←back to thread

ACF Plugin no longer available on WordPress.org

(www.advancedcustomfields.com)
221 points michaelcampbell | 3 comments | 13 Oct 24 15:44 UTC | HN request time: 0s | source
Show context
maxbond ◴[13 Oct 24 19:43 UTC] No.41830919[source]
To me this is indistinguishable from an account takeover attack executed by an insider. I doubt any prosecutor would be interested, but to my eyes WordPress.org has violated the CFAA by accessing WordPress instances outside the bounds of their authorization. They were authorized to modify WordPress instances in ways ACF prescribed, not in ways of their own choosing.

I'm not saying I'd like to see Mullenweg in chains, I wouldn't. But WP.org's escalating legal exposure is really concerning. I feel like we're at risk of losing a cornerstone of the web. People are talking about a different open source CMS eating their lunch, but I think the more likely scenario is that people move to Square Space, Wix, Facebook, et cetera, and open source content management becomes niche.

replies(3): >>41831345 #>>41832352 #>>41833355 #
btown ◴[13 Oct 24 20:34 UTC] No.41831345[source]
IMO it's also notable that Mullenweg is in this state of mind and also has access to Tumblr data, with a history of allegedly doxxing the relationships between anonymous user blogs based on non-public information [0]. One doesn't need to agree with the moderation decision, or take sides on the political context around it, to understand that there is a tremendous amount of centralized power here, that norms are going out the window, and that an entire ecosystem is at risk.

[0] https://techcrunch.com/2024/02/22/tumblr-ceo-publicly-spars-...

replies(1): >>41831650 #
1. maxbond ◴[13 Oct 24 21:12 UTC] No.41831650[source]
In hindsight this should've been all the warning anyone needed.

In the future, when a BDFL telegraphs that they're willing to abuse their powers like this, we need to fork immediately. Open source is more important than any single project or any single BDFL. We can't allow open source to appear risky or unreliable relative to proprietary software, subject to the whims of volatile personalities.

Open source is kind of like libraries - an institution for the collective good people managed to erect in the past that would be neigh impossible to replicate today. Imagine convincing companies in any other industry to collaborate openly and freely with their competitors merely because it's good for society as a whole. You'd be labeled a socialist and laughed out of the room.

If we lose it, it's probably gone for good.

replies(1): >>41832418 #
2. LamaOfRuin ◴[13 Oct 24 22:49 UTC] No.41832418[source]
Companies don't, as a rule, do this in software either. They make projects open source or contribute to open source projects because it's good for them. This is just as true in other industries. This is how every industry standard and protocol or similar works. It is beneficial to the participating companies and does not threaten them.
replies(1): >>41832769 #
3. maxbond ◴[13 Oct 24 23:49 UTC] No.41832769[source]
It's not that they don't benefit from collaborating, it's that they don't benefit as much as they could by demanding a royalty or licensing fee. Why shouldn't they? Everyone expects to be paid for their services. They're leaving money on the table for the benefit of the public at large.

Most of the "open" standards from other industries that I'm familiar with require a license, and certainly aren't open to participation by anyone and everyone. Let alone allowing you to modify and redistribute them.

But in software we've created a culture with different expectations. And I don't think we should take that for granted.