Let's back up: The way an endowment works is that donors donate money, which goes into a more-or-less permanent investment fund. The interest from the investment fund is then used to a) fund mission-aligned programs (in our case, OSS), b) stay ahead of inflation, and c) pay operating costs.
Where are you seeing capitalists "extract a slice of the pie" here?
"pay operating costs" is one place non-profits often find fraud. Getting the money into the market between donors and builders, now you have to pay professional investors. You don't get to 7-8% returns without equities, what happens if the market tanks?
Why not build something super minimal that requires less management and operating costs? That doesn't have the market risk at the center of it all? That doesn't have more points for fraud and abuse?
Can you explain the 2-3% gap between expected returns and outlays? Seems like a lot more than what is needed for accounting (based on the other main person here posting)
The explanation is simple — nobody can predict exact annual returns, and they tend to fluctuate. We aim to spend at least 5% per year on OSS grants and need to decide if we can spend more on them or should reinvest based on specific annual results. And target earnings should overcome inflation.
> Why not build something super minimal that requires less management and operating costs? That doesn't have the market risk at the center of it all? That doesn't have more points for fraud and abuse?
The best long-term protection from fraud and abuse are aligned incentives through skin in the game. That’s why we legally require all people in governance to be Members ($1000+/year donation). This is an important topic, and here you can find more context on this: https://kvinogradov.com/osendowment/
I think this is really missing the point of the question. I know that it is common for endowments to be invested "in the market" - people believe that's the most responsible thing to do. But the question was about why do things the normal way? Why link up market performance of a set of investments with funding mechanisms for OSS? If you're going to be bold and try to fund something that is, in market and economic terms, quite off-norm, why do that using entirely normal systems that are at the core of a capitalist economy?
There are areas where we experiment and take risks: raising the first-ever endowment for open source, making it very lean and digital-first, relying on bottom-up funding and governance instead of large corporate donors, etc.
But all other areas should be as low-risk as possible — like accounting, legal, and investment management of a community endowment fund. We are exploring a few ideas on how to grow the fund faster than the market without increasing its risk profile, but they are complementary to a very conservative core strategy.
Besides OSE, I am a full-time VC — that's the area where investors are bold and invest in off-norm opportunities, but it lies on the totally opposite side of the investment risk spectrum. And directly mixing them does not seem like a good idea.
“super minimal that requires less management and operating costs” - that’s exactly our current setup, and always will be the target!
Now OSE has no paid employees - the team is 100% volunteers. Its Board Directors and the Executive Director are required to personally donate $1000+/year. Operating costs are close to zero.
As organization evolves there might be higher operating costs, but our commitment to keep them as low as possible.
To what? Write 100% bug free software? I don't think that's actually achievable, and expecting so is just setting yourself up for appointment. Apple does a better job than most other vendors except maybe GrapheneOS. Mainstream Android vendors are far worse. Here's Cellebrite Premium's support matrix from July 2024, for locked devices. iPhones are vulnerable after first unlock (AFU), but Androids are even worse. They can be hacked even if they have been shut down/rebooted.
The problem with that is it runs on a desktop, which means very little in the way of protection against physical attacks. You might be safe from Mossad trying to hack you from half way across the world, but you're not safe from someone doing an evil maid attack, or from seizing it and bruteforcing the FDE password (assuming you didn't set a 20 random character password).
This is a newly-discovered vulnerability (CVE-2026-20700, addressed along with CVE-2025-14174 and CVE-2025-43529).
Note that the description "an attacker with memory write capability may be able to execute arbitrary code" implies that this CVE is a step in a complex exploit chain. In other words, it's not a "grab a locked iPhone and bypass the passcode" vulnerability.
I may well be missing something, but this reads to me as code execution on user action, not lock bypass.
Like, you couldn’t get a locked phone that hadn’t already been compromised to do anything because it would be locked so you’d have no way to run the code that triggers the compromise.
Am I not interpreting things correctly?
[edit: ah, I guess “An attacker with memory write capability” might cover attackers with physical access to the device and external hardware attached to its circuit board that can write to the memory directly?]
