Recommend you follow the 321 backup strategy. Adopted to modern times I would say it is broadly:

• Have your data in more than 1 place
• Use more than one provider
• One of your types of backups should be physical media like an external hard drive.

From what you described if apple was to wipe your data[1] you would be completely out of luck… for example if something deletes data in your Mac and then that deletion gets synced… For the most part syncing data is not a backup.

Lastly, recommend you try to put all your critical data in one folder, or identify folders with critical data and prioritize backup of those first while you figure out the rest.

[1] Not only can a deletion “sync” from your mac, but there can be any number of issues… like a bad update to a file. There is also the possibility, no matter how small, that apple could wipe your data. Over time you always see news of “company X deleted entire set of data for user/company Y”.

If you have any thoughts of making any money of the code that may be a reason to give the license some thought. Anything else, these days, is just a LLM away from getting re-written regardless of whatever license you use. For example there is a service that takes any code, uses one agent to create requirements and another to use those requirements to create a comparable program; the claim is that the second agent did not “steal” your code since it purely worked off requirements. Sure, it likely won’t be as good, but it allows someone to take a significant part of your code for themselves. That was, more or less, always there in the past is just that now is near trivial to do.

Also, there are projects that are just fake open source. Like a project I saw yesterday with a restrictive license, but then has a CLA.

• AGPL restrictive copyleft license – good
• CLA (Contributor License Agreement) — a legal agreement where you grant the project maintainers additional rights over your contribution, often including the right to relicense it under different terms – not good

So, that project at first sight appears like it is open, but because of the CLA the authors may just take whatever contributions you do to the project and then change it’s license.

https://www.lunanode.com/ Only one data center in Canada, but affordable and have used them for years without issues. VMs starting at $3.5/month

You still need some means of outside backup. Figure what you have covers majority of scenarios, so now we are getting into the highly unlikely, but highly impact full like “my house burned down and now I have no data”. Something like B2 (or some other block storage with comparable pricing) is worth exploring.

You also need to consider your usage pattern like whether you may need to retrieve data (some providers charge for bandwith in / out). I would suspect most of the time between your ZFS snapshots and your disk you are covered.

Also, recommend to not leave the disk plugged in at all times for the scenario I mentioned: Your machine is compromised and the attacker encrypts data to ask for ransom; very low probability (I suspect those are mostly against companies), but really doesn’t hurt to prevent against it.

yes the ZFS snapshots are in the same disk, but the most common scenario when you need backups is to get a handful of files in which case the ZFS snapshots are super convenient and they use very little space. I use restic + (B2 | sftp) and zfs snapshots. I may literally go years without needing to restore from restic because most of the time I can get what I need from the zfs snapshots.

You did not mention if you are using a single disk or more. If you can afford it and the machine allows it, doing mirroring or RAID-Z1 (equivalent of RAID 5) is a good option

Suggest:

• Frequent ZFS snashots. There are scripts to make this easier like zfsSnap
• Two external backups which you rotate weekly [1]
• Instead of borg backup of ZFS pools if you have another machine you could sync the volumes to another machine or even use rsync to another machine of the data [2]

You did not mention where the target of the borg backup is, but you want an external service. I believe there is a service that works wells with borg backup, but have not used it.

Notes [1] Spinning disks are affordable. I suggest at least 2 because if you only have one and your machine was compromised, think disk encrypting malware, you disk may be encrypted too. Also, if the disk dies there goes your external drive backup

[2] If you have another machine with enough space to host a copy that is a good option. Also, there are services that offer backup/disk VMs. They have very slow CPUs and affordable disk. Those may be work checking

1 of which is off-site (in a safety deposit box, for example)

A potential compromise these days may be a block storage service. Safety deposit box is good, but because of it’s inconvenience people are very likely to do it seldom, which defeats the purpose.

I think this article Agentic coding impact on oss is related. In this case the author is outright saying “don’t submit PRs”, but in many other cases authors are not catching up with PRs so people just fork.

All in all, I think the impact of LLMs in open source will likely be significant over time.

The Forum Login is in the top right of every page (if the menu is not expanded, it will simply be an icon

The way to expand the right vertical bar is in the bottom left corner… not particularly intuitive. I would recommend to have login and register in the top row line. I can’t remember ever seeing another site where I literally did not notice the login / register options even though they were there, as in this site. 🙄

it felt like there was too much room for abuse or issues There will be people and entities that will try to abuse, not matter what the policy is

closed licensed projects could also cause legal issues Not sure what you are referring to, but open source software can also cause legal issues. Someone could take code from work and try to open source, someone could take another open source project’s code and try to pass it as their own, etc… etc…

companies will no longer publish the source code for their projects

100%

Whereas, before a company may contribute something they created for internal use and they may have put something to try and stop direct competitors from using it (like restrictions only for cloud providers) now they probably will just not publish at all.

Im not a big fan of fake open source, but source available is better than closed source.

To be fair, some of the “fake open source” was a result of some projects seeing their projects taken by a cloud provider, charging for it and not contributing ANYTHING back to the original project. Can’t really say I blame them.

Quick observation. I think would be helpful to have a login button somewhere instead of one having to get all the way down to a topic. Also, what if I wanted to see everything new for a category instead for a single topic? Anything like that supported yet?

Are you writing anywhere about how you are doing this? Tech stack, team members, etc…

New project submissions, such as https://unfinishedprojects.net/wiki/Special:FormEdit/Submit_Project, should be behind login. Otherwise, eventually, you will get lots of spam registrations.

Lastly, when I see this “The Libre Community” makes me think that this would be even nicer if it was for all creators… think solopreneurs who may be trying to create a SAAS. Those are a group of people who may be primarily consumers of open source, but they can provide great feedback and also be early adopters of anyone trying to create a new open source software.

require the training data to be shared to prove it was never exposed to the original source

I believe there have been lawsuits which have already proven these models stole, and can reproduce verbatim, copyrighted material yet there has been little to no real consequences for the AI companies. So, if they can get away with that from companies that actually have the means to present a strong lawsuit, the chances of some open source author to defend their code are slim (very slim in my opinion)

I thought there are some licenses that prohibit cloud providers from using the software and offering it as a service. In those cases even though the software may not be leaving the “Author” machines, it would still be a refactor of software that otherwise the cloud provider would not have been able to run legally under the old license.

Copyright law only has teeth when it’s owned by corporations,

100%. It is funny how any individual can be sued for copying a handful, of pretty much anything copyrighted, yet these AI companies copy literally thousands upon thousands of copyrighted materials.

cleanroom reimplementing technique does still seem to create a derivative product

Will likely have to wait for a case to go to trial, but in theory at least, it is possible these clean room implementations may pass a legal challenge. The youtube video I was watching about this topic had phoenix technologies as an example (for those of us old enough to remember what that company was). In their case it was even more so; they took a commercial piece of software and reverse engineered. If that is possible, then doing similar to an open source software may be considered legal, but again we probably won’t know until something like this comes to courts. Different countries may also treat this differently so we will have to wait and see.

The “good” news is this is pretty rare these days.

Sadly yes. But even those that don’t make money, or much money, must feel demoralized when someone steals their code.

Thanks for the links. Updated link to point to original article