this post was submitted on 02 May 2024
96 points (95.3% liked)

Open Source

31364 readers
93 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
all 27 comments
sorted by: hot top controversial new old
[–] [email protected] 57 points 6 months ago (1 children)

I've always thought of it this way: permissive licenses ensure freedom for developers. Copyleft licenses ensure freedom for end-users.

[–] refalo 14 points 6 months ago (1 children)

Open source licenses are only as useful as your ability to enforce them.

[–] [email protected] 19 points 6 months ago (1 children)

Sorta why the FSF was formed.

Because thses lucences working effects folks other then yourself.

So best for all OS developers and users to work together.

[–] refalo 7 points 6 months ago (2 children)

I don't disagree, but in practice, in my experience they and other groups are not helpful when your license actually needs defending.

I have been with multiple different communities that had GPL and other licensed code stolen for profit in proprietary programs. In all instances, the FSF, SFC and EFF were all contacted and nobody cared.

These offending companies do what they do precisely because they know they can get away with it. And most FOSS developers I would argue do not have the resources or desire to go up against a big company taking or misusing their work.

[–] [email protected] 2 points 6 months ago

I have been with multiple different communities that had GPL and other licensed code stolen for profit in proprietary programs. In all instances, the FSF, SFC and EFF were all contacted and nobody cared.

at least the SFC did some enforcing that worked, but i got the feeling these organisations are too "nice" , If the case is a slam dunk maybe it is possible to get a lawyer who will work by getting a large percentage of the earnings.

[–] [email protected] 0 points 6 months ago (1 children)

Is it anymore the case with other licences though.

Obscurity is no security at all. If you have no ability to fight to keep tour copy right or patient. People will copy it open or closed.

Even direct machine code can be copied a reverse engineered fairly simply.

So non of this is purely a open source permissive licence issue. Its a big corperations acting like fudal lords issue.

[–] refalo 2 points 6 months ago (1 children)

The effectiveness of obscurity in operations security depends on whether the obscurity lives on top of other good security practices, or if it is being used alone. When used as an independent layer, obscurity is considered a valid security tool.

IMO Obscurity is at least as effective as the attacker's inability to locate the resource, but I don't recommend that being your only defense for everything of course.

That being said, you're absolutely right when you look at it that way. If reverse engineering or copying ASM isn't out of the question, then IMO all bets are off. Even closed source proprietary programs are not immune from that.

But in the general sense of people casually copy/pasting source code, I think the only defense is not having source available in the first place.

[–] [email protected] 0 points 6 months ago (1 children)

You can copy binary code. Just as easy as source code.

It is only when running on a different architecture it gets a bit more complex.

And give the binary is directly translatable by software. Not hugely more complex for any company of the size you are unwilling to fight in court over open source code.

Sorry but no you are wrong. Hading the source in no way makes code harder to copy. Its how most of us hacked into games in the 1990s.

After all binary code is just simpler instruction set that takes very very minimal effort to convert into assembly language. And can be read by many even without that effort.

Its hardly a secret encrypted format. (Unless you are also designing your own hardware and not letting anyone see that. )

[–] refalo 2 points 6 months ago* (last edited 6 months ago)

I think we majorly disagree on the definition of "harder" and "just as easy" here. I don't consider that making me "wrong", I consider it a difference of opinion. One could argue that it is indeed harder to copy assembly code especially when you do not understand it, or like you contradictingly already stated, when the architecture differs. I was speaking in the context of "the general sense of people casually copy/pasting source code" which I was also implying that meant that those people also did not easily understand assembly already. Sorry for the confusion.

[–] [email protected] 15 points 6 months ago (1 children)
[–] starman 3 points 6 months ago
[–] [email protected] 6 points 6 months ago* (last edited 6 months ago)

I still kinda like the restrictive takes of copyfarleft that prevents for-profit entities to use anything without contributions. Workers, co-ops, nonprofits do not have any of those restrictions.

My biggest issues with those licenses are specifically that they are & never could be GPL-compatible which would encourage permissive licenses for libraries which is part of what both license types want to avoid.

Has anyone gone so far as to dual-license under copyleft & copyfarleft?

[–] [email protected] -4 points 6 months ago* (last edited 6 months ago) (1 children)

Man, people do love arguing about words without providing (or looking up) their definitions.

Does the GPL being non "restrictive" mean I can use GPL code in my proprietary software? What word that doesn't offend you should I use to describe this fact?

This is as useless as the git main/master branch debate a while ago.

[–] [email protected] 4 points 6 months ago* (last edited 6 months ago) (1 children)

What word that doesn’t offend you should I use to describe this fact?

Conditional, as in you are free to incorporate the GPL code into your work on the condition that you preserve the freedoms downstream. By default you have no rights to distribute; the GPL does not take anything away, but it grants conditional rights. A restrictive license, like your proprietary EULA, would take away rights that the user would normally have.

Whether or not proprietary EULA's are enforceable is a matter of dispute; see Software user's rights (D. J. Bernstein). Regardless, as Bernstein notes, this default set of rights does not include distribution, which is governed by copyright law. Free software licenses such as the GPL are copyright licenses and grant limited rights of distribution. Note that even most "permissive" licenses are by definition conditional as they include at least the requirement for attribution.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

Note that even most “permissive” licenses are by definition conditional

You do realize the whole discussion is about what terms to use for differentiating between GPL-like "restrictive" licenses and BSD-like "permissive" ones? Saying that both are "conditional" really doesn't help anyone.

(also "by definition" the license's grants may be "conditional", not the license itself - it's not as if it looses validity under some condition)

[–] [email protected] 1 points 6 months ago

You do realize the whole discussion is about what terms to use for differentiating between GPL-like “restrictive” licenses and BSD-like “permissive” ones? Saying that both are “conditional” really doesn’t help anyone.

That's fair, I suppose - but going back to the word restrictive, you could also frame the requirement for attribution as a "restriction."

DeVault suggests the term "reciprocal" at the end of his post. Another term often used is "share-alike." Both of these terms, I think, more accurately hint at the exact conditions of the grant without negatively framing it as a "restriction."