
When Free Software Depends on Nonfree - stargrave
https://www.gnu.org/philosophy/when-free-depends-on-nonfree
======
pinky07
I am the founder of OpenERP / Odoo and I can't believe what I just read. Just
wrote this mail to RMS, hope he will fix his post:

Although we do sell a service to help companies upgrade, there is also an open
source tool by the Odoo Community Association to upgrade OpenERP: OpenUpgrade.
[1] There is not a single dependency in OpenERP/Odoo against proprietary
software or services. We have always fought about any kind of lock-in.

Can you fix your post? it's probably not the intention of gnu.org to make FUD
against others open source project.

I guess you have been misinformed by Luis since he has done a lot of
misinformation when he decided to fork to promote his project.

Having said that, you should have a look at what we do. We replace thousands
of proprietary management software by Odoo, converting whole governments [2],
SMEs and big companies as well as NGOs. (60% of the top 10 NGOs are run by
Odoo: doctors without borders, red cross, ...)

[1] [https://doc.therp.nl/openupgrade/](https://doc.therp.nl/openupgrade/) [2]
[https://joinup.ec.europa.eu/community/osor/news/portugals-
an...](https://joinup.ec.europa.eu/community/osor/news/portugals-annual-
school-teacher-allocation-handled-open-source-erp)

~~~
jordigh
> an open source tool

I expect rms is gonna say something about being told about "open source", heh.

> There is not a single dependency in OpenERP/Odoo against proprietary
> software or services.

So, do your servers just run OpenUpgrade? Are you basically just helping
others with the overhead of running OpenUpgrade? Or do you have secret sauce
that works stronger, faster, higher than OpenUpgrade?

~~~
ocdtrekkie
RMS may think he is the definition of what is open source and what isn't, that
doesn't mean he is or can't be wrong.

~~~
jordigh
Open source is a synonym for free software coined in 1998 by Christine
Petersen, promoted by Eric Raymond and Bruce Perens and funded by Tim O'Reilly
as part of a memetic marketing campaign to make people stop thinking about
software freedom:

[http://jordi.inversethought.com/blog/5-things-we-have-
forgot...](http://jordi.inversethought.com/blog/5-things-we-have-forgotten-
about-open-source/)

For the most part, it worked. Almost nobody talks about free software, which
is what open source was supposed to refer to.

~~~
ldarby
> Open source is a synonym for free software

False, I suggest you read [http://www.gnu.org/philosophy/open-source-misses-
the-point.e...](http://www.gnu.org/philosophy/open-source-misses-the-
point.en.html)

~~~
jordigh
It was an exacty synonym in 1998. There have been very minor deviations in
very obscure licenses most people haven't heard of, so it's a minor quibble.
The article you quote acknowledges twice,

    
    
        The two terms describe almost the same category of
        software, but they stand for views based on 
        fundamentally different values.
    

and

    
    
        “Free software.” “Open source.” If it's the same 
        software (or nearly so), does it matter which name you
        use?
    

OSI's intent was always to refer to the exact same thing as "free software",
just use different language, and thus different arguments in favour of it.

~~~
cyphar
> OSI's intent was always to refer to the exact same thing as "free software",
> just use different language, and thus different arguments in favour of it.

If you use "different arguments" than freedom to argue about software freedom,
then it's no longer the same movement. The free software movement has always
been about ethics. The open source movement has no ethical backing, it values
code quality over ethical treatment of users (which is why people talk about
"open source DRM implementations" \-- since DRM is meant to subjugate users,
it cannot be free software. But it can be "open source").

~~~
brashrat
wow, I really do not want to quibble with you about something we agree on, so
for the record, "hey everybody, I agree with cyphar!"

However: the GPL2 says that you can impose no restrictions on what what people
can implement with free software so long as they it is only redistributed as
free software, so it seems to me that while DRM'ed software is not free, DRM
software itself could be free. Hey, if a DRM scheme could be designed to
ensure software freedom, it might even be embraced; we already have GPL
clickwrap license clicks which a narrow reading of the GPL might suggest you
can't have (it's an "additional restriction" that the original software you
licensed may not have had; for instance, if clickwraps are covered by law that
the GPL is not covered by, you are forcing additional terms)

I know that the GPL3 had some fine tuning with regard to TiVoization and web
servers, but I'm not aware that it would bar DRM software itself; but perhaps.

OK, I found it here for GPL3. You are partially correct that the GPL3 contains
some anti-DRM measures but not in the sense you describe:

[http://www.gnu.org/licenses/quick-guide-
gplv3.en.html](http://www.gnu.org/licenses/quick-guide-gplv3.en.html) "It's
always possible to use GPLed code to write software that implements DRM.
However, if someone does that with code protected by GPLv3, section 3 says
that the system will not count as an effective technological "protection"
measure. This means that if you break the DRM, you'll be free to distribute
your own software that does that, and you won't be threatened by the DMCA or
similar laws."

I thought one aspect of the GPL (copyleft being a clever copyright hack) is
that the license applies only to the code you are licensing, and not to other
copyrighted works you may have authored, but in a certain sense it does. I'm
sure RMS and Moglen and FSF have thought harder about this than I have, so
it's quite likely I'm missing something; however they do have broader agendas
as well.

~~~
cyphar
If you don't have a system that takes away your freedom with tivoisation, then
yes you can have free software that implements DRM. But there's no purpose to
that software because it cannot be used to restrict your users (the whole
point of DRM). In addition, the software is actually not effectively free
because you cannot exercise any of the freedoms because you might get DMCA'd
(especially freedoms #1 and #3 -- where modification involves removing the
digital handcuffs).

So, _practically speaking_ , you can't have free DRM software. But you can
have "open source" DRM software, because there's no part of the OSI that
classifies software that acts like such a trap as being immoral. The GPLv3
essentially ensures that a user is not threatened by legal threats about
breaking DRM in a piece of free software. It's the only software license that
ensures this AFAIK, so I'm a bit sad more people don't use it for firmware and
other places where defence against tivoisation matters.

------
icebraining
_" upgrading to the next version of OpenERP required sending the database
(full of patients' medical data) to OpenERP's server for reformatting."_

"Required" is a big overstatement. OpenERP (now Odoo) is FOSS, and uses a
standard Postgres database. The thing is that Odoo didn't release the
migration scripts when a new version was released, but you weren't _required_
to use their service; OpenUpgrade[1], a community project for implementing
these scripts, is proof of that - we've successfully used it to migrate all
our clients from version 6.1 to 7 to 8.

Disclaimer: I don't work for Odoo S.A., but I do work for a company that sells
services based on the software.

[1] [https://doc.therp.nl/openupgrade/](https://doc.therp.nl/openupgrade/)

~~~
belorn
Why do Odoo S.A. not release the migration scripts? Is it the core of their
business model that people do not have access to migration and are thus forced
to buy from Odoo?

~~~
pinky07
Two years ago, it used to be our business model: selling maintenance services
to bigger companies (includes unlimited technical support for bugfixes and
upgrades). We tried hard to grow on services rather than selling proprietary
features. (I don't think another open source software vendor succeeded to push
a business model relying on services that far)

We grew up to 300 employees with this model but reached the limit of the
model. (most companies don't want to pay for bugfixes and prefer to buy
upgrades later) Now, we rely on 3 different offers:
[https://odoo.com/pricing](https://odoo.com/pricing)

Since we switched to the new open core model, everything is simpler. Revenues
grew a lot (monthly MRR growth is 242% higher than before) and we can invest
more in the development of the open source product. Relationship with partners
is easier too.

Disclaimer: I am the founder/CEO of Odoo.

~~~
jordigh
> We grew up to 300 employees with this model but reached the limit of the
> model

Why do you need to grow more? 300 sounds like a very big company already.

~~~
pinky07
Mostly, because we are too small for what we do:
[https://www.odoo.com/page/all-apps](https://www.odoo.com/page/all-apps)

Our promise is to cover all enterprise needs in a single software, while being
super easy to use. It's something nobody succeeded for now on. On the market,
you have two types of players: ERP (SAP, Oracle, MS. Dynamics) who deliver a
huge business benefit but a poor usability (expensive and inefficient) and
one-app vendors (trello, slack, mailchimp) who have a great usability but a
low business value. The first category has a huge revenue per customer, and
the second category can attract a lot of customers.

We think we can crack that, and offer the best of the two worlds: all business
needs, fully integrated, with a top notch usability. We are in a very good
position to do it, and be the first to do it. [1] (and every competitors try
to do that but they are far from succeeding)

To succeed, we need serious investments in the product and the service offer.
We don't need to be very big (e.g. 10.000 people), but 300 is too small for
what we do.

tl;dr we want to fix a huge problem and to do it, we need resources.

[1]
[https://odoocdn.com/openerp_website/static/src/img/2016/home...](https://odoocdn.com/openerp_website/static/src/img/2016/home/hp_graph_04.svg)

~~~
jordigh
Quite the marketing pitch. I'm sorry that you had to sell some proprietary
software to do it.

~~~
jordigh
Just wanted to add, I think it is regretful that it was not possible for Odoo
to grow a business on free software. I hope to be able to best Odoo at this
some day, in a different domain.

At the same time, I am unapologetic for classifying pinky07's language as
marketing. Evidence of marketing-speak is in "open source" instead of "free
software", "open core" instead of "proprietary extensions" and other things
such as "top notch usability", "best of both worlds".

------
imron
When I first saw SaaSS I figured RMS had his own acronym for SaaS, and sure
enough further in the article he spells it out - Service as a Software
Substitute.

I like it!

~~~
Dylan16807
Isn't 'substitute' implicit? I don't see the point.

~~~
imron
It is implicit, the point is this makes it _explicit_.

~~~
Dylan16807
But why? It's obvious. Making it explicit has no benefit, and makes you waste
a bunch of words explaining yourself.

~~~
ashitlerferad
Making it explicit has the benefit of making people actually think about who
has control over the computers they are using.

~~~
Dylan16807
Saying it's a service already makes the control explicit. Adding the word
'substitute' does nothing on that front.

~~~
ashitlerferad
It seems to me that people rarely think about the software behind a service,
this is a mechanism to bring that secret software into people's minds and
discussions.

------
barbs
I recently came across this situation when attempting to hack on
Keepass2Android [0], a Keepass client for Android. It was written with
Xamarin, which was a closed-source framework at the time. Having to download
and use software with a 30-day trial to hack on an open-source project seemed
wrong.

Now that the Xamarin SDK is open-source[1] it looks like it's moving towards
being freed, which I think is a good thing. That said, I'm not sure the IDE is
available on Linux yet, so I guess it's still relying on non-free software.

[0]
[https://keepass2android.codeplex.com/](https://keepass2android.codeplex.com/)

[1] [http://arstechnica.com/information-
technology/2016/03/xamari...](http://arstechnica.com/information-
technology/2016/03/xamarin-now-free-in-visual-studio/)

------
systoll
Leaving aside the factually inaccuracy in the example...

If you want to stick with 'N', you can. And you can fix it to suit your needs.
If you want to convert your database, there are no barriers in your way -- and
you can distribute your results. Or maybe you want N+1 to work with the old
format -- either way, nothing's stopping you.

If you're not categorically against proprietary software, the converter may be
a really good purchase; better than any of the above options. But you're not
'trapped' into buying it -- no more so than, say, GIMP 'traps' you into using
photoshop by lacking non-destructive editing features.

The fact that the situation would be kind of lame is because for almost
everyone, in practice, It's vastly more useful for your software to be
actively maintained than it is for it to be 'open' \-- and the developers
abandon 'n' when they move on.

------
jhoechtl
Free Software exists because employees of non-free software pay thevwages that
free software can be written in the free time

~~~
icebraining
Hi! I'm a developer working for a company (which happens to work with the
software mentioned in the article) and which pays me to write AGPL/LGPL
licensed code. And I can assure you there are many similar companies around
the world, usually not behemoths like MS or Google, yet writing business
critical software for very large companies, often based on the cooperation
that only FOSS allows.

~~~
paxcoder
Where does is the money coming from? I'd like to know what business model the
company you work for employs.

~~~
icebraining
A company needs some kind of software that doesn't exist (or which is too
expensive when they only need a subset), so we build it for them on top of
Odoo. We also offer hosting, training, support, data migration, etc.

Note: while our software is FOSS, we don't publicly publish all of it, though
our clients are free to do so.

~~~
nickpsecurity
"Note: while our software is FOSS, we don't publicly publish all of it, though
our clients are free to do so."

That sounds like what I used to do with my trade secrets that I semi-publish.
Enough detail out that hardworking specialists can build it. I'm curious what
you mean by it though. Ive considered a model that sounds similar as I figured
companies would be incentivized to keep paying anyway so updates/support have
steady quality. Was worried about cloning, though.

~~~
icebraining
Odoo is essentially a generic platform for which one writes modules, either
self-contained or as extensions of others. When a client comes to us with a
need, we implement a solution using a mix of new modules and existing ones.
When it's finished, the client gets a FOSS license to all the modules, so they
aren't locked-in to us. What we don't do is necessarily publish all modules on
Github or similar; we make that decision case by case.

~~~
nickpsecurity
Interesting. Reminds me of a discussion here where so many FOSS projects were
barely scraping by, overloaded with reauests from non-paying users. A few
showed up to say simply: "tell them to pay you go build or support the feature
if they _really_ want it." Seems your company is playing it wiser than most.
;)

------
guhcampos
Okay, so he mentions OpenERP, but I think we all know he means Github, right?

~~~
Dylan16807
Isn't Github a standard closed-source service? I don't see how the article
would apply. It's close to the opposite; migration from git host to git host
is easy and open-source.

~~~
guhcampos
Not when all your code, bug reports, wiki, etc. etc. etc are on a single
platform, as a service.

Don't get me wrong: I'm not nearly as fanatic about this as Stallman and I'm
fine using GitHub for everything, but it is a non-free dependency for every
single project hosted on it.

~~~
Dylan16807
That's still just a simple proprietary service. There's no connection to what
the article focuses on. Part you can't migrate, and the part that does migrate
does so with open-source tools.

------
anonbanker
This article made me change my[0] business' choice from Odoo to Tryton. Thanks
to RMS for pointing me/us to this better option.

[http://medicalcannab.is](http://medicalcannab.is)

~~~
icebraining
Your site's tirade against "broken encryption" is weird. You do know that no
major desktop browser uses OpenSSL, right?

~~~
andreasvc
But most HTTP servers do use OpenSSL, so the tirade is not wrong.

~~~
icebraining
But that's up to them, to choose a server which doesn't. Whereas currently,
people are being redirected to the safe site from a completely unprotected
landing page, so they can get MITM'ed and sent to a honeypot instead.

~~~
anonbanker
please let me know how someone can be MITM'ed when connecting to
medicalcannab.is over Tor.

When you connect to the domain with torbrowser, the server detects your IP,
then redirects to the appropriate .onion site if coming from an exit node. In
order to be MITM'd, you'd have to either be using a Tor exit node that was
compromised, or my server would have to be completely compromised beforehand.

neither of these seem like likely scenarios, so I'm curious as to what you see
that I don't.

~~~
detaro
You should assume Tor exit nodes to be hostile. There have been exit nodes
that injected malicious code into binaries downloaded through them, and
running an exit node is an obvious choice for an attacker, hoping for people
running unencrypted traffic through them.

~~~
anonbanker
Fair enough. someone could mirror my site's content, and we wouldn't have the
ability to check where it's going.

However, that's not too much an issue. we don't offer binaries (outside of two
pdf files that may have a jpg embedded), and nothing on our Onion site
requires a download. The most they could really do is make someone give
bitcoins to the wrong wallet. That's a pretty easy customer service issue to
solve ("We are not responsible for bitcoins sent to wrong wallets").

I guess I'm not seeing the vulnerability here.

------
voaie
Proprietary software companies trap you, so you utilize GPL to trap more lazy
programmers? Selfish people are always selfish, lazy ones are still lazy. I
don't like this model.

~~~
justinlardinois
While I'm not a fan of the GPL and its viral nature either either, the kind of
trapping you're referring to is not at all the same thing.

If GCC was the only C compiler in the world, my Apache licensed (or hell,
public domain) C project wouldn't really be "trapped" by GCC being GPL
licensed, because that license allows me and my users unfettered access to GCC
whenever we want, so there's no one who can't access compilation of my
project, now or ever.

~~~
voaie
Your example does not solve this problem: You may rely on some excellent GPLed
softwares, but you want to distribute it with some close-source softwares.
Then you might become the lazy programmers. I can see how GPL fans hate close-
source software, but they can also choose another license, so programmers
could share their works easier, also get more ideas from non-GPL fans.

ADDED: This same problem originates from close-source software, so GPL is
another extreme I don't like. People from both sides still continue to develop
great softwares, but what about MIT/Apache/BSD/...-licensed softwares? I
choose the golden mean. I don't mean GPL is a bad thing, I just don't want to
blindly support it. Times are changing.

~~~
cyphar
The world of free software would not exist today without the GPL. If everyone
had used lax licenses, companies would've made proprietary forks and driven
free software out of existence.

Also, choosing MIT because "it's the middle ground" is a middle of the road
fallacy. The GPL ensures users will always have freedom when using the
software. Lax licenses provides no such assurance and proprietary software
obviously doesn't provide anyone freedom.

The purpose of the GPL is to halt malicious companies from using free software
to mistreat users. The middle ground isn't better in this case.

~~~
voaie
Even if the source is guarded by GPL, the idea behind the source can be copied
and represented in another form. Then the freedom defined by GPL is obscure to
me. MIT licenses saves me from time-consuming copycat situations. Yeah, I am
lazy, but I'm more willing to share (hard-working now) if you don't push me to
extreme.

I know the pattent laws in the past were somewhat ridiculous compared to what
they are today (though still ridiculous sometimes), so GPL was/is really great
then, just like the Creative Commons licenses.

~~~
justinlardinois
Free software licenses have to do with copyright law, not patent law. And the
only major change in copyright law in the last few decades was the Digital
Millennium Copyright Act, which isn't super relevant to the issues in free
software.

~~~
voaie
Oh yes, thank you. I always relate free software to patent trolls, because
software patents have huge impact on software development. When I relate GPL
to Creative Commons, I mean they are good role models for defending legal
rights and interests.

------
na85
As usual, RMS is content to sit back and complain rather than take action to
try to effect positive change.

Has he written any code in the last decade, or is he still going around giving
the same tired speeches over and over?

Do his anachronistic computing habits contribute to his continued irrelevance?

Ubiquitous broadband connectivity has changed the world and it seems RMS is
still living in the past. I hate SaaS models just as much as the next user,
but I am also a realist. There's just no reason for corporations to take RMS's
"ethical" route when the profits lie squarely in the other direction. Lofty
academic ideals don't buy your family groceries.

~~~
justinlardinois
> There's just no reason for corporations to take RMS's "ethical" route when
> the profits lie squarely in the other direction. Lofty academic ideals don't
> buy your family groceries.

I agree he's a bit too extreme; I recall a video where he told a proprietary
software developer that between continuing to do his job and letting his
children starve, he should do the latter.

But there does have to be _someone_ advocating for this, because free software
is in general a social good and is unarguably indispensable in our industry.
It's not impossible to make money off it either; look at Red Hat and
Canonical, for example. But I'd never argue that all software has to be free
or that everyone should do it.

~~~
icebraining
_I agree he 's a bit too extreme; I recall a video where he told a proprietary
software developer that between continuing to do his job and letting his
children starve, he should do the latter._

I'd like to know the context, because that sounds like a "ask a stupid
question, get a stupid answer" situation. It's a common trolling/derailing
technique: you make a general point, and people reply with these very specific
and extreme situations that "disprove" it.

 _I 'd never argue that all software has to be free or that everyone should do
it._

Why not?

~~~
Dylan16807
>I'd like to know the context, because that sounds like a "ask a stupid
question, get a stupid answer" situation.

Agreed. The situation where you have to do an ultra-specific job or starve
from lack of employment doesn't really exist. Jobs manage to appear and
disappear over time without a death toll of millions.

