[Discuss] OSS licenses (was Home NAS redux)

[invalid at pizzashack.org (Derek Martin)]

On Mon, Jan 07, 2013 at 02:52:31PM -0500, Mark Woodward wrote:
> If it is merely your rights, then the GPL does not get in your way.

Neither does any other OSS license.

> The GPL protects the rights of people that you would otherwise deny
> the rights by which you originally acquired the software.

...which, if you are the author of a derivative work, takes away your
freedom to control how that derivative work is distributed.  In other
words, it provides you LESS freedom.  Under both types of licenses,
third party users still get to use and redistribute the original work
from which yours is derived, regardless of what you do.  So there's no
loss of freedom there.

> >>Think of it in terms of a chain. From originator to You, you
> >>receive the software. Under GPL you can do anything you like with
> >>that software. ANYTHING. Seriously. Anything.
> >Not anything.  In particular, what you do with it after you've
> >modified it is very tightly controlled.
> Not true, you can do what ever you want to do with the software. 

Except distribute it as you please.  Note that I did not say
"redistribute"--the derivative work you have created, which let's be
clear IS YOUR WORK, can not be distributed AT ALL, except under the
terms of the GPL.  It can not be redistributed, because it as yet has
never been distributed.  And it never will be, under these
circumstances (the assumption being that the GPL is not acceptable to
the author of the derivative work, for whatever reason).

> You can't make it less free than you got it. 

You can't make it more free either.  That is the down side of the GPL.

> Under most western civilizations, redistribution is not a right, it
> is a privilege granted by the copyright holder.

Exactly.

> >Licences other than the GPL in no way restrict the user receiving your
> >software from fetching the original software on which your software is
> >based.  Using the GPL only restricts you from being able to deny that
> >right to others for your derived work.
> 
> That's sort of the issue of freedom. What ever you did based on GPL
> software was a product of your freedom to use the GPL software. The
> original package is directly responsible. 

That's no less true if you substitute BSD for GPL.  But here's the
rub:  If you can't afford to do that derivative work without
protecting your right to earn a profit based on the product of your
work, that's a strong disincentive to do the work.  The GPL not only
encourages, but actively enforces this scenario, where using code
based on a BSD license allows the work to get done.  

It seems very plausible that there have been cases where someone
wanted to implement software where either relying on a suite of free
libraries or taking a prohibitively long time to reimplement them
would have been required.  It seems equally plausible that the
entities interested in doing so were for-profit software companies,
for whom earning revenue from the results was a necessity.  The
logical conclusion is that the cost of using free libraries was
prohibitively high, and either the project was not undertaken, or
private versions of the libraries were reimplemented, substantially
increasing the cost of the project for the company, and therefore for
the customers for whom such a product would be a desirable tool.

I submit to you that this effect is BAD.  For everyone.  It means that
a previously nonexistant solution to an existing problem either
doesn't get implemented, or ends up costing potentially much more.
But that's not to say that this problem is universally true, nor is it
to say that the GPL is inherently bad.  It simply is that GPL is not
the right license for every project.  As has been said throughout this
thread, you need to consider what your goal is, and use the correct
license to achieve that.  GPL is as much a political statement as it
is a way to provide code for free; if your goal is only the latter, a
non-GPL license may be much better for you.

> If it were otherwise, there would be no issue. Is a feedom to deny
> freedom really a freedom? 

I already answered: yes, it very much is.  Freedom to control the
fruits of my labor is indeed a freedom.

> You are free to do what ever you want with *your* code, but
> if you augment someone else's code, you can't supplant their
> judgment with yours. You got the code for free.

That very much depends on the license they chose to use.  If they used
a BSD license, as I generally do for my own projects, I can indeed
supplant their judgement with my own--not absolutely, but to a large
extent.  They expressly provide me that right.

> >>Do you feel that you have the right to deny freedom to a subsequent
> >>user? Is the freedom to deny freedom really a freedom?
> 
> >Absolutely.  To both questions.  Copyright law grants you that right,
> 
> It does not. "Copyright" allows you to control your work, not the
> work of others.

The derivative work IS my work.  If I'm developing a derivative work
based on "free" software, the license of the upstream work can only
restrict me, and what/how I distribute derivative work.    So long as
it grants me the right to do so, which many OSS licenses do, copyright
law very much gives me the right to restrict what downstream does.
And sometimes, this is a Good Thing.  If the software is TRULY free
(i.e. public domain), I have no restrictions whatever.  That is as
free as you can get.

> >I do still think that it provides benefit to both the copyright
> >holder and, yes, even their customers, under the right
> >circumstances.  Even the FSF recognizes that this is a right, and
> >one that's often useful.  Hence was the LGPL created.
> 
> The LGPL has its own issues and that's another debate.

Which takes nothing away from the fact that the FSF recognizes its
value, even if you may not.

> >The BSD license is truly more free than the GPL; it has far fewer
> >restrictions.  I'm not saying one is better than the other...  Both
> >have their own--different--goals, which I think is fine.
> 
> I don't believe that the MIT or BSD license is more "free." When the
> "free" we are discussing is "freedom" and not price. 

Clearly.  But your belief contradicts the definition of freedom.  They
place fewer restrictions on anyone who may be subject to the license;
thus BY DEFINITION, your assertion is false.

> The GPL and strong licenses like it, 

A license can not be strong without being restrictive; again that is
the definition of less free.

> protect software freedom by preventing code from being modified and
> disappearing. The prime example of this is Microsoft's actions with
> kerberos. 

This did not lessen the usefulness of Kerberos.  This did not make
Kerberos less available.  The harm here was that Microsoft leveraged
its near-monopoly power to take something that was free and create a
version of it that non-customers could not interoperate with.  If the
MIT license did not allow this, they could almost as easily have
created something that was similar to Kerberos, but different enough
that it did not infringe on the license.  Or they could have simply
implemented a clean-room implementation.

The problem here is not the MIT license, but the monopolistic power of
another entity hell bent on owning the world (or at least its IT
infrastructure).  If Microsoft was not a monopoly, they would have
been forced to conform to the industry's standard implementation.
License had nothing to do with this problem.  And don't get me wrong,
I definitely find fault with Microsoft here.  But not with the
license.

> GPL would have protected it.

If Kerberos were GPL-licensed, Microsoft would just have done
something else with exactly the same effect.  In fact it probably
would have been worse for the industry, because implementers would
have to reverse-engineer their entire protocol, rather than just
Microsoft's specific changes.  And besides, with the current
implementation, you can use an MIT kerberos KDC, and interoperate.  If
their solution wasn't based on Kerberos, that would likely not be an
option.  And if Kerberos were under GPL, their solution wouldn't be
Kerberos.

> Instead, it was used as a tool to exclude security vendors. The MIT
> license, according to you, is more free, but that very same license
> was used to make something very un-free.

Which is a freedom allowed by that license.  It's very free indeed.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.