How to keep Open Source open without leaving our communities open to threats

Day 4 11:00 Fuse en Ethics, Society & Politics

Dec. 30, 2025 11:00-11:40

The Four Freedoms (defined \~40 years ago) and the Four Opens (\~15 years ago) for Open Source provided canonical definitions for what are the cornerstones of Open Source Software communities today. While the ethos still applies today, the cultural norms that blossomed to put it into practice are from an era with different challenges. To build a better world, we need to both keep _and protect_ the value system of the Four Freedoms and Four Opens. To do that, we need to re-assess our risk and threat models to balance that allows beautiful minds to flourish as well as introduce responsible friction to prevent harm from coming to them.

The state of the internet, c 1990:

Limited, opt-in connectivity: people had to both have access to a computer and that computer had to have access to the internet.
Tooling required some in-industry knowledge to be able to run and use, not only for development but also for communication.
Open source was a young movement. The "common source" was proprietary.

The state of the internet, c 2025:

Always online, might-not-even-be-to-opt-out connectivity: devices are almost always collecting and transmitting data, including audio/visual, in some cases even if "turned off".
Easy to use tooling has made it easier for everyone to come together. The pervasiveness of technology also means that most people, of any background, can easily access other people in the thousands or even millions.
Open source is common, accessible, and matured. A $9 trillion resource. Yes, trillion.

These three significant changes drastically change the threat model for OSS communities. In the beginning, someone had to have both knowledge and resources to harm or otherwise compromise a community of developers. Now, anyone with a grudge can make a bot army with seamless integrations and gracious freemium tiers for AI/LLMs. Likewise, when open source was small, the "who" who would be motivated to harm and otherwise disrupt those communities was limited. Now there is both massive social and economic benefit to harm and disrupt. This means that risks and threats now still include the motivated and resourced with the addition of those who are scarce in both.

We need to come together to build new organizational threat models that account for how this consequence has posed new risks to our communities. With care and attention to detail, we can introduce responsible friction that will protect our communication infrastructure, the lifeblood of what allows open source to grow.

There will also be a workshop with this presentation, with the outcome of creating an ongoing working group dedicated to helping OSS Foundations of all sizes protect their communities.

Speakers of this event

Quintessence

Quintessence is the Executive Director of the Nivenly Foundation as well as the Head Moderator of the Hachyderm Mastodon instance.