On Being Pro-GPL

just_another_sean writes: Christopher Allan Webber, recently returned from OSCON, shares his thoughts on the GPL and why he dislikes people pitting one type of software license against another. He says, "I am not only pro-copyleft, I am also pro-permissive licensing. The difference between these is tactics: the first tactic is towards guaranteeing user freedom, the second tactic is toward pushing adoption. I am generally pro-freedom, but sometimes pushing adoption is important, especially if you're pushing standards and the like. But let's step back for a moment. One thing that's true is that over the last many years we've seen an explosion of free and open source software... at the same time that computers have become more locked down than ever before! How can this be?

And notice... the rise of the arguments for permissive/lax licensing have grown simultaneously with this trend. ...The fastest way to develop software which locks down users for maximum monetary extraction is to use free software as a base. And this is where the anti-copyleft argument comes in, because copyleft may effectively force an entity to give back at this stage... and they might not want to. ... Copyleft's strings say, 'you can use my stuff, as long as you give back what you make from it.' But the proprietary differentiation strategy's strings say, 'I will use your stuff, and then add terms which forbid you to ever share or modify the things I build on top of it.' Don't be fooled: both attach strings. But which strings are worse?"

Re:wrong wrong wrong about copyleft

[ysth]

Right, you have to pass along the same freedoms you got. But only if you modify and distribute, and only to those to whom you distribute.

GPL is a valid option, but overrated

The GPL is fine if it accomplishes what you want in a license, but really,
there isn't anything particularly good about the GPL. It isn't bad (usually),
it just isn't that great. And it's definitely overrated.

It doesn't prevent proprietary forks.

It violates KISS, a cherished engineering principle. Licensing is complicated
and technical (from a legal standpoint), but at least licenses like the BSD and
MIT can be read and understood quickly by laypersons.

The GPL is wrought with complicated incompatibilities with other reasonable
open source licenses and with other versions of itself. In this case, the GPL
really is kind of bad.

It tries to solve a problem that doesn't really exist; many companies actively
contribute to non-copyleft projects without needing a mandate from RMS.

It doesn't even support the ideals of the Four Freedoms any better than other
licenses. A company that owns the copyright of a GPL project can make it
closed-source just as easily as if it had any other license, and a non-GPL
project can be forked just as easily as a GPL project if that happens.

The GPL often gets credit for the success of a few great open source projects,
especially the Linux kernel. However, the role of the GPL in those projects'
success is far from clear, and it certainly discounts those projects; the
kernel really is a quality project regardless of licensing terms. It could
also be said that those projects were successful despite the GPL. It
would be difficult to prove either way.

I'm glad for RMS. He has done a lot of good with GNU software, especially
GCC. The GPL just really isn't one of his better accomplishments.

Few people understand the economics

[Bruce+Perens]

Gift-style licensing like BSD licensing is for when you want everyone to use your code so badly that you don't care what they do with it. If you have an economic reason for that, fine. But it can create harm if you don't have your economics straight. Heartbleed was an economic failure of gift-style licensing. Very wealthy companies used OpenSSL and didn't contribute to its maintenance. There was some astronomical amount of economic damage in result. I think we all would have been better off had OpenSSL been dual-licensed and paid for by some folks, even if it had fewer users that way. And maybe that way its original developers would not have had to go to work for RSA, who prohibited them from ever touching their old code again. That's why we still have Eric Young's old, old license with the attribution clause nobody else uses any longer. He can't touch it.

GPL IMO does work best with dual licensing, because people who just hate the GPL can get what they want, and pay for making more Free Software. But if you don't care about money and don't want to use dual licensing, the growth effect you get from GPL is a lot better than making yourself some very rich company's unpaid employee by giving them all possible rights except for a very limited attribution.

Some people should pay. Some should get stuff for free. They aren't in general the same people, and they self-classify.

Lawsuits and licenses are not the problem

[Bruce+Perens]

I help GPL violators clean up their act, it's my main business.

Every one has had a total lack of due diligence. I will come in and find that they have violated the licenses of 21 proprietary software companies (this is a real customer example) by integrating their code into their main product, just like the GPL code. Some of them only had an "evaluation" license, some not even that, some wildly violated the terms of any license they got.

Most of them are in silicon valley. They seem to have the attitude that they will clean up their legal problems when they're rich, and nothing but getting their product out of the door matters until then.

They don't ask me to feel sorry for them. I bill them a lot, and in the end, they're clean and legal.

Re:Lawsuits and licenses are not the problem

Perens, there are those who know better but pretend to not understand. This is one case.

Did you know blue iris uses the same GPL software source as FFMpeg? It does. Here's the smoking gun, specifically about blue iris but can be applied to many apps. I think you can follow this without further explanation, though (name) (blue iris reseller of sorts, you probably know of him) refused to believe it. You?

- - - -

The simplest way to discover hidden GPL use in programs is to use strings.exe, found at sysinternals ( link to strings.exe package at TechNet Microsoft.com). But since the idea is to hide the use, the program is more often than not encrypted or compressed. To compress programs, one common method is to use UPX ( http://upx.sourceforge.net/ ), found at upx.sourceforce.net. Fortunately, UPX can also decompress what it has compressed. Again, since the idea is to hide what can be discovered by looking at strings (strings are text), the "UPX" markers are often removed, even though doing so is against the UPX license.

Find the EXEs or DLLs you want to investigate. This example uses the 32-bit version of BlueIris.exe, from one of its many 4.0.9.x releases.

2015.06.23 22:54

• sounds
  2015.06.23 22:54
  • www
    2008.01.26 12:07 135,168 HHNetClient.dll
    2013.10.05 02:38 4,449,952 mfc120u.dll
    2013.10.05 02:38 970,912 msvcr120.dll
    2013.12.04 10:33 506,368 EASendMailObj.dll
    2014.04.28 16:32 220,016 ftd2xx.dll
    2014.05.21 15:25 143,720 SeaMAX.dll
    2014.09.03 14:16 59,776 BlueIrisService.exe
    2014.10.31 21:17 608,640 BlueIrisApplePush.exe
    2014.12.16 16:36 230,400 libfaad.dll
    2014.12.22 13:01 1,410 ReadMe.txt
    2015.04.12 21:02 490,336 BlueIrisAdmin.exe
    2015.06.21 02:40 4,032,566 BlueIris.chm
    2015.06.23 14:36 7,768,416 BlueIris.exe
    13 File(s) 19,617,680 bytes

    The main program is BlueIris.exe, sized at 7,768,416 bytes. However, this is the UPX-compressed size. How can you tell it's been compressed by UPX? Use a binary editor to look at the first KB of the file:

    (dump of first KB of blueiris.exe, showing UPX markers)

    If you don't see UPX that does not mean it was not UPX compressed since it's simple to overwrite the UPX characters with spaces. Often, UPX can still detect that it is a UPX-compressed binary so go ahead and try even if you don't see these markers.

    First thing, decompress the program using UPX with its -d option switch:

    C:\wk>upx.exe -d BlueIris.exe

    Ultimate Packer for eXecutables
    Copyright (C) 1996 - 2013
    UPX 3.91w Markus Oberhumer, Laszlo Molnar & John Reiser Sep 30th 2013

    File size Ratio Format Name
    22579040 strings.exe BlueIris.exe | findstr /i

    to see this: (most of the text generated was removed below - in total about 24 lines, though some line

Re:Nails are death knell 2015

[hairyfeet]

And yet Windows 10 on release day will have more users than Linux has gotten in 22 fricking years LOL.

BTW you are simply trading one master for another, as Google is in the process of pulling a EEE on Android, they have also cut off the funding they were giving to AOSP and if you bother to look online their OEM contracts make MSFT contracts of the 90s look like the GPL. And funny that so many talk about how "open" Google is yet I can take any bog standard Windows laptop right off the shelf at Walmart and be dual booting anything from BSD to Haiku in under 10 minutesyet on the exact same hardware thanks to Google DRM a ChromeOS "laptop" can ONLY boot a handful of Linux distros that have been specially modified to run on ChromeOS hardware (even though its made from standard laptop parts) and even then ONLY if you put in a page and a half of CLI bullshit AND completely wipe ChromeOS, no dual booting allowed...yet MSFT is supposed to be the "DRM happy" company and Google "open"...DaFuq?

I've said it before and I'll say it again, Google should give the guy that wrote "don't be evil" a fucking BMWer as so many otherwise logical geeks have bought that bullshit hook, line, and sinker, that it makes Apple's hipster marketing look as amateur as New Coke. "Think Different" ain't got shit on them, no siree bob!

Summary

[jbolden]

The summary is completely confusing and decontextualized.

A few days ago at OSCON Shane Curcuru of Apache Foundation gave a talk: Why I don’t use the GPL which gave the standard BSD defense: I won’t use the GPL for new software, and you maybe shouldn’t either. “Heretic”, comes the cry from the back of the room! But no – I bleed and believe in open source and the public good as much as you do. The difference is, I want to share my code with everyone not just the believers.

Christopher Allan Webber is the creator of MediaGoblin. MediaGoblin is a free software media publishing platform that anyone can run. You can think of it as a decentralized alternative to Flickr, YouTube, SoundCloud, etc. http://mediagoblin.org/

He wrote an article in response to Corcuru's talk where he addressed the big failure of the BSD argument its now over 30 year track record including recently of creating platforms that are unfree using BSD software as a base. He also argued against pitting licenses against one another which is odd since he's defending a license. Webber's position is the standard GPL defense. Here is a longer article not specific to Curcuru. http://dustycloud.org/blog/fie...

Anyway the standard time tested argument but the summary was terribly unclear about who was talking to whom.