Run of the mill

Posted 23 May 2003 at 11:06 UTC by lkcl Share This

It's time for me to outline some observations on Open Source that i have been very reluctant to do up until now. What prompts me to do so is a diary entry by someone else who said they were disillusioned with working in Open Source. I'll start this article with some questions:

Are you a slave working on Open Source? (by slave i mean do you get paid money and in return, everything you do is taken away and owned by someone else, and if you wanted to escape you would lose, so you feel you have no choice but to continue)

do you feel uneasy about the future of open source and your part in it?

are you concerned about the DMCA, software patents and the potential risks they expose Open Source to?

How exactly did you get into such a situation, and what can you do about it?

The implications of the employment of Open Source developers is quite simple: by having "standard" employment contracts, the code and any Intellectual Property you develop is owned by the company.

this makes "the company" an easy target for litigation.

eighteen months ago i offered the Apache Software Foundation the rights to all my code i had developed in samba.

despite the fact that it had been developed BEFORE the DMCA; despite the fact that it had been developed according to guidelines in the European 1991 directive on Copyright (91/EC/250), they turned my offer down.

reason? the ASF - as a legal entity based in Delaware - could be targetted by microsoft for litigation. given that the ASF (and the FSF's) resources would be totally swamped EVEN if any such litigious attempt failed, they could not take the risk.

individuals, on the other hand, are MUCH more powerful: the biiig stuupid bullyyy company takes on the little guy - the chances of success, even in terms of publicity, are extremely remote for the corporation.

it would be much better for them to either pay you off or to have you killed, if your Open Source project becomes that much of a threat to their profits.

there are several other ways in which it is possible to ensure that you, a successful Open Source developer, fail to deliver in the areas where corporations wish to control and earn money, rather than have you do it for free.

but before i expand on that i would like to put some additional thoughts in front of you: who are these people who wish to control and earn money instead of you?

a few months or years ago, what i am about to write would definitely have been derided. now, with "The Project for a New American Cemetary^H^H^H^H^H^H^H^HCentury" a well-known gothic-horror reality (see Rory Bremner's "Who wants to be a Trillionaire" comic sketch), suddenly something as simple as faceless people wanting to control Open Source doesn't seem so far-fetched.

i don't know if you're aware of this, but if you think about it for a minute it makes perfect sense: intelligence agencies need to operate at third hand. in the corporate world, that translates into owning and running the Venture Capital companies. that way, they can finance operations, put in their own people into key positions in the companies that they own, they can specify the employment rules, right down to the wire.

and it's all legal, they're difficult to spot: there's plenty of companies, there's plenty of VCs - everything is standard, normal, so what the hell am i mentioning this for?

well, as with all reverse engineering, you have to "spot the difference". there are two ways to do that: spot the difference by provoking a reaction; spot the difference by comparing against a base-line (or several base-lines).

finding the pebble on the beach; finding the wood from the trees.

so what is the base-line?let's put that another way:

Are you employed under a standard employment contract to work on Open Source, where all Intellectual Property Rights are owned, as part of the bog-standard employment contract, by your employer?

well, think of an ordinary company. it provides goods; it provides services. it must make a profit in order to survive.

what "goods" can an open source company provide that make a profit? uh... none - the license agreement only allows them to charge for the media. plus, the same "goods" can be obtained "for free" off the internet or from their friends, if they're intelligent enough.

what "services" can an open source company provide that make a profit? uh... maintenance? upgrades? support? training? all of these things have been attempted to be provided by various open source companies, and some of those companies have been failures, and some of them not.

strictly speaking, though, you don't _need_ to offer support for high-quality software; there's plenty of training and installation material available on the internet (else the package typically doesn't succeed if it don't ave a README an a HOWTO); there's even _support_ on the internet (mailing lists).

basically what i am saying is that IN GENERAL the concept of setting up an open source "services-style" company (rather than an open source "software development" company) is fundamentally flawed.

therefore, conclusion: any successful open source "clearing house" company has a very large orange flashing light on its head, inviting further investigation: such companies _shouldn't_ be successful; the business model just doesn't add up.

so, we therefore must come to the startling conclusion that open source "services-style" companies are being deliberately sustained. offered contracts that enable them to survive, which ensures that, because they survive, ordinary businesses may also take advantage of their services, thereby helping to provide wood and more pebbles in which to hide in the forest and on the beach.

so WHY are these companies out there? what purpose do they serve, because almost everybody who works on a major successful open source project is now working for one of these "services-style" companies (with some notable exceptions).

and their employment contracts are all, almost certainly, that their code is "owned".

and as already noted, corporations are more of a target than invididuals.

in our greed to take advantage of the dotcom boom - the IPOs - we have been suckered into giving away control of Open Source's future.

now, my question is: why the bloody hell are we, open source programmers, being so STUPID as to expose our work to such risk, and what can we do about it?

well, i presume that we, collectively, are smart; have brains and can use them.

the FIRST thing to do is to NOT kick up a fuss. carry on "as normal" - remember, employers can read too (hi! having fun yet, ya FXXXERS! :)

my advice to you is: if in doubt, TAKE THE MONEY. the madman (me) could be wrong.

the second thing to do is: get smart about money.

by taking away the need for you to become a slave [viz: employee. if you have difficulty in equating "slave" with "employee", you need to read more dilbert cartoons] you no longer have to exchange your Intellectual Property in return for cash.

read books about how to become rich: i recommend "rich dad, poor dad" which could be condensed down to about two pages but the anecdotes help you remember those two pages.

it outlines the difference between poor, middle-class and rich people, and gives some advice such as:

- "save 20% of your income, or 30% if you have debts";

- get rid of the "toys" and for most of us that means the "Uber-Geek" toys like palm-pilots, MP3 players, DVDs, propellor-head latest computers instead of 2 or more infinitely cheaper 18-month-old machines that collectively do the same job; wiring up the house and your life; mobile phones etc.

- gain assets not liabilities: most people re-mortgage their houses in order to buy toys or service their debts and their lifestyle.

- change your attitude. think creatively. make sure you EDUCATE yourself about what you intend to invest in; seek EXPERT advice from people that have DEMONSTRABLE success. for example, if you are looking to buy real-estate and need a good accountant, find an accountant who THEMSELVES owns 20 houses; they will have had a PERSONAL interest in ensuring that they give themselves good advice.

the alternative is, instead of individuals taking matters into their own hands (because the above will take some time to become effective), to set up an Open Source Guild; a Trade Union; a FreeMason House; _anything_ which carries weight as a collective group.

hey, i'd never have imagined in a million years that i'd recommend to open source developers that i'd say "the revolution is coming!". sorry. back to earth and our normal broadcast.

by the way: i DON'T recommend confrontation and hiding behind "the collective". it attracts attention and invites a fight; it can be abused / taken control of; it has the risk of abdicating responsibility of the individual to the "group".

... but a group has advantages where an individual does not, which is why, even where there are risks, Trade Unions, Guilds and FreeMasons have existed for decades and centuries.

there are additional advantages to setting up a Guild: programmer certifications and training to specific standards can be set up, and a corporation can approach anyone in the Guild knowing what to expect of its members.

you know the score, i don't have to tell you how a Guild operates: i just wanted you to plant the thought in your minds about forming one.

another alternative: join a Barter - finance group. a search for the single word "barter" on shows some choices. typically you will find that the people who join Barter associations are more creative in the ways that they think about making and saving money; become self-employed, set up your own Open Source software development company.

if you believe that barter finance is small, you're wrong: a UK barter group is now a plc company with the equivalent of over $2 billion in business transactions under its belt since it began in ... 1994 (iirc).

if you don't like what i've written here, or more specifically you don't like how i came to the conclusions i have; at least consider posting here some other means by which you believe the risks to Open Source associated with software patents; ownership of intellectual property by corporations etc. may be reduced by us, collectively or individually.

without the usual diatribe, this time. if you want to write a diatribe or vilifying comment, please, instead of demonstrating your weakness in public, take out your bile in private. print a copy of this article on soft paper and install it in your toilet paper dispenser.

at least that way you will be able to express your opinion of my views in the most appropriate way possible, and also i hope that the ink from the page and the information expressed on it will at least be absorbed - somehow...

sigh, posted 23 May 2003 at 12:54 UTC by graydon » (Master)

it is normal for any employment contract to involve yielding rights to your productive output in exchange for money. that's generally the point of any employment relationship, unionized or not. the company is a collective profit-making vehicle; moreso if you're a share holder, but even if you're taking a salary. that's the incentive for you. nothing hidden.

those of us lucky enough to find free software businesses to work for get a bit of a respite from this normally dreary fact, because yielding our rights to our work to the company is followed in short order by the company publishing that same code under a free license, and/or transferring copyright to the FSF. so you can carry on tinkering with it in your spare time, giving it to your friends, take it to your next job, etc.

if you think free software work is no fun, try working in proprietary land! I have, and imho it's less fun. you trade "business model simplicity" for:

  • enormous hostility towards competitors (we often cooperate with our competitors' technical staff)
  • the knowledge that your code will never be seen by anyone outside your cube farm
  • the need to reinvent everything from scratch to avoid sublicensing fees or GPL "infection"

it sucks. I chose not to do that, and am happy to report the working conditions are much nicer.

finally: a way -- perhaps not the way but a way -- to minimize the impact of patent fear on free software is with licenses with embedded clauses for mutual termination for patent litigation. this means that a company must purge its internal use of all free software before it can start sueing people; the larger the company, the more prohibitive that becomes.

gov't work, posted 25 May 2003 at 03:13 UTC by elanthis » (Journeyer)

My employer couldn't even keep its code closed-source if it wanted to; I work for the US gov't. There's this thing called the Freedom of Information Act. Pretty much anything you wanted to know, you can request and will be granted, save classified information; of which code generally isn't, unless its heavy security related code.

So, my suggestion is, if you want to work for money, but want your code to be open to others (even if you have to pull some legal stunts to do so), try aiming for a gov't job. (In the US, at least.) Quite happy in mine. Save for the pay... (that being why the commercial sector tends to have better techies than the gov't sector...) And anyways, many gov't branches will recognize the lack of IP they have, and just let you release the code under an appropriate license. That generally being one that lets them avoid liability or support, etc.

Government investment, posted 25 May 2003 at 03:48 UTC by ncm » (Master)

There are verified instances of government support for particular technologies, companies, or product lines that the spooks don't want dropped. The most public recent instance was the rescue of the Iridium satellite constellation that would otherwise have been scuttled.

There's good circumstantial evidence that the continued availability of the Alpha CPU architecture is a result of NSA interest, with enormous warehouses full of rack after rack of Alpha servers running DSP code to sift intercepted telephone traffic for interesting words. Incidentally, the Alpha EV67 now available is, remarkably, fully competitive with Itanium 2, Opteron, and PPC 970, and should remain so for the next couple of years. Thank you, NSA.

The space shuttle design itself, with its hypertrophied cargo capacity, is a result of the spooks' desire to use it to loft their city-bus-sized spy satellites, and (moreso) fetch them back again.

Is there any reason to think that the spooks have directed their captive VCs to support Free Software support businesses? First, are there any VC-funded Free Software support businesses left? Second, why would they choose one of those over something else more likely to spin off something that a spook's family member might make a mint on? Third, why is support such a suspicious business? Oracle makes two thirds of its income on support (because their products are such a mess, users need a lot of help!), and IBM and HP make a big chunk of their income similarly. Yes, there's plenty of free information on the net, but (1) there are always more things people want to do than are documented, and anyway (2) most companies would rather pay somebody else to do things unrelated to their business than train up staff to do it themselves.

Finally... maybe you just picked the wrong employer. Lots of companies that pay to develop proprietary software, whether for sale or (even moreso) for use in-house are happy to release code developed on-site as Free Software if it doesn't happen to have anything to do with their core business. Just find one of them. Others are happy to release stuff that does relate to their core business if they think they can tap into an outside development community. You just have to find one of them.

Jumped the shark, posted 26 May 2003 at 14:22 UTC by nelsonrn » (Master)

Pretty clear that Advogato has jumped the shark, with this posting. I realize that on the one hand Raph exerts no editorial control. On the other hand, he wrote the trust metric, which is CLEARLY broken given the purple under lkcl's title banner. Clearly broken. -russ

Meaning of the trust metric, posted 26 May 2003 at 18:06 UTC by raph » (Master)


Actually, the purple is appropriate given Luke's impressive contributions to Samba and other projects.

What is broken is the current interpretation of the trust metric results into posting privileges. The diary ratings are a closer fit, but I think that the best solution is a combination of automated metrics and user feedback. So one of the things that's been on my wishlist a long time is a mechanism for posting article drafts, not entirely unlike Kuro5hin's. In this case, the primary function of the forum created by posting a draft is to get the author feedback to improve the post. Less critical is the yes/no decision on whether to post to the front page. My inclination is to leave this in the hands of the original author.

I'm hoping that this mechanism will improve the front page. I guess I should find a chunk of time and implement it.

p.s., posted 27 May 2003 at 09:47 UTC by lkcl » (Master)

creative thinking: protection

several different lines of thought went into the article that i wrote.

the most important line is that i am very concerned about the ordinary businesses that now absolutely require certain software in order for their business to survive. total monopoly situation. and it's a monopoly situation which is being protected because such companies have staggering amounts of money and access to large numbers of creative people who think strategically about ways to continue to sustain that monopoly.

for example, by backing laws such as the DMCA; by buying it in other countries, not just the US.

the main point of the article is to make people think creatively about strategic ways by which attacks on open source can be made to be very expensive - and i don't necessarily mean expensive in direct terms of money; bad publicity would do the job.

for example, i really like graydon's link to modifications of open source licenses to get users to agree to remove all open source software from their company before taking legal action against an open source project.

that's the sort of thing that a "Trade Union" would do to protect its members: they'd go on strike.

govt source code must be public domain

elantis, thanks for responding. you've reminded me of the NSA getting so concerned about security that they patched GNU/Linux and the Linux kernel themselves to a standard where they could use it. to their credit, as you say, they honoured the GPL and the other Open Source Licenses AND their own regulations by releasing SE Linux.

what ensued after release was quite amusing: apparently, Microsoft contacted the US government to ask them to take SE Linux off the internet. their argument was, apparently, that it was unfair business practices that the US government be involved in competing with the poor ordinary business in the security arena.

there's probably references about, i got the above paragraph/info third hand from a friend of mine.



There are verified instances of government support for particular technologies, companies, or product lines that the spooks don't want dropped.

fact. open your eyes and learn to live with it.

it should come as no surprise should governments invest in order to control, as best they can, open source.

with power (usually money), comes responsibility. some people act more responsibly than others. i am so very very cross with those people whom i see as having abused their privileged positions.

not everyone in a similar position to those people i am referring to has been so irresponsible.

the ethos that i abhor is the one along the lines of "what we cannot understand, we must control and restrict".

i had such an awful time in australia, you cannot imagine.


regarding your points on quality: yes, raph, i know: i made a number of mistakes in this (rather long) article, including one sentence ending up in the wrong place.

i too have implemented "draft status" on the xvl version of mod_virgule. it should be very simple to add, given that you have already "Preview". i'll take a look.

i'd also recommend that articles require to be Certified before they will appear on the front page; also that they require _more than one_ Cert (in the manner which we discussed two years ago). an additional but much simpler check could be made, namely that the article be Certified by someone OTHER than the author before it will appear on the front page.

that way, you would need at least one other responsible person to have at least read (one would hope) the article for the article to appear.

aside from that: i stand by everything that i've said; take full responsibility for what i have said, the way it was said, and for not having reviewed it properly before posting.

to be honest, i expected many more derisive comments than just the one: perhaps because the topic is a little scary, this time people are prepared to read rather than post. perhaps i am flattering myself ;)

editing of articles, posted 16 May 2008 at 18:27 UTC by lkcl » (Master)

four years later, has been added :)

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

Share this page