Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FOSS License Proliferation Adding Complexity

kdawson posted about 7 years ago | from the do-what-i-say-no-me dept.

Businesses 201

E5Rebel writes "Business is embracing open source like never before, but the effective demise of SCO's claims against Linux doesn't mean an end to licensing problems, an analyst warns. The debate on Slashdot seems to focus on the GPL and its virtues, but there are 1,000-plus open source licenses (according to analyst Saugatuck), and businesses face having to manage multiple licenses within a single open source product. What can be done to minimize multiple-license pain for corporate open source adopters?"

cancel ×

201 comments

Sorry! There are no comments related to the filter you selected.

Open source has a long ways to go (4, Insightful)

Anonymous Coward | about 7 years ago | (#20348075)

Open source has a long ways to go to match the number of different closed source licenses and eulas. Amateurs....

One out of control ball of momentum!! (0)

Anonymous Coward | about 7 years ago | (#20348229)

One out of control ball of momentum! Oh, wait, that's just Cmd Taco's poop leaking again. We love you Taco!

Re:Open source has a long ways to go (0)

Anonymous Coward | about 7 years ago | (#20349073)

"Open source has a long ways to go to match the number of different closed source licenses and eulas."

Yes, you handle Open Source license just like any other. The corporate lawyers review them just like they would otherwise with the "equivalent" closed source app in its place.

Re:Open source has a long ways to go (1)

Tuoqui (1091447) | about 7 years ago | (#20349109)

You sure I thought all the closed source licenses and EULA's were cookie cutter fill in the blank ones that basically say 'We can do whatever we want and you cant sue us'.

When using them, all the licenses say the same thi (3, Informative)

Tyger (126248) | about 7 years ago | (#20348085)

Why does the large number of licenses have to be a management problem? Most the proliferation in business is the usage, not the development of open source, and a bulk of the open source licenses say you can use it however you want, it's only when you distribute it (Modified or unmodified) that you have to start worrying about exactly what is in the license.

copying is copying (1, Informative)

Crispy Critters (226798) | about 7 years ago | (#20348273)

How often does a business need only a single copy of a piece of software? Copying inside the business is still copying and requires a license.

Heck, even copying from the hd to ram to run the code counts as copying (note that this copying is allowed by US law if the copy on the drive is legal, but not otherwise).

Re:copying is copying (1)

Wesley Felter (138342) | about 7 years ago | (#20348565)

But all open source licenses allow unlimited copying, so this is not a problem.

Re:copying is copying (4, Insightful)

Ohreally_factor (593551) | about 7 years ago | (#20348875)

Wrong: Internal distribution is fine and doesn't really count as distribution regarding the GPL.

This article is semi-FUD, anyway. FTFA:

Business users of open source software should review their Open Source licensing agreements, audit their use of Open Source and create formal policies for managing source code, especially mixed-source code.
Which a business that is distributing code is doing anyway, via their legal department, outside counsel, and/or consultants.

This issue has been highlighted in some open source discussion forums, but it is largely being ignored by IT and business leaders.
Because the licenses are generally human readable by IT leaders, and business leaders have lawyers to handle that.

The general attitude in the OSS world that I'm picking up is that license proliferation is not a major problem. Choice is supposed to be good, no? Find the license that best satisfies your needs, or write your own. The two camps that seem to have the most concern about too many licenses are the FUD-spinners trying to damage OSS or the Free-bies that are trying to steer everyone towards GPL 3 and FSF hegemony. (Yes, I'm a bit biased.)

Re:copying is copying (1)

trifish (826353) | about 7 years ago | (#20348971)

The two camps that seem to have the most concern about too many licenses are the FUD-spinners trying to damage OSS or the Free-bies that are trying to steer everyone towards GPL 3 and FSF hegemony. (Yes, I'm a bit biased.)

If I had mod points, I'd mod you up.

Re:copying is copying (1)

harlows_monkeys (106428) | about 7 years ago | (#20349017)

Wrong: Internal distribution is fine and doesn't really count as distribution regarding the GPL

I don't think the person you are responding to was talking about any particular license. Internal distribution most certainly IS copying, and does require permission from the copyright owner. This is well settled in case law. GPL is widely believed to grant that permission to things that are under it.

Re:copying is copying (1)

Kjella (173770) | about 7 years ago | (#20348947)

As far as I know, pretty much all open source licenses obligate you only to your recipients. For example, the GPL says you must give those who get the binary the source - nobody else. Sure you might copy the software but all the copies legally belong to the business, so you're sitting on both sides of the table. And if that was a problem there'd be no problem to make a little legal handwaving to make a legally separate entity do all the reproduction, while the real company only uses it.

You can't hook things together... (1, Insightful)

Anonymous Coward | about 7 years ago | (#20348357)

It matters because then people have trouble hooking things together in a useful manner. You know, actually *using* that other code.

Which should make things interesting with the Microsoft licenses submitted to OSI which are all GPL-incompatible. Then, I'm sure we could just make new GPL-compatible versions in addition to those.

Also, I like how they get their name attached to a whole set of licenses. Perhaps Sun, IBM, Apple, etc. should have license sets named after them? Could be a great new source of revenue for OSI...

Re:You can't hook things together... (2, Insightful)

jhantin (252660) | about 7 years ago | (#20348591)

See the flamewar on the OSI mailing lists; all the above concerns and more have been aired.

No, seriously... large complex component-based software system + GPL = instant holy wars, because the line where one work ends and another begins is no longer clear.

"Dammit Jim, I'm an engineer, not an attorney!", but it seems to me that in practice, the GPL's process-boundary condition becomes little more than a performance issue because you have to use message passing over some kind of communications link instead of loading in-process. For additional flavor, release the "client side" of the message passing bits under the AFL or similar, and the "server side" obligingly under the GPL.

Easily figure out licenses? (1)

silversturm (1147265) | about 7 years ago | (#20348567)

Is there a single site that elaborates what the highlights of major licenses are? I get put off by reading these novels sometimes, not to mention the legalese sometimes gets me confused (yes I need to is smarter). Something like this would be great:

GPL: Can do this, this, and this. Can't do this, this and this.
GPL2: Can do this, this, and this. Can't do this, this and this.
Apache: Can do this, this, and this. Can't do this, this and this.
MS EULA: Can do this, this, and this. Can't do this, this and this.
...

Does anything like this exist today?

Re:Easily figure out licenses? (1)

Ohreally_factor (593551) | about 7 years ago | (#20349005)

A compatibility chart would be nice also.

Plot them in a chart. (1)

khasim (1285) | about 7 years ago | (#20348991)

I'm still not seeing why the OSI hasn't developed a CHART where each license is placed based upon what it allows and what it restricts.

No, this doesn't have to be a 2 dimensional line.

Then, any gaps would be easily seen and a line could be drawn saying "all licenses below this point are compatible with the GPL v2" or whatever license you're looking at.

Then there wouldn't be a question of which license to use. Just look for which one meets your minimal requirements.

Re:When using them, all the licenses say the same (1)

einhverfr (238914) | about 7 years ago | (#20349085)

Because everyone draws lines different places and threatens legal action if you cross those lines.

The cardinal rule of *business* relating to intellectual property law is that the licene means what the licensor says it means unless and untill it becomes worth fighting in court. I run a business. IANAL.

I actually see this complexity to be a good thing. It forces licenses to compete. And it raises the likelihood of lawsuits relating to the limits of each open source license. Lawsuits (as long as I am not involved) are a good thing because they provide points of reference as to legal limits of the licenses.

Does anyone here think that merely linking is sufficient to show derivation? WOuldn't this give OS vendors like Microsoft exclusive control over the development of applications for their platform? Why are these different?

1000+ ??? (4, Insightful)

someone1234 (830754) | about 7 years ago | (#20348131)

I'm pretty sure there are no 1000+ OSI approved licenses.
10 OSI approved licenses probably cover 90% of all open source.

Re:1000+ ??? (2, Informative)

Tyger (126248) | about 7 years ago | (#20348157)

If you count all the subtle variations (For example, BSD license with who gets credit changed) I can see it being 1000+. But that is taking a very strict definition of different FOSS licenses, and not a realistic definition that all those are basically the same thing.

Re:1000+ ??? (2, Insightful)

CastrTroy (595695) | about 7 years ago | (#20348193)

How many different closed source licenses are there? Probably about 1 for every application.

Re:1000+ ??? (1)

Tyger (126248) | about 7 years ago | (#20348209)

Not to mention that they are all much longer than your typical open source license, and have many more land mines to worry about tripping over hidden away in the text.

Re:1000+ ??? (3, Funny)

Knuckles (8964) | about 7 years ago | (#20348585)

And they are written in caps.

Re:1000+ ??? (1)

vidarh (309115) | about 7 years ago | (#20348495)

Probably more than that - many licenses will have changed multiple times over the lifetime of the application.

Object oriented licencing? (3, Funny)

IPFreely (47576) | about 7 years ago | (#20349001)

So what we really need is a smaller set of base licenses that include object oriented features like inheritence, interfaces and templates.

I can see it now:

public MyLicense extends BSD implements Attribution;

or

public NPL extends GPL implements OwnerTakeback;

Re:1000+ ??? (1)

chaoticgeek (874438) | about 7 years ago | (#20348399)

We should only need one, and it can be about this long...

"Don't be a jerk, it is open source be kind and share with others."

Just use the GPL (0, Flamebait)

Nibbler999 (1101055) | about 7 years ago | (#20348139)

Easy.

No, just use OSI-approved licenses (3, Insightful)

Infonaut (96956) | about 7 years ago | (#20348211)

They cover a broad range of licensing needs. If there are hundreds of different licenses out there, it's only because the lawyers working for the firms involved have sold these companies on the notion that they need a custom-crafted license.

Re:No, just use OSI-approved licenses (2, Informative)

Nibbler999 (1101055) | about 7 years ago | (#20348263)

There's about 60, which is still too many to try to interoperate.

Re:No, just use OSI-approved licenses (1)

Antique Geekmeister (740220) | about 7 years ago | (#20348941)

Oh, it's not just corporate needs. Take a look at Dan Bernstein's licenses, or confusing COPYRIGHT based lack thereof. The source is open, but you can't fork it, you can't repackage it in a way he doesn't like, and you can't call it the same name if you modify it in a way he doesn't like.

Bernstein's work is often brilliant, but it's seriously hindered by his inability to play nice with existing standards. This includes his weird kind-of-sort-of-not-really software licensing.

Re:Just use the GPL (2, Insightful)

Brian Gordon (987471) | about 7 years ago | (#20348295)

Why does everyone love the GPL? By forcing users of the code to obey the hacker ethic, it's breaking the hacker ethic. Code is code, and it doesn't make any sense to put restrictions at all on it, even if they're just copyleft restrictions. BSD for me- it's basically public domain (the best solution IMO) but it strokes my ego by making sure my name is included in the code :)

Re:Just use the GPL (2, Insightful)

fsmunoz (267297) | about 7 years ago | (#20348837)

I disagree with you in the hacker ethic part[1], although I can see your point. More importantly though is the fact that I agree with you and disagree with parent when he said "just use GPL". *I* am all for the GPL but can perfectly see why people would prefer some other license, especially a BSD/MIT/ISC one (free, non-copyleft with attribution). This "license proliferation" thing is not IMO something terrible. It can be a bit overkill, especially in the non-copyleft ones (many licenses ammount to the same with different wordings) but if people use them then clearly they have a good reason to exist. It should especially not be used as a way to promote "unification" around a single license: there are reasons for using the GPL, which I personally think are good ones, as there are reasons for using the BSD license, and that's all there is to it. Conditioning choice in the name of simplification is not the way to go at all.

[1] Pardon my laconic answer but I think that everyone is up-to-date in what regards the differences in perspective about the GPL and the BSD licenses from each "camp" :)

Re:Just use the GPL (1)

fsmunoz (267297) | about 7 years ago | (#20348881)

I disagree... there are reasons for using the GPL (and both our emails indicate that we agree with them) but people shouldn't feel "forced" to use the GPL just to simplify things. While I do think that there are many redundant licenses (especially those akin to the BSD, like the ISC or MIT licenses) the choice should be made due to finding the license fitting. Also reducing choices could actually mean reducing the ammount of free software, since it's obvious that many talented and generous developers prefer a license like the BSD one.

Tor like oatmeals! (-1, Offtopic)

Anonymous Coward | about 7 years ago | (#20348145)

Tor like oatmeals!

Can you say FUD? (3, Informative)

morgan_greywolf (835522) | about 7 years ago | (#20348165)

Yeah, I knew you could. The average Linux distribution doesn't have anything close to a 1000 licenses in it. Stop being ridiculous. There is pretty much BSD/MIT/X11, GPL, LGPL, Mozilla, Artistic, and maybe a couple of others, depending on what apps are installed.

And in the end -- so what? FOSS licenses break down into two categories: BSD-type and GPL-type. That's it. They're all pretty much the same, especially ones that conform to the Open Source Definition, so who cares?

Re:Can you say FUD? (2, Insightful)

Ant P. (974313) | about 7 years ago | (#20348441)

A quick check (ls -1 /usr/portage/licenses | wc -l) gives me 861. Not over 1000, but not exactly nowhere close either.

Re:Can you say FUD? (1)

xubu_caapn (1086401) | about 7 years ago | (#20348707)

That's probably counting every license multiple times.

Re:Can you say FUD? (5, Interesting)

LiquidFire_HK (952632) | about 7 years ago | (#20348907)

I wrote a quick script to find the most-used licenses (this is from Gentoo's packages, which is a fairly representative sample, with nearly 12 000 packages).

$ eix -v | grep License | awk '{print $2}' | perl -e 'while(<>){ chomp; $licenses{$_}=0 unless $licenses{$_}; $licenses{$_}++ } for (sort {$licenses{$b} <=> $licenses{$a}} keys %licenses) { print "$_ $licenses{$_}\n" }' | head
GPL-2 6710
BSD 711
as-is 579
LGPL-2.1 511
|| 428
Artistic 344
MIT 259
LGPL-2 229
public-domain 138
PHP 124
You can see the full list here [rafb.net] . As you can see, a huge amount of the packages (85%+) use GPL or one of the other very popular licenses. "||" means multi-licensed, and most of those are Artistic/GPL. You'll notice that after the top 30 licenses, none are used in more than 10 packages. Of the 863 licenses, 729 are used in 5 or less packages, and 629 of them are used in only one package. Many of the one-ofs are fonts or closed-source licenses.

So while I agree there are many licenses, the vast majority of projects use one of the popular licenses.

Re:Can you say FUD? (1)

budgenator (254554) | about 7 years ago | (#20348921)

Who care's how many licences are in your distro, it's the distro's problem; my problem is how many licences are in my app, there is three GPL v2, BSD, and PHP, that's not unmanageable.

Well, yes and no. (4, Interesting)

jd (1658) | about 7 years ago | (#20348607)

Yes, you're absolutely right that there are only a few "core" licenses that others are derived from. NASA's Open Source license is based on the GPL, for example. However, there ARE a lot of licenses out there. It would be far, far better if there was some sort of inheritance mechanism for licenses. That way, it would be clear what had borrowed what from what, lawyers would be dealing with change sets (which they're familiar with) rather than re-written texts, and instead of a long linear list, we would have a much more compact tree.

Would this reduce the number of licenses? Initially, no. You'd simply reorganize them into a structure. Would it improve understanding of the licenses? Yes. Understanding would increase exponentially, rather than linearly, as a person worked their way through. Would it eventually lead to a reduction in the number of licenses? Yes. A lot of them have trivial or insignificant change sets and making this obvious to all would create pressure to consolidate where appropriate.

Ok, but doesn't the sheer number also create pressure? Yes, but it may NOT always be appropriate, and there may be unexpected and undesirable results. Make thing clear FIRST, and THEN make changes, not the other way round.

Re:Well, yes and no. (1)

Ohreally_factor (593551) | about 7 years ago | (#20349061)

This is actually a workable, or at least functional, idea you have. It's not trying to artificially limit the number of licenses, nor would it actually limit the number of licenses, but it would certainly narrow down most usage to those licenses that are commonly used, and discourage trivial proliferation.

Re:Well, yes and no. (0)

Anonymous Coward | about 7 years ago | (#20349149)

Yeah, but do we use CVS/SVN, or BitKeeper for keeping track of the license changes? :P

But do you havea license to... (1)

msimm (580077) | about 7 years ago | (#20348849)

rock? Because when it comes right down to it I think that's all this poor analyst was looking for. Just admit it, you want to rock? You know Linus knows how to rock. John Hall looks fresh out of a Greatful Dead concert (although I was thinking more along the lines of AC/DC, but whatever man). Linux totally has the license to rock.

Do what everyone else does (2, Insightful)

CaffeineAddict2001 (518485) | about 7 years ago | (#20348169)

Ignore it.

Bureaucratic nonsense (1)

ShieldW0lf (601553) | about 7 years ago | (#20348183)

At some point, it will become clear that enforcing all this licensing bullshit with courts and lawyers is just a big waste of time that drains everyone dry, and they'll drop the foundational laws upon which both open and closed source licensing agreements rely.

Then the problem will go away.

I mean, it's a problem of our own making... it's like hitting yourself in the head, all you have to do is stop.

Re:Bureaucratic nonsense (1)

Nibbler999 (1101055) | about 7 years ago | (#20348195)

They'll drop the whole idea of copyright? I don't think so somehow.

Re:Bureaucratic nonsense (0)

Anonymous Coward | about 7 years ago | (#20348283)

they'll drop the foundational laws upon which both open and closed source licensing agreements rely.


Both businesses and open source projects depend on copyright, even when it costs time and money to enforce it. What makes you think we would abandon a system which everyone involved relies on?

Re:Bureaucratic nonsense (1)

ShieldW0lf (601553) | about 7 years ago | (#20348913)

I think copyright will fail because it serves the interests of those in the developed nations, not the interests of the developing nations. Copyleft depends on copyright for enforcement, but it is a subversive effort to destroy the value of holding and enforcing copyrights.

Also, those developing nations who manage to self-organize without burdening themselves with responsibility to maintain and enforce the copyright scheme will be more efficient than those that take on that burden.

Also, those who do not prevent their population from having free and universal access to intellectual works will have more educated citizenry, and will see a rise in productivity as a result.

Also, those cultures who attempt to impose barriers that prevent the proliferation of their cultural views will become marginalized, while those who encourage their culture to spread will find more allies and like-mindedness from the other cultures that do the same.

Need I go on?

number of licenses (2, Informative)

mattb112885 (1122739) | about 7 years ago | (#20348185)

Its no different for proprietary software, in which the number of licenses is basically equal to the number of pieces of software you have ordered.

who gives a fuck? (-1, Troll)

Anonymous Coward | about 7 years ago | (#20348201)

linux is for dirty faggots anyway. fucking dick smoking queers who take it up the ass. thank god for the aids.

Re:who gives a fuck? (0)

Anonymous Coward | about 7 years ago | (#20348299)

You are confused. I think you meant Apple "loyalists"

Re:who gives a fuck? (0)

Anonymous Coward | about 7 years ago | (#20348649)

Now there's a way to make them seem evil. I've hardly ever seen the word "loyalist" without the word "paramilitaries" directly after it.

Cry me a fucking river. (1)

Seumas (6865) | about 7 years ago | (#20348219)

Oh, boo hoo! Free stuff is hard!

What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?

I understand there is potential for occasional confusion, but that is also simply the product of selfish archaic businesses. People who aren't so much confused by open-source licenses or hurt by them as they are interested in exploiting and infringing on them. Claiming that the reason they are either failing to embrace open source or excusing their willful infringement on it as the fault of the licenses and throwing their hands up like Barbie confronted with a math problem.

Re:Cry me a fucking river. (1)

DogDude (805747) | about 7 years ago | (#20348475)

What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?

Oh, nice FUD. It's more like, if you're serious about following the letter of the law, hiring a lawyer to read and interpret, or buying something off-the-shelf that you know is *not* licensed for you to use/re-package, blah, blah, blah. If you're developing software, then you DO have to know how all of the bits and pieces you use work together from a legal standpoint, otherwise there will be a horde of OSS fanboys down your throat trying to tear apart your company at the slightest perceived infringement.

Re:Cry me a fucking river. (1)

Seumas (6865) | about 7 years ago | (#20348593)

Because corporations are so hesitant to jump down everyone else's throat trying to tear you apart at the slightest suggested infringement of their proprietary materials. So it's okay for other people to be confronted with thousand page EULAs and restrictions, but not for a corporation to. Meh.

Re:Cry me a fucking river. (1)

tholomyes (610627) | about 7 years ago | (#20348887)

I think the point is that the myriad of licensing makes open source adoption by the enterprise more difficult. This also dampens subsequent contribution-- a lot of open source contributors are programmers for corporations of one sort or another.

Re:Cry me a fucking river. (1)

Metzli (184903) | about 7 years ago | (#20348683)

You mean like the horde of folks who were discussing VMware 10 days ago?

http://linux.slashdot.org/article.pl?sid=07/08/14/ 1618241 [slashdot.org]

Re:Cry me a fucking river. (1)

DogDude (805747) | about 7 years ago | (#20348861)

Exactly. To say, "eh, they're all the same, just share" is complete and utter bullshit. There absolutely is a cost involved to analyzing all of these different licensing agreements.

Re:Cry me a fucking river. (3, Insightful)

Chandon Seldon (43083) | about 7 years ago | (#20348939)

There are two completely separate cases:

Using Software

With Free Software, this is always allowed. No problem.

With Proprietary software, this can be pretty complicated. Each piece of software has its own license with its own requirements, be it per-user licensing, per-seat licensing, per-CPU licensing, per-year licensing. Better hire a dedicated lawyer to make sure you have all your licenses lined up right.

Modifying/Redistributing Software

With Free Software, this can be pretty complicated. There are a number of licenses - some of which are incompatible with each other. You'll probably want to put some effort into license tracking, or even hire a lawyer if your situation is especially complicated.

With Proprietary software, this is always prohibited. No problem. (unless you screw up somehow, then you're liable for millions in damages.)

Isolation of components in separate processes (1)

tepples (727027) | about 7 years ago | (#20348765)

What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?
Both. You have to isolate each component that has a different copyleft license in its own separate process, communicating with other processes through pipes or sockets. This sort of refactoring to decouple programs can be almost as labor-intensive as development from scratch, especially on an embedded system whose sliver of an operating system has little or no support for multitasking.

Re:Cry me a fucking river. (1)

ClosedSource (238333) | about 7 years ago | (#20348915)

"What is more difficult and expensive? Reading, understanding and adhering to any of a number of open-source licenses and keeping track of what you're using and what practices you need to follow to use them for free -- or investing a lot of R&D and development and Q&A time for your own proprietary stuff?"

It depends, but I think the proprietary option is better more often than you might imagine. It seems a lot of software patterns are used to enable globbing a lot of inappropriate software together into an application that is 90% unused bloat and 10% core functionality.

Strawman (4, Interesting)

fishthegeek (943099) | about 7 years ago | (#20348231)

Check out Microsofts License-o-rama! [microsoft.com] If Microsoft as a corporation can't stick to even a few licenses what on earth makes anyone think that thousands of FLOSS programmers will share enough commonality among them that they would be willing to use fewer licenses.

Microsofts licensing site doesn't even address the individual EULA's for products. Each MS product has a license that is nearly always unique to that product. So I say let those that do the work decide on how they would like or not like to share it.

Re:Strawman (1)

einhverfr (238914) | about 7 years ago | (#20349123)

The problem is that many of the FOSS licenses purport to extend the terms of those licenses to any software that interacts in a close manner (such as linking). IANAL, but this standard seems really suspect to me (it would mean that Microsoft could release a new version of Windows and declare that no open source software could be developed for it).

Again, when you are in business, it doesn't matter whether the FSF is wrong or not. You follow their terms even if you believe that they have no case because it isn't worth going to court over.

Hence we have the GPL v3. The license so complex it will probably take years for your lawyer to understand it in full.

License Inheritance (1)

Floritard (1058660) | about 7 years ago | (#20348257)

Why not take a note from actual software development and give licenses an inheritance hierarchy? I've always thought it was stupid that EULAs aren't standardized to a certain extent. If everyone knew a general EULA quite well, then companies could just state where their EULA differs from this common-knowledge EULA, instead of blindly clicking ok, consequences be damned. Same process could be applied to middleware licenses. One could even develope a license format whereby you could compile the various licenses among your project's components into one final license with most of its redundancy (hopefully) trimmed out. Of course, legalese was pretty much developed to obscure any such process and its strength is in its (evil) complexity. What a mess.

Re:License Inheritance (1)

nuzak (959558) | about 7 years ago | (#20348407)

> Why not take a note from actual software development and give licenses an inheritance hierarchy?

The lesson of software development is that people reinvent things rather than use base classes that don't entirely meet their needs.

I bet a few dozen of those licenses are just BSD 3-clause with the name of the copyright holder changed. And besides, licensing commercial software for redistribution is even more fraught with peril. No one is educated or swayed by this filler piece of an article. Licenses are hard. Deal.

The un-problem (4, Interesting)

MisterBad (40316) | about 7 years ago | (#20348277)

The vast majority of businesses will never trigger _any_ of the provisions of the licenses for their Open Source software because they will not publicly re-distribute the software in verbatim or modified form.

For those businesses that do, it is highly unlikely that they'll deal with more than the GPL or BSD licenses. Other licenses are important only for a single package or cluster of packages (e.g. the MPL, the Artistic License, or the Apache license), and companies that deal with these packages tend to be specialists in that area.

This just really isn't a practical problem for most businesses. It's an issue that software aggregators like distros or SourceForge need to deal with, but not your normal everyday business.

Re:The un-problem (1)

The_Wilschon (782534) | about 7 years ago | (#20348599)

Hey, aren't you the fellow who wrote the (net http) module for guile? Do you still have that code? If so, I'll give you an email address if you don't mind sending it to me.

Do not distribute.But use is free! (4, Insightful)

leuk_he (194174) | about 7 years ago | (#20348279)

If you use open source software, and not redistribute it you can mostly ignore the open source license. You can use it on as many computers as you like with many strange license combinations. For closed commercial software you have to track all the licenses, for open source you do not have to track the number of uses.

The real question begins if you want to distribute a packet of open source software and want to know if they are license compatible. ANd the real trouble starts if you want to use a loophole of some license to sell it bundled it together with your own commercial software.

Re:Do not distribute.But use is free! (3, Interesting)

also-rr (980579) | about 7 years ago | (#20348519)

Excellent point... especially when you consider that if you *are* distributing it will pass through your commercial department.

I have been doing commercial work lately on over 100 contracts, each with unique terms and conditions. Even if we had projects running that used every single OSS license out there it wouldn't tax us to an unreasonable level. That is kind of what specialists are for... businesses pay programmers to programme, and the commercial department to read contracts.

The best bit is that unlike technical issues your PHB probably appreciates the importance of contracts! I can't think of a single director (even the engineering directors) where I work who couldn't assimilate the GPL in five minutes or less - and the GPL is one of the more complex licenses. They deal with stuff far more weird than this every day.

All you need is to know how to state the benefits in their language. My humble effort is here [revis.co.uk] - and I would welcome additions.

Re:Do not distribute.But use is free! (1)

einhverfr (238914) | about 7 years ago | (#20349137)

businesses pay programmers to programme, and the commercial department to read contracts.
And in the case of the GPL v3, they have no clue what it means.... Seriously, there are some really nasty easily overlooked clauses in that license. See my latest journal entry for more info.

Re:Do not distribute.But use is free! (1)

Duncan3 (10537) | about 7 years ago | (#20348549)

Exactly.

If you use open source software, then you have no issues of any kind. If you are a company writing/selling software, treat other people's open source like nuclear waste, and have your users download the prerequisites themselves.

This is so very simple that we need at least 1000 more open source licenses, otherwise people will see how easy it is, and stop hiring lawyers.

Re:Do not distribute.But use is free! (1)

bit01 (644603) | about 7 years ago | (#20348997)

[deleted] If you want to distribute a packet of any software and want to know if they are license compatible. ANd the real trouble starts if you want to use a loophole of some license to sell it bundled it together with your own commercial software.

You shouldn't apply arguments specifically to open source software that apply equally to any software. This entire /. story is misdirected and should be titled "License Proliferation Adding Complexity."

Many commercial software astroturfers frequently propagate OSS FUD while dishonestly pretending the FUD doesn't apply equally, if not more so, to closed source software. Closed software licenses frequently place arbitrary restrictions on software use and there are thousands of different versions. Open source software licenses aren't perfect but they are much better than the average closed source license for most applications.

---

Open source software is everything that closed source software is. Plus the source is available.

If you write software... (1)

jessecurry (820286) | about 7 years ago | (#20348319)

If you write software that you want to be paid for, release it under a for pay license.
If you write software that you don't want to be paid for, release it under a completely free license... maybe even anonymously.

If all software was released this way then there wouldn't need to be any odd licensing in a software package... everything is either free or for-pay.

Re:If you write software... (3, Interesting)

antiNeo2000 (981119) | about 7 years ago | (#20348605)

You're oversimplifying things. Some free software is gratis (free of charge), some is libre (free to modify), some is both, some allows commercial distribution, some doesn't, and the list goes on. Since people own the copyright, people are allowed to write their own software licenses, no matter how weird they might be. Some projects need to be commercially viable in order to be accepted as standards (X.Org and the X11 license), while others would rather be shielded from commercial abuse (GNU and friends). Diversity in software licenses, even if it might be a bit confusing, is a lot better than the alternative.

Re:If you write software... (1)

Chandon Seldon (43083) | about 7 years ago | (#20348821)

You seem to think this is a simple issue. It isn't.

The question of software licensing has been complex and even controversial for decades. That apparently seems silly to you. That might even be a valid conclusion, but you're going to need a much more extensive understanding of the topic before you can convince anyone to agree.

If you're actually interested in understanding the topic so you can discuss it intelligently, I suggest actually reading / watching the following (completely):

Re:If you write software... (1)

tepples (727027) | about 7 years ago | (#20348829)

If you write software that you want to be paid for, release it under a for pay license.
Free Software Foundation does exactly this with the GNU licenses. But in the case, the "pay" is not in money but in a reciprocal commitment to distribute source code along with binaries.

My reciprocal commitment is in the mail (1)

ClosedSource (238333) | about 7 years ago | (#20348969)

Sure. Try telling your landlord that you going to pay him in "reciprocal commitments".

Re:If you write software... (1)

Ohreally_factor (593551) | about 7 years ago | (#20349151)

If you write software that you want to be paid for, release it under a for pay license.
If you write software that you don't want to be paid for, release it under a completely free license... maybe even anonymously.
I think you are too narrowly defining "pay" as a money only proposition. Under GPL 2, the payment for redistribution is payment in kind. That is, you use, modify, and distribute someone's GPLed code, you pay them by releasing your changes. Tit for tat, and that Finnish freak would say. It's really a nice balance, because in order to get the code you have to give up the code. Reciprocity, baby.

That's the beauty of the GPL 2. It offers the guarantee of a (non-monetary) reward to the developer, and perhaps more importantly, enriches the community and the world as a whole. BSD offers no such guarantee. Nothing wrong with that, but not everyone is satisfied with that.

How about commercial? (2, Insightful)

GrEp (89884) | about 7 years ago | (#20348333)

How about commercial licences? At least with FOSS you have a few major ones. With commercial every one is unique and usually much more complicated.

Best answer? think first (1)

CodeShark (17400) | about 7 years ago | (#20348339)

I personally will almost exclusively stick to the four major OS licenses: the GPL (any version), Apache, Mozilla, and (though purists may disagree) the BSD. My experience has been that a developer generally doesn't have to blend -- most of the web-related work I do is related to Apache, therefore that fits for the C++ development. Most of the web work is in one of the GPL'd languages (Perl, Python, PHP, or Ruby), etc.

Does this fit for most others? I don't know.

Re:Best answer? think first (0)

Anonymous Coward | about 7 years ago | (#20348457)

Perl, Python and Ruby are not released under the GPL.

Re:Best answer? think first (1)

CodeShark (17400) | about 7 years ago | (#20348629)

No but vast amounts of the code libraries which you see out there for those languages HAVE been released under the GPL. For example
  • li>in the CPAN FAQ: "Most, though not all, modules on CPAN are licensed under the GNU Public License (GPL)..."
  • The PEAR repository for PHP states: herefore "with this announcement the license choices are [for future modules] reduced to the following short list: {PHP,Apache,LGPL, BSD style,MIT}but I do know that the GPL exists was used for a number of Pear modules
. BTW Ruby was not any of the above which surprised me, so I will have to subtract that from my original post, and I am going to add the MIT license to my list. I wasn't familiar with it until today.

Re:Best answer? think first (0, Flamebait)

coryking (104614) | about 7 years ago | (#20348975)

in the CPAN FAQ: "Most, though not all, modules on CPAN are licensed under the GNU Public License (GPL)..."
Not the ones people actually use. The first thing I check before using a CPAN library is what it's license. Almost all are dual, like perl itself. If it is GPL only, I avoid like the plague.

GPL'ing libraries used by "high level" languages like Perl, PHP or Python should be punishable by death. What a cruel joke.

And before I get a snippy retort about "if you dont like it, dont use it", guess what, I dont contribute to any GPL projects. I'll use a GPL product only if I'm 100% sure I'll never need to touch the source code. If there is any chance I might want to tweak the code, it is BSD or the like.

"You are a leech" you might say. Yeah, well, guess which projects get any patches or improvements I might make? Hint: it ain't GPL projects. GPL'd software is about as useful as closed-source alternatives, only usually of much lower quality.

Re:Best answer? think first (1)

chromatic (9471) | about 7 years ago | (#20348951)

Most of the web work is in one of the GPL'd languages (Perl, Python, PHP, or Ruby), etc.

Python and PHP have their own licenses. Perl is dual Artistic and GPL. Ruby is dual GPL and... something custom.

Simplicity itself (0)

Anonymous Coward | about 7 years ago | (#20348343)

Obviously they should stick with Shared Source.

I don't get it (3, Insightful)

tie_guy_matt (176397) | about 7 years ago | (#20348389)

Don't most open source licenses have one thing in common: you can use the software and install it on as many computers as you want free of charge. The problem comes up when you modify the code and then want to redistribute it. My question is how many businesses are modifying tons of different programs so that they have to worry about tons of different licenses? And if your company is big enough that you are modifying tons of programs then don't you have legal department with an army of high priced lawyers who would love to do nothing else but make sure you dotted all your i's and crossed your t's when it comes to the licenses? Maybe I missed something.

Re:I don't get it (1)

E5Rebel (1103761) | about 7 years ago | (#20348547)

Try and get it. We have just had SCO waste everyones' time for the last two or three years spreading FUD. That is over. The economic case for businesses using open source is obvious for the end user so why not understand where the next problems might come from that might slow down its adoption? The problem outlined in this article is as much for those trying to make a living from open source programming - changing the code, mixing and matching the best that is there and creating something better. It is in everyone's interests to fight complexity in open source licensing and it is likely to be a constant battle - just like it is to stop a great OS forking into rival products

Re:I don't get it (1)

DogDude (805747) | about 7 years ago | (#20348893)

And if your company is big enough that you are modifying tons of programs then don't you have legal department with an army of high priced lawyers who would love to do nothing else but make sure you dotted all your i's and crossed your t's when it comes to the licenses? Maybe I missed something.

You're missing the point that lawyers aren't free. Lawyers cost more than software developers.

more licenses than what? (1)

asabjorn (903413) | about 7 years ago | (#20348419)

Most proprietary ISPs tend to have their own End User License Agreements that is either specific to the company or the product. Adding to that 88% of the sourceforge projects choose one of 3 licenses. The GPL license prevails, at 77% of projects. The LGPL is second at 6%, and BSD trails in third at 5%. All other licenses account from 3% to 1%.
http://asay.blogspot.com/2005/09/analyst-nature-an d-size-of-open-source.html [blogspot.com]

So when dealing with open source projects you supposedly have a problem with license proliferation? You have to deal with 1000 licenses? I don't buy that.

Also it is worth to notice that it is common that EULAs have special clauses on how the software can be used, by who and how the software can be distributed within the organization. Some of these clauses can truly be quite interesting.
http://www.theregister.co.uk/2006/10/29/microsoft_ vista_eula_analysis/ [theregister.co.uk] (plenty of other article if you don't like this source)

All OSI approved open source licenses permit the distribution of software with little to no worry compared to EULA governed software. No more Bussiness Software Allicance audits which can threaten to disrupt your normal bussiness. It is when you change the software or distribute it externally that you have to worry about the open source software license, but then, that is a different discussion since it is not normal for proprietary software to allow that.

Open Sources Licenses for sale (2, Funny)

infonography (566403) | about 7 years ago | (#20348485)

Dear Friend,

My late father was the finace minister for the pervious administration in Nigeria, in his weill he bequitehd me the income from meany open sourse licenses however since the new government crackdown we have had difficulites in tranparting themo out of th country. A reputable frind who can transport them out of the country for me needs a small advance to pay for expenses once we have these open sources license on the open market we can realize great proifit.

I have a limited introductory offer for any software you want at a low low rate per seat. Comes with Complemetary Viagra from te late presidents presonal stores.

Please send to my paypal account darl.mcbride@sco.com

Revised copyright law (1)

iamacat (583406) | about 7 years ago | (#20348517)

  • Source code must be made available to any recipient of binary code upon request
  • The customer must then agree to safeguard the source and be responsible for damages if leaked. The copyright owner can demand a proof that a particular customer is willing and able to honor a contract. Customers can create modified versions for private use distribute binaries and source to anyone who already obtained the corresponding original from the author.
  • Copyright expires after 14 years, as envisioned by the founders, at which time source becomes public domain.
  • Anyone, including the original author, can then create derived works from the source and again distribute them under protection of copyright for another 14 years


This will ensure that license incompatibilities only last a limited time, commercial software can be sold/protected from leaks by teenagers and derivative works can be created both during and after the copyright duration.

The answer is SIMPLE (1)

Breakfast Pants (323698) | about 7 years ago | (#20348553)

New projects going forward should all be released public domain. Bam. *All* projects can now use your code. Because of crazy liability statutes and crazy precedence, you will need to put a disclaim of liability/warranty on the code when *you* distribute it, but there isn't any need at all to make others who distribute it do so by adding a license term contingent on *their* distribution--that's the biggest downfall of the non-advertising clause BSD license, but in practice isn't that big of a deal. I am not a lawyer, but I *don't* ANAL; sorry.

Would be cool to do it automatically (3, Interesting)

radarsat1 (786772) | about 7 years ago | (#20348609)

I've had the idea for a while that it would be cool to design some kind of formal language to describe licenses, so that you could apply logical rules to cancel out conflicting requirements and determine whether licenses are compatible with each other.

Sure, legalese is pretty "formal", but it's not computer-science *formal*. How cool would that be to encode laws and legal conditions such that they are provably effective?

Someone must have done something like this...

(That said, I've never really understood why people choose licenses other than BSD or GPL, since these seem to express some basic viewpoints on how F/OSS should work, but I guess people have their own reasons, which is fine with me actually.)

a lawyer's view (3, Interesting)

faceword (635817) | about 7 years ago | (#20348611)

I represented an company that had developed a closed source software product that had incorporated several open source (but not GPL'ed) libraries, each released under a different license.

There was a transaction cost, in that the company had to pay my law firm to review each license to be sure the distribution of the product did not violate the license. Some of the licenses had attribution requirements, including one which required the verbatim reproduction of the open source license within the distribution. I advised my client as such, and they included that license within a readme file, complete with the glaring typos that were in the original.

The cost of a junior lawyer spending a few hours reviewing six different licenses (approx $300 per hour) was lower than recreating the code from scratch -- so it is hard to argue that the proliferation of licenses is problematic. My client was still better off than if it had to spend an extra week of development time authoring the libraries.

Re:a lawyer's view (1)

JohnFluxx (413620) | about 7 years ago | (#20348933)

Out of interest, did you have to review the license agreements on the normal closed source software?

For the overwhelming majority (1)

stox (131684) | about 7 years ago | (#20348623)

of corporate open source adopters, there is no issue, as they will not be selling and distributing the software. For those that do, open source licenses tend to cover many different products, whereas each closed product will have a different license. So, if nothing else, open source is slowly reducing the number of licenses you have to worry about.

MS XPe Licence (1)

russ1337 (938915) | about 7 years ago | (#20348631)

Having just reviewed the Microsoft XPE OEM and Runtime licenses and a whole bunch of 'off-the-shelf' commercial software for some work I'm doing, navigating what you can and can't do with the software is not all that easy.... (vs what you are required to do under many FOSS licenses). Imagine the worst EULA you've ever seen, then change it randomly and apply a different restrictions to each application you're using with completely different conditions. Then put them all on one system.

The whole time I was thinking to myself this would be all so much easier if all this was under GPL....

(I'm no lawyer, (I don't even play one on TV) I was just looking at 'does our implementation make us subject to clause x'... etc.)

Let them suffer (1)

bug1 (96678) | about 7 years ago | (#20349003)

"What can be done to minimize multiple-license pain for corporate open source adopters?"

Why should corporate users get an easy ride ?

Corporate users are the ones who would likely turn on us and destroy the community if it would boost the next profit report by a few percent.

Its not about users its about the source code.

But i guess if it turns out that corporate users a big on giving constructive feedback, bug reports then i guess we should give a shit, but i expect they are too busy using to do anything else.

They don't have to worry about it much..... (1)

budword (680846) | about 7 years ago | (#20349051)

because UNLESS they are also DISTRIBUTING said software, they probably don't have to worry about the license very much. Especially if they stick to a GPL style license. If they are in the business of distributing software, then they damn well better have a clue on how to handle the terms of the licenses of the software they choose to use. At the end of the day, the free software world doesn't need the suits, it's the suits that need FOSS.

World Peace (0)

Anonymous Coward | about 7 years ago | (#20349059)

If only everyone used the Beer-Ware license.

Ignore them (1)

nurb432 (527695) | about 7 years ago | (#20349153)

If its 'open' its mine to do with as i please.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>