27 comments

[ 0.24 ms ] story [ 55.5 ms ] thread
Article is good on clarity, but a little light on solutions for the "service-wrapping" problem. Maybe that was outside of the article's scope. But it does seem like a problem we have yet to solve. Many have tried, but the ones that attempt to switch their license to stop Amazon from eating their lunch then see their popularity plummet and the major distros kick the software out of their repos.

It's a big gamble, and I imagine most product developers don't wish to alienate the FOSS community unless they feel their survival is at stake, so perhaps this is where the FOSS community needs to step in and provide better guidance.

Unfortunately the problem is simple:

- It's only considered an open source license by the wider FOSS community if it's approved by the OSI.

- The OSI doesn't feel it's their job to enable open source companies to survive, and has refused to vet any licenses that prevent service-wrapping. (SSPL is a solid option, or something like it, it's basically an aggressive copyleft.)

As such, as long as the OSI is viewed as the definitive word on what is and isn't open source, and the OSI refuses to act, the problem will remain. I am confused at the OSI's behavior here, as it leads to only two outcomes: Open source dies as a viable business leading to nobody caring about the OSI, or people move on from entrusting the OSI to rule on open source.

They literally have an extinction-level event on their hands and have decided it just isn't a big deal to them.

Problem is imho easy to solve...do not use a FOSS approved license if you do not like freedom. Use a commercial license and dump the source. By the way agpl and gpl is a good way to make sure everyone has the same freedom rights.....
The Affero GPL is a FLOSS, OSI-certified license that by-and-large solves the "software as a service" problem, by making sure that if SaaS providers publically perform a version of the software over a computer network, they also have to make that version available under the license. This is quite consistent with the general norms of FLOSS development and does not actively introduce discrimination over private use of the software, as other licenses do.
>Changing one’s license is in general not a great idea. When somebody uses your software, they need to be able to trust they can use it in the future under the same terms.

IANAL, but I think this is wrong. Unless the license stipulates that the terms can be changed by the licensor, then the licensee only has to abide by the terms from when they agreed. The GPL goes out of its way to make it possible to use licenses from before what's currently available:

>If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.

You can keep using old versions under the original terms, but you'd have to ignore newer versions of the software, or use a fork.
I've always felt like there's something fundamentally flawed with open source licenses. It seems that they are all promoting the openness of a fragment of code but at the same time twisting your hands ever so slightly when you start using them. All while different licenses are engaged in a fight as to which is more open. For many years I thought that MIT is the most open one. That is until recently when I saw wtfpl [1] and truthfully I fell in love with it. At some point I'll update everything I've ever open sourced to that and I intend to use it for all the other projects I plan on open sourcing, though I am a bit short on motivation to get to that lately(for personal reasons, not because of lack of interest or burnout or anything).

[1] http://www.wtfpl.net/

WTFPL is amusing, but it is flawed as a license. It doesn't have the legal language required to safely grant rights.

https://opensource.google/docs/thirdparty/licenses/#wtfpl-no...

Unlicense[1] and CC0[2] have better legal wording.

[1] https://unlicense.org/

[2] https://creativecommons.org/publicdomain/zero/1.0/

The GPL is good at promoting open source software. The WTFPL is very open, but it's not good at promoting open source. Because anyone can take your software and sell it without providing the source code. Very open for the immediate licensee, but not at all for anyone further down the line.
You might like the 0BSD: https://opensource.org/licenses/0BSD

Unfortunately, people can take your code and make small changes to produce a derivative, which gives them copyright privileges over the derivative. I don't want people using my work to sue others, so these ultra-permissive licenses are a no-go for me.

I'm currently using the AGPL-3.0, but I think I'd be happier with something that ensured that my work remained liberated from copyright rather than forcing people to contribute their patches.

The problem with the WFPL is that it may not be legal in many jurisdictions. I would encourage you to dual license with the WTFPL and a more legally vetted license, such as MIT, to allow your software to be used in a wider variety of jurisdictions.

And thank you for writing open source software!

Edit: The CC0 may be a more legally valid license that accomplishes the same thing.

I've always been a fan of the sqlite licence: https://sqlite.org/copyright.html

Basically sqlite is public domain if your country recognizes that kind of thing. If it doesn't, then sqlite doesn't care and will never pursue you. However, if /you/ care, sqlite will sell you licence. This licence costs $6000, looks very official and shiny and whatnot, covers all your bases as if public domain did exist in your country, and sqlite uses the money to continue funding development.

I'd be inclined to do something very similar with an additional clause stating that if dedicating to the public domain doesn't free me from liability, then see $6000 licence. (I thought sqlite had this, but either they've removed it or I misremember).

Perhaps. The theory is that if someone is to be fully comply to a licence, that means they have to walk the extra mile, like mention it, link it and all that jazz. Which is something I genuinely don't want anyone to go through. Basically "take it, use it, change it, publish it as yours, sell it, whatever you want, by all means, go for it". Which is what the wtfpl is in theory and why I find it so compelling.
Never understood the obsession of OSI and their insisting to not give any protection for the authors. Authors whether individuals or companies should have the right to prevent their work from being rebranded or sold by others with minor or even major modification.

How many times did it happen that somebody or organization wrote a complex piece of software and published it and found that some companies just rebranded it and even sold their work with little to none added value while the original authors don't even have the right to complain because this is how open source works.

Something like BSL https://mariadb.com/bsl-faq-mariadb/ needs to get more reputation among solo developers and small companies with little to no funding that believe in the power of open source while believing also in having the right of earning a living from their own work.

> should have the right to prevent their work from being rebranded or sold by others

Nope, the right to fork, and to rebrand concurrently with a fork, is critical to FLOSS development. Even MariaDB itself is a fork.

I am not against forking or introducing modifications, etc.... You can fork it, change it for your use case as you wish, but just don't bundle my work, rebrand it and sell it as if it were yours. I meant my work to be free and I want the legal protection to keep my work free.
That would be the NC clause of the Creative Commons licenses. This is not free / open source software anymore though because you remove the right of redistributing the work or the derivative for a fee, which is arguably desirable for free software to foster. With such a license, you might prevent business models like the one of Red Hat, which also produce a great quantity of free software. So while they make money with your work, you can benefit from this with the availability of free software they built with this money.

If you pick a copyleft license like the (A)GPL, it's right that you allow people to sell your software, but their customers will be able to require the source code under this license and will be able make it available to the world.

Now there are loopholes like the one the company behind the GRSecurity project exploits.

If anything here is not desirable, you'll probably want to use a more restrictive license than a FLOSS one, but be careful with all the possible side effect (people not wanting to use or contribute to a non-free software, licence incompatibility with libraries and the rest of the ecosystem, etc.

> Yet, according to Stallman’s definition [of opensource], software needs to be free: [Free as a bird, Free as a beer]

This is totally wrong. Stallman focus on freedom to use the software, he never stated that the software need to be free of charge. Yet, Stallman hates the word opensource because is it to vague and it does not guarantee the freedom to the user. Stallman use the term free software and or libre software, and mean free as in free speech only not free beer. While Free software and opensource software's definition may overlap a bit, it is not the same, for example, some opensource license does not allow making a modified version and using it privately. Free software focus mainly on users' essential freedoms, while the opensource initiative focus on practical benefits only.

Here is a good read about opensource vs freesoftware: https://www.gnu.org/philosophy/open-source-misses-the-point....

Richard Stallman deploys a lot of effort trying to raise awareness about the importance of free software please STOP miscoting him.

(comment deleted)
The whole OSS licensing field is a true minefield. IMHO, the Creative Commons folks (CC) have done a much better job at creating a series of clearly defined licenses. With CC, you can quickly determine the freedoms and responsibilities conferred by each license.

Meanwhile, in OSS, you have to research the fine distinctions between BSD-2 clause, BSD 3-clause, MIT, etc. Or Apache vs. Eclipse, etc. Even fundamental distinctions such as between OSS and Free Software (GNU-style) are regularly misunderstood, as in this article.

I'd like to see the OSI convene the organizations that have issued the various licenses and get them to agree on a new OSS licensing scheme modeled after the system used by the Creative Commons.

I think everyone would benefit from that level of clarity.

> I'd like to see the OSI convene the organizations that have issued the various licenses and get them to agree on a new OSS licensing scheme modeled after the system used by the Creative Commons.

this is standards proliferate https://xkcd.com/927/

No, licenses are not standards that require code changes to be adopted. The OSS community has a long history of moving off old licenses to new versions and the OSI lists many retired licenses due to this. (When Apache replaced their 1.1 license with the current 2.0 license, there was no complaint about proliferation. Rather, the community adopted the new license and today 1.1 is entirely dead.)
License versions are a different thing. Changing to a completely different one in practice is a huge undertaking since every past contributor needs to agree to it
This article was a light read. Well written and clearly stated, but rather short on new ideas. In particular, it would be interesting to know how good the source available licenses - e.g. Redis' RSAL license - are at addressing the cloud-provider issue. Of course, it's not technically open source, but does it work?