1. 83

  2. 37

    Such irony in the title here–“open source” is not about you; it’s a movement to hijack the free software movement and turn it into something a company can profit from, riding on free software goodwill and stripping the political aspects that are hard to reconcile with shameless capitalism.

    I don’t think it’s what Rich meant here, but it does nicely serve to underscore the vast gulf between the oss and free software camps; if you are in software because you want to make the world a better place, move right along.

    1. 26

      it’s a movement to hijack the free software movement

      There’s a problem with this statement, it doesn’t apply to me.

      When I was open-sourcing my project I wasn’t joining any movement. I didn’t sign any contract. I use the words “open source” in a plain sense: this is a source code that someone can get and use according to the posted license. I’m totally fine with any company making profit off of this code. No company ever indoctrinated me into thinking this, and I deliberately chose BSD license over GPL exactly to not having to be associated with Free Software movement (I don’t hate it, I just didn’t want to). Yes, for real. People like me exist.

      What I’m saying is, we already have a term meaning “open source + a particular ideology”. It’s Free Software. Please don’t try to appropriate “open source” to mean anything more than “available source code”. And no, I don’t really care what OSI thinks about this “term”. It’s their idea, not mine. I need some words to describe what I’m doing, too.

      1. 9

        When I was open-sourcing my project I wasn’t joining any movement

        That’s exactly the difference between the “free software” movement and Open Source. You made @technomancy’s point for him.

        1. 1

          It’s contradicting the framing that he’s somehow been duped out of believing in the fsf’s ideology by an open source movement.

        2. 9

          P.S. In fact, there was a time when “Free Software” also wasn’t associated with not letting companies profit from it. Here’s a classic Mark Pilgrim on this: https://web.archive.org/web/20091102023737/http://diveintomark.org/archives/2009/10/19/the-point

          Part of choosing a Free license for your own work is accepting that people may use it in ways you disapprove of.

          1. 5

            Check Selling Free Software from 1996.

            1. 6

              I came here to share this link. the GPL, and free software, was never about gratis, was never about not paying for software. It has always been about liberty and the freedom to control one’s own software.

            2. 3

              2009 is classic? Am I old?

              1. 1

                “Classic” in a sense “explains well”, has nothing to do with being old :-)

            3. 5

              Just because you use a term doesn’t mean you get to define it. Saying “I don’t care what OSI thinks or why the term was invented” seems pretty strange to me… it’s their term and has a history, like it or not.

              1. 8

                What word should I use if I publish source code so people can use it but don’t care about furthering the cultural revolution?

                1. 5

                  “Open source”.

                  1. 1

                    Billionaire. In a historical interview, that’s what the CEO of Apple believed he’d become if a lot of things lined up, one being getting a whole, networking stack for free from BSD developers. The other thing he envisions is them begging for money at some point so their projects don’t close down. He bragged his main competition would be contributing their fixes back since they got themselves stuck with la licence de la révolution. Attendees were skeptical about such a one-sided deal going down.

                  2. 4

                    No :-) The only way a natural languages is defined is through use, and the most common usage becomes a definition. OSI didn’t make this term theirs by simply publishing their definition, they just joined the game and have as much weight in it as every single user of the word.

                    1. 4

                      True, but also like it or not language evolves over time (always to the chagrin of many). This is not unique to technology or English. At the end of the day it doesn’t matter what either OSI or /u/isagalaev thinks, society at large makes the definitions.

                      Having said that, if you step outside of the FOSS filter bubble, it seems pretty clear to me that society leans towards /u/isagalaev’s definition.

                      1. 3

                        Also, as a sensible dictionary would, Merriam-Webster defines both current interpretations of it: https://www.merriam-webster.com/dictionary/open-source

                    2. 4

                      we already have a term meaning “open source + a particular ideology”. It’s Free Software.

                      You can’t remove politics from this question; the act of pretending you can is in itself a political choice to support the status quo.

                      1. 2

                        You can remove “politics” from open source, and that is precisely what open source has done.

                        The term open source can be operationally defined (i.e., descriptive, constructed, and demonstrable). From Wikipedia, citing the book “Understanding Open Source & Free Software Licensing.” (Though feel free to use Merriam Webster or the OED as a substitute): “source code is released under a license in which the copyright holder grants users the rights to study, change, and distribute the software to anyone and for any purpose.”

                        The license terms are selected that most parsimoniously accomplish the stated definition. (i.e., make it possible for the stated definition to become externally correspondent and existentially possible). The fewest number of rules (formula, statements, decisions) possible to accomplish the work–producing a limited number of legal operations (rights, grants, privileges) that can be fully accounted for.

                        It is the deflationary nature of the process that removes “politics.” Making the license commensurable and testable while removing suggestion, loading, framing, or overloading. BSD/MIT are small and shrinking, whereas GPL 2/3 are large and growing. That’s the difference.

                        1. 2

                          “source code is released under a license in which the copyright holder grants users the rights to study, change, and distribute the software to anyone and for any purpose.”

                          You can still get patent sued for that due to laws paid for by lobbyists. The effects of politicians on what we can and can’t do with open-source mean it’s inherently political. The people who say they want its benefits with no interest in politics or whose licenses don’t address it are still involved in a political game: they’re just not players in it.

                          1. 1

                            I’m not sure why do you think I’m trying to “remove politics”. Of course I do have some political view on this, however vague it might be. This is totally beside the point. The point is that I don’t want to proclaim/discuss my political views every time I want to say that the code is available. It’s a completely valid desire.

                          2. 1

                            Why BSD license over public domain? The latter makes the source code more “available”, does it not?

                            (If you wonder how I feel about the GPL, check my repos.)

                            1. 11

                              The latter makes the source code more “available”, does it not?

                              No. In jurisdictions that don’t recognise public domain (e.g. France) and in which authors cannot give up their copyright, giving it to the public domain is meaningless and it’s as if the code has no free license at all. It’s the same as “all rights reserved”.

                              1. 2

                                That’s very interesting. Would folks in such jurisdictions be interested in working together with others to reform copyright law? Perhaps among .. other things?

                                1. 2

                                  Why? It’s a different branch of copyright law and the idea of authorship being something you cannot give up is fundamental to those. You can only perpetually license.

                                  CC0 is a great license to use in those cases, btw.

                                  1. 2


                                    One reason being that some people think copyright, or perhaps even more generally, intellectual property, is unethical. Another reason could be a desire for a single simple concept of “public domain,” perhaps similar to what we have in the US.

                              2. 1

                                I like the idea of retaining an exclusive right to the project’s name, BSD is explicit about it.

                            2. 10

                              Companies are profiting massively from both. The License Zero author figured out the reason is the FOSS authors focused on distribution methods instead of results. That’s why Prosperity straight up says commercial use like many non-free licenses mention. The other one says any change has to be submitted back.

                              The license needs to explicitly mention them making money or sharing all changes to achieve what you’re describing. That plus some patent stuff. The “free” licenses trying to block commercial exploitation are neither believably free nor stopping commercial exploitation after companies like IBM (massive capitalist) bet the farm on them. I mean, the results should prove they dont work for such goals but people keep pushing old ways to achieve them.

                              Nope. Just reinforcing existing systems of exploitation by likes of IBM. We need new licenses that send more money and/or code improvements back.

                              1. 3

                                It should not be the job of a license enforced by copyright to extract rents. That’s the playbook we are fleeing.

                                1. 2

                                  ““open source” is not about you; it’s a movement to hijack the free software movement and turn it into something a company can profit from”

                                  The commenter wrote as if they expected whatever license or philosophy was in use to prevent companies from using the software for profit or with exploitation central focus. Several companies are making billions leveraging FOSS software. One even lobbies against software freedom using patent law since suits won’t affect it. So, if the goal is stopping that and spreading software freedom, then the so-called “free” licenses aren’t working. Quite the opposite effect moving billions into the hands of the worst, lobbying companies imaginable.

                              2. 2

                                I just don’t see “open-source” being an hijack of “free software” for corporate purposes. Why would corporate care, they can exploit the free labor of free software just as much, the politics are not visible in the final software product. If anything, it seems like the social goals of free software have been diluted by other programmers who like the technical side of it, but neither care or agree about the politics.

                                1. 3

                                  Why would corporate care, they can exploit the free labor of free software just as muc

                                  Depends on the market. If it’s software they sell directly, the copyleft requirement means they have to give up their changes. Those changes might be generating the customers. They might also be causing lock-in. Better for them to keep their changes secret.

                                  Your point remains if it’s anything that lets them dodge the part about returning changes, esp SaaS.

                                  1. 3

                                    I just don’t see “open-source” being an hijack of “free software” for corporate purposes.

                                    It’s not really a matter of opinion. That hijacking is exactly what happened in 1998. The fact that today you forgot that this is what happened means that it worked: you stopped thinking about free software, as the OSI intended to happen in 1998.

                                    OSI was created to say “open source, open source, open source” until everyone thought it was a natural term, with the goal of attracting corporate interests. They even called it an advertising campaign for free software. Their words, not mine.

                                  1. 2

                                    “a) if people really cared enough about this, and it was a hill worth dying on, we’d see outright forks of all the core stuff, under a less constrained editorial process, which were “community” maintained and managed.

                                    b) the “community” would test the implicit hypothesis that they can do it better than the constrained process Rich implemented (same or better quality, same consistency and backwards compatibility, all with lower latency).”

                                    This is what I always think. And, if really putting community first, they can use Pieter Hitchens’ Collective Code Construction Contract that they described here. First description I found in Google anyway…

                                  2. 13

                                    Upvoted almost automatically :-) The problem of “contributor entitlement” is understood by most maintainers, and by many other participants in open source projects, but we should keep saying it over and over, until the idea that a maintainer doesn’t owe you anything becomes completely ingrained in our culture.

                                    1. 13

                                      Well, the one thing I have learned from being on the internet is that it’s full of ungrateful people.

                                      After that I learned that the reason for this is that you don’t notice the grateful people, even though they are there. You are ungrateful for the grateful.

                                      For every 1 person complaining about stuff, 100 more are using it happily and silently. The first rule of the internet is still in effect: ignore the trolls.

                                      1. 8

                                        Li Haoyi pointed out an inconsistency:

                                        The controversy around OSS Clojure (and earlier Elm) is from mismatched marketing: http://clojure.org says “we are a vibrant, flourishing community”. If it instead said “You aren’t entitled to contribute, to features, attention, or explanations”, things would be different

                                        1. 1

                                          That’s a good point. Marketing material pushing one thing, but delivering another, is always a dark pattern.

                                          1. 2

                                            The grumpy sysadmin way of saying exactly what you can do makes poor recruitment material.

                                        2. 8

                                          Whether it’s due to some collective memory of the technical difficulty of doing it pre-internet, or because ESR once wrote that it should be a last resort, the open source community seems unwilling to reach for the fork at times like this.

                                          TFA doesn’t even mention the possibility, but it’s always there. If you want some change to Clojure but Rich Hickey isn’t ready to accept it, you can avoid your own frustration and his by forking the repo and making the change. If you don’t like the fact that I haven’t made any changes to event-stream in a while, you don’t have to give control over to some random, you can fork it.

                                          Linux has even taken the idea of forking in decentralised version control to heart, and everybody’s repository is a fork. If Linus won’t take your commits, they’re still in git in your version(s), and maybe Greg or someone else will take them.

                                          1. 3

                                            So much this. Freedom is the freedom to fork. That’s at least 2/4 of the point ;)

                                            1. 1

                                              That’s overstating it. There’s ways to allow forks under proprietary models. You just say they can make any change they want, distribute it to other paying customers, and the licensor isn’t responsible for the changes. It doesn’t become free without acquisition, changes, and redistribution all free. At a minimum.

                                          2. 6

                                            This is interesting, in relation to another current thread here.

                                            A comment on an issue where a maintainer has passed control to another party, who then allegedly inserted malware into the release:

                                            You put at risk millions of people, and making something for free, but public, means you are responsible for the package.

                                            (source: https://github.com/dominictarr/event-stream/issues/116#issuecomment-441161123)

                                            So… maintainers who burn out should hand over their project to someone else, but they are somehow indefinitely responsible for the code after all? And there zero blame laid on the party that uses the code? That does seem to encapsulate the entitlement issue.

                                            1. 3

                                              Thanks for posting this here - if you didn’t, I was going to, as it’s the main thing that has been bugging me about the whole episode.

                                              This is a hard problem to solve! How far can you trust your contributors or fellow maintainers? What constitutes a reasonable effort to ensure that your software is in good hands, and frankly how much of a reasonable effort do you owe people when you’re providing something on your own time, for free?

                                              I hope we can build better tools and practices to protect against this sort of thing in future but, in line with your post and the main article, I can’t blame the author for handing over a project he didn’t want to someone who offered to maintain it.

                                              1. 4

                                                The offer to maintain an “abandoned” project could be seen as a form of social engineering. Presumably the new maintainer (or a team they were a part of) identified the vulnerability of the NPM infrastructure and tried to find a way to exploit it.

                                                They then acted as a “good citizen” of the open source community (affinity fraud) to get access to the source and the NPM uploader rights.

                                                (It would be interesting to see if other packages that have been used in the targeted applications have a similar vulnerability. Presumably the team has other aliases or identities in this case.)

                                                Dealing with this is tough as heck. A maintainer who wishes to remain a good security citizen would have to set the repo readonly, and require extensive vetting to open it again… but that can have a massive chilling effect, and is pretty trivially defeated through straight-up fraud. Or people will look at this and see that a successful open source project simply doesn’t give enough ROI financially or emotionally to invest time in. If you “mess up” at any time in the future you will suffer the consequences.

                                                As usual, bad actors makes life worse for honest people. But it’s the way of the world. I guess it’s surprising that NPM hasn’t already been hit with something like this (or maybe it has but it’s not shown up yet).

                                                1. 4

                                                  how much of a reasonable effort do you owe people

                                                  You owe no one anything. It is polite to inform users of the new maintainership, but that is all.

                                                  If people choose to blindly source from an upstream with no vetting or even knowledge when it changes hands, that’s on them, not you.

                                              2. 4

                                                Haven’t read the entire piece yet, but I think the confusion arises from this: FSF started pushing free software as an ethical imperative, and later OSI started promoting this same model as a pragmatic community-oriented development model that results in higher quality software, which unfortunately causes people to conflate software licensing with development model, and thus assume that because Clojure is under a free license, it must then be open for community contributions.

                                                IMO the solution would be to talk more about the ethics of free software.

                                                1. 6

                                                  I think the only thing that authors/maintainers owe the community is an honest statement about the quality of their software. If you market your open source project as an industrial grade masterpiece and the code is unreliable garbage that doesn’t scale, then people have a right to be upset.

                                                  1. 4

                                                    Why? Users should bear the responsibility of at least skimming the code in order to determine whether it is fit for use.

                                                    1. 1

                                                      So you think that authors are blameless if they oversell/hype their open source software way past the point of it’s proven capabilities?

                                                      1. 1

                                                        No. There’s no way to really fix that, though. It happens in any marketplace.

                                                        If you release something labeled a prototype that somehow ends up on HN, then you will get breathlessly-written issues along the lines of “I want to use this for my startup why doesn’t it work?”

                                                    2. 5

                                                      I find most projects contain a statement about the quality of the software. Usually looks like this:


                                                      1. 2

                                                        They don’t even owe that unless required by law. What they’re doing is throwing an object, from blessed to cursed, out there into the world. The responsibility is on the user to determine if that object is a working piece of software that meets their needs. Anything more is charity nobody should demand. Feel free to ask nicely, though.