Microsoft employee:
Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help
Maintainer’s comment on twitter:
After politely requesting a support contract from Microsoft for long term maintenance, they offered a one-time payment of a few thousand dollars instead.
This is unacceptable.
And further:
The lesson from the xz fiasco is that investments in maintenance and sustainability are unsexy and probably won’t get a middle manager their promotion but pay off a thousandfold over many years.
But try selling that to a bean counter
FFMPEG is a core technology. You literally cannot do anything with video without touching FFMPEG at multiple places in the stack.
The fact that we have billions of dollars of revenue flowing through that software every day, but we rely on VOLUNTEERS to maintain it shows exactly how hollow the whole SV entrepreneur culture really is.
Bunch of fucking posers wouldn’t know performance code if it kicked them in the face.
The fact that we have billions of dollars of revenue flowing through that software every day, but we rely on VOLUNTEERS to maintain it shows exactly how hollow the whole SV entrepreneur culture really is.
Exactly: I’m not mad about important things being run by volunteers – arguably, that’s a good thing because it means project decisions are made uncorrupted by profit motive – but I am mad about the profit being reaped elsewhere on the backs of their free labor.
@grue @vzq this is such an interesting space. The general public has no idea how much of their software relies on open source code and voluntary community contributions. There have been so many attempts to figure out a way to compensate these maintainers, but it doesn’t seem like anything has really become the defacto solution. Open Collective and Tidelift are the closest things I can think of.
OBS seems to be funded by the likes of Meta, Google, Amazon, AMD, Nvidia, etc. despite being unaffiliated.
They’re not going to invest in it if they don’t own it, and frankly I’m happy they don’t.
Those same companies tell you that their products that you paid for don’t belong to you. You are just buying a license to use them. Sadly, this asinine concept is spreading even to hardware markets.
I think it’s fair to ask them to take their own bitter pill. They should also invest without owning.
the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event.
This seems like a “you” problem, Microsoft, and since you employ thousands of programmers with the experience to solve your problem and commit the change back to the FOSS project, I think this is also very easily a “you” solution as well.
This is pretty funny, kinda suggests they have no faith in the engineers they work with… ffmpeg is an awesome piece of work, but if it’s a bug they can repeat to some level, then like you said, it 100% a them problem!
E: oh, was thinking it was a pm raised it, but seems it was possibly one of their developers, brutal…
But then it’d cost them money.
It is frustrating that people no longer stop and think about the money anymore :(
Use -data_field first as decoder option in CLI. Default value was changed from first to auto in latest FFmpeg version.
It seems like ffmpeg made a breaking change to their API, and I expect a lot of users to have problems.
On one hand that’s fair, but on the other hand Microsoft is the biggest name in software development and ffmpeg is a volunteer gig, this is probably a problem the megacorp can handle.
It’s so ridiculous that this isn’t even brought up:
The Command you provided worked fine. Thank you so much for the help! Really appreciated! We are going to proceed to make a release today and test with customers. Will post the updates here.
Gotta love being a forced beta tester… I mean customer.
isn’t that what a canary release essentially is?
If the live version is already broken, there isn’t much to lose deploying the fix as soon as possible. Not sure what else they could have done here.
Yup. Shits fucked. Do what you can. Lol
That does kind of admit what we all suspected about Microsoft’s QA since they fired the whole testing team in 2014.
Man, must be rough to be an MS engineer and do work in public. Ignoring the financial aspect, can’t say I’ve never had a similar ticket and resolution.
Alternative answer: "We understand your issue and will fix it as time and priorities allow. Please note that customers paying for support always get higher priority. Given MS contributions to the project, this ticket was ranked 42nd in our priority list.
Have a pleasant day! FFMPEG support team"
“A failure to plan on your part does not constitute an emergency on my part.” -Someone hopefully working on ffmpeg.
“A failure to plan on your part does not constitute an emergency on my part.”
Wow now that is a quote I’m going to steal. Wondering if “A failure to understand on your part does not constitute an emergency on my part.” has the same punch or is as relevant… anyway, thanks for sharing!
Does that go for the xz vulnerability too? Wasn’t it a Microsoft dev who discovered that?
the xz vulnerability was done through a superflous dependency to systemd, xz was only the library that was abused to use systemd’s superflous dependency hell. sshd does not use xz, but systemd does depend on it. sshd does not need systemd, but it was attacked through its library dependency.
we should remove any pointless dependencies that can be found on a system to prevent such attacks in future by reducing dependency based attack vectors to a minimum.
also we should increase the overall level of privilege separation where systemd is a good bad example, just look at the init binary and its capability zoo.
The company who hired “the” systemd developer should IMHO start to really fix these issues !
so please hold your “$they have fixed it” back until the the root cause that made the xz dependency level attack possible in the first place has been really fixed =)
Of course pointing it out was good, but now the root cause should be fixed, not just a random symptom that happened to be the first visible atrack that used this attack vector introduced by systemd.
Can’t reproduce bug. Closing ticket.
It’s what Microsoft would do in the same situation. It’s only fair
I understand you are having a problem with ffmpeg.
Firstly, I will need you to open a command prompt and run SFC /scannow.
And then reboot your PC.
And then run SFC /scannow again.
And reboot again.
Until you give up and reinstall Windows.
I tried all that but accidentally installed Linux at the last step, but it seems to have fixed the issue so I’m suggesting it as a functioning workaround to all of my colleagues
-Microsoft MVP
You forgot when the boot loader forgets where it placed your boot partition and you get to do a few rounds of bcdedit /h /s /gofuckyourself
have you tried restarting explorer yet?
Also, did you install all updates? Did you already accept Edge as your new web browser?
I figured they would just run
sfc /scannow
and then sit staring at their screen bewildered when it inevitably does nothing.
Tell Copilot to fix it.
Can someone enlighten me why a one-time payment of a few thousand for a bugfix is unacceptable? I feel like I’m missing something.
I think the maintainer just viewed the bug report as tone deaf. Microsoft is a trillion dollar company and apparently relying on this library without a support contract. Then they a open a high priority bug item. The maintainer saying it’s unacceptable is them basically saying they won’t prioritize any work unless there’s an existing support contract and that they don’t do one off payments for bug fixes, which I think is fair.
I think the maintainer just viewed the bug report as tone deaf. Microsoft is a trillion dollar company and apparently relying on this library without a support contract.
I think this mentality shows a clear dissonance between how maintainers are licensing their software and what are their expectations in terms of retribution from users of their software.
If they release a software package with a license that explicitly states that they allow the whole world to use it freely without any expectation if return, they cannot complain afterwards that some particular people in the world end up using it.
Likewise for bug reports.
If they want to get paid because the software they have been releasing to be used freely by everyone is being used freely by a specific company then they need to get their shit together and release it under a license where they explicitly state their terms. This is crítical for everyone involved, specially end users, because we need clarity on these terms.
deleted by creator
Imagine if you gave away some old clothes to some Charity and they called you and said “Some of the socks have holes in them and we need you to come over here and fix those holes ASAP because we want to sell them in our used clothes store”. What would be your reaction to that?
The expectation of payment is not for the software (which MS already has and is already using, free of charge, same as everybody else), it’s for getting priority in bugfix and maintenance work, or in other words, it’s for dictating other people’s work rather than merelly getting the product of work they, of their own choice and in their own timings, did and gave away for free.
Free software is a social relationship, not a business relationship: the users get what they get because somebody chose to put their own time into it and is giving it out for free. Such relationship does not entitle the recipients of the goodwill of others to make demands on their time, especially if said recipients are actually profiting from what those other people gave away. If they want the right to get to use other people’s time as they see fit, then they have to get into a business relationship and that’s only going to happen in business terms that both parties are willing to have.
Further, nobody is stopping MS from using their own programmers to fix that problem themselves.
Imagine if you gave away some old clothes to some Charity and they called you and said “Some of the socks have holes in them and we need you to come over here and fix those holes ASAP because we want to sell them in our used clothes store”. What would be your reaction to that?
I think your hypothetical scenario doesn’t match the issue being discussed in a few key aspects.
You’re giving old clothes with no expectation of return. Why then get pissed because someone is using your clothes without paying you for them?
Then,if you make it your point to put up a system for everyone to file tickets pointing problems with the clothes you’re giving away, why are you whining that the system is being used as it was designed to be used?
It’s perfectly fine if you feel the need to prioritize your work based on your criteria alone, and anyone else’s input is at most a suggestion. That’s what everyone expects of it, too. But don’t throw a tantrum when someone uses your work precisely as you told the world to use it.
The point of my comment seems to have missed you, turned around and done another pass and missed you again.
I don’t think you are able to grok the actual issue, which is a big corp demanding free work, then demanding a pittance to complete the work, then being buthurt when people refuse to work with them.
So is the real analogy …
You gave some old clothes to charity, expecting nothing back. However you spotted a lawyer wearing your old clothes so walked up and demanded money?
No no no lawyer came knocking at my door begging me to darn a sock
The problem isnt that ms was using it The problem is that ms wanted special treatment for free because of their timetable, which wasnt even ‘oh shit everything broke’ but for a fucking product launch as if the maintainers should care about that, treating a fucking charity like a contractor, and really highlighting how all this proprietary bullshit can only exist because of the work provided by open source people.
Microsoft needs to see serious consequences from the open source community for this.
special treatment for free
They filed a bug report, with a reproducible bug.
Some guides on how to contribute to FLOSS projects even go as far as listing this as one of the main ways to contribute to projects.
But here you are, describing a run-of-the-mill bug report, filed among hundreds of bug reports, in a ticketing system explicitly opened to the public so that everyone and anyone in the world could file bug reports, as a request for “special treatment for free”.
Do you think every single person filing a bug report is asking to be given special treatment for free? Everyone’s bug is very important to them too. What makes you think this case is special or even any different?
The report of the bug is not the problem. The prioritization, reasoning for the prioritization, and demand that it be fixed quickly for their product launch was the problem.
The fact that when asked, they offered pay for a spot fix rather than maintenance, essentially abusing the Commons for corporate profit, and being super fucking rude about it, was the problem.
The report of the bug is not the problem.
People in this thread are arguing otherwise.
The prioritization, (…)
Users filing tickets do not prioritize jack shit. That’s not how it works. At best they mention an issue is important to them. Not even in big corporations dealing with internal tickets things work like that. The responsibility of prioritizing work lies on the project owners, exclusively.
and demand that it be fixed quickly (…
Literally what each and every single user affected by a problem asks in their bug reports.
Again, why do you feel this is something that warrants your outrage?
people in this thread are arguing otherwise
Okay so talk to one of them about it. I’m with you on this part. So bizzaire.
I don’t think the ffmpeg maintainer is complaining that Microsoft is using ffmpeg, rather that they are opening “high priority” bug reports based on customer complaints. This might be a high priority problem for Microsoft but that does not make it so for ffmpeg.
The license allows Microsoft to use ffmpeg but they aren’t entitled to demand free labor from the project. Really, no one is entitled to do so, but Microsoft being a large company who can definitely afford to put money or talent on the problem makes it only that much more egregious.
edit: I would note that asking for help or reporting a bug is usually welcome, the problematic part is demanding help because it’s a high priority issue for YOUR customers.
I don’t think the ffmpeg maintainer is complaining that Microsoft is using ffmpeg, rather that they are opening “high priority” bug reports based on customer complaints.
Users can only assign priority to issues they create themselves if they are explicitly authorized to assign priorities.
If you provide access to that field but then complain that bug reporters use that field, you’re complaining about how you misconfigured your service, not how end users are using it.
Are there any other people targeted in this sort of complain, or is a specific company being singled out just because some low-level grunt filled in a field in a bug report?
or is a specific company being singled out just because some low-level grunt filled in a field in a bug report?
FYI they’re not a “low-level grunt”. The bug author’s job title is Principal Software Engineer at Microsoft with (at least) 18 years’ experience.
The maintainer is a human that needs to eat every day, and not just whenever their services are needed. So at least, the sum of money would need to be a few times higher than whatever labour the fix takes.
But then, the maintainer’s ability to fix these bugs doesn’t come from nowhere. They worked on this project for likely a long time, which would also need to be taken into account when agreeing on a sum.
Further, this would be business to business. And those contracts often include the value that the client gets out of the software. So if Microsoft makes billions from this open source library, then the maintainer’s - as a business - should receive a payment that reflects this for the fix.
All that implies that a few thousand is not nearly enough. Maybe 100k and the maintainer would budge.
The maintainer is a human that needs to eat every day, and not just whenever their services are needed.
That’s perfectly fine.
But the maintainer is indeed explicitly making his work available to the public for free and without any expectation of retribution of any kind, isn’t it?
And this isn’t exactly something new or recent or novel, right? That’s been going on for many years.
What changed? Did anything changed at all, even?
Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help,
Use -data_field first as decoder option in CLI. Default value was changed from first to auto in latest FFmpeg version. Or modify AVOption of same name in API for this decoder.
Thanks @Elon for the reply, This is the command we are currently using: ffmpeg.exe -f lavfi -i movie=flvdecoder_input223.flv[out+subcc] -y -map 0:1 ./output_p.srt
I will be looking to see any updates in the FFmpeg documentation. Can you please elaborate and provide pointers the right decoding options or the right FF command er can use. Thank you!
ffmpeg.exe -data_field first -f lavfi -i movie=flvdecoder_input223.flv[out+subcc] -y -map 0:1 ./output_p.srt
Got that’s fucking brutal. This isn’t even asking them to fix a bug, it’s just basic help-desk shit.
I’m sure Microsoft has some good devs that are a net benefit to the open source projects they use, but this is not one of them.
If you’ve ever been forced to use Teams you must already know they scraped the bottom of their talent barrel for the team that works on it… The software is shit, riddled with bugs to the point where at one point I used to only be able to use teams on my browser because the desktop app just decided to never let me access the text chat, and the browser version I would load it would be a white screen and I would have to refresh 3 times for it to load. But at least it worked after those 3 refreshes. And it was exactly 3 refreshes every single time, never 2, never 4, and 5 was right out. It was always without fail 3 refreshes. Whether loading from Firefox, Chrome, or Edge. Fortunately we don’t have too many meetings with people using Teams these days, so I haven’t had to use it in a while, but its easily in my top 5 worst software I’ve been forced to deal with. Maybe Top 3. But its still miles behind Magento. Fuck Magento, just thinking of it right now gets my blood pumping and I refused to work with it ever again about 10 years ago… Fuck Magento. Teams is at least a distant 2nd or 3rd to that. Absolute crap.
I’m convinced it’s the whole B-2-B software world at this point. The shit starts at MS (or any of the FAANGS) and rolls downhill to everyone else.
We’re working on a huge Dynamics 365 thing at work, and one of the third parties we use for automated testing is just… the product seems barebones, is clearly built on top of open source automated testing tool, and is riddled with indicators that barely anyone works there, from the AI help bot to the “submit a ticket and we’ll assign it eventually” approach to all other interactions.
I looked them up on Linked In and 12 people work there. 8 of them have C-suite or VP titles, and 4 of them are interns from a local university. This is the state of all modern tech: a board room full of investors, a website, and a product barely glued together from FOSS parts by interns. If you wonder why everything feels like a scam now it’s because it is.
I’m sure Microsoft has some good devs that are a net benefit to the open source projects they use, but this is not one of them.
Found the guy who created the FFMpeg ticket on LinkedIn. Job title: “Principal software engineer at Microsoft”, saying they are “A detailed, analytical Software Engineer with Eighteen years of experience”. 18 years?! Fuck me dead…
Lmao even after providing a well explained answer, they still had to manually add the flag to their command for them.
You got this dumbass at MS and then you’ve got the other MS guy who’s a god damn hero that very well might have saved the world atm lmao
Jon Skeet? He’s my hero, but he hasn’t worked at MS for quite some time I believe.
He’s talking about Andres Freund, who uncovered the OpenSSL backdoor that was slipped into liblzma from the xz malicious maintainer. Dude saw a valgrind error and a function with a fixed runtime was taking too long and using too much CPU and reversed out and saved a major ssh backdoor from going upstream as Fedora was going to release it just days later.
I highly doubt that he works at Microsoft since his username is Elon Musk.
I wonder if these trillion dollar companies offer support contracts for astroturfing on social media on their behalf. I can’t think of any other way so many people are supporting their sociopathic attitude.
Cognitive dissonance.
For a lot of people, either they accept “this trillion dollar corporation that controls all my computers, and the programming languages I use, and my code editor, is evil”. Or they accept “this trillion dollar company does lots of good things for me and is good”.
One is easier to accept than the other.
MIT license to make money is bad because of this. You shouldn’t make money or ask me for support in first place if you arent sharing earnings bitch. This should be forbidden by law because software is given AS IS.
Maybe OP didn’t share enough context, because this whole thing looks like a big over-reaction on their part.
- There’s no accusation of misusing the license, so they’re using it properly
- there’s a bug tracker, which they used for a bug report
- OP demanded money when there was no expectation of it
So what’s going on here? With the information given, Microsoft did what they should have and OP is acting the huge asshole
I think what set them off was the MSFT guy saying “this is high priority”.
Old issue, so why post it now make it sound like MS demands something?
Opened 11 months ago Last modified 11 months ago
It’s a regression, so ffmpeg should fix a regression.
What regression? It was a PEBKAC
11 months ago
The tweet is from today. The ffmpeg team felt like it needed to be said.
Thanks for additional context. I don’t open Twitter links anymore because 3/4 of the time the link doesn’t work after Musk made changes
I love how that PM brings up the fact that this is needed for a product launch. Like who cares?
Need to add a ‘not for use with Microsoft products, including operating systems’ clause for a version or two.
I think adoption of the JSLint license’s ”This software can oly be used for good and not evil" clause would cover that. I hear IBMs lawyers had issue with it lol
Yes, but they were satisfied when IBM was given a license to use JSLint for evil.
Seriously. What part of “BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.” do they not understand?
I don’t get why they don’t propose a fix themselves.
Why spend money when you can bully people?
I see what you’re saying, but no one is being bullied here.
Not really but Microsoft being pushy without wanting to pay for a support contract is kind of on par for that shit company.
Microsoft also makes like half of the languages and dev tooling that every piece of software depends on. Microsoft is certainly problematic but I would not consider their support or attitude towards open source projects in general to be.
half
You’re kidding, right? Especially on open source?
Embrace, extend, extinguish. THAT is Microsoft, so if tomorrow that company burns to the ground, the world will be a little better.
Lmfao, it’s honestly hard to tell whether people on Lemmy are genuine old heads still stuck in the past or just young ones blindly repeating what they’ve heard that sounds edgy.
There hasn’t been an example of Microsoft EEEing something in 20 years. You could literally be in college right now and the past time Microsoft even tried to sabotage an open source project would be before you were born.
To casual tech enthusiasts who want to fit in with die hard open source enthusiasts it’s cool to hate Microsoft, for professional software developers who have seen what say, JavaScript was like before and after Microsoft started working on it, we have a bit of a more nuanced view of them.