If a corporation is stealing your OSS code (and violating a license) then that implies that they think your code has value, they might have paid a person to write that code but instead some hobbyist built it for free and a corporation steals it.
A few months ago, I made a pull request to LMAX Disruptor, which was merged. I was initially excited because even if my PR was simple it’s still a big project that I contributed to. But after a few minutes it occurred to me that I just did free labor for a for-profit trading company. If they merged in my code then must have thought it had some value, and I decided to dedicate my time to saving this multi million dollar company some money.
My PR there was pretty simple and only took me like 30 minutes (if that), so I am not going to cry too hard over this, but it’s just something that made me realize that if a company is going to use my work, they should pay me. I don’t think it’s wrong or weird to want to be compensated for my labor.
I am still a hobbyist. Turns out you can still be a hobbyist without sharing everything you’ve ever done on GitHub.
Why am I telling this story? Because it suggests to me that companies will only use these libraries if there is a guarantee of ongoing free labor; presumably they could use an old appropriate library and pay people to fix any issues as they come up. Admittedly, I know that some companies do exactly that, and that’s great, but I do not think it’s the majority.
I don’t think the people doing Open Source are bad people at all, far from it, in fact. I think a lot of these people are very smart and hard workers, and I think they should be compensated for their work, even if they are just “hobby projects”. If my project is creating value for a company, then that company can afford to pay me.
I don’t like the gig economy either but I don’t think it’s relevant to my complaints.
Really? If you find a piece of proprietary software does basically the same thing as yours, and the binaries contains the same strings/artwork, then it's reasonable to make a legal case of it. You can even contact FSF and they'll take it further.
A lot of open source stuff is libraries and utilities though that is pretty entrenched in the code. It is hard to even find out about a violation, let alone prove anything.
Imagine I came up with a new algorithm to do Fourier Transforms 10% faster than FFTW (or whatever the current market leader is) and make a library and I release it as GPL. A company could fairly easily just import it to whatever project they’re doing, and it would be extremely difficult for me to prove anything, especially if I don’t have any obvious things like strings in there.
That’s not even taking into account that it would be relatively easy for a corporation to just pay a junior engineer to do a direct “port” of the library to another language and pretending it’s their own independent work.
For example, in a project which generates images I usually set a specific set of pixels.
i personally dont feel good using things that are not opensource, yeah i use closed source softwares but i try to limit them
For the company, making use of Open Source code is free labor. That's good for them. You are free to offer that labor or not.
For some developers, it's cool to write code that's used by zillions. That's reward enough.
Other developers release the code for free, but build an eco system around it. They get paid for related work etc.
New developers use it to flex their skills, and demonstrate ability (and then get upset when someone else turns it into something profitable, but that's another story).
Personally I write code, and ship as source, but it's under a commercial license (cause I like to eat.) Other companies have business models around whatever they do.
You are free to act as you wish. Which is great. We live in an economy that allows each his preferred path.
You're right. Many startups open source their products specifically to get free labor, free marketing, or whatever. As payment they release the code they write to you. Whether you think that deal is right for uou or not us up to you.
If you believe you can add value to a company then reach out to them. It's not like they're "making" you work for free.
You may decide its worth people using it, reading it, learning from it, exploiting it, or you may not. It's your choice.
Of course your work may be used outside of the license terms. That's pretty much impossible to enforce. That's true for most-all software, commercial or open or free. If that's your main objection to writing code then I recommend a different career. All good code is pirated. That's just how it is.
It was in my interest to do so, because it means I benefit from fixed packages in the Linux distributions I use. This saves me a ton of time in not having to maintain my own packages with my fix included.
If it helps Canonical make money, then it’s no skin off my nose because I still got the benefit I wanted.
I’m not going around fixing bugs that don’t affect me, or adding features I don’t need.
I think you can notice that output looks similar, error messages are similar, etc. If the program is non-trivial its usually pretty obvious if its a copy or a reimplementation.
If it sounds plausible, presumably you could sue and read the source in discovery (ianal, not sure precisely how that works)
If you're doing something algorithmically different and unique, presumably that would show up in the assembly.
> That’s not even taking into account that it would be relatively easy for a corporation to just pay a junior engineer to do a direct “port” of the library to another language and pretending it’s their own independent work.
Important to keep in mind that copyright is not patents. If they are just stealing the "idea" of your algorithmic improvement, that probably isn't even a GPL violation. (This isn't fully right as they would probably have to use a clean-room design to avoid copyright infringement. My point is more that such a situation is pretty muddy and might actually be allowed)
If you're not ok with that possibility than you probably shouldn't be participating in open source.
And to be clear, there is nothing wrong with that. Its up to each individual to decide how they want to spend there time. There are pros and cons to open source, and you have to weigh how you feel about them yourself.
However, its not like this is some secret trick. Its the central tenant of Open Source (esp. When using that name instead of Free software). It should be very clear that this is happening. Its the entire point.
It kind of feels a bit like someone who doesn't like oranges, eats oranges, and then are surprised that they taste like oranges. By all means if you don't like oranges don't eat them, but if you knew you didn't like them why did you eat it in the first place?
Which is why I have stopped participating in it. If I am doing work that provides value to a company then they should pay me for it.
You’re obviously free to disagree, but it’s why I have become disillusioned with it. I think it’s an exploitative relationship.
I don’t think it is realistic to expect a developer to load every executable that might use their software into Ghidra or something and try and find a smoking gun about how their code might be used, and then hire an attorney to put together a case on that. In the case of my example, Fourier transforms are used everywhere in a wide variety of applications, and if my implementation is only like 10% faster it wouldn’t be very clear to an outside observer.
> Important to keep in mind that copyright is not patents. If they are just stealing the "idea" of your algorithmic improvement, that probably isn't even a GPL violation.
I am not saying it’s legal or not, I have no idea, just that that is why I have become disillusioned with the idea of open source, and I am not convinced that a well-meaning license like GPL is a realistic safeguard against corporate exploitation.
You’re free to do what you want. I just find a lot of the entire FOSS process kind of exploitative and why I have become disillusioned with it.
ETA:
To be clear, I have a fair active GitHub and I still post stuff on there fairly often, and even a few non-trivial things. I just have stopped compulsively putting every line of code I write in public repositories.
Which reminds me, it's about that time.
But lots of programmers don't get properly compensated. Some by choice, some by external factors.
I'm saying that's a reality. How you feel about other programmers and the choices they make for themselves is up to you.
Clearly there's no obligation to post anything yo public repositories, send the vast majority of programmers never do.
I am merely explaining why I choose not to partake in FOSS when I think it’s exploitive. People are free to disagree, or not care, and that’s obviously fine, but I choose to not directly contribute to it.
Canonical is at least a little better since they’re a much more FOSS-first company as opposed to a trading corporation, but my opinion still is the same with them.
Also, completely unrelated, if anyone at Canonical is reading this, your hiring process is terrible. Making people write nine-page essays about how smart they were in high school and then forcing them to take some absurd pop-psychology IQ tests and then multiple dedicated projects is insane. Whomever designed the interview process there should genuinely be ashamed of themselves and consider literally any other career.
I just don’t feel like directly contributing to helping a corporation make money without being paid. I have a finite amount of time on this planet, I don’t need to provide unpaid labor to make Mark Zuckerberg richer.
Plenty of people stay in violent abusive relationships when they really should leave, presumably because they feel like they’re getting something out of the relationship. That doesn’t give a free pass to the abuser.
I am not saying that companies using open source software are anywhere near as bad as a physically violent husband, I’m just saying that just because the contributor to OSS feels like they’re getting something from the relationship doesn’t absolve the corporation of its sins.
The current FOSS ecosystem feels like the tech equivalent of the “working for exposure” scam.
I am not trying to really convince anyone of anything, do whatever you want. I am just explaining why I have become disillusioned with FOSS.
Let’s suppose I make a slight more efficient implementation of green threads, for example. I do not see how that would affect the output in a way that would be obvious, even if the library is non-trivial. Even if I slapped it with a GPL, I don’t see how I would realistically be able to check if they broke the license without first auditing the code, which I couldn’t do without a discovery request, which I likely wouldn’t have grounds for even if I could afford the lawyers for a lawsuit.
But yeah, I've pretty much come to the same conclusion myself too - ship source, but ship it under ARR.
I think there's another innovation which hasn't really been explored yet - an "anti-copyright" cartel-style licencing, where you only have permission to use the product to make something dependant on the original product itself, and whatever you make can freely be used by the original creators and all the other participants in the cartel
The effect would basically be creating a "closed" ecosystem encouraging innovation inside it but protecting it from people stealing shit from the outside...
As of right now, I just feel like the best thing to do is not put my code out there, and just binaries. If a company likes what they see then they can pay me for the code.
The entire process is absurd. I wasn't joking when I said that the application required me to write a 9 page essay to even move forward. It took me two hours, and then I'm told I have to do some pop-psychology horseshit to prove my "intelligence" to these assholes.
I don't really like insulting people if there's any chance of the person actually seeing it, but I genuinely have to question the competence of anyone who thinks that this is a good use of the company's or candidates time. I genuinely think that the world would be better if they chose a different career.
I'm sure some middle manager read some article about the best way to hire candidates and implemented that, and maybe it really is the absolute best way of hiring, but it certainly rubbed me the wrong way.
I know there's been cases of big projects successfully suing companies that break the license (e.g. BusyBox), but if I just make some small utility on Github, even if it's licensed with AGPL, I don't have a ton of recourse. I don't have the ability to audit every project that might be violating it, and even if I did I don't have the capital to pay an attorney to sue for every possible violation.
If you're working for a company and that company is paying you to work on a project that they decide to FOSS later, great, you're being compensated for your work and I have no objection to that. Hobby projects are generally not compensated and as such I think it's better to keep them closed source.
I would have loved to be paid to work on FOSS stuff, but this interview process was too stupid.
It’s a surprisingly efficient and low-bullshit process.
But even if you put binaries out, they can steal them, it's just harder... I guess, making it harder is the point as a form of deterrence. Dunno, these things are hard questions :)