Chris DiBona was worried everything would end up in one place.

Github offices  Ariel Zambelich/WIRED

Github offices Ariel Zambelich/WIRED

This was a decade ago, before the idea of open source software flipped the tech world upside-down. The open source Linux operating system was already running an enormous number of machines on Wall Street and beyond, proving you can generate big value—and big money—by freely sharing software code with the world at large. But the open source community was still relatively small. When coders started new open source projects, they typically did so on a rather geeky and sometimes unreliable internet site called SourceForge.

Chris DiBona.
Chris DiBona.   Google

DiBona, the long-haired open source guru inside Google, was worried that all of the world’s open source software would end up in that one basket. “There was only one, and that was SourceForge,” he says.

So, like many other companies, Google created its own site where people could host open source projects. It was called Google Code. The company had built its online empire on top of Linux and other open source software, and in providing an alternative to SourceForce, it was trying to ensure open source would continue to evolve, trying to spread this religion across the net.

But then GitHub came along and spread it faster.

Today, Google announced that after ten years, it’s shutting down Google Code. The decision wasn’t hard to predict. Over the past three years or so, the company has moved about a thousand projects off of the site. But its official demise is worth noting. Google Code is dying because most of the open source world—a vast swath of the tech world in general—now houses its code on GitHub, a site bootstrapped by a quirky San Francisco startup of the same name. All but a few of those thousand projects are now on GitHub.

Some argue that Google had other, more selfish reasons for creating Google Code: It wanted control, or it was working to get as much digital data onto its machines as it could (as the company is wont to do). But ultimately, GitHub was more valuable than any of that. GitHub democratized software development in a more complete way than SourceForge or Google Code or any other service that came before. And that’s the most valuable currency in the software development world.

Article continues:

The Internet Is Broken, and Shellshock Is Just the Start of Our Woes – BY ROBERT MCMILLAN 09.29.14 | 6:30 AM



Brian Fox drove from Boston to Santa Barbara, with two tapes stashed in his trunk.

These weren’t music tapes or video tapes. They were computer tapes—two massive reels loaded with software code and data, the sort you can see spinning on furniture-sized computers in classic movies like Dr. Strangeloveand Three Days of the Condor.

The year was 1987, and as Fox drove cross-country to his new home, the tapes held a software program called Bash, a tool that Fox had built for the UNIX operating system and tagged with a license that let anyone use the code and even redistribute it to others. Fox—a high school dropout who spent his time hanging out with MIT computer geeks such as Richard Stallman—was a foot soldier in an ambitious effort to create software that was free, hackable, and unencumbered by onerous copy restrictions. It was called the Free Software Movement, and the idea was to gradually rebuild all of the components of the UNIX operating system into a free product called GNU and share them with the world at large. It was the dawn of open source software.

Fox and Stallman didn’t know it at the time, but they were building the tools that would become some of the most important pieces of our global communications infrastructure for decades to come. After Fox drove those tapes to California and went back to work on Bash, other engineers started using the software and even helped build it. And as UNIX gave rise to GNU and Linux—the OS that drives so much of the modern internet—Bash found its way onto tens of thousands of machines. But somewhere along the way, in about 1992, one engineer typed a bug into the code. Last week, more then twenty years later, security researchers finally noticed this flaw in Fox’s ancient program. They called it Shellshock, and they warned it could allow hackers to wreak havoc on the modern internet.

Shellshock is one of the oldest known and unpatched bugs in the history of computing. But its story isn’t that unusual. Earlier this year, researchers discovered another massive internet bug, called Heartbleed, that had also languished in open source software for years. Both bugs are indicative of a problem that could continue to plague the internet unless we revamp the way we write and audit software. Because the net is built on software that gets endlessly used and reused, it’s littered with code that dates back decades, and some of it never gets audited for security bugs.

When Bash was built, no one thought to audit it for internet attacks because that didn’t really make sense. “Worrying about this being one of the most [used] pieces of software on the planet and then having malicious people attack it was just not a possibility,” Fox says. “By the time it became a possibility, it had been in use for 15 years.” Today, it’s used by Google and Facebook and every other big name on the internet, and because the code is open source, any of them can audit it at any time. In fact, anyone on earth can audit it at anytime. But no one thought to. And that needs to change.

How the Web Was Built

In digital terms, Fox’s Bash program was about the same size as, say, a photograph snapped with your iPhone. But back in 1987, he couldn’t email it across the country. The internet was only just getting off the ground. There was no world wide web, and the most efficient way to move that much data across the country was to put it in the trunk of a car.

Bash is a shell utility, a black-boxy way of interfacing with an operating system that predates the graphical user interface. If you’ve used Microsoft’s Windows command prompt, you get the idea. That may seem like an archaic thing, but as the internet took off, fueled by web browsers and the Apache web server, the Bash shell became a simple yet powerful way for engineers to glue web software to the operating system. Want your web server to get information from the computer’s files? Make it pop up a bash shell and run a series of commands. That’s how the web was built—script by script.

Today, Bash is still an important part of the toolkit that helps power the web. It’s on the Mac, and virtually any company that runs the Linux operating system, the descendant of UNIX, uses it as a quick and easy way to connect computer programs—web server software, for example—with the underlying operating system.

But the lead developer of the program doesn’t work for any of these big names. He doesn’t even work for a tech company. His name is Chet Ramey, and he’s a coder at Case Western Reserve University in Cleveland. He works on Bash in his spare time.

Article continues:

Plant Breeders Release First ‘Open Source Seeds’ – by DAN CHARLES April 17, 2014 3:30 AM ET

Backers of the new Open Source Seed Initiative will pass out 29 new varieties of fourteen different crops, including broccoli, carrots and kale on Thursday.

Backers of the new Open Source Seed Initiative will pass out 29 new varieties of fourteen different crops, including broccoli, carrots and kale on Thursday.

J. Scott Applewhite/AP

A group of scientists and food activists is launching a campaign Thursday to change the rules that govern seeds. They’re releasing 29 new varieties of crops under a new “open source pledge” that’s intended to safeguard the ability of farmers, gardeners, and plant breeders to share those seeds freely.

It’s inspired by the example of open source software, which is freely available for anyone to use, but cannot legally be converted into anyone’s proprietary product.

At an event on the campus of the University of Wisconsin-Madison, backers of the new Open Source Seed Initiative will pass out 29 new varieties of fourteen different crops, including carrots, kale, broccoli and quinoa. Anyone receiving the seeds must pledge not to restrict their use by means of patents, licenses or any other kind of intellectual property. In fact, any future plant that’s derived from these open source seeds also has to remain freely available as well.

Irwin Goldman, a vegetable breeder at the University of Wisconsin-Madison, helped organize the campaign. It’s an attempt to restore the practice of open sharing that was the rule among plant breeders when he entered the profession more than 20 years ago.

“If other breeders asked for our materials, we would send them a packet of seed, and they would do the same for us,” he says. “That was a wonderful way to work, and that way of working is no longer with us.”

These days, seeds are intellectual property. Some are patented as inventions. You need permission from the patent holder to use them, and you’re not supposed to harvest seeds for replanting the next year.

Even university breeders operate under these rules. When Goldwin creates a new variety of onions, carrots or table beets, a technology-transfer arm of the university licenses it to seed companies.

This brings in money that helps pay for Goldman’s work, but he still doesn’t like the consequences of restricting access to plant genes — what he calls germplasm. “If we don’t share germplasm and freely exchange it, then we will limit our ability to improve the crop,” he says.

Sociologist Jack Kloppenburg, also at the University of Wisconsin, has been campaigning against seed patents for 30 years. His reasons go beyond

He says turning seeds into private property has contributed to the rise of big seed companies that in turn promote ever-bigger, more specialized farms. “The problem is concentration, and the narrow set of uses to which the technology and the breeding are being put,” he says.

Kloppenburg says that one important goal for this initiative is simply to get people thinking and talking about how seeds are controlled. “It’s to open people’s minds,” he says. “It’s kind of a biological meme, you might say: Free seed! Seed that can be used by anyone!”

The practical impact of the Open Source Seed Initiative on farmers and gardeners, however, may be limited. Even though anyone can use such seed, most people probably won’t be able to find it.

The companies that dominate the seed business probably will keep selling their own proprietary varieties or hybrids. There’s more money to be made with those seeds.

Most commercial vegetable seeds are hybrids, which come with a kind of built-in security lock; if you replant seed from a hybrid, you won’t get exactly the same kind of plant. (For this reason, some seed companies don’t bother getting patents on their hybrids.)

John Shoenecker, director of intellectual property for the seed company HM Clause and the incoming president of the American Seed Trade Association, says his company may avoid using open source seed to breed new commercial varieties “because then we’d … have limited potential to recoup the investment.” That’s because the offspring of open source seeds would have to be shared as well, and any other seed company could immediate sell the same variety.

The initiative is probably more significant for plant breeders, especially at universities. Goldman says that he expects many plant breeders at universities to join the open source effort.

Meanwhile, two small seed companies that specialize in selling to organic farmers — High Mowing Organic Seeds in Hardwick, Vt., and Wild Garden Seed in Philomath, Ore., are adding some open source seeds to their catalogs this year.