Open Source

30777 readers

550 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

[email protected]

294

The Xz Backdoor Highlights the Vulnerability of Open Source Software—and Its Strengths (www.404media.co)

submitted 6 months ago by [email protected] to c/[email protected]

38 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 5 points 6 months ago (1 children)

It sort of is by license. Not directly but if you're using one of the more restrictive licenses like GPL 3, it often doesn't pass legal review due to many of the copy left provisions.

Most companies simply find a similar library that has a more permissive license. A handful will contact the dev and buy a license.

As much as the MIT license has made code more accessible, its permissiveness is the main reason I don't use it for my own software, unless I really don't care for it.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

Thanks for mentioning this. It was really helpful.

Can you see why I want a more bespoke license which still allows for distribution, change and all that but also asks for you to donate part of your revenue (if you make any, that is) to foss projects?

Because that would streamline the process and would probably find a lot of adopters which would lead to it getting accepted. Probably even more than agpl because you can still make stuff closed source (if we leave the „need to use same license“ out) but you need to pay anyway.

I‘m getting a lot of hate for this btw. People are really unhappy with this idea because for some reason „free“ for them means free beer it seems.

Edit: someone mentioned percentage of employees wages who work on foss projects be factored in which I think is great

[–] [email protected] 3 points 6 months ago (1 children)

I don't think we need more licenses. OSS license proliferation is bad as it is. IMO, people should do their best to stick with the major licenses: GPL, AGPL, MIT, or Creative Commons if it doesn't fit the above.

The problem with a tax that you've proposed is that it would be nearly impossible to enforce. How would you know which companies are pulling your library?

What I've been doing is adding the Commons Clause to my license and that I think helps. I don't write wildly popular software so I don't really see people donating or asking to purchase a license.

I personally like the Mozilla model where they donate to various open source projects from a common fund. I'd like to see more stuff like that.

[–] [email protected] 0 points 6 months ago

Yeah, the mozilla model seems quite interesting.

After tons of troll messages I‘m now at the point where I will just make everything agpl so nobody can use my stuff if its not the same license and be done with it. I will also make every software I fork agpl if possible which will be a fest.