Slashdot Mirror
Openwashing: Users and Adopters Beware
jenwike writes: With the success of open source software today, we are seeing organizations undertake more egregious marketing and promotion schemes that exaggerate their participation in, contributions to, and/or licensing of open source software. Their hope is to capitalize on the label of 'open source' and the success that goes along with it. The reality is that the responsibility is on the end-users to review the software and accompanying license to ensure it meets your expectations.
From the End-User standpoint, really the only thing that they care about is that there is a "full featured" product that is free (as in beer) and they won't have to deal with marked-up license fees. Most of the time, if a company goes to a potential client and, for example, says they are going to use an Open Source CMS system, the client basically thinks "Great! My project will be cheaper because I won't have to pay additional license fees."
In all reality, I would venture that the VAST majority of open source projects in the wild that are being used VERY RARELY have that source code looked at by anyone other than the developers that are building the system or those looking to exploit it.
For most people who are more concerned with using a system than how it is built, "Open Source" just means they have to use Google for documentation instead of calling the vendor or reading a manual.
I think that is the most insightful thing I have read on this site in years.
No one outside of neo-commies has ever heard of open source and not thought someone said open sores.
Here we go. This is effectively talking about being ideologically pure enough for open source.
Sorry, users want the end result, not the ideology. Most people do not want to deal with the political crap which goes around this.
I've seen "discussions" about this in IT almost devolve into fist fights, as someone invariably starts to sound like Stallman -- a smug, condescending prick who acts holier-than-thou and tells you how wrong you are.
So, you'll excuse me if my first response is "not everyone gives a damn, and many people do not want to hear the screeching weasels which come along with this discussion".
Rabid ideological open source are the vegans of the technology world -- mostly they piss people off and cause a lot of eye rolling as they foam at the mouth.
I've seen people go off on people who don't work in tech, and those people find themselves feeling like they've been ambushed by some idiot who tells them they'll burn in hell.
I say this whole article is flamebait.
Lost at C:>. Found at C.
A properly licensed opensource casino video game was
recently posted to the debian bug tracker as a request
for packaging, as is the standard method for pursuing
such things in debian.
The bug was quickly closed, tagged as "won't fix"
The reason given by one of the debian developers
alluded to the authors past anti-feminist remarks:
https://bugs.debian.org/cgi-bi...
The piece of software in question is licensed
under the GPL and is one of the only of it's
kind for linux (ascii-art console slot machine software)
Is professing progressive politics now a hard requirement
for being allowed to contribute to free software projects?
Openwashing? Is that actually a term now?
Most of the time blanket statements lack any facts to back it up.
The average 'end-user' of these organizations doesn't know what the fuck open source is.
This is code by someone who routinely trolls Debian. I doubt we want
any more poisonous upstreams in Debian, so I at least would prefer this
never get packaged.
Trying to hide behind the "cause celebre du jour" is pretty scuzzy.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
I love open source and software freedom, but there really have been too many scams as of late. Here are a few:
The "anonabox"- a re-badgered junk wifi device with software someone *else* wrote and was poorly implemented lacking sources and violating license agreements of utilized code (ie, the projects a scam, not the real developers whose code was utilized by the project).
"Librem" 15 from "Purism" - "“a laptop that respects your freedom" yet ships with chipsets including NVIDIA that are dependent on non-free drivers or a reverse engineered free driver (maybe, but no evidence exists the chipset is even supported rudimentary yet, let alone actually decently supported) and bogus claims by a guy who claims to have Intel's "support" for freeing the Intel firmware management engine. Something that Intel has already repeatedly refused to cooperate on. Various coreboot developers and even Google were refused. Yet somehow this nitwit thinks a reply from what was probably a nobody at the Intel summit qualifies as as "cooperation". There are real people working on such a project, but it ain't him. He's just taking the suckers too stupid to look into it or realize they're being scammed.
I will fess to being ignorant and ask for my (and others') sake: how does one "review the software and accompanying license to ensure it meets your expectations"? Can you ELI5?
I thought this was a laundry open source initiative for the basement dwellers who have been kicked out of their mom's basement ......... cause I need someone to tech me how to do laundry now that I don't have mom to help.
Lonely Shed living Neck Beard
TANSTAAFL. In general, with MS software, you pay the license fees, but there is a far greater pool of MCSEs to choose from so admin costs are lower. In general, Linux has fewer licensing costs, but it takes more manpower to configure and secure a network of 1000 Linux servers than it does a forest of 1000 Windows boxes.
Take an admin task of blocking USB flash drives from desktops in receiving. With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more difficult and requires more third party add-ons.
Or something as basic as performance monitoring. Windows has utilities (SCOM) which make it trivial to watch server performance via WMI. Yes, you can do the same with Splunk, but that doesn't come cheap.
I would say this post is flamebait. Stallman may sound a bit agressive at times but he is certainly not a prick and does not really come off as smug, either. The discussions you are referring to are more than just `ideological': users should care and if they do not it is not from overabundance of expertise. The point of the article is not that companies do not open their source: it is certainly their prerogative not to do so but that they are lying about doing so to capitalize on the popularity of such software.
This. For almost all use cases, be it commercial or leisure, "open source" is just a pretty name for software that is free in beer.
Back in the early 90s "open systems" were the big thing. Everybody jumped on the bandwagon. For example, DEC renamed VMS to "OpenVMS" when they added some posix compliance stuff (God help anybody who had to use posix on vms).
See here:
http://en.wikipedia.org/wiki/O...
I went through many teeth-gnashing episodes at the university with people using "open systems" as their new favorite buzzword and of course treating vms as such. While I preferred vms to the mainframes of the day and it was far easier to deal with (had tcp/ip, for example) it wasn't really "open" in the way that I and many others saw as open.
See also here:
http://en.wikipedia.org/wiki/O...
This was the silly crap we were dealing with before FLOSS became popular. Of course, we have our own silly crap to deal with now but I assure you it's less mind-numbing.
Do you have ESP?
So if you purchase a product from Windows specifically for group policy it's better than linux where you might have to purchase a product specifically for group policy, despite the fact that openLDAP exists. Totally makes sense. And server monitoring..yeah no one has heard of Nagios which can monitor Windows and Linux servers. Don't get me wrong it requires more skill to have a good network, regardless of OS, but just because linux server administration proves that some people are better at computering than Windows doesn't mean it requires more people, it just means you're probably using the people who will cost less long term.
You're not wrong as a general rule, but there are plenty of organizations that do make use of the code to look at and having it be open helps even the people who just want the "free" aspect.
For instance, independent security labs can and will look at code. They then release information which aids me, as someone who may not look at the code, in making a decision on if it is safe to buy.
Open source is not about being free, it is mostly about the sharing of information with the goal of making it better and aiding everyone. Those who open source their software get the benefit of other people extending it, who then contribute back to the project in some manner. Those who use Open Source software can take advantage of the community and its work and oversight.
Being free is mostly a side effect of the fact that if you give up the source code, the software can be copied easily, and it can be made difficult to control trade secrets or algorithms, so there is little point in charging for the code itself. Opening the code removes the ability to adequately charge for the "intellectual property" but as a side effect, being "free" is a huge motivator for adoption as well, so it is usually win-win.
And although I agree that Open Source *can* mean reading a manual or Googling, that is *not* part of open source. Bear in mind, most people get support for Microsoft products in the same way... ie. Googling. You do have the option of buying certain support or developer resources from MS, but there are also service companies out there that operate services for Open Source software in the same way. Percona comes to mind for MySQL. If it is open sourced, you can have support and have it paid for. The question is whether anyone actually wants to pay for that when there is Google.
With Linux, this is a lot more difficult and requires more third party add-ons.
Only allow root to mount disks. Your users shouldn't have access to sudo, su, or the root login, anyway. Pretty simple, really; locate the mount binary for your system (/bin/mount is a good bet; if your mount binary resides elsewhere, you'll have to modify the commands below to reflect that), then do the following:
/bin/mount /bin/mount
/etc/fstab and auto-mount them on boot.
chown root:root
chmod 0750
Done. Now, only root can even execute the mount binary, so only root can mount disks, and that will include flash drives.
It does get a little more complicated if you need to be able to mount network shares, but you should be able to add those to
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Slashdot is going to hate me for this, but Jolla totally is doing this. They say "open source" all over their site, but I don't find them very open source. (I mean, comparatively speaker they are the lesser of the available evils perhaps but... even Google has somehow managed to become more technically "open source" while still being in general more evil.)
From the End-User standpoint, really the only thing that they care about is that there is a "full featured" product that is free (as in beer) and they won't have to deal with marked-up license fees.
Which isn't necessarily a given. To give a concrete example, at the 24th International Conference on Field Programmable Logic and Applications, there was an award given to Jason Anderson for his 'contributions to open source high-level synthesis', in particular the LegUp project. Now, given this award and the fact that the front page of the web site starts with the phrase 'LegUp is an open source high-level synthesis tool', you might be forgiven for thinking that LegUp is open source. If you go and read their license, you will discover that it doesn't meet the open source definition. The license contains the phrase 'Only non-commercial, not-for-profit use of this software is permitted'. Given previous legal issues surrounding the definition of 'non-commercial', this license basically means 'don't use it if you care about legal liability at all' and is worse than no-warranty proprietary freeware from a legal perspective.
I am TheRaven on Soylent News
Is the code sound? Does the program work? Just because you don't like the programmer it shouldn't disqualify his code. Before calling someone scuzzy perhaps some alone time in the mirror is in order.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
I've seen a few "open source" projects where the open code is out of date and nothing like what is shipped in the current binaries. That's a pretty scummy way to abuse the label.
I am becoming gerund, destroyer of verbs.
it takes more manpower to configure and secure a network of 1000 Linux servers than it does a forest of 1000 Windows boxes.
No, it doesn't. I've done both (~820 Windows, ~900 Linux), and the Windows takes more administrator time. But then, the Linux servers were all Red Hat, so the "fees" really weren't any cheaper, but the vendor support was a hell of a lot better.
Take an admin task of blocking USB flash drives from desktops in receiving. With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more difficult and requires more third party add-ons.
I think you're mixing things, here. At first you were comparing server OS's, but now it sounds like you're comparing deploying Windows desktops to deploying Linux servers. Yea, guess what? Managing a monolithic single-OS environment is easier than a mixed environment. If you're deploying Linux workstations you can do the same thing with the right tools. And don't get me started on all the issues you're going to encounter using GPOs in a complex environment. It works better these days, as long as your desktops are all "Enterprise" editions and you don't have any XP or 2003 servers sitting around (then it won't eve work at all).
Or something as basic as performance monitoring. Windows has utilities (SCOM) which make it trivial to watch server performance via WMI. Yes, you can do the same with Splunk, but that doesn't come cheap.
Wow talk about admin resources - have you ever set up a functional WMI infrastructure in a secure network. To say it's non-trivial is an understatement. It's easier if everything is the same version, from a well-tested image, but there are all kinds of snafus that mean your connections don't always work or some functionality goes wrong. SCOM, frankly, is a house of cards.
Actually, I'm impressed with some of the functionality available using PowerShell and remoting in Server 2012 R2, especially being able to roll out a lot of headless stuff. But the learning curve for that, and getting the tools in place for what you want to do, is a major undertaking. Maybe after a few years with it I'd be able to do the same things I do with bash scripts now, but it seems a lot more verbose to me.
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Disagree.
One such "Open Source" endeavor was in the 3D printing world, Makerbot. It's hardware was open source until it wasn't, and it pissed a lot of people off.
Open source is probably getting more popular in companies that have a stake keeping their information private since the whole NSA thing too.
Yeesh, anybody who can physically access the machine probably should be a sudoer on it, anybody who can get to the side door of a computer has ultimate root: he can plug in a different boor partition.
I mean, use chmod, but don't fool yourself into believing you don't also need to use glue and a padlock and a tamper seal.
Don't blame me, I voted for Baltar.
Even ignoring how misused troll can be (from legit flamebaiters to 'they have a differing opinion' to 'I can't refute their arguments'), it's still denying a package for reasons beyond the package.
The post I was responding to claimed that this was easier to do in Windows than Linux, a claim which I countered. Are you, now, claiming that you don't need the same physical security on a Windows machine, or are you just being a pedantic dick?
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Openwashing? Is that actually a term now?
Not yet, but if it ever catches on, we can look forward to Richard Stallman trying to rebrand it as "freewashing". And please don't confuse "open" as in laundromat with "free" as Mom's laundry room.
(Note to moderators: it's just a joke.)
TANSTAAFL. In general, with MS software, you pay the license fees, but there is a far greater pool of MCSEs to choose from so admin costs are lower. In general, Linux has fewer licensing costs, but it takes more manpower to configure and secure a network of 1000 Linux servers than it does a forest of 1000 Windows boxes.
Take an admin task of blocking USB flash drives from desktops in receiving. With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more difficult and requires more third party add-ons.
Or something as basic as performance monitoring. Windows has utilities (SCOM) which make it trivial to watch server performance via WMI. Yes, you can do the same with Splunk, but that doesn't come cheap.
Wait.. so SCOM is free? And I didn't realize that SCOM lets you regex search your application logs or add monitoring to them?
where do I sign up.. ?
Open source is not about being free, it is mostly about the sharing of information with the goal of making it better and aiding everyone. Those who open source their software get the benefit of other people extending it, who then contribute back to the project in some manner. Those who use Open Source software can take advantage of the community and its work and oversight.
Its not that simple. Your definition matches various commercial closed source libraries where you have the option to buy a binary license or a source license.
Also you left out what is perhaps the greatest draw of open source or closed source licensing. Your project is not at the mercy of someone else. You have the convenience of using an existing library but if the vendor fails you have the source and can fix things yourself as a last resort. Not that having a community find/fix bugs isn't nice, its just secondary to controlling your own destiny. And to be clear the community finding/fixing bugs can apply to the closed source license.
Opening the code removes the ability to adequately charge for the "intellectual property" ...
Perhaps applying an open source license to your code does so but merely making source code available to users does not. Again, source license referred to above.
You guessed it: Gluten free.
I believe you mean freebasing.
Sleep your way to a whiter smile...date a dentist!
It seems there's a lot of confusion over the term "open source". All it means is that the end-user gets to review the source code. It doesn't mean that the source code gets to be re-used in someone else's project under the GPL: the original developer(s) still hold the copyrights subject to whatever licenses apply.
What we seem to have hear is a bunch of bloggers speaking to a certain audience who wish to redefine "open source" to mean "everybody gets all rights for free". Their invention of the pejorative "openwashing" against the true meaning of "open source" shows their motives are merely for attention-grabbing.
What I don't understand is why would someone want to use a log consolidator to do performance monitoring unless that is the only tool they own/know. Just use a real monitoring tool instead, you know something like Nagios or Zabbix. It is the old problem when the only tool you have is a hammer everything looks like a nail.
Time to offend someone
it takes more manpower to configure and secure a network of 1000 Linux servers than it does a forest of 1000 Windows boxes.
No, it doesn't. I've done both (~820 Windows, ~900 Linux), and the Windows takes more administrator time.
Oh BULL crap. I could manage most things on either side in Puppet in roughly equal time, and I DO. Windows can go much further with its built-in configuration management facilities than Linux can (management, whats that?)
Mostly any difference in time and effort comes down to the software you are running on these systems. There are software people mostly run on one or the other, and faithfully providing the same functionality on another system is not as easy as it sounds. For example if FS permissions on Windows take so much more time than Unix permissions, try running a corporate file server on Linux. Apache and IIS excel in different areas, and AD vs. 389 Directory Server is just a painful comparison.
This is code by someone who routinely trolls Debian. I doubt we want
any more poisonous upstreams in Debian, so I at least would prefer this
never get packaged.
He's a troll. Trolls try to provoke emotional responses in their targets by claiming it's because of his "anti-feminist remarks" rather than offering up at least some proof is trolling.
Also, I did not call him scuzzy - I called his actions in trying to hide behind gamergate scuzzy. There's a difference, you know. Here, let me refresh your memory:
Trying to hide behind the "cause celebre du jour" is pretty scuzzy.
Also, you might recall how quickly every distro switched from ReiserFS when Hans Reiser admitted to murdering his wife. Sometimes the quality of the code isn't the only consideration.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The first thing I thought of when I saw this article was pfsense. It is a very powerful "open source" firewall distro based on FreeBSD. Some time earlier this year someone made a fake pfsense release and the company running it freaked out, deleted all publicly available source (even though it's mostly just very hacked scripts for building freebsd) and then made a way for you to get access back through a portal with their outrageous TOS. Thing is, even once you get the source none of the scripts work because you don't have access to their closed servers. There is a mirror, which you can 'sed' into their scripts if you know what you're doing.
pfsense does not natively possess the tools to compile itself, requiring that you set up the freebsd system to make a new kernel. If you happen to not have hardware support, it's not likely that you'll be able to make your own kernel.
Also, how's your ReiserFS doing? Would you trust updates from Hans Reiser? He's been ordered to pay $60 million dollars in compensation for murdering his wife - what better way to raise funds than to hold peoples data hostage?
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Washing? RMS? His cat washes his beard when he sprinkles catnip in it.
Where can I acquire one of these "time blankets" of which you speak?
Once I have one, I will do my own fact checking as to the truth of any statements made about the product...
You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
He has a cat? Now you've got me wondering if he eats his cat's toejam...
I absolutely agree with your statement here:
Open source is not about being free, it is mostly about the sharing of information with the goal of making it better and aiding everyone.
I think the phrase "open source" has gotten overly politicized over the years and for many people is approaching the level of an "-ism." I think the shift to calling it "community driven" software (or the like) better represents the meaning and intent of most projects. Things start to go awry when the that goal gets pushed to the side in the favor of some "agenda" that has little to do with the purpose of the project itself (examples like monkeying around with license agreements come to mind) or when egos and "religious zealotry" get in the way of community communication.
Truth is FOSS apps work better. Truth hurts the 5-year-old mentality of "DERP OPAN SOORES", who generally lost out and no one gives a fuck about them, any more than anyone in FOSS gives a fuck about some loudmouth with an anger fork.
Is "open washing" supposed to be a new model for the laundromat industry?
Can I take my clothes to this new "open washing" laundromat and just pour everything into a big washing machine for free?
As an end-user, open-source is important because the product won't be a total loss when they stop supporting it. Take my old android phone - upgraded several times after HTC discontinued it. Because android is open source - so others kept publishing new versions after HTC stopped. You can't have that with an iphone.
Similiar for routers, printers and lots of other stuff that has an internal OS.
You're arguing when you don't understand the basic proposition. First off, he's not "purchasing a product from Windows specifically for group policy"---that is part of the OS. Second, his primary point seems to be total cost of ownership rather whether or not certain functionality is available.
He's saying those things are more expensive to implement on Linux---either you have to buy them or pay more in labor to get them. He's not wrong.
From your own examples, OpenLDAP takes considerably more time and effort to setup.
MS Active Directory is one command, five minutes of installation, and a reboot. The defaults work---as in, nothing else to configure manually---it even opens the necessary ports in the Windows firewall. It includes the group policy functionality he indicated, and it works out of the box with every version of Windows anyone has any business running anymore. Yes, the OS license costs money, but intelligent deployment really makes this a minor per-server expense (i.e., buying Datacenter licensing with decent virtualization density).
Nagios and SCOM both cost money---it's either licensing fees for the packaged version of Nagios or labor for the source/DIY version. Puppet costs money to do for Linux what Group Policy does for Windows. The labor to sustain the Linux solutions will probably cost more even if it is as simple as SCOM/GP because MS has a huge pool of labor to support their product. I can probably find dozens of competent AD admins within a reasonable commute distance---the number of competent OpenLDAP, Nagios, and/or Puppet admins is going to be significantly lower.
Microsoft is actually very good at catering to small businesses and enterprises---this is where known costs, straightforward deployment, quick and effective configuration management, and simple sustainment are important.
---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
Doing this on 2-3 workstations will take longer than creating and linking a GPO, nevermind a change that needs to go network-wide. Granted, the GPO may take an hour or two to propagate and you could finish quite a few machines by hand in that time, but the actual admin time required to implement it is much lower.
Windows wins for enterprise. Yes, Linux is technically better at the things its developers focus on---no question there. But kernel development hasn't provided the same level of enterprise management tools that Microsoft does, nor does any free distro. Puppet and RedHat Satellite are good, but they are also paid-for extras.
---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more difficult and requires more third party add-ons.
yeah, thats easier than writing a udev rule, or chmoding /bin/mount 0700, right?
its actually fairly easy to block USB flash drives in linux, and there are lots of really good ways of doing this, probably easier than windows, and the USB subsystem generally doesn't suck. Linux also doesn't automaticly mount far less run anything on a flash drive by default, which makes it a far lower security risk in default setups.
as far "forrests of 1000 boxes", there are endless options from auto-run scripts with ssh + RSA keys, to scp, but most large shops will use Blade Logic anyway, on any platform. You can also use OpenLDAP, kerberbos, or half a dozen other setups.
Linux is also extremely flexible too, and scales far better than windows. If you run a really large shop, where its "forrests" of boxes, windows scales fucking terribly.
But yeah, in linux, the money is going to quality sys admins, rather than Steve Balmers pockets. I think thats something most of us can get behind. For the sketpical CEO, I'll throw in your Linux/UNIX neckbeards are far brighter and better at what we do than some certificate chaser with an MCSE. Thats always been the case. The MCSE skill level is something you'd see slightly less than plumbers and electricians, compared to a linux sysad who is most likely at least a small time programmer in shell scripting, mabey python, and might . An MCSE won't fetch nearly the price of a Linux sysad, but you get what you pay for.
That said, if you look at the top100 websites, they all run linux with a handful of FreeBSD machines. There is a reason for that. The reason is windows is not for proffesional outfits. Running windows makes your organization look like chumps. Windows looks good on paper, because there is no shortage of money they have in advertising, and PR, and spamming internet forums with debates. People who work with technology know its crap.
An open source license always guarantees the freedoms to use, study, improve and share the code, including for commercial purposes. All actual open source software is free software and all actual free software (not just gratis) is open source. The Free Software Foundation leads with ethics, the Open Ssource Iinitiative leads with pragmatics, but both have the same principles.
Here is the actual Open Source Definition: http://opensource.org/osd-annotated This is used by the OSI to certify and approve open source licenses - there is no other definitiona dn no other organization recognized with this authority. Indeed, "everybody gets all rights for free."
n/t
That said, if you look at the top100 websites, they all run linux with a handful of FreeBSD machines. There is a reason for that. The reason is windows is not for proffesional outfits.
because running Linux is more suited to servers, not end user workstations, each has its place.
Running windows makes your organization look like chumps.
no it makes them productive, what people want to do is run their applications to get stuff done and in the vast majority of cases linux fails to do that. This the problem with the diehard linux fanboys, they can't see beyond the technical merit of a narrow set of use cases in the server room.
People who work with technology know its crap.
that depends on your point of view, for almost all end user cases linux is utter crap. how are you going to do product design and engineering on linux? or professional audio and video production? architectural design and visualization? what about manufacturing process simulation? no, where content creation is concerned linux fails almost completely across the board.
but for servers it is fantastic as it is lightweight and mostly patchable without a required restart.
ReiserFS was a fascinating project. It was as skilled as Hans, himself, at flushing content, pretending it was somebody else's fault, but eventually being proven as the culprit.
Also, you might recall how quickly every distro switched from ReiserFS when Hans Reiser admitted to murdering his wife. Sometimes the quality of the code isn't the only consideration.
They switched from RFS because they knew Hans Reiser would have trouble maintaining the code...
And someone who is known to have an axe to grind against debian cannot be trusted not to stick malicious code in an update to a program debian accepts. In both cases, but for different reasons, maintenance is a problem.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Community-driven is more of a development approach, and does not imply an ability of the community to take code, change it, repurpose it, and sell it. It doesn't imply that the project can be forked, since it can be done with a proprietary/non-OSI-open-source license. In esr's "Cathedral and the Bazaar", community-driven would be "Bazaar", and as he points out there are Free/OS-Open-Source projects that do take the cathedral approach.
The concepts aren't quite orthogonal, but they aren't anywhere near identical.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
That's why you look for some indication that the license is what OSI considers open source. They couldn't trademark or otherwise protect "open source", so anybody can claim it and put whatever restrictions they like on their software.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes