Truth social is, as far as I'm aware, not launched. Thus I'm curious whether the AGPL "if you run a modified program on a server and let other users communicate with it there" has really been triggered.
They didn’t ‘officially launch’ but the platform was up and running. There isn’t a ‘you don’t need to comply if it’s an alpha test’ clause in the AGPL.
I initially had some misunderstandings based on the lay-explanations of the license. I think I finally have a correct understanding now.
The relevant portion of AGPL is section 13. "if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source".
Notice that the right to receive the source code belongs to the user. Not to the upstream author. So if you do run a private test, then only the people in your test have that right. Since this was not intended to be public, you could argue that the public does not have a right to the source.
Now if the program did not offer the source to the legitimate users that is indeed a violation, but the way to cure it is to offer the legitimate users the source.
Exactly. Truth Social could actually sue any one claiming they used the platform for abusing a security flaw to obtain and maintain access to a protected computer system. That would be hilarious.
> Armed with the app developer’s name, the hacker told the Daily Dot that they were able to utilize Shodan, a search engine that locates servers exposed to the open internet, to track down the company’s digital footprint.
> The hacker was able to locate numerous web domains as a result, including one that appeared to be running the mobile beta for Truth Social.
> News of the public website quickly spread across social media after making its way to Canadian hacker Aubrey “Kirtaner” Cottle, who was able to set up faux accounts for numerous high-profile individuals such as QAnon guru Ron Watkins.
Whether that counts as misconfigured idk, but these are certainly not normal users doing normal user things.
Edit: This was based on the https://www.gnu.org/licenses/why-affero-gpl.html explanation of the AGPL but the quote is not present in the license itself.