Slashdot Mirror
DJB Releases All Source to Public Domain
A Sage Developer writes "During a recent conference, Sage Days 6, Dan Bernstein (who has recently come under attack for his licensing policy) was among the invited speakers. During a panel discussion on the future of open source mathematics software, Bernstein declared that all of his past and future code would be released to the public domain. This includes qmail, primegen, and a number of other projects. Given the headache that incompatibility between GPLv3 and GPLv2 is causing developers, will we see more of this?"
Heh, for a second there I thought it said gmail. . .I was somewhat curious was Google wasn't mentioned at all; figured they'd have an opinion on the matter :-p
If you are about to mod me down, keep in mind that this post was most likely sarcastic.
No.
Not in a manner disproportionate to what we've seen in the past anyway. Some people will keep gpl2 as their license, others will go gpl3, bsd, or one of any of the OSI licenses for the most part, because people like attribution, they like retaining (some) control of their work.
This comment is fully compliant with RFC 527.
The reason I ask is that I read some releasing a new version of netqmail with smtp auth patches in it, and this is really waiting on DJB to do something about this issue. My servers are currently taking a big hit from spam and a clean way to block it in smtpd would make life a lot easier for me.
http://michaelsmith.id.au
Just wanted to get that in there.
I like qmail. This is both good and bad.
The good is that allows people to fix, and distribute the fixes as part of the package instead of as a bunch of patches.
The bad is the security of the result. One of the hallmarks of the DJB software is that it is secure and he backs it up with a $500 (it may be $1000 now) bounty for security holes in the software. Many people referred to him as arrogant because of his refusal, but when you are good, you sometimes develop an attitude that people mistake for arrogance. Even so, it is HIS code, so he gets to do what he wants with it.
Fight Spammers!
Oh, and I thought it is because of excessive drinking! Now I know: blame FSF!
May Peace Prevail On Earth
Some projects already do this with some outstanding success, the first that comes to mind is SQLite (http://www.sqlite.org/). They started in the public domain and seemed to have really benifited from user uptake and contributions, not just from users but corporations.
It's an ironic twist that native Americans have been attached to the term "indian giver" when it was primarily the White Man who harbored ulterior motives when presenting gifts to the natives.
If you share, share. If you don't want to share, don't share. It used to be as easy as that. The GPL and its derivatives introduced a weird twist on the sharing that if you partake in the sharing, you must also share alike. This makes sense in the software world since a copy to you doesn't mean that I am deprived of a copy for myself. Sharing is something that you ought to do. The GPL pushes that one step further by making sharing a requirement. Now receiving obliges you to give in return (if copyright wasn't the basis for the GPL, would Stallman have required distribution too?).
It all got so confusing, and now with GPL3 putting further restrictions on sharers, I think we are seeing a bit of backlash. Not only because it is difficult to reconcile differences between implementations under GPL2 with the newer version, but also because the greater restrictions are a smack in the face to the original reason anyone wanted to get involved in the first place, i.e. to share.
Sharing is a good thing, and should be encouraged. But to try to regulate every single loophole and corner case is going too far. Public domain remains the last safe haven for shareable code. Good on DJB.
Qmail, IMO would have been far superior to postfix had this happened 5 years ago.
Nothing anyone does with fixing or distributing fixes as a package will make the vanilla version from cr.yp.to any less secure.
Which he's also refused to pay in a few notable cases where most people tend to agree it was deserved.
Don't quote me on that, though...
Don't thank God, thank a doctor!
Even if he donates it to public domain, he still wrote it. It may not be 'his' in the sense of exclusive control, but it is still his 'child'.
Fight Spammers!
I really like DJB approach in many programs but his daemon as services makes his good programs difficult to use. /etc/init.d , that will be cool.
I would like to use dnscache as a normal daemon, one below the
Can't seem to load the video: hangs. Is it possible that Google can be slashdotted?
The crypto software and FFT software especially so, but maintenance isn't always as hot. That's hardly DJB's fault - they are public domain and nobody has run with them. On the other hand, it is not acceptable that his software is not being properly distributed, promoted or documented. Nor is it acceptable that he allows his personality quirks to interfere with the primary purpose of getting code into active circulation.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
"web services" is a kind of strange thing; it just means software with an HTTP interface. Just because you use HTTP doesn't mean you have to share. It's perfectly possible to use even AGPLv3 (let alone GPLv3) software yourself or within your company. The only point at which you have to share AGPL software is at the point where the users of your software are outsiders. It's funny how we see so much anti-GPL FUD again. Probably you've learned this by reading articles about the GPL which are spreading such rumors. It's a good idea to jut go and read the license directly together with it's surrounding explanations and you'll find it's much easier to understand this way.
So that's what made me gay... Case closed!
I agree with those who say tha PD ilimitated freedom can generate chaos, but if you REALLY care about freedom, if you really want about your code being used without limitations and with full potential and without the ego of being recognised as the author, etc. PD is the ONLY way to go. Compare this to those millioners that give millios to charity and report to the press (GPL). or those who you never lknow about their donations (PD). It's actually about ego. Do you care about your rights? No? You only care about your code really contributing to the humanity? Only PD can help.
Another question is about that some countries don't recognise PD as a legal license. I know some people that actually have kind of bypased that issue by realising some code COMPLETLY anonymously. That way there is NOONE who holds the copyright. Believeme, owr lawyers here at out university had some issues with such a code and they didn't even know how to proceed. The concept of property is the base of our societies, so PD kind of confuses our poor heads...
It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
Quick! Somebody call the RIAA/MPAA Goons. We can't have this sort of radical thinking. Public Domain? Is this man really . . . a woman?
Hint for yokels everywhere. Yes, he used to be.
DJB is so late to this party. Releasing his code about 5 years ago would have been more useful to the rest of us. Myself, like many other people, threw the towel in on using his tools seriously a long time ago. At least endless qmail patching isn't needed anymore for those devoted to that MTA.
READY.
PRINT ""+-0
There are two vastly different interpretations of the GPLv2's intent.
Linus' interpretation is, so long as we get to see the code, it's fine, even if we can't do anything with it.
That is not the original intent. Say what you will about RMS, but he wrote the damned thing.
Do you know why RMS started this "free software crusade", founded GNU, and wrote any GPL at all? It starts with a printer. He'd messed with the old printer driver for the old printer -- it was prone to paper jams, so his hack was to at least detect a jam and alert the user, even if he couldn't fix it. Well, the new model of printer came in, and he was all set to port his fix, but he didn't have source code.
That's why GPLv2 is all about source code -- RMS wants to be able to tinker with any device he owns, and he saw lack of source code as the only thing stopping him. In the case of this printer driver, it was. But now we have tivoization. Tell me, if the lab computer was set to only accept signed binaries, what good would any amount of source code be? He could change it to do his paper-jam-fixing-hack, and even compile it -- he could do anything but run it -- which makes it completely useless.
Linus has a point, and so do you -- there is some academic value in seeing how people did what they did.
But Linus and you miss the crucial point -- it's not about restricting the developers, it's about empowering the users. The GPLv3 guarantees that any piece of software you get that's GPLv3-licensed, you can modify it, recompile it, and run it in the same way as the original. What's restrictive about that?
Don't thank God, thank a doctor!
Whereas, Windows is obviously for people who enjoy (or don't even realise they are) being shafted up the "asstunnel".
Je fume. Tu fumes. Nous fûmes!
Given the headache that incompatibility between GPLv3 and GPLv2 is causing developers, will we see more of this?
DJB changing the license for his software has nothing to do with GPLv2 vs GPLv3. His software was actually not open source !
wtf.n0x.org
Coming Soon! Microsoft Embraced QMail with Extended features for use only by MS applications....
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
Woodward won't like Bernstein giving the source to the public.
Doesn't mean that it is closer to what the author of the code considers "open".
Have a look a TdR's stance on BSD and its' inclusion into GPL code: PD would NOT have fitted better what he considers "open source". Or look at MS's "Shared Source" initiative. They even mention opening the source code to customers in their blurb on it. But it isn't PD'd. Would that be because PD isn't what MS want to mean "open"? It's MSPL/LPL licenses are "open" but not PD as well.
So feel fine to submit your code to the public domain.
That is a total crap excuse. Just look at a previous game title attacked by congress: Night Trap. Night Trap could've been declared a G rated movie for kids. There was no sex or little violence. No sane person could possibly call that violence. Creatures wearing black clothes grabbing people and sucking red food coloring through a tube. Oh yeah, scary violence which should be banned forever.
Then you get to the real reason "they" want to put in restrictions on devices, so they can stop people from fully using property they bought. I remember buying a digital camera from Aiptek, and it said I wasn't allowed to let anyone outside of my immediate family use it. WTF? So, if I'm in Paris, and I ask some stranger (or even a friend) to take my picture in front of some landmark, then I'm breaking the "license" for the camera???? I suppose next they'll require me to pay them a fee to copy pictures I took. After all, they made the camera, and so therefore all pictures taken by that camera are their "intellectual property" because the pictures are derivative works.
Yeah sure, and your parents have the right to abuse you because they created you, right?
Good. DBJDNS is, overall, a solid piece of software that kicks the crap outta Bind and leaves it bleeding in a ditch. I'll be glad to see it under a more open license that allows it to prosper and get some of its problems addressed.
Tom Caudron
http://tom.digitalelite.com/
-Tom
Public Domain licensing seems to be the worst of all worlds to me.
By definition, something in the public domain doesn't require any licence because it's been released from copyright.
That aside, I don't see how it can possibly be a bad thing if someone is kind enough to release their useful work to everyone without restriction. If you want to use it in your own work, whether it is commercial, OSS, public domain or otherwise, you can do so. No-one else can take that away from you, regardless of anything they may themselves do with the work and any licensing conditions they may wish to impose on the result. If your personal beliefs mean you want to release your own code building on the public domain work under the GPL so others using your work must adhere to certain conditions, you are free to do so. You just can't impose such a condition on the original or anyone else using it, but since the original was nothing to do with you, I fail to see why that is a problem.
How is this, then, the "worst of all worlds"? It seems to me that the so-called "free software" evangelists could learn something from this... like what freedom really means. A clue: if your code comes with more restrictions than none, it's not really free, no matter how often you repeat the word. The "freeware" crowd claimed it first, and their version is compatible with my dictionary.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Some people will keep gpl2 as their license, others will go gpl3, bsd, or one of any of the OSI licenses for the most part, because people like attribution, they like retaining (some) control of their work.
Exactly. And the headache is in the troller's imagination. It's like imagining that one gets a headache every morning because there are 75 brands of cereal you can buy. Stupid FUDding summary. People (including djb) use the license they want to use, no more, no less.
you had me at #!
Actually, if you like qmail you need to have your brain checked.
correct!!!
Qmail bugs and wishlist Reasons to never use qmail or to start forking qmail
Grundgesetz * 23. Mai 1949 - 30. November 2007 - http://www.vorratsdatenspeicherung.de/
Yes. By no means am I some big-time developer, but the code I do release is always public domain. First off, people tend to treat everything on the internet as if it's free anyway. Second, even if I did license it more restrictively, I probably lack the means to legally pursue any violations of it. And third, it's just easier and simpler than getting all caught up in licensing issues. I find the absolute freedom that comes with public domain to be beautiful, in a sense.
There are enough hard-core qmail zealots (and I kinda lean that way myself) that I'm sure there will be different packages available for the different distros within a year.
FreeBSD for the impatient.
Also, I'm not familiar with the qmail source; what are some of the wheels that djb reinvented?
Laws do not persuade just because they threaten. --Seneca
My concern about the GPL is that, while it is very friendly towards businesses who want to release and then control the direction of their open source products (I did not say projects), it can have a stifling effect on community. Compare for example, the MySQL development model (one company *controls* what goes into the next release) with the PostgreSQL development model. In many ways Linux is an exception rather than a rule, and even GNU suffers from politics of internal control (for example RMS dismissing the head HURD architect, Thomas BUshnell, for arguing against considering the GFDL to be "Free" according to Debian's guidelines-- if this is the free speech to be associated with the FSF's free software, I want no part of the FSF).
The GPL is in many ways a sort of halfway house for companies who want to do open source but not community-centered development. If MySQL was under the BSD license, there is no way they could maintain the central control-- they would have to open up the commit access to many people in other companies, and could not sell proprietary licenses because there would be no market for them.
The GPL, while having legitimate uses, is more of a political statement than anything else. I say this as someone who contributes thousands of lines of code per week into GPL'd projects.
THe GPL v3 is confusing in number of ways. For example, there is some concern over whether a company cedes patent rights over their own patents by merely using GPLv3 software, this is because of missing one little definition buried not in the definitions section but elsewhere in the license (section 11. paragraph 6, as much as a quick reading might otherwise support the concern, only applies to distribution relying on *explicit* patent licenses hence one cannot inadvertently license patents by mere distribution of the software).
A larger issue with the GPL v3 is that section 7 can be read to be incompatible with licenses such as the BSD and MIT licenses, perhaps even with the public domain. The question is, whether paragraph 2 (removal of additional permissions) must apply to portions under other licenses as well. A plain reading of the license suggests that this is the case (and my conversations with Eben Moglen suggest he thinks that this is the case, and furthermore that he believes that licenses such as the BSD and MIT licenses allow for additional restrictions to be added to the license when merely copying the software. It is clear from public speeches that this is also the view of RMS).
However, as another member of the SFLC pointed out to me, this was not the intent of a large number of authors of the license, and that few if any lawyers are willing to give advice that changing the license on a verbatim copy of a permissively licensed work is allowed (see the SFLC's memo on ISCL/GPL collaboration). They argue that since compatibility with licenses like the BSD license was a goal, that it needs to be read as compatible. Hence they argue that the additional things you can do with BSD-licensed code fall outside of the definition in section 7 of additional terms and are not governed by the GPL v3 at all.
However, if and until we see a memo from the SFLC on that topic, we will not have a neutral document to point to and say "this is what the license means." Hence it seems to me that every project ought to contemplate these issues, seek legal advice, and include some clarifying statements in the project's documentation.
This is too much trouble for me to go to in my projects so there is no incentive to move. I *am* considering moving a fair bit of my company's projects from the GPL to some variant of the MIT or ISC license however.
LedgerSMB: Open source Accounting/ERP
n/t
> For many others, myself included, the price for that code is far too high (dictating release terms for my own software).
It's not your own software and I think that's the problem here. Even BSD software that you incorporate isn't your own software. In fact, the only way it COULD be your own software is if you chose the GPL as the license, in which case you could still use it any damn way you please because you don't license your own software to yourself.
Thus, you're saying that you mind someone else dictating release terms for their own software because you want to do it yourself. If you want to argue against something, at least make sure you can think straight first. You seem to think that you own other people's software just because it's BSD or public domain. Further, you hate the GPL for "dictating release terms" because you want to dictate them for what is actually other people's software that you've convinced yourself is your own.
If you're going to complain, at least take care to understand exactly what code belongs to whom and when and how licenses apply. Or maybe that's why you don't like the GPL? Because it points out that other people's code isn't yours when you're to lazy, intellectually, to keep that straight?
Most of these points have come out of arguments with both developers and lawyers as to the restrictions in the GPL:
1: If you download a copy of the GCC under the GPL v3, are you licensing your patents which the GCC infringes on to all third parties?
After a lot of discussion on and off various lists, the answer is no, but you have to stop using the GCC prior to suing anyone or else other people could conceivably sue you. However, this is confusing because it is easy to miss the definition of patent license in section 11 (which excludes any implicit licenses).
2: Can one incorporate whole files from the public domain or permissive licenses into at GPL v3 work? While everyone seems to answer "yes" the different reasonings behind the answers leave a lot of confusion.
According to Mr Moglen, for example, *all* code in a GPL v3 project is governed by the restrictions of the GPL v3, and one can only use, say, ISC-licensed files because one can convert the license to the GPL v3 plus the attribution notice. Mr Moglen in my conversations with him seems to feel that section 7, paragraph 2 (removal of additional permissions) *does* apply to any files included in verbatim under more permissive licenses (and the only limitation is what the courts will allow one to enforce). In public speeches, RMS seems to take a similar view (arguing that a right to relicense the work is a prerequisite for license compatibility).
However, I would note that the Software Freedom Law Center does *not* recommend changing the licenses on permissively licensed files included verbatim, seemingly contradicting Mr Moglen's viewpoint. Other lawyers in the SFLC have suggested that one is *not* allowed to change licenses on such files unless they are modified. They get around this argument by stating that additional things you can do with code under such licenses in other projects are outside the scope of section 7, paragraph 1 definitions of additional terms and therefore are *not* governed by the GPL. Hence another license only conflicts with the GPL if it imposes additional restrictions which the GPL does not allow, or prevents modifications to those files from being licensed under the GPL.
So, if the BSD, ISC, and MIT licenses are to be interpreted as *not* allowing license changes on verbatim or non-literal (i.e. those with minor edits) copies, then would people like Mr Moglen and RMS state that this means they are incompatible? This is something where ideally we should have public commentary about this specific issue from both the FSF and the SFLC. Otherwise, projects, IMO (IANAL) should probably get proper legal help and add licensing FAQ's to help clarify these issues.
LedgerSMB: Open source Accounting/ERP
We had an Epson printer and a HP inkjet. We had PCs (for which there were drivers) and a Vax server for which there were no drivers. Neither company would make a printer driver for a VAX 3100. However, there was enough information in the manual with the printers to create a printer driver.
So there is no need to be able to make a better driver than the manufacturer, because they were not going to make one at all.
Now they don't give out enough information on how to do this, so we would need the source code for the driver to do this again.
It was odd how you've managed to "spin" this into being RMS's fault when the manufacturer was ostensibly the one at fault: would you allow a known defect in your cars' engine management system which caused 1% of the times the engine to flood when starting? No. So why is it OK for a printer?
That was my impression also. My first thought on reading this summary was that Bernstein making a verbal announcement doesn't really mean all that much, since -- if I understand the situation correctly -- part of the trouble has been his reluctance to say things in writing in the code distribution.
If you folks are coming into this story in the middle, djb is probably best known as the author of "qmail" (that's a "Q" not a "G"), which was once upon a time one of the few alternates to "sendmail" (these days, there's "postfix" and "exim" and probably some others).
Among other quirks, licensing of "qmail" has always been a sticky issue. I suggest reading Rick Moen's take on this subject:
That appears to be his take on 'software law', his own page at http://cr.yp.to/softwarelaw.html shows his position. Hoever, from an open-source point of view, notice how how he doesn't allow for distributions of modified versions of his software?
... As long as you're not distributing the software, you have nothing to worry about. ".
/var/qmail hierarchy as a user would obtain by downloading, compiling, and installing qmail-1.03.tar.gz, fastforward-0.51.tar.gz, and dot-forward-0.71.tar.gz;" (same page).
.tar.gz (1.03) is in the public domain)
"Once you've legally downloaded a program, you can compile it. You can run it. You can modify it. You can distribute your patches for other people to use
Right, really open source that. He's asserting the absence of a license allows only the distribution of patches (which could well be true) but not particuarlly open-source like! Critically, you have no redistribution rights to the program itself from the absence of a license. Indeed, I think DJB and RMS are in agreement on this point.
DJB did, however, allow limited redistribution, so long as the tar.gz's were the specific tar.gz's that he distributed with that exact MD5 checksum. The only precompiled binaries you were permitted to distribute "if (1) installing the package produces exactly the same
Again, no redistribution of modified source or binaries derived from modified source - definintly not open-source.
(That same page, now, merely states the final
His code was covered under copyright, except for rights he specifically relinquishes, all the way up to public domain which is a relinquishment of all copyrights. He didn't attach a license because it is ridiculous to force users of software to read through some legal document before they can run the program
The freedom to use a program without having to consult a lawyer is apparently not an important freedom as far as rms and the FSF are concerned. They were much more concerned with showing how clever they were to be able to hack existing copyright law and come up with the GPL.
Now almost all software comes with a legal license that almost no users actually read and fewer understand. At some point in the future we may actually have courts clarify various issues regarding how copyright applies to source code, programs, the internet, and so on, but this won't help users because they will have to wait for the courts to rule on all of the various licenses as well. Note that most licenses almost certainly contain some terms which are unenforceable, and most users are violating some terms of the license. Which terms? Nobody knows for sure until the various parties decide to sic the lawyers on each other.
Qmail was in the past the only good alternative to sendmail, but the limitations enforced by DJB made it stop in time. At same time postfix and exim evolved and specially postfix is not ALOT better than both sendmail and qmail...
,quite the opposite, qmail tries to take over the unix filesystem, libraries and philosophy, where postfix follow the standard unix tools philosophy.
So right now there is no reason to use it
finally, why the hell is that comment about GPL, DJB didnt used GPL, quite the opposite, it was because he used a crazy close license that qmail died
ps: yes, i know that many people still use qmail, but that is because they dont know postfix, they simple installed qmail in the past and never tried any other MTA
Higuita
Public domain code (i.e., a copyright freedom) doesn't say anything about whether the code contains patents. I'll grant that if the person who released it tried to assert patent restrictions, they woud probably fall afoul of the doctrine of latches, this doesn't imply that the same is true for modifications that you make to the code.
It also doesn't say anything about trademarks, but since those need to be actively defended you would probably hear rather quickly if that was being used for a stealth attack. Patents are different. This is why most people intending stealth attacks prefer patents. Even then there are limits, but you don't want the expense of being on the wrong end of a patent suit, no matter how frivolous.
I think we've pushed this "anyone can grow up to be president" thing too far.
I can only hope...
I don't call that "beating" it. People can, in fact, still obtain the source, which is a lot better than being unable to obtain the source.
However, web services do "break" the original spirit of the GPL no matter what, in that even if Slashdot shares source (which I think they do), I can't run my own modified Slashdot on Slashdot itself. I'm not sure of a way around this, really, although it's still an incremental improvement to require source in any case.
Don't thank God, thank a doctor!