open source and exploitation
I’m learning more about open source sustainability. More precisely, I’m learning more about how open source is exploited by big companies.
Some recent links that have influenced my thinking:
- This pair of slides from The Maintainer of the Curl. First slide: 38 huge car brands that use curl. Second slide: 0 of them give anything back.
- “The Value of Open Source Software” says that “firms will need to spend 3.5 times more […] If OSS did not exist”, and that is giving approximately $12,000,000,000,000 USD ($12 trillion) to OSS businesses to free,
- “What is open source?” says that “volunteers are creating software for free that largely benefits large corporations.”
- “Open Source Power” claims that open source software needs to be more thoughtful about how it donates its work to the general public, because it is open to misuse.
- The “Open source developers are exhausted, unpaid, and ready to walk away” argument is that open source maintainers are being exploited and are being overkill. This is dangerous for the industry.
- “How US tech giants’ AI is changing the face of war in Gaza and Lebanon” made me think about how open source tools like PyTorch indirectly kill innocent people.
- “The Death of Consequences” claims that “extractive organizations will not take licensing seriously”, and that the open source movement needs more strength.
Overall, these ideas lead me to believe that the open source movement needs to see itself in a larger societal context. Can we shift the balance of power away from big companies and their widespread losses? Can we stop Nazis from using our software? Should we even try?
What can I do to help?
i maintain a somewhat popular Open source package. I say popular Because it had over 200 million downloads in 2025, which I believe puts it in the top 0.1% of downloads on npm. I say somewhat popular Because it is not very famous; It sits quietly in thousands (millions?) of projects, with most developers not thinking much about it. I’m not as powerful as Linus Torvalds at the helm of Linux, but I’m not completely unknown either.
But what can I do to help?
I know my goal: Change the default in open source from “It’s free for anyone to use” to “Please don’t use it if you’re evil.” I don’t want to do this just for my small project; I want to slowly change the narrative. I’m not sure how to do this effectively, if it’s even possible.
Any one have any ideas? If you maintained a popular open source package, what would you do to help?
I have some specific questions:
- how can i do pay more attention to this issue Given the relative popularity of my project? Should I write a blog post? A callout in the document?
- should I Change my project’s licenseIt uses the currently permitted MIT license. I am unconvinced on the social value of “freedom to run the program as you wish for any purpose”, often referred to as Freedom 0. I don’t want to donate my work to bad people!
- would like class action Become more powerful? If so, will other maintainers participate?
- Should I “test” it with some of my own? Less Popular Projects,
I would love your ideas. Feel free to email me@evanhahn.com, message me on Signal, or contact me in any other way.
<a href