Ben Thompson and James Allworth discussed an idea on an episode of The Exponent (https://exponent.fm/) the idea of a "principle stack", and at which "layer" of the stack it's appropriate to address different societal issues. I wish I could find the episode again, it was quite a few years ago. The upshot being... maybe software licensing isn't the right place to address e.g. income inequality?
On the other hand, I definitely encourage tech workers (and all workers) to think about their place in the world and whether their work aligns with their personal values. I think the existence of free and open source software is a fantastic thing, but I think we should continue to evaluate whether it is in danger, or whether it could be better, or whether our efforts might be applied to something else.
For example, I'd love to see co-ops developing shared-source infrastructure based on principles of mutuality, which the sector is built upon anyway. The co-op principles already include cooperative and communitarian ideas which mesh really well with some aspects of open-source software development. But co-ops aren't about just giving everything away either. There could be a real new approach to building a software commons for mutual businesses, rather than a kind of freedom-washed way for big tech companies to benefit from free labour.
One problem with trying to restrict the availability of open-source software: In the limit, as LLMs become better and better at writing code, the value of open-source software will go to zero. So trying to restrict the availability of your code is skating away from where the puck is going. Perhaps your efforts to improve the world are better allocated elsewhere.
I'm biased but I think the model of member-service co-ops (like Ace Hardware) providing tailored software services to particular industries is fertile ground. Free of VC incentives, reasonably profitable, aligned incentives, and the state of software tooling makes this doable.
And since this model doesn't require capturing as much value as a VC funded venture, it's more sustainable.
But the hard thing is figuring out how to get to decent product without upfront investment, in lieu of investment models that don't require outsize returns.
I can think of ways to create early capital but I've yet to see an industry think through how to fund smart suppliers without falling into the trap of thinking they need to be VCs.
Yeah, this is the hard part.
I work in the small “ERP-like” business market and I’ve come up with some good ideas (based on the reaction of the people I talk to). But the problem is that even a small team of about five genuinely solid developers can cost around US $300,000–500,000 per year — and that’s even factoring in that I’m in LATAM!.
That’s a lot.
To make something like this happen, you need to convince fairly big players — the ones who have the capital and the patience, but more importantly the vision. And that’s the part that’s rare. At least in theory, that’s what VCs are supposed to bring.
And they let us bulk buy for our member publishers.
There's so much potential in what you are suggesting!
Since organizations evolve over time, you could have a re-authorization flow every time your users want a major version update of your software.
A flaw in this proposal is that the very worst actors (scammers, black hats, etc.) are likely to be beyond the reach of the legal system in practice. Perhaps you could mitigate this a little bit by replacing Github Issues with a private support forum for trusted licensees.
Companies take that gift and use it to provide a service for cheaper than it would otherwise be if they had to build it all themselves.
You are already benefiting from open source - but it is a tiny benefit and subtle and very indirect and very diffuse.
Licensing is thorny but it’s personal choice too.. would you use a project whose license is “use it for now unless or until I decide you’re evil at my discretion”.. probably not. Probably, someone else would get the users you have now, and the corresponding popularity.
It is a tough choice, but it’s a lovely and important thing you’re doing when you provide the gift of open source software.
Isn't that kind of always the bargain we're making? We can use someone's work as long as they're willing to let us, but if they change the license, we might not be able to continue using it.
Point the author makes is precisely that they don't want to do free software, and they'd like to convince you not to do free software
It seems like the author of the post is just potentially having a change of mind from one side to the other, which barely even seems noteworthy.
To be honest, I don't think the space between GPL/MIT and commercial closed source is explored enough. I'm aware there's a few examples of things in between, but they are not common knowledge and they don't satisfy everyone. It is not a space that is easy to search online for established wisdom and comparisons in.
Clearly this sparked enough discussion and upvotes to make it to the front page of Hacker News, so people found it valuable.
I am not a lawyer and this is not legal advice.
We picked the Boost license for the D Language Foundation because it is the closest to public domain we could find.
Besides, why would "bad guys" be deterred by a license, anyway?
I imagine because we're talking about a subcategory of "bad guys" who still like to stay within the confines of the law (supposedly at least).
I like you @WalterBright you can use any of my stuff even if you get acquired
There's not a whole lot of point to acquiring Boost licensed software. Of course, they could always acquire me and pay me handsomely!
"For my friends everything, for my enemies the law" software license.
I can't imagine that it wouldn't be. If a company has explicit written permission from the copyright owner granting permission to use that copyright, then they can use it.
Also, it wouldn't be a special license. If you wanted to do a "For my friends everything, for my enemies the law" thing, you'd just set it as all rights reserved and add special note encouraging people to ask for permission to use it.
Plus, copyright enforcement typically goes in the other direction. It's not about who you can sue, it's about who you can't. Licenses are just a way of specifying who you cannot sue. If you want everybody to use your project but don't want to bother with a license, you can make it all rights reserved (the legal default) and just not sue anybody. You could sue them if you wanted to (which is why nobody would ever use your code: because of the risk that you change your mind and sue them), but nobody is forcing you to.
The rights are for the USER and he may use it for any purpose.
The responsibility comes with redistribution - you must pass the source code and along any modifications you have made - passing on the rights you received.
basically any restriction on the use makes it not free software.
Ultimately though, if you put a non free license on your libraries, somebody will cry foul, fork it, and evil will still happen.
Basically you end up with something not legally enforceable. And will someone actually doing evil care about your license?
Best cure is to use GPL, any evil company would not be able to handle *having* to give back anything to project they used /s
Just because you can fork something doesn't always mean you're able to just change the license.
Who cares. The end result of this is that we all get to use amazing software, often for free.
Think of your open source contributions as a gift to all of humanity. I wouldn't get too hung up on the fact that bad people can use it. Hammer makers don't add conditions on who can buy their products, even if it could be used as a murder weapon. Take solace in the fact that your work is creating far more good than evil.
You're increasing the rate of innovation in the world. And we're all grateful for it.
The "big corporations" will shrug and throw a few more tens of thousands into their R&D budget and will assign a few devs to create an alternative, and when they release it as open-source, they'll use it an opportunity to self-promote, it'll have a slick website, and "X by Big Corp" will become the go-to library.
The "bad guys" will just shrug and steal your code. Al Capone was brought down on tax evasion but I don't think you're going to get him on copyright infringement.
If you can somehow convince the majority of non-corporate developers to not use corporate-sponsored open-source, then that might be interesting, but not by much, because there aren't many of those.
You're still free to license it out commercially on other terms, the open-source community gets to make use of it as they please, and it ensures you're credited.
I don't actually recommend using this specific license yet, because the text from bdsmovement.net is not technically available under a permissive license (they told me I could use it... but I don't think the person fielding my request really understood what I was asking), but perhaps you can make something similar out of your preferred permissive software license (this is a no-go with GPL unfortunately because any derived license would be incompatible with GPL in addition to permissive-licensed software)
If you're a fan of BDS you can also just list the priority targets in your license, or give the BDS organizers another nudge via email.
I think the power of this is that such licenses wouldn't change how people might use the software. And big corps like Google, Amazon, et al may accidentally end up using such software (which is perfectly allowable via the license), but would then have to circulate a license which calls for their boycott and highlights their complicity in oppression. So I think it'd be fun if some software using this license makes its way into an end-user product of theirs
DuckStation (PS1 emulator) changed license from GPL to CC-BY-NC, because Chinese manufacturers were including it in their hw devices. Somehow I doubt that helped.
It's literally the MIT license with an added clause of only using the software for good, not evil.
Obviously, corporate attorneys will advise not to use the software since good and evil aren't really well defined legal terms. It's also not open source using the osi definition.
If you just want to send a message, then you can change the license and not take any further action.
[1]: https://polyformproject.org/licenses/noncommercial/1.0.0/
So what can you do?
Learn how to set boundaries. If a corporation demands something that you have no interest in providing, tell them no. If you are interested in providing it, request compensation for the work or request they submit a patch or let them wait until you can do the work on your terms.
For honest leechers, choose a license that discourages them. Switching from a MIT style license to a GPL style license won't prevent people from profiting from your work, but it will discourage those who want to make proprietary extensions to your work. Also realize that this won't stop dishonest leechers.
Continue to voice your concerns. Corporations don't feel guilt, but people inside them may. Even if the people within them don't feel guilt, they may still see you as an unreliable developer to exploit.
"Evil" is also a bad descriptor to use. If I started giving out apples for free on the street (of which I had an infinite supply), I wouldn't be upset if nobody came back with an improved apple for me to use instead.
> I don’t just want to do this for my little project; I want to slowly change the discourse. I’m not sure how to do that effectively, if it’s even possible.
So he's decided that as the supreme arbiter of what is good and just that he'll be trying to slowly boil open source's collective frogs. How narcissistic.
> How can I bring more attention to this issue given the relative popularity of my project? Do I write a blog post? A callout in the documentation?
No. Because it doesn't matter.
It goes both ways. Open-source devs don't owe you free bug patches. People profitting from open-source don't owe you a share of their income.
CC-BY-NC allows you to ban commercial use. There is also the Hippocratic licence[2] which allows you to choose from a variety of "evil corporation" types, from fossil fuels, mineral exploration, the Taliban, companies that have more than 200% pay inequity, etc.
Pretty much all of these licences will make your project unusable and no longer free software, but hey, they exist!
> Prevent any person from exercising his/her/their right to seek an effective remedy by a competent court or national tribunal (including domestic judicial systems, international courts, arbitration bodies, and other adjudicating bodies) for actions violating the fundamental rights granted to him/her/them by applicable constitutions, applicable laws, or by this License
There's also a clause allowing for specific performance which means, by using the licence for anything at a company, you're opening the risk of a court-appointed special master coming in and taking over your HR systems to enforce compliance.
You also can't terminate the licence to avoid this equitable relief:
> Additional Remedies: Termination of the License by failing to remedy harms in no way prevents Licensor or Supply Chain Impacted Party from seeking appropriate remedies at law or in equity.
It's a fascinating conceptual legal document but completely unusable. I'm not a lawyer but using anything under this licence seems incredibly risky to me.
Some possibilities (while still being FOSS) might be:
- Use AGPL3 license, and do not make exceptions. (Alternatively, make an exception but make it possible to revoke the exception.)
- Design the program for uses that are not bad so that bad uses might be more difficult.
- Sue them, if this becomes necessary.
These combination might make it difficult for bad guys to use it for bad purposes, although some organizations might ignore the license and use it anyways, but you cannot really prevent that.
A possible alternative would be using a standard licence like MIT but putting swears/slurs in either the author list or the code itself so using it would be a PR risk, and this could work as a deterrent against commercial usage.
The "no evil" goal is commendable but impossible.
Might want to elaborate while you're on the front page!
The thing that confounds me is, this person thinks that what ICE is doing is illegal, so why does he think ICE would suddenly care about the law when it comes to software licenses?
Good luck. Defining evil objectively is, of course, a challenge. But even with an unambiguous definition in hand, enforcing or detecting it is nigh impossible. Especially since the truly evil will simply lie, ignore the terms of your license, and use it anyway.
https://www.youtube.com/watch?v=rmhYHzJpkuo
And if you want to read about open source vs source available, this GitHub with the Red Hat lawyer and co-author of GPLv2 provides a TLDR of the sentiment. The reference from Chad gives a deep dive into the discussion and origin of FSL’s language.
https://drewdevault.com/2021/01/20/FOSS-is-to-surrender-your...
2. quit using permissive licenses if you expect corporations to "give back", Open Source != Free/Libre software. You seem interested in the latter, licenses/copyright laws matter to the !bad guys.
OP's rant is about Helmet.js, his sorta-popular NPM package. You drew a fascinating parallel.
Short of engaging in equally authoritarian control-freakery? I don't see how.
I'm amused by one package author that I'll leave unnamed who has a list on his site enumerating political parties around the world at one end of the political spectrum and announcing that supporters of these parties are disinvited to use his work.
I'm all: "Dude, get over yourself. Parties ALL suck. Now, do good, and consider investing less time on posturing."