Slashdot Mirror
Management 'Scared' by Open Source
A discussion panel at EclipseCon exposed how managers are freaking out over open source. Apparently a disconnect exists between managers who set corporate open source policies and developers supposed to follow them, but who end up covering their tracks to make it seem like they are not using open source. Developers, though, end up using open source because of its ubiquity and not using it 'puts them at a competitive disadvantage because their competitors are.' And the Lawyers are in a panic.
1) Managers are under the mistaken impression that if i just use spring or Jakarta Commons, the company MUST open up the whole project in which it is used (like a proprietrary trading system) to Open Source.
Many managers don't realize that just "using" Spring does NOT force you to open up your systems.
You only need to open up if and when you modify Spring framework with your own code.
2) Open source hacks is another fear they have: the fear that somehow using open source tools will make their client sue them.
3) Leak Back: Managers fear developers, in their zeal to promote open source, will incorporate company's code into open source for 'benefitting' others. Much like SCO claimed. Developers are not fools.
It requires a maturity level beyond that exists today and i don't blame them since these managers were brought up an era where you pay good money for good things.
"Doing what i can, with what i have." ~ Burt Gummer
When big enough companies use [or acquire companies that use] my software, I usually get a call from a manager or legal dept. Turns out big companies are not only scared of OSS but also public domain software. The idea that I give out something for anyone to use without license seems to scare them.
:-)
It's like a fiver you leave on a bus for anyone to have, people are always skeptical if they can in fact take it.
On the plus side, it's fun explaining the public domain to folk
Tom
Someday, I'll have a real sig.
"Apparently a disconnect exists between managers who set corporate open source policies"
There's your problem right there. Managers shouldn't be setting corporate open source policies. Managers are ill-equipped when it comes to setting technical policies. Let the techs make the technical decisions and let the managers... well.. uh.. manage.. stuff. Whatever it is they should be doing.
In Capitalist West management scared about your lawyer exposing code theft.
In Soviet Russia KGB scared about not stealing enough code for you.
Domestic spying is now "Benign Information Gathering"
And for good reason. Just listening to all the talk on whether or not Novell is violating GPL (perhaps by simply partnering with another vendor - Microsoft) should make a lawyer's skin crawl...
If more code was released under BSD-type license, we would've seen wider adoption.
So, GPL was used to wrestle a few vendors into releasing their own code. And what? Who has looked into that code or used it for anything else? And how many other vendors have (foolishly) decided to avoid "open source" and come up with their own (usually inferior) re-inventions of the wheel, because of that?
It is hard enough to use an outside solution because of the NIH syndrome. Restrictive licenses exacerbate the problem...
In Soviet Washington the swamp drains you.
Managers may be afraid of unknown open source packages but much of what they do is governed, managed if you will, by open source software. As has been said time and again here the internet and much of the global communication grid is dependent on open source offerings. It what they don't know that they fear. Nobody ever got fired for choosing Microsoft.
I had a problem with the BSD three clause license once. If you every read commercial software documentation, there is usually a section full of advertising clauses for contributed software. But no, management deemed this not acceptable. Of course there was no time either to remove the BSD code, so we just left it there.
:-). The only solution is to be careful with what you ship, period.
On the other hand the leaking of GPL code is a reasonable concern. It happens all to often with common software such as MySQL. And you here statements such as "but if we use Perl, we are not linking against the MySQL code", which are dubious at best. Or "if the customer downloads the library himself, we are not responsible".
Of course banning open source is not the solution. Actually most commercial software packages have some content of open source code (Windows has the BSD network stack, Matlab has BLAS, Adobe uses the JPEG library...). And even if you ban all open source software, you can still violate the license of a commercial package
If people are wondering why managers are scared of Free/Open Source Software, just look at Rob Enderle's recent story posted here on Slashdot yesterday. Managers are the targets of these schill reporters (Enderle, O'Gara, Lyons) and their efforts are clearly working. We might not fall for their FUD, but managers and other non-techies do. And that's why they get paid.
I read the first sentence of the article, and it is clear to me that it is utter BS.
If the company policy is closed source that is it. Managers are absolutely right to make sure that nobody uses open source in company products, because if somebody sneaks in snippets of GPL-protected code into their applications, that might have big legal ramifications.
Said that, the company policy to use open source in their productsor not is another issue. That is up to particular company, particular circumstances. For some it is better, for some it is not.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
This amuses me greatly, as my good friend is a manager of a Geek Squad department and they're not allowed to use open source tools, although he frequently sees them being used (and lets it slide for obvious reasons). I forget the exact reasoning, but it does involve liability to some extent. Apparently stand alone geek squad "stores" in strip malls and the like are allowed to use "more advanced" tools for some reason.
moox. for a new generation.
Only incompetent management and lawyers.
Okay I digress, most management and lawyers.
The timid are easily frightened by whatever they cannot control.
Lawyers are upset only because they realize there is no justifiable legal work in open source licenses. Sometimes you need lawyers, but never forget they look out for themselves, not their employers.
I believe that another important fear is that of disempowerment. Open source is usually free of charge, which means that their budgets and thus their importance decreases. Also, there is no need for developers and IT staff to go to their superiors to ask and beg in the first place. They can just download, evaluate and use free software right away.
Free software is also not advertised unlike commercial products, which means that managers can't even communciate, what is going on, to their kin.
Compare: "I recently negotiated a licencing deal with <known software company> for <known software product>, which i deemed to be the best solution because of <list of buzzwords>"
To: "Well, my IT guys implemented a working system on their own, using some software I can't pronounce and really don't understand."
Even IT managers act in their best interests, Microsoft Windows is crappy enough to keep them employed fixing it for eternity.
People make money out of others ignorance.
People make money by adding value to others.
Slashdot = Sarcasm
I cannot think of a single company anywhere that is not at least using open source software. Hell, there is likely very few if any that do not at least use it indirectly "google search". Now granted
developers within a company shipping a product should be trained in what you can and cannot use and under what circumstances. Soon here even java will be open source, so you will not even be running your application servers and custom code without a open source component.
What we are talking about here is proprietary development shops and people closed source apps, yes
by all means you should be afraid "we don't want our code in your application".
Got Code?
Though where I work (a state government entity) it's not about legal concerns, it's about "security". There is not only a mis-understanding, there is "no" understanding about opensource.
This is what happens when a new official is elected. You've spent 4 years getting the word out that opensource is safe, cost effective, and effcient, and that it opens doors to a whole new constituentcy when you release open services.... Then a new guy brings in new leadership and they want to put the breaks on because it doesn't jive with their sense of good software use.
Ironically, they have no problems with custom software (which I write, and which we contract out) which has to be the most dangerous software in the industry.
-CF
Me and the IT-professional at the law firm I work in are currently trying to create a new website. It is one of the biggest corporate law firms in Denmark. When our IT-guy requested that the new website should have a content management system, and that he had found a great open source system, the partner in charge insisted on paying for a system that costed $10.000 because the company shouldn't rely on shareware.... and this guy works with copyright law. There is a general misconception that you can't possibly get something for free that is as good (or better) than something you pay $10.000.
Manager: So you're telling me that someone already wrote code that performs a task we need done in our software, and they're letting anyone use it for free?
Coder #1: Yeah, I think it's cool that—
Manager: AIEEEEEEEEEEEE!!!
[Manager faints.]
Coder #2: That's the last project on SourceForge that we hadn't used yet. How are we going to get out of work tomorrow?
Coder #1: Hmm... Wanna go grab a beer and start yet another Python web framework?
Coder #2: You're a genius.
Nobody has ever accidentally freed their code.
"We have never, in the history of free software, despite everything that has been said by lawyers and flaks and propagandists on the other side - we have never forced anybody to free any code."
http://www.geof.net/blog/2006/12/10/eben-moglen
My turnips listen for the soft cry of your love
Look at the context of this post, it was a pannel discusion at a conference. It means they didn't have anybody to speak about something infromative so they got bunch of so called experts to talk about something "controversial" to fill the time. It treats the groups discused as monolithic morons. Developers, Managers and the always popular "Lawyers". We are "Freaking Out", "Scared", "in a panic" all very informative descriptions for how people deal with complicated problems. News flash! There are clueless "developers" who don't understand the conequences of their actions on the orgaizations that pay them. There are clueless "managers" who have never read a EULA of any kind. There are clueless lawyers, nuf said. How about the report of a real discusion between thoughtfull people about trying to balance Stallman's la la land philosophy with Ellison and Gates' Ferengi capitalism.
And even if you ban all open source software, you can still violate the license of a commercial package
Which a point rarely made about proprietary software. Practically every piece of proprietary code comes with a different license, with an entirely different set of restrictions. It's a lot easier to make a misstep with proprietary software than it is with open source, and your risk of being taken to court (as opposed to just some public shame restricted to tech circles) is far higher.
At some point, somewhere, the entire internet will be found to be illegal.
See the problem here? Using open source give an advantage in the minds of the developers, but not the managers? Why? Because developers' time are free for managers of most in-house IT dept! Developers' salary is fixed cost in the budget, once hired, a manager rarely have to justify it every year. On the contrary, developers viewed as having little to do would have caused more problems for their manager!
So for a manager, a developer's time is a free resource that happens to have a "use it or lose it" property.
Now, give him a choice of (1) buying a piece of software for a given price, (2) use a comparable open source software with a license he do not understand so he can (2a) try to understand it himself and thus open himself to any future problems or (2b) send the license to legal dept and gets charged to his budget, or (3) tell his developer to re-implement the software themselves, no further expense claim or budgeting needed. Guess what a lazy manager will do?
So when the manager chooses option (3), and the developers see months and months of unpaid overtime and endless bug fix headaches coming from re-inventing the wheel, they covertly downloads an open source library and plug it in, with a custom wrapper to hide their tracks. Is that a surprise?
No amount of education will not cause a manager to take any amount of risk choosing open source instead of using a "free" resource to achieve the same thing (a resource that cannot be saved and use later in any case). The developer's time and effort is an externality in the manager's consideration.
The only way you can bring the manager to use open source is to add the developer's time into the manager's accounting, either when developers are "pooled" and any effort spent will be charged to the manager's budget, or when the developers have other things to do so there is an opportunity cost to have them do other things.
Oliver.
It's a matter of software licenses. Legal should be involved. And should have a clue what they're talking about. In an hour, they could determine that the people issuing these licenses claim that you can use their software as an end user with no charge and no caveats, that the license only matters for distribution, and if their developers want to use open source tools, no problem, as long as that doesn't get into the final product.
To me it seems more that these managers that are afraid of open source are just lazy and don't do what they are paid to do: to manage. Using open source in ones system or taking advantage of it by including it to your own software is not that hard. You just have to decisions. If I want to keep my application closed then I can make a simple rule: no GPL code or if GPL code really badly needed then contact the developer and check if it's possible to license the code in another license. In example in my own company which develops closed source survey research software we follow few rules:
1) No usage of GPL code/software allowed that requires opening up our application
2) LGPL code can be used under few conditions
a) no straight code lifting
b) code is only used via Jars
c) if code is changed, the changes are distributed back
d) include the package with sources that we have used into included directory when distributing the application
3) Usage of code under other licenses like BSD etc.. is evaluated case by case
These are very simple rules to follow and very simple to understand. Of course we could have more rules and more specific rules and guidelines but then again we are small company and we are not that heavy on including open source components to our software: our main work is writing good software not linking all the worlds code to our software. Of course in a bigger company writing rules and guidelines may need more work and more thought, but then again that is what managers and lawyers are paid to do and if they do their job by just shouting "NO!" then they are not doing their jobs.
Survey research tool for commercial and scientific use
... on sexual harrassment policies, or export regulations?
One would think that if corporations have no difficulty "educating" employees on interpersonal relationships or export legal issues, that they would have someone from legal get up to speed on the various types of open source licensing and "educate" the managers and developers on the subject, and when it is required to include attribution comments (why not do that ALWAYS? Seems like it would improve the documentation).
I suppose this is what keeps the corporations firmly in the IE camp, with its associated higher support costs.
Switching to use a "free" product like Firefox that works better with fewer problems, and actually tries to conform to a published standard of web interpretation, must seem like endorsing theft -- when in fact, by sticking with a product from a company that is stealing them blind by continuing to sell it year after year with the same litany of flaws and security holes, they are endorsing true thievery, the thievery that comes from knowingly selling defective products.
I work in a large (Fortune ???) company and official policy is "no open source" as far as I know.
Unfortunately, one of our group's work products is essentially a OS distribution. We take a base (Unix-like) OS load, add our internal applications that run ALL the time, create install CDs, and send them out to our internal and external customers.
(I'm being intentionally vague here, because I actually like my job....)
Now, I don't know how you do anything modern with a Unix-like OS without open source. Neither does anyone else.
Perl. Apache. Samba. OpenSSH and OpenSSL. zip. unzip. Those are just the ones that immediately spring to mind, and we've been using them all for years as part of that CD.
My manager knows and understand. My director knows and understands. Not sure about my senior director. But there's a real lack of understanding of reality somewhere in our food chain.
But the legal department - who has to review and sign off on things - is probably the most clueless. We're not really a technology company, and it really shows over there.
Look at the full text from Merriam Webster
2 : to act as a spokesperson or promoter
That still implies payment. Look at every definition returned from a Google define query - each one implies payment.
At some point, somewhere, the entire internet will be found to be illegal.
No one seems to realize that the whole ball of crap described by the article only applies if you are a producer/distributor of software. Most businesses are not software companies. They are small businesses reselling retail merchandise and services.
I am a consultant, and I constantly have to explain to every suit I meet, that if you don't distribute software, you can use GPL'd software in your business all you want and essentially never even have to consider the GPL. Run your servers on Linux, use Open Office on desktops, use GPL's utilities and code internally without fear.
I use this example: Since there is no software in a Domino's pizza (and assuming that is their only product and they don't distribute any software elsewhere), the Domino's company can use GPL'd software to run the entire company and every franchise and never have to concern itself with the GPL. If they develop an in-house pizza-business application using GPL, no GPL issues arise unless and until they decide to distribute that software to others. Service industries, like lawyers, janitors, and home inspectors, will typically have no issues using GPL software.
Finally, I know sometimes a company that is not a software company may distribute a piece of software they have developed as some small side-project. If by some mistake they run into a GPL problem, it is easily solvable. Just post the source code.
I don't dispute that GPL issues can be serious with software companies that make a living off of selling software, particularly if you create code with both GPL sources and proprietary source material under a license that prohibits source posting. But for the vast majority of businesses in the world, the article is FUD.
I've worked for many compagnies in a somewhat confidential domain. This means that I use to see almost the same people who, like myself, are jumping from one compagnie to another, as hired, consultant or freelance. Sometimes one of this "community" takes long or middle term responsabilities in a compagnie and get hired at a place which implied management or responsability for some produced code. Some are very good at what they do, or at least are known to be.
I myself though once that one of them was good, because I heard he did some cool stuff and because I saw with my one eyes some good coded stuff referencing its name as the author. But once, I had to work directly with him, and then I was, to say the least, disappointed by its desgin skills, the guy simply didn't understand basics of middleware design. How could it be that he really designed and coded the previous piece of code I saw? Simple and straight: he didn't. Later, I encountered the real author of the work which impressed me, and this guy had the required skills, what our first intervenant did was simply to steal the original code, jumping from one company to another, working on the almost same subject and re-writting the stolen code in a very directly inspired way, when it wasn't litteral copy.
The fact is that this is not a so uncommon behavior, in some compagnies I have been considered as dumb when I say that no, I didn't leave my previous work stealling confidential or proprietary stuff like code, document templates or process definition,
and many managers are pefectly aware of the situation. Using free software code may lead a compagny to expose the code of its products, and they fear that another concurrent compagny read their disclosed code and say "hey, this is our original code".
If you want to make money with free software:
1- take well-working implementation of something under BSD license,
2- adapt it to embbeded software, rougly test it,
3- (usualy ???) build a compagny and sell your library only to big or medium-sized entreprise, presenting you comagny as owning copyrights for the work,
4- profit!
This way, you will seduce managers who will be using free software without nowing it, ignorance is a bless, and with a legal fuse in case of problem. In case of problem, just give up your compagny, which, as a moral person, will endorse all the blame, and just build another one.
This makes perfect sense though. Business want a paper trail that they can go back on if problems arise later. You may now say "no license is required...it's public domain". But what if 5 years from now, you decide to sue them for copyright infringement? How do they defend themselves without the paper trail? From a legal perspective, it's an order of magnitude easier to go back to the license and show that you're not infringing than to try to prove that your software used to be in the public domain 5 years ago.
Another problem with open source software is that patent liability is placed on the user of the software, not the creator. The SCO/IBM lawsuit shows that. License a piece of Microsoft software, and the patent trolls go after Microsoft. Use a piece of open source software created by Ted in his garage, and the patent trolls go after you.
IBM is VERY strict with open source now. Nobody is allowed to use open source or public domain code in their projects unless it's gone through a very rigorous screening method to make sure there isn't any copyrighted code in there. And they provide a 'whitelist' of software that has been prescreened and is allowed to be used by developers. This list is rather small though. It requires alot of effort to remain safe from a legal perspective, and I doubt that few companies outside of IBM have the resources or expertise to do it.
I work in IT at a medium sized organization. We recently ran out of Office licenses. I came up with the brilliant suggestion to use OpenOffice on non-essential personnels computers who would not be needing advanced features. Essentially on most of these machines, Office was used only to type letters in Word, or perhaps excel.
My employer refused to use it, because as a free piece of software, it would not have enough features, would be insecure, etc.
Well, I decided to repackage it as OfficeLite, I told them it'd cost an extra $15 dollars to install per machine (I did NOT say it cost this per license), and now they love it! They checked it out and thought it was a brilliant piece of software. I have since told them how I duped them, but eh, I get to keep the first 120 I made from it.
"I believe that another important fear is that of disempowerment. Open source is usually free of charge, which means that their budgets and thus their importance decreases."
How many of us read this, and are saying "Hey, if they're worried about the consequences of reduced budgets, they can always throw me another $50k a year ..."? :-)
Its not about budgets, and its not about power - its about managers who aren't really right for the job - because the JOB has changed.
Look at it this way - 1st-rate people hire 1st-rate people. 2nd-rate people hire 3rd-rate people, probably because they're intimidated by anyone being "as good as" or "better" than them.
Any IT project manager who doesn't have a clue about the GPL, LGPL, and BSD licenses should be fired. He or she is obviously not willing to do their homework, and hasn't been, for about a decade.
Additionally, you should probably go up the food chain one more rung and fire whoever hired/manages them. After all, they let this piece of deadwood contine in their slot for god knows how long.
So they blocked sourceforge, and they banned thumb drives, to prevent open source code from "leaking into" the company. I'm sure I'm not the only one with a cell phone with tons of free space - its not *just* for music and videos. And most of us can write a proxy server in one line, run it on our home machine or another server, and get around any site bans just fine.
management looses control over budget, since open source has no cost or requires purchase order approvals.
it is a loss of power that scares them. all the other details about confusion over costs or how OSS works are just excuses.
management dimly realizes they are not doing their job and it scares them.
they budgets $100,000 dollars for applications and countless more man hours paying staff to configure and manage the commercial shrink wrap application, only to discover their game plan was flawed. how do you think they feel about their job security? and the quality of their decisions?
"by simply partnering"????
You misspelled "by entering into an agreement specifically designed to violate the spirit of the GPL while obeying the letter, so that they could use the threat of litigation to gain substantial control over the work of others".
Now, why would anyone think that such obviously bad-faith actions could get them in trouble?
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
I guess I can understand being scared by the unfamiliar, but what really frightens me is proprietary software, or rather the licenses thereof. There's some really scary shit in there about what you can and cannot do, and the penalties for running afoul. Not to mention the stuff (which you may know as "software patents") that you only get to hear about after you're in trouble.
"Not an actor, but he plays one on TV."
I work as an IT consultant, doing SOX work. I have 'a friend' who is in the same line of work, who recently installed an open-source interpreted language package on his work laptop (they are not locked down, but if you break it or get it infected, you're responsible, and probably unemployed) in order to solve a client problem that was costing the client a fortune in billable hours. When he broached the solution to management (of the consultancy, not the client), he was told that despite the open culture of the organization and emphasis on innovation and efficiency, since this language was not part of the standard load for laptops, it could not be used period, and there was no machanism to get it approved. Period.
Community-built software is not perceived as 'safe' - 'It could have a trojan or virus built into it' is the exact phrase used by Sr. management in their demurral. When 'my friend' suggested that the likelihood of say, the Perl distribution, containing some kind of malicious code was vanishingly small and the code was way too open to scrutiny for such things to get in, and that closed-source firms have a far worse record on the subject of malware than established open-source projects, he was dismissed out of hand.
As such, he is developing his app, on his own computer, on his own time, and trying to come up with some kind of 'sales pitch' to get management to listen. Suggestions welcome - I'll pass them to him, although I'm sure he'll read this post.
As a manager I'm getting a kick out of these replies.
I'll tell you why we are are scared.
1.) If I choose open source products, who is going to take me out to lunch while telling me about said products.
2.) If I choose open source products who is going to shake my hand and tell me what a great deal I recieved and
how smart I am.
3.) If I choose open source software we are afraid of losing the balance of power in our office to open source
developers who look like rasputin visiting burning man.
#all above statments are made as a joke, not really a manager/
> Who has looked into that code or used it for anything else?
Lot's of people have looked into and used GCC's C++ and Objective-C front ends...
I'm surprised nobody has mentioned this before.
The entire scox-scam is nothing but a small part of msft's ongoing fud campain. The entire scam will cost msft well under $100M - pocket change for msft.
Now that the scox-scam is winding down, msft has bought a new bitch - Novell.
Msft message to corrupt users is crystal clear: "F/OSS is a legal mine-field. If you even use linux you risk a lawsuit. If you substantially contribute to linux a lawsuit is nearly inevitable. If you even think about touching a F/OSS produce, you will be legally forced to open all of code." Msft has pounded on that message for years and years. Lots of msft shills scream hystical warnings, all kinds of fake lawsuits, fake studies from msft owned "think tanks" and so on.
I think msft's fud campaign has been smart, and successful.
Is this a FUD piece? There are some parts of the article which don't make any sense to me and look like scaremongering:
Companies running open source also often make the mistake of thinking they are running a relatively benign, commercial-friendly license like BSD when they are actually using GPL, which has limitations on modification and distribution of code.
Actually the GPL is supposed to NOT limit modification and distribution, because if the person who holds it is trying to prevent modification and distribution, then the license is invalid for them. Why use the word "benign" and "commercial-friendly" together... shouldn't something GPL-friendly be considered benign, since people have approved its distribution (the authors) as opposed to using commercial code which might be prevented from being included in an open source project due to copyright and/or IP? With GPL-code the authors give their expressed permission to distribute it, and you're sure that someone else can't take it and turn it into their exclusive product.
And that's a problem because 10 per cent of open source code leaks out of development and into final product, meaning companies really are potentially at risk from rightfully aggrieved software authors.
Meaning that companies are trying to take GPLed code, close it up, and sell it? Do they think OSS is just a pool of example code they can cherry-pick from?
With GPL 3.0 coming, things ain't going to get any easier - especially for Software as a Service (SaaS).
Why not? GPL3 makes it easier for you to modify (protections so you can run modified binaries on the original machine) and clearer about what you're getting (regarding patents).
Yes, you could call this a case of predictable vendor scaremongering to drum up new business, but don't forget some well known open source cases are already on record - Tivo, Linksys/Cisco, and Progress Software versus MySQL, anyone?
Justice was upheld, and the companies aren't damaged as a result. Isn't it scaremongering to put a negative spin on this?
Another problem: the increasingly distributed nature of development makes bans impossible, as offshore teams and outsourcing partners employ open source.
How is this a problem? They don't cite any examples.
What's creating the confusion?
This article's author?
Twinstiq, game news
You only need to open up if and when you modify Spring framework with your own code.
This is incorrect. Both Spring and Jakarta Commons use the Apache license, which does not require you to distribute code changes if you change the libraries. You just need to include the license with your binaries and notices that they were modified.
In the late 80s, managers were saying that the PC wouldn't replace the mainframe. Later, there were managers saying that Gateway PCs were not as good as those from the mainframe manufacturer. Then, managers who said that the internet is a toy, and that services couldn't realistically be delivered via a browser.
It's about conservative managers. Typically, what changes their attitude is when a bunch of young upstarts prove them wrong, show that something can be sustained. Eventually, they come around to it.
There are a lot of shills who are spreading FUD about open source software. There were shills suggesting that non-mainframe manufacturer PCs were somehow inferior, and so forth.
The good news is that these guys eventually lose. Their FUD gets found out. Typically, the small companies shift first, with large bluechips moving last. I know a company with a "no open source" rule. At the other end of the spectrum, I know someone in a small company where their experience with Linux webserver, mailserver and firewall means that open source is seriously addressed.
No FOSS tool that I know of limits what you can do with its output.
NMAP does.
Try integrating NMAP with yoru commercial product. You won't be allowed to distirbute it if you use it's output to integrate into your own stuff.
Check out their wacky addition to the GPL:
It's almost impossible to write some kinds of applications WITHOUT using open source software. I'm particularly thinking of geospatial applications, 90% of which depend on the same four libraries: GDAL, OGR, Proj4, and Xerces-C. Similarly, things like Bzip2 and Zlib are a godsend. My company is very decentralized, so I don't know about our open source policy as a whole, but my own group is very open source friendly - we can't compete with the big boys in the industry without it! The basic policy we follow is: No GPL code unless you can execute it as a separate process. LGPL, BSD, and MPL are fine. Anything else, we need to have multiple people check. The main thing I hate is when people make library code GPL for no good reason, like the MySQL driver. Royal pain in the ass for people like us who do government contracting. Which is why we use PostgreSQL as our database backend instead.
Open source germs! Open source germs on you! You've got open source kooties!
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
I think OSS/GPL offers the best protection for commercial companies. Any closed source company producing a sucessful product runs the risk of it being cloned and given away by you-know-who in the next version of Windows. If you uses someone elses closed developement tools you are always at risk of the upsteam supplier arbitrarily changing the 'licensing' rules or keep changing the formats/protocols in an attempt to keep lockin. Finally you don't really own the product you are trying to sell.
.. sorry monoculture.
With OSS/GPL you get the benefit of a huge developer community. You take out and give back. You make your money out of selling hardware and support. If the elephant comes after you to 'partner', he can't as there is no product to buy and remove from the ecosystem
Finally as an end user, once a closed source company has all your records on propriatery formats and your network runs on propriatery protocols, you don't own your own company anymore.
davecb5620@gmail.com
...executives sweat over the legal exposure caused by developers using open source software
Developers are using open source software mostly everywhere. Eclipse is open source, heck even now Java is open source. Executives aren't scared about developers using open source software: IBM, Sun, Oracle... They're all using, proposing and pushing open source software everywhere.
What executives sweat over, and rightly so, is about developers using open sourced code under a restrictive license. And they should: I know of one (european) company where one of the developer had the habit to simply steal GPL'ed code and insert snippets into the commercial products made by the company. The company noticed that at one point and started to rewrite.
Then, while writing this rant, I realize I had just read TFA (yup, I know...) on that lame 'the register' website, approaching the lowest of all lows you can find on the Internet. The headline is close to an outright lie, like you can find so many in the english tabloids: "Managemement scared by open source". Followed by a misleading summary: "...executives sweat over legal exposure caused by developers using open source software".
Companies are using open source software, developers are using open source software. Managers aren't afraid of that at all. They're afraid of rogue developers stealing open source code and incorporating it sneakily into their product, which is not the same thing (and less "sensational" to write about for the f*cktards at 'the register').
This article seems to be a troll drummed up to get page views, or just plain ignorant. My company had this discussion, and we basically agreed that just because we can't *see* the code in closed source apps doesn't mean we have indemnification for bundling it in our software if it violates software patents or copyrights. There is no inherent risk open source puts you at that closed source doesn't. However, there are some risks closed source put you at that open source doesn't. We use both open and closed source 3rd party software in our product, if the closed-source stuff is pulled, bundled with a nasty eula, or no long developed, we're SOL. This has happened to us. However, if the open-source stuff is pulled, no longer developed, whatever, we'll maintain it. This has happened too, and it isn't *nearly* as disruptive.
Using GPL v. BSD licensed stuff can be a concern, but you can work around that (see proprietary drivers and the linux kernel), and it isn't different than restrictive licensing with proprietary stuff--proprietary licenses can require about anything--release your derivative code, pay royalties, or even listen to abba while coding. Not to mention, it isn't *always* a bad thing to release your code. Sure the competitors get it, but if the GPL stuff you are using really gives you a significant advantage, your competitors will have to adopt your model, or try to replicate all of your code, all the while avoiding the copyright minefield that comes with rewriting.
This article seems also to suggest that piracy and overusing licenses is more of a problem with OSS than proprietary. This is almost always wrong, OSS almost always has more lenient licensing policies than closed-source. We moved our CRM from Salesforce to Sugar for this very reason, the licenses were costing us an arm and a leg, and we couldn't configure it to our liking. Now we pay for support on Sugar (which is OSS), and we get better support, save money, and it is more powerful. We're happy.
If a developer feels that management is not responsive to constructive technical advise then it's time to find a better place. There are plenty of places where her expertise will be greatly appreciated. Doing the best of what you can also means making yourself more competitive thus getting respect and better income potential. Fighting politic battles will only makes you look like an asshole.
Let Darwin law do fighting for your: go work for better place and let old place wither and die.
Whenever I hear about managers anxiety about their code becoming contaminated with open source, I wonder whether they really shouldn't be more concerned about a different source of contamination, namely the toolkits that so many (most?) programmers carry with them from job to job. It seems like just about everyone has a stash of code useful code from past work that he or she draws on instead of reimplementing from scratch. Some of this code may have been copied out of a textbook, journal article, or web page; some of it may be hobby code; some of it may have been written for a project for a previous employer. I suspect that a lot of proprietary code is contaminated with functions that technically belong to the company for which they were first written or to the author or publisher of the source from which they were copied. I wonder if this kind of contamination shouldn't be as much of an issue as concern about open source. As far as I know, no one has gotten bitten by this.
Management wants to smooth things over. Right or wrong means very little to most of them.
A shop I used to work in wrote custom apps running on Windows. They crowed constantly about being on a "common platform" etc. They also routinely downloaded free software/GPL projects for terrain mapping and OpenGL routines, etc. and copied/pasted them into their apps. Constantly...as in all day long. They viewed OpenSource as being free for the taking.
Management had no idea. The authors of the GPL code had no idea. But the apps went out the door on time, and Management grinned.
Keep it simple, keep it stupid, keep management ignorant and happy. Use the platform of the day, the one they write about in Business 2.0, get the products done on time using pre-tested code.
Sure glad I don't work there any more.
Actually the GPL is supposed to NOT limit modification and distribution, because if the person who holds it is trying to prevent modification and distribution, then the license is invalid for them.
From the point of view of a company writing commercial software, the GPL does limit modification and distribution, because if they distribute modified GPL software they have to make sure their modifications don't include components that would force them to release their own product's source as "derived works", or else take the plunge and release their own software under the GPL. This is an additional cost and risk that LGPL and BSDL software doesn't force them to take on, because it doesn't restrict you're ability to control the distribution of other components if you distribute modified LGPL or BSDL libraries with them.
Whether or not they should do that anyway is a separate issue. I'm not saying they're right or wrong, I'm saying that if you can't understand the viewpoint of people who disagree with you you're never going to be able to effectively deal with them.
I believe it's a function of copyright law, not free software particularly, that gives you copyright power over the work you make. In other words, what you're saying is true but the underlying principle has nothing to do with the GNU Compiler Collection being free software; that same principle applies to proprietary software as well. Apple could compile their OS with a proprietary compiler with no loss in copyright power. I'd imagine that Apple developers choose GCC for the freedoms GCC gives them (NeXT modified GCC to suit their needs), GCC's excellent developers, and GCC's technical merit.
The unusual situation with Bison has been explained elsewhere in this thread and Richard Stallman addressed this issue in one of his talks. I'd be wary of embedded DRM in saved files, but I don't think most computer users have that problem to face right now.
Finally, I think you meant to say "proprietary" and not "commercial". FOSS is commercial software when it is developed as a business activity. What differentiates free software from proprietary software is that users have freedoms with free software they don't get with proprietary software.
Digital Citizen
A year and a half ago, I had a professor state matter of factly that Linux was less secure than Windows because anyone can look at the source code and find exploits.
Involuntarily, I screamed "WHAT?!" He paused and gave me a chance to speak, my response was to take the example of OpenBSD, it's Open Source too(different license, I know but that's not the point) and in the previous 8 years there had been exactly one remote exploit on a default install. Microsoft dreams of that kind of security.
He really had no response for that. What bother me though is how many times did he give that exact same speech to students who didn't know any better and just assumed that it was true because a high ranking professor had said it? So as these people leave college and become managers in IT, they'll carry the misconceptions that Professor Dvorak had placed in their heads.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
This is not to say that the GPL is perfect - there is no such thing as "perfect" in this context. You should always use the right tool for the job, if you expect to do the job well. Rather, what I am saying is that the GPL is nowhere near as hostile to business as some make out and in many cases is actually business-friendly. (More hardware companies supply drivers - closed or open - to Linux than they do for any of the *BSDs. Not because there is a problem with the BSd kernel - in some ways it is superior. Nor is it because of market-share - we're talking fractions of a percent for both types of OS in many specialist industries. It is because BSD-licensed code could improve a competitor's closed product and no vendor is so stupid as to do that.)
Both licenses are important, both have probably put some people off, both have indisputedly been seen as attractive by others. So stop dissing something you don't like merely because the other happens incidentally to be good for you. Your understanding of the whole of the industry is simply not great enough. Nobody's is. Not even mine, and I've seen and worked in more sectors of the IT profession than most. Nobody, nobody at all, has the knowledge to say that open source license XYZ has done more harm than good, because nobody at all has seen more than a pathetically insignificant number of cases. All I can do is show that the number of cases where GPL has been a primary positive factor AND where BSD licenses have probably been detrimental is non-zero and is probably not even remotely close to zero. That is enough to blow any anti-GPL argument out of the water.
Exactly the same set of arguments and methods can be used to blow out the water all anti-BSD arguments and all anti-Public Domain arguments. The other licenses probably have something similar but I can't think of any solid examples right now. I can for those three.
Frankly, bitching about licenses is probably the biggest problem with Open Source, as it makes the community look like spoiled children - and how many managers want spoiled children running their IT centers? It also helps proliferate secretive Open Source projects and helps detract from the much-needed community support that any project needs to thrive. I am sick of the trolls, the flames, the bitching and the whining whenever these issues come up. These aren't expressions of opinion - there can be no opinion without thought and the thoughtless have none.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
At the sound of LOLs and W00ts, they piss their designer suits.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
It's true I tell you, feller at work's next door neighbour read it in the paper.
In many places, especially government or large corporations, you have to beg to get Open Source Software (OSS)approved. Often, the IT and Security types see OSS as suspicious "Hackerware", so it can take forever to get approval (if at all!).
the years of fear mongering is beginning to bear fruit?
Then this is no different than any other irrational horror story; we can point blame at both the teller and believer of the story, but we're better off educating people instead. A good educational campaign would ask these managers if they believe every report they write with Microsoft Office is co-owned by Microsoft, thus giving Microsoft the power to change or override anything they say in the report. Or if their proprietary OS from Apple compels them to get Apple's approval before distributing any file they make with it. Nobody actually behaves as if these things are true so it's a very hard argument to make that anyone believes these things to be true.
The manager's "fear" is obviously irrational and their issues don't seem to translate to the real problems of uninspectable, unmodifiable, and unsharable software which they have entrusted to run their business. Perhaps handing their business over to unaccountable monopolists (as all software proprietors are) should be more disturbing to them than software they can shape to meet their needs.
Digital Citizen
The only situation when Microsoft Office documents (or ODF documents if it matters) should ever leave the computer where they are created is when someone else is supposed to modify them. This should never happen when a document crosses boundaries of organization.
Contrary to the popular belief, there indeed is no God.
Managers who think they can own your soul just because you work for them do have something to worry about in Open Source: If you get your boss to open source the project you're working on, when you quit, it walks with you.
I can attest to this. A while back I was reponsible for putting some open source software into our product. Went completely through the legit route - it was approved by my manager, VP, company lawyer, everything. (MPL/NPL code is perfectly fine in propietary code.)
Turns out later out we are considering using IBM a to be reseller. They put up the biggest stink because of the NPL/MPL code. Yes, IBM, the we-love-open-source people. Right.
Never mind that for years we accidentally linked against a GPL library and cleaned up it out of our own desire to properly support open source. We like open source and we *want* to play by the rules. Hell, we submit kernel patches!
To this did, I don't know if that deal ever went through.
And this is in a company where the CEO is educated enough about open-source to replace all the engineering desktops with Linux a few years back, and uses OpenOffice himself.
To: "Well, my IT guys implemented a working system on their own, using some software I can't pronounce and really don't understand." The latter is actually how a good manager should be acting - distribute tasks, set priorities and control execution. Not micromanaging by choosing software etc.. One can not understand everything. However, watching trends and general benchmarks of productivity can help a lot too.
...a stunned silence fell upon the hall.
SQLite does have a command-line version (if that's how you currently call your DBMS). It also has ODBC drivers (hopefully your app was written with ODBC in mind).
Science & open-source build trust from peer review. Learn systems you can trust.
Impossible, because your example is not copyrightable and the GPL can only attach to copyrighted material (if you don't have a copyright on it, you have no right to make someone agree to the GPL).
Without being exhaustive, your example is not copyrightable under US law because it is both unoriginal and dictated by externalities (i.e. the Perl syntax). If you read the SCO vs. IBM legal papers on Groklaw and find where they discuss how copyrights work, you can learn more than you probably ever wanted to know about such things
There is an issue regarding people who have been "contaminated" with having worked on GPL'd code.... even if just at a glance... and to try and make sure some of those algorithms don't make it into the propritary code base owned by the company
And the anti-GPL extreme is heard from, in a confused and misguided defense of the GPL against something I didn't say, didn't imply, and has nothing to do with the GPL!
Yuo're confusing patents and copyrights here, mate. The GPL has nothing to do with algorithms, and you can't get "contaminated" by the GPL by using algorithms you learned working on GPLed code.
I'm not talking about patented algorithms here, I'm talking about copyrighted APIs. The GPL, in a roundabout way, copyrights the *interfaces* to the code it covers. But that's as far as it goes... the GPL hasn't created some kind of magic backdoor for software patents to infect you.
Well of course you can't just change a few things, turn around and sell it. Just like others couldn't do this with their closed code anyway... It's a little hypocritical if they want to do that. They should just do a little reading, as they could certainly benefit from OSS without having to rip it off, just like many benefit from closed source software without ripping it off.
I liked Kirk McKusick's response to the question, at one Usenix, as to whether he felt "ripped off" because Microsoft was using BSD code in Windows. What he basically said was that he wished they'd ripped off more of it, because it would have made Windows a better product and an easier one for him to deal with if they had.
There's nothing in the principle of freely redistributable / free / open source (or hwhatever the trendy buzzphrase of the moment is) software that says it can't be incorporated in commercial software. Open source and open systems are far older than the GPL... there's a lot of us who were already releasing our software under far more open licenses than the yet-to-be-written GPL when Stallman went ballistic over Emacs and wrote the GNU manifesto. And we were rather bemused by the whole thing. The fact that his ideas and the GPL have become to be identified as the model for free software (that's free, with a small f, not "Free" with a capital F and all the FSF baggage) is unfortunate.