Promising Linux Project Dies After Dev Faces Harassment (neowin.net) 65
New submitter darwinmac writes: Kapitano, a user-friendly GTK4 frontend for the ClamAV scanner on Linux, has been killed by its developer 'zynequ' following a wave of harsh, personal attacks from a user. The tool was meant to simplify virus scanning but quickly became a flashpoint when a user claimed it produced malware.
After defending the code calmly, the developer was nonetheless met with escalating accusations and hostility, leading to burnout. The project is now marked as "not maintained," its code released into the public domain under The Unlicense, and it's being delisted from Flathub.
zynequ said: "This was always a hobby project, created in my free time with none of the financial support. Incidents like this make it hard to stay motivated."
After defending the code calmly, the developer was nonetheless met with escalating accusations and hostility, leading to burnout. The project is now marked as "not maintained," its code released into the public domain under The Unlicense, and it's being delisted from Flathub.
zynequ said: "This was always a hobby project, created in my free time with none of the financial support. Incidents like this make it hard to stay motivated."
A valuable life lesson (Score:5, Insightful)
Re:A valuable life lesson (Score:4, Insightful)
Yep, toughen up and tune out. I would also advise developers to stop using their real names and location on all projects.
Re: (Score:3)
Long story short, I stopped hosting pool league teams in my pool hall when players from other teams started complaining that they were not getting their FREE beer fast enough.
One of the best decisions I ever made.
Re:A valuable life lesson (Score:5, Insightful)
I give it 80% chance the "user" was a malware developer.
Re: (Score:3)
I give it 80% chance the "user" was a malware developer.
Or developing similar, perhaps lower-quality, software ...
Re: (Score:2)
Whew, a linux-mint-running-malware-developer won't ever amount to much.
Re: (Score:3)
Or a anti-virus developer... or in the case of Kaspersky... both
Parameters (Score:5, Insightful)
Re:Parameters (Score:5, Funny)
Especially in this case, which looks like it was a public domain project. My copypasta answer to any unhinged accusation would be "fork the code and do it yourself."
I'd aim more for "fork yourself, and if you want, fork the code."
Re: (Score:3)
It's too bad. Many people, like me, who are professional software engineers, would contribute more if the environment weren't so toxic. It's a shame.
I took my ball and went home. I'm not sorry--they should be.
Re: A valuable life lesson (Score:4, Insightful)
Last time I ran into this was some derp's post about my project being that if the razer synapse driver is too big, then you just need to get a bigger SSD. For whatever reason he couldn't wrap his head around the fact that I literally had it installed inside of a VM to reverse engineer it, I just refuse to install adware shit on my bare metal OS just to bind keys to an already expensive mouse. Mine does more in 100 kilobytes than what theirs needs 500 megabytes for, and who knows how much RAM it uses when it is (or at least should be) doing nothing.
I didn't abandon the project though as I still use it, rather I just made the repo private.
razer synapse driver (Score:2)
Re:razer synapse driver (Score:4, Interesting)
Probably no good to anybody but me at this point, unless you have the exact same model mouse I do (razer naga v2 hyperspeed.) Part of the reason I posted about it in r/razer to begin with was to invite others to submit PRs for other mice, or alternatively give me a few details about them to add support on my own. Nobody was interested, so...meh. I started to support one other mouse that I use at work, where we're not allowed to use synapse (for good reason, and a decision I had a hand in) but ultimately didn't need it.
Besides, most of the work (assuming you already know a little about how USB HID works) is just figuring out how the commands are sent to the mouse to bind keys, which I basically just did by having synapse send different commands to it, watching the packets over wireshark, and then sending some of my own. It wasn't that hard -- they actually use standard USB keyboard key codes as well as standard USB mouse button codes, and then there's a packed bitmap for modifier keys. Though strangely, the razer driver can't use all the USB modifier keys, even though the mouse itself can use every last one of them. Stranger still, it can be done with synapse as a macro, which doesn't get stored on the mouse and therefore requires the synapse software to do all the work. Why they did this, I have no idea, but that's pretty dumb if you ask me. Though the mouse can do other things as well that the driver won't allow, such as setting super high turbo rates (synapse displays it in button presses per second, but the actual value is an interval measured in milliseconds, which can be set to 1.) The mouse can also bind to keys not present on most US keyboards but are still valid USB codes and seen by most games I've tried it on, such as F13 through F24, kanji keys, and various whitespace keys (such as the lock keys.)
The only part that wasn't obvious was how the checksum is calculated, but that didn't take long to figure out either: Just take each byte, XOR them together, then place that value into the checksum byte (I think it is the second to last byte of the packet body, not sure as I don't have the code in front of me right now.) The whole packet body just has to XOR to zero. If it doesn't, the mouse just ignores it.
Re: (Score:2)
For whatever reason he couldn't wrap his head around the fact that I literally had it installed inside of a VM to reverse engineer it, I just refuse to install adware shit on my bare metal OS just to bind keys to an already expensive mouse.
Classic Dunning-Kruger. Or, by analogy to Gresham's Law, bad thinking drives out good. It's a serious social problem.
Re: A valuable life lesson (Score:4, Interesting)
That works, except when it doesn't. Some people are not rational actors, are not discouraged by being ignored, and have much much more time and energy to devote to a specific target. Actually, being ignored makes some people redouble their efforts.
Re: (Score:2)
He did. Moving on just meant for him to abandon the project and doing something worth his time. Show your devs gratitude, because the ungrateful people *will* show their ungratefulness and the devs will burn out if they didn't get enough thank yous from others.
Re: A valuable life lesson (Score:4, Insightful)
It is actually even deeper and worse than that - I think we do not fully understand the angle that the internet is a massive anonymous playground for some of the worst people of humanity. A gigantic Petri dish for highly manipulative sociopaths who thrive on causing misery for others. I suspect way over half of the internet mobs, the cancel culture and other vigilante pseudo-justice is being fueled by sociopaths who just want to destroy others.
And knowing that, you then need to understand how these people think and work. There is no reply you can give or action you can take that will not give them at least SOME satisfaction. Any form of engaging in discussion, no matter how skilled in rhetorics, and you are losing because you reacted to them and they got a rise out of you. Downvote, block or ban them? They enjoy your reaction and know you are a potential source of entertainment for them, so they will find new ways to get to you.
The only thing that completely destroys these sociopaths is what OP said: ignore them. Complete deafening silence. No reaction at all. This breaks their spirit worse than anything else! Do not feed the trolls was always true, we just never saw how many of these trolls are highly manipulative, targeted attacks from sociopaths trying to feed.
Re: (Score:2)
The internet was a malicious cesspit long before Al Gore said this.
‘tis easier to destroy than create (Score:5, Insightful)
I hate reading about things like this. My heart goes out to Kapitano. Thank you for trying!
Obligatory XKCD (Score:5, Insightful)
I hate reading about things like this. My heart goes out to Kapitano. Thank you for trying!
https://xkcd.com/2347/ [xkcd.com]
Re: (Score:2)
Re:This is why (Score:5, Interesting)
For you that might be true but for me Linux has been part of my desktop environment for almost 30 years now.
I don't care how popular something is but rather does the tool work for me. Does it lock up my information? Does it force me to conform to it or does it conform to my requirements? Does it spy on me? Does it force me to stop in order for it to run an update?
Re: (Score:2)
It's sad that you feel that the number of installs categorized on a narrow definition means so much to you. Using your interpretation of success it would seem that Windows has lost it's dominance of the user since most today get their computing done on other platforms.
Re:This is why (Score:5, Insightful)
There are a few good reasons why Linux has not taken over the desktop. This is not one of them, and is entirely and totally irrelevant to the issue.
The real reasons are:
Windows (or Mac OS) is preinstalled on 98% of PCs - most people don't really even know what an OS is or that they could change it.
Certain key software only being available for Windows (and maybe Mac OS) e.g. Adobe applications
Some laptops (particularly) having missing or poor driver support for e.g. webcam / wifi / fingerprint reader.
Some peripherals not having good driver support.
The odd FOSS developer abandoning an almost irrelevant side-show of an application due to abuse is not even a rounding error of a rounding error compared to these reasons, and I find it difficult to comprehend why anyone with more than two brain cells to rub together would think otherwise.
Re: (Score:3)
Re: (Score:2)
Linux has been on my desktop since 1997 and it is on my phone, my tablets
Can Windows claim that ?
The joke is on people who keeps making that joke
Re: (Score:2)
You _do_ realize that most virtualization is running under Linux... yes?
Re: (Score:2)
Microsoft Azure is running under Microsoft Hyper-V on Windows, so, most, yes, but all, no.
Re: (Score:1)
Interestingly, Linux is the most popular OS for VMs, even on Azure [techprovidence.com]. (that's a tangential comment, not a response)
Of course that has nothing to do with Linux on the desktop...
Re: (Score:2)
You _do_ realize my comment specifically mentioned Linux on the desktop, yes?
Re: (Score:2)
Yes, I worked at an enterprise that deployed all their desktop apps on Citrix running off of a Xen hypervisor... while we did expend Windows licenses, it was all supported by Linux... so, I am intentionally blurring the lines.
Thanks for playing along!
IA to the rescue (Score:5, Interesting)
The issues linked in the post [codeberg.org] are:
#12: https://web.archive.org/web/20250000000000*/https://codeberg.org/zynequ/Kapitano/issues/12 [archive.org]
#13: https://web.archive.org/web/20250000000000*/https://codeberg.org/zynequ/Kapitano/issues/13 [archive.org]
Re: (Score:3, Informative)
The harasser's account has been deleted from Codeberg, IA captured that it was created 25 July with no content of it's own.
Post Title Reads Like (Score:1)
An Onion headline
Re: (Score:2)
An Onion headline
The Onion can no longer keep ahead of reality.
Re:Post Title Reads Like (Score:4, Insightful)
The Onion is a look back at humor from before our propaganda driven post-truth existence
Re: (Score:3)
The Onion is a look back at humor from before our propaganda driven post-truth existence
Sometimes I think The Onion was a prophetic vision of things to come. Or somebody got confused and started using it as an instruction manual.
Headline: virus creator successfully wins (Score:4, Insightful)
Could be that the harasser wanted it to be easier to deploy viruses, so taking down a friendly user interface to a virus/malware tool is a win for them.
Penny Arcade - Greater Internet Fuckwad Theory (Score:5, Insightful)
Penny Arcade - Greater Internet Fuckwad Theory (GIFT)
https://www.penny-arcade.com/c... [penny-arcade.com]
I've had my run-in with Internet assholes about 25-years ago while writing a Quake Console documentation website on PlanetQuake, and started getting hate emails for no apparent reason from assholes. Shut down that comment section and email link because of the abusive emails that wouldn't stop that weren't even on-topic to the site and documentation.
Then when social (misinformation) media showed up on the horizon, this made me stay the hell away from people on the Internet, and also unrelatadly because it was all about your data being harvested and sold.
Re: (Score:2)
Stand up and be a man not a victim.
Re: (Score:2)
Re: (Score:2)
He was probably getting tired of it or wanted to move on to other projects a bit and this was the straw.
flatpak lol (Score:2)
this is why flatpak (and snap) sucks.
Re: (Score:2)
Honestly, I don't know why Snap is even a thing. Yes, you can roll back to a previous version, but if they'd simply used NILFS2, they could have done exactly the same thing without using anything like as much disk space or complexity.
Tried reading the original issues, seems overblown (Score:3)
IA is quite slow so I didn't read every snapshot, but I'm not finding a huge thread full of attacks.
Original bug report is short. It's somewhat poorly written and hard to understand. They seem to be saying that the frontend's flatpak binary package is itself detected as a virus (By another scanner? It's not clear.) and they are suspicious of it. They don't outright accuse the author of making malware but do seem to imply a suspicion of it. It's not written in very friendly tone, but I don't see anything that would be described as personal attack. They only reference the author is in a single sentence fragment, "[.] The program[']s author/owner on the official LINUX download site seems strange also, in retrospect." I don't know if I'd really call that an attack. It's probably most correct to interpret that language as as reference the author's profile on flathub (?) as seeming strange and not the person themselves as seeming strange.
There's a reply from the author. To me, it seems a bit overly defensive. They seemed to not realize that the original post was not about the frontend detecting false positives, to which they correctly reply that this would be an issue in the underlying ClamAV software and definitions, but rather that is about the flatpak being detected, possibly correctly or incorrectly, as malware itself. Which might ultimately be blamed on the virus definitions as well, but could have other causes, such as the flatpak generation process being victim to a supply-chain attack.
After that ticket is closed, there's a new one from the original reporter. Where we have these comments from the reporter of the issue:
"Forget this issue entirely. If there is problems with his work- contact him directly, when he supplies more direct contact information."
"Whatever you wish zynequ. I did not not mean to piss you off. The issue is closed in my mind. Your project is off of my laptop disk. Let it rest.
Goodbye."
The first is edited. I don't see a record of what it was originally. Again, not what I'd describe as a personal attack. More like a half-heated apology.
Re: (Score:2)
Again, not what I'd describe as a personal attack.
This looks like a personal attack, no?
Re: (Score:3)
I couldn't find that on Internet Archive. Only post-editing versions. That does look like a personal attack. Nothing else they said was directed directly at the author. Primarily, it was apparently factual statements about the flatpak being detected by a virus scanner, guesses about the correctness of the virus scanner's results, and, at most, a statement that the author's profile on some site seemed strange.
Then they apparently mistook the author closing the issue as an attempt to cover it up, which re
Re: (Score:2)
I've been called a lot worse, both in the open source community, and in professional outfits. It wasn't nice, but most people have learned to live with unjustified criticism and personal attacks. Try to be a moderator in a large (by itself completely mundane) telegram group, if you want to feel real heat.
Yes, the author was unfairly criticized for work he provided free of charge to everyone, The critic was offended by the fact, that a virus definition database would cause false positives with other virus de
Re: (Score:2)
Have him enlist in the Slashdot boot camp. We'll toughen him up.
Something else (Score:2)
Promising linux project (Score:2, Insightful)
Linux Project? (Score:2)
In what sense is it a "Linux project"? It doesn't run on BSD?
Basic keyboard warriors (Score:2)