Courting big money carries risks

Open source is heading towards maturity and public recognition with breakneck speed, reaching more and more mainstream users in one form or the other - some run just one or more open source apps on proprietary platforms, others go the whole hog and run a complete open source IT solution.

The giant IT corporates have noticed it, and are joining the fray. IBM, Sun Microsystems, Apple and Silicon Graphics, to name a few, have jumped on the bandwagon and released source code under various licences. Even Microsoft is half-heartedly dabbling in open source with its (very limited) shared source initiative.

So that's all good, the battle is won, the end of proprietary software is nigh? Well, no; it would be naïve and bordering on the stupid if the open source movement thought as much. Quite simply, there is no way the IT giants will release their intellectual property for altruistic reasons. The desire to turn a profit will always override philanthropic intentions. There are always ulterior motives such as using open source as a battering ram against Microsoft, which has admitted it doesn't know how to compete against free software.

With this in mind, it is with some consternation that I observe the eagerness with which open source companies like Red Hat court big IT money. Sure, Red Hat has shareholders and developers to feed and the deep pockets of IT giants must be alluring. How long before they dictate what will and won't go into Red Hat Linux though? Rumours have it that the decision to favour GNOME ahead of KDE as the desktop environment for Psyche (RHL 8.0) was a political and not a technical one, for example.

I am relieved to see that some open source proponents retain a healthy scepticism towards big business sponsors. Theo de Raadt started the OpenBSD project some six years ago, emphasising security, cryptography, a good development model -- and freedom.

Theo's tendency to mercilessly flame newbies and people he doesn't agree with makes his contributions to various mailing lists highly amusing, but can obscure the good points he often makes regarding open source software (and technical matters as well).

But disregard Theo's lack of civility and you'll find that he remains true to the ideals that drove the open source movement from the beginning. Currently there's a debate on the OpenBSD misc mailing list about whether or not Sun Microsystem's Elliptic Curve Cryptography (ECC) contribution to the OpenSSL project is acceptable from a licensing point of view.

While ECC would be welcome from a technical and security point of view, Sun's licensing terms and software patents for the technology carry riders that Theo and others feel are unacceptable. Sun's licence for ECC isn't the standard BSD one, or even GPL, and it's impossible to guess the consequences of the restrictions without being a lawyer (I'm not, so I won't even try).

Although some open source users think Theo is just posturing and being a rude and ungrateful, they miss his all-important point: software patents and licences with any restrictions are inherently dangerous. Just look at how British Telecom are attempting to milk web browser hyperlinks, for example.

It's difficult enough to be an open source developer without having to pay lawyers to vet your code, or the code that you borrow, for potential licence and/or patent infringements.

Another well-known open source developer, Darren Reed, mentioned on the OpenBSD misc mailing list that commercial implementations for his ipfilter software sometimes require him to explicitly state that his code does not to his knowledge infringe any patents. Ironically, Darren's ipfilter was removed from OpenBSD due to a licensing disagreement.

I would encourage any open source developer to check the licence agreement on any third-party libraries and tools used to build applications. You might find a few surprises lurking in there.

Join the newsletter!

Error: Please check your email address.

More about BT AustralasiaIBM AustraliaKDEMicrosoftOpenBSDRed HatSilicon GraphicsSun Microsystems

Show Comments

Market Place

[]