Ugg. I'd like to hope that Matt had hired better legal advice.
But that didn't happen. Matt this isn't going to end well for anyone. The first rule of holes is "STOP DIGGING" Can you put down the shovel for awhile and try talking to people?
It will be interesting when Matt changes his story yet again and issues yet another non-apology.
At this point I'm honestly surprised there are not criminal charges. Just blatantly stealing another business's property/storefront, and then threatening to do the same to other businesses is a shockingly brazen thing to do.
Do you not think the endgame of this is to funnel everyone to Automattic and then raise the rates now that he's exerted a monopoly over Wordpress hosting? Because at this point, I don't see what other exist he has here. This is pure "I own all of Wordpress and it's no longer open source and I can charge anything I want" or he's going to be bankrupted by the lawsuits.
I doubt this, there are dozens of hosting options for WP out there.
I think he was threatened by WPEngine’s approach as a more popular offering than Wordpress.com and decided to go scorched-earth on them instead of trying compete on the merits of their product. He’s threatening anyone that tries to build bespoke hosting with extra tools like ACF.
> This is pure "I own all of Wordpress and it's no longer open source and I can charge anything I want" or he's going to be bankrupted by the lawsuits.
Automattic doesn't own WordPress, for two reasons:
1. WordPress is a fork of b2/cafelog, developed by Michel Valdrighi, and that fork was made under GPL terms
2. WordPress does not have a contributor license agreement or other policy that would require licensing or assigning ownership of upstream contributions to Automattic in a way that would allow them to shirk their responsibilities under the GPL
They're betting on those bankrupting lawsuits never coming because the plaintiffs can't afford to front them. That's a common risk calculation made by private equity owned companies - of which Automattic is also one[0], they're owned by BlackRock.
Automattic does not have a monopoly over WordPress hosting. They bullied several of the major players in the managed WordPress space into paying trademark licensing fees. WP Engine, being exactly the kind of skinflint operation Matt accuses them of, didn't pay up, but they're absolutely going to stick around. The worst thing Matt can do is extract damages and demand a rebrand (since, well, "WP Engine" really does sound like "WordPress Engine"). He can't legally prevent anyone from hosting WordPress.
Legalities aside, isn't this the end game for most profit driven companies? Isn't Matt just doing his job here, trying to drive an increase in revenue?
I'm not saying I like it, but, ethics aside (and lets not play dumb here, when do ethics drive business, unless it affects profit), I'm struggling to understand all the outrage over his actions?
But the legalities are the important part of this. You may as well say "Legalities aside, robbing your competitors at gunpoint is a good idea, if unethical". He's essentially setting up a system where if you ever make too much money off of his project, he's very willing to extort you and do plenty of unethical and likely illegal things to you. That's extremely important to the considerations of companies who may be interested in going into business with Wordpress.
Sure, but saying "isn't this just what any capitalist would do" necessarily demands a discussion of the legalities. Trying to ignore if it's legal or not in a discussion of if it's a normal end game for all companies is absurd. If it was legal to murder your business rivals, then sure, it would likely be fairly normal to do so, but it's not, so what's the point of mentioning it?
The outrage over his actions is specifically because it's likely not legal or ethical. Compare to the stuff Tim Sweeney is doing in his fight with Apple - he's done a lot of stuff that I would say is decidedly unethical, but understandable. It's also things where he's willing to pay the costs of doing it. Matt seems to fully believe this is legal, ethical, and completely justified and deserves to be lauded.
There's lots of companies with leadership that prioritises ethical approach. It's sad that people don't realise it these days / think it's that uncommon. (I've read this opinion here at least 3 times recently)
I wasn't suggesting there weren't ethical companies. Indeed, I would hope, given the amount of companies out there, some high percentage of them were ethical. I agree they are overshadowed though.
I would probably add it's hard to know if a company is acting ethically (whatever that means) or not, unless there's some kind of formal certification which does this?
Except that for profit companies usually stay within the legal limits - or if they don't their smart and calculated about it.
This guy is just going nuts and most likely non of his actions would be looked at favourably in any legal dispute.
And if the most likely outcome of a legal dispute is loosing then that's not really a good way to try increasing revenue/profits.
On top of that if your business is founded on open source and you're behaving like this you're destroying that whole foundation - and burning the whole thing down likely won't increase and profits either
Destroying your company's brand is not the end game for most profit-driven companies. It's usually the end state, to be fair, but an end game is something you're trying to achieve, not something you're bungling you way into like this.
Legally, even taking the whole "copyright infringement equals theft" attitude at face value, it's not, because WordPress is GPL and GPL explicitly forbids adding new restrictive terms to the license, and also forbids combining it with more restrictively licensed code. In fact, in the past, Automattic did to Envato what they did to WP Engine specifically because Envato had taken the position that nulled plugins are infringing.
Of course, Automattic is now suing Festingervault for hosting nulled plugins, because Matt Mullenweg doesn't have principles, he has emotions.
Plugins as code that is integrated with WP are still required to be GPL-compatible. Unless you want to connect to your plugin through some layer of networking and a GPL licensed proxy, your plugins need to be open as well.
Specifically running something as basic as register_activation_hook() means you're linking with WP-provided code.
Whether a plugin is standalone or a combined program (and therefore a derivation) is apparently a matter of debate. Sounds like if you so much as use a data structure defined by WordPress, then by distributing your software you're really distributing a modified version of WordPress. [My read of 0] This is intuitive enough for me, if you can't use my plugin without WordPress, then really what I'm shipping is WordPress + my changes.
However, some plugins are distributed with a "split license", the php that integrated with WordPress is GPLd, but JavaScript, css, other assets are under a different license. [1] I don't think this has been tested in court one way or another. Matt of course considers this heresy [2]
> Sounds like if you so much as use a data structure defined by WordPress, then by distributing your software you're really distributing a modified version of WordPress.
Given that reimplementing an API for interoperability is at least sometimes not a violation of copyright (see, e.g., Oracle v. Google), using a datastructure defined in a piece of software providing a plugin API to interoperate with it cannot make the resulting software exist only as a combination with the software providing the API, since it relies only on some software providing the same API, not necessarily the particular software that originally provided the API.
The GPL is strategically ambiguous as to the meaning of the word "program" and "combine". The licensing terms could be taken to be relative to UNIX concepts like processes, since Stallman had a very UNIX-centric worldview; but the FSF has been very clear that they consider "program" to be more expansive a definition than that[0].
While there are some cases in which two GPL programs could be said to live in the same address space[1] (or PHP interpreter), WordPress plugins are very much designed to integrate with WordPress and modify its behavior. From a copyright perspective, that smells awfully like a derivative work, and thus all the usual GPL licensing language and copyleft would apply here. Ergo, I'm writing these opinions under the assumption that WordPress plugins have to also be GPL.
[0] For example, they consider proxying out to a separate network service to not escape the bounds of a GPL "Program".
[1] It's very rare nowadays to see separate programs live in the same address space. Classic Mac OS did this; but I don't think anyone is going to take someone to court over retrocomputing hobbyist software. Linus argues that you can have proprietary kernel modules as long as they only touch user-mode API stuff, but that's because they have a specific licensing exception that makes the UAPI outside the bounds of the GPL copyleft. The web is the only place where you could have GPL Programs coexist within the same isolation boundary.
Even if the GPL does apply to Wordpress plugins, one of the comments in the linked Reddit thread notes he’s stripping out WP Engine copyright notices in this hijacked plugin. The GPL does not allow him to do that.
I have a Wordpress site I've been operating since 2005. In recent days I've seen notifications that a Wordpress core update is available, and I find myself very reluctant to install it. I no longer trust this organization. But I also don't want to fall behind on security updates. What an unnecessary mess.
47 comments
[ 3.9 ms ] story [ 122 ms ] threadBut that didn't happen. Matt this isn't going to end well for anyone. The first rule of holes is "STOP DIGGING" Can you put down the shovel for awhile and try talking to people?
https://slate.com/technology/2024/10/wordpress-wpengine-matt...
- https://joshcollinsworth.com/blog/fire-matt
- https://bullenweg.org/ (formerly bullenweg.com: https://news.ycombinator.com/item?id=41957829)
https://gist.github.com/adrienne/aea9dd7ca19c8985157d9c42f7f...
It is a chronology published as a GitHub gist.
Otherwise they will never learn. Is it more okay to do questionable things first and then later hide behind lawyer than just keeping doing it openly?
At this point I'm honestly surprised there are not criminal charges. Just blatantly stealing another business's property/storefront, and then threatening to do the same to other businesses is a shockingly brazen thing to do.
Context: WP Engine is controlled by Silver Lake, a private equity firm with $102 billion in assets under management
Somewhere between $1m and $102b you become the enemy
The "private equity" angle is a rhetorically meaningless point made by an out-of-touch bully trying to put a moralistic spin on his own greed.
I think he was threatened by WPEngine’s approach as a more popular offering than Wordpress.com and decided to go scorched-earth on them instead of trying compete on the merits of their product. He’s threatening anyone that tries to build bespoke hosting with extra tools like ACF.
Automattic doesn't own WordPress, for two reasons:
1. WordPress is a fork of b2/cafelog, developed by Michel Valdrighi, and that fork was made under GPL terms
2. WordPress does not have a contributor license agreement or other policy that would require licensing or assigning ownership of upstream contributions to Automattic in a way that would allow them to shirk their responsibilities under the GPL
They're betting on those bankrupting lawsuits never coming because the plaintiffs can't afford to front them. That's a common risk calculation made by private equity owned companies - of which Automattic is also one[0], they're owned by BlackRock.
Automattic does not have a monopoly over WordPress hosting. They bullied several of the major players in the managed WordPress space into paying trademark licensing fees. WP Engine, being exactly the kind of skinflint operation Matt accuses them of, didn't pay up, but they're absolutely going to stick around. The worst thing Matt can do is extract damages and demand a rebrand (since, well, "WP Engine" really does sound like "WordPress Engine"). He can't legally prevent anyone from hosting WordPress.
[0] Yes, every accusation really is a confession.
I'm not saying I like it, but, ethics aside (and lets not play dumb here, when do ethics drive business, unless it affects profit), I'm struggling to understand all the outrage over his actions?
When you say "likely illegal" you're trying to talk about legality without knowing about legality.
The outrage over his actions is specifically because it's likely not legal or ethical. Compare to the stuff Tim Sweeney is doing in his fight with Apple - he's done a lot of stuff that I would say is decidedly unethical, but understandable. It's also things where he's willing to pay the costs of doing it. Matt seems to fully believe this is legal, ethical, and completely justified and deserves to be lauded.
I would probably add it's hard to know if a company is acting ethically (whatever that means) or not, unless there's some kind of formal certification which does this?
This guy is just going nuts and most likely non of his actions would be looked at favourably in any legal dispute.
And if the most likely outcome of a legal dispute is loosing then that's not really a good way to try increasing revenue/profits.
On top of that if your business is founded on open source and you're behaving like this you're destroying that whole foundation - and burning the whole thing down likely won't increase and profits either
Legally, even taking the whole "copyright infringement equals theft" attitude at face value, it's not, because WordPress is GPL and GPL explicitly forbids adding new restrictive terms to the license, and also forbids combining it with more restrictively licensed code. In fact, in the past, Automattic did to Envato what they did to WP Engine specifically because Envato had taken the position that nulled plugins are infringing.
Of course, Automattic is now suing Festingervault for hosting nulled plugins, because Matt Mullenweg doesn't have principles, he has emotions.
Specifically running something as basic as register_activation_hook() means you're linking with WP-provided code.
However, some plugins are distributed with a "split license", the php that integrated with WordPress is GPLd, but JavaScript, css, other assets are under a different license. [1] I don't think this has been tested in court one way or another. Matt of course considers this heresy [2]
[0] https://www.gnu.org/licenses/gpl-faq.en.html#GPLPlugins
[1] https://www.contentpowered.com/blog/wordpress-plugins-free-g...
[2] https://ma.tt/2015/07/licenses-going-dutch/?utm_source=perpl...
Given that reimplementing an API for interoperability is at least sometimes not a violation of copyright (see, e.g., Oracle v. Google), using a datastructure defined in a piece of software providing a plugin API to interoperate with it cannot make the resulting software exist only as a combination with the software providing the API, since it relies only on some software providing the same API, not necessarily the particular software that originally provided the API.
While there are some cases in which two GPL programs could be said to live in the same address space[1] (or PHP interpreter), WordPress plugins are very much designed to integrate with WordPress and modify its behavior. From a copyright perspective, that smells awfully like a derivative work, and thus all the usual GPL licensing language and copyleft would apply here. Ergo, I'm writing these opinions under the assumption that WordPress plugins have to also be GPL.
[0] For example, they consider proxying out to a separate network service to not escape the bounds of a GPL "Program".
[1] It's very rare nowadays to see separate programs live in the same address space. Classic Mac OS did this; but I don't think anyone is going to take someone to court over retrocomputing hobbyist software. Linus argues that you can have proprietary kernel modules as long as they only touch user-mode API stuff, but that's because they have a specific licensing exception that makes the UAPI outside the bounds of the GPL copyleft. The web is the only place where you could have GPL Programs coexist within the same isolation boundary.
[1] https://wordpress.org/plugins/secure-custom-fields/