[cyborgx7]

The article takes a while to get to the point made in the title but the way to counteract this seems to be, get the infrastructure for open source out of America before it's too late. In contrast to the ARM example, the US doesn't really have any leverage against a volunteer open source project not within its borders.

[blihp]

Open Source effectively is out of America or any other single jurisdiction: think of all of the people who have up to date copies of virtually every package all around the world. If the U.S. were to say tomorrow, as we used to do with cryptography, that (certain types of) software can't be shared outside of the U.S., the development of said (Open Source) software would likely just be taken over by groups outside the U.S.[1]

I recall that happening in the 90's with a few different types of software due to U.S. software patents and corporate legal departments. VLC hasn't always been the go-to Linux multimedia application, for example.

[1] The infrastructure part is easy, the giving away access/bandwidth for free part is hard.

[butteroverflow]

I believe the majority of FOSS developers reside in the US. You can't really pipe them out through a fiber channel.

[jakobegger]

The majority of FOSS developers I know reside in Europe, but that may be just because I am from Europe.

[blihp]

In general, the developers are wherever the corporate sponsorship is these days. i.e most development on key packages these days isn't done as a labor of love by most developers anymore. Also, at least a significant fraction, if not the majority, of those doing FOSS development here in the U.S. weren't born here. Linus being a perfect example. So it's not like we have any magic pixie dust that makes U.S.-born developers special.

So you're right, you can't pipe them out through fiber channel but you don't need to. You just need to fund them wherever you want them.

[jacques_chester]

> In general, the developers are wherever the corporate sponsorship is these days. i.e most development on key packages these days isn't done as a labor of love by most developers anymore. Also, at least a significant fraction, if not the majority, of those doing FOSS development here in the U.S. weren't born here. Linus being a perfect example. So it's not like we have any magic pixie dust that makes U.S.-born developers special.

That's the thing, though. The physical location of the developers and the legal nexus of the companies are different things. Any sovereign government can exert power over the actions of companies that operate elsewhere, so long as they have anything in their own jurisdiction that can be gripped and squeezed -- a "nexus". Sometimes sovereign nations will even create laws that are "extra-territorial", laws they expect to be obeyed beyond their own borders, even if only enforceable once you are within those borders.

If all your developers live in Europe, but you sell to US companies too, guess what? The US can push you around. Do you want to do business with a bank with any US footprint whatsoever, guess what? The US can push you around. Do your executives travel to the US? Guess what? etc etc etc.

The US is not a special case here: the use of local and international legal and financial pressure to achieve policy goals outside one's own borders is common. However the US is a superpower, has far more levers to push on, far more heft to push them with and far lesser immediate consequences for doing so. The EU and China are probably its only rivals in this kind of economic realpolitik.

But if Bhutan tried to do this? We wouldn't even hear about it.

[toyg]

You might get an immediate hit to development, but given a bit of time non-US developers would step up their game. A lot of FOSS is paid for by big companies who would likely want to continue operating this way, so they would reroute expenses accordingly.

Crypto didn't die when it was export-restricted, and that stuff is really complicated.

[the_pwner224]

FOSS developers like those sponsored by Google/FB/MS to make React/etc.? Sure. But FOSS developers making useful applications and sharing them with the community (think Gnome/KDE, cmus, calcurse, WINE, VLC)? From my experience there is a lot of diversity there, and also a lot of representation from Europe.

[fouc]

Citation needed. Honestly this seems like a pretty offensive american-centric belief

[ISL]

Fortunately, there is a bulwark:

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.

The bulwark defending the bulwark is the population.

[bilbo0s]

Good luck explaining your commits to that munitions grade crypto used by terror cells in the mideast region as "Free Speech".

Hope that works out for you. :-(

(I'd wager there'll be a few more Snowden types asking for asylum outside the US before this is all over.)

[downrightmike]

Already holds up: "The claimed principle was simple: export of munitions—guns, bombs, planes, and software—was (and remains) restricted; but the export of books is protected by the First Amendment. The question was never tested in court with respect to PGP. In cases addressing other encryption software, however, two federal appeals courts have established the rule that cryptographic software source code is speech protected by the First Amendment (the Ninth Circuit Court of Appeals in the Bernstein case and the Sixth Circuit Court of Appeals in the Junger case). " https://en.wikipedia.org/wiki/Pretty_Good_Privacy

[sjy]

It's worth checking that claim against the Ninth Circuit's decision [1], because the court said:

> We emphasize the narrowness of our First Amendment holding. We do not hold that all software is expressive. Much of it surely is not ... We hold merely that because the prepublication licensing regime challenged here applies directly to scientific expression, vests boundless discretion in government officials, and lacks adequate procedural safeguards, it constitutes an impermissible prior restraint on speech.

[1] https://cr.yp.to/export/1999/0506-order.html

[pessimizer]

How it worked out last time is no guarantee of how it will work out this time.

[ralph84]

I like the odds in the US better than anywhere else. No other country has a better track record of protecting freedom of speech.

[paulryanrogers]

If good crypto really boils down to math, and therefore either everyone can be secure or noone, then I'd rather everyone be secure. There are more ways to stop terrorists than wanton collection of communication.

[SomeOldThrow]

I wish I shared your optimism.

[thefounder]

This means get the open source off github as well...

[ralph84]

Or keep it there where you have one of the most powerful companies in the world to defend it.

[thefounder]

There is nothing to defend. US gov(i.e Trump) gives a directive and the "one of the most powerful company in the world" complies like all the others did(i.e Huawei's suppliers, Oil companies dealing with Iran etc).

[maxander]

Sure it does, if a large chunk of the volunteers are in the US.

The division of the open source world into the “US part” and the “Chinese part” would be a roughly 50% cut in the efficiency of the FOSS ecosystem, and is on the table given the developments he describes.

[sokoloff]

Metcalfe's Law probably applies, though perhaps not at full effect. That would suggest the diminution in effectiveness of the FOSS ecosystem would be more severe than linear.