Year: 2016

Here is an article about SunLaw, for which I had the pleasure of presenting a seminar on open source licensing recently.  Click through to see a photo of Olga Mack looking determined and fantastic, as always.  It’s nice to see a shout-out to this excellent group.

In a move that would have been viewed ten years ago as hell freezing over, but seems only moderately remarkable now, Microsoft has joined the Linux Foundation.

Colorful metaphors aside, contrary to popular notions in the free software world, Microsoft has been very active in open source in recent years, including its longtime sponsorship of the Outercurve Foundation, its contributions to the Linux kernel, and its recent move to join the Eclipse Foundation.  This may give some credence to last year’s report that an open source release of Windows is possible.

 

On October 28, WordPress’ founder Matt Mullenweg filed a blog post admonishing Wix, a proprietary blog tools provider, for distributing some WordPress software (licensed under GPL) in Wix’ proprietary software app, and thereby violating GPL.  The tenor of the post was less a legal threat than a call to do the right thing.  He wrote,

If I were being charitable, I’d say, “The app’s editor is based on the WordPress mobile app’s editor.” If I were being honest, I’d say that Wix copied WordPress without attribution, credit, or following the license. The custom icons, the class names, even the bugs.

He went on,

I suppose we’ll take this as a compliment — I’m sure the hundreds of people who have contributed to WordPress Core and our mobile apps are flattered that you chose to build one of your company’s core features using our code. We’re also excited to see what great things you create with all the time you saved not having to write your own mobile editor.  You know what’d be even more exciting? To see you abide by the GPL and release your source code back to the community that gave you that jump start.

Wix answered with its own blog post, styled “an open letter from Wix.com’s CEO Avishai Abrahami,” which sidestepped the GPL violation, saying:

[Y]ou say we have been taking from the open source community without giving back, well, of course, that isn’t true. Here is a list of 224 projects on our public GitHub page, and as you can see they are all dated before your post….

Yes, we did use the WordPress open source library for a minor part of the application (that is the concept of open source right?), and everything we improved there or modified, we submitted back as open source…If you believe that we need to give you credit, that you deserve credit, I must say, absolutely yes. You guys deserve a lot of credit, but not because of a few lines of source code, you deserve credit because you guys have been making the internet dramatically better, and for that we at Wix are big fans.

The exchange of posts set off a flurry of discussion on the Web, the gist of which was that Wix didn’t answer the allegation, along with the usual speculation, and discussion (sometimes informed, sometimes not) of whether a violation had actually occurred.

The exchange was interesting for a few reasons, beyond the legal substance of it.  GPL violations are usually open and shut cases, and this appears to be no exception.  As a threshold matter, if you include GPL code in a program, and distribute it, you have to include GPL license notices.  Laying aside what constitutes a “derivative work” subject to GPL and other such arcana, the failure to include license notices is trivial to prove.  For the most part, the only way to cure a violation of GPL in a proprietary app is to stop distributing the app, replace the GPL code, and re-release the app.  Mobile apps are generally single programs, and don’t allow for inclusion of both GPL and proprietary code — it’s all or nothing.  The other approach, of course, is to release the entire program under GPL, an approach that proprietary developers usually won’t — and sometimes can’t — take.

Then there was the social aspect of the exchange.  The initial blog post was charmingly signed, “Love, Matt and the open source community” — not your typical ending for a cease and desist letter.  And Wix’ ended “I reached out a couple of times trying to meet with you. Could I do that again here? I believe in friendly competition, and as much fun as it is to chat over the blogosphere, maybe we can also do it over a cup of coffee?”

There are many in the open source community who prefer moral suasion to legal process, to resolve compliance issues, and if there was ever an example of how to do the former, this was it.  But perhaps the soft approach led Wix down the garden path; Wix’ answer focused on perceived depredations of Wix’ morality, rather than the legal question behind the allegation, and resulted in a response which was neither legally nor substantively effective.

The next chapter in this tale is likely to be a re-release of the Wix app, but we shall see.

 

Ben Boyter’s approach to open source licensing with this “Eventually Open” license is an interesting variation on open source and proprietary licensing themes.  Boyter is initially releasing his searchcode server code under the Fair Source License for five users, but has committed to licensing his code under GPLv3, automatically, after three years from the date of publication.

For a business, committing in advance to grant a free license to all on a fixed date in the future is a bold move.  Presumably this is a self-imposed incentive for bringing out new versions, to the keep the flow of licensing revenue alive — or perhaps merely an acknowledgment that it’s impractical to charge for software that is three years old (which is about the practical lifespan of a royalty-bearing product).

This approach is reminiscent of the 2015 Transitive Grace Period Public License, which applies GPL with a grace period to comply, but works in the opposite direction.

 

The beleaguered OpenSSL, having experienced a previous and high-profile security problem in the Heartbleed bug, has scrambled to fix another security flaw, which ironically resulted from a recent security patch.

Great article by Kyle Mitchell on the MIT license, in which he observes with clear affection that  “despite some crusty verbiage and lawyerly affectation, one hundred and seventy one little words can get a hell of a lot of legal work done, clearing a path for open-source software through a dense underbrush of intellectual property and contract.”

Here is an article I wrote recently about the growing adoption of AGPL.

TechCrunch reports today that the White House released a policy that favors open source software development for U.S. government agencies. “Federal agencies will be required to release at least 20 percent of new custom developed code as open source software. While this is only a pilot, the hope is that it will encourage cost savings and increased efficiency within the federal government.” The full policy statement is here.

 

The Netfilter project posted this week that it “regrets to have to suspend its core team member Patrick McHardy” due to allegations regarding “the style of his license enforcement activities on parts of the netfilter software he wrote.” The project did not disclose the allegations or their targets. The project pointed out that it “does not have first-hand evidence” but cited “various trusted sources.”

The SFC then made a stronger statement connecting the dots between its promulgation of community enforcement guidelines, the adoption of those guidelines by the Netfilter project, and the subsequent suspension of McHardy.

The issue of “copyright trolling” to enforce open source licenses has long been a source of concern by technology vendors, but also by organizations like SFC that want to preserve the credibility and mission of enforcement actions. However, licenses like GPL are designed to give authors the power to bring copyright claims for non-compliance, and copyright law is a sharp sword. So those who seek to enforce for pecuniary gain will always have the legal right to do so, and community norms may not convince them to forego those rights.

The newly launched Software Heritage initiative is on a mission to collect and preserve software programs and libraries that are provided under open source licenses.

Most people don’t spend much time thinking about preserving technology heritage, but technology is no less part of our social fabric than paintings, sculptures, and handcrafts.  Kudos to those who create museums — virtual or physical — to preserve these parts of human culture.  People tend to think software repositories are forever, but then they turn around to find that Google Code and FreshMeat  are gone.

The project plans to implement features to help the curious to search and explore software in its archive, which contains over 2 billion source files — and counting.