Post on 18-Oct-2020
FOSS Knowledge: A little does NOT always go a long way
Jilayne Lovejoy Corporate Counsel
16 April 2013 Linux Foundation Collab Summit
Roadmap ² When it comes to FOSS
knowledge: o Where did we come from? o Where are we now? o Where are we going?
¨ (the goal)
o How did we get here? ¨ What path are we taking?
o Common FOSS knowledge gaps & misunderstandings ¨ (Why) is this a problem?
o What is the goal? ¨ How do we get there?
© J.Lovejoy
Trail
OPEN SOURCE
4
5 © Ayzek09 | Dreamstime.com
6
7
8 from http://www.fluevog.com/files_2/os-1.html
9 http://www.opensourcefood.com/
10 from h/p://opensource.com/life/13/3/spread-‐open-‐source-‐sxsw
“open” is the new “green”
11
12
Is this bad?
http://xkcd.com/246/ 13
14 © Ayzek09 | Dreamstime.com
“open” is the new “green”
15
16 © Ayzek09 | Dreamstime.com
17
m a i n t e n a n c e Maintain, update, train
a c t i o n Adopt a robust and practical open source policy
p r e p a r a t i o n “We need a plan. This is what we are going to do.”
c o n t e m p l a t i o n “We are using open source. What should we do?”
d e n i a l “We’re not using any open source.”
“Do you understand the difference between source and object code?” “No.” (after claiming to have a basic understanding of open source software)
18
“Do we have any GNU licenses?”
(after using “GPL” during the lengthy previous discussion)
19
“Apache 2.0 is a restrictive license.”
20
“All open source licenses require code contributions back to the community.”
21
“If I dynamically link, I’m okay.”
(in regards to compliance with the LGPL)
22
“If I use GPL, I have to release the code for the entire product.”
23
“What needs to be fixed?” (and other questions re: compliance)
Company receives software bill of materials from vendor or for its own code or as part of M&A due diligence
24
“Who’s providing technical support on this?”
Company is using FOSS for a critical system... and something goes wrong...
25
“I require my developers to submit for review all open source, even under MIT License...”
Insight from an in-house counsel regarding how open source licenses are reviewed in his company
26
What about the 100+ developers who are going to be using the tool?
Company decides to implement policy and acquires governance tool for requests, approvals, tracking, etc.
27
28
(Why) is this a problem?
29 © Zimmytws | Dreamstime.com
30
31 © Alien185 | Dreamstime.com
32 © Ayzek09 | Dreamstime.com
ü Request / Approval ü Support / Maintenance ü AudiIng / Scanning ü License Compliance ü Tracking / Monitoring ü AcquisiIon ü Contract / Legal ü Community InteracIon
33
and communication
34 © Ayzek09 | Dreamstime.com
35
legal
engineering
© Ayzek09 | Dreamstime.com
36
m a i n t e n a n c e Maintain, update, train
a c t i o n Adopt a robust and practical open source policy
p r e p a r a t i o n “We need a plan. This is what we are going to do.”
c o n t e m p l a t i o n “We are using open source. What should we do?”
d e n i a l “We’re not using any open source.”
Questions? Thank you! jlovejoy@openlogic.com
© J.Lovejoy
© 2013 OpenLogic (images as noted)