[Discuss] free/open licenses could discourage participation just because they're unusual

alicia amgibb at gmail.com
Tue May 6 04:00:55 UTC 2014 

To the original question whether we have any data on this topic, we have
some data that is slightly tangential but interesting to the conversation.
When we asked the oshw community in a survey (2013 & 2012) nearly half the
people did not use any type of open license with their files. When asked
why, the main response was that the licenses were too difficult for a
non-lawyer to understand.

Alicia


On Mon, May 5, 2014 at 11:52 AM, Mario Gómez <mxgxw.alpha at gmail.com> wrote:

> I don't completely agree with that... We are talking about a widely used
> piece of software not an obscure project that no-one knew.
>
> If the licensing could have been an important factor, then not many people
> would have been using it in the first place. I mean, it's like saying that
> you don't want to collaborate on the development because the licensing used
> but at the same time you fully agree to incorporate it on your software or
> use software that incorporates it. That doesn't make a lot of sense.
>
> As JS said on his reply, this problem could have many layers of
> causations, but I don't agree that the licensing could be the main reason.
>
> However, as many of you already said, there is practically no reasons to
> create a new license when you have a pretty well defined catalog of
> different "approved" licenses that could be used on different contexts.
> Also I fully agree that using a custom license just because you'll want to
> be "different" it's a really bad practice.
>
> For me, appears that heartbleed is the result of the conjunction of
> several bad practices that could happen on any Open Source (or even
> closed-source) software.
>
> 1-A small (under-funded?) team working on a critical software application.
> This is not bad as the team know their own limitations. I mean, no one
> cared seriously about funding OpenSSL until a dangerous vulnerability was
> found, now all the "big players" (even Microsoft) want to fund them.
>
> 2-Ignoring expert technical advice about security issues on the code. This
> was evidenced by the feedback provided by the OpenBSD team over several
> vulnerabilities on the code that was ignored in favor of performance
> optimizations.
>
> 3-Failing to implement a strong peer-review and code auditing
> methodologies to early spot security flaws. As I understand there was only
> one review to the commit that generated the heartbleed bug. How it's
> possible that a critical piece of source code was reviewed only by one
> person?
>
> Looking at those other issues, I fail to see how the decision made about
> the license used could have prevented any of that happening. It's really
> possible that some developers were discouraged to participate, but the
> people that really cared (OpenBSD team) participated on trying to fix many
> bugs before Heartbleed came and none of them has said that the license
> prevented them to participate on the development.
>
> I would say, about licenses, that the problem it's not the license used,
> but instead the fact that many of the developers doesn't care about the
> license of the software... The lawyers in corporate environments are the
> ones that care (As Chris exemplified on his experience)... just look at the
> statistics of github,  50% of the repositories hosted over there doesn't
> even specify a license and that doesn't prevent many developers to
> participate over it.
>
> Regards,
> Mario.
>
>
>
>
>
> On Fri, May 2, 2014 at 10:00 AM, Chris Sigman <cypris87 at gmail.com> wrote:
>
>> I had a client once that wouldn't let us use any OSS, even though before
>> licenses it would save a 250K, all because his lawyer didn't feel there was
>> enough legal precedent around the licenses. Not quite the same, but
>> illustrates the conservatism of some people related to licensing.
>>
>> Chris
>>
>> _______________________________________________
>> discuss mailing list
>> discuss at lists.oshwa.org
>> http://lists.oshwa.org/listinfo/discuss
>>
>>
>
> _______________________________________________
> discuss mailing list
> discuss at lists.oshwa.org
> http://lists.oshwa.org/listinfo/discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oshwa.org/pipermail/discuss/attachments/20140505/1bcf4328/attachment-0001.html>

More information about the discuss mailing list