Tux

...making Linux just a little more fun!

when is an open source license open source?

Rick Moen [rick at linuxmafia.com]


Fri, 17 Aug 2007 16:51:48 -0700

It might be unkind to publish in LG the first (and longest) of these three, but the other two might be fine and of interest.

----- Forwarded message from 'Rick Moen' <rick@linuxmafia.com> ----- 

Date: Mon, 2 Jul 2007 19:34:19 -0700
From: 'Rick Moen' <rick@linuxmafia.com>
To: Aaron Fulkerson <aaronf@mindtouch.com>
Subject: Re: when is an open source license open source?
Quoting Aaron Fulkerson (aaronf@mindtouch.com): 

> Dreamhost must have been having probs:
> http://www.oblogn.com/2007/06/26/open-letter-to-osi/ try again.
> Alternatively: http://www.mindtouch.com/blog/2007/06/26/open-letter-to-osi/
> (same post just cross-posted)

Hi, Aaron. Thank you for the URL. Being tied down in a software upgrade at the moment, I don't have much time to comment, but here are a few thoughts. I speak, here, largely as a student of rhetoric.

1. Just so you know, "open letters" have always been non-starters: They pretty much scream "ignore me", to most people. This has nothing to do with the merit of what's said; it's just a reflexive reaction people tend to develop towards anything described as that.

IMO, if you want to be taken seriously, refactor to avoid that unfortunate language. E.g., you could send an actual letter to the OSI Board and then reproduce on your Web site a copy of it.

2. The paragraph starting with "If you read my personal blog..." will tend to give to casual observers the impression of your dwelling on and boring them with your past complaints. To be really blunt, it has the surface flavour of whining (e.g., "been called infantile names"), and nobody likes a whiner. Again, this has nothing to do with the substance of what you're saying. It's a presentation issue, and presentation is important, because people filter what they read mercilessly, and you want to avoid all the obvious reasons (common heuristics) why people stop reading something and move on.

3. The phrase "I've left lengthy comments at OSI" in this paragraph is unfortunate for the same reason: The reader of your current point doesn't have any use for this information, and it just gives such readers another candidate reason for ignoring you. They may dismiss you as one of those tireless cranks who deluge online forums with barrages comments and then complain that nobody takes them seriously.

4. 

> I've blogged about SugarCRM and it's CEO John Roberts previously (the
> last bit of this post).

And your point? None is evident. Again, since there's no obvious reason cited why you mention this, the casual impression this gives is of someone who simply blogs a great deal, and wants to send readers on a long chain of links because what you say is so very vital in its full detail that you couldn't possibly summarise, i.e., like a crank.

5. 

> Previously I stated I wasn't certain if attribution licenses were
> "bad", but that they were definitely unnecessary and placed unfair
> restrictions on others because the authors don't provide similar
> concessions to projects they use in their development.

"Unfair" is, again, an unfortunate word to use in this context, as it triggers people's crank filters unless there's an obvious reason cited right there, as to why someone is said to be undergoing some notable unfairness -- and you don't cite one. Actually, in that connection, one might reasonably note upon examination that "fair" is not at issue, here: The mere fact that a Web 2.0 house elects to use open source codebases in the development of proprietary offerings does NOT impose any obvious moral obligation to use the same sort of licensing.

Don't use appeals to morals that invite people to say "What? Fairness how exactly?" It's poor rhetoric to inspire your readers to revolt against you and argue with you in their heads.

6. 

> Those who use an attribution license do so with the intent of protecting
> their intellectual property. First of all, it should be understood
> copyright does this already.

You're deluting your point by indulging in a basically irrelevant digression, here: The occasional references to "Well, we do that to protect our intellectual property" from badgeware firm executives just reflect confusion and fuzzy-thinking: They know there's some concern about the firm's interests and it somehow involves copyright, but they don't really understand it, so they blurt out "We're protecting our intellectual property" because it sounds plausible to them and is in at least the right ballpark. (The MuleSource guy did this on license-discuss, if I recall correctly -- or was it Roberts?)

Pointing out to them that the phrase as stated is nonsense doesn't help: They know there's some concern, and you're not going to get anywhere until you articulate it for them and address it. In point of fact, they're concerned about an analogue of vTiger's forking of SugarCRM, and want to make sure that their competitors can't make forks of their code and fully exploit those forks behind closed doors under a completely different name without their own work being apparent to users at all, and without entitlement to receive back changes. 

> This is mostly solved by using GPL because of the nature of its
> copyleft clause.

You're wrong (at least, through GPLv2). You have missed the point.

The point concerns the "ASP loophole", the thing that vTiger exploited, which is a problem with most copyleft licences. 

> All the attribution licenses I've seen are modified MPL licenses,
> which doesn't offer the same protection as GPL.  [...] For additional
> historical perspective on this topic review the  UC Berkeley
> advertising clause.

Again, you are completely missing the threat model, making your entire exposition pretty much irrelevant to the problem. 

> I suspect the Free Software Foundation would claim there is a
> difference between being free and using free software and would draw
> this line between free software and open source.

Another digression. Irrelevant digressions should be avoided, because they distract from and dilute your point. 

> before I constructively criticize OSI I want to address why open
> source is so very important to all of mankind.

This might be vital to mankind but, again, this sort of slightly goofy-sounding digression is fatal to your rhetorical effectiveness. 

> First and foremost there needs to be a membership, member involvement,
> and some transparency in how the board is appointed.

And here, you are guilty of unpacking your entire Christmas gift wishlist, which is a really bad error when you're trying to advocate one thing. You typically should, instead, pick one point and build a case for it, carefully avoiding hauling out the list of other things you'd like to have as gifts when you're annointed Philosopher-King.

----- End forwarded message -----

----- Forwarded message from 'Rick Moen' <rick@linuxmafia.com> ----- 

Date: Fri, 17 Aug 2007 15:50:44 -0700
From: 'Rick Moen' <rick@linuxmafia.com>
To: "AaronF@MindTouch.com" <AaronF@MindTouch.com>
Subject: Re: when is an open source license open source?
Quoting AaronF@MindTouch.com (AaronF@MindTouch.com): 

> I sincerely thank you for your well reasoned critique of the post:  
> http://www.oblogn.com/2007/06/26/open-letter-to-osi/ you previously 
> provided.

Thank you for receiving my comments in the spirit intended. I admired what you were trying to achieve in that posting, and so I really, honestly, was trying to help in my critique. It's very pleasant, and a relief to hear that you understood my intending no personal criticism. 

> Perhaps this: http://www.oblogn.com/2007/08/10/quitting-osi/ 
> is a better post by your estimation. Best...

It is indeed concise, clear, and dignified.

(Interesting that you cited Tony Bowden's blog post about Radcliffe: I happen to have come across that a few days ago, myself, and cited it to _Linux Gazette_.)

If you have time, I would appreciate your elaborating on your closing comment:

I too once believed Affero to be a useful clause, but I have since come to understand that GPLv2 or v3 provide sufficient protection with copyleft and maximize the benefits and freedoms to the entire market of users, developers, and companies.

Let's consider a specific scenario, just for clarity's sake, and please explain to me what I'm missing, because this actually is one of the key points I'm uncertain about, that is delaying my recap article about the ASP / SaaS market, badgeware, and copyleft:

Consider Google Calendar, a hosted Web app. Let's say my friend and former co-worker Chris di Bona convinces his employer (Google, Inc.) to release full source code under (your choice of:) GPLv[23].

...actually, since I just had a similar conversation with a friend from out of town, let me quote my message to him, by way of example:

From: Rick Moen <rick@linuxmafia.com> To: Steve Bibayoff <bibayoff@gmail.com> Subject: Re: Moglen And O'Reilly exchange at OSCon In-Reply-To: <540b90d0708171504x69035fb6mf610a4494655407a@mail.gmail.com> X-Mas: Bah humbug.

Quoting Steve Bibayoff (bibayoff@gmail.com): 

> Hi Rick,
> 
> Found a video of the Eben Moglen/ Tim O'Reilly exchange at OSCon. It
> was titled "Licensing in the Web 2.0 Era". Unfornatley, the video
> appears to be in a .mov quicktime format, but seems playable on Free
> software players(w/ unFree codecs).
> http://www.mefeedia.com/entry/3282956/
> http://blip.tv/file/get/Radar-EbenMoglenLicensingInTheWeb20Era126.mov

Thank you!

The rumours I heard about that exchange made me instantly slow down my ongoing effort to try to make sense for _Linux Gazette_ readers of the whole issue: I'd been warming up for a long piece recapping the controversy and recent developments including OSI approval of a (very modest and minimal) badgeware licence as OSD-compliant.

Anyway, rather than imagining myself being Matt Asay or John Roberts, I imagined myself as an ethical Web 2.0 entrepreneur, one who wished to use and comply with copyleft, and see if I had a problem. To my surprise, I found that the answer was "yes": Such an entrepreneur who published code under, say, GPLv2 or GPLv3 would be relatively speaking at the mercy of less-ethical business competitors who hosted derivative works (of the ethical businessman's code) behind closed doors without needing to comply with any copyleft giveback provision, while still making the code fully usable by all of the less-ethical firm's customers, via network access.

That code-reuse scenario renders the allegedly-copylefted code _in practice_ BSD licensed -- i.e., de-facto forkable as a proprietary derivative work. If the intent (of releasing under GPLv2 or GPLv3) is to require reciprocity from others, then the usage model defeats that intent. The "ASP loophole" problem is real. Badgeware clauses are (in the general case) a really bad way of dealing with that problem, but the first thing necessary for progress is to admit the problem's reality, and describe its dimensions.

But then, just as I was preparing to write-up my understanding of the problem, along came descriptions of Eben Moglen's blowup against Tim O'Reilly at OSCON, and suddenly I'm saying "Huh?" Prof. Moglen is someone I do respect highly, so I needed to chase down what he said, even if there was only a small chance he was saying my understanding is totally wrong. Because, well, my understanding might be totally wrong. 

> ps. What was that name of that book that you where discussing at Linux
> Picnix about the Renaissance? It was a case study done about Florence
> Nightingale, the father of the rugby school, and someone else. TIA.

Not the Renaissance, but rather Victorian England. _Eminent Victorians_, by Lytton Strachey. First published 1918, and bloody damned marvellous.

The more you know about the stuffy, ponderous, windy, and empty-headed traditional biographies to which Strachey's little volume was the antidote, the more one enjoys it. It's also very wickedly funny. It's difficult to envision just how much its publication rocked Great Britain, in part because we don't have anything like the quasi-religious reverence for anyone that Strachey's four subjects enjoyed at that time -- and Strachey managed to make clear, in about a hundred beautiful pages that all four of them were utter sociopaths and lunatics, as by implication was the society they sprang from, without even needing to say so outright.

http://en.wikipedia.org/wiki/Eminent_Victorians

----- End forwarded message -----

----- Forwarded message from 'Rick Moen' <rick@linuxmafia.com> ----- 

Date: Fri, 17 Aug 2007 16:42:17 -0700
From: 'Rick Moen' <rick@linuxmafia.com>
To: "AaronF@MindTouch.com" <AaronF@MindTouch.com>
Subject: Re: when is an open source license open source?
Hi, Aaron. Just following up on my comments to Steven Biyayoff. You wrote at http://www.oblogn.com/2007/08/10/quitting-osi/: 

> To those who claim the CPAL is necessary because of a lack of an
> Affero-like clause in GPLv3 I respond with: your concerns are only
> well reasoned if your product or your engineering team is so inferior
> such that you have no confidence in your ability to out-innovate a
> competitor.

To recap, I believe we're talking about my scenario:

I imagined myself as an ethical Web 2.0 entrepreneur, one who wished to use and comply with copyleft, and see if I had a problem. To my surprise, I found that the answer was "yes": Such an entrepreneur who published code under, say, GPLv2 or GPLv3 would be relatively speaking at the mercy of less-ethical business competitors who hosted derivative works (of the ethical businessman's code) behind closed doors without needing to comply with any copyleft giveback provision, while still making the code fully usable by all of the less-ethical firm's customers, via network access.

That code-reuse scenario renders the allegedly-copylefted code _in practice_ BSD licensed -- i.e., de-facto forkable as a proprietary derivative work. If the intent (of releasing under GPLv2 or GPLv3) is to require reciprocity from others, then the usage model defeats that intent.

Let me see if I'm correctly interpreting what is quoted from your Web page at the top (and, no, this isn't going to be sarcasm -- I'm honestly trying to get to the bottom of this issue): Are you saying "So what if your competitors can deploy what amounts to a proprietary fork of your code and use it in business against you, without sharing their changes to the commons? If you're any good at what you do, you can compete against even proprietary forkers."

If that's a fair paraphrase of your rejoinder to people who say the ASP loophole is real, and that "GPLv2 or v3 provide sufficient protection with copyleft and maximize the benefits and freedoms to the entire market of users, developers, and companies", then, it seems to me, you're saying that it's OK to (effectively) dispense with copyleft in that usage scenario. Your position then becomes de-facto the same as that of Chuck Swiger, Brian Behlendorf, and other BSD-licensing advocates (as to the ASP / SaaS market).

I respect Chuck, Brian, and the BSD community. I think their stance is ethical and self-consistent. At the same time, many other people do think there is some point in having functional copyleft giveback obligations in place, even as technology changes.

Concur, disagree, or am I missing something fundamental?

----- End forwarded message -----


Top    Back