this post was submitted on 31 Dec 2023
174 points (90.7% liked)

Open Source

31394 readers
181 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

TLDR: Companies should be required to pay developers for any open source software they use.

He imagines a simple yearly compliance process that gets companies all the rights they need to use Post-Open software. And they'd fund developers who would be encouraged to write software that's usable by the common person, as opposed to technical experts.

It's an interesting concept, but I don't really see any feasible means to get this to kick off.

What are your thoughts on it?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 83 points 11 months ago (2 children)

in a fair world, all of these companies who abuse the GPL license woild get sued and have to face actual consequences. but the legal system favors the rich, and the FOSS dev is left to starve. killed by their own passion.

[–] actual_patience 8 points 11 months ago (1 children)

Let's not be nihilist here. It's better to come up with solutions than to give up.

[–] [email protected] 7 points 11 months ago

sure, i love change for the better. the EU parliament is proof that change like this is possible, one just needs funding for lobbbyists like rossmann has done it.

[–] onlinepersona 4 points 11 months ago

I honestly thing we need that third party instance that audits proprietary code for the licenses it uses to see if there's a breach. Then they could sue all the companies that don't abide by the license. Most likely GAFAM would lobby against such a thing because they know they use a lot of opensource stuff that could force them to opensource their stuff, but honestly, fuck them. They've made a killing on the backs of free work.

[–] Lmaydev 43 points 11 months ago (2 children)

I mean just license it as such right? You can't say it's completely free for anyone to use then complain you aren't getting paid.

[–] [email protected] 44 points 11 months ago (12 children)

This is a common misconception. A couple times, it's even gone to court. Both Cisco and Best Buy had to pay nontrivial amounts of money, and in the case of Best Buy, it hilariously had to give to the plaintiffs its inventory of TVs which contained software copyrighted and GPL-licensed by the plaintiffs.

GPL licensed does not in any world mean "completely free for anyone to use". For end-users, it does. For companies that want to resell the GPL-licensed software, it means, you can do it for free if you comply with the terms of the license, and if you don't, then you can't. There's not a monetary exchange, but there are licensing terms you need to comply with which were apparently important enough to the people that wrote the software for them to apply that particular license instead of some other one.

If you disagree, that's completely fine, but that doesn't mean you can all of a sudden resell their software and use their work for free, even if there are other people (in compliance with the license) who can.

load more comments (12 replies)
[–] actual_patience 2 points 11 months ago (2 children)

Well the question is, how would such a license look like? Or would it be a contract and not a license?

I guess I should ask a lawyer these questions, but I wanted to see what others here thought about the idea.

load more comments (2 replies)
[–] [email protected] 34 points 11 months ago* (last edited 11 months ago) (6 children)

I wasn't too psyched about reading this article, but I was surprised at how sensible it is -- among a bunch of pretty good points he makes, this is one of them:

Another straw burdening the Open Source camel, Perens writes, "is that Open Source has completely failed to serve the common person. For the most part, if they use us at all they do so through a proprietary software company's systems, like Apple iOS or Google Android, both of which use Open Source for infrastructure but the apps are mostly proprietary. The common person doesn't know about Open Source, they don't know about the freedoms we promote which are increasingly in their interest. Indeed, Open Source is used today to surveil and even oppress them."

From the end user's point of view, there is absolutely no open-source-ness to your Android phone. (BSD which iOS is based on was always designed to make this a possibility, but the GPL was not.) They're using all this software which was supposed to be authored under this theory of GPL, but except for the thinnest thinnest veneer of theoretical source availability, it's proprietary software at this point.

RMS actually talked about this. He laid out this vision of this bright future where you'd always have access to the source code for all the software on your computer and the rights to take a look at it or build on it or modify it, and some reporter said, well yes but what about all these other urgent problems that are ruining the world with private industry trying to make money at all costs and destroy it all. And RMS said, more or less: Yes. It bothers me a lot. But I don't really know about that, and I know software, and I felt like in this one specific area I could write a bunch of software and solve this one problem in this one area where I felt like I could make a difference. If other people could get to to work on these other more urgent problems that'd be great, because they also bother me a lot.

[–] [email protected] 6 points 11 months ago (1 children)

BSD which iOS is based on was always designed to make this a possibility, but the GPL was not.

Can you elaborate on this? I would have said exactly the opposite. That the GPL's copyleft scheme and requirement of providing source code was very intentionally meant to be a way to prevent big corporations from taking advantage of users via software. I'll admit that vision hasn't born the fruit (that I'd've said) it was intended to. But wasn't the intention there?

Meanwhile, BSD doesn't have any provisions intended to keep some big company from distributing compiled binaries sans source code with lots of antifeatures added.

The terms of the GPL specifically require that you be able to specifically demand all source code of any GPL'd code on your smartphone (or smart TV or toaster or garage door opener or whatever) so that you can build at least the GPL parts of the firmware for your own devices. If the courts would just back that up, you would be able to recompile all the GPL'd parts of your smartphone's firmware and run that on your phone. That was the intention of the GPL. And the terms of the GPL have been used to bear fruit in that direction. OpenWRT wouldn't exist if Free Software advocates didn't threaten legal action if... who was it... Broadcom?... didn't comply with the GPL and release its source code.

There is still Tivoization to contend with. (Locked bootloaders, basically.) Some (like Bradley Kuhn) think the GPL's terms are sufficient to prevent that from being a problem already.

[–] [email protected] 7 points 11 months ago* (last edited 11 months ago) (3 children)

Can you elaborate on this?

I think we're saying the same thing; maybe I worded it confusingly. BSD is supposed to allow proprietary-ization, and GPL is supposed to prevent it. Apple is within both the letter and spirit of the BSD license with what they're doing with iOS. Google is technically within the letter of the GPL with how they distribute Android, just as Redhat is technically within it in how they distribute RHEL, and honestly maybe both cases are fine, but it's far from the intent. The spirit of the GPL is that people who would receive an Android phone would know that the relevant parts of their phone's software are open source and have a realistic ability to modify them, which I'd argue is true for pretty much 0% of even tech-savvy users today.

If the courts would just back that up, you would be able to recompile all the GPL’d parts of your smartphone’s firmware and run that on your phone.

Firmware? You mean kernel, right? (in addition to whatever low-level userland tools are GPLd, which I'm sure is a bunch.)

I don't think Google really did anything wrong here. The letter of the law is being upheld pretty well in what they're doing. I think the issue is the cell phone manufacturers making it de facto impossible to modify your cell phone. I don't think the GPL actually makes any requirement for modifying the software in-place being a requirement (nor should it IMO), and providing the source code is done carefully in accordance with the license. It's very different from the "fuck you I take your stuff, sue me hippie" stance that Broadcom took. Broadcom very clearly broke the law.

In my opinion, the issue is that a cell phone is such a free-software-hostile environment that arguably GPL software shouldn't "be allowed to" come into contact with it in any capacity if the spirit of the GPL were being upheld. IDK how you can write something like that into a license though. And I think that's what Perens is saying -- that we need a new model that comes closer to the spirit in terms of what the actual result is.

(Edit: Actually, maybe making it a realistic possibility to drop in a recompiled replacement should be a part of the GPL. I remember people were talking about this decades ago with signed bootloaders and things, so that a recompiled kernel wouldn't boot on particular machines unless you broke the DMCA by doing something to your hardware. I said I wouldn't like any attempt in the license to forbid that, but on reflection, it sounds like maybe a pretty good way to better uphold the spirit of the GPL with particular legal language.)

[–] [email protected] 2 points 11 months ago

Ok, yeah. I think I misinterpreted the bit of your post that I quoted.

About Google, it's not necessarily Google who manufactured your phone. It is if you have a Pixel, but it might be Samsung or LG or ZTE phone or whatever. And it's not necessarily them who sold you your phone. It might be T-Mobile or Mint Mobile or AT&T. Whoever conveyed GPL'd code in object form (as the GPL puts it "embodied in, a physical product") has the responsibility of ensuring you can get from them the source of all GPL'd code on your device. Including all derivative works and modifications.

Derivative works includes kernel modules. Which includes device drivers for, say, 5G modems and fingerprint readers. And those are the kinds of things (aside maybe from tivoization) that are the biggest hurtles for making a fully free firmware for a given device.

So, yes, I mean the kernel and derivative works of the kernel like drivers. And of course anything else on the device that is GPL'd.

Plus, the GPL also includes what is necessary to compile and install GPL'd code as part of the source code. Some of the implications are pretty cool. See this article by Bradley Kuhn of the Software Freedom Conservancy for more info.

I think if companies did comply with all this, FOSS could benefit ordinary users who don't even know what FOSS is a lot more than it does now.

load more comments (2 replies)
load more comments (5 replies)
[–] [email protected] 32 points 11 months ago

All the people predicting doom and gloom for open source, but the reality is that without open source we wouldn't be in the position where we currently are in terms of technology.

To be honest, I also think the patent system should be revamped as it is extremely flawed at the moment and prone to abuse by patent trolls, and it is stifling innovation.

[–] [email protected] 26 points 11 months ago* (last edited 11 months ago) (1 children)

Fuck no. A small business that is struggling to survive should be able to use WordPress for their website and Linux for their laptops without paying

[–] actual_patience 10 points 11 months ago (1 children)

The fee could be really small but scale depending on factors like business size. Or there could be no fee outright for businesses smaller than a certain size.

[–] [email protected] 8 points 11 months ago (1 children)

That still sounds like a lot of confusion for small companies. especially given most FOSS is provided as-is without any legal consultant avaliable.

[–] [email protected] 5 points 11 months ago

It's also against the very idea of software freedoms in the first place. This is just reinventing proprietary licenses.

[–] [email protected] 20 points 11 months ago (2 children)

I think that the RHEL example is out-of-place, since IBM ("Red Hat") is clearly exploiting a loophole of the GNU Public License. Similar loopholes have been later addressed by e.g. the AGPL and the GPLv3*, so I expect this one to be addressed too.

So perhaps, if the GPL is "not enough", the solution might be more GPL.

*note that the license used by the kernel is GPLv2. Cue to Android (for all intents and purposes non-free software) using the kernel, but not the rest.

[–] [email protected] 4 points 11 months ago (1 children)

What loophole? I think they're just blatantly violating it

[–] [email protected] 7 points 11 months ago (3 children)

They're still providing the code for people who buy the compiled software. And they are not restricting their ability to redistribute that code. So it's still compliant with the GPL in the letter. However, if you redistribute it, they'll refuse to service you further versions of the software.

It's clearly a loophole because they can argue "ackshyually, we didn't restrict you, we just don't want further businesses with you, see ya sucker".

[–] [email protected] 3 points 11 months ago

Enshittification continues

load more comments (2 replies)
[–] [email protected] 2 points 11 months ago* (last edited 11 months ago)

So perhaps, if the GPL is "not enough", the solution might be more GPL.

Love this.

[–] [email protected] 20 points 11 months ago (1 children)

TLDR: Companies should be required to pay developers for any open source software they use

You need to read the article yourself before writing TLDR. Spoiler: it is not about payments, it is about source code availability.

[–] actual_patience 7 points 11 months ago

If you had also read the article BTW you would have realized that spoilers: it's not about source code availability.

You saw the first few paragraphs about the Red Hat drama and didn't read further.

Reading the whole thing you'd realize it's a list of reasons why open source software hasn't become popular with the wider public, and his proposed solution to this.

I just included the idea he is proposing, others can read the article to see his reasoning.

[–] [email protected] 19 points 11 months ago (1 children)

Open source is just another commons, and companies have a way of uncontrollably exploiting common resources until they collapse.

In the case of open source, it's healthy in the sense that money is flowing, we have companies sponsoring projects, tons of code is available for inspection and reuse, etc. Very nice. But if you go back to the original concepts of free software, in many cases we struggle with actually exercising the four freedoms. Red Hat has engineered an EULA that basically lets them ban practices that had been thought protected by the GPL for at least a generation, and so on and so forth. So is the open source community healthy or dying? Doesn't the answer to that depend on your priorities?

I think it would make a lot of sense to try to create an economic model that can fund open source software development without relying on corporate injections of cash. It's not that they don't pay for it ever, they just pay for it to the bare minimum extent. IE, the heartbleed fiasco -- tons of companies were freeloading off one guy and like half the Internet's security got fucked for it. Imagine if OpenSSL had had some kind of economic support structure in place to allow for, uh, more than one guy to manage the encryption library for like half the Internet before something insanely stupid and predictable like that happened. Well, we can never have that with corporate-controlled open source.

load more comments (1 replies)
[–] [email protected] 19 points 11 months ago* (last edited 11 months ago)

people are always going to be floating ways to save capitalism in the face of communities privileging freedom over greed.

this completely misses the point of free software, and fails to solve the problems Mr. Perens identifies with Open Source. He claims it fails to serve the "common person" (end users) and then proposes a solution that serves... only devs.

Open Source has completely failed to serve the common person. For the most part, if they use us at all they do so through a proprietary software company's systems, like Apple iOS or Google Android, both of which use Open Source for infrastructure but the apps are mostly proprietary... Indeed, Open Source is used today to surveil and even oppress them.

All these problems are already solved by free software. the rebranding of "open source" was a compromise on the principles of free software to make the movement palatable to profit-seekers. In the end, it predictably failed to improve anything. The solution isn't to reinvent the wheel, it's to stop making the wheel square because the square lobby insists they'll only use it if it's square. The solution is copyleft, and free software being used more than it's defanged cousin.

The common person doesn't know about Open Source, they don't know about the freedoms we promote which are increasingly in their interest

That's a feature, not a bug. On one hand, if people knew about free software they wouldn't be as good consumers. On the other hand, internals should be opaque to users; just as devs don't want to have to know how the logic gates in the CPU are routing their code to write code, end users shouldn't have to worry about the politics of the communities that developed their code.

[–] [email protected] 17 points 11 months ago (2 children)

So, Open Source was already kindof the capitalistic fork of the Free Software movement. And it feels like Parens' vision of Post-Open Source is about how to marry it more to "the market." If it's not clear from what I've said already, I'm not a fan of that specific aspect of it.

It is a problem that big companies reguarly violate the terms of the GPL. I hope good things come out of SFC v. Visio that give the GPL's requirements of distributing source code with compiled code more teeth, but we'll have to see. I do think the courts agreeing to interpret the GPL (at least in some cases) as a contract rather than as a license is a good thing. It was a gutsy move on the SFC's legal department's part, but the case shows more promise now that they'd made it than it did previously. Perhaps a GPLv4 that better deals with being interpreted as a contract is in order.

Though, I worry that what Parens has in mind for new licenses doesn't address what I'd want to see from the Open Source movement and will ultimately move (Post-)Open Source in the wrong direction.

Specifically what I want from FOSS licenses is to be able to (and to have assurance that others have the option to) write and distribute software with assurances that no one's going to use it to restrict users' rights down the line. The GPL has historically been imperfect at that. The AGPL is better. But the GPL has always been explicit about requiring companies to distribute source code with binaries. What we need is that but with teeth in the form of some combination of court precedent and more effective legalese.

If current licenses have the problem that big companies just ignore the terms set out in the license, I wouldn't imagine making a new sort of license with different terms like "big companies have to pay to get the benefit of using Pots-Open Source software" is really going to work.

All that said, I'm glad to hear discussion about the future of FOSS. I'm worried about where FOSS is now and where it's going and am glad to see more strategic thinking.

[–] [email protected] 7 points 11 months ago (4 children)

Generally speaking I agree; I like how Perens is thinking about it.

I do think it's pretty well established that the GPL "has teeth" though. The FSF has a list of enforcement cases against fairly large defendants; it looks like their record is 2 for 2 in the US. I think it rarely comes up, just because complying with the terms of the license is so no-brainer-ly easier than trying to make the legal argument that you can use someone else's stuff for free while thumbing your nose at the terms and conditions they want you to abide by in order to do that.

I think most of the "big company ignores the GPL" things you hear about are either things like RHEL, where they're carefully skirting the line in a clearly bad-faith way that has some decent chance in court for some particular reason, or else someone breaking the GPL and then their legal department looking at it for 2 seconds and telling them to stop doing that. The cases where someone with anything to lose actually doubles down and says "fuck you" are rare I think for pretty obvious reasons.

(Also, I just learned this today: When Best Buy did this in 2009, the judge eventually made them give the plaintiffs the TVs as part of the damages when it was all done. That's the funniest thing I've heard all week.)

load more comments (4 replies)
[–] actual_patience 2 points 11 months ago

If current licenses have the problem that big companies just ignore the terms set out in the license, I wouldn't imagine making a new sort of license with different terms like "big companies have to pay to get the benefit of using Pots-Open Source software" is really going to work.

It's more that they avoid the spirit of the licensing, not the terms (except Red Hat of course).

I suppose you can split this into two separate arguments:

  • Swap from licenses to more enforceable contracts

  • Have companies pay open source devs

[–] [email protected] 14 points 11 months ago

Doesn't make sense at all.

I keep seeing Redhat used an example, but they contribute a HUGE amount a source code and projects.. Pipewire, systemd, rpm, DBUS and even the main XML addon for VSCode, etc.

I don't think people realise how much poop linux would be swimming in if they went bankrupt..

Redhat are literally one of the big reasons why Linux is so seamless these days, and they're solving a lot of the big problems. And from my understanding, they still contribute the code seperately anyway.

That being said, I agree money needs to go towards developers. However, a lot of them end up hired at major companies. And I don't think this is the way to approach it

[–] [email protected] 5 points 11 months ago

Well, well, well, if it isn't the consequences of his own actions (inviting corporations to exploit Free Software by trying to re-brand it).

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago)

These are my thoughts regarding FOSS for a long time. The sense of facilitating the development and freedom of the project has been distorted years ago, when large corporations put their hands on this project, controlling it. Just look at the amount of "OpenSource" soft and services controlled by Google, M$, Amazon, FB ..... Yes, they are free to distribute and modifiable by devs, but mostly full of APIs from these corporations, not controllable by the user, subtracting their sovereignty and only modifiable with effort by people capable of understanding the scripts and redirects they contain. For a normal user it is increasingly irrelevant whether the project is FOSS or proprietary, while these products and the internet in general are in the hands of these companies.

A simple question is enough, which one do you prefer to use? FOSS projects from large corporations, or Freeware from small independent startups, if you don't have the knowledge to review the script anyway, almost impossible in millions of lines, with external references from large apps and services? It becomes decisions of mere trust, perhaps with the help of external services, such as WebKoll, Blacklight, Unfurl and similar, where in the end the license that the product has is irrelevant, with respect to security and privacy, often in question or not, in some like others. In the end only the intentions and ethics of the developer matter.

Yes, of course, the concept of OSS, FOSS and FLOSS requires a profound review and update, so that it does not become a destroyer of what it aims to protect and promote, a free internet.

[–] [email protected] 2 points 11 months ago (1 children)

So, basically the opposite of BSD3 license

[–] actual_patience 3 points 11 months ago

Yeah pretty much

[–] onlinepersona 2 points 11 months ago* (last edited 11 months ago) (1 children)

I agree. Either use a business source license like Elastic and others, or fight for the installation of a third party that audits proprietary code for license use and sues if the rules haven't been followed. It's why I like the creative commons. They are quite realistic. Most of their licenses say: if you use this commercially, you have to pay. If not, then it's free.

People who claim business source licenses are "not opensource" sound like such capitalist shills to me. It's as if they're shouting from the rooftops "it's OK to fuck over opensource developers because principles matter more than reality".

CC BY-NC-SA 4.0

load more comments (1 replies)
load more comments
view more: next ›