FOSS License Proliferation Adding Complexity

E5Rebel writes "Business is embracing open source like never before, but the effective demise of SCO's claims against Linux doesn't mean an end to licensing problems, an analyst warns. The debate on Slashdot seems to focus on the GPL and its virtues, but there are 1,000-plus open source licenses (according to analyst Saugatuck), and businesses face having to manage multiple licenses within a single open source product. What can be done to minimize multiple-license pain for corporate open source adopters?"

Open source has a long ways to go

Open source has a long ways to go to match the number of different closed source licenses and eulas. Amateurs....

Re:Open source has a long ways to go

"Open source has a long ways to go to match the number of different closed source licenses and eulas."

Yes, you handle Open Source license just like any other. The corporate lawyers review them just like they would otherwise with the "equivalent" closed source app in its place.

Re:Open source has a long ways to go

[Tuoqui]

You sure I thought all the closed source licenses and EULA's were cookie cutter fill in the blank ones that basically say 'We can do whatever we want and you cant sue us'.

Re:Open source has a long ways to go

[elocutio]

Yes, but the lack of perceived business maturity in open source communities gives many CIO organizations plenty of reason for pause. Just read some of the stuff in this thread for proof of that. The deal-breaker issues with FOSS, however, are really the same as for commercial-proprietary software:

* Chain of continuous support
* Legal indemnification
* Quality assurance

Most open-sourced projects don't care about supporting a release from three years ago--their position is that users should upgrade to the latest stable version. IT shops with reputations for being late adopters would crumble under the weight of this type of support cycle. It's easy to see a big opportunity for software consultants to step in and fill the void, but that will inevitably add to the cost of open source. I'm betting that in the next decade, the winner between open source and commercial software will be the one that solves the support issue in the most business-friendly manner.

My position on licensing complexity in open-sourced projects is the problem of legal indemnification. Acme, Inc. doesn't want to sue the Apache Foundation if all of their httpd processes suddenly launch SkyNet, but Acme, Inc. doesn't want to get sued, either. if the open-source adopters can't be reasonably indemnified, then quality and support issues will be moot.

Re:Open source has a long ways to go

[Elektroschock]

And the real fun is that we now get an additional load of patent indemnification licenses, see microsoft's Open Specification Promis and so on. http://www.noooxml.org/

When using them, all the licenses say the same thi

[Tyger]

Why does the large number of licenses have to be a management problem? Most the proliferation in business is the usage, not the development of open source, and a bulk of the open source licenses say you can use it however you want, it's only when you distribute it (Modified or unmodified) that you have to start worrying about exactly what is in the license.

1000+ ???

[someone1234]

I'm pretty sure there are no 1000+ OSI approved licenses.
10 OSI approved licenses probably cover 90% of all open source.

Re:1000+ ???

[Tyger]

If you count all the subtle variations (For example, BSD license with who gets credit changed) I can see it being 1000+. But that is taking a very strict definition of different FOSS licenses, and not a realistic definition that all those are basically the same thing.

Re:1000+ ???

[CastrTroy]

How many different closed source licenses are there? Probably about 1 for every application.

Re:1000+ ???

[Tyger]

Not to mention that they are all much longer than your typical open source license, and have many more land mines to worry about tripping over hidden away in the text.

Re:1000+ ???

[chaoticgeek]

We should only need one, and it can be about this long...

"Don't be a jerk, it is open source be kind and share with others."

Re:1000+ ???

[vidarh]

Probably more than that - many licenses will have changed multiple times over the lifetime of the application.

Re:1000+ ???

[Knuckles]

And they are written in caps.

Re:1000+ ???

[fsmunoz]

"This is my FOSS license. If you don't like it... well, I have others (999+, more exactly)".

(apologies to the Marx Brothers).

Re:1000+ ???

[tietokone-olmi]

They might be counting all the BSD license variants. You know, the one that, to use, you need to vary so that you change the references to the regents of the university of whatever to your name.

Which would doubtlessly suit a rag called "business week". The article is clearly written from conclusions that predated any research the journalist made, namely that "there's a fuckton of open soursay licenses" and "they're bogging down business, bettar go with proprietary instead".

Re:1000+ ???

[jhol13]

Why didn't you count?

http://opensource.org/licenses/alphabetical has 59 licenses, a couple of which are "not recommended" anymore (at least "Historical Permission Notice and Disclaimer", "SISSL" and "X.Net"). Some of them are pretty much identical to each other (near public domain), some are "version two".

So it would make around fifty different "alive and well" licenses.

Re:1000+ ???

[greed]

It's exactly the who gets credit bit that makes it a concern, at least for companies who are distributing the software.

Because for each and every one of those variations of the BSD license, you get to add an additional copyright somewhere in your product's documentation and/or other materials....

If you don't do that, you aren't complying with the BSD license, and therefore, you're in copyright violation.

With C libraries, it's not usually a big deal. It takes something pretty complicated to use enough support libraries that this becomes an issue. (Imagine Gnome in separately-copyrighted pieces.)

But the number of itty bitty Java JARs we've got flying around our front-end-GUI-things these days are a nightmare.... 6 classes in a JAR and a unique copyright message. "Apache license" without transferring copyright to Apache means another copyright line. Different years means another copyright line.

I'm not saying this is wrong, please don't take it that way. But it is something to add to the "build", "buy", or "open source" equation; even free-as-in-beer still only means free-as-in-money. There's still the time to vet the license and make sure you comply with its terms. And, maybe, we don't really NEED 6 different XML parsers in one application. Do we?

Re:1000+ ???

[PPH]

Yeah, but for all the PHBs that worry about this sort of thing, once they count past 10 fingers, it all seems like thousands.

Just use the GPL

[Nibbler999]

Easy.

Re:Just use the GPL

[Brian+Gordon]

Why does everyone love the GPL? By forcing users of the code to obey the hacker ethic, it's breaking the hacker ethic. Code is code, and it doesn't make any sense to put restrictions at all on it, even if they're just copyleft restrictions. BSD for me- it's basically public domain (the best solution IMO) but it strokes my ego by making sure my name is included in the code :)

Re:Just use the GPL

[fsmunoz]

I disagree with you in the hacker ethic part[1], although I can see your point. More importantly though is the fact that I agree with you and disagree with parent when he said "just use GPL". *I* am all for the GPL but can perfectly see why people would prefer some other license, especially a BSD/MIT/ISC one (free, non-copyleft with attribution). This "license proliferation" thing is not IMO something terrible. It can be a bit overkill, especially in the non-copyleft ones (many licenses ammount to the same with different wordings) but if people use them then clearly they have a good reason to exist. It should especially not be used as a way to promote "unification" around a single license: there are reasons for using the GPL, which I personally think are good ones, as there are reasons for using the BSD license, and that's all there is to it. Conditioning choice in the name of simplification is not the way to go at all.

[1] Pardon my laconic answer but I think that everyone is up-to-date in what regards the differences in perspective about the GPL and the BSD licenses from each "camp" :)

Re:Just use the GPL

[fsmunoz]

I disagree... there are reasons for using the GPL (and both our emails indicate that we agree with them) but people shouldn't feel "forced" to use the GPL just to simplify things. While I do think that there are many redundant licenses (especially those akin to the BSD, like the ISC or MIT licenses) the choice should be made due to finding the license fitting. Also reducing choices could actually mean reducing the ammount of free software, since it's obvious that many talented and generous developers prefer a license like the BSD one.

Re:Just use the GPL

[Kjella]

By forcing users of the code to obey the hacker ethic, it's breaking the hacker ethic.

It doesn't matter if there are a hundred hackers and one asshat, if that one asshat can basicly rip off your work and sell it most hackers would say "well better forced than not at all". Is it really that terrible to be forced to do the "right thing" and obey the hacker ethos, if that's what you think this is about? To me it goes sorta like having laws, yes nobody should steal and kill each other but I think we'll make a law about it just the same.

Those who use your code in closed source software will never know you contributed (or there's a license without any hint of what your code does pasted on page 6 of the additional credits that nobody reads). The developers think "free code, now I don't need to work". The business thinks "free profit, now we don't need pay anyone". I'm sure it strokes your ego but honestly, people will take almost anything if it's free for the taking. McDonalds would easily want to hire you for half minimum wage if they could, what does an IT company think of a developer who asks no wage at all? They love you man. They love you just like the leeches that hang around rich people, until they run out of money anyway.

Re:Just use the GPL

[einhverfr]

The benefit from the GNU GPLv2 is that it protects some business interests to a point if the project fails (i.e. if the project fails, your competitors can't proprietize it). This is a business and not a freedom need as BSD-style-license projects offer economic controls to ensure contrbution.

I believe that the GNU GPL v3 and the AGPL (both versions) both violate any basic ethics by placing undue restrictions on developers while failing to guarantee any more Freedom to the downstream user. The GNU GPL v3 forces one to only depend on code one can *relicense* under the *exact* terms of the license (read sections 6 and 7 very carefully and slowly. Pay attention to the required licensing of the Corresponding Source, provisions and definitions for removal of additional permissions, and the provisions for the removal of additional restrictions).

Therefore I cannot support the GPL v3. It is overreaching in a way that the GPL v2 was not.

Re:Just use the GPL

[einhverfr]

So? Look for opportunities to drive up the asshat's costs. You offer it for free, he charges, so he must be adding value. If he is not, then let him have the suckers......

If he is adding value, then you still have some options. The first is to look for features he includes and reimplement them in your project free. THis drops his value to $0. The second is to get the community development rolling fast enough that he is effectively forced to fork and move on or start contributing back so as not to be buried in trying to merge his changes back into the code.

Most of the large BSDL projects I have been around have a few players who do sell versions with a few new features. Most of the time, the community doesn't *want* those features, such as EnterpriseDB's Oracle compatibility stuff. PostgreSQL, of course, has such a pace of development that none of these companies actually want to maintain any more patches than they have to. Hence they contribute everything possible back.

In short, you contribute to a GPL program becaue you are required to. YOu contribute to a BSD program to drive the competition's prices up and yours down. They both achieve similar ends. Why care?

Re:Just use the GPL

[Nibbler999]

I understand that, I was just trying to kickstart the discussion. I can't believe I was modded flamebait for encouraging use of the GPL. Is this slashdot or have I slipped into a parallel universe?

Re:Just use the GPL

[fsmunoz]

I understand that, I was just trying to kickstart the discussion. I can't believe I was modded flamebait for encouraging use of the GPL. Is this slashdot or have I slipped into a parallel universe?

Ehe, understood. Actually, /. has quite a vocal crowd which is rabidly against the GPL, the FSF, GNU, etc. This tendency as increased over the years and it's easily noticable. This is more a place for "open source" than free software in some regards...

Re:Just use the GPL

[twitter]

Actually, /. has quite a vocal crowd which is rabidly against the GPL, the FSF, GNU, etc. This tendency as increased over the years and it's easily noticable.

It's called Astroturf. No one in the free or open software worlds is forcing anyone to do anything. The "fights" seen are waged by Steve Barkto types and a few who fall for it. They also like to stink the place up with harassment. Genuine discusion runs along the lines of friendly advocacy. Organizations like TrollTech have done dual licensing of their own code for a long time without exploding, so really everyone gets along just fine. Putting all of your own work under the GPL and only using GPL'd work is no real restriction, because you can find all the code you need. You can get fancier if you want, no one but M$ cares.

The whole thread is FUD. Free and Open software licenses are simpler and have lower costs than any commercial license. Problems with licenses only happen where there are restrictions and commercial licenses will always have more of those and you will always have to renew them and keep records and every vendor has their own and so on and so forth. Free software is a breath of fresh air next to that.

Re:Just use the GPL

[Brian+Gordon]

What should I care if some guy is profiting off my free work? I'm sure the BSD developers who wrote the IP stack that microsoft took would have written it anyway- what are they going to do, let microsoft develop their own crappy stack and force 90% of the world to use it?

Re:Just use the GPL

[Kjella]

You assume that the only way to make value is to actually add value. There's at least three alternatives to that, one is incorporation. They produce something already worth X$, then they add your code and can sell it for X$+Y$. You assume that just because it's free code, the combined version would be worth the sum of its parts $X+$0 but that's not true. You can add almost any amount of features to the Darwin kernel and I promise Apple will walk away with 95%+ of the profits.

The other method is to move it to a platform where BSD can't compete. It can be a TiVo box, a phone, a console or any other form for embedded device where you obviously have to offer some value to get them to buy it in the first place. But from that point on, it's a free ride where the value is "offering BSD software signed to run on platform $foo".

Another method would be that you have some exclusive content to offer, that you won't have access to using the BSD software (DMCA may apply, so there's no "implement the same features" possible). Granted that's adding value but it's also a way of making sure you can't actually use the BSD application as an alternative - the competition is dead.

I'm sure there are more sneaky ways to do this, in short someone is probably going to make money off selling the value you added, not by adding to it but by avoiding direct competition with the free implementation.

Re:Just use the GPL

[fsmunoz]

I see you were modded "Troll"... I must say I agree with you completely, /. discussions present a microcosm of antagonism that just doesn't exist in the real world. "Genuine discusion runs along the lines of friendly advocacy" indeed, that's my experience.

Can you say FUD?

[morgan_greywolf]

Yeah, I knew you could. The average Linux distribution doesn't have anything close to a 1000 licenses in it. Stop being ridiculous. There is pretty much BSD/MIT/X11, GPL, LGPL, Mozilla, Artistic, and maybe a couple of others, depending on what apps are installed.

And in the end -- so what? FOSS licenses break down into two categories: BSD-type and GPL-type. That's it. They're all pretty much the same, especially ones that conform to the Open Source Definition, so who cares?

Re:Can you say FUD?

[Ant+P.]

A quick check (ls -1 /usr/portage/licenses | wc -l) gives me 861. Not over 1000, but not exactly nowhere close either.

Re:Can you say FUD?

[xubu_caapn]

That's probably counting every license multiple times.

Re:Can you say FUD?

[LiquidFire_HK]

I wrote a quick script to find the most-used licenses (this is from Gentoo's packages, which is a fairly representative sample, with nearly 12 000 packages).

$ eix -v | grep License | awk '{print $2}' | perl -e 'while(<>){ chomp; $licenses{$_}=0 unless $licenses{$_}; $licenses{$_}++ } for (sort {$licenses{$b} <=> $licenses{$a}} keys %licenses) { print "$_ $licenses{$_}\n" }' | head
GPL-2 6710
BSD 711
as-is 579
LGPL-2.1 511
|| 428
Artistic 344
MIT 259
LGPL-2 229
public-domain 138
PHP 124

You can see the full list here. As you can see, a huge amount of the packages (85%+) use GPL or one of the other very popular licenses. "||" means multi-licensed, and most of those are Artistic/GPL. You'll notice that after the top 30 licenses, none are used in more than 10 packages. Of the 863 licenses, 729 are used in 5 or less packages, and 629 of them are used in only one package. Many of the one-ofs are fonts or closed-source licenses.

So while I agree there are many licenses, the vast majority of projects use one of the popular licenses.

Re:Can you say FUD?

[budgenator]

Who care's how many licences are in your distro, it's the distro's problem; my problem is how many licences are in my app, there is three GPL v2, BSD, and PHP, that's not unmanageable.

Do what everyone else does

[CaffeineAddict2001]

Ignore it.

Bureaucratic nonsense

[ShieldW0lf]

At some point, it will become clear that enforcing all this licensing bullshit with courts and lawyers is just a big waste of time that drains everyone dry, and they'll drop the foundational laws upon which both open and closed source licensing agreements rely.

Then the problem will go away.

I mean, it's a problem of our own making... it's like hitting yourself in the head, all you have to do is stop.

Re:Bureaucratic nonsense

[Nibbler999]

They'll drop the whole idea of copyright? I don't think so somehow.

Re:Bureaucratic nonsense

they'll drop the foundational laws upon which both open and closed source licensing agreements rely.

Both businesses and open source projects depend on copyright, even when it costs time and money to enforce it. What makes you think we would abandon a system which everyone involved relies on?

Re:Bureaucratic nonsense

[ShieldW0lf]

I think copyright will fail because it serves the interests of those in the developed nations, not the interests of the developing nations. Copyleft depends on copyright for enforcement, but it is a subversive effort to destroy the value of holding and enforcing copyrights.

Also, those developing nations who manage to self-organize without burdening themselves with responsibility to maintain and enforce the copyright scheme will be more efficient than those that take on that burden.

Also, those who do not prevent their population from having free and universal access to intellectual works will have more educated citizenry, and will see a rise in productivity as a result.

Also, those cultures who attempt to impose barriers that prevent the proliferation of their cultural views will become marginalized, while those who encourage their culture to spread will find more allies and like-mindedness from the other cultures that do the same.

Need I go on?

Re:Bureaucratic nonsense

[Anonymous+Brave+Guy]

Unfortunately, all of your arguments overlook one small detail: without copyright, there is little incentive to develop most of the works that are produced in the world.

If you're the teenager with no money or the poor folks from the third world, then the fact that you can take the fruits of someone else's labour for free when those fruits come in digital form may not feel like theft/infringement/whatever, but the bottom line is still that someone worked to produce the material and then didn't get compensated for it. Such policies are unsustainable long term in any economy in the world today: people have to have food, shelter, and the like to survive, and these things are not free. Sooner or later, globalisation says those third world economies will start to level off with everyone else, and then not having a sensible IP framework in place will start to hurt them, too.

You seem like you don't buy this theory, but consider that most of the works we value in the West today are produced in places that do have intellectual property as part of their economic framework. Those that do not, and that by your argument should be more efficient without these "burdens", are not net contributors to the world's knowledge base.

Re:Bureaucratic nonsense

[Paul+Fernhout]

Except that most really good stuff is a labor of love and has been made available for free -- ranging from the alphabet through the number zero to mathematical proofs and much web content (including Slashdot and other community sites). Consider:
    "Creativity and intrinsic interest diminish if task is done for gain"
    http://www.gnu.org/philosophy/motivation.html

Food and shelter used to be free for the taking and making -- except enclosure acts promulgated by rich and powerful people took away the commons and privatized it. (Well, population pressure changed things too, but there remain vast tracts of only sparsely occupied land.) Shortly we will be able to print things in 3D for cheap or free, just like we now can print in 2D for cheap or free.

The history of the USA is essentially the history of violation of copyrights and patents and trade secrets. The early colonies recognized not foreign copyrights and so copied all the British books for free, and all the early designs for industrial mills were taken from the British -- clandestinely as the British had instituted a death penalty for stealing mill secrets. Further ironically the British in turn had stolen technology from China -- silkworms which were illegally smuggled out in a hollow walking cane.
It is when a country becomes dominant that copyrights and patents are heavily enforced -- otherwise they generally hurt both the common person and the elite as they attempt to shut those at the edges away from productive ideas.

Are you narrowly defining "work"? Why let people claim, say, novels as totally their own even if they draw on centuries old folk tales and use an alphabet and lexicon created by a collaborative effort of generations? Why ignore the costs and risk from pollution and nuclear war hanging over the heads of everyone in the world produced overall by a related economic system based on competition and an (enforced) scarcity world view in an abundant universe? Why ignore the chilling effects and legal costs imposed on society (including imprisonment of people who share) when society receives no value back for what are now effectively indefinite copyrights? The brgain with the public -- copyright for a limited time in exchange for works returning to the public domain -- has been broken.

Your post is a great example of making information available for free. Why did you do it if not for immediate gain?

Re:Bureaucratic nonsense

[Anonymous+Brave+Guy]

Except that most really good stuff is a labor of love and has been made available for free -- ranging from the alphabet through the number zero to mathematical proofs and much web content (including Slashdot and other community sites). Consider:
"Creativity and intrinsic interest diminish if task is done for gain"
http://www.gnu.org/philosophy/motivation.html

Some really good stuff is. A fair bit of mediocre stuff is as well. I did write "most" not "all" in my previous post when talking about useful works created in places with IP frameworks.

However, things like books and software have come to be known collectively as "works" for a reason: making good ones typically does require a lot of hard work. Good books and magazines need proofreading, fact-checking, editing, and typesetting. Good software needs things like debugging, usability testing and documentation. Making a good movie needs more than special effects and a big-name leading couple.

Compare fan fiction to serious, published novels. Compare hobbyist computer games with professional titles. Compare home videos on YouTube to films from movie studios (and not just Hollywood, please). Compare FOSS developed by volunteers to software developed under the traditional, commercial model. In each case, while there are a few examples of good, volunteer-produced material, most of the best work is done on a commercial basis, and even the good volunteer stuff isn't particularly better than the good commercial stuff.

Even if you look at borderline cases, compensation plays a role. Much of the most successful FOSS is developed primarily by businesses these days, not amateur volunteers: Linux distros, MySQL, Firefox, and the list goes on. Things like peer-reviewed scientific journals have a strange economic model, but even academics, who are perhaps the most natural example of volunteers working hard to produce good material, publish partly out of enlightened self-interest: they need the reputation and recognition that will get them their next funded project. I post here primarily for personal enjoyment, and if someone finds my comments interesting or informative then that's great, but again I also come here because I find comments by others interesting or informative and in a sense I'm just doing my part to support the community as a whole.

Now, you can get into arguments about the duration of IP protection and how many advances have been made by breaking the rules, and there is some merit in those arguments, but frankly, I think they are straw men here. Most of the time, people do play by the rules, and places that have IP rules produce more useful works on balance than those who don't. And most of the time when people don't play by the rules in the West, they're just being selfish, and if everyone was as selfish as them, then everyone would lose out. This is no different to petty thieves ripping off a store because "the store can afford it", or poor drivers cutting others up because "it doesn't cause accidents", or aggressive people pushing to the front of a queue because "it's only making everyone else one person later".

number of licenses

[mattb112885]

Its no different for proprietary software, in which the number of licenses is basically equal to the number of pieces of software you have ordered.

No, just use OSI-approved licenses

[Infonaut]

They cover a broad range of licensing needs. If there are hundreds of different licenses out there, it's only because the lawyers working for the firms involved have sold these companies on the notion that they need a custom-crafted license.

Re:No, just use OSI-approved licenses

[Nibbler999]

There's about 60, which is still too many to try to interoperate.

Re:No, just use OSI-approved licenses

[Antique+Geekmeister]

Oh, it's not just corporate needs. Take a look at Dan Bernstein's licenses, or confusing COPYRIGHT based lack thereof. The source is open, but you can't fork it, you can't repackage it in a way he doesn't like, and you can't call it the same name if you modify it in a way he doesn't like.

Bernstein's work is often brilliant, but it's seriously hindered by his inability to play nice with existing standards. This includes his weird kind-of-sort-of-not-really software licensing.

Cry me a fucking river.

[Seumas]

Oh, boo hoo! Free stuff is hard!

What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?

I understand there is potential for occasional confusion, but that is also simply the product of selfish archaic businesses. People who aren't so much confused by open-source licenses or hurt by them as they are interested in exploiting and infringing on them. Claiming that the reason they are either failing to embrace open source or excusing their willful infringement on it as the fault of the licenses and throwing their hands up like Barbie confronted with a math problem.

Re:Cry me a fucking river.

[DogDude]

What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?

Oh, nice FUD. It's more like, if you're serious about following the letter of the law, hiring a lawyer to read and interpret, or buying something off-the-shelf that you know is *not* licensed for you to use/re-package, blah, blah, blah. If you're developing software, then you DO have to know how all of the bits and pieces you use work together from a legal standpoint, otherwise there will be a horde of OSS fanboys down your throat trying to tear apart your company at the slightest perceived infringement.

Re:Cry me a fucking river.

[Seumas]

Because corporations are so hesitant to jump down everyone else's throat trying to tear you apart at the slightest suggested infringement of their proprietary materials. So it's okay for other people to be confronted with thousand page EULAs and restrictions, but not for a corporation to. Meh.

Re:Cry me a fucking river.

[Metzli]

You mean like the horde of folks who were discussing VMware 10 days ago?

http://linux.slashdot.org/article.pl?sid=07/08/14/ 1618241

Re:Cry me a fucking river.

[DogDude]

Exactly. To say, "eh, they're all the same, just share" is complete and utter bullshit. There absolutely is a cost involved to analyzing all of these different licensing agreements.

Re:Cry me a fucking river.

[tholomyes]

I think the point is that the myriad of licensing makes open source adoption by the enterprise more difficult. This also dampens subsequent contribution-- a lot of open source contributors are programmers for corporations of one sort or another.

Re:Cry me a fucking river.

[ClosedSource]

"What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?"

It depends, but I think the proprietary option is better more often than you might imagine. It seems a lot of software patterns are used to enable globbing a lot of inappropriate software together into an application that is 90% unused bloat and 10% core functionality.

Re:Cry me a fucking river.

[Chandon+Seldon]

There are two completely separate cases:

Using Software

With Free Software, this is always allowed. No problem.

With Proprietary software, this can be pretty complicated. Each piece of software has its own license with its own requirements, be it per-user licensing, per-seat licensing, per-CPU licensing, per-year licensing. Better hire a dedicated lawyer to make sure you have all your licenses lined up right.

Modifying/Redistributing Software

With Free Software, this can be pretty complicated. There are a number of licenses - some of which are incompatible with each other. You'll probably want to put some effort into license tracking, or even hire a lawyer if your situation is especially complicated.

With Proprietary software, this is always prohibited. No problem. (unless you screw up somehow, then you're liable for millions in damages.)

Re:Cry me a fucking river.

[Sam+Nitzberg]

I agree...

But also worth mentioning is that the software is "free" with a stipulation - usually that you follow the license for distribution (or other specified) rights. That's the "cost."

For most organizations, I think that once the decision to use open-source software that meets their needs and mission is made, they can do it without too much difficulty.

If there is a direct conflict between a corporation's desire in the manner to use the open-source software and the license, then maybe that "free" software isn't appropriate to that firms use. The license is part of the deal.

Regards,

Sam

Re:Cry me a fucking river.

[einhverfr]

There are two completely separate cases:

Using Software

With Free Software, this is always allowed. No problem.

As long as you remain in good standing with the license and don't sue people under patents, the following seems to be correct.

But under the Apache License 2, you could lose patent rights required to use the software if you initiate such a lawsuit. Under the GPL v3, you could lose such patent rights for any license violation.

IANAL, but this is just my basic reading of the license.

Otherwise, I agree with your points.

Re:Cry me a fucking river.

[Ajehals]

IANAL either but I was under the impression (and I think I am right) that both of those issues could only arise if you are distributing the software in question.

That would be in line with the GP's statements that if you distribute you may need to get some legal advice, although realistically from what I have seen regards the GPL V2/V3 the language is clear enough that the you wont need to unless you want to push the boundaries or make use of a perceived loophole.

Re:Cry me a fucking river.

[einhverfr]

Not necessarily. Consider:

You use Apache internally. Apache is covered by patents from tech companies X, Y, and Z.

At some point, you discover that Apache arguably violates another of your patents. You don't like this and you ask the Apache Foundation to remove the offending code. Apache Foundation refuses.

You sue the Apache Foundation. This gets publicized, as is the fact that your public web server runs Apache.

Companies X, Y, and Z sue you for *using* Apache in violation of their patents.

IANAL, but I believe that patent rights include the right to regulate *use* of the patent.

Re:Cry me a fucking river.

[Chandon+Seldon]

But under the Apache License 2, you could lose patent rights required to use the software if you initiate such a lawsuit. Under the GPL v3, you could lose such patent rights for any license violation.

You can always get screwed by software patents. If you use *any* software, someone could always come out of the blue and tell you to stop because they have a patent. If anything, licenses like the Apache License 2 and the GPLv3 are *better* than the normal case - because they usually provide you protection from some patents.

As with anything patent related, initiating a patent suit needs to be considered very carefully. Losing a couple patent licenses isn't the only risk there - I'd be much more worried about retaliatory patent suits. If you're messing with patents, you should have a good patent lawyer or four reading every software license (and every contract) that applies to you beforehand rather than assuming that some Slashdot post has summarized your legal obligations in a few words.

Re:Cry me a fucking river.

[einhverfr]

Agreed with your points. Just noting that the restrictions on use are not entirely gone with all OSS licenses.

Re:Cry me a fucking river.

[Ajehals]

Not quite, again IANAL but it appears that you are confusing patent pools (where a group of organisations pool their patents as a sort of deterrent, the intention being to produce a patent version of Mutually assured destruction. The part of the Apache license that you seem to be talking about is this one:

Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.

As you can see this part of the license deals with patents, first off it ensures that you as a recipient of the software can do whatever you wish regardless of patents. Later it states that if you instigate litigation " alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement" then the patent license granted here is no longer in effect.

Basically it means that if you sue claiming that your patented concepts are included in a project licensed under the Apache License then you may no longer use or distribute that software IF (and only IF) it contains patented works. It doesn't mean that you give up your patents or your legal claim, nor does it mean you will get sued in return (unless you continue to distribute the software AND it includes patented works.)

Note that this is even more meaningless if you are operating in an area where software patents do not apply (you could sue someone in the US for infringement of a patent but ignore the consequences.

Re:Cry me a fucking river.

[Seumas]

I certainly wouldn't suggest that every open source license is extremely clear and simple, but you're going to be putting those lawyers to work either protecting your own developed content or to understanding your incorporated opensource items.

My point, which I feel may have been lost unfortunately, is that much of the whining and complaining isn't legitimate. There are a lot of companies which have no interest in adhering to OSS licenses in the first place and rather than bother complying, it serves them to just cry about how terribly tough it is. Kind of like throwing a tantrum.

The company I work for has managed to open source two of their flagship products (among many other things) and incorporates a lot of external opensource content itself. They don't seem to have a problem complying and understanding. Sure, they may have to pay particular attention to understanding the licenses as they apply to myriad of particular uses and applciations, but is that really a horrible price to pay for something that is essentially free?

It seems that a lot of companies are jumping on the "it's too *hard*!" bandwagon line a pissy little teenager. They want the content, but not the responsibility, so let's just piss and moan about how we can't just do anything we want with someone else's work from the community.

Besides, I don't have a legal team employed behind me and they expect me to read the unbelievably long EULAs.

And of course, none of this is to suggest that simplifying licenses where reasonable and possible isn't a good idea. But that should be done for its own sake and not because a chunk of commercial America is claiming it's too hard to keep up with the legalese.

Re:Cry me a fucking river.

[Seumas]

Yes, but the code itself is free.

We're not talking about someone's grandmother who is completely baffled by an extensive EULA or TOS. We're talking about corporations and commercial enterprises who are largely looking to incorporate community open source materials into their own services or products without doing the work themselves.

While it is in the interest of OSS evangelism to simplify licenses anyway, I do not buy that these companies are so incredibly hindered by the legalese in these licenses. What they really want is to have their cake (free software development already done for them by the community) and to eat it, too (not have to share, remain closed source with OSS materials, etc).

Companies that are sincerely interested have already made the effort and don't seem to be having a problem understanding and complying. I won't paint everyone with the same broad stroke, but I'm absolutely positive that the majority whining about it are doing so for ulterior reasons.

Re:Cry me a fucking river.

[DrBoumBoum]

Pardon my simple question, and I know I could find the answer by carefully reading the GPL FAQ, but still I've never been able to fully understand this one: if I'm a big company and I include some OSS (e.g., MySQL) into a new product I develop and sell to other companies, am I using the OSS or redistributing it, or something else ?

In fact MySQL might not be the best example since it's multi-licenced, let's say some GPL database system.

In other words, does the difference between GPL and BSD only apply when I try to develop a new RDBMS (i.e., distribute modified code), or even when I want to include it, without modification, into an unrelated commercial product ?

Re:Cry me a fucking river.

[Chandon+Seldon]

"Use" is when you, personally, use the program. "Redistribution" is when you give a copy to someone else. If you include a program in some sort of larger bundle, and give a copy of that bundle to someone else, that's till redistributing the program.

Re:Cry me a fucking river.

[DrBoumBoum]

Ok, so am I supposed to give to the customer only the source code of the OSS I included, or does my whole project become automatically GPLed and I should disclose the whole source code ?

Re:Cry me a fucking river.

[Chandon+Seldon]

If you are going to be distributing *any* third party software, you're supposed to carefully read the licenses for all the software involved and understand what they mean in relation to your situation. If you are having trouble understanding the licenses, you probably need legal advice - that comes from a lawyer rather than a Slashdot post.

The specific case of GPLed RDBMS software is especially complicated. Is the interface library GPLed? Is your program linked to those libraries? If you're not sure, you probably want to contact the maintainer of the GPLed project and ask them how your usage interacts with their license.

One out of control ball of momentum!!

One out of control ball of momentum! Oh, wait, that's just Cmd Taco's poop leaking again. We love you Taco!

Strawman

[fishthegeek]

Check out Microsofts License-o-rama! If Microsoft as a corporation can't stick to even a few licenses what on earth makes anyone think that thousands of FLOSS programmers will share enough commonality among them that they would be willing to use fewer licenses.

Microsofts licensing site doesn't even address the individual EULA's for products. Each MS product has a license that is nearly always unique to that product. So I say let those that do the work decide on how they would like or not like to share it.

Re:Strawman

[einhverfr]

The problem is that many of the FOSS licenses purport to extend the terms of those licenses to any software that interacts in a close manner (such as linking). IANAL, but this standard seems really suspect to me (it would mean that Microsoft could release a new version of Windows and declare that no open source software could be developed for it).

Again, when you are in business, it doesn't matter whether the FSF is wrong or not. You follow their terms even if you believe that they have no case because it isn't worth going to court over.

Hence we have the GPL v3. The license so complex it will probably take years for your lawyer to understand it in full.

Re:Strawman

[Blakey+Rat]

Ah, the standard Slashdot reply:

"Well, Linux might be bad, but Microsoft is worse!!!"

Re:Strawman

[fishthegeek]

That isn't what I'm saying. I'm saying that the number of FOSS licenses is not something that exists in a vacuum, and when you look at the larger picture (what software company is larger than MS?) there is little if any difference between Floss and Proprietary software if all you look at is the number of licenses out there. Gheesh. Feeling a little defensive aren't you?

Re:Strawman

MS *is* worse! On top of all those agreement schemes there's the individual product licenses. But wait, are they per server or per CPU? And CALs for said products. But do the product CALs use a "concurrent user" scheme or a "named user" scheme? MS licensing is a bloody nightmare, especially for their server products.

Re:Strawman

don't worry about open sources fuck ups. just look to microsoft to feel good about our failings.
 
man, the oss mantra is getting old.

Re:Strawman

no, that is what you're saying. if anything you're the strawman. it's pathetic.
 
as far as feeling defensive? that's all you can do is get defensive but always pointing to microsoft. who the fuck are you trying to kid?

Re:Strawman

Ok fanboy. You win I'll write M$ and write Linux Rulz! in my sig. You are what 15? Maybe not, but I strongly suspect your maturity level is there. First, strawman refers to a fallacious argument.... such as FLOSS has too many licenses, FLOSS has as many licenses as it needs just like M$ (happy now) does. I state that "let those who do the work decide" and suddenly you think I'm bashing M$ (still happy?). Wow, let us not compare and contrast any company to FLOSS for fear of the fanboys getting irate. Wooops. I forgot to curse in my post too. Fuck. Shit. Damn. There, now we are equals because I posted AC too.

Re:Strawman

[julesh]

The problem is that many of the FOSS licenses purport to extend the terms of those licenses to any software that interacts in a close manner (such as linking). IANAL, but this standard seems really suspect to me (it would mean that Microsoft could release a new version of Windows and declare that no open source software could be developed for it).

It's quite plausible, legally speaking. When you link against a library (even dynamically), parts of that library are copied into your program. This means that the compiled program (probably) becomes a derivitive work, legally speaking, and you will need permission of the copyright holder.

Microsoft could, plausibly, release a new API for Windows and stipulate in its copyright any terms they want for distributing programs that are linked against it.

Note that none of this, however, prevents distribution in source form so that the end user can perform the linking.

Re:Strawman

[julesh]

Not to mention FUD, too.

If these licenses meet the requirements of the open source definition, then you can use the programs however you like. You might have to worry a little more about distribution, but that's only an issue for a small minority of companies.

License Inheritance

[Floritard]

Why not take a note from actual software development and give licenses an inheritance hierarchy? I've always thought it was stupid that EULAs aren't standardized to a certain extent. If everyone knew a general EULA quite well, then companies could just state where their EULA differs from this common-knowledge EULA, instead of blindly clicking ok, consequences be damned. Same process could be applied to middleware licenses. One could even develope a license format whereby you could compile the various licenses among your project's components into one final license with most of its redundancy (hopefully) trimmed out. Of course, legalese was pretty much developed to obscure any such process and its strength is in its (evil) complexity. What a mess.

Re:License Inheritance

[nuzak]

> Why not take a note from actual software development and give licenses an inheritance hierarchy?

The lesson of software development is that people reinvent things rather than use base classes that don't entirely meet their needs.

I bet a few dozen of those licenses are just BSD 3-clause with the name of the copyright holder changed. And besides, licensing commercial software for redistribution is even more fraught with peril. No one is educated or swayed by this filler piece of an article. Licenses are hard. Deal.

copying is copying

[Crispy+Critters]

How often does a business need only a single copy of a piece of software? Copying inside the business is still copying and requires a license.

Heck, even copying from the hd to ram to run the code counts as copying (note that this copying is allowed by US law if the copy on the drive is legal, but not otherwise).

Re:copying is copying

[Wesley+Felter]

But all open source licenses allow unlimited copying, so this is not a problem.

Re:copying is copying

[Ohreally_factor]

Wrong: Internal distribution is fine and doesn't really count as distribution regarding the GPL.

This article is semi-FUD, anyway. FTFA:

Business users of open source software should review their Open Source licensing agreements, audit their use of Open Source and create formal policies for managing source code, especially mixed-source code. Which a business that is distributing code is doing anyway, via their legal department, outside counsel, and/or consultants.

This issue has been highlighted in some open source discussion forums, but it is largely being ignored by IT and business leaders. Because the licenses are generally human readable by IT leaders, and business leaders have lawyers to handle that.

The general attitude in the OSS world that I'm picking up is that license proliferation is not a major problem. Choice is supposed to be good, no? Find the license that best satisfies your needs, or write your own. The two camps that seem to have the most concern about too many licenses are the FUD-spinners trying to damage OSS or the Free-bies that are trying to steer everyone towards GPL 3 and FSF hegemony. (Yes, I'm a bit biased.)

Re:copying is copying

[Kjella]

As far as I know, pretty much all open source licenses obligate you only to your recipients. For example, the GPL says you must give those who get the binary the source - nobody else. Sure you might copy the software but all the copies legally belong to the business, so you're sitting on both sides of the table. And if that was a problem there'd be no problem to make a little legal handwaving to make a legally separate entity do all the reproduction, while the real company only uses it.

Re:copying is copying

[trifish]

The two camps that seem to have the most concern about too many licenses are the FUD-spinners trying to damage OSS or the Free-bies that are trying to steer everyone towards GPL 3 and FSF hegemony. (Yes, I'm a bit biased.)

If I had mod points, I'd mod you up.

Re:copying is copying

[harlows_monkeys]

Wrong: Internal distribution is fine and doesn't really count as distribution regarding the GPL

I don't think the person you are responding to was talking about any particular license. Internal distribution most certainly IS copying, and does require permission from the copyright owner. This is well settled in case law. GPL is widely believed to grant that permission to things that are under it.

Re:copying is copying

[Ohreally_factor]

Well, I figured he was responding to the original post, which mentioned that "the bulk of OSS licenses" don't consider internal distribution to be distribution. However, if I am wrong, I stand corrected.

Re:copying is copying

[einhverfr]

As far as I know, pretty much all open source licenses obligate you only to your recipients. Exactly write. Almost every one of them with only a few exceptions. Heck, I am not even going to include the AGPL because this only places restriction on modification, not obligation to users (hence blocking out requests for source, or using a proxy of some sort to send different code seems within the confines of the license).

The only real exception I can think of is Larry Rosen's OSL, which defines distribution to include external deployment (i.e. making available for use by external users).

So this means every license needs to be read, but that one need only look for problems, not track all possible interactions.

Re:copying is copying

Exactly write is not exactly right.

Re:copying is copying

[watchingeyes]

See that....that's the point flying 15 feet over your head.

Pretty much every single open source license allows unlimited usage and copying, even to third parties. I'm not aware of a single one that limits this. I'm also not aware of a single one that places restrictions on copying modified versions internally.

Unless there's one I'm missing, the only limits any open source license places on a licensee is when they create derivative works, and then distribute said works to third parties.

Re:copying is copying

[Tawnos]

There is a third group that has a huge concern about licenses: any business that sees a library of potential use to the company, but cannot disclose their source code. The "viral clause" within the GPL means every single piece of OSS that will be used needs a thorough vetting by the legal department.

With a purchased piece of software, this is much less of a problem because when something is purchased for use in programming, there is a reasonable legal expectation to be able to integrate the purchased product. You aren't expected to be required to turn over your source code to the selling party in exchange for using their program. As a result, GPL is business incompatible, and only BSD/LGPL code can be used. Moreover, each needs its own license attached, and each must be inspected to insure no unexpected clauses were added in... fortunately, this is easier with BSD than LGPL.

Thus, the third party is that which sees the benefit and a use for some open components (doesn't want to spread FUD), but cannot abide by the "use our code, open up yours" mentality.

Re:copying is copying

[slash.duncan]

Well, FLOSS programmers and businesses have issues with license proliferation, too. What happens if they want to use two libraries in their product, under two incompatible licenses?

As for code under the GPL and similar freedomware licenses, as with code under other pay-to-incorporate-into-your-product licenses, it simply comes with a license allowing you to do so under pre-set terms as long as you agree with them. If you don't, there's nothing stopping you from contacting the developers and negotiating other terms satisfactory to both parties. While pay-money-to-incorporate software developers choose to ask for money in their preset agreements, return-your-code-to-incorporate software developers ask for that instead. In both cases, if you don't like the terms, contact the developers and negotiate different terms. In both cases if you can't come to an agreement, well then, you use something else or code your own. It's that simple, and there's nothing other than the form of preset agreement separating the two types of software developers or their software.

In fact, far from business incompatible, there are a number of very successful companies using the GPL as at least one of their preset licenses. Trolltech is one such company that has chosen to incorporate BOTH types of preset license, giving developers wishing to incorporate their software a LOT of flexibility. Those who are planning to make their code free already can choose the GPL version and GPL their own code. Those who prefer to lockup their code instead of sharing it for the betterment of humankind, can choose the preset pay-money license instead of paying their code back. Great! That allows Trolltech to continue development for continued incorporation by BOTH those who release their code to the common betterment of humanity and those that prefer to lockup their code, and Trolltech is a thriving business as a result of this. Again, as with any other code shipped prelicensed, if you don't like the terms of either preset license, you are free to contact them and negotiate other terms of mutual satisfaction to both parties. Again, if such negotiation fails to produce satisfactory results, you remain as free as ever to look elsewhere or develop replacement code yourself.

So there's no problem either way. You either except the preset terms, or you contact the developers to negotiate other terms or look elsewhere. As with any other deal, if one party can't abide the terms, they simply negotiate other terms or look elsewhere. No third party left out on their own, any more than any other party who can't abide the preset terms and can't negotiate other satisfactory terms.

Duncan

The un-problem

[MisterBad]

The vast majority of businesses will never trigger _any_ of the provisions of the licenses for their Open Source software because they will not publicly re-distribute the software in verbatim or modified form.

For those businesses that do, it is highly unlikely that they'll deal with more than the GPL or BSD licenses. Other licenses are important only for a single package or cluster of packages (e.g. the MPL, the Artistic License, or the Apache license), and companies that deal with these packages tend to be specialists in that area.

This just really isn't a practical problem for most businesses. It's an issue that software aggregators like distros or SourceForge need to deal with, but not your normal everyday business.

Re:The un-problem

[The_Wilschon]

Hey, aren't you the fellow who wrote the (net http) module for guile? Do you still have that code? If so, I'll give you an email address if you don't mind sending it to me.

Do not distribute.But use is free!

[leuk_he]

If you use open source software, and not redistribute it you can mostly ignore the open source license. You can use it on as many computers as you like with many strange license combinations. For closed commercial software you have to track all the licenses, for open source you do not have to track the number of uses.

The real question begins if you want to distribute a packet of open source software and want to know if they are license compatible. ANd the real trouble starts if you want to use a loophole of some license to sell it bundled it together with your own commercial software.

Re:Do not distribute.But use is free!

[also-rr]

Excellent point... especially when you consider that if you *are* distributing it will pass through your commercial department.

I have been doing commercial work lately on over 100 contracts, each with unique terms and conditions. Even if we had projects running that used every single OSS license out there it wouldn't tax us to an unreasonable level. That is kind of what specialists are for... businesses pay programmers to programme, and the commercial department to read contracts.

The best bit is that unlike technical issues your PHB probably appreciates the importance of contracts! I can't think of a single director (even the engineering directors) where I work who couldn't assimilate the GPL in five minutes or less - and the GPL is one of the more complex licenses. They deal with stuff far more weird than this every day.

All you need is to know how to state the benefits in their language. My humble effort is here - and I would welcome additions.

Re:Do not distribute.But use is free!

[Duncan3]

Exactly.

If you use open source software, then you have no issues of any kind. If you are a company writing/selling software, treat other people's open source like nuclear waste, and have your users download the prerequisites themselves.

This is so very simple that we need at least 1000 more open source licenses, otherwise people will see how easy it is, and stop hiring lawyers.

Re:Do not distribute.But use is free!

[bit01]

[deleted] If you want to distribute a packet of any software and want to know if they are license compatible. ANd the real trouble starts if you want to use a loophole of some license to sell it bundled it together with your own commercial software.

You shouldn't apply arguments specifically to open source software that apply equally to any software. This entire /. story is misdirected and should be titled "License Proliferation Adding Complexity."

Many commercial software astroturfers frequently propagate OSS FUD while dishonestly pretending the FUD doesn't apply equally, if not more so, to closed source software. Closed software licenses frequently place arbitrary restrictions on software use and there are thousands of different versions. Open source software licenses aren't perfect but they are much better than the average closed source license for most applications.

---

Open source software is everything that closed source software is. Plus the source is available.

Re:Do not distribute.But use is free!

[einhverfr]

businesses pay programmers to programme, and the commercial department to read contracts. And in the case of the GPL v3, they have no clue what it means.... Seriously, there are some really nasty easily overlooked clauses in that license. See my latest journal entry for more info.

Re:Do not distribute.But use is free!

[ArsonSmith]

Did you know that just by being alive, jews turn precious oxygen into carbon-dioxide?

Yea, I'm not kidding. You know that stuff that causes global warming!!

Obviously jews are the problem

Re:who gives a fuck?

You are confused. I think you meant Apple "loyalists"

If you write software...

[jessecurry]

If you write software that you want to be paid for, release it under a for pay license.
If you write software that you don't want to be paid for, release it under a completely free license... maybe even anonymously.

If all software was released this way then there wouldn't need to be any odd licensing in a software package... everything is either free or for-pay.

Re:If you write software...

[antiNeo2000]

You're oversimplifying things. Some free software is gratis (free of charge), some is libre (free to modify), some is both, some allows commercial distribution, some doesn't, and the list goes on. Since people own the copyright, people are allowed to write their own software licenses, no matter how weird they might be. Some projects need to be commercially viable in order to be accepted as standards (X.Org and the X11 license), while others would rather be shielded from commercial abuse (GNU and friends). Diversity in software licenses, even if it might be a bit confusing, is a lot better than the alternative.

Re:If you write software...

[Chandon+Seldon]

You seem to think this is a simple issue. It isn't.

The question of software licensing has been complex and even controversial for decades. That apparently seems silly to you. That might even be a valid conclusion, but you're going to need a much more extensive understanding of the topic before you can convince anyone to agree.

If you're actually interested in understanding the topic so you can discuss it intelligently, I suggest actually reading / watching the following (completely):

• The Wikipedia Article on EULAs
• Eben Moglen on the GPL and Copyright

Re:If you write software...

[tepples]

If you write software that you want to be paid for, release it under a for pay license. Free Software Foundation does exactly this with the GNU licenses. But in the case, the "pay" is not in money but in a reciprocal commitment to distribute source code along with binaries.

Re:If you write software...

[Ohreally_factor]

If you write software that you want to be paid for, release it under a for pay license.
If you write software that you don't want to be paid for, release it under a completely free license... maybe even anonymously. I think you are too narrowly defining "pay" as a money only proposition. Under GPL 2, the payment for redistribution is payment in kind. That is, you use, modify, and distribute someone's GPLed code, you pay them by releasing your changes. Tit for tat, and that Finnish freak would say. It's really a nice balance, because in order to get the code you have to give up the code. Reciprocity, baby.

That's the beauty of the GPL 2. It offers the guarantee of a (non-monetary) reward to the developer, and perhaps more importantly, enriches the community and the world as a whole. BSD offers no such guarantee. Nothing wrong with that, but not everyone is satisfied with that.

Re:If you write software...

[jessecurry]

That's the problem with the GNU license that will prevent it from being used in most corporate software. If I write a program that does something simple... say allows Apple Mail to access an exchange server via the OWA interface, I could proceed in two ways:
1) Spend the time to view TCP Dumps, analyze the protocol, write my own implementation, then incorporate that implementation into my plugin.
-OR-
2) I could grab one of hundreds of open source implementations of the protocol and just write the plugin
The problem is that once I use any GPL code I am bound by the restrictions of the GPL. If I were to distribute the software to employees of the company I am required to distribute(or at least make available) the source code. This poses a real problem to corporations. In my example the only problems might be some server names or a domain name that were in the code, and those could be removed, but imagine if the code implemented a proprietary protocol and only used some GPL code to connect to an NTP server?
Releasing code as open source is great, but if you're going to do it why not just let it be completely free? Exploitation? If someone can take code that is completely free and turn it into a closed commercial product then that product must satisfy a need that's not being met by the open source community. There may be times that code is used without credit being given, but I think that there would be much more development if people using the code didn't have to worry about how the open source code was going to affect their future prospects for sale.

Re:If you write software...

[fsmunoz]

Well, what you describe as a "problem" is really the intended goal... I understand your analysis but this discussion always ends up being the same. You don't see a problem with having your code used in proprietary applications, and that's great and all, but even it it surprises you other people do have a problem and use the GPL to guarantee a certain outcome. Corporations and individuals are more than free to not use the code in question if they don't think that they can follow the license or simply dislike it.

As for the commercial application of the GPL... well, I've seen more software released under the GPL from corporations than under a BSDish (free, non-copyleft with attribution) or PD license (free, non-copyleft, non-attribution) - especially applications that were closed... nowadays most major players not only have a good understanding of what the GPL means, they know how to either make money out of it or contribute to it. This was maybe a problem years ago, but not today, or at least not to the same extent. When it *is* a problem to someone generally it's exactely because that inconvenience was intended as part of the goal of using the license (like, say, someone being prevented from using a BSD license because they find the attribution clause "restrictive of their rights"... their inconvenience would be a direct result of one intended goal of the license).

Mind you, I've nothing against the BSD/MIT/ISC/PD/Apache/whatever license. I can understand why people would chose it, I just don't think the same way and have little concern about the intended inconveniences it may cause since they are part of the reason I prefer the GPL (exception here would be licensing some personal code under a BSD license to allow its use in a BSD OS, like in driver development).

How about commercial?

[GrEp]

How about commercial licences? At least with FOSS you have a few major ones. With commercial every one is unique and usually much more complicated.

Re:How about commercial?

[julesh]

How about commercial licences? At least with FOSS you have a few major ones. With commercial every one is unique and usually much more complicated.

Yes, however most people using commercial software install far fewer packages than a typical Linux installation contains. For example, a quick check suggests I have a total of 92 independent packages installed on my Windows machine, whereas I have 644 on my Linux machine.

Best answer? think first

[CodeShark]

I personally will almost exclusively stick to the four major OS licenses: the GPL (any version), Apache, Mozilla, and (though purists may disagree) the BSD. My experience has been that a developer generally doesn't have to blend -- most of the web-related work I do is related to Apache, therefore that fits for the C++ development. Most of the web work is in one of the GPL'd languages (Perl, Python, PHP, or Ruby), etc.

Does this fit for most others? I don't know.

Re:Best answer? think first

Perl, Python and Ruby are not released under the GPL.

Re:Best answer? think first

[CodeShark]

No but vast amounts of the code libraries which you see out there for those languages HAVE been released under the GPL. For example

• li>in the CPAN FAQ: "Most, though not all, modules on CPAN are licensed under the GNU Public License (GPL)..."
• The PEAR repository for PHP states: herefore "with this announcement the license choices are [for future modules] reduced to the following short list: {PHP,Apache,LGPL, BSD style,MIT}but I do know that the GPL exists was used for a number of Pear modules

. BTW Ruby was not any of the above which surprised me, so I will have to subtract that from my original post, and I am going to add the MIT license to my list. I wasn't familiar with it until today.

Re:Best answer? think first

[chromatic]

Most of the web work is in one of the GPL'd languages (Perl, Python, PHP, or Ruby), etc.

Python and PHP have their own licenses. Perl is dual Artistic and GPL. Ruby is dual GPL and... something custom.

Re:Best answer? think first

[coryking]

in the CPAN FAQ: "Most, though not all, modules on CPAN are licensed under the GNU Public License (GPL)..." Not the ones people actually use. The first thing I check before using a CPAN library is what it's license. Almost all are dual, like perl itself. If it is GPL only, I avoid like the plague.

GPL'ing libraries used by "high level" languages like Perl, PHP or Python should be punishable by death. What a cruel joke.

And before I get a snippy retort about "if you dont like it, dont use it", guess what, I dont contribute to any GPL projects. I'll use a GPL product only if I'm 100% sure I'll never need to touch the source code. If there is any chance I might want to tweak the code, it is BSD or the like.

"You are a leech" you might say. Yeah, well, guess which projects get any patches or improvements I might make? Hint: it ain't GPL projects. GPL'd software is about as useful as closed-source alternatives, only usually of much lower quality.

Re:Best answer? think first

The MIT license plays with others about as well as the BSD license so I don't worry about that one either. If I'm casting about for software to solve a problem and it has the I'm-whinging-about-other-licenses-so-I-made-own License (I'm looking at you Bernstein...) then I'm likely to avoid it. I don't even care for the Artistic License that much. It isn't that I find the terms onerous it's that I find them difficult to properly understand. Such licenses are likely okay for end-user use but I don't want to have to worry about it. Projects that use the major licenses you mention are well understood in both theory and practice. I can be pretty sure that nothing is going to come and bite me in the ass later. Most importantly, I can use the binaries from my distro of choice with some confidence.

Simplicity itself

Obviously they should stick with Shared Source.

You can't hook things together...

It matters because then people have trouble hooking things together in a useful manner. You know, actually *using* that other code.

Which should make things interesting with the Microsoft licenses submitted to OSI which are all GPL-incompatible. Then, I'm sure we could just make new GPL-compatible versions in addition to those.

Also, I like how they get their name attached to a whole set of licenses. Perhaps Sun, IBM, Apple, etc. should have license sets named after them? Could be a great new source of revenue for OSI...

Re:You can't hook things together...

[jhantin]

See the flamewar on the OSI mailing lists; all the above concerns and more have been aired.

No, seriously... large complex component-based software system + GPL = instant holy wars, because the line where one work ends and another begins is no longer clear.

"Dammit Jim, I'm an engineer, not an attorney!", but it seems to me that in practice, the GPL's process-boundary condition becomes little more than a performance issue because you have to use message passing over some kind of communications link instead of loading in-process. For additional flavor, release the "client side" of the message passing bits under the AFL or similar, and the "server side" obligingly under the GPL.

Re:You can't hook things together...

[einhverfr]

See the flamewar on the OSI mailing lists; all the above concerns and more have been aired.

No, seriously... large complex component-based software system + GPL = instant holy wars, because the line where one work ends and another begins is no longer clear.

"Dammit Jim, I'm an engineer, not an attorney!", but it seems to me that in practice, the GPL's process-boundary condition becomes little more than a performance issue because you have to use message passing over some kind of communications link instead of loading in-process. For additional flavor, release the "client side" of the message passing bits under the AFL or similar, and the "server side" obligingly under the GPL.

Allow me to summarize the OSI license-discuss flamewars (leaving out the "only my opinion is on topic here" sort of posts).

Some have pointed out that derivative works can't mean what the FSF says they mean because if it didn, every piece of software would be derivative of the OS. THey argue in line with the Eclipse Foundation's FAQ that derivative works as defined in US law require the inclusion of creative (not merely practical) content and therefore merely including a header file is probably not sufficient to argue derivation. They point to legal analysis like http://www.usfca.edu/law/determann/softwarecombina tions060403.pdf for backing.

Others argue that this would render copyleft licenses unenforceable and this would be politically incorrect. They point to legal analysis like the FSF's licensing FAQ for backing.

Re:You can't hook things together...

[10101001+10101001]

I think the discussion was more along the lines of "what if I have 20% GPL code, 50% AFL code, and 30% our code?" There wouldn't be any actual problems if US copyright was reasonable. Instead, making additional copies of something for the same "person" (be that an individual, family, or company) is legally dubious. While fair use makes it difficult to prosecute an individual or family for personal use, companies engaging in any commerce at advantage from the use of copyrighted works likely fall outside of fair use (and more importantly, companies tend to have more money to sue over). That means that distribution inside a company is likely treated the same as distribution outside a company. So, one has to reach license compatability between all code or risk being sued.

Of course, the same issue effectively comes up with *all* code that's included into a project; but, most proprietary libraries that one buys are written in a very "generous" fashion, allowing the mixing of almost any kind of code. And while there's almost certainly room for at least some GPL/AFL/etc projects to be contacted to allow a proprietary licensing of their code, it only takes one person with a substantial copyright claim to the code to break any potential deal.

In short, the real "issue" is that companies are used to being able to buy, with money, away any copyright issues. Having to buy, with following what they might consider bizarre, licensing agreements to continue and dealing with ways multiple licenses could conflict is a pretty large shift in how many businesses work, and some are certainly unwilling to make such a transition.

Re:You can't hook things together...

[einhverfr]

IANAL, but I think the correct answer probably is "it depends."

I personally don't buy the idea that using dynamically linked libraries means derivation. Obviously mixing creative content in screen output/story telling in a game might be. Obviously static linking would. But the dynamic linking argument seems dubius to me.

I would be inclined to allow it provided:
Each portion complies with its own license.
Identifiable portions of non-GPL code are not derived (meaning creative content beyond a list of facts is included-- most C header files are just a list of function declarations, which really amount to catalogs of facts)
For GPL 3, any non-gpl code link *to* GPL code, and the GPL 3 does not link *to* code which cannot be relicensed under the GPL.

But IANAL, just a software developer struggling with similar issues (see my journal for more details).

Re:You can't hook things together...

[slash.duncan]

Well, in reply to the GP, at least the GPL makes specific exception for the OS, so no, NOT everything can be regarded as derived from the OS, because it's specifically excepted.

The same applies to the case in the parent where a company has something 20/50/30 GPL/AFL/own code. The GPL specifically excepts what one does for one's own use, and that /includes/ companies (in at least the corporate form, and AFAIK, the partnership as well, don't know about others). Thus, the only possible problem with the example above is the AFL, which I'm not familiar enough to evaluate. The GPL is fine with it and it's assumed that the company is fine with it for its own code as well. (This is why controversial semi-closed-source modules such as those from NVidia and ATI aren't issues at all for the users, only possibly for the the distributors including the creators, ATI and NVidia. As far as the GPL is concerned, a non-distributing user always has an absolute right to do whatever he wants with the code, subject of course to contrary provisions of the licenses on the other code he may be merging, but that's of no interest to the GPL, only potentially to the other license and its licensor.) In GPL terms, "distribution" within the company isn't considered distribution at all. I'm not sure how this relates to cross-subsidiary distribution, however. You'd best check that with the FSF or get the opinion of your own lawyer for that. (Borrowing from another poster's idea... "Damnit, Jim. I'm a free software user, not a lawyer.")

All that said, the last paragraph of the parent really says it all. Companies ARE used to being able to buy away, with money, any copyright issues, and this whole idea of payment in code has taken and continues to take quite some getting used to. Still, given the large and continuing to increase share of freedomware in at least the server market today, enough businesses have accepted the deal that failing to do so can put one at crippling competitive disadvantage.

While the same share hasn't reached the desktop yet, acceptance of the formerly found radical licenses of FLOSS on the server means companies have generally faced the license issue to at least some degree, and that's one less obstruction to adoption on the desktop as well. (Of course, desktop adoption has been only inching up, more outside the US than in, but with Dell's successful and expanding Linux on the desktop intro, one can hope the dam has finally broken. Regardless of whether this is the much vaunted "Year of the Linux desktop, one thing I've found for sure, riding the Free/Libre and Open Source Software wave has never been a dull ride for long, and if there's one fairly safe prediction, it's that such will continue to be the case for quite some time yet! =8^)

Duncan

Re:You can't hook things together...

[10101001+10101001]

But the dynamic linking argument seems dubius to me.

While I'd agree that dynamic linking is dubious, the general issue has more to do with just how dubious "derivative work" is. Unfortunately, copyright wasn't written with the consideration that one might substantially rely upon the work of another to allow for something to function. As a result, derivative work was cast as widely as possible to avoid the situation where someone might meld one's one work with someone else's merely as a means to justify effective piracy.

But then, one could point at dynamic linking as nothing more than saying "look at book X for further details". The problem is, when it comes to software, it's closer to "stop reading here, turn to page ## of book X, read a paragraph, then resume here". But at that point, you're effectively including another work in your own. Even if it *were* just like using book X more as a plot guide to what your "book" is about, your "book" ends up functioning as the continuation of a series, which under copyright falls under the scope of a derivative work.

In short, I think FSF's argument has legal merit. It's just not something anyone has pushed before because the effect of pushing it for anyone else (and possibly even for the FSF) would be to cripple a platform. Oh, and IANAL, either.

Re:You can't hook things together...

[10101001+10101001]

In GPL terms, "distribution" within the company isn't considered distribution at all.

The GPL isn't the law, however. So, as much as the GPL might not "consider" it distribution, if the legal system in which the GPL is evaluated *does* consider it distribution, the company has to treat it like distribution. So, the better approach to the situation is for the GPL to include special provisions for distribution within a company. Anything else is merely commentary, not a method of resolving legal hurdles to overcome the concerns of possible copyright infringement.

Re:You can't hook things together...

[einhverfr]

IANAL, (and I Am an American, so this may only apply to the US) but I have been doing a lot of research into this. One of the better sources I have found is the Eclipse Licensing FAQ because it tends to link to laws and legal analysis unlike the FSF which seems to link to rantings of the way RMS thinks the licenses *should* work in the Republic of GNU.

Copyright law seems to define derivative work as a work which involves the transformation of one copyrighted work into another. For example making a movie out of a book. There are actually fairly well established approaches to analyzing whether a work is in fact derivative. My readings of this subject have lead me to conclude that:

1) Static linking always creates a new copyrighted work which may be either a derivative or a compilation. Either way, redistribution requires copyright license.
2) Dynamic linking by itself is not reason to think that a work is derivative.
3) Dynamically linking add-ons, as well as separate programs could create derivative works under certain circumstances (though these are unrestricted in the GPL provided that certain distribution requirements are met).

Since I am not a lawyer, understand that this is mostly technical reasoning here. My law undertanding my be completely off, or may only apply in limited circumstances or jurisdictions. Hence while this makes for interesting conversation, it is not legal advice.

Copyright only covers expressive elements

Since 1991 (coincidently the year the GPL v2 was released), the US has used a standard of originality in addressing what is subject to copyright protections, as opposed to a sweat of the brow standard. In this approach mere facts cannot be copyrighted, only expressive content. Hence recipies are generally difficult to copyright (though if the instructions were in iambic pentameter....), as are general lists of other facts.

Dynamic Linking in C

When one creates a dynamic linked application in C, one includes a header file, which usually (if best practices are followed) is simply a list of facts. In the source code, this is done by #include which tells the preprocessor to strip the comments out of the header file and place what is left in the application where it is. While it would certainly be possible to include expressive elements in a header file, I think these would be difficult to show in general.

If you filter out the lists of facts from the header file, if there is nothing significant left, it is not derivative. Note that this does not prevent someone from including lots of expressive material in the header files, but this does not preclude the developer manually copying the function declarations (which are mere facts not subject to protection) into his source file or own headers by hand.

The linker then resolves symbols between the libraries used and the program calling the functions. Again, this is purely functional, and I would find it to be difficult at least to argue that this means that there is a derivative work. Dynamically loaded libraries are kept by the linker in separate address spaces (but the same protected memory segments) than the calling application. Thus they are loosely coupled.

Think about it. Are all Windows programs derivative works of WIndows libraries? Could Microsoft litterally say "no more versions of Cygwin or MinGW" and use copyright law to force something like this? What about ODBC drivers?

Dynamic linking in Perl

In Perl, the 'use' statement has an effect of loading a Perl module into a separate logical memory space, and allowing function calls to be ampped beween these similar to a linker. I would find it difficult to argue that, even given the combination in RAM, that issuing a 'use' statement creates a derivative work. Since there are no header files, this actually seems safer in Perl than in C.

What about other add-ons?

In some cases screen output has been seen as copyrighted work. Thus add-ons may violat

Re:You can't hook things together...

[10101001+10101001]

IANAL, either. And I don't think blog postings (at least, comments to blog postings) count as something one should be held reasponably accountable for...short of some reasonable reason to the contrary.

Copyright law seems to define derivative work as a work which involves the transformation of one copyrighted work into another. For example making a movie out of a book.

No. Derivative works include not only transformations of an existing work but also "sequals" to a work. Look, for example, at The Wind Done Gone and the struggle against the copyright holder of Gone With the Wind. Now, you might think that this is stupid, but commercial ventures are given a lot less leeway to further "develop" an existing work. And using the excuse that "it was designed precisely to be developed by others" doesn't work as an excuse. Look no further than greeting card companies and their copyrighting (and trademarking) of various characters for sublicensing.

If you filter out the lists of facts from the header file, if there is nothing significant left, it is not derivative.

You're missing the point. The problem doesn't come into effect because you're using the header file to a library. The problem is that you're linking against the library, and the library is copyrighted. As you point out, the program and the dynamic library become conjoined in the address space, in virtually the same way a static library would be (in fact, for gcc, the difference in compilation is usually as simple as "-shared" vs "-static"). The fact that you don't necessarily provide the dynamic library with your program doesn't sound like a reasonable excuse for the merging of the two separate works. In short, it's legally dubious (consider the pending case of companies trying to sell data to special DVD players to create family-friendly censored films) thanks to the vagueness of copyright law.

Think about it. Are all Windows programs derivative works of WIndows libraries? Could Microsoft litterally say "no more versions of Cygwin or MinGW" and use copyright law to force something like this? What about ODBC drivers?

Perhaps they are derivative works of Windows. But as I previously stated, in the software world, there's an often unstated assumption that such types of derivative works are "okay" (ie, you won't be sued over them). If Microsoft tried to suddenly change the framework of this situation, I'm not really sure what would happen.

Since there are no header files, this actually seems safer in Perl than in C.

Except for special defines, the header file is there to help convince the C compiler that what you're doing is "legal" according to the library/code that's being used. Ie, the real concern is the linking (usually), so I don't see Perl's method somehow alleviating that concern.

The cardinal rule of *business* in such things is that the license says what the licensor says it means unless and until it is worth going to court over.

This is the key point. OS makers are most often in the business of making money through selling their OS (or hardware joined to the OS). It's not their business to stiffle applications that would draw people to their OS (exception being, possibly, if those applications compete against applications the OS maker makes; but that's usually a different department). There's simply not enough court rulings to make clear how and in what way the merging of copyrighted codes is acceptable without running into derivative status. One can only hope that the courts rely less on technicality and more on accepted practices, given the otherwise chilling effect I'd imagine a technical decision would have.

Or, I can continue hoping that copyright is put to an end, precisely because a large part of the idea of copyright is to allow one person to profit for allowing others to expand up

Re:You can't hook things together...

[einhverfr]

Again, IANAL.

No. Derivative works include not only transformations of an existing work but also "sequals" to a work. Look, for example, at The Wind Done Gone and the struggle against the copyright holder of Gone With the Wind. Now, you might think that this is stupid, but commercial ventures are given a lot less leeway to further "develop" an existing work. And using the excuse that "it was designed precisely to be developed by others" doesn't work as an excuse. Look no further than greeting card companies and their copyrighting (and trademarking) of various characters for sublicensing. True, but this is a subset of what I was talking about. In the sequel or different perspective case, original elements of a copyrighted work are transformed and included in a new work. This includes storylines, character backgrounds, etc. Similarly, software screen output may be copyrighted and other programs which alter that screen output may create derivative works under some circumstances.

In short, what matters is that creative, expressive content beyond that which is functionally required is transformed and included in significant ways. I do not believe that this impacts dynamic linking.

One of the more understandable tests for determining derivation is called the Gates Test (after a case involving Gates Rubber) and is also called the AFC test. Abstract the works, filter out nonprotected content (including functional ideas), and compare what is left.

You're missing the point. The problem doesn't come into effect because you're using the header file to a library. The problem is that you're linking against the library, and the library is copyrighted. As you point out, the program and the dynamic library become conjoined in the address space, in virtually the same way a static library would be (in fact, for gcc, the difference in compilation is usually as simple as "-shared" vs "-static"). The fact that you don't necessarily provide the dynamic library with your program doesn't sound like a reasonable excuse for the merging of the two separate works. In short, it's legally dubious (consider the pending case of companies trying to sell data to special DVD players to create family-friendly censored films) thanks to the vagueness of copyright law.

They are sufficiently separate that GDB can go through a stack dump of library calls. Note that static linking at least creates an aggregate work which may or may not be subject of additional protections (my guess after research is not, when done after compiling by a linker), but still requires the author's permission to redistribute as a whole.

For linking to imply derivation, you would have to show that your copyrighted, expressive elements of your work ended up in my application. This must go beyond mere functional elements, and merely copying into the same protected memory space (but different address ranges) wouldn't in my view count.

If I hypotethetically created a library win assembly with identical function access points, but entirely different internals, and it could be with the program with no further alterations, then it would seem to me that this would allow the works to be separable from a derivation perspective. If this is the case, at best, you might be able to argue that the protected memory space might be a collected work but it would not make my program derivative simply because it copies your library into the same protected memory space and uses its ABI to execute portions.

Extending this slightly, if I create a library with an identical API to yours, but different internals, and I use the linker to do the symbol resolution (since symbol resolution would be non-expressive and only function-oriented), it could be loaded into RAM as compatible replacement, this again suggests that the expressive content of your library is not required to run my program and therefore it is not a derivative work. At best you are left with the idea that it is a collected work and this might not even be the case (be

Re:You can't hook things together...

[10101001+10101001]

For linking to imply derivation, you would have to show that your copyrighted, expressive elements of your work ended up in my application. This must go beyond mere functional elements, and merely copying into the same protected memory space (but different address ranges) wouldn't in my view count.

Granted. But that's the difference between linking in 20 libraries "just because" versus one's code actually making use of those 20 libraries. The former, though, seems like a great way to effectively violate someone else's copyright by turning one's program into an archive of libraries. Given that software is functional, and the point of libraries is a repository of functionality, trying to go back to the idea of a "creative" standard seems somewhat humorous. But, I guess that comes down to the idea of whether one chose a library "because it was there" vs "because function X is really good at doing what it does, signifying a good bit of creativity/effort in its design". The fact that, in general, optimization of an optimal algorithm is as much a creative as a brute-force approach and that optimizations are the main reason to choose one library over another (beyond one library simply lacking certain functions; with functionality questionably a basis to claim copyright) just makes the whole situation more murky.

If I hypotethetically created a library win assembly with identical function access points, but entirely different internals, and it could be with the program with no further alterations, then it would seem to me that this would allow the works to be separable from a derivation perspective.

Right, but the thing is that that's hypothetical. Given the very nature of software, it's possible to fundamental alter the underlying library of almost any program and maintain the same functionality (although you might violate some patents along the way). I think a more realistic standard is to recognize just how common the underlying library is in the real world, not to draw on hypotheticals. From that standard, dynamically linking against glibc, which provides a posix-like standard, would be very different to dynamically linking against cube 3d's rendering engine library. It's hard to set the same standard for everything. Or, the fact that there's WINE and Windows helps making the Win32 API a standard and hence Win32 programs not derivative of Windows.

I think the fundamental problem is that the legislative branch really hasn't chimed in to determine things, leaving various circuit courts to make their own determinations. The AFC Test, as mentioned, is apparently not held equally by all courts. So, regional jurisdiction has a large part to play in what counts as a derivative work. But, even if the AFC Test were standrd, the main arguing point is the difference between functional code vs expressive code, when generally "good" code hackers work to express an idea by making optimally functional code (usually in minimizing use of space, time, or code space; but sometimes, it is in the form of making one segment of code do many, very different things). Ie, the more functional the code is, the more expressive it is (and vice versa).

Relying on the courts to sort out the legality of copyrighted things just doesn't seem the best way to encourage business in copyrighted works.

Re:You can't hook things together...

[einhverfr]

Granted. But that's the difference between linking in 20 libraries "just because" versus one's code actually making use of those 20 libraries.

No. Because *use* is functional and not protected. At least in the US, Canada, and Germany. I don't know about the UK. IANAL, again.

Given that software is functional, and the point of libraries is a repository of functionality, trying to go back to the idea of a "creative" standard seems somewhat humorous.

Actually, I think the whole application of copyright to software is humourous. THe idea is that copyrights are supposed to offer incentive for authors to provide works which will eventually become part of the public domain. The current application of copyright to software does not do this. Regardless of the laws involved, the effective term of the copyright of Windows is indefinite because
a) when it becomes part of the public domain, no computers will be able to run it and
b) when it becomes part of the public domain, only small portions of it (object code, screen output) will be effectively accessible.

Note that the Gates v Bando case in particular was not around when the GPL2 was drafted and hence may have presumed more protection than might be afforded. WHile this has not been applied in the same way across the circuits of the US, the same principles are usually at work. I.e. there is a difference between an idea and the expression of that idea. The former isn't subject to protection but the latter is.

Working as a software engineer I can tell you that reading other peoples' code, there is a lot of originality in code and a lot of it isn't a good thing ;-) Try reading the SQL-Ledger code some time....

Furthermore, screen output may be copyrighted, so it may be possible to have separate programs even running on separate computers which create unauthorized derivative works under certain cases. For example, an argument might be made that programs which add transparency to walls in games might create derivative works regardless of how they are implemented.

But, I guess that comes down to the idea of whether one chose a library "because it was there" vs "because function X is really good at doing what it does, signifying a good bit of creativity/effort in its design".

Or maybe because it fills a useful function? Since when are useful functions subject to copyright as opposed to patent law?

The fact that, in general, optimization of an optimal algorithm is as much a creative as a brute-force approach and that optimizations are the main reason to choose one library over another (beyond one library simply lacking certain functions; with functionality questionably a basis to claim copyright) just makes the whole situation more murky.

Without a doubt. But this doesn't change the fact that the program itself does not include those expressive elements. Even when it is run, nothing precludes one from writing another library which the program would also support.

Right, but the thing is that that's hypothetical. Given the very nature of software, it's possible to fundamental alter the underlying library of almost any program and maintain the same functionality (although you might violate some patents along the way).

Patents are a very different issue. If you have patents, then none of what I am saying applies to those patent rights :-).

I think a more realistic standard is to recognize just how common the underlying library is in the real world, not to draw on hypotheticals. From that standard, dynamically linking against glibc, which provides a posix-like standard, would be very different to dynamically linking against cube 3d's rendering engine library.

I am not sure. There are many areas which do offer drop-in library replacements without the backing of standards. ODBC, for example. By your argument, if I create a library with the same API as cu

I don't get it

[tie_guy_matt]

Don't most open source licenses have one thing in common: you can use the software and install it on as many computers as you want free of charge. The problem comes up when you modify the code and then want to redistribute it. My question is how many businesses are modifying tons of different programs so that they have to worry about tons of different licenses? And if your company is big enough that you are modifying tons of programs then don't you have legal department with an army of high priced lawyers who would love to do nothing else but make sure you dotted all your i's and crossed your t's when it comes to the licenses? Maybe I missed something.

Re:I don't get it

[E5Rebel]

Try and get it. We have just had SCO waste everyones' time for the last two or three years spreading FUD. That is over. The economic case for businesses using open source is obvious for the end user so why not understand where the next problems might come from that might slow down its adoption? The problem outlined in this article is as much for those trying to make a living from open source programming - changing the code, mixing and matching the best that is there and creating something better. It is in everyone's interests to fight complexity in open source licensing and it is likely to be a constant battle - just like it is to stop a great OS forking into rival products

Re:I don't get it

[DogDude]

And if your company is big enough that you are modifying tons of programs then don't you have legal department with an army of high priced lawyers who would love to do nothing else but make sure you dotted all your i's and crossed your t's when it comes to the licenses? Maybe I missed something.

You're missing the point that lawyers aren't free. Lawyers cost more than software developers.

Re:I don't get it

[Ohreally_factor]

It is in everyone's interests to fight complexity in open source licensing and it is likely to be a constant battle - just like it is to stop a great OS forking into rival products Why do you say that? Is there one true license to rule us all? And what's wrong with forking, exactly? One of the strengths of the GPL 2 is that it allows forks and then allows merging. You seem to be proposing some sort of unification . . . of what exactly? and under whom? Is there going to be some central committee that will determine which forks to allow and which to prohibit?

more licenses than what?

[asabjorn]

Most proprietary ISPs tend to have their own End User License Agreements that is either specific to the company or the product. Adding to that 88% of the sourceforge projects choose one of 3 licenses. The GPL license prevails, at 77% of projects. The LGPL is second at 6%, and BSD trails in third at 5%. All other licenses account from 3% to 1%.
http://asay.blogspot.com/2005/09/analyst-nature-an d-size-of-open-source.html

So when dealing with open source projects you supposedly have a problem with license proliferation? You have to deal with 1000 licenses? I don't buy that.

Also it is worth to notice that it is common that EULAs have special clauses on how the software can be used, by who and how the software can be distributed within the organization. Some of these clauses can truly be quite interesting.
http://www.theregister.co.uk/2006/10/29/microsoft_ vista_eula_analysis/ (plenty of other article if you don't like this source)

All OSI approved open source licenses permit the distribution of software with little to no worry compared to EULA governed software. No more Bussiness Software Allicance audits which can threaten to disrupt your normal bussiness. It is when you change the software or distribute it externally that you have to worry about the open source software license, but then, that is a different discussion since it is not normal for proprietary software to allow that.

Open Sources Licenses for sale

[infonography]

Dear Friend,

My late father was the finace minister for the pervious administration in Nigeria, in his weill he bequitehd me the income from meany open sourse licenses however since the new government crackdown we have had difficulites in tranparting themo out of th country. A reputable frind who can transport them out of the country for me needs a small advance to pay for expenses once we have these open sources license on the open market we can realize great proifit.

I have a limited introductory offer for any software you want at a low low rate per seat. Comes with Complemetary Viagra from te late presidents presonal stores.

Please send to my paypal account darl.mcbride@sco.com

Revised copyright law

[iamacat]

• Source code must be made available to any recipient of binary code upon request
• The customer must then agree to safeguard the source and be responsible for damages if leaked. The copyright owner can demand a proof that a particular customer is willing and able to honor a contract. Customers can create modified versions for private use distribute binaries and source to anyone who already obtained the corresponding original from the author.
• Copyright expires after 14 years, as envisioned by the founders, at which time source becomes public domain.
• Anyone, including the original author, can then create derived works from the source and again distribute them under protection of copyright for another 14 years

This will ensure that license incompatibilities only last a limited time, commercial software can be sold/protected from leaks by teenagers and derivative works can be created both during and after the copyright duration.

The answer is SIMPLE

[Breakfast+Pants]

New projects going forward should all be released public domain. Bam. *All* projects can now use your code. Because of crazy liability statutes and crazy precedence, you will need to put a disclaim of liability/warranty on the code when *you* distribute it, but there isn't any need at all to make others who distribute it do so by adding a license term contingent on *their* distribution--that's the biggest downfall of the non-advertising clause BSD license, but in practice isn't that big of a deal. I am not a lawyer, but I *don't* ANAL; sorry.

Easily figure out licenses?

[silversturm]

Is there a single site that elaborates what the highlights of major licenses are? I get put off by reading these novels sometimes, not to mention the legalese sometimes gets me confused (yes I need to is smarter). Something like this would be great:

GPL: Can do this, this, and this. Can't do this, this and this.
GPL2: Can do this, this, and this. Can't do this, this and this.
Apache: Can do this, this, and this. Can't do this, this and this.
MS EULA: Can do this, this, and this. Can't do this, this and this.
...

Does anything like this exist today?

Re:Easily figure out licenses?

[Ohreally_factor]

A compatibility chart would be nice also.

Well, yes and no.

[jd]

Yes, you're absolutely right that there are only a few "core" licenses that others are derived from. NASA's Open Source license is based on the GPL, for example. However, there ARE a lot of licenses out there. It would be far, far better if there was some sort of inheritance mechanism for licenses. That way, it would be clear what had borrowed what from what, lawyers would be dealing with change sets (which they're familiar with) rather than re-written texts, and instead of a long linear list, we would have a much more compact tree.

Would this reduce the number of licenses? Initially, no. You'd simply reorganize them into a structure. Would it improve understanding of the licenses? Yes. Understanding would increase exponentially, rather than linearly, as a person worked their way through. Would it eventually lead to a reduction in the number of licenses? Yes. A lot of them have trivial or insignificant change sets and making this obvious to all would create pressure to consolidate where appropriate.

Ok, but doesn't the sheer number also create pressure? Yes, but it may NOT always be appropriate, and there may be unexpected and undesirable results. Make thing clear FIRST, and THEN make changes, not the other way round.

Re:Well, yes and no.

[Ohreally_factor]

This is actually a workable, or at least functional, idea you have. It's not trying to artificially limit the number of licenses, nor would it actually limit the number of licenses, but it would certainly narrow down most usage to those licenses that are commonly used, and discourage trivial proliferation.

Re:Well, yes and no.

Yeah, but do we use CVS/SVN, or BitKeeper for keeping track of the license changes? :P

Re:Well, yes and no.

[jd]

Use something everyone will love/hate equally. Arch.

Re:Well, yes and no.

[trifish]

NASA's Open Source license is based on the GPL, for example

Sorry, but that is an absolutely false statement. They are two completely different licenses and it's certainly not based on the GPL.

Would be cool to do it automatically

[radarsat1]

I've had the idea for a while that it would be cool to design some kind of formal language to describe licenses, so that you could apply logical rules to cancel out conflicting requirements and determine whether licenses are compatible with each other.

Sure, legalese is pretty "formal", but it's not computer-science *formal*. How cool would that be to encode laws and legal conditions such that they are provably effective?

Someone must have done something like this...

(That said, I've never really understood why people choose licenses other than BSD or GPL, since these seem to express some basic viewpoints on how F/OSS should work, but I guess people have their own reasons, which is fine with me actually.)

Re:Would be cool to do it automatically

[einhverfr]

Sounds doable. BUt how are you going to get a Lawyer to do something that would jeopardize his/her job security?

Re:Would be cool to do it automatically

[ljw1004]

True first-year university exam question at Cambridge, about 1990, for computer-science undergraduate:

"[...] Here is three-paragraph extract from the Customs and Excise law governing the alcohol and tobacco you're allowed to bring into the country. Rewrite it in PROLOG."

Re:Would be cool to do it automatically

This has already been done. Lawyers have created a language to describe licenses, and logical rules that most definitely cancel out conflicting requirements, to allow a determination of whether the licenses are compatible. The problem is that the language is English, which isn't machine parseable, because machines are so god-awfully stupid.

The problem isn't the law. It's that computers are dumb, dumb, dumb.

Re:Would be cool to do it automatically

[The+One+and+Only]

Without some radically improved method of natural language recognition, you'd have to translate licenses into some decidable system of symbolic logic. That is, not surprisingly, the most difficult part of the task--any first or second year philosophy student knows the algorithm for checking the logical consistency of a set of statements in symbolic logic.

Re:Would be cool to do it automatically

[shutdown+-p+now]

The problem is that the language is English, which isn't machine parseable, because machines are so god-awfully stupid.

No, the problem is that the language is not English (but confusingly pretends to be), and whatever it is, it's not parseable by an average human either.

a lawyer's view

[faceword]

I represented an company that had developed a closed source software product that had incorporated several open source (but not GPL'ed) libraries, each released under a different license.

There was a transaction cost, in that the company had to pay my law firm to review each license to be sure the distribution of the product did not violate the license. Some of the licenses had attribution requirements, including one which required the verbatim reproduction of the open source license within the distribution. I advised my client as such, and they included that license within a readme file, complete with the glaring typos that were in the original.

The cost of a junior lawyer spending a few hours reviewing six different licenses (approx $300 per hour) was lower than recreating the code from scratch -- so it is hard to argue that the proliferation of licenses is problematic. My client was still better off than if it had to spend an extra week of development time authoring the libraries.

Re:a lawyer's view

[JohnFluxx]

Out of interest, did you have to review the license agreements on the normal closed source software?

Re:a lawyer's view

[cfulmer]

Oy vey. I'm also a lawyer and get a couple of deals like this a month. There are generally a handful of well-used licenses -- the GPL, the LGPL, Apache 2.0, occasionally the Mozilla license. And then there are times when the client makes a choice -- with mySQL, for example, you choose either the GPL or the commercial license. These are generally well understood, and helping a client through that stuff is pretty easy.

The harder parts is often that the client doesn't understand exactly what they use -- there are a LOT of cross tie-ins in the Open Source world: you're using X, which is licensed under one open source license, but it uses Y, which is licensed under a different one, and both of them run in this operating environment licensed under Z. Often, they may know about X and Y, but don't know about Z, or know about X and Z, but not Y, etc.....

For the overwhelming majority

[stox]

of corporate open source adopters, there is no issue, as they will not be selling and distributing the software. For those that do, open source licenses tend to cover many different products, whereas each closed product will have a different license. So, if nothing else, open source is slowly reducing the number of licenses you have to worry about.

MS XPe Licence

[russ1337]

Having just reviewed the Microsoft XPE OEM and Runtime licenses and a whole bunch of 'off-the-shelf' commercial software for some work I'm doing, navigating what you can and can't do with the software is not all that easy.... (vs what you are required to do under many FOSS licenses). Imagine the worst EULA you've ever seen, then change it randomly and apply a different restrictions to each application you're using with completely different conditions. Then put them all on one system.

The whole time I was thinking to myself this would be all so much easier if all this was under GPL....

(I'm no lawyer, (I don't even play one on TV) I was just looking at 'does our implementation make us subject to clause x'... etc.)

Re:who gives a fuck?

Now there's a way to make them seem evil. I've hardly ever seen the word "loyalist" without the word "paramilitaries" directly after it.

Isolation of components in separate processes

[tepples]

What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff? Both. You have to isolate each component that has a different copyleft license in its own separate process, communicating with other processes through pipes or sockets. This sort of refactoring to decouple programs can be almost as labor-intensive as development from scratch, especially on an embedded system whose sliver of an operating system has little or no support for multitasking.

But do you havea license to...

[msimm]

rock? Because when it comes right down to it I think that's all this poor analyst was looking for. Just admit it, you want to rock? You know Linus knows how to rock. John Hall looks fresh out of a Greatful Dead concert (although I was thinking more along the lines of AC/DC, but whatever man). Linux totally has the license to rock.

Re:But do you havea license to...

[morgan_greywolf]

No more drinking/smoking/snorting before you post on Slashdot, k? ;)

My reciprocal commitment is in the mail

[ClosedSource]

Sure. Try telling your landlord that you going to pay him in "reciprocal commitments".

Re:My reciprocal commitment is in the mail

[babblefrog]

I'm pretty sure I've seen movies where that was the arrangement. Or rather, I've seen a few minutes of such movies.

Re:My reciprocal commitment is in the mail

[falconwolf]

Sure. Try telling your landlord that you going to pay him in "reciprocal commitments".

Some do but in another way. A leaser or renter may be able to have rent reduced or get a refund. I live in an appartment now and when I moved in I received a refund on the rent for watching the building. I'd clean the grounds and building as well as let repairmen in for repairs. Now another renter gets a refund for mowing the lawn.

Falcon

Plot them in a chart.

[khasim]

I'm still not seeing why the OSI hasn't developed a CHART where each license is placed based upon what it allows and what it restricts.

No, this doesn't have to be a 2 dimensional line.

Then, any gaps would be easily seen and a line could be drawn saying "all licenses below this point are compatible with the GPL v2" or whatever license you're looking at.

Then there wouldn't be a question of which license to use. Just look for which one meets your minimal requirements.

Object oriented licencing?

[IPFreely]

So what we really need is a smaller set of base licenses that include object oriented features like inheritence, interfaces and templates.

I can see it now:

public MyLicense extends BSD implements Attribution;

or

public NPL extends GPL implements OwnerTakeback;

Re:Object oriented licencing?

[Warbothong]

private MicrosoftPermissiveLicense extends BSD implements GPLIncompatible ():

____def __init__(self):

________self.phaseOne()

________time.sleep(999)

________self.phaseTwo()

________time.sleep(999)

________self.phaseThree()

____private undocumented phaseOne(self):

________super(embrace)

________self.assignOwnership(MSFT)

________print 'pwned'

____public void phaseTwo(self):

________super(extend)

________print '????'

____private cash phaseThree(self):

________super(extinguish)

________while True:

____________self.profit += 1

Re:Object oriented licencing?

[junglee_iitk]

Instead of those underscores you could have used Plain Old Text, as I always do.

Re:Object oriented licencing?

[Ansoni-San]

Those were instead of tabs? I thought it was just python. *Zing*

Let them suffer

[bug1]

"What can be done to minimize multiple-license pain for corporate open source adopters?"

Why should corporate users get an easy ride ?

Corporate users are the ones who would likely turn on us and destroy the community if it would boost the next profit report by a few percent.

Its not about users its about the source code.

But i guess if it turns out that corporate users a big on giving constructive feedback, bug reports then i guess we should give a shit, but i expect they are too busy using to do anything else.

They don't have to worry about it much.....

[budword]

because UNLESS they are also DISTRIBUTING said software, they probably don't have to worry about the license very much. Especially if they stick to a GPL style license. If they are in the business of distributing software, then they damn well better have a clue on how to handle the terms of the licenses of the software they choose to use. At the end of the day, the free software world doesn't need the suits, it's the suits that need FOSS.

World Peace

If only everyone used the Beer-Ware license.

Re:When using them, all the licenses say the same

[einhverfr]

Because everyone draws lines different places and threatens legal action if you cross those lines.

The cardinal rule of *business* relating to intellectual property law is that the licene means what the licensor says it means unless and untill it becomes worth fighting in court. I run a business. IANAL.

I actually see this complexity to be a good thing. It forces licenses to compete. And it raises the likelihood of lawsuits relating to the limits of each open source license. Lawsuits (as long as I am not involved) are a good thing because they provide points of reference as to legal limits of the licenses.

Does anyone here think that merely linking is sufficient to show derivation? WOuldn't this give OS vendors like Microsoft exclusive control over the development of applications for their platform? Why are these different?

Ignore them

[nurb432]

If its 'open' its mine to do with as i please.

Re:Ignore them

Most OSS licenses are not 'open" as you've defined it. GPL certainly doesn't let you do anything you want with the code.

Re:Ignore them

[nurb432]

Open = i can see the code. If i can see the code, i can do anything i want with it i wish as far as im concerned.

Ignore the details - use the code

[presidenteloco]

I know when I'm faced with a bewildering array of different licenses that I can't keep track of,
I just download the software, use it, and get on with the rest of my day.

At a certain level of complexity, all you can do is zone out. I don't have time to become an
intellectual property lawyer at night school.

So yeah, radical simplification of the situation would be a good thing for all concerned.

Minor disagreement

[einhverfr]

WHile what you say is exactly right for most OSI-approved licenses, there is at least one exception that I am aware of.

Larry Rosen's OSL requires distributing the source code of any software which is used by people outside your organization, at least by my lay reading of section 5 (IANAL). So it does seem wise to have lawyers read the licenses for hidden surprises of this sort. Of course, this doesn't add complexity for mere use because this is going to be the same for nearly every license out there (so you are just looking for exceptions).

In distribution it becomes a pain though....

huh

[Vexorian]

1) Truly open source licenses don't govern use.
2) Most users don't distribute

Therefore there is not much of added complexity...

Not to mention the fact that there may be 1000 open source licenses, that does not mean the projects with multiple license use more than 3 and the differences on the licenses in a single project tend not to be big, and it is very unlikely you would not get into one of the 10 most common ones.

corporate OSS

[sohp]

It seems *companies* that release a version of or part of their software as open source seem to have an aversion to using existing licenses. Too many of them take a common license, and then just change the name. This is also true for open-source foundations that are arms of the various companies. Consider:

        * Apache Software License
        * Apache License, 2.0
        * Apple Public Source License
        * Computer Associates Trusted Open Source License 1.1
        * Eclipse Public License
        * IBM Public License
        * Intel Open Source License
        * Jabber Open Source License
        * Lucent Public License Version 1.02
        * Mozilla Public License 1.1 (MPL)
        * Qt Public License (QPL)
        * RealNetworks Public Source License V1.0
        * Sun Public License
        * Zope Public License

And that list is selection from *just* the OSI-approved ones, never mind the rest of them touted as open but not approved. Is it the lawyers or marketing that drives this idea of taking a perfectly good license, making minor customizations, and stamping it with a brand name?

Gentoo has 865 licenses

[justrob]

Well, you're pretty wrong.

Gentoo has 865 licenses covering the packages in their tree as of today:

$ ls -l /usr/portage/licenses/ |wc -l
865

Hilarious!

[IchBinEinPenguin]

Closed source compliance costs are such that the company I work for has moved to "Open (Wallet) Licensing" (http://www.microsoft.com/licensing/programs/open/ default.mspx).

We effectively buy 2 windows licenses for every box (one OEM, one volume license), we even have to pay for non-MS boxes (you license every box 'capable of running windows' regardless of whether or not it does. I run Ubuntu and I'm still paying an annual fee to MS!!).

Yeah, our problem is the proliferation of FOSS licenses (all of which basically say "do whatever you want in-house").

Red Herring! FUD!

[erroneus]

As if companies read the EULAs of all the commercial software they buy and use? Aren't they all different as well? There's bound to be more than just thousands of commercial licenses.

What do companies do with commercial licenses? They generally presume certain things about it and generally try to behave accordingly. The only differences with F/OSS in a business environment is they might need to scan the license for suitability in a business environment one time before deciding to use it or not. (That's one of the few things that can 'get them' using F/OSS is that some licenses say "you should pay or donate if you're using this in a business, but it's free for personal use.") Otherwise, general 'best practices' when using F/OSS in a business should apply... don't try to sell it unless you know damn well you can. Modify it if you want, but don't try to sell it unless you follow the rules, and on and on...

It's not about the thousands of licenses. It's about knowing where you can and cannot step and most of it is pretty common-sense-like. The numeric abstract "thousands" is meant to frighten people. The reality is that barely a few different licenses would apply and each one should be considered on a case-by-case basis just as with commercial software. Are you installing your commercial OS in a virtual machine?

You better be sure you're able to do that legally!!

What can be done

[iminplaya]

to minimize multiple-license pain for corporate open source adopters?

Words cannot describe the perfectly self-explanatory solution we have at our fingertips. So simple it is that no-one can see it, much less accept it.

You need to read the GPL again.

[twitter]

Why does everyone love the GPL? By forcing users of the code to obey...

One reason people love the GPL is that it has no use conditions, only distribution. The core ethic is that users are free to use the code for any purpose and to share the same with their neighbors.

BSD for me- it's basically public domain (the best solution IMO) but it strokes my ego by making sure my name is included in the code :)

The GPL will preserve your copyright notice too, unless you turn that copyright over to the FSF or other organization. Do you know anyone outside of Redmond that actually strips copyright notices from their source code?

Re:You need to read the GPL again.

[jb.hl.com]

Do you know anyone outside of Redmond that actually strips copyright notices from their source code?

The BSD software Microsoft uses (or used, not sure but I think they removed a lot of it progressively with XP and Vista) still carries Berkeley/University of California copyright notices (run strings on it if you don't believe me). Try again.

Re:You need to read the GPL again.

[twitter]

The BSD software Microsoft uses (or used, not sure but I think they removed a lot of it progressively with XP and Vista) still carries Berkeley/University of California copyright notices (run strings on it if you don't believe me). Try again.

Your article is from 2001. Try something more recent than win98 for yourself.

Re:You need to read the GPL again.

[jb.hl.com]

Your article is from 2001. Try something more recent than win98 for yourself.

Considering that you haven't used anything from "M$" for years, that's kinda throwing rocks in a glass house from you, twitty my dear, but just to humour you: strings run on a copy of ftp.exe taken directly from Windows XP Professional SP2 and then grepped.

Now shut up.

Re:You need to read the GPL again.

[The+Bungi]

That's rich, considering you've been whining about "Bartko" and DR-DOS for the last ten years.

Re:Red Herring! FUD!

[Shados]

Well, the deal with software, is that (at least for large companies), the cost of commercial license is a write off. At my previous jobs, we got a few douzan MSDN Premium with VS2005 Team Suite (something like 12-15 grands canadian....the canadian price is like 30% higher than USD btw, kindda funny) and it was written off on the corner of a table. Its unnoticeable in a large budget.

The important part though, is let say you didn't read the license, and turns out that MSDN isn't a yearly fee, its every 6 months. Or that (as is amazingly common), you're using software from MSDN as production software (as opposed to development software), which, according to the EULA, can't be done. What do you do? Sign a few thousand dollars check in the worse case scenario. Big deal. If you used Vista Home Basic on virtual machines, again, sign a check and upgrade, its straightforward and about the worse that realistically happens

Now, let say I have a software with douzans of millions lines of code, and I use GPL software all over the place, because, like with commercial software, you didn't read the license, and you distribute it like nuts. Now, a couple of things can happen if you get caught(not in any particular order):

1) You deal with the guy who wrote the GPL stuff you're using for a commercial license. Then its like commercial software, no biggy.

2) You're asked to open source your stuff. I know the software we're writing at my current workplace gets several hundreds of thousands of dollars a shot, and is really nothing, except for ONE DLL that has 7 years of work in it, and its a raw algorythm (just an amazingly complex one). If that algorythm becomes easy to fetch, competitors will pop up left and right (we currently have virtually none), and we're out (not that we don't have a plan Bs in case it happens, but...). So thats worse than having to sign a 100000$ check. Not an option.

3) You have to take out the GPL stuff from your code. If its huge and integrated (no external library should ever be, but go tell that to 95% of the wannabe software architects out there), there's no taking it out. You'll have to spend months refactoring. Again, a lot worse than having to pay a few douzan thousand bucks to microsoft.

So all around, my point is, as a general rule, if you don't read licenses of commercial softwares, USUALY the consequences are a lot less dire than with many OSS licenses. Of course, I simply read the licenses and its never a problem, so no biggy for me, but there's a lot of idiots out there :)

copyrights

[falconwolf]

I think copyright will fail because it serves the interests of those in the developed nations, not the interests of the developing nations.

Copyrights are supposed to encourage creaters to create, by giving them a limited monopoly on what they create. With the monopoly they can then attempt to receive compensation by selling what they create or copies thereof.

Also, those who do not prevent their population from having free and universal access to intellectual works will have more educated citizenry, and will see a rise in productivity as a result.

Fair Use should serve enough for this. With fair use a teacher could copy small parts of a work to pass out to students who then could see how something is done. Of course Fair Use means nothing now in the US.

Also, those cultures who attempt to impose barriers that prevent the proliferation of their cultural views will become marginalized, while those who encourage their culture to spread will find more allies and like-mindedness from the other cultures that do the same.

Agreed!

Falcon

OSI? So what?

[Jane+Q.+Public]

So what? That means nothing. Most licenses are not approved by OSI, and most open-source software authors do not give a damn about OSI.

The big boys might... but the vast majority of open-source (like the vast majority of businesses), are the "little people" who don't want to bother with (and probably don't like) corporate lawyers.

One turd to rule them all

Everyone can standardize on the anti-business and anti-commerical GPLv3. The fact it was created specifically to attack Microsoft... that's just an added bonus.

How to advocate Free Software

twitter, please read this carefully. Following this advice will make Slashdot a better place for everyone, including yourself.

• As a representative of the Linux community, participate in mailing list and newsgroup discussions in a professional manner. Refrain from name-calling and use of vulgar language. Consider yourself a member of a virtual corporation with Mr. Torvalds as your Chief Executive Officer. Your words will either enhance or degrade the image the reader has of the Linux community.
• Avoid hyperbole and unsubstantiated claims at all costs. It's unprofessional and will result in unproductive discussions.
• A thoughtful, well-reasoned response to a posting will not only provide insight for your readers, but will also increase their respect for your knowledge and abilities.
• Always remember that if you insult or are disrespectful to someone, their negative experience may be shared with many others. If you do offend someone, please try to make amends.
• Focus on what Linux has to offer. There is no need to bash the competition. Linux is a good, solid product that stands on its own.
• Respect the use of other operating systems. While Linux is a wonderful platform, it does not meet everyone's needs.
• Refer to another product by its proper name. There's nothing to be gained by attempting to ridicule a company or its products by using "creative spelling". If we expect respect for Linux, we must respect other products.
• Give credit where credit is due. Linux is just the kernel. Without the efforts of people involved with the GNU project , MIT, Berkeley and others too numerous to mention, the Linux kernel would not be very useful to most people.
• Don't insist that Linux is the only answer for a particular application. Just as the Linux community cherishes the freedom that Linux provides them, Linux only solutions would deprive others of their freedom.
• There will be cases where Linux is not the answer. Be the first to recognize this and offer another solution.

From http://www.ibiblio.org/pub/linux/docs/HOWTO/Advoca cy

Peer review of your code

[vrmlguy]

A few nitpicks... You don't need most of the supporting scripts. Perl has the -n and -a flags that duplicate the implicit looping of 'awk', pattern matching duplicates 'grep', autovivification means you don't have to initialize your hash, and array slicing will take care of 'head'.

eix -v | perl -ane '$licenses{$F[1]}++ if /License/; END {@sorted = sort {$licenses{$b} <=> $licenses{$a}} keys %licenses; print "$licenses{$_} $_\n" for @sorted[0 .. 9]}'

Note that I don't have Gentoo, thus the above (and the below) is untested. However, it looks like either of our versions would be a nifty tool to include with the distro. In that case, I'd move the 'eix -v' inside the Perl script and provide a command-line parameter and usage instructions:

#!/bin/perl -an
BEGIN {
$limit = $ARGV[0] if @ARGV;
die "usage: $0 [limit]\n where 'limit' is a number (default is all)\n"
unless $limit =~ /^\d*$/;
open(STDIN, "eix -v|")
}
$licenses{$F[1]}++ if /License/;
END {
@sorted = sort {$licenses{$b} <=> $licenses{$a}} keys %licenses;
$limit ||= $#sorted;
print "$licenses{$_} $_\n" for @sorted[0 .. $limit];
}

Re:Peer review of your code

[LiquidFire_HK]

Thank you for the improvements. I did not know about the -a option and BEGIN/END.

The script I had written was a quick-and-dirty solution; I didn't initially intend to do this for all licenses but just to grep for GPL and then wc -l, hence the useless use of grep and awk.

I should also point out that the "eix" tool is not included with the distro. It's a tool that indexes the package database for very fast searching, and I recommend it to everyone using Gentoo (just emerge eix). The license script, however, should probably use portage's search, "emerge -s ''" instead of "eix -v", so that it can remove the dependency on eix and so that it can always be up-to-date. I used eix simply because it is much faster. It should probably also have some better matching, on /^\s+License:/ instead of /License/, otherwise if a package's description happens to contain a capitalized word "License", it would grab that too (no such packages yet :).

Re:Red Herring! FUD!

[david_thornley]

The only differences with F/OSS in a business environment is they might need to scan the license for suitability in a business environment one time before deciding to use it or not. (That's one of the few things that can 'get them' using F/OSS is that some licenses say "you should pay or donate if you're using this in a business, but it's free for personal use.")

If a license says something like that, it is neither free nor open source. Neither the OSI nor the FSF will approve a license that directly restricts commercial use. If developers would simply use one of the standard licenses (like modified BSD or GPL), this would never be a problem.

Like I said in another article here

[Master+of+Transhuman]

When are we going to get back to coding and stop being license cops?

Get a clue. The license does not matter. The attitude matters.

All the OSS licenses in the world will not help if the attitude about contributing is wrong.

This was inevitable. As soon as you believe in "intellectual property", it becomes a zero-sum game in which you HAVE to WIN over someone else and control their behavior. And this inevitably leads to a proliferation of legal maneuvers until the rate of return drops to zero, with everyone spending more time interpreting the legalities than coding.

Drop the licenses completely, STFU and get back to coding.