Open Source Software
Total Page:16
File Type:pdf, Size:1020Kb
Open Source Software Clemens Zeidler May 19, 2017 1 / 42 Table of Content Open Source Software Open Source Software Licences Creative Commons Open source not only for software 2 / 42 What is open source software (OSS)1? Proprietary Software/ Closed Source Software I a person, team, or organization has exclusive control over the code/software I source code is not available to others Open Source Software I source code is publicly available I shareable I can be modified/enhanced I can be redistributed (depends on license) 1opensource.com/resources/what-open-source 3 / 42 OSS is everywhere... Kernels: Linux, BSD I servers, super computers, embedded devices, mobile, desktop Android I Linux kernel + open source user land (often with proprietary firmware) I most shipped mobile devices running Android 4 / 42 OSS is everywhere... Web Browsers I Firefox (Gecko engine) (originates from Netscape) I WebKit and Blink web engine (forked from the KHTML/KJS project) I Chrome Web server I Apache, NGINX... 5 / 42 OSS is everywhere... Software Development I most programming languages are open source I many libs are open source, e.g. standard libs, Qt, Apache Commons,... I dev tools: Git, Eclipse, Intellij IDEA,... I build tools: maven, gradle,... 6 / 42 OSS is everywhere... Applications I Gimp, LibreOffice, Inkscape, Thunderbird,... 7 / 42 Motivation: User’s Point of View Code quality/security I public code reviews/ code analysis I review security issues, check for backdoors, is the software spying on me? I doesn’t mean all OSS code is secure/ has high quality... Less dependent (as a private user and as a company) I on a single company (software can live on after bankruptcy) I on the core developer ! forks possible Often free of charge 8 / 42 Motivation: OSS for Developers Reuse and learning I able to reuse existing OSS libraries I learn from existing libraries I better understanding of 3rd party code Community I OSS may get reviewed by more people I "free" testing by the community (win win situation) I other can contribute to your software I a strong community can be an argument for a product 9 / 42 Disadvantages of OSS Community I interaction with the community is required I keep the community happy I security issues and bad code quality may become visible Forks and “stolen” code I your project may get forked and distributed for free I code can get "stolen" by competitor to create better software I OSS makes it easier to copy feature (e.g. unique features that are a selling point for your software) 10 / 42 OSS does not mean free of charge Business models based on OSS I e.g. Ubuntu, Redhat, IDEA, Catalyst, Android Service Model I provide service for open source product Community/Business Model I dual license OSS Friendly Model I using, developing or supporting OSS/ libs I building specialized solutions for customers based on OSS 11 / 42 OSS Licences: Motivation Use and publish OSS I what are the rules to use OSS? I which rules should apply when releasing OSS? I code building on OSS has to comply with licence 2 I 25/4/17 federal US court ruled GPL as a contract Stick to existing/ proven licences I avoid incompatibilities with other licences I avoid corner cases 2qz.com/981029/ a-federal-court-has-ruled-that-an-open-source-license-is-an-enforceable-contract/ 12 / 42 OSS Licences Overview I GPL, LGPL, AGPL I BSD I Apache I Mozilla Public License (MPL) I Licence Compatibility I Creative Commons (not for software) 13 / 42 GNU General Public License GPL4 History3 I GNU project (GNU’s Not UNIX) started in 1984 by Richard Stallman I as alternative to upcoming proprietary licenses I 1985 Free Software Foundation (FSF) I 1989 GPLv1 I 1991 GPLv2 I 2007 GPLv3 3oss-watch.ac.uk/resources/gpl 4opensource.org/licenses/gpl-license.php 14 / 42 General Public License GPL (from oss-watch5) Licensee can: I modify the code I copy and distribute the unmodified/modified code I distribute compiled versions (modified and unmodified) Conditions: I all distributed copies (modified or not) carry a copyright notice and exclusion of warranty I all modified copies are distributed under the GPL I all compiled versions are accompanied by the source code 5oss-watch.ac.uk/resources/gpl 15 / 42 General Public License GPL Other properties: I GPL software stays GPL software no additional restrictions I ensures that modified versions remain free and open source I if there are patents, no charge for patents I GPL software can be bundled with other software but all code must be licenced under GPL I no-one can place additional restrictions on a GPL-licensed piece of software Dual licence possible I owner retains all rights I e.g. Qt toolkit has GPL and commercial license 16 / 42 Issues with GPLv26 “Tivoisation” and Technological Protection Methods I TiVo video recorder uses GPLv2 software but the recorder only runs cryptographically signed versions ! no way to run a modified version I GPLv3: all information must be public to run modified software Others: I unintended incompatibilities I US-specific legal terminology I web apps, software patent wars 6oss-watch.ac.uk/resources/gpl3final 17 / 42 GNU Lesser General Public License LGPL Linking to libs I linking to a GPL lib is considered modifying the program! I you have put your code under GPL if you link to a GPL lib What if an author want to write a GPL lib that can be linked to possibly closed software?7 I solution LGPL I keeps modified versions of the library itself open source I allows non-open source software to use the library, and be distributed with it 7oss-watch.ac.uk/resources/lgpl 18 / 42 GNU Affero General Public License ASP (Application Service Provider) loophole I a web service does not distribute software ! modified GPL code does not need to be distributed Affero I a web services company I provides their source code under a GPLv2 modified version that became AGPL I AGPL fixes the ASP loophole I AGPL can be combined with GPLv3 code 19 / 42 BSD License History8 I first published 1988 (University of California at Berkeley) I one of the oldest open source licences Early version was very short and simple: 1 Copyright (c) <year> <copyright holder>. 2 All rights reserved. 3 4 Redistribution and use in source and binary forms are permitted 5 provided that the above copyright notice and this paragraph are 6 duplicated in all such forms and that any documentation, 7 advertising materials, and other materials related to such 8 distribution and use acknowledge that the software was developed 9 by the <organization>. The name of the 10 <organization> may not be used to endorse or promote products derived 11 from this software without specific prior written permission. 12 THIS SOFTWARE IS PROVIDED ‘ ‘AS IS ’ ’ AND WITHOUT ANY EXPRESS OR 13 IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION , THE IMPLIED 14 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 8oss-watch.ac.uk/resources/modbsd 20 / 42 BSD (3 clauses) License Licensee can use, copy and distribute the I unmodified source or binary forms I modified source or binary forms Conditions: I all distributed copies are accompanied by the licence I the names of the previous contributors are not used to endorse any modified versions This allows to incorporate BSD code in closed source software Another comparable very permissive licence is MIT9 9mit-license.org 21 / 42 Apache License10 History I Apache Software Foundation (e.g. Apache HTTP server) I 1995 licence v1 was mostly based on BSD I 2004 Apache license v2 Use by: I Apache, Android, Intellij,... 10oss-watch.ac.uk/resources/apache2 22 / 42 Apache Licence 2.0 Allows to: I copy, modify and distribute the covered software in source and/or binary forms I exercise patent rights that would normally only extend to the licensor Conditions: I all copies, modified or unmodified, are accompanied by a copy of the licence I all modifications are clearly marked I all notices of copyright, trademark and patent rights are reproduced accurately in distributed copies I the licensee does not use any licensor’s trademarks 23 / 42 Apache Licence 2.0 Condition (patent retaliation): I patent rights are withdrawn if: the licensee starts legal action against the licensor(s) over patent infringements within the covered software I patent restriction makes it incompatible with GPLv2 (but compatible with GPLv3) Summary: I explicitly grants patent rights where necessary to operate, modify and distribute the software I can be used in closed source projects (but lib and licence must be mentioned, e.g. about window) 24 / 42 Mozilla Public License (MPL)11 History: I 1998 Netscape Communications decided to open source their browser I GPLv2 was to restrictive; own licence: Netscape Public License (NPL) I Mozilla Public License was designed to interact with NPL I 2012 MPLv2 by the Mozilla Foundation 11http://oss-watch.ac.uk/resources/mpl 25 / 42 Mozilla Public License v2 Contributor grants rights: I to use, reproduce, modify, display, perform, sublicense and distribute the source, and modified versions of the source I use patents from licenced code I to distribute work in combination with new code, and to license the new code in any way the distributor wishes 26 / 42 Mozilla Public License v2 Conditions: I for all distributed copies (original or modified): the source code must be available I all modifications are described in accompanying documentation I any patent rights necessary to operate the software are clearly described in accompanying documentation I all copies have a statement of copyright and an exclusion of warranties attached I all modified files (not new files) must