Open source, building products, software startups, and industry strategy by Prof. Dr. Dirk Riehle
I’m happy to report that the ninth article in the Open Source Expanded column of IEEE Computer has been published.
| Title | Open source research software |
| Keywords | Open source software, scientific computing, software engineering, artificial intelligence, licenses |
| Authors | Wilhelm Hasselbring, Leslie Carr, Simon Hettrick, Heather Packer, and Thanassis Tiropanis |
| Publication | Computer vol. 53, no. 8 (August 2020), pp. 84-88. |
Slowly but surely, non-software vendors have been waking up to realize that Silicon Valley, specifically, software vendors, are out to eat their lunch. In 2011, Marc Andreessen stated that software is eating the world, in 2015, Geoffrey Immelt said that GE is in the information business, and now in 2020, Volkswagen declared itself to be(come) a software-driven automobile vendor. However, this is more easily said than done, and the path to taking charge of your software future is fraught with possibly serious mistakes. One such mistake is to create your own internal software organisation. A better choice is to leave developers close to the products, but set-up an inner source program to connect them across the organization. Let me revisit this topic.
Continue reading “How Non-Software Vendors Fail and How Inner Source Can Help”
You may have notices the brouhaha in response to Google’s announcement to hand over trademark management of its popular Istio, Angular, and Gerrit open source projects to the newly created Open Usage Commons (OUC) non-profit. While I gave Google the benefit of the doubt, the vast majority of commentary assumed that Google only had its own interests at heart and tried to add the appearance of openness to its projects without actually delivering. Google dominates the OUC and therefore any decisions.
Here, I want to focus on why people, most notably cloud providers, care. I will ignore sensibilities (broken promises or not) and focus on the business perspective. As I wrote before, of the three projects given to the OUC, the heat is on Istio, a (micro-)services mesh software. Angular and Gerrit may be important projects in general, but don’t matter much to Google’s revenue. So, what is it about Istio?
Continue reading “Why Istio Matters to Google”
Yesterday, the Open Usage Commons (OUC) foundation announced itself. It is a non-profit which wants to ensure free and fair trademark use of the open source projects under its guidance. My Twitter feed was quick to denounce the OUC as a vanity foundation. It certainly is not. A vanity foundation serves to aggrandize its creators, and a name like “The Great Company Open Source Foundation” would then be apt. This is not the case here. Rather the OUC makes specific statements about trademark enforcement, so it has a purpose that is not vanity. Just what is that purpose, and why did existing foundations not fit the bill?
Continue reading “Interpreting the Purpose of the Open Usage Commons Foundation”
By all measures, the German Corona Warn app is already a highly successful software product. However, from the perspective of open source license compliance, it is defective. Using open source code in your product requires that you fulfill the obligations of the open source licenses of that code, and the Corona Warn app does not do that. Let me explain.
Open source code may be free to use, but it comes with strings attached, which are its licenses. An open source license spells out (1) permissions (you are allowed to use the code for free, among other things), (2) obligations to fulfill to receive the permissions (like giving credit to the original authors), and (3) prohibitions (for example, you are not allowed to claim endorsement of your work by the original open source programmers).
Continue reading “The German Corona Warn App, a Legally Defective Product?”
Open collaboration was popularized by open source projects, and since has made its way into wikis and Wikipedia, the mix and remix culture and open content, open educational resources, and so forth. Just what exactly is it?
Continue reading “What is Open Collaboration?”
Open source collaboration requires open communication, they say. Just what is open communication, exactly? Drawing on past research [1], here are the four principles that make communication open. Open communication is communication that is
Another question I get asked is how containers and new architectural styles like microservices-based architectures relate to copyleft licenses, in particular the GPLv2 license.
First things first: I don’t recommend taking a “let’s work around this pesky license” approach. You should follow both a license’s spirit and letter; license evasion (“Umgehungsversuch”) may not hold up in court. Someone is trying to do you well, but only under certain conditions, so take it (properly) or leave it.
With that: If you package copyleft-licensed code in a container image and distribute this image, does the copyleft-licensed code affect any other container it communicates with?
Continue reading “The GNU Public License v2 in the Land of Microservices”
Interpreting open source licenses requires considerable skills and experience. Ideally, engineers and lawyers work together: Lawyers know the meaning and consequences of legal terms, and engineers can make sense of it in the context of software. There are some basics, however, that help set your thinking straight.
A critical aspect is: What is a (re-)distribution ? You distribute code (binary or source, doesn’t matter), if you pass it on to another legal entity. Legal entities can be both regular people (“natural person”) or companies (“juristic person”). If the code does not cross such a boundary, it is not being distributed.
Continue reading “How to Read Open Source License Obligations”
A common question that I am asked in my seminar on license-compliant delivery of products that contain open source software is:
But what about a work-for-hire? We are a consulting company: As we work for our clients, and use open source software, do we have to create all those legal notices?
The answer, as so often is: It depends. With that, let’s tease the different situations apart.
Continue reading “Open Source License Compliance and Work-for-Hire”