Administered by:
I still think there should be a git repo site called something like “Commit or Die” on which all private repos have a deadman’s switch such that, should a codebase receive no commits for some length of time, the code is automatically made public and open source.
@dx@ridetrans.it I'd like "pay or die", where a company has to pay $0.01 per month or their code is released as open source.
Then, it would trigger if the company is liquidated and stops paying the bills. Ideal for all of those #IoT devices which become useless when the company dies.
@tobyjaffey If the IoT company had taken security at all seriously, then it might not be as simple as that: de-uselessing the devices, even with full source code, could require using private keys that only the company (or their liquidators) possess. (But of course many IoT companies do not take security seriously.)
@TalesFromTheArmchair Perhaps we should be lodging private keys in escrow with Companies House. The core problem is that no company ever takes seriously the idea that it's going to go bust and the size of crater it might leave behind.
@tobyjaffey I've been in situations where a B2B IoT customer has demanded (and got) basically exactly that. B2C IoT customers -- end-users -- don't typically have that much negotiating power, even when leagued together.