Language Selection

English French German Italian Portuguese Spanish

LinuxWorld: Changes in open-source licensing

Open-source licenses are changing, causing ripples in the Linux community. However, analysts here at the LinuxWorld Summit conference predict that greater change is due for open-source development and its business models.

Before his Wednesday session on licensing issues, Steven Henry, an IP (intellectual property) attorney with the Boston-based IP specialist law firm Wolf Greenfield & Sachs PC, spoke with Ziff Davis Internet News. He said that open-source software licensing is like ice-cream: many different flavors and types.

While "one-size licensing doesn`t fit all," he pointed to market forces that are pushing open-source licenses and their development models to change and consolidate.

Enterprise Linux users say their switch to the open-source operating system brought big cost savings and reliable security. Click here to read more.

Henry observed that the GNU GPL (General Public License) is now being rewritten by Eben Moglen, the legal counsel for the FSF (Free Software Foundation) and others. No date has been set for this Version 3 of the license.

Rewriting the GPL, however, will not be a quick process, and the process may be complicated. According to Moglen, the minimum time for such a process is a year and the closure date is undetermined.

In particular, Henry said that dealing with patent issues will be critical for the new GPL. Unfortunately, patent and the "proprietary rights [that go with them] are the elephant in the room," he said. "Proprietary right issues must be dealt with if open source is to survive." For example, he said Sun Microsystems Inc.`s CDDL (Common Development and Distribution License) is open only to the point where developers start trying to take advantage of it being open-source. "The CDDL is clearly completely incompatible with GPL," Henry said.

This was an understandable business decision, Henry continued. "Companies aren`t going to throw away their patent rights. They want to gain something."

Meanwhile, the Open Source Initiative recently acknowledged that there are simply too many open-source licenses. And a number of developers confirmed to Ziff Davis Internet News that it`s simply beyond them to keep track of the various requirements placed on them when using software that`s covered by two or more open-source licenses.

While some companies, Henry said, make an effort for the legal department to oversee the use of any outside code, he`s not sure how well that policy is being followed in practice.

Some developers in businesses, however, said they weren`t especially worried about being sued for their use of open-source code.

Josh Levine, the chief technology and operations officer for E-Trade Financial Corp., said that while there had been some risk of lawsuits (because of The SCO Group Inc.`s threats) around Linux for a while, "it`s no longer high on the legal department`s radar."

At the Retail Linux Solutions conference in Chicago this week, Harry Roberts, CIO and senior vice president for Boscov`s Department Store LLC, told the handful of attendees that the legal issues that SCO had raised with regard to Linux "is now less of a concern than it was a year ago as SCO is unlikely to still be around," he said.

While there was speculation that there could be additional patent and copyright suites against Linux, "we see this as a minor risk," Roberts said.In addition, open-source software companies that check code for licensing violations such as Black Duck Software Inc. are helping to settle the minds of worried CIOs.

There is a far more significant "risk" to open-source developers, according to Henry. With the embrace of open-source by big business, cultural changes are coming along with the adoption. "Open-source is no longer a grass-roots movement. It has been co-opted," he said.

Because of this change, open-source software is no longer developed by communities using Eric Raymond`s bazaar model of development.
"The idea that a software community is there for all open-source projects is no longer true," said Henry. Instead, companies now employ developers to write open-source programs.

In these cases, "if a company that makes an open-source package abandons it, it`s abandoned."

In five years, Henry predicted that open-source revenue will overcome the free software religion. "Linux might be the first, biggest and perhaps only major bazaar-style open-source development project to get traction in the commercial sector," he said.

In the future, open-source and proprietary programs will be competing on an even playing field and there will be little difference between how they will be developed, he said.

As a result of the enterprise`s penetration of open source, the open-source licenses will change as well. Exactly how this change will play out isn`t clear, but Henry expects "economics to prevail over doctrine."

One shape this might take, according to Steve Garone, vice president and senior analyst for the research house Ideas International Ltd., is Sun`s CDDL. "Sun just might be on the right path," he said.

UPI

More in Tux Machines

today's howtos

Linux Microsoft Office Alternatives

Despite what you may have been led to believe, there are in fact a number of solid Linux alternatives for Microsoft Office available. In fact, there are even options available with varied levels of docx support, if that is something relevant to your business. This article will explore my recommended Microsoft Office alternatives for Linux. Some of them you've likely heard of, others may be cloud/server based options that you might not have thought much about until now. Read more Also: The best open source video editors 2018: free to download, edit, use and share

Security: Updates, WordPress, Hardware Patches, and Open Source Security Podcast

  • Security updates for Tuesday
  • WordPress 4.9.2 Security and Maintenance Release
    WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress.
  • Debian-Based SolydXK Linux OS Receives Patch for Meltdown Security Vulnerability
    The Debian-based SolydXK Linux operating system has been updated today with patches for the Meltdown security vulnerability, as well as various other new features and improvements. To mitigate the Meltdown security exploit that allows a locally installed program to access the memory, including the kernel memory, and steal sensitive information like passwords and encryption keys, the SolydXK 201801 ISO images are now powered by the latest kernel release with patches against this vulnerability.
  • Chakra GNU/Linux Now Patched Against Meltdown & Spectre Security Vulnerabilities
    It's time for users of the Chakra GNU/Linux operating system to patch their systems against the Meltdown and Spectre security vulnerabilities as new kernel updates landed today in the repos. Publicly disclosed earlier this month, the Meltdown and Spectre security vulnerabilities are affecting us all, but OS vendors and OEMs are trying their best to mitigate them so that no user can be the victim of attacks where their sensitive data is at risk of getting in the hands of the wrong person.
  • Open Source Security Podcast: Episode 78 - Risk lessons from Hawaii

GNOME Devs to Users: Desktop Icons Are Moving to GNOME Shell with GNOME 3.28

There appears to be a lot of fuss lately about the removal of an option from the GNOME desktop environment that allows users to display icons on their desktops. Long story short, last month, near the Christmas holidays, GNOME developer Carlos Soriano shared his plans on removing a so-called "the desktop" feature from the Nautilus file manager starting with the upcoming GNOME 3.28 release of the desktop environment, proposing its integration into the GNOME Shell component. The feature is there to handle application icons on the user's workspace, but it shouldn't have been implemented in Nautilus in the first place, according to the developer. So for the GNOME devs to be able to add new features to the Nautilus file manager, they need to remove its ability to handle desktop icons and place the code somewhere else. Read more