Well, this is exactly what I've been doing around VideoLAN (VLC, x264) and FFmpeg for the last few years. In order to do that, I've created 2 official companies Videolabs and FFlabs (besides the non-profit orgs) and I've gone through all the hoops to get paid (PO, billing, invoices, registering to large companies is a lot of paperwork, tbh, but well..) and we try and bill small to large companies that depends on those projects.
And FFmpeg and x264 are the core of the online video.
So I did exactly what Filippo is saying we should do.
But the result is really not impressive. Seriously, asking for money for support from those companies feels like we're pulling the nails, even if their full business depends on it. Getting 30-50k$ from those companies for support for one year can be very challenging, long or leading to nowhere at all.
So, large SV companies and startup should also start agreeing to pay for open source, when it's the core of the tech.
Companies usually have a reason to keep their expenses low. Sometimes they are a public company with fiscal responsibilities. A startup will only have so much runway and is likely trying to reduce expenses.
Given this situation, why will they pay for what they can get for free?
A while back I bought a cheap robot vacuum. Their scheduling feature didn't meet my needs, so I reverse-engineered the protocol and open-sourced a cron-friendly CLI tool and a library so people could do other things with it: https://github.com/wpietri/sucks
Honestly, this was a mistake on my part. It was a demanding audience of home-automation hobbyists mostly without programming skills. The company was thoroughly unhelpful. When my vacuum finally broke, I was relieved, as I had a good excuse for trying to hand off the project. Nobody stepped up, so I shut it down. I just ran out of interest in doing free work to support a company worth billions.
I really admire the community spirit of open source But it's not sustainable if companies making their money off it keep depending on the niceness and generosity of others without giving back enough to keep them happy, healthy, productive people.
Making something open source is about granting freedoms for users of that thing. One of those freedoms is usually "you owe nothing and can do with it what you wish: sell it, fork it, modify it" in exchange for "the author provides no guarantees and is not liable for this software".
Open source authors that expect some benefactor to appear and sprinkle money so that they can quit their day job and work on their hobby full time are, for lack of a better term, delusional.
The default is that no one will use your thing, no one will contribute, no one will fund you, etc.
Anything beyond that is a fluke.
This is demonstrably not how many people many treat open-source authors. Just look at how the Log4J folks are feeling right now: https://twitter.com/yazicivo/status/1469349956880408583
I do have some open-source code out there where people have been mostly pleasant and reasonable. It's targeted at developers in particular niches and they do act mostly as you describe.
But once it shifts from a peer relationship to a producer/consumer relationship, things can easily get ugly. Ugly in a way that drives people out of open source and keeps people from open-sourcing useful code. You appear to be fine with that. But if anybody's delusional here, it's the people who expect to keep taking from open-source software without worrying about its sustainability.
> Log4j maintainers have been working sleeplessly on mitigation measures; fixes, docs, CVE, replies to inquiries, etc. Yet nothing is stopping people to bash us, for work we aren't paid for, for a feature we all dislike yet needed to keep due to backward compatibility concerns.
Why don't they 'resolve' the security issue by removing the feature and then set up a bug bounty for backporting fixes to the shitty feature? Then the companies that depend on it will actually be on the hook for once.
Too much collateral damage for downstream F/OSS? Too unseemly a move, in a moment of ‘crisis’?
I can't think of anyone I've ever met that started an open-source project expecting it to become their day job in short order.
When your project blows up and mints a herd of new gazillionaires, yes, it's reasonable to ask those companies to fund what is now an important community project.
Anybody that says "nope, their money, they do what they want" is spouting the same flavor of dipshittery as "free speech only means the government can't censor, private companies are free to do what they want".
Technically correct and functionally disastrous. Societies worth living in can and do not endure this behavior for long.
Americans used to understand this. Know why there are schools all over the country named after Andrew Carnegie? Because that ruthless capitalist mercenary, after crushing every one of his competitors to dust, invested a large chunk of his fortune on infrastructure for national wealth that would propel another three generations.
Look at the shift in attitudes toward the environment in the last 100 years as an example. There was a point where executives thought it absolutely fine to pollute wildly. That consequences were for the little people. Through a mix of culture change and improved regulation, that has changed, and it continues to change.
A more recent example is the trend toward corporate social responsibility, which looks at a broad set of problems and devotes corporate resources toward fixing them: https://en.wikipedia.org/wiki/Corporate_social_responsibilit...
Do they put in enough money? Surely not. But it's indicative of the kind of culture shift we can push for here.
I think it’s a fairly large chunk of history (e.g. all the time humans were a thing) that this applies to. The fact that it weren’t executives but kings, queens and nobles thinking this way doesn’t really change much.
It’s not even necessarily malicious, but you really don’t want to think about the fact your life is so comfortable at the expense of other people.
Specifically, most rulers had some kind of patronage network where they gave out 'gifts' like land, or the right to collect taxes, in return for loyalty. Princes did not generally just sit on a huge pile of money, like a dragon. If they wanted to go to war or build a palace, they had raise taxes, which meant concessions to their power.
Anyway, slightly off-topic! Still, the analogy holds - you don't get to be a prince of the internet without the work of a lot of minor nobles.
Because when you look at actual history, you see long-running mutual relationships. E.g. the English Commons system: https://en.wikipedia.org/wiki/Common_land
Or you could look at the Mexican ejido system: https://en.wikipedia.org/wiki/Ejido
Which descends from the Aztec capulli system: https://en.wikipedia.org/wiki/Calpulli
Historically, leadership was tightly bound to productive land, because that's what everybody needed to survive. Your "nobles" could in the long term only be as successful as the people they ruled over, and the feedback loops there weren't long ones. Were there sometimes bad nobles and bad kings? Sure. But overall, the badness was limited because harming the "infrastructure" of the day, land and people, was felt quickly by people higher up the hierarchy. Sustainability was a must.
That's distinct from modern capitalism in the age of industry and information technology, because the portability of wealth and the long feedback loops mean executives can get quite rich in unsustainable situations. The elevation of an IGMFY ideology to become the dominant view of the moneyed was only recently possible because for most of history one couldn't escape the consequences like people can now.
"IDGAF, it's not me" and "ask for forgiveness, not permission" is not in any sense a minority viewpoint. Even people who insist they don't follow those creeds have the issue of being, more often than not, unreliable narrators of their own actions—not to mention: economically irrational in ways that extend to the economics of non-monetary, give-and-take systems.
> That isn't "the world". It's a relatively small set of people in a relatively small chunk of history that see themselves as entitled to make endless profit ...
Which is a claim that can't be proven either way since you are talking about how people in all of history was thinking. In other words, you are making a claim that is just wishful thinking.
'Tis the season, so we've been listening to a lot of Christmas carols.
One of my favorites is Good King Wenceslas, which concludes with the verse: "Therefore, Christian men, be sure, wealth or rank possessing, Ye who now will bless the poor, shall yourselves find blessing."
Charity used to be a behavioral expectation in the West. Charity is not "giving money to somebody else so they can do charity on your behalf" nor is it "paying taxes to fund social programs". Charity is you, directly, investing your resources in your community, with no expectation of return.
Today, this assumption no longer holds. The result is the current state of open source, which needs to figure out a license that extracts value from players big enough to pay it, without punishing upstarts into oblivion (and thus forming a protective moat for existing large players).
Some percentage of net revenue share strikes me as the right sort of license, with sensible caps and/or some sort of shared pooling mechanism.
Can you give some concrete examples? Because I can't tell what distinction you are trying to define, at all.
In which bucket would you put:
1) Giving money to a local hospital
2) Volunteering with a non-profit organization
3) Giving cash to a wandering schizophrenic
4) Buying lunch for someone who's been holding up a cardboard sign at an off-ramp
5) Giving money to the United Way through paycheck deductions.
6) Giving money to an organization that funds research into a disease
7) Giving money to a local organization that gives grants and loans to disadvantaged people to start small businesses.
8) *Lending* money to a local non-profit that gives loans to disadvantaged people to start small businesses.
9) Giving money to a local food bank.
10) Donating blood to the Red Cross
11) Giving money to the Red Cross
You never need an excuse to ask, but neither side should feel compelled. The transaction is already complete.
Once you give something away, it doesn't matter if someone else gets rich off it. You gave it away. You're not, and shouldn't feel, entitled to anything.
If this bothers you, maybe you shouldn't have given it away for free?
> Anybody that says "nope, their money, they do what they want" is spouting the same flavor of dipshittery as "free speech only means the government can't censor, private companies are free to do what they want".
I don't know how to respond to this. This statement seems entirely paradoxical to me. Yes, it is their money, and they can do whatever they want. And also you accurately describe how free speech applies to private enterprises. Why are you so bothered by this?
There is a question of morality, sure, but that's a fruitless conversation to have. It's one thing to wish the world were different, but another to be angry with people who live in this world. Does this make me a person who merely spouts dipshittery?
You seem to acknowledge that the world is a certain a way, but feel shocked to find, and subsequently rebel against the idea that yes, it is actually that way. I don't understand this at all.
I for one appreciate that this site and others are moderated and restrict and remove posts containing hate speech. I imagine that the majority of readers and contributors would agree with me.
> Americans used to understand this. Know why there are schools all over the country named after Andrew Carnegie?
Perhaps it's because I, and the rest of the world, are not American, but I can't say I've ever given a moment of thought to the names of schools in your country, or Carnegie for that matter.
Perhaps America's fetish for capitalism is at the root of these divides. If you want to get paid and work on open source software full time, I can't think of a better way than under some form of universal basic income, but your capitalist infatuations make that unlikely. Charity is not the solution.
I think that's a pretty unfair characterization of the previous post.
I've long known people who modified cars. Sometimes they did it as a business. Sometimes they helped friends out. Sometimes the work was on nights and weekends. The car manufacturer never had a responsibility to support them. They never had to support people in forums. Anything they did was their choice. Sometimes as a business and sometimes volunteering.
You didn't have to open source that work. Once it was out there, you didn't need to provide support.
Doing volunteer work and hoping for generosity from companies isn't working.
That's true. The problems brought up in the article all stem from companies relying on open source and then getting into trouble when there are problems with it. They would pay if they had to.
The core problem is that everyone wants something for nothing. Sure companies appreciate that they can get billions of dollars worth of infrastructure software for free. Individuals appreciate that they can get useful software for free (though many don't care if it's FLOSS or illegally obtains commercial). People will take what they can, and pay for what they must. Open source is sometimes better than commercial, and even if the developers were paid industry rates it would be much cheaper because companies charge rent for software - not for development.
I get that it's the dominant experience for you, but please don't confuse that with some sort of deep evolutionary imperative. One of the things that distinguishes humans as a species is how extremely social, how extremely cooperative we are. See, for example, E. O. Wilson's "The Social Conquest of the Earth" for more on where we fit in evolutionarily.
> One of the things that distinguishes humans as a species is how extremely social, how extremely cooperative we are
Where I point out that what you are saying is not true in general. But it is true within a group (say a company) and not between groups (say between companies and OSS maintainers). Groups that corporate well within the group have an evolutionary advantage fighting other groups.
However I am not sure what the point is you are trying to make? My original point is that corporations/people don't throw $ at OSS maintainers for the work they do and expect them to maintain it for $0. That's a clear objective fact. So either treat your OSS project as a business and get paid to do your work or accept that outcome and stop complaining.
Now I think we are done here.
This is unnecessarily aggressive. Also, it’s not fun reading a thread dominated by one or more people who are combative.
oof, I know that feeling - that sadness that comes with the realization that the manufacturer could have saved you so much trouble but chose not to... which you then rewarded with free labor and promotion. I got it every time I disassembled binary blobs in order to get hardware to work with anything beyond Windows. For a long time there wasn't much of an alternative, but that isn't really the case anymore. Setting up a new openpower system was a very strange experience, reverse-engineering wasn't even an option - the manufacturer provided schematics for the board and a wiki directing you to the source code for every bit of firmware (including the ring -3 processor).
I don't regret trying it once. It's possible, after all, that the manufacturer would have said, "Look, there's demand for an open protocol, just like some engineers have been saying. Let's take on that work ourselves." And honestly, they could have gotten away with some very modest support of the project: occasional discussions with engineers and enough free hardware that we could test new builds. But no shits were given on their part, so I also don't regret shutting the project down.
I'm glad to hear things are getting better in some spaces. Let's hope it keeps going that way!
All I see with the FOSS ecosystem is it picking up steam at an extraordinary pace from 2005. Postgres in particular has absolutely dominated its incumbents in recent times, an insane reversal from the situation at the turn of the millennium.
There's a guarantee of correctness, availability of auditability, and a tide of slow, iterative improvements.
The key is supply and demand.
Open source software is often not a trailblazer. Open source is often reactive to a need, and punctuated by a demand for quality, bad treatment by the commercial incumbent, and constant iterative improvement.
See the pattern of so many technologies, Docker following VM ware, open source databases following Oracle (1980s Oracle was a real pioneer).
Open source has always and will continue to be a slow rolling borg that chases commercial software. Projects will never be rushed, but the benefits of an open base has time and time again crushed closed source incumbents.
Very sad if this ever comes to pass. It's a world in which I would never have learned about computers or decided to work with them. I think it makes more sense to charge big companies but keep software free and libre for individuals.
(I don't think this future will happen though: I think it's based on a deep misunderstanding of what drives FOSS developers to do what they do).
- OSS allowed an entire industry to flourish,
- It has had so many contributions that it is easily the category which is the biggest benevolence of the world, and possibly the biggest achievement of humanity,
- It allowed the entire world to go securely on the internet (launch a Debian and it’s secure and up to very high professional standards without effort, try doing that in the legal field),
- Its results are permanent. In 2100, documents written in Office 365 or Adobe will be lost, but they’ll be able to recompile LibreOffice, Chrome (at least Webkit) or Wordpress. Benefits of OSS accrue over time, as opposed to closed-source software which is sold under closed license and DRM.
In practice, I think that only entirely cloud based ecosystems will be lost to time. As long as the requisite hardware can be emulated and there is an archived version of a local viewer, it's possible to interpret a closed source format document. People already do it with WordStar and retro games.
I agree, but how do you distinguish between the two, and how do you make the source available yet compel large companies to pay?
Most of us work at such high levels of abstraction we couldn't even name all our dependencies. Which in effect makes us the same sort of consumers app users are: expecting a lot out but not putting anything in.
I think mobile was a reprieve for commercial software and UX specialists and the increasingly negative comments on new OS versions indicate it is close to done like desktop.
For every user that likes a change there are 19 that prefer the flow they already learned to stay exactly the same and at least half are looking for exploitive attempts to modify their behavior in anything a publisher changes.
> If everybody consumes and nobody contributes, how long will that last?
That doesn't answer the GP question, which is all about incentives.
The answer is, at least some parties won't pay for what they can get for free. So the options are:
a) deal with it
b) require payment
c) come up with some way to incentivize more donations
Another perfectly good option is for tech people to build strong cultural expectations that people and companies who benefit from a commons should help keep it healthy. Which is what's happening right here in this discussion, so you could be part of that solution if you wanted.
At the least people suggesting this should acknowledge that this kind of society has possibly never existing in this entire universe on the scale they want it to exist (larger then dunbar(ish) number tribes). The onus is on them to build a path towards this new kind of society instead of just throwing the ideal out into the ether and expecting it to just magically appear.
As an example, note that the Fortune 500 spend $20bn annually on corporate social responsibility: https://econreview.berkeley.edu/stocks-sustainability-how-th...
That's not because they just had some good feelings. It's because people expect them to be at least slightly non-awful. We can accomplish something similar here. If programmers start insisting that companies take open-source funding seriously, it will happen. Not quickly and not easily. But if people start taking action (e.g., turning down jobs when companies are parasites on the open-source ecosystem), things will change.
Is that a good thing? Yes.
Is it enough? Not even close.
The culture needs to change sure, but the change of culture that needs to happen seems effectively impossible unless companies are dragged into it kicking and screaming through organized labor efforts or government oversight/regulation. Those are both of course highly polarized political issues and that aspect of culture sure isn’t getting better either.
I think the quicker, sadder, and easier change is that a lot of Open Source projects just aren’t going to get started like they used to, and are going to have increasingly restricted licenses with stratified feature sets. We’re definitely seeing more of the “Taking my ball and going home” approach by small developers with tiny open source packages these days and it’s sad but also hard to blame them for. Even worse there are an increasing number of groups who attempt to buy projects for sometimes stupid money for the explicit purpose of using them as a Trojan horse to ship malware. They’re preying on the same people who have become incredibly cynical about the whole thing and that’s dangerous for everybody.
The history of the minimum wage isn't that some bureaucrat mandated it and then everybody said, "Gosh, that's a good idea, let's keep it." There was a long period of advocacy for it, a period of persuading people that it was the right thing to do. That was the ground in which all the work for the change grew.
Today, software developers are the key labor force for this change, and we aren't organized. So in practice, the first work we have to do is to persuade the bulk of programmers that it's part of their professional duty to make sure their employers support the open-source projects that their businesses depend on.
Companies will do it if we insist. In the grand scheme of things, it isn't even much money, not compared to what they're paying programmers in salary, benefits, and cushy amenities.
This notion that one has to think about it as a business is just false. That is one way to do it, but open source funding happens other ways too. Your attitude that anybody must be an idiot if they want to solve in a way incongruent with your hypercapitalist fantasies is both rude and ignorant. If anybody's being childish here, it's the person treating them as "whining".
Agreed on this, but the "and companies" thing is a total red herring. Two things to note: even though you mention "people and companies", it's incredibly clear from popular sentiment that the conception held by most people of the problem/solution comes down to the latter (companies) and not the former (people). Focusing on companies at all—let alone allowing it to occupy a majority share of one's focus—is a huge mistake. Depersonalized abstract entities like companies are almost entirely immune to whatever methods of persuasion people have in mind here. Gay rights only just became kosher to "take a stand" on, and even then it's invariably limited to being trotted out as a vehicle for the most empty and self-serving marketing horseshit and other corporate speak that anyone should expect to come out of these institutions. Cultural pressure for open source by way of shaming companies doesn't stand a chance; it has to come down to people.
I've brought up the subject before: why do we rake companies over the coals for their inaction, but ignore the individuals? It's worth reflecting on the relationship between a company and its employees.
A company, no matter how many layers of management are involved, delegates some problem to an employee. That employee surveys the lay of the land and then elects to use some tech that is available from the commons towards solving the problem. In turn, they are rewarded by their employer in both tangibles and intangibles that are considered proportionate to the achievement and budgeted accordingly. Thus, that person is, in a very real way, converting the labor of others into personal gain—in the form of wealth, career prospects/advancement, and personal stature in wider society.
Why is it easy to frame a company as the perpetrator and hard to say anything about any given developer who benefited from this (and did not share)? Because it's uncomfortable, since it's too personal? That might make sense if we were talking about, say, a custodian with limited career prospects just doing their best to keep their head above water and provide for their family already, but that tends not to be the case where software development is involved. The implication here is clear. (Forget, for now, the prior argument I just made about effectiveness for a moment and feel free to focus just on the fairness aspect here, if it uncomplicates things.) If there's any appropriate allocation of social pressure to be meted out—resulting in social expectations to be met—then it needs to come in the form of beliefs like, "hey, if as part of your employment you are singlehandedly making something like twice the US national average of an entire household, and you're not giving away at _least_ 10% of your salary to the people who made that possible, then you're kind of a piece of shit." Is that a stand that people are willing to make, though?
It's acceptable to disagree with this, but to understand why you feel it's justified to defend the individuals involved means that you have everything you need to understand why there is no movement on the problem. Perennially and impotently opining that companies need to quit screwing around and do something already is a ridiculous strategy.
It’s not like there is a parable about killing the goose that laid the golden egg to teach you how to appreciate these things.
This is the same as the poor log4j devs, getting bashed and still trying their best effort to please everybody.
Lost and lots of open source authors release some work to the open, and then start to worry about everybody's opinions and complaints. But that's a very unhealthy thing to do, IMO.
In essence, this is your own garage project and you've taken it out to the street for people to enjoy or admire. You should care about people's complaints as many f*cks as stacks of money they are putting on your table. Anything else, will end up deteriorating your mental health, one way or the other.
I should've been paying my mother market rates. After all, she and my father have been running at a loss for this whole "family" enterprise.
IMO, open source is (or should be seen as) more of a "friends and family doing favours for each other" kind of human activity. Some people do it for the sheer joy of it, share without expectation of more than a "thank you" (at max), and calling their work valueless is just crass marketism.
> If you actually spend your life only doing things you are paid in cash ...
> And in fact I can help you out by reminding you ...
Hahaha I love it when people get all passive aggressive :) It should be obvious to you that the fact that I am writing this, without getting paid for it, show that I don't spend my life only doing things I am paid for. You might want to look into the Econ idea of Utility Value. It has nothing to do with $.
No they don’t. That’s why they keep plowing billions into cloud infra and gazillion of saas products. They have an excuse when they think they can get it for free anyway like is the case with OSS but not an actual reason
No one makes coach tickets available for free and then asks people to pay after the fact. Certainly no one would do that and then complain that the system is broken because nobody is paying. People, on the whole, do not behave in a way that's compatible with that kind of thing, and the expected outcome there matches the outcome that we see today with (un)-sustainable open source.
In a way, you should evaluate each OSS tool/library as if it was a business which further corroborates the blog post's point.
Public companies also have accounts for goodwill in their books, don't they?
Also, I'd even say that depending on volunteers for everything when you aren't in dire straits isn't to responsible.
I've worked for multiple public companies and have yet to see this. I have seen different models. For example, when they want a feature in an open source project they may contract with maintainers to pay for work. Or, they may have a maintainer for a project on staff.
> Also, I'd even say that depending on volunteers for everything when you aren't in dire straits isn't to responsible.
Responsible to whom?
People choose to be volunteers. Being a volunteer and hoping for hand outs from companies it's working out well for most folks. Maybe it's time to look at other ways of doing things.
Note, I'm not suggesting what the right way to do things is. I'm just looking at how people are doing things. Expecting them to behave differently isn't likely going to bring about a change in them.
Goodwill in that context is towards the company, an intangible asset comprising the value in its brand etc.
Edit: Same goes for basic politeness or being customer friendly. Can be very good for the stock price long term even if it doesn't matter in this quarters result.
It is not like most of the time randomly. It is like that, because economic system is designed to work that way.
"Designed" is probably putting it too strongly. But however you characterize the process that got it that way, people did it, and people can change it with enough effort. In fact it is constantly changing, and each of us can decide the direction we are going to push it, and how hard.
"And friends, they may thinks it's a movement." — Arlo Guthrie, Alice's Restaurant Massacree
They got their reforms, so yes it was designed.
The neoliberal faction certainly has had an outsized influence (funny how proposals that the 0.1% want done end up getting a lot of positive attention more often than not), but even so, the economy as a whole is the result of a lot of political compromise and dealmaking, not to mention undirected evolution.
"every state has enacted a corporate statute giving managers explicit authority to donate corporate funds for charitable purposes"
(I am not necessary saying companies should run social support. I don't think so. But they are nor responsible for anything but the profit.)
See the article...
When you have contracts and support at a cost you aren't doing the work for free. The article is talking about running open source like a business rather than a volunteer situation. That means, you're not doing everything for free.
Which is _exactly_ what we are doing...
The person you're responding to made it very clear that they were responding to your conclusion that "large SV companies and startup should also start agreeing to pay for open source, when it's the core of the tech". The fact that you have support and services available isn't a "gotcha!" that refutes the point they are making, which is that given that there is also a zero-cost "product" available, then (unsurprisingly) prospective customers prefer that one instead.
That applies even to existing sponsorships, however. Their existence thus points at more than cold-blooded short-term business interests being at play here. While corporations are in theory seeking only shareholder value, corporations happen to be (made up of) people, who are capable of altruism, and should be encouraged to use it. Just because US capitalism has managed to build a not-entirely-failing system on unadulterated selfishness does not turn that mindset into a virtue, or even reality: as far as I can tell, the dominant reason for sponsorship is that some person with a bit of authority likes the idea.
They may consider it good for marketing, or recruitment, or to secure their supply chain, or just morally called for, or they want to be the fat cat at this years TINYTEC-CON. If you asked them, they’ll give you a reason that totally makes sense for a business and has little to do with reality. And, no, nobody ever got sued or fired for these decisions. So go ahead, do it! You got all the left-padding you needed, it’s right to pad their wallet in return.
(recycled from earlier comment on the topic)
Sometimes they could keep hiring for cheap a provider for one of their core needs, but choose to pay much more to have an exclusive contract and guarantee the provider doesn’t get scooped or goes under.
There can be any rationale applied to paying more money than the minimum they could get away with.
Just look into the amount of simple "wage theft" (employers forcing employees to work off the clock, etc.) that exists in the USA.
Of course, this country fought a war over the issue of free labor from black slaves.
All is good and dandy.
If employees are not getting paid, they'll go and do something else (like another job or growing food themselves) or steal and starve if there are no jobs or resources. They would never work for free because they can't live without eating.
Except, slavery. Sure, the master pays as little as they can to keep the person alive, but staying alive is about the only good thing they get out of life.
I see an opportunity to create a "create-a-company"-as-a-service, to help tons of other maintainers to do this with ease.
A lot of companies have a lot more controls on purchasing than they do on employee salaries. So a manager who has ten $100k developers reporting to them might only have $10k they can spend at their own discretion.
And the unix philosophy of having many small tools and libraries means practically nobody is _just_ using one open source product. So even if you can get your bill to someone with a million dollars to spend, if they have to share it between 1000 open source projects it's not going to go very far.
Two examples, off the top of my head:
1) Here's how Open Collective looks, for jMonkeyEngine (a lovely Java game engine that's also a bit underfunded and underutilized): https://opencollective.com/jmonkeyengine
2) Also, here's the Patreon of Godot (a more hyped and better funded engine): https://www.patreon.com/godotengine
Why would large enterprises not just use a tool like that, if they already use the likes of AWS or other IaaS/PaaS/SaaS offerings?
But i definitely agree that a lot of open source is underfunded and as a consequence many can't work on it full time or even every day, because things are dire financially otherwise: https://staltz.com/software-below-the-poverty-line.html
Not everyone has cushy jobs that make them $100k a year, i make closer to $21k in Europe now, about which i wrote on my blog: https://blog.kronis.dev/articles/on-finances-and-savings
It feels to me that perhaps the solution here is to have something like a bot on GitHub/GitLab, that adds a comment to issues: "If you'd like to express to the maintainers how important this issue is and draw more attention to it, then submit a payment here: ... Payments so far: ... (possibly with messages by supporters)"
Most people don't care about Open Collective or GitHub Sponsors or whatever, they just want to make feature requests or bug reports. If their attention is captured and the ability to make their own request/report more visible is offered to them as a part of that process, maybe things would be a bit better? I've definitely heard the sentiment expressed that micropayments have the potential to improve how we interact with others on the web in some ways, i'm just not sure how viable that is.
> But! Maintainers need to be legible to the big company department that approves and processes those invoices. Think about it: no company pays their law firm on Patreon. You'd be amazed how much harder it is to explain "what the fuck is an open collective?" for a $10k donation, compared to paying a $100k invoice to an LLC that filed a W-9 or W-8BEN and takes payment through ACH. The trick is that you can easily incorporate a pass-through US LLC and open a business account for it even if you're not a US citizen, it's not rocket science.
And yet, these companies basically pay monthly to AWS, which isn't all that different on a conceptual level. Needing a LLC just to receive donations of any sort is ridiculous, why can't these companies just be more humane, instead of drown the idea of doing anything good into needless bureaucracy?
It's like a scene out of Brazil: https://en.wikipedia.org/wiki/Brazil_(1985_film)
The mission of Open Collective is clear even on the main page: https://opencollective.com/
For example, if a company uses ffmpeg on their products and product generates a yearly revenue of 1m then they will pay you 1k.
Current open source agreements do nothing to help smaller companies or the maintainers and honestly I find it stupid and destructive.
Charge larger companies more depending on their revenue and let small size companies with less revenue basically use it for free. Isn’t this more ethical than letting FAANG use these software for free?
So many commercial platforms rely not just on ffmpeg and vlc but also on nginx, php, python, nodejs, linux, mariadb, and everything else you can imagine. We also pay for some very niche things that are simply not available from the open source community.
If my company was liable to have to pay out for each one of these projects we would be bled dry and our business would no longer be profitable. A bunch of people would also lose their jobs in the process.
At my company we have revenue sharing so the idea of having to cut out a piece of the pie for an open source project would not be popular among staff. Most of them aren't even in tech.
As a small business owner I understand this perspective, but if you expand it out it becomes transparently exploitative. "If my company was liable to pay for employees' health insurance, we would be bled dry and our business would no longer be profitable." I pay 25-35% of my income every year via taxes, if I didn't have to do that my profit margins would increase. It's not hard to find someone who claims they're being "bled dry" by taxes. Egress and ingress bandwidth is expensive, imagine if you didn't have to pay for it? Companies like Walmart are able to offer low prices in part because taxpayers fund them by providing food stamps and welfare to their employees.
At the end of the day the stuff you rely on costs SOMEONE money, if you're not paying for it, someone else is paying for it with their time and possibly money. If you can't do business profitably after paying for the stuff you use, your business is already insolvent and someone else is funding it for you.
Unfortunately, building a business on a limited resource that is -currently- "free," is not a particularly wise decision.
VideoLAN and ffmpeg are amazing tools, but a lot of folks have made a lot of money on wrappers (some of which, are eye-wateringly expensive). I'd be unsurprised to find a number of license violations in some of these wrappers.
History is filled with examples of people making money on resources that are not sustainable. These folks make a lot of money, until they wipe out the resources.
OS is a limited resource.
To put that another way, your profit is derived entirely from arbitraging the value of open source software for your customers. If you were actually paying what the software is worth to you there'd be no money left. Effectively, you are taking some of the value of the work done by open source developers and keeping it for yourself rather than passing it on (that's not a criticism btw, it's how practically every "supplying goods" type business works.)
That's very unfortunate. You're not really creating much value, so I imagine your business is too small for anyone to worry about. In the case of something like YouTube that clearly that isn't the case though; they create far more value from the open source software they use. YouTube absolutely could afford to pay a fair fee for what they use. If nothing else, it protects YouTube from a problem like the log4j issue this conversation has arisen from.
When your software is used by billions (1e9), a adequate/fair share may be around 0.00001% (1e-7) with huge variability, but try paying 2c for your favorite logging library, 3c for gcc, 1c for task manager, 0.1c for a tool you never heard of ...
Plus some folks are tweaking and fine tuning it from time to time to be compatible with road 5.2 and with axle 3.1 and so on.
GitLab uses a delayed release (open core). Paying customers get the features first and months/years later they get into the free tier.
At some point you have to recognize that a lot of our society operates on the expectation that people will behave in accordance with norms so that we don't have to bake every single thing down into extreme rules and have them enforced by armed goons. You're certainly free to ignore norms and do whatever benefits you the most at expense of others, but if other people did that to you constantly you'd probably end up pretty grumpy. There are lots of ways you can inconvenience someone without breaking the law.
Personally, I gave away a very useful free software package for ~4 years that I maintained solo, and multiple corporations repackaged it to sell to people without ever contributing fixes. Then when I stopped maintaining it for free, they all sent me emails offering to sponsor it (at pathetic rates). Seems like my free labor was worth something after all!
Instead you brought your big dish to a food stall on a street corner that has the sign "FREE FOOD" in large font. Folks of all backgrounds, shapes and sizes show up and soon your food is gone.
If after that, instead of feeling warm and fuzzy that you did the world a solid, you wonder if any of those patrons were wealthy and could afford to pay for what you gave away for free, then maybe next time you should put a price tag on it.
But that's not how people use them- people commit to a solution not only because it works today but also because they are likely going to keep using it for the foreseeable future. It's the maintenance that is the costly part. Maintaining a library is a lot more involved than producing it and then vanishing w/o a trace.
Ultimately somebody publishing and maintaining a good library is a positive externality for society. It's like giving kids a good education- it helps everyone. So big corporations relying upon open source w/o putting their money up to help allow the actual 'boots on the ground,' so to speak, get the job done, is kind of like getting a good free education as a kid, making a ton of money as a grownup, and refusing to pay teachers along the way.
The problem happens when you want to maintain your version with the current version (for security / features) or push those local changes to the project so you can stop maintaining. At that point you have to assign local resources or hope your patches are accepted which takes usually requires a relationship.
No invoicing, no approvals, it runs, you get paid in fairly direct proportion to the actual run time. This might actually be a real use-case, not that I think about it (of course, then there will be a war to strip it out, violating the license, etc.)
Open Source is just naïve charity, much like the UK Govt exploited the charity of the public by helping along a Weekly 8pm clap for NHS workers on a Thursday night during Covid Lockdowns. A weekly clap aint going to pay the bills and the rich will say anything to get out of handing over money. Hard lesson but its the truth, they would spend on PR Image control than pay bills IMO.
So sorry, Open Source is something people can practice on and not get paid for except in a consulting role at best.
There is nothing to police. You making changes and not releasing them is perfectly within your rights. You can even distribute binaries with your changes legally.
> So sure whilst the statement is true that Open Source runs most of the internet, the companies using it like Facebook or Google are not under any legal obligation to submit any changes back to the public domain for the greater good under some of those contracts.
That depends. Both named companies have a global ban for anything using the AGPL license family. Except from that, you might be right that they aren't obligated to distribute their changes. You might find, however, that they do so anyways. It's much easier to merge your changes upstream than to maintain an internal fork indefinetly. And by merging the changes upstream everyone else profits.
You seem to have a very warped view of what open source software and free software is about, and what rights the users may have or not have.
Just looking at paid out Bug Bounties gives you an idea of how hard it is to get appropriate levels of remuneration as a vendors own bug bounty is outbid.
So whilst the call to arms to get paid for OSS submissions is noble, its still a flawed business model for most "professional" maintainers. I know there is a culture at Uni's to maintain OSS but they dont have the experience which we see in the quality of the code output.
Offer your FOSS project with the meanest anti-corporation license you can find (AGPL?) which is not going to bother your user base but it is going to be a major hurdle for any corporation and then offer the software with a corporate friendly license for 100.000 / year.
Wouldn't this work?
That's what FOSS should mean anyway. The old definition can be renamed into exploitationware.
I guess we can discuss what should be, but AFAICT it's just not FOSS according to the OSI or the FSF.
FFmpeg should be able to pull multiple $M per year easily from all the major corporations that use it. For comparison, $1M is the total yearly cost of ~3 average engineers at FAANGs. And most, if not all of them, use FFmpeg quite seriously.
That's the point, they don't pay, and they don't get support. But they still complain when there is a major CVE.
> For comparison, $1M is the total yearly cost of ~3 average engineers at FAANGs.
I wish we got that...
You've put your finger on the core of the issue with FiloSottile's suggestion. The problem is that to sell something to a big corporation, you need to have something tangible you can sell. What you have are enormous pieces of widely used software, being given away for free. Many companies are going to take that and run with it, and forgo a support contract entirely. You may argue that they want support when there's an issue, but the truth is they're happy enough with the status quo and just complaining a lot.
In FiloSottile's model, a corporation needs to use your software for something specific, but also expects to need changes to it or prioritized issue support and approaches you; you send them an invoice with five zeroes on it as a bill for your services and they are heavily incentivized to pay for it.
Unfortunately that's not the reality for 99.9% of open source maintainers, a figure that includes most creators of popular software like VLC. I've personally contributed to a bunch of projects and maintain some of my own, but it's a hobby. As far as I know no corporations are even using any of them. Figuring out some software niche that no one yet has a product it, building it, and waiting for a corporation to swoop in and drop me a six figure yearly check cannot be a career strategy.
If you want it fixed now submit a PR that I can accept. That’s what I do anyway.
Sure, someone else may start a competing project…
2) When funding is low, big scary exclamation marks all over the place
3) Include a bulleted list of doomsday scenarios showing what could happen to YOU if a bug/vulnerability is found
4) Add a picture of a sad kitten or crying baby for good measure
Now just subscribe all of the non-tech business people at organizations that use FFMPEG, and wait for them to panic. (Make sure that they need to call you to unsubscribe from the newsletter, especially if they work at the New York Times)
Don't do that bit unless you're sure it's not illegal in your (and their) jurisdiction.
Spam being a thing, and there being laws against it.
> By using this software, you agree to subscribe to our monthly newsletter
(I was joking btw, in case that wasn't clear)
Ah, if only one could "just" get a mass of people's attention and send the message
: From what I've seen this ~50% number seems to be pretty close to the mark across virtually all industries and jobs. I.e. it's pretty safe to assume that the total cost to your employer to retain you is around double your take home pay.
Many open-source project maintainers wouldn't go to the length of setting up companies like you've done, The paper work and compliance don't cut slack for building an open-source product.
Perhaps there's a need-gap for services which maintain those for open-source projects and acts as a middle-men between the maintainers and the Account Payable of companies?
Yes, I think this might be a better model, indeed.
But I did not start either of those projects, I came on board later; and those models are difficult to back-fit into an existing project.
If the project improves by making a difficult change then that is still your choice to make. Sure some people will complain, but there is always someone that complains when things change.
The way this industry has evolved is a complete dumpster fire, where the dudes that glue the pieces together are paid 10X the value the dudes that actually built the hard part!
I won't give names, but some very large cloud providers and some very large chips vendors.
Do you have reps that can wine and dine high level people? From my observation this is where the money is.
Curious if anyone knows.
It’s not as if altruistic motives, are what drives big corp.
Open source often originates in big corp; k8s, Rust, and all the ML … none of them are exactly wart free or blowing minds as promised. Just the next evolution of a big corp financed mess from the 90s.
The response to big corp complaints is they get what they pay for. And since austerity for the masses, all your agency are belong to us, fuck big corp