"'Protestware' Is on the Rise, With Programmers Self-Sabotaging Their Own Code. Should We Be Worried?"
The author of node-ipc, a software library with over a million downloads weekly, deliberately broke their code in March 2022. If the code detects that it is being executed within Russia or Belarus, it attempts to replace the contents of every file on the user's computer with a heart emoji. Vue.js, a framework that powers millions of websites for businesses such as Google, Facebook, and Netflix, uses the node-ipc library. This critical security flaw is just one example of a growing trend in which programmers sabotage their own code for political reasons. When programmers protest through their code, a phenomenon known as "protestware," the people and businesses who rely on the code they create may suffer as a result. Researchers at the University of Melbourne have identified three main types of protestware, which include malignant protestware, benign protestware, and developer sanctions. Malignant protestware is software that deliberately damages or takes over of a user's device without their knowledge or permission. Benign protestware is software that is designed to raise awareness about a social or political issue while not causing harm or taking control of the user's device. Developer sanctions are instances in which programmers' accounts are suspended by the Internet hosting service providing space for them to code storage and collaboration. This article continues to discuss the different types of protestware and ethical questions surrounding the rise of protestware.