
In 2019, multiple open source companies changed course - feross
https://arstechnica.com/?p=1503799
======
Doctor_Fegg
> Open source licenses vary, but the gist since the 1998 founding of OSI has
> generally been as follows: you can take this code and do what you want with
> it, but you can't make the code proprietary, and if you use it in another
> project, then that project can't be proprietary either

What? No, that's not what "open source" means. Not at all. That's "copyleft"
or "viral" or "sharealike", but not a universal definition of "open source".

~~~
gpderetta
It is not even the definition of free software. The FSF itself acknowledges
that permissive licenses are still free software. (all free software licenses
are open source and viceversa, the different nomenclature is only a matter of
principles).

------
quantummkv
> As Perens puts it, "we have to draw a line between 'open source' and the
> right to make money with open source. The open source definition allows, but
> does not support, your right to make money. We're not going to change the
> rules because you can make money better that way."

This right here. When you open source something, you are basically
volunteering to write code. By the very definition, volunteering to do
something does not entitle you to anything. Imagine how weird it would sound
if people started asking money to volunteer in soup kitchens.

If you think you are entitled to something for your work, don't volunteer.
Make it a service and charge. If you think writing some code used by someone
entitles you to some money, make it proprietary code and start charging like
Microsoft does. No one is going to stop you.

~~~
pstuart
What about dual licensing? Pure GPL or commercial license?

Seems like fair trade

~~~
bonoboTP
"Commercial" is not the antonym of free software/open source. "Proprietary"
is.

You can (and many companies do) make money with (i.e. commercialize) open
source software.

------
dimitar
Most of the examples appear to be NoSQL datastores. Now it is kindof obvious
why Datomic is not open-source.

And yet software like Wordpress has thrived for many years without their
creators being tempted to change licenses (Wordpress.com wasn't crushed by
AWS, shared hosting or even WP-as-a-service vendors).

What is different about these DBs?

~~~
ohazi
Consumers don't really care whether the software they use is open-source,
they'll just use whatever looks good and works. So hosted WordPress does well,
but Medium also does well.

Engineers are rightfully wary of using proprietary databases. Decades of bugs
leading to integrity issues on decades worth of data. They're not willing to
relive those days. Luckily, the world of open-source, battle-tested,
academically reviewed databases is large and mature.

So any upstart peddling funky "throw out all that academic rigor and try this
nosql shit" is rightfully squinted at. Open-source has essentially become
table stakes for DBs, since no engineer will look at you otherwise.

These nosql companies are trying to be proprietary while still meeting the
table stakes. Given the other expectations around open-source, the whole thing
has a "two kids in a trenchcoat" look to it.

~~~
colejohnson66
> Engineers are rightfully wary of using proprietary databases. Decades of
> bugs leading to integrity issues on decades worth of data. They're not
> willing to relive those days. Luckily, the world of open-source, battle-
> tested, academically reviewed databases is large and mature.

Not that you are, but we need to be careful with the “open source === good
quality.” OpenSSL has Heartbleed for years

~~~
na85
I'd still argue that, despite Heartbleed, openssl was/is still of good
quality.

------
zby
Open Source is about licenses - Saas is making licenses obsolete.

I think the story is more about universal cloud providers dominating
specialized Library as a Service providers (AWS dominating MongoDB) - the fact
that the smaller providers publish their software as OpenSource is not
relevant to the story, Amazon could publish their solution as OpenSource and
still kill MongoDB.

[https://medium.com/hackernoon/aws-and-mongo-and-open-
source-...](https://medium.com/hackernoon/aws-and-mongo-and-open-source-
efcdcfb00514)

It all leads to very big and probably monopolistic cloud providers. To have
more competition maybe what we need is mandating Open Source for Saas. We
would also have some positive externalities in the form of code. Businesswise
this would not be a big deal - exactly because selling the full package (i.e.
cloud provided Saas) is dominating selling licenses. There are some
technicalities to overcome - like how/where it should be published, what
should be published (what is the source? what code is really used in Saas and
what is internal code?) and when it should be published (immediately upon
going live?).

It can also be justified on the grounds of people should know what they are
buying.

~~~
na85
>Saas is making licenses obsolete

Exactly this. I don't see the point of, say, the AGPL because it can't
possibly be enforced: Short of a whistleblower or other leak, have no way of
knowing if I'm connecting to AGPL software, or merely something that's API-
compatible.

~~~
_frkl
> >Saas is making licenses obsolete

> Exactly this. I don't see the point of, say, the AGPL because it can't
> possibly be enforced: Short of a whistleblower or other leak, have no way of
> knowing if I'm connecting to AGPL software, or merely something that's API-
> compatible.

I don't think that is people's main concern. As a developer I'd trust that
most companies will honour the terms of a license, and if they don't it'd be
unknowingly in most cases. It's too much of a legal risk, and not worth it in
most cases.

The issue is that GPL licensed software can be legally used in Saas use-cases
because it needs to be distributed for the gpl to get triggered. In the case
of AGPL that loophole is closed, but it's still possible to use AGPL software
in a Saas product in the case where it is not used directly, basically. For
example, in most cases it's legal to call an AGPL command-line application you
modified from a backend service, without having to share your modifications.
At least that is my understanding.

Either way, my point is that the concern is about legal use-cases, not illegal
ones.

------
xvilka
I am rooting for two Rust alternatives to Elastic stack - Sonic[1] and
Vector[2](logstash alternative). Too bad they currently cannot work
together[3]. Java is a poor choice performance-wise, and in a scaled
applications it can make a huge difference.

[1]
[https://github.com/valeriansaliou/sonic](https://github.com/valeriansaliou/sonic)

[2] [https://vector.dev/](https://vector.dev/)

[3]
[https://github.com/timberio/vector/issues/988](https://github.com/timberio/vector/issues/988)

~~~
edsiper2
Logstash alternatives with Elasticsearch support:

[1] [https://www.fluentd.org](https://www.fluentd.org) (Ruby Language)

[2] [https://fluentbit.io](https://fluentbit.io) (C Language)

------
bitwize
It looks like open source in the traditional sense is on the wane. Powerful
forces demand license stipulations that conflict with open source licensing.
The social justice crowd doesn't want their software used by ICE, and big
companies don't want their code releases to undermine their business model. In
the future, hackers sympathetic to Extinction Rebellion may want to deny
access to their software to organizations who contributed to global-warming
denialism.

Eventually the OSI leadership will resign; they may be pressured to do so very
soon. There are too many powerful interests for whom the OSD as it is poses
significant problems.

------
zubspace
A very interesting article. As I read it, SaaS providers can integrate GPL
code in their service without opening up any of their code, competing with
other, similar services. But, isn't that what open source is about? Providing
an utility for everyone to use, even in a corporate setting? It's like someone
providing a Linux distribution with a license which says, that you're not
allowed to make money with it.

I think MongoDB from the article simply provided a SaaS service, which was too
simple too copy without any unique features. Ain't this their own fault?

~~~
tsimionescu
Basically, open source software that has stood the test of time has either
been supported by non-commercial entities (e.g. GNU, Firefox) or has been a
collaboration of many commercial entities (e.g. Linux, clang, Java).

Trying to sell a free product that you are developing does not seem like a
workable business model. Open-source products which are developed almost
entirely by a company with a questionable business model are unlikely to
remain healthy in the long run.

~~~
gpderetta
As pointed out elsethread, it seems to be working for Qt.

------
lacker
Sometimes it feels like the conventional wisdom is that open source is
struggling for a business model. But despite the competition from AWS, MongoDB
is now a public company worth $7 billion. Quarterly revenue is $90 million. It
seems like they have found a decent business model, to me.

The formula: make popular open source software, get an audience of people who
happily use that software, sell related services to that audience.

~~~
cycloptic
MongoDB is not open source software anymore. The article even mentions it so:
"The SSPL is not an open source license and it never will be."

------
KaoruAoiShiho
Err yeah of course it's the right move. The article says that the other
alternative to pure open source is proprietary. Well obviously proprietary is
bad for society, so if there is a way to construct a license that's at least
partially open that's way better than completely proprietary. It's sad but I
feel that AWS in 2019 has completely killed a business model.

~~~
AlexB138
I'm a big fan of open source, but why is it obvious that "proprietary is bad
for society", exactly? I'd venture to guess that most of the people that
frequent this site work for companies that sell proprietary software in some
form or another. People being employed is pretty beneficial to society.

~~~
ahnick
The FSF provides a fairly long (strongly worded?) list of reasons on this
page.
[https://www.gnu.org/proprietary/proprietary.en.html](https://www.gnu.org/proprietary/proprietary.en.html)

IMHO proprietary software is better than no software, but open source software
is better than proprietary software in terms of societal benefit.

My favorite open source business model is the "Free Software Product" model.
(Best articulated here -> [https://sfosc.org/docs/book/business-models/#free-
software-p...](https://sfosc.org/docs/book/business-models/#free-software-
product))

The core ideas are: 1\. Free software products have trademarked, proprietary
distributions, with commercial terms attached. 2\. Free software products
(may) have 100% open source distributions, but they must use different
trademarks and naming conventions, and receive no direct customer support or
interaction from the upstream. They are strictly downstream repackaging of the
proprietary upstream distribution. This is true regardless of which source
code repository is being committed to - the user relationship is defined in
terms of the commercial product, not the free software project.

By either using this model on its own or combining it with OpenSaaS, I think
it is entirely possible to run a profitable business, while providing public
access to the code that benefits society.

------
flurdy
Is there a new license in use that allows fairly open use but not as a for-
profit SAAS?

Is that what SSPL tried to do?

For years I hoped the LAGPL (Lesser Affero GPL) would turn popular. [1] But I
guess it needs a bigger organisation behind to get real lawyers to write it
and promote it.

In essence I'd just want MIT+NOSAAS or Apache+NOSAAS.

[1]
[http://mo.morsi.org/blog/2009/08/13/Lesser_Affero_GPLv3/](http://mo.morsi.org/blog/2009/08/13/Lesser_Affero_GPLv3/)

------
Wowfunhappy
> Since the SSPL forces any SaaS software that is aggregated with the covered
> software, but not a derivative of it, to nevertheless be open source, it
> fails this test.

Broadly speaking, what is the utility in not allowing this?

~~~
waisbrot
The OSI's purpose is to serve business interests. SaaS providers got their
feet in the door before these database companies, so they're getting more of
the benefits.

------
microcolonel
The Action Button thing is cool. Seems like it could multiply the political
importance of the publication.

------
BFatts
Unfortunately "you can take this code and do what you want with it, but you
can't make the code proprietary" is not the Open Source definition AT ALL.
This applies to software released under the GNU licenses, or copyleft
licenses.

Open source can MOST DEFINITELY be made totally proprietary.

------
jbk
What’s wrong with the AGPL, that they cannot use it, as a software license?

~~~
zackbrown
MongoDB used the AGPL for years but transitioned to the SSPL when AGPL turned
out to offer insufficient protection from being "AWS"d.

Mongo's explanation: "[there was] confusion in the marketplace about the
trigger and scope of the Remote Network Interaction provision of AGPL" [1]

Though, ultimately, AWS's "work-around" to this arms-race was to reverse-
engineer MongoDB, abiding by its interface & APIs to offer a drop-in
replacement: DocumentDB. [2]

[1] [https://www.mongodb.com/licensing/server-side-public-
license...](https://www.mongodb.com/licensing/server-side-public-
license/faq#how-data-is-stored)

[2] [https://aws.amazon.com/blogs/aws/new-amazon-documentdb-
with-...](https://aws.amazon.com/blogs/aws/new-amazon-documentdb-with-mongodb-
compatibility-fast-scalable-and-highly-available/)

~~~
saagarjha
> Mongo's explanation: "[there was] confusion in the marketplace about the
> trigger and scope of the Remote Network Interaction provision of AGPL" [1]

I don't understand how this flies at all. The AGPL to me clearly includes AWS
in its text, as it's a service offered over the network?

~~~
detaro
> _The AGPL to me clearly includes AWS in its text, as it 's a service offered
> over the network?_

It does. As a consequence, AWS would have to share the source code of MongoDB
with everyone. Which costs them nothing and gains MongoDB-the-company nothing,
while MongoDB-the-company probably looses a good chunk of income because AWS
can offer their product better integrated with the rest of AWS, under the same
billing, ...

------
branon
Ah, feross again. This is the guy behind the npm 'funding' fiasco. He wants to
(and did) put ads in your terminal:
[https://github.com/standard/standard/issues/1381](https://github.com/standard/standard/issues/1381)

_Some people_ might have you believe that if free software isn't generating ad
revenue, or isn't being relicensed for cloud deployments to make gobs of
money, then it's somehow "unsustainable."

I disagree, and choose to disregard most projects that behave this way.

~~~
dang
You appear to have posted this just because he is the submitter of the
article. Is that true? If so, that's crossing into personal attack, which is
not allowed here.

~~~
branon
Not meant to attack. I thought it was funny to see an article of this specific
tone. Made sense after I realized who OP was.

I don't dislike the guy, I just know his views, and choose to contest them.

~~~
dang
Ok, that's fair. But intent doesn't express itself in internet comments,
unfortunately, so if you don't disambiguate up front, you're likely to be
interpreted through the most common filters, which alas are the nasty ones. I
know it's extra work, but the burden is on each of us to do that.

feross has submitted a ton of great articles to HN and is often the first user
to find them. From that we all benefit, regardless of our views on ads, etc.

