> Maybe blindly adopting permissive open source licenses to invite more corporate ownership isn't the right answer.
What's the question exactly? Sustainable FOSS development?
Earning nothing while working on a FOSS project that has no way to ever make a developer salary because it can't be used by the people with the money, due to the copyleft license does not seem to be the "right answer" either.
It seems like in some sense, there's no right answer.
The hard thing here is truly free / open source software relies on generosity. And the more generosity, the more sustainable it is (on behalf of the developer(s), the corporations using it, etc.).
Generosity is not a winning strategy in corporate board rooms, though.
Sometimes generosity isn't needed. If a project (including the language it's written in) is simple* enough, casual users can add features they want for themselves.
But for complex projects those barriers will probably always be quite high.
* "Simple" is a slippery concept. I find hacking Haskell easier than hacking Python, because the type signatures and other features make it much easier to see what's going on with a minimum of investigative work. But difficulty is a big part of Haskell's reputation, and ease a big part of Python's.
> The hard thing here is truly free / open source software relies on generosity.
(I make a living working on an open source project.) I don't agree. The view of the value of software is just different. The software itself is valueless. This is true of all software: bits are free to copy. What is valuable is the work put into making it. In other words, you get paid for making something, not for having made something. If a company wants some feature implemented in some piece of OSS, they can go find a dev to pay to do it, and contribute it back to the world. There's no generosity there, it's just an accurate reflection of where value is actually generated in the software world, instead of the broken view that proprietary software tries to force.
Where it starts to get tricky is kind of a tragedy of the commons situation: if you wait long enough, then maybe someone else will pay to implement the feature, but if everyone does this, then the feature will never exist.
I'd argue short term there is no good answer. Long term I think the story changes quickly. I still can't shake the idea that we as a human race are going to have to adopt a universal basic income of some sort. As we automate more and more things we're eventually going to get to the point that there are not enough jobs for humans to do unless we intentionally stop automating some industries.
Assuming we can find a way to get to a UBI, programming becomes just another art. If you already have your basic needs met (housing/food/education/transportation) and have the choice to either pursue an art, or pursue a career making more money, people will have options. I have no doubt there are a lot of people that will value the freedom to decide what they want to do every day of their life over making more money in the rat race, and some of them will spend that time programming/donating their time to FOSS projects.
Between now and then, your guess is as good as mine.
I’m not sure permitting enterprises to pick and choose which developers on an open source project get paid (as by hiring them or funding a salaried foundation staff) is a good answer to this problem.
In fact I’m pretty sure it has contributed to the rise of the celebrity/“influencer” dev who uses open source as a vehicle for self promotion rather than a means to improve software.
I don't see anything bad with the "celebrity" devs using open-source for their own "selfish" purposes. For the most part they do improve software, and help coding get more popular. Their work can help those devs go independent in some shape or form (or the least, it helps them get their next job more easily or put them in a stronger negotiating position).
The fact that they do a far bit of self-promotion should not be hold against them, in the end we are all working to achieve something in life, and for some, a necessary ingredient is some self-promotion through open-source.
I’m gonna say something controversial: the vast, vast majority of open source software is garbage. Partly that is due to the rise of developers just writing slop to promote themselves with. The existence of “Celebrity” devs isn’t necessarily a problem, but the culture that has evolved over the last few years seems more focused on the celebrity part than the dev part.
Open source governance seems to be a key question here; in other words, how does a corporation communicate with their community of customers and users, and how are decisions about the software made as a result of those discussions?
@EdwinLarkin: "The only reason corporate embraced open source is that it saw it as a way to drive the small and medium sized businesses out of the market. Why pay for an editor when the good guy Microsoft gives it to you for free? People have been delusional about FOSS for way too long."
This isn't what happened at all. No one went "Mwah-ha-ha-ha let's put it to the small businesses." What happened is free and pretty good beat more expensive. Microsoft has lost a huge amount of server license revenue to open source.
The open source I've written - be it a program or a patch was always open sourced because I wanted to make my program available to others because I thought it might be useful.
I think one conclusion is that venture capital backed open source companies are a oxymoron.
Open source will never be able to give the huge returns that VC firms expect.
However, open source can provide the basis for what is often derided as a “lifestyle business” that provides a sometimes very good income to a small group of people that are passionate about a project. SQLite comes to mind as an example.
Elastic is definitely bringing enough revenue for the “lifestyle” business without changing their license, however it is not enough for VC.
Red Hat got VC money and went public working on open source software. Perhaps the exception that proves the rule of the difficulty, but not an oxymoron.
The trend where there's a split offering of a community open source product coupled with non-open source premium offerings is sometimes a crack as well. Especially when relatively essential features aren't in the community editions.
I see FOSS as more of a marketing tool for profit-motivated entities / founders. It's the modern, marketing equivalent of a limited, free trial for software. But, ultimately, if your company is owned by shareholders, their motives are your motivations. When the money matters more, this is what you get.
FOSS is all about idealism. It's hard to retain your idealism when someone is waiving $1+ billion dollars in your face with one hand and holding a loaded gun to your head with the other.
I think the problem boils down to 'product' vs 'project.' Elastic search is very much a product, it's owned by a company, not a foundation.
FOSS developers should contribute to projects and not products. Non-copyleft licenses seem to just be code for corporations to build upon, providing them free labor while getting little in return. At least with the GPL, you are getting a promise that they will make available their sources. Consider carefully your expectations when you license your software.
An example where a project/product hybrid somewhat works is web browsers. Generally speaking, there are several competitors trying to achieve something similar, and there are some attempts (however nebulous) to create standards bodies. The Elastic Search community could have done something similar and formed a standards body around some sort of specification.
> First, how can we make sure developers who build open source software are compensated for their work in a just way?
Honest question: isn't this a fundamental contradiction? If you are building a thing that by definition is given freely to anyone who wants to use it, how does compensation for that work become part of the formula? You can't be monetarily compensated for it, because you chose to give it away. There are other forms of compensation but that seems clearly not what we're talking about here. The author goes on to ask how you can build a business around open source? But isn't the answer that you can't? If its really open source then the software itself is not a business.
That, to me, seems consistent with the original idea of open source: that it was the cool things you could build with code, not the code itself, that had value. None of the iconic success stories in tech over the last decade have sold code, have they? They've built things on FOSS code that never existed before, and most of them have contributed a lot of FOSS code back. But they haven't sold databases, reverse proxies, and key/value stores, right? I've paid six-figure annual licenses to Oracle. Is that the world we're trying to preserve here?
I think the point is, how can we make it so the companies that build profitable products using open source code can support the developers who build those open source libraries?
There are a lot of projects (sudo being the most recent example) supported by a team of developers in the single digits (or just one) that are relied upon by projects raking in millions if not billions in annual revenue.
Finding ways to give back and keep the developers motivated is important in the long term, unless you plan on rewriting all the software you depend on.
Currently the two sustainable answers for that are:
1. Hope some company is generous in hiring said OSS developer and paying them a salary to continue working on that OSS work (ideally without too much pressure to modify it for that one company's use case).
2. Make that developer spend a lot of time doing marketing to generate donations/sponsorships to a level where the developer can pay for things like food, shelter, and insurance.
Playing devil's advocate here (because I have weakly held opinions and no good answers of my own):
> There are a lot of projects (sudo being the most recent example) supported by a team of developers in the single digits (or just one) that are relied upon by projects raking in millions if not billions in annual revenue.
But they gave it away for free. That would be the same whether there were big, small or zero companies using the software.
I think probably the problem is framed wrong:
- maybe giving software away free was a bad idea (I don't believe this; just putting it on the table for conversation)
- maybe those giving away their software free should make better calls _for themselves_ about how they spend their time
- maybe use different licensing
- stop calling it free; instead call it "free a the point of consumption" and consciously build a model to support that at the outset (this is my current personal opinion, but I grew up in the Uk when it had a functional NHS so I'm biassed)
- dig deep on what both "free as in beer" and "free as in speech" mean to you and how they relate and what you want to do about that
Open source came out of a joyous utopianism that hasn't been backed up the wider societal changes needed to sustain it. This is understandable because that work is ridiculously hard (and I'm aware some people _are_ trying to make those changes. I just day-dream about it).
Currently, most of the world works on capitalism, for better or worse. I'm not trying to defend or attack capitalism here, but when you work in a capitalist system and _all_ your other interests and life support systems use capitalism, you have to factor that into your thinking. Open source makes more sense in a post-scaricity society and we're not there yet. FOSS might even help us get there, and the problems we're seeing in the past 3-4 years might be the signs of things changing.
I know this message sounds like victim blaming, and that's a real problem in some situations, but I don't think this is the situation here. Everyone working in tech is at a higher than average level of privilege than their immediate peers; working in FOSS is a choice you make from that position of privilege.
>I think the point is, how can we make it so the companies that build profitable products using open source code can support the developers who build those open source libraries?
This. This is the conversation we need to have.
However, I doubt that a public company on the USA stock exchanges -- which by definition is concerned with a Capitalist maximization of shareholder value, can rely on donations.
They need to be able to return venture capital money at a multiple. So, why did they take the cash in the first place? So that they can build a company to govern and employ the team members and build expertise to fund the R&D needed to build the product and support customers.
It seems unfair to me that a company with deep resources chooses to fork and modify instead of investing in the company and owning a stake to help influence the roadmap and/or enter into a resale / partnership model for monetization.
It's a tough scenario and it needs to be discussed.
> There are a lot of projects (sudo being the most recent example) supported by a team of developers in the single digits (or just one) that are relied upon by projects raking in millions if not billions in annual revenue.
But the whole reason they are relied upon is them coming for free. If sudo users where expected to give something back it wouldn't have landed on millions of machines in the first place.
FOSS coming for free means, of course, maintenance being dependent on the authors' whims. Not paying means not being owed anything.
Yes, that's not sustainable. FOSS is a gift from the developers to the world. It's not a business model or a way to make a living (at best it's part of a strategy to make a living).
It would be great if we all could gift something back be that help with maintaining or money.
But we should be careful not to demand support. Everyone "whising up" and only relying on software they either maintain themselves or paid someone to maintain might look different than we imagine. Might just be people buying proprietary software rather than funding open source development.
> Currently the two sustainable answers for that are
No, there aren't two, there are three; the third one is the one you slid by:
> rewriting all the software you depend on
If sudo bugs don't get fixed by the existing developer(s), companies that depend on sudo will just end up writing their own. I suspect that in most cases companies will see that as cheaper than having to pay an open source library developer, who is not an employee, to maintain an open source library that is not under the company's control. So if the open source developer isn't donating their work for free, the companies probably won't end up using it at all.
Open source is not a business model. You can make money in open source, but not by accident. You have to find a viable business which incorporates open source. One common approach is SaaS, where the software is open source and you provide value by selling hosted versions, with paid support, competing on the reliability and utility of your infrastructure, expertise of your support staff, and integrity of your business.
>ne common approach is SaaS, where the software is open source and you provide value by selling hosted versions, with paid support, competing on the reliability and utility of your infrastructure, expertise of your support staff, and integrity of your business
The big problem with this is that most of the large enterprises which are really spending the money for this, 99% of the time are going to pick Amazon or Microsoft or IBM for hosting/support over AwesomeOpenSourceLibrary LLC, especially since they likely already have contracts with those companies.
From a practical point of view, if I have N open source libraries that I use in production, as a large company, it is better for me if I have Amazon support all N libraries, than having N different contracts with N different companies for support/hosting.
It's not that hard to compete with AWS. AWS is scatterbrained and provides a really bad UX and as-is integrations where the "is" is not great. You might lose some business to them, but the cases we've seen lately aren't that: Elastic cleared almost half a billion dollars last year.
What open source does mean is surrendering your monopoly over what you build. Amazon may capture some of your value as a result, but that's part of the deal. I wrote about it here:
"It's not that hard to compete with AWS. AWS is scatterbrained and provides a really bad UX and as-is integrations where the "is" is not great."
A lot of enterprise buying decisions come down to: "AWS/Azure/... is already an approved vendor, so let's just buy from them instead of going through the hoops to get Elastic approved". The "super scalers" are offering a path of least resistance that is difficult to overcome.
It isn't. You can accept donations. You can charge for support/enhancement work, or for a managed service. You can also find a salaried job where your work is released under a Free and Open Source licence, such as Linux kernel development.
You're right that it's famously difficult to monetise Free and Open Source software, but there are a few examples of it happening.
> the original idea of open source: that it was the cool things you could build with code, not the code itself, that had value.
Perhaps I'm missing your point here, but as far as I know, there's nothing in the Open Source or Free Software movements that ever viewed FOSS primarily as the basis for interesting proprietary software.
> They've built things on FOSS code that never existed before, and most of them have contributed a lot of FOSS code back. But they haven't sold databases, reverse proxies, and key/value stores, right?
Red Hat might be the clearest counterexample here. If I understand correctly, their charge for their official builds, which I suppose is a way of charging for support.
You're right though that many of them go with a service model and don't publish the code. Amazon Aurora, for instance, or Google App Engine.
> Perhaps I'm missing your point here, but as far as I know, there's nothing in the Open Source or Free Software movements that ever viewed FOSS primarily as the basis for interesting proprietary software.
Proprietary doesn't factor into it. Maybe a clearer way to put the thing I am positing: the idea behind open source is that it is interesting end user apps that have value and change the world, not the software components from which those apps are built.
True, but there are a lot more applications and use cases for an open-sourced redis than an open-sourced twitter. Let me try again: Twitter was built on an open source foundation, changed the way people communicate forever, and created a huge amount of liquid value. Without open source things like Twitter probably would not have come into existence. Twitter has in turn contributed a lot of important open source software back into the community. Elasticsearch or redis, by contrast, enabled many of these cool new things to exist, but by themselves those excellent software components changed very few lives. If you made redis and tossed it out in the world with a ta da! very few people would care. I always felt that open source was an explicit recognition that we care about and attach value to the big ideas that change the world, and that by making the building blocks freely available we caused more of those big ideas to come to fruition. Now that the big ideas are perhaps a little harder to find we seem to want to attach a price tag to the parts again.
> If you made redis and tossed it out in the world with a ta da! very few people would care.
Right, it's the application/library distinction again. Developers might care a great deal, even if there's nothing interesting using it yet.
> open source was an explicit recognition that we care about and attach value to the big ideas that change the world, and that by making the building blocks freely available we caused more of those big ideas to come to fruition.
I suppose so, although the 'free' (as in price) component there can be separated out from Open Source. Freeware (software which is made available free of charge but which is not Free Software or Open Source) can also serve as a platform, but in practice often loses out to Free and Open Source alternatives. SkyOS is dead and gone, the Linux kernel continues to conquer the world.
The Open Source position is that Open Source is the most effective way to develop software, and of course it's had tremendous success in 'infrastructure' software (libraries, frameworks, operating systems, programming languages).
(This is quite different from the Free Software position, which holds that non-Free software is a problem in terms of power and control over users, quite aside from the question of how to most effectively develop software.)
We should be careful not to go so far as to say that Open Source is about enabling interesting/profitable non-Open Source programs. Copyleft licences are explicitly hostile to this, but are recognised as Open Source licences.
In my nigh on 30 years of work, mostly using and writing open source, I have never been compensated for writing software. I have been compensated for solving problems. The fact that it involved writing software was irrelevant.
I would argue that compensating developers for building software is the wrong way to look at it. IBM (and possibly Red Hat?) are mostly consulting companies---the development work they pay for is in support of their consulting.
>I would argue that compensating developers for building software is the wrong way to look at it. IBM (and possibly Red Hat?) are mostly consulting companies---the development work they pay for is in support of their consulting.
Red Hat is not a consulting company. According to the Q1 FY2020 financial statements, "Subscription revenue in the quarter was 87% of total revenue." which means consulting is somewhere in that leftover 13% (categorized as "services").
What you perhaps mean, is that the number of kernel developers, gcc developers, glibc developers, (and so on) they have on staff is a benefit in terms of providing good support. In that sense, if a customer has an issue and need support, the "development work" does benefit the ability to provide that service. I wouldn't call that consulting though.
> Honest question: isn't this a fundamental contradiction?
I'm glad someone brought this up. When a developer (or artist, or musician, or other creative person) gives away their work for free, that is fine by me. But when they later hold out their hat and say, "by the way, I worked really hard on that and I'm a nice person, would you mind paying for it now?" that's when I feel like I'm being manipulated. If you wanted money for it, you should have just said up front instead of tossing the guilt trip in at the end.
I do appreciate Jeff's enthusiasm for technology and he's done some cool stuff. I would totally hire him for a consulting gig if I were in a position to do so. But he's part of this "give stuff away for free and beg for money later" culture that rubs me the wrong way.
Do you listen to National Public Radio in the US? They broadcast all of their content for free on FM radio, and then ask for donations a couple times a year. Does that feel manipulative to you? Genuine question, because to me that doesn't seem that different the developers holding out their hat after releasing an open source library.
It really depends on how they do it. Do they try to guilt trip you into giving donations? Or act indignant and insult their listeners when cash runs dry? I don't have experience with NPR, but my guess is no.
Edit: I think the main difference is having or not having an expectation that you will be paid later for something that was provided for free.
> But they haven't sold databases, reverse proxies, and key/value stores, right? I've paid six-figure annual licenses to Oracle. Is that the world we're trying to preserve here?
Maybe? Why can't you sell a database, reverse proxies, or key/value stores? What if I want to start a business around a database, reverse proxies, or key/value stores? How does that work with FOSS?
There are a number of companies who do open source development and get paid for the development work that they put in, rather than selling the software itself. This seems like the least bad way to do open source things, although it is fairly incompatible with VC money, although ISTR RedHat has taken VC money at some stage.
Corporate sponsorship of open source is entirely dependent on top talent caring about open source and thus being more willing to tolerate working for EvilMegacorp if major pieces of the infrastructure they work on are open.
When top talent just accepts the big money contract regardless, corporations see little incentive to sponsor open source. Software development is the only industry that has large portions of infrastructure free and open for anyone to use, and this is due to inheriting the values of key founders of the industry a generation or so ago.
It's up to us to carry that torch, or we will become like every other industry.
> and this is due to inheriting the values of key founders of the industry a generation or so ago.
Is it? I think it has more to do with companies realizing that [1]commoditizing their complements is a sound strategy, and [2] using open source as a growth strategy.
When you get to the "harvesting" stage or the "entrenched monopoly stage", the FOSS license doesn't make sense if you were using it merely as a growth strategy.
The open source from your list largely falls under #1. They didn't open source their primary product, but rather their complements. That is sustainable, whereas #2 is not when a permissive license is involved.
Strategy #1 is self-interested and doesn't require any real zealotry and survives the harvesting stage just fine.
Open sourcing your core product with a permissive license is generally going to be at odds with business goals at some point, and if you're in business, often the thing to give is the license.
Commoditizing software was never a strategy, at least until a very recent stage. Open source software projects commoditized software either by being vastly more successful and out-competing their alternatives (gcc[1]), or by being a singularly better value proposition than their alternatives (linux[2]). The companies which have "commoditized their complements", used "open source as a growth strategy", or "become entrenched monopolies" have always had a rather sketchy relationship with open source software, which is why they have preferred to avoid an actual free software license.[3]
[1] Back in the good ol' days, everybody made C/C++ compilers. OS vendors made compilers highly tuned for their hardware and software; others, like embedded vendors, made compilers tightly integrated with their tooling. Then gcc showed up everywhere, and started producing optimized code better than the tuned products. By the time LLVM appeared (2003?), its only real competition was gcc and a fork of gcc.
[2] Originally, Unix vendors had incremental improvements over their competitors in specific areas (IBM: SMIT/JFS, SiliG: graphics, etc.). Initially, Linux was a joke. Then it became as stable as the vendor OSs and the hardware it ran on was cheaper. Then it ran on any hardware. It may never have achieved feature-advantages over the competition, but taken as an entire package, the competition couldn't provide anywhere near enough value.
[3] IBM's a funny case, especially with Red Hat. IBM hasn't had a functioning software (or hardware?) product for at least 30 years.
You’re just describing the process of how all that software became commoditized. Software the everybody needs to use is simply a commodity now, and that’s why the more generically useful something is, the more open source support it’s going to have. Companies (usually) don’t want to build their own infrastructure, the want to spend their money investing in their value adds, because that’s where they get their RoI. A company could build their own web server, operating system, compiler, database... But their customer are unlikely to see any benefit from that, which is why they find themselves with an incentive to improve open source software. That’s the reason big open source projects attract large corporate sponsorship, not to satiate the ideological motives of “top talent”.
That's been my experience as well, and the same applies to groups that own/maintain certain projects, like drools/RHDM. The project/technology owner/maintainer is aligned with corp based on customer size/needs, and that alignment is a function of how much the customers are paying.
If and when a large customer drops out, the entire corp and open source structures can change because the monetization changes. On the plus side, if there's a broad customer base, this is less likely to happen.
When will this not be the case? Most companies use a lot of open source, in order to ship quickly. I suppose the thesis of main link is, that's no less so the case -- but here we are, building UIs with Vue/React/Angular/etc. Tons and tons of open source tech to enable shipping more quickly.
People who write open source do it for analogous reasons, except the "strategic incentives" are often personal. Those reasons can change quickly when shiny new things appear. There's a wealth of abandoned OSS projects that illustrate this point.
I don't pretend to be an industry expert but things seem different now, in this day of Everything-as-a-Service and subscriptions-as-primary-revenue-streams, from when Free Software first became A Thing.
It's just so easy these days for a corporate parasite like Amazon or Sony to rip off your hard work (ElasticSearch, BSD) and contribute essentially nothing back.
The SSPL seems like a perfectly rational response to this newly-emerged phenomenon.
I have serious question to you and everyone who try to advocate for SSPL. Don't you understand that this license has clause for SaaS providers that impossible to comply with?
Even if Amazon wanted to open source every single line of their own AWS code under AGPLv3 or APLv2 it's still not enough: the license require everything to be published under SSPL in very fuzzy terms that can even apply to OS kernel.
Even copyleft licenses always had a goal to increase amount of copyleft code, but SSPL only goal is to completely ban 3rd-party SaaS from using said software.
> the license require everything to be published under SSPL in very fuzzy terms that can even apply to OS kernel.
Not even a little bit.
From the SSPL itself:
>However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work.
Primarily a profit driven motive. Open source doesn't always mean free as in beer.
>elastic killed elasticsearch
For companies like amazon who are fundamentally incompatibl with truly open source yes, this is a killing blow. For everyone else its just a change in ToS.
In 2021 what's changing is many companies and devs are getting rightly upset about multinationals ripping off their code without so much as an attribution. These companies are saying that not only is your code not worth money, it isn't even worth the exposure on your resume.
The premise is wrong. The consolidation of computing to a few mega platforms or companies is the big issue open source is where you are seeing the symptoms.
Elastic is just another app/database platform. Open source is a side issue with Amazon... the real problem is that ultimately, their ability to exist as a platform is ultimately in the hands of a few companies.
That's always been a challenge; usually the model is to sell features or certification if you go open source. Alot of people buy RHEL for FIPS 140-2 validation, for example.
Even in closed source, some of these business models are dumb with or without open source being in the mix. Think about companies like Citrix or VMWare who are essentially selling their customer book to Microsoft and to a lesser extent Amazon for virtual desktops, and to Microsoft, Amazon and Google in the server space. ISVs used to compete with each other to sell their stuff to run customer desktops or datacenters. There was no aggregation of their runtimes Now for most of the market they are competing with each other to rent their software on big platforms, which may opt to strangle them at any time.
On the open source side, people who need FIPS still buy RHEL. Frugal people who need FIPS buy Oracle. RHEL is still open source, and the cheapskates who rely on CentOS can still do so, they just don't get to ride on RHEL's engineering work backporting new fixes to old software. Elastic never had a sticky business model.
When I see articles like this I think back to Neo4j, when we adopted the product the enterprise features were open source, which turned out to be a long con bait and switch, enterprise features are now closed. We rewrote our app using another DB and are closely watching more recent entries into the GraphDB space such as Agensgraph ( a new apache project) built atop postgres.
meh. There is nothing new under the sun. There have been several identical losses in FOSS. The bigger they are the better when this happens because there is enough volume and momentum to force a new FOSS branch. If it is a "tiny" FOSS piece, there are not enough champions to fight.
> So AWS was directly competing with Elastic, but *not taking the same responsibility for the open source project or investing in it as heavily as Elastic was*.
Eh? AWS could have killed ELK in 5 minutes. They chose to branch, and contribute it back. Several of the fixes and improvements are from AWS. Did the author want an IBM/CentOS takeover? Or, deny AWS to use Elastic but pretend to be FOSS?
I don't understand this part. AWS doesn't have anything internally that would compete against ELK. Unless you are taking about AWS buying ELK flat out. But then Azure and GCP can fork ELK and keep selling the service. Is my assumption incorrect?
Yes: AWS has launched many "native" offerings to compete with the market's open source product, only to give in to demand and launch a managed version of the open source product (CloudSearch/ElasticSearch, ECS/Kubernetes, SQS/ActiveMQ, DynamoDB/MongoDB, etc)
Before a couple years ago (when elastic started digging deeper into the paid addon realm), I don't think they could've forked and been able to keep enough compatibility / community around their fork to make it as useful and compatible with everything Elasticsearch did.
But today, I think they have a 50/50 shot of the Amazon-forked ES version becoming the de-facto standard, and Elastic's fading into obscurity.
> One way is to become more restrictive in licensing, choosing only copyleft licenses that were originally created to offer more protections to individuals than corporations.
I would disagree with how you made that characterization. Licenses apply equally to everyone, and corporations are made of individuals.
If you meant end users vs. service providers, that's what Elastic did and to end users their new license looks more permissive than GPL 3.0. Yes it does have "a major restriction", but it doesn't force individual users and even those who redistribute Elastic software to release their modifications, whereas GPL 3.0 would have that effect.
To me - a user - the new Elasticsearch license is more permissive (because before some Elasticsearch add-ons were restricted) and I can live with that.
Amazon - thanks to a more permissive license that Elasticsearch used to release under - can still do their thing. Good luck to them. If that license wasn't permissive they wouldn't be able to do this.
And the Fedora community and other busybodies ... I don't care what they say :-)
> But maybe they're onto something. Maybe blindly adopting permissive open source licenses to invite more corporate ownership isn't the right answer.
I do think this is the answer. Try to use LGPL, GPL or AGPL as appropriate.
I also agree with some people that there's an issue with framing the question as defending the right of developers to get paid for open source. This was never much of a thing by default. People have been trying to build FOSS companies, with varying success. But I would guess most end user-facing things, like GNU, Linux, VLC etc. were built by academics or hobbyists, or foundations. Commercial FOSS tries to sell infrastructure to enterprises. It's not things you and I would use if we weren't IT professionals.
(Linux is a peculiar beast here. The kernel is largely developed by big corps, but playing by the copyleft rules, because it's such a fundamental infrastructure. Big distros like Ubuntu and Fedora are the middle ground where they can be freely used by individual people, but are a side effect of Canonical and Red Hat's development processes.)
The correct framing of FOSS is benefit of the users and the society at large. We use .?GPL to ensure that the software that people use is inspectable, and modifiable if the vendor does something bad. Thus we serve people's, and our own, interests in the long term. We reduce the area where companies can damage the public for profit, when hiding behind closed source, unchangeable dark patterns, "hai we ban you there is no appeals" etc. etc. That the essential software can be had free of charge in practice is also a nice thing... to some extent.
The answer to the problem of compensating the developers was never much directly solved by FOSS. (Of course, you can try to use it to also get hired, to sell hosting or support.) This is a social/political/economic problem. Trying to solve it with licensing (a.k.a. copyright law hacking) is and understandable effort, but very likely a dead end.
EDIT: I see under the sibling comments that the OP is more specifically concerned about the fundamental and "invisible" projects like sudo. I can't add much on that, but I do think there's value in getting (some) signaling and (some) bargaining power by choosing copyleft. Especially if there would be solidarity and consensus among developers in doing this.
You are completely right. But the answer to this is always the same: off-topic Stallman ad hominem
> Linux is a peculiar beast here. The kernel is largely developed by big corps, but playing by the copyleft rules, because it's such a fundamental infrastructure.
Not quite. linux is the success of the past! but already corrupted by "tainted" kernel...
linux adopted GPL, which was *unthinkable* by corporate back then. But because devs didn't cave in to "permissive license fallacy", they had to eat it up.
The thing is, GPL is severely outdated. It does nothing to force Google, Amazon to open source their code that they profit from because of an OSS base work. GPL, with tainted kernel, merely force them to open source irrelevant parts of Android. The drivers and spyware-DRM can all remain proprietary. And does *absolutely nothing* to their bread and butter, which is hosted services on top of OSS software.
until we stick to GPLv3 like linux stuck with GPL, opensource is point less.
>Not quite. linux is the success of the past! but already corrupted by "tainted" kernel...
> linux adopted GPL, which was unthinkable by corporate back then. But because devs didn't cave in to "permissive license fallacy", they had to eat it up.
True, I didn't expand on that to be more concise. Linux is a grandfathered treasure. Though there's an argument the corporations could use BSD like Apple, it's just more beneficial for the fragmented PC/Android ecosystem to maintain Linux sort of like an open ISO standard. Either way, this is not an easy story to replicate, unless something is essential on the level of Linux.
I think with the way the situation develops, more and more people will be questioning permissive licenses as the no-brainer standard. I'm not saying there's no place for them, if you have a good business reason or something. Buy you don't have to unconditionally donate your labor to entities with nation-state-GDP-sized coffers. Copyleft alone won't solve the problems of the industry, but an expansion of its mindshare it would be a start.
> linux adopted GPL, which was unthinkable by corporate back then. But because devs didn't cave in to "permissive license fallacy", they had to eat it up.
Linux using GPL wasn't such a big problem for the corps, as the Linux developers stated the syscall interface is the GPL boundary. So you can make user space code that runs on Linux without being affected by the GPL (see e.g. the Android "no GPL in userspace" rule). And even inside the kernel, there are loopholes to get around the GPL (e.g. the "tainted" thing you mentioned).
Even if Linux were permissively licensed, the thing preventing splitting up into a zillion proprietary forks would, I think, be the ferocious development speed and lack of internal API guarantees.
> until we stick to GPLv3 like linux stuck with GPL, opensource is point less.
I don't see what GPLv3 would solve here. To close the "service provider loophole" you need the AGPLv3, or even something stronger. But given the more or less total lack of adoption of AGPL, I'm not hopeful here.
I mean, it would be nice if copyleft would be the norm, but that goal seems to be slipping further and further away all the time. To the point that corps can start to shun copyleft code, pressurizing the remaining holdouts to switch to permissive licensed or become irrelevant.
> Linux using GPL wasn't such a big problem for the corps, as the Linux developers stated the syscall interface is the GPL boundary.
That is fine for creating applications. It still required drivers and other things that expose syscalls to be open and GPLed.
> Even if Linux were permissively licensed,
The tainted kernel was the attack on the GPL itself i talked about. After tainted kernel, it is pretty much NOT-GPL, hence the devs gave in to a more permissive license while still calling it GPL. So the rest of the point is moot. Linux kernel DID adopt a permissive license, which is the reason we do not have proper open source android today.
> But given the more or less total lack of adoption
chicken and egg problem. But that is *exactly* the argument against GPL for the kernel in the past.
> But I would guess most end user-facing things, like GNU, Linux, VLC etc. were built by academics or hobbyists, or foundations.
I think some of those things from the "golden age" were built by people working on the clock, in salaried full-time positions, at companies that had businesses separate from that open source product, but which used the open source product for that business.
They were getting paid to solve problems and get things done, and if they got it done with open source, that was fine, the company wasn't trying to make money off of the software that solved the problem.
(Also by university faculty getting paid by the university).
Note that, had Elastic chosen to move to GPL/AGPL/LGPL, it would not have blocked Amazon since Amazon already releases the sources of their modifications to Elasticsearch.
These are two completely different issues and situations. The only thing they have in common is that theyre open source projects controlled by for-profit entities. The moment cooperation is no longer in their best interest they will stop.
In elastics case they were between a rock and a hard place. The world changed around that project and they got sherlocked. It happens. AWS has done it so many times its shocking they didnt anticipate it in the first place. Being venture backed sours the batch a lot faster.
The CentOS issue is unique. The maintainers gave control to the company that owned the licensed distribution of the software. Did they get a whole promise in return? Of course theyll cut support for it. Even in IBMs own portfolio its a conflict on a balance sheet alone. But its not the fault of enterprise open source. Open source works in this situation: there will be a fork just like centos was a fork of redhat.
> In elastics case they were between a rock and a hard place.
More like rock and a very soft place cushioned by wads of cash. Elastic so far has been doing very well fincially. And this isn't some new development from AWS side that Elastic needed to react upon, AWS have been offering ES for over 5 years.
There is a fundamental problem, in that open source makes it easy to take and not give. It has many advantages, but that means that it is hard to give it high quality support and development (which generally requires paying people) if you cannot monetize something about the software -- be it support, or hosting, or selling some close-source product that depends on it.
If the licensing terms let someone else monetize your investment to the detriment of your own revenues, that's a problem. Even if you would be satisfied with break-even, you have to pay your own developers.
Amazon may be "within their rights", but the pattern is unsustainable as-is.
I never understood what is there to be scared about.
People buy Microsoft Word knowing they won't be able to change it, because it's closed source. However it sells well.
Do people use LibreOffice because it's Mozilla licensed and not GPL? Do all those people that don't dream about modifying Word really want to add secret proprietary features to LibreOffice?
Similarly, Oracle (the database) vs MariaDB (GPL) vs PostgreSQL (its own license, basically MIT / BSD.) There are definitely people that patch databases but I wonder how many people here decided to use one and not the other because they thought "what happens if I ever want to add something to MariaDB and nobody else must get it?"
No, where is scares them is at the copyleft level, when they are writing software. You're quite right that it probably doesn't scare many when they are just using it as an appliance (e.g., a database).
Elasticsearch moving to GPL/AGPL/etc would not have blocked Amazon since Amazon already freely releases the sources of their contributions. That is why Elastic instead chose the niche license SSPL.
cracks? we are nothing in a boom time for enterprise open source... more companies are contributing than in the past and hiring engineers to work on open source, we have open source alternatives to every project you mentioned
Projects that change from Apache or GPL-like licenses to SSPL are still open source. This doesn’t mean you have to release your source code if you use these projects — only if you start selling a hosted platform that offers the software as a service. Every company I’ve seen do this was been backed into a corner by Amazon, who almost never contributes to these projects. This is nothing more than Amazon trying to kill these projects by causing fragmentation.
*Yes, I’ve read the OSI link AWS-fans always refer to.
Have you read SSPL? It's literally apply restriction to SaaS that impossible to comply with.
Also it's not some "everyone, but Amazon license". Terms they use are very fuzzy and can easily apply to more than just SaaS companies.
If Elastic wanted to stay open source they would use BSL: proprietary for N years and then code became GPL / APLv2.
Anti-SaaS clause of SSPL is here:
> The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
> The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
If anything will ever kill established "Enterprise Open Source" or Open Core business models, it's because of cloud service consumers and cloud platform customers that prefer the seamless and often convenient integration of FOSS services and technologies their preferred cloud platform (be it Azure, AWS, GCP, or whatever other player that reaches a sufficient size to be able to) provides.
That happens to the direct financial detriment of the companies that actually created these free tools, while (perhaps naively) hoping to be able to sell services based on them to enterprise customers themselves. And it's going to be a real pity and for the FOSS community when it happens.
Software may be eating the world, but managed software platforms are eating (free) software.
123 comments
[ 3.4 ms ] story [ 245 ms ] threadWhat's the question exactly? Sustainable FOSS development?
Earning nothing while working on a FOSS project that has no way to ever make a developer salary because it can't be used by the people with the money, due to the copyleft license does not seem to be the "right answer" either.
The hard thing here is truly free / open source software relies on generosity. And the more generosity, the more sustainable it is (on behalf of the developer(s), the corporations using it, etc.).
Generosity is not a winning strategy in corporate board rooms, though.
But for complex projects those barriers will probably always be quite high.
* "Simple" is a slippery concept. I find hacking Haskell easier than hacking Python, because the type signatures and other features make it much easier to see what's going on with a minimum of investigative work. But difficulty is a big part of Haskell's reputation, and ease a big part of Python's.
(I make a living working on an open source project.) I don't agree. The view of the value of software is just different. The software itself is valueless. This is true of all software: bits are free to copy. What is valuable is the work put into making it. In other words, you get paid for making something, not for having made something. If a company wants some feature implemented in some piece of OSS, they can go find a dev to pay to do it, and contribute it back to the world. There's no generosity there, it's just an accurate reflection of where value is actually generated in the software world, instead of the broken view that proprietary software tries to force.
Where it starts to get tricky is kind of a tragedy of the commons situation: if you wait long enough, then maybe someone else will pay to implement the feature, but if everyone does this, then the feature will never exist.
Assuming we can find a way to get to a UBI, programming becomes just another art. If you already have your basic needs met (housing/food/education/transportation) and have the choice to either pursue an art, or pursue a career making more money, people will have options. I have no doubt there are a lot of people that will value the freedom to decide what they want to do every day of their life over making more money in the rat race, and some of them will spend that time programming/donating their time to FOSS projects.
Between now and then, your guess is as good as mine.
In fact I’m pretty sure it has contributed to the rise of the celebrity/“influencer” dev who uses open source as a vehicle for self promotion rather than a means to improve software.
The fact that they do a far bit of self-promotion should not be hold against them, in the end we are all working to achieve something in life, and for some, a necessary ingredient is some self-promotion through open-source.
Why pay for an editor when the good guy Microsoft gives it to you for free?
People have been delusional about FOSS for way too long.
Is that you billg ;]
https://www.debian.org/ https://getfedora.org/ https://antixlinux.com/ .. systemD free :]
The open source I've written - be it a program or a patch was always open sourced because I wanted to make my program available to others because I thought it might be useful.
Open source will never be able to give the huge returns that VC firms expect.
However, open source can provide the basis for what is often derided as a “lifestyle business” that provides a sometimes very good income to a small group of people that are passionate about a project. SQLite comes to mind as an example.
Elastic is definitely bringing enough revenue for the “lifestyle” business without changing their license, however it is not enough for VC.
Be very wary of open source backed by VC.
On top of that, yes I'd argue Red Hat is an outlier and exception whose success is as much result of good luck and timing than anything else.
FOSS is all about idealism. It's hard to retain your idealism when someone is waiving $1+ billion dollars in your face with one hand and holding a loaded gun to your head with the other.
FOSS developers should contribute to projects and not products. Non-copyleft licenses seem to just be code for corporations to build upon, providing them free labor while getting little in return. At least with the GPL, you are getting a promise that they will make available their sources. Consider carefully your expectations when you license your software.
An example where a project/product hybrid somewhat works is web browsers. Generally speaking, there are several competitors trying to achieve something similar, and there are some attempts (however nebulous) to create standards bodies. The Elastic Search community could have done something similar and formed a standards body around some sort of specification.
Honest question: isn't this a fundamental contradiction? If you are building a thing that by definition is given freely to anyone who wants to use it, how does compensation for that work become part of the formula? You can't be monetarily compensated for it, because you chose to give it away. There are other forms of compensation but that seems clearly not what we're talking about here. The author goes on to ask how you can build a business around open source? But isn't the answer that you can't? If its really open source then the software itself is not a business.
That, to me, seems consistent with the original idea of open source: that it was the cool things you could build with code, not the code itself, that had value. None of the iconic success stories in tech over the last decade have sold code, have they? They've built things on FOSS code that never existed before, and most of them have contributed a lot of FOSS code back. But they haven't sold databases, reverse proxies, and key/value stores, right? I've paid six-figure annual licenses to Oracle. Is that the world we're trying to preserve here?
There are a lot of projects (sudo being the most recent example) supported by a team of developers in the single digits (or just one) that are relied upon by projects raking in millions if not billions in annual revenue.
Finding ways to give back and keep the developers motivated is important in the long term, unless you plan on rewriting all the software you depend on.
Currently the two sustainable answers for that are:
1. Hope some company is generous in hiring said OSS developer and paying them a salary to continue working on that OSS work (ideally without too much pressure to modify it for that one company's use case).
2. Make that developer spend a lot of time doing marketing to generate donations/sponsorships to a level where the developer can pay for things like food, shelter, and insurance.
> There are a lot of projects (sudo being the most recent example) supported by a team of developers in the single digits (or just one) that are relied upon by projects raking in millions if not billions in annual revenue.
But they gave it away for free. That would be the same whether there were big, small or zero companies using the software.
I think probably the problem is framed wrong:
- maybe giving software away free was a bad idea (I don't believe this; just putting it on the table for conversation)
- maybe those giving away their software free should make better calls _for themselves_ about how they spend their time
- maybe use different licensing
- stop calling it free; instead call it "free a the point of consumption" and consciously build a model to support that at the outset (this is my current personal opinion, but I grew up in the Uk when it had a functional NHS so I'm biassed)
- dig deep on what both "free as in beer" and "free as in speech" mean to you and how they relate and what you want to do about that
Open source came out of a joyous utopianism that hasn't been backed up the wider societal changes needed to sustain it. This is understandable because that work is ridiculously hard (and I'm aware some people _are_ trying to make those changes. I just day-dream about it).
Currently, most of the world works on capitalism, for better or worse. I'm not trying to defend or attack capitalism here, but when you work in a capitalist system and _all_ your other interests and life support systems use capitalism, you have to factor that into your thinking. Open source makes more sense in a post-scaricity society and we're not there yet. FOSS might even help us get there, and the problems we're seeing in the past 3-4 years might be the signs of things changing.
I know this message sounds like victim blaming, and that's a real problem in some situations, but I don't think this is the situation here. Everyone working in tech is at a higher than average level of privilege than their immediate peers; working in FOSS is a choice you make from that position of privilege.
This. This is the conversation we need to have.
However, I doubt that a public company on the USA stock exchanges -- which by definition is concerned with a Capitalist maximization of shareholder value, can rely on donations.
They need to be able to return venture capital money at a multiple. So, why did they take the cash in the first place? So that they can build a company to govern and employ the team members and build expertise to fund the R&D needed to build the product and support customers.
It seems unfair to me that a company with deep resources chooses to fork and modify instead of investing in the company and owning a stake to help influence the roadmap and/or enter into a resale / partnership model for monetization.
It's a tough scenario and it needs to be discussed.
But the whole reason they are relied upon is them coming for free. If sudo users where expected to give something back it wouldn't have landed on millions of machines in the first place.
FOSS coming for free means, of course, maintenance being dependent on the authors' whims. Not paying means not being owed anything.
Yes, that's not sustainable. FOSS is a gift from the developers to the world. It's not a business model or a way to make a living (at best it's part of a strategy to make a living).
It would be great if we all could gift something back be that help with maintaining or money.
But we should be careful not to demand support. Everyone "whising up" and only relying on software they either maintain themselves or paid someone to maintain might look different than we imagine. Might just be people buying proprietary software rather than funding open source development.
No, there aren't two, there are three; the third one is the one you slid by:
> rewriting all the software you depend on
If sudo bugs don't get fixed by the existing developer(s), companies that depend on sudo will just end up writing their own. I suspect that in most cases companies will see that as cheaper than having to pay an open source library developer, who is not an employee, to maintain an open source library that is not under the company's control. So if the open source developer isn't donating their work for free, the companies probably won't end up using it at all.
The big problem with this is that most of the large enterprises which are really spending the money for this, 99% of the time are going to pick Amazon or Microsoft or IBM for hosting/support over AwesomeOpenSourceLibrary LLC, especially since they likely already have contracts with those companies.
From a practical point of view, if I have N open source libraries that I use in production, as a large company, it is better for me if I have Amazon support all N libraries, than having N different contracts with N different companies for support/hosting.
What open source does mean is surrendering your monopoly over what you build. Amazon may capture some of your value as a result, but that's part of the deal. I wrote about it here:
https://drewdevault.com/2021/01/20/FOSS-is-to-surrender-your...
A lot of enterprise buying decisions come down to: "AWS/Azure/... is already an approved vendor, so let's just buy from them instead of going through the hoops to get Elastic approved". The "super scalers" are offering a path of least resistance that is difficult to overcome.
It isn't. You can accept donations. You can charge for support/enhancement work, or for a managed service. You can also find a salaried job where your work is released under a Free and Open Source licence, such as Linux kernel development.
You're right that it's famously difficult to monetise Free and Open Source software, but there are a few examples of it happening.
> the original idea of open source: that it was the cool things you could build with code, not the code itself, that had value.
Perhaps I'm missing your point here, but as far as I know, there's nothing in the Open Source or Free Software movements that ever viewed FOSS primarily as the basis for interesting proprietary software.
> They've built things on FOSS code that never existed before, and most of them have contributed a lot of FOSS code back. But they haven't sold databases, reverse proxies, and key/value stores, right?
Red Hat might be the clearest counterexample here. If I understand correctly, their charge for their official builds, which I suppose is a way of charging for support.
You're right though that many of them go with a service model and don't publish the code. Amazon Aurora, for instance, or Google App Engine.
Proprietary doesn't factor into it. Maybe a clearer way to put the thing I am positing: the idea behind open source is that it is interesting end user apps that have value and change the world, not the software components from which those apps are built.
Right, it's the application/library distinction again. Developers might care a great deal, even if there's nothing interesting using it yet.
> open source was an explicit recognition that we care about and attach value to the big ideas that change the world, and that by making the building blocks freely available we caused more of those big ideas to come to fruition.
I suppose so, although the 'free' (as in price) component there can be separated out from Open Source. Freeware (software which is made available free of charge but which is not Free Software or Open Source) can also serve as a platform, but in practice often loses out to Free and Open Source alternatives. SkyOS is dead and gone, the Linux kernel continues to conquer the world.
The Open Source position is that Open Source is the most effective way to develop software, and of course it's had tremendous success in 'infrastructure' software (libraries, frameworks, operating systems, programming languages).
(This is quite different from the Free Software position, which holds that non-Free software is a problem in terms of power and control over users, quite aside from the question of how to most effectively develop software.)
We should be careful not to go so far as to say that Open Source is about enabling interesting/profitable non-Open Source programs. Copyleft licences are explicitly hostile to this, but are recognised as Open Source licences.
I would argue that compensating developers for building software is the wrong way to look at it. IBM (and possibly Red Hat?) are mostly consulting companies---the development work they pay for is in support of their consulting.
Red Hat is not a consulting company. According to the Q1 FY2020 financial statements, "Subscription revenue in the quarter was 87% of total revenue." which means consulting is somewhere in that leftover 13% (categorized as "services").
What you perhaps mean, is that the number of kernel developers, gcc developers, glibc developers, (and so on) they have on staff is a benefit in terms of providing good support. In that sense, if a customer has an issue and need support, the "development work" does benefit the ability to provide that service. I wouldn't call that consulting though.
I'm glad someone brought this up. When a developer (or artist, or musician, or other creative person) gives away their work for free, that is fine by me. But when they later hold out their hat and say, "by the way, I worked really hard on that and I'm a nice person, would you mind paying for it now?" that's when I feel like I'm being manipulated. If you wanted money for it, you should have just said up front instead of tossing the guilt trip in at the end.
I do appreciate Jeff's enthusiasm for technology and he's done some cool stuff. I would totally hire him for a consulting gig if I were in a position to do so. But he's part of this "give stuff away for free and beg for money later" culture that rubs me the wrong way.
Edit: I think the main difference is having or not having an expectation that you will be paid later for something that was provided for free.
Maybe? Why can't you sell a database, reverse proxies, or key/value stores? What if I want to start a business around a database, reverse proxies, or key/value stores? How does that work with FOSS?
When top talent just accepts the big money contract regardless, corporations see little incentive to sponsor open source. Software development is the only industry that has large portions of infrastructure free and open for anyone to use, and this is due to inheriting the values of key founders of the industry a generation or so ago.
It's up to us to carry that torch, or we will become like every other industry.
Is it? I think it has more to do with companies realizing that [1]commoditizing their complements is a sound strategy, and [2] using open source as a growth strategy.
When you get to the "harvesting" stage or the "entrenched monopoly stage", the FOSS license doesn't make sense if you were using it merely as a growth strategy.
[1] https://www.gwern.net/Complement
[2] https://www.gwern.net/Complement#open-source-as-a-strategic-...
Examples:
• Apple
• Amazon
• Facebook
• Google
• Microsoft
• Netflix
• Red Hat
Strategy #1 is self-interested and doesn't require any real zealotry and survives the harvesting stage just fine.
Open sourcing your core product with a permissive license is generally going to be at odds with business goals at some point, and if you're in business, often the thing to give is the license.
Only Red Hat on this list comes even close to open sourcing a significant percentage of its stuff.
If you want Free Software, then feel free to use something more potent than merely an "open source" license the next time you release something.
[1] Back in the good ol' days, everybody made C/C++ compilers. OS vendors made compilers highly tuned for their hardware and software; others, like embedded vendors, made compilers tightly integrated with their tooling. Then gcc showed up everywhere, and started producing optimized code better than the tuned products. By the time LLVM appeared (2003?), its only real competition was gcc and a fork of gcc.
[2] Originally, Unix vendors had incremental improvements over their competitors in specific areas (IBM: SMIT/JFS, SiliG: graphics, etc.). Initially, Linux was a joke. Then it became as stable as the vendor OSs and the hardware it ran on was cheaper. Then it ran on any hardware. It may never have achieved feature-advantages over the competition, but taken as an entire package, the competition couldn't provide anywhere near enough value.
[3] IBM's a funny case, especially with Red Hat. IBM hasn't had a functioning software (or hardware?) product for at least 30 years.
Oldie but goodie: https://www.joelonsoftware.com/2002/06/12/strategy-letter-v/
If and when a large customer drops out, the entire corp and open source structures can change because the monetization changes. On the plus side, if there's a broad customer base, this is less likely to happen.
Anyone working on Mesos these days?
It's just so easy these days for a corporate parasite like Amazon or Sony to rip off your hard work (ElasticSearch, BSD) and contribute essentially nothing back.
The SSPL seems like a perfectly rational response to this newly-emerged phenomenon.
Even if Amazon wanted to open source every single line of their own AWS code under AGPLv3 or APLv2 it's still not enough: the license require everything to be published under SSPL in very fuzzy terms that can even apply to OS kernel.
Even copyleft licenses always had a goal to increase amount of copyleft code, but SSPL only goal is to completely ban 3rd-party SaaS from using said software.
Not even a little bit.
From the SSPL itself:
>However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work.
Explain to me again your FUD?
>redhat killed cantos
Primarily a profit driven motive. Open source doesn't always mean free as in beer.
>elastic killed elasticsearch
For companies like amazon who are fundamentally incompatibl with truly open source yes, this is a killing blow. For everyone else its just a change in ToS.
In 2021 what's changing is many companies and devs are getting rightly upset about multinationals ripping off their code without so much as an attribution. These companies are saying that not only is your code not worth money, it isn't even worth the exposure on your resume.
Elastic is just another app/database platform. Open source is a side issue with Amazon... the real problem is that ultimately, their ability to exist as a platform is ultimately in the hands of a few companies.
If I spend a year of my life and savings to write a new database, how do I make money? Can I make money and open source my work? How?
There isn't an easy answer. Open Source isn't always the right answer, and a whole lot of naive software developers are learning this the hard way.
Even in closed source, some of these business models are dumb with or without open source being in the mix. Think about companies like Citrix or VMWare who are essentially selling their customer book to Microsoft and to a lesser extent Amazon for virtual desktops, and to Microsoft, Amazon and Google in the server space. ISVs used to compete with each other to sell their stuff to run customer desktops or datacenters. There was no aggregation of their runtimes Now for most of the market they are competing with each other to rent their software on big platforms, which may opt to strangle them at any time.
On the open source side, people who need FIPS still buy RHEL. Frugal people who need FIPS buy Oracle. RHEL is still open source, and the cheapskates who rely on CentOS can still do so, they just don't get to ride on RHEL's engineering work backporting new fixes to old software. Elastic never had a sticky business model.
> So AWS was directly competing with Elastic, but *not taking the same responsibility for the open source project or investing in it as heavily as Elastic was*.
Eh? AWS could have killed ELK in 5 minutes. They chose to branch, and contribute it back. Several of the fixes and improvements are from AWS. Did the author want an IBM/CentOS takeover? Or, deny AWS to use Elastic but pretend to be FOSS?
I don't understand this part. AWS doesn't have anything internally that would compete against ELK. Unless you are taking about AWS buying ELK flat out. But then Azure and GCP can fork ELK and keep selling the service. Is my assumption incorrect?
But today, I think they have a 50/50 shot of the Amazon-forked ES version becoming the de-facto standard, and Elastic's fading into obscurity.
I would disagree with how you made that characterization. Licenses apply equally to everyone, and corporations are made of individuals.
If you meant end users vs. service providers, that's what Elastic did and to end users their new license looks more permissive than GPL 3.0. Yes it does have "a major restriction", but it doesn't force individual users and even those who redistribute Elastic software to release their modifications, whereas GPL 3.0 would have that effect.
To me - a user - the new Elasticsearch license is more permissive (because before some Elasticsearch add-ons were restricted) and I can live with that. Amazon - thanks to a more permissive license that Elasticsearch used to release under - can still do their thing. Good luck to them. If that license wasn't permissive they wouldn't be able to do this. And the Fedora community and other busybodies ... I don't care what they say :-)
I do think this is the answer. Try to use LGPL, GPL or AGPL as appropriate.
I also agree with some people that there's an issue with framing the question as defending the right of developers to get paid for open source. This was never much of a thing by default. People have been trying to build FOSS companies, with varying success. But I would guess most end user-facing things, like GNU, Linux, VLC etc. were built by academics or hobbyists, or foundations. Commercial FOSS tries to sell infrastructure to enterprises. It's not things you and I would use if we weren't IT professionals.
(Linux is a peculiar beast here. The kernel is largely developed by big corps, but playing by the copyleft rules, because it's such a fundamental infrastructure. Big distros like Ubuntu and Fedora are the middle ground where they can be freely used by individual people, but are a side effect of Canonical and Red Hat's development processes.)
The correct framing of FOSS is benefit of the users and the society at large. We use .?GPL to ensure that the software that people use is inspectable, and modifiable if the vendor does something bad. Thus we serve people's, and our own, interests in the long term. We reduce the area where companies can damage the public for profit, when hiding behind closed source, unchangeable dark patterns, "hai we ban you there is no appeals" etc. etc. That the essential software can be had free of charge in practice is also a nice thing... to some extent.
The answer to the problem of compensating the developers was never much directly solved by FOSS. (Of course, you can try to use it to also get hired, to sell hosting or support.) This is a social/political/economic problem. Trying to solve it with licensing (a.k.a. copyright law hacking) is and understandable effort, but very likely a dead end.
EDIT: I see under the sibling comments that the OP is more specifically concerned about the fundamental and "invisible" projects like sudo. I can't add much on that, but I do think there's value in getting (some) signaling and (some) bargaining power by choosing copyleft. Especially if there would be solidarity and consensus among developers in doing this.
> Linux is a peculiar beast here. The kernel is largely developed by big corps, but playing by the copyleft rules, because it's such a fundamental infrastructure.
Not quite. linux is the success of the past! but already corrupted by "tainted" kernel...
linux adopted GPL, which was *unthinkable* by corporate back then. But because devs didn't cave in to "permissive license fallacy", they had to eat it up.
The thing is, GPL is severely outdated. It does nothing to force Google, Amazon to open source their code that they profit from because of an OSS base work. GPL, with tainted kernel, merely force them to open source irrelevant parts of Android. The drivers and spyware-DRM can all remain proprietary. And does *absolutely nothing* to their bread and butter, which is hosted services on top of OSS software.
until we stick to GPLv3 like linux stuck with GPL, opensource is point less.
> linux adopted GPL, which was unthinkable by corporate back then. But because devs didn't cave in to "permissive license fallacy", they had to eat it up.
True, I didn't expand on that to be more concise. Linux is a grandfathered treasure. Though there's an argument the corporations could use BSD like Apple, it's just more beneficial for the fragmented PC/Android ecosystem to maintain Linux sort of like an open ISO standard. Either way, this is not an easy story to replicate, unless something is essential on the level of Linux.
I think with the way the situation develops, more and more people will be questioning permissive licenses as the no-brainer standard. I'm not saying there's no place for them, if you have a good business reason or something. Buy you don't have to unconditionally donate your labor to entities with nation-state-GDP-sized coffers. Copyleft alone won't solve the problems of the industry, but an expansion of its mindshare it would be a start.
Linux using GPL wasn't such a big problem for the corps, as the Linux developers stated the syscall interface is the GPL boundary. So you can make user space code that runs on Linux without being affected by the GPL (see e.g. the Android "no GPL in userspace" rule). And even inside the kernel, there are loopholes to get around the GPL (e.g. the "tainted" thing you mentioned).
Even if Linux were permissively licensed, the thing preventing splitting up into a zillion proprietary forks would, I think, be the ferocious development speed and lack of internal API guarantees.
> until we stick to GPLv3 like linux stuck with GPL, opensource is point less.
I don't see what GPLv3 would solve here. To close the "service provider loophole" you need the AGPLv3, or even something stronger. But given the more or less total lack of adoption of AGPL, I'm not hopeful here.
I mean, it would be nice if copyleft would be the norm, but that goal seems to be slipping further and further away all the time. To the point that corps can start to shun copyleft code, pressurizing the remaining holdouts to switch to permissive licensed or become irrelevant.
That is fine for creating applications. It still required drivers and other things that expose syscalls to be open and GPLed.
> Even if Linux were permissively licensed,
The tainted kernel was the attack on the GPL itself i talked about. After tainted kernel, it is pretty much NOT-GPL, hence the devs gave in to a more permissive license while still calling it GPL. So the rest of the point is moot. Linux kernel DID adopt a permissive license, which is the reason we do not have proper open source android today.
> But given the more or less total lack of adoption
chicken and egg problem. But that is *exactly* the argument against GPL for the kernel in the past.
Since you bring that up, could you give some good link for reading about it?
To my surprise, despite this controversy being bigger than the systemd one recently, it mostly happened on mailing lists and other non-public forums!
I wonder if anyone collected all that history.
most of the public materials of the time are diatribes by non-coders: https://books.google.com/books?id=GlAEAAAAMBAJ&pg=PA90&dq=gp...
I think some of those things from the "golden age" were built by people working on the clock, in salaried full-time positions, at companies that had businesses separate from that open source product, but which used the open source product for that business.
They were getting paid to solve problems and get things done, and if they got it done with open source, that was fine, the company wasn't trying to make money off of the software that solved the problem.
(Also by university faculty getting paid by the university).
Good grief, what a way to put it. You could just as well say Amazon killed it. But of course we can't say that
In elastics case they were between a rock and a hard place. The world changed around that project and they got sherlocked. It happens. AWS has done it so many times its shocking they didnt anticipate it in the first place. Being venture backed sours the batch a lot faster.
The CentOS issue is unique. The maintainers gave control to the company that owned the licensed distribution of the software. Did they get a whole promise in return? Of course theyll cut support for it. Even in IBMs own portfolio its a conflict on a balance sheet alone. But its not the fault of enterprise open source. Open source works in this situation: there will be a fork just like centos was a fork of redhat.
More like rock and a very soft place cushioned by wads of cash. Elastic so far has been doing very well fincially. And this isn't some new development from AWS side that Elastic needed to react upon, AWS have been offering ES for over 5 years.
If the licensing terms let someone else monetize your investment to the detriment of your own revenues, that's a problem. Even if you would be satisfied with break-even, you have to pay your own developers.
Amazon may be "within their rights", but the pattern is unsustainable as-is.
The GPL licenses address this problem. It's just a shame that the trend nowadays is towards BSD-like licenses.
People buy Microsoft Word knowing they won't be able to change it, because it's closed source. However it sells well.
Do people use LibreOffice because it's Mozilla licensed and not GPL? Do all those people that don't dream about modifying Word really want to add secret proprietary features to LibreOffice?
Similarly, Oracle (the database) vs MariaDB (GPL) vs PostgreSQL (its own license, basically MIT / BSD.) There are definitely people that patch databases but I wonder how many people here decided to use one and not the other because they thought "what happens if I ever want to add something to MariaDB and nobody else must get it?"
*Yes, I’ve read the OSI link AWS-fans always refer to.
Also it's not some "everyone, but Amazon license". Terms they use are very fuzzy and can easily apply to more than just SaaS companies.
If Elastic wanted to stay open source they would use BSL: proprietary for N years and then code became GPL / APLv2.
Anti-SaaS clause of SSPL is here:
https://www.mongodb.com/licensing/server-side-public-licenseThat happens to the direct financial detriment of the companies that actually created these free tools, while (perhaps naively) hoping to be able to sell services based on them to enterprise customers themselves. And it's going to be a real pity and for the FOSS community when it happens.
Software may be eating the world, but managed software platforms are eating (free) software.