
|
|
|
|
|
|
|
Status must be on the basis of code, good code, and clever code, not on
|
|
|
|
cheap claims of superior virtue.
|
|
|
|
|
|
|
|
When someone plays the holier than thou card, he does not intend to share
|
|
|
|
what we are sharing. Out of envy and covetousness, he intends to deny us
|
|
|
|
what we are sharing, to deny us that which is ours.
|
|
|
|
|
|
|
|
If he is holier than we are, he not only wants what we have, which we will
|
|
|
|
gladly share. He wants us to not have what we have.
|
|
|
|
|
|
|
|
Christians are required to turn the other cheek, and people attempting to
|
|
|
|
maintain a politically neutral environment need to turn the other cheek.
|
|
|
|
But you very quickly run out of cheeks, and then it is on. You cannot be
|
|
|
|
politically neutral when the other guy is not being neutral. You have to
|
|
|
|
bring a gun to a gunfight and a faith to a holy war. People who start
|
|
|
|
politics in an environment intended to be politically neutral have to be
|
|
|
|
purged, and a purge cannot be conducted in a politically neutral manner.
|
|
|
|
You have to target the enemy faith and purge it as the demon worshiping
|
|
|
|
heresy that it is, or else those attempting to maintain political neutrality
|
|
|
|
will themselves be purged as heretics, as happened to the Open Source and
|
|
|
|
Free Software movements. You may not be interested in war, but war is
|
|
|
|
interested in you.
|
|
|
|
|
|
|
|
We want to maintain a politically, racially, religiously, and ethnically
|
|
|
|
neutral environment, but it takes two to tango. You cannot maintain a
|
|
|
|
politically neutral environment in a space where an enemy faction wants
|
|
|
|
their politics to rule. Neutrality cannot actually be neutral. It merely means
|
|
|
|
that the quietly ruling faction is quiet, tolerant of its opponents, and does
|
|
|
|
not demand affirmations of faith. If an enemy faith wants to take over,
|
|
|
|
the ruling faith can no longer be quiet and tolerant of that opponent.
|
|
|
|
|
|
|
|
## No claims of doing good to random unknown beneficiaries
|
|
|
|
|
|
|
|
We are doing this for ourselves, our friends, our kin, and our posterity, not
|
|
|
|
for strangers a thousand miles away, and we only care about strangers a
|
|
|
|
thousand miles away to the extent that they are likely to enable us to make
|
|
|
|
money by making them secure.
|
|
|
|
|
|
|
|
If someone mentions the troubles of people a thousand miles away, it
|
|
|
|
should only be in the frame that we will likely have similar troubles soon
|
|
|
|
enough, or that those people a thousand miles away, of a different race,
|
|
|
|
religion, and language, could use our product to their, and our, mutual
|
|
|
|
advantage, not because he cares deeply for the welfare of far away
|
|
|
|
strangers that he has never met in places he could not find on a map.
|
|
|
|
|
|
|
|
## No victim classes, no identity politics, and no globalism
|
|
|
|
|
|
|
|
The Open Source and Free Software movements were destroyed by
|
|
|
|
official victimhood. Status and leadership must be on the basis of code,
|
|
|
|
good code, and clever code, not on cheap claims of superior oppression.
|
|
|
|
|
|
|
|
The experience of the Open Source and Free Software movement
|
|
|
|
demonstrates that if victimhood is high status, code and code quality must
|
|
|
|
be low status. If victimhood is high status then “you did not build that”.
|
|
|
|
Rather, if victimhood is high status, then good code, silicon fabs, and
|
|
|
|
rockets spontaneously emerged from the fertile soil of sub-Saharan Africa,
|
|
|
|
and was stolen by white male rapists from the brave and stunning black
|
|
|
|
warrior women of sub-Saharan Africa, and social justice demands that the
|
|
|
|
courageous advocate for the brave and stunning black warrior women of
|
|
|
|
sub-Saharan Africa takes what you have, what you gladly would share,
|
|
|
|
away from you.
|
|
|
|
|
|
|
|
Unless, when a female contributor unnecessarily and irrelevantly informs
|
|
|
|
everyone she is female, she is told that she is seeking special treatment on
|
|
|
|
account of sex, and is not going to get it, no organization or group that
|
|
|
|
attempts to develop software is going to survive. Linux is a dead man walking.
|