-
Notifications
You must be signed in to change notification settings - Fork 482
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disappointing decision from core devs. #746
Comments
You absolutely have the right to fight it, there are many ways including: https://bitcointalk.org/index.php?topic=5311388.msg56156400 But the bitcoincore.org website is for hosting the software and information about the software project. The inclusion of the whitepaper was largely incidental: There was only one link to the local copy, the rest were to Bitcoin.org. There isn't any particular need for bitcoincore.org to have a mirror right now. As a result, keeping it would just be mere symbolism that would make it easier for Wright to litigate and waste resources which may be desperately needed for a later and more relevant attack which will almost certainly come. Bitcoin developers are in this for the long haul, and one doesn't win a war by stumbling into every minor skirmish the enemy provokes. Imagine trying to play chess with that strategy: relentlessly attacking every threat, even minor ones, refusing to sacrifice an irrelevant pawn. You would lose reliably. Bitcoin bites the bullet. People shouldn't be here look and sound tough, they should be here to be tough, to persist, and-- ultimately-- to win. I hope you will reconsider your language and edit your comment to be less of an attack. I seriously doubt you have the background or expertise to assess any particular move here as "stupid". Maintaining a project like Bitcoin for over a decade requires a patient long term strategy, not responding out of anger to every slight that comes onto the radar. But even if the decision were an error, though I disagree that it is, it is entirely someone elses decision to make: You don't get the right to control someone's personal legal strategy just because you use software they wrote. I posted more about the subject here: https://www.reddit.com/r/Bitcoin/comments/l1uieu/bitcoinorgs_response_to_legal_threats_by_csw/gk1y8h9/ |
I agree with both Lucienest and gmaxwell's comments and don't think they are in contradiction. You can't be a good content host in 2021 if you immediately capitulate to fraudulent claims. Whether or not doing this is in your own self-interest, it is bad for everyone else, because it sets a precedent encouraging abuse and self-censorship. But I think it is completely reasonable if bitcoin core developers don't want to be content hosts. They have other priorities and other more important ways they can contribute to bitcoin's success. If they can't be good content hosts, it is better if they don't host content. An alternative would be to push signed source releases and binaries to github, ipfs, bittorrent, and other places, and let sites like bitcoin.org that may be more willing to take on challenges of hosting make their own valiant attempts at it. If these issues were going to disappear after taking down a pdf, I don't think they would be a big deal. But what is the chess move going to be when there is a DMCA challenge to remove wallet software after it is used to illegally pay for someone's copyrighted content? What happens if there is law enforcement request to insert a backdoor? If there are plans for dealing with illegitimate requests that don't involve immediately capitulating, then maybe it makes sense to keep hosting. Otherwise it is probably better to find a way of distributing the effort. |
I don't think it's an either-or scenario. It's good to look at a way of distributing the hosting effort regardless of people's willingness to fight legal threats. You may want to look at #739 and the related PR, especially if you have any IPFS experience. |
Sorry, I'm not saying you can't host and distribute hosting at the same time. Of course you can do both. I'm just saying I think it is better for you to not host files if you have a high profile and you are going to respond to a fraudulent takedown request by rapidly capitulating to it, because the bad precedent for abuse and self-censorship that you are setting would not seem to outweigh benefits of having one extra server online hosting a few files. I have weird opinions sometimes, so maybe this is one them. I just think going forward after this pdf event, I would be more assured if core developers either came up with a strategy for dealing with illegitimate legal threats that would not encourage more abuse, or if they decided just to not be in the hosting business. Maybe I am overestimating probability of future spurious legal threats? |
If we look at the MIT License it clearly states that: MIT-LICENSE
The Whitepaper also falls into the documentation category. Notably, It was being asked whether MIT do actually covers the documentations: |
I think this is a partly false premise.
Maybe. Certainly, if you had been the project contributor who had been threatened with a lawsuit by someone with billionaire backing and a history of not paying their legal fees (putting you on the hook to pay for defending against even the most baseless claims), I would think you'd appreciate other contributors trying to help you avoid the expense and stress of a protracted lawsuit by making an inconsequential change to a website.
More assured of what?
I particularly like one of Wladimir's proposed next steps: "In the short run, transfer bitcoincore.org to an organization instead of private ownership." I think that will be really useful. I think one of the problems with this situation is that the website is not owned an incorporated entity, so any lawsuits need to be dealt with on an individual basis by the site owner. If it's owned by a corporate entity, particularly a structure that provides a personal liability shield, then the defense of the site can be more easily outsourced to experts. Though, even in that case, it's probably not worth wasting money defending a file that's not important to host here and which is less clearly MIT licensed than the project's main code files. |
I will avoid replying again because I don't want to take up too much time and space, but I just want to answer this to be concrete about my view.
It would be good to be assured that something like this will not happen again. One way could be for a different set of people not associated with core developers to host. Another way could be for the same set of people who are hosting to decide that a bad precedent has just been set, that something different could have been done in this case, and that something different will be done in future cases if there are more challenges. Any of the following would be great:
The next steps that you linked to do sound reassuring and promising. Maybe the cost of one bad precedent is worth it if avoids future ones! |
Every rational decision is a cost/benefit analysis. I believe there is close to no benefit to having an additional mirror of the whitepaper, as that just isn't the purpose of this site (and as we've seen, a zillion other parties are more than happy to do it). Had you asked me if there was one there previously, without looking I would have had to flip a coin: "On one hand there is no reason for it to be there, on the other hand the site exists primarily because of sketchy behaviour by bitcoin.org, so maybe it was included." Plenty of times in the past the project has removed stuff-- e.g. icons in the software-- where their legal status was in any slightly way complicated or ambiguous, even without any threat or serious risk of one. The reason for this is because there was no reason to worry about it or take some exposure: It was an incidental concern which could easily be addressed through replacement. This particular fraudulent legal threat is highly atypical of fraudulent legal threats: The attacker has enormous funding and essentially has a whole large and apparently-corrupt law firm in their pocket. This means that although their claim is pathetically spurious and will ultimately fail they will be able to generate millions in legal expenses and waste enormous amounts of time and make enormous amounts of stress. In a sense, even when you win against something like this you still lose. Using claims which are no less spurious they already have essentially bankrupt Peter McCormack even after millions of dollars worth of funding-- something that should stand as a cautionary tale about the importance of picking the right fights, in the right locations, with the right people. This isn't a reason to be afraid but it's a reason that the cost benefit equation has a considerable amount of cost even though the claims are laughably spurious. So the trade-off is poor: Not much, if any benefit, and some significant cost even though we know the claims are bunk. But most critically this is not the actual fight. This is some pointless bait move to get people to show their hands and expose their resources to getting picked off with potshots, something to deplete and demoralize people with and once wright has lost this one, wright just pick up the next. His actual attack will likely be trying to go after the software with spurious copyright and patent claims as well as trying to steal the use of the word Bitcoin entirely. Every Bitcoin and ounce of contributor endurance spent defending a symbolic victory of keeping an unnecessary mirror on this site-- a battlefield chosen by the opponent, one which is at least more complicated to defend than some others-- is a resource not spent fighting the subsequent attacks that matter. Consider this-- say the software was still exclusively available on Bitcoin.org and Wright files his threatened action. Then the operator goes into a full fight-to-the-death mode over it (more justified-- because that isn't just a mirror of the whitepaper) and actually loses the case because they run out of resource (money or endurance-- after all people who fly into a rage over a false threat aren't typically people who will be able to endure years of grinding bureaucratic injustice) or because the same conman who duped or corrupted Gavin Andresen (and has kept him duped/corrupted to this very day, even after screwing him over) managed to dupe a far less technical jury... then, seeing as how the site has no other assets to pay for compensation, orders the domain name be turned over to the scammer by the registrars. So then you would have the only well known location for obtaining the software controlled by a conman who is a professed enemy of Bitcoin. Is this likely? Absolutely not. Is it possible? Absolutely. But this is a risk that can be reduced-- not eliminated-- by a separation of concerns. So just as you wouldn't recommend embedding a full on web-browser into the code that handles users private keys in the wallet-- not without some VERY compelling reason-- you shouldn't be recommending the bitcoincore.org take on an almost entirely incidental exposure here. Does it have the right to do so? Abso-fukn-loutely. Just like the project has the right to embed a web browser into the wallet. Having the right to do it doesn't make the exposure it creates a worthwhile trade-off. Had someone suggested embedding a webbrowser into the wallet and then instantly after someone from Mozilla legal showed up and scremed that it would be illegal to do so-- would it suddenly become a better idea to embed a browser just to show them that the project didn't like being pushed around? No. Yes, wright sucks, yes every right thinking person should want to kick him in the nuts as hard as permitted by law. 'Never wrestle with pigs. You both get dirty and the pig likes it.' -- making a huge fight is what he actually wants. A weak idea doesn't become strong just because you believe it will show some loser whos the boss. In this case, it's not even just a question of embedding one piece of exposure-- Bitcoin.org is being attacked too. So even if you adopted the position that Bitcoin really needed one web browser in the wallet, does it really need both chrome and firefox? Our community may well be forced into the fraudulent copyright fight once, does it really make sense to fight two independent copies of it at the same time? Or does the project stay focused on its essential mission while the lead in this fight is taken by other people in the community that don't have another way to contribute and are legally, emotionally, and financially in the best positions to fight this particular fight for as long as it takes-- aided by the rest of us? Separation assures that even if a fight over the whitepaper is somehow lost, continuity of the software distribution-- far more critical than a pdf with a thousand mirrors-- won't be lost with it. |
@harding Just to be clear, your understanding that this was discussed privately for "a few days" beforehand is mistaken, I believe Greg is referring to initially wanting me to not share the news of the letters for a while after we all received the letters, not that it was discussed prior. It seems that the whitepaper was removed basically a few hours after the threats were sent out. Greg says I broke confidentiality in that Reddit post, but that's not true, both the letters and the activity on this repo were public knowledge and were already being circulated before bitcoin.org put up the statement. That's generally how Craig operates, he shouts about what he's doing or will do, and if he sends you legal papers you can assume it'll be public knowledge a short while after. Speaking of that, see my screenshot below where he just told me about his upcoming plans a few moments ago. [1] I chose to respond publicly and firmly to his nonsense because I was worried that mainstream media would pick up on Core's removal of the whitepaper, if it got picked up by dubious crypto media, like what happened with the recent double spending rubbish, and without a compelling counter-narrative, it could have spun out of control. Instead, because I acted, we ended up setting the narrative, and hundreds of companies and individuals have now joined us in rejecting Craig's claims over the whitepaper. It would have been nice for Bitcoin Core to reject him too. Bitcoin Core developers saying the licensing status of the whitepaper is unclear is extremely dangerous. The whitepaper was bundled along with the original source code as an associated documentation file, and is clearly MIT licensed. In legal terms, it's just as much a part of the Bitcoin Core project as the genesis block or any line of code, because the MIT license bundles both the associated documentation files and the source code together as "the Software". When you cast doubt on the licensing status of the whitepaper by hastily removing it, from the Bitcoin Core site no less, you're also essentially saying the licensing status of the initial Bitcoin software released by Satoshi is unclear as it's all bundled together. Some Core developers defended the removal claiming it's not a hill worth dying on, and they would only fight back if he comes for the actual code, but they're missing the point, the whitepaper for all intents and purpose was the code, it was included in the initial software Satoshi released, they had no right to get you to take it down. I think it's somewhat understandable to be spooked by Craig's threats, but painting what Core did here as part of some strategic calculated move is just not true, it was a panicked and rushed change, pushed through after only a few hours of receiving a dubious copyright claim, I doubt an attorney was even consulted, as no credible attorney would advise to comply with frivolous copyright claims. Do you think hundreds of companies and individuals would willingly host his alleged "copyrighted material" if his claims had any merit? I think @ryanofsky and many other people have every right to feel uncomfortable about this, as you can see from my screenshot below, Craig doesn't plan on stopping, and complying with his demands just for the sake of preventing legal trouble isn't wise, because the goal is to get you to court, not to actually get the whitepaper taken down, so he will just sue you over something else, and subsequent attacks might be harder to defend against than a clear and cut case of hosting MIT content. The developers haven't actually "avoided" any legal trouble here. |
I stand by what I said in the original PR. There is a lot of precedent in FOSS projects removing binary blobs with unclear licensing. I consider the whitepaper like this. Yes, you can claim it falls under the MIT license. I haven't seen sufficient proof. But it's great if you believe that and host it yourself. As said in the original PR, this site is for hosting the software. It's not a lightning rod for unnecessary legal risks. |
It's frustrating to see Bitcoincore team scrambled to remove Bitcoin whitepaper upon request of fraud claim.
The Bitcoin whitepaper is published under MIT License.
We have all the right to fight this false decision.
The Craig couldn't even prove that he's Satoshi, and claiming ownership is far away.
I hope so the team won't promptly make stupid decisions in future.
The whitepaper should be placed back as quick.
The text was updated successfully, but these errors were encountered: