Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Submitting Corporate IP to Open Source Projects?

Cliff posted more than 11 years ago | from the returning-something-to-the-community dept.

GNU is Not Unix 39

dannyp asks: "Does anyone have advice and/or references for working with a (very large and cautious) corporate legal department to establish a policy for submitting company-developed patches back to Open Source projects? I work at a large company outside of the technology sector (financial services). As we've succeeded in getting Open Source packages approved for use within the company, we're trying to figure out how to submit patches back to the community. We have to convince management that it makes sense to give this Intellectual Property away, and then (more difficult) convince Legal that we aren't going to get sued for doing it. Any advice?"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered


smile (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3387646)

frist post

Re:smile (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3387801)

Note: this is a reprint for your enjoyment during the (Hopefully) Great Slashdot Blackout. Some links may no longer be active.

It has come to my attention that the entire Microsoft [urinalpoop.org] community is a hotbed of so called 'alternative sexuality,' which includes anything from hedonistic orgies to homosexuality to pedophilia.

What better way of demonstrating this than by looking at the hidden messages contained within the names of some of Windows' most outspoken advocates:

  • William Henry Gates [boomstick.com] is an anagram of 'Anal Might, we're sly,' clearly referring to the 'Gay Power' movement as well as pointing out the cleverness of his own anagram. Note also that the familiar 'Bill Gates' is an anagram of 'I get balls.'
  • Steve Ballmer [thock.com] needs no anagram - the request 'Ball Me' is clearly contained in his name. Obviously he is 'out of the closet.'
  • Craig Mundi [antiquated.org], unbeknownst to most, added the 'e' onto his last name to cover up the anagram 'I cum in drag' which shows beyond the shadow of a doubt that he is a queer transvestite.

The incredible faggotry of the Microsoft [urinalpoop.org] community can also be seen in its software products. Internet Explorer sounds harmless enough, but on the Microsoft [urinalpoop.org] 'campus' (obviously a reference to the colleges and universities where these perverts first practiced their filthy homosexual behavior) it is referred to as 'InterNUT Explorer' and refers to a device used to tickle the sensitive area of the scrotum between the testicles.

Microsoft Exchange clearly refers to the 'exchange of bodily fluids' which is of course how these depraved specimens of humanity plan to transmit the AIDS virus to the rest of the world.

As far as William 'Homo' Gates goes, that filthy fudge-packer [conhugeco.org] was actually quoted in Time magazine as saying the following: "Just in terms of allocation of time resources, religion is not very efficient. There's alot more I could be doing on a Sunday morning."

And this isn't a made up troll bullshit [conhugeco.org] either! He actually stated this tripe, which makes it obvious that he is trying to politely say that he's a God-forsaken homo slut!

Furthermore, Mr. Gaytes has been quoted as saying "There won't be anything we won't say to people to try and convince them that our way is the way to go," proving that the fag sympathisers are wrong, and these perverts really do want to recruit our fine young heterosexual boys and turn them into flaming queers like themselves.

Speaking about 'flaming,' who better to point out as a filthy chutney ferret than Microsoft [urinalpoop.org]'s own self-confessed homo pimp Craig Mundi(e). He has already confessed, nay boasted of his status as a gay sex pusher. To quote from an interview [planetit.com]
with Planet IT:

"One of the things we want to do and recognize that there's a market for [is] selling people services on a contract or recurring revenue basis, as opposed to traditional royalty bearing for the one-time shipment"

Selling 'people services,' eh? Is this why you were touching your penis [dickcity.com] in the cinema, Craig? And charging the other boys money to touch it too?

We should also point out that Craig has been referred to as 'Microsoft [urinalpoop.org]'s resident Gasbag.' Is there any more doubt? For those fortunate few who aren't aware of the list of homosexual terminology found inside the Windows 'Shared Sauce [dickcity.com] Philosophy,' a 'Gasbag' is a pervert who gains sexual gratification from having a thin straw inserted into his urethra (or to use the common parlance, 'piss-pipe'), then his homosexual lover blows firmly down the straw to inflate his scrotum. This is, of course, when he's not busy violating the dignity and copyright of small software companies
by gathering together their utilities and combining them en masse into the next version of Windows to further his twisted and manipulative agenda of world domination.

Sick, disgusting antichristian perverts, the lot of them.

In addition, many of the Windows error messages (an 'error message' is the most common way the faggots communicate) are full of homsexual slang. 'This program has performed an illegal operation' is their way of advertising that they have been engaged in the vile practice of sodomy [dickcity.com]. 'A fatal exception has occurred' is obviously stating that AIDS has claimed the life of another dick sucker [dickcity.com]. Rather than recognizing that the fag was properly punished for his deviant behavior, Microsoft [urinalpoop.org]-loving queers suggests giving a 'three finger salute' when this happens. Needless to say, this gesture of sympathy involves inserting three fingers into your rectum and farting loudly.

Another group of Windows anal violators [dickcity.com], going by the code name 'Windows Update' ( ) encourage users to 'download' (receive into their rectums) 'service packs' (also known as 'fudge packs') and 'device drivers' (some sort of mechanical penis, I suspect).

The fags have even invented special tools to aid their faggotry! The program Outlook Express is an anagram of 'Super Sex Tool OK,' which obviously is an endorsement of all kinds of sick behaviors. And obviously PowerPoint is a motorized device for penetrating a virgin anal sphincter.

More evidence is in the fact that Windows users say how much they love 'My Computer.' They sometimes go so far as to say that all new Windows users (who are in fact just innocent heterosexuals indoctrinated by the gay propaganda) should use this icon. The correct spelling of this phrase can again be found in the 'Shared Sauce [dickcity.com] Philosophy.'
It is actually 'My cum pooter,' an endearing term used by dominant fags [goatse.cx] for their queer-love [goatse.cx]
partners. In no other system do users boast of frequently having their rectums pumped full of semen, then farting to expel the jism in a fine mist.

Other areas of the system also show Windows' inherit gayness. For example, people are often told of the 'C: prompt' but how many innocent heterosexual Linux users know what this actually means. The answer is shocking: Seek colon, prompt - a request given by a faggot to his partner when he desires immediate, deep penetration of his ass!

Even the icon 'Recycle Bin' originally referred to a homosexual practice. 'Recycle Bin' of course refers to the popular gay practice of using a young boy's anus as a repository for semen. Shortly after one disgusting faggot [goatse.cx] spews a load of hot jism into the boy's ass, another queer [goatse.cx] will lick the 'Shared Sauce [dickcity.com]' back out of the 'Recycle Bin'.

To summarise: Windows is gay. 'Microsoft [urinalpoop.org]' is the graphical description of the state of a fag's penis [goatse.cx] after he has spewed a load of hot sperm into his gay lover's mouth [dickcity.com] or rectum [dickcity.com]. And .NET is for hermaphrodites and disabled 'stumpers.'

Another question (2)

Otter (3800) | more than 11 years ago | (#3387669)

Out of curiosity, to the degree that people all talking about their own experiences and not just running their mouths:

Could you give some examples of what GPL products you've patched and (to the degree you can say) what the patches add or fix?

I'd like to get a sense of how much advantage users really get from having source available.

Re:Another question (3, Insightful)

sab39 (10510) | more than 11 years ago | (#3388419)

I patched GNUJSP to add support for parameters with multiple values. This was necessary for a production project which has been the major thing I've worked on for 2 years. Since GNUJSP was essentially unmaintained even back then, that bug was never going to get fixed unless I did it. I would have submitted the patch to the upstream maintainers if there were any...

Long term, of course, I'll move to another, maintained project. But at the time I made the fix, none of the alternatives were mature and the rest of my code was tested with GNUJSP only. I saved days of work porting to a new JSP engine (and probably dollars as well, because the alternative free ones at the time didn't meet my needs) just because I could fix the code myself.

That's the one that I trot out for corporate arguments. For personal use I could also mention that I patched abcde to be able to handle my mp3 directory layout, and added autohide support to Mozilla's Site Navigation Bar because I didn't want it wasting space on my screen when it was empty. I submitted both of these changes to the maintainers and in both cases they were accepted. I didn't have to in either case, but I didn't want to have to keep manually patching every new version that got released.

We fixed a gcc bug. (2)

Jerky McNaughty (1391) | more than 11 years ago | (#3395492)

We found a code gen bug in gcc a long time ago on Sparc. We fixed it and submitted a patch. We could have, perhaps, worked around it, but we didn't need to since we had the gcc source.

Incidently, the gcc source is surprisingly easy to read. I've referred to it numerous times to see why something does what it does, what different command line options do, etc.

Re:Another question (0)

Anonymous Coward | more than 11 years ago | (#3399451)

.We fixed an igmp problem in the linux kernel.
.We fixed the multicast hash filter in the natsemi driver.
.One engineer is now the maintainer of the Linux boot bitmap screen.
.We fixed a bug in the XFree86 X-Video extension.
. We modified the XF866 code for our own deviant purposes.
.I wrote a thread level profile for the kernel.
.I wrote the X video extension for a proprietart graphics card.
.We helped debug a ram-disk bug.
.We re-wrote an MPEG video kernel module (EM8400).
.We helped fix a Geode audio problem.
... the list goes on ...

If it is GPL'd software... (1)

argel (83930) | more than 11 years ago | (#3387684)

If it is GPL'd software then point out to them that they could be sued if they do not release the patches.

Regardless of license, point out that you are much more likely to get support from the open source community if you are part of that community (by giving back) then if you are a leech (not giving back).

Re:If it is GPL'd software... (4, Informative)

ivan256 (17499) | more than 11 years ago | (#3387716)

If it is GPL'd software then point out to them that they could be sued if they do not release the patches.

That's completely untrue. You can use patches to GPL'd software internaly to an organization or personally without releasing code. You only need to release code if you plan on distributing the modified version.

Go read section 2 of the GPL carefully.

Re:If it is GPL'd software... (2, Interesting)

Mr Z (6791) | more than 11 years ago | (#3388741)

Version 3 of the GNU General Public License supposedly will add verbiage to cover application service providers, though. Basically, the idea is if you take a GPL 3 application, patch it, and make its functionality publicly accessible, you're still liable for sharing the patches even though you haven't distributed the binary.

GPL 3 is still vaporware, so the details may change. But it is something to keep in mind, especially if you deploy a commercial site that's backed by GPL software. If that software moves to a GPL 3 license, things could get interesting. I hope not in a bad way.

(Before you all scream "FUD", keep in mind that I release all my own code under GPL 2. I can't say the same about the code I write at work, but then my employer owns that code, not me.)


Re:If it is GPL'd software... (0)

Anonymous Coward | more than 11 years ago | (#3389157)

All current GPL code currently out there has at least the option of being covered under GPL 2 (or older in some cases). No code that is currently licensed under GPL v2 will suddenly be under GPL v3. You can't change the licence you've already given somebody on a piece of code.

That being said, some people may get screwed out of use of future versions if they're not willing to pony up the code....

Re:If it is GPL'd software... (1)

Mr Z (6791) | more than 11 years ago | (#3389670)

On a related note, Version 2 of the GPL says:

Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.

This means there is potentially some flexibility in how GPL versions are mixed and matched. And what happens when a GPL 2-or-greater package is integrated with GPL 3-only code? To you end up with GPL 2-or-greater as the combined license, or GPL 3-only?

I'm guessing that the net effect of this clause would be to reduce the impact of GPL 3's changes, so long as it's intermixed with GPL 2-and-up code. But IANAL. Some lawyers out there may interpret the above paragraph the other way, such that either GPL 3 code cannot intermix w/ GPL 2-and-up code, or that combining GPL 3-only code with GPL 2-and-up code gives a GPL 3 result. In that last case, GPL 3 could affect existing installations if some GPL 3-only code starts working its way in.


Re:If it is GPL'd software... (0)

Anonymous Coward | more than 11 years ago | (#3389857)

I think that the main reason this much talked about change hasn't happened yet is that it would effectively turn GPL 3 into EULA, rather than the "copyleft" distribution licence that it is now. In short, it would abridge fair use rights.

It could well be that that would make GPL3 incompatible with GPL2, athough IANAL IANRMS blah blah blah.

Re:If it is GPL'd software... (2)

j09824 (572485) | more than 11 years ago | (#3390342)

They only have to distribute the patches/sources if they distribute the binaries outside their organization. If it's for internal use, they can do whatever they want and keep it secret.

Bait and switch? (5, Interesting)

foobar104 (206452) | more than 11 years ago | (#3387754)

I don't intend this as a flame-- or FUD, for that matter-- but it almost sounds like you may have inadvertently pulled a bait-and-switch on your company.

You said, "we've succeeded in getting Open Source packages approved for use within the company," and this implies that you yourself-- as part of your group or whatever-- advocated the use of Open Source software inside your company. Did you make it extremely clear to the people to whom you were advocating that Free software is not entirely free?

What I mean is this: when you download GNU SurfWriter from an FTP site, you don't have to pay anybody. You get to use the software for no money. But there's an opportunity cost attached. In using the software, you give up the ability to redistribute it in binary-only form. You give up the ability to incorporate any part of it in a closed-source application. You give up a number of "rights" as part of the "cost" of GNU SurfWriter.

Put yourself in your boss's shoes for a minute. One of your employees came in last month and convinced you to use GNU SurfWriter. It's free, he said. You get the sources, he said, so you can modify it as you need. All good reasons.

Now, just a few short weeks later, that same employee comes in and tells you that you either should or must (depending on the circumstances) release your company's changes to GNU SurfWriter to the public. He never said anything about having to give away company IP when he argued for GNU SurfWriter last month! Bastard! Now you've got to explain this to your boss!

Net result: your boss, maybe your whole company, has a bad impression of the GPL specifically, and Open Source and free software in general.

I'm neither trying to advocate or deride the GPL in this post. I'm just pointing out that that particular license is definitely two-sided, and failure to be very clear about its limitations can be a bad thing. Without knowing it, you yourself may have spread FUD by not telling the whole story.

Re:Bait and switch? (2)

LordNimon (85072) | more than 11 years ago | (#3387914)

You give up a number of "rights" as part of the "cost" of GNU SurfWriter.

Compared to BSD-style licenses and truly public domain code, yes. But keep in mind that under normal copyright law, you never had the right to distribute the binary in the first place. The GPL gives you the right to distribute it, provided you abide by one condition: the source code goes with it.

Re:Bait and switch? (2)

foobar104 (206452) | more than 11 years ago | (#3388038)

The GPL gives you the right to distribute it, provided you abide by one condition: the source code goes with it.

Fair enough. From my point of view, they're two sides of the same coin. On the one hand, you get the source code and the right to use it for no money. On the other hand, you accept certain obligations, such as making your changes to the source and the source to derivative works available to the public.

All I was saying is that it's important that we be equally open about both of these: the right, and the responsibility.

(Frankly, I wouldn't be disappointed at all if we could get away from the word "free" altogether. GPL-licensed software is not free in the sense of having no cost associated with it. It's also not free in the sense of having no restrictions on it. I'd be just as happy if we could avoid the discussion altogether by using a different term than "free" to describe software licensed under the GPL.)

Re:Bait and switch? (2, Insightful)

LordNimon (85072) | more than 11 years ago | (#3388436)

Frankly, I wouldn't be disappointed at all if we could get away from the word "free" altogether.

That's why it's really called "Open Source". Some time back, a bunch of people got together [opensource.org] and realized that the term "free" was misleading. Anyone who tries to preach the GPL to a layman and uses the word "free" instead of "open" is making a mistake. In fact, it's quite easy to talk about the "freeness" of GPL code without using the word free. For instance, you can say that GPL code can be obtained at no charge and there are no licensing costs with using it. The problem is that the word "free" has several meanings, and therefore it's not a good word to use for people who are sound-byte oriented, like PHBs.

Re:Bait and switch? (2)

foobar104 (206452) | more than 11 years ago | (#3388829)

Aha! I know I'm on the right track when I learn that somebody smarter than me actually thought of it years ago.


Re:Bait and switch? (4, Interesting)

sab39 (10510) | more than 11 years ago | (#3387924)

This all depends on what you are comparing to. If the alternative to the Open Source software was proprietary software, your argument falls apart.

Suppose that the alternative to GNU SurfWriter was Microsoft Surf. Would you have had to release your changes ("IP") to the public? No, if you'd made changes at all you'd have been sued by a company with extremely deep pockets. Even if it wasn't Microsoft, no proprietary vendor is going to let you make changes to their proprietary application without charging you obscene amounts of money.

Note also that you are only required to give up the source to your changes if you distribute the modified application outside your organization. Again, this is something you couldn't even do with a proprietary piece of software. Chances are, if proprietary software was even a possible choice when this decision was made, you haven't been doing this. So you aren't required to do anything.

So the only argument left is whether you should give back your changes. Sounds to me that the author of this article already knows full well that making a moral argument about what the company "ought" to do will get him laughed out of the room. So the arguments he's seeking are reasons why it's in the company's best interests to release its code.

Now you can look at the situation the other way round: Hey, look, because this application is Open Source we have the opportunity to do something that's in our best interests that we never would have had the opportunity to do with proprietary software.

Of course, I'm presupposing that releasing changes really is in the company's best interests. That's a separate argument (although I believe it's a pretty easy one to win :) ). But if it isn't, obviously, the company simply won't do it. So your claim that somehow advocating the use of Open Source software was somehow misleading is wrong. They got a bunch of benefits already through the use of the software. What the poster wants to do now is get another bunch of benefits (reduced maintenance cost is probably the big one) through releasing changes back to the original authors.

(Also note that the original post never said that the software in question was GPL. The idea of giving back source is just as tempting for BSD and X11 licensed projects.)

Re:Bait and switch? (3, Interesting)

foobar104 (206452) | more than 11 years ago | (#3388126)

If the alternative to the Open Source software was proprietary software, your argument falls apart.

First of all, it's not an argument. It was more of a cautionary tale. I thought I made it explicitly clear that I was neither advocating nor opposing anything. Just commenting.

So your claim that somehow advocating the use of Open Source software was somehow misleading is wrong.

I fail to see how. I pointed out that the GPL specifically (as a well-known example of an open source license) is a double-edged sword. On the one hand, you get something that you don't have to pay money for. On the other hand, you are required to accept certain responsibilities. Some of those responsibilities may be surprising and unpleasant. For example, GNU Readline, IMHO one of the most useful pieces of open source software in the world, is licensed with the full GPL. That means any program that links to GNU Readline must also be released under the GPL. Some months ago I was under the opinion that GNU Readline was licensed under LGPL. This was an unpleasant surprise for me.

If GPL advocates (which it sounds like the submitter of the article was) spend too much time emphasizing the benefits of open source software, and not enough time disclosing the responsibilities that come along for the ride, people can very easily get the wrong idea about the GPL in particular and open source or free software in general.

Incidentally, this process of spending more time talking about how great open source software is while down-playing its obligations is well illustrated by your post.

Re:Bait and switch? (2)

sab39 (10510) | more than 11 years ago | (#3388347)

Unfortunately, you snipped the parts of my post that were most relevant to your argument (or cautionary tale, or whatever).

My point is that the "extra responsibilities" of the GPL are only "extra" by comparison to other, more liberal kinds of Open Source software. Since the poster was talking about having achieved victory in getting any Open Source accepted in his corporation, I think it's probably a safe assumption that the alternatives were proprietary applications. (There is, admittedly, another possibility which I'll discuss in a minute).

If you're in a situation where a proprietary application is a viable alternative, that means that you only need to do things which are permitted by a proprietary application. That is, you aren't distributing it outside your organization. If that's the case, the GPL places NO restrictions on you. The "double edged sword" only starts applying if you start doing things that you couldn't do at all with proprietary software, and there's no indication that the poster's company is doing those things.

I didn't get the impression that the original poster was a GPL advocate. His post never mentioned the GPL, and his position makes perfect sense independent of which Open Source license applies. And regardless of the license, as I said above, it's highly unlikely that his company is doing something that would cause the limitations of the license to come into play.

I'm certainly the last person to hide the responsibilities that come with Free Software (and I've known about Readline for years, and disagree with that licensing choice - but usually avoid using Readline in my projects for that reason). But knowing what the responsibilities aren't is as important as knowing what they are. There's no need to emphasize the GPL's requirement to give away source with all binaries if the person you're talking to had no plans to give away binaries at all. It just confuses the issue.

Now, the other possibility I mentioned above is that the alternative to Open Source was custom-developed applications, built in-house. In that situation it is plausible that the applications would be distributed, and the GPL requirement would apply. My arguments are based on the assumption that that is not the case; if it is, then I agree that it was dishonest to advocate GPL software without mentioning that restriction.

But that's a pretty big set of "if"s: IF the alternative was software developed in-house, AND IF said software is distributed outside the organization, AND IF the open source software in question is distributed under the GPL, AND IF the poster didn't think to mention any of these facts in his post, AND IF it didn't occur to the poster that "you're required to by law" was a valid answer to his Ask Slashdot. Add to that a dollop of giving-people-the-benefit-of-the-doubt, and I'll stand by my assumption that the restrictions imposed by the GPL don't apply to this poster's situation.

Unlikely in many companies (4, Interesting)

pmz (462998) | more than 11 years ago | (#3387827)

When I was hired by my current employer, my contract basically stated that anything I do on their time is theirs.

Things get even more complex, when my time is spent representing my company as a subcontractor to another company. During this time, who owns my work is spelled out in the contract between those companies.

Thus, the only real answer to your question is: you have to convince the people who set up your business contracts to include a clause spelling out your rights to submit patches to Open Source projects. However, none of the parties in that contract want to pay a lot of money for you to work up such patches, so it will probably be an up-hill battle for you.

Mainly, I have learned that large bureaucracies, such as those in large companies and governments, tend to stifle such initiatives. Also, you will find that no one in that bureaucracy will be willing to take on any risk for your sake.

Sometimes these bureaucracies are so mind-numbingly stupid that sometimes I just want to go live in the woods for a while and play chess with my squirrel friends. Yes, that would be much better.

Re:Unlikely in many companies (1)

HP LoveJet (8592) | more than 11 years ago | (#3396568)

When I was hired by my current employer, my contract basically stated that anything I do on their time is theirs.
As is SOP in most of the United States. Note that the enforceability of these clauses has been found to be limited.

In fact, here in California, there's a highly entertaining addendum (Exhibit A or B on many employment agreements) that your employer is required to provide, notifying you that a bunch of the IP-ownership-related stuff in the preceding pages won't stand up in court and is therefore basically meaningless. It's one of the things I like about working here.

(Disclaimer: If you thought I was a lawyer, boy, are you in for a surprise.)

Makes sense? (1)

anthony_dipierro (543308) | more than 11 years ago | (#3387829)

We have to convince management that it makes sense to give this Intellectual Property away, and then (more difficult) convince Legal that we aren't going to get sued for doing it.

It doesn't make sense to give the Intellectual Property away. Your company exists to make profit. I highly doubt giving away your IP is somehow going to make you more profit than you lose.

Of course, this assumes that you aren't legally required to give away the IP, in which case it probably is profitible to stop breaking the law.

Re:Makes sense? (2)

isorox (205688) | more than 11 years ago | (#3387983)

I highly doubt giving away your IP is somehow going to make you more profit than you lose.

We need software X to do function Y. It will take 50 man hours to complete at $50 per hour. Thes $2500.

However, release code, ask for feature, 2 weeks later function Y is in product X. Take code. Use Code.

Net gain $2500
Net loss $0

Re:Makes sense? (1)

anthony_dipierro (543308) | more than 11 years ago | (#3388066)

However, release code, ask for feature, 2 weeks later function Y is in product X. Take code. Use Code.

Well, first of all that doesn't appear to be the case here. It appears that these people have made fixes to an already existing product.

Secondly, you assume that people are just going to write code for you. It doesn't work that way. Release code, sit around for months waiting, nothing happens. Even for insanely important code like mozilla, AOL employees do almost all of the work. If you want help, you need to market and advertise, and that costs $$$.

Thirdly, even if someone does write your feature, the way you want it, they aren't necessarily going to give you that code they wrote.

Fourthly, you're still going to have to review the new code, at the very least for backdoors.

Fifthly, the poster specifically said that lawyers would need to be consulted before code could be released. Lawyers are at least as expensive as coders, so your "Net loss: $0" is certainly not accurate.

The list goes on and on. Sure, it's sometimes profitable to release code, but certainly not always, and doubtfully in this particular situation.

Re:Makes sense? (2)

sab39 (10510) | more than 11 years ago | (#3388177)

Fifthly, the poster specifically said that lawyers would need to be consulted before code could be released. Lawyers are at least as expensive as coders, so your "Net loss: $0" is certainly not accurate.

How about this scenario. The figures could go either way, but it's important to note which figures are one-time and which are recurring...

Releasing code:
- Lawyer time ($nnn, one-time)
- Programmer time to work with external maintainer to get patches accepted into the external source tree ($mmm, one-time, probably not a terribly large amount of time)

Keeping code internal:
- No lawyer time ($0)
- No up-front programmer time ($0)
- Programmer time to re-integrate local changes into new externally-released version of program ($ppp, recurring, and probably much larger than $mmm, at least).

Now, depending on the lawyer cost, a single upgrade might or might not work out cheaper if the code is kept internally. But eventually a recurring cost is guaranteed to come out greater than any one-time cost. This is even more true if the legal work can be done once to cover all future open source contributions, so that the lawyer cost can be split across multiple applications.

What a lot of managers don't realize is that maintaining a fork of a program's source code is expensive. As your codebase diverges from the external one, important bugfixes applied to the latter become harder and harder to apply to your local copy, taking more and more programmer time to keep up. Paying a little more up front in that situation is just good sense.

Re:Makes sense? (2)

anthony_dipierro (543308) | more than 11 years ago | (#3388282)

Programmer time to re-integrate local changes into new externally-released version of program ($ppp, recurring, and probably much larger than $mmm, at least).

That's actually an excellent point. If you're making changes to a moving target, and the maintainer seems agreeable to letting in your enhancements, then not only do you save money by not having to constantly merge, but you also get a less buggy product due to increased testing.

Yep, I overlooked that factor. Thanks for the insight.

Re:Makes sense? (2)

j09824 (572485) | more than 11 years ago | (#3390245)

It doesn't make sense to give the Intellectual Property away. Your company exists to make profit. I highly doubt giving away your IP is somehow going to make you more profit than you lose.

Donating IP to an open source project gives you company visibility, good will, attracts programmers, invites enhancements from other users, and in many cases reduces your maintenance costs. That often beats letting the stuff sit in a drawer, where you derive exactly zero benefit for it, or even have to pay for continually patching it into open source software.

No, contributing code or ideas to open source projects isn't always a financial win, but it makes a lot of sense much more often than you suggest.

Company doesn't sell IPR! (1)

FeatureBug (158235) | more than 11 years ago | (#3397099)

The guy said he worked for "a large company outside of the technology sector (financial services)."

Financial services companies generally do not sell IP. They are designed to make profits from selling financial services.

more eyes on your code (4, Interesting)

josepha48 (13953) | more than 11 years ago | (#3387948)

Tell them that it is 'free' QA on your code. If others find a bug they are more likly to fix it. Also there may be someone that takes your code and extends it or improves it in such a way that you get bennies from it.

The QA part is a good seller. If you have only tested your stuff the way that you use it and someone else gets it they may test and use it differently. This helps you QA your stuff.

Re:more eyes on your code (3, Insightful)

sab39 (10510) | more than 11 years ago | (#3388100)

Beyond that, since the implication of the article is that these are changes to existing projects, tell them that keeping a locally-modified version will require substantial maintenance just to upgrade to each new release. In other (buzz)words, emphasize the large recurring maintenance cost of the status quo.

Paying once for the time spent in politics with the external maintainers to get the patches integrated will probably be less than the cost of upgrading to a new external release even once.

The other thing to ask is whether the company expected to make any money directly off the code changes in the first place. This may be "Corporate IP" that has a theoretical monetary "value", but in most cases the company has no plans on actually realizing that value. Point out that you aren't really giving away any value if you weren't planning on getting any dollars out of that value in the first place.

They might respond to that with "well, we should go and figure out how to realize that value, then". If they do, you might want to actually go through the motions of exploring how to extract the value. It should be fairly obvious without biasing your results that there really isn't any way to profitably extract value from a few random patches to an open source project. Ask if they really want to get into the software-selling business. Figure out how much it would cost to create the infrastructure and legal red tape to do this (count people's hours at billable rate if you like), and guesstimate an optimistic figure for how much you could sell the patches for, and how many copies you would sell. Present all of this in a nice presentation showing how you'd actually lose a substantial amount if you tried to do it.

Given all this background, you can present the three alternatives: Keep the code private (large recurring maintenance cost), sell the code (certainly a negative profit), or give the code away (small one-time integration cost). The desired course of action should be obvious :)

Decision Factors (3, Interesting)

ninewands (105734) | more than 11 years ago | (#3387962)

There are several things to consider before deciding that it would be wise to donate corporate IP back to an Open Source project. These particular decisions can usually be made either way without incurring the wrath of even the FSF:

First factor:

Are your patches merely bugfixes, or are they
added functions?

If they are mere bugfixes, I can't see where
your management would object to releasing

OTOH, if you have added new and significant
functionality to the program, you might want
to move on to consideration #2.

Second factor to consider:

In the case of new functionality, is there any
reason to distribute it outside your company?

If the modified program only has meaningful
application within the context of a company
similar to your employer do you think it
would be wise to give your work to the

OTOH, if it is something that you need to
distribute, say ... to your customers for
their use, I would agree with the previous
poster who wrote that contributing your
patches back to the project might be necessary
to prevent a lawsuit.

As for protection from a lawsuit for having contributed your patches, I recommend you refer your corporate counsel to the language of the license that covers the package. The disclaimers in most OSS/FS licenses are much more protective of developers/contributors than even Microsoft's EULA is.

Just my US$0.02

Re:Decision Factors (2)

RocketJeff (46275) | more than 11 years ago | (#3388136)

OTOH, if it is something that you need to distribute, say ... to your customers for their use, I would agree with the previous poster who wrote that contributing your patches back to the project might be necessary to prevent a lawsuit.
Nope, you only need to provide the patches to the customers you distributed the software to. Since you have to be able to give them the source anyways (because of the GPL), this shouldn't be much of a burden.

With the GPL, you don't have to give the source to anyone you didn't give the binary to. It seems that most people read things into the GPL that aren't really there...

Avoid patch maintenance (3, Insightful)

sydb (176695) | more than 11 years ago | (#3388133)

If your company doesn't release the patches, they will have to be reworked into new releases of the vanilla source tree.

However that doesn't mean everybody else will do your work for you. If there's a conflict between your code and someone else's, you might be expected to fix your code. But being in first gives you an advantage.

So, sell patch release as reducing the code maintenance overhead.

None of this from experience, just common sense and observation.

Legal issues (0)

Anonymous Coward | more than 11 years ago | (#3389021)

Since everyone else is talking about the coding issues I thought I'd talk about the legal issues.

Clauses 11 and 12 of the GPL essentially say "Because this is free, there is no warranty. We
don't even guarantee that it will do what we say it will do. You are reponsible for all damages."

Thus, your Legal department should be ecstatic.

I'm not a lawyer, I'm just someone who went through the same thing you did, and had to wait
three months for an answer. But in the end, we
did get permission to release it.

GO ahead and kill open source. It's almost dead. (0)

Anonymous Coward | more than 11 years ago | (#3391701)

As if licensing and EULA's were not ambigious enough, you have people attaching 'strange' stipulations to their open source code. In my honest opinion, this is not true open source. This is the BEST way to kill the whole project. Since this is new, I will give you all fair warning. Otherwise, remember this post when you are few and far between with others still left to be involved in these projects. Open source is just that, open. If you want to charge, you better make it darn clear. Otherwise you are going to kill this very quickly. 18 year olds with no experience in the industry need no reply to this.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account