Welcome!

Linux Containers Authors: Liz McMillan, Pat Romanski, Elizabeth White, Zakia Bouachraoui, Stefana Muller

Related Topics: Linux Containers

Linux Containers: Article

Book Review: Open Source Licensing: Software Freedom and Intellectual Property

Book Review: Open Source Licensing: Software Freedom and Intellectual Property

According to Larry Rosen, "One of the challenges to writing about licensing in a book not specifically written for licensing professionals is to make a very dull subject interesting."

A Complete and Thorough Book

Rosen has met that challenge in his exciting guide to the Open Source licensing zoo. As an extra fillip he offers a set of five Open Source Principles so clear and brief that the Open Source Initiative (OSI) would be well advised to adopt them, plus two new licenses intended to solve not only the weaknesses of some of the current Open Source licenses, but resolve the many problems that revolve around the Free Software Foundation's (FSF) GNU General Public License (GPL) and Lesser General Public License (LGPL).

This clear book spends 314 pages in detailed discussion of more legal issues than this review can touch on. The author has the advantage of having trained and worked as a programmer and so as a lawyer he's not flummoxed by complex technical issues. He's also uniquely qualified by his long tenure at the Open Source Initiative, where he served as general counsel and as executive director, participating in many discussions there on licensing and building a wealth of experience to mine for this book. Everyone involved at all with Open Source software should read the first three chapters of this book as background to understanding the larger issues, and the remainder of it should be mandatory for all people and firms actually producing Open Source software, whether as coders or managers.

The book approaches licenses in chronological fashion, showing early starts and subsequent improvements. To oversimplify, in the beginning, the BSD license imposed no limits on the licensee; the MIT, or X license, added clear copyright language; and the GPL required that code be shared. Subsequent licenses have added patent defense and warranties of code provenance. Over 15 years later we are faced with dozens of licenses and conflicting opinions (none of them judicial) about how software developers and firms are supposed to stitch together code to meet their terms.

The book is quite lucid since Rosen takes the reader through the basics such as the fact that different laws apply to the intellectual property (IP) of software and the to tangible copies of software, that copyright doesn't protect the ideas in software (patents do that), and that there's a difference between a (bare) license and a contract (containing a license). Along the way important points emerge: although a bare license (like the GPL) can be revoked because it's not a contract for which consideration has been received (typically a payment), the law would recognize that the user's dependence on the software substitutes for that consideration, so that in practical terms the license couldn't be revoked (p. 56).

More fascinating for Open Source developers is the discussion of joint works versus collective works: if developers agree among themselves (contract) to undertake a project, then as owners they can each license the entire joint work to others as they individually see fit; if there's no such contract, the work is a collective work (a collection of unmodified pieces), each of which is under its author's respective license. Most Open Source projects are joint works, and generally speaking Rosen sees no reason for the typical project to assign copyrights rather than retain them individually. In the case of a collective work, the collector is the author and can license and distribute it, but only if he has a distribution license from the authors of the constituent pieces.

Neither joint nor collective works are derivative works. A derivative work is a new work that's based on a pre-existing work. The author of a derivative work can license and distribute the derivative work provided he has a license for the pre-existing work that gives him the right to create a derivative work and distribute that derivative work. These distinctions are of crucial importance to Rosen's views on the Free Software Foundation's interpretation of the GPL.

The heart of his book, however, is Rosen's relentless categorization of licenses into types such as template licenses (Apache, BSD, MPL) that can be used by others simply by changing the name and the most important division, academic versus reciprocal licenses. Briefly, academic licenses originated at institutions of higher learning (Berkeley, MIT) and sought to provide the widest possible distribution for the software they cover; there are no real restrictions on its use, rewriting, and dissemination. Reciprocal licenses (most famously the GPL) require that anyone distributing the software offer the source code for the entire work as it's distributed, including all the changes. Rosen regards academic/reciprocal as the heart of the software freedom that is most likely to lead to rapid technological advance and increased productivity for everyone.

More Stories By Donald Rosenberg

Longer bio:


Donald K. Rosenberg is president of Stromian Technologies, a marketing consulting firm specializing in OEM software licensing and Open Source licensing and marketing issues. He is the author of Open Source: The Unauthorized White Papers, (Wiley), a book taking a business approach to Open Source software, now on the Web at ftp://ftp.novell.com/pub/forge/documents/Open%20Source:%20The%20Unauthorize
d%20White%20Papers/FrontMatter.html.
Don has twenty years of marketing experience and has worked with companies large and small in the U.S. and Europe, both in Open Source and
proprietary software licensing and marketing. Besides consulting on
these issues, Don has given talks about them at USENIX, ALS, Linux.SYS-CON.com (San Francisco, Frankfurt/M), Wizards of OS (Berlin), CeBIT (Istanbul), Comdex (Las Vegas, Basel), and in Taiwan and Slovenia. His column, Rosenberg's Corner, deals with Open Source and business issues.


Shorter bio:

Short bio:

Donald K. Rosenberg assists software companies with licensing and business/marketing strategies at Stromian Technologies and wrote Open Source: The Unauthorized White Papers, (Wiley), a book taking a business approach to Open Source software, now on the Web at ftp://ftp.novell.com/pub/forge/documents/Open%20Source:%20The%20Unauthorize
d%20White%20Papers/FrontMatter.html.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user e...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determin...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform elimi...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...