Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Properly Contributing to Open Source While on Company Time?

Cliff posted more than 11 years ago | from the avoiding-the-SCOrn-of-your-superiors-isn't-a-WASTE-of-time dept.

Programming 400

egeorge asks: "I was wondering what kind of paperwork/policies developers have at their jobs concerning contribution to open source projects. I develop software at a company that derives almost its entire revenue from software. Some software is licensed to customers, some is run internally in a service model, but the software is our whole business. We have recently been doing more and more modification and customization of open source products, and we would love to give some of this back. As developers, though, some of us are a little hesitant to just start flinging code that technically still belongs to the company out into the world. We want to make sure we get clarification about what is or is not covered by our NDAs. So, what kind of procedures do other developers have to go through to get adequate coverage for Open Source submissions? I would like to suggest a policy to my superiors, and could use a few good suggestions."

cancel ×

400 comments

Sorry! There are no comments related to the filter you selected.

fp? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124938)

W00t. what?

Simply put: I don't. (4, Interesting)

Vengeance (46019) | more than 11 years ago | (#6124939)

I'm a consultant, paid for my time and the IP I develop. I would not dare to risk cross-contamination by doing anything more than downloading and using open-source packages at the office.

Re:Simply put: I DO (3, Interesting)

pubjames (468013) | more than 11 years ago | (#6124975)

Well, sometimes I will be working with a OSS software package and I see a way to make a little change to make it better, or fix a bug. Why should any employer/client worry about that?

Re:Simply put: I DO (1)

tomstdenis (446163) | more than 11 years ago | (#6125038)

Because it isn't your job.

If there is a bug in the software you submit it to the author and work around it [or find another package].

The only two exceptions are

a. The bug is a single line typo of sorts that would only take a split second to fix

b. The software is mission critical and you'd go belly up without it.

Tom

Re:Simply put: I DO (4, Insightful)

dreamchaser (49529) | more than 11 years ago | (#6125041)

Because you are doing it on their time, not your own.

Re:Simply put: I DO (3, Interesting)

Anonymous Coward | more than 11 years ago | (#6125129)

but if what your doing is only helping you to perform your job better, what's wrong with that?

Re:Simply put: I DO (0)

dreamchaser (49529) | more than 11 years ago | (#6125151)

Then it is job related and there should be no problem with it unless the company has policies against using OSS.

That was not how the statement I replied to read though...

Re:Simply put: I DO (5, Insightful)

Ngwenya (147097) | more than 11 years ago | (#6125135)

Well, sometimes I will be working with a OSS software package and I see a way to make a little change to make it better, or fix a bug. Why should any employer/client worry about that?

Vicarious liability, for one reason. Your employer (in most jurisdictions) is at least partly responsible for your actions whilst you are in their employ, and on their time. It hardly seems fair for them to be expected to assume liability without having the capacity to mitigate it, does it?

And all the disclaimers in the world won't help you if a case can be made for malicious code being deliberately released - your company would still be accountable.

--Ng

Re:Simply put: I DO (3, Insightful)

1u3hr (530656) | more than 11 years ago | (#6125267)

And all the disclaimers in the world won't help you if a case can be made for malicious code being deliberately released - your company would still be accountable.

Legally sound, but immoral and practically insane. The same argument could be made for preventing you from doing almost anything you don't have to do, regardless of how public spirited.

And in particular, when in the history of this world, has "malicious code [been] deliberately released" as part of an OSS?

The upside for the company is an increase of good will, which transates into sales.

Re:Simply put: I don't. (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#6125060)

I'm a consultant, paid for my time and the IP I develop

The IP you develop. Hahahahahaha... As a consultant. Hahahaha.

Does "Sir I think you should buy some new phones from me!" count as IP?

bwahahahaa... When did a consultant ever develop anything?

YOUR A FUCKING USED CAR SALESMAN NO MATTER WHAT YOU CALL YOURSELF.

Re:Simply put: I don't. (3, Insightful)

Ngwenya (147097) | more than 11 years ago | (#6125065)

I'm a consultant, paid for my time and the IP I develop. I would not dare to risk cross-contamination by doing anything more than downloading and using open-source packages at the office.

Clearly that is your right - but I would venture that you are losing (or at least lowering) one of the essential values of Open Source: the ability to lower support, development and maintenance costs by having them amortized amongst the various businesses that to whom you might consult.

Moreover, I have yet to see a reputation tarnished by having contributions accepted to high calibre projects in a peer-reviewed manner.

When you mention cross-contamination, do you mean that you fear that you might put a client's IP into software which you subsequently release? Surely your client would have the right to refuse publication rights for the code (since the IP wasn't yours to give away)? Speaking flippantly, is it that you figure Open Source stuff would get you found out more quickly than a release of closed source kit? :-)

--Ng

Re:Simply put: I don't. (0)

Anonymous Coward | more than 11 years ago | (#6125122)

the ability to lower support, development and maintenance costs by having them amortized amongst the various businesses that to whom you might consult.

No, you would not amortizing them. Look up accounting definitions before blindly posting. You would be passing on all support costs to the one employer who you are billing in the time it takes you to fix the shoddy OSS code.

It's simply a matter of paranoia and caution (1)

Vengeance (46019) | more than 11 years ago | (#6125152)

It's part of my personality naturally, and when navigating the American legal system, it's an asset.

Essentially the facts are as follows: I code for fun, and I code for money. When I'm coding for money, there are expectations, and those expectations include copyrighting the code. When I code for fun, Eclipse generates GPL templates automagically for every source module I create.

More than one fellow has tried to engage me in business ventures during work hours, but I'm always careful to defer all such discussions to a time and place where I can truly consider myself free.

No entanglements, low risk.

Re:Simply put: I don't. (2, Insightful)

conner_bw (120497) | more than 11 years ago | (#6125090)

What's the problem here if you are paid for your time?

Just bill for the time you put in on submitting patches to GPL/Open Source software.

It's a reasonable expense and you offer a more "standard" industry solution than a near worthless one man spagetti job of code that has no community or testing infrastructure (i.e. many eyeballs)

If you are charging for IP... well here's hoping that when that horse and buggy goes into the crapper, you have a backup plan.

Re:Simply put: I don't. (4, Interesting)

Vengeance (46019) | more than 11 years ago | (#6125171)

It's not that I am charging for my IP. It's that the terms of my contractual agreement dictate ownership of work I create during my paid business hours.

I personally do not have a moral or ethical quandary with opening up my development process, busting a hole in the firewall to allow CVS or at least SSH access, and making wholesale changes to open source projects on company time. I just don't want to be the subject of a 'Your Rights Online' story here.

Off Topic--FP (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124943)

Why is it that there are no other posts? Aren;t there any subscribers reading early? I'll save my money.

My thoughts? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124945)

Open source is dead. Stop writing these crap programs. No one cares.

Long Live the architect!

Re:My thoughts? (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6124977)

Offtopic. I think this guy's is dead ON topic. Bill Gates (AKA "The Architect") is one of the greatest programmers of our time.

Anyone that doubts that can go to hell!

Long live Microsoft!

Re:My thoughts? (0, Flamebait)

confused one (671304) | more than 11 years ago | (#6125098)

It deserves a flame...

Bill F*?$*^& Gates isn't a great programmer. He's an evil business genius who knows how to take other peoples work, re-package it, and sell it to the unsuspecting masses.

I don't know whether to hate him or respect him for it...

AAAHhhhh the pain!!! Must Hate! Must!

Re:My thoughts? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124978)

You fool, it's "The Aarchitect". Get it right for once.

--

Long live The Aarchitect!

Company time is just that (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124946)

see subject
see subject run
run subject run
run run run

Ashcroft wants Patriot Act widened (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124947)

Ashcroft wants Patriot Act widened
Testimony follows House concerns about lawâ(TM)s impact

ASSOCIATED PRESS
WASHINGTON, June 5 [msnbc.com] â" Attorney General John Ashcroft asked Congress Thursday to widen the USA Patriot Act so that suspected terrorists can be held indefinitely before trials and to let him seek the death penalty or life imprisonment for any terrorist act. The controversial law gave the U.S. government broad powers to use wiretaps, electronic and computer eavesdropping and searches and access to financial data when it investigates terrorist activities.

IN SOVIET AMERIKA... (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6125003)

Patriot Act widens John Ashcroft!

Copyright (4, Insightful)

krisp (59093) | more than 11 years ago | (#6124950)

As I understand it, as far as the copyright law goes, if you create it at work on your companies' computer, the copyright belongs to them.

Duh (1)

p3d0 (42270) | more than 11 years ago | (#6124985)

That's why he's asking about paperwork and policies. If they sign a contract saying they don't own certain kinds of code, then that can supersede the "work for hire" copyright issue.

Government Copyrights (4, Informative)

agentZ (210674) | more than 11 years ago | (#6125019)

Not always. As an employee of the US Government, my work is not eligible for copyright protection in accordance with 17 USC 105 [cornell.edu] .

Thus, the programs I've written and been allowed to distribute are available as public domain. You can check out my programs for computer forensics and system administration, foremost [sourceforge.net] , and md5deep [sourceforge.net] , on Sourceforge.

Government Copyrights in Canada (5, Funny)

IncohereD (513627) | more than 11 years ago | (#6125096)

Lucky bastard....Her Majesty the Queen of England of all people holds the copyrights on MY code. :)

Re:Government Copyrights in Canada (3, Funny)

GoofyBoy (44399) | more than 11 years ago | (#6125155)


But in exchange, you get full rights and privliages as a loyal British citizen!

Re:Government Copyrights in Canada (0)

Anonymous Coward | more than 11 years ago | (#6125240)

But in exchange, you get full rights and privliages as a loyal British citizen!

Isn't that technically "British subject?"

Re:Government Copyrights (0)

Anonymous Coward | more than 11 years ago | (#6125268)

Just downloaded md5deep.. Nice app, although my version of install didn't recognise the -D parameter.

on your company's computer? (3, Informative)

brlewis (214632) | more than 11 years ago | (#6125061)

According to title 17, an employer owns the copyright to "a work prepared by an employee within the scope of his or her employment." I don't know the case law myself, but I wouldn't expect this to be measured by whether you're using the company's computer, any more than I'd expect they would hold copyright to all phone conversations made on company phones.

Re:on your company's computer? (2, Insightful)

shakah (78118) | more than 11 years ago | (#6125216)

..., but I wouldn't expect this to be measured by whether you're using the company's computer, ...
It certainly would be a major factor if and when a company tried to assert copyright ownership to software created by an employee, along with things like whether the software in question was developed during business hours.

Re:Copyright (4, Interesting)

spazoid12 (525450) | more than 11 years ago | (#6125196)

It has nothing to do with copyright law.

What you state is true most of the time, but not all, because of company policy.

And...I hate it.

They always pull the old "we own the computer, therefore" line. It's the same reason given for why they feel justified in reading your emails and such. Well, they own the phones, too, but they cannot legally record your calls without notice.

A friend and I were talking about this a while back. We were allowed to play games at work from time to time, and so sometimes I did. He teased me that I played games on company time. Technically, that can't be said...because we were salaried employees. An extreme analogy would be: make me an hourly employee, and put a timeclock on my desk. I might clock-in and clock-out at intervals of only 10 seconds here and 2 minutes there. A salary employee is essentially doing that, but without the physical timeclock on the desk...just as a mental exercise. Therefore, a salary employee never plays games on company time... and, possibly, might always be free to develop his own ideas which might still belong to him... aside from the fact that he used the company-owned PC at the time.

I'd better check with the carpenters that built my house... it's possible that they own the house, and not me, because they owned the hammers and saws used to build it!

First post! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6124953)

This first post is distributed under the terms of the GNU GPL.

before the brainless GPL zelots jump on him.. (5, Insightful)

autopr0n (534291) | more than 11 years ago | (#6124957)

keep in mind the GPL allows for internal use of modified software without releasing the source code.

Re:before the brainless GPL zelots jump on him.. (5, Informative)

dubious9 (580994) | more than 11 years ago | (#6125086)

Yes, but its in your best interest to release your changes back to the communtiy so you won't have to manually merge code in later versions.

When our company needed to use some open source, we had a meeting with the legal department. Basically what they said is that if it didn't contain any proprietary information relating to our line of business then we could release it. Since the project just converted xsl to rtf [jfor.org] then we didn't have to worry about it and got a green light.

Since we've put it into production and release the changes we made back to the community there have been 3 releases that we don't have to maintain ourselves. The whole thing probably saved us about a man year.

LGPL (1)

macrealist (673411) | more than 11 years ago | (#6125172)

Unfortunately, part of M$'s rants about open source software is true. Unless a company is willing to contribute, using GPL type of licenced source is a parasite. The LGPL provides a happy medium. And contrary to GNU's belief (http://www.gnu.org/licenses/why-not-lgpl.html), it does provide a way for companies to get their toes wet in the Open Source world.

love? (2, Interesting)

v(*_*)vvvv (233078) | more than 11 years ago | (#6124960)

We have recently been doing more and more modification and customization of open source products, and we would love to give some of this back

What does he mean by "love"? Does he have a choice?

Re:love? (2, Informative)

finkployd (12902) | more than 11 years ago | (#6125023)

Yes, if he is not distributing binaries, you do not have to distribute source code. You are allowed to modify GPL code for your own use without filtering the code back to the community.

Finkployd

Are you modifying/shipping Open Source? (4, Insightful)

stevew (4845) | more than 11 years ago | (#6124966)

The first question that needs clarification in my mind is - Is your company distributing open-source code that they have modified?

If that is the case - then if it is GPL'd code, you need to release it according to the license. If it is a BSDish license that isn't the case.

Probably the best piece of advice - get your company to emit a policy on the subject. You may not like the results, but at least it will be a definitive answer.

Re:Are you modifying/shipping Open Source? (1)

Lumpy (12016) | more than 11 years ago | (#6125117)

The first question that needs clarification in my mind is - Is your company distributing open-source code that they have modified?

If that is the case - then if it is GPL'd code, you need to release it according to the license.


and let's finish that sentence...

To the people you distributed the GPL code based item to. you do NOT have to give it to the world freely and willy nilly.. just to whom you distributed the binaries to... oh and hope they dont post it all on usenet, because you cant tell them not to.

99% of the time it's safe as company X doesn't give a care about that.

Re:Are you modifying/shipping Open Source? (1)

be-fan (61476) | more than 11 years ago | (#6125243)

Note: if you're "releasing" to entities within the same corporation (subdivisions and the like) you don't have to release any sources.

Re:Are you modifying/shipping Open Source? (4, Informative)

wbattestilli (218782) | more than 11 years ago | (#6125132)

This is not actually true of the GPL.

If they are making programs for internal use then they are obligated to release nothing.

If they are distributing the code to another party, then they have to make the source available to that party.

They GPL never says that they have to release the code to the public, however; the party receiving the above mentioned code would have the right to release it to the public under the GPL.

Re:Are you modifying/shipping Open Source? (5, Informative)

Zathrus (232140) | more than 11 years ago | (#6125156)

If it's true GPL code and they're distributing it to outside customers, well, they're idiots. Because they now either have to remove the GPL code entirely or release the entire application under the GPL.

If it's LGPL then they need only release any modifications to the library or other LGPL'd code they did. Or, again, remove the LGPL code -- presuming they're distributing it at all.

If it's BSD or similar it's irrelevant, as you said, as long as they keep the copyright notices, etc. in tact.

Essentially, check the license before you use the code and know what it means. We use a great deal of LGPL, BSD, and public domain code in our products. We stay away from GPL though -- we don't have any intentions of distributing at this point, but if we did we'd rather not have that problem.

As far as remitting work back to the community - talk to your managers. If your managers are decent then they'll understand the issues involved. It may take some time, but most likely you'll be given the OK. After all, think about what you've modified in the code -- does it give any advantage to your competitors? Does it reduce the value of your product to your customers? Are the changes bugfixes or new logic that's only applicable to your company?

Actually, we do have one GPL program that we've modified... vsftpd. Again, no plans on redistributing it, but if we did it'd be no problem submitting the changes. They're deeply specific to our company and our usage and would utterly screw up anyone else who used them (things like automatically assuming paths on puts and gets so our customers don't have to do cd, and automatically moving files on completion of transfers (which might be useful)).

Do not work on OSS during company time though, not without explicit written consent. And many companies are now claiming anything you work on, even outside of work, to be their IP (which is on somewhat shaky grounds)... so if you want to work on OSS outside of work, check your contract and get a release from management if needed. Don't just do it -- in the worst case you're really, utterly screwing the project to the point where it may have to be removed from the net (at least officially). Most companies won't give a crap, as long as you're not doing it on company time and it's not competing with them.

Justin Frankel (4, Insightful)

Transient0 (175617) | more than 11 years ago | (#6124971)

I think Justin Frankel [slashdot.org] would tell you that you can't ever be sure that you have any creative control over what you are doing on company time.

The only ways to remain certain that you have complete control are to either work on your own or with a small group in a small company and then leave as soon as they get bought out by the big guys.

Re:Justin Frankel (0, Troll)

Zathrus (232140) | more than 11 years ago | (#6125176)

I think Justin Frankel would tell you that you can't ever be sure that you have any creative control over what you are doing on company time.

And I think the vast majority of people would say "duh".

It's on company time, of course you don't have control over it. They do. If you work on it outside of working hours, not using company resources, that's another matter. But check your contract first.

Charge for it. (4, Informative)

Zaphod B (94313) | more than 11 years ago | (#6124972)

Remember that open-source is not necessarily free-as-in-beer. Your company can charge for the source code and the binaries if it wants, it just needs to use an open-source license (insert heavily-compressed flamewar here).

Also you can make quite clear that you will only support YOUR version of the product and that if they choose to modify the source they're on their own.

If you're just talking about donating code snippets, well, then you need someone with more experience in that than I.

Why Open Source is bad for you (3, Interesting)

NoCoward (648971) | more than 11 years ago | (#6124973)

Please read the following before committing your IP and company to Open Source:

Open Source Doesn't Make Economic Sense For Most

The open source organization has presented a few cases that supposedly explain why OS works economically. However, if you examine the cases objectively you will find that the cases are flimsy and non-specific and do not address any specific concerns. They attempt to bolster their case by pointing out a few "successes", among which Caldera and Red Hat are displayed as shining examples.

The real economic question of the OS model is how is money made, and who is making the money. Who is being rewarded financially for the enormous development effort? The open source initiative claims that there are at least four different models that allow someone to reap rewards. Oddly, it is not mentioned that it is not necessarily the people who did the development work that gain financially.

The four primary business cases mentioned by OS proponents are "Selling Support", "Loss Leader", "Widget Frosting" and "Accessorizing."

The first case proposes that money can be made via selling support for the free software product. This is by far the strongest case and is proven to work, for a few small companies. The two companies that are shown as positive examples of this business model are Red Hat and Caldera, who distribute and support the Linux operating system. What is never mentioned is that neither of these two companies has contributed significantly in relative terms to the Linux development process. Its important to note that using this business model, the people that make the money are usually not the ones who have invested in the development process. So much for the strongest case.

The second case is based on the idea that you give away a product as open source so you can make money selling a closed source program. This also can work, but it should be noted that the money is being made off the closed source product and not off of the open source. An example of this model would be Netscape, who gives away the source code of their client browser so the OS community can do development, but keeps their "cash cow" products completely closed. Obviously, this case may only work if you have a software product that lends itself to this sort of "give away the razor and make money on the blades" system. The truth is that the vast majority of software is monolithic. So much for the loss leader case.

The third case, "Widget Frosting", sounds completely practical. The premise that hardware makers produce open source software so that the OS development community will work for free to produce better drivers and interface tools for their hardware products. It sounds great on the surface, especially for the company that produces the hardware: they get free drivers and do not have to pay for expensive developers. The OS community wins by getting presumably stable drivers and tools. What is not mentioned is the reason hardware makers usually don?t do this is because they do not want to reveal trade secrets regarding their hardware design. Production of efficient drivers requires an intimate knowledge of the hardware the driver is for. It is almost always the case that it is in the hardware developers? best interest to keep their hardware secrets close to home. This also brings up the question of why isn?t hardware "open"? So much for the frosting case.

The final case, "Accessorizing", is similar to the first, but throws in the idea of selling books and complete systems with the open source software, and other accessories as well. It is obvious that selling books qualifies as support, and that it really belongs in the first case. The idea of selling computer systems, T-Shirts, dolls, again begs the question: "Who is making the money?" As with the first case, it is not necessarily the people who have done the development work. Additionally, the question of how much money can be made selling books, t-shirts, mugs, etc, is never answered. O?Reilly Associates is frequently used as an example to be a company who has made money using this case. The reader should notice that O?Reilly Associates are not the people doing the development work. Indeed, it is never asked why all the O?Reilly books are not available for free or at least at manufacturing cost? This also brings up the question of why isn't book production "open"? Perhaps they are waiting to see if they could sell enough O?Reilly T-Shirts to pay their bills. So much for the accessories.

Open Source Does Not Necessarily Produce Better Software

The open source proponents frequently state that OS necessarily produces better software. This statement is made without any evidence. Indeed, there is evidence to the contrary. GCC is a standard compiler produced by the GNU organization. It lags its commercial counterparts in both efficiency and features. The reason behind is illustrates the largest weakness in the OS plan. It is very hard to convince qualified engineers that they should do such boring and unglamorous work without any sort of financial reward. The idea of throwing large quantities of people at the source does not work in this case, since there are not large quantities of qualified individuals available.

Open Source Did Not Make the Internet Successful

Another statement made by the OS community is that somehow open source was responsible for the success of the Internet. The reason behind this is probably a result of the confusion between what is open source and what is an open protocol. It is easy to see that the foundation of the Internet was built on open protocols. This does not equate to open source, for the two are quite different. The vast majority of the machines on the Internet run on closed source operating systems running mostly closed source software, which communicate using open protocols.

Where Does Open Source Work?

Open source does work in certain cases. A good example of where it may work well is Netscape. The act of giving away the source to the OS community so they can work for free and produce a product that helps the sales of their server software was a stroke of genius and proved very profitable for the relatively few at Netscape. But is this truly making money off of open source? Isn?t the money is made off of the closed source software?

Another example of where it does work is the aforementioned Red Hat. Red Hat has been successful making money off of the work of thousands of others who have contributed to the Linux operating system and the associated GNU programs that have shipped with the Linux distributions. The question is: do those who work at Red Hat deserve to be rewarded, or do the people who do the actual development work deserve to be rewarded? Should the money go to the few, or to the many? It seems that the High Priests of the Bazaar believe the former.

THIS DOCUMENT CAN BE RECOPIED AND REDISTRIBUTED WITHOUT RESTRICTION, HOWEVER ADDITIONS/MODIFICATIONS/CORRECTIONS SHOULD BE LABELED AS SUCH WHERE THEY OCCUR.

Re:Why Open Source is bad for you (1)

truthsearch (249536) | more than 11 years ago | (#6125064)

This from a person who puts his home page as Netscape.com? Your home site (employer?) is the first commercial company (probably) to have released their product to the open source community.

Re:Why Open Source is bad for you (1)

NoCoward (648971) | more than 11 years ago | (#6125237)

And what a great move that was. Zero revenue. Mass layoffs. Needed to get bought out by a media conglomerate, who is now bleeding money.

Great strategy!

Re:Why Open Source is bad for you (3, Insightful)

BrynM (217883) | more than 11 years ago | (#6125082)

THIS DOCUMENT CAN BE RECOPIED AND REDISTRIBUTED WITHOUT RESTRICTION, HOWEVER ADDITIONS/MODIFICATIONS/CORRECTIONS SHOULD BE LABELED AS SUCH WHERE THEY OCCUR.
So are you saying that this document is Open Source/Public Domain? By your standards, I shouldn't have wasted my time reading it then and someone shouldn't have wasted their time writing it. Though it may have very important points, the stance of the document reeks of FUD.

By the way, who is "The open source organization"?

Re:Why Open Source is bad for you (1)

NoCoward (648971) | more than 11 years ago | (#6125188)

No, it is not an Open Source document. It is not released under a compatible Open Source License.

Re:Why Open Source is bad for you (1)

Debillitatus (532722) | more than 11 years ago | (#6125106)

Hear, here!

Re:Why Open Source is bad for you (1)

dubious9 (580994) | more than 11 years ago | (#6125186)

Why did somebody mod this as offtopic? Just because you don't agree with it doesn't mean it's off topic. How can an article related to open source in the work place be off topic here?

That said the article missed an important benefit: I call it open source framework. The idea is to use open source in your project wherever possible to save on man time then compartmentalize your proprietary code so that it isn't in violation of whatever license the open source used.

Now you are getting free updates to a certain part of your product. Software managers know that maintence can be upwards of 75% of lifecycle costs. You can offload a significant portion of that cost to open source and still maintain the rights to sell your closed software.

The best open source stuff here would be the general utilities and not specific programs. If you use the framework and are careful about the license you reduce development time and cost, reduce maintenance time and cost, and and receive free advice from other developers that are working on the open source code.

This I believe is the open source model that applies to most companies.

Repost (5, Informative)

Anonymous Coward | more than 11 years ago | (#6125204)

It seems [slashdot.org] you've posted [slashdot.org] this article (from 1998 [felter.org] , not 1999) a few times already.

Do you work for Microsoft [slashdot.org] ?

Re:Repost (1)

NoCoward (648971) | more than 11 years ago | (#6125213)

No, I do not. I simply post it where it is RELEVANT. This is extremely relevant to the topic.

A quick list (5, Funny)

Anonymous Coward | more than 11 years ago | (#6124979)

  • Don't ask for permission. What they don't know, can't hurt them!
  • Be like Nike; Just Do It! Need to write a routine for the internal process? Just slap the GPL on top and release it on Sourceforge.
  • Make use of the resources available. Do you not have enough time to work on your own projects? Just circumvent the firewall and telnet to your home machine. The office is more comfortable, anyway.
  • It works the other way you know. Need a routine for an internal project? Just use it and release the changes.
  • If all else fails; lie. Claim it wasn't you. Cover your tracks. Call the BSA if you need a diversion in a hurry.

Thats what I did when I was at SCO, anyway!

Re:A quick list (1)

confused one (671304) | more than 11 years ago | (#6125043)

Thats what I did when I was at SCO, anyway!

hmmm, I wonder why your not there anymore???

Oh yeah, they fired you.

The poster was being funny, (1)

Jammer@CMH (117977) | more than 11 years ago | (#6125109)

but the moderators missed the humor. (The joke relates to the whole SCO / Linux IP lawsuit thing. You see...nevermind.)

No problem. (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#6124988)

Why not just consult a IT lawyer instead whining in a slashdot article?

Anyone know of some OSS MRP Software? (0, Funny)

Real World Stuff (561780) | more than 11 years ago | (#6124991)

TIA

One of the first questions is... (1)

confused one (671304) | more than 11 years ago | (#6124994)

What license does the original open source code fall under. If, for example, the base code was GPL, then your code may already be GPL by definition...

This is how I understand it. There are some issues concerning which libraries you have to use, etc. to maintain fundamental ownership of your code (beyond perhaps a copyright acknowledgement), etc.

I too, need to go re-read the liscense docs (GPL, GNU, BSD, etc.)

And in other news... (5, Funny)

Anonymous Coward | more than 11 years ago | (#6124999)

...How to run an ebay business selling your company's items

Re:And in other news... (1)

blonde rser (253047) | more than 11 years ago | (#6125250)

It's too bad that the parent is so funny becuase it is the most insightful comment I've read so far. Although the problem has been obfuscated by talking about things like open source and developers and IP what's really being asked is quite simple (as displayed by parent). If I worked on someone elses farm I might have a very strong urge to box up a bunch of food and send it off to starving children in 3rd world countries. This desire is certainly altruistic. And I might have even tilled the fields and planted the seeds and harvested the crop. So the food very much feels like mine to do something altruistic with. But there is no question here that this would be illegal in this case (I'm not willing to say that sending food to starving children is wrong... just illegal in this case).

Now there may be an argument to be made that returning code to the community will actually save the company money. Especially if you return buggy code and let the community fix it. But that's something to talk to policy makers at your company about.

But really is this question puzzling enough for an AskSlashdot?

Contribute (1)

stanmann (602645) | more than 11 years ago | (#6125007)

I'm unsure of whether you are suggesting contributing whole products or simply useful widgets. Obviously if your company makes and sells software then contributing entire tools would ultimately cost your company money.

OTOH, If you are suggesting contributing or modifying useful widgets(sort routine, object loader, file input output routines) then the terms of your contract have bearing. Many employers claim ownership of everything you think while on company time. Obviously the company doesn't want to get trapped into giving away items that cost it money. IOW, you asked a very vague question.

Most companies are still very wary of a support only model and will need to have it sold effectively. So be prepared to sell the advantages of selling support to selling "solutions".

Simple logic (-1, Troll)

tomstdenis (446163) | more than 11 years ago | (#6125009)

Ask *specific* permission first. If denied don't work on it at work. If you're smart you'd only ask if there is an angle the company can take advantage of. Make sure you have some ppt slides with graphs pointing upwards.

Are /. readers really this fucking stupid?

Duh, mr.boss guy can you pay me to give out free programs that our company can't make money off?

Tom

Not a troll, he's right? (0)

TrollBridge (550878) | more than 11 years ago | (#6125189)

I suppose he could have put it a little more politely, but really, do people need to ask if it's OK to work on personal projects while on company time?

Well (4, Insightful)

drinkypoo (153816) | more than 11 years ago | (#6125020)

IANAD (Developer) but it seems to me that you need to have a contractual agreement with your employer to allow you to contribute code written on company time back to the particular projects on a case by case basis. You are most likely to succeed if you go to them and say, "I have been downloading, customizing, and using these GPL packages, these are the nature of my customizations (...) and I would like to contribute the code back so that it can be reviewed and improved upon by others rather than by me."

Ultimately, anything you've done on company time is owned by the company, and you have no rights to it whatsoever, NDA or no. Your contract may grant or revoke various rights, of course, where not prohibited by law. But I would definitely go in assuming that all that code belongs to the company and you have no right to distribute it without formal written permission.

Re:Well (1, Funny)

Anonymous Coward | more than 11 years ago | (#6125234)

TATMA(There Are Too Many Acronyms)

This question... (4, Informative)

jmu1 (183541) | more than 11 years ago | (#6125024)

gets asked a lot around here. And the answer is always the same: Talk to your legal department. There isn't anything else you can do.

Re:This question... (1)

devphil (51341) | more than 11 years ago | (#6125205)


Here's the other answer that's always the same: what has been done before?

For example, the instructions for copyright assignment [gnu.org] for major contributions to libstdc++ spend much of the page discussing the "if you're employed as a programmer, here's what your employer needs to sign" situation. Look it over.

Come up with a patch list (4, Informative)

DeRobeHer (76234) | more than 11 years ago | (#6125029)

When we're modifying open source programs for use in our environment, we try to come up with two different types of patches; patches that enhance the package wether they be with new features or bug fixes, and patches that are only there to support local conventions and tools. We rarely submit the local patches back to the development team of the package, but if we feel that the enhancement types of patches will help out the project, we'll submit them back.

terms of employment agreements (3, Informative)

Anonymous Coward | more than 11 years ago | (#6125046)

the company i work for has a term of employment agreement that i had to sign upon hire. it specifies that the employee is forbidden (except by written arrangement) from participating in activities that conflict or compete with the company's business. Example would be contributing to open source software that competes with your company's product.

these kinds of agreements is probably common practice.

if in doubt, you can ask for permission. if you aren't granted permission, then you have a decision to make.

My Two Cents (1)

xanadu-xtroot.com (450073) | more than 11 years ago | (#6125055)

"I would like to suggest a policy to my superiors, and could use a few good suggestions."

You do this: YOU DON'T!

You're sitting in your cube hammering out some code for whatever company project you're working on and suddenly you realize that the code you just slapped together would be perfect to help [insert OS app here].

What do you do?

Do you take the (now) IP of a company project and give it to GNU and do it over the company wire? Do you do the (technically) "Right Thing" and not contribute that code at all? Do you mix the two and think of another way way to code the exact some thought, just in a different way (on the company's bill)?

I can't answer that. This is now a moral decision. Not an economic or even IP one. It is *YOU* that has to decide if any of the above (or ones I've missed) are "right" or not.

[/SOAPBOX Src="two_cents"]

simple thing (0)

Anonymous Coward | more than 11 years ago | (#6125079)

Do Not develop open source software at work. Do not open your mouth and keep your ideas to yourself. If you get found out, most companies would steal "your" ideas. If you had a brain, you would have read and kept copies of anything you signed when going to work for your pesent company.
See a lawyer. Spend the money on the free consultation! Mingey Manga.

Put it into the terms of the contract... (2, Informative)

Dr. Zowie (109983) | more than 11 years ago | (#6125087)

The work I do is mostly funded by NASA, under scientific grants. Every grant proposal I submit contains the words "All software and intermediate data products will be freely released to the general public" (or minor variations on that sentence). That way I'm actually required to release stuff, and the most restrictive license I can put on it is something like GPL (public domain would also work, of course). Haven't had any problems with management over it.

Re:Put it into the terms of the contract... (1)

Zathrus (232140) | more than 11 years ago | (#6125223)

the most restrictive license I can put on it is something like GPL

No you can't. GPL is based on copyright laws and as an employee of the US Government none of your works for it are eligible for copyright protection.

The same is not necessarily true for 3rd parties or sub-contractors working for the US Government, but that depends on the contract.

Public domain isn't a license... it's a state. Something is either copyrighted (in which case you can have a license) or public domain (in which case you can't, and you can do whatever the hell you want with it).

Actually, that brings up a good question -- can someone working for the government do work on GPL code while at work? And submit it back? I suspect the answer is yes, since the copyright isn't owned by the USGvmt (which is what's illegal), but I'm not positive. Probably just overthinking it.

Re:Put it into the terms of the contract... (1)

jmcnamera (519408) | more than 11 years ago | (#6125255)

Not attempting a flame war over GPL, this is a general question about public funded software dev.

I wonder, if the work funded by NASA must be released to the public, can it be released under GPL (or any other license) which adds its own restrictions?

In other words, should it instead be released with no restrictive license at all instead of one that prevents some uses or business models?

Forgiveness easier to get than permission? (5, Interesting)

Saucepan (12098) | more than 11 years ago | (#6125089)

From past experience I've found that asking upper management for permission to contribute code results in them hemming and hawing, thinking about it for six months, and eventually just saying "No" when pressured for an answer.

This makes sense when you think about it from their risk-averse perspective: releasing even small pieces of otherwise-useless specialized code is all downside and no upside.

On the plus side you might might improve goodwill with a small number of open source developers. But on the minus side you might be exposing the company to liability, accidentally revealing sensitive information, or inadvertantly helping your competitors. Plus, management always has to worry about shareholders second-guessing them -- possibly resulting in a shareholder lawsuit -- if the IP you give away is later perceived to have been very valuable.

Given all this, a dangerous but more pragmatic idea might be to just go ahead and contribute at least the small stuff like your patches and bugfixes. As long as you have no official policy forbidding this you can point out that it's just the standard way things are done when working with open source tools.

Let me be clear that I am not actually advising anyone to do this. More just.. thinking aloud.

Lawyers (2, Insightful)

truthsearch (249536) | more than 11 years ago | (#6125092)

Considering it's a software company, hire a lawyer. Developers alone should not be making these decisions where a company's fate is at stake. Hire a law firm who specializes in software and/or copyright, go over everything with them, and then make up policy. It's not smart to not consult a lawyer in this case.

What! (4, Funny)

PS-SCUD (601089) | more than 11 years ago | (#6125094)

I'd never do something so dishonest as to develop OSS on company time. I just look at pr0n and DL some music on Kazaa ;-)

Suitable precautions. (1)

Christopher Thomas (11717) | more than 11 years ago | (#6125095)

Empirical evidence suggests that, if a safe way to release work-produced code exists at all, it's to get an ironclad release statement written in blood and signed by the CEO and the company's legal department.

In short, I wouldn't try it. Convince management to do it, and make sure there's a paper trail.

A cautionary tale (5, Interesting)

Anonymous Coward | more than 11 years ago | (#6125105)

I'm posting AC for my own safety. I made changes to an open source package for my employer. Since the changes were for an internal package (we didn't release binaries to the public) I was told by my boss that submitting the changes to the package maintainer would be a violation of my NDA. I discovered after I left the company that my changes were eventually submitted to the package maintainer, and that my boss had taken credit for them.

The moral of the story: get the company policies in writing before you start making changes to an open source package.

Re:A cautionary tale (1)

confused one (671304) | more than 11 years ago | (#6125131)

And, unless your boss was the owner, he violated the NDA himself.

If your feeling vindictive, you can bring it up with the management at your former company and get him fired...

When I worked at Wise Foods Inc... (0)

Anonymous Coward | more than 11 years ago | (#6125112)

They had me sign a contract that anything I developed while working there, no matter if it was related to the job or not, because their IP. If you signed a similar contract, then they technically own anything you code. You'll definately need their permission in order to release anything.

J

FCC (0)

Anonymous Coward | more than 11 years ago | (#6125113)

Just grow some balls, or you're gonna see some
new government agency that pre-empts any future
discussion of these issues.

If you are a good coder your bosses will bite
their lips and back off. And if they don't, well,
they don't deserve to be bosses, right?

I went through this 5 years ago and I walked out
when they beefed... right into a new job at nearly
three times the pay, and with an up front
agreement that if I met expectations I could fling
code to the masses.

Works out fine.

Stop acting like a victim, you're a coder.

Do the Right Thing (4, Interesting)

hobbs (82453) | more than 11 years ago | (#6125134)

Of course, defining the Right Thing will in the end be up to your managers, but influencing their opinion is important.

First off, do they realize what value they are already getting from open source, or was that snuck in the door? The former would make life easier (for everyone, since more PHBs will realize the value of OSS).

One thing you don't want to do is to sneak behind your boss' backs and contribute what is unarguably company IP back to OSS without their permission. This can cause headaches down the road that could have been avoided.

Setting criteria for contributing back to OSS that you are enhancing is much easier than releasing OSS in the first place (IMO), and, yes, I have worked for enlightened companies that blended both well. It all depends on what your company does (industry focus) and where it values its IP. Generally though, if you have just enhanced OSS, returning those enhancements should be a no-brainer (and required by some OSS licenses). Again, that is really a no-brainer only if management knew you were using OSS in the first place.

For major enhancements, try to value it from your company perspective. If you were (eg) a video codec software company and had just made changes to a BSD video codec that gets 10x compression improvement with no quality loss, is it really worth your while to release that back immediately? I know some will argue that all software must be free, but how many of them are gainfully employed based solely on the free software that they develop (read: I don't think the model for just selling support sustains itself). IOW this isn't intended to start religious wars, just to make you think about what IP really has value to your company, and what you should be more readily willing to share.

Completely new software that you might want to release under and OSS license is similar to the above. First off, if you company isn't OSS aware, make them. Then discuss what things you don't want to release for core IP reasons, and what is good to release.

Remember that just releasing code doesn't raise the jollies of most corporate types. It usually has to have a purpose, and company brand awareness is a large part of that. Making or enhancing OSS software can be very good guerilla marketing for a company. It's perhaps not the same as dot.bomb hype levels, but it still has value for brand awareness, recruiting, etc.

Explicit notice and approval procedures (0)

Anonymous Coward | more than 11 years ago | (#6125136)

Explicit notice and approval should be required in working on the source code of open source projects. This shouldn't be too surprising, as explicit approval is usually required for most major time expenditures.

Working on open source projects requires tracking for several reasons: people forget what is open source, people forget that they (may) need to distribute changes or source code if they distribute the open source software, and they need to be clear what is a company asset and what is not.


The usual tool for this is to have a form and to designate one engineer and one lawyer to approve and track open source software that is modified. You should recommend creating a form with the usual questions and a naming scheme to designate directories as containing open source software.

What is name of this software?

Is this software's source code expected to modified or used elsewhere? [Most usage is just usage]

Is this software or any software derived from it expected to be distributed outside the company? Explain.

What is the license for this software? Does it require source distribution? When does it require changes to be distributed? Explain.

Do you forsee doing anything remotely tricky in the interpretation of the license so that we can use it? Explain.

Do you forsee incorporating any existing code from our company or code that would be useful in other projects? Explain.

And yes, require explicit approval from a manager before working on opensource on company time. This is all just common sense.

WHERE ARE THE WMD'S? (-1)

IAgreeWithThisPost (550896) | more than 11 years ago | (#6125140)

Clinton lied about sex = impeachment.
Bush lies about wmd's, kills 214 coalition soldiers, and many of them are STILL DYING(one american died today, 5 injured. THat's about 30 in the past month that have DIED). = BUSH GETS AWAY WITH IT

Get it in writing! (4, Informative)

tundog (445786) | more than 11 years ago | (#6125166)

We want to make sure we get clarification about what is or is not covered by our NDAs

IANAL but here goes...

This one is kind of obvious to me, but an NDA is an Agreement between two or more companies that basically says 'I'll show you mine if you show me yours' and legally binds each party not to tell anyone else about it. I try to avoid these because I'm always paranoid that the other company will tell me something I'm already working on and later try to stake a claim on what's mine.

Simple answer to your question: Before you send ANY code into the public domain get your boss to sign off on EXACTLY what you are releasing. Otherwise, even if you get the OK you could be in hot water later if your boss backs out on you.

Merging (4, Insightful)

EnglishTim (9662) | more than 11 years ago | (#6125168)

I would have thought the best approach is to suggest that you submit the patches so that you won't have to go through the pain of merging your changes in every time you want to get a new version of the software. If you phrase it as something that will help your productivity, I'd have thought they'd be much more likely to agree.

Don't RANSACK THE COMMONS (2, Insightful)

Anonymous Coward | more than 11 years ago | (#6125169)

Gates has already done that.

If you and/or your company are using OpenSource/GPL software in a beneficial way and you make improvements to the GPL code it would be in your/your companys interest to release your improvements to the community. After all, if you grazed your cattle on the commons would you sell the fertilizer back to the community that gave you free grazing priviliges or would you leave it on the commons to fertilize the grass so other cattle have grass to graze? Gates would collect it as "IP" and cash in, but are you that kind of person? Is your company that kind of company? (Selfish and Greedy)

In other words, if everyone took and took and took, but no one returned, GPL software would be less significant than it is today. So, leave your 'propriatary IP' attitude behind or stop using GPL software. If you want to sell your "IP" don't use GPL code in it.

Freely you recieved, freely give.

We've done it! (0)

Anonymous Coward | more than 11 years ago | (#6125173)

We've released all the HTML on our web site for the Open Source developer community. They can now leverage off our mouseover effects.

OSS kicks ass!

RTFL (Read the License) (1)

Compulawyer (318018) | more than 11 years ago | (#6125187)

Read the license of the code you are modifying. Simply put, the modifications may not "belong" to your company. If the company accepted source code to modify and that source's availability was conditioned on the publication of modifications, then there is an obligation imposed by the license to release the modifications.

Call this a self-serving statement by one of those fscking IP lawyers, but your company should consult with a lawyer who knows software licensing, knows source code issues, and can advise your company properly.

What about this (1)

vrassoc (581619) | more than 11 years ago | (#6125202)

You could rewrite the stuff a second time on your own time and then submit it in your private capacity. It usually turns out better the second time around anyway.

Of course this leads to the old developers' dilemma of when does company time stop and private time start because developers are notorious for coding stuff that ends up getting used by their company in their own time because it's fun.

Seriously though, let your bosses decide. It's their code and they might surprise you and feel some sort of gratitude towards the OS community for the resources that it's gained from there. It sounds like your company makes quite a bit of use of OS software and in a moment of weakness the powers that be might just be soft hearted enough to give something back to a movement that has advanced their business. It will be their call though.

We use it...we change it...we give back :) (1)

GweeDo (127172) | more than 11 years ago | (#6125208)

I work for a web hosting company (www.hagenhosting.com) and we use basically all open source software to manage our systems. We recently started using an open source web mail client that works very well with our mail setup and in the process have made many changes to it (though I am still not done with all my changes). Once I get all the changes done and am happy with the quality of the code I changed I will be returning the code back to the original author. This is the first time that we have modified open source software that we use, but my boss was all about giving the changes back.

Can't you just use (2, Insightful)

vasqzr (619165) | more than 11 years ago | (#6125212)


Can't you just use a psuedonym? I mentioned this in another post.

If the patch or software is released by "Thor the C Coder", who's the wiser?

Some hints (1)

kune (63504) | more than 11 years ago | (#6125238)

I'm not a legal expert, but I assume that all changes are made while you are working at the company. This means the copyright of the code belongs to the company. If you want to publish your patches, you need a formal decision by the company management for doing this. Notify that if you modify code under the GPL and distribute that code to a third party, you are required to publish it with the complete source. Please make sure, that every decision is documented and signed by the legal responsible persons. Keep hard copies of these documents.

Advice from the HA-Linux list (5, Informative)

Medievalist (16032) | more than 11 years ago | (#6125269)

Alan Robertson [linuxjournal.com] , who maintains the heartbeat [linux-ha.org] package and works for IBM [ibm.com] , recently posted to the ha-linux [linux-ha.org] list [progressive-comp.com] on this subject.

Alan does not accept patches to the heartbeat code that were developed on company time unless he receives a disclaimer [theaimsgroup.com] from somebody at the company.

This is obviously spoofable, but it's probably a good way to legally protect the code -- Alan can honestly say he received it in good faith, which keeps IBM's lawyers' from breathing down his neck. It's kind of weird for me, though, I have to send a disclaimer giving myself permission to send in a patch....

So, to answer your question: explain to your CEO why helping the OSS community helps you to help your company, and get her/him to sign off on a policy that allows you to do so. Ask for legal authority to be delegated to yourself (or your boss) to license or assign corporate intellectual property to open-source projects. Then have HR propagate the policy to your co-workers.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?