Break things, write reports

Open Source and Licensing

Licensing in the public domain sucks

Tags — | licensing | legal | Categories: — dev |
Posted at — Mar 1, 2021

Developing for the public is an annoying, thankless task; yet people still do it. On top of that, is the hellscape of licensing your software, and picking components with the right licensing. In short:

This can bite you, especially in cases of picking components which have a GPL license (https://choosealicense.com/licenses/gpl-3.0/), which requires you to distribute source code of your work when it’s using a GPL library.

Historically, Copyright has been used as a big stick by large organisations to mostly be pests, such as AT&T licensing /bin/true (http://trillian.mit.edu/~jc/humor/ATT_Copyright_true.html)

There’s the famous Linksys case, where a commerical product (home router, a WRT54GL had GPL software and was forced to release it when asked (https://lkml.org/lkml/2003/6/7/164 in 2003). In 2008, the Free Software Foundation took Linksys (Cisco) to court (https://www.fsf.org/news/2008-12-cisco-suit / https://www.fsf.org/licensing/complaint-2008-12-11.pdf), and some time later, won the case.

In more recent times, nmap changed their licensing and a bunch of packagers stopped including it for fear of licensing issues (https://lwn.net/Articles/842436/), which was mildly annoying for some users who noticed.

Even organisations developing “remote control systems” (read: malware) care about licensing in their software, and what it would mean if someone came asking for a copy of their software (https://wikileaks.org/hackingteam/emails/emailid/981700).

In short, know your dependancies, and if you know someone else is violating the GPL (or similarly related licenses), know that you could be forced to disclose your Intellectual Property.