OSI executive director here. I read this article and all the responses to the survey ran by Hashman before I was hired by the organization 2 years ago. There is very valuable feedback here and I took it seriously.
In the 3 years since the original post was published, the OSI has changed in many ways although it remains a small non-profit with only 2 full time people on staff and a handful of part time consultants.
I recommend to read our 2022 end of year report https://opensource.org/wp-content/uploads/2023/04/2022-OSI-A... to get a quick glance of what we've done and check out our programs page https://opensource.org/programs for what we're doing now.
The OSI (as described here) would be in the primary position to make suggestion and even legal frameworks for cooperations to pay for open source maintainers etc. One of the core problems of open source.
Indeed, beyond license listings, they are not addressing the big problems we have.
Frameworks do not necessarily mean license changes or requirements.
Look at OpenSSL. They went for years with basically no money, had horrible security issues, and then got a ton of sponsorships because companies realized they relied on it.
The OSI can do a variety of things that help open source contributors and maintainers beyond just licenses. Most developers aren't good at things like fundraising, as it's not their core competency. In an ideal world the OSI would build industry connections and use that to funnel money to projects that need it, while also helping build knowledge that smaller projects can use to market themselves. None of that requires turning their back on their open source principles. Legal frameworks, as mentioned above, can even be as simple as making it easier to get tax breaks when donating to open source projects, or having prebuilt legal agreements that help small projects work with big companies for funding in a streamlined way.
To be honest, this is why the OSI and FSF have been so disappointing to me. There's a huge amount of space here for advocacy, public policy initiates, and so much more. Unfortunately these groups are so insular and stuck in their ways, and would rather do things like defend abortion jokes when they could be building communities, that I don't have much hope. However, there really is a lot that could be done without making any changes to the licenses.
No it would not. They could very well work towards a way to facilitate payments to those that produce code compatible with the Open Source Definition. If they want, have the capacity, and have a good idea in terms of how to do so is a different matter entirely.
For me the biggest issue the OSI has today is that the phrase "open source" is becoming disconnected from the Open Source Definition, some of that is deliberate and some of that is people who knew the phrase but not the definition. The language around FOSS is evolving for the worse.
The biggest willful misuse of the "open source" phrase seem to come from those who haven't internalised the sentence "Open source means surrendering your monopoly over commercial exploitation".
and Free Software is software that doesn't come with a pile of inane rules that bind the recipient. i.e. it's not a virus which attempts to extract as much value from the recipient as possible.
The OSI has routinely sided with big tech companies who build proprietary platforms over the needs of companies trying to build entirely open source companies in a sustainable way. I have little to no faith in the OSI or its value to open software, I find it a tiring gatekeeper, and every conversation I've had with OSI leadership has pushed me even further into that conviction.
If the OSI was truly interested in spreading open source, its sole focus would be in developing a license that allows the sustainable development of open source code outside of a FAANG.
Such a license wouldn't be compatible with the Open Source Definition, but they could encourage cultural and other practices to enable sustainable FOSS production. The GPL is hard enough to get people to comply with and not outright ignore, Ethical Source licenses like what you suggest are going to have an even harder time enforcing compliance.
Bluntly: If the Open Source Definition says it's better to let Amazon put open source companies out of business while producing lock-in proprietary services than ask Amazon to support open source, the Open Source Definition is broken and we should clear out any entities in the way of fixing it.
The OSI exists not to spread open source, but preserve Google and Amazon's access to free labor.
Open Source was never about guaranteeing company profits. You're just putting one company above another, while ignoring that one company was the user and open source is about user rights. The companies that pretended to be open source for a while to get access to free labor and marketing are not one bit better than Amazon or Google.
I'm not much familiar with what the OSI is in any specific sense; but yes, "Open Source" has always been a nebulous term that fits the container of who's using it. I like the great point of e.g. JS being the real "on the ground open source" for better and (often) worse; it's provided a lot of good real life lessons on the limitations of vague ideas and why real licenses with hard tooth legal rules are important.
Generally, I think we've seen "why you really do need lawyers." I like ideas like Creative Commons and e.g. the Do WTF you want license, but they're no substitute for grown-up law.
MIT is a do wtf you want license, and all the people who call themselves adults and call gnu children LOVE it. I don't think they are adults, it's usually not adults who use the word.
No one cries "unfair!" or "selfish!" more than a proprietary coder who can't use some gpl code, and the louder they cry the more they themselves advertise how simply correct and necessary that license is.
I've gotten to prefer referring to FSF licenses as "restrictive licenses," which was the name that open source or even the "public domain software" people would throw at them. I'm happy to say that FSF licenses are more like "proprietary" licenses than open source licenses. So when a proprietary coder complains about not being able to use GPL'd code, I just ask them why we can't use all of their proprietary code. They have as much right to steal from the public as the public has to steal from them. Or maybe a little less, due to democracy.
The GPLs restrict software authors from being the masters of their users, without requiring them to be the servants of their users. Since the author is choosing the license, it's a voluntary relinquishment of rights that should never have been given by government to merchants. You choose open source if instead you want to give away the those rights (the rights to obscure functionality and lock people out of their own possessions) to whoever wants them. When Amazon picks those up, don't cry about it.
The GPL is the most free license, because it guarantees the propagation of freedom. The MIT license does the opposite. If I want my code to be hidden, mangled, and exploited to make some asshole in a suit rich at the detriment of the rest of society, I already have plenty of opportunities for that: paid work. All the MIT license is good for is devaluing paid software work in the eyes of the ownership class. In contrast, the GPL simply codifies the social contract that should apply to every social interaction: basic respect via repayment in kind. You got something for free! Why not likewise pay it forward by taking an action that also costs you nothing?
The GPL just asks that you engage in basic human decency. The MIT license declares you a mark.
I think MIT declares you either a mark or a saint.
I use MIT for trivial things like examples, asnswers to questions where you have to declare something or the answer or example is of no value and then why bother writing it.
But nothing substantial. I "selfishly" only want to contribute to the guaranteed for all and eternity pool.
So I don't use or recommend MIT.
But I do think that at least some examples of MIT are the result of the authors being essentially saints. Giving so selflessly that they even give to the devil, making the world a better place only through the mechanism that the most people end up using the best functioning available code. IE it's better that Microsoft sell the use of the TCP/IP stack, than have users end up having to use something else. It was them being better than I think they have to be, and better than I am, but not actually misguided and harmful.
Many uses of MIT do strike me as exactly misguided and long term more harmful than helpful, but not automatically all.
I'm just not a saint myself and don't require anyone else to be either, and I think the world would be at least just as fine if there never was any MIT code but only normal copyrighted and full GPL style.
Realize that as long as you’re using GPL code in some internal application as many many companies do, there’s no requirement to make anything available publicly if the application isn’t distributed.
But the GPL explicitly forbids you from forbidding that person who paid you from sharing the code. If an employee works on a Linux driver that you'd prefer be a trade secret, those GPL imports are going to be a massive problem.
> But the GPL explicitly forbids you from forbidding that person who paid you from sharing the code.
Well, yes. That's the point after all - you took someone else's code, made changes to it, gave it to a third person, so now you can't very well tell that third person "Sorry, that code I gave you is now a secret!"
> If an employee works on a Linux driver that you'd prefer be a trade secret, those GPL imports are going to be a massive problem.
In theory, sure. In practice, it hasn't stopped any manufacturer from distributing binary blobs. Nvidia, with proprietary drivers, is still the most popular graphics card on Linux[1].
So here we see that there is no problem for a vendor to be wildly profitable and have the best penetration of all its competitors even though they are strictly adhering to the license.
If an employee is working on any Linux driver, your business is depending on the success of Linux itself to make that driver economically viable to develop.
If your success depends on building on GPL code and not giving back, then maybe try to find success elsewhere.
[1] IIRC, that is. I last checked the Steam stats a long time ago, they may have changed.
The whole point of a contract is to spell out in enough detail for both parties (and if it comes down to it a judge) what the expectations of a given arrangement happen to be. Plenty of employees won't actively exercise all their rights under the GPL (related: [0]), but that fact is independent of the GPL itself.
> If your success depends on building on GPL code and not giving back, then maybe try to find success elsewhere.
Just 3 lines ago didn't you point out a massive company successfully building on GPL code and not giving back, touting their ability to do so as a pro for GPLv2? Regardless, the quibble wasn't with whether that clause is reasonable (I prefer to release under GPL), but that paying somebody to do something crazy with the code and then not release it isn't actually in your control if the code in question is released under GPLv2; for that to happen you require either trust/luck or a different license.
> Well, yes. That's the point after all - you took someone else's code, made changes to it, gave it to a third person, so now you can't very well tell that third person "Sorry, that code I gave you is now a secret!"
Or you took someone else's code, paid a third party for business-critical customizations, and expect the product you paid for to not wind up in the hands of a competitor. While we're stuck with intellectual property as a meaningful legal concept there's always going to be another way to look at the problem evoking different emotions and notions of what's fair or reasonable.
> Just 3 lines ago didn't you point out a massive company successfully building on GPL code and not giving back, touting their ability to do so as a pro for GPLv2?
No, I did not. I pointed out how strictly adhering to the GPL was not in any way an impediment to the success of writing device drivers.
> Or you took someone else's code, paid a third party for business-critical customizations, and expect the product you paid for to not wind up in the hands of a competitor.
If you don't want your 0.001% of contributions to a product to benefit others, including those who built 99.99% of the product, then don't contribute to it. Put your 0.001% effort into some other product that lets you keep the entire 100% for yourself.
You're effectively arguing that it's unfair that you can't take someone else's labour and sell it on without their permission.
I really don't feel bad for you in that case. It's someone else's labour, not yours. Crying "unfair" because you want to add 0.001% of value and want to keep 100% of value doesn't get you much sympathy.
Especially when, as you pointed out when you referred to my nvidia example, this isn't a hurdle to someone who simply wants to use the GPL software and add their own value into it without violating the license.
It's perfectly possible, just not palatable to people who want the original labour for themselves. NVidia supplying binary blobs aren't trying to own the entire Linux kernel for anyone using their blobl. Someone supplying some proprietary driver, and wanting to keep that driver secret, is doing the opposite.
GPL only restricts one from being a dick. "Unfair!"
If someone requires other terms, the existence of GPL code in no way restricts them from writing or buying other code that is compatible with whatever terms they require.
Anyone crying about that is only crying that they are not allowed to steal something that is already free.
From an authors perspective, do what you want. Don't use GPL if you don't share the single value it enshrines.
It doesn't make you righter or more rational or the GPL wrong or anything like that, and the desire to rent out access to the use of a secret is the most common and least interesting thing in the world, as is the desire to try to present that as being any sort of principle about freedom instead of the crass food-gathering thing that it is.
LOL where's the lie? if you have to send lawyers after someone for stealing something which was free, it's not free. it's just a cult of flatulence inhalers that think that permissively licensed code is breaking their precious rules by declining to sue innocent people for keeping their own work.
GPL breakers wouldn't be breaking GPL if they kept their own work. They break it when they distribute a compiled work that's only partly theirs, and mainly somebody else's, without sharing the source code for it.
You're more than welcome to build on GPL code and keep your own work. Just don't distribute it.
I said nothing about a lie. But you add only anger to the conversation for no reason. I didn't even say I disagreed with you yet you are on the attack right away.
Linux kernel devs are literally unpaid labor working almost exclusively for the benefit of companies and governments with enormous datacenters out in the desert
I don't understand why you care so much. If the principle embodied in the GPL is so stupid, then what do you care about any software written under it? Obviously you can't possibly value or want any software written by any such stupid and filthy hippies.
I don't except Oracle and its GPL ilk love to sue people for millions of dollars and stretch the meaning of derivative work more than a transwoman stretches a miniskirt.
if you dump your shitty code into piles of non-shit code, of course people are going to look at you like you're a degen. especially when they're forced to clean up your mess
The schoolchildren or the copyleft bros? Either way you must be some kind of sicko to suggest such a thing. Sickos always assume everyone else is as sick as them, so it's never a surprise to see them advocate for things like gun control.
Soup kitchen volunteers are the perfect example of nominally good works as self-aggrandizement. I would not be surprised in the slightest if the ones who came up with the Iraq War were regulars behind the counter.
How about its unenforceable self-aggrandizing nonsense about how everything is a derivative work as long as two files were ever in the same room together? Sounds like the easiest way to get the code to the nuclear football--just trick them into touching a GPL file.
Just because a contract says something is a derivative work doesn't mean that it is legally. I see GPL bros as vexatious children armed with lawyers. Like Oracle.
Real open source is dead. These days only corporate or institutional-backed open source projects are allowed to propagate. Most of these projects have an agenda beyond merely facilitating collaboration between developers.
I'm interested to find out about the agendas of the corporate open source projects you mention, what kind of things do they want apart from killing copyleft?
The algorithms of all major search, social and media platforms favor open source projects which are developed by or backed by major platforms. A project cannot propagate without exposure to users and the major platforms decide which projects will have exposure to users.
This perspective is becoming increasingly common: "If only we had a different kind of license, the tech giants would not have it their way". But I find it so very very hard to believe it. Google - a single such corporation - has how many billions in revenue each year again? The proprietary software giants around 2000 would have been in a similar financial situation. Do we seriously believe that the open community could produce a piece of software that these giants could not simply ignore and either write their own or purchase a proprietary alternative instead? That we would have some sort FLOSS utopia if only Apache 2.0 was not slapped onto say Solr? Maybe a license can play a small part here, but it being the solution - I highly doubt it. Rather, I think we would end up in a situation akin to the AGPL, where software is produced but it ultimately doing very little to undo whatever fundamentally economic problem that is the root cause of it all.
A license change wouldn't be compatible with the Open Source Definition, but people moving away from Big Tech open source projects would be. Switch away from their languages and operating systems.
I think the poster above was suggesting anti-trust lawsuits though, get the US government to split them up.
OSI is an industry-advocate organisation. Their definition of "Open Source" is purposefully written to enable exploitation and SaaS-ificiation of open source software.
Even if the Ethical Source guys and their Hippocratic License might not be watertight, it's still a much better effort than "you can use it for anything you want". Leeching and entitlement is highly prevalent (just watch what happens when someone accidentally publishes software with a wrong license and the abuse they get for correcting their mistake) and the whole original philosophy of open source is being disregarded.
Obeying the terms of the license is not "leeching" or "entitlement". Permissive licenses are permissive by design. If you don't want people including your Open Source code in their proprietary software, use a license that prohibits this, such as the AGPL. The Open Source Definition allows for both permissive and copyleft licenses, and says nothing about which is philosophically preferable.
Our industry somehow lacks a good understanding of licenses. Like you outline, just use a different license. They might not attract people to contribute (because everyone has motives) but prevent all the aspects of behavior you do not want to see.
I think people have a reasonable understanding, they just want to have their cake and eat it too. Something with e.g. a noncommercial license (or gpl) is way less likely to gain wide adoption so people don't license it that way. Then when it does get used they call it leeching.
I think (maybe controversially) it's the same when people talk about training AI on web content. People want all the upside of their choice of distribution (wider exposure) but complain about the perceived downside (somebody other than them profiting).
When deciding on a license, people are choosing what they think defines success for their code instead of success for the world or the ecosystem or all the current and future users.
They (think they) are optimizing for adoption or quantity of users, regardless of type, meaning do whatever it takes to appeal to business, right now, on business's terms.
If a thing is good and useful, big business will use it on YOUR terms if they have to. But you have to have thought about this some and arrived at a solid principle and reasons for it, and be willing to not care if your thing is not adopted, by an Amazon, today.
You have to be willing to think that it's better for all the users if it is either adopted on GPL terms, or not adopted ...by Amazon. That doesn't mean not adopted, it just means maybe someone who's not a dick might use it instead, and everyone gets TWO benefits out of that single decision. The project itself is more useful long term, and the existence of some other services or products besides Amazon. Either it makes the likes of Amazon better by force, or it allows others who are natively better more oxygen.
90% of the reason people can even enjoy the luxury of the powerful useful rich tools to build things today, for free as kids with no money and no permissions and no special access to their parents work tools etc, is only because other people in the past suffered the inconvenience of defying business and declaring strict ideals. But not just random meaningless idealism with arbitrary limitations, a correct idea, with only the surgically specific and correct limitations, as fully thought out as possible, that stands up to any accusation.
> People want all the upside of their choice of distribution (wider exposure) but complain about the perceived downside (somebody other than them profiting).
That's because copyright exists. You can't compare people not understanding licenses to people ignoring them.
It doesnt help when large abusive, monopolistic companies go on a license smear campaign - e.g. like Amazon vs. elastic and Google's burning hatred for everything AGPL.
OSI started open source as an industry-advocate organization, and "the whole original philosophy of open source" is industry advocacy.
The FOSS shorthand has confused people. Now they're rootless, thinking that there was a some moral underpinning to open source. Free software is the one with the ethical philosophy. Open source is about public collaboration to lower costs and raise software quality.
It's really weird to me how "exploitation" and "SaaSification" are brought up in defense of companies choosing licenses that exploit their communities so their own SaaS can have a monopoly for that project.
And thinking they have a claim on the "spirit of open source." They're literally trying to shut down the competition so that their customers don't have better options, or failing that, demanding a regular tribute payment from their competitors if they continue to operate. I can't figure out the difference there between the "spirit of open source" and the "spirit of Microsoft."
It's really weird to me to see people rail against companies releasing what is essentially open source and then reserving the right to charge for hosting it.
It was even weirder to see hordes of people rally behind Amazon's moral crusade against it.
It's all rather reminiscent of Google's anti AGPL tantrum (e.g. like when they banned it from their code hosting platform).
The story discusses the OSI being irrelevant but says nothing against Open Source, quite the contrary. On the other hand, what it does not discuss is anything related to the FSF.
> Even if the Ethical Source guys and their Hippocratic License might not be watertight, it's still a much better effort than "you can use it for anything you want".
There is nothing wrong with “you can use it for anything you want”. There are many reasons to avoid copyleft licenses. So you need to be more persuasive and provide more insights if you want to be taken seriously.
> Leeching and entitlement is highly prevalent (just watch what happens when someone accidentally publishes software with a wrong license and the abuse they get for correcting their mistake)
You seem to have an issue with a specific case; which one is it? Otherwise, any licensing change is controversial if you listen to the “right” people. Your point is a bit puzzling though, as from my experience, the bullies are people advocating for the FSF and GPL. They tend to be even worse because of the moral implications of the Free Software movement, which sees anything non-GPL as a personal offense. Open Source proponents merely say that the developer should do whatever the hell they want with their code.
> and the whole original philosophy of open source is being disregarded.
The philosophy of Open Source is that the source should be open. All the whining about leaching and freeloaders does not come from Open Source advocates but from the people you seem to defend for some reason. What specific bits of the various Open Source philosophies is at odds with people re-using the code for closed applications?
OSI and FSF definitions of open source / free software are essentially identical. Copyleft is a different thing of course that has a more philosophical angle, but it is not the only recognized free/libre software. Importantly there is no disagreement that open source / free software should have no restrictions on use, whether "ethical" or against "leeching".
> from my experience, the bullies are people advocating for the FSF and GPL. They tend to be even worse because of the moral implications of the Free Software movement, which sees anything non-GPL as a personal offense.
Not in these internal "spirit of open source" discussions. All the Free Software advocates I've seen only have one comment to make: if you wanted a restrictive license, you should have chosen one, not open source. The FSF provides many licenses that might protect authors from feeling "taken advantage of," and you can also write your own, non-FOSS license. Open source is meant to be used by anyone for any reason.
but the former are the ones which allow amazon etc. to exploit and SaaSify software..... see ElasticSearch where Elastic was cast to be the bad guy because they wanted to stop Amazon using their product with zero contributions towards maintenance but making huge money from it.
