I think there could be more to it. Louis Rossmann had personal issues with the lead dev there a year or two ago due to how they interact in their forum, and I think he had some great reasons to be concerned. Since then the lead dev has stepped away as project lead, but I doubt the bad blood is completely gone.

I think it’s a bit suspicious that they don’t mention what feature(s) FUTO wanted. Given their interaction with other projects, I’m guessing they wanted a “supporter” badge for people who have bought the software (no change in functionality other than the badge). I’m guessing also that due to their interaction with Rossmann, they’re uninterested in clarifying, esp. if it would put FUTO in a better light if they did.

Then again, maybe FUTO is a bunch of scumbags. It just seems the slant against them is so much stronger than the actual negative impact from a handful of repos having source-available licenses instead of FOSS licenses.

My read is that FUTO as a software movement is totally fine, it does what it claims on the tin. The people behind FUTO are a different story, and the main person bankrolling it seems to have friends with odd views (I think they’re blown out of proportion, but they’re still concerning).

You’ll never find a perfect movement. Here’s what FUTO seems to prioritize:

• local first alternatives to big tech
• source availability, but in a way big tech can’t use but home users can
• profitability for devs without coercion or feature gates

That sounds pretty good to me! I’d prefer it to be FOSS, but allowing me to distribute modifications for non-commercial use is probably good enough for most things.

I probably disagree with their founder politically, and I’d run FUTO differently, but I think their software is good and I could maintain it myself if needed, and at the end of the day, that’s what matters to me.

FUTO doesn’t seem interested in getting involved in politics, they’re merely musing philosophically, and their products aren’t profitable, so it doesn’t really matter to me what their political positions are.

It also. feels more comfy to hold.

I’ve thought about this idea for my own project, and my best solution is to have a network of trust where people rely on curation from their peers and thus only see the content their peers have approved.

The main benefit is also the main downside: content you disagree with is still there, you just don’t see it. That means there could absolutely be pockets of CSAM and other content on the network, but your average user wouldn’t have that on their system since they only store curated content.

I’m not sure how I feel about that, but I think it’s the best you can do without centralized moderation.

Sure, but those will usually be pieces of an app on the same host, not whole apps. Like for an inventory management app, you might have the auth server and its database on one host, the CRUD app and its database on another, and the report server, its database, and a replica of the CRUD db on another. And I use the term “host” broadly enough to include VMs on the same physical hardware. And these hosts will have restricted communication between each other.

At least, that’s how I’ve seen it done.

Self-hosters will generally run multiple full apps on one host. It’s a different setup.

You shouldn’t have any user home for your services, you shouldn’t even allow them to login at all. They should only have group access to resources they need, and containers should restrict what directories they have access to.

Companies don’t typically host multiple containers on the same host. So having a different user for them is less important than securing the connection between machines, since a given biat isn’t particularly interesting. Attackers will still try to break out, so they have a backup.

As a self-hoster, you typically do the opposite. You run multiple services on the same host, and the internal network isn’t particularly secure. So you should be focusing more on mitigating issues, and having each service run as an unprivileged user is one fairly easy way to do that.

You can run it rootful, then it behaves just like Docker.