>>zolbre+(OP)
Does anyone know who is lobbying for the CRA? I don't believe for a second that technologically clueless lawmakers originated the proposed law. There must be some group that intends to benefit financially from this.

>>hgs3+Ik
I believe this represents roughly what people want, which is that in the future you can hold the makers of gadgets financially accountable for security issues. The "problem" with open source is that you can also hold people accountable who are regularly being paid for open source work. But I believe it needs to be that way, or else what would stop a Chinese gadget maker from turning the buggy parts of their firmware open source to circumvent the new law?

>>zolbre+(OP)
Extract from excellent Linux foundation explanation page:

> The Act's stance on donations, even from non-commercial sources, could inadvertently discourage larger contributions. And an organization that develops open source may be disincentivized to release projects as OSS or contribute to OSS in the first place. After all, the CRA would just increase the legal risk of open sourcing a project, incentivizing companies to keep more software proprietary and closed.

If this passes in current form, we will have less open source software. A lot of such software is available in community and enterprise versions. The community versions will become a liability. You have to take extra expenses and a legal risk (5 million minimum) for... mostly nothing.

Who the hell will pay for Linux kernel audits? Nobody earns money from Linux kernel directly. Most people use free distributions, will they be banned, will you have to shove money into Red Hat (aka IBM these days) mouth?

Europe Commision either doesn't understand it, or they understand it and do it on purpose/don't care. Most people who support it don't understand software either and treat it as a hardware, or an Amazon package. Stop. Software, especially OSS, doesn't work like that. And without the competition from OSS, oh boy, believe me, you will used like in the "good" old IE only Microsoft EEE days.

I'm a European citizen, by the way, and I'm not happy about the EU in recent times, especially the Commision. This combined with Chat Control...

Software is (was?) where you could go from 0 to something by yourself. This will end it. You don't go to a million in a day. If you earn several hundreds in a month, having a 5 million liability just doesn't make sense. That's 5 LIFETIMES of income in my area. This will be considered as speculation, but I think that is the point of this. Big boys only. I don't believe Commision is stupid.

There are people who are congratulating giving up individual freedoms... This makes me feel depressed...

>>fxtent+iy
In a competitive market people hold companies "accountable" by voting with their wallets. If a tech company is producing buggy software then they should lose customers to their superior competition. If this isn't happening then lawmakers should be asking why.

>>whatev+MB
> Software is (was?) where you could go from 0 to something by yourself. This will end it.

Isn't that the idea? Regulatory capture [1] entrenches the existing players while keeping out would-be competitors. The proposed law won't affect Big Tech, but will affect small to medium-sized businesses.

[1] https://en.wikipedia.org/wiki/Regulatory_capture

>>zolbre+(OP)
This and chat control are the possibly the most terrifying things to happen in computing that I've ever seen.

To the point where it almost seems like it could only have been thought up by people who deeply hate computers. I really hope this can be stopped.

>>fxtent+iy
Forcing software to go open source would be a huge benefit so long as people can modify it and install it onto their devices.

>>hgs3+vF
Personally to me it does look like that's the idea. GDPR might be a good idea but compliance with it for small bussiness is very hard. Pretty sure that to this day if you actually audited them a lot of would get fined, as it can only trully be understood by lawyers, as most laws do. Personal interpretations of it "It's not hard, just do x..." don't matter, what courts think matter.

>>zolbre+(OP)
I would love the Linux Foundation to add a clause on the licensing of the kernel saying "This software cannot be used inside the EU and applies retroactively" and see the surprised pikachu face of the MEPs who voted on this.

I can only dream.

How much would cost to replace Linux with a proprietary, commercial OS on all devices inside the EU? 10s or 100s of billions?

>>fxtent+iy
In this scenario “buggy” products would still be sold as is and EU citizens would be incentivized to purchase them, as they currently do, by circumventing EU laws or regulations on products “unfit.”

>>zolbre+(OP)
I really don't understand the panic. The target is big tech, not open source.

Think of GDPR: this goes primarily after big tech with big fines. What liability can be applied to software you don't pay for?

>>jaythv+Mp1
Open source will be caught in blast radius, that's the problem. You will not get a cent for it and will be liable for at least 5 million euros. Who would accept such a "deal"? It's not just big, fat, money rich companies who does software development.

Heck, I heard Apple requires to close your personal Github account when you get employed. You can't do anything personal without approval when you work there. This shit will get just more common due to company lawyers erring on the side of caution to protect the company. This is how stuff like this works in real life.