Selling GPL Exceptions isn't Exceptional
Off the Beat: Bruce Byfield's Blog
Richard Stallman's willingness to accept the sale of exceptions to the GNU General Public License intrigues me. What intrigues me is not his acceptance of the idea; that seems in keeping with everything I've learned over the years about the Free Software Foundation's (FSF) philosophy and practices. Rather, what fascinates me is how many people are reacting as if his comments are something new.
The issue first came to public attention when Stallman signed a letter to the Commissioner for Competition in the European Union opposing Oracle's acquisition of MySQL along with Sun Microsystems. In signing the letter, Stallman signified his approval of MySQL allowing clients to use MySQL under a modified version of the GNU General Public License -- that is, with exceptions.
In response to some of the reactions to this position, Stallman recently published an essay explaining his reasons for accepting it.. "In selling exceptions, the same code that the exception applies to is available to the general public as free software," Stallman writes.
Stallman is not enthusiastic about the practice, noting that it goes against the FSF's goal of software freedom for all users, and could give proprietary software an advantage over free software. The FSF itself, he states, would never sell exceptions. However, he is willing to accept that companies might choose to do so "for specific reasons of strategy" in order to advance the free software cause.
This stance seems to have shocked free software purists on the one hand, and those who attack free software on the other hand. Some purists seem to feel that Stallman and the FSF are selling out, while their attackers claim to find something inconsistent in the stance. In fact, all it shows is how little attention both camps have paid to how the FSF operates.
Both supporters and opponents of the FSF sometimes seem to have created a set of straw figures to react to. The supporters have done so out of uncritical respect (if not downright hero worship) of Stallman and the FSF, and the opponents for propaganda, but the results are surprisingly similar. For both, Stallman and the FSF are ethically and morally uncompromising -- admirably so, for supporters, and naively, dangerously so for opponents.
However, the only way that either supporters or opponents can sustain their image is by remaining ignorant of how the FSF operates. The truth is, while Stallman and the FSF have been unwavering in their strategical goals, never doing more than updating them as new circumstances come along (hence GPL v.3), tactically they have always shown far more willingness to compromise in order to advance their goals than observers have credited.
In addition to MySQL, Stallman mentions TrollTech's licensing of the QT library under an exception. But you do not have to search very hard for other examples of the FSF's willingness to make a tactical compromise.
After all, what is the GNU Lesser General Public License (LGPL), if not a compromise that makes the dual-licensing of software easier? If you look at the FSF's public comments on when to use the LGPL, you'll notice that the choice is described as a matter of "strategy." Basically, if equivalent functionality to a development library is already available in a proprietary license, then using the LGPL is acceptable because it does not give a boost to proprietary software. Otherwise, the FSF encourages the use of the GPL in order to enhance the attractiveness of free software in general.
When it comes to licensing, the FSF shows a similar willingness to compromise. I'm sure that some of the more vocal free software supporters would enjoy seeing the FSF acting like a legal pit bull against license violators. So would its opponents, who could use the FSF on a litigious rampage as proof that it was out of control.
Yet that is not what the FSF does. Instead, under compliance engineer David Turner and his successor Brett Smith, the FSF has opted for what Turner calls a "low profile strategy." Rather than having a lawyer write a cease and desist notice and threaten legal action, the FSF tries to work with violators, offering them help with compliance.
Partly, this strategy may a way to reduce legal costs. However, Turner told me several years ago, "We could maybe get them done a little quicker if we started taking people to court, but we've decided that a more friendly approach is a better way to build a community." Turner says. "We'd rather have companies coming again and using GPL software in the future rather than have them feeling that they're dealing with an organization that's unfriendly towards them."
In other words, rather than create an enemy, the FSF tries to create a supporter -- all the time while getting its way.
Such a tactic may not be emotionally exciting if you are the sort of supporter who wants heroes, or an opponent eager to create scapegoats. But, as the FSF's rise from obscurity in the 1980s to a major force in 2010 illustrates, the tactic works. It just isn't as noticeable as a more dramatic approach.
I don't presume to read Stallman's mind, but I wonder if the surge of interest over selling GPL exceptions doesn't make him despair a little about getting the FSF message out. All these years of the same tactic, and still people are reacting as though it is something new.comments powered by Disqus
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.