Lunduke
News • Science & Tech
"If this one guy got hit by a bus, the world's software would fall apart."
(Funny? Yes. But the reality is far worse...)
April 04, 2024
post photo preview
  • How many critical software packages are maintained by a small, unpaid team (or, worse, a single person)?
  • What happens when that person gets bored with the project... or decides to do something malicious (as in the case with a recent backdoor in the XZ compression tool)... or... gets hit by a bus?

These are not only fair questions to ask... but critical as well.

The reality is that we're not simply talking about a handful of key software packages here -- the entirety of our modern computing infrastructure is built on top of thousands of projects (from software packages to online services) that are built, maintained, and run entirely by one person (or, when we're lucky, 2 or 3 people).

One wrong move and the Jenga tower that is modern computing comes crashing down.

Source: xkcd

Just to give you an idea of how widespread -- and dire -- this situation truly is, I would like to call your attention to two projects that most people don't even think about... but that are critical to nearly every computer system in use today.

The TZ Database

Dealing with Timezones in software can be tricky.  Many rules, many time zone details.  As luck would have it, a standard database (TZ Database) was built to make it easier for software projects to get those details right.

And, every time those timezone details (across the world) are changed -- something which can happen several times per year, often with only a few days notice -- that database needs to be updated.

What happens if those details are not updated... if the timezone data is incorrect?

At best?  A few minor scheduling inconveniences.  At worst?  Absolute mayhem... computer-wise.  Times can become significantly out of sync between systems.  Which can mess up not only scheduling (an obvious issue), but security features as well (as some encryption tools require closely synced time).

To give you an idea of how widespread the TZ Database is, here is just a teeny tiny fraction of the number of software projects which rely upon it:

  • Every BSD system: FreeBSD, OpenBSD, Solaris
  • macOS & iOS
  • Linux
  • Android
  • Java, PHP, Perl, Ruby, Python, GCC, Javascript
  • PostrgreSQL, MongoDB, SQL Server

Yeah.  It's basically a list of "all software".  And that's just a sample of the software which heavily relies on the TZ Database for making sure timing (and everything that is time-critical) is correct.

Now.  With something this absolutely critical, surely a highly paid team of people -- from multiple companies -- is responsible for keeping it updated... right?

Oh, heavens, no.

Two people.  Two!

While the database itself has been officially published on ICANN (the "Internet Corporation for Assigned Names and Numbers") servers for the last few years, only 2 people actually maintain the TZ Database.

SQLite

Did you know that SQLite is the most used database system in the entire world?  More than MySQL, MS SQL Server, and all the rest of them.  Good odds, SQLite is used on more systems than all other database systems in the world... combined.

In fact, SQLite is a critial component in the following systems:

  • Android, iOS, macOS, & Windows
  • Firefox, Chrome, & Safari
  • Most set top boxes and smart TVs
  • An absolutely crazy number of individual software packages (from Dropbox to iTunes)

Now, ready for the fact you knew was coming?

SQLite is maintained by... 3 guys.

Not "3 lead developers who oversee an army of open source contributors"... just 3 guys.  Total.  And they don't accept public patches or fixes.

"SQLite is open-source, meaning that you can make as many copies of it as you want and do whatever you want with those copies, without limitation. But SQLite is not open-contribution."

A piece of software that is practically the cornerstone of modern computing.  Trillions of dollars worth of systems relying upon it -- every second of every day.  3 guys.

Corporations rest on the shoulders of... a couple volunteers

Add those two projects together.  5 guys, in total, are responsible for Timezones and SQLite databases.  Software and data used on practically every computer on the planet.

And that's just the tip of the iceberg.  Critical projects -- often with small teams of (more often than not) unpaid voluneers -- form the core of the vast majority of major software projects.  Including commercial ones.

ImagemagickXZFFmpeg?

You'll find those at the heart of more systems than you can count.  Good odds you use all three, every day, and don't even notice it.

And, as the small team behind FFmpeg pointed out in a recent X post, getting those large corporations to contribute -- in any meaningful way -- can be like pulling teeth:

The xz fiasco has shown how a dependence on unpaid volunteers can cause major problems. Trillion dollar corporations expect free and urgent support from volunteers.

 

Microsoft / Microsoft Teams posted on a bug tracker full of volunteers that their issue is "high priority"

 

 

After politely requesting a support contract from Microsoft for long term maintenance, they offered a one-time payment of a few thousand dollars instead.

 

This is unacceptable. 

 

We didn't make it up, this is what Microsoft actually did:
https://trac.ffmpeg.org/ticket/10341#comment:4

 

The lesson from the xz fiasco is that investments in maintenance and sustainability are unsexy and probably won't get a middle manager their promotion but pay off a thousandfold over many years.

 

But try selling that to a bean counter

In short: Microsoft wanted to benefit from the (free) work done by FFmpeg... but was only willing -- at most -- to toss a few peanuts at the team.  And, even then, that (mildly insulting) offer of meager support was only done when Microsoft needed assistance.

A few parting thoughts...

There are valuable lessons to be learned from all of this -- including the need for real, meaningful support (by large corporations) of the projects they rely so heavily upon.

But, for now, I'd like to leave you with a few observations.

  1. Corporations don't hesitate to throw large sums of money at Tech Trade Organizations (such as The Linux Foundation -- which brings in hundreds of Millions every year from companies like Microsoft)... yet they are hesitant to provide significant funding to projects they rely directly upon to ship their own, often highly profitable, products (see the projects listed earlier in this article).
  2. How many of these smaller projects -- which Linux desktops and servers rely entirely upon -- receive regular funding from The Linux Foundation (or companies which fund The Linux Foundation)?  I'll answer that question for you: Next to none.
  3. Even high profile Open Source projects -- such as KDE or GNOME -- struggle to bring in enough funding to afford two full time developers on payroll.
  4. We have avoided catastrophe, thus far, through dumb luck.  The recent XZ backdoor, for example, was found by a lone developer who happened to notice a half second slowdown... and happened to have the time (and interest... and experience) to investigate further.  The odds of that being discovered before significant harm was done... whew!... slim.  So much dumb luck.

Go take a look at that XKCD comic at the begining of this article again.  Funny right?  And it makes a solid point.

You know what's terrifying, though?  The reality is far more precarious. 

There's not simply one project -- by one guy -- holding all of modern computing up.

There's thousands of projects.  Each made by one guy.  And hundreds of those projects (at least) are load-bearing.

Dumb luck only lasts for so long.

community logo
Join the Lunduke Community
To read more articles like this, sign up and join my community today
18
What else you may like…
Videos
Podcasts
Posts
Articles
Internet Archive Reaches Secret Settlement with Universal Music

Internet Archive Founder, Brewster Kahle, was the final hold-out in reaching a settlement. Which is being kept confidential.

More from The Lunduke Journal:
https://lunduke.com/

00:10:54
CTO of Microsoft Azure: "USA is Fascist Regime"

Microsoft employees chanting "Go away, Jews!" Then Microsoft employees praising the murder of Charlie Kirk. Now the Microsoft Chief Technical Officer of Azure attacks the USA & Trump.

More from The Lunduke Journal:
https://lunduke.com/

00:09:50
September 16, 2025
New Lunduke Journal Sub Perks, Lifetime Price Increase Next Week

DRM-Free PDF eBooks, games, an Exclusive Forum, and other goodies for Lunduke Journal Subscribers.

The details:
https://lunduke.locals.com/post/7279764/new-lunduke-journal-sub-perks-lifetime-price-increase-next-week

More from The Lunduke Journal:
https://lunduke.com/

00:06:16
November 22, 2023
The futility of Ad-Blockers

Ads are filling the entirety of the Web -- websites, podcasts, YouTube videos, etc. -- at an increasing rate. Prices for those ad placements are plummeting. Consumers are desperate to use ad-blockers to make the web palatable. Google (and others) are desperate to break and block ad-blockers. All of which results in... more ads and lower pay for creators.

It's a fascinatingly annoying cycle. And there's only one viable way out of it.

Looking for the Podcast RSS feed or other links? Check here:
https://lunduke.locals.com/post/4619051/lunduke-journal-link-central-tm

Give the gift of The Lunduke Journal:
https://lunduke.locals.com/post/4898317/give-the-gift-of-the-lunduke-journal

The futility of Ad-Blockers
November 21, 2023
openSUSE says "No Lunduke allowed!"

Those in power with openSUSE make it clear they will not allow me anywhere near anything related to the openSUSE project. Ever. For any reason.

Well, that settles that, then! Guess I won't be contributing to openSUSE! 🤣

Looking for the Podcast RSS feed or other links?
https://lunduke.locals.com/post/4619051/lunduke-journal-link-central-tm

Give the gift of The Lunduke Journal:
https://lunduke.locals.com/post/4898317/give-the-gift-of-the-lunduke-journal

openSUSE says "No Lunduke allowed!"
September 13, 2023
"Andreas Kling creator of Serenity OS & Ladybird Web Browser" - Lunduke’s Big Tech Show - September 13th, 2023 - Ep 044

This episode is free for all to enjoy and share.

Be sure to subscribe here at Lunduke.Locals.com to get all shows & articles (including interviews with other amazing nerds).

"Andreas Kling creator of Serenity OS & Ladybird Web Browser" - Lunduke’s Big Tech Show - September 13th, 2023 - Ep 044

You all, I think, will be very proud of me. All of my computers in the house, other than my desktop are now running Omarchy or Open Mandriva Linux.

Microsoft is so disgusting right now that I just can't not be using Linux.

I mean I am probably one of the most hardcore Windows developers on here. I still think a lot of my points are valid, but Microsoft is just so ethically bad that I can't support them willingly. I have to use Windows at work and development focuses on it in some cases.

BUT, I have already released 3 Linux based applications of my own, and that is something I NEVER thought I would do.

It is a crazy world.

https://github.com/2disbetter/

DHH backing Omarchy is the kind of support I was hoping would come to a desktop Linux distro. That it is Arch and uses Hyprland just makes me smile. I of course support xlibre, but I just really like Hyprland.

Anyway, figured this crowd would find all of this as ironic as I do. Hope you all are having a rad day!

Hey @Lunduke , I pinged you on X but not sure if you'll see it, so I'll share here.

There seems to be a small uprising on Bluesky to get DHH disassociated from Ruby on Rails, if you just go on BlueCry and search DHH you'll see the discussions. Don't know if it actually has legs.

Tech Writers and Their Horrible Reviews

Its review season as Apple’s new iPhones and AirPods Pro Gen 3 are out in the wild. So many reviewers vying to get their content out there. And I appreciate the effort most of the time. Ok, SOME of the time.

First annoyance are “first look” reviews that add nothing of value above what was put out by Apple PR. But if “First Look” or “Unboxing” is in the title, you know what you are in for.

I save most of my ire for tech reviewers writing about photo, video or sound. These are the worst quality reviews IMNSHO. So much time wasted on technical detail and testing…by people who don’t know beans about photography, video or music.

I pay attention to photographers who take the time to use a smartphone in the field, for their work. Some talentless shutter clicker who takes the same uninspired photo using 5 different cameras, then pixel peeping to declare which one was “the winner” is useless.

Austin Mann has year in and out created some of the ...

September 14, 2025
New Lunduke Journal Sub Perks, Lifetime Price Increase Next Week

A quick update: There are some new perks for Lunduke Journal subscribers, and an upcoming price increase for new Lifetime Subscriptions (if you want one of those at the lower price, you have a couple days).

All the details below.

Lifetime Subscription Price Increase

This coming Friday (September 19th), the price of a new Lifetime Subscription to The Lunduke Journal will be increasing from $200 to $300. I wanted to give all of you a few days notice so you could grab one at the lower rate.

If you want to pick up a Lifetime Subscription for the lower price, simply grab one (via Locals, Substack, or Bitcoin) by Thursday night (Sep 18th).

The prices for new Yearly and Monthly subscriptions will remain the same. No changes.

Reminder: The Lunduke Journal has phased out sales and discount promotions. The current price of a subscription is the best price.

New Perks for Lunduke Journal Subscribers

I am working on adding a few new perks for Lunduke Journal subscribers — a way of saying “Thank You” for making this work possible (while still keeping all of the articles and shows free for the world).

Here are the perks as of today.

Perks for all Subscribers (Monthly, Yearly, and Lifetime):

Note: The eBooks & Games are currently only available on Locals & Substack (due to platform features). Those perks will also become available to subscribers on X, YouTube, & Patreon next week. Stay tuned for access details.

Additional (Optional) Perks only for Lifetime Subscribers:

  • The Lunduke Journal will follow your account on X.

  • Your name (real, or internet handle) listed in a special thanks slide at the end of new Lunduke Journal videos.

Both of these perks are 100% optional.

If you are a Lifetime Subscriber, and would like to take advantage of either (or both), simply email “bryan at lunduke.com” with the subject line “Lifetime Perk” (that part is important, I get so many emails this will help me see yours) and include a link to your X profile and/or the way you want your name to appear at the end of videos.

One of the nice parts of having Lunduke Journal follow your X account… is it will make it far easier (and more likely) for me to see your comments.

Thank You

I am working to expand all of the regular perks (books, etc.) to subscribers across all platforms (which was a little tricky, considering the differences in each platform, but I managed to figure out how to do it) — while adding a few new ones as well.

Nothing crazy, just a way of saying “Thank You”.

Seriously.

From the bottom of my heart, thank you for your support. The Lunduke Journal is only possible thanks to each and every one of you.

-Lunduke

Read full Article
September 15, 2025
post photo preview
Lunduke Livestream: Tue, Sep 16 at 1pm Eastern

The Lunduke Journal regular live-streaming is back! The next show is Tuesday, September 16th (tomorrow) at 1pm Eastern (10am Pacific, 5pm UTC).

You can catch the live video, for free, on X, Rumble, YouTube, & Locals.

We’ve got a lot of Tech News to cover — and who knows what stories will pop up between now and then!

Time permitting, we’ll also be doing a little Nerdy Q & A. So, if you’ve got something you’d like to ask, join us in one of the chat rooms!

Also, quick reminder that the price of new Lifetime Subscription is going up this Friday. If you want one at the lower price, now’s your moment. We’ve also added some new perks for subscribers worth checking out.

See you nerd tomorrow!

-Lunduke

Read full Article
September 13, 2025
post photo preview
Lunduke's Week in Tech - Sep 13, 2025
Open Source Leftists Celebrate Murder, Censor Conservatives, and say "Free Software is White Supremacy".

So many stories this week about Leftist Activists, within Open Source and Big Tech, going absolutely insane.

From celebrating the murder of Charlie Kirk to censoring Conservatives and even equating Free and Open Source Software with White Supremacy. And there’s more.

What’s truly crazy to me, is that most of these cases of Leftist insanity are from leaders within Open Source. These are the people running projects and representing companies.

Seriously. It’s wild.

Here are the stories of the week, presented in reverse chronological order.

All of these links are to Substack (where you can watch the video or listen to the audio podcast) — but all of these stories are available for free on every platform which The Lunduke Journal publishes to. Use whichever platform works for you.

Only The Lunduke Journal Told These Stories

This week I am reminded why The Lunduke Journal is important.

Over the last 7 days, we published 13 stories.

Of those 13 stories only 2 were covered by any other Tech News outlet. Two.

And, in both of those 2 stories, The Lunduke Journal is the only Tech News outlet that covered them accurately — and without a pro-Big-Tech, Left Wing bias.

If we didn’t exist, the other 11 stories wouldn’t get told at all. How crazy is that?

Thankfully the stories are spreading — with people seeing them over 9 million times last month alone.

If you want to be part of making The Lunduke Journal possible, consider becoming a subscriber. Lots of options, big and small. And all go directly towards daily operations.

Might I make a suggestion?

The Lifetime Subscription (which counts towards both Substack and Locals — and last for life) is a marvelous, one time, way to show support. And it comes with all of the perks (access to the Locals community as well as the official Lunduke Journal forum, & DRM-free eBooks).

You can snag a Lifetime Subscription via Locals, Substack, or with Bitcoin.

But, heck, any type of subscription (via any platform) is appreciated! Choose whichever works best for you!

Then be sure to go to Lunduke.com and choose the platforms which are the most convenient for you to use — The Lunduke Journal publishes all over the Inter-Tubes!

And, once again, thank you to every subscriber. This work is only possible because of you. You rule.

-Lunduke

Read full Article
See More
Available on mobile and TV devices
google store google store app store app store
google store google store app tv store app tv store amazon store amazon store roku store roku store
Powered by Locals