Open Source Code in RAD Slide 1 Open Source Software Yaakov (J) Stein CTO.

Open Source Code in RAD Slide 1

Open Source Software

Yaakov (J) SteinCTO



Open Source Software is software provided with source codeOSS is often developed by communities, or more accurately by • a small team of developers• a large team of debuggers (“eyeballs”)

Studies have shown that use of OSS • in commercial environments

can reduce IT expenses by large factors• during the software development (hybrid software)

can reduce development cycles by orders of magnitude

So, why doesn’t everyone use OSS all the time ?

To answer that questionwe need to understand some IPR law


IPR

Intellectual property is a set of property-like rights in intangible “creations of the mind”such as musical, literary, technological, and artistic works

IPR jurisprudence justifies exclusive rights, in order to• motivate its creation (sweat of the brow)• stimulate economic growth• protect individual identity (moral rights)Some forms of IPR• utility patents (inventions)• copyrights• trademarks• trade secrets• trade dress (distinctive packaging)• Industrial designs (design patents)• publicity rights (of celebrities)• geographical indications (terroir, e.g., of wine)• database rights (EU)

Works without IPR (IPR expired, forfeited, inapplicable)

are said to be in the public domain


IPR law

Unauthorized use of someone else’s IPR is called infringement• Infringement may be the subject of civil law or criminal law• Infringement does not necessarily require knowledge

but willful infringement may be more serious (e.g., triple damages)

IPR rights• are always limited in time duration• are usually limited to a given jurisdiction• sometimes require registration and/or examination in a jurisdiction

There are ways to legally use someone else’s IPR • assignment • exclusive license • non-exclusive license

A license is an authorization/permission by the IPR owner to exercise a privilege that otherwise would constitute infringement

License terms often involve payments


Copyright

Copyrights are IPR rights in works of art, literature, music, etc.• literary• musical• dramatic• graphic• sound recordings• architecture• softwareIn many jurisdictions, copyrights last for creator’s life + 70 yearsThe bundle of 5 exclusive rights covered by copyright • to reproduce (copy) the work • to prepare derivative works based upon the work• to distribute copies (sale, rental, lending) • to publicly perform the work• to publicly display the work

http://en.wikipedia.org/wiki/File:Copyright.svg


Coverage

Copyrights only cover the method of expressionnot ideas (as in patents) or raw data, thus

• data (e.g., a phone book) can not be copyrighted (Feist vs Rural)• scientific facts can not be copyrighted• news can not be copyrighted• a "useful article“ can only be copyrighted if

its esthetic features are separable from its utilitarian features

Copyright law recognizes 3 types of works• original works• derivative works (e.g., translations)• compilations (e.g., anthologies)

Rights in derivative works and compilations are in addition toand do not negate copyrights in the original work


Software copyrights ???????

Algorithms may be protected by patentsDatabases may be protected (in the EU) by the database directiveSource code may be protected by copyrights

Some history (in the US) will help explain …

1974 Commission on New Technological Uses of Copyrighted Worksdecided that computer programs, to the extent that they embody an author's original creation, are proper subject matter of copyright

1980 US Congress added computer program to copyright law1983 Apple vs. Franklin: Court of Appeals decides that even object code

is subject to copyright1986 Whelan v. Jaslow, Broderbund v. Unison: extended software copyright to structure, organization, look-and-feel1997 No Electronic Theft Act raises criminal penalties (even w/o monetary gain)

to 5 years + 250K$ + higher civil damages, closing the LaMacchia loophole


Software licenses

A software license is a legal instrument (sometimes a contract)concerning the use and redistribution of copyrighted software

As such, the software license (and its terms)needs to be accepted by the user, e.g. by

• physical signature• opening packaging (shrink wrap)• on-line clicking on agreement (click wrap)

We should distinguish between• proprietary license or End User License Agreement

grants use of a copy of the software but the publisher retains all ownership rights

• free software licenses

Some software is dual-licensed (or N-licensed)meaning that it is available under more than one license

For example, proprietary if you pay a license fee, but free software if you don’t


Proprietary vs. free software

Proprietary licenses • usually have an as-is disclaimerand often restrict• copying (except for backup)• simultaneous use by multiple users (single user/node, floating) • reverse engineering • performance tests

Free Software (defined by Richard Stallman and the Free Software Foundation )is software that allows users to use, study, share and modify

free is used in the sense of free speech, not of free beer

Notes:• free software ≠ public domain software• free-of-charge software can have a proprietary license• public domain software need not be free software (e.g., no source code provided)• proprietary software may include source code

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, ARISING FROM USE OF THE SOFTWARE.


Free Software – the 4 freedoms

The FSF defines free software as providing the user 4 freedoms

0 The freedom to run the program as you wish for any purpose

1 The freedom to study how the program works, and change it so it does your computing as you wishRequires source-code access (Open Source)

2 The freedom to redistribute copies so you can help your neighbor

3 The freedom to distribute copies of your modified versions to others, giving the whole community a chance to benefit from your changes Requires source-code access (Open Source)

The freedoms come at a cost – free software has no single ownerand so it can endlessly fork (e.g., Linux distros)



Open-source software (OSS) is software • made available with its source code • licensed with rights to study, modify, and distribute Examples:• GNU (GNU is Not Unix)• Linux• Android (but not Apple’s iOS)• SourceForge projects• GitHub • Google Code

Open Source need not be free of charge (but often is)Open-source software is often collaboratively developed

and its use certainly can accelerate R&D times ! OSS licenses may be permissive or copyleft Open content is an extension to other creative worksThere is Open Hardware too! (OpenCores, OHWR, Facebook’s Open Compute server)


Derivative works

US Copyright act says :A “derivative work” is a work based upon one or more preexisting works, such as a translation, musical arrangement, dramatization, fictionalization, motion picture version, sound recording, art reproduction, abridgment, condensation, or any other form in which a work may be recast, transformed, or adapted. A work consisting of editorial revisions, annotations, elaborations, or other modifications which, as a whole, represent an original work of authorship, is a ''derivative work''.

Courts generally consider a work a derivative only if it contains a substantial amount of the original work

What is the meaning of a derivative work for software ?• modifying source code in-place• translating source code into another programming languagecertainly creates a derivative workBut different OSS licenses may add other types of derivative works, e.g.EPL Any code in a separate file is not a derivative workFSF Any program linking (statically or dynamically) is a derivative work


Copyleft

For software in the public domain, anyone can• sell the software for a profit• modify and use without attribution• make derivative works (extensions, programs calling routines, etc.)

Copyleft exploits copyright law to maintain freenessCopyleft provides rights to use/modify/distribute works

but requires the same rights (same license terms) be preserved

Copyleft generally applies to • modified versions

– if you find a bug or add a feature, you must give it back to the community• derivative works

– if you extend a copyleft routine/library /package (derivative work)your work becomes copyleft too

http://en.wikipedia.org/wiki/File:Copyleft.svg


Copyleft history

1976 Palo Alto Basic’s distribution notice contained a jokeCOPYLEFT - ALL WRONGS RESERVED (later versions said REVERSED)

1982 Richard Stallman (EMACS) supplied his public domain LISP interpreter to a company named Symbolics which refused to give him their improved version in return

1983 Stallman founded the GNU OSS project

1985 Stallman wrote in the GNU Manifesto:GNU is not in the public domain. Everyone will be permitted to modify and redistribute GNU, but no distributor will be allowed to restrict its further redistribution. That is to say, proprietary modifications will not be allowed. I want to make sure that all versions of GNU remain free.


Code contamination

Up to now we have taken the side of the OSS developerFrom a commercial software developer’s point of view

using any copylefted OSS may contaminate the codebaseBy contamination we mean that in-house developed proprietary code

must be turned into OSS code under the OSS license termseven if the OSS component is a tiny fraction of the codebase !

Consider the following hypothetical scenario• RAD puts 100 man years into developing code for product X• To save R&D time, 1 RAD programmer links to 1 copylefted library• RAD releases the product containing the copylefted codeLegally, RAD must now• publish all of its source code (which will fall into the hands of competitors and hackers)• allow anyone to modify the source code

Don’t think this can be covered up !OSS organizations proactively look for companies that infringeOSS scanning software exists that can detect OSS in object code!


Linksys case study

1988: Linksys founded, makes printer sharers, etc.Early 1990s: Linksys develops home routers (WRT54G, …) for PC marketLinksys code is based on GPL and LGPL code• modified Linux• GNU libraries (binutils, GLibC, GNU coreutils, GNU Readline, …)Linksys did not obey GPL terms

did not provide source code, did not GPL code

2003: Cisco acquired Linksys for $500M2006: FSF contacted Cisco and entered negotiations on GPL compliance2008: FSF sued Cisco for copyright infringement

(represented by the Software Freedom Law Center)

2009: settlement reached, Cisco appoints OSS director,makes financial contribution to FSF, releases source code

2009: WRT54G becomes hacker favorite, dozens of competitors appear2009: Linksys moves to VxWorks2013: Cisco sells Linksys to Belkin


Some Open Source Licenses

There are now hundreds of Open Source licensesDifferent OSS organizations • promote their own license• approve of other licensesSome of the important ones :• MIT • BSD (several versions)• Apache (several versions)• GPL (3 versions)• LGPL (3 versions)• Linux• EPL • Mozilla Public License

Academic Free License Affero General Public License Apache Artistic ATK License Bitstream Font License Boost BSD AdClause CeCILLv2 CINT ClarifiedArtistic CMix Common Public License Common Public License CorkforkPL C reative Commons Attribution DBG License DejaVuLicense Eclipse Public License Erlang Public License Expat eZ publish Professional licence FreelyRedistributable FreeType License GL2PS GPLv1 GPLv2 GPLv2 GPLv3 Hipergate license IBM Public License ISC Jabber Kawa LGPL LGPLv2 LGPLv2.1 LGPLv3 LinkGrammarLicense LLGPL LPPL MirOS Mozilla MPL MPLv2.0 Nethack license NikoSoft Group Public License None yet OSI OpenSSL License PCRE Perl PHP PublicDomain Python2.1.1 Python2.3 Python2.5 QPL Ruby Sendmail SIL Open Font License SIP Sleepycat Standard ML of New Jersey License TclLicense Transitive Grace Period Public Licence Utopia Typeface Vim1.4 Vita Nuova Inferno 4th Edition Vita Nuova Liberal Source Licence vtiger CRM license W3C WTFPLv2 wxWindows Library X11 Xiph Youpee Zope Zlib


Elements of Open Source licenses• Copyright notice

Copyright (c) <year> <copyright holder>. All rights reserved. • retaining the above copyright notice (universal)

Redistributions must retain the above copyright notice.• requirement to distribute source code (otherwise not OSS)

Covered work may be distributed in object code form provided that the corresponding source code be provided by …

• non-endorsement, non-promotion (common) <copyright holder> does not endorse or promote products derived from this software.

• acknowledgement in advertising (unpopular)All advertising materials mentioning use of this software must display the following acknowledgement: This product includes software developed by the <copyright holder>.

• Copyleft provisions


MIT license

Perhaps the simplest and most permissive OSS license is the MIT licenseIt is used for many popular packages (Xwindows, Ruby on Rails, Lua, …)

Copyright (c) <year> <copyright holders>

Permission is hereby granted, free of charge, to any person obtaining a copyof this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included inall copies or substantial portions of the Software.THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS ORIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.


BSD license (1)

BSD is a permissive OSS license developed for Berkeley UnixIt is used widely for academic and OS-related packages, Django, …The original Berkeley Software Distribution license was simply

Copyright (c) <year> <copyright holder>. All rights reserved.

Redistribution and use in source and binary forms are permitted provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distribution and use acknowledge that the software was developed by the <organization>.

The name of the <organization> may not be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.


BSD license (2)

The two middle clauses were changed to a 4-clause version in 1990

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by the <organization>.

4. Neither the name of the <organization> nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.


BSD license (3)

The advertising (3rd) clause was considered too unpopularwhich led to a revised or modified BSD license (AKA new BSD)having only 3 clauses

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

* Neither the name of the <organization> nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

Finally FreeBSD eliminated the non-endorsement clause tooleaving 2 clauses, and thus similar to the MIT license


Apache license

The Apache license is a very popular permissive license, used by Apache web server, Android OS, OpenOffice, Moodle, …

It is a long license, so won’t be displayed hereIt requires preserving all original

copyright/patent/trademark/attribution notices It does not require derivative works (including modifications)

to use the same license However• all unmodified parts to maintain the license• modified files must contain a notice

stating that changes have been made to that fileWARNING: The v2 license also includes a royalty-free patent licenseThe FSF considers Apache to be incompatible with the GPL

(except the latest Apache with GPLv3)


GPL (1)

The GNU Public License (GPL) is • the most popular• the most complex • the most restrictive • the most fiercely enforced OSS licenseIt was originally drafted by Stallman and the FSF for the GNU project

and is currently used for 2/3 of all OSS (tens of thousands of packages)It is so popular, that other licenses are rated as GPL compatible or not

meaning that OSS under another license can be combined with GPL SW into a single program

There are 3 versions of GPLcalled GPLv1 (1989), GPLv2 (1991), GPLv3 (2006)

The GPL license is much too long and complex to be included hereand the GPL license text is itself copyrightedand no changes to it are allowed !


GPL (2)

GPL’s terms must be made available to anyone receiving GPL’ed softwareThis is done by displaying the following copyright notice

Copyright (C) <year> <author>

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.


GPL (3)

The GPL text is lengthy and as philosophical as it is legalThe GPL was designed as a license, not a contract

so that it is enforceable under copyright law not contract lawThe GPL contains an extremely philosophical preamble, including To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.

The preamble includes a statement against software patents WARNING: GPLv3 includes a royalty-free patent license !


GPL (4)

Some of the GPL terms and conditions:• anyone not accepting the GPL's terms and conditions does not have

permission, under copyright law, to copy or distribute GPL licensed software or derivative works (however, you may still use/modify the software, including GPL’ed compilers)

• copyleft applies to the software and not to its output (e.g., compilers)• any licensee is given permission to copy/redistribute/modify the work

but must adhere to the license terms• a licensee is allowed to charge a fee

GPL does not enforce shareware and does not prohibit commercial redistribution

• a distributor may not impose any restrictions not in the GPLthis forbids distributing under NDA or contract

cont./


GPL (5)• if the program is distributed in object form then source code must be

provided together with the binary, or clear directions given as to how to obtain the source code (e.g., downloading)

• must also provide all makefiles, scripts, etc.• when distributing a modified GPL‘ed work, the terms of the entire work

cannot be greater than the GPL terms• all derivative works must be under the GPL, however the GPL text does

not define what constitutes a derivative work, relying on copyright law• FSF considers

– any package containing GPL’ed code– any program statically linked to GPL’ed code – any program dynamically linking to a DLLto be a derivative work

• FSF admits that a separate communicating program is not a derivative


LGPL

In addition the GPL, the FSF has a license called LGPL• originally Library GPL (primarily for software libraries)• now Lesser GPL (less freedom for the end-user)The FSF encourages library-writers to license under the GPL

so that proprietary programs cannot legally use the librarythus creating more open programs than proprietary ones

However, it realizes that this philosophy is not always implementable The LGPL is a compromise between copyleft and permissive OSSThe LGPL allows proprietary software to call the unmodified library

without becoming contaminatedIn other words, as long as you do not modify the library

linking to it does not create a derivative work


Linux

The Linux Operating system kernel is licensed under the GPLbut with a notable exception

NOTE! This copyright does *not* cover user programs that use kernel services by normal system calls - this is merely considered normal use of the kernel, and does *not* fall under the heading of "derived work". Also note that the GPL below is copyrighted by the Free Software Foundation, but the instance of code that it refers to (the linux kernel) is copyrighted by me and others who actually wrote it. Linus Torvalds

Open Source Code in RAD Slide 1 Open Source Software Yaakov (J) Stein CTO.

Documents

Transcript of Open Source Code in RAD Slide 1 Open Source Software Yaakov (J) Stein CTO.