Tag Archives: Open Source

Licensing, Open Source

Copyleft and closed dual license ethics

3 Comments

There are a bunch of companies out there today that offer their products in a dual-license style, where you can download and use the GPL licensed version or buy the proprietary licensed version (often together with some kind of service deal) that you then can use without the “burden” of a GPL agreement. Popular known brands doing this include Trolltech/Qt (now Nokia), MySQL (now Sun), OO.o (Sun), Sleepycat (now Oracle) (Berkely DB is not strictly GPL but still copyleft) and VirtualBox (now Sun) etc.

It’s perfectly legal for them to do this, as the company is the copyright holder of all the files, they can just easily re-release everything under whatever license they want at their own discretion. The condition is of course that they are in fact copyright holders of everything, that the parts they don’t have copyright for are either licensed under an enough liberal license or that they can buy a similar relicense from third party lib authors.

It kills contributions from non-employees since doing a large chunk of code for these guys means that you would hand over copyright to a company whose entire business idea is to convert that to a proprietary license and make money from it. In a way you cannot do yourself since they can turn the GPL code into proprietary goods and you cannot. This may be a clue to why MySQL has less community contributors. The forced assigning of copyright over to a company could very well also be a contributing factor to OO.o’s problems to attract developers.

Companies “hide” the truth about this and try talking customers into the proprietary license. I’ve worked a bit with Qt and the wording they have used have often given companies the impression that they have to pay for the proprietary licensed version to be allowed to use the product in a commercial product. I’ve had to explain to several customers that as long as they just adhere to GPL they can use the free version just fine without paying anything. Trolltech also has this dubious condition tied to their commercial license: “The Commercial license does not allow the incorporation of code developed with the Open Source Edition of Qt into a commercial product.“[*] Needless to say, this will prevent companies from trying the open source licensed route first. I’m curious if they even have the legal right to make that claim.

This puts competitors at an arm’s distance of course since no other companies can take the code and conduct business the same way. Of course this is part of the reason why they gladly adapt GPL for this. Lots of actions by these companies make me feel that they aren’t real and true open source believers, but that they use this label a lot for marketing and for making sure competitors can’t do the same as they do.

The GPL version is without support for customers in another push to drive them to pay for the proprietary license instead of the GPL one. Of course, it being open source lets companies going the GPL route to fix their own problems since they have the source and all, but the push towards the proprietary license also narrows how many customers that will actively contribute anything back since there’s little chance they will do anything in a project with a proprietary license. I honestly can’t see many other possible legitimate reasons why companies wouldn’t do support for the GPL licensed versions.

I’ve not personally worked in any of these projects under such proprietary licenses, but I would love to hear experiences from people that have!

Obviously all this are not problems large enough to concern users. Quite possibly so because these companies do a good enough job and keep the GPL versioned versions of their software at a sufficiently good quality so that there just don’t appear any forked projects that take the GPL version and run with it in a different direction. Another explanation could be that there are good enough alternative projects to go with if you’re not happy with one of these dual-licensed ones.

A little related anecdote told to me by an MySQL employee (who’s name shall remain untold). He described how they still haven’t implemented a feature in MySQL that many people have requested, since they according to him don’t want to cram in more stuff in the existing branch but instead are releasing it in the next major release (due to release in 4-6 months or similar). In the next sentence he explained how they already have it implemented in the closed version for at least one paying customer… Any (other) true open source project would’ve made that change available as a patch/branch in the GPL version for the public.

I’m pretty sure I personally would release my patches as open source only if I would change any code for any of these products. But yeah, that would mean that they would never get incorporated into their “real” products…

Open Source

They can’t do it so I won’t

1 Comment

I listened to a recent episode of the Linux Action Show podcast the other day (s9e4), and in that episode the hosts Bryan and Chris really lost touch with reality.

First they started ranting about how “the Linux Desktop” needs an eco system for proprietary closed-source applications. They claimed that we cannot make good quality software entirely open source, that open source products and tools won’t be as good as proprietary ones. They apparently decided that the reason there’s a lack of some tools (notable example that these guys like to bring up: video editors) is that the creators of these tools don’t make them proprietary so that they can sell them.

Of course they had nothing to back up their claims but a few random guesses from their behalf.

Then, after that whole weird segment that seemed to be taken out of the blue, Bryan strikes with announcing how he intends to improve the linux desktop environment by start selling two proprietary tools to the world to show that it can be done and yada yada.

I mean, this guy has never done any particular open source or free software contribution of significance. It’s not like he even tried to contribute and make a living off of something related. They decided that others have tried and failed, so he shall not.

The two tools he now sell are two minor tools that will prove nothing about how proprietary programs can or cannot survive on the Linux market. If he fails to sell enough to make a living it just says nobody wanted his niche products well enough (or that he asks too much money for them), and in case he does get money from the products to make a decent living it is not a proof that he couldn’t have made a business case for an open source version.

These are two guys who tend to praise linux and open source and everything in episode after episode. In my view, the open source world has proven over and over again that it is capable of producing and making just about anything to a quality that matches and surpasses those of the proprietary closed-source world. These guys just happen to come to a conclusion that this concept doesn’t work exactly at the same time when one of them decides it’s time to sell proprietary linux software?

I say hypocrites.

Licensing, Rockbox

Rockbox is mainly GPL v2 or later

I just wanted to express this loud and clearly:

At the Rockbox devcon back in June, we discussed this issue and we did deem the Rockbox license to be “GPL v2 or later”, so during this summer we have updated the Rockbox source code headers pretty much all over to reflect this fact. (Previously we had a bit of flux where the exact “v2” or “v2 or later” status wasn’t expressed.)

Of course we have not (and should not) change the headers for files we have imported into the project, and there are still pieces in Rockbox that are plain GPLv2 (without the “or later”) like a few snippets that origin from the Linux kernel.

We also did receive permission from Bernard Leach, the main ipodlinux kernel hacker, to put his code under the “v2 or later” label as well.

The net result is of course that Rockbox is GPLv2 but with the largest parts v2 or later.

Rockbox

cURL and libcurl, libssh2, Open Source

Projects in need of your help

I’m involved in numerous projects, and a subset of them take a lot of my “copious” spare time. This has the unfortunate downside that a few other projects get left behind a bit. Projects that also really could use with some more attention and improvements. Two of the most obvious examples of this are c-ares and libssh2. Coincidentally, both of these projects are also used by libcurl (although of course also by others).

c-ares is a library that performs asynchronous DNS lookups. It is quite mature and functional already, as it is based on the ares project and has been proved in use for quite some time. There are currently one or two issues that have appeared recently when the Debian project tried to provide the curl package built with c-ares…

libssh2 is a client library for talking SSH2 with servers. There are actually not very many SSH libraries “out there”, and in an evaluation I did a few years ago libssh2 was the best one around. libcurl uses libssh2 for SCP and SFTP transfers, and it (libssh2) does suffer from a few API flaws, a few bugs and perhaps most noticably it is significantly slower than the openssh tools in just about all transfer tests.

I’m still highly involved in both of these projects, but lack of time prevents me from participating as much as I’d like to.

Open Source

“Nordic” Projects?

4 Comments

It did struck me why the idea of handing the Nordic Free Software Award to a project feels like a bad idea: Free Software projects really aren’t geographical in general.

People tend to live at a fixed location for a specific time and thus you can say that N is living in a Nordic country or not.

Free Software projects however, are not even allowed to exclude people from other places and even projects that may origin at once place or even have its largest user-base in a particular geographical spot.

Last year’s Nordic Free Software Award was handed to Skolelinux since I believe the project origins in Norway (a nordic country) and some of the leading persons in the project are Norwegian. But is that then a nordic project? I don’t want to claim that it isn’t because I honestly don’t know, but their web site certainly says nothing about it being restricted or limited to nordic countries in any significant way. If it does, I couldn’t find it.

I am the primary person and maintainer behind curl but I wouldn’t dream of calling it a “nordic” project. The trio who started Rockbox are all Swedish but calling it a nordic project would just make me laugh.

Isn’t it so, that if you can come up with a “Nordic” Free Software project that currently only lives and strives within one or more Nordic countries without spreading itself over the world, isn’t that then more likely to be a proof of a failure of said project than anything else?

Open Source

Your favourite Free Software persoject!

2 Comments

So they’ve opened the nomination process for the Nordic Free Software Award 2008.

Now’s the perfect time to run over and submit your favourite “nordic” free software person and have him/her get some of the appreciation he/she deserves.

Ah you can in fact also nominate teams or projects for this award as well, as last year the Skolelinux was awarded the price. I’m actually not really sure that I like that. I think the price should either be for single persons or for teams and projects.

If you rather be in the jury for the awards, the guys are also looking for such people!

Electronics, Open Source

Bright Mobile Open Source Future

There have been so many open source initiatives for mobile phones in recent years it’s not even funny (limo, openmoko, Android to name some of the possibly biggest ones). The amount of actual phones on the market using one of them have been very very limited. Apparently there are some Motorola phones running Linux and you can get the Linux-based Nokia N800 tablets but they’re not even phones!

Obviously something has happened in the market though. Perhaps all those initiatives have pushed the big ones into thinking in more open source ways. The most interesting part of today’s news about Nokia buying the entire Symbian is their stated intension to open source it. (they’ve even already chosen the Eclipse Public License for it). It’ll be intereseting to see if there’s any interesting synergies coming up from Nokia’s previous purchase of Trolltech.

Of course, even Symbian has but a small fraction of the entire phone market as they sold 18.5 millions units in Q1 2008. IDC says 291 million phones were sold in the world during Q1 2008, which thus should position Symbian on roughly 6% of the phones that are sold today in the world!

I’m also curious if this will mean that Nokia will use Symbian on a larger scale on their own phones, as currently they seem to use Symbian only on a very small portion of their high-end phones. With Nokia owning the whole thing, they might see a bigger motivation to consolidate their own use of operating systems.

Mail, Open Source

alpine in, pine out

2 Comments

As one of the last living dinosaurs on the planet still using text-based email clients, I realized that pine has been replaced by alpine and I upgraded to that. When doing some reading up on the subject, I noticed that there’s another old grumpy guy still using this client. I’m not sure exactly what that says…

Anyway, the upside of this switch is that this client is now distributed under a proper open source license (Apache license 2.0), as that’s what I’ve been getting in my face from mutt users for years when I’ve explained what I use! (I mean the complaint that pine wasn’t proper open source)

Development, Open Source, Security

Coverity’s open source bug report

The great guys at scan.coverity.com published their Open Source Report 2008 in which they detail findings about source code they’ve monitored and how quality and bug density etc have changed over time since they started scanning over 250 popular open source projects. curl is one of the projects included.

Some highlights from the report:

  • curl is mentioned as one of the (few) projects that fixed all defects identified by coverity
  • from their start, the average defect frequency has gone down from one defect per 3333 lines of code to one defect per 4000 lines
  • they find no support to backup the old belief that there’s a correlation between function length and bug count
  • the average function length is 66 lines

And the top-5 most frequently detected defects are:

  1. NULL Pointer Dereference 28%
  2. Resource Leak 26%
  3. Unintentional Ignored Expressions 10%
  4. Use Before Test (NULL) 8%
  5. Buffer Overrun (statically allocated) 6%

For all details and more fun reading, see the full Open Source Report 2008 (1MB pdf)