Open Source Software
Clemens Zeidler
May 19, 2017
1 / 42 Table of Content
Open Source Software
Open Source Software Licences
Creative Commons
Open source not only for software
2 / 42 What is open source software (OSS)1?
Proprietary Software/ Closed Source Software
I a person, team, or organization has exclusive control over the code/software
I source code is not available to others
Open Source Software
I source code is publicly available
I shareable
I can be modified/enhanced
I can be redistributed (depends on license)
1opensource.com/resources/what-open-source 3 / 42 OSS is everywhere...
Kernels: Linux, BSD
I servers, super computers, embedded devices, mobile, desktop
Android
I Linux kernel + open source user land (often with proprietary firmware)
I most shipped mobile devices running Android
4 / 42 OSS is everywhere...
Web Browsers
I Firefox (Gecko engine) (originates from Netscape)
I WebKit and Blink web engine (forked from the KHTML/KJS project)
I Chrome
Web server
I Apache, NGINX...
5 / 42 OSS is everywhere...
Software Development
I most programming languages are open source
I many libs are open source, e.g. standard libs, Qt, Apache Commons,...
I dev tools: Git, Eclipse, Intellij IDEA,...
I build tools: maven, gradle,...
6 / 42 OSS is everywhere...
Applications
I Gimp, LibreOffice, Inkscape, Thunderbird,...
7 / 42 Motivation: User’s Point of View
Code quality/security
I public code reviews/ code analysis
I review security issues, check for backdoors, is the software spying on me?
I doesn’t mean all OSS code is secure/ has high quality...
Less dependent (as a private user and as a company)
I on a single company (software can live on after bankruptcy)
I on the core developer → forks possible
Often free of charge
8 / 42 Motivation: OSS for Developers
Reuse and learning
I able to reuse existing OSS libraries
I learn from existing libraries
I better understanding of 3rd party code
Community
I OSS may get reviewed by more people
I "free" testing by the community (win win situation)
I other can contribute to your software
I a strong community can be an argument for a product
9 / 42 Disadvantages of OSS
Community
I interaction with the community is required
I keep the community happy
I security issues and bad code quality may become visible
Forks and “stolen” code
I your project may get forked and distributed for free
I code can get "stolen" by competitor to create better software
I OSS makes it easier to copy feature (e.g. unique features that are a selling point for your software)
10 / 42 OSS does not mean free of charge
Business models based on OSS
I e.g. Ubuntu, Redhat, IDEA, Catalyst, Android
Service Model
I provide service for open source product
Community/Business Model
I dual license
OSS Friendly Model
I using, developing or supporting OSS/ libs
I building specialized solutions for customers based on OSS
11 / 42 OSS Licences: Motivation
Use and publish OSS
I what are the rules to use OSS?
I which rules should apply when releasing OSS?
I code building on OSS has to comply with licence 2 I 25/4/17 federal US court ruled GPL as a contract
Stick to existing/ proven licences
I avoid incompatibilities with other licences
I avoid corner cases
2qz.com/981029/ a-federal-court-has-ruled-that-an-open-source-license-is-an-enforceable-contract/ 12 / 42 OSS Licences
Overview
I GPL, LGPL, AGPL
I BSD
I Apache
I Mozilla Public License (MPL)
I Licence Compatibility
I Creative Commons (not for software)
13 / 42 GNU General Public License GPL4
History3
I GNU project (GNU’s Not UNIX) started in 1984 by Richard Stallman
I as alternative to upcoming proprietary licenses
I 1985 Free Software Foundation (FSF)
I 1989 GPLv1
I 1991 GPLv2
I 2007 GPLv3
3oss-watch.ac.uk/resources/gpl 4opensource.org/licenses/gpl-license.php 14 / 42 General Public License GPL (from oss-watch5)
Licensee can:
I modify the code
I copy and distribute the unmodified/modified code
I distribute compiled versions (modified and unmodified)
Conditions:
I all distributed copies (modified or not) carry a copyright notice and exclusion of warranty
I all modified copies are distributed under the GPL
I all compiled versions are accompanied by the source code
5oss-watch.ac.uk/resources/gpl 15 / 42 General Public License GPL
Other properties:
I GPL software stays GPL software no additional restrictions
I ensures that modified versions remain free and open source
I if there are patents, no charge for patents
I GPL software can be bundled with other software but all code must be licenced under GPL
I no-one can place additional restrictions on a GPL-licensed piece of software
Dual licence possible
I owner retains all rights
I e.g. Qt toolkit has GPL and commercial license
16 / 42 Issues with GPLv26
“Tivoisation” and Technological Protection Methods
I TiVo video recorder uses GPLv2 software but the recorder only runs cryptographically signed versions → no way to run a modified version
I GPLv3: all information must be public to run modified software
Others:
I unintended incompatibilities
I US-specific legal terminology
I web apps, software patent wars
6oss-watch.ac.uk/resources/gpl3final 17 / 42 GNU Lesser General Public License LGPL
Linking to libs
I linking to a GPL lib is considered modifying the program!
I you have put your code under GPL if you link to a GPL lib
What if an author want to write a GPL lib that can be linked to possibly closed software?7
I solution LGPL
I keeps modified versions of the library itself open source
I allows non-open source software to use the library, and be distributed with it
7oss-watch.ac.uk/resources/lgpl 18 / 42 GNU Affero General Public License
ASP (Application Service Provider) loophole
I a web service does not distribute software → modified GPL code does not need to be distributed
Affero
I a web services company
I provides their source code under a GPLv2 modified version that became AGPL
I AGPL fixes the ASP loophole
I AGPL can be combined with GPLv3 code
19 / 42 BSD License
History8
I first published 1988 (University of California at Berkeley)
I one of the oldest open source licences
Early version was very short and simple:
1 Copyright (c)
8oss-watch.ac.uk/resources/modbsd 20 / 42 BSD (3 clauses) License
Licensee can use, copy and distribute the
I unmodified source or binary forms
I modified source or binary forms
Conditions:
I all distributed copies are accompanied by the licence
I the names of the previous contributors are not used to endorse any modified versions
This allows to incorporate BSD code in closed source software
Another comparable very permissive licence is MIT9
9mit-license.org 21 / 42 Apache License10
History
I Apache Software Foundation (e.g. Apache HTTP server)
I 1995 licence v1 was mostly based on BSD
I 2004 Apache license v2
Use by:
I Apache, Android, Intellij,...
10oss-watch.ac.uk/resources/apache2 22 / 42 Apache Licence 2.0
Allows to:
I copy, modify and distribute the covered software in source and/or binary forms
I exercise patent rights that would normally only extend to the licensor
Conditions:
I all copies, modified or unmodified, are accompanied by a copy of the licence
I all modifications are clearly marked
I all notices of copyright, trademark and patent rights are reproduced accurately in distributed copies
I the licensee does not use any licensor’s trademarks
23 / 42 Apache Licence 2.0
Condition (patent retaliation):
I patent rights are withdrawn if: the licensee starts legal action against the licensor(s) over patent infringements within the covered software
I patent restriction makes it incompatible with GPLv2 (but compatible with GPLv3)
Summary:
I explicitly grants patent rights where necessary to operate, modify and distribute the software
I can be used in closed source projects (but lib and licence must be mentioned, e.g. about window)
24 / 42 Mozilla Public License (MPL)11
History:
I 1998 Netscape Communications decided to open source their browser
I GPLv2 was to restrictive; own licence: Netscape Public License (NPL)
I Mozilla Public License was designed to interact with NPL
I 2012 MPLv2 by the Mozilla Foundation
11http://oss-watch.ac.uk/resources/mpl 25 / 42 Mozilla Public License v2
Contributor grants rights:
I to use, reproduce, modify, display, perform, sublicense and distribute the source, and modified versions of the source
I use patents from licenced code
I to distribute work in combination with new code, and to license the new code in any way the distributor wishes
26 / 42 Mozilla Public License v2
Conditions:
I for all distributed copies (original or modified): the source code must be available
I all modifications are described in accompanying documentation
I any patent rights necessary to operate the software are clearly described in accompanying documentation
I all copies have a statement of copyright and an exclusion of warranties attached
I all modified files (not new files) must be distributed under the MPL
27 / 42 Mozilla Public License v2
Summary
I explicitly grants patent rights where necessary to operate the software
I keeps the covered code itself open source
I allows extensions of the code to be licensed in non-open ways
I on default compatible with LGPL, LGPL, Affero GPL
28 / 42 Permissive, Copyleft, Proprietary
12
12Andrew Morin, Jennifer Urban, Piotr Sliz, 2012, A Quick Guide to Software Licensing for the Scientist-Programmer 29 / 42 Licences Compatibility
13
13www.dwheeler.com/essays/floss-license-slide.html 30 / 42 Example: Open Source Project
How do I want people to use my project code?
I can be used it in proprietary software? → BSD, Apache, MPL
I I’m ok with it if my app/lib is used in proprietary software but my code should stay open → MPL, LGPL
I no my code should stay open source → GPL
I my code should also stay open if it is used in a web service → Affero GPL
31 / 42 I general libs (not directly related to the product) → any license, BSD, Apache, GPL
I specific lib more related to the product → maybe choose a less permissive licence
In a service oriented company
I main product is the service not the software product
I e.g. GPL (other companies should not hijack the code)
Dual license
I community edition / (maybe enhanced) version for sale
I e.g. GPL license / commercial licence
Example: Open Source in a Company
Lib which is not the main product/ is not sold
32 / 42 I e.g. GPL (other companies should not hijack the code)
Dual license
I community edition / (maybe enhanced) version for sale
I e.g. GPL license / commercial licence
Example: Open Source in a Company
Lib which is not the main product/ is not sold
I general libs (not directly related to the product) → any license, BSD, Apache, GPL
I specific lib more related to the product → maybe choose a less permissive licence
In a service oriented company
I main product is the service not the software product
33 / 42 Example: Open Source in a Company
Lib which is not the main product/ is not sold
I general libs (not directly related to the product) → any license, BSD, Apache, GPL
I specific lib more related to the product → maybe choose a less permissive licence
In a service oriented company
I main product is the service not the software product
I e.g. GPL (other companies should not hijack the code)
Dual license
I community edition / (maybe enhanced) version for sale
I e.g. GPL license / commercial licence
34 / 42 Creative Commons License14
License to share artwork, images, icons...
I all right reserved, rights stay with the user
I not recommended for software
License Types 6 main license types build from the conditions:
I Attribution (by)
I Share Alike (sa)
I Non Commercial (nc)
I No Derivatives (nd)
14creativecommons.org 35 / 42 CC Conditions Attribution (by)
I others must give credit
I don’t suggests the licensor endorses you
I indicate if changes where made
How to attribute? “... CC licenses allow for flexibility in the way credit is provided depending on the medium, means, and context in which a licensee is redistributing licensed material...” creativecommons.org/faq
I readme, credits or license file coming with an application/lib
I credits page in an application
36 / 42 CC Conditions Share Alike (sa)
“If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original”
Non Commercial (nc)
“You may not use the material for commercial purposes”
No Derivatives (nd)
“If you remix, transform, or build upon the material, you may not distribute the modified material”
37 / 42 Public Domain (CC0)
“No Rights Reserved”
I waive copyrights → public domain
I CC0 not for work that is already free/public domain
I only apply to own work or to work you have the necessary copy rights
38 / 42 Conditions are combined to 7 licenses
39 / 42 Open source not only for software Hardware
15 I hardware, firmware, e.g. open source RISC-V cpu 16 I fsf laptop
15computerworld.com.au/article/618724/ open-source-chip-mimics-linux-path-take-closed-x86-arm-cpus/ 16pcworld.com/article/2879086/
the-free-software-foundation-loves-this-laptop-but-you-wont. 40 / 42 html Open source not only for software
Plants
17 I open source seeds
17opensourceseeds.org/en 41 / 42 Open source not only for software
Growroom (CC)18
Company
I GitLab
18www.space10.io/journal/space10-open-sources-the-growroom 42 / 42