'Our licenses aren't working anymore,' says free software pioneer:
Bruce Perens, one of the founders of the Open Source movement, is ready for what comes next: the Post-Open Source movement.
"I've written papers about it, and I've tried to put together a prototype license," Perens explains in an interview with The Register. "Obviously, I need help from a lawyer. And then the next step is to go for grant money."
Perens says there are several pressing problems that the open source community needs to address.
"First of all, our licenses aren't working anymore," he said. "We've had enough time that businesses have found all of the loopholes and thus we need to do something new. The GPL is not acting the way the GPL should have done when one-third of all paid-for Linux systems are sold with a GPL circumvention. That's RHEL."
RHEL stands for Red Hat Enterprise Linux, which in June, under IBM's ownership, stopped making its source code available as required under the GPL.
[...] "They aren't really Red Hat any longer, they're IBM," Perens writes in the note he shared with The Register. "And of course they stopped distributing CentOS, and for a long time they've done something that I feel violates the GPL, and my defamation case was about another company doing the exact same thing: They tell you that if you are a RHEL customer, you can't disclose the GPL source for security patches that RHEL makes, because they won't allow you to be a customer any longer. IBM employees assert that they are still feeding patches to the upstream open source project, but of course they aren't required to do so.
"This has gone on for a long time, and only the fact that Red Hat made a public distribution of CentOS (essentially an unbranded version of RHEL) made it tolerable. Now IBM isn't doing that any longer. So I feel that IBM has gotten everything it wants from the open source developer community now, and we've received something of a middle finger from them.
"Obviously CentOS was important to companies as well, and they are running for the wings in adopting Rocky Linux. I could wish they went to a Debian derivative, but OK. But we have a number of straws on the Open Source camel's back. Will one break it?"
Another straw burdening the Open Source camel, Perens writes, "is that Open Source has completely failed to serve the common person. For the most part, if they use us at all they do so through a proprietary software company's systems, like Apple iOS or Google Android, both of which use Open Source for infrastructure but the apps are mostly proprietary. The common person doesn't know about Open Source, they don't know about the freedoms we promote which are increasingly in their interest. Indeed, Open Source is used today to surveil and even oppress them."
Free Software, Perens explains, is now 50 years old and the first announcement of Open Source occurred 30 years ago. "Isn't it time for us to take a look at what we've been doing, and see if we can do better? Well, yes, but we need to preserve Open Source at the same time. Open Source will continue to exist and provide the same rules and paradigm, and the thing that comes after Open Source should be called something else and should never try to pass itself off as Open Source. So far, I call it Post-Open."
Post-Open, as he describes it, is a bit more involved than Open Source. It would define the corporate relationship with developers to ensure companies paid a fair amount for the benefits they receive. It would remain free for individuals and non-profit, and would entail just one license.
He imagines a simple yearly compliance process that gets companies all the rights they need to use Post-Open software. And they'd fund developers who would be encouraged to write software that's usable by the common person, as opposed to technical experts.
Pointing to popular applications from Apple, Google, and Microsoft, Perens says: "A lot of the software is oriented toward the customer being the product – they're certainly surveilled a great deal, and in some cases are actually abused. So it's a good time for open source to actually do stuff for normal people."
The reason that doesn't often happen today, says Perens, is that open source developers tend to write code for themselves and those who are similarly adept with technology. The way to avoid that, he argues, is to pay developers, so they have support to take the time to make user-friendly applications.
Companies, he suggests, would foot the bill, which could be apportioned to contributing developers using the sort of software that instruments GitHub and shows who contributes what to which products. Merico, he says, is a company that provides such software.
Perens acknowledges that a lot of stumbling blocks need to be overcome, like finding an acceptable entity to handle the measurements and distribution of funds. What's more, the financial arrangements have to appeal to enough developers.
"And all of this has to be transparent and adjustable enough that it doesn't fork 100 different ways," he muses. "So, you know, that's one of my big questions. Can this really happen?"
Related Stories
Bruce Perens is working on licensing for a new, post-Open Source era to take open source licensing past the apparent stalling point it has reached on its way towards software freedom. As he noted earlier, current licenses are not meeting that goal and businesses have either found loophole or just plain been allowed to ignore the licensing. A move more towards a contract is needed.
At the link below is the first draft of the Post-Open License. This is not yet the product of a qualified attorney, and you shouldn't apply it to your own work yet. There isn't context for this license yet, so some things won't make sense: for example the license is administered by an entity called the "POST-OPEN ADMINISTRATION" and I haven't figured out how to structure that organization so that people can trust it. There are probably also terms I can't get away with legally, this awaits work with a lawyer.
Because the license attempts to handle very many problems that have arisen with Open Source licensing, it's big. It's approaching the size of AGPL3, which I guess is a metric for a relatively modern license, since AGPL3 is now 17 years old
The draft license is quite long since it covers quite a few scenarios.
Previously:
(2023) What Comes After Open Source? Bruce Perens is Working on It
(2018) The Next 20 Years of Open Source Software Begins Today
(Score: 5, Insightful) by ShovelOperator1 on Sunday December 31 2023, @12:21PM (3 children)
What should be done, is not to change the license drastically. It is to enforce complying with it.
There is a clear description what should be open in the GPL. It clearly prohibits forcing the need to use flashing tools stolen from Chinese software distributors, what is common in these Android phones. It clearly prohibits intentional sabotage of the code to make GPLed version unusable, which is present in more and more of web-based projects. It clearly states what should be done with patches.
The only thing we should do is to enforce the license both for people and for corporations. Currently corporations are not punished for license violations until they do something really awful, but not to authors, but to other corporations. For example, scraping and lossy compressing almost entire Internet with its variety of licenses and then sharing it on commercial license for one company's profit is not a crime - for the corporation. Meanwhile, when you, as an individual, do the same thing with e.g. a movie (this time compressing with lossy x264 instead of lossy ANN), you are a big bad pirate even if you don't earn from it!
Years of development of GPL-like licenses protected it well against TiVo-ization, forced unusability or flooding with responsibility claims. However, no license will protect against impunity of American corporations.
And this "free for one, closed for another" is a farce like these CLAs (most of them look like they're made to block libre forks after something goes closed), it will end like a cable TV - to remind, cable TV services were purchased because, contrary to the over-the-air TV, cable had little or no ads. Then, it started to have ads between movies. Then, like the over-the-air TV, it went with adding advertisement breaks in movies which was the reason why people abandoned the typical TV.
We can of course enforce the thing even more, put more strict claims in the license, minimize commercial usage to the support and directly separate these ("Leftists! Leftists!" - corporate trolls squeak), but it will not work if it is not enforced. And in current situation it's too late to enforce the law on corporations.
(Score: 3, Interesting) by turgid on Sunday December 31 2023, @01:39PM (2 children)
Over the years I've heard some very strange arguments from management types about why "we don't need to publish our source code." I've heard of spurious agreements with vendors which make no sense. At one place, the site manager declared that we wouldn't be using any GPLv3 tools since they "infect our code." They really struggle to distinguish between using some software as a tool to accomplish a task or as a component in a product. Remember "Linux is a cancer?"
I've also been to lectures by corporate lawyers, which made much more sense and tended to align rather closely with my own reading of the various FOSS licences.
When the lawyers go to court, that's what really matters. The problem is, the only people who can afford those sorts of lawyers are large corporations.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 5, Insightful) by loonycyborg on Sunday December 31 2023, @02:54PM (1 child)
Most of "closed-source" mindset comes from non-coder people. They would prefer code to be value in itself so coders could be replaced more easily. While in practice it's not as easy. Most code bases are only valuable as long as their maintainers are active. Otherwise bit rot sets in, no bugfixes and ports to new platforms, no new features, etc. So only practical benefits of closing source is being able to fire coders and still keep income from existing codebase until it bitrots.
(Score: 5, Insightful) by Thexalon on Sunday December 31 2023, @03:16PM
It's worth understanding something else too: The sole benefit of open-source code, from the point of view of management, is that it convinces people they don't have to pay to contribute code (including maintenance patches) to their own company's code base. That's all that they want. Any talk that a suit makes about open-source values or philosophy, and even maybe releasing a patch now and then, is all about public relations and nothing else.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 4, Interesting) by looorg on Sunday December 31 2023, @01:09PM (4 children)
Post-Open, not sure that is the best name -- wouldn't that be closed then? After open tends to after all be closed, in the process of closing or I guess nothing was done and it's still open. But in general something has to change or there was no change and if there was no change you don't need a fancy new name for it.
So mostly about licensing and compensation then. But if the future is the somewhat Closed source movement isn't that something we already have? Just normal companies. The semi-open movement? Where big companies take free shit and make it their own? We currently appear to have that one to various degrees.
Oh it's the third option where the idea is that some companies would pay open source developers? Wouldn't that sort of make them employees or contractors then? It is probably somewhat rare that they want to pay someone for something that they then give away, possibly to the competition that didn't then have to pay for any kind of development. Why pay for something that is free to others?
The license will be complicated for sure. Some will probably pay but most will take the free route and just use that, just like today. With a yearly compliance process. Right. This seems like some kind of wishful thinking process.
Not that there are not examples of this working. Various Linux distros comes to mind. Then there are some other companies such as CURL coming to mind that basically started a consultancy company around the product he created. So in essence, multiple-, someone are paying him to fix and develop it and then others to get to enjoy the fruits. But if they want a custom version or help and fixes they have to pay or wait and hope for the best that it gets added or fixed eventually.
If the third route opens tho a lot of open source developers might want to get on the train but not find suitable sponsors. Or the product just isn't good or vital enough to find full time sponsorship. So what are they and their options then? Keep being "old-open" or closed or what? Also it might be hard to accept money from companies if you don't have a company yourself for your normal tax purpose.
Most software isn't for the common person. Also you could in that regard just scratch the open part and conclude that software in general have failed the common person. Still it leaves the option that they don't care. They just want to do something, they don't want to know how or why the sausage was made. They don't care and they don't want to have to buy into your ideology to use the product.
(Score: 5, Insightful) by Thexalon on Sunday December 31 2023, @03:39PM (3 children)
Something that has come to mind is that the risks and behaviors we're talking about now are precisely the things old curmudgeons like RMS were worried about when "free software" morphed into "open source". Because getting business buy-in for what you're doing invariably leads to business thinking taking over, and business thinking is against the entire concept of giving anything of value to anybody for free. Grabbing anything held in common and saying "Thank you all, goodbye" is pretty standard in pretty much all industries, and software is no exception.
Another phenomenon that I'm pretty sure the Open Source people did not anticipate: For-profit companies banding together to keep the software industry a for-profit business. For example, PC manufacturers could save money by releasing machines running the desktop distro of their choice, with a decent choice of applications and such all for free. But they don't, because Intel and Microsoft have worked together to squash that sort of thing to protect Microsoft's profits.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 2) by krishnoid on Sunday December 31 2023, @06:51PM
I think you've touched on the problem:
If you use Libre Software, you've had all the "explains" you need for a couple decades. Linux and BSD quickly had its years everywhere from the supercomputer to under the hood (MacOSX) to Android. But why not on the desktop? I'd say it's the absence of coordinated consumer-level marketing -- not its legal standing.
In the meantime, PC manufacturers are all very happy keeping Linux infrastructural and invisible [youtu.be], which is the opposite of marketing. Marketing command-line utilities with indecipherable names is possible, but definitely seems like the wrong thing to raise awareness of -- again, see MacOSX. Hell, they haven't even tried to market "freedom" and "independence [debian.org]" to people with enough initiative to build their own doomsday shelters.
Embracing a common least-surprise baseline for a graphical user interface, say a familiar-looking browser-workalike UI or even a 256-color curses interface, so it's not out-of-sight-out-of-mind for non-techy people, and coordinating on a Marketing 101 campaign might get a critical mass of people willing to try it. Worked for Microsoft, right?
(Score: 5, Insightful) by loonycyborg on Sunday December 31 2023, @10:54PM (1 child)
Open Source/Free Software isn't about giving away something for free. Instead, it's about growing a shared resource, like a community garden. To everyone's benefit. You contribute your code and in exchange take advantage of other's contributions which dwarf your own by volume in practice. Although software can be easily copied, developer effort is very much limited. And only this part is worth trading. Though not-for-profit is more suitable for it as an organizational form.
(Score: 2) by Thexalon on Monday January 01 2024, @03:46AM
Yes, exactly, and all of that is bad from the point of view of business. They don't want something of value held in common, they want it privately owned so it can be exploited for profit.
To use a metaphor here, imagine a public park where people just built a bunch of roller coasters and other fun rides because they wanted to, and volunteers came in periodically to maintain things and run the rides. No fees charged, just everyone making this happen on public land because they wanted it to exist. The visitors are having a great time, the volunteers are enjoying themselves, scratching their personal itches and making people happy. Heck, those rides even have a better safety record than the commercially-produced coasters. How long do you think the management of Six Flags, Cedar Fair, and Disney would allow that park to exist, especially if the rides got good enough that people who were thinking of going to their parks went to this public park instead?
High-quality, readily available Free Software threatens the entire idea of capitalism, because it demonstrates that something which is held in common by everyone can be as good as or better than what is held privately and sold for profit. That's why businesses will readily cooperate to try to end its existence.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 4, Insightful) by Rosco P. Coltrane on Sunday December 31 2023, @01:56PM (3 children)
ever since my company ran into their lawyers circa 2000 - yes, they've been a bunch of assholes for a quarter of a century now, at least. It's not new.
Now you know what.
You can't do idealism and for-profit. Red Hat tried to convince everybody that they could dance right and left of that particular sword, but eventually showed everybody what they're truly all about: being scumbags and making money off of other people's contributions without giving back.
(Score: 2) by GloomMower on Sunday December 31 2023, @05:39PM
What was the concern with the Lawyers? I believe 2000 was before the move to RHEL, or was that it, around 2003?
Something like buying a license for one RHEL machine and using the rpms and updates for all your other ones?
(Score: 0) by Anonymous Coward on Sunday December 31 2023, @05:41PM
Was that always the case, or just more prominent after IBM bought them (or both)?
(Score: 0) by Anonymous Coward on Sunday December 31 2023, @09:55PM
Cygnus
then DeadRat bought them
(Score: 3, Insightful) by ElizabethGreene on Monday January 01 2024, @01:54PM (2 children)
beep. beep. beep. Back that right on up.
Reading that, it sounds like I'm going to get bent over the table once a year to get audited and license software by people not writing that software and pay people to not support that software. Further, if I, god forbid, anger this licensing agency by not paying them or running afoul of some code of conduct then I am no longer able to use the software they didn't write and don't support.
With the utmost of respect, are you high?
(Score: 2) by VLM on Monday January 01 2024, @06:03PM (1 child)
The only two disagreements I have with you is missing the obvious bulk discount situation and compliance costs.
So small upstart competitors will have to pay full price from day 1 if they want to use gcc or emacs, but to protect entrenched interests I'm sure the licensing authority will provide extremely generous discounts to large businesses.
Google will end up paying $1/year/employee, but if you want to start a company to compete with Google, I'm sure the "fair" license rate will be like $25000/year/employee, something that would make even a CAD/CAM company blush.
I think I will stick with GPL and BSD licensed stuff, thanks!
The compliance cost issue is interesting. "Back in the old cowboy wild west days" in the 90s my license compliance cost to the engineering dept was providing a printed copy of the Debian Free Software Guidelines to the lawyers and pointing out we didn't have contrib or non-free in the sources.list file and we were done. Other departments had somewhat more complicated audit and license struggles. I imagine this will negate all those benefits.
(Score: 2) by ElizabethGreene on Monday January 01 2024, @07:41PM
It would be a damn shame if attempts to "fix" open source broke it in the way Gates and Ballmer failed to do.
(Score: 2) by VLM on Monday January 01 2024, @08:03PM
So if the actual problem is:
in other words, lawlessness, his solution to lawlessness is to create a smaller weaker ecosystem that'll be even easier to legally ignore.
Hmm.
(Score: 2) by VLM on Monday January 01 2024, @08:19PM
Citation needed. There seems to be one anecdote, IBM appears to no long obey the legal requirements of the GPL and it seems nobody can stop them from doing that.
I researched recent figures for distro popularity. RHEL has a big voice in enterprise, kind of like Java or SAP, but redhat and redhat-adjacent is being abandoned by the market overall. I was pondering if this was a problem government regulation could solve, but it seems "the marketplace" has already long been crushing ibm/redhat and replacing it with the whole Debian/Arch ecosystem.
So this boils down to one company is doing something bad, and in possibly related news is being crushed in the marketplace, therefore we have to "fix" the situation for everyone, despite almost everyone being OK, by changing everything for everyone.
Naah.