Slashdot Mirror

← Back to Stories (view on slashdot.org)

Open Source Licensing

Posted by timothy on from the finest-kind-hawkeye dept.

Peter Wayner writes "For most open source software users, there are few things as easy to understand or follow as an open source license. If you share your code and follow a few basic steps, you're in the clear. This simplicity is a bit deceiving because the licenses are really quite complicated if step off the well-beaten path. And if you happen to be accused of something odd like SCO's claim that IBM donated SCO-owned code, well, the normally simple rules turns into a thicket of brambles with three-inch-long thorns. Lawrence Rosen, a hacker turned lawyer, has stepped forward with a deep and important exploration of the law. Curious programmers will enjoy it, but it's indispensable for businesses trying to honor the rules while still closing off some of their code." Open Source Licensing: Software Freedom and Intellectual Property Law author Lawrence Rosen pages 400 publisher Prentice Hall rating 9 reviewer Peter Wayner ISBN 0131487876 summary Major open source licenses are dissected and compared; invaluable anti-FUD for businesses and enlightening for all free software enthusiasts. The tricky part of following the GPL and even the BSD license comes when you want to keep some of the code private. This isn't as nefarious as it sounds. Many people write their own software, keep it secret, yet run it on top of Linux. Others write proprietary web applications and run them with a BSD-protected version of Apache running on top of a GPL-protected version of Linux. If you stay on the right side of the lines, you're still Richard Stallman's best friend. If you link the code together in the wrong way, though, you're toast.

This has been a particular headache for embedded systems manufacturers. If the engineers take advantage of the openness of Linux and make some tweaks to the part that is officially Linux, the company must to distribute their changes too. If they merely create software that works like a regular program, then there's no need to distribute anything. (Notice the ASP in the URL!) I know at least one very sharp businessman who explained to me how he carefully made sure the proprietary code in his system would only be dynamically linked to the GPL-protected code. If he left things statically linked, he would be legally bound to release all of his code and his investors wouldn't allow that.

"You had to work with developers. We had to create a build process that very carefully keeps things separate. If we weren't able to do that, we wouldn't have been acquired," he told me.

Rosen's book is a guide for anyone who's trying to walk that line. It dissects the major (GPL, BSD, Netscape, Apache, etc.) as a lawyer would: this kind of legal writing is always eye opening for me ,because the courts often make decisions differently from programmers. They value abstract issues like damages and pay attention to the often nebulous concept of who "owns" a piece of code. Thanks to the hard work of the lawyers at SCO, the distinctions will continue to be important to everyone experimenting with open source.

There are a surprisingly large number of distinctions, both big and small, between the different licenses. For most of us, the differences don't matter. But it's fascinating to watch a lawyer take them apart and compare and contrast them. The BSD license and the Apache license aren't the same, even though they're close cousins. Who would have known?

This book is a wonderful start on the topic. But by the end, it's clear that it's only just the beginning. There are deep philosophical questions awaiting the movement. The distinction between statically and dynamically linked code was easier to define in the past, long before modern languages like Java and the emergence of the Internet. Are web services specified by a hard-coded WSDL file, an example of dynamic or static linking? Can the DNS service change a static IP address into a dynamic link? Enquiring minds want to know. Rosen's book is a great way to begin the exploration of these topics.

You can purchase Open Source Licensing: Software Freedom and Intellectual Property Law from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

8 of 193 comments (clear)

  1. Re:Funny... by MikeMacK · · Score: 5, Insightful

    I disagree. Developers, more and more, need to be conscious of licensing, patent, copyright and IP issues. It sucks, because it takes time away from writing code, but I see it getting worse before it gets better.

  2. Too bad the book isn't online by Alwin+Henseler · · Score: 4, Insightful
    Looks like a book that could be really useful if it were online, so that you could browse through it when you have license-related questions. Or is this only something for lawyers, and they prefer paper?

    Did you take your Free Software licensing quiz today?

  3. Re:How Many Times... by cthugha · · Score: 4, Insightful

    <paraphrase>But I'm more than a little frustrated that a book like $foo For Dummies is necessary. It speaks volumes about the current state of computing. The reason computers are complex is that big corporations who have no interest in their users' needs and programmers are too lazy and inconsiderate to create simple, flexible interfaces that Aunt Tillie can pick up in five seconds flat.</paraphrase>

    Seriously, exactly how does the fact that non-lawyers need a book on the application of the law to open source issues lead to the conclusion that the law is unnecessarily complex? By the same reasoning, physics is unnecessarily complex because you need an engineering degree to get a good understanding of how Newton's laws govern the behaviour of real-world systems.

    Law is like mathematics: you have a set of basic principles that are fairly simple on their own, but which need to be developed into quite complex structures in order to be useful in a large number of situations. In this example, the basic principle is: the person who creates the code has the right to say how it's used. The complexity comes simply from the fact that lots of people are involved and the law gives them all a say in how their work should be used.

    Simplicity is a fine thing, but over-simplification should be considered harmful.

  4. interesting by killua · · Score: 4, Insightful

    With the way things are going in the lawsuit department lately, it seems this is kinda needed. Tho it has always been hard to explain to the buisiness world the concept of gpl style license agreements.

    Tho, i do disagree 100% with the idea that developers do not need to be concerned with the legal side of this argument (from above posts), more and more do we find ourselves as developers in the spotlight when something is not 100% up to snuff. More knowledge isnt really a bad thing.

  5. Re:How Many Times... by John+Courtland · · Score: 4, Insightful

    Law is man made and is arbitrarily complex. It could be simple, but for some reason, even though it is defined by man, it isn't. On the other hand, physics is defined by observable natural phenomenon. There is no known way to make it simpler. There's a huge difference.

    --
    Slashdot is proof that Sturgeon's Law applies to mankind.
  6. Dynamically linking OK? by Dominic_Mazzoni · · Score: 4, Insightful

    I know at least one very sharp businessman who explained to me how he carefully made sure the proprietary code in his system would only be dynamically linked to the GPL-protected code. If he left things statically linked, he would be legally bound to release all of his code and his investors wouldn't allow that.

    Hmmm, according to my reading of the GPL FAQ, even dynamically linking creates a derivative work, and thus all of the code would need to be under the GPL. No?

  7. laugh of the day by Anonymous Coward · · Score: 5, Insightful

    "For most open source software users, there are few things as easy to understand or follow as an open source license.

    When I read this, I laughed so hard I nearly fell out of my chair. Just consider, if you will, how many completely misguided and contradictory views of the GPL you've seen/heard recently, even right here on /..

    Most open source users have no friggin' clue what the exact rights and restrictions are under the GPL or other popular OSI-listed licences (the BSD/MIT variants being a possible exception, since they contain almost no restrictions to begin with). That doesn't keep them from having an opinion and loudly expressing it, of course...

  8. Rosen is clueless by Anonymous Coward · · Score: 4, Insightful

    Rosen disagrees with FSF on many points -- specifically, whether dynamically linking creates a derivative work. And since FSF's lawyer is a law professor and Rosen is a two-bit hack, you should think twice about listening to Rosen. Incidentally, MySQL's lawyers also disagree with Rosen -- and have gone to court to defend the GPL.