If Amelkin works for YADRO, could he not know his company got sanctioned? It's pretty big thing to happen, and judging from his LinkedIn comments, he knows it. Yet he writes the suspension was "without any explanation whatsoever". I think he knows the explanation, he doesn't like it but it's no mystery to anyone.
I was curious if Microsoft perhaps had done some "offshore" shenanigans but nope, it resolves to an IP within their netrange
$ host ru.linkedin.com.
ru.linkedin.com is an alias for cctld.linkedin.com.
cctld.linkedin.com is an alias for mix.linkedin.com.
mix.linkedin.com is an alias for any-na-lx.mix.linkedin.com.
any-na-lx.mix.linkedin.com has address 108.174.10.24
any-na-lx.mix.linkedin.com has IPv6 address 2620:109:c002::6cae:a18
$ whois 108.174.10.24
CIDR: 108.174.0.0/20
NetName: LINKEDIN
NetHandle: NET-108-174-0-0-1
Organization: LinkedIn Corporation (LINKE-1)
OrgName: LinkedIn Corporation
OrgId: LINKE-1
Address: 1000 W Maude Ave
City: Sunnyvale
StateProv: CA
PostalCode: 94085
maybe they can't prove the LinkedIn profile was created by the natural person, but the commit email ... or payment details? ... something something
Linkedin is another BU and their actions are not going to be coordinated with GH, so they may be determining what to do about profiles like his, and about ru.linkedin.com in general.
Or linkedin may simply not be important enough for the US government to care about. Nobody is going to hold them accountable for inconsistency, and they only really care about is actions towards achieving the effect they desire. It is all implemented by humans and not a computer problem. At some level of detail they'll stop caring because like everyone else employed in this country, they're too busy with more important things.
That's very interesting: I'm not sure how to feel about this. On one hand, it aligns with my ethics to shut-down the operations of sanctioned companies to minimize their harm. On the other,
1. Ethics are relative
2. Should open-source contributions be dependent on such ethics?
On (1), I'm sure non-Americans would have ethical qualms with our Defense companies. Would I be okay with the hypothetical of letting a non-American company stop open-source development on a useful Lockheed Martin tool?
On (2), I have personally seen open-source contributions from sanctioned companies, e.g. Megvii. Is it fair to ban those employees (who may simply be unwilling to go through the hoops of immigration)?
As an aside, perhaps this repo could move to GNU Savannah?
> On one hand, it aligns with my ethics to shut-down the operations of sanctioned companies to minimize their harm.
Only if the sanctions are warranted by ethics. Which they are not, in this case - there isn't anything online I can find which supports sanctioning this specific company.
This is a repeating pattern in this conflict: even without substantial or even circumstantial proof that a russian company benefits from or at least tolerates the war, in the event Ukraine tells us to sanction the respective company, we have to obey or else.
What do we expect? Should all russian companies shut down because of the war? Would this be what we expect from all western companies, like when we attacked Iraq because of Weapons of Mass Destruction?
This is slowly really getting ridiculous. Even more so if this opens up an attack vector from even more non-friendlies because of an orphaned github account.
> there isn't anything online I can find which supports sanctioning this specific company.
They are a part of Russia's electronic manufacturing infrastructure. Electronics like the one used in the missiles that fall on Ukrainian residential buildings, schools, hospitals, civilian power supplies, and so on. As such, the ethics is pretty clear - until Russia stops the terror campaign against Ukrainian civilians (at least), any company that is involved in enabling this campaign is ethically evil. It's not some complex conundrum - if a missile hits a residential high-rise, and you took part in making that missile, then you participated in that crime, even if indirectly.
> Should all russian companies shut down because of the war?
All that contribute to the war effort - yes, that would be a nice thing. Not really possible, practically, but nice. Realistically, probably only the most prominent get sanctioned, and they probably won't be shut down - just cut off from using Western resources.
> Would this be what we expect from all western companies, like when we attacked Iraq because of Weapons of Mass Destruction?
If Iraq wants to sanction all western companies, they are certainly free to do so. So far I don't think they had a slightest inclination to do it.
> As such, the ethics is pretty clear - until Russia stops the terror campaign against Ukrainian civilians (at least), any company that is involved in enabling this campaign is ethically evil.
And you'd agree the American companies and people involved in the blatent terror campaign against civilians in Iraq and Afghanistan over the last 20 years are also ethically evil?
> If Iraq wants to sanction all western companies, they are certainly free to do so. So far I don't think they had a slightest inclination to do it.
So with that you are basically suggesting that it's completely fine for the US to fight the wars of aggression and not be punished for this in any way, just because of its dominant economic position? And if Russia were a technological powerhouse like US, it would have been fine for it to invade Ukraine? This is disgusting.
> Putin has publicly stated his concerns about Russia’s access to microelectronics
> To further increase pressure on Russia’s electronics sector, the Department of State is designating numerous advanced Russian electronics entities.
> Limited Liability Company Yadro Fab Dubna is implementing a project to create Russia’s largest modern production plant for the production of circuit boards
The best thing for Russian citizens is also full withdrawal from Ukrainian territory. Generally speaking, any nonviolent actions which speed that outcome are inherently good for Russian civilians, who will be drastically better off once this war has ended.
I suppose this is due to economic sanctions, but of course there's also the infosec concern.
Much of "tech" right now is still cavalier about software provenance in general. And IPMI is one of the more sensitive points.
I have a pretty warm-fuzzy aspirations about open source at its best: being collective effort, of people of goodwill, around the world, working together, for the benefit of all.
It's tragic that our world has so much conflict, aggression, inequity, and other ills. Open source is one place that we've sometimes formed bridges despite this, but it's not entirely immune to the larger world problems.
How did we allow Microsoft to have so much power of open source software that it can decide who gets to publish and who can't.
Instead of "liberating" social media (sorry, Twitter) from corporate faschism we should've built an open platform resilient against corporate takeovers.
Russia, time to create a github for people by the people.
The fallout1-ce and fallout2-ce repos got archives fairly recently as well. Looking at the owner's name made me concerned that exactly this was happening.
These, to put it mildly, not very smart people have opened a pandora's box and if they do not understand this in their blind anger, desire to please or arrogance, then I sincerely feel sorry for them and in general the entire open source community that somehow depends on github.
I love ipmitool (although it became extremely slow after Debian upgrade, but nonetheless)! Saves me so much trouble of using clunky web and java pages.
> There is no clear indication why GitHub blocked Amelkin but may have to do with him being based out of Moscow, Russia as his repositories do not appear otherwise controversial.
US law does not apply to foreign nationals residing in a foreign country. Russia is ruthlessly murdering their neighbors and has indicated that they are at war with the collective west. Russia has a long history of cyber espionage against the US and is actively engaged in Internet warfare. This is an entirely reasonable precaution by Microsoft. It's a sad moment.
> US law does not apply to foreign nationals residing in a foreign country.
I don't think parent meant it in the context of US Law, but more as a general statement, is it a reasonable precaution by MS to ban X solely on the actions of their government?
Although the presumption of innocence until proven guilty is a fundamental principle of US law and an essential part of our ideology, it is not a universal moral truth. In my opinion, it is justifiable and suitable to prohibit X from having access to sensitive infrastructure based solely on the actions of their government, especially when X is subject to the decisions of that government.
> is it a reasonable precaution by MS to ban X solely on the actions of their government?
One could argue it's discriminatory; they banned him because he's Russian.
...which is the problem with this rhetoric.
Russia and China are known to entice or coerce otherwise-innocuous civilians into acts of espionage. Their foreign policies explicitly exploit our presumptions of innocence, inclusivity and trust. Pre-emptive banning to avoid another SolarWinds is more than reasonable precaution; it's something that should have been done years ago.
But in the meantime, by our own policies we're obligated to allow foxes into the henhouse. We're shamed for discriminating against foxes if we turn them away, and shamed again for asking questions about how the Great Chicken Massacre of 2023 was allowed to happen. Chaos engineering at its finest.
Entertaining analogy! I agree with your point, but we are not obligated by policy to allow foxes into the henhouse, rather we are obligated by our social norms.
Maybe not. Microsoft stands to gain by crippling the most popular FOSS BMC tool. They would rather everyone have to use Windows-centric proprietary alternatives.
yes, clearly they've crippled it... they're still hosting it and allowing people to fork and clone the repo.
US export and import restrictions must be followed by companies who operate in the US. GitHub is one of those companies, and the developer in question is associated with a newly restricted company, so GitHub must cease allowing that company to operate on its infrastructure.
https://home.treasury.gov/policy-issues/financial-sanctions/...