
Lack of leadership in open source results in source-available licenses - ihsoj
https://techcrunch.com/2019/05/30/lack-of-leadership-in-open-source-results-in-source-available-licenses/
======
webmaven
_> "It hijacks open-source APIs and places them on top of its own proprietary
solutions, thereby siphoning off customers from the open-source project to its
own proprietary solution, as it did with the MongoDB APIs."_

Basically, there is no such thing as an "Open Source API". APIs are not
software, and we've already seen the damage that treating APIs as software
(for copyright purposes) can do.

The proper abstraction for APIs (and protocols, and file-formats, etc.) is the
_standard_ , which ideally admits the possibility of multiple interoperable
implementations, both proprietary and open source (patents being the joker in
the deck, unfortunately).

~~~
jchw
It's certainly an interesting point of view. Take something that's commercial,
for example, like Microsoft's docx format. If Open Office/Libre Office
implements support for docx, is it hijacking proprietary formats, and
siphoning customers off of proprietary projects? (edit: as it has been pointed
out, .docx is a bad example, because it was standardized, but the point
stands, I believe.)

I hate that this stuff hits HN front page. It worries me that we're developing
a culture where I as an individual must adhere to some moral framework when
writing code, lest I violate some social open source norms. To me, this is
deeply poisonous to the spirit of open source.

~~~
TeMPOraL
> _It worries me that we 're developing a culture where I as an individual
> must adhere to some moral framework when writing code, lest I violate some
> social open source norms. To me, this is deeply poisonous to the spirit of
> open source._

Every culture or community has norms, and many of those norms generalize to
universal moral principles, like: participate fairly in a community, not
exploit it.

"Spirit of Open Source" isn't something defined entirely in the phrase of
"open source". It's an idea that gets defeated by actions of some larger
players today, hence the outrage (and an opportunity to remind people yet
again, that RMS was right about this).

~~~
mikedilger
My take on "Spirit of Open Source" is basically: (1) I need this software, (2)
I wrote this software and it has satisfied my needs, (3) I'm a nice guy so
anyone else who wants to use this can use it free of any requirements
whatsoever. Hence I use the MIT license.

I don't care if Amazon or Facebook gets rich off of it. I don't care if Donald
Trump or Hillary Clinton get elected based on it. I don't care if the Russians
use it. It's a tool, and like a hammer can be used for good or ill, and I
disclaim all responsibility for what stupid people do with it. I don't care if
somebody forks it and 99% of people start using the fork instead of my
original. All I care is that I got what I wanted out of it, I hope perhaps
that some other people use it so that they can help contribute and maintain
it, and perhaps I'm hoping for a tiny bit of respect and recognition. My
expectations are grounded and realistic: very few people will likely use it; I
don't have a hope in hell of either making money off of it or of changing the
world because of it. And I'm completely satisfied with that. In fact I'm more
than satisfied, I feel wonderful because millions of other people are doing
the same things with their software and just about anything I could possibly
want is out there somewhere. Hence a sense of community and of good will.

Others folks (such as the author of the article) have different "spirits" most
of which I find distasteful, including those who have a stick up their arse
about big orporations and want to add restrictions about commercial use or
about derivative works, those who think their software is God's gift to the
world and they thus deserve something for it, those who want to control what
others are allowed to do, those who want to change the basic ways that the
world works, and those who come from a place of greed and regret. I don't
share in any of that outrage, not even a little bit, and so this article (to
me at least) is complete rubbish.

~~~
ace_of_spades
What’s really interesting for me is that you really seem to have a disgust for
people trying to add restrictions to “open source” software with the goal of
keeping it open but seem to be totally fine with for profit enterprises adding
restrictions to software and services, often trying to extract as much value
as possible out of you. Doesn’t that seem to be somewhat of an arbitrary
double standard?

Why can’t or shouldn’t the “Spirit of Open Source” be able to include exactly
the things that you complain about? I would love to hear your grounding for
your position :)

~~~
mikedilger
Adding restrictions to "keep it open" is oxymoronic. Folks can do whatever
they want with their software licensing, but please don't deceive people by
pretending it's FOSS if it's not.

~~~
webmaven
Oxymoronic? Perhaps in a strictly literal sense but first of all there are two
slightly disjoint goals: Maximizing _user_ freedom, and maximizing _developer_
freedom.

We can maximize user freedom by having developers put code into a commons,
reject the freedom-to-restrict-users, and deny other developers the ability to
enclose that commons in those sort of restrictions (ala copyleft).

This has an even more broadly applicable analogy, Popper's "tolerating
intolerance" and related paradoxes.[0]

Another way of looking at this is through the frame of positive and negative
freedoms[1][2] (often described as "freedom to" vs. "freedom from"). It is
often not possible to maximize both. For example, when the goal is maximizing
human freedoms for the most people, it is not unreasonable to disallow making
any people un-free, which includes denying people the freedom to sell
_themselves_ into indentured servitude.

[0]
[https://plato.stanford.edu/entries/toleration/#ConTolPar](https://plato.stanford.edu/entries/toleration/#ConTolPar)

[1]
[https://en.wikipedia.org/wiki/Positive_liberty](https://en.wikipedia.org/wiki/Positive_liberty)

[2]
[https://en.wikipedia.org/wiki/Negative_liberty](https://en.wikipedia.org/wiki/Negative_liberty)

------
karmakaze
The problem isn't really here. The problem is that everyone wants a permissive
abusable license when AGPL would be just fine. If everyone here complaining
just used AGPL then we wouldn't have this Amazon situation.

People want to have their cake and eat it too. They started with an MIT
license because it gets more uptake then whine when the license terms are
being followed.

But then it wouldn't be widely used. The solution to that is for everyone to
use AGPL then the open-source playing field is level again.

~~~
TAForObvReasons
AGPL is vulnerable to certain workarounds in the same way that GPL was. The CC
class of non-commercial licenses might be more applicable, but that may harm
adoption.

EDIT: honestly not sure why this is so heavily downvoted (-7 as of the edit),
the whole point of SSPL and other licenses is to address the "workarounds"
that Amazon and others have discovered in AGPL

~~~
AnaniasAnanas
Would you mind elaborating on that? I am interested in a super-copyleft
license for my next project and thought that AGPL was the "best" option out
there. In what ways can it be bypassed?

~~~
Reelin
Check mongoDB's SSPL FAQ ([https://www.mongodb.com/licensing/server-side-
public-license...](https://www.mongodb.com/licensing/server-side-public-
license/faq#when-to-use)).

As far as I'm concerned, SSPL is superior to AGPL in that it catches all the
bits that make your software _actually work_ , forcing you to include them as
part of the offering. I honestly don't understand the apparent objection to
referring to a license with such a clause as open source - all it does is
close a (major imo) loophole.

~~~
ryukafalz
From my reading of SSPL v1, it would seem extremely difficult to use in
concert with other free software; it requires you to distribute _all software_
[0] you're using to run your service under the SSPL. The trouble is, you can't
do that if you're using any other software in your environment that's licensed
under another copyleft license such as the GPL. Does this apply all the way
down to the Linux kernel? Who knows!

SSPL v2 appears to be an attempt to correct this[1], by explicitly excluding
system components and allowing other FSF/OSI approved licenses if you're
unable to release something under the SSPL yourself. But note that not even
MongoDB, the project that the SSPL came from, is using v2 at the moment.

The GPL and AGPL have been around longer and have much more of a community
behind them, and both versions of the SSPL are incompatible with them. At
least for the time being, I'm inclined to stick with the AGPL for network
services, because I like having access to all the GPL/AGPL code out there.
Maybe someday I'll take a look at SSPL v2; I wouldn't touch SSPL v1 with a
10-foot pole.

[0] "all programs that you use to make the Program or modified version
available as a service, including, without limitation, management software,
user interfaces, application program interfaces, automation software,
monitoring software, backup software, storage software and hosting software"
[1] [http://lists.opensource.org/pipermail/license-
review_lists.o...](http://lists.opensource.org/pipermail/license-
review_lists.opensource.org/2018-November/003836.html)

~~~
Reelin
It seems there are indeed serious issues with SSPLv1 that I was unaware of.
That being said, the loophole in the AGPL that they are attempting to address
is also a serious issue. The rewording in v2

> “storage software and hosting software” changed to “host orchestration
> software”

seems to be fairly reasonable though, unless I've misunderstood things once
again?

> But note that not even MongoDB, the project that the SSPL came from, is
> using v2 at the moment.

From the page you linked,

> If this version is approved by OSI, we plan to apply it to the next release
> of our MongoDB software, which is currently available under version 1.0.

so it seems they really do just want to address the current loophole in the
AGPL.

~~~
ryukafalz
>> “storage software and hosting software” changed to “host orchestration
software”

>seems to be fairly reasonable though, unless I've misunderstood things once
again?

It's better, though note that the terms in the list referenced there aren't
strictly defined.

>> If this version is approved by OSI, we plan to apply it to the next release
of our MongoDB software, which is currently available under version 1.0.

>so it seems they really do just want to address the current loophole in the
AGPL.

Sure, I'll give them the benefit of the doubt on that. But the fact that they
haven't switched over by now signals to me that they're not yet confident in
the newer version of the license; if they're not, I can't say I am either.

And it's worth noting that SSPL v2 was withdrawn from the OSI review process
back in March:
[https://opensource.org/LicenseReview032019](https://opensource.org/LicenseReview032019)

~~~
Reelin
This is all really disappointing - they ought to mention it up front in their
FAQ. I hope they (or someone else) submits a v3 with tighter definitions that
can close the SaaS proprietary source code loophole without introducing a
compromising level of overreach or ambiguity.

> the fact that they haven't switched over by now signals to me that they're
> not yet confident in the newer version of the license; if they're not, I
> can't say I am either.

Agreed; I wouldn't want to make use of it either until the dust is well
settled.

~~~
bradrydzewski
I recommend taking a look at the API Copyleft License
[https://github.com/kemitchell/api-copyleft-
license/blob/mast...](https://github.com/kemitchell/api-copyleft-
license/blob/master/license.md)

------
hannob
For people who haven't followed this: The headline is as misleading as it can
be.

The whole agenda of the guy writing this is to move open source projects to
being no longer open source, because he doesn't like what that entails (as it
also means "amazon enjoys the same freedoms as everyone else"). But they like
to confuse it as much as they can.

This would be much less of an issue if these people were upfront: "We don't
like Open Source, so we try something else". But they don't want to do that
because they know Open Source has a good reputation, so they try confusion and
deception.

~~~
adamson
I don't see this. Are you saying the author has a bone to pick with Amazon in
particular or that he has a stake in seeing OSS-based cloud services become
non-OSS because he has money at stake in selling those services? None of the
proposed licenses significantly curtail the possibility of having internal
deployments of software or linking against the software in commercial
software.

~~~
Reelin
> None of the proposed licenses significantly curtail the possibility of
> having internal deployments of software or linking against the software in
> commercial software.

Actually...

The Fair Source License (Sourcegraph, [https://fair.io/](https://fair.io/))
explicitly does restrict those things.

The RSAL (Redis, [https://redislabs.com/blog/redis-labs-modules-license-
change...](https://redislabs.com/blog/redis-labs-modules-license-changes/))
kind of does, but only under some circumstances.

> The only restriction is that the application cannot be a database, a caching
> engine, a stream processing engine, a search engine, an indexing engine or
> an ML/DL/AI serving engine.

The Confluent Community License ([https://www.confluent.io/blog/license-
changes-confluent-plat...](https://www.confluent.io/blog/license-changes-
confluent-platform)) only says you can't run it directly as a SaaS offering,
which is better but I'm a bit uncertain where the line would be drawn in terms
of product functionality.

The Commons Clause ([https://commonsclause.com/](https://commonsclause.com/))
explicitly prevents you from selling the software, including hosting,
consulting, support, etc. As with the Confluent license it isn't entirely
clear where the line is drawn in terms of product functionality.

The SSPL (mongoDB, [https://www.mongodb.com/licensing/server-side-public-
license...](https://www.mongodb.com/licensing/server-side-public-
license/faq#when-to-use)) is in fact an open source license as far as I'm
concerned, but OSI hasn't (won't?) recognize it.

~~~
strken
Some interesting tests would be Firebase, Airtable, and Google Sheets.
Assuming each of those products was built on top of databases available under
each license, which would be legal?

------
tolmasky
If you make your project open source, your goal should be maximizing people
using it, _not_ maximizing how much you profit from it. I know they may seem
identical, but they aren't: Apple makes a lot of money by making software that
has huge roadblocks to using it. And as many people are now realizing, open
source has the ability to _not make lots of money_ by making it incredibly
easy for anyone to use.

We all benefit greatly from Linux, and I think most people have not
contributed back to it in any meaningful way, monetary or otherwise. A lot of
these projects only exist _because_ they were built on top of other Open
Source solutions with no expectation to give them any sort of "cut". Had Linus
decided he actually wanted to start a hardware business and then got angry
that IBM was better at putting Linux on metal than he was, it would be similar
to this situation and I think most of us would be unhappy about a bunch of
turmoil resulting from that. But when it's someone else's ideas that are being
used for free, they always seem obvious and fundamental, when its your own,
it's unique and unfair.

As others have said here, it is _OK_ to say "wait a minute, I want something
different", and then _do something different_. What is not OK is wanting to
water down the definition of the term open source so that whatever thing you
want to do still gets to use it. The OSI's position here is perfectly
reasonable -- that doesn't mean you can't invent some new kind of license or
relationship. People forget that OSI had to work to get into industry in the
first place, it wasn't automatically accepted. It is somewhat funny and ironic
that others now want to benefit from this work while doing something
completely different.

~~~
roenxi
> If you make your project open source, your goal should be maximizing people
> using it, not maximizing how much you profit from it.

Dangerous ground telling people what their goals should be. There is no reason
a person shouldn't try to maximise their profits from open source strategies.
The Linux example is not a strong one - lots of the kernel devs are for-profit
and Linus Torvalds made a fortune [0] - likely linked to his involvement in
Linux. With benefit of hindsight it is hard to see how he could have better
optimised for profit.

The key insight for commercial OSS is that maximising profit does not
necessarily mean maximising your paying userbase size. 10 users paying $10,000
a month easily trumps 1000 users paying $10. And going OSS as a commercial
strategy (eg, Red Hat's classic model) gives competitive advantages if you can
lever it - no risk of being undercut by a cheaper software package, ability be
very selective in who you offer support to and an obvious strategy for
wheedling in to new markets.

In the initial rush where computers were being changed out every 5 years (pre
2003 era), having software to sell was where the advantage was. Now the
industries are starting to mature and that is no longer as obvious it once
was. The money seems to be in support and ongoing relationship fees, which are
very amenable to OSS.

So basically, if someone's goal is to maximise profits they should consider
making their software open source. Especially if they are breaking in to an
incumbent's market.

[0] [https://www.therichest.com/celebnetworth/celebrity-
business/...](https://www.therichest.com/celebnetworth/celebrity-
business/tech-millionaire/linus-torvalds-net-worth/)

~~~
tolmasky
The question is not whether the author made a fortune, but whether they were
upset that tremendous more value was captured by others. I’m sure Amazon has
made way more money on AWS last year by leveraging Linux than Linus has in his
entire life. Now the analogy is exactly 1-to-1 compatible: Amazon offers Linux
as a service, Amazon offers MongoDB as a service. If you want another analogy:
more value was captured by Github (and Microsoft) from Git than Linus. Again,
from offering the software as a service.

It is fine to try to leverage the properties of open source to make profits,
just don’t be surprised when it doesn’t, on its own, do so. That is what is
meant by my first statement: “open source will absolutely help you gain
traction, it will not necessarily help you capture value”. As such, if you use
open source, the goal best served is gaining users. Don’t be surprised when it
doesn’t make you a ton of money.

------
SquishyPanda23
I don't understand this sentiment. The whole point of choosing a permissive
license is that you want others to have the right to profit off of your work
and give you nothing in return.

If you don't want others to have that right, then choose a different license.

But don't grant the right and then complain when people exercise it.

~~~
adamson
I don't think it's that hard to understand. To some degree, Amazon's behavior
is exploiting an idealism that has given us software such as Linux that we're
all benefitting from today, and it's easy to see why a starry-eyed engineer
would want to carry on that legacy and create a project such as Redis with a
permissive license.

What you say ("The whole point of choosing a permissive license is that you
want others to have the right to profit off of your work and give you nothing
in return.") is obvious in hindsight, and should go without saying if you
start a project with the express intent of commercializing it. However, in
many cases, it's not the obvious decision for reasons related to the project's
genesis (e.g. Spark or Mesos being student projects), and in others, it's not
the route taken because of an idealistic impulse that I think would be really
unfortunate to see squashed.

~~~
mavelikara
Amazon is, in effect, bringing attention to this issue and I am glad that they
are.

> What you say ("The whole point of choosing a permissive license is that you
> want others to have the right to profit off of your work and give you
> nothing in return.") is obvious in hindsight, and should go without saying
> if you start a project with the express intent of commercializing it.

Even if you do thoughtfully choose a license with the express intent of
commercializing the work, some competing project elsewhere - student projects,
in your example - will eat your market. It is about time players entering our
industry be warned of the effects of such "pissing-in-the-pool" activities.

~~~
paulryanrogers
Are you saying that choosing a permissive license is like "pissing-in-the-
pool"? As if do so contaminates the market for everyone?

~~~
eeZah7Ux
Yes. The whole AWS problem stems from having too much software under
"permissive" licenses and now enough under reciprocal licenses.

Reciprocal licenses work like herd immunity: you need a large enough ecosystem
to effectively keep freeloaders at bay while rewarding those who cooperate
often.

~~~
detaro
How would less permissive software existing have helped e.g. MongoDB with
their "AWS problem"?

~~~
pritambaral
MongoDB did not have an "AWS problem". AWS did not release anything related to
MongoDB until after they stopped making open-source releases.

MongoDB had a "We gave others freedoms we didn't like" problem, so they
rescinded those freedoms. Freedoms that they'd given in the first place to
profit off of the reputation of Open Source Software. If they'd never given
those freedoms out, they'd never have had any problems.

------
narnianal
Interesting how human nature always wants to blame everything on one source.
AWS might be bad, no argument against it. But the truth is there is more and
more speaking about the end of open source as we know it.

E.g. smartphones (the most used end-user computer nowadays) being walled
gardens. So walled, that not even a giant like Huawei can easily continue to
use Google's OS.

E.g. Trade war makes every side being less open towards all other sides.

E.g. at least one huge Open Source proponent being sold to a company that is
known for not handling open source too well.

E.g. big corps like Google having found a way to misuse stuff that is
seemingly open source as marketing tools to spread there proprietary actual
products.

E.g. with at least many big corps believing that the cloud has beaten on-prem,
and who knows what is behind these APIs. Maybe they don't even use Linux and
TCP/IP anymore.

E.g. with the rise of AI and machine learning software itself maybe(!) not
being the most important tech development factor anymore.

E.g. with Valve not having won the gaming platform war against Microsoft.

E.g. with Microsoft claiming to integrate more and more with open source (but
then how much control are they starting to wield, having a shitload of coders,
money and users to field for their personal cause).

------
brentonator
What a lot of people overlook is when Amazon takes something (DocumentDB with
MongoDB compatibility) on internally is they are re-inventing the way the
database works in such a way it's dubious if the community would benefit. I do
think it would have been better to see this go the Postgres route where they
could have continued to contribute to the core product but I believe MongoDB
saw competition against their MongoDB Cloud product and decided to change the
licensing. This neccessitated the need for a hard fork since they were not
interested in working together. An AWS Q&A stated they are working on a
completely independent code base that is API compatible with MongoDB 3.6, so
there is nothing to contribute back to the MongoDB open-source code base.

DocumentDB much like Amazon Aurora has pivoted much of the database internals
to depend on the AWS ecosystem. The whole concept of replica-sets on MongoDB
are very rigid and inflexible compared to the elegance made possible by EBS
and Amazon engineers.

MongoDB replication is measured in seconds meanwhile DocumentDB replication is
"usually less than 100 milliseconds". This makes read replicas in DocumentDB
more relevant for all kinds of real-time tasks vs MongoDB.

------
jupp0r
So Amazon is not a good citizen open-source wise. Some companies doing this
has been the state of affairs as long as open source exists, and the world has
not ended. Eventually the cost of maintaining forks will force them to engage
with the community. Customers will want newer features available upstream.
Amazon will contribute things back that make their own life easier. Other
companies will struggle with open source business models. Engineers will favor
companies that open source interesting projects. Everybody will be fine.

~~~
doliveira
The cynicism that pours into threads like these is kind of depressing, though.
People are increasingly more tolerant to predatory business practices.

------
Illniyar
That's a very wide claim. Amazon may not be the most valued type of open
source user, but they are on par with most open source infrastructure
historically.

It's as if they are trying to say that only the creators of an open source
project can build a SaaS for it. Tell that to mySQL, Postgres, redis,
everything apache (Hadoop, Cassandra(which is based on amazon's DynamoDB
whitepaper), Kafka, Zookeeper), every programming language ever (Except maybe
C#). It has always been the case that open source infrastructure was built by
one group and another completely unrelated group, who are much better at cloud
anything, built the SaaS offering for it.

If this is Mongo again, it's probably a PR stunt by them to get their failing
business model's latest failing hail marry to not completely destroy developer
trust (which it will, of course, fail to do).

There is really just one thing to complain about Amazon's use of open source,
they aren't supporting back enough for projects they are using. That's it.
They should be shunned for it, but that's not earthshattering, and it's
definitely not a condemnation of other cloud vendors (Microsoft and Google)
who support open source massively.

~~~
luckylion
> There is really just one thing to complain about Amazon's use of open
> source, they aren't supporting back enough for projects they are using.
> That's it. They should be shunned for it, but that's not earthshattering,
> and it's definitely not a condemnation of other cloud vendors (Microsoft and
> Google) who support open source massively.

That was the author's point, was it not?

------
danShumway
We have two contrasting terms that work perfectly well right now:

Open Source, a set of licenses that allow users to run and modify software for
personal or commercial purposes without your permission.

and Source Available, a set of licenses that allow users to see and modify
your source code provided they meet some kind of criteria you set up, such as
not using the code for commercial purposes or not doing things you don't like
with it.

These two terms already perfectly encapsulate the entire range of new licenses
that are being proposed for databases like Mongo.

But a nontrivial number of proponents for SSPL dislike this distinction
because they want the goodwill and reputation that comes from being able to
say, "we're Open Source." They want to be categorized the same way as MIT or
GPL licenses, even though they fundamentally disagree with the worldview
behind them.

> _The OSI believes it owns the definition of open source and refuses to
> update the definition of open source, which is short-sighted and dangerous._

No. The OSI believes that Open Source has a widely agreed-upon definition, and
that definition shouldn't be hijacked just because it's inconvenient for some
company's software monetization strategy. The level of condescension in this
article is really infuriating. Literally nothing is preventing any developer
or company from using the SSPL right now: nobody will judge you, nobody will
call you evil, the _only thing_ the Open Source community is requesting is
that you do not call it Open Source.

Open Source was not invented so you could use it as a PR strategy. We don't
need your help.

~~~
luckylion
> and Source Available, a set of licenses that allow users to see and modify
> your source code provided they meet some kind of criteria you set up, such
> as not using the code for commercial purposes or not doing things you don't
> like with it.

GPL is source available, then?

~~~
danShumway
Some people have argued that, yes. I've even argued it occasionally in the
past.

The short justification given is that even though the GPL doesn't let you do
everything, it still doesn't interfere with the 4 essential freedoms that Open
Source guarantees. You may or may not agree with that justification.

But the people arguing in favor of SSPL as an Open Source license are moving
in the wrong direction. If TechCrunch wanted to make the argument that the GPL
wasn't free _enough_ for inclusion into Open Source, they could do so.
Instead, they're arguing that because the GPL might stretch the definition, we
should just go whole hog and introduce straight-up end-user usage restrictions
as well.

Techcrunch is taking the, "your thing isn't perfect, so we should all make it
worse" position.

~~~
TeMPOraL
> _The short justification given is that even though the GPL doesn 't let you
> do everything, it still doesn't interfere with the 4 essential freedoms that
> Open Source guarantees. You may or may not agree with that justification._

Wait, what? "Four essential freedoms" are part of FSF philosophy, not Open
Source, and GPL is literally _the_ canonical example of a license that
guarantees and safeguards them. Many Open Source (not Free Software) licenses
do not, in fact, guarantee these freedoms.

~~~
skybrian
Yes, the open source definition has its own rules. The one that seems most
relevant here is:

"No Discrimination Against Fields of Endeavor

"The license must not restrict anyone from making use of the program in a
specific field of endeavor. For example, it may not restrict the program from
being used in a business, or from being used for genetic research."

[https://opensource.org/osd-annotated](https://opensource.org/osd-annotated)

------
jsty
Open Source has been so well understood to mean a certain set of things within
the technology industry now that making changes to that definition would just
cause unnecessary confusion (beyond what already exists between OSS and FOSS
...). Quite possibly the author is just annoyed his portfolio companies get
pushback when taking about "source available" or proprietary licenses to
potential customers, but leaping from there to "our customers want open
source, thus open source must change to mean what we want to give our
customers" is fairly dramatic.

Honestly, I think this editorial could have done with toning down the rhetoric
a bit - calling people / groups names ("wonk tank") and generally implying
those with the opposing view are irredeemably "short-sighted" isn't
particularly persuasive and just detracts from the author's points.

------
PeterZaitsev
I speak to a lot of Open Source software users in Database space and they tend
to love DBaaS offered by AWS and other cloud vendors. It is not convenient for
my business but that does not make it a bad thing.

The competition is how great things are born. Some Open Source is being pushed
towards proprietary model (Open Core, Shared Source etc) while others will
find a way to have sustainable business in the new reality with Cloud Vendors.

------
liara_k
For a few years I've wondered about the viability of a "source-available"
license with a lot of user-friendly terms (like being able to distribute
modified versions which anyone else can use as long as they themselves have a
license for the original work, etc...) and a built-in GPL/BSD/etc...
conversion after N years.

IMHO, the maximalist position of the RMS camp, while rightfully paranoid about
the dangers of fully proprietary software, isn't the optimal solution. Yes,
certain kinds of open source projects have been extremely successful, but a
lot of this has been driven by corporate interests (i.e., people working on
open source projects as a part of their work) and the software that gets built
reflects and reinforces these interests.

I'd be happy to pay to have the latest version of some really useful software
that respects my rights in lots of other ways (e.g., more control over and
access to my data in the app, and be able to tinker/adapt it as I see fit,
with full source), particularly if the alternative is that this software
doesn't exist. If feels like, at least in some software domains, that the
alternative are either (1) user hostile proprietary software or (2) nowhere
close to the proprietary alternative in terms of features and robustness.

Obviously that's not the case for stuff like databases and operating system
kernels, but that's what it often feels like out of these back-end type
packages.

------
samcodes
When I open source code, I use MIT. I have introduced open source strategies
at places I work, and guided teams through the process.

Ok now that I've established my OSS cred: I'd be really interested in a
license that is effectively MIT, _except_ for the 20 largest software
companies, for whom there is no license and any use is restricted (you'd need
to clearly define what makes a company a software company, and what it means
to be the largest, but that's what lawyers are for). They could pay for a
commerical license if the customer demand was high enough.

This seems like it would address the main issue as I see it, that is, I want
almost everyone to be able to use my software to build cool shit and make
money... But if you're FAANG or some shit, come on. The rules are different.

~~~
hollerith
>that's what lawyers are for

One of the reasons the standard open-sources licenses such as the GPL and the
permissive licenses are as popular as they are is the lowness of the
probability that lawyers will ever be involved.

There was widespread use of GPL software in the 1980s and early 1990s for
about 15 years IIRC before the first lawsuit involving GPLed software.
Stallman and his legal advisor Eben Moglen did a great job in reducing
ambiguity when writing the text of version 2 of the GPL and in explaining the
ramifications of the license to developers and prospective users.

------
morpheuskafka
Amazon has continually moved to keep source open. They have actively worked to
distribute Open Distro Elasticsearch (keeping it under a fully-free license),
Apache Corretto (binaries for the OpenJDK to make it more accessible to end-
users), etc. Using similar APIs increases consumer choice and
interoperability, making it easier to go from open to hosted but also from
hosted to open.

These proposed licenses neither are open-source nor free software and are very
poor ideas. The SSPL clearly breached the boundaries of open source and the
OSI's opinion was only "premediated" in the sense that that was the agreed-
upon definition.

------
rmrfrmrf
The author is suggesting to curb source-available licenses by modifying open
source licences to become... source-available licenses.

------
iamnothere
Amazon isn't perfect in some areas, but I think FreeRTOS should be pointed
out. This is a pretty valuable contribution in the embedded/IoT space.
[https://www.freertos.org/](https://www.freertos.org/)

------
bhickey
More whining from Sunil Deshpande. He's upset that no one on license-discuss
was dumb enough to fall for the Commons Clause or SSPL. It'll be a happy day
when he gives up his anti-open source abuse campaign.

~~~
mgfist
I wonder what your opinion is of Kyle Mitchell
[https://writing.kemitchell.com/](https://writing.kemitchell.com/)

------
oytis
There is an elephant in the room, and the elephant is called dual licensing.
In my opinion, this is a more severe abuse of open source than what Amazon
does.

When RMS introduced GPL the idea was to make everyone share their code, and
make the world a happy place full of free Software. Dual licensing abuses this
sincere intent to induce fear in commercial users and make them pay.

So using a dual-licensing scheme prevents people from considering authors of
SSPL the new leaders of the open-source community.

~~~
bradrydzewski
You might find it interesting that Stallman supports selling exceptions to the
GPL (i.e. dual licensing). You can read more about it on the FSF blog [1] but
the post ends with the following:

> I consider selling exceptions an acceptable thing for a company to do, and I
> will suggest it where appropriate as a way to get programs freed.

[1] [https://www.fsf.org/blogs/rms/selling-
exceptions](https://www.fsf.org/blogs/rms/selling-exceptions)

~~~
oytis
OK, if RMS approves it, it's not an abuse, who am I to argue? Still, the goal
of open-source, copyleft and permissive flavours alike, is to "get programs
freed", not to establish a fairer distribution of the cash flow. So when
someone introduces a new superrestrictive license and starts selling
exceptions right away, their earnesty can naturally be questioned.

------
OrgNet
Hopefully, this is illegal in two-party consent states (for audio
recordings)... but I bet that they will get those laws repealed.

------
jcoffland
Open-Source is alive, well and functioning as intended. Tens of thousands of
Open-Source projects are producing the software that is driving most of
today's tech.

To a venture capitalist, Open-Source is a marketing strategy. VCs would like
to profit from the popularity of Open-Source by inserting themselves in the
cash flow. But the cash flows in Open-Source are periphery. And the periphery
is a humble position for a VC.

------
benologist
This article calls it a lack of leadership in open source, but the reality is
Bezos is exploiting _everyone_ using Amazon, from people selling shower
curtain hooks to video encoding software, open source deployed across AWS,
corrupt tax deals and more. Leadership in open source won't instill ethics or
charity in the world's richest man who demands his own not-employees work so
hard they must sprint to their lunch break or be fired.

Amazon is accused of using sales data belonging to companies selling products
on their platform to help them select 10,000s of products to clone and sell in
direct competition to their vendors.

[https://www.geek.com/news/amazonbasics-is-copying-all-the-
be...](https://www.geek.com/news/amazonbasics-is-copying-all-the-best-
products-on-amazon-and-selling-them-for-less-1652879/)

They have copied software hosted on AWS in the past too, whatever proprietary
software you're hosting on AWS is hemorrhaging privileged usage data they will
happily use against you.

[https://www.theregister.co.uk/2013/03/08/amazon_copies_partn...](https://www.theregister.co.uk/2013/03/08/amazon_copies_partner_products/)

~~~
qvrjuec
> Amazon is accused of using sales data belonging to companies selling
> products on their platform

Why does this sales data belong to the companies and not Amazon, if they are
using the platform? Is it unethical to copy a product or software in a non-
infringing way?

~~~
benologist
I think that data belongs to the merchants, just like an S3-buckets logs
belong to the developer. It has to be that way or who else has a claim on the
data? HP for printing it? Microsoft because it was sent by email in Office?
The EU suspects it is anti-competitive to allow Amazon as a vendor to
cherrypick items to clone based on data Amazon collect as a platform.

[https://www.bloomberg.com/news/articles/2018-09-27/amazon-s-...](https://www.bloomberg.com/news/articles/2018-09-27/amazon-
s-copy-cat-products-targeted-as-eu-quizzes-smaller-rivals)

~~~
nostrebored
So Amazon shouldn't be allowed to create any products, or must ignore the data
it needs to plan logistics?

~~~
benologist
If you host your website on AWS and store invoices on S3, Amazon can blindly
enter your market with a competing offering and it might lose money, or they
can go through your invoices and decide to copy your product because they see
how profitable you are. The EU's theory is, if this is what is happening, it
gives Amazon an unfair advantage and they shouldn't be leveraging your data
against you to compete with you.

~~~
sigstoat
> If you host your website on AWS and store invoices on S3, Amazon can blindly
> enter your market with a competing offering and it might lose money, or they
> can go through your invoices...

it is totally absurd to suggest they're looking through customers S3 data.

~~~
pm90
Who's going to stop them and who's going to investigate them?

I think Americans often ignore the reason behind the EU's deep concerns around
privacy and regulation is simply because EU lawmakers have _no other power_
over American corporations. Simply none. The most they can do is excessive
financial penalties. They cannot jail Bezos. But what they can do, is impose
an absurd financial penalty. Amazon will appeal. It will go to court, and the
US State Department will try to help Amazon (an American corporation after
all, representing American jobs and American workers) and the penalty will be
reduced. The EU public is happy, the EU stuck it to Amazon! But they didn't
face any significant consequence for their action, and never will.

If however, this happened in the US, it can get thorny for Amazon. A "lowly"
judge in Texas can compel Bezos, the richest man in the world, to appear in
court. The implicit threat being that, being in non-compliance would escalate
the case until it reached the highest courts, which can compel the Federal
Govt. to take action to compel Bezos.

A US judge has that power. No judge in any other country has it. Every other
country has no reason to believe Amazon will do as it says. Only some have the
power to impose the kind of regulations like GDPR, EU being America's close
trading and diplomatic partner.

~~~
nostrebored
You can. You can supply your own keys if you think a company is insane enough
to tank its multi billion dollar platform to steal your product.

~~~
pm90
I mean sure, for the specific case of storing financial reports in s3, you
have a technical solution that works. My point still stands for abhorrent
monopoly behavior of some US corps outside of the US.

Amazon did not get where it is by being nice (in fact, this HN post is about
that aspect of their behavior). They're rational, they will abide by all laws
_where they need to_, including regulations (you can't call in favors all the
time). Without regulations, this behavior is incentivized. Even with
regulations, there is an ultimate get out of free card if the regulation is
non-American.

------
ChuckMcM
These are the bullets from the article:

 _It takes open-source code produced by others, runs it as a commercial
service and gives nothing back to the commercial entity that produces and
maintains the open source, thereby intercepting the monetization of the open
source._

 _It forks projects and forcibly wrestles control away from the commercial
entity that produces and maintains the open-source projects, as it did in the
case of Elasticsearch._

 _It hijacks open-source APIs and places them on top of its own proprietary
solutions, thereby siphoning off customers from the open-source project to its
own proprietary solution, as it did with the MongoDB APIs._

Check, check, check. Remember RMS' screed? "Only the _writing of software_
should be paid for, the using of it is an inherent right of everyone and
should not make any remuneration requirements on the user."

Back when he wrote that he was mad because companiies wrote code and charged
big fees just to use it. He felt that was unfair. But now the shoe is on the
other foot, and big companies are just "users" they aren't writing the
software, so why should they pay for it? And while RMS was happy to have an
architect use CAD software that someone else paid to have written, to design
the houses that they sold for big bucks to their own clients, I don't think he
thought it all the way through.

The missing bit here is that the "using of software" has a value. Whether you
are using a better C compiler than your competitors so your compiled code runs
faster than theirs, or you are using a distributed database to offer a scaled
up database service that is impractical for an individual to equip and
maintain. The whole reason people paid for software in the first place is
because _it accelerated the value they could create._ And when that delta in
value, that was worth significant money to them. Still is. That is why
electronic CAD software still gets big bucks from its users, the same with
packages like Adobe studio.

And guess what? When you use someone's software, and you are getting
additional value that is accruing to you, if you didn't pay anything to the
person who created it and maintains it, they feel cheated. Surprised? I am
not.

When the software manufacturers of old found people that used their software
without paying for it, they called them Pirates, and Crooks, and all manner of
ill names. They turned to technology, and licensing legalize, to create ways
they could pursue those people to make them pay. Not unlike the folks at Redis
changing their licenses to make it harder for people like Amazon to "pirate"
their software. It would be funny if it wasn't so sad.

There is nothing "free" about Free Software as RMS envisions it, it is just a
structural way for the users of the software to rip off the people who wrote
it by capturing all of the value gained by using that software to develop or
provide a product or service.

It has always been true that software vendors were often extortionate in their
pricing while escaping all liability by disclaiming the software did anything.
If you fixed _that_ problem, then we will be in a much better place.

------
jmclnx
Isn't this what GPLv3 is suppose to prevent ? Commercial Entities seems to
hate it, there must be a reason, probably because they cannot 'cheat' with it.

~~~
darkpuma
IANAL but as I understand it, GPLv3 prevents "tivoization" and AGPLv3 prevents
running modified services without releasing the source code. Corporations
particularly hate AGPLv3.

~~~
appleflaxen
what's the difference? unmodified vs. modified code?

------
forrestthewoods
Unpopular Opinion: Maybe it would be a good if API’s were subject to copyright
protection.

~~~
tobylane
Wasn’t that part of why Oracle v Google was disliked?

~~~
forrestthewoods
Yes. That’s why it’s an unpopular opinion! But I’m still not sure it’s a wrong
one.

