Slashdot Mirror
Is Apache Or GPL Better For Open-Source Business?
mjasay writes "While the GPL powers as much as 77% of all SourceForge projects, Eric Raymond argues that the GPL is 'a confession of fear and weakness' that 'slows down open-source adoption' because of the fear and uncertainty the GPL provokes. Raymond's argument seems to be that if openness is the winning strategy, an argument Michael Tiemann advocates, wouldn't it make sense to use the most open license? Geir Magnusson of the Apache Software Foundation suggests that there are few 'pure' GPL-only open-source projects, as GPL-prone developers have to 'modify it in some way to get around the enforcement of Freedom(SM) in GPL so people can use the project.' But the real benefit of Apache-style licensing may not be for developers at all, and rather accrue to businesses hoping to drive adoption of their products: Apache licensing may encourage broader, deeper adoption than the GPL. The old GPL vs. BSD/Apache debate may not be about developer preferences so much as new business realities."
GPL or Apache doesn't really matters -- what matters is if you can make money. There essential matter is whether the software in question is a tool you use or the product you sell itself. If it's just a tool, the GPL makes sense, so you get contributions back. If it's your product itself, neither GPL nor Apache makes sense.
Be relentless!
If you're trying to get a protocol or "standard" of some kind as widely adopted as possible, then you should use a more permissive license (e.g. BSD, MIT, Apache). If you want people to embrace your product, yet then have to buy a license from you if they want to modify it in any proprietary way, you use the GPL.
It's basically a business question of whether you plan to make money DIRECTLY from the code (i.e. GPL), or whether you have ulterior motives for making money elsewhere (i.e. Apache). For examples of the latter, most of the largest permissive-licensed projects (Apache, Firefox, etc) are bankrolled by Microsoft competitors as a means to block Microsoft from having full monopoly power in a particular niche.
This really is a TIRED and boring flamewar. There simply is no "one license to rule them all". It depends on what you're trying to accomplish.
One thing the GPL offers that BSD-type licenses don't: protection from competitors. When a business releases it's code under a BSD-type license, it's competitors are free to take that code and expand upon it to make new products while keeping their code secret. As a business that means that you're always giving to your competitors but they don't have to give anything to you in return. The GPL, by contrast, allows your competitor to use your code as the basis for their enhanced product only if they give you their code in return. That means that whenever your competitor uses your code to gain a competitive advantage, you can grab his code in return and match him. You're never left holding the short end of the code-exchange stick. The only way a competitor can use your code without letting you use any improvements he makes is to not make any changes to your code at all. But if he's not making any changes or enhancements, you always have the first-mover advantage and he'll never be able to offer anything you aren't already offering. From a business standpoint, if you're going to open the source code at all the GPL provides assurance that the only way your competitors can hitch a free ride is if they accept always being in second place behind you when it comes to new features.
That's assuming you can open the code in the first place. For code that's not critical to your business it's an easy answer. If the code is critical to your business, the first question you need to ask is whether or not you can open it to the world in the first place. Opening it means the entire world can see the exact thing that sets your business apart from others in that case, OTOH it also means the entire world can offer improvements and that means you're effectively getting a development department not even giants like IBM and Microsoft can afford for free. Keeping it closed means you can avoid revealing the keys to your success, OTOH it also means there's huge amounts of useful software out there that you can't use and will have to pay to get (either in cash to buy commercial versions or in time to duplicate the functionality). I can't say whether the trade-off's worth it for any particular business or not, but as a businessman you'd better be asking that question and getting a solid, well-grounded answer to it.
Yes.
Error: password can't contain reverse spelling of ancient Chinese emperor
And there you hit the nail on the head. If the software is the means to some other end, then yes, the GPL or some derivative would seem to make the most sense, in order to ensure that any improvements someone else might come up with are propagated back into the main branch. I would wager that this holds true for most FOSS projects -- and the SourceForge figures of 70% of projects using the GPL would seem to back this up.
But if, as you note, the software is the end in itself, if it is the product one is trying to sell, then proprietary is really the only way to go, simply from the perspective of locking others out.
And therein lies the crux of the conflict -- those keenest to use any piece of software are also keenest to see it spread and improve as quickly and efficiently as possible, while those trying to sell any piece of software are less interested in improvements than in maintaining exclusive control. These would appear to be orthogonal goals. The alternate model of giving the software away for free and charging for service instead adds an interesting wrinkle to the equation.
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
How does having the ability to close down the product a better freedom?
Actually with the GPL, you can dual license since it's your own software and thus have a free GPL version and then a privately extended version if that is what you business is looking to do...
With BSD, well, all your concurrent company can do the same and compete in the proprietary version with you, how is that helping you?
Raymond argues that GPL is bad because it's an uncertain license... what?
If Cisco can't read that it has to distribute source code, well, that is a shame with all their lawyers.
Anyone else KNOW what they have to do. So there is no ambiguity there!
Same goes for Google's Android going with the Apache license...
Basically in that super proprietary cell phone world, they are more than happy to have it under a BSD like license.
Now every company can build an OS together and all close them on their side leaving you, the user, with nothing out of that openness except the base system which might well be unusable.
See how MacOS X free part is free/useful compared to the full product? Haha! ...
So they save on development cost, like they would have with the GPL but remove the idea that they want to guarantee that this investment will be guaranteed in the future.
It's like a trap to win the cellphone OS race and then, when it's too late and they have such an insurmountable market share, they close it and we go back to business as usual...
As a user i can't trust that, I'll go with Maemo, OpenMoko or anything that has as much GPL as possible if i have a choice!
(which right now I don't really have, but this year is going to be interesting! I hope ...)
You have identified the major points though:
The GPL does not preclude the open source community from forking and out innovating me. But any innovation done has to be done in the clear, assuming those changes are beyond "customizations" for a single customer.
It's a simple matter of complex programming.
...it'd be better for business, at least in the sense that more people would find commercial opportunities with it. But would that code be open source in the first place, were it not for the GPL? I doubt it. Most companies don't want to give away source competitors could put directly in their proprietary products. Give away GPL code? To use it means the competitors would have to open source their application, turning them into a service and support company rather than product sales, where you'll beat them on accrued skill and experience. I'd also say that a lot more individual contributors subscribe to "share and share alike" than "share and kthxbye". My point is that it's not like you got two equal options, either you use GPL code or you have to write it yourself because there is no such Apache code. Would be nice if there were, but then I'd like a pony too.
Live today, because you never know what tomorrow brings
in that the Apache license dealt with patents (which, being outside copying is still able to ensure you can never use the original BSD licensed code if someone takes a patent on it) and therefore was a better BSD than the BSD license.
Eric is basically right. I've been burned in the past, so I now pay attention to the license an application uses (something you should get into the habit of doing).
Here is my decision tree for deciding to use an application licensed under any FOSS license:
1) If I plan to modify the application in any way, or use it as a library, it has to be under a BSD derived license. This means BSD, MIT, Apache, MSPL, Perl's artistic license, or anything similar. GPL, or any "viral" license is out... I dont touch GPL code anymore (actually, this is a lie, see below).
1.1) There are exceptions to the "used as a library" rule. If everybody else is using said library in their application (eg: libmysql), nobody is gonna try to GPL-ize my whole application. And if they do go after me, it will only be because I'm so successful that I become a target for such nonsense. If your library is nothing more than a CPAN module and it is GPL, I can't use it, sorry.
2) If I don't plan to modify the application for use in my project, the license becomes less important. In these cases, I look at other factors such as how active the project is. I don't like depending on projects that haven't been touched since 2005.
3) If your application or code will become a non-linked dependency of my application (for example, a GPL'd version control system), I don't really care what the license is. Since it isn't linked into my application, I won't get "infected". In fact, I might even contribute to your GPL project provided my contributions are independent works and don't come out of my own "toolkit" so-to-speak.
4) If you require me to assign copyright to you before I can contribute, you are a scam and can piss up a rope. Granted, many of the big-boys require this (most GNU stuff, Firefox(?), MySQL) and so I might be willing to cave in an contribute anyway provide what I'm contributing is an important bugfix and doesn't erode ownership my personal toolkit (i.e. the good stuff). The scam guys are companies who want ownership so they can cook up dual license schemes and profit from your work (MySQL). Scammers can pay for their own bugfixes...
Bottom line, I won't touch GPL for anything that might make my mainline code become a derivative work and force it all to become GPL'd. BSD'sh licenses cannot do this to my mainline code, so I can use their stuff and contribute anything I think they will find useful. GPL doesn't let me cherry pick useful stuff out of my code, so they miss out on some pretty cool things. Since I dont like leeching from GPL stuff (using it, but having no way to give back), I just avoid it instead.
In other words, if you GPL your project, $SUPER_BIG_COMPANY can't lift your code and make $MILLIONS$ but only at a heavy cost--the pool of people who are able to work on your project becomes much, much smaller. BSD-style licenses are attractive to business precisely because business knows they can contribute changes without getting into trouble. If I use a BSD anything, I know that I have the option to deeply embed the code into my application, still be able to contribute back any changes, and retain control over my intellectual property. GPL reduces control over my IP and thus I can only depend on it in the loosest way possible. The second I want to make any contributions, depending on how I used the GPL code, my entire portfolio might be in legal jeopardy. Not cool.
PS: IANAL
I think we have to ask: What has the GPL done for us, or at least probably done for us?
Starting a decade ago several very large corporations poured significant resources into Linux development, and were compelled to keep their contributions open-licensed and essentially free (as in beer).
Do we think that would have been the case if Linux had been Apache or BSD-licensed, or would we instead see a division into deluxe IBMLinux (that works on multi-processors and new chips and 64-bit) and open Linux that scrapes along on simple 486 hardware.
Where are we going and why are we in a handbasket?
i.e. you want to have your cake and eat it too. i.e. dual licenses schemes like MySQL's. i.e. you want to sell your GPL code.
For you "owner" of the code, yeah--especially if you are extra weasely and require copyright assignment. For contributors, it is a scam. Why the hell should I contribute to your dual licensed garbage so you can turn around and profit from my work? I never understood why such companies aren't hassled more about this. It is really a great scam--you get a bunch of people contributing to your work for free and you get to sell it all. Course, I guess the same holds true for most things on the internet--flickr doesn't take pictures, its users do and flickr profits from that. Slashdot doesn't have a script to write comments, we write them and they profit from that. So I might be wrong on this... but the dual-license guys seem way more blatant, probably because I get a lot of satisfaction posting here, but dont really get much satisfaction contributing to some faceless corporations open source project.
A sucky one though. I doubt many programmers on this board want to be in a position that the work they produce for a company is essentially worthless and the way to move up is through the tech support department. I also doubt customers would benefit either since giving away the software and charging for support creates an incentive to make shoddy software that requires a lot of hand-holding.
If you look at big companies like IBM who have really embraced OSS, they have done so precisely because of the GPL. The GPL is really the only license that makes a lot of business sense. The GPL has two major advantages over other licenses. First since you own the copyright you can dual license the code as proprietary and GPL if you wish, while making sure that code can continue to be developed by a community and protected from exploitation---the only caveat here being that you have to make sure copyrights are always assigned to you, something that many projects do. The second major advantage is that no company can use your code against you in a competitive manner. The playing field is completely level. If improving your code helps a competitor, it also helps you. Given all this, if I was a commercial company, wanted to have my projects be open source, and I owned all the copyrights, then it's a no brainer. the GPL is the only way to go. It seems like the only time people complain about the GPL is when they don't happen to have a natural copyright to the code and for some reason feel some sense of entitlement to code (if it's open source I should be able to use it how I want, dang it) just because it's OSS. It's very bizarre.
Frankly I'm surprised to hear of such blatant FUD coming from someone like ESR. I think the solution to FUD is to be a bit more vocal about defending what the GPL is actually about and how it protects users, developers, *and* commercial corporations. It's not public domain software. It's source code just like source code from any other source. If it's not yours and you don't want to abide by the license, buy rights to the code or stop complaining.
The only reason people ask this question is because they take a simplistic "one fits all" view of Open Source.
A great many ways have been tried to make money from Open Source. Dual-licensing is one of the best. It requires a strong copyleft license.
On the other side, if you are investing your own time, without pay, in an Open Source project, having folks run away with it in their commercial product makes you feel like an unpaid employee with no rights. So, a lot of people use the GPL because of that.
Apache or BSD licensing is really good if you want everyone to use your stuff regardless of what they do with it. There are many strategic reasons to do that, for example if you are trying to evangelize a standard way of doing things (that, perhaps, ties into some other aspect of your business and will eventually make you money).
Companies that apply BSD or Apache licensing to their products are really severely limiting how they can possibly make money from that product. Having seen some of these companies fail (I've not been directly involved in one, yet) it sounds like a bad idea.
The company I'm working on now does use dual licensing.
Bruce Perens.
While I appreciate all Stallman and FSF has done, I still prefer the BSD-style license (you're free to do what you want with this code, including not being free with your changes :). Forced freedom isn't true freedom, IMHO. But that's a philosophical debate.
In more practical terms, businesses operate with restrictions. They have fears of licensing problems, code contamination, and lawsuits and such. A less restrictive license such as BSD/Apache/X Windows (which, if I understand correctly, merely require attribution, not giving away your business code if it interfaces too tightly with open source content).
Honestly, what's the problem with BSD over GPL? So I take a BSD kernel (for example), hack it up with my fancy mods, resell it as a proprietary product. I am required to note, hey, this product uses BSD software under the hood. Any competitor is free to grab the same base software, and apply his own talents to competing with me.
I take a a GNU product, apply some of my special magic to it, and I'm screwed (businesswise, at least). I have to give away any enhancements I make. Blah. LGPL at least lets me use compilers, interpreted languages, libraries, and so on, as a bit of dodge. (I feel LGPL only exists because if it didn't, everybody would run screaming from GPL, and it would have died long ago. I can't link to a freakin' library without releasing my code? No thanks.)
I think that bears repeating: LGPL has helped keep GPL'd software in use. That a sign there's a problem there, IMO. With the lines between libraries, compilation, interpreters, interfacing, web access, becoming blurred (and Stallman wanting web services to have to release code), I think it's becoming more and more of a problem.
In a perfect happy world where all our needs and wants and income is taken care of, GPL all the way, man... But in world where one has to express one's talents to make a living, the socialistic ideal of GPL just doesn't jive with business.
In practice, I use GPL'd software a lot, and I am appreciative. But other than for the odd bug fix, I shy away from *ever* touching the source code, period; from a business standpoint, it'd be death.
On BSD style code I've used, I've gone in, made enhancements, and redistributed things; and when I found bugs in the core of the stuff I've worked with, I've contributed back. (But not my new, proprietary enhancements.) So I've been motivated to contribute more to the BSD-style-license world, than the GPL one.
If I'm rich some day, and can afford to work on some projects for free, I will likely contribute to GPL projects as much (although I still have the restricted-freedom philosophical problem). But while I'm in business, I won't spend any significant amount of time enhancing GPL code. It's sad, but it's a harsh reality of our world.
Love many, trust a few, do harm to none.
95% of the projects on sourceforge are rubbish that either has no release or hasn't been updated since 1992 so what does that 77% tell me? Nothing. Here is something more intereting:
Firefox - Used everywhere, Not GPL
Apache - Used everywhere, Not GPL
OpenSSH - Used everywhere, Not GPL
Perl - Used everwhere, Not GPL
PHP - Used everywhere, Not GPL
Ruby - Used everywhere, Not GPL
Rails - Used everywhere, Not GPL
PostgreSQL - used everywhere, Not GPL
My point? Dunno, but I woudn't be using sourceforce for gathering statistics.
No pity. I dont really care, honestly. Software is a tool, dammit. Not a religion. I left linux because of the politics. I just want something that works.
It's actually pretty difficult to contribute to dual-license GPL projects - they'd rather do the changes themselves and not risk legal hassles. What they want is bug reports.
When I was maintaining the ISC DHCP distribution (BSD license, BTW), I dreaded getting large patches, because I'd have to go through the whole damned patch and figure out what it actually did, and correct it. I much preferred bug reports. The idea that patches are why people open source things is really a red herring - sure, if you get a regular contributor who's really good, you can start to trust their work, but that only works for projects like linux where you have a huge number of interested geeks.
So really, what's going on with a dual-licensed model is that the owner of the copyright is using the FUD of the GPL to get people who don't trust open source or don't want to open source their own code to pay for non-GPL copies. At the same time they are offering the GPL version to the community of people who like the GPL, which spurs adoption. It's a win for everyone.
The problem with the BSD license is that the only way to get money out of it is charity, because there is no license FUD. Nothing wrong with charity, but it can make paying the bills a bit difficult.
"Firefox - Used everywhere, Not GPL"
Actually, it is. Firefox is triple licensed as GPL, LGPL and MPL. All of these licenses are so-called "copyleft" to some extent, requiring back contribution.
"Perl - Used everwhere, Not GPL"
Again. It is. PERL is dual licensed GPL and the Artistic License. The Artistic License has less restrictions than the GPL, but more restrictions than the BSD license.
"Ruby - Used everywhere, Not GPL"
Yet again. It is. Ruby is dual licensed GPL (all of it) and the Ruby license (some of it). The Ruby license does allow commercial and proprietary use, but certain parts of Ruby is not covered by the Ruby license.
Besides this name dropping is pointless. I can counter with other examples (at least with your definition of 'everywhere').
Linux - Used everywhere, GPL
OpenOffice.org - Used everywhere, GPL
MySQL - Used much more everywhere than PostgreSQL, GPL
Samba - Used everywhere, GPL.
The main point is that loads of projects see great adoption even if they use the GPL. So using the GPL to cover your bases, doesn't seem to be a great deterrent.
There is an easy answer to this. Don't make the software as your business. Most of the successful Open Source applications are made by Open Source projects in which businesses participate, not businesses whose goal is to make the software.
Am I saying that Open Source business doesn't work? Most of the time it does not. It depends on what you are doing.
Bruce Perens.
Many dual-licensed projects are perfectly happy to accept patches, as long as you sign over the copyright or the right to relicense, and swear that you are the author of work and don't know of any infringements in it.
The problem is motivating people to sign that. I think I know a way, but I'm still working on the product for my new company so don't yet have proof.
Bruce Perens.
Here is political scientist Steven Weber, writing about the tendency toward different governance styles for projects using BSD-like and GPL licenses (when he writes "Linux" he means it as an exemplar, not the only instance):
Weber, Steven, The Success of Open Source, 2004, pp. 62-63.
Assuming his claim is true, this may be because developers see the two licenses differently (e.g. contributors may feel greater incentives to contribute to GPL projects, or they may have principled reasons, or it may have to do with their identity and membership in a community). Or it may be because of the kinds of projects that pick the licenses: the typical BSD structure he describes mirrors that of big companies, perhaps because they tend to choose such licenses. Personally, I suspect all of these factors contribute. But then I find them to be compelling reasons to pick the GPL.
But the second you want to distribute it, anything that the GPL considers a derivative work becomes GPL. And *that* is why some people, like myself, prefer to avoid GPL.
The only way that something you write can "become GPL" is for you to choose to license it under the GPL. There is no other way under heaven or earth for this to happen. If you've heard otherwise, you've been misinformed.
Using the GPL takes away the *option* of ever being able to distribute our work without making it GPL.
You seem to be saying that if I choose the GPL as the license for my software, I've removing your ability to redistribute software that you derive from mine under a non-GPL license. If so, yes, that is correct. That is the price I'm charging for allowing you to derive from my work. (If you ask me with a good reason, I might allow something else, but that's the default.)
If I start using the GPL in my code, my option to distribute my codebase under a license of my choosing goes out the window
No. You can distribute your code under the GPL and then switch to another license at any time for future versions. What you cannot do is redistribute my GPL'ed code under the license of your choice.
"Not an actor, but he plays one on TV."
My customers are putting Linux in new car dashboards and cell phones.
Bruce Perens.
That is possible. What I am thinking of is a covenant to continue the development as Open Source for two years after the contribution, or to remove the contribution.
Bruce Perens.
Seriously, troll much?
It's not so people can't take the code away, it's so they can't even use it without giving changes and enhancements back.
What's shocking is your ignorance of the reasons behind people using the GPL.
Read the complaint. Don't do the stupid obvious license violations alleged in the complaint. Then you'll be fine.
Nobody violates a Free Software / Open Source license for a smart reason. Cisco hasn't got their compliance act together.
Bruce Perens.