What comes after open source? Bruce Perens is working on it Bruce Perens, one of the founders of the Open Source movement, is ready for what comes next: the Post-Open Source movement. "I've written papers about it, and I've tried to put together a prototype license," Perens explains in an interview with The Register. "Obviously, I need help from a lawyer. And then the next step is to …
I quite liked the "Open Motif" license (before it went GPL) which stated, quite simply:
"This software must not be compiled or run on a paid-for operating system".
But I agree, open-source software is pretty darn powerful. I do feel that we can afford to weaponise the license a little more than the GPL does currently. The AGPL gets a little closer.
You cannot limit where you may run your program. The problem is the non-discrimination part of the copy-left licenses. Restrictions for using the software in a specific way or any specific person/group is not allowed if you want to ensure the four freedoms.
The worst loophole is what Redhat is exploiting. They sell a service-contract (not the software) and distribute GPL licensed software. They comply with the license by providing the source(s) to the client. But if the client uses the freedoms granted under the license, then Redhat will terminate the service-contract. While legal under the contract, it is despicable behaviour because it violates all values intrinsic to the copy-left licenses. Redhat profits from other's work and wants to monopolize other's work. That is what needs to be addressed in the licenses.
I do agree. However wouldn't the mentioned OpenMotif license prevent this misuse?
RHEL is a paid for operating system. Not only the support but also the binaries. If most open-source software embraced this license, RH would not be able to use it unless it delivers the OS (in its entirety, repo, source and all) for free.
For reference, the OpenMotif license also excluded Cygwin from providing packages. Whilst Cygwin is free, the platform that it ran on was not.
It sort of would, but it would break basically everything. A Red Hat that charged for the service they provided and provided everything to the community without any roadblocks would also be disallowed by this license, since they just say that paying for an operating system is what you're not supposed to have done. So it doesn't really achieve the goals of freedom, just of not paying.
Consider how weird it can get. I have had a free Windows license. No, not what you're thinking, a real license code issued directly by Microsoft to my name in exchange for no money. They have programs for educational and charitable use that have such things. Technically, the one I used did have some money involved, but it wasn't mine. Some of them can be entirely free to the person and the organization. Theoretically, I am free to run that code on that Windows installation, am I not? Similarly, did I pay for Mac OS? I did a while ago when Mac OS upgrades cost money, but since 10.9, those are always free. I just bought a computer from Apple and the OS happens to install on it if I boot to media*. So doesn't that count as a non-paid-for OS? In practical terms, we all know that I did pay for it, but I don't have a purchase agreement for the software or a license code for it, so I can argue that I didn't. Loopholes like this are why a license needs to be clear about what they're going for and specifically write to that effect. Oh, and no matter how they write this intention, it will still be a non-open-source license and I won't be very pleased about it, but that's a separate issue.
* Mac OS installing from media: This claim is only valid for Intel-based Macs. ARM-based Macs can do that only if the hard drive is not damaged and has firmware on it. Be careful.
> Theoretically, I am free to run that code on that Windows installation, am I not?
Microsoft gives out a lot of free licenses to their OS, but the OS itself is not free. Sorry, I should have clarified. By free, it means Open Source. The full statement is here:
"The rights granted under this license are limited solely to distribution and sublicensing of the Contribution(s) on, with, or for operating systems which are themselves Open Source programs. Contact The Open Group for a license allowing distribution and sublicensing of the Original Program on, with, or for operating systems which are not Open Source programs"
License:
http://www.opengroup.org/openmotif/license/
>The worst loophole is what Redhat is exploiting
I do wish people would stop describing it as a loop hole. However unpopular their behaviour, we all have the freedom to not do something. It'd be a pretty dystopian world if anyone or any organisation could be compelled by someone else to forever continue to act in a particular way, if they had chosen to act in that way once.
Just imagine the consequences. You write some software for a lark, and publish it just once as OSS under some license or other that "solves this weakness" in GPL. You then decide not to continue public work on it. You then get sued, because some member of the public had picked it up and wanted the new version's source code that you'd given to only your mates.
"All" RedHat are doing is deciding who their "mates" are by means of monetary exchange, something that GPL explicitly permits. I put "All" in quotes because it is a pretty large dynamic range between software written for a laugh and a seriously large enterprise undertaking, but it is all on the same spectrum. If you want the laws of the land to protect oneself from undue abuse at the small end of the spectrum, you have to accept that they apply at the other end of the spectrum too.
Fortunately, the safeguards in our modern liberal democracies mean that no one can be obliged to do something by anyone else. You don't even have to act according to a judicial order if due process even got that far; you can choose to take the consequences.
I also note that Perens seems to have lost his "opinion" that he gave sparking off the fuss with GR Security, which ultimately seems to have done them no harm whatsoever. I always thought it ridiculous that he took a swipe at them. Seems he's unwilling to take on IBM's bigger legal budget.
If there is fault in any of this, it lies with "experts" who for years have been saying that GPL is solid, have actively encouraged software developers to release their code under the "safe" GPL, but have turned out to be wrong. This has no doubt occurred due to flawed engagement with lawyers, a failure to explain to them adequately that "software" means more than just one specific version of the source code text.
Solutions
There probably aren't any bullet proof enforceable copyright-based license solutions without contracts and monetary exchange.
The best way to go is to take away RedHat's market.
The way to do this is for the Linux kernel project to fork RedHat's contributions, back a different distro (Debian?) as the official "this is Linux" combination, don't distribute a binary of the result to any *.redhat.com or *.ibm.com domain and to ask that any remaining down-streamers refrain from distributing to those domains too. That will mean forking SystemD, Gnome, other such things too. Beat RedHat at their own game. If no one distributes binaries built from this mega-fork to RedHat, RedHat has no rights to the modified source code even if it contains some elements of their own work. If a down-streamer does distribute to RedHat, cut them off from new versions too.
RedHat's strong position today is because they unofficially and without opposition put themselves into the role of "this is proper Linux for the serious minded". If the community doesn't like what they're now doing, the community does actually have the ability to appoint themselves in that role. Not doing so is simply acquiescing to what RedHat is doing. By offering a strongly coordinated "official" alternative, that's the best way of getting users to migrate away from RedHat's flavour of Linux/userland and take their market away from them.
Why This Could Work
RedHat would still be able to claim, "our's is the best Linux", but if the kernel project was closed off to them it'd become increasingly difficult for them to sustain that line.
For example, to where would a new lump of code to support the latest X64 chips go? The official kernel project, or RedHat? That would be the choice of the person(s) writing that code (or their employer), but at the moment no one is asking any such people/companies to make any such choice. It would be a battle of wills, but if successful then within only one or two chip generations RedHat's Linux could become massively obsolete, slow and inefficient.
Admittedly that's a big challenge to organise all that, convince everyone to go through with it, and a bit of a gamble. But, if it worked, RedHat could be out of business within 3 years. The mere threat of this outcome might be sufficient to amend their behaviour.
Open Source Security, Inc. lost the case and paid around $315,000 for _my_defense_ against _their_ frivolous case. You are confused about who went after who.
I think you're also confused about what Red Hat is doing. Their users do not have "the freedom to not do something". Their users have a requirement, by Red Hat, to not do something. Specifically, to not redistribute source code under the GPL, which is their right under the GPL.
Your thesis about someone deciding to no longer work on their project doesn't really connect tot he facts in this situation.
>The worst loophole is what Redhat is exploiting
I do wish people would stop describing it as a loop hole.
Okay, can someone explain to me how it isn't a loop hole?
The GPL says "You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License.". Now as I understand it the legal arguments goes that as IBM would simply not supply future versions then they're within the licence terms. You can get the source to the version you're running.
However, this threat seems to have restricted the number of people making RHEL source available?
Is this really legally watertight, or has it just not been tested yet? i.e. the intent of the GPL licence and restrictions RHEL have imposed seem obvious, on both sides.
ie, practically... how is the threat of future actions not a 'restriction'?
Just imagine the consequences. You write some software for a lark, and publish it just once as OSS under some license or other that "solves this weakness" in GPL. You then decide not to continue public work on it. You then get sued, because some member of the public had picked it up and wanted the new version's source code that you'd given to only your mates.
How would this work? It's your software, you gave the version to your mates under a different licence? You may do with it as you please, as it's yours.
It's the software that I write for a lark, release under the GPL and someone else then modifies and only releases in binary form that would be subject to the licence.
Red Had could write Linux from scratch should they so choose, but until the code is 100% theirs (and therefore licensable in a way they choose), then it only seems fair to act in the way the licence for the software underpinning their business intends them too.
Not only that, it's the way it always has been licenced since day one.
This is the reason many open source project (e.g. Virtualbox) will insist you sign over copyright to any contributions too, then they have the option of future re-licencing without all the legal hassle of contacting everyone involved. The problem here is Red Hat simply can't do this, and rather than do the correct (but bloody difficult) thing of re-write problematic code they've taken the easy route of sicking the lawyers.
If you want to profit of others work without giving back then do Red Had Enterprise BSD. This is essentially what Apple have done with macOS.
However, if you want to use the work of someone who's licenced it under the GPL, then play the game.
It hasn't been tested yet.
IBM thinks they found a legal loophole. Lots of people (including me) disagree, but IBM has more money for lawyers.
So we're in limbo. IBM is in breach of the GPL, which means they can't legally distribute RHEL at all, but they don't care and they're doing it anyway.
A loop-hole is defined as "an ambiguity or inadequacy in a system, such as a law or security, which can be used to circumvent or otherwise avoid the purpose, implied or explicitly stated, of the system" (Wikipedia's definition).
The problem with identifying this treatment of GPL2 code as a "loop hole" is that the implication is that one is compelled to behave in a way that contradicts other laws. What most people see GPL2 as doing is that it obliges people / companies who have distributed code once to continue to do so, whenever there is a new version. However, that would never stick.
If the license did try and say, "distribute the source, and source for all future versions for free", consider the scenario where the Debian project skipped a version of Linux because they needed a rest. Or they simply wanted to retire. What then? Have they broken the license? Haven't they? Who decides? The answer is that you cannot compel someone or some company to do arbitrarily defined future work for no recompense; that would get close to a definition of slavery. There is a grey area between zero distribution of future versions (Debian taking a holiday) and partial distribution of future versions (what RedHat are doing). But there is no hint whatsoever in the GPL text about other versions of the same code, so there is no concrete basis for saying that license compliance involves future versions too. And grey areas lead to difficulties complying.
Worse, as the GPL makes it perfectly clear that you can make money out of this distribution process (you can sell a binary for any price you like, and if you do so you can charge reasonable costs for sending the source code too), it is easy to argue that cost recovery / cost minimisation / profit making is a firm and un-ignorable intent of the license. And it genuinely was an intent, to encourage software adoption, to incentivise companies to pick up code. "Why", RedHat could reasonably ask, "shouldn't we make a profit when the license says we can?".
So, whilst most people see GPL2 as obliging people who have distributed code once to distribute all future versions too, they also implicitly acknowledge that someone / some company has the freedom to stop doing just that if they want to, and is allowed to make money in doing so. The problem faced in taking RedHat or GR Security to court on this is a judge will not / cannot ignore the "freedom to stop doing that" aspect or the "you can make money" aspect; all law applies, the matter cannot be settled simply within a partial analysis of just the license text. As soon as one considers "intent" in a court case, you don't get to pick and choose what aspects of "intent" the case should cover.
There's no need to get lawyered up sufficiently to take on RedHat / IBM. GR Security are a much smaller company, doing the same thing for years, and have not yet been sued. There seems to be a lack of confidence in winning such a case. The general doom and gloom around the whole situation is derived from that.
My view is that the best way to change behaviour is to exploit the license in the same way as RedHat are; don't distribute the code to them in the first place. What's more realistic? Accepting that big corporations will take what they can and it's best to stop them doing so, or hoping that somehow they will behave nicely?
FYI - if you are the original authotr of code you own it. If you have not added GPL contributions from others, it remains yours.
I often do "dual license" for that reason. Often I say things like "GPLv2 or BSD-like license at your discretion". Anyone who contributes would have to agree to this distribution method. It would allow for anyone to use it under BSD-like license which includes closed source and commercial use. And it would include GPL licensing to avoid any GPL-related incompatibility.
Open source with "paid for" licensing needs some kind of value added. Customization and support are traditionally the two best things you can charge money for.
Yes, I forgot to add the notion that such an example project included third party GPL code. In which case, the project is a derivative work, not an original wholly owned work. If one had published a derivative work, and the license obliged you to release all future version of the included third party work, how would you ever be able to stop?!
"You write some software for a lark, and publish it just once as OSS under some license or other that "solves this weakness" in GPL. You then decide not to continue public work on it. You then get sued, because some member of the public had picked it up and wanted the new version's source code that you'd given to only your mates."
You've never had any restraint on that. It is a fork, which is common.
Anyone else who wants the same adaptations you have made is free to write new code themselves to bring the GPL code you published to an effect similar to you produced.
Or to pay someone else to do that.
Including you.
And you are free to sell your program, under whatever licence suits you.
You've made a Balmer argument.
You absolutely can put a legal limit on where you run a program, and there are cases where you should.
A complaint of (a few) open source developers is that they complain when Sony puts it in their latest games console while the developer walks away with nothing. Or Raytheon puts it on their latest missile hardware but you consider yourself a pacifist and have some moral objection to that. Meanwhile you're OK with Tommy at number 12 down the road doing "whatever they want" with it.
Open is open. The clue is in the name.
That IBM (probably) chooses to abuse GPL in the RHEL space is very difficult to prove. I do approve of Bruce' arguments, IBM probably ARE in the wrong, but then there's a reason why I won't touch them with a bargepole in any professional context.
I hope Bruce knows some very, very good lawyers because advancing the argument beyond "GPL has it's problems" (which it does) is a hell of an undertaking.
You absolutely can put a legal limit on where you run a program, and there are cases where you should.
A complaint of (a few) open source developers is that they complain when Sony puts it in their latest games console while the developer walks away with nothing. Or Raytheon puts it on their latest missile hardware but you consider yourself a pacifist and have some moral objection to that. Meanwhile you're OK with Tommy at number 12 down the road doing "whatever they want" with it.
The simple answer to those complaints is: if you want to restrict future usage, then don't release under an open licence. You write the code, you get to choose the licence - don't release under (say) GPL and then complain if someone uses the freedoms of that licence to use the software for something you'd rather they didn't.
And that's been done before. I remember some bit of software years ago that was released as free software, but was not allowed to be run on any military systems. It wasn't GPL, and the people who whine about such things claimed it wasn't open source - even though it was - because of the no military restriction.
The existing GPL is sufficient, In My Bombastic Opinion. What we need are some clever attorneys to take on IBM and get some judgements based on the INTENT of the GPL, and to clarify that preventing end-users from distributing the software (under contract or by other means) violates the end-user rights granted by the license. It would require a summary judgement against IBM and others that exploit this particular loophole. It only needs to happen in one jurisdiction, which would then allow the world to view the source.
Trouble with intent is that GPL says you can make money and charge costs. It makes no mention of rights to future versions of the binary and that source code. There's a very strong possibility I think that a judge would confirm RedHat as acting within the intent of the license, which many people (including myself) would consider to be something of bad outcome.
Probably better to assume they are within the license, and use the same trick to deprive RedHat of access to the source code. The mere threat of that could by itself make them think again, as being deprived of access to new versions of the kernel could destroy their business within a few chip generations (their kernel would not be taking advantage of new chip's features). It does mean adopting the very things generally abhorred by the OSS community, but the only other thing to do is stand by and let them get away with it.
It makes no mention of rights to future versions of the binary and that source code
Exactly. Red Hat are not saying you can't redistribute stuff, only that if you do then they won't let you have future versions. That is technically abiding by the GPL but definitely not in the spirit.
use the same trick to deprive RedHat of access to the source code
I don't see how that could work. Since the kernel is GPLv2, RH can get the source from anywhere and use it. To stop that would require new work to not be GPLv2, and as anyone who recalls the palaver with in-kernel ZFS support will realise, that's "quite hard" to pull off.
"This software must not be compiled or run on a paid-for operating system".
MS used to have a unix subsystem, which you could use if you compiled your software for the system, which you could do, using open source software.
That's been replaced with a binary-compatible linux image, which you can use if you have a linux binary.
It was another mark in the transition of unix from an Open Source system to an end-user system.
Heh, quite a good hack.
I know one version of SFU/Interix/SUA used OpenBSD as the base, but I didn't know any that were binary compatible with a certain Unix. I don't suppose you recall?
There was that BSD on Windows I recently heard about: https://virtuallyfun.com/2023/12/08/bsd-on-windows-things-i-wish-i-knew-existed/
I *think* QuarterDeck's DESQview/X provided a Motif implementation on a "commercial OS" too but perhaps that was licensed.
While I appreciate the sentiment, there are plenty of places where IP and code that need to be published openly in the name of peer-review (and indeed, have, in various scientific journals); the places where that code will be most frequently used are on embedded hardware proprietary OS such as VXWorks. For better or worse.
Of course it can run elsewhere but physically deploying such instances and the necessary security provisions mean that I can't just jam any old X86 in the corner running my distro of the month.
Choosing to go Open source means you are cool with "anyone" picking up that source and re-using it; and depending on the variety of license in place, those downstream users are obliged to put modifications to that code of yours out in the public domain under the same terms. IBM failing to do that IS a breach of the GPL. Good luck trying to prove it in an American court, where money talks.
I'm not a lawyer, but GPL2, 3, BSD or MIT licenses are generally adequate to my needs. I am inclined to agree with Bruce' observation that that level of protection is inadequate the way certain things have gone in the systems space. Apple's excellent underpinnings of OSX are being nobbled by tie in to app-store rules for instance. And the shitshow at MS which has gone from "cancer" to "suspiciously embrace in certain fields, especially of the Poettering variety" are enough to raise red flags.
It is hard to do this when anything that any open source dev does is immediately slurped up and turned into AI by the megacorps.
Microsoft should NEVER have been allowed to buy GitHub. They are behaving as if they have just "bought" all the world's open-source code and all the world's open-source developers.
Buying github didn't give them access to the source code. It was already public and copied all over the internet Torvalds Backup style. Buying github gave them the liability for running the servers the live instance is hosted on.
It's not hard to not work for a corporation for free. Respond to their requests with a quote.
Respond to their requests with a quote.
I have a free software with a few million downloads.
Every year I get a half dozen requests from a (paid) compliance person in a mega-corp that I send them a license so they can use my free software.
Not a single one has ever taken the option of either donating to support it, or buying a $100 commercial license that would cover the whole company.
Some of them seem to think that them choosing to not use my software to make money, is somehow a problem I should be concerned about.
One thing is absolutely certain: I do not do your paperwork for free.
Agreed, as someone who has worked with IT purchasing for a big corp, if it's not four figures (preferably 5) then you'll be in the area of hyper-focus of compliance as the only things costing $100 are dodgy expense claims and bribes. $2000-10000 is far more reasonable
I have a free software with a few million downloads.
Ok, I've got to say it: in English, there is no such thing as "a software". It really grates reading this. Where has this usage come from? I never heard this until a few years ago. 'Software' is a mass/collective/uncountable noun. If you want to describe a single item of software, it's a 'program', 'application', or whatever.
This post has been deleted by its author
Buying github didn't give them access to the source code
Of course not, but it bought them access to how that code is made. The minutiae of every dev action, every dev/dev interaction and every dev/user interaction. How do you make a machine that calculates the probability whether any given diff will be accepted into a repo? It's easy if you own GitHub.
But it also gives them a sinister level of control over GitHub users (i.e. open source devs) themselves. Frankly IMO Microsoft's only viable competitor is the diaspora of people who use GitHub, but now each one can be fired just as easily as a Microsoft employee.
I have one small contribution to an open source project, and because of that, microsoft are demanding that I enable 2FA or be locked out of my GitHub account on 24 January. They do not accept hardware tokens such as YubiKey unless you have already set up a phone app.
Nice account you have there, shame if anything were to happen to it.
If they wanted to, they could 'sack' anyone they like, just by running an AI over their entire contribution history to find the historic code comment or PR discussion that is most likely to get them 'cancelled' today, and then block their account for a ToS violation.
Microsoft began as a highly innovative software manufacturer. It arose among a plethora of start-up companies. It survived competition, and remains as one of a handful of mega-providers in its field. Microsoft's contribution to the transition from analogue world to digital world was tremendous.
Now, apart from its huge market share, this coupled with largely successful efforts to lock personal and corporate/institutional customers into a cage, Microsoft is bloated and lacks 'lean and hungry' people at its helm as there were at its inception. Moreover, none of Microsoft's products is irreplaceable by alternative vendors or by (sometimes less polished) freely distributed software. Additionally, providers of hardware, and those of software for special tasks, nowadays routinely offer versions of device drivers and user programs tailored for non-Windows systems.
Microsoft, along with other companies such as Adobe, may be living off past glories.
And MicroSloth didn't even write it.
Less than two years after that abomination was released, Apple shipped the Lisa, and we got to see what the future would really look like.
I don't think MicroSloth has done anything that could be called 'innovative' since the SoftCard.
While I agree the capabilities were weak compared to say, VMS, MS was, crucially, cheap. It still amazes me to this day features of VMS are marketed as 'new' and innovative on office systems on sale today.
DEC died because it's execs in the 80s did not think a computer belonged on every desk.
MS went really wrong around the time of the Windows 8 debacle. Slathering on yet more services and bloat is not want any power user or system administrator wants. And it's pretty miserable in the desktop/laptop space too.
They're running their training efforts on everything public, which already includes all the PRs, approved and not, from all the open source stuff on GitHub. Their ability to do that does not require them to have bought GitHub, since I can get that information just as well by building a basic scraper bot. They have built plenty of scrapers for sites they haven't bought, so nothing prevents them from having it.
You're right that their ownership of GitHub allows them to find some reason to cancel your account, and by the way it also allows them to not bother and just cancel your account because some admin doesn't like you, but that's kind of obvious from the starting premise that they own the platform. In short, you're concerned about their ownership of GitHub, not their exploitation of copyright, but the latter is the damaging thing in this situation and does not rely on the former to exist.
I agree with you there. The question here is whether Microsoft's purchase of GitHub was required for them to do that. I contend that it was not, and that complaints that Microsoft should ... I don't know, just not be allowed to have bought it because years later they might do something are misplacing the blame. Had they not bought the platform but still trained on its contents, as they have for books, newspapers, and likely lots of other things you can find online, we would have the same problem and we'd still have to resolve it somehow.
If they didn't own GitHub then GitHub could have blocked their scraper bots. Just as they have indeed done to Google. GitHub Wikis are not indexed by Google anymore, and it appears that even issues and PRs are becoming hard to find without using GitHub's built-in search.
Also, owning GitHub allows them to data-mine private repos to a certain extent. Even if they don't directly ingest the code, they can data-mine the user behaviour, comments, perhaps even commits
As soon as people start with 'my favourite licence is'' [STOP FORCING THE US SPELLCHECKER ON ME REGISTER] they've put the cart before the horse. What is the purpose of the license comes first.
How about, just for example:
* Do good by making sure users can't be blackmailed of left high and dry by suppliers who wish to use coercive tactics on their customers.
* Allow tech-savvy users to adapt for their own purposes...
... And in the spirit the software or data was supplied, offer the hack back upstream to possibly benefit the wider community.
* Allow interested 3rd parties to improve upon internals and make the changes available to all as above.
* Allow interested 3rd parties to move from curiosity to correction and contribution then collaboration and curating. (Because that's how ideas and methods get spread around and improved.)
* Prevent capture of OS work. By this I mean if some body uses or packages your code then they can't then shut you out of your own code. (Etc.)
OS licences don't 'work' for end-users because they just want to get on with their job. I suggest that it's a 'good thing' badge to look for. (A bit like 'organic' or 'sustainable'.)
Personally, as somebody who throws software into the aether for anyone to use, I don't care about fees and won't be held responsible for anything. Take it as is. (When Leonardo da Vinci was commissioned to paint the Mona Lisa he didn't have to put hundreds of lawyer's words into an agreement.) So for example all accents with one key is there to be used and improved. Credit and not stealing is nice which is why I had to patent a new sort of wheel.
It's surprising how many people in business don't get the idea of determining what they want from a license first and then picking the license.
I see a lot of usage of gift-style licenses (MIT/BSD, and Apache if they are OK with the patent language) as sort of a knee-jerk rejection of the sharing-with-rules licenses as anti-business, when a sharing-with-rules license (GPL/AGPL) would actually be more advantageous to their company.
Hopefully the law will continue to allow you to not be responsible for anything. This is actually not looking good.
> start with 'my favourite licence is'' [STOP FORCING THE US SPELLCHECKER ON ME REGISTER]
Spell-checker runs from YOUR browser, no? In FireFox I have a choice EN(US) and EN(GB), several more EN(), and dozens+ more languages.
While ElReg's ocean-straddling policies may be confusing to some minds, I think this one is on your end.
It is legally bulletproof, and so great no one wants to fork it so it will be just the one. What incentive will there be for any for-profit companies to adopt it?
Surely he can't be naive enough to believe that consumers wanting "open" software will generate the demand that creates real competition for Apple/Google/Microsoft from a company or companies using this?
Hi,
Yes, of course I thought about the reasons for companies to buy in :-)
First, companies spend a lot on Open Source compliance. Many have multi-person departments concerned with it. Others pay me $500/hour to work on it. One reason is that compliance with Post-Open, although it comes with an explicit payment, would be cheaper. In addition, any Open Source that was dual-licensed Post-Open would also come under the easier compliance.
Second, of course, is that the software would be valuable enough to pay for.
Thanks
Bruce
I doubt it. The ambiguities in all the licenses that implement something like this have already caused problems for projects that switched to them. While I have argued and still believe that the switching was instrumental in some of the chaos, the licenses themselves haven't helped. For example, there's usually some restriction on commercial use, but the license isn't clear what it is. I sometimes volunteer for charities to write software, but that is not necessarily commercial or not. In order to find out whether it counts, I probably have to negotiate with whichever company has written the license to see what they think, and since I'm not likely to pay them much if at all because it's a charity and they're not very wealthy, those people are usually not very helpful if they respond. If I come across a project like that, am I really motivated to contribute to it directly when I'm not sure I can use my own work later? Usually, the answer is no. It's hard enough to find developers who want to work on open source projects, and for reasons discussed in other comments, I have no faith that I'll actually get rewarded for doing the work, so the least I expect is the right to use my own contributions later. If I don't have that ironclad certainty, it might as well be proprietary to me.
very anecdotal but irrelevant commentary. i can tell you haven't worked in any position where open source pays well. nearly any datacentre these days runs open source. especially compute and LLM. proprietary software has almost entirely disappeared. no one is running ibm, microsoft, sun or oracle servers anymore. everyone prefers open standards on virtualized Linux, with developers contributing to open source projects, where you can get the source but to deploy it you need to pay a subscription for the routine updates (that you want). the profitable software world is absolutely willing to pay for open source. it is free as in freedom, not free to use commercially (except for personal use). companies are just as disinterested in proprietary lock-ins and have advisors specifically for open source licensing. companies get sued routinely for not adhering to licensing. its in their own best interest and profitability to play along and contribute. i think post-open will definitely protect the developers who put in the real effort on projects far more.
It's not about willingness to pay so much as knowing whether or not I have to. I don't object to proprietary software; if I want it, I will and have paid for it. The companies that employ me do so all the time. The charities I used in my example do so less frequently because, as I said, they don't have a lot of money so asking them to spend five figures on some enterprise software is a hard sell, but they still do it if it's important enough. However, I know that when I suggest the option. I don't say "Let's use Office365" and get surprised that Microsoft wants money for it. Using something sold as open source and then finding out that the license is not compliant is a much larger surprise, especially if I've previously contributed code or donated money to that project.
One of the reasons I might adopt open source software instead of proprietary is the freedom it offers me, and I don't just mean the freedom to read the source and modify it in my environment. Chances are that I won't be doing a lot of that for the infrastructure software anyway. One other freedom that I value highly is the knowledge that, no matter what the authors did, I can keep using this. If the authors gave up and stopped developing it, I still have the software and the right to run it here. If the authors started demanding a higher price than I can pay for some feature, I still have the old software and can work around this change while using what I already had. In either case, I can take the code, make my own version, and work with others to keep the software alive despite it. In an environment where certain uses require permission or payment, I no longer have that guarantee. If the authors have the choice to tell me that my use is now forbidden, then I have lost something that traditional open source provided.
"I don't say "Let's use Office365" and get surprised that Microsoft wants money for it."
I know of several very large UK universities which were surprised when Microsoft started charging for the "Free" mail service they offered. My ex-employer spent over £5million migrating to MS and has NO backout plans. Every step they take merely makes the vendor-lockin even worse
“Open source compliance” means companies ban their programmers to use any software that has a licence which might potentially make them either pay or make their code open source.
So whatever clever new licence one makes up it is not going to work - the software with a restrictive licence will lose to the current open source competitor.
Interesting account.
Contract not licence? So who will provide the remedy for contracts being broken and how enforced? UN Convention on the Law of the Sea(*) model or something like the WTO?
Non-profit? How many different definitions of that are there in the nations of the world? Do those definitions overlap? What arbitrage opportunities do differences in coverage provide?
Paid by contributions monitored through software running on some Website collating issues/commits? How on earth are you going to define the business logic used? What if someone *removes* a few hundred thousand lines of code from a mature and somewhat crufty project? If someone works through a few hundred pages of documentation dotting ies and crossing tees how is their contribution compared to someone else who provides a critical 10 line fix that resolves a show-stopper bug based on decades of experience with obscure race conditions?
This is going to make the ANSI committee process look like a play group.
Icon: briefly middle mngmnt in a UK public sector organisation that had to claim 'formula funding'. Still get flashbacks.
(*) No prizes for guessing which large and powerful maritime nation refuses to ratify.
That sounds like China is upset that they cannot look up any more source codes.
As usual nothing about the fact that developers who are gullible enough to give up their work for free so that big corporations can make more profit, are not compensated adequately for their efforts.
If someone was truly fighting for open source future, they should advocate for royalties and compensation for people who actually make this software.
A lot of these idealist/Marxist ideas actually benefit the most wealthy corporations the world has ever seen. Maybe these corporations are the REAL source of the idea of "give away hard software engineering work for free" ? With the C panic we have learned they essentially control the mainstream mass media, so they can certainly pull this off.
From my experience in the automotive and some other industries:
1.) Even large companies will steal software then and now. That is why Lauterbach Trace32 or Vector CANoe, CANape are dongled. Why plenty of other tools use the FlexLm Abomination of a license manager.
2.) Large and wealthy corporations happily use free software and only pay if a behemoth like RedHat/IBM or Oracle demands payment under threat of "audit".
3.) It does not matter projects have multi-million dollar of customer-paid revenue. Gratis is king.
4.) Who should set the "proper" price for FOSS projects, if not a RedBlueHat oder an Oracle ? Free enterprise works to a large degree by freedom of pricing decisions.
5.) Most engineers and IT folks are totally clueless when it comes to economics. They will prefer a crap dev-chain for $0 over a $1500 IDE with high productivity in 99 of 100 cases. in 30 of 100 cases, they shell out $500 for an iphone, to impress friends.
6.) Software engineering jobs are only great if there is a way to make revenue with the product of said engineer. In automotive, the car itself is the dongle for car software. The software is heavily dongled to an *individual* car.
7.) If you pay 10 software engineers 1 500 000 Euros per year in total, you better make 3 000 000 in revenue based on their work. If you sell 100 copies per year, that is 30 000 per license.
The system of "free enterprise and strong property protection" is successful, because there are no centrally-controlled price controls. It is successful because one man's nutter is another man's provider of valuable products and services. Rugged individualism is a key source of wealth, not the Marxist idea of "what if we are all equal". Men are neither created equal, nor should they be. They come with highly different skills, education and experience. The key is to enable each one of them to do something useful for the common economy.
"FlexLm Abomination"
I don't mind lmgrd + vendor daemon without a dongle it is trivial to circumvent the node locking and usually date expiry*.
Saved the bacon a few times when license server died and the software+company defunct.
The later flexnet java monstrosity I wouldn't even bother although I suspect its core is based on lmgrd with a massive layer of obfuscation which java more than adequately provides.
DEC's lmf was quite a different kettle of fish...
*When the SUN Sunpro C compiler was EOL pre 2000, SUN published free unlocked perpetual licenses whose features have expiry dates with the year -00. A few years ago I was running SunOS 5.6 on a VM to revisit the System V networking code and required a C compiler.After installing the Sunpro compiler and perpetual license I found the license expired in 2000.
So setting the date to 1999 and compiling my "special" code and (hint) patchelf to molest lmgrd et al. I could return to 2016. :)
A $0 product destroyed the market for a highly useful and highly productive IDE and language. What we got is the Java freetard world of sluggish performance and excessive RAM consumption. Thanks SUN, you dragged down another great company with your freeware suicide.
SUN started by giving away Java for free, and eventually IBM gave away Eclipse for free, too. IBM has the mainframe business with a very hard to copy dongle(the mainframe itself) and survived, SUN did not. IBM's core business never gave their IP away. As far as I know, you have to pay huge sums for things like MVS/zOS. This business model now works for 60 or more years. SUN worked for about half of that until it was gobbled up by Oracle, who are strongly in favor of tough licensing.
You basically described the entire problem with the Open Source paradigm; people need to make money even if they are writing software.
Sun didn't go out of business because they gave Java away freely. They went out of business because they spent very little on their own R&D. Sun had great machinery and a great OS, but once they reached a successful plateau they basically stopped inventing and creating refinements to their systems. Instead, Scott McNealy would get into pissing matches with Bill Gates, and despite what one thinks of Gates (he is nothing but a dangerous windbag now), at the time McNealy was quite a nasty person. Like Kahn of Borland, he destroyed his own company.
Nonetheless, The Open Source paradigm destroyed a thriving software cottage industry of third party developers who sold their wares for very affordable prices. Now these same developers and many others have to provide their software freely while also offering their source code as well.
How is anyone supposed to really make a living doing this? You can't and many professionals are finding that out.
Corporations especially are quite happy to take freely available software and use it for their own reasons and asking for compensation after the fact is a little late in the game.
And no amount of licensing refinements will stop this from happening since enforcement, if it is possible, is both costly and timely for most individuals and smaller businesses.
Open Source has been a terrible bane on our profession and it has only made things worse for many who simply want to have software businesses.
Though there is some very fine Open Source products out there such as the freely available database engines, most Open Source projects are not very good or even if they are tend to be abandoned after a point when the developer or developers find that there is no future in maintaining the software.
Your obit of Sun Microsystems should note the advent of IBM PC clones that ran BSD or Linux entirely obliterating the market for engineering workstations and specialized servers.
Open Source had a role in the industry something like replacing the Bell Telephone network with independent companies. It removed artificial price supports and emphasized that companies could colllaborate on something that wasn't their profit-center, to all of their benefit. I must admit to little sympathy for those who lament that they can't compete with something that someone else makes for no revenue and gives away for free. Capitalism means open markets, including when the price is $0.
> emphasized that companies could colllaborate on something
Companies don’t need Open Source if they want to cooperate.
They want Open Source to get stuff for free. And one can’t blame them - everyone of us like a freebie. It is the idealistic stupidity of those who support open source for ideological reasons that resulted in programmer’s work being undervalued.
"Companies don’t need Open Source if they want to cooperate."
True, but it helps. They could form a consortium and build something closed. That consortium could even sell licenses and that might help make some money. But it makes it really hard for new companies or individuals to join and start working on it as well, and it reduces the number of users, which can be important if you want contributors. They appreciate that it's free as well, but part of the reason that it can be is that there are so many people interested in maintaining it.
Not everyone. I HATE being given something free of charge by someone I'm doing business with. First off, I want who I'm dealing with to make a profit, as I want them in business when I need them again. Secondly, it's likely something I don't want anyway. Just give me what I ask for, and ONLY what I ask for, provide it to the specifications and quality I asked for and charge me a fair price that covers your costs plus a small but reasonable profit and I'll be a customer for life.
So many licenses to choose from nowadays it seems, but enforcement (like NYT Copyright) still appears to require legal action ... hopefully, a strong FSF can help there (when needed). Not sure how "another" new license could really help with that though. On the permissive side of things however, it's nice to see that one may now contemplate replacing MIT, with CeCILL-B (DeMille/Demented), which has obvious aesthetic advantages (spirited naming by the French INRIA, CEA and CNRS!).
With respect to China, lots of good and real smart people there to be sure, same as Iran frankly (and Haïti ...). The challenge for us, in my view, is to foster the development of conditions there, that will empower the people to engage on a path of increasing liberty, human rights, and the pursuit of happiness. This may entail applying related pressures to their authoritarian governments (eg. elections that involve actual opposition candidates, without torturing them in a "Polar Wolf" Arctic circle gulag), and in the case of China, that achieved worldwide commercial prominence through Deng Xiaoping, some level of trade pressure. Xi Jinping (a chemical engineer from Tsinghua University) could well be the right person to enact the needed reforms IMHO ...
One of the current problems in open source licenses can be explained through the paradox of tolerance. That is if you are too tolerant, you can allow behavior that will extinguish a tolerant society. The current example of this is the American Republican party. We tolerate them under free speech principles but their actions and stated policy is to extinguish free speech and democratic principles.
The apparent current solution to the paradox of tolerance is to be intolerant to any action or philosophy that would destroy tolerance. In this case, we should allow licenses that forbid behavior that eliminates or constraints open source.
On AI generated code, I suggest learning how llms work because they are not a simple system that spits out code fragments from the original source. Llm systems not contain the original source but instead operate on an abstraction of the aggregate data. You cannot retrieve the original content from the abstract source but you can use a tightly constrained prompt to generate code that looks like the original source in the same way that a tightly constrained prompt would lead a junior programmer to generate code that looks like the original source.
LLMs learn in a way analogous to how humans learn and are now generating new ideas not found in the original sources.
Another perspective to consider is that industry practices constrain code according to certain principles of good technique, design patterns, and language ability to express mathematical concepts. These constraints limit the number of ways to express a given idea and increase the chances of a code collision.
Instead of tearing down an incredible useful tool, find a way to identify code collisions in existing software and measure how many times humans generate code collisions.
Used correctly, identifying code collisions could be used to break copyright, trade secrets and patents.
"Used correctly, identifying code collisions could be used to break copyright, trade secrets and patents."
Or you might find that, for a complex system, code collisions are not at the level you're thinking they should be. Oh, it looks like that when you ask a programming-trained model to answer a simple, introductory question. There are only a few ways to write a function that are sensible, that is to say not playing code bowling, when that function does one basic thing. Here's a parallel.
There are only a few ways to express the sentence "She put the box on the table". You can use synonyms, for example that she placed or deposited the box, or you can order the words a bit differently (the box was placed on the table by her), but if you do anything too extreme, you end up with a sentence like "The furniture item known as a table was the recipient of a placement action involving the box, and she was the initiator" and you sound ridiculous. When the sentence is longer, though, you quickly expand the number of valid options to express it. No matter how complex the sentence, if it sounds natural, you can break that sentence into components that have been seen before, but the sentence as a whole is new, and the organization of multiple such sentences expands that. The same is true of programs; as they get longer and more sophisticated, the chances of finding a meaningful collision decrease and you'll be reduced to arguing over idioms or common constructs.
You're hoping that collisions will be common enough to invalidate protections you don't like, but it is unlikely you'll find them, and if you did, it likely wouldn't get the result you want. If it's really easy to recreate code, then why not recreate it yourself. If you can demonstrate that you reproduced the code on your own, then copyright is already limited. People just won't believe that you did if you show up with identical copies because they know that really doing that from scratch would be hard, so you probably didn't do that. LLMs aren't doing that either, no matter how many times their authors claim that the training data is not stored in them. As text-based ones have demonstrated repeatedly, a lot of it is in fact still in there verbatim, even if it has been reorganized. Ones that must output valid* code make it harder to get it to regurgitate large chunks, but it will and has happened. Copyright exists because it is not trivial to generate the work, even if every individual component looks simple afterward.
* Sort of, no guarantees.
They Open Source community has been astonishingly efficient in detecting non-literal copying. See https://en.wikipedia.org/wiki/Computer_Associates_International,_Inc._v._Altai,_Inc. for what that is. I'd give a concrete example, but I'm under NDA because I help the violators to come into compliance.
English is pretty flexible in word placement when it comes to understandability, though.
"Box on table she put" is grammatically wrong, but you're not going to miss the meaning. Same goes for "Table she put box on" or "Table the box she on put".
And it's a theory of learning other languages for communication purposes that I've also seen work. Ignore grammar, ignore conjugation, ignore gender. Just learn vocabulary. You'll be able to communicate, even if you sound absolutely ridiculous. I don't know if it works with every language, but I've seen it work with Spanish and Russian.
"English is pretty flexible in word placement when it comes to understandability, though."
That's because it's a pidgen (trading language between 2 unrelated languages) which became a creole (native speakers of the pidgin) which went through a couple of repeat cycles as different groups arrived and amalgamated across Britain
> LLMs learn in a way analogous to how humans learn and are now generating new ideas not found in the original sources.
Generating new ideas is the wrong way to state it, it implies that they come from nowhere. What they can do, at most, is _discover_ something that is visible in the data but (due to the size of the data) has not come to the attention of people.
All invention is incremental, and stands upon the shoulders of earlier developers. This is why patents require references to earlier inventions upon which the present one builds, if the patent is to be valid.
Obviously a discussion of how _people_ invent would be too large for this comment section. I am dubious about all of those consciousness researchers trying to determine what it is before they even prove that it isn't illusory.
There are alternatives to Redhat.
This reminds of Bruce Perkins circa 1998, no #chickenlittle but *if* a solution is needed than parasites such as me need to work out whether they are part of the problem or part of the solution.
Too many of the "community" spend hours screaming by forum but perhaps rather than demanding they could find other ways of contributing.
I fund some projects that are of particular importance to me, nothing that would cause them to gasp, but a few quid every now and again.
Linux, the kernel, is too important to too many people, that is safe. Other projects needs to be cared about more.
LibreOffice complains fairly regularly that too many corporate users don't support the project. But according to Wikipedia only a few percent of all users see enough value to support it.
I look at the list of corporate sponsors for openSUSE, that looks fairly healthy but for reasons that escape me, it continues to be treated as the runt while others spend their time respinning Debian derivatives, freedom of choice n'all but if they think there is a problem possibly respins are not the answer.
"For reasons that escape me, it continues to be treated as the runt "
My experience with commerical Suse contracts put them on my "never do business with again" list
I could see the direction RH were going a decade ago and tried to move debian-wise (or at least reduce our increasing single sourcing of Redhat) but was shouted down by more senior staff who considered it "too hard" to retain the capabilities
《He [Perens] says he came away from his trip surprised by how similar the people in the US and China are,...》
Discounting the exasperating depth of the apathy and ignorance of the two nations' polloi one does have to ask what proportion of the chinese population carry firearms (concealable or otherwise)? And how many children die or are injured by attacks on their nations' schools?
The real similarity is that both nations' leaders and politicians are unspeakable berks of the first water but unfortunately there is no shortage of equally blessed nations.
A lot of people who have a particular axe to grind will attempt to interpolate any discussion to one of their favorite topic. So, in this comment section, some folks are going off on tangents about guns, socialism, etc. A common element of such postings is that they fail to make a clear statement because they assume everyone else already has the context.
I can only suggest that they find a more appropriate forum.
Yes, the Chinese are in fact very much under the thumb of their dictator. They have absolutely no way to fight back against their tyrannical government.
And sure, no school shootings. But hundreds of thousands of preventable deaths, because building construction is incredibly shoddy, flood control is practically nonexistent, and if you say too much about anything wrong the government will disappear you.
Throw in worse healthcare than the US (I know, shocking, but it's absolutely true), a culture that sees domestic violence as only being between the parties involved, and literal genocide of minorities, and you've got a far worse situation.
But it's ok, Brits. You gave up your guns, now you're the 2nd most surveilled country in the world, and your right to protest is disappearing. You're one rogue parliament from being China. Enjoy.
The Chinese are much more civilized than those boorish Americans. They drop their daughters down wells instead of shooting up schools. Much more humane. /s
And most of us in the US who carry, do so to stop the bad guys from hurting people. It frequently works, though it's not usually reported in the news... Fix your politics before you criticize ours, please.
Seems to me that all the troubles over monetising Open Source are maybe missing the point. They seek to impose further restrictions in the smallprint, much as GPL3 does for TiVO-isation (locking the code into the hardware). Linus rejected that for his kernel, so I can't see him leaping with cries of joy on yet more restrictive smallprint. By contrast MIT/BSD style licenses look the other way, to fewer restrictions.
And Big Lawyering would presently find ways round the new smallprint just as it has done with the old, sucking us all into yet another eternal arms race. Do we really want that?
Of course, it is harder to make any beer money from the most libre licenses, but then nobody goes that road any more than charities seek to; their job is to give time and money to those who need it most. In all honesty, I do not see why the F/LOSS community should take a more mercenary approach - the very thing we are all recoiling from in the first place.
Fortunately, Linus isn't the only programmer. And the Unix API is getting long in the tooth. We need to move on from that too, and I am surprised at the lack of operating system research. I wish I could fix that myself, I have lots of ideas but there are so many projects and so little Bruce :-)
Contracts concerned with commerce do end up being litigated, but not so frequently that businesses have had the slightest incentive to stop using them. The problem with Open Source licenses is the imbalance between the violators and the content creators. The content creators don't have the revenue to allow them to litigate. The violators often have deep pockets. The problem is less the fine print than that violations aren't being prosecuted.
... and looking at the numbers, there are probably way many more "content creators" than there are "deep pocketed violators", from whence one might expect the potential for a turning of the tides if independent creators were to somehow "unionize" (or unite) against unfair exploitation and pauperization ...
Keep up the good fight!
(Love it that Bruce Perens is actually here, actively responding to the ElReg's most eminent of Kommentardariats!)
Given the divergence of Linux from other Unix, if there are specific parts of the design that are particularly egregious we can expect the larger companies to propose alterations. This will of course underline even further Linux specific design and functionality. The post millennium operating system and application landscape is also considerably different than previous decades.
I think it would be more accurate to say the 'problem' with an open source license where you wish to control how it is used (as opposed to licences such as BSD where code can be used freely everywhere), is it may not generate sufficient income, not an imbalance as such. If a company generates money from their contracts they have a buffer to handle particularly severe breaches via litigation, and more practically the ability to terminate the contract, invoke clauses, or terminate/modify support provided. That can work, even when their customer is many times their size.
>Linus rejected that for his kernel,
To be fair, GPL3 (and many other licenses) did not exist when Linus first released his source code. Having released his source code and subsequently incorporated contributions from others, he then didn't have sole ownership of the source code to be able to unilaterally re-license the whole thing. In theory, all the contributors (or their inheritors) could agree to a license change, but getting that unified consent would be a mammoth task. I think it quite reasonable (especially given all the work he does anyway) that, given the scale of the task, Linus decided he'd got better things to do to fill his time!
There are mercenary approaches open to GPL projects, such as using RedHat's tactic against RedHat. If a project like the Linux kernel project did care enough to be motivated to stop RedHat doing what they're doing, it is in their power to do so; fork, and refuse to distribute future binaries (and thence future versions' source) to RedHat. It's not just RedHat who can choose to not distribute a binary. The same goes for any of the userland projects. Imagine RedHat, if (for example) the bash project stopped giving RedHat access to bash binaries and thence source? However, given that the main fuss seems really to be about the demise of CentOS, perhaps the best way forward is if people simply migrated away from using RedHat to a distro that is managed in a less commercially minded way.
Consequences of Acquiescence
The tricksy thing with that let-them-stew-in-their-own-juice approach is that other distros are not invulnerable. For example, if everyone shifted from RedHat to Ubuntu, what's to stop RedHat / IBM acquiring Ubuntu? And then, Debian? Suse? And, so on? Really, we're talking about the acquisition of people's time, not necessarily the company / foundation titles themselves. Buying a company is just a way of getting the people. For example, a Debian project with no active members ceases to exist. The best thing about recruiting the people is that you're engaging in the open employment market, not subject to anti-trust actions.
So, what we may be seeing is the first action in a slow move to consolidate all the major distros under one Red roof. That, to me, seems to be a more dangerous threat than simply the loss of CentOS. That would be a full take-over of Linux entire. The Linux kernel project itself would become pointless and irrelevant; it would be the version controlled, compiled and distributed by the winner (e.g. RedHat) that people would actually be running.
So perhaps the real question is, can the Linux kernel project afford to be quiescent in this at all? Or is this kind of outcome acceptable to them? I don't really mind either way; if those who have contributed to Linux in the many ways they have down the years hung up their keyboards and let a big corporate take over - fair play to them. But if they don't want that to happen, they probably do need to act.
Or at least, they probably need to show some resolve to act. If the Linux kernel project did look like it was going to cut RedHat's source access off at the knees with a popular mega-fork with controls to cut RedHat out, backed by Intel, AMD, etc. RedHat's version of Linux would be faced with becoming obsolete and junk within a few chip generations. The threat of achieving that could be sufficient to make RedHat / IBM change their mind. The threat of that would make many RedHat users jump ship to a better behaved distro ahead of time, and that would hurt RedHat before any change had actually come into being. If RedHat did cave in, then perhaps the move gets postponed.
It's true that Linus didn't have the ability to just switch everything to GPL 3, but he could have done something to make the terms apply to some important part and apply the restrictions to most users. Based on his comments at the time, it seems he didn't have a major objection to the tactics that the FSF wanted to prevent with the GPL 3, so he didn't try to do that.
I'm concerned that this is all focused on money. Companies are NOT going to donate a certain percentage of their revenue or profits to open-source, that's just a pipe-dream.
Open-source is about altruism and making the world a better place, not a business model. If some people make money from it, good for them.
And who's going to distribute the money raked in from companies and based on what metrics?
Perens should be thinking less about money and more about enforcing the current licenses, making sure companies abide by the terms. And to ban licenses which have onerous clauses added to them.
During the United States civil war a series of fraudulent military contractor stories, like rotten meat for soldiers, led to the passing the law that allowed anyone to sue the perpetrator on behalf of the federal government and then if successful to win a portion of the award. That had been watered down for a while, then brought back after world war II, and it's still in place today. Of course, I don't see any political interest in fixing this problem in that matter (or any other). Would be nice though. Maybe you could go after Amazon or Oracle for their various government contacts for engaging in fraud against the federal government by not cleaning up their compliance, but I suspect they've documented where they need and found loopholes where else they need...
There are a number of opportunities for those who have the funds to bring lawsuits (usually lawyers themselves) to litigate on behalf of the state or others. Some really egregious (Texas Senate Bill 8), some misused (the company that shakes down web sites over ADA issues and will sue you if you don't hire them to fix those issues, which is only vaguely connected with helping real handicapped people). Some mainly making money for lawyers rather than helping the little people they claim to represent (class actions).
I think the problem with this one is that the way to enforce is already suing the offenders, and you're simply talking about another way to sue the offenders. You need a lot of money for either.
Articles in the Register discussing spats over 'rights' - licence terms, copyright, patents, trademarks, export restrictions, etc. - often have a USA 'flavour'. This may be a reflection of the USA's (seeming) economic might, and of the US being, perhaps, the most litigious nation on earth.
Economic power, as summarised by GDP, is heavily influenced by the amount of money sloshing around in an economy, but with little consideration for production of tangible things, for services of essential nature, and for the quality of life (distributions of income, wealth, education, opportunity, 'health', and habitation of a pleasant environment) of citizens. In principle, many strictures imposed by US laws do not, or should not, apply to other nations. However, hitherto economic dominance through trade, and military occupation/threat, is wavering. Yet, for the immediate future, the office of the U.S. Trade Representative retains sway over many other nations' implementations of various 'rights', especial attention being paid to so-called 'Intellectual Property' (IP).
Diplomatic, as distinct from military, enforcement of 'rights', these according to US interpretation, is effected through stringent terms in trade agreements, plus powers ceded to the Western controlled World Trade Organisation. Moreover, behaviours not explicitly agreed in trade treaties can perforce become adopted elsewhere: this is a consequence of so many major companies falling, at least in part, within US legal jurisdictions. For instance, concerning IP 'protection', I am unaware of stipulations within the US DMCA being directly enforceable in Europe/UK; however, online publishers must tread warily should they have legal presence in the USA, or depend upon provision of services from the USA (e.g. web hosting).
Viewed in this context, the USA calls the tune on IP matters, and this is reflected in the tangled and litigious realm of software licensing. Perhaps continuing 'de-globalisation', this coupled with states no longer in thrall to US hegemony (e.g. 'the global south') adopting their own stances, shall de-fang the likes of Microsoft and similar troublesome entities.
All nations who fell to Marxsim are now either broken or completely broken. Cuba was once a major exporter of coffee, of sugar and other agricultural products. Now Marxism has wrecked them to the point where they must import these products. Their car fleet is the same as the one they inherited from the supposedly evil dictator Somoza.
Same with Venezuela. One of the most oil rich nations, but now starving.
Marxism is a disease and even the mildly intelligent Russkies have found that out by now.
"Global South" is a Moscow term to describe the IQ-limited nations who are on their side, ready to wreck functioning economics. Cuba, Venezuela, Iran, Zimbabwe, ANC-wrecked-Africa and other $hith0les.
Or it might be that the organizations that played a central role in the development of the FOSS concept and the licenses that implement it happen to be based in the US and wrote their licenses specifically to work with US laws as well as international ones. When The Register interviews an American who worked with American IP law, you wouldn't be too surprised that he sounds a bit, you know, American.
It is indeed the case that the US has pressed their style of IP law on essentially all other countries through trade treaties. You have to pass the IP laws to get "most favored nation" status, etc. Of course I travel worldwide to speak upon and deal with this issue. What I see is how similar the law is, rather than how different. Where there are differences, they are 1. A feeling that their nation is less litigious than the USA. Which doesn't mean there isn't lots of IP litigation there. and 2. viability of software patenting in a particular nation.
Nations who do these things will eventually be wealthy and can be happy(if they do not forget to fear god).
On the other hand, those who fall to the siren songs of collectivism will experience the hard times of starvation and all sorts of unnecessary hardship sooner or later.
That does not mean we should worship the large corporations and the oligarchs who control them. Quite the opposite, oligarchs have proven to effect medical insecurity(to put it mildly).
A strong state will be stronger than the oligarchs, stronger than the Marxists and pursue the interest of his folk.
Price controls and subsidies for software are the wrong approach. Who should decide which developer receives how much money from the central pot ? It would quickly degrade into something like GOSPLAN.
The problem of poor nations is that their elite are rotten people who want to become rich quick, at the cost of their own compatriots. And it does not matter whether they sell out to Geneva, to Moscow or to London. Nations with strong leadership will eventually become wealthy. See South Korea, Singapore, Dubai and many others.
Feels like this guy is speaking out of both sides of his mouth as I read this:
- Please make everything free for everyone, and
- Please pay people who write the code
this combination is nearly impossible to pull off in reality.
---
Quotes from the article here:
...He imagines a simple yearly compliance process that gets companies all the rights they need to use Post-Open software. And they'd fund developers who would be encouraged to write software that's usable by the common person, as opposed to technical experts...
...The way to avoid that, he argues, is to pay developers, so they have support to take the time to make user-friendly applications...
-----
And then he rails on companies that employ people for writing open source software - Red Hat being his prime example,
My advice is to take Debian and use it everywhere you can, if that is the closest to his ideal solution - and expand and play with licenses and models there, if he can pull off his magic oxymoronic quest to have everything free and lots of people also getting paid.
In my view if a company like Red Hat can create value that companies pay for, and can pay engineers to write open source code, that is fed back into the Linux kernel, for Debian and others to use, why is there such a beef with that.
I am also trying to see what productive things Bruce Perens has done in his career to warrant a soapbox.
This post has been deleted by its author
This post has been deleted by its author
"Post-Open, as he describes it, is a bit more involved than Open Source. It would define the corporate relationship with developers to ensure companies paid a fair amount for the benefits they receive."
That part sounds very much like the BSL or similar licences: you can use it for free in certain cases A, B, C, and you need a paid for licence for anything else. This is considered risky by many corporations (they have to evaluate, on a case-by-case basis, whether they are exempt under terms A, B or C) and they'd prefer to pay for an outright licence anyway. So what Bruce is suggesting here is nothing different to the status quo.
"It would remain free for individuals and non-profit, and would entail just one license."
The "one licence" bit worries me. It sounds like the performing rights societies: collecting fees from shops and concert halls, and then taking it upon themselves to distribute the monies to the rights holders. They need to determine how to apportion the proceeds, so they spend a lot of time on gathering audience data.
What you get is a massive, bloated beaurocracy which exists primarily to serve itself, and secondarily to serve large corporations like Sony and EMI (or in this case, the "foundations" which large software projects run under). In theory, some of this money would trickle down to individual developers. In practice, I expect very little would. But it would nicely serve the interests of the non-developers who run the foundations.
Unlike audio and video rights, where you can at least identify every broadcast play and every streaming play, it would be *much* harder to identify which pieces of open source software were being used in a particular organization, and then apportion how much value resides with each one. Especially given that most applications are actually complex stacks of dependencies in themselves.
Agree - delusional thinking without factoring in the reality of what has been learned in the last 30 years of open source.
I still say if people are whining about Red Hat, they should use Debian, and if they want to try for new licenses that both give everyone free things and pay the developers, they should prove it on Debian first, and if it makes sense it can be expanded to other projects/products. Trying to solve all of the open source situations with one sweeping move, is, well, delusional, which is how this article reads in my view.
I appreciate you are trying to improve open source in general. But you seem to bash the commercial companies involved in open source. I would ask - why is Red Hat's version of Linux so widely used ? and why is Debian not more widely used ? and what would these changes do to that dynamic?
Debian developers mostly make Debian for themselves. There are, of course, some of them who take a broader view. Red Hat, in contrast, is made for other people.
Debian developers are mostly uncompensated, so they work on what _they_ want. Red Hat developers are financially compensated, and to a significant extent work on what they are told to do, which originates with a customer-related goal. There are various wizards at Red Hat who choose their own projects, but only because they are known to excel at making something from nothing.
It's simple... because most big corporations want that support contract from a vendor. I have worked for many big corps over the years. For mission-critical things like the OS and databases (among others) they want and need a support contract. They rely on those companies for the hard problems, patches, etc. Many times they will have a policy requiring it. I've seen it first hand with Postgres. Even though we had tons of great DBAs, we relied on the chosen vendor for a lot of things.
That is why their distro was renamed from Red Hat Linux to RHEL back in early '00s. They became a Linux VENDOR for commercial purposes. It's so widely used because there is a company behind it which offers a sense of stability.
(RH 5.1 was the first distro I installed in '98 but I went Debian-based around '05 and am still today)
Yes, there is some similarity to ASCAP/BMI/SESAC. I would feel worse about the apportionment problem if there wasn't already software that does this sort of analysis, like that from Merico (https://www.merico.dev/). But I don't want to wave away the problem either.
It is true that artists only get a sliver of what is collected, but it is also true that they actually do get that sliver, instead of nothing.
However one, if not the major factor that allows that to happen, is that big focused music corporations also get money that way that they would not otherwise get, and a diffuse cloud of corporations (your hairdresser) get milked for it. This dynamic makes it work (legally and politically).
Free software is the opposite - big focused corporations don't want to pay, unless they are going to be getting lots more money from the great mass of unfocussed corporations and consumers. They currently see "cloud taxing" and free software as the way to do this.
To see how completely unprepared to pay-up megacorps are you just have to look at the Apple - Qualcomm fight. Apple is not prepared to pay anything significant for what is the core underlying technology of their whole product. It is only by being utterly ruthless and toxic that Q can get paid royalties at all. It seems delusional that Apple would share anything but floor sweepings with people who do not carry a very big stick.
I recently was at a supplier fishing event for tradies. Someone pointed out that the plumbers turned up with raycraft, and the sparkies turned up with tinnies. It was true: electricians will undercut each others rates. plumbers don't. Who knows why, but the result was very clear down at the boat ramp. I didn't notice any free software developers - I suppose you don't have to catch ramen noodles.
Good luck with your project Bruce, but looks to me more like something that cannot really do better than put free software developers on welfare or subsistence, not a decent living, and is more likely to see a big income stream going to megacorps if it works at all.
Any scheme to direct funds to people based on some statistic is going to be gamed if it actually generates money. This is not an easy problem even if someone does think they've written software to manage it. I haven't found a good example of what Merico's software actually generates, but I'm really worried that it will end up being like the managers who try to make something out of lines of code written. You don't need me to tell you why that doesn't work. None of the other statistics work either. I also had a manager who tried to do something with PR frequency, if you didn't open one a week, it was not good for you, and one a day was much better. Obviously, that doesn't help much either. It takes quite a good manager to actually judge the relative usefulness of a developer, and when the manager isn't promoting or firing people, it doesn't make sense to have one. As such, I fear any automatic allocation process is doomed to uselessness. Attempting to use it anyway will motivate people to figure out what brings in money and do that; if writing docs counts, they might just have an LLM generate a lot of long-form documentation and collect the points from that, with a few people making corrections collecting a few more while doing all the real work.
Then I guess the question is how badly will it be gamed? Once people are gaming it to the max will it still be better than the present system?
Or will it need to be constantly managed and adjusted to eliminate "innovative" loopholes. And if so, who will do that and with what powers?
The chance of a large megacorp paying a single annual cost to access all open source they're using is nil. If the cost is significant, they'll simply obfuscate the benefit provided or spin off a smaller division to defeat coming under the banner of a large corporation.
The only way around this is to charge for any product that is, or uses open source in a commercial offering. Thus a database server widely used in a cloud provider would have a per instance charge, that would also include any open source libraries they link to. Good luck sorting out all the pricing for that..
That of course stops it being open source, or more accurately it stops it being a GPL aligned license. The issue is that GPL advocates want to have their cake and eat it. BSD licences on the other half knew and accepted code could be used without contribution or payment.
The second issue is the majority of Linux in particular isn't what some people think. It's been driven by corporate interests and large companies for over a decade, but it's OK, that's *exactly what Linux users wanted*. Many of them wanted to win, and damn the slower pace of BSD, other alternative OS, or non Intel architectures.
I also think Bruce is being extremely unfair to the average person. The common person does know about open source (or at the very least 'free software'), they just don't care. Never mind the average person; I don't see a noticeable groundswell among open source users for funding projects and buying software for open source OS (I would very much like to be wrong here).
What is being fought here is human nature, not technology :
People do not like to pay for things if they can avoid it. Even if not paying in the short term leads to long term losses.
They will pay for something if they know for certain it will save or make them money (and possibly time). Make sure you're not the Hoover free flights promotion.
Charging for a product (open source or otherwise) that is more expensive or offers less features than a popular commercial product is a hard sell. Regardless of the ethics, how well it contributes to the community/ecosystem, or if it does a few things really well but not as many as The Other Product.
Having a paid for product on Platform B, when Platform A is free is a difficult proposition. This works both ways i.e. Libre Office vs Microsoft Office as opposed to free software on Windows/paid on Linux, or free driver on Windows 10/paid driver on Windows 11.
I did work for film companies. If your film makes a profit, you're doing your accounting incorrectly. So, nobody with any sense in the industry works for a portion of profits.
And yes, we already have companies that create separate divisions to issue their Open Source so that they never have to give away a patent right.
Thus, payment has to be based on end-user revenue. You can think about that for a while. It introduces no shortage of its own problems.
For a license that is ostensibly attempting to avoid capitalism, it appears to be doing so by trying to negate the very essence of capitalism : buying a product, adding value, and then selling at a significantly higher margin.
There's more than a whiff here of 'it's not fair'. No, admittedly it isn't, but neither is life fair selling commercial services or software. It is not mandatory, and is probably impossible, to make huge gobs of money - what is necessary is to make enough..
Forget the edge cases. Dual license the product, charging for commercial usage of the product or derivatives. For use of open source libraries most probably pay a one off fee to the library creator *for that major version* if the product is sold for money. Ideally also make money from service and support.
There will still be loopholes. Ignore them. Anyone willing to jump through hoops to avoid a charge is not the market, the market is as mentioned 'servicing the common person', a busy end user who obtains the product for free (or paid for commercial use) and achieves their aim without hassle. Use product, achieve aim, move on with life. Anyone prepared to use their time to avoid spending comparatively little is usually not worth bothering with.
Another day, another pointless 'open source' licence. Been there, seen it, done it, sick of it.
Where did all this come from? Was it just that Berkeley did Spice on BSD, and Stallman got pissed off that other people took the (really, properly, "Free") academic code, developed with taxpayer's money, and made money from it? Stop. Don't care. Don't want to know.
This is all you really need to know: I've been using various flavours of Unix for 35+ years. Over that entire period of time, a vast amount of development effort went into re-writing perfectly good code simply because it had the wrong flavour of licence: it was too "free", or it wasn't "free" enough. It was all ideology; nobody cared about what the end-user actually wanted. And all that time Microsoft was eating your/our/my lunch, writing (crap) stuff that people actually wanted, instead of arguing about licences. Time to grow up.
First of all I've personally been burned by IBM under a previous CEO.
Red Hat aka IBM want you to use Fedora and it's free and open source and it is the most cutting edge server operating system out there.
And while I don't use workstation or anything more than OpenBox to give me on-server access to utilities if the need arises, it seems they are not doing too bad a job on Fedora Workstation as well, not to mention the new Fedora for Apple Silicon.
The whole point of these RHEL clones is to provide a free platform to lunatics who need to use half a decade old code to please their greedy accountants. That's cool but it ain't worth blowing up the community over. RHEL was birthed in the recession that came after the Y2K scandal.
I completely understand your frustration and skepticism, especially given your past experience with IBM under the previous CEO. It's essential for tech enthusiasts and professionals to have a platform that aligns with their preferences and requirements.
I'm glad to hear that you find Fedora to be a compelling option, both for server operations and the recent developments with Fedora Workstation, including support for Apple Silicon. The open-source nature and cutting-edge features make it an attractive choice for those who value innovation.
Your point about RHEL clones catering to users who rely on older code for financial reasons is valid. Balancing the need for stability with the desire for the latest features can be challenging, and it's great that Fedora provides a more cutting-edge alternative.
As for hiring dedicated web developers, it's crucial to find individuals or teams that understand your project requirements and can contribute effectively. Whether you're looking for expertise in specific technologies, frameworks, or have unique project demands, hiring dedicated web developers can streamline your development process and bring a fresh perspective to your projects.
If you need any recommendations or assistance in finding reliable web developers, feel free to reach out. I'm here to help.
The GPL was conceived under a régime where the law favoured hoarders over users.
But what if it was the other way round, and the law gave users statutory rights to study how software worked ("Freedom 1") and adapt it to their particular needs ("Freedom 3"), even if the vendor did not offer users the freedom to share software ("Freedom 2")?
If I ever acquired enough money, I think I might try to sponsor some legislation in some country, not only to require end-user access to Source Code of all computer software sold or given away gratis there; but to give end users the explicit right to reverse-engineer it themselves, in the event the vendor fails to comply.
That wouldn't happen. If everyone got the source code to every application, the freedom to share being absent would not stop people from sharing it anyway, nor would it prevent other groups from making "competing" versions that are pretty much just copies. If a country tried it, they would simply not get any direct sales. People would still be using Windows, but they'd be using Windows imported from a country next door or using pirated license keys. The same is true of most other software. In practice, we all have the ability to reverse engineer software we have, and we have some rights to do so, but the practical difficulties doing that make it useless to most people. After all, what reverse engineering tasks are you capable of completing but currently blocked from doing by legal obstacles? I imagine that the only significant legal obstacle is with distributing the result, but there are some practical obstacles as well.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
