Why GPL violations are bad – Gary explains

0
158

Open-source software has revolutionized the computing in the past few decades. Have an Android smartphone? That uses open-source software. The server hosting this website is running open-source software. Parts of macOS use open-source software. Same with the iPhone. I could go on, the point is that open source software is everywhere.

Open-source software is as much a social contract as it is a legal agreement. That is why companies that break the open-source “contract” are immoral and unjust. Over the years there have been quite a few companies and individuals that have violated the open-source ethos and often it is consumer pressure, and the occasional court case, that brings the offenders to repentance. So, what is open source? What are the licenses governing it? How do companies violate it? Let me explain.

What is Open Source?

Let’s start with the word “source.” In computing, the programs that engineers write is called “source code.” Whether it’s C, Java, Python, or whatever else, these text files are used to generate the executable programs that actually run on our machines. There are two ways to write these programs. One is to write the code, generate the programs, and keep the source code for yourself. This is known as a proprietary program or closed source. The other is exactly the same, except that at the end you release the source code for everyone to see. This is open source. What people can do with your source code depends on the license you use to publish it (More about that momentarily).

The real meaning is ‘software which gives the user certain freedoms,’ so free as in ‘free speech’.

An alternative term to open source is “free software.” There are some philosophical differences between open source and free software, but we won’t worry about that just now. The problem with the term “free software” is that it is prone to being misinterpreted as “software you can get for free.” The real meaning is “software which gives the user certain freedoms,” similar to “free speech.” The Free Software Foundation (FSF), a foundation for software freedom, defines those freedoms as the right to run, copy, distribute, study, change, and improve software.

Licenses

When you purchase proprietary software (either via subscription or a one-off fee) you need to agree to a long complex license detailing your rights as the consumer and the rights of the producer. These license agreements are legendarily long and almost no one ever reads them. Open-source software is the same in that it is governed by a license. That license defines your rights and the rights of the authors. There are several different major open source licenses including the GPL, the BSD license, and the Apache License.

GPL

The GNU General Public License (GNU GPL) is probably the most famous open-source license. It was the license chosen by Linus Torvalds for the Linux kernel and it’s promoted by the FSF.  There have been three versions of the GPL, and version 2 is the one used by Linux. It basically gives you the freedom to use the software, as well as study and make changes to its source code. You can use the modified version privately without any further action. However if you distribute it, the new version must also be licensed under the GPL and you must distribute the source code.

If you take someone else’s work and modify it, your new version must offer the same freedoms as the original. You can’t take a GPL-licensed project and turn it into proprietary software. The project is safeguarded against people and organizations who may want to steal and build on others’ work without giving back.

The “problem” with GPL is that if you write 1 million lines of proprietary  code and then include a library licensed under the GPL, you have to distribute your program under the GPL. Because of this the GPL has come under fire. In 2001 then-CEO of Microsoft Stever Ballmer came out against Linux because of its use of the GPL. “Linux is a cancer that attaches itself in an intellectual property sense to everything it touches,”said Ballmer.

There are some variations of the GPL, the most notable being the Lesser GPL, which allows other software (including proprietary software) to use the source code (normally a utility library of some kind) without forcing it to be published under the GPL. Any changes to the project itself must still be given back to the community as with the GPL.

BSD

The BSD license is the other extreme to the GPL license. Originating at the University of California, Berkeley, it was originally used for the Berkeley Software Distribution (BSD) version of Unix. It offers full access to source code with minimal restrictions. BSD-licensed code can be modified and incorporated into any software project without publishing any changes made. The main restrictions are that any redistribution of the source code or of any executable programs must retain the original copyright plus license’s disclaimers of warranty.

So while it allows unfettered access to the source code and the right to tinker with that code as much as you want, it also means others can take the code, build proprietary products with it, and never publish the modifications.

Due to its permissive nature, BSD licensed code can be found all over the place, including inside macOS and iOS.

The others

There are lots of other “open source” licenses in use, including the Mozilla Public License and the X11 License. The Apache Software License, Version 2.0 (Apache 2.0) is the preferred license for the Android Open Source Project (AOSP). The Apache 2.0 license is similar to the BSD license in that you can do what you like with the software, as long as you include the required notices. It also grants a perpetual, worldwide, irrevocable copyright license so that can be modified royalty-free.

Due to its permissive nature, BSD licensed code can be found all over the place, including inside macOS and iOS.

Violations

For Android this means the AOSP parts have a permissive license and the Linux kernel uses the GPL. That means handset makers can tinker with the Android source code and sell handsets without any repercussions, but they must publish any changes made to the Linux kernel. Even though Android is open source, nobody is banging on Samsung’s or LG’s door to release the modification they made AOSP, though they are obliged to release the Linux kernel code.

Every Android handset maker knows they need to release the Linux source code. Probably one of the first things engineers do when a new handset is in development is get the Linux kernel running. It’s a fundamental part of the software. Ignorance is not an excuse here, either. There have been cases where programmers have used GPL licensed code without fully understanding the implications, which is fine as long as made the necessary changes once the violation is observed.

There is no excuse for an Android OEM to not publish its modification to the Linux kernel. From time to time an OEM becomes lackadaisical and forgets to publish their changes to the Linux kernel. Maybe lackadaisical is too kind, but you get the point.

Standing on the shoulders of giants

Ignoring the legal element, the issue here is that the GPL is partly a social contract between companies that build products on the Linux kernel and the thousands of coders (some paid, many unpaid), who have contributed to Linux over the years. When an OEM makes an Android handset they are standing on the shoulder of giants. Many people have spent hours sweating over this code — building it, testing it, improving it. They have been kind enough to publish the code, and all they ask in exchange is you publish your changes if using Linux.

That is why GPL violators need to wake up and stop being so callous. It isn’t just about the law; it’s a matter of morality. If you take GPL code and build a product, but can’t summon the energy to publish your code changes, you are disrespecting those who went before you, the giants that made your product possible in the first place. Such behavior eats away at the very fabric of community; it is a unnecessary social injustice.

You are disrespecting the giants who went before you, the giants that made your product possible in the first place.

Wrap-up

So much of what we do today is based on open-source software. Proprietary software is still very important, but without remove open-source software there would be no Internet, no Linux, and no Android. Some authors have chosen to release their code under a permissive license like Apache 2.0, and that’s great. Some have opted for the GPL and as such have established a social contract with those who build on top of it. The contract is simple: as you have freely have received, freely give. Those who violate such a simple ethic need to take a long hard look at what they are doing.

via Android Authority

February 6, 2018 at 06:37PM