1 XMR = $326.69

Please login

Region:

Current view: Classic | Threads
Sort by: New | Tips

Open sourcing XmrBazaar?

SoulReaver Donor - Resistor Verified
N/A (0)
Posts: 48
Earned: 0.003 XMR
Tipped: 0 XMR
There has been some renewed discussion in the community lately regarding the open sourcing of the XmrBazaar codebase.

The community seems to recall some mentions of open sourcing happening, so people are wondering if it's still on the table? If so, what the timeline looks like and under which license it might eventually be released?

This can potentially open up contributions to the platform as well as in a QA sense for finding and reporting issues.

Here's a forum post mentioning open sourcing plans:
https://xmrbazaar.com/forum/topic/29/post/115/#post_115

Tagging Douglas_Tuman
Edited: Jun 30 07:52
Tip Monero to SoulReaver
QR Code 8AJJt5FoxgKapYk69YgSLXPaSBYd88hghg32ie25ZXGSFFYgVeKT4ytLkPoCsnJGE3gQninbK6JDUAX4qNCRUqfXFwXe3Hm
Publish Tip to SoulReaver

Please login to publish your tip

nobswebdev Donor - Supporter Verified
5 (140)
Posts: 30
Earned: 0 XMR
Tipped: 0 XMR
Reply to post #1551
+1
Tip Monero to nobswebdev

nobswebdev has not setup a {COIN} tip address yet.

Publish Tip to nobswebdev

nobswebdev has not setup a {COIN} tip address yet.

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 21
Earned: 0.1 XMR
Tipped: 0 XMR
I agree and disagree. On the hand, given the space we're in, making the project open source makes sense, however I also believe that a lot of work has gone into the platform and making it open source means anyone can start a platform that competes with XmrBazaar without having to put in any of the work. Given that this is a platform and not just a simple fediverse instance or a private shop, I think XmrBazaar is better off remaining closed source.

However, that is not to say open source has no place here. The one direction that makes sense is to release a core or community edition which is open source, while not having all the custom features that XmrBazaar has. This way anyone can work on extending it and work on creating add-ons and plugins.

Speaking of the license, we absolutely need a type of license that forbids governments and corporations from using any of the code and tech produced by the open source community. You see this all the time with open source projects. Some corporation comes along, stitches together open source tech without attribution or payment, patents the final product, and then sells it on the open market. This absolutely needs to stop! It is an enormous problem in the open source community and it's about time someone puts a stop to it.

I think this type of license agreement requires far more debate and discussion in the Monero, open source, and darknet communities to define what it can NOT be used for, such as:

- Any government or government affiliate actor can not use the software in any way
- Any corporation can not use the software to create an end product or use it as part of an end product and patent the entirety or the software itself

However, we need proper legal definitions here to ensure there are no workarounds across jurisdictions. I've been thinking about this a lot as I'm working on some projects myself that will eventually become open source and I have absolutely no interest in a government using it, a corporation using it to get rich quick, a company selling the software itself, or products being patented using the software.

One idea I had is to forbid any and all commercial use of the product without acquiring explicit permission. This would effectively prohibit any and all companies, corporations, and commercial actors from ever using the product. That is the explicit rule, while there is an implicit rule too. The implicit rule is that I would never go after legitimate actors, such as people wanting to start their own projects on the darknet and monetize them. Technically, I could legally go after them, but I never would.

Corporations are far more bound to these agreements than actors on the darknet or within the Monero community. I think this absolutely warrants discussion and we need to release an open source license specifically for this. The open source world has been taking advantage of for far too long by corpos, cronies, and corrupt motherfuckers. If the entire open source world effectively started using this new type of license that protects individuals and legitimate businesses, while telling corpos and governments to fuck off, many of these companies would no longer be able to sell their garbage products and it would cost them a fortune to develop it all themselves in house. This would lead to a split between the open source world and the corpo world, which is exactly what needs to happen.

It also opens up a new revenue stream for open source devs. Since corpos now have to acquire explicit permission, the devs could charge them whatever they want just to use the software.

We could start a small group to work on precisely this license type and test it out, then get the community's feedback to close any gaps.
My Website & Blog
Kikuri Darknet Knowledge Base
Tip Monero to yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

AshleyJones Warning Donor Verified Donor - Resistor
5 (8)
Posts: 17
Earned: 0.02 XMR
Tipped: 0 XMR
For one, Doug would say that XmrBazaar would go open source once their donation goal was met -- which it was months ago. They didn't specify the license, but it seemed to be the usual GPLv3 until Aillia disliked seeing someone legally sell GPLv3 on here ( https://xmrbazaar.com/forum/topic/29/ ), where Aillia assumed it was illegal to do so and I had to really clarify that it actually was legal. Since then, Aillia wants to release the code as source available with inability to allow users to use it or modify it for oneself, which is not open source like Doug originally promised.

Just as background checks don't stop criminals from obtaining guns, source available won't stop any anonymous person from replicating source-available software, so it seems to be a moot point. And I suspect we have not heard anything about XmrBazaar going open source since the GPLv3 drama incident because they feel protective over this website and don't want anyone else to do a better website with the code. Or at least, that is how I see things. I believe code should be stripped from ego. I especially suspect this, given that open source benefits the users and the administrators. Instead of loading up work for one person and having to pay one person for all of the development work, you can have a vast array of people contributing at a much faster and diverse rate: for free.

Therefore, the decision seems ego-based rather than a genuine interest in freedom, de-centralization, and hacking.

I am not too keen on XmrBazaar anymore, partially due to this situation. I think the staff is un-educated on a lot of topics concerning:

-Privacy (Doug doesn't even have a basic understanding of tor as demonstrated on his Monero Talk videos).

-Decentralization e.g. clinging to Twitter after getting banned again and again; and the dev thinking that making an accessible onion requires a whole new server, which is not true.

-Basic and extreme misunderstanding of open source and its licenses.

-Using notoriously insecure Matrix chat.

-Registering their domain with GoDaddy and using 1984 hosting. Basic research (and common knowledge for people within these free speech circles) will tell you those are very bad options to go with. Unsurprisingly, issues arose due to those decisions.

These are pretty much the most basic pillars one would come across concerning de-centralization, security, and privacy, so I've found it shocking to see such actions.
Tip Monero to AshleyJones
QR Code 8A11e3NEQXvEbShkwZHd67e12rcM8GfADjSmrywkoZLP5XuakvDuNsp3d8B3RLoUZFRAFry38DM5Z6Gu1vJdbrRzVdbktHR
Publish Tip to AshleyJones

Please login to publish your tip

yuzuki Donor - Supporter Verified
N/A (0)
Posts: 21
Earned: 0.1 XMR
Tipped: 0 XMR
Reply to post #1577
I am not too keen on XmrBazaar anymore, partially due to this situation. I think the staff is un-educated on a lot of topics concerning:

-Privacy (Doug doesn't even have a basic understanding of tor as demonstrated on his Monero Talk videos).

-Decentralization e.g. clinging to Twitter after getting banned again and again; and the dev thinking that making an accessible onion requires a whole new server, which is not true.

-Basic and extreme misunderstanding of open source and its licenses.

-Using notoriously insecure Matrix chat.

---

I agree with all of the above. There is a lack of experience, but so was I when I first started out. There is a lot to opsec, privacy, security, and the darknet and the best way to learn is by doing, especially since there is virtually no information out there on hosting. Plenty of app recommendations by the privacy normies, such as switching from Gmail to Proton, but there is a substantial lack of in-depth opsec discussions and information on actually developing and hosting services. Once again, I learned most of my lessons based on my own experiences of hosting services, tinkering, and breaking things at times. I can just assume that the dev team is largely new to all this.

What I'm concerned about is that XmrBazaar will eventually land in hot waters with the law and if the devs don't have decent opsec, they will without a doubt end up like the devs of Samourai Wallet.

I also don't like that they are using MyNymBox and Godaddy. MyNymBox is a normie privacy host when what XmrBazaar needs is an offshore host. That is offshore as in a jurisdiction that lets you do whatever you want for the most part with a reverse proxy to hide the real IP address. I would be even happier if XmrBazaar discarded the clearnet domain and just went with Tor and i2p only.

I don't know what is happening in the background and how solid the staffs' opsec is, but I can almost guarantee the domain will be suspended by GoDaddy eventually, and there is a very good chance there will be legal problems for the staff as the platform grows. These are real threats and I think a lot of people in the monero community are blinded by ideology and don't acknowledge the actual risks of what they are saying and doing. Are taxes even paid? Does it legally need a business license? Because if no taxes are paid, then that's an easy money laundering charge. Not to mention, there are accounts being sold and "KYC" services provided. It's deep in the grey market verging on black market. If an investigation is ever conducted and charges are brought against the staff, they will without a doubt use everything posted by the staff against them in court, which will make them look even worse to the average judge and gives the media lots of ammo.

I see this problem occurring throughout the Monero community. I could not possibly imagine tying my real identity to my activities here nor going on a podcast and making my voice public. I'm willing to bet that something along those lines will happen here.

My take on open sourcing the platform is "it depends". My primary position is that the open source community should fight back against corpos and governments by not allowing them to use their software as they use that precise software in surveillance tech, identity verification software, and shitty products. I absolutely believe that anonymous users and individuals should be able to use it whatever way they like, but the corpo world has to be blacklisted from using it. Anons don't have to respect licenses, but corpos usually do. You also get far more out of suing a corporation than some random individual. That's something I believe should apply to the open source world as a whole, not specifically to one project.

I do intend on open sourcing my platform later once I have developed a proper fedi integration, but in that case I would release a core. The core does most things, but there are a few custom integrations or features that would be specific to my own platform. Therefor anyone can host their own and contribute code, but there would always be a few features that distinguish my platform from any other hosted one. I believe the same would be useful for XmrBazaar.

The question also is whether XmrBazaar is considered a private or public project. If it is considered a public or community project, then yes, it should without a doubt be made open source. If it is considered a private project, then my suggestion is to release the core and keep the rest private. It may piss off some people in the open source world, yes, however the last thing I would want is to sink hundreds of hours into a project only for someone else to come along and use the code to host their own platform and for their platform to now compete with mine. I think that would be fucking retarded especially since I would keep on making updates feeding a competing business. They have to invest 0 hours into development, I have to invest hundreds of hours and they receive my labor free of charge.

So it begs the question: Is XmrBazaar a public / community project or is a private project?
My Website & Blog
Kikuri Darknet Knowledge Base
Tip Monero to yuzuki
QR Code 86GEJPxGRCyYBzQC18xTq1hzv2z2Trpu2RLwcLsgmQEw8itpca2eXknCuoBXo8jw5pevfcwNiHkGf4S257nDG4wLEZuYRXd
Publish Tip to yuzuki

Please login to publish your tip

Page:
1
You must login in order to publish a post