“Open source operating systems such as Linux and Apache, which can generally be downloaded from the internet and adapted or modified for use with other programs, have become a mainstream business tool. More than half the world’s websites now run on the Apache web server and 57 per cent of companies polled by IDC, the research company, used Linux to run a big application within their enterprise. The popular view is that there are few restrictions on how open software can be used. But, like proprietary software, it is distributed with a copyright licence. While this may simply require anyone redistributing the software to acknow-ledge the original author, the most commonly used licence, the GNU General Public Licence or GPL, is significantly restrictive.” Read the rest of the article at Financial Times Online.
Free Programs with Strings Attached
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
The scary restriction of the gpl is not the actual code.
What is scary is what can be considered a derivitive work.
For instance if you worked on Linux and Solaris somebody could claim that your Solaris work was a derivitive work on what you were exposed to on Linux. To prove this isn’t true you have to show your source code, which companies don’t like to do. Even with source code side by side it can be hard. Loops tend to have i as a variable for example. Also what if the Linux work came after your work but was done by you. You would have to prove which was done first.
Many companies who want to add Linux capabilities to their OS are forced to do a lot of work. First somebody must look at the source and write design documents on what similar functionality would look like. Then Somebody else must read those requirement documents and implement it. Finally somebody else has to compare the source and make sure it isn’t accidently too similar.
Because of the GPL commercial OS programmers are forbidden from working on Linux. However they can freely work on FreeBSD, OpenBSD, netBSD, Darwin, etc.
you mean it isnt free?
Dose useing the API of a GPL’d library and dynamically linking the code to said library subject this code to the GPL?
forbidden is a strong word.
Someone isnt forbidden from working on something because he isnt using GPL tools. If something its the opposite. If you work with GPL tools, the resulting code must be licensed with a GPL compatible license. BSD is GPL compatible, but doesnt have the catches that GPL has which makes it not very nice.
X11 is also another GPL compatible license which is commercially friendly.
Yes, it does.
if you want do commercial software you have to do something better than the GPL’d comparable software.
I think that is fair.
wondering..
Did anyone else notice that this article was made largely of quotes from microsoft personnel? Think it might have been written at the behest of Microsoft so that it would land on the desks of unknowledgeable managers, who would get scared and say “Gee.. We better stick with Microsoft..”? This article is nothing but FUD. Think of the target audience for “Financial Times.” It’s not people who know the difference between systems, it’s managers. And managers are easily intimidated by words like “legal landmine.”
In this guest essay, the founder of theKompany.com says “We won’t use the GPL for anything anymore. It is far too frustrating to deal with …”.
http://www.linuxandmain.com/essay/sgordon.html
The argument that using GPL’d code in your own products jeopardizes your intellectual property (IP) rights is silly. Of course it does. What they forgot to mention is that the same thing happens when you use, e.g. Microsoft shared source code. You can’t just take Microsoft (or Apple, or …) code, add a few features and call it your own. The only difference is that individuals tend to write GPL’d code. One would hope that with all the noise being made about IP these days, companies would be smarter about it.
How much people can get offtrack. (or maybe it is intentional FUD?)
The GPL _defines_ derivitive work. In that sense, only people who STEAL the source code are in any kind of trouble.
Look at GPL like it was commercial software, sure you have the source code, but that doesnt mean you are allowed to copy it and distribute it as your own. That would mean legal problems with any commercial software license.
I would like if people wouldnt be so affected by Microsofts lie, but I have to admit they really state their case like it was clearcut. And while it is clear-cut, it clearly not what Microsoft wants you to believe.
And always twirling, twirling, twirling towards freedom!
The idea that anyone is going to claim program A is derived from program B because they both use “i” as a counter variable is perhaps the most absurd thing I’ve ever heard, and I’ve heard some pretty absurd things.
It’s struck me recently that the “GPL good / GPL evil” debate is sounding more and more like modern (US) partisan politics. Democrats will give you a lot of philosophical reasons they’re against Republican nominees, programs and legislation, but when push comes to shove they’re against those things because they’re from the Republicans and they remember the hell the Republicans put them through during the Clinton administration. Whether a given program, bill or nominee is good isn’t the issue. The issue is that, goddammit, we <em>hate</em> Bill Clinton / Newt Gingrich / Ted Kennedy / Trent Lott and we’d rather hack off our own feet than let them score any points.
The entire debate over software licensing has hit this point of diminished return, too. Nonsense clothed in common sense is spouted regularly. We preach about how the GPL will save everyone, how BSD is really “more free” than GPL or how open source licensing is all communism in disguise. Bullpucky! The real issue is that, goddammit, we <em>hate</em> Richard Stallman / Bill Gates / Eric Raymond / Scott McNealy and we’d rather hack off our own feet than let them score any points.
Christ, sit down and have a beer, or a root beer if you’re not an imbibing sort. Pull yourself together. Let’s go over this one last time:
If you’re producing something that you want widely adapted really quickly by free software and proprietary developers alike, use a fully open license like BSD or LGPL. A sample implementation of a new protocol (the BSD IP stack, anyone?), an XML parser (like Jade). Things like TCP/IP and XML need the network effect to take off.
If you’re producing something you want to release for free and you want to make sure it <em>stays</em> free (and I don’t care whether you mean free beer, free speech or free radicals), use the GPL. Just because you’ve made the source available at no cost doesn’t mean you want someone to be able to take your hard work, spend a day twiddling it, and sell it as their own. If you’d wanted that, you’ve have used a BSD license to start with.
And if you want to make your primary income by selling software, don’t use an open source license, period. Nobody’s forcing you to. There are a lot of routes you could take that aren’t fully closed source, either; people just don’t seem to think about them anymore.
This ain’t rocket science, guys.
The most worrying part of this, it seems, is the intentional ambiguity. They talk about ‘using’ GPL software, as if that’s the language used in the GPL licence.
WattsM,
Thank you, you hit it right on the nose.
In the end it’s what you want for your software. I personally
find the GPL more attractive, but that’s me.
If I want something different for my software, I’ll go with another license.
I’m tired of all the license nazi’s.
Read this IBM guy’s talk about GPL (he’s the guy who ported linux to S/390).
http://www.sslug.dk/patent/strassemeyer/transr-del.shtml
This anti-GPL thing is not FUD. It’s the official IBM policy (for a company which has invested a billion dollars in linux) that’s been cleared by hundreds of IBM’s internal IP lawyers.
I’ll summarize it for you:
IBM lawyers wouldn’t let their engineers show anything commercially valuable to Linus unless the IBM engineers showed it to Linus in IBM’s premises and made sure no outsider gets to keep a copy of the source code — so that it’s not a distribution.
IBM wouldn’t let their engineers embed the linux kernel into embedded devices that has any commerical value (i.e. they can embedded linux into that infamous watch because it will never be a commercial product).
My opinion — this pretty much shows that the so-called embedded linux market is one big question mark.
GPL is being rated by it’s results, i.e. crap like linux. GPL must be evil, because it results in evil crap like linux. Imagine where linux would be today if it was characterized by sane people instead of 10,000 weirdos that foam at the mouth and lash out at every simple critique from a beginner? Pretend you’re at a restaurant, and your order isn’t cooked right, and instead of finishing cooking it, the Chef instead just calls you stupid and lazy for not reading the manual about how to cook it for yourself? Hey dumbstick, *you’re* the one that told me to use it instead of Windows, so how do you figure it’s *my* fault that it doesn’t actually F’ing work??? This is exactly the same crap linux people try to pull. They go:”Look at me, I have a new OS you can use instead of Microsoft”, and then when confused and bewildered users ask why it doesn’t really work, they get ten thousand lines of personal insults and excuses about why it’s *really* the user’s fault that it doesn’t work. You say Windows is an over-bloated pile of crap? We believe you. But Windows works, and linux doesnt, except for web server applications apparently involving something named “Apache”. Am I an idiot for not understanding? No “Einshteen”, *you* are the idiot for expecting me to study your technical crap until I can understand, because I have my own life I’m trying to live. When I want my tv, I turn it on and it works. When I want my stereo or my microwave oven, or want to use an elevator, auto, or electric blender, I *DON’T HAVE* to RTFM, I turn it on and it works. IT JUST WORKS. That’s what you people don’t understand. We don’t *WANT* to Read Your F’ing Manual, we want it to just work when we turn it on. So take your “FM” and stick it up your “FAss”.
So you mean if someone looks at the Linux source code, the company that they work for may have to release other code that they work on?
Just imagine this
1) Some programmer copies a chunk of GPL code into your company’s e Commerce application.
2) Your company is forced to release the source code for the whole thing, not just the bit he copied.
3) Some hacker spots a possibility for a stack smash. He uses this to get root access and a list of credit cards numbers from the database.
4) All this becomes public and the company gets sued for negligence.
sum pretty whoreabull scenarios about poor richard’s <a href=http://www.gnu.org>GPL
my personal favorite is the (widely used buy FUDgePackers) won about credit card #’s being filched, which there is NO evidence of having happened with GPLed apps, & PLEntY of cases of billyboxes being pilfered. more disgusting deceptive MiSleading FUD, in place of real IT, AGAIN. nothing GNU about that.
NO 1 is forced to use the GPL. ALL of father william’s hostages MUST comply with HIS payper liesense agree(d)meNT. some day, sum of you hypenosys ridden FUDgePackers will be thrilled that you have even one other choice still available.
so, in summary, if you’re totally greed/fear based, don’t use the GPL. if you’re interested in the betterment of IT, check it out. use it. work on it. NO strings attached. 99.99 percent of folks who use PCs/the ‘net are NOT in the software ‘business’. boy are they lucky, what with most of the best software being virtually free now. cheers.
WattsM, I don’t agree with your explanation of when to use a certain license. LGPL is not fully open, but is perfectly capable of making sure that your code stays free. At most, an application that adds extra components can become commercial, but changes to your code can never become closed source/be hidden. Personally I don’t believe that LGPL/GPL is necessary to get enough contributions to your code, BSD will greatly increase your user-base. I’ve argued that most changes will still get released, so you’re not losing much (you’ll gain much more than you lose):
http://slashdot.org/comments.pl?sid=27605&cid=2968026
The big advantage of LGPL and (even more so) BSD is that commercial developers can fill niches that open source-developers cannot fill. I don’t see the problem if someone sees an business opportunity and extends open source code. Open source developers can copy the new features if they can. It’s extra competition that benefits the user either way, they get features that otherwise wouldn’t exist for free or an option to get them at a price.
I agree with your points about the XML parser and TCP/IP stack. IMO infrastructure code should be licensed with BSD-like licenses, so everyone can use it. The standardization will help to fight companies that try to push proprietary standards. It’s better to get a standard codebase out there that’s used by (almost) everyone, so that proprietary standards/additions can’t succeed, then to make sure that proprietary additions to your code are impossible by using (L)GPL. The GPL won’t help when an evil corporation creates their own code or their own standard.
GPL seems most useful to me when you want to sell a commercial version, while making the code available to built a community and get more bugs fixed. You might also be afraid that a big company just takes your code and sells their own version, although I believe it’s a bit weak when you are afraid that your open source version cannot win from/coexist with a closed alternative. Claiming that people will pay for a one-day tweak of you code is pure FUD IMO. Such a thing can only happen if someone sticks a big name on it like Morpheus did with a GPL’ed Gnutella-app (that can clearly happen with the GPL as well).
Your assertion that BSD-users _want_ to see a one-day tweak is also FUD, btw. My reason for liking BSD is that it creates a library of code with almost no restrictions, to the benefit of programmers and users (good free code=better apps). Making it seem like BSD merely allows other people to act like assholes and abuse your hard work is not very nice to BSD programmers and ignores succesful projects that use a BSD-like license (XFree, Apache). Besides, the original BSD code stays free as well. It only doesn’t make sure that other people’s changes are free. It not like BSD-code disappears, something you seem to imply.
BTW, did anyone notice that the story made it seem like almost all open source code is GPL’ed, including Apache?
What is the problem with these companies? Its so simple, if you don’t want to be part of the GPL then don’t include GPL code with your code. That’s it, end of story. What is so hard?
“Read this IBM guy’s talk about GPL (he’s the guy who ported linux to S/390). ”
Feh. The first example you cited is fairly well know. Back in 1999, IBM were still sniffing around the whole idea of OSS and Linux. Some enterprising developers at IBM decided that having Linux running on the S/390 (at that time the biggest machine IBM made, now superceeded by the Zseries). Certain members of IBM’s middle management were sceptical of
a) the commercial viability of such a port
b) the potential loss of IPR that such a port would allow
Point (a) turned out to be startlingly wrong – Linux is largely responsible for the sudden upturn in IBM mainframe sales in the last year (consolidation is a very attractive proposition to companies lumbered with hundreds of x86 boxes running toy MS OS’s). Point (b) also turned out to be wrong – the patches were eventually released and incorporated into the main Linux kernel and IBM continues to build and sell 390’s/zSeries mainframes.
Even more importantly IBM continue to release commercially valuable intellectual property to the Linux community through direct contributions.
The second example you cited turns out to be even more ridiculous – this guys english isn’t terribly good but he seems to be saying that this embedded product contained patent violating technology and they were (surprisingly!) unwilling to reveal this criminal activity…
…you may have misunderstood my point. To state it without the hyperbole I used originally: BSD-style licenses let someone fork your code into a proprietary, closed product, and GPL-style licenses don’t, right? Right.
Sure, there’s nothing that prevents companies from putting modifications to BSD code that they’ve done back into the code base. But there’s nothing that <em>requires</em> it. As a program author, you may not want people who make changes to your program and redistribute it to have that option.
The company that I’m at now was looking at solving a problem they had with using NAT and VPN together on FreeBSD 4; a programmer here solved the problem a year ago by making changes to the FreeBSD TCP/IP stack. As it turns out they didn’t go ahead with the product that would have been using that, but I can assure that, given our management, those changes would <em>never</em> have seen the light of day even if the product had shipped. (As I’m not up on the VPN side of the house, I don’t know specifically what the issue was, unfortunately–and I also don’t know if current versions of FreeBSD have overcome that limitation.) And, yes, the reason we use as much BSD-style code as we can is specifically because management is (a) cheap and (b) secretive.
You may say that we’re an exception, but it’s worth asking: how do you know?
I’m not against <em>either</em> license. I don’t think that either one is particularly good commercially for the program author, though–neither one compels payment for any use, after all. The people for whom the BSD license has the definite advantage are, well, people like my corporate management.
Personally I’d like to see more people try a Ghostscript-like “free for noncommercial use” source license. I don’t honestly know if it’d strike a balance between compensation for software development and source community, but it might.
The IBM guy is not talking drivel.
Yes, IBM continues to release some proprietary source code (or direct staff contributions esp. to apache project) to the open source community, but delineation has to be made that these proprietary source code aren’t commercially valuable (by themselves). It’s the mainframe hardware that is the valuable part of the business not the kernel patch for the S/390. It’s not the eclipse tools that IBM released to the public that is valuable, it’s the proprietary websphere app server that valuable.
Secondly, it doesn’t matter whether the IBM guy’s english in this very amateurish web interview is good or not. The IBM IP lawyers told their engineers not to use linux in embedded projects that could have commercial potential. The IBM lawyers probably have thousands of pages of legalese to back up their claims. Actions speak much louder than just saying that this is FUD or drivel. The fact remains that it’s official IBM policy to allow embedding linux in a non-commercial watch but it wouldn’t allow embedding linux in commercial projects.
“Yes, IBM continues to release some proprietary source code (or direct staff contributions esp. to apache project)”
IBM has a large number of developers working directly on OSS projects, ranging from Apache (as you mentioned) to Linux itself. Perhaps you should do some more reading about IBM’s commitment to Linux…
“It’s the mainframe hardware that is the valuable part of the business not the kernel patch for the S/390.”
Well done. Do you want a cookie for stating the bleeding obvious?
“Secondly, it doesn’t matter whether the IBM guy’s english in this very amateurish web interview is good or not.”
It does if, as is the case here, it makes certain key points extremely ambiguous.
“The IBM IP lawyers told their engineers not to use linux in embedded projects that could have commercial potential. The IBM lawyers probably have thousands of pages of legalese to back up their claims. Actions speak much louder than just saying that this is FUD or drivel. The fact remains that it’s official IBM policy to allow embedding linux in a non-commercial watch but it wouldn’t allow embedding linux in commercial projects.”
Is it? ‘sfunny – you must have got that from an alternative source because nowhere in that ‘interview’ do I see reference to IBM official policy. Furthermore, you should realise that in a company as big as IBM, there is a huge amount of corporate intertia which can take a long time to overcome.
…you may have misunderstood my point. To state it without the hyperbole I used originally: BSD-style licenses let someone fork your code into a proprietary, closed product, and GPL-style licenses don’t, right? Right.
No, it’s very easy to create a proprietary, closed GPL product. Selling it is much harder, although web services provide a nice loophole. Your software never leaves your company.
Sure, there’s nothing that prevents companies from putting modifications to BSD code that they’ve done back into the code base. But there’s nothing that requires it. As a program author, you may not want people who make changes to your program and redistribute it to have that option.
True, I’d like people to contribute useful changes. But I won’t force them to do anything. It’s their responsibility to become a contributor. If you followed the link I gave, you can see that I believe that contributing is often a good choice. I don’t think it’s necessary to force people.
On the other hand, the GPL has some serious downsides (my company won’t touch it with a 10 foot pole, out of fear to lose their IP). We will use BSD-code and will certainly try to contribute if we make changes that are useful for others (we’ve already open sourced something), but we won’t risk our livelyhood. Open sourcing everything is just not an option.
The company that I’m at now was looking at solving a problem they had with using NAT and VPN together on FreeBSD 4; a programmer here solved the problem a year ago by making changes to the FreeBSD TCP/IP stack. As it turns out they didn’t go ahead with the product that would have been using that, but I can assure that, given our management, those changes would never have seen the light of day even if the product had shipped. (As I’m not up on the VPN side of the house, I don’t know specifically what the issue was, unfortunately–and I also don’t know if current versions of FreeBSD have overcome that limitation.) And, yes, the reason we use as much BSD-style code as we can is specifically because management is (a) cheap and (b) secretive.
Too bad for them, when they would have moved to FreeBSD 4.5, they would have had to see if the problem still existed, reapply the patches and retest them. It is really expensive to keep a large seperate fork (that’s why most companies adapt to their ERP-systems instead of the other way around). Too bad that your company didn’t go ahead with it, I’d assume that they’d learn this lesson one day.
But in any case, they never hurt anyone. Their use of BSD at least made the project less expensive (I don’t have a problem with people being cheap by reusing well-tested code). In the end it’s usually the customer that pays for failures anyway.
I don’t think that either one is particularly good commercially for the program author, though–neither one compels payment for any use, after all.
GPL + a commercial version seems to do pretty well. I’ve seen a lot of new software products using this licensing model. BSD won’t get you paid unless you work-for-hire. It’s really nothing more than public domain with a disclaimer. It seems to be perfect for infrastructure code, usually a few companies can provide some full-time programmers and/or make a start and many others will chip in. See the Apache projects for many examples of this.
Personally I’d like to see more people try a Ghostscript-like “free for noncommercial use” source license. I don’t honestly know if it’d strike a balance between compensation for software development and source community, but it might.
Ghostscript uses a time-delay. The open-source version is 1 year older than the commercial one. This is not really a “free for noncommercial use” license, IMHO. It’s a decent alternative to a 100% closed version though.
“3) Some hacker spots a possibility for a stack smash. He uses this to get root access and a list of credit cards numbers from the database.”
Even without the stuff about GPL this is a possibility.
“4) All this becomes public and the company gets sued for negligence.”
Depending on how it happened, and what the company did about it, they would be negligent. Was it a minor unknown bug, or are we talking totally sloppy code?
We’re talking real money, real damages. If someone wrote sloppy code that controlled a nuke plant that caused an accident because someone crashed it, do you think someone would be sued? Do you think people would be in jail over this?
Get real. Perhaps if software companies were held accountable for their bugs we wouldn’t have this problem in the first place. Again, we’re talking real money and real damages. Don’t want to be accountable? Fine, don’t write that kind of software.
It’s funny, my car doesn’t crash unless I hit something or someone hits me, nor does it leak my personal info. But that’s a whole other issue.
The ‘time-delay’ Ghostscript license is the move from the Aladdin license to the GPL. You can use the current Aladdin-licensed one free only for non-commercial purposes, or you can pay for rights to do things like resell it in embedded systems. Peter Deutsch made his money licensing the full version for use in hardware, from what I recall in interviews with him. Sorry I didn’t clarify what I meant by that. Deutsch said in an interview a couple years back that he’d have preferred not to use the GPL at all, but before he’d thought through his business model he’d promised Richard Stallman he’d be releasing it that way–the dual-license system was the compromise he came up with.
And, yes, I should also have clarified I was specifically talking about software that was distributed when I was talking about license differences from a commercial standpoint, as distinct from things that are kept internal to a company.